Network Management: - SNMP - Software Defined networking

Similar documents
Chapter 9 Network Management

Chapter 8 Network Management. Chapter 8 outline. What is network management? Chapter 8: Network Management

How To Understand The Power Of The Internet

Chapter 9 Network Management

The Internet: A Remarkable Story. Inside the Net: A Different Story. Networks are Hard to Manage. Software Defined Networking Concepts

This Lecture. NWEN 403 Advanced Network Engineering. Network Management. Outline. Network management. Qiang Fu

Software Defined Networks

Network Management. What is network management?

Chapter 9 Network Management. ISO network management. What is network management? Chapter 9: Network Management. Network Management standards

Software Defined Networking What is it, how does it work, and what is it good for?

Software Defined Networking What is it, how does it work, and what is it good for?

SDN AND SECURITY: Why Take Over the Hosts When You Can Take Over the Network

Network Management Tasks. 17: Network Management and Monitoring. Snort. Snort IDS. Snort Rules

Software Defined Networking

SNMP Basics BUPT/QMUL

How To Understand The Power Of A Network In A Microsoft Computer System (For A Micronetworking)

SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)

Chapter 4 Network Layer

Simple Network Management Protocol - SNMP v1, ASN, MIB, BER. Network Management

Text Book: Computer Networking: A Top Down Approach Featuring the Internet 3rd edition, by Jim Kurose and Keith Ross, Addison-Wesley

Network Management. Jaakko Kotimäki. Department of Computer Science Aalto University, School of Science. 21. maaliskuuta 2016

Managing and Securing Computer Networks INFO-056

SNMP Network Management Concepts

Principles of Network Applications. Dr. Philip Cannata

Network Management. Network Management. Copyright and acknowledgments. Acknowledgements. Pag. 1

Chapter 6 Wireless and Mobile Networks

Tutorial on Network Management and Measurements. Tasos Alexandridis

Network Management. Copyright and acknowledgments

ITEC310 Computer Networks II

Ethernet-based Software Defined Network (SDN) Cloud Computing Research Center for Mobile Applications (CCMA), ITRI 雲 端 運 算 行 動 應 用 研 究 中 心

COMPSCI 314: SDN: Software Defined Networking

Configuring SNMP Cisco and/or its affiliates. All rights reserved. 1

Network Management. Network management definition? Network Management. Network management definition? Copyright and acknowledgments

Netzwerksicherheit: Anwendungen

OpenFlow Overview. Daniel Turull

SNMP -overview. Based on: W.Stallings Data and Computer Communications

OpenFlow: Enabling Innovation in Campus Networks

VLAN und MPLS, Firewall und NAT,

TELE 301 Network Management

From Active & Programmable Networks to.. OpenFlow & Software Defined Networks. Prof. C. Tschudin, M. Sifalakis, T. Meyer, M. Monti, S.

A Guide to Understanding SNMP

Simple Network Management Protocol

Cloud Networking Disruption with Software Defined Network Virtualization. Ali Khayam

SNMP and Network Management

Chapter 8 Security Pt 2

Open Source Network: Software-Defined Networking (SDN) and OpenFlow

Software Defined Networking A quantum leap for Devops?

Network Security in Practice

Ten Things to Look for in an SDN Controller

(Refer Slide Time: 1:17-1:40 min)

Comparison of SNMP. Versions 1, 2 and 3

10. Wireless Networks

Frenetic: A Programming Language for OpenFlow Networks

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

Simple Network Management Protocol

INTRODUCTION TO FIREWALL SECURITY

OpenFlow and Onix. OpenFlow: Enabling Innovation in Campus Networks. The Problem. We also want. How to run experiments in campus networks?

Simple Network Management Protocol

Introduction to Simple Network Management Protocol (SNMP)

10CS64: COMPUTER NETWORKS - II

Software-Defined Networking for the Data Center. Dr. Peer Hasselmeyer NEC Laboratories Europe

Securing Local Area Network with OpenFlow

Presented by Aurang Zeb 14CS-03. Network Management System

Outline. Institute of Computer and Communication Network Engineering. Institute of Computer and Communication Network Engineering

Software Defined Networking & Openflow

Monitoring Traffic manager

Trusting SDN. Brett Sovereign Trusted Systems Research National Security Agency 28 October, 2015

SDN Programming Languages. Programming SDNs!

