PolicyBased Management with SNMP and Comparison with COPSPR - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

PolicyBased Management with SNMP and Comparison with COPSPR

Description:

Trunk. Ethernet. Silver. 100Mb. Autonegotiate. Off. Autonegotiate. Off ... roleString == trunk. fullDuplexMode = ON. ifType == Ethernet && roleString == GOLD ... – PowerPoint PPT presentation

Number of Views:62
Avg rating:3.0/5.0
Slides: 21
Provided by: stevewal
Category:

less

Transcript and Presenter's Notes

Title: PolicyBased Management with SNMP and Comparison with COPSPR


1
Policy-Based Management with SNMP and Comparison
with COPS-PR
  • Steve Waldbusser
  • waldbusser_at_nextbeacon.com
  • 5/16/01

2
Policy Based Management
  • A policy binds an action (simple or complex) to a
    filter rule that determines what elements the
    action should be applied to
  • I.e. if (an element has certain characteristics)
    then (apply operation to that
    element)
  • Alternately if (policyFilter) then (policyAction)

3
A Conceptual policy
Trunk AND Ethernet AND 100Mb
Trunk Ethernet Gold 100Mb
Trunk ATM Gold 45Mb
Trunk Ethernet 100Mb
Access Ethernet Gold 10Mb
Access Ethernet Silver 10Mb
AutonegotiateOff
AutonegotiateOff
Access Ethernet 10Mb
Trunk Ethernet Silver 100Mb
Access Ethernet Gold 100Mb
Trunk Frame 45Mb
Access Frame Gold 512Kb
AutonegotiateOff
Access Frame Silver 512Kb
Access Frame 128Kb
Access Ethernet Bronze 10Mb
Access Ethernet Gold 10Mb
4
A Conceptual policy
Ethernet AND Access AND Gold
Trunk Ethernet Gold 100Mb
Trunk ATM Gold 45Mb
Trunk Ethernet 100Mb
Access Ethernet Gold 10Mb
Access Ethernet Silver 10Mb
DSCP 5
Access Ethernet 10Mb
Trunk Ethernet Silver 100Mb
Access Ethernet Gold 100Mb
Trunk Frame 45Mb
Access Frame Gold 512Kb
DSCP 5
Access Frame Silver 512Kb
Access Frame 128Kb
Access Ethernet Bronze 10Mb
Access Ethernet Gold 10Mb
Access Ethernet Gold 10Mb
Access Ethernet Gold 10Mb
DSCP 5
DSCP 5
.
5
The Policy-Based Management MIB
  • The Policy Management MIB (PM MIB) provides a way
    to describe and install policies for any domain
  • QOS
  • Security
  • Routing
  • etc.
  • PM MIB Policies can manage any type of element
  • Interfaces
  • Circuits
  • Queues
  • Processes
  • Software
  • others...

6
PM MIB Goals
  • Leverage existing infrastructure and tools
  • Resulting simplicity will accelerate time to
    market
  • Leverage existing MIBs
  • Dont start from scratch in our data models
  • Flexibility for real-world policy
  • Simple or complex filters
  • Simple or complex actions
  • Meet operational requirements
  • Policy-based management is very different
  • End-users will need new tools and practices

7
Policy Operation
Policies
(Usually local operations in which SNMP packets
on network are unnecessary)
Existing SNMP MIBs
8
Elements of the Policy MIB Architecture
  • PolicyScript Language
  • Interpreted language that policy filters and
    actions are expressed in
  • Accessor Function Library
  • Standard set of library functions available for
    PolicyScript code
  • PM MIB
  • Objects and attributes that describe policies,
    schedules and supporting information

9
PolicyScript Language
  • Least Common Denominator of C, Perl, C, TCL,
    Python, and Javascript
  • No pointers, structures, typed variables,
    objects, classes, etc.
  • Does contain expressions, variables, looping

