Scribd
Upload
177 views

Network Management Introduction

Summer School 2005 Network Management A Four-Hour Introduction Markus Fiedler Blekinge Institute of Technology (BTH) Karlskrona, Sweden (Partner 49)

Uploaded by

Noso Opforu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
177 views

Network Management Introduction

Summer School 2005 Network Management A Four-Hour Introduction Markus Fiedler Blekinge Institute of Technology (BTH) Karlskrona, Sweden (Partner 49)

Uploaded by

Noso Opforu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 141

Markus Fiedler:

Network Management

Network Management
A Four-Hour Introduction

Markus Fiedler
Blekinge Institute of Technology (BTH)
Karlskrona, Sweden (Partner 49)
[email protected]
Summer School 2005
About This Lecture

 Partners involved
 Kurt Tutschku, University of Würzburg (UniWue, Partner 17)
 Stefan Köhler, infosim (Partner 18)
 Markus Fiedler, Blekinge Institute of Technology (BTH, Partner 49)
 Pool of slides, dedicated to
 Students (UniWue, BTH)
 Product courses (infosim)
 Researchers (EuroNGI)
 History
 BTH students working with infosim (USA, D) ~2000—2003
 Integration of course material started in 2001
– Infosim joined the pool in 2005
 Joint research on network performance management since 2001
– EuroNGI project AutoMon during 2005
 Complement to EuroNGI WP.JRA.1.5 activities and deliverables
 Where do you stand w.r.t. this topic?

Markus Fiedler: Network Management Summer School 2005 2


Outline

 Background and Goals  RMON


 Management Dimensions  StableNet by infosim
 FCAPS  NetFlow by Cisco
 Management Standards  SNMP Performance
 Submodels of a Network  Basic Literature
Management Architecture  Research
with focus on SNMP
 EuroNGI WP.JRA.1.5
 Organization Model Network Management
 Information Model  EuroNGI AutoMon Project
 Communication Model  Related Work
 Functional Model  Research Issues

 Potential Tasks

Markus Fiedler: Network Management Summer School 2005 3


Markus Fiedler:
Network Management

Background and Goals

Summer School 2005


Bad Day 

 What is the reason for his behavior?


 Service problems?
 Network problems?

Markus Fiedler: Network Management Summer School 2005 5


Performance Requirements

 Network-oriented – example: Transit delay


 99.9 %-delay quantile = 20 ms
 User-oriented – example: Response time
 Important perception thresholds define delay budgets:

100 ms 1s 10 s Response
time
Boring

Reacts There is a Flow of Un-


promptly delay thoughts interesting
interrupted

Markus Fiedler: Network Management Summer School 2005 6


Availability & Security Requirements

 24/7/365 service?  Confidentiality


 Dedicated servers  Integrity
 TV over IP  Authenticity
 Billing systems  Accessibility
 8-5 service?  ...
 Desktop computers
 ...

Markus Fiedler: Network Management Summer School 2005 7


Service Level Agreement [ITU-T E.860]

Service Level Agreement


Introduction
Scope
Confidentiality
Legal Status
Periodic Process Review
Signatories
QoS Agreement 1 …… QoS Agreement N

QoS Agreement 1 QoS Agreement N


Interface Business Interface Interface Business Interface
Description Technical Interface Description Technical Interface

Traffic Patterns Traffic Patterns


QoS Parameters and Objectives QoS Parameters and Objectives
Measurement Schemes Measurement Schemes
Reaction Patterns Reaction Patterns

Markus Fiedler: Network Management Summer School 2005 8


Network Management

 Goal: to ensure that the users of a network receive the information


technology services with the quality that they expect [Subramanian]
and that they are ready to pay for.
 SLA = Service Level Agreement
– Performance monitoring
– May include user obligation
 Economy
– (Management) Cost should be kept within reasonable limits
– Support business models and cases; service domain-orientation


Trend: Total management
 Business Management – Customer Relations
 Service Level Management – Products value
 Network Management – Resources chain

Markus Fiedler: Network Management Summer School 2005 9


Network Management System (NMS)

 NMS = ”Remote Control”


for the Network Operations
Center (NOC)
 Getting hold of the
chaos ;)
 Enables permanent
monitoring from a
central place
 Shows the dynamic
configuration
 Alarms when problems
occur
 Provides possibilities to
interfere
 Shall cover the whole
network

Markus Fiedler: Network Management Summer School 2005 10


Challenges

 Internet KISS principle (Keep It Simple Stupid)


 Introduction of new technologies and services
• Triple Play (VoIP, TVoIP, Internet)
• Web services
 Increased importance of communication networks
• Broadband infrastructure
• E-Commerce (retailing)
• Business-to-Business communication (B2B,
supply chain management)
 Competition in the market
• Deregulation of telecommunication sector
• Multi-operator environment
• Differentiation between service provider and
network operator

Markus Fiedler: Network Management Summer School 2005 11


Today´s “Pain”
 Network Management currently:
 ”Simplicity succeeds”
 Local versus global optimization
 Very manual process – human resource intensive
 Inaccurate – difficult to normalize data from disparate
applications
 IT Staff unable to focus on revenue generating activities
 Inefficient management infrastructure makes provisioning of
new services slow and cumbersome

 Contemporary issues:
 Service Level Management
– How to correlate service to network problems?
 True „end-to-end“ view of the network
 Fault Diagnosis
 Capacity Planning
 Resource Usage Billing

Markus Fiedler: Network Management Summer School 2005 12


Markus Fiedler:
Network Management

Management Dimensions

Summer School 2005


Management Dimensions

Functional dimension

F Fault management
Configuration management
C
Accounting management
A
Performance management
P
Security management
S Temporal
dimension
Component mgm Planning Installation Operations Liquidation
System mgm OAM&P
Application mgm
Enterprise mgm

Scope/Scenario dimension

Markus Fiedler: Network Management Summer School 2005 14


Scenario Dimension: Total Management

Business
Management

Service
Management

Network System
Management Management

Element Resource
Management Management

Network System
Elements Resources
Networked Information System

Markus Fiedler: Network Management Summer School 2005 15


Temporal dimension: OAM&P
 Operations
 Operators working at NOC = Network
Functional Operations Center
dimension
 Daily work: configuration, errors, problem
resolution, etc ...
 Trouble tickets
 Administration
Temporal  Overall goals
dimension  Policies
Scenario
 Accounting
dimension  Maintenance & Installation
 Maintenance works for NOC (repair)
 Installation works for provisioning
 Provisioning
 Engineering people
 network planning, resource allocation, etc.

Markus Fiedler: Network Management Summer School 2005 16


Planning and Management Cycle
> Inter-connected approach:
Forward Engineering and Operational Cycle
Planning
Analysis

Specification

Design
Managing
Install

Improve
Monitor
Optimize
Analyze
Process

Markus Fiedler: Network Management Summer School 2005 17


Traffic Measurement Cycle [ITU-T E.490]

Telecommunication Traffic
networks measurement

Minutes, seconds
Network traffic Traffic and
management actions fault analysis

Weeks, days, hours


Maintenance Traffic and
reconfiguration
1 fault analysis

Year, months
Network Traffic analysis
extension compilation forecasting

Markus Fiedler: Network Management Summer School 2005 18


Functional Dimension: FCAPS et al.