Business Cases for Brocade Software-Defined Networking Use Cases

SDN and OpenFlow. Naresh Thukkani (ONF T&I Contributor) Technical Leader, Criterion Networks

SNMP Simple Network Management Protocol

An Introduction to Software-Defined Networking (SDN) Zhang Fu

How To Make A Vpc More Secure With A Cloud Network Overlay (Network) On A Vlan) On An Openstack Vlan On A Server On A Network On A 2D (Vlan) (Vpn) On Your Vlan

Simple Network Management Protocol

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Introduction to Network Management

SNMP Extensions for a Self Healing Network

Towards Software Defined Cellular Networks

Software Defined Networks (SDN)

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Subnetting and Network Management Omer F. Rana. Networks and Data Communications 1

Tik-109/ Telecommunications architectures:

Network Management - SNMP

DHCP, ICMP, IPv6. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley DHCP. DHCP UDP IP Eth Phy

Cisco PIX vs. Checkpoint Firewall

Intel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family

Software Defined Networking (SDN) - Open Flow

ONOS [Open Source SDN Network Operating System for Service Provider networks]

SDN. WHITE PAPER Intel Ethernet Switch FM6000 Series - Software Defined Networking. Recep Ozdag Intel Corporation

Computer Security: Principles and Practice

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.

SDN and Streamlining the Plumbing. Nick McKeown Stanford University

Software Defined Networking Basics

Names & Addresses. Names & Addresses. Hop-by-Hop Packet Forwarding. Longest-Prefix-Match Forwarding. Longest-Prefix-Match Forwarding

Transcription:

Internet-Technologien (CS262) Network Management: - SNMP - Software Defined networking 23.4.2014 Christian Tschudin Departement Mathematik und Informatik, Universität Basel 9-1 Chapter 9 Network Management A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following: If you use these slides (e.g., in a class) in substantially unaltered form, that you mention their source (after all, we d like people to use our book!) If you post any slides in substantially unaltered form on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material. Computer Networking: A Top Down Approach, 5th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009. Thanks and enjoy! JFK/KWR All material copyright 1996-2010 J.F Kurose and K.W. Ross, All Rights Reserved Network 9-2

Chapter 9: Network Management Chapter goals: introduction to network management motivation major components Internet network management framework MIB: management information base SMI: data definition language SNMP: protocol for network management security and administration presentation services: ASN.1 Network 9-3 Management Chapter 9 outline What is network management? Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration ASN.1 Network 9-4

What is network management? autonomous systems (aka network ): 100s or 1000s of interacting hardware/software components other complex systems requiring monitoring, control: jet airplane nuclear power plant others? "Network management includes the deployment, integration and coordination of the hardware, software, and human elements to monitor, test, poll, configure, analyze, evaluate, and control the network and element resources to meet the real-time, operational performance, and Quality of Service requirements at a reasonable cost." Network 9-5 Management Infrastructure for network management definitions: managing entity managing data entity network management protocol agent data managed device agent data managed device agent data agent data managed device managed devices contain managed objects whose data is gathered into a Management Information Base (MIB) managed device Network 9-6

Network Management standards OSI CMIP Common Management Information Protocol designed 1980 s: the unifying net management standard too slowly standardized SNMP: Simple Network Management Protocol Internet roots (SGMP) started simple deployed, adopted rapidly growth: size, complexity currently: SNMP V3 de facto network management standard Network 9-7 Management Chapter 9 outline What is network management? Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration ASN.1 Network 9-8

SNMP overview: 4 key parts Management information base (MIB): distributed information store of network management data Structure of Management Information (SMI): data definition language for MIB objects SNMP protocol convey manager<->managed object info, commands security, administration capabilities major addition in SNMPv3 Network 9-9 Management MIB example: UDP module Object ID 1.3.6.1.2.1.7.1 Name Type Comments UDPInDatagrams Counter32 total # datagrams delivered at this node 1.3.6.1.2.1.7.2 UDPNoPorts Counter32 # underliverable datagrams no app at portl 1.3.6.1.2.1.7.3 UDInErrors Counter32 # undeliverable datagrams all other reasons 1.3.6.1.2.1.7.4 1.3.6.1.2.1.7.5 UDPOutDatagrams Counter32 # datagrams sent udptable SEQUENCE one entry for each port in use by app, gives port # and IP address Network 9-

SNMP Naming question: how to name every possible standard object (protocol, data, more..) in every possible network standard?? answer: ISO Object Identifier tree: hierarchical naming of all objects each branchpoint has name, number 1.3.6.1.2.1.7.1 ISO ISO-ident. Org. US DoD Internet udpindatagrams UDP MIB2 management 9Network Management 14 OSI Object Identifier Tree Network 9-

SNMP protocol Two ways to convey MIB info, commands: managing entity managing entity request trap msg response agent data agent data Managed device Managed device request/response mode trap mode 9Network Management 16 SNMP protocol: message types Message type Function GetRequest GetNextRequest GetBulkRequest Mgr-to-agent: get me data (instance,next in list, block) InformRequest Mgr-to-Mgr: here s MIB value SetRequest Response Trap Mgr-to-agent: set MIB value Agent-to-mgr: value, response to Request Agent-to-mgr: inform manager of exceptional event Network 9-

