720 likes | 845 Views
CCM 4300 Lecture 6 Computer Networks: Operation and Application Dr E. Ever School of Computing Science. Session Content I. ||| Recap of last session ||| introduction to network management - motivation - major components ||| Internet network management framework
E N D
CCM 4300 Lecture 6 Computer Networks: Operation and Application Dr E. Ever School of Computing Science
Session Content I ||| Recap of last session ||| introduction to network management - motivation - major components ||| Internet network management framework - MIB: management information base - SMI: data definition language - SNMP: protocol for network management • security and administration
Session Content II ||| Introduction to Electronic-mail system ||| Simple Mail Transport Protocol (SMTP) -overview -message formats and representation ||| Mail Access protocols -overview of POP3 and IMAP ||| Domain Name server 3 3
Lesson objectives • At the completion of this lesson you should be able to • - define and describe what is Network Management • understand the functions and protocols of network management • FCAPS SNMP • - understand the Internet-mail system • - understand what DNS is • - describe different method of finding • addresses from the Internet directory server
What is network management? ||| Network Management as a term has many definitions dependent on whose operational function is in question (i.e. fault management, accounting management, etc) Network management includes the deployment, integration, and coordination of the hardware, software, and human elements to monitor, test, poll, configure, analyse, evaluate and control the network and element resources to meet the real-time, operational performance, and Quality of Service (QoS) requirements at a reasonable cost. Computer Networking: A Top-Down Approach Featuring the Internet 2007 5 5
What is network management? - cont Network management is the process of operating, monitoring, controlling the network to ensure it works as intended and provides value to its users. Business Data Communications and Networking 2006 ||| In general, network management is a service that employs a variety of tools, applications, and devices to assist human network managers in monitoring and maintaining networks. ||| The aim of Network Management is to ensure an almost 100% availability of the network resources. 6 6
Why is network management important? ||| autonomous systems: 100s or 1000s of interacting hardware/software components |||other complex systems requiring monitoring, control: - jet airplane - nuclear power plant What can network management be used to ensure 100% service? • Failure of an interface card • Host monitoring • Monitoring traffic to aid in resource deployment • Monitoring of Service Level Agreements (SLAs) • Intrusion Detection 7 7
ISO - FCAPS ||| The International Organization for Standardization (ISO) defined a conceptual model for describing the key functional areas of network management as described in the X.700: ||| The OSI system management framework provides: - an overall management model - a generic information model - guidelines for the definition of managed objects and - a management protocol for the purpose of exchanging management information between two open system ||| The Management Functions have been classified into Five Management Functional Areas: Fault Management; Configuration Management; AccountingManagement; Performance Management; Security Management (FCAPS) 8 8
ISO – FCAPS - cont |||Fault Management: provides facilities that allow network managers to discover faults in managed devices, the network, and network operation, to determine their cause and to take remedial action (i.e. log, detect and respond) To enable this, fault management provides mechanisms to: - report the occurrence of faults - log reports - perform diagnostic tests - correct faults (possibly automatically) |||Configuration Management: allows a network manager to track which devices are on the managed network and the hardware and software configuration of these devices. 9 9
ISO – FCAPS – cont….. |||Accounting Management: measures network utilisation of individual users or groups to: - Provide billing information - Regulate users or groups - Help keep network performance at an acceptable level |||Performance Management: measures various aspects of network performance including the gathering and analysis of statistical data about the system so that it may be maintained at an acceptable level (e.g. throughput). Performance management provides the ability to: - obtain the utilisation and error rates of network devices - provide a consistent level of performance by ensuring that devices have a sufficient capacity. |||Security Management: controls access to network resources so that information can not be obtained without authorisation [e.g. firewall, intrusion detection system(IDS), etc] 10 10
Infrastructure for network management |||Using human analogy as an example to understand the infrastructure needed for network management The Branch Offices Director of Company Branch Manager activities budget productivity 11 11