 FCAPS (defined by ISO/OSI [ISO 7498-4])


Functional  Fault Management
dimension  Configuration Management
 Accounting Management
 Performance Management
 Security Management
Temporal
dimension
 Moreover:
Scenario  Business Management
dimension
 Service Management
D.WP.
 Policy-based Management
JRA.
 Location Management 1.5.1
 Report Management
 Inventory Management
 ...

Markus Fiedler: Network Management Summer School 2005 19


Markus Fiedler:
Network Management

FCAPS

Summer School 2005


Fault Management: Buzzwords

 Troubleshooting
 Trouble Ticket
 Preventive Fault Management
 Reactive Fault Management
 Identification
 Isolation
 Restoriation
 Resolution

Markus Fiedler: Network Management Summer School 2005 21


Configuration Management: Buzzwords

 Generation  Static = permanent configuration


 Deployment  Dynamic = running configuration
 Restoriation  Planned = possibly future configuration

boot
change
Static Dynamic
update
config. config.
upg
rade
experie nce, ...
up grade

restart
Planned
Start
config.

Markus Fiedler: Network Management Summer School 2005 22


Accounting Management

 Costs arise for


 Network resources and services
 Management and customer service (expensive!)
– Front-office  back-office
– Helpdesk  NOC  M&I group
 Network/service usage monitoring = cost discovery
 Usage statistics required
– Examples: SNMP; Cisco NetFlow; ...
 Cost assignment and billing of users
 Billing system for automated cost handling
 AAA = Authentication, Authorization, Accounting
– Protocols: RADIUS, DIAMETER
 Customer service
 Customer care system

Markus Fiedler: Network Management Summer School 2005 23


Performance Management
Focus(?)
 Tune the network for optimal performance!
 Find and eliminate the real bottlenecks
 Different kinds of statistics
– traffic/load statistics  provisioning, trend analysis, planning
– delay statistics  improve response times
 Different collection strategies
– application-based (www, …)
– protocol-based (TCP, …)
– per network segment
– per user
 (Automated) Reaction to critical network states
 Example: Load > threshold
 alarm
 event (enabled by RMON technology)
 ”trap” 
automatic or manual reconfiguration

Markus Fiedler: Network Management Summer School 2005 24


Security Management

 Security dealing with the network and its management


 Cryptography on protocol level
 Authentication and privacy
 Network equipment = potential victims
 Discovery of attacks
 Traffic statistics play an important role:
Sudden rise in traffic = Denial-of-Service attack?
 (Automated) Reaction to attacs
 Physical shelter
 Locked and alarm-equipped rooms
 Hidden and/or optical cables
 Access control
 Deactivate unused network plugs
 User access control (AAA)
 Firewalls

Markus Fiedler: Network Management Summer School 2005 25


Data Monitoring and Analysis
Extremely
important
 Basis for FCAPS
 Based on purpose: Analysis on
 aggregate data level = statistics ( throughput, ...) More
data
 packet level ( protocol properties, delays, ...) and
effort
 bit level ( specific error conditions)
 Issues
 Large networks mean large amounts of data
 Management traffic = Denial-of-service attack?
 Effective control imposes real-time demands
 Standards required!
 Management information repository = standardized information base
(e.g. MIB)
 Management information exchange via standardized protocol
(e.g. SNMP)

Markus Fiedler: Network Management Summer School 2005 26


Markus Fiedler:
Network Management

Management Standards

Summer School 2005


Overview of Management Standards

 OSI management
 Object-oriented top-down approach
 Stands for most formal definitions
 Never succeeded due to its complexity and resource needs
 TMN = Telecommunications Management Network
 OSI adapted to telecommunication networks
 Example: GSM network management
 TMN concepts are finding their way into the IP world
 Internet = SNMP management
 Implementation-oriented bottom-up approach
 ”Intelligence” to be found in the management application
 De-facto standard for data network (SNMPv1  SNMPv3)
 Web-based management
 HTTP, XML, WBEM, CIM, DMTF, JMX, SOA, ESB, Web Services
 Somewhere in-between OSI and SNMP
 The future

Markus Fiedler: Network Management Summer School 2005 28


Management Approaches

 Top-down
 Based on required management
information and functionality
 Quite general and extendable
 Quite complicated to implement
 Good from a long-term perspective
 Example: OSI management

 Bottom-up
 Based on available management
information and functionality
 Quite limited possibilities
 Quite simple to implement
 Good from a short-term perspective
 Example: Internet management

Markus Fiedler: Network Management Summer School 2005 29


Perspectives on Managed Objects

 Internet perspective  OSI perspective


Object-oriented
 “Object” type  Object class
– Packet counter – Packet counter
 Syntax  Attributes
– Counter – Single-valued
 Access  Operations
No functions!
– Read-only – get, set
 Status  Behavior
– Mandatory – Retrieves or resets values
 Description  Notifications
– Counts numbers of packets – Generates notifications on
new value

Markus Fiedler: Network Management Summer School 2005 30


Markus Fiedler:
Network Management

Submodels of a Network
Management Architecture
With Focus on SNMP

Summer School 2005


Markus Fiedler:
Network Management

Organization Model

Summer School 2005


Network Management System

 Components and activities:

NMS Management services, NMS


Vendor A messages, protocols Vendor B

Operations: Notifications:
Management messages,
polling protocols alarms
Network Agent Network Agent
Usually pieces of
Permanent monitoring
management
information
(e.g. inside a router)
(Network) Objects (Network) Objects

Markus Fiedler: Network Management Summer School 2005 33


Submodels of a NM Architecture

Defined Organization Model


by Domain II
OSI

Domain I
Open Open
System A System B
Comm.
Obj Fn Fn Obj

Functional Communication Information


Model Model Model
FCAPS SNMP MIB

Markus Fiedler: Network Management Summer School 2005 34


Organization: In-Band Management

Switch Switch Router

NMS
• LAN
• Backbone
• WAN
• Internet
Management through the
production network

NMS = Network Management System/Station

Markus Fiedler: Network Management Summer School 2005 35


Organization: Out-(of-)Band Management

Switch Switch Router

NMS
• LAN
• Backbone
• WAN
• Internet

Management Network

Markus Fiedler: Network Management Summer School 2005 36


Efficient Network Management
controller
measurements
/ sensors constraints
(policies)

introduction
of automatic
IT system network
mgmt
processes

actuators

 Requirements:
 appropriate sensors
 suitable architectures
 two choices: centralized and decentralized architectures

Markus Fiedler: Network Management Summer School 2005 37


Centralized vs. Decentralized Approaches

 One central NMS


 Keep control; easy to automate
 Concentration of management traffic
 Single point of failure
 Single angle of view
 Several decentralized NMS
 Several angles of view
 Coordination required
– Hierarchical (Management of Managers) or flat?
– Manager-to-manager communication not always supported
 Synchronized views?
 Decentralized approach
 Intelligence to the edge
 Scalable
 Coordination required (distributed service)
 AutoMon approach

Markus Fiedler: Network Management Summer School 2005 38


Conflicting Views on Performance

 User perceived performance end-


3.b
to-end
 ”What happens to my service?” User
Provider

 Service Level view

2.b

2.c
3.c
1.c

 In-kind measurements 2.a

 Active server response time Appl.


