Network Management Basics

(1)

F4

Network Management Basics

Carol J. Sirkis

[email protected]

Click here to type page title

®

Agenda

Network Management

Simple Network Management Protocol

(SNMP) Basics

Remote Monitoring (RMON) Basics

IBM Network Management Products

(2)

Click here to type page title

®

©IBM Corporation 1998

®

Cost of Network Ownership Operation

Equipment

"Manageability has joined speed and price as

fundamental criteria on which customers judge networking products" IDC 1996

"Customers are looking for more than boxes - customers are looking for someone to take a lot of the burden off of them"

Frank Dzubeck, President Communications Network Architects. Network Hardware Network Software 16% Device Management Network Configuration Troubleshooting Performance Monitoring Asset Management Network Planning

Why Network Management is Important

Network Management - why I care...

Important to customer

IBM networking hardware product differentiator

Part of a total customer $olution

®

Goals of Network Management

Minimize system down time

Prevent network problems

Improve network availability

Reduce operational costs

Configure/reconfigure hardware devices

from a single management stations

One interface for multiple devices

Manage proactively by identifying potential

bottlenecks before they become critical

(3)

What is Network Management?

Network Management is the process of controlling a

complex network to maximize its efficiency and

productivity.

Customers ask:

How can we detect problems in our network?

How can we set up or modify devices in our

network?

How do we know who is using resources in our

network?

Are our network devices performing properly?

How can we track network utilization?

®

Network Management Functions

Customer Questions Functional Area of Network Management How can we detect problems in

our network?

Fault Management Problem detection Problem isolation Problem resolution How can we set up or modify

devices in our network?

Configuration Management

Physical and logical configuration of network devices

How do we know who is using resources in our network?

Security Management

Control access to information on the network

Audit trail or logs Are our network devices

performing properly?

Performance Management Measuring performance of

hardware/software/media Identify performance bottlenecks How can we track network

utilization?

Accounting Management

Tracking individual or group network utilization

(4)

Click here to type page title

®

An Extremely Short History of

Network Management

Networking vendors had proprietary methods of

managing their devices.

The Internet Activities Board (IAB) and the

International Standards Organization (ISO)

recognized the need for a standard for

internetworking.

In 1989, the IAB approved SNMP, a Simple Network

Management Protocol, as a "temporary" solution to

manage IP networks.

In 1991, ISO's standard CMIP, Common

Management Information Protocol, was approved

Used in public telephone networks

®

Simple Network Management Protocol

(SNMP)

The de-facto standard, most commonly used

networking protocol

Quick and easy to implement and execute

Uses an uncomplicated transport protocol

Has a small number of protocol message types

Information units have a single value, such as,

an integer or string

Easily extended to include vendor-specific

variables

(5)

Click here to type page title

SNMP Network Management Model

Network

Management

Station

Network

Management

Protocol

Network

Element

®

SNMP Transport Protocol

SNMP uses User Datagram Protocol (UDP)

Well suited for brief request/response type of

operations

Connectionless (by definition, unreliable)

Less overhead

SNMP UDP Management Application Network-dependent protocols IP Agent Application SNMP UDP TCP IP Network-dependent protocols FTP/Telnet/+ User Applications

(6)

®

SNMP Protocol Message Types

®

Version - the version of SNMP 0 = SNMP version 1

1 = SNMP version 2 Community name

Password used to control access to information Command - type of message

GetRequest, GetNextRequest, SetRequest, GetResponse, Trap Request ID

Used to correlate a request and its response Error Status

In GetResponses, indicates if the GetRequest executed successfully Error Index

In GetResponses, indicates which variable in the GetRequest, if any, caused a problem

A list of Object ID, value pairs

The value is null in the GetRequest and filled in, in the GetResponse

(7)

Click here to type page title

SNMP: Version = 0

SNMP: Community = public

SNMP: Command = Get next request SNMP: Request ID = 3

SNMP: Error Status = 0 (No Error) SNMP: Error index = 0 SNMP: Object = {1.3.6.1.2.1.2.2.1.8.1} (ifOperStatus.1) SNMP: Value = NULL SNMP: Version = 0 SNMP: Community = public SNMP: Command = Get response SNMP: Request ID = 3

SNMP: Error Status = 0 (No Error) SNMP: Error index = 0 SNMP: Object = {1.3.6.1.2.1.2.2.1.8.2} (ifOperStatus.2) SNMP: Value = 1 (up)

Samples of SNMP Messages

GetNextRequest

GetResponse

®

ifOperStatus OBJECT-TYPE SYNTAX INTEGER {

up(1), -- ready to pass packets down(2),

testing(3) -- in some test mode }

ACCESS read-only STATUS mandatory DESCRIPTION

"The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed."

