Traditional system administrators concerned the problem is a number of issues, such as installation configuration, backup recovery, resource sharing, system security and performance optimization, etc. are important aspects of today's network management. Not only that, but the complexity of the network makes managed objects are not concentrated in the system, but disperse. Distributed management inevitably requires network administrators to re-understand system management on the network's protocol hierarchy, that is, from the physical layer, link layer, network layer, transport layer, and application layer. content. In combults, these aspects, plus the management capabilities of the application (or business), is the main direction of today's network management software.
The classification of network management and network management software is required to write separately. This article simply introduces an example of the basic elements of network management and network management protocols - SNMP.
Elements of network management systems
A typical network management system includes four elements: administrators, management agents, management information databases, proxy service devices. Generally speaking, the top three elements are required, and the fourth is just optional.
1. Manager
One of the important functions of network management software is to assist network administrators to complete the work of the entire network. Network Management Software requires administrative agents to regularly collect important device information, and the collected information will be used to determine whether a separate network device, part network, or the entire network running status is normal. Administrators should regularly query information about host operation status, configuration, and performance, etc. collected by the management agent.
2. Manage agent (Agent)
The network management agent is a software module residing in a network device. The device here can be a UNIX workstation, a network printer, or other network devices. Management agent software can obtain the operation status of the local device, device characteristics, system configuration, etc. related information. Managing agent software is like an information broker of each managed device, which completes the task of acquisition information arranged by the network administrator. The role of management agent software is to act as an intermediary between the management system and the management agent software resident device, manage the device by controlling the information in the management information database (MIB) of the device. The management agent software can transform the network administrator in accordance with the standard network format, collect the required information, and then return the correct response. In some cases, administrators can also command the system to perform some kind of operation by setting a MIB object.
The management agent software of many network devices such as routers, switches, hubs, etc., is generally provided by the original network device manufacturer, which can be used as part of the underlying system or as an optional upgrade module. Equipment manufacturers determine which MIB objects can be controlled by their management agent software, which objects can reflect the problem of managing agent software developers.
3. Manage Information Database (MIB)
The Management Information Database (MIB) defines a data object that can be controlled by the network management system. MIB is an information repository that includes thousands of data objects, and network administrators can control, configure, or monitor network devices by directly controlling these data objects. The network management system can control the MIB data object via the network management agent software. Regardless of how many MIB data objects, management agents need to maintain their consistency, which is also one of the tasks of managing agent software. There are several generic standard management information databases that have now been defined, including special objects that must be supported in network devices, so several MIBs can support Simple Network Management Protocol (SNMP). The most widely used, most common MIB is MIB-II. In order to utilize different network components and technologies, some other types of MIB have been developed, which are recorded in the RFC (Request for Comments).
4. Agent equipment (Proxy)
The agency device has a bridge between the standard network administrator software and the system that does not directly support the standard protocol. Using proxy equipment, you can implement the transition from the old protocol to the new version without upgrading the entire network. For network management systems, it is important to use the protocols used between administrators and proxy, such as SNMP, and the MIB libraries they follow. Below, we introduce them separately.
SNMP protocol overview
SNMP (Simple Network Management Protocol) Simple Network Management Protocol, which provides a framework for the network management system. The application range of the SNMP protocol is very broad, and many types of network devices, software and systems are used, mainly because the SNMP protocol has the following features:
First, SNMP is easy to implement relative to other types of network management systems or management protocols. SNMP management protocol, MIB and other related architectures can operate on a variety of different types of devices, including low-end personal computers to high-end large hosts, servers, and routers, and other network devices. A SNMP management agent component does not require a large memory space at runtime, so there is no need for too strong computing power. The SNMP protocol can generally be quickly developed in the target system, so it is easy to appear in new products or upgraded old products in the market. Although the SNMP protocol lacks certain advantages of other network management protocols, it is simple, flexible, easy to use, which greatly makes up for other shortcomings in the SNMP protocol application.
Second, the SNMP protocol is open free of charge. The SNMP protocol can only be changed by IETF's standard agenda (ITF is an organization under IAB); the manufacturers can also change the SNMP protocol privately, but the result of this is likely to be lost because they must convince other manufacturers and users. Supports their non-standard improvement to the SNMP protocol, but this is contrary to their original intentions.
Third, SNMP protocols have many detailed documentation (such as RFC, and other articles, manual, etc.), and the network industry has a more in-depth understanding of this agreement, these are the foundation of the SNMP protocol.
Finally, the SNMP protocol can be used to control various devices. For example, telephone systems, environmental control devices, and other devices that can access networks and require control, these non-conventional equipment can use SNMP protocols.
It is because of these features, the SNMP protocol has been considered to be the preferred management protocol for network equipment manufacturers, application software developers and end users.
SNMP is a connectionless protocol, meaningless means it does not support this specialized connection like Telnet or FTP. SNMP transmits information between management proxy and administrators by using request message and returning response. This mechanism reduces the burden of management agents, which does not have to support other protocols and process processes based on the connection mode. Therefore, the SNMP protocol provides a unique mechanism to handle problems in reliability and fault detection.
In addition, network management systems are typically installed in a relatively large network environment, including a large number of different kinds of networks and network devices. Therefore, in order to divide management responsibilities, the entire network should be divided into several user partitions, which can be classified as the same SNMP partition that meet the following conditions: They can provide the boundary lines for implementing the security required by the partition. The SNMP protocol supports this security model based on community string information, which can be added to each network device in the selected partition by physical manner. At present, the partition-based authentication model is considered to be very unresolved in the SNMP protocol, and there is a serious security issue. The main reason is that the SNMP protocol does not provide encryption function, nor does it guarantee that the partition information is directly copied from the network during the SNMP packet switching process. Simply use a packet capture tool to decrypt the entire SNMP packet, so that the partition name is exposed. For this reason, most sites prohibit the management of the agency device. But there is a side effect that can only monitor the value of the data object without changing them, limiting the availability of the SNMP protocol. SNMP command and packet
The SNMP protocol defines the format of the packet, and the information exchange between network administrators and management agents, which also controls the MIB data object of the management agent. Therefore, various tasks that can be used to process the management agent definition. The SNMP protocol is easy to use because it provides three basic operation commands for controlling the MIB object. They are: SET, GET, and TRAP:
SET: It is a privilege command because it can change the configuration of the device or the operation of the device.