Appl.
measurements 3.a 4
Local

1.a
 Active bandwidth probing tools
Server

ISP Network IBP Network ISP Network


2.d
 Operator observes the traffic

1.b
”passing by”
 ”What are the conditions on link x
and router y?”
Mgm (1.b) Mgm
 Traditional Network Management
appl. appl.
view Network Network
provider provider

cf. D.WP.JRA.6.1.1&3
Markus Fiedler: Network Management Summer School 2005 39
SNMP Organization Model

 Describes components of Internet NM and their relationships


 Manager/agent = software processes, dealing with raw data
Impossible in SNMPv1
Manager Manager
Dual Management messages
role

Agent Agent Agent


7 Impossible
5-7 7 7 5-7 7
FTP SNMP SNMP SNMP FTP SNMP
4 4 Obj 4 Obj 4 4 4
TCP UDP UDP UDP TCP UDP
3 3 3 3
IP IP IP IP
1-2 2 1-2 1-2
Ethernet 1 Ethernet Ethernet
10 Mbps 10 Mbps 100 Mbps
Computer Hub Router Computer

Markus Fiedler: Network Management Summer School 2005 40


SNMP Community

 Community (string)
 Gives access to agent community profiles
– Read-Only (RO)
 different MIB views!
– Read-Write (RW)
 SNMP community name = password
 Octet string in the message, not encrypted
– Sniffable = security problem!
 Typical: “public” = everyone using SNMP

 Authentication scheme SNMP Manager SNMP Manager


 Filter module in Authentication Scheme Authentication Scheme
manager and agent
“Authentic” Messages
– checking for matching
community name Authentication Scheme
SNMP Agent

Markus Fiedler: Network Management Summer School 2005 41


SNMP Community Profile

Manager
R R
R W W
O - - Access Mode
Com- 1 2
RW -
munity
profile
Agent View 2

MIB View for MIB access


W RW -
Read Access R R
View 1
O
MIB View for
Write Access

Non-accessible Read-only
objects Read-write Write-only
objects objects objects

Managed objects

Markus Fiedler: Network Management Summer School 2005 42


Markus Fiedler:
Network Management

Information Model

Summer School 2005


Information Model

 Concerned with the structure (SMI) and storage of management


information
 Information base to describe objects and their relationships
– SNMP: integers (range, gauge, time ticks), addresses, strings; tables
 Tree structure
 Formal specification by ASN.1

 MIB = Management Information Base


 Search pattern/tree for finding management information

Markus Fiedler: Network Management Summer School 2005 44


Internet MIB

 Reference by names and numbers


internet
 internet = 1.3.6.1 {1 3 6 1}
 internet = iso.org.dod.internet
directory mgmt experimental private
(1) (2) (3) (4)

mib-2 enterprises
 Some ASN.1 definitions: (1) (1)
• mgmt OBJECT IDENTIFIER ::= {internet 2} or {1 3 6 1 2}
• mib-2 OBJECT IDENTIFIER ::= {mgmt 1}
• common part of MIB
• private OBJECT IDENTIFIER ::= {internet 4}
enterprises
• enterprises OBJECT IDENTIFIER ::= {private 1} {1 3 6 1 4 1}
• vendor-specific MIB
cisco hp 3Com
(9) (11) (43)

Markus Fiedler: Network Management Summer School 2005 45


MIB-II [RFC1213/1573]

 Node {1 3 6 1 2 1}
 Includes MIB-I [RFC1156]
internet {1 3 6 1}
 Virtual information base
 manager/agent
mgmt (2)
use to have just necessary
information implemented mib-2 (1)
 nodes may be missing
completely system (1) snmp (11)
interfaces (2) transmission (10)
at (3) cmot (9)
ip (4) egp (8)
icmp (5) udp (7)
tcp (6)

Markus Fiedler: Network Management Summer School 2005 46


Some ASN.1 Types

 NetworkAddress
 IpAddress
 OCTET STRING (SIZE 4)
 Counter
 0  1  …  232–1 = 4294967295  0
 Gauge Only
 0 ⇔ 232 –1 characters
and integers!
 TimeTicks
 time in units of 10 ms from initialization
– 0=0s
– 1 = 10 ms = 0.01 s
– …
– 232 –1 ~ 497 d

Markus Fiedler: Network Management Summer School 2005 47


Specifications

 Scalars referenced by adding .0 in the end


 Example of building a list and a table

Table: 20

List = table row: 1

List items: 1 2 3 4 5
Index

 Table: OBJECT IDENTIFIER IpAddrTable ::= SEQUENCE OF IpAddrEntry {ip 20}

 List: OBJECT IDENTIFIER IpAddrEntry ::= SEQUENCE{ {IpAddrTable 1}


ipAdEntAddr IpAddress, {IpAddrEntry 1}
ipAdEntIfIndex INTEGER, {IpAddrEntry 2}
ipAdEntNetMask IpAddress, {IpAddrEntry 3}
ipAdEntBcastAddr INTEGER, {IpAddrEntry 4}
ipAdEntReasmMaxSize INTEGER (0..65536) {IpAddrEntry 5}
}

Markus Fiedler: Network Management Summer School 2005 48


Table Access (ipAddrTable)

 {1.3.6.1.2.1.4.20.1.3.194.47.148.210}
{Table.Row.DesiredColumn.IndexEntry}
standardized part depends on table content

194.47. 255.255.
148.210 255.224

Markus Fiedler: Network Management Summer School 2005 49


The system MIB Group

 Located under mib-2 node {1 3 6 1 2 1}


internet {1 3 6 1}

mgmt (2)

mib-2 (1)

system (1) snmp (11)


interfaces (2) transmission (10)
at (3) cmot (9)
ip (4) egp (8)
icmp (5) udp (7)
tcp (6)

Markus Fiedler: Network Management Summer School 2005 50


system {mib-2 1}

 System description and administrative information

 sysDescr system 1 Textual description


 sysObjectID system 2 OBJECT IDENTIFIER
 sysUpTime system 3 Up time [10 ms]
 sysContact system 4 Contact person
 sysName system 5 Name of the system
 sysLocation system 6 Physical location
 sysServices system 7 Which layer services?