::= { ifEntry 8 }

Source: Internet Activities Board (IAB) RFC 1213 (Request for Comments) Management Information Base for Network Management of TCP/IP-based internets: MIB-II

(8)

Click here to type page title

®

Object type defines the name of the object

sysUpTime (system up time) Syntax defines the structure of

the information for this object integer counter octet string network address gauge timeticks Access defines the access to the

object

read-only read/write Status status of the object mandatory

optional Description description of object in

human readable form

The time (in hundredths of a second) since the network management portion of the system was last reinitialized.

Value Notation used to identify an object with its group

{system 3}

found under the system group in MIB-2

3rd object in the system group

Field

What is it

Examples

Understanding MIB Objects

®

MIB Tree Object Identifier

in Abstract Syntax Notation One (ASN.1)

iso 1 ccitt 2 joint-iso-ccitt3 org 3 dod 6 internet 1 directory 1 mgmt 2 private 4 MIB 1 enterprises 1 ibm 2

Object identifier for MIB-II

iso.org.dod.internet.mgmt.mib-2 or 1.3.6.1.2.1 experimental 3

root

(9)

Click here to type page title

MIB-II Variables

mib-2 1 1 sysDescr 2 sysObjectID 3 sysUpTime 4 sysContact 5 sysName 6 sysLocation 7 sysServices system 1 interfaces 2 at 3 ip 4 1.3.6.1.2.1.1.1 1.3.6.1.2.1.1.2 1.3.6.1.2.1.1.3 1.3.6.1.2.1.1.4 1.3.6.1.2.1.1.5 1.3.6.1.2.1.1.6 1.3.6.1.2.1.1.7 1.3.6.1.2.1 1.3.6.1.2.1.1 Object ID

OS/2 SNMP Agent version 1.0 1.3.6.1.4.2.1.1.2.2. 2234 Elizabeth Bennet 555-9111 labmachine1 Campus Bldg 82 72 . . .

Click here to type page title

®

Nways Workgroup Manager for Windows NT

MIB Browser

(10)

®

Nways Managers

8210 Device View

®

Click here to type page title

®

1.3.6.1.4.1.xxxx

iso.org.dod.internet.private.enterprises.xxxx

1.3.6.1.4.1.1 Proteon

1.3.6.1.4.1.2 IBM

.9 Cisco

.13 University of Tennessee

.16 Timeplex

.18 Wellfleet

.20 MIT

.42 SUN Microsystems

.3053 Genie Telecommunication Inc.

Enterprise Specific MIB Assignments

(11)

Agent reports exception conditions to the

manager

Types

cold start (0)

warm start (1)

link down (2)

link up (3)

authentication failure (4)

egp neighbor loss (5)

enterprise specific (6)

SNMP Trap

Network Management Station SNMP Trap Network Element

®

Add Trap Capability

(12)

®

Remote Monitoring (RMON)

Remote network monitoring (RMON) is the standard for

monitoring internet traffic.

RMON is an extension of SNMP but is differentiated from

SNMP by its use of additional MIB groups.

RMON-capable devices can gather extended MIB data in

addition to those provided by SNMP

Sorts and summarizes the information, resulting in a

deeper and more specific analysis of data traffic

Reduces management overhead through limited polling

and transmission intervals.

®

(13)

Click here to type page title

Offline Operation

RMON-compliant devices can be remotely located

Can continue to function even if the network manager is offline.

Proactive Monitoring

Keeps network statistics even when the network is healthy. Establishes a baseline of normal network behavior to compare if problems occur in the network.

Problem Detection and Reporting

Monitors network statistics and notifies management station when an exception occurs

Value Added Data

Keeps statistics that can be used in planning future network expansion

Multiple Managers

Can be controlled by more than one network manager (redundancy)

Information collected can be distributed to different locations

Remote Network Management Goals

®

® Network Management Station

SNMP

RMON Architecture

Network Element

(14)

®

RMON Manager Functions

Provide a graphical user interface

Shield users from raw data in RMON reports

Present relevant network information clearly

Configure agent

reporting parameters (intervals, thresholds)

Interpret and present real time reports

Present data for long term analysis (trending)

Provide data for troubleshooting

Provide service level and response time information

Act on exception events

Communicate with multiple RMON agents

Click here to type page title

®

Configuring a Probe Using

Nways Workgroup for Window NT

(15)

RMON Agents

Function and Types

Agent functions

Sample network conditions at user defined intervals

Off-line sampling independent of manager availability

Communicate with one or more managers (in-band

using SNMP)

Agent types

Workstation based

software

Freestanding

hardware/software (probe)