Infrastructure for network management - cont |||There are three principle components of a network management architecture: • the managing entity(the boss): locus of activity for network management - it controls collection, processing, analysis, and/or display of network management information • the managed device(the branch office): piece of network equipment (including software) that resides on a managed network • host, router, printer, etc…. • within managed device, there may be managed objects (e.g. NIC) • managed objects information stored in Management Information Base (MIB) • resident in each managed device is a network management agent (the branch manager) • The network management protocol (standard reports and one-on-one dialogues): runs between the managing entity and managed devices 12 12
data data data data Infrastructure for network management - cont managing entity agent managed devices contain managed objects whose data is gathered into a Management Information Base (MIB) managing entity data managed device agent network management protocol managed device agent agent managed device managed device 13 13
Question? • Which of the following are not functions of network management? • A. Fault Management • B. Control Management • C. Configuration Management, • D. Process Management • E. Performance Management 14 14
OSI CMIP (Common Management Information Protocol) - defined by the Int. Telecom. Union ITU -T X.700 |||Common Management Information Protocol |||designed 1980’s in competition with SNMP: the unifying network management standard |||too slowly standardisedbecause of the complexity and resource requirements of its agents and management systems The Internet SNMP: Simple Network Management Protocol |||Internet roots - Simple Gateway Monitoring Protocol(SGMP) allows commands to be issued to application protocol entities to set or retrieve values (integer or octet string types) for use in monitoring the gateways on which the application protocol entities reside |||started simple |||deployed, adopted rapidly |||growth: size, complexity |||currently: SNMP V3 |||de facto network management standard Network Management standards Both are designed to be independent of vendor-specific products and networks 15 15
SNMP overview |||Simple Network Management Protocol is an Application layer protocol. ||| Part of the TCP/IP protocol suite. ||| Basic Components of SNMP (i.e. modular by design): • Manager • Agent • Management Information Base (MIB) 16 16
MIB MIB SNMP overview - cont 17 17
SNMP overview - cont When describing any framework for network management need to address: ||| What (from a semantic view point) is being monitored? And what form of control can be exercised by the network administrator |||What is the specific form of the information that will be reported and/or exchanged |||What is the communication protocol for exchanging this information? 18 18
SNMP overview: 4 key parts ||| Management information base (MIB): - distributed information store of network management data (no. of IP datagram discarded, CSMA errors in an NIC, descriptive info. of software version, etc.) ||| Structure of Management Information (SMI): - data definition language for MIB objects (i.e. data types, rules for writing and revising info, etc) ||| SNMP protocol - convey manager<->managed object info, commands ||| Security, administration capabilities - major addition in SNMPv3 19 19
||| Database containing the information about the elements to be managed. ||| MIBsuse the notation defined by ASN.1(Abstract Syntax Notation One) - A standard and flexible notation that describes data structures for representing, encoding, transmitting, and decoding data [similar to Extensible Markup Language (XML) ] Structure of Management Information Version 2 (SMIv2)" RFC 2578 ||| Each resource to be managed is referred as an object. ||| Network manager monitors the resource by reading the values of the objects and controls the objects by modifying these values. ||| Associated with each object in the MIB is an identifier called the OBJECT IDENTIFIER. -It is used for naming the object. -It is a unique identifier for a particular object type and its value consists of a sequence of numbers. Management Information Base (MIB) 20 20
Object Identifiers (OIDs) ||| OID is a numeric string that is used to uniquely identify an object: - It is created by self-extending a private enterprise number that an institution has acquired. ||| Typical objects that can be identified using OIDs include attributes in MIBS for network management and encryption algorithms: - Example, as the university defines attributes for local use within directories it will need OID’s to identify these attributes. ||| OIDs are a managed hierarchy starting with ISO and ITU (International Telecommunication Union): - ISO and ITU delegate OID management to organizations by assigning them OID numbers; these organizations can then assign OIDs to objects or further delegate to other organizations. 21
Object Identifiers (OIDs) - continued ||| OIDs are associated with objects in protocols and data structures defined using ASN.1: - OIDs that define data structures and protocol elements are generated and processed by client and server software. ||| OIDs are intended to be globally unique: - They are formed by taking a unique numeric string (e.g. 1.3.5.7.9.24.68) and adding additional digits in a unique fashion > e.g. 1.3.5.7.9.24.68.1, 1.3.5.7.9.24.68.2, 1.3.5.7.9.24.68.1.3, etc.) ||| An institution will acquire an arc (e.g. 1.3.5.7.9.24.68) and then extend the arc (called subarcs) as indicated above to create additional OID’s and arcs. There is no limit to the length of an OID, and virtually no computational burden to having a long OID 22
SNMP Manager SNMP Agent Application Layer (SNMP) Application Layer (SNMP) Transport Layer (UDP) Transport Layer (UDP) Network Layer (IP) Network Layer (IP) Data Link Layer (10BaseT) Data Link Layer (10BaseT) Transmission Medium Example of Request-Response Message Manager requires Agent's System Name and prepares a GET message for the appropriate OID. It then passes the message to the UDP layer. The UDP layer adds a data block that identifies the manager port to which the response packet should be sent and the port on which it expects the SNMP agent to be listening for messages. Packet is then passed to the IP layer, where a data block with IP and MAC addresses of the manager and the agent is added before assembled packet passes to the Data Link layer. The Data Link layer verifies media access and availability and places the packet on the media for transmission 23
SNMP Manager SNMP Agent Application Layer (SNMP) Application Layer (SNMP) Transport Layer (UDP) Transport Layer (UDP) Network Layer (IP) Network Layer (IP) Data Link Layer (10BaseT) Data Link Layer (10BaseT) Transport Medium Example of Request-Response Message Packet arrives at the agent. Passes through the same four layers in exactly the opposite order to the SNMP manager. It is extracted from the media. After confirming the packet is intact and valid, the Data Link layer passes it to IP layer. IP layer verifies MAC and IP address, passes it on to UDP layer where the target port is checked for connected applications. If an application is listening at the target port, the packet is passed to the Application layer. If the listening application is the SNMP agent, the GET request is processed. The agent response then follows the identical path in reverse to reach the manager. 24
SNMP Naming question: how to name every possible standard object (protocol, data, more..) in every possible network standard?? answer: ISO Object Identifier tree: • hierarchical naming of all objects: they are, basically, strings of numbers allocated in a hierarchical manner • each branch point has name, number 1.3.6.1.2.1.7.1 udpInDatagrams UDP MIB2 management ISO ISO-ident. Org. US DoD Internet 26 26
OSI Object Identifier (OID) Tree Arcs of OID tree 1 - ISO assigned OIDs 1.3 - ISO Identified Organization 1.3.6 - US Department of Defence 1.3.6.1 - OID assignments from Internet 1.3.6.1.2 - IETF (Internet Engineering Task Force) Management 1.3.6.1.2.1 - SNMP MIB2 1.3.6.1.2.1.7 - udp 1.3.6.1.2.1.7.1 – udpInDatagrams (Total number of UDP datagrams delivered to UDP users udpInErrors(3) udpTable(5) udpInDatagrams (1) udpNoPorts (2) udpOutDatagrams (4)
SNMP protocol Two ways to convey MIB info, commands: • The trap message is sent by the management agent to the managing entity (and requires no response from the managing entity). • A request-response message is sent by the managing entity, with the response coming back from the management. 28 28
request managing entity managing entity data data trap msg response agent agent Managed device Managed device request/response mode trap mode SNMP protocol Overhead? Lost Messages? Response time? Two ways to convey MIB info, commands: 29 29
SNMPv2 protocol: message types Message type (PDU Protocol data unit) Function GetRequest GetNextRequest GetBulkRequest Mgr-to-agent: “get me data” (instance,next in list, block) InformRequest Mgr-to-Mgr: here’s MIB value SetRequest Mgr-to-agent: set MIB value Agent-to-mgr: value, response to Request Response Agent-to-mgr: inform manager of exceptional event Trap 30 30
SNMP security and administration • ||| SNMP v1 and v2 implementations employ plaintext passwords, known as “community strings,” to enable authentication services • Use of plaintext is inherently insecure. It allows an eavesdropper to run a sniffer, learn the SNMP community string and “become” an administrator. In turn, the eavesdropper can perform any action permitted by SNMP, including the manipulation of network devices. • ||| SNMPv3 adds security to the protocol -- not as a replacement for earlier versions of SNMP, but as an added feature set. • ||| SNMPv3's security header implements the User Security Model (USM), which provides confidentiality, integrity, authentication and access controlfor network management communications.
SNMP security and administration-continued • |||Confidentiality is provided through the use of Data Encryption Standard (DES) which is quite an advantage over plaintext. • |||Integrity service is provided through the use of the Hashed Message Authentication Code algorithm in conjunction with one of two secure hash functions: • MD5 [a 128-bit message digest from data input (which may be a message of any length) that is as unique to that specific data as a fingerprint is to the specific individual] or • the Secure Hash Algorithm (SHA-1). Hash algorithms compute a fixed-length digital representation (known as a message digest) of an input data sequence (the message) of any length. e.g., the domain is "flattened" and "chopped" into "words" which are then "mixed" with one another using carefully chosen mathematical functions. • Use of the hashes ensures that the SNMP devices know the communication wasn't altered while in transit (either accidentally or maliciously).
SNMP security and administration-continued • |||SNMPv3's User Security Model (USM) also allows for user-based authentication and access control. • |||Administrators can create specific accounts for each SNMP user and grant privileges through those user accounts: • For example, you might grant an operator the ability to monitor device status, but reserve modification privileges for network engineers. This has a significant impact on the security of the system by increasing accountability for user actions. It also facilitates the exclusion of a user from the system without requiring the reconfiguration of all SNMP devices
? Email: an introduction ||| Electronic mail (or e-mail) was one of the earliest applications on the Internet and is still among the most heavily used today ||| From a general perspective, e-mail refers to the concept of creating, sending, and storing messages or documents electronically. ||| Why is e-mail more popular then your regular “snail mail”? • Fast delivery compared to regular post and can include HTML formatted text, images, sound and even video • Cost – e-mail cost virtually nothing compared to regular post or telephone call charge • E-mail can substitute for the telephone – avoiding the process of repeatedly exchanging voice mail messages • Effective for people working in different time zones. 35
Email Introduction - cont ||| Nearly every computer system has a program that servers as an interface for e-mail service called user agents (sometimes referred to as e-mail reader) - compose, read, save, forward, etc ||| In addition, a local system’s e-mail service also supports background process - how incoming and outgoing e-mail messages are stored - how users are presented with incoming e-mail - how often delivery of out going messages is attempted ||| The only activity that is not performed by the local user agent is message deliveryacross a network, which is defined by a mail application protocol ||| Three commonly used standard for message delivery are SMTP (Simple Mail Transfer Protocol), X.400 and Common Messaging Calls (CMC) 36 36
||| Three major components: user agent, mail servers, and the SMTP Internet–mail system • Mail Servers ||| mailboxcontains incoming messages (yet to be read) for user ||| messagequeue of outgoing (to be sent) mail messages ||| smtp protocolbetween mail servers to send email messages (i.e. two sides a client side and server side) - client: sending mail server - “server”: receiving mail server Outgoing message queue 37 37 User mailbox
Remember: Three major components: user agents mail servers simple mail transfer protocol: SMTP User Agent (UA) also called “mail reader” composing, editing, reading mail messages; e.g., Eudora (e-mail client used on MS Windows and Apple Mac operating systems), Outlook, elm (e-mail client used on Unix), Netscape Messenger outgoing, incoming messages stored on server user agent user agent user agent user agent user agent user agent SMTP SMTP SMTP mail server mail server mail server outgoing message queue user mailbox Electronic Mail - user agent 38 38
Mail Servers mailbox contains incoming messages for user messagequeue of outgoing (to be sent) mail messages SMTP protocol between mail servers to send email messages client: sending mail server “server”: receiving mail server user agent user agent user agent user agent user agent user agent SMTP SMTP SMTP mail server mail server mail server Electronic Mail: mail servers 39 39
||| Uses to reliably transfer e-mail message from client toserver, port 25 ||| Direct transfer: sending server to receiving server (i.e. does not normally use intermediate mail servers) ||| Three phases of transfer - handshaking (greeting) -transfer of messages Closure ||| Command/response interaction - commands: ASCII text - response: status code (HTTP response) and phrase (a three-digit number) ||| Messages must be in TEXT, TEXT DOS or 7-bit ASCII (American Standard Code for Information Interchange) - meaning it uses patterns of seven binary digits (a range of 0 to 127 decimal) to represent each character - - 1 extra bit for parity digit or check bit Internet SMTP Electronic Mail: SMTP [RFC 2821] TCP 40 40
Alice’s mail server Bart’s mail server mail mail mail mail server server server server Internet SMTP Basic Operation of SMTP • Alice invokes her user agent for e-mail, provides e-mail address (e.g. bart@ mdx.ac.uk) compose and then sends the message via user agent • Alice’s user agent sends message to her email server - placed in a message queue • The client side of SMTP opens a TCP connection to an SMTP server • After some initial SMTP handshaking, the SMTP client sends Alice’s message into the TCP connection • At Bart’s mail server host, the server side of SMTP receives the message - places the message in Bart’s mailbox • Bart invokes his user agent to read the message at his convenience 41 41