Markus Fiedler: Network Management Summer School 2005 51


system {mib-2 1} – Example

 System description: 1.3.6.1.2.1.1.1.0 = “Coffee Maker”


 System uptime [ms]: 1.3.6.1.2.1.1.3.0 = “30000” (= 300 s = 5 min)
 System name: 1.3.6.1.2.1.1.5.0 = “Krups”
manager
name

agent
uptime
(MIB)

address

(1.3.6.1.2.1.1)

sysDescr (1) sysUpTime(3) sysName (5)

Markus Fiedler: Network Management Summer School 2005 52


The IP MIB Group

 Located below mib-2 node {1 3 6 1 2 1}


internet {1 3 6 1}

mgmt (2)

mib-2 (1)

system (1) snmp (11)


interfaces (2) transmission (10)
at (3) cmot (9)
ip (4) egp (8)
icmp (5) udp (7)
tcp (6)

Markus Fiedler: Network Management Summer School 2005 53


ipAddrTable {ip 20}

 IP address table

 ipAddrEntry ipAddrTable 1 One address entry:


– ipAdEntAddr ipAddrEntry 1 IP adress; index
– ipAdEntIfIndex ipAddrEntry 2 value = ifIndex
– ipAdEntNetMask ipAddrEntry 3 Subnet mask
– ipAdEntBcastAddr ipAddrEntry 4 Broadcast address
indicator bit
– ipAdEntReasmMaxSize ipAddrEntry 5 Largest IP diagram
for reassembly

 Some settings known from your computer ;)

Markus Fiedler: Network Management Summer School 2005 54


The UDP MIB Group

 Located below mib-2 node {1 3 6 1 2 1}


internet {1 3 6 1}

mgmt (2)

mib-2 (1)

system (1) snmp (11)


interfaces (2) transmission (10)
at (3) cmot (9)
ip (4) egp (8)
icmp (5) udp (7)
tcp (6)

Markus Fiedler: Network Management Summer School 2005 55


udp {mib-2 7}

 User Datagram Protocol

 udpInDatagrams udp 1 Total number of datagrams delivered

 udpNoPorts udp 2 Total number of datagrams received for


which there is no application

 udpInErrors udp 3 Number of datagrams with errors

 udpOutDatagrams udp 4 Total number of datagrams sent

 udpTable udp 5 UDP Listener table

 Quite general information (no distinction between switch ports)

Markus Fiedler: Network Management Summer School 2005 56


Markus Fiedler:
Network Management

Communication Model

Summer School 2005


SNMPv1 Communication Model
Manager Agent
application
management managed resources
MDB
application
GetNextRequest
monitors objects SNMP managed objects

GetNextRequest

GetResponse
GetResponse

SetRequest
GetRequest
SetRequest
GetRequest

Trap
Trap
SNMP messages
SNMP SNMP
UDP UDP
IP IP
DLC DLC
PHY PHY

Physical Medium

Intra-/Internet

Markus Fiedler: Network Management Summer School 2005 58


SNMP(v1+) Communication Model

 Symmetric connectionless communication:


 Manager has to poll (UDP on port 161)
– Get/Get-Next/SetRequest
 Agent answers (UDP on port 161)
– GetResponse
 Exception: Traps (UDP on port 162)
 Spontaneous message generatiion
 Event
 Messages can get lost
 Sequence numbers
 Multiple traps
 Message storms
 Risk for Denial-of-Service

Markus Fiedler: Network Management Summer School 2005 59


SNMPv1 Protocol Elements

 message formats:

SNMP message
version community SNMP PDU

GetRequest, GetNextRequest, SetRequest


PDU type request-id 0 0 variable-bindings

GetResponse
PDU type request-id error-status error-index variable-bindings

Trap
generic- specific-
PDU type enterprise address trap trap
timestamp vbs

variable-bindings
name 1 value 1 name 2 value 2 … name n value n

Markus Fiedler: Network Management Summer School 2005 60


SNMP Command-Line Tools

 Available mostly for UNIX, Linux


 snmpget [options] host community objectID [objectID]
 snmpget 192.168.170.1 public system.sysdescr.0
 snmpgetnext [options] host community objectID [objectID]
 snmpgetnext 192.168.170.1 public interfaces.ifTable.ifEntry.ifIndex.1
 interfaces.ifTable.ifEntry.ifIndex.2 = “2”
 snmpset [options] host community objectID [objectID]
 snmptrap
 Trap generation
 Mostly limited to SNMPv1 traps
 snmpwalk [options] host community [objectID]
 Reads whole MIB using get-next-requests
 Option: starting from desired objectID

Markus Fiedler: Network Management Summer School 2005 61


SNMPv1/2/3

 SNMPv1 [RFC1157 – STD15]


 Most widely used
 Inefficient get functions
 Security problems (clear-text communities)
 SNMPv2 [RFC1441—1452,1902—1908]
 Version chaos during development (w.r.t. security)
– Solution SNMPv2c uses communities
 New PDUs: GetBulkRequest, Inform (M2M), Response, SNMPv2-Trap
– Incompatible with SNMPv1
 SMIv2: MIB modifications; conformance definitions
 SNMPv3 [RFC3411 – STD62]
 Improved security  finally accepted by TelCos
– User-based Security Model (strong privacy and authentication)
– View-based Access Control Method
– Message timeliness evaluation
 Framework for SNMPv1/2/3
– v3 manager understands v1/2 agents

Markus Fiedler: Network Management Summer School 2005 62


Markus Fiedler:
Network Management

Functional Model

Summer School 2005


SNMP Functional Model

 SNMPv1: not explicitly defined!


 Poll counters (FCAPS)
– Error counters available
– RMON extension  pre-computing of statistics
 Receive traps
– Couple of standard traps available
– Own definitions
– RMON extension  threshold monitoring

 SNMPv3: at least management security addressed

 Comparison:
 OSI/TMN: FCAPS explicitly defined

Markus Fiedler: Network Management Summer School 2005 64


How to Calculate a Link Load in SNMP

 O (i ) − O(i − 1)
800 (T (i ) − T (i − 1)) ⋅ C (i ) if O(i ) ≥ O(i − 1)

ρ (i ) =  n
800 2 − O (i − 1) + O(i )
if O(i ) < O(i − 1)
 (T (i ) − T (i − 1)) ⋅ C (i )

 O = octet counter (e.g. interfaces group, ifTable, ifEntry:


ifInOctets/ifOutOctets) unit: Byte
 T = timer counter (system group: sysUpTime) unit: 10 ms
 C = link speed (ifTable, ifEntry: ifSpeed) unit: bps
 n = 32 (SNMPv1)
 5 variables to be polled at 2 instances  4+ PDUs
 Manager has to process (and store) the raw data

Markus Fiedler: Network Management Summer School 2005 65


MRTG

 Multi Router Traffic Grapher


 Available at www.mrtg.org
 Based on SNMP and Perl
 Results shown on web pages

 Traffic Analysis
 `Daily' Graph (time plots showing 5 min-averages)

 And lower time resolutions (30 min, …, 1 day)


 MRTG++: 10 s-averages

Markus Fiedler: Network Management Summer School 2005 66


Markus Fiedler:
Network Management

RMON

Summer School 2005


Remote MONitoring (RMON)

Remote LAN

Router with RMON

Switch with RMON Switch with RMON


Remote probe Remote probe
Precomputed
statistics via Backbone
get-requests
and
responses
Local LAN
Remote LAN Threshold
passing
Stand-alone probe  trap
Remote probe
NMS
Local Probe