Embedded

Network hardware, such as a hub

Plug in modules or chips

®

RMON Management Architecture

Agent required per segment monitored

SNMP

Remote Monitoring (RMON)

Nav igation Tree Control Des k Ev ent Hist ory Mail CPU Perf SNMP Errors Event s LMU/ 6000 Tools Control Desk Monitor Syst ems Monit or CPU Utilizat ion TreeTool s

merc ury evan s Se gmen t 1bars to w File Edit View Lo cate Options M onito r Te st Tools Adm inister Help

Ev ents NetView

File Ev ents Application Menu Help In de te r m ina te M on S e p 19 1 4 :4 8: 38

19 94 je a nle e. ra le igh N No de D o wnSP EC IF I CG EN ER I CCA TE G O R YEN TE RP R IS ESO U RC EHO S TN A M ESE VE RI T Y

: 58 91 68 65 ( h ex : 3 83 00 01 ) : 6: St at us E ve n ts : ne tV ies 60 00 1 .3 . 6. 1. 4. 1. 2. 6 .3 .1 : Ne tm o n (N ): jea nle e. ra leig h .ib m . co m : In de te rm in a te N O TEBR O WS E / M IB H IG H LI G HT

(16)

Click here to type page title

®

Remote Monitoring Standards

7 Application Layer 6 Presentation Layer 5 Session Layer 5 Transport Layer 3 Network Layer 2 MAC Layer (DLC)

1 Physical Layer RMON RMON2

RFC 1757: RMON Management Information Base (MIB)

RFC 1513: Token-Ring Extensions to RMON MIB

RFC 2021: RMON2 MIB

RFC 2074: RMON2 MIB Protocol Identifiers

RMON focuses on providing information about the

media-specific (Token-ring, Ethernet) layers

RMON2 extends the support by providing information

about the layers above the MAC layer

Click here to type page title

®

Remote Network Monitoring MIB

CCITT(0) ISO(1) JTC(2) ORG(3)

DoD(6) Internet(1)

Directory(1) Management(2) Experimental(3) Private(4)

mib-2(1) rmon(16) Statistics(1) History(2) Alarm(3) Host(4) Host Top N(5) Matrix(6) Filter(7) Packet Capture(8) Event(9) Token Ring (10) Protocol Directory(11) Protocol Distribution(12) Address Mapping(13) Network layer Host(14) Network layer Matrix(15) Application layer Host(16) Application layer Matrix(17) User History(18)

Probe Configuration(19) RMON Conformance(20)

(17)

Click here to type page title

RMON MIB Object Groups

Statistics (1)

Provides real-time utilization and error statistics History (2)

Provides the ability to periodically capture the statistics Alarm (3)

Provides the ability to define/monitor thresholds (rising or falling) on counters/integers supported by the agent.

When triggered, agent passes alarm to Event Group. (Note that the Alarm Group reguires the Event Group)

Host (4)

Provides statistics based on the host (MAC) addresses Host Top N (5)

Provides sorted grouping of hosts based on a chosen host statistic Matrix (6)

Provides statistics about traffic between hosts

Click here to type page title

®

RMON MIB Object Groups (Cont.)

Filter (7)

Provides the ability to screen observed packets

When a packet passes the screening it can trigger an Event and/or be captured

Capture (8)

Provides the ability to buffer (capture) filtered packets that can be set to a manager

Capture Group requires the Filter Group Event (9)

Provides the ability to define an action (log, send trap) that can be triggered

Token-Ring (10)

(18)

Click here to type page title

®

RMON2 MIB Object Groups

Protocol Directory (11)

Directory of all protocols the agent supports (protocols are defined in RFC 2074)

Protocol Distribution (12)

Provides protocol-specific statistics Address Map (13)

Provides a mapping of MAC address to network address Network-layer Host (14)

Provides network-layer statistics based on the network-layer host addresses

Network-layer matrix (15)

Provides network-layer statistics about traffic between network-layer hosts

Click here to type page title

®

RMON2 MIB Object Groups (Cont.)

Application-layer Host (16)

Provides application-layer statistics based on the application-layer host addresses

Application-layer Matrix (17)

Provides application-layer statistics about traffic between application-layer hosts

User History Collection (18)

Provides the ability to specify sampling and logging based on user-specified variables and user-defined parameters

Probe Configuration (19)

(19)

Click here to type page title

RMON Groups Supported by

IBM Hardware

Group 8225 M-003 8230 SNMP 8238 Hub 8250 T/R Hub E-net 8260 T/R Nways E-net Hub Sw E-net Statistics - Ethernet - T/R MAC-layer - T/R Promiscuous YES ---YES NO ---Bronze Bronze ---YES YES Probe ---T-MAC T-MAC E-MAC ---YES ---Hosts Matrix Host Top N YES YES YES NO NO NO Silver Gold Gold YES YES YES Probe Probe Probe T-MAC HTMAC HTMAC E-MAC E-MAC E-MAC YES YES YES Ring Station