10
Accessor Function Library
  • Library of 41 standard functions for policy
    processing
  • Convenience SNMP Functions
  • getvar, exists, setvar, searchcolumn,
    setRowStatus, counterRate, ...
  • General SNMP Functions
  • newPDU, readVar, writeVar, snmpsend
  • Policy Functions
  • roleMatch, elementName, setScratchPad,
    getScratchPad, signalException, getParameters
  • Utility Functions
  • regexp, regexp_replace, oidlen, oidncmp,
    insubtree, subid, substr, ...
  • Library Functions
  • strncmp, strncasecmp, strlen, random, sprintf,
    sscanf
  • Extensible
  • Vendors and others can add new accessor functions
    (e.g., setCLI())

11
policyFilter PseudoCode
  • Pseudocode
  • (is an ethernet
  • AND is operational
  • AND gets gold or silver service)
  • Scripted As
  • (getvar(ifType.) ethernet-csmacd
  • getvar(ifOperStatus.) up
  • (roleMatch("gold") roleMatch("silver")))

12
Execution Example
  • Filter(getvar(ifType.) ethernet-csmacd
  • !(roleMatch("gold")
  • roleMatch("silver")))
  • Action
  • setvar(ifAdminStatus., down(2), Integer)

13
Example Policy
  • Web Hosting Provider gives shell accounts but
    prohibits long-running programs
  • Filter // if it's an application and it's //
    consumed more than 5 minutes of CPU time
    (getvar("hrSWRunType.") 4 // app, not OS
    or driver getvar("hrSWRunPerfCPU.") gt
    30000) // 300 seconds
  • Action // Kill it setvar("hrSWRunStatus.",
    invalid(4), Integer) // invalid(4) kills it

14
MIB Objects
  • Policy Table Contains filter, action, scheduling
    info, execution instructions, debugging info,
    etc.
  • Policy installation consists of creating rows in
    this table

...
  • Other Tables in PM MIB for scheduling, roles and
    capabilities, operational tools, debugging, etc.

15
Protocol Interaction
Initial Configuration
  • No Polling
  • No Traps

Manager
Config Req (Get/Getnext)
Config Data
Policy Installation (Set)
Managed System
Ack
16
Protocol Interaction
Policy Change
  • No Polling
  • No Traps

Manager
Policy Install/Modify (Set)
Ack
Managed System
17
Protocol Interaction
Config State Change
  • No Polling
  • No Traps

State Change (Inform)
Manager
Ack
Managed System
Policy Install/Modify (Set)
Ack
18
Features of Policy MIB
  • Scripting
  • Very flexible and understandable way to express
    policy
  • IT Personnel like the power of scripting
  • Much more flexible than string matching
  • Policies based on operational status
  • Capabilities, status of interface, utilization,
    etc.
  • Allows much more rich sets of policies than using
    human-input strings
  • Scheduling
  • Business calendars M-F 9-5 or Last Friday of
    every month
  • Videoconference from 12PM to 1PM
  • Conflict resolution
  • Follows a precedence tree to find best policy in
    case of conflict
  • COPS punts conflict resolution to the manager
  • Error Recovery
  • Scripting allows you to fallback to an alternate
    mechanism, an alternate policy, or to raise an
    alarm

19
Operational Requirements
  • Tools for Policy Creation
  • Need to allow an engineer to test a policy
  • Answer question will this filter match the
    proper elements?
  • Tools for Ongoing Operations
  • Notifications if a policy undergoes errors
  • When debugging a problem, want to know what
    policies are managing this element
  • May want to disable a policy on an element so
    operator can take back control (limp-home mode)
    until policy is fixed
  • Must document this ad-hoc decision

20
Advantages of the PM MIB
  • Built with existing infrastructure and tools
  • Leverages existing MIBs
  • Flexibility
  • Complete Architecture
  • Includes operational tools
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "PolicyBased Management with SNMP and Comparison with COPSPR" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!