Markus Fiedler: Network Management Summer School 2005 68


RMON1 Groups & Functions

Token Ring Statistics


Token Ring Token Ring History
Statistics History Control

Ethernet Statistics
Ethernet Ethernet History
Statistics History Control

Host and Conversation Statistics


Data Host hostTopN Matrix Network
Network Statistics Statistics Statistics
Gathering Manager

Filter Group
Packet Channel Packet
Filtering Filtering Capture

Alarm Event
Generation Generation

Markus Fiedler: Network Management Summer School 2005 69


RMON1 MIB structure (1)

 statistics group (rmon 1)


 maintains low-level utilization and error statistics for each sub-network
monitored by the agent
 history group (rmon 2)
 records periodic statistical samples from information available in the
statistics group
 alarm group (rmon 3)
 allows the management console user to set a sampling interval and alarm
threshold for any counter or integer recorded by the probe
 host group (rmon 4)
 contains counters for various types of traffic to and from hosts attached to
the sub-network
 hostTopN group (rmon 5)
 contains sorted host statistics of a hosts list specified by some parameter
in the host table

Markus Fiedler: Network Management Summer School 2005 70


RMON1 MIB structure (2)

 matrix group (rmon 6)


 shows error and utilization information in matrix form
 filter group (rmon 7)
 allows the monitor to observe packets that match a filter
 capture group (rmon 8)
 governs how data is send to a management console
 event group (rmon 9)
 gives a table of all events generated by the RMON probe
 tokenRing group (rmon 10)
 maintains statistics and configuration information for token ring sub-
networks
 dependencies amongst the groups
– alarm group requires event group
– hostTopN group requires host group
– capture group requires filter group

Markus Fiedler: Network Management Summer School 2005 71


RMON1 Alarm Generation

 Thresholds and Alarm Generation States:

sampled object value state of alarm-generation


mechanism

rising x x
threshold
falling-alarm
state falling-alarm
triggered rising-alarm
triggered
falling
threshold x alarm x
rising-alarm sampled object
state
value
entry first set to valid time fal ris
ling ing
thr thr
es es
ho ho
ld ld
 Alarm  Event  Trap
 To be configured (in general via command-line interface)

Markus Fiedler: Network Management Summer School 2005 72


RMON2

 Extension to RMON1 specification to include monitoring of protocol


traffic above the MAC level
 Decodes packets at layer 3 through layer 7
 Specification (1997) of:
 “Remote Network Monitoring Management Information Base II”
[RFC 2021]
 “Remote Network Monitoring MIB Protocol Identifies” [RFC 2074]

 Network layer visibility


 Probe monitors IP traffic within and beyond the sub-network
 Probe decodes and monitors application level traffic, e.g.: e-mail, file
transfer

Markus Fiedler: Network Management Summer School 2005 73


RMON2 MIB structure (1)

RMON-2 MIB extension sub-trees :


 protocolDir group (rmon 11)
 master directory of all protocols that the probe can interpret
 protocolDist group (rmon 12)
 aggregate statistics on the amount of traffic generated by each protocol,
per LAN segment
 addressMap group (rmon 13)
 matches each network address to a specific MAC address and port on
an attached device and the physical address on this sub-network
 n1Host group (rmon 14)
 statistics on the amount of traffic into and out of hosts on the basis of the
network-layer address
 n1Matrix group (rmon 15)
 statistics on the amount of traffic between pairs of hosts on the basis of
network-layer address

Markus Fiedler: Network Management Summer School 2005 74


RMON2 MIB structure (2)

 a1Host group (rmon 16)


 statistics on the amount of traffic into and out of hosts on the basis of
the application-level address
 a1Matrix group (rmon 17)
 statistics on the amount of traffic between pairs of hosts on the basis of
application-level address
 usrHistory group (rmon 18)
 periodically samples user-specified variables and logs that based on
user-defined parameters
 probeConfig group (rmon 19)
 defines standard configuration parameters for RMON probes
 rmonConformance (rmon 20)
 defines standard and optional groups

Markus Fiedler: Network Management Summer School 2005 75


Observer (Windows-Based RMON Tool)

Markus Fiedler: Network Management Summer School 2005 76


Markus Fiedler:
Network Management

StableNet by infosim
Contact: [email protected]

Summer School 2005


Measurement protocols

The measurement of six different traffic sources gives a detailed


understanding about the network

Markus Fiedler: Network Management Summer School 2005 78


SNMP with StableNet PME

D App.-Server

Get
SNMP-
SNMP
SN-Agent
Value C
1

Get from D every minute: SN-Agent


2
-CPU-Load E
-In/Out-Octets from Interface 3

SN-Controller
2001-10-30 12:48:50 Router D:
B
-CPU-Load: 40%; In/Out-Octets: 14/35 kpbs
A
2001-10-30 12:49:50 Router D:
-CPU-Load: 34%; In/Out-Octets: 11/28 kpbs
...
Legend:
Network-Connection
Command
Database Measurement
Values

Markus Fiedler: Network Management Summer School 2005 79


SNMP with StableNet PME

Markus Fiedler: Network Management Summer School 2005 80


SNMP with StableNet PME

No MIB configuration
imported

Markus Fiedler: Network Management Summer School 2005 81


SNMP/Ping Measurement

Dela
y

Link load

Markus Fiedler: Network Management Summer School 2005 82


SNMP-MIB Browser

Markus Fiedler: Network Management Summer School 2005 83


Markus Fiedler:
Network Management

NetFlow by Cisco

Summer School 2005


NetFlow Overview

 Originally designed by Cisco for their Quality of Service (QoS) program


 1996 by Darren Kerr and Barry Bruins at Cisco Systems
 Initially designed as a switching path
 The value of information in the cache was a secondary discovery
 Adopted by
 Other vendors like Juniper
 Organisations such as CAIDA
 Answers questions regarding IP traffic: who, what, where, when and how
 Inbound traffic only (both transit and router-destined)
 Network Flow statistic data produced in the router, then sent to an agent
 The agent filters only the relevant information from the stream
 NetFlow is now the primary network accounting technology in the industry
 Sampled NetFlow a Cisco innovation
 NetFlow version 9 an IETF standard

Markus Fiedler: Network Management Summer School 2005 85


What is a Flow?

