The Simple Network Management Protocol Information Technology Essay
This project is a Simple Network Monitoring Tool project for academic purpose. It will provide students with methodology, concept, design, a general idea of how to plan for managing and monitoring a network. Network management protocol which will be examined and implemented in our Simple Network Monitoring Tool which is Simple Network Management Protocol(SNMP). A discussion about the difference between a open source software and a proprietary software. A simple background about what is a network management, network management system and SNMP with its variety of versions. Besides that, it will be explaining how SNMP will be applied in network monitoring. SNMP runs on a variety of devices and operating systems such as Uninterruptible Power Supplies(UPS), network and system management(network analyzers), operating systems(Windows systems, Unix systems) and so on. The SNMP architecture together with the appropriate diagram will give a better idea on how the SNMP works. Comparison between different network monitoring tools is also performed to see the features that are useful and which are not. How SNMP uses User Datagram Protocol (UDP) as the transport mechanism for SNMP messages is also described. Emphasis is also made on the importance of message format and languages of SNMP. Two different versions of Remote Monitoring (RMON) including the purpose of it is explained in this project. Lastly, research methods include The Systems Development Life Cycle (SDLC), quantitative vs qualitative and project progress is discussed in Chapter 3.
TABLE OF CONTENTS
TITLE i
DECLARATION OF ORIGINALITY
ACKNOWLEDGEMENTS
ABSTRACT
TABLE OF CONTENTS
LIST OF FIGURES
LIST OF ABBREVIATIONS
CHAPTER 1 INTRODUCTION 1
1-1 Problem Statement 1
1-2 Objectives 2
1-3 Scope and Deliverables 2
1-4 Background 3
1-4-1 Network Management 3
1-4-2 Network Management System 6
1-4-3 Simple Network Management Protocol 6
CHAPTER 2 LITERATURE REVIEW 9
2-1 SNMP in Network Monitoring 9
2-2 The SNMP Architecture 10
2.2.1 SNMP components and functions 12
2-3 SNMP and UDP 13
2-4 SNMP Message format 13
2-5 Languages in SNMP 15
2-6 Remote Monitoring(RMON) 16
2-7 Comparison between different network monitoring tools 17
Chapter 3 METHODOLOGY AND TOOLS 19
3.1 The Systems Development Life Cycle (SDLC) 19
3.2 Qualitative versus Quantitative 22
3.3 Timeline 24
REFERENCES
LIST OF FIGURES
Figure Number Title Page
Figure 1.4.1-F1 Network management hierarchy 4
Figure 1.4.1-F2 Network Management information support 5
Figure 2.1-F1 The SNMP architecture 11
Figure 2.4-F1 Basic SNMP message format 13
Figure 2.4-F2 SNMP PDU message format 14
Figure 2.6-F1 The RMON1 and RMON2 focused at different
network layers 17
Figure 3.1-F1 Waterfall model 20
Figure 3.3-F1 Timeline 24
LIST OF ABBREVIATIONS
DSL Digital Subscriber Line
IETF Internet Engineering Task Force
NMS Network Management Systems
MAC Medium Access-Control
Chapter 1: Introduction
We begin this chapter by defining and characterizing for a network management architecture. The purpose of it is to give us knowledge on how to plan for managing and monitoring a network. We then examine network management protocol used which is SNMP. This will lead to a start into developing a Simple Network Monitoring Tool.
1.1 Problem Statement
There has always been a debate about open source and proprietary sourced software. Both classes of software have major advantages and disadvantages but it all depends on the user.
Open Source software is free to be used and distributed but provided that certain conditions are met [1]. Open Source software are developed by people who have a passion for computing and who want to contribute to make a difference more than having to rely on any single company to produce what is needed [2]. The program is aimed at proficient users thus it maybe too complicated for the average end user. Unlike closed source software, the software is normally provided without warranty and should the software malfunction or not perform, there is no good documentation or support [2]. Examples of open source software are Linux and OpenOffice.
Proprietary source software is developed by a single person or company. Only the final product that is running on your computer is made available, while the all important source code or recipe for making the software is kept a secret [3]. This software copyright or patent is legally protected as intellectual property [2]. Therefore, the cost for purchasing and renewing the license for the product each year is too expensive for the small organizations/ enterprises. Examples of proprietary source software are Microsoft Windows and Adobe Photoshop.
After taking consideration, we find that both open and proprietary source software are not suitable to manage the small network we have in our CN labs in UTAR. We want to build a software by ourselves, not taking an available and existing one in the market. That software does not need constant updating and patching like an open source software such as Linux. The software is user friendly and does not require a pool of talent to fix problems, therefore, enabling us to solve it by ourselves. The created software will have a low cost and do not require us to pay an annual fee to renew the license like those in proprietary software.
1.2 Project Objectives
(1) To find the specific needs for the small enterprises in using Network Management.
(2) To find which SNMP version is more suitable for small enterprises.
(3) To develop a Network Management tools with GUI support for small enterprise.
1.3 Scope and Deliverables
(1) Develop a working Graphic User Interface (GUI) tool for network management and monitoring for our CN lab in Block E.
(2) Create a user friendly network management system that will make network administration and monitoring easier and more convenient.
