Scribd
Upload
138 views37 pages

18 Network Management and OM

Uploaded by

dembi86
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
138 views37 pages

18 Network Management and OM

Uploaded by

dembi86
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 37

Network Management and O&M

Page 2 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Foreword
 The ever expanding network and increasing network devices present a significant challenge in
managing networks effectively and providing high-quality network services.
 There are many network management and O&M methods, of which this course describes some
of the most common.

Page 3 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Objectives
 On completion of this course, you will be able to:
▫ Understand basic concepts of network management and O&M.

▫ Master common network management and O&M methods.

▫ Describe basic functions of network management and O&M.

▫ Understand the fundamentals of SNMP.

▫ Understand Huawei iMaster NCE and related technologies.

Page 4 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Contents
1. Basic Concepts of Network Management and O&M
2. SNMP Fundamentals and Configuration
3. Network Management Based on Huawei iMaster NCE

Page 5 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
What Is Network Management and O&M?
 Network management and O&M plays an important role on a communications network. It ensures that
devices work properly and the communications network runs properly to provide efficient, reliable, and
secure communications services.

The network administrator


manages and maintains the
network for stable
operation.

Network administrator

Common enterprise network architecture

Page 6 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Basic Network Management Functions

Configuration Performance Fault Security Accounting


management management management management management

OSI defines five functional models for network management:


▫ Configuration management: monitors network configuration information so that network administrators can generate, query, and
modify hardware and software running parameters and conditions, and configure services.
▫ Performance management: manages network performance so that the network can provide reliable, continuous, and low-latency
communication capabilities with as few network resources as possible.
▫ Fault management: ensures that the network is always available and rectifies faults as soon as possible.
▫ Security management: protects networks and systems from unauthorized access and attacks.
▫ Accounting management: records the network resource usage of users, charges users, and collects statistics on network resource
usage.

Page 7 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Network Management Modes
Traditional Network Management and O&M iMaster NCE-based Network Management and O&M

ERP Video Office OS Advertisement


conferencing operations

Commercial application

Northbound API

`
Analysis

Network Network
automation Control intelligence
Management
iMaster NCE
Web system SNMP-based Cloud platform
CLI
mode centralized
mode
management

Network administrator Network management station Data center Campus WAN Branch

Page 8 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Contents
1. Basic Concepts of Network Management and O&M
2. Traditional Network Management
3. Network Management Based on Huawei iMaster NCE

Page 9 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Management Through the CLI or Web System
 When the network scale is small, the CLI and web system are generally used for network management.
▫ Network administrators can log in to a device through HTTPS, Telnet, or the console port to manage the device.

▫ These network management modes do not require any program or server to be installed on the network, and the cost is low.

▫ Network administrators must have a good master of network knowledge and vendor-specific network configuration commands.

▫ These modes have great limitations when the network scale is large and the network topology is complex.

Vendor A Vendor A Vendor A Vendor A Vendor B Vendor C Vendor D


Switch Firewall AC Router Router Switch Switch

One-to-one management
Network administrator

Page 10 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
SNMP-based Centralized Management
 SNMP is a standard network management protocol widely used on TCP/IP networks. It provides a method for
managing NEs through a central computer that runs network management software, that is, a network management
station.

• Network administrators can use the NMS to query


information, modify information, and troubleshoot
faults on any node on the network, improving work
efficiency.
SNMP
• Network devices of different types and vendors are
packet exchange
managed in a unified manner.
One-to-many
management

NMS Network administrator

Page 11 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Typical SNMP Architecture
 On a network where SNMP is used for network management, a
Client network management system (NMS) functions as a network
SNMP message
management center and runs management processes. Each
Monitor
managed device needs to run an agent process. The
Provides a visualized interface.
management process and agent process communicate with each
other through SNMP messages.
NMS  An NMS is a system that uses SNMP to manage and monitor
Network management network devices. The NMS software runs on NMS servers.
process
 Managed devices are devices that are managed by the NMS on
the network.
IP Network  The agent process runs on managed devices to maintain the
information data of the managed devices, respond to the
Agent Agent Agent request from the NMS, and report the management data to the
process process process
NMS that sends the request.
Managed device Managed device Managed device

Page 12 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
SNMP Message Exchange
NMS Managed object • The NMS and managed devices exchange messages in the
Network management following modes:
process ▫ The NMS sends a request for modifying or querying configuration
information to a managed device through SNMP. The agent process
1 2 3
running on the managed device responds to the request from the
Query/Modify Request

Query/Modify response

Tra
p NMS.
▫ The managed device can proactively report traps to the NMS so
that the network administrator can detect faults in a timely manner.
• Managed object: Each device may contain multiple managed
objects. A managed object can be a hardware component or a
Agent process set of parameters configured on the hardware or software (such
as a routing protocol).
• SNMP uses management information bases (MIBs) to describe
a group of objects of a manageable entity.