GET: It is a command that is the highest use in the SNMP protocol, because the command is a basic way to obtain management information from the network device.
Trap: Its function is that there is no particular situation or problem that is notified by the management agent without clear request.
The SNMP protocol also defines the message stream when performing the above three commands, but it does not define other device management agent commands, which can be applied to the MIB data object only SET and GET commands, the target of these two commands is data objects. Value. For example, the Reboot command is not defined in the SNMP protocol; however, the management agent software links the internal commands of the MIB data object and the device so that some special command operations can be implemented. If you want to restart a device, the management system sets the value of a MIB data object related to the restart to 1 (our assumption). This triggers the management agent to execute a command to restart the device, and reset this MIB data object to its original state.
A SNMP message consists of three parts: Version Field, a SNMP Protocol Data Unit Field, and the length of the packet is not fixed.
Version Domain: This domain is used to explain which version of the SNMP protocol is now used. Currently, Version 1 is the most widely used SNMP protocol.
Subregional: Community is a basic security mechanism for authentication of SNMP network administrators to access SNMP management agents. Community Name is a password for managing agency. The premise of administrators is allowed to access data objects is the password of the network administrator knowing the network agent. If the configuration management agent can execute the trap command, when the network administrator querys the management agent with an error, the system sends an AutentationalFailure Trap message.
The protocol data unit: five types of the PDU of SNMPv1, some are requests, some of which are responses. They include: GetRequest, GetNextRequest, SetRequest, GetResponse, Trap. SNMPv2 adds two PDUs: GetBulkRequest and InformRequest. SNMP administrators use GetRequest to retrieve information from the network device with the SNMP proxy, the SNMP agent responds to getRequest in the GetResponse message. There are many information that can be exchanged, such as the name of the system, the system runs normally after starting, the number of network interfaces in the system, and the like. GetRequest and GetNextRequest are combined using objects that can get a table. GetRequest retrieves a specific object; use GetNextRequest to be the next object in the request table. Use SetRequest to remotely configure the parameters in a device. Set-request can set the name of the device, turn off a port or clear an item in an address resolution table. TRAP is a SNMP trap, which is a non-request message sent to the management station. These messages informed that the management station has a specific event, such as port failure, power-down reproduction, etc., the management station can process it accordingly.
MIB overview
Management Information Database (MIB) is an information repository that contains data on configuration and performance in the management agent, with an organizational system and common structure, which contains many data objects that belong to different groups. As shown below.
The MIB data object is tissue in a tree hierarchy, and each of the branches in this tree structure has a dedicated name and a digital form of identifier. The above figure shows the standard MIB organizational system, listing the entire contents of the tree root from the MIB tree to each layer. The branch of the tree is actually expressed as the logical grouping of the data object. And leaves, sometimes called nodes, representing individual data objects. The bon tree is used in the tree to indicate an increased intermediate branch and increased leaves.
Using this tree hierarchy, the MIB browser can access the entire MIB database in a convenient and simple manner. The MIB browser is a tool that can be traversed throughout the MIB tree, typically in the form of graphic display, each branch and leaves objects. You can find data objects in the MIB through its numeric identifier, which starts from the top (or root) of the tree until the respective leaf nodes (ie, data objects). This way of accessing methods and the organization of the file system are consistent. The main difference between the two is that the path name in the file system can be definitely represented in a relative manner, and the MIB data object can only be represented by absolute manner, and the relative manner cannot be used. For example, in the figure, ISO (1) is at the top of the structure tree, and SysdesCr (1) is in the position of the leaf node. Now I can't see the root root (.), And the remaining branches are expanded here. The identifier of the data object is usually used with a pointful symbol. To access the data object sysdescriber (1), its complete identifier should be like this: iso.org.dod.internet.mgmt.mib-2.system.sysdescr (this identifier should be read from left to right). The data object can also be represented in another shorter format, that is, using a digital form identifier instead of a representation of the branched name. Thus, the form of the same form is ISO.ORG.DOD.INTERNET.MGMT.MIB-2.System.sysdesCR can also be represented by 1.3.6.1.2.1.1.1. The role of these two expression formats is consistent and represents the same MIB data object. Although the identifier of the digital form seems to be more concise, what is the expression format that chooses to choose is still a personal preference. Fortunately, many MIB browsers can represent data objects in any of the two, which makes the mutual conversion between the two formats. MIB access method
When defining the MIB data object, the access control information determines the type of operation that can act on the data object. The SNMP protocol has the following MIB data object access method:
Read-only
Read-Write
No access (Not-Accessible)
The network management system cannot change the MIB data object of the read-only mode, but can read the value of the data object via the GET or TRAP command. During the period of use of a product, some MIB information will never change. For example, the MIB data object sysdescr, which represents System Description, which contains the manufacturer information required to manage the agent software. Determine some data objects to read only another reason, that is, to ensure that information and other statistics relating to performance are correct, not to change them due to misoperation.
As a data transmission method, the SNMP is combined with the data of the data of the data, providing the underlying guarantee for the network management system. A true network management system can be built on SNMP, or on other network management protocols, such as CMIP, etc., but that is also an additional written description.