(3) The GUI interface must not be too complicated for administrators and the price is not too costly.
1.4 Background
1.4.1 Network Management
Network Management refers to the broad subject of managing computer networks [4]. It includes deployment, integration and coordination of the hardware, software to monitor, test, configure, analyze and control the network and element resources. It can be further categorized in detail into several layers:
business management : the management of the business aspects of a network – e.g management of budget/resources [5].
service management : the management of delivery of services to users – e.g for service providers, it would be management of data storage [5].
Network Management System (NMS): Control and supervision of networks, where the network consists of different types of connected network elements [5].
element management : the management of a collection of similar network devices – e.g access routers [5].
network-element management : the management of individual network devices – e.g switch, hub [5].
Business
Service
Network
Element
Network-element
Policies
Variables
Figure 1.4.1-F1:
Network management hierarchy [5].
This structure is a top-down approach with the most abstract component at the top of the hierarchy, and the most specified component ( network-element management) at the bottom of the hierarchy. As components become more abstract, the ways they are applied and measured changes. The bottom of the hierarchy (network-element, element, network) management applies with variables and parameters while at the top (service, business) management applies in more abstract terms, using policies.
Network Management infrastructure
Device
Switch
Device
Element management system
Switch
Router
Router
Network Management
information support
Element Management
Figure 1.4.1-F2:
Network management is composed of managing elements and transporting management data. Functions shown in Figure 1.4.1-F2 consist of variety task – monitoring, configuring and planning that are performed by network personnel and administrators.
Network management covers a wide area which includes:
· Security: Ensuring network protection from unauthorized users [4].
· Performance: Eliminating bottlenecks(a process in an operation where the capacity is
less than demand placed upon that operation) in the network [4].
· Reliability: providing a reliable transmission of information with minimal loss or
errors and a decent response time [4].
1.4.2 Network Management System
Network Management System is the combination of equipment, hardware and software used in monitoring, controlling and managing a network [6]. It must be able to share information across management applications, control network and element resources to meet real-time operational performance.
1.4.3 Simple Network Management Protocol
In our project, we will use SNMP because it is one of the widely accepted protocols used to manage and monitor network elements.
Simple Network Management Protocol is an application layer protocol for exchanging management information between network devices. It is a part of the Transmission Control Protocol/ Internet Protocol (TCP/IP) protocol suite [7]. SNMP works by sending messages, called protocol data units (PDUs), to different parts of a network [8]. SNMP-compliant devices, called agents, store data about themselves in Management Information Bases (MIBs) and return this data to the SNMP requesters.
SNMPv1
SNMPv1 is the initial implementation of the SNMP protocol. It operates protocols such as User Datagram Protocol (UDP). SNMP is a simple response/request protocol. In the SNMPv1 framework, the network-management system issues a request, and managed devices return responses. All versions of SNMP have the same message format. The difference is only the PDU [9]. SNMPv1 have five different PDU types: GetRequest, GetNextRequest, GetResponse, SetRequest, and Trap. SNMPv1 was created but it was not without its own problems [9]. The main problems of this version is authentication of message source, protection of messages from disclosure and placing access controls on Management Interface base.
SNMPv2
Two new protocols are defined in SNMPv2 which are: GetBulk and Inform [9].
The improvement of security in SNMPv2 leads to variants of SNMPv2. Since there are several variants of SNMPv2’s, there are also several message formats for SNMP. The only differences between SNMPv2 variants are the security implementations. The result of it was having the same PDU format for all SNMPv2 types but a overall message format that differs between each variant
SNMPv3
It was created to cover security issues in SNMPv2. SNMPv3 augments the original SNMP and the SNMPv2 specifications with added security and administration capabilities. It adds remote configuration capabilities from previous versions. This architecture introduces User-based Security Model (USM) for message security and View-based Access Control Model (VACM) for access control [9]. The security features in it is to secure against following security threats including modification of information, masquerading, message stream modification and disclosure.
SNMP basic components and its functions:
The SNMP architecture consists of
The SNMP Manager
A managed SNMP device
An SNMP Agent
An SNMP Agent Management Information Databases (otherwise known as Management Information Bases or MIBs)
The SNMP Manager – interface between the human network manager and the management system.
A managed device – or the network element is a part of the network that requires some form of monitoring and management e.g. routers, switches, servers, workstations, printers and so on
An SNMP Agent – interface between the manager and the physical device(s) being managed [10].
Management Information Base / database – The commonly shared database between the Agent and the Manager is called Management Information Base (MIB). In short, MIB files are the set of questions that the SNMP Manager can ask the Agent. The Agent collects these data locally and stores it, as defined in the MIB.
Chapter 2: Literature Review
In today’s network of routers, switches, hubs and servers, it seems to be a difficult task to manage all the devices on the network. We not only have to make sure the devices are up and running but also make sure it performs at its optimal state. This is where Simple Network Management Protocol (SNMP) can help. SNMP provides simplicity whereby users use a simple set of operations that allows devices to be managed remotely [11]. We will be implementing SNMP in our Simple Network Monitoring Tool.
2.1 SNMP in Network Monitoring
SNMP runs on