Defined by seven unique keys:


 Source IP address
 Destination IP address
 Source port
 Destination port
 Layer 3 protocol type
 TOS byte (DSCP)
 Input logical interface (ifIndex)

Exported Data

Markus Fiedler: Network Management Summer School 2005


NetFlow Sequence Router

1. Create and update flows in NetFlow Cache


SrcIf SrcIPadd DstIf DstIPadd Protocol TOS Flgs Pkts SrcPort SrcMsk SrcAS DstPort DstMsk DstAS NextHop Bytes/Pkt Active Idle
Fa1/0 173.100.21.2 Fa0/0 10.0.227.12 11 80 10 11000 00A2 /24 5 00A2 /24 15 10.0.23.2 1528 1745 4
Fa1/0 173.100.3.2 Fa0/0 10.0.227.12 6 40 0 2491 15 /26 196 15 /24 15 10.0.23.2 740 41.5 1
Fa1/0 173.100.20.2 Fa0/0 10.0.227.12 11 80 10 10000 00A1 /24 180 00A1 /24 15 10.0.23.2 1428 1145.5 3
Fa1/0 173.100.6.2 Fa0/0 10.0.227.12 6 40 0 2210 19 /30 180 19 /24 15 10.0.23.2 1040 24.5 14

• Inactive timer expired (15 sec is default)


2. Expiration • Active timer expired (30 min (1800 sec) is default)
•NetFlow cache is full (oldest flows are expired)
• RST or FIN TCP Flag

SrcIf SrcIPadd DstIf DstIPadd Protocol TOS Flgs Pkts SrcPort SrcMsk SrcAS DstPort DstMsk DstAS NextHop Bytes/Pkt Active Idle
Fa1/0 173.100.21.2 Fa0/0 10.0.227.12 11 80 10 11000 00A2 /24 5 00A2 /24 15 10.0.23.2 1528 1800 4

3. Aggregation? Ye
No s

e.g. Protocol-Port Aggregation Scheme becomes


Protocol Pkts SrcPort DstPort Bytes/Pkt
11 11000 00A2 00A2 1528
4. Export Version
Non-Aggregated Flows – export Version 5 or 9 Aggregated Flows – export Version 8 or 9

5. Transport Protocol
Header

Export Payload
Packet (flows)

Markus Fiedler: Network Management Summer School 2005


Creating Export Packets

Enable NetFlow

Traffic
Core Network

PE

UDP
NetFlow
Export Packets Export
Approximately 1500 bytes Packets
Typically contain 20--50 flow
records
Sent more frequently if traffic
increases on NetFlow- Collector
enabled interfaces (Solaris, HP-UX, or Linux) Application GUI

Markus Fiedler: Network Management Summer School 2005


NetFlow
Router has to be
configured for
Netflow up front App.-Server

Netflow-Data

SN-Agent C

Read filtered Netflow-Data from SN-Agent


Agent every minute E

SN-Controller

2001-10-30 12:57:33 Web: A -> B: 5 MB B


2001-10-30 12:57:33 HTTP: A -> B: 3 MB A
2001-10-30 12:57:33 All: A -> B: 9 MB
...

Legend:
Network-
Connection

Database Command
Measurement
Values
Markus Fiedler: Network Management Summer School 2005 89
NetFlow Versions

NetFlow Comments
Version
1 Original
5 Standard and most common
7 Specific to Cisco Catalyst 6500 and 7600
Series Switches
Similar to Version 5, but does not include AS,
interface, TCP Flag & TOS information
8 Choice of eleven aggregation schemes
Reduces resource usage
9 Flexible, extensible file export format to enable
easier support of additional fields &
technologies; coming out now MPLS, Multicast,
& BGP Next Hop

Markus Fiedler: Network Management Summer School 2005 90


Version 5 – Flow Format

Usage • Packet Count • Source IP


IP Address
Address From/To
• Byte Count • Destination
Destination IP
IPAddress
Address

Time • Start sysUpTime • Source TCP/UDP Port Application


of Day • End sysUpTime • Destination TCP/UDP Port

Port • Input ifIndex • Next Hop Address


Utilization • Output ifIndex Routing
• Source AS Number and
• Dest. AS Number Peering
• Type of Service • Source Prefix Mask
QoS • TCP Flags • Dest. Prefix Mask
• Protocol

Markus Fiedler: Network Management Summer School 2005 91


NetFlow Configurations v5

 To configure NetFlow Switching, complete the tasks in the following


sections.
 Enabling NetFlow Switching (Required)
 Exporting NetFlow Switching Statistics (Optional)
 Customizing the Number of Entries in the NetFlow Cache (Optional)
 Managing NetFlow Switching Statistics (Optional)
 Configuring IP Distributed and NetFlow Switching on VIP Interfaces
(Optional)
 Configuring an Aggregation Cache (Optional)
 Configuring NetFlow Policy Routing (Optional)

Markus Fiedler: Network Management Summer School 2005 92


NetFlow v9 Principles

 Problems with former versions:


 Fixed formats (versions 1, 5, 7, and 8) are not flexible and adaptable –
Cisco needed to build a new version each time a customer wanted to
export new fields
 When new versions are created, partners need to reengineer to support
the new export format

 Version 9 is an export format


 Still a push model
 Sent the template regularly (configurable)
 Independent of the underlying protocol, it is ready for any reliable
protocol (ie: TCP, SCTP)

Markus Fiedler: Network Management Summer School 2005 93


NetFlow v9 Export Packet IETF Specification

Header Data FlowSet Option Template FlowSet


version (1, 5, 7, 8, 9) FlowSet ID FlowSet ID (1)
# records in Export Packet Length (bytes) Length (bytes)
Export Packet sequence #
source ID (identifies router) Data Record
Template ID (>255)
Option Scope Length (bytes)
Option Flowsets
Field 1 Value Option Length (bytes) send data
Template FlowSet Field 2 Value Scope 1 Field Type associated with:
FlowSet ID (0) … Scope 1 Field Length (bytes)
Length (bytes) Field N Value Option 1 Field Type • System
Option 1 Field Length (bytes)
Data Record
Template Record
Template ID (>255) Field 1 Value

Option N Field Type
• Interface
Field Count (# fields) Field 2 Value
Field 1 Type …
Option N Field Length
• Line Card
Field 1 Length Field N Value
Field 2 Type Option Data FlowSet • Cache
Field 2 Length FlowSet ID
… Data FlowSet Length (bytes) • Template
Field N Type FlowSet ID
Field N Length Length (bytes) Option Data Record Example:
Scope 1 Value
Template Record
Template ID (>255)
Data Record
Field 1 Value
Option 1 Field Value The sampling rate
Field Count (# fields) Field 2 Value

Option N Field Value
associated with a
Field 1 Type … particular interface
Field 1 Length Field N Value
Option Data Record
Field 2 Type
Scope 1 Value
Field 2 Length Data Record
Option 1 Field Value
… Field 1 Value

Field N Type Field 2 Value
Field N Length … Option N Field Value
Field N Value

Markus Fiedler: Network Management Summer School 2005 94


NetFlow – Top Hosts

Markus Fiedler: Network Management Summer School 2005 95


NetFlow – Top Protocols

Markus Fiedler: Network Management Summer School 2005 96


NetFlow – Top Client Applications

Markus Fiedler: Network Management Summer School 2005 97


NetFlow Application Rules with PME

Markus Fiedler: Network Management Summer School 2005 98


NetFlow Network Rules with PME

Markus Fiedler: Network Management Summer School 2005 99


NetFlow Measurements with PME

Markus Fiedler: Network Management Summer School 2005 100


NetFlow Measurement: Traffic Partition

Traffic in the
whole network

Partial traffic

Markus Fiedler: Network Management Summer School 2005 101


NetFlow Measurement: Traffic Types

Total traffic

HTTP

Telnet

Markus Fiedler: Network Management Summer School 2005 102


Network Flow Example: Analysis

Terminal 3%
VoIP 4%
SAP 8%

VPN1 28%
Mail 13%

VPN2 1%

WWW 43%

(c) M. Heuler @ infosim AG

Markus Fiedler: Network Management Summer School 2005 103


Network Flow Example: Traffic Matrix

2000

1800

1600

1400

Hamburg 1200

Traffic
1000

800

Berlin 600

400

200

Köln 0

Zentrale Leipzig
1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35 37 39 41 43 45 47 49 51 53 55 57 59 61 63 65 67
Time