Managed device

Page 13 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
MIB
root

iso (1) • A MIB is a database containing the variables that are


ccitt (0) joint-iso-ccitt (2) maintained by managed devices. (The variables can be
org (3) queried or set by the agent processes.) The MIB defines the
attributes of managed devices in the database.
dod (6) ▫ Object identifier (OID) of an object
▫ Status of an object
OID:1.3.6.1.2 ▫ Access permission of an object
internet (1)
▫ Data types of an object

mgmt (2) • A MIB provides a structure that contains data on all NEs that
may be managed on the network. Because the data structure
mib (1) is similar to the tree structure, a MIB is also called an object
naming tree.
system (1) interface (2) ...

... ...

Page 14 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Common MIB Objects
 Objects used for query or modification:

OID Object Name Data Type Maximum Access Description


Number of network interfaces in the
1.3.6.1.2.1.2.1 ifNumber Integer read-only system (regardless of the current
interface status)
1.3.6.1.4.1.2011.5.25.41.1.2
hwIpAdEntNetMask IpAddress read-create Subnet mask of an IP address
.1.1.3

 Objects used for alarm notification:


OID Object Name Bound Variable Description

ifIndex It is detected that one of the communication links in the


ifAdminStatus ifOperStatus object has entered the down state from another state
3.6.1.6.3.1.1.5.3 linkDown
ifOperStatus (but not the notPresent state). The original state is indicated by
ifDesc the value of ifOperStatus.

Page 15 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
SNMP Management Model
NMS
Network management • Query/Modify operation:
process ▫ The NMS sends an SNMP request message to an agent
process.
SNMP message exchange
▫ The agent process searches the MIB on the device for
information to be queried or modified and sends an SNMP
Agent process
response message to the NMS.
• Trap operation:
MIB ▫ If the trap triggering conditions defined for a module are met,
the agent process sends a message to notify the NMS that an
event or trap has occurred on a managed object. This helps
Managed object
network administrators promptly process network faults.

Managed devices

Page 16 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
SNMPv1
NMS IP Network Managed device
What's the IP address
Get of GE 0/0/1

Response 10.0.1.1/24

What's the IP address


GetNext of GE 0/0/2

Response 10.0.2.1/24

Set the IP address of


Set GE 0/0/3 to 10.0.3.1/24.

Response Setting succeeded.

The CPU usage is too


Trap
high.

Page 17 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
SNMPv2c
NMS IP Network
Managed device

Get

Response

GetNext

Response

Set

Response

Trap
Query the IP addresses of
GetBulk
all interfaces on the device
The IP address of GE 0/0/1 is...
Response
The IP address of GE 0/0/2 is...

Inform The CPU usage is too high.

Response Alarm received.

Page 18 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
SNMPv3
 SNMPv3 has the same working mechanism as SNMPv1 and SNMPv2c, but adds header data and security parameters.
 SNMPv3 messages can be authenticated and encrypted.
 SNMPv3 is applicable to networks of various scales and has high security.

NMS IP Network Managed device

Authenticates all exchanged


messages
and encrypts messages.

Page 19 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
SNMP Summary
 SNMP has the following advantages:
▫ Simplicity: SNMP is applicable to networks that require high speed and low cost because it uses a polling mechanism and provides basic network
management functions. Moreover, SNMP uses UDP to exchange data and therefore is supported by most products.

▫ Convenience: SNMP allows management information exchange between arbitrary devices on a network, so that a network administrator can
query information and locate faults on any device.

 SNMPv1 applies to small-scale networks where security requirements are not high or the network environment is safe and stable,
such as campus networks and small-sized enterprise networks.
 SNMPv2c applies to medium- and large-sized networks where security requirements are not high or the network environment is safe,
but a large volume of traffic exists and traffic congestion may occur.
 SNMPv3 is the recommended version and applies to networks of various scales, especially those networks that have high security
requirements and allow only authorized administrators to manage network devices.

Page 20 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Basic SNMP Configuration (1)
1. Enable the SNMP agent function.

[Huawei] snmp-agent

2. Set the SNMP version.

[Huawei] snmp-agent sys-info version [v1 | v2c | v3]


You can configure the SNMP version as required. However, the protocol version used on the device must be the same as that
used on the NMS.
3. Create or update MIB view information.
[Huawei] snmp-agent mib-view view-name { exclude | include } subtree-name [mask mask]

4. Add a new SNMP group and map users in this group to the SNMP view.

[Huawei] snmp-agent group v3 group-name { authentication | noauth | privacy } [ read-view view-name | write-view view-
name | notify-view view-name ]

This command is used to create an SNMP group of the SNMPv3 version and specify the authentication and encryption mode
and one or more of read-only view, read-write view, and notification view. It is a mandatory command on networks that require
high security.

