計算機網(wǎng)絡(luò)第6版課件：Chapter_9 Network Management

1、Chapter 9Network ManagementComputer Networking: A Top Down Approach 6th edition Jim Kurose, Keith RossAddison-WesleyMarch 2012A note on the use of these ppt slides:Were making these slides freely available to all (faculty, students, readers). Theyre in PowerPoint form so you see the animations; and

2、can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following:vIf you use these slides (e.g., in a class) that you mention their source (after all, wed like people to use

3、our book!)vIf you post any slides on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material.Thanks and enjoy! JFK/KWR All material copyright 1996-2012 J.F Kurose and K.W. Ross, All Rights ReservedNetwork Management9-1 Networ

4、k Management9-2Chapter 9: Network ManagementChapter goals: vintroduction to network management motivation major componentsvInternet network management framework MIB: management information base SMI: data definition language SNMP: protocol for network management security and administrationvpresentati

5、on services: ASN.1 Network Management9-3Chapter 9 outlinevWhat is network management?vInternet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and AdministrationvASN.1 Network Management9

6、-4What is network management?vautonomous systems (aka “network”): 1000s of interacting hardware/software componentsvother complex systems requiring monitoring, control: jet airplane nuclear power plant others?Network management includes the deployment, integration and coordination of the hardware, s

7、oftware, and human elements to monitor, test, poll, configure, analyze, evaluate, and control the network and element resources to meet the real-time, operational performance, and Quality of Service requirements at a reasonable cost. Network Management9-5Infrastructure for network managementmanaged

8、devicemanaged devicemanaged devicemanaged devicedefinitions:managed devices containmanaged objects whose data is gathered into aManagement InformationBase (MIB) managingentitydatamanaging entityagent dataagent dataagent dataagent datanetworkmanagementprotocolmanaged deviceagent data Network Manageme

9、nt9-6Network management standardsOSI CMIPvCommon Management Information Protocolvdesigned 1980s: the unifying net management standardvtoo slowly standardizedSNMP: Simple Network Management ProtocolvInternet roots (SGMP)vstarted simplevdeployed, adopted rapidlyvgrowth: size, complexityvcurrently: SNM

10、P V3vde facto network management standard Network Management9-7vWhat is network management?vInternet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and AdministrationvASN.1Chapter 9 outl

11、ine Network Management9-8SNMP overview: 4 key partsvManagement information base (MIB): distributed information store of network management datavStructure of Management Information (SMI): data definition language for MIB objectsvSNMP protocol convey managermanaged object info, commandsvsecurity, admi

12、nistration capabilities major addition in SNMPv3 Network Management9-9SMI: data definition language Purpose: syntax, semantics of management data well-defined, unambiguousvbase data types: straightforward, boringvOBJECT-TYPE data type, status, semantics of managed objectvMODULE-IDENTITY groups relat

13、ed objects into MIB moduleBasic Data TypesINTEGERInteger32Unsigned32OCTET STRINGOBJECT IDENTIFIEDIPaddressCounter32Counter64Guage32Time TicksOpaque Network Management9-10SNMP MIBOBJECT TYPE:OBJECT TYPE:OBJECT TYPE:objects specified via SMIOBJECT-TYPE constructMIB module specified via SMI MODULE-IDEN

14、TITY(100 standardized MIBs, more vendor-specific)MODULE Network Management9-11SMI: object, module examplesOBJECT-TYPE: ipInDeliversMODULE-IDENTITY: ipMIBipInDelivers OBJECT TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION “The total number of input datagrams successfully deliver

15、ed to IP user- protocols (including ICMP)”:= ip 9ipMIB MODULE-IDENTITY LAST-UPDATED “941101000Z” ORGANZATION “IETF SNPv2 Working Group” CONTACT-INFO “ Keith McCloghrie ” DESCRIPTION “The MIB module for managing IP and ICMP implementations, but excluding their management of IP routes.” REVISION “0193

16、31000Z” := mib-2 48 Network Management9-12MIB example: UDP moduleObject ID Name Type Comments. UDPInDatagrams Counter32 total # datagrams delivered at this node. UDPNoPorts Counter32 # underliverable datagrams: no application at port. UDInErrors Counter32 #

17、undeliverable datagrams: all other reasons. UDPOutDatagrams Counter32 # datagrams sent. udpTable SEQUENCE one entry for each port in use by app, gives port # and IP address Network Management9-13SNMP namingquestion: how to name every possible standard object (protocol, da

18、ta, more.) in every possible network standard?answer: ISO Object Identifier tree: hierarchical naming of all objects each branchpoint has name, number.ISOISO-ident. Org.US DoDInternetudpInDatagramsUDPMIB2management Network Management9-14OSI ObjectIdentifier Tree Network Management9-15S

19、NMP protocolTwo ways to convey MIB info, commands:agentdatamanaged devicemanagingentityagentdatamanaged devicemanagingentitytrap msgrequestrequest/response modetrap moderesponse Network Management9-16SNMP protocol: message typesGetRequestGetNextRequestGetBulkRequestMgr-to-agent: “get me data”(instan

20、ce,next in list, block)Message typeFunctionInformRequestMgr-to-Mgr: heres MIB valueSetRequestMgr-to-agent: set MIB valueResponseAgent-to-mgr: value, response to RequestTrapAgent-to-mgr: inform managerof exceptional event Network Management9-17SNMP protocol: message formats.PDUtype(0-3)RequestIDError

21、Status(0-5)ErrorIndexNameValueNameValue.PDUtype4EnterpriseAgentAddrTrapType(0-7)SpecificcodeTimestampName ValueGet/set headerVariables to get/setTrap headerTrap infoSNMP PDU Network Management9-18SNMP security and administrationvencryption: DES-encrypt SNMP message vauthentication: compute, send MIC

22、(m,k): compute hash (MIC) over message (m), secret shared key (k)vprotection against playback: use noncevview-based access control: SNMP entity maintains database of access rights, policies for various users database itself accessible as managed object! Network Management9-19vWhat is network managem

23、ent?vInternet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and AdministrationvThe presentation problem: ASN.1Chapter 9 outline Network Management9-20The presentation problemQ: does per

24、fect memory-to-memory copy solve “the communication problem”?A: not always!problem: different data format, storage conventionsstruct char code; int x; test;test.x = 256;test.code=aa0000000100000011a0000001100000001test.codetest.xtest.codetest.xhost 1 formathost 2 format Network Management9-21A real-

25、life presentation problem:aging 60s hippie2012 teenagergrandmaGroovy!? Network Management9-22Presentation problem: potential solutions1. Sender learns receivers format. Sender translates into receivers format. Sender sends.real-world analogy?pros and cons?2. Sender sends. Receiver learns senders for

26、mat. Receiver translate into receiver-local formatreal-world-analogypros and cons?3. Sender translates host-independent format. Sends. Receiver translates to receiver-local format.real-world analogy?pros and cons? Network Management9-23Solving the presentation problem1. Translate local-host format t

27、o host-independent format2. Transmit data in host-independent format3. Translate host-independent format to remote-host format2012 teenageraging 60s hippiegrandmapresentationservicepresentationservicepresentationservice“Groovy!”“It is pleasing to me!”“It is pleasing to me!”“Cats pajamas!”“Awesome, d

28、ude!”! Network Management9-24ASN.1: Abstract Syntax Notation 1vISO standard X.680 used extensively in Internet like eating vegetables, knowing this “good for you”!vdefined data types, object constructors like SMIvBER: Basic Encoding Rules specify how ASN.1-defined data objects to be transmitted each transmitted object has Type, Length, Value (TLV) encoding Network