Documente Academic
Documente Profesional
Documente Cultură
com
www.allsyllabus.com
SYLLABUS
Exam Hours: 03
Total Hours: 52
Exam Marks: 100
Network Management: Goals, Organization, and Functions- Goal of Network Management, Network
co
Provisioning, Network Operations and the NOC, Network Installation and Maintenance; Network and
System Management, Network Management System platform, Current Status and Future of Network
bu
s.
Management.
2. Basic Foundations: Standards, Models, and Language: Network Management Standards, Network
yl
la
.a
lls
Objects and Data Types, Object Names, An Example of ASN.1 from ISO 8824; Encoding Structure;
Macros, Functional Model.
3. SNMPv1 Network Management: Managed Network: The History of SNMP Management, Internet
Organizations and standards, Internet Documents, The SNMP Model, The Organization Model, System
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Relationship
Between Control
and
Data T ables,
Netw ork
M anagement:
Broadband
Access
Networks
and
T echnology;
Asymmetric
Digital
Subscriber
Management,
Line
co
Technolo gy Role of the ADSL Access Net work in an Overall Net work,
ADSL Architecture, ADSL Channeling Schemes, ADSL Encoding Schemes;
Management
ADSL
Network
Management
s.
ADSL
Elements,
Performance
bu
ADSL
yl
la
.a
lls
Provisioning, Inventory Management, Net work Topology, Fault ManagementFault Detection, Fault Location and Isolation Techniques, Performance
Management Performance Metrics, Data Monitoring, Problem Isolation,
Event
Model-Based
Reasoning,
Statistics;
Performance
Correlation
Reasoning,
Techniques
Case-Based
Rule-Based
Reasoning,
Codebook
correlation Model, State Transition Graph Model, Finite State Machine Model,
Security Management Policies and Procedures, Security Breaches and the
Resources
Needed
Authentication
and
to
Prevent
Authorization,
Them,
Firewalls,
Client/Server
Cryptography,
Authentication
Systems,
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
.a
lls
yl
la
bu
s.
co
TEXT BOOKS:
Mani Subramanian: Network Management- Principles and Practice, 2nd
Pearson Education, 2010.
REFERENCE BOOKS:
J. Richard Burke: Network management Concepts and Practices: a Hands-On
Approach, PHI, 2008.
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
TABLE OF CONTENTS
1. Introduction
1.1
1.2
1.3
1.4
1.5
1.6
1.7
1.8
6-14
Network
s.
bu
M anagement
.a
lls
3. SNMPv1
yl
la
15-27
co
28-52
www.allsyllabus.com
53-61
vtu.allsyllabus.com
www.allsyllabus.com
62-84
85-113
.a
lls
yl
la
bu
s.
co
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Chapter 1
I NT RO D U C T I O N
yl
la
bu
s.
co
Characteristics:
It is Reliable - does what is expected of it
Dependable - always there when you need
it (remember 911?)
Good quality (connection) - hearing each
other well
The reasons for that are good planning, design, and implementation .Good operation and
management of network.
Telephone Network Model
Notice the hierarchy of switches
Primary and secondary routes programmed
Automatic routing
Where is the most likely failure?
Use of Operations Systems to ensure QoS
Regional Center
Cla ss 1 switch
.a
lls
Regional Center
Cla ss 1 switch
Prima ry Center
Cla ss 3 switch
Sectional Center
Cla ss 2 switch
Sectional Center
Cla ss 2 switch
Prima ry Center
Cla ss 3 switch
Toll Center
Cla ss 4 switch
En d Office
Cla ss 5 switch
End Office
Cla ss 5 switch
Toll Center
Cla ss 4 switch
To other
Regional centers
Sectional centers
Primary centers
Toll centers
En d offices
To other
Primary centers
Toll centers
En d offices
To other
Class 4 toll points
En d offices
Legend:
Loop
Dire ct Trunk
Toll-Connecting Trunk
Voice
V o ic e
Toll Trunk
Monitor telephone network parameters S/N ratio, transmission loss, call blockage, etc.
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
T erminal
Host
bu
s.
T erminal
co
Modem
Voice
Loop
Loop
.a
lls
Loop
Modem
yl
la
Modem
Voice
LAN A
LAN B
B r id g e /
Router
B rid g e /
Router
B r id g e /
Router
LAN C
WAN
communication link
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
W o r k s t a t io n
W o r k s t a t io n
Cluster
controller
Cluster
controller
Communications
controller
s.
co
Communications
controller
bu
M a in f r a m e
yl
la
Control
transf er
Server
Client
.a
lls
Major impacts of DCE are no more monopolistic service provider, no centralized IT controller,
hosts doing specialized function and Client/Server architecture formed the core of DCE network
Client/Server Model
Control
transf er
For example in Post office analogy; clerk the server, and the customer the client. Client always
initiates requests and Server always responds. Notice that control is handed over to the receiving
entity.
1.3 TCP/IP Based Networks
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
yl
la
bu
s.
co
User A
User Z
Application Layers
Transport Layers
.a
lls
Peer-Protocol Interface
Application Layers
Transport Layers
Physical Medium
System A
User A
System Z
User Z
Peer-Protocol Interface
Application Layers
Application Layers
T r a n s p o rt L a y e r
T r a n s p o rt L a y e r s
T r a n s p o rt L a y e r s
Conversion
Physical Medium
Physical Medium
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Layer 7
Application
Layer 6
Presentation
Layer 5
Session
Layer 4
Transport
Layer 3
Network
Layer 2
Data link
Layer 1
Physical
co
Physical medium
s.
yl
la
bu
Internet user
Telnet
.a
lls
Application Protocols
OSI user
Virtual Terminal
File Transfer Access & Management
Message-orientedText
P ro t o c o l
In t e rch an g e St an d a rd
Simple Network
CommonManagement
M a n a g e m e n t P ro t o c o l
Information Protocol
Loss of connectivity
Duplicate IP address
Intermittent problems
Network configuration issues
Non-problems
P e r f o r m a n c e p ro b l e m s
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Reliability
Non-real time problems
Rapid technological advance
Managing client/server environment
Scalability
Troubleshooting tools and systems
Trouble prediction
Standardization of operations - NMS helps
Centralized management vs sneaker-net
L a y e r N a me
Physical
co
Layer
No.
Data link
bu
s.
yl
la
Network
T r a ns p or t
.a
lls
Session
Presentation
Application
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
SN A
OSI
I N T E R NE T
Application
Presentation Services
Presentation
Application Specific
Protocols
Session
Transmission Control
Transport
ConnectionC o n n e c ti o n less: UDP
oriented: T CP
Transport
S NICP
Network
Path Control
Network
IP
SNDCP
SNDAP
Data Link
Data Link
Physical
Physical
co
Not Specified
bu
s.
Figure 1.7 Comparisons of OSI, Internet, and SNA Protocol Layer Models
yl
la
.a
lls
Network
Management
Network
Operations
Design
Planning
Network
Provisioning
Network
Maintenance
F ault Management
Trouble Tick et
Administration
T ests
Routine Network
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Configuration Data
Management
Decision
TT Restoration
Engineering Group
Operations Group
NOC
I & M Group
-Network Installation &
Maintenance
- Network Operations
co
F aul t T T
New
Technology
s.
Installation
yl
la
bu
.a
lls
NMS
Network
Agent
Network
Objects
Network
Objects
Network
Agent
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Interoperability
Messages
NM S
Vendor A
NM S
Vendor B
Network
Agent
Network
Agent
Network
Agent
Network
Objects
Network
Objects
Network
Objects
Network
Objects
co
bu
Objects
s.
Application
Se r v i c e s
Management
Pr o t o c o l
yl
la
Ve n d o r A
O bj ec t s
Network
Agent
.a
lls
Tr ans p or t
Pr o t o c o l s
O bj ec t s
Ve n d o r B
O bj ec t s
SN M P m an ag em en t
Limited CMIP management
Operations systems
Polled systems
Future trends:
Object-oriented approach
Service and policy management
Business management
Web-based management
www.allsyllabus.com
vtu.allsyllabus.com
Chapter 2
www.allsyllabus.com
Introduction
Network Management is the management of the network resources comprising nodes
(e.g., hubs, switches, routers) and links (e.g., connectivity between two nodes). System
Management is the management of systems and system resources in the network. Network
Management can also be defined as OAM&P (Operations, Administration, Maintenance, and
Provisioning) of network and services.
2.1 Network Management Standards
S t a n d a rd
co
OSI / CMIP
Salient Points
Most complete
yl
la
Object oriented
bu
s.
.a
lls
Easy to implement
Most widely implemented
T MN
IE E E
W e b - b a se d
M a n a g e me n t
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Communication
Model
s.
Information
Model
Functional
Model
bu
Organization
Model
co
Network
Management
yl
la
.a
lls
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
s.
co
MD B
bu
Managed objects
yl
la
.a
lls
Agent process
The Agent built into network element for example the Managed hub, managed router. An
agent can manage multiple elements for example the Switched hub, ATM switch. The MDB is a
physical database. Unmanaged objects are network elements that are not managed - both hysical
(unmanaged hub) and logical (passive elements).
Three-Tier Model
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
M DB
Manager
M DB
Agent / Manager
Managed objects
MDB Management Database
Ag e n t p r o c e s s
co
bu
s.
Manager of Managers
yl
la
MoM
A ge nt
Agent NMS
MD B
Agent
Agent NMS
M an a ger
MD B
.a
lls
M an ag er
MD B
Managed objects
Manage d objects
MoM
MD B
Agent NMS
Manager of Managers
Manageme nt Database
Agent
Manager
Agent process
Agent Network Management System manages the domain. Manager of Managers (MoM)
presents integrated view of domains. The Domain may be geographical, administrative, vendorspecific products, etc
Peer Network Management Systems
Dual role of both NMSs
Network management system acts as peers
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
agent
functions
Age nt N M S
Ma n a g e r N MS
Ma n a g e r N MS
A g e n t N MS
a re
(SMI)
bu
s.
co
Figure in a book uniquely identified by ISBN, Chapter, and Figure number in that
hierarchical order. The ID: {ISBN, chapter, figure}. The three elements above define the
syntax. Semantics is the meaning of the three entities according to Websters dictionary. The
information comprises syntax and semantics about an object.
.a
lls
yl
la
SMI defines for a managed object. It contains Syntax, Semantics and plus additional
information such as status.
Example
sysDescr: {system1}
Sy n t ax :
OCTET STRING
Definition: "A textual description of the entity "
Access: read-only
Status:
mandatory
MD B
Manager
Managed objects
www.allsyllabus.com
MIB
vtu.allsyllabus.com
www.allsyllabus.com
compiled
into
An NMS can automatically discover a managed object, such as a hub, when added to the
network. The NMS can identify the new object as hub only after the MIB schema of the hub is
compiled into NMS software
Management Information Tree
Root
.
co
Lev el 1
s.