Hamburg Köln Berlin Leipzig München Saar Würzburg Zentrale


Würzburg Hamburg 0,00 34,00 1.234,00 234,00 3,00 345,00 45,00 345,00
Köln 2,00 0,00 23,00 4,00 34,00 34,00 5,00 43,00
Saarbrücken Berlin 31,00 23,00 0,00 34,00 345,00 53,00 45,00 5,00
Leipzig 23,00 4,00 43,00 0,00 34,00 34,00 345,00 34,00
München 4,00 4,00 23,00 43,00 0,00 5,00 435,00 3,00
Saar 234,00 45,00 4,00 2,00 34,00 0,00 34,00 45,00
Würzburg 4,00 45,00 34,00 234,00 23,00 423,00 0,00 23,00
München Zentrale 23,00 34,00 234,00 4,00 34,00 4,00 234,00 0,00

Markus Fiedler: Network Management Summer School 2005 104


Network Flow Example: Accounting

Hamburg

Internet Kosten SAP ( TS) Kosten Gesamt


Berlin Hamburg 3,02 GB € 180,91 13.156 € 657,78 € 838,69
Berlin 0,16 GB € 9,73 703 € 35,15 € 44,88
Leipzig 5,12 GB € 307,04 46.905 € 2.345,23 € 2.652,27
Köln München 6,69 GB € 401,12 53.594 € 2.679,72 € 3.080,83
Zentrale Leipzig Saar 0,30 GB € 18,14 376 € 18,80 € 36,94
Köln 0,97 GB € 58,05 3.910 € 195,49 € 253,54
Würzburg 9,99 GB € 599,65 50.219 € 2.510,95 € 3.110,61
Zentrale 9,83 GB € 589,66 97.785 € 4.889,23 € 5.478,89
Würzburg Summe 36,07 GB € 2.164,30 266.647 € 13.332,35 € 15.496,65

Saarbrücken

München

Markus Fiedler: Network Management Summer School 2005 105


Markus Fiedler:
Network Management

SNMP Performance
... RMON Performance probably as well ;)

Summer School 2005


SNMP Performance – Why Care?

 SNMP MIBs almost on every device Reference:


 Monitoring infrastructure
 SNMP agents are pieces of software P. Carlsson, M. Fiedler,
 How about their real-time capabilities? K. Tutschku, S. Chevul,
 Time scales – min. averaging intervals and A.A. Nilsson.
 Determine dead times of control loops Obtaining reliable
 Traditionally 5~15 min bit rate measurements
in SNMP-managed
 MRTG++: 10 s
networks.
 Observer, external probe: 3 s Proc. of the 15th ITC
 Observer, internal probe: 1 s Specialists Seminar
 Where is the limit? on Traffic Engineering and
– sysUpTime promises 10 ms – is this true? Traffic Management,
 Polling Würzburg, Germany,
 How exact are the counters? July 2002, pp 114–123.
 What about response times?
– When are the counters actually read?

Markus Fiedler: Network Management Summer School 2005 107


Device Study

 Switches S1 — S4 in lab  Routers R1 — R2 in production


environment environment

 S1 — S3: 24 ports  R1: Access router, 10 Mbps


 S4: 8 ports – 400 MB via SFTP
 100 Mbps  R2: Switch router, 1 Gbps
– 15.3 GB via FTP – Campus backbone

Markus Fiedler: Network Management Summer School 2005 108


How to Calculate a Bit Rate in SNMP

 O(i ) − O(i − 1)
 800 T (i ) − T (i − 1) if O(i ) ≥ O(i − 1)
R (i ) 
=
bps  2n − O(i − 1) + O(i )
800 if O(i ) < O(i − 1)
 T (i ) − T (i − 1)

 O = octet counter
 interface group [STD17]: ifInOctets, ifOutOctets (n = 32)
 ifMIB group [RFC2863]: ifHCInOctets, ifCHOutOctets (n = 64)
– SNMPv2/3 only
– Device-dependent
 T = sysUpTime
 Multiples of 10 ms

Markus Fiedler: Network Management Summer School 2005 109


Counter Behavior

32-bit counter

Time
 MIB counters are cyclic  sooner or later every counter will wrap around
 Governed by the arrival process
 One wrap can be corrected, two or more will go unnoticed
 Risk of underestimations

Markus Fiedler: Network Management Summer School 2005 110


Cycle Interval for 32 bit counters

short wrap around time


bit rate of saturated input process (ρ = 1)

Markus Fiedler: Network Management Summer School 2005 111


Back to the Bit Rate Measurement

High variability on small time scales!

Markus Fiedler: Network Management Summer School 2005 112


Counter Behavior
 Detailed look:
32-bit counter

Frozen counter  sampling error!

Markus Fiedler: Network Management Summer School 2005 113


Bit Rate Results (Router 2)
 What effect does this have on the bit rate measurement if we have an
measurement interval of 1 s?

Real speed

Wrong computation of bit rate!


Over- and/or underestimation of actual values!

Markus Fiedler: Network Management Summer School 2005 114


Bit Rate Results (Switch 3)
 Obvious overestimation of traffic:

Link speed

Markus Fiedler: Network Management Summer School 2005 115


A Sampling Theorem For SNMP
 Choose right sampling interval!

 TCCT,min  2n +3 bit
Tsamp ∈ Tupdate ,  ; TCCT,min =
 γ  C
 Tsamp = sampling time
 Tupdate = MIB update interval
 TCCT = counter cycle time
 γ = safety factor (2, 3)

Markus Fiedler: Network Management Summer School 2005 116


Response Time Histogram (Switch 3)

 Stochastic behavior of SNMP agent response process!