Ring Station Order Ring Station Config Source Route ---YES YES YES NO Bronze Silver Silver Silver YES YES YES YES ---T-MAC T-MAC T-MAC T-MAC --- ----Alarm Event YES YES NO NO Silver Silver YES YES Probe Probe T-MAC T-MAC E-MAC E-MAC YES YES History - Ethernet - T/R MAC-layer - T/R Promiscuous YES ----NO NO ----Gold Gold ----NO NO Probe ----HTMAC HTMAC E-MAC ----YES ----Filter Packet Capture YES YES NO NO Gold Gold NO NO Probe Probe HTMAC HTMAC HEMAC HEMAC YES YES Aspen MIB ECAM (RMON2) NO NO NO NO NO NO NO NO Probe Probe HTMAC HTMAC HEMAC HEMAC NO NO

Click here to type page title

®

® Hardware Platforms HP SUN RISC/6000 PC Operating Systems HP Unix AIX Solaris SunOS Windows 3.x/95/NT... Management Platforms

HP OpenView Tivoli NetView SunNet Mgr

Spectrum

Management Applications

Optivity Nways Manager Transcend

CiscoWorks Network

Management Station

(20)

Click here to type page title

®

Small to Medium Environments

Nways Workgroup Remote Monitor for Windows

NT

Medium to Large Environments

Nways Manager for AIX

Nways Manager for HP-UX

Nways RouteSwitch Network Manager Suite

Nways RouteTracker Manager

LAN Network Manager for OS/2

Nways 2220 Switch Manager for AIX

IBM Management Applications

®

Nways Manager for AIX/HP-UX

High End Campus

Tivoli NetView for AIX , HPOV on HP UNIX

LAN Media Manager Remote/Traffic Monitor APPN, DLSw

Topology ATM, ELAN Manager Element Manager LAN Media Manager LAN / Bridge Mgmt - Token Ring and bridge Topology Hardware supported 8229, 8230, 8250, 6611, 2210, 2216, 8281, 8271, 8272,8240,8244 APPN/DLSw Topology ATM/ELAN Manager Remote Monitor

-Token Ring / Ethernet Layer 1 Traffic Mgmt

- Full RMON I Standard support- Hardware supported

8225,8230,8237,8238, 8250/60,827x,8273/4

Traffic Monitor

-Token Ring / Ethernet Layer 3 Traffic Mgmt (e.g., IP, IPX, NETBIOS)

- RMON II support- Hardware supported

8250/60,827x

Low End Campus

Element Manager

Remote Monitor

Nways Manager for NT

APPN Topology - Network Node/End Node/HPR/DLUR

Data Link Switch Topology - SNA Endpoints routed thru IP network Hardware supported 3746, 2210, 2216, 6611 ATM Protocol Mgmt - PVC/SVC Tracking - ATM Performance mgmt - ATM media topology

Emulated LAN Mgmt Drag/Drop configuration LEC,LECS,BUS mgmt Hardware supported 8250/60/65, 8285, 8281, 8282, 2210, 2216

Note: No Platform required

Element Manager Device Management - Hardware configuration status - Media/Protocol status - Fault/Performance Hardware supported 8210,8224,8225,8230, 8235,8237,8238,8270, 8271,8272,8273,8274 8276,8281,8282,8285 8250/60/65,2210, 2216,6611, EN Adapters Element Manager Device Management - Hardware configuration status - Media/Protocol status - Fault/Performance Hardware supported 8210,8224,8225,8230, 8235,8237,8238,8270, 8271,8272,8273,8274 8276,8281,8282,8285 8250/60/65,2210, 2216,6611, EN Adapters Remote Monitor

-Token Ring / Ethernet Layer 1 Traffic Mgmt

- Full RMON I Standard support- Hardware supported

8225,8230,8237,8238, 8250/60,827x,8273/4

(21)

Click here to type page title

Reference

Additional Information

The Simple Book, An Introduction to Internet Management, Marshall T. Rose, Prentice-Hall, Engelwood Cliffs, NJ, 1994.

Standards Document Library on the Web http://www-library.itsi.disa.mil/by_org.html IBM MIBs

can be obtained via anonymous FTP at www.raleigh.ibm.com in directory pub/products/lanprods/hub

IBM Product Information

NETeam Solutions Clinics presentations

Managing an ATM Network with Nways Manager for AIX Nways Management for the Workgroup

Nways home page: www.networking.ibm.com/netmgt Network Manage Support: