1 / 24

Learning outcomes

Learning outcomes. At the end of this session, you should be able to: Explain the uses of network monitoring Explain the operation of SNMP Differentiate between SNMP and RMON Explain the construction of MIBs Construct a simple network monitoring strategy using SNMP commands and MIBs

shyla
Download Presentation

Learning outcomes

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Learning outcomes At the end of this session, you should be able to: • Explain the uses of network monitoring • Explain the operation of SNMP • Differentiate between SNMP and RMON • Explain the construction of MIBs • Construct a simple network monitoring strategy using SNMP commands and MIBs • Distinguish the advantages and disadvantages of network monitoring Internet Management & Security 06

  2. Introduction Network monitoring and management is used to ensure that: • Resources are operating optimally • As many faults as possible are prevented • Faults are identified and fixed timely Internet Management & Security 06

  3. Introduction SNMP in TCP/IP Remember this? Internet Management & Security 06

  4. Introduction SNMP in TCP/IP and this? Internet Management & Security 06

  5. Network Management Protocols • SNMP is an application layer protocol that facilitates the exchange of management information between network devices. • It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. • SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. Internet Management & Security 06

  6. Introduction SNMP-managed network consists of three key components: managed devices, agents, and network-management systems (NMSs). Internet Management & Security 06

  7. Introduction More accurately…with flow Internet Management & Security 06

  8. Resources & Elements NMS Network Management System (Station) NMA Network Management Agent NMP Network Management Protocol Resources: any device attached to the network. NMA NMA NMA NMS NMA NMA NMA NMA NMA NMA NMA NMA NMS Internet Management & Security 06

  9. SNMP v1 SNMP – Basic Commands Managed devices are controlled using 4 basic commands and traversal operation: • read - command is used by an NMS to monitor managed devices. The NMS examines different variables that are maintained by managed devices. • write - command is used by an NMS to control managed devices. The NMS changes the values of variables stored within managed devices. • Trap - command is used by managed devices to asynchronously report events to the NMS. When certain types of events occur, a managed device sends a trap to the NMS. Internet Management & Security 06

  10. SNMP v1 SNMP – Basic Commands Traversal operations are used by the NMS to determine which variables a managed device supports and to sequentially gather information in variable tables, such as a routing table. Internet Management & Security 06

  11. SNMP v1 SNMP – Simple Network Management Protocol Basic operation: • Polls – NMS query NMAs in devices about specific status and NMAs respond to NMS • Traps – NMAs in devices inform NMS of changes in status (need to be configured) Polls and traps can occur simultaneously Internet Management & Security 06

  12. Network Management Protocols • Network Management Protocols determine how the NMS and the NMAs will work and the information they provide and collect: • SNMP v1 • SNMP v2 • SNMP v3 (not really an NMP) • RMONv1 • RMONv2 Internet Management & Security 06

  13. Structure of Management Information and MIBs • The Structure of Management Information (SMI) is the way in which an NMS organises collected information. • A Management Information Base (MIB) is the way in which an NMA organises the monitored information: • is a collection of information that is organized hierarchically. • MIBs are accessed using a network-management protocol such as SNMP.. Internet Management & Security 06

  14. Structure of Management Information and MIBs • SMI defines the managed objects and MIB is a managed object. • Managed objects are comprised of one or more object instances, which are essentially variables. • Two types of managed objects exist: scalar and tabular: • Scalar objects define a single object instance. • Tabular objects define multiple related object instances that are grouped in MIB tables. Internet Management & Security 06

  15. MIB-II Standard MIBs are defined by the MIB-II RFC (rfc 1213) and address general TCP/IP management information • Interface speeds • Maximum Transfer Unit (MTU) • Octets sent • Octets received (MIB was the original standard but was absorbed by MIB-II) Internet Management & Security 06

  16. SMI object tree Internet Management & Security 06

  17. Other standard MIBs Other standard MIBs have been defined by the standard groups for several purposes: • ATM MIB (RFC 2515) • Frame Relay DTE Interface type MIB (RFC 2115) • Mail Monitoring MIB (RFC 2249) • DNS Server MIB (RFC 1611) Network managers are also able to design ad hoc MIBs for their network devices. Internet Management & Security 06

  18. SNMP main characteristics • Uses UDP as a transport protocol (port 162 for polls and 161 for traps) • Security by using community names: • Read-only • Read-write • Trap • SNMPv1 basic version • SNMPv2 enhances SNMPv1 • SNMPv3 adds security to SNMPv2 Internet Management & Security 06

  19. SNMP commands Internet Management & Security 06

  20. Remote Monitoring (RMON) • RMONv1 • Monitors that watch traffic on network segments in LANs or WANs • Also uses MIBs in order to organise information • Some vendors include the probing (polling) facility • RMONv2 • Enhances RMONv1 by providing network and application level statistical gathering (like passive network measurement) Internet Management & Security 06

  21. Remote Monitoring (RMON) • An RMON Probe Can Send Statistical Information to an RMON Console Internet Management & Security 06

  22. Advantages & Disadvantages Advantages • Network monitoring allows a centralised vision of all of the devices in the network • Allows flexibility and mobility to network managers Disadvantages • Introduces administration traffic into the network (roughly 5% of all traffic is control traffic) • Needs careful planning on traps and polls in order to maintain the balance between management and bandwidth utilisation. Internet Management & Security 06

  23. Conclusions • Network monitoring facilitates the task of managing several devices at a time • The network monitoring centres need to be manned at all times for large networks and the network manager needs to be on call at all times for smaller networks • SNMP provides a set of simple commands that collect a wide range of information about devices through MIBs • RMON is similar to passive traffic measurement and allows minimal probing of devices Internet Management & Security 06

  24. Resources • SNMPv1 - RFC 1157 • SNMPv2 - RFC 1905, 1906, 1907 • SNMPv3 - RFC 2571, 2573, 2574, 2575 • RMONv2 - RFC 2021 • RFCs can be found at: http://www.ietf.org/rfc.html • D. R. Mauro, Essential SNMP, O’Reilly. 2001 • CISCO Internetworking Technology Handbook : http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/ Internet Management & Security 06

More Related