Page 21 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Basic SNMP Configuration (2)
5. Add a user to the SNMP group.

[Huawei] snmp-agent usm-user v3 user-name group group-name

6. Configure an authentication password for an SNMPv3 user.

[Huawei] snmp-agent usm-user v3 user-name authentication-mode { md5 | sha | sha2-256 }

7. Configure the SNMPv3 user encryption password.

[Huawei] snmp-agent usm-user v3 user-name privacy-mode { aes128 | des56 }

8. Set parameters for the device to send traps.

[Huawei] snmp-agent target-host trap-paramsname paramsname v3 securityname securityname { authentication |


noauthnopriv | privacy }

Page 22 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Basic SNMP Configuration (3)
9. Configure the target host of traps.

[Huawei] snmp-agent target-host trap-hostname hostname address ipv4-address trap-paramsname paramsname

10. Enable all trap functions.

[Huawei] snmp-agent trap enable

Note that this command is used only to enable the device to send traps. This command must be used together with the snmp-
agent target-host command. The snmp-agent target-host command specifies the device to which traps are sent.

11. Configure the source interface that sends traps.

[Huawei] snmp-agent trap source interface-type interface-number

Note that a source IP address must have been configured for the interface that sends traps.

Page 23 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
SNMP Configuration Example (Network Device
Side)

GE0/0/1
NMS R1 R1configuration:
192.168.1.10 [R1]snmp-agent
Managed device [R1]snmp-agent sys-info version v3
[R1]snmp-agent group v3 test privacy
• Enable SNMP on R1and set the SNMP version to SNMPv3. [R1]snmp-agent usm-user v3 R1 test authentication-mode md5
• Set the SNMPv3 group name to test and encryption HCIA@Datacom123 privacy-mode aes128 HCIA-Datacom123
authentication mode to privacy. [R1]snmp-agent target-host trap-paramsname param v3
• Create an SNMPv3 user named R1 and set the authentication securityname sec privacy
and encryption passwords to HCIA-Datacom123. [R1]snmp-agent target-host trap-hostname nms address
• Create a trap parameter named param and set securityname 192.168.1.10 trap-paramsname param
to sec. [R1]snmp-agent trap source GigabitEthernet 0/0/1
• Set the IP address of the SNMP target host to 192.168.1.10. [R1]snmp-agent trap enable
• Enable the trap function and specify GE 0/0/1 as the source Info: All switches of SNMP trap/notification will be open.
interface that sends traps. Continue? [Y/N]:y

Page 24 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Contents
1. Basic Concepts of Network Management and O&M
2. Traditional Network Management
3. Network Management Based on Huawei iMaster NCE

Page 25 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Transformation and Challenges of the Network
Industry
 With the advent of the 5G and cloud era, innovative services such as VR/AR, live streaming, and autonomous driving are emerging,
and the entire ICT industry is booming. At the same time, the traffic of the entire network also increases explosively. Huawei Global
Industry Vision (GIV) predicts that the amount of new data will reach 180 ZB by 2025. Moreover, the dynamic complexity of
services makes the entire network more complex.
 Such challenges can only be overcome by constructing automated and intelligent network systems centered on user experience.

Autonomous driving

Live streaming
VR/AR

Traditional networks are


overloaded.

Page 26 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Huawei iMaster NCE
 Huawei iMaster NCE is a network automation and intelligence platform that integrates management, control,
analysis, and AI functions.
• In terms of management and control, iMaster NCE allows
Cloud platform & application
you to:
▫ Manage and control traditional devices through traditional
iMaster NCE technologies such as CLI and SNMP.
Open API ▫ Manage and control SDN-capable networks through
Intent engine NETCONF (based on the YANG model).

Management Control Analysis • iMaster NCE collects network data through protocols such
as SNMP and telemetry, performs intelligent big data
Unified cloud-based platform
analysis based on AI algorithms, and displays device and
network status in multiple dimensions through dashboards
CLI/SNMP NETCONF/YANG Telemetry
and reports, helping O&M personnel quickly detect and
Traditional handle device and network exceptions and ensuring normal
SDN-capable network devices
devices running of devices and networks.

Page 27 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
NETCONF Overview
 NETCONF provides a network device management mechanism. You can use NETCONF to add, modify, or delete
configurations of network devices, and obtain configurations and status of network devices.

NETCONF requires that


NETCONF has three objects: messages exchanged between a
client and server be encoded
▫ NETCONF client NETCONF client using XML.
▫ NETCONF server NETCONF message
▫ NETCONF message Network
exchange

NETCONF server
Device
Device 1 Device 2 Device 3

Page 29 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
NETCONF Advantages
Function NETCONF SNMP CLI

Machine-machine interface: The interface definition is complete Machine-to- Man-machine


Interface type
and standard, and the interface is easy to control and use. machine interface interface

High: Object-based modeling is supported. Only one interaction is


Operation
required for object operations. Operations such as filtering and Medium Low
efficiency
batch processing are supported.