Sample SMTP Interaction ||| Example transcript between client (C) {Jay@laa.ly} and server (S) {tim@mdx.ac.uk} assoon as the TCP connection is established ||| Commands issued by client: HELO – identifies SMTP sender to SMTP receiver MAIL FROM – begins mail exchange by identifying originator RCPT TO – identifies mail recipient DATA – signifies message follows QUIT – Ends current session ||| Reply codes issued by server: 220- Service ready 221- Closing transmission 250 – Requested action ok 354 – end with <crlf>.<crlf> S: 220 tim.mdx.ac.uk C: HELO laa.ly S: 250 Hello laa.ly, pleased to meet you C: MAIL FROM: <jay@laa.ly> S: 250 jay@laa.ly... Sender ok C: RCPT TO: < tim @mdx.ac.uk> S: 250 tim@mdx.ac.uk ... Recipient ok C: DATA S: 354 Enter mail, end with "." on a line C: Do you like ketchup? C: How about pickles? C: . S: 250 Message accepted for delivery C: QUIT S: 221 tim@mdx.ac.uk closing connection 42 42
1) Alice uses UA to compose message “to” bob@someschool.gov.uk 2) Alice’s UA sends message to her mail server; message placed in message queue 3) Client side of SMTP opens TCP connection with Bob’s mail server 4) SMTP client sends Alice’s message over the TCP connection 5) Bob’s mail server places the message in Bob’s mailbox 6) Bob invokes his user agent to read message user agent user agent mail server mail server Scenario 2: Alice sends message to Bob 1 2 6 3 4 5 43 43
Sample SMTP interaction S: 220 mdx.ac.uk C: HELO clubs.ly S: 250 Hello clubs.ly, pleased to meet you C: MAIL FROM: <alice@clubs.ly> S: 250 alice@clubs.ly... Sender ok C: RCPT TO: <bob@mdx.ac.uk> S: 250 bob@mdx.ac.uk ... Recipient ok C: DATA S: 354 Enter mail, end with "." on a line by itself C: Hi, my name is ….. C: how about if we meet in …. C: . S: 250 Message accepted for delivery C: QUIT S: 221 mdx.ac.uk closing connection 44 44
SMTP uses persistent connections – i.e.,using the same TCP connection to send and receive multiple HTTP requests/responses, as opposed to opening a new connection for every single request/response pair SMTP requires message (header & body) to be in 7-bit ASCII SMTP server uses CRLF.CRLF(Carriage Return and Line Feed) to determine end of message because the dialogue is character based Comparison with HTTP: HTTP: pull whileSMTP: push both have ASCII command/response interaction, status codes HTTP: each object encapsulated in its own response msg SMTP: multiple objects sent in multipart msg SMTP: Recap 45 45
SMTP: protocol for exchanging email msgs RFC 822: standard for text message format: header lines, e.g., To: From: Subject: differentfrom SMTP commands! body the “message”, ASCII characters only Mail message format header blank line body 46 46
MIME: Multimedia Mail Extension, RFC 2045, 2056 additional lines in msg header declare MIME content type From: alice@clubs.ly To: bob@mdx.ac.uk Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: image/jpeg base64 encoded data ..... ......................... ......base64 encoded data Message format: multimedia extensions MIME version method used to encode data multimedia data type, subtype, parameter declaration encoded data 47 47 MIME: Multipurpose Internet Mail Extensions
||| Text -textual information ||| Image -image data ||| Audio -audio data |||Video - video data MIME(Multipurpose Internet Mail Extensions)Types ||| The Content-Type field is used to specify the nature of the data in the body of a MIME entity, by giving the media type and subtype names. ||| Currently there are 7 top-level types defined: ||| Application - any application-specific data that doesn't fall into the previous categories |||Multipart -an encoding that allows multiple items, potentially of different types, to be concatenated together (this is how mail messages with attachments are sent) |||Message -an e-mail message, mostly used with the RFC822 subtype 48 48
MIME(Multipurpose Internet Mail Extensions)Types - continued ||| For each of the 7 types, there is a list of associated subtypes, such as text/html, text/xml and text/plain that are dependent on the top type. Five of these types is as follows: ||| Text -example subtypes: plain, html ||| Image -example subtypes: jpeg, gif ||| Audio -requires an audio output device to render the contents -example subtypes: basic (8-bit mu-law encoded), 32kadpcm (32 kbps coding) ||| Video -example subtypes: mpeg, quicktime ||| Application - other data that must be processed by reader before “viewable” - example subtypes: msword. mspowerpoint, etc
||| Just as a web page, an e-mail message can contain many objects too ||| Internet e-mail, places all the objects (or “parts”) in the same message ||| When multimedia message contains more than one object (e.g. images, ASCII text and some images), the message typically has Content-type: multipart/mixed ||| This content type header line indicates to the receiving agent that the message contains multiple objects ||| Receiving agent needs a means to determine - where each object begins - how each non ASCII was transfer-encoded - the content type of each message |||This is done by placing boundary characters between each object and preceding each object in the message with Content-type and Content-Transfer-Encoding: header lines Multipart Type 50 50