Network Management Basics

F4 Network Management Basics Carol J. Sirkis sirkis@us.ibm.com Click here Agenda to type page title Network Management Simple Network Management Protocol (SNMP) Basics Remote Monitoring (RMON) Basics IBM Network Management Products Page 1-2

Why Network Management is Important Cost of Network Ownership Operation Device Management Network Configuration Troubleshooting Performance Monitoring Asset Management Network Planning 16% Equipment Network Hardware Network Software "Manageability has joined speed and price as fundamental criteria on which customers judge networking products" IDC 1996 "Customers are looking for more than boxes - customers are looking for someone to take a lot of the burden off of them" Frank Dzubeck, President Communications Network Architects. Network Management - why I care... Important to customer IBM networking hardware product differentiator Part of a total customer $olution Click Goals here of Network to type Management page title Minimize system down time Prevent network problems Improve network availability Reduce operational costs Configure/reconfigure hardware devices from a single management stations One interface for multiple devices Manage proactively by identifying potential bottlenecks before they become critical Page 3-4

Click What here is Network to type Management? page title Network Management is the process of controlling a complex network to maximize its efficiency and productivity. Customers ask: How can we detect problems in our network? How can we set up or modify devices in our network? How do we know who is using resources in our network? Are our network devices performing properly? How can we track network utilization? Click Network here Management to type page Functions title Customer Questions How can we detect problems in our network? How can we set up or modify devices in our network? How do we know who is using resources in our network? Are our network devices performing properly? How can we track network utilization? Functional Area of Network Management Fault Management Problem detection Problem isolation Problem resolution Configuration Management Physical and logical configuration of network devices Security Management Control access to information on the network Audit trail or logs Performance Management Measuring performance of hardware/software/media Identify performance bottlenecks Accounting Management Tracking individual or group network utilization Page 5-6

An Extremely Short History of Click Network here to Management type page title Networking vendors had proprietary methods of managing their devices. The Internet Activities Board (IAB) and the International Standards Organization (ISO) recognized the need for a standard for internetworking. In 1989, the IAB approved SNMP, a Simple Network Management Protocol, as a "temporary" solution to manage IP networks. In 1991, ISO's standard CMIP, Common Management Information Protocol, was approved Used in public telephone networks Simple Network Management Protocol (SNMP) The de-facto standard, most commonly used networking protocol Quick and easy to implement and execute Uses an uncomplicated transport protocol Has a small number of protocol message types Information units have a single value, such as, an integer or string Easily extended to include vendor-specific variables Page 7-8

SNMP Click Network here to Management type page Model title Network Management Station Network Element Network Management Protocol Click SNMP here Transport to type Protocol page title SNMP uses User Datagram Protocol (UDP) Well suited for brief request/response type of operations Connectionless (by definition, unreliable) Less overhead Management Application SNMP UDP Agent Application SNMP UDP User Applications FTP/Telnet/+ TCP IP Network-dependent protocols IP Network-dependent protocols Page 9-10

Click SNMP here Protocol type Message page Types title Fields in Protocol Data Units (PDUs) Version - the version of SNMP 0 = SNMP version 1 1 = SNMP version 2 Community name Password used to control access to information Command - type of message GetRequest, GetNextRequest, SetRequest, GetResponse, Trap Request ID Used to correlate a request and its response Error Status In GetResponses, indicates if the GetRequest executed successfully Error Index In GetResponses, indicates which variable in the GetRequest, if any, caused a problem A list of Object ID, value pairs The value is null in the GetRequest and filled in, in the GetResponse Page 11-12

Click Samples here of to SNMP type Messages page title GetNextRequest SNMP: Version = 0 SNMP: Community = public SNMP: Command = Get next request SNMP: Request ID = 3 SNMP: Error Status = 0 (No Error) SNMP: Error index = 0 SNMP: Object = {1.3.6.1.2.1.2.2.1.8.1} (ifoperstatus.1) SNMP: Value = NULL GetResponse SNMP: Version = 0 SNMP: Community = public SNMP: Command = Get response SNMP: Request ID = 3 SNMP: Error Status = 0 (No Error) SNMP: Error index = 0 SNMP: Object = {1.3.6.1.2.1.2.2.1.8.2} (ifoperstatus.2) SNMP: Value = 1 (up) Click Example here to of type MIB-II page Object title ifoperstatus OBJECT-TYPE SYNTAX INTEGER { up(1), -- ready to pass packets down(2), testing(3) -- in some test mode } ACCESS read-only STATUS mandatory DESCRIPTION "The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed." ::= { ifentry 8 } Source: Internet Activities Board (IAB) RFC 1213 (Request for Comments) Management Information Base for Network Management of TCP/IP-based internets: MIB-II Page 13-14

Click Understanding here to type MIB page Objects title Field What is it Examples Object type Syntax defines the name of the object defines the structure of the information for this object sysuptime (system up time) integer counter octet string network address gauge timeticks read-only read/write Access defines the access to the object Status status of the object mandatory optional Description description of object in human readable form Value Notation used to identify an object with its group The time (in hundredths of a second) since the network management portion of the system was last reinitialized. {system 3} found under the system group in MIB-2 3rd object in the system group MIB Tree Object Identifier Click in Abstract here Syntax to Notation type page One (ASN.1) title root iso 1 ccitt 2 joint-iso-ccitt 3 org 3 dod 6 internet 1 Object identifier for MIB-II iso.org.dod.internet.mgmt.mib-2 or 1.3.6.1.2.1 directory 1 mgmt 2 experimental 3 private 4 MIB 1 enterprises 1 ibm 2 Page 15-16

Click here MIB-II to Variables type page title Object ID 1.3.6.1.2.1 mib-2 1 1.3.6.1.2.1.1 system 1 interfaces 2 at 3 ip 4... 1.3.6.1.2.1.1.1 1.3.6.1.2.1.1.2 1.3.6.1.2.1.1.3 1.3.6.1.2.1.1.4 1.3.6.1.2.1.1.5 1.3.6.1.2.1.1.6 1.3.6.1.2.1.1.7 1 sysdescr 2 sysobjectid 3 sysuptime 4 syscontact 5 sysname 6 syslocation 7 sysservices OS/2 SNMP Agent version 1.0 1.3.6.1.4.2.1.1.2.2. 2234 Elizabeth Bennet 555-9111 labmachine1 Campus Bldg 82 72 Nways Workgroup Manager for Windows NT Click here MIB to Browser type page title Page 17-18

Nways Managers 8210 Device View Enterprise Specific MIB Assignments 1.3.6.1.4.1.xxxx iso.org.dod.internet.private.enterprises.xxxx 1.3.6.1.4.1.1 Proteon 1.3.6.1.4.1.2 IBM.9 Cisco.13 University of Tennessee.16 Timeplex.18 Wellfleet.20 MIT.42 SUN Microsystems.3053 Genie Telecommunication Inc. Page 19-20

Click here SNMP to type Trappage title Agent reports exception conditions to the manager Types cold start (0) warm start (1) link down (2) link up (3) authentication failure (4) egp neighbor loss (5) enterprise specific (6) Network Management Station SNMP Trap Network Element Nways Workgroup Manager for Windows NT Click here Add Trap to type Capability page title Page 21-22

Click Remote here Monitoring type page (RMON) title Remote network monitoring (RMON) is the standard for monitoring internet traffic. RMON is an extension of SNMP but is differentiated from SNMP by its use of additional MIB groups. RMON-capable devices can gather extended MIB data in addition to those provided by SNMP Sorts and summarizes the information, resulting in a deeper and more specific analysis of data traffic Reduces management overhead through limited polling and transmission intervals. IBM Nways Real-time Network Statistics Page 23-24

Remote Network Management Goals Offline Operation RMON-compliant devices can be remotely located Can continue to function even if the network manager is offline. Proactive Monitoring Keeps network statistics even when the network is healthy. Establishes a baseline of normal network behavior to compare if problems occur in the network. Problem Detection and Reporting Monitors network statistics and notifies management station when an exception occurs Value Added Data Keeps statistics that can be used in planning future network expansion Multiple Managers Can be controlled by more than one network manager (redundancy) Information collected can be distributed to different locations Click here RMON to Architecture type page title Network Management Station Network Element SNMP Page 25-26

Click RMON here Manager to type Functions page title Provide a graphical user interface Shield users from raw data in RMON reports Present relevant network information clearly Configure agent reporting parameters (intervals, thresholds) Interpret and present real time reports Present data for long term analysis (trending) Provide data for troubleshooting Provide service level and response time information Act on exception events Communicate with multiple RMON agents Configuring a Using Nways Workgroup for Window NT Page 27-28

Tools File Edit View Lo cate Options M onito r Te st Tools Adm inister Help Control merc ury Des k Tree Tool s Ev ents NetView evan s Se gmen t 1 Contr ol Desk Monitor Syst ems Monit or CPU Utilizat ion File Ev ents Application Menu Help In deter minate Mon Sep19 14:48: 38 19 94 jeanle e. raleigh N No de Do wn SP ECIFI C GENERI C CA TEGORY EN TERPRISE SOURCE TE HOSTNAME SE VERI T Y : 58916865 ( h ex : 383001) : 6 : St at us Events : netvies 600 1.3. 6. 1. 4. 1. 2. 6.3.1 : Netmo n (N) : jeanle e. raleigh.ib m. com : Indeterminate BROWSE / MIB HIGHLI GHT bars tow Ev ent Hist ory Mail CPU Per f SNMP Errors Event s LMU/ 6000 Nav igation Tree RMON Agents Click here Function to type and Types page title Agent functions Sample network conditions at user defined intervals Off-line sampling independent of manager availability Communicate with one or more managers (in-band using SNMP) Agent types Workstation based software Freestanding hardware/software (probe) Embedded Network hardware, such as a hub Plug in modules or chips Click RMON here Management to type Architecture page title SNMP Remote Monitoring (RMON) Agent required per segment monitored Page 29-30

Click Remote here Monitoring type Standards page title RFC 1757: RMON Management Information Base (MIB) RFC 1513: Token-Ring Extensions to RMON MIB RFC 2021: RMON2 MIB RFC 2074: RMON2 MIB Protocol Identifiers RMON focuses on providing information about the media-specific (Token-ring, Ethernet) layers RMON2 extends the support by providing information about the layers above the MAC layer 7 Application Layer 6 Presentation Layer 5 Session Layer RMON2 5 Transport Layer 3 Network Layer 2 MAC Layer (DLC) 1 Physical Layer RMON Click Remote here Network to type Monitoring page MIB title CCITT(0) ISO(1) JTC(2) ORG(3) DoD(6) Internet(1) Directory(1) Management(2) Experimental(3) Private(4) mib-2(1) rmon(16) Statistics(1) History(2) Alarm(3) Host(4) Host Top N(5) Matrix(6) Filter(7) Packet Capture(8) Event(9) Token Ring (10) Protocol Directory(11) Protocol Distribution(12) Address Mapping(13) Network layer Host(14) Network layer Matrix(15) Application layer Host(16) Application layer Matrix(17) User History(18) Configuration(19) RMON Conformance(20) Page 31-32

Click RMON here MIB to Object type Groups page title Statistics (1) Provides real-time utilization and error statistics History (2) Provides the ability to periodically capture the statistics Alarm (3) Provides the ability to define/monitor thresholds (rising or falling) on counters/integers supported by the agent. When triggered, agent passes alarm to Event Group. (Note that the Alarm Group reguires the Event Group) Host (4) Provides statistics based on the host (MAC) addresses Host Top N (5) Provides sorted grouping of hosts based on a chosen host statistic Matrix (6) Provides statistics about traffic between hosts RMON MIB Object Groups (Cont.) Filter (7) Provides the ability to screen observed packets When a packet passes the screening it can trigger an Event and/or be captured Capture (8) Provides the ability to buffer (capture) filtered packets that can be set to a manager Capture Group requires the Filter Group Event (9) Provides the ability to define an action (log, send trap) that can be triggered Token-Ring (10) Provides statistics and configuration data specific to token-ring Page 33-34

Click RMON2 here MIB to Object type page Groupstitle Protocol Directory (11) Directory of all protocols the agent supports (protocols are defined in RFC 2074) Protocol Distribution (12) Provides protocol-specific statistics Address Map (13) Provides a mapping of MAC address to network address Network-layer Host (14) Provides network-layer statistics based on the network-layer host addresses Network-layer matrix (15) Provides network-layer statistics about traffic between network-layer hosts RMON2 MIB Object Groups (Cont.) Application-layer Host (16) Provides application-layer statistics based on the application-layer host addresses Application-layer Matrix (17) Provides application-layer statistics about traffic between application-layer hosts User History Collection (18) Provides the ability to specify sampling and logging based on user-specified variables and user-defined parameters Configuration (19) Provides standard configuration parameters for agents Page 35-36

Group Statistics - Ethernet - T/R MAC-layer - T/R Promiscuous Hosts Matrix Host Top N Ring Station Ring Station Order Ring Station Config Source Route Alarm Event History - Ethernet - T/R MAC-layer - T/R Promiscuous Filter Packet Capture Aspen MIB ECAM (RMON2) RMON Groups Supported by IBM Hardware 8225 M-003 - - 8230 SNMP - 8238 Hub Bronze Bronze Silver Gold Gold Bronze Silver Silver Silver Silver Silver - Gold Gold Gold Gold 8250 T/R - Hub E-net - - 8260 T/R T-MAC T-MAC T-MAC HTMAC HTMAC T-MAC T-MAC T-MAC T-MAC T-MAC T-MAC - HTMAC HTMAC HTMAC HTMAC HTMAC HTMAC Nways E-net E-MAC E-MAC E-MAC E-MAC E-MAC E-MAC E-MAC - - HEMAC HEMAC HEMAC HEMAC Hub Sw E-net - - - - - - Network Management Product Positioning Network Management Station Transcend Nways Manager Optivity CiscoWorks Management Applications Spectrum HP OpenView Tivoli NetView SunNet Mgr Management Platforms SunOS Solaris AIX HP Unix Windows 3.x/95/NT... Operating Systems SUN HP PC Hardware Platforms RISC/6000 Page 37-38

Click IBM Management here to type Applications page title Small to Medium Environments Nways Workgroup Manager for Windows NT Nways Workgroup Remote Monitor for Windows NT Medium to Large Environments Nways Manager for AIX Nways Manager for HP-UX Nways RouteSwitch Network Manager Suite Nways RouteTracker Manager LAN Network Manager for OS/2 Nways 2220 Switch Manager for AIX Click here Nways to Managers type page title High End Campus Low End Campus Nways Manager for AIX/HP-UX Nways Manager for NT LAN Media Manager Remote/Traffic Monitor APPN, DLSw Topology ATM, ELAN Manager Element Manager Element Manager Remote Monitor Tivoli NetView for AIX, HPOV on HP UNIX Note: No Platform required LAN Media Manager LAN / Bridge Mgmt - Token Ring and bridge Topology Hardware supported 8229, 8230, 8250, 6611, 2210, 2216, 8281, 8271, 8272,8240,8244 Remote Monitor -Token Ring / Ethernet Layer 1 Traffic Mgmt - Full RMON I Standard support- APPN/DLSw Topology APPN Topology - Network Node/End Node/HPR/DLUR Data Link Switch Topology - SNA Endpoints routed Hardware supported 8225,8230,8237,8238, thru IP network 8250/60,827x,8273/4 Hardware supported Traffic Monitor 3746, 2210, 2216, 6611 -Token Ring / Ethernet Layer 3 Traffic Mgmt (e.g., IP, IPX, NETBIOS) - RMON II support- ATM/ELAN Manager ATM Protocol Mgmt - PVC/SVC Tracking - ATM Performance mgmt - ATM media topology Element Manager Device Management - Hardware configuration status - Media/Protocol status - Fault/Performance Emulated LAN Mgmt Hardware supported Drag/Drop configuration 8210,8224,8225,8230, LEC,LECS,BUS mgmt 8235,8237,8238,8270, 8271,8272,8273,8274 8276,8281,8282,8285 Hardware supported 8250/60/65,2210, 8250/60/65, 8285, 8281, 2216,6611, EN Adapters 8282, 2210, 2216 Element Manager Device Management - Hardware configuration status - Media/Protocol status - Fault/Performance Hardware supported 8210,8224,8225,8230, 8235,8237,8238,8270, 8271,8272,8273,8274 8276,8281,8282,8285 8250/60/65,2210, 2216,6611, EN Adapters Remote Monitor -Token Ring / Ethernet Layer 1 Traffic Mgmt - Full RMON I Standard support- Hardware supported 8225,8230,8237,8238, 8250/60,827x,8273/4 Hardware supported 8250/60,827x Page 39-40

Reference Additional Information The Simple Book, An Introduction to Internet Management, Marshall T. Rose, Prentice-Hall, Engelwood Cliffs, NJ, 1994. Standards Document Library on the Web http://www-library.itsi.disa.mil/by_org.html IBM MIBs can be obtained via anonymous FTP at www.raleigh.ibm.com in directory pub/products/lanprods/hub IBM Product Information NETeam Solutions Clinics presentations Managing an ATM Network with Nways Manager for AIX Nways Management for the Workgroup Nways home page: www.networking.ibm.com/netmgt Network Manage Support: www.ibm.com/support/nsc/htmls/nwmgmt.htm Page 41-42