SNMP security and administration encryption: DES-encrypt SNMP message authentication: compute, send MIC(m,k): compute hash (MIC) over message (m), secret shared key (k) protection against playback: use nonce view-based access control SNMP entity maintains database of access rights, policies for various users database itself accessible as managed object! 9Network Management 19 Software Defined Networking Jennifer Rexford COS 461: Computer Networks Lectures: MW 10-10:50am in Architecture N101 http://www.cs.princeton.edu/courses/archive/spr12/cos461/

Networks are Hard to Manage Operating a network is expensive More than half the cost of a network Yet, operator error causes most outages Buggy software in the equipment Routers with 20+ million lines of code Cascading failures, vulnerabilities, etc. The network is in the way Especially a problem in data centers and home networks Rethinking the Division of Labor 35

Traditional Computer Networks Data plane: Packet streaming Forward, filter, buffer, mark, rate-limit, and measure packets Traditional Computer Networks Control plane: Distributed algorithms Track topology changes, compute routes, install forwarding rules

Traditional Computer Networks Management plane: Human time scale Collect measurements and configure the equipment Death to the Control Plane! Simpler management No need to invert control-plane operations Faster pace of innovation Less dependence on vendors and standards Easier interoperability Compatibility only in wire protocols Simpler, cheaper equipment Minimal software

Software Defined Networking (SDN) Logically-centralized control Smart, slow API to the data plane (e.g., OpenFlow) Dumb, fast Switches 41 OpenFlow Networks

Data-Plane: Simple Packet Handling Simple packet-handling rules Pattern: match packet header bits Actions: drop, forward, modify, send to controller Priority: disambiguate overlapping patterns Counters: #bytes and #packets 1. 2. 3. src=1.2.*.*, dest=3.4.5.* drop src = *.*.*.*, dest=3.4.*.* forward(2) src=10.1.2.3, dest=*.*.*.* send to controller 43 Unifies Different Kinds of Boxes Router Match: longest destination IP prefix Action: forward out a link Firewall Match: IP addresses and TCP/UDP port numbers Action: permit or deny Switch Match: destination MAC address Action: forward or flood NAT Match: IP address and port Action: rewrite address and port

44 Controller: Programmability Controller Application Network OS Events from switches Topology changes, Traffic statistics, Arriving packets Commands to switches (Un)install rules, Query statistics, Send packets Example OpenFlow Applications Dynamic access control Seamless mobility/migration Server load balancing Network virtualization Using multiple wireless access points Energy-efficient networking Adaptive traffic monitoring Denial-of-Service attack detection See http://www.openflow.org/videos/

E.g.: Dynamic Access Control Inspect first packet of a connection Consult the access control policy Install rules to block or route traffic E.g.: Seamless Mobility/Migration See host send traffic at new location Modify rules to reroute the traffic

48 E.g.: Server Load Balancing Pre-install load-balancing policy Split traffic based on source IP src=0* src=1* 49 E.g.: Network Virtualization Controller #1 Controller #2 Controller #3 Partition the space of packet headers

51 A Helpful Analogy From Nick McKeown s talk Making SDN Work at the Open Networking Summit, April 2012 Mainframes Ap Ap Ap Ap Ap Ap Ap Ap Ap Ap Ap p p p p p p p p p p p Specialized Applications Specialized Operating System Specialized Hardware Vertically integrated Closed, proprietary Slow innovation Small industry Open Window Interface Lin Mac s o ux o OS (OS) r r Open Interface Microprocesso r Horizontal Open interfaces Rapid innovation Huge industry

Routers/Switches Ap Ap Ap Ap Ap Ap Ap Ap Ap Ap Ap p p p p p p p p p p p Specialized Features Specialized Control Plane Specialized Hardware Vertically integrated Closed, proprietary Slow innovation Open Interface Control Plane or Control Plane or Control Plane Open Interface Merchant Switching Chips Horizontal Open interfaces Rapid innovation 54 Challenges

55 Heterogeneous Switches Number of packet-handling rules Range of matches and actions Multi-stage pipeline of packet processing Offload some control-plane functionality (?) access control MAC look-up IP look-up 56 Controller Delay and Overhead Controller is much slower the the switch Processing packets leads to delay and overhead Need to keep most packets in the fast path packets

57 Distributed Controller Controller Application For scalability and reliability Controller Application Partition and replicate state Network OS Network OS 58 Testing and Debugging OpenFlow makes programming possible Network-wide view at controller Direct control over data plane Plenty of room for bugs Still a complex, distributed system Need for testing techniques Controller applications Controller and switches Rules installed in the switches

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information