Markus Fiedler: Network Management Summer School 2005 117


Results

MIB update Mean 99%


Device interval response time quantile
[s] [ms] [ms]
S1 << 1 14 200
S2 << 1 26 120
S3 2 18 70
S4 1.5 10 10
R1 <1 34 60
R2 10 10 13

Markus Fiedler: Network Management Summer School 2005 118


Conclusions

 None of the tested devices behaves as expected


 Either good at updating...
 ... or good at answering requests
 Issues regarding ”black box” SNMP agents
 Conformity definitions
 Improved implementations
 The widely deployed SNMP infrastructure can be used for
performance management AS LONG AS
 Suitable sampling intervals can be used
– Pay attention to wrapping counters
• Make sure that the ifMIB group exists
• Use SNMPv2/v3
– Pay attention to MIB update intervals
 The agent answers ”fast enough”
 In any case: Test your equipment before using it ☺

Markus Fiedler: Network Management Summer School 2005 119


Markus Fiedler:
Network Management

Basic Literature

Summer School 2005


Some Basic Literature

 M. Subramanian. Network Management. Principles and Practice.


Addison-Wesley, 2000.
 Introduction; rather on undergraduate level
 H.-G. Hegering et al. Integrated Management Of Networked
Systems. Concepts, Architectures, and Their Operational
Application. Morgan Kaufman Publishers, 1999.
 Top-down; many concepts

 Overviews also available in standard textbooks such as


 D. Comer. Computer Networks and Internets with Internet Applications.
 W. Stallings. Data & Computer Communications.

Markus Fiedler: Network Management Summer School 2005 121


Markus Fiedler:
Network Management

Research
... a rather incomplete and biased overview ;)

Summer School 2005


Markus Fiedler:
Network Management

EuroNGI WP.JRA.1.5 Network


Management
Leader: Vicente Casares Giner,
ITACA-Universidad Politécnica de
Valencia (Partner 45)

Summer School 2005


EuroNGI WP.JRA.1.5 Network Management

 Deliverables
 D.WP.JRA.1.5.1 State of the art in Location Management procedures
– Network Management introduction
– Policy based Management
– Mobility and Location Management
 D.WP.JRA.1.5.2 Study of mobility behaviour of new Internet mobile
users
– Mobility models
 Active partners:
 Valencia
 Bucarest
 Infosim
 UniWue
 BTH

Markus Fiedler: Network Management Summer School 2005 124


Markus Fiedler:
Network Management

EuroNGI AutoMon Project

Partners: see above (49, 17, 18)

Summer School 2005


AutoMon Overview

 Special Joint Specific Research Project (JRA.S.06) during 2005


 Full title: Design and Evaluation of Distributed, Self-Organized QoS
Monitoring for Autonomous Network Operation
 http://www3.informatik.uni-wuerzburg.de/staff/automon
 Touches
 WP.JRA.1.4 New Services
 WP.JRA.1.5 Network Management
 WP.JRA.6.1 User-perceived QoS and QoS feedback

Markus Fiedler: Network Management Summer School 2005 126


AutoMon Contents

 Specification of a distributed, self-organizing and autonomic IP QoS


monitoring framework based on Distributed Hash Tables
 Includes an SNMP-based QoS feed-back interface towards service
providers
 DNA = Distributed Network Agent: monitors E2E and issues alarms if
necessary
 Evaluation of the performance of the peer-to-peer mechanisms for
maintaining the monitoring overlay
 Analysis of applicability and accuracy of generic end-to-end
performance metrics with regard to user-perceived Quality of Service
 Network/Throughput Utility Function
 Implementation of a concept demonstrator by the participating SME
in order to show the commercial viability of the approach
 Popular MS .net environment

Markus Fiedler: Network Management Summer School 2005 127


Autonomic Computing
Adaptive
Infrastructure

Next Generation Internet


Computing

Dynamic Systems

N1 Initiative

Numerous companies use different names for the same goal:

Autonomous and Self-Managed IT-Systems

Markus Fiedler: Network Management Summer School 2005 128


The Way To Autonomous Networks

Autonomic
Manager

Autonomic
Input Manager
Output

Autonomic
Manager

IT System
e.g. LAN/MAN

Markus Fiedler: Network Management Summer School 2005 129


DNA Phase 1: Local Tests

Distributed Network Agent

g !
Pin
IP? e?
W i r

DNA

Markus Fiedler: Network Management Summer School 2005 130


DNA Phase 2: Distributed Tests in an Intranet

Ping!

DNA
Company

„Test
Result
conn. !
please“
Result n g
„Test Pi
conn. please“ Ping!

DNA DNA

Markus Fiedler: Network Management Summer School 2005 131


Why Not a Central Solution?

 Disadvantages
 “single point of failure“
 scalability (number of clients and services per clients)
 restricted view DNA

 automation still need coordination

office

improved view
?
network DNA
manager

How do the DNA clients organize and find


each other? Intranet
web page

Markus Fiedler: Network Management Summer School 2005 132


Construction of an Overlay Net

P2P overlay network Internet

company

university
office B
Tasks
- maintain Overlay
- locate other DNAs
office A
- form meta data (index)

Full mesh not applicable!

Markus Fiedler: Network Management Summer School 2005 133


Markus Fiedler:
Network Management

Related Work

Summer School 2005


Some Other ...

... projects of interest


 INTERMON http://www.ist-intermon.org
 IPMON http://ipmon.sprint.com/ipmon.php
 TEQUILA http://www.ist-tequila.org

... activities of interest


 IBM Autonomic Computing
http://www.research.ibm.com/autonomic/
 Cisco IOS IP SLA http://www.cisco.com/warp/public/732/Tech/nmp/
ipsla/docs/ipslaoverview.pdf
 Microsoft Operations Framework
http://www.microsoft.com/mof
 Microsoft Dynamic Systems Initiative
http://www.microsoft.com/dsi

Markus Fiedler: Network Management Summer School 2005 135


Markus Fiedler:
Network Management

Research Issues

Summer School 2005


Some Research Issues

 Organization model
 Degree of (de-)centralization
 Self-organization (Autonomic Networking)
 Information model
 Which information to store when, where and how?
 Communication model
 How to access and communicate management information?
 Meaningful protocols (beyond TCP & UDP)
 Functional model
 Providing added value for Business and Service Management
 Self-”FCAPS” (Autonomic Networking)
 Web services
 Management performance and security issues

Markus Fiedler: Network Management Summer School 2005 137


Some Buzzwords

 Active Networks
 Programmable Networks
 Cf. D.WP.JRA.1.5.1
 Autonomic Computing and Networking
 Location Management
 WP.JRA.1.5
 Microsoft Operations Framework
 Zero-Touch-Management (Microsoft Austria)
 Policy-based Network Management
 Cf. D.WP.JRA.1.5.1
 Web-based Management
 Service Oriented Architecture (IBM)
 Enterprise Service Bus (IBM)

Markus Fiedler: Network Management Summer School 2005 138


Markus Fiedler:
Network Management

Potential Tasks

... Still, it’s paperwork ;)

Summer School 2005


Background and ”Homework” ;)

 Problem working with networking equipment


 Costly
 Risky
 Time-consuming
 Realistic environment?

 Try to allocate information that is relevant for you in SNMP/RMON


MIBs
 ... and check for non-existing information as well
 Try to investigate how Network Management is related to your
research
 How could you ”dock your results into a standard-NMS”?
 How could you improve the organization, information, communication
and function of network management?
 Where are the business cases? Which value chain do you create or
improve?

Markus Fiedler: Network Management Summer School 2005 140


Markus Fiedler:
Network Management

Thanks for listening ☺


Q&A

Summer School 2005

You might also like