TCP/IP Protocol Suite

1
??? ????? ??????? ???????
2
TCP/IP Protocol Suite

• ??????? ?? ?????? TCP/IP ?????? ?? ??? OSI ?????
  ??????. ?????? ???? ?????? TCP/IP ?? ???? ????
  ????? ??? ??? ?????? ?? ????? ???????? ?????? ?
  ??????. ??? ???? TCP/IP ?? OSI ?????? ?? ??? ??
  ???? ??? ?? ????? 5 ???? ??? ??????? ?????
  ???????? ????? ?????? ? ??????.

3
TCP/IP Protocol Suit vs. OSI Model
4
OSI Model and TCP/IP Protocol Suite
5
TCP/IP addressing

• ???? ??? ???????? ?? ?????? TCP/IP??????? ??
  ???
• ??????
• ?????
• ????
• ???? ???? ?????? ??????.

6
TCP/IP addressing
7
Relationship between addressing and layers
8
What is network management?

• Informal definition
• Formal definition

9
What is network management?

• Informal definition
• Network management refers to the activities
  associated with running a network, along with the
  technology required to support those activities.
  A significant part of running a network is simply
  monitoring it to understand what is going on.
• Analogy Health Care (Intensive Care Unit)
• Throwing a party

10
What is network management?

• Formal definition
• Network management refers to the activities,
  methods, procedures, and tools that pertain to
  the operation, administration, maintenance, and
  provisioning of networked systems.

11
What is network management?

• Operation deals with keeping the network (and the
  services that the network provides) up and
  running smoothly. It includes monitoring the
  network to spot problems as soon as possible,
  ideally before a user is affected.
• Administration involves keeping track of
  resources in the network and how they are
  assigned. It deals with all the housekeeping
  that is necessary to keep things under control.
• Maintenance is concerned with performing repairs
  and upgrades.
• Provisioning is concerned with configuring
  resources in the network to support a given
  service.

12
ABC of network management (FCAPS)

• people often group management functions into a
  set of broad categories that are known as Fault,
  Configuration, Accounting, Performance, Security
  (FCAPS)
• Fault
• Configuration
• Accounting
• Performance
• Security

13
F is Fault

• Fault management deals with faults that occur in
  the network, such as equipment or software
  failures, as well as communication services that
  fail to work properly.
• Fault management is therefore concerned with
  monitoring the network to ensure that everything
  is running smoothly and reacting when this is not
  the case.

14
F is Fault

• The most important aspect of network monitoring
  concerns the management of alarms.
• Alarms are unsolicited messages from the network
  that indicate that some unexpected event has
  occurred, which in some cases requires operator
  intervention.
• Unexpected events such as
• router detects that one of its line cards is no
  longer working to a fire alarm
• sudden drop in signal quality on a wireless link
  to a suspected intrusion into the network by an
  unauthorized user.

15
C is Configuration

• Configuration management includes functionality
  to perform operations that will deliver and
  modify configuration settings to equipment in the
  network.

16
A is Accounting

• Accounting management is all about the functions
  that allow organizations to collect revenue and
  get credit for the communication services they
  provide, and to keep track of their use.

17
P is Performance

• Performance management deals with monitoring and
  tuning your network for its performance.

18
S is Security

• management aspects that are related to securing
  your network from threats, such as hacker
  attacks, the spread of worms and viruses, and
  malicious intrusion attempts.

19
Network Management Protocol

• Simple Network Management Protocol (SNMP)
• SNMP v1
• SNMP v2
• SNMP v3

20
What is network monitoring?

• The term network monitoring describes the use of
  a system that constantly monitors a computer
  network for slow or failing components and that
  notifies the network administrator in case of
  outages via email, pager or other alarms. It is
  part of network management.

21
What is network monitoring?

• In network management terms, network monitoring
  is the phrase used to describe a system that
  continuously monitors a network and notifies a
  network administrator through messaging systems
  (usually e-mail) when a device fails or an outage
  occurs. Network monitoring is usually performed
  through the use of software applications and
  tools. At the most basic level, ping is a type of
  network monitoring tool.

22
What is network monitoring?

• The process of obtaining the status and
  configuration information of the various elements
  of a computer system and consolidating that
  information.
• Information consolidation involves
• Preparing reports
• Cleaning of the raw-monitored information
• Consolidation of the monitored information into
  more compact representations

23
Types of Monitored Information

• Status Information
• Not be on
• Turned on and functioning properly
• Turned on but not functioning properly
• Configuration Information
• All modifiable attributes of elements

24
Types of Monitored Information

• Usage Information
• All attributes regarding
• Throughput of elements
• Web server Number of HTTP requests
• Mail server Number of email messages processed
• Router Number of packets transmitted
• Number of active users an element supports
• Performance Statistics
• Performance metrics such as
• Delay
• SNR

25
Types of Monitored Information

• Error Information
• Information about faults and incorrect operations
  at elements
• Topology Information
• Changes to the topology (Why just changes?)

26
Data Collection Techniques

• Passive
• Observes the happenings in the system, via agents
  installed on devices.
• Active
• Sends requests into the system in order to
  retrieve the desired information.

27
Passive Monitoring

• SNMP Traps
• enable an agent to notify the management station
  of significant events by way of an unsolicited
  SNMP message

28
Active Monitoring

• Servers
• Agent-based
• Agent-less
• Networks
• SNMP agents
• Ping
• Trace route

29
Question Answer
30
Active Monitoring

• Applications
• Each application is a manipulator of information
• State of an application
• Set of information the application maintains
• CRUD Transactions
• Read and some types of updates are safe for
  monitoring
• For other transactions
• Use of dummy information
• Dummy bank accounts
• Dummy URLs
• Two canceling transactions
• N canceling transactions
• Recovery mechanisms needed

31
Passive Monitoring

• Applications
• Log files
• Locally processed
• Remotely processed
• Log rotation must be considered
• Proxies
• Servers
• Agents
• Available commands and available standards
• Server overloading must be considered