Lev el 2
yl
la
bu
Lev el 3
.a
lls
iso
itu
dod
Designation:
iso
org
dod
internet
International
St an d a rd s
International
Telecommunications
Department of Defense
Organization
Union
1
1.3
1.3.6
1.3.6.1
The circle is syntax. Semantics is definition from dictionary. A plane figure bounded by a
single curved line, every point of which is of equal distance from the center of the figure.
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
it u
0
is o
1
iso-itu
2
or g
3
dod
6
internet
1
Figure2.7
and
Defintion
Semantics textual description
Status
Impl ementaion
requirements
.a
lls
Syntax
model of object
yl
la
bu
Object T ype:
Object ID
D e s c ri p t o r
circle
s.
A ccess:
Access
privilege
co
Notifications :
Notify changes in
attribute values
Object Class:
Circular
object
Behaviour
Operations:
Push
Attributes :
circle, dimension
Figure 3.9(b) OSI Perspective
www.allsyllabus.com
Attributes:
ellipse, dimension
vtu.allsyllabus.com
www.allsyllabus.com
object ID
and descriptor
syntax
access
status
d ef i n i t i o n
o b j e ct cl a s s
attributes
o p er a t i o n s
b eh a vi o r
notifications
Packet Counter Example
unique ID
and name for the object
used to model the object
access privilege to a managed object
implementation requirements
textual description of the semantics
of object type
co
managed object
attributes visible at its boundary
operations which may be applied to it
behavior exhibited by it in response to operation
notifications emitted by the object
s.
yl
la
Object type
Sy nt ax
.a
lls
Ac c es s
Status
Description
Example
bu
Characteristics
P k t Co u n t e r
Co u n t e r
Read-only
Mandatory
Co u n t s n u m b e r o f p a c k e t s
Characteristics
Exa m p l e
Object class
P a c k e t Co u n t e r
A t t ri b ut es
Single-val ued
Operations
g et , s et
Beh av i or
Notifications
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Re s p o n s e s
A p p l ic a t i o n s
Notifications /
Traps
Agent
co
Network Elements /
M an age d O bj ec t s
s.
yl
la
bu
Transfer Protocols
Manager
C o m m u n i c a ti o n
Module
.a
lls
Manager
Applications
Transport Layers
SNMP (Internet)
CMI P ( O S I)
UDP / IP (Internet)
OSI Lower Layer Profiles (OSI)
Agent
Applications
Agent
Communication
Module
Transport Layers
Internet is based on SNMP and OSI is based on CMIP. OSI uses CMISE (Common
Management Information Service Element) application with CMIP.
OSI specifies both c-o and connectionless transport protocol; SNMPv2 extended to c-o,
but rarely used.
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Abstract syntax: set of rules that specify data type and structure for information storage.
Transfer syntax: set of rules for communicating information between systems.
Makes application layer protocols independent of lower layer protocols. It can generate
machine-readable code for example Basic Encoding Rules (BER) is used in management
modules.
Backus-Nauer Form (BNF)
bu
s.
co
.a
lls
yl
la
Definition:
<name> ::= <definition>
Rules:
<digit> ::= 0|1|2|3|4|5|6|7|8|9
<number> ::= <number> | <digit> <number>
< o p > : : = + |-|x |/
<SAE> ::= <number>|<SAE>|<SAE><op><SAE>
Example:
9 is primitive 9
19 is construct of 1 and 9
619 is construct of 6 and 19
group
www.allsyllabus.com
of
assignments
vtu.allsyllabus.com
www.allsyllabus.com
last "Smith"
}
Data Type: Example 1
Module name starts with capital letters
Data types:
Primitives: NULL, GraphicString
Constructs
Alternatives : CHOICE
List maker: SET, SEQUENCE
Repetition: SET OF, SEQUENCE OF:
co
s.
[0]
SEQUENCE
bu
yl
la
CH O IC E
[0]
NULL,
[1]
NULL},
[2]
SEQUENCE
}
.a
lls
ASN.1 Symbols
Sy m b o l
::=
|
-{}
[]
()
..
Example 1
Meaning
Defined as
or, alternative, options of a list
Signed number
Following the symbol are comments
Start and end of a list
Start and end of a tag
Start and end of subtype
R an g e
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
{ChapterNumber,
BookPages
::=
SEQUENCE
co
OF
BookPageNumber}
.a
lls
yl
la
bu
or
B o o k Pag es : : = SE Q U E N C E O F
{SEQUENCE
{ChapterNumber, Separator, PageNumber}
}
PageNumber}
s.
Sep a r at o r,
Data Type
Tag
Structure
Number
Simple
Structured
T agged
Class
Other
Universal
Application
www.allsyllabus.com
Contextspecific
Private
vtu.allsyllabus.com
www.allsyllabus.com
2.7Functional Model
OSI
Functional Model
Configuration
Management
co
s.
bu
yl
la
.a
lls
w
Security
Management
Accounting
Management
The configuration management will set and change network configuration and
component parameters. It will set up alarm thresholds
Fault management will do detection and isolation of failures in network and trouble ticket
administration
Performance management monitors performance of network
Security managementAuthentication, Authorization and Encryption
Accounting management-- Functional accounting of network usage
Performance
Management
Fault
Management
www.allsyllabus.com
vtu.allsyllabus.com
Chapter 3
www.allsyllabus.com
Managed LAN
co
NM S
192.168.252.110
yl
la
Backbone Network
bu
Router 2
s.
172.17.252.1
Router 1
Hu b 1
172.16.46.2
.a
lls
172.16.4 6.1
Hu b 2
172.16.46. 3
NMS on subnet 192.168.252.1 manages the router and the hubs on subnet 172.16.46.1
across the backbone network .Information obtained querying the hub. Data truly reflects what is
stored in the hub
Managed Router: Port Addresses
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
I ndex
Interface
IP address
Network Mask
Network
Address
Link Address
23
25
L EC. 1 .0
L EC. 3 .9
255.255.255.0
255.255.255.0
Ethernet2/0
Ethernet2/3
Ethernet2/4
Ethernet1/2
Ethernet 0/1
Ethernet2/2
Ethernet1/1
Ethernet2/1
192.168.3.0
192.168.252.
0
172.16 ..46.0
172.16.49.0
172.16.52.0
172.16.55.0
172.16.56.0
172.16.57.0
172.16.58.0
172.16.60.0
0x00000C3920B4
0x00000C3920B4
13
16
17
9
2
15
8
14
192.168.3.1
192.168.252.1
5
172.16 ..46.1
172.16.49.1
172.16.52.1
172.16.55.1
172.16.56.1
172.16.57.1
172.16.58.1
172.16.60.1
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
0x00000C3920AC
0x00000C3920AF
0x00000C3920B0
0x00000C3920A6
0x00000C39209D
0x00000C3920AE
0x00000C3920A5
0x00000C3920AD
.a
lls
yl
la
bu
s.
co
(ARPANET)
Concise SMI
RFC 1212
STD 16
w
RFC 1442
SMIv2
RFC 1902
RFC 1066
MIB I
RFC 1156
RFC 1067
RFC 1098
SNMPv1
RFC 1157
STD 15
SNMPv1
Traps
RFC 1215
RFC 1065
SMI
RFC 1155
STD 16
RFC 1158
MIB II
RFC 1213
STD 17
RFC 1443
SMIv2 Txt
Conventions
RFC 1903
RFC 1448
SNMPv2
Protocol Ops
1905
RFC 1444
SMIv2
Conformances
RFC 1904
MIB II for
SNMPv2
RFC 1907
www.allsyllabus.com
RFC 1449
SNMPv2
Transport Map.
RFC 1906
vtu.allsyllabus.com
www.allsyllabus.com
co
Organization Model
Relationship between network element,
agent, and manager
Hierarchical architecture
Information Model
Uses ASN.1 syntax
SMI (Structure of Management Information
MIB ( Management Information Base)
Communication Model
Transfer syntax
SN M P o v e r T C P/ IP
Communication services addressed by messages
Security framework community-based model
3.4 The Organization Model
s.
SNMPAgent
SNMP
Manager
.a
lls
yl
la
bu
SNMP
Manager
Network
Element
SNMP
Manager
Network Agent
Network
Element
SN MP
Manager
RMON
Probe
Managed
Objects
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
SNMP Agent
SNMP Agent
Application
GetNext-Request
Get-Request Set-R eG
ete-sRtesponse
qu
GetNext-Request
Get-Request Set-Re
q eGt ue
R-ste s p o ns e
SNMP Manag er
Application
M an ag em ent
Dat a
s.
co
Trap
bu
S N MP
IP
.a
lls
DL C
yl
la
UDP
SN M P
IP
DLC
P HY
Physical Medium
PHY
UDP
www.allsyllabus.com
Trap
vtu.allsyllabus.com
www.allsyllabus.com
Get-Response
Agent responds with data for get and set
requests from the manager
Trap
Alarm generated by an agent
Name:
OBJECT
IDENTIFIER
co
Object
Type
Encoding:
BER
bu
s.
Syntax:
ASN.1
.a
lls
yl
la
Name:
O B JE CT
IDENTIFIER
Object
Object
Typ e
Object
Instance 3
Object
Instance 2
Syntax:
ASN.1
Encoding:
BER
Object
Instance 1
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
N a me
Uniquely defined by
DESCRIPTOR AND
OBJECT IDENTIFIER
Internet Subnodes
mgmt
(2)
experimental
(3)
private
(4)
.a
lls
yl
la
directory
(1)
bu
s.
co
Internet
{1 3 6 1}
directory
mg mt
experimental
private
I nt er net
{ 1 3 6 1}
private
(4)
ent er pr i s es
(1)
cisco
(9)
hp
(11)
3 Co m
( 4 3)
www.allsyllabus.com
Cabletron
( 52)
internet
vtu.allsyllabus.com
www.allsyllabus.com
SNMP ASN.1
Data Type
Tag
Structure
Number
Class
Simple
or
P ri m i ti v e
Defined
or
Application
Constructor
or
Structured
Application
Contextspecific
Private
s.
yl
la
Data Type
INTEGER
bu
.a
lls
OCTET STRING
Comments
Subtype INTEGER (n1..nN)
Special case: Enumerated
INTEGER type
8-bit bytes bi nary and textual data
Subtypes can be specifi ed by
either range or fi xed
Object position in MIB
Placehol der
OBJECT IDENTIFIER
NULL
co
Universal
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
NetworkAddress
IpAddress
Co u n t e r
Not used
Dotted decimal IP address
W rap-around, non-negative
integer, monotonically increasi ng,
max 2^32 -1
Capped, non-negative i nteger,
increase or decrease
Non-negative integer in
hundredths of second units
Application-wi de arbitrary ASN.1
syntax, double wrapped OCTET
S T RI NG
G a ug e
TimeTicks
N e t wo r k A d d r e s s
IpAddress
Counter
.a
lls
yl
la
G a ug e
TimeTicks
O p aq u e
s.
co
bu
O p aq ue
Not used
Dotted decimal IP address
Wrap-around, non-negative
integer, monotonically increasing,
max 2^32 -1
Capped, non-negative integer,
increase or decrease
Non-negative integer in
hundredths of second units
Application-wide arbitrary ASN.1
syntax, double wrapped OCTET
S T RI NG
Object
ipAdEntAddr
ipAdEntIfIndex
ipAdEntNetMask
ipAdEntBcastAddr
ipAdEntReasmMaxSize
ipAddrEntry
OBJECT IDENTIFIER
{ipAddrEntry 1}
{ipAddrEntry 2}
{ipAddrEntry 3}
{ipAddrEntry 4}
{ipAddrEntry 5}
{ipAddrTable 1}
www.allsyllabus.com
ObjectSyntax
IpAddress
INTEGER
IpAddress
INTEGER
INTEGER
SEQUENCE
vtu.allsyllabus.com
List:
IpAddrEntry ::=
SEQUENCE {
i pAd Ent A d dr
I pAd dr e s s
ipAdEntIfIndex
INTEGER
i pAdE nt N et M as k
IpAddress
ipAdEntBcastAddr
INTEGER
i p A d E n t Re a s m Ma x S i z e
INTEGER (0..65535)
}
Managed Object IpAddrEntry as a list
Length
Value
Tag Number
(1-5th bits)
bu
P/C
(6th bit)
yl
la
Class
(7-8th bits)
s.
co
Type
www.allsyllabus.com
.a
lls
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
.a
lls
yl
la
bu
s.
co
sysDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
ACCESS read-only
ST A T U S m a n d at o ry
DESCRIPTION
A textual description of the entit y. This value should include the full name and
version identification of the systems hardware type, software operating-system,
and networking software. It is mandatory that this only contain printable ASCII
ch a ra ct e rs .
::= {system 1 }
Figure 3.3(b) Scalar or Single Instance Macro: sysDescr
[RFC 1213]
Aggregate Object
A group of objects
Also called tabular objects
Can be represented by a table with
Columns of objects
Rows of instances
Example: IP address table
Consists of objects:
IP address
Interface
Subnet mask (which subnet this address
belongs to)
Broadcast address (value of l.s.b. in IP
broadcast address)
Largest IP datagram that can be assembled
Multiple instances of these objects associated with
the node
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
ipAddrTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpAddrEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
::= {ipAddrTable 1}
co
yl
la
bu
ipAddrEntry OBJECT-TYPE
SYNTAX IpAddrEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The addressing information for one of this entity's IP addresses."
.a
lls
s.
INDEX { ipAdEntAddr }
::= { ipAddrTable 1 }
IpAddrEntry ::=
SEQUENCE {
ipAdEntAddr
IpAddress,
ipAdEntIfIndex
INTEGER,
ipAdEntNetMask
IpAddress,
ipAdEntBcastAddr
INTEGER,
ipAdEntReasmMaxSize
INTEGER (0..65535)
Index ipAdEntAddr uniquely identifies an instance. May require more than one object in the
instance to uniquely identify it
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
co
::= { ipAddrEntry 1 }
ipAdEntReasmMaxSize OBJECT-TYPE
SYNTAX INTEGER (0..65535)
ACCESS read-onl y
STATUS mandatory
DESCRIPTION
"The size of the largest IP datagram which this
entity can re-assemble from incoming IP
fragmented datagrams received on this interface."
::= { ipAddrEntry 5 }
s.
.a
lls
yl
la
bu
TABLE
T
COLUMNAR
OBJECT 2
COLUMNAR
OBJECT 3
COLUMNAR
OBJECT 1
ENTRY
E
COLUMNAR
OBJECT 4
COLUMNAR
OBJECT 5
The objects TABLE T and ENTRY E are objects that are logical objects. They define the
grouping and are not accessible. Columnar objects are objects that represent the attributes
and hence are accessible. Each instance of E is a row of columnar objects 1 through 5.
Multiple instances of E are represented by multiple rows.
3.7 Management Information Base
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Internet
{1 3 6 1}
directory
(1)
mgmt
(2)
experimental
(3)
private
(4)
mib-2
(1)
system (1)
snmp (11)
interfaces (2)
transmission (10)
cmot (9)
ip (4)
at (3)
egp (8)
udp (7)
co
icmp (5)
bu
s.
tcp (6)
yl
la
System Group
Description (brief)
Textual description
OBJECT IDENTIFIER of the entity
Ti me (in hundredths of a second since last reset)
Contact person for the node
Administrative name of the system
Physical locati on of the node
Value designati ng the layer services provided by the
entity
.a
lls
OID
system 1
system 2
system 3
system 4
system 5
system 6
system 7
Entity
s y s De s c r
sysObjectID
sysUpTime
s y s Co n t a c t
sysName
s y s Loc at i o n
sysServices
syst e m
(mib-2 1)
s y s D es c r ( 1)
s y s O bj ec t I d
(2)
sysUpTime (3)
sysServices (7)
s y s Loc at i on ( 6)
sysName (5)
sysContact (4)
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
sysServices
s.
co
p h y s i c a l ( e . g . , r e p e a t er s )
datalink/subnetwork (e.g., bridges)
internet (e.g., IP gateways)
end-to-end (e.g., IP hosts)
applications (e.g., mail relays)
bu
layer functionality
1
2
3
4
7
sysServices OBJECT-TYPE
SYNTAX INTEGER (0..127)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"A value which indicates the set of services that this entity primarily offers.The value is a
sum. This sum initially takes the value zero, Then, for each layer, L, in the range1 through 7,
that this node performs transactions for, 2 raised to (L - 1) is added to the sum. For example, a
node which performs primarily routing functions would have a value of 4 (2^(3-1)). In
contrast, a node which is a host offering application services would have a value of 72
(2^(4-1) + 2^(7-1)). Note that in the context of the Internet suite of protocols, values should b
calculated accordingly:
yl
la
For systems including OSI protocols, layers 5 and 6 may also be counted." :: = { system 7 }
.a
lls
Interfaces Group
interfaces
(mib-2 2)
i f Num ber
(1)
i f T a bl e
( 2)
ifEntry
(1)
ifIndex (1)
ifSpecific (22)
ifDescr (2)
i f T y pe ( 3)
i f O ut Q L e n ( 2 1 )
i f O ut E r r o r s ( 2 0 )
i f M t u ( 4)
i f O ut Di s c ar ds ( 19)
i f S pe ed ( 5)
i f O ut N Uc as t P k t s ( 1 8 )
i f P hy s A ddr es s ( 6)
i f A dm i ns t at us ( 7)
i f O u t O c t et s ( 1 6 )
i f O p er S t at us ( 8)
i f Unk n o w nP r ot os ( 15)
i f Las t C ha ng e ( 9)
ifInErrors (14)
i f I nO c t et s ( 1 0)
i f I nUc as t P k t s ( 11)
Le g en d:
ifInDiscards (13)
ifInNUcastPkts (12)
I N DE X i n b o l d
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
IP Group
ip
(mib-2 4)
ipRoutingDiscards (23)
i pF or war di ng ( 1)
i p D ef a u l t T T L ( 2 )
i p N et T o M e d i aT a b l e ( 2 2 )
i pRo ut eT abl e ( 21)
ipInReceives (3)
i pI n H dr E r r or s ( 4 )
ipInAddrErrors (5)
ipFragCreat es (19)
ipFragFails (18)
ipForwDatagrams (6)
ipInUnknownProtos (7)
ipFragOKs (17)
ipInDiscards (8)
ipInDelivers (9)
ipOutRequests(10)
i pR e as m O K s ( 1 5)
ipReasmReqds (14)
i p O u t D i s c a r ds ( 1 1 )
co
ipReasmTimeout (13)
.a
lls
ipNetToMediaTable
(ip 22)
yl
la
bu
s.
ipOutNoRoutes (12)
ipNetToMediaEntry (1)
ipNetToMediaIfIndex (1)
ipNetToMediaPhysAddress (2)
ipNetToMediaNetAddress
www.allsyllabus.com
(3)
vtu.allsyllabus.com
www.allsyllabus.com
ICMP Group
icmp
(mib-2 5)
icmpInMsgs (1)
icmpInErrors (2)
icmpInDestUnre achs (3)
icmpOutTimestamps (23)
ic m p I n P a r m Pr o b e ( 5 )
icmpInSrcQuen chs ( 6)
i c m p O u tE c h o s ( 2 1 )
icmpOutRedirects (20)
icmpInEchos (8)
ic m p O u t Sr c Q u e n c h s ( 1 9 )
icmpOutP armProbe (1 8)
icmpOutTimeExcds (17)
icmpInTimestamps (10)
icmpInTimestampReps (11)
icmpOutDestUnreac hs (16)
icmpOutErrors (15)
icmpInMsgs (14)
.a
lls
yl
la
bu
s.
co
tc p
(mib-2 6)
TC P G ro up
( 1)
tcpInErrors (14)
t c p Rt o A l g or i t h m
tcpRtoMin (2)
tcpConnTable 13)
tcpRtoM ax (3)
tcpRetranSegs (12)
tcpOutSegs (11)
tcpCurrEstab (9)
tcpEstabResets (8)
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
OID
tcpConnTable
tcpconnEntry
Description (brief)
tcp 13
TcpConnTable 1
1
2
3
4
5
t c pC o nn St at e
TcpConnEntry
tcpConnLocalAddress TcpConnEntry
Tc p C o n n E n t r y
tcpConnLocalPort
tcpConnRemAddress TcpConnEntry
Tc p C o n n E n t r y
tcpConnRemPort
co
tcpConnTable
(tcp 13)
bu
s.
t c p Co n n E n t r y
( 1)
tcpConnState (1)
tcpCommRemPort (5)
tcpConnRemAddress(4)
yl
la
tcpConnLocalAddress (2)
.a
lls
tcpConnLocalPort (3)
UDP Group
OID
udp 1
udpNoPorts
udp 2
udpInErrors
udpOutDatagrams
udpTable
udpEntry
udp 3
udp 4
udp 5
udpTable 1
u d p L o c a l A d d r e ss
udpLocalPort
u dp E n t ry 1
u dp E n t ry 2
Description (brief)
Total number of datagrams delivered to the
users
Total number of received datagrams for
which there is no applicati on
Number of received datagrams with errors
Total number of datagrams sent
UDP Listener tabl e
Information about a particular connecti on or
UDP listener
Local IP address
Local UDP port
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
udp
(mib-2 7)
udpInDatagrams
(1)
udpInErrors
(3)
udpNoPorts
(2)
udpOutDatagrams
(4)
udpTable
(5)
udpEntry
(1)
udpLocalPort
(2)
udpLocAddress
(1)
.a
lls
StNNM
Pt-R
Meaqnuaegsetr
ex
Ge
Application
e
Get-Request
Set-ReqeuGstt-Response
SNMP Agent
SN
M P A g e nt
GetN
extRequest
Application
Get-Request
Gset t-Respo nse
Set-Reque
Trap
Trap
M an ag em ent
Dat a
yl
la
SN M P M a n a g e r
bu
s.
co
S N MP
S N MP
UDP
UDP
IP
IP
DL C
DL C
PHY
P HY
Physical Medium
Figure 3.16 SNMP Network Mana ge m ent Archit ecture
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
.a
lls
yl
la
bu
s.
co
It is truly simple network management protocol . Five messages, three from manager and two
fro m ag en t
SNMP Messages
Get-Request
Get-Next-Request
Set-Request
Get-Response
Trap
Generic trap
Sp e ci fi c t rap
Time stamp
Generic trap
coldStart
warmStart
linkDown
linkUp
authenticationfailure
egpNeighborLoss
enterpriseSpecific
Sp e ci fi c t rap
for special measurements such as statistics
Time stamp: Time since last initialization
SNMP Manag er
Authentication Sche me
SNM P Manager
Authentication Scheme
Authentic Messages
Authentication Sche me
SNMP Agent
www.allsyllabus.com
SNMP Manager
Authentication Scheme
vtu.allsyllabus.com
www.allsyllabus.com
read-only
write-only
Object 2
Object 3
read-write
Object 4
s.
Object 1
not-accessible
READW RIT E
co
READO N LY
yl
la
.a
lls
MIB view
An agent is programmed to view only a subset of managed objects of a network
el e m en t
Access mode
Each community name is assigned an access mode:: read-only and read-write
C o m m u n i t y p r o fi l e : M I B v i e w + a c c e s s m o d e
Operations on an object determined by community. Profile and the access mode of the
object
Total of four access privileges
Some objects, such as table and table entry are non-accessible
Administration model is SNMP access policy
SNMP community paired with SNMP. community profile is SNMP access policy
bu
Pa ram et e rs :
Community / communities
Agent / Agents
Manager / managers
Manager
Community
Agent 1
Community Profile 1
Community Profile 2
www.allsyllabus.com
Agent 2
vtu.allsyllabus.com
www.allsyllabus.com
Access Policy
Manager manages Community 1 and 2 network .Components via Agents 1 and 2. Agent 1
has only view of Community Profile 1, e.g. Cisco components. Agent 2 has only view of
Community Profile 2, e.g. 3Com components. Manager has total view of both Cisco and 3
components.
Generalized Administration Model
M an ag er 1
( Com m uni t y 1)
Com munity 1
A g e nt 1
co
Com munity 2
bu
A g e nt 3
s.
M an ag er 3
( Com m uni t y 1, C om m u ni t y 2)
A ge nt 4
yl
la
.a
lls
M an ag er 2
( Com m uni t y 2)
F i g u re 3. 1 9 S N M P A c ce s s P o l i c y
SNMP Manag er
(Community 1)
SNMP
Agent
Proxy Agent
non-SNMP
Community
SNMP Community
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Proxy agent enables non-SNMP community. The elements are managed by an SNMP manager.
An SNMP MIB is created to handle the non-SNMP objects.
3.9 SNMP Protocol Specifications
SNMP
PDU
Dat a
Application
PDU
Application
Header
Transport
PDU
UDP
Header
Network
PDU
Transport
S NM P P D U
PDU
DLC
Header
co
Network PDU
yl
la
bu
s.
Error
Index
VarBind 1
name
PDUs ::=
Error
Status
PD U
RequestID
Ty p e
.a
lls
Comm unity
Application PDU
IP
Header
Data Link
PDU
Versi on
VarBind 1
value
CHOICE {
Us
get-request Figure 5.8 GGeteatnd
ReSet
queTsytp-PeDPDU,
get-next-request
GetNextRequest-PDU,
get-response
GetResponse-PDU,
set-request
SetRequest-PDU,
trap
Trap-PDU
}
PDU Types: enumerated INTEGER
get-request
[0]
get-next-request
[1]
s et -req u es t
[2 ]
get-response
[3]
trap
[4]
www.allsyllabus.com
...
VarBind n
name
VarBind n
va l u e
vtu.allsyllabus.com
www.allsyllabus.com
Error in Response
ErrorStatus ::=
INTEGER {
noError(0)
tooBig(1)
noSuchName(2)
bad value(3)
readOnly(4)
genErr(5)
}
Error Index: No. of VarBind that the first error occurred
Generic
Trap Type
Timestamp
VarBind 1
name
VarBind 1
value
...
VarBind n
name
VarBind n
value
Description (brief)
Sending protocol entity is reinitializing itself;
agent's confi gurati on or protocol entity
impl ementati on may be altered
Sending protocol entity is reinitializing itself;
agent configuration or protocol enti ty
implementati on not altered
Failure of one of the communi cati on links
One of the links has come up
Authenti cati on failure
Loss of EGP nei ghbor
Enterprise-specific trap
bu
Specific
Trap Type
co
Agent
Address
s.
Ente
rprise
warmStart(1)
.a
lls
linkDown(2)
linkUp(3)
authenticationFailure(4)
egpNeighborLoss(5)
enterpriseSpecific(6)
yl
la
PDU
Ty p e
Tra p P D U
Enterprise and agent address pertain to the system generating the trap. Seven generic
traps specified by enumerated INTEGER. Specific trap is a trap not covered by enterprise
specific trap time stamp indicates elapsed time since last re- initialization.
www.allsyllabus.com
Agent
Proc ess
vtu.allsyllabus.com
www.allsyllabus.com
2. 1
3. 1
1. 2
2. 2
3. 2
1. 1
bu
s.
co
.a
lls
yl
la
10
18
www.allsyllabus.com
21
vtu.allsyllabus.com
www.allsyllabus.com
Get-Next-Request Operation
Manager
Process
Agent
Process
GetNextRequest (sysUpTime,
atPhysAddress)
GetResponse( (sysUpTime.0 = "315131795"),
(atPhysAddress.13.172.16.46.1 = "0000000C3920AC"))
co
s.
yl
la
bu
GetNextRequest (sysUpTime,
atPhysAddress.16.172.16.49.1)
.a
lls
GetNextRequest (sysUpTime,
atPhysAddress.23.192.168.3.1)
www.allsyllabus.com
atIfIndex atPhysAddressatNetAddress
23
0000000C3920B4192.168.3.1
13
0000000C3920AC172.16.46.1
16
0000000C3920AF172.16.49.1
GetNextRequest (sysUpTime,
atPhysAddress.13.172.16.46.1)
vtu.allsyllabus.com
www.allsyllabus.com
Chapter 4
RMON Components
Data
Analyzer
SNMP
Traffic
Router
BACKBONE
N ET W O R K
Router
SNMP
Traffic
RMON
Probe
co
L AN
bu
s.
RMON Probe Data gatherer is a physical device. Data analyzer is a processor that
analyzes data. RMON Remote Network Monitoring
4.1 Remote Monitoring
.a
lls
Router with
RMON
yl
la
R e m o t e F D DI L A N
F D DI
Backbone Network
Bridge
Router
FDDI Probe
Loc al LA N
Router
NM S
The RMON is embedded monitoring remote FDDI LAN. Analysis done in NMS
RMON Benefits
Monitors and analyzes locally and relays data;
Less load on the network
Needs no direct visibility by NMS;
More reliable information
www.allsyllabus.com
Ethernet
Probe
vtu.allsyllabus.com
www.allsyllabus.com
Pe rm i t s
monitoring
on
and hence faster fault diagnosis
Increases productivity for administrators
m o re
fre q u e n t
basis
r m onC o nf or m a nc e ( 20)
statistics (1)
probeConfig (19)
hi s t or y ( 2)
usrHistory (18)
a1M atrix (17)
alarm (3)
hos t ( 4)
a1 Hos t ( 16)
n1M atrix (15)
co
hos t T o p N ( 5)
matrix (6)
filter (7)
n1 Hos t ( 14)
addressMap (13)
c apt ur e ( 8)
protocolDist (12)
protocolDir (11)
T ok e n Ri ng ( 10)
RM O N 2
bu
RM O N 1
s.
ev ent ( 9)
yl
la
RM O N 1 E x t ens i on
4.3 RMON1
.a
lls
E n u me ration
1
2
3
4
Description
Row exists and is active. It is fully configured and operational
Create a new row by creating this object
Row is not fully active
Delete the row by disassociating the mapping of this entry
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
T o k e n Ri n g
History
History
Control
Ethernet Statistics
Ethernet
Statistics
Remotely
Monitored
Network
Ethernet
History
History
Control
Data
Gathering
Host
Statistics
HostT opN
Statistics
Network
Manager
Matrix
Statistics
F i l te r G r o u p
Event
Generation
Packet
Capture
s.
Alarm
Generation
Channel
Filtering
co
Packet
Filtering
bu
.a
lls
yl
la
0.2
fooCounts.
1.1
www.allsyllabus.com
ring,
and
vtu.allsyllabus.com
www.allsyllabus.com
fooCounts.
1.2
fooCounts.
2.1
fooCounts.
1.2
fooCounts.
3.1
fooCounts.
3.2
fooCounts.
4.2
r mo n 4
HostTopN
rm o n 5
Matrix
r mo n 6
co
Host
s.
rm o n 3
bu
Alarm
yl
la
r mo n 2
Tables
-etherStatsTable
-etherStats2Table
Periodic statistical data
-historyControlTable
collection and storage for later
-etherHistoryTable
retrieval
-historyControl2Table
-etherHistory2Table
Generates events when the data -alarmTable
sample gathered crosses pree s t a b li s h e d t h r e s h o l d s
Gathers statistical data on hosts -hostControlTable
-hostTable
-hostTimeTable
-hostControl2Table
Co mputes the top N hosts on
-hostTopNcontrolTable
t h e re s p e c t i v e c a t e g o ri e s o f
statistics gathered
Statistics on traffic between pair -matrixControlTable
of hosts
-matrixSDTable
-matrixDSTable
-matrixControl2Table
Filter function that enables
-filterTable
c a pt u re of d es i re d p ar am et e rs
-channelTable
-filter2Table
-channel2Table
Packet capture capability to
-buffercontrolTable
gather packets after they flow
-captureBufferTable
through a channel
Controls the generation of
-e v e n t T ab l e
events and notifications
See T abl e 8. 3
See Table 8.3
.a
lls
History
Function
Link level statistics
OID
rmon 1
Group
Statistics
fooCounts.
5.2
9 (Both rows #1 and #2 do not exist for time-mark greater
than 5.)Bold objects (fooTimeMark and fooIndex) are indices
Filter
rm o n 7
Packet
Ca p t u r e
rm o n 8
Event
rm o n 9
Token
Ring
rm o n 1 0
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
dataEntr y
controlT able
control
DataS ource
control
T ableSize
control
O w ner
control
Status
control
Other
control
In d e x
control
DataS ource
control
T ableSize
control
O w ner
control
Status
control
Other
data
AddlIndex
dat a
Other
data
In d e x
data
AddlIndex
dat a
Other
data
In d e x
data
AddlIndex
dat a
Other
data
In d e x
data
AddlIndex
dat a
Other
s.
co
control
In d e x
data
In d e x
controlEntry
yl
la
bu
Note on Indices:
Indices marked in bold letter
Value of dataIndex same as value of controlIndex
.a
lls
Filter Group
Control table used to set the instances of data rows in the data table. Values of data index and
control index are the same. MatrixSDTable is the source-destination table. ControlDataSource
identifies the source of the data. ControlTableSize identifies entries associated with the data
source. ControlOwner is creator of the entry.
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
filterTable
filterEntry
channelTable
channel
IfIndex
channel
Ac ceptType
channel
Acc eptType
channel
DataControl
Other
Channel
Parameters
channel
DataControl
Other
Channel
Parameters
yl
la
bu
Note on Indices:
Indices marked in bold letter
Value of filterChannelIndex same as value of channelIndex
Filter
Parameters
filterIndex
=2
filter
ChannelIndex
=1
Filter
Parameters
filter
ChannelIndex
=2
Filter
Parameters
filter
ChannelIndex
=2
Filter
Parameters
channel
Inde x = 2
channel
IfIn d e x = 1
filter
ChannelIndex
=1
filterIndex
=3
filterIndex
=4
s.
channel
Index =1
filterIndex
=1
co
channelE ntry
.a
lls
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Promiscuous History
Ri n g St at i o n
Ring Station Order
Ring Station Configuration
tokenRingPHistoryTable
ringStationControlTable
ringStationTable
ringStationControl2Table
Order of the stations ringStationOrderTable
Active configuration ringStationConfigControlTable
of ring stations
ringStationConfigTable
Utilization statistics sourceRoutingStatsTable
of source routing sourceRoutingStats2Table
information
yl
la
So u rc e Ro u t i n g
tokenRingMLHistoryTable
co
Mac-Layer History
tokenRingPStatsTable
tokenRingPStats2Table
s.
Promiscuous Statistics
Tables
tokenRingMLStatsTable
tokenRingMLStats2Table
Function
Current utilization
and error statistics of
Mac Layer
Current utilization
and error statistics of
promiscuous data
Historical utilization
and error statistics of
Mac Layer
Historical utilization
and error statistics of
promiscuous data
Station statistics
bu
collects
packets
.a
lls
4.7 RMON2
Applicable to Layers 3 and above
Functions similar to RMON1
Enhancement to RMON1
Defined conformance and compliance
ATM RMON
ATM Forum extended RMON to ATM. Switch extensions and ATM RMON defines objects
at the base layer. ATM protocol IDs for RMON2 defines additional objects at the higher levels.
ATM devices require cell-based measurements and statistics. Probe should be able to handle
high speed .
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Application
Layer
Up p e r L a y e r P r o t o c o l s
RMON-2
(RFC 2021, 2074)
Et h e r n e t
RMON
( RF C 1 7 5 7 )
Network Layer
T o k e n Ri n g
RMON
( RF C 1 5 1 3 )
Switch
Ex t e n s i o n s
f o r RM O N
'Base' Layer
AT M
RMON
Additional MIBs
IETF MIBs
co
bu
s.
A TM
Switch
yl
la
A TM
Switch
.a
lls
RMON
Probe
RMON
Probe
ATM Switch
with internal
RMON Probe
A TM
Switch
A TM
Switch
RMON
Probe
www.allsyllabus.com
reports
data,
but
vtu.allsyllabus.com
m
co
s.
bu
yl
la
.a
lls
w
www.allsyllabus.com
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Chapter 5
Corporate or enterprise
S e r v i c e p ro v i d e r s
Residence or SOHO
Ca bl e
Modem
T el eph on e
Lo op
Cable
M od e m
Head End
Cent r al
Office
E q u i pm e n t
O C- n /
STS-n
Link
Ro ut er /
ATM Switch
Satellite Communication
and/or Telephone Loop
W i r el es s
& Telephone
Lo op
Business
Cus t o m er s
.a
lls
Ro ut er /
A T M S wi t c h
yl
la
S DH / S O NE T
WA N
xDSL
Modem
s.
co
HF C
Net wor k
bu
Cable Modem
Cus t o m er
Net wor k
DSL
Wi r e l e s s
www.allsyllabus.com
W i r el es s
Cus t o m er
Net wor k
DS L
Cus t o m er
Net wor k
vtu.allsyllabus.com
www.allsyllabus.com
Fixed wireless
Satellite communication
Access Technologies
HF C
x D SL
Tw oWay
H DS L
V DS L
I SM
M M DS
LMDS
Tel ep h ony Re t u r n
AD S L
Sa t e l l i t e
Communication
Wireless
T wo Way
co
TelephonyReturn
Br o a d b a n d
Ac c e s s
Technology
Tw oWay
s.
OneWay
bu
yl
la
Two-way
downstream
at
and upstream at low frequency band
is
cable,
one-way,
upstream
high
downstream
(rev e rs e
freq u en cy
band
.a
lls
Carries voice, video and data. Upstream bandwidth requirements less compared to downstream
bandwidth. xDSL: Digital subscriber line technology
Uses existing local loop telephone facilities.Wireless: Terrestrial fixed wireless systems
Instructional scientific and medical (ISM): 902 - 928 MHz (0.5 mile) and 2400 - 2483 MHz
(15 miles). Multichannel multipoint distribution service (MMDS) 2500 - 2686 MHz (35 miles).
Local multipoint distribution service 27,500 - 28,350 MHz and 31,000 - 31,300 MHz (3 miles).
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
wireless, upstream
2-way amplifiers
Ethernet
co
Cable
Modem
s.
W AN
Fiber
2-WAY
COAX
Amplifier
.a
lls
ISP
Cable
Modem
TV Monitor
NIU
Workstation
Head end:
Fiber
Node
yl
la
Head
End
bu
Satellite
NIU
NIU
Network interface device (NID) / unit (NIU). Demarcation point between customer
network and service provider networks
B ro ad b an d L A N
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Broadband LAN
Downstream Signal
50 - 860 M H z
He a d
End
Cable
Mo d e m A
Termination
Cable
Mo d e m B
Cable
Modem C
Termination
Upstream Signal
5 - 42 MHz
s.
co
Di g i t a l
bu
Digital-to-Analog Encoding
Modulated analog
yl
la
Modem
carrier
1
0
.a
lls
time
1
frequency
Ch a n n e l
b a n d wi d t h
bit rate
s y m b o l rat e
number of levels n = 2k
Digital
Modem
www.allsyllabus.com
time
vtu.allsyllabus.com
www.allsyllabus.com
Combination of AM and PM
16-QAM = 8 PM x 2 AM or 4 PM x 4 AM
Cable Modem
HFC uses tree topology
Data over cable service specifications (DOCSIS) for cable modem ensures
interoperability
co
s.
Do w n s t r e a m
5.36 Msym/sec
38 M b ps
38 M b ps
10 M b ps
40 M b ps
.a
lls
yl
la
bu
Toshiba
R CA D C M 1 0 5
Cisco
LANcity
Motorola
Functions of Cable Modem
Termination System
to
downstream
Multiple fiber pairs run from head end to fiber node; each pair carries 2 one-way signals
Head end converts all (telephony, digital video, data, and analog video) signals to
optical carrier to transmit on the fiber.
Houses are connected from fiber node via coaxial cables
Coaxial cable are in tree topology and carries 2-way signal
Amplifiers on the coaxial cable have 2-way amplifiers that amplify the signals in both
directions
Drop from coaxial cable to NID (also called NIU) - called Tap-to-TV in CATV
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
R F S pect ru m
G u a rd
B and
42-54 MHz
Anal og
Video
54-550 MHz
Digital
Data Services
5 5 0 - 5 6 0 M Hz
Digital
Video
5 6 0 - 7 0 0 M Hz
T el epho ny
700-750 MHz
Upstream
(R ev e rs e )
5-42 MHz
Downstream (Forward)
5 4 - 7 5 0 M Hz
Digital
D a t a S erv i c es
1 0 - 2 5 M Hz
s.
Telephony
2 5 - 4 0 M Hz
yl
la
bu
Digital
Video Control
6-8 MHz
co
Upstream (Reverse)
5-42 MHz
.a
lls
Head
End
HFC Link
W AN
4
6
Cable
Modem
Subscriber
PC
Video
Cable Modem Data
Termi nation System
(CMTS)
Mod
Swi tc h / Router
Term
Data
Demod
Servers
Operations Support System/
Element Manager
Transmi tter
Fiber
Receiver
INTERFACES:
1 CMCI
Cable Modem to CPE Interface
2 CMTS-NSI
CMTS Network Si de Interface
3 DOCS-OSSI Data Over Cable Servi ces Operatio ns Support System Interface
4 CMTRI
Cable Modem to Tel co Return Interface
5 DOCSS
Data Over Cabl e Security System
6 RFI
Cable Modem to RF Interface
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
The architecture shows two-way (HFC link) and one-way (HFC link & telco return).
CMTS Components
Video
Cable Modem Data
Termination System
(CMTS)
Mod
Switch / Router
Fiber
Data
Term
Demod
s.
co
Receiver
Servers
Operations Support System/
Element Manager
Transmitter
.a
lls
yl
la
bu
Switch / router routes the traffic between cable modems and to the external network. It
interfaces to CMTS via the terminator (term). Modulator (mod) and demodulator demod)
transform digital data from and to analog format. Combiner and splitter and filter perform the
complimentary functions of muxing and demuxing. Transmitter converts the RF signals to
optical carrier; receiver down-converts the optical signal. Servers handle the applications and
databases. Security is managed by the security and access controller. OSS and element manager
perform network and service management.
DOCS Interfaces
WA N
Telco Return
4
Head
End
HFC Link
Cable
Modem
Subscriber
PC
Video
Cable Modem Data
Termination System
(CMTS)
Mod
Swi t c h / R o u t er
T e rm
Data
Demod
Servers
Operations Support System/
Element Manager
www.allsyllabus.com
Transmitter
Fiber
Receiver
vtu.allsyllabus.com
www.allsyllabus.com
s.
co
Ca b l e M o d e m
Modem Applications
SNMP Agent
.a
lls
Ap p l i c a t i o n s ,
SNMP Manager
yl
la
Head End
bu
SN M P
SN M P, F T P,
HTTP, ETC
T C P / UD P
T C P / U DP
T C P / UD P
SN M P, F T P,
HT T P , E T C
IP
IP
ATM
Li nk
SO N ET
Ap p l i c a t i o n s
HF C
Li nk
HF C
Li nk
IP
Et h e r n e t
Li nk
Ethernet
Li nk
C ab l e m o d e m s h av e SN M P ag en t s
NMS
can
be
behave as RMONs
regionalized;
then,
www.allsyllabus.com
h e ad
ends
could
vtu.allsyllabus.com
www.allsyllabus.com
CM Management MIBs
mib-2
(internet.2.1)
system (1)
doc s D ev ( 69 )
interfaces (2)
transmission (10)
i f MI B ( 3 1 )
docsTrCmMIB (128)
co
docsIfMib (127)
yl
la
bu
s.
Standard MIBs:
s y s t e m , i n t e rfa c es , i fM I B
.a
lls
in
docsDevMIB
www.allsyllabus.com
CM
and
CMTS,
vtu.allsyllabus.com
www.allsyllabus.com
docsIfMIBObjects (1)
docsIfNotification (2)
docsQosMIB (6)
docsBpiMIB (5)
docsIfConformance
(3)
docsIfCmtsObjects (3)
docsIfBaseObjects(1)
docsIfCmObjects (2)
docsBpiConformance
(3)
co
docsBpiMIBObjects
(1)
yl
la
bu
s.
docsBpiNotification
(2)
docsQosMIBObjects
(6)
docsQosIpPktClassTable (1)
docsFlowToClassTable (6)
.a
lls
docsQosEthPktClassTable (2)
docsQosServiceClassGroup (3)
docsQosFlowTable (4)
Network Layer
RF MAC Interface
docsSidToClassTable (5)
RF MAC Layer
Downstream1
Upstream1
RF Physical Layer
www.allsyllabus.com
U p s t r e a m2
vtu.allsyllabus.com
www.allsyllabus.com
docsDevMIBObjects 1
docsDevNmAccessTable
docsDevMIBObjects 2
docsDevSoftware
docsDevMIBObjects 3
docsDevServer
docsDevMIBObjects 4
bu
yl
la
.a
lls
docsDevMIBObjects 5
docsDevMIBObjects 6
docsDevFilter
docsDevEvent
docsDevCpe
docsDevBase
Description
Objects of the cable
modem and CMTS device
Extends MIB-II System
Group with objects
needed for cable device
system management
Defines the minimum
level of SNMP access
security
Provides information for
network-downloadable
software upgrades
Provides information
about the progress of the
interaction with various
provisioning servers
Provides control and
logging for event
reporting
Configures filters at link
layer and IP layer for
bridged data traffic
CPE IP management and
anti-spoofing group on
cable modems
co
OID
docsDev 1
s.
Entity
docsDevMIBObjects
docsDevMIBObjects 7
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Window
(M o d e m v o l t a g e )
Smooth
(C o n n e c t o r l o s s )
co
Sharp
(Signal/Noise)
s.
Event Index
bu
Requires
continuous
using transponders (CheetahNet)
RF Spectrum Management
.a
lls
yl
la
Allocation
of
upstream and downstream
s p e ct ru m
of
for
a m p l i fi e rs
services
30,000
bps
monitoring
Sh an n o n
l i mi t
of
(3-KHz, 30 dB S/N channel)
Digital
data rate
transmission
data
over
rate
loop
12,000 feet
www.allsyllabus.com
is
(DSL)
i m p ro v es
vtu.allsyllabus.com
www.allsyllabus.com
DSL Limitations
Loaded
coils
in
loop
distance) cannot carry digital signal
Modern
subdivisions
or curb with digital mux
Operating
issue)
(used
h av e
c o m p an y
fi b e r
inventory
to
increase
to
the
dated
neighborhood
(administrative
ADSL
Loop
Splitter
Splitter
ATU-R
s.
ATU-C
co
B roa db a n d
Ne t w o r k
bu
Voi c e
Voice
yl
la
.a
lls
FDM
Downstream
Upstream
POTS
4 KHz
25 KHz
200 KHz
Frequency
www.allsyllabus.com
analog
1.1 MHz
vtu.allsyllabus.com
www.allsyllabus.com
Rate adaptive
co
s.
yl
la
TR-014
TR-015
TR-016
A DS L F o r u m S y s t e m R e f e r e n c e M o d e l
A DS L N e t w o r k E l e m e n t M a n a g e m e n t S y s t e m
SNMP-based ADSL LINE MIB; see also draftietf-adslmib-adsllinemib-09.txt
DMT Line Code Specific MIB
CAP Line Code Specific MIB
CMIP-based Network Management Framework
.a
lls
TR-001
TR-005
TR-006
bu
ADSL Forum
achieve interoperability
accelerate implementation
s e c u ri t y
m an ag e m en t
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
VDSL Network
Central
Office
Fiber
Optical
Network
Unit
Twisted
Pair
VDSL
VDSL
Home
Network
co
s.
ADSL Network
Private
Network
Premises
Network
bu
Public
Network
A D S L A c c e s s N e tw o rk
Service
Systems
Broadband
Network
Access
Node
Narrowband
Network
.a
lls
O n - l in e S e r v ic e s
I n t e r n e t Ac c e s s
L A N Ac c e s s
Intera cti ve V ideo
Video Conf
OS
yl
la
OS
Packet
Network
ATU-C
ATU-R
A DS L
LLLLL
L
ADSL
STM
Packet
STM
Packet
ATM
ATM
Tran s po r t M o des
ATM
ADSL
AT M
ST M
TE
OS
PDN
SM
Transport Modes
www.allsyllabus.com
PDN
SM
Settop
TE (s)
TV
SM
PC I/O
TE (s)
PC
SM
ISDN
TE (s)
ISDN
vtu.allsyllabus.com
www.allsyllabus.com
ATM / STM
ATM
WAN
STM access network
(Public
network)
and
ATM / Packet
ATM WAN and packet access network (IP)
End-to-end ATM
Interfaces
An interface can have multiple physical connections
V interface
VC
interface
between
acces s
external network and interfaces
U
interfaces
o ff
the
splitters;
Will
be
ADSL-Lite
POTS interfaces - low pass filter interfaces for POTS
T and B are customer premises network interfaces
T between PDN and service modules
B auxiliary data input (e.g., satellite feed)
ADSL Channeling Schemes
node
and
eliminated
with
Seven
AS
downstream
- multiples (1-, 2-, 3- or 4-) T1 rate of 1.536 Mbps
ch an n el s
Three
LS
- 160. 384, and 576 Kbps
channels
.a
lls
yl
la
bu
s.
co
duplex
B u f f e ri n g s c h e m e
Fast channel: uses fast buffers for real-time data
Interleaved channel: used for non-real-time data
Both
fast
and
same physical channel
interleaved
channels
www.allsyllabus.com
c a rri ed
on
the
vtu.allsyllabus.com
www.allsyllabus.com
V-C
T/S
Se r v i c e
Module
Network Termination
Broadband PHY
Network Layer
Switch
ATU-C
ATU-R
S wi t c h
PH Y
Layer
Home
Ne t w o r k
U-C2
Se r v i c e
Module
U-R2
Hi g h
Pa s s
Filter
Loop
U-CU-R
L ow
Pa s s
Fi l t er
POTS
Splitter-R
Telephone Set
or
Voice-Band Modem
s.
Splitter-C
Lo w
Pa s s
Filter
PS T N
co
PS T N
High
Pa s s
Filter
.a
lls
yl
la
bu
Interfaces:
T-R Interface between ATU-R and Switching layers
T/S Interface between ADSL Network Termination and customer installation or home network
U-C Interface between Loop and ATU-C (analog)
UC2 Interface between POTS splitter and ATU-C
U-R Interface between Loop and ATU-R (analog)
U-R2 Interface between POTS splitter and ATU-R
V-C Logical interface between ATU-C and a digital network element such as one or more switching systems
Management Elements
Management
across V-interface
communications
protocol
Management
across U-interfaces
communications
protocol
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Note
addition
of
physical
m a n a g e m e n t a r c h i t e c t u r e r e p r e s e n t at i o n
Fa s t ch an n el
Interleaved channel
switching
in
the
DMT
CAP
co
yl
la
bu
Physical channel
and
s.
layer
Reduce power
.a
lls
Increase power
Data
rat e:
threshold margins
In c re as e
or
www.allsyllabus.com
d e c re as e
b as ed
on
vtu.allsyllabus.com
www.allsyllabus.com
Data
rat e
adaptation
automatic at start-up (2), and dynamic (3)
m o d es :
Manual
Component Line
Descri ption
ADSL Line N/A Five types: no channel, fast,
i nterl eaved, either or both
ADSL Line N/A ADSL coding type
A T U- C/ R
Phy Noise margin under steady
state (BER= <10-7)
A T U- C/ R
Phy Modem reduces power above
this threshold
A T U- C / R
P h y M o d e m i n c r e a s es p o w e r b e l o w
this margin
A T U- C/ R
Phy Mode 1: Manual
Mode 2: Select at start-up
Mode 3: Dynamic
A T U- C/ R
Phy Threshold for modem incr eases
d at a r at e
A T U- C/ R
Phy Ti me i nterval to upshi ft
ADSL Li ne coding
Target noise margin
Max. noi se margin
Min. noi se margin
A T U- C/ R
A T U- C/ R
A T U- C / R
A T U- C/ R
A T U- C/ R
A T U- C/ R
.a
lls
A T U- C/ R
A T U- C / R
A T U- C/ R
A T U- C/ R
A T U- C/ R
A T U- C/ R
Rate up threshold
Rate down threshold
Vendor ID
Version No.
Serial No.
Alarm threshol ds
yl
la
s.
bu
co
Fault Management
Parameter
ADSL Line status
Component
ADSL Line
Line
Phy
Alarms thresholds
ATU-C/R
P hy
ATU-C/R
P hy
R a te c h a n g e
ATU-C/R
P hy
Description
Indicates operational and
various types of failures of
the link
Generates alarms on failures
or crossing of thresholds
Initialization fail ure of ATU-R
from ATU-C
Event generati on when rate
changes when crossi ng of
shift margins in both
upstream and downstream
www.allsyllabus.com
(1),
vtu.allsyllabus.com
www.allsyllabus.com
Line
Phy
Noise margin
A T U- C / R
Phy
A T U- C / R
Phy
A T U- C / R
Phy
A T U- C / R
F /I
A T U- C / R
F /I
A T U- C / R
F /I
A T U- C / R
F /I
A T U- C / R
Phy
F/I
s.
bu
.a
lls
Current rate
Descripti on
Measured power loss in dB
from transmitter to receiver
AT U
Noise margin in dB of the
ATU with respect to received
signal
Total output power from the
modem
Max. currently attai nable
dat a r at e by t h e m o de m
Current transmit rate to
which the modem is adapted
Rate of the modem before
the last change
Data block on which CRC
check is done
Transmit delay introduced
by the interleavi ng process
15 minute / 1 day failure
statistics
Co m p o n e n t
A T U- C / R
co
P a ra m e t e r
Line attenuation
yl
la
Performance Management
A DS L S N M P M I B
handled
Su b -l ay e rs
ifStackTable {ifMib.ifMIBObjects 2} (RFC 1573)
P ro p o s e
adslPhysIf
::=
adslInterIf
::=
adslFastIf ::= {transmission 125}
www.allsyllabus.com
by
{transmission
{transmission
ifMIB
ifTypes
94}
124}
vtu.allsyllabus.com
www.allsyllabus.com
adslF orum
(1.3.6.1.4.1.xx)
adslMIB
(1 )
adslLineMib
(1 )
adslTraps (2)
adslLineT able
( 1)
adslAtucPhysT able (2)
adslLineAlarmConfProfileT able(15
adslLineConfProfileT able(14)
adslAturC hanInterv alTable (13)
co
adslAtucChanIntervalT able(12)
adslAturC hanP erfDataT able (11)
s.
bu
yl
la
adslLCSMi b (16)
.a
lls
Proposed IF Types
Higher Layer IF
(e.g.: ATM)
Higher Layer IF
(e.g.: ATM)
Fast Channel IF
(ATU-C & ATU-R)
ifType = Fast (125)
ifIndex = k
Interleaved Channel IF
(ATU-C & ATU-R)
ifType = Interleaved (124)
ifIndex = j
Physical Line IF
(ATU-C & ATU-R)
ifType = ADSL (94)
ifIndex = i
Figure 5.13 Relationship between ADSL Entries
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
ifDescr
ifType (IANA)
ifSpeed
NOR M A L
94
ATU-C Line Tx
rate
NU L L
NOR M A L
NOR M A L
NOR M A L
NOR M A L
(default: Enable)
True
NU L L
P e r f o r m a n c e p r o fi l e
Alarm profile
Traps
Generic
Loss of frame
Loss of signal
Loss of power
Error-second threshold
Data rate change
Loss of link
ATU-C initialization failure
yl
la
Configuration profile
.a
lls
bu
s.
ifPhyAddress
ifAdminStatus
ifOperStatus
ifLastChange
ifLinkUpDownTrap
Enable
ifConnectPresent
ifHighSpeed
Interleaved
Channel (j)
N ORM A L
124
ATU-C channel
Tx rate
N UL L
N ORM A L
N ORM A L
N ORM A L
N ORM A L
(default: Enable)
False
N UL L
Fast
Channel (k)
NO R M A L
12 5
ATU-C channel
T x r a te
NULL
NO R M A L
NO R M A L
NO R M A L
NO R M A L
(default: Enable)
False
NULL
co
MIB Variable
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
i f T abl e
Configuration
Profile Table
profileIndex
i1
j1
Interleav ed Chan
k1
i2
j2
Interleav ed Chan
k2
Profile-1
Profile-2
Profile-n
ix
jx
Interleav ed Chan
kx
s.
bu
co
i f I ndex
ifIndex
i1
j1
j2
Interleaved Cha n
jx
kx
i1
Profile-i1
Fast Ch an E ntry
ix
Configuration
Profile T able
Interleaved Cha n
i2
k2
profileIndex
k1
ifTable
.a
lls
ADSL-Line
yl
la
i2
Profile-i2
Fast Ch an E ntry
ix
Interleaved Cha n
Fast Ch an E ntry
www.allsyllabus.com
Pro file-in
vtu.allsyllabus.com
www.allsyllabus.com
Chapter 6
Network Management Applications
Service
Management
System
Management
co
Network
Management
System
Resources
yl
la
Network
Elements
bu
s.
Element
Management
.a
lls
T M N a rch i t e ct u re ex p an d e d t o i n cl u d e s y s t e m s m an ag e m en t
Management Applications
OSI Model
Configuration
Fau l t
Pe rfo r m an c e
S e c u ri t y
Accounting
R e p o rt s
Policy-based management
www.allsyllabus.com
Resource
Management
vtu.allsyllabus.com
www.allsyllabus.com
Network Provisioning
Inventory Management
Equipment
Facilities
Network Topology
Database Considerations
Circuit Provisioning
s.
co
Examples:
yl
la
bu
ATM networks
R e co rd
Keeping
.a
lls
TIRKS
(Trunk
In t eg rat ed
System) for circuit-switched networks
E1 in TIRKS for equipment management
Network Topology
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Hu b 1
Port A
S egm ent A
A1
A2
Router
Port B
Segment B
B1
Hu b 2
A1
B2
A2
Segment A / H ub 1
Router
co
Segment B / H ub 2
B2
s.
B1
bu
.a
lls
yl
la
A1
B1
Segment B
Port A / Segment A
Port A / Segment B
Segment A
Router
Hu b 1
Segment A
Switch
A2
Segment B
Hu b 2
www.allsyllabus.com
B2
vtu.allsyllabus.com
www.allsyllabus.com
A1 (Hub 1)
A2 (Hub 2)
Se g m e n t A / H u b 1 & 2
Router
switch
Se g m e n t B / H u b 1 & 2
B2 (Hub 2)
B1 (Hub 1)
Figure 6.4 Lo gical Configuration of Two VLAN Segments
Physical and logical configurations different. Physical location obtained from System group
s.
bu
Fault detection
Polling
yl
la
.a
lls
co
Fault location
Detect all components failed and trace down the tree topology to the source. Fault
isolation by network and SNMP tools. Use artificial intelligence / correlation techniques.
Restoration of service. Identification of root cause of the problem. Problem resolution.
Tools
Performance Metrics
Data Monitoring
Problem Isolation
Pe rfo rm an c e St at i s t i cs
Tools:
Protocol analyzers
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
R MO N
M RT G
Performance Metrics
Macro-level
Micro-level
Bandwidth
Utilization
Error rate
Peak load
Average load
co
s.
Throughput
Response time
Availability
Reliability
bu
yl
la
.a
lls
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
International
Backbones / N atio nal
Regional / Midlevel
Stub / Enterprise
End-Systems / Hosts
co
bu
Normal behavior
Abnormal
behavior
high packet loss, etc)
Se t
up
t rap s
(e.g.,
p a ram et e rs
in RMON on object identifier of interest)
excessive
in
collisions,
alarm
group
.a
lls
yl
la
(e . g . ,
Data monitoring
Problem isolation
s.
Problems
in
tracking down the topology
multiple
Performance Statistics
Traffic statistics
Error statistics
www.allsyllabus.com
components
needs
vtu.allsyllabus.com
www.allsyllabus.com
Used in
B a s i c el e m en t s
.a
lls
yl
la
bu
s.
Rule-based reasoning
Model-based reasoning
Case-based reasoning
Codebook correlation model
State transition graph model
Finite state machine model
Rule-Based Reasoning
co
QoS tracking
Performance tuning
Validation of SLA
Trend analysis
Facility planning
Functional accounting
6.5Event Correlation Techniques
Data Level
Create
new data
elements
Working Memory
Recognize
Modify
attributes
of data
elements
Remove
data
elements
Inference Engine
Match
potential
rules
Select
best
rule
Act
Invoke
action
Knowledge Level
www.allsyllabus.com
Control Level
Knowledge Level
vtu.allsyllabus.com
www.allsyllabus.com
Knowledge base contains expert knowledge on problem symptoms and actions to be taken
if
-> then, condition ->
action. Working memory contains topological and
state information of the network; recognizes system going into faulty stat e. Inference engine in
cooperation with knowledge base decides on the action to be taken. Knowledge executes the
action
Rule-Based Reasoning
knowledge
base
poses
instability
g re en
yellow
red
bu
s.
Ru l e - b as ed p a rad i g m i s an i t e rat i v e p ro c es s
RBR is brittle if no precedence exists
An
exponential
growth
in
problem in scalability
Problem
with
i f p a ck et l o s s < 1 0 %
al a rm
if packet loss => 10% < 15%
alarm
if packet loss => 15%
alarm
Solution using fuzzy logic
co
yl
la
.a
lls
Ba c k b o n e
Ro u t e r A
Al a r m A
Al a r m B
Hu b C
Al a r m C
Ro u t e r B
Server D1
S e r v e r D2
Server D3
www.allsyllabus.com
Server D4
Alarms Dx
vtu.allsyllabus.com
www.allsyllabus.com
Model-Based Reasoning
NMS / Correlator
Backbone
Network
Router
Model
Hub2
Hub2
Model
Hub1
Model
Hub3
Hub3
Model
co
Hub1
Router
Equivalent Model
s.
Physical Network
bu
Object-oriented model
Model is a representation of the component it models
Model has attributes and relations to other models
Relationship
between
o b j e ct s
reflected
relationship between models
Case-Based Reasoning
in
Case
Library
.a
lls
yl
la
Input
Retrieve
Adapt
Process
Unit of knowledg
RBR
rule
www.allsyllabus.com
similar
vtu.allsyllabus.com
www.allsyllabus.com
CBR
case
CBR based on the case experienced before;extend to the current situation by adaptation
Parameterized adaptation
Critic-based adaptation
bu
s.
co
Trouble: file_transfer_throughput=F
Additional data: none
Resolution: A=f(F), adjust_network_load=A
Resolution status: good
.a
lls
yl
la
Trouble: file_transfer_throughput=F
Additional data: none
Resolution: B=g(F), adjust_network_bandwidth=B
Resolution status: good
Trouble: file_transfer_throughput=F
Additional data: adjust_network_load=no
Resolution: B=g(F), adjust_network_bandwidth=B
Resolution status: good
A = f(F )
B = g (F)
Adjust bandwidth
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
CBR-Based Critter
Network
Spectrum
Configuration
Management
Fault
Detection
CRITTER
Fault Management
Fault Resolution
Case
Library
Application
Techniques
Process
User-based
Adaptation
bu
s.
Determinators
Propose
Adapt
Retrieve
co
Input
User
yl
la
P ro p o s e
is
additional
architecture; permits manual intervention
(5th)
module
to
C BR
.a
lls
Event
Model
Correlator
Network
Monitors
www.allsyllabus.com
Problems
vtu.allsyllabus.com
www.allsyllabus.com
2.
Correlator
compares
and identifies the problem.
s.
events
with
codebook
bu
alarm
co
1.
yl
la
Causality Graph
E5
E6
E7
.a
lls
E4
E2
E3
E1
at
events
www.allsyllabus.com
causing
as
event
problems
and
and
vtu.allsyllabus.com
www.allsyllabus.com
S2
S3
P1
P2
P3
S4
co
P1 c au s es S1 an d S2
Note
d i re ct ed
edge
from
S1
S2 is caused directly or indirectly (via S1) by P1
to
S2
removed;
g ra p h
after
removing
Codebook
P1
1
1
0
0
P2
1
1
1
0
P3
0
1
1
1
S1
S2
S3
S4
.a
lls
yl
la
bu
s.
It
is
d e ri v e d
from
causality
directed edges of propagation of symptoms
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Correlation Matrix
S1
S3
P1
1
0
P2
1
1
P3
0
1
P3
s.
P2
bu
P1
co
S1
.a
lls
yl
la
11
10
5
7
6
3
Causality graph has 11 events - problems and symptoms. Mark all nodes that have onl y
emerging directed edges as problems - Nodes 1, 2, and 11. Other nodes are symptoms.
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
S
9
10
P
5
11
8
7
S
6
3
2
P
co
Symptoms
3,
4,
o n e s y mp t o m, s a y 3
are
S7
and
S1 0
h en c e i g n o red
S8
causes
S9.
Keep
S9
and
for
this
would
be
more
obvious
reduction of codebook to correlation matrix
bu
and
s.
c au s e d
by
.a
lls
yl
la
are
cyclical:
S3
eliminate
if
we
11
www.allsyllabus.com
and
rep l a c e
with
S5
and
S8;
go
reason
through
vtu.allsyllabus.com
www.allsyllabus.com
S3
S6
S9
P1
1
0
1
P2
1
1
0
P11
1
0
1
Codebook Enhancements
Codebook
d e s c ri b e d
so
far
as s u m es
distance of 1 for uniqueness
Noise affects accuracy
Increase Hamming distance to >1
Probability
of
a
problem
causing
a
assumed
as
1.
It
can
be
m ad e
Si
=
be more realistic
State Transition Model
Used in Seagates NerveCenter correlation system
Integrated in NMS, such as OpenView
Used to determine the status of a node
bu
s.
co
ping
.a
lls
response
yl
la
ping node
receive response
Backbone
Network
Router
Hub1
Hub2
Physical Network
www.allsyllabus.com
Hub3
Hamming
symptom
Pr(Pj )
to
vtu.allsyllabus.com
www.allsyllabus.com
ping hub
response
pi ng
r ec ei v e r es p o ns e
No r es p ons e
co
pinged twice
(Ground stat e)
s.
No r es p ons e
bu
pinged 3 times
No r es p ons e
ping router
yl
la
Re qu es t
No r es p o ns e
from Router,
No action
r ec ei v e r es p o ns e
from router
Res po ns e
.a
lls
F i g u r e 6 . 1 6 S t at e T r a n s i t i o n G r a p h E x a m p l e
S er v er
Client
Re qu es t
M es s ag e
S en d R e qu es t
Res p ons e
Re qu es t
Rec ei v e R es p ons e
Comm unication
Ch an nel
Res po ns e
M es s ag e
www.allsyllabus.com
Rec ei v e R eq u es t
S en d
Rec ei v e
S en d R es po ns e
vtu.allsyllabus.com
www.allsyllabus.com
Finite state machine model is a passive system; state transition graph model is an active
system. An observer agent is present in each node and reports abnormalities, such as a Web
agent. A central system correlates events reported by the agents. Failure is detected by a node
entering an illegal state
6.6 Security Management
Security threats
Policies and Procedures
Resources to prevent security breaches
Firewalls
Cryptography
Authentication and Authorization
Client/Server authentication system
Message transfer security
Network protection security
co
bu
s.
Security Threats
.a
lls
yl
la
Modification of information
Masquerade
Message stream modification
Management
Entity A
Management
Entity B
Disclosure
Figure 6.18 Security Threats to Management Information
SNMPv3 addressed security threats using USM (user-based security model). USM has two
modules:
Authentication module
One-to-one
configuration
mapping
between
P ri v a c y m o d u l e
Data confidentiality
www.allsyllabus.com
physical
and
logical
vtu.allsyllabus.com
www.allsyllabus.com
Message timeliness
M e s s ag e p ro t e ct i o n
Policies and Procedures
Basic guidelines to set up policies and procedures:
1.
2.
3.
4.
Review the process continuously and make improvements to each item if a weakness is found
R e fe ren c e s :
Formal statement of rules for protecting
2196)
Orange Book by National Computer Security Center (NCSC) rates computers based on
security design features
.a
lls
yl
la
bu
s.
co
Client A
Se c u r e d
Ne t w o r k A
F i r e wa l l
Gateway
Cl i e n t B
Rout er
Se r v e r A
Ne t w o r k B
Security breach could occur by intercepting the message going from B to A, even if B
has permission to access Network A
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Firewalls
policy
and
co
of
B e n e fi t s
SM T P G at e w ay
yl
la
Ethernet
FTP Gateway
Packet Filtering
Ro u t e r
I nt e rn et
.a
lls
S c ree ne d
SMTP & FTP
bu
s.
Trash
Secured Network
Source
and/or
address, such as ftp port 21
destination
TCP/UDP
Multistage screening - address and protocol. Works best when rules are simple.
www.allsyllabus.com
port
vtu.allsyllabus.com
www.allsyllabus.com
Secured
Network
Secured
LAN
Firewall 1
Firewall 2
Internet
Proxy
Services
Application
Gateway
Figure 6.21 Application Level Gateway
yl
la
.a
lls
bu
s.
co
Firewalls 1 and 2 route traffic only from and to the secured LAN
Secured LAN is gateway LAN
Behavior of application gateway dependent on the application
FTP traffic stored and forwarded after validation
TELNET hosts validated for the session and then direct communication established
Cryptography
S e c u ri t y t h r e a t s
Modification of information
Masquerade
Message stream modification
Disclosure
Hardware and software solutions
Plaintext
EncrypStieocnret Key
Transmission
Channel
C i p h e rt e x t
DecryptiSoencret Key
www.allsyllabus.com
Plaintext
vtu.allsyllabus.com
www.allsyllabus.com
Caesar cipher: each letter replaced by another letter, which is three letters behind in the
alphabet
Maximum of 26 attempts to decode Caesar cipher
Monoalphabetic cipher: Replace a letter with another randomly chosen; Maximum
attempts to decode 26!
One secret key is needed between each pair
Two standard algorithms for secret key:
DES
(Data
Encryption
64-bit message blocks and 56-bit key
IDEA
(International
Data
Encryption
64-bit message blocks and 128-bit key
Principle
b as ed
on
rearranging
the
times based on predetermined algorithm and secret key
blocks
Algorithm):
several
co
St an d a rd ):
bu
s.
En c r y p t i o n
Plaintext
yl
la
Transmission
Ch a n n e l
Ciphertext
Private Key
Plaintext
.a
lls
Public Key
Decryption
Message Digest
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Digital Signature
Plaint ext
Plaint ext
Plaintext
Ri t a' s P ubl i c K ey ( R)
Digital
Signature
Plaintext
Encryption
Transmission
Chan nel
Decryption
Signature
Validation
s.
co
I a n ' s P u b l i c K ey ( S )
.a
lls
yl
la
bu
Client/server environment
Ticket-granting system
Authentication server system
Cryptographic authentication
Messaging environment
e-mail
e-commerce
Authorization grants access to information
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Ticket-Granting System
Kerberos
Client
Workstation
User
Inp ut
Authentication
Server
Application
Server /
Service
Tick etGranting
Server
co
s.
Authentication Server
bu
Client
W o rk s t a t i o n
Authentication
yl
la
User
I nput
A u t h e n t ic a t i o n
Server
P rox y S e rv er
.a
lls
S e r v ic e
A p p l ic a t i o n
Server /
S erv i c e
Authentication
www.allsyllabus.com
agent
to
the
cl i en t
vtu.allsyllabus.com
www.allsyllabus.com
Secure
an d s e cu red
m e s s ag e
needs
to
be
X-400:
OSI
specifications
framework; not implementation specific
End-to-end cryptography
Provides
d e fi n e
yl
la
bu
s.
that
co
authenticated
Confidentiality
Authentication
.a
lls
Data
encryption
key
public
key-based
ag re ed u p o n m et h o d
PE M
processes
m e s s ag e en co d i n g
(DEK)
co u l d
originator
be
and
secret
or
receiver
b as ed
on
MIC-ONLY
ENCRYPTED
www.allsyllabus.com
cryptography
and
vtu.allsyllabus.com
www.allsyllabus.com
PEM Processes
MIC
Encrypted DEK
Text
User Plaintext
SMTP Format
Conversion
SMTP
Text
MIC
Generator
MIC-CLEAR
PEM
MIC/DEK
e-mail
System
MIC
Encrypted DEK
SMTP Format
Conversion
SMTP
Text
Encoder
(Printable
code)
MIC
Generator
Encoded Text
MIC ONLY
PEM
s.
User Plaintext
co
MIC/DEK
bu
MIC
Encrypted DEK
SMTP
Text
MIC
Generator
.a
lls
SMTP Format
Conversion
yl
la
User Plaintext
Legend:
DEK Data Encryption Key
IK Interexchange Key
MIC Message Integrity Code
SMTP Simple Mail Transfer Protocol
e-mail
System
Encrypted &
Encoded
Message
MIC/DEK
Padding &
Encryption
Encoder
(Printable
code)
ENCRYPTED
PEM
e-mail
System
DEK a random number generated per message basis: used to encrypt the message text
and generate MIC. IK a long-range key agreed upon between the sender receiver used to
encrypt DEK: IK is either public or secret. Public key avoids repudiation.
Pretty Good Privacy
Signature generation
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Encrypts
hash
using RSA algorithm
code
with
PGP
similar
compression
to
en c ry p t e d
senders
with
PEM
P ubl i c K ey
Encryption
Compression
s.
Concatenation
added
Signature
Generation
e-mail
conversion
Encrypted &
Compressed
Message
e-mail
system
bu
Plaintext
key
Signature
co
Plaintext
private
.a
lls
yl
la
Private Key
SNMPv3 Security
www.allsyllabus.com
vtu.allsyllabus.com
www.allsyllabus.com
Encrypted
scopedP D U
Pr i v a c y
Module
scopedP D U
Encryption Key
password
authoritativeSnmpE ngin eId
wholeMsg
authKey
USM
authenticated
wholeMsg
co
Executable programs that make copies and insert them into other programs
Attacks hosts and routers
Attack infects boot track, compromises cpu, floods network traffic, etc.
Prevention is by identifying the pattern of the virus and implementing protection in virus
ch e ck ers
bu
s.
Accounting Management
yl
la
Least developed
Usage of resources
Hidden cost of IT usage (libraries)
Functional accounting
Business application
.a
lls
HMAC Gen.
Au t h e n t i c a t i o n
Module
Virus Attacks
USM
s p a ce
Distinction
between
policy
responsibility and accountability
consists
of
objects
(al a rm s
with
and
rule;
policy
assigns
SLA
m an ag em en t
QoS of network
S L A d e fi n e s
of
service
www.allsyllabus.com
equivalent
to
vtu.allsyllabus.com
Negotiation of SLA
Generation of reports
SLA characteristics
Se rv i c e p a ra m et e rs
Se rv i c e l ev el s
Component parameters
Component-to-service mappings
s.
co
yl
la
bu
Network
Attributes
.a
lls
P o li c y S p a c e
Do m a i n S p a c e
P o l i c y D r iv e r
www.allsyllabus.com
Rule Space
www.allsyllabus.com
Action Space