Scalability Proprietary protocol capabilities can be extended. Weak Moderate

Supports transaction processing mechanisms such as trial running, Partially


Transaction Not supported
rollback upon errors, and configuration rollback. supported

Only SNMPv3
Secure Multiple security protocols: SSH, TLS, BEEP/TLS, and
supports secure SSH
transmission SOAP/HTTP/TLS
transmission.

Page 30 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Typical NETCONF Interaction
SSH connection

RP
C
<?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id=
"101">
<edit-config> This operation is to modify
configuration.
<target> RPC-Reply
<running/>
</target>
<config> <?xml version="1.0" encoding="UTF-8"?>
<rpc-reply message-id="101"
Configuration content in XML format
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
</config>
<ok/> Modified successfully.
</edit-config>
</rpc-reply>
</rpc>

Page 31 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
YANG Language Overview
 Yet Another Next Generation (YANG) is a data modeling language that standardizes NETCONF data content.
 The YANG model defines the hierarchical structure of data and can be used for NETCONF-based operations. Modeling objects
include configuration, status data, remote procedure calls, and notifications. This allows a complete description of all data exchanged
between a NETCONF client and server.

A model is an abstraction and expression of things.

A data model is an abstraction and expression of data features.

Name, gender, height, Interface, routing


weight, age, skin protocol, IP address,
color... routing table...

Person Router

Page 32 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
YANG and XML (1)
 A YANG file is loaded on the NETCONF client (such as the NMS or SDN controller).
 The YANG file is used to convert data into XML-format NETCONF messages before they are sent to the device.

list server { <server>


name="smtp"
key "name"; <name>smtp</name>
ip=192.0.2.1
unique "ip port"; <ip>192.0.2.1</ip>
port=25
leaf name { <port>25</port>
type string; </server>
}
leaf ip { + name="http"
ip=192.0.2.1
=
<server>
<name>http</name>
type inet:ip-address; port= <ip>192.0.2.1</ip>
} </server>
leaf port { <server>
type inet:port-number; name="ftp"
<name>ftp</name>
} ip=192.0.2.1
<ip>192.0.2.1</ip>
} port=
</server>
YANG file Data XM
L
Page 33 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
YANG and XML (2)
 A YANG file is loaded on the NETCONF server (such as a router or switch).
 The YANG file is used to convert received XML-format NETCONF messages into data for subsequent processing.

<server> list server { name="smtp"


<name>smtp</name> key "name"; ip=192.0.2.1
<ip>192.0.2.1</ip> unique "ip port"; port=25
<port>25</port> leaf name {
</server> type string;
<server>
<name>http</name> + }
leaf ip {
=
name="http"
ip=192.0.2.1
<ip>192.0.2.1</ip> type inet:ip-address; port=
</server> }
<server> leaf port {
<name>ftp</name> type inet:port-number; name="ftp"
<ip>192.0.2.1</ip> } ip=192.0.2.1
</server> } port=

XM YANG file Data


L
Page 34 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Telemetry Overview
 Telemetry, also called network telemetry, is a technology that remotely collects data from physical or virtual devices at a high speed.
 Devices periodically send interface traffic statistics, CPU usage, and memory usage to collectors in push mode. Compared with the
traditional pull mode, the push mode provides faster and more real-time data collection.

SNMP Telemetry
e.
e to the CPU usag
usage 1. Subscrib
Req ue st C P U Period: 1s

Time 1,
usage 1
Time 1,
u
T > 5 min
sage 1
T < 1s
2.
PU usage Time 2,
Request C "Pull" "Subscription usage 2
and push"
Time 2,
u sage 2
Time 3,
usage 3
e st C P U usage 3.
Req u
Telemetry supports
data collection
Time 3, Time n,
u sage 3 at the level of subseconds. u sage n

Page 35 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Quiz
1. (Single) On an SNMP-based network, which of the following runs the management process to manage the managed
devices? ( )
A. NMS

B. Agent process

C. MIB

D. SNMP

2. (Single) In SNMPv1, which of the following operations is used by a managed device to report traps? ( )
A. Get-Request

B. Set-Request

C. Trap

D. Response

Page 36 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Quiz
3. YANG is a data modeling language. ( )
A. True

B. False

4. Telemetry supports data collection at the level of subseconds. ( )


A. True

B. False

Page 37 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Summary
 With the development of network technologies, more and more network management and O&M
methods are available. The common methods are as follows:
▫ CLI mode or web system

▫ SNMP

▫ Huawei iMaster NCE's intelligent O&M platform (covering management, control, and analysis)

Page 38 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.
Thank You
www.huawei.com

Page 39 Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.

You might also like