TDC597 Linuxbased Network Management Lecture Five

1
TDC597Linux-based Network ManagementLecture
Five

• James T. Yu, Ph.D.
• jyu_at_cs.depaul.edu
• School of CTI
• DePaul University

2
What is Network?

• Network
• Collection of computers connected together to
  share networks resources
• Network (bandwidth)
• Hardware/device (printer, CD-ROM, Tape)
• Software (file, data, application)
• Local Area Network (LAN)
• Wide Area Network (WAN)

3
The Simplest Network
RJ-45 UTP Cross-over cable
4
The Internet
Internet
ISP1
ISP2
ISP3
Home
SOHO
EnterpriseA
EnterpriseB
LANI
LANII
LANIII
5
Switched Ethernet
IP
IP
MAC
MAC
MAC
PHY
PHY
PHY
6
Ethernet Switch Cisco 2960
7
Switch MAC Forwarding Table
8
IP Routing
IP
IP
IP
MAC
MAC
MAC
PHY
PHY
PHY
9
Cisco 2600 Router
10
Router IP Routing Table
11
Routing Table required on any station
12
ARP TableMapping IP Address to MAC Address
13
Network Management

• Manage the network to meet a set of requirements
  defined by end-users.
• Manage monitor, configure, provision, test,
  trouble shoot, administer, etc.
• Managed objects equipment (hardware, software,
  documents), users, physical links, service
  providers, etc.
• Equipment cost vs. Management Cost
• network management cost is a lot more than
  equipment cost.

14
Five Areas of Network Management
F-C-A-P-S
15
Fault Management

• The process of detecting, locating, diagnosing,
  isolating, and correcting network problems.
• To increase network reliability
• Reactive and proactive schemes

If a link fails, how quickly can you be
informed? Do you rely on users to tell you? How
quickly can you resolve the problem?
16
Configuration Management
link configuration

• The process of obtaining data from the network
  and using the data to configure network elements.
• Efficient access to network configuration
  information.
• Facilitate remote configuration and provisioning
• network inventory

interface configuration
element configuration
17
Accounting Management

• Measuring network resource usage for individual
  users or groups.
• The data is used to check quotas, determine the
  cost, and bill the users.
• Accounting reports for individual users and
  groups
• Monitor and track
• Network management cost
• External billing
• 3rd party billing

port usage
link usage
18
Performance Management
port utilization

• Ensure network connectivity and service quality
  as specified in Service Level Agreement (SLA)
• Continuous monitor of network performance.
• Performance report to users.
• Performance analysis of network traffic trend,
  and projection of potential network bottlenecks.

link utilization
element utilization CPU, memory)
19
Performance Metrics

• Capacity
• Link capacity
• throughput (bps vs. pps)
• Physical vs. virtual links
• System capacity
• CPU, memory, I/O
• Fabric capacity
• Response time
• One-way delay vs. round trip delay
• processing time, transmission time, and queuing
  time
• Jitter
• What is jitter? How does it affect network
  quality?
• Frame loss

20
Security Management

• Protection from unauthorized access to the data
  on the network
• Protection from unauthorized use of the network
  and its resources
• Protection from both internal and external
  sources
• Maintain network functionality and sanity from
  external attacks

LAN1
LAN2
LAN3
21
Access to Network Elements

• When you open the box, the only way to access the
  device is through its console port. You can use
  the terminal emulator (hyper terminal) on Windows
  to access the device.
• After you assign an IP address to this box, you
  can use telnet to access the device.
• ssh is better, if the device supports it.
• You can enable SNMP on the device and use an SNMP
  tool to control/manage the device.
• Most vendors support a web-based interface for
  element management. It is usually based on SNMP,
  and/or proprietary API.
• Almost all commercial GUI tools all based on SNMP.

22
Access to Network Elements

• Local Access (console port)
• Remote Access
• IP (in-band)
• Telnet (or ssh)
• Web
• SNMP
• Terminal Server (out-of-band)
• connect to the console port of NE

Telnet
SNMP
TCP
UDP
IP
IP
MAC
MAC
PHY
PHY
23
Console Interface
Serial Port COM1
Console port
Serial Port COM1
Console port
Windows XP
network elements
24
HyperTerminal Configuration on Windows
25
In-band Network Management(IP-based network
management)
LAN
management LAN-1
network elements
Management LAN is logically separated but
physically an overlay network on the production
network.
26
telnet to a router
27
SNMP
The Simple Network Management Protocol (SNMP) is
an application layer protocol that facilitates
the exchange of management information between
network elements. It is on UDP which is over IP.
SNMP enables network administrators to
manage network performance, find and solve
network problems, and plan for network growth.
SNMP
UDP (161)
IP
Data Link
Physical
28
SNMP Standards

• RFC 1157 SNMP (v1), obsolete 1098
• RFC 1901-1909 SNMP (v2)
• RFC 2273-2275 SNMP (v3)
• Security (authentication) feature
• RFC 1155 Structure of Management Information
  (general framework for MIB)
• RFC 1213 MIB-II for TCP/IP-based Internets
• RFC 1271 RMON
• RFC 1493 MIBs for Bridge
• Many, many more

29
Simple Network Management Protocol (SNMP)
Managed Information
Managed Information
Managed Information
Managed Information
IP Network
Manager
Agent
Network Management Station (NMS)
Managed Device
30
SNMP Operations/Messages
GetRequest (v1)
GetNextRequest (v1)
GetBulkRequest (v2c)
SetRequest (v1)
Manager
GetResponse (v1)
Agent
Trap (v1)
Network Management Station (NMS)
Managed Device
31
SNMP Community String

• Purpose permission to access to MIBs
• Function like an embedded password
• Attributes
• Read-only read all objects of the MIB
• Read/Write read and write all objects of the
  MIB, but not the community string
• Read/Write All all objects of the MIB and
  community string

32
Management Information Base (MIB)

• RMON (Managed Objects for Bridges)
• Bridge MIB (RFC 1493)

33
MIB-II for TCP/IP-based Internets
1.3.6.1.2.1
34
RFC1213 (cont.)
System 1.3.6.1.2.1.1
35
RFC1213 (cont.)
sysDescr 1.3.6.1.2.1.1.1
36
RFC1213 (cont.)
1.3.6.1.2.1.1.3
1.3.6.1.2.1.1.4
1.3.6.1.2.1.1.5
37
Enable SNMP Service on XP
38
Net-NMP for Linux

• An open source package for Linux that provides a
  list of SNMP utilities.
• http//net-snmp.sourceforge.net
• It comes with most Linux installation.
• Sample
• SNMP utilities
• Syntax snmpget options hostname objectID
• Syntax snmpset options hostname objectID type
  value
• Syntax snmpwalk options hostname objectID
• Syntax sanmptrap options hostname trap
  parameters
• Many more
• Reference Appendix C of the book (Essential SNMP)

39
SNMP Demo (Linux)
IP Network
Agent
Manager
snmpd
snmpget v1 c public 192.168.1.6 sysName.0
40
SNMP Demo (Ethernet Bridge)
IP Network
Agent (Catalyst 2950) 192.168.1.1
Manager 140.192.40.4
snmp-server community public
default read only
snmpget v1 c public 192.168.1.1 sysName.0
41
SNMP Demo (Ethernet Bridge)
IP Network
Agent (Catalyst 2950) 192.168.1.1
Manager 140.192.40.4
snmp-server community private rw
snmpset v2c c private 192.168.1.1 sysContact.0
s jyu_at_cs.depaul.edu
42
SNMP Demo (Bridge-MIB)
Lab Exercise create a MAC address table of SW01
from SNMP on LInux04
IP Network
Agent (Catalyst 2950) 192.168.1.1
Manager 140.192.40.4
show mac-address-table
snmpwalk -v2c -c public 192.168.1.1
1.3.6.1.2.1.17.4.3.1.1 snmpwalk -v2c -c public
192.168.1.1 1.3.6.1.2.1.17.4.3.1.2
43
Trap and Alarm

• Network administrator configures a trap on the
  agent.
• A trap defines a specific event on the agent. A
  trap must specify the IP address of the manager.
• When the event occurs, the agent sends an SNMP
  message to the manager.
• The manager (NMS) defines an alarm based on a
  series of events. An alarm also has a severity
  associated with it.

Manager Software
Agent Software
Trap
manager (network management station)
MIB Schema
MIB
MIB
MIB
Agent (managed device)
MIB
MIB
MIB
44
SNMP Trap (Ethernet Bridge)
IP Network
Agent (Catalyst 2950) 192.168.1.1
Manager 192.168.1.4
UDP port162
snmp-server enable traps snmp-server host
192.168.1.4 traps public
snmptrapd o logFile
Listen on UDP162 for trap messages
45
RMON

• Remote network monitoring
• Layer-2
• A standard set of MIBs for network statistics
• Aggregation of statistics on the agent
• A significant improvement over basic SNMP
• Support of an Alarm group to set threshold values.

46
RMON Operation
GetRequest
Manager Software
Agent Software
RMON Application
GetResponse
SetRequest
GetResponse
MIB Schema
MIB
MIB
MIB
Trap
MIB
MIB
MIB
47
RMON MIB Groups1.3.6.1.2.1.16

• rmonTraps (1.3.6.1.2.1.16.0)
• Statistics (1.3.6.1.2.1.16.1)
• History (1.3.6.1.2.1.16.2)
• Alarm
• Hosts
• Matrix
• Filter

• Capture
• Event

48
RMON Demo (Ethernet Bridge)
IP Network
Agent (Catalyst 2950) 192.168.1.1
Manager 140.192.40.4
interface fa0/1 rmon collection stats 1
snmpwalk v2c c public 140.192.40.8
1.3.6.1.2.1.16.1
RMON 16 Statistics 1 (see the previous slide)
49
RMON Advantages

• Efficient and effective operations
• Proactive management
• Fault management
• Threshold values
• Traffic analysis
• Multiple management stations

50
What next?

• Developing a tool (in perl) to show
• IP Routing Table
• MAC Address Table
• ARP Table
• Spanning Tree Table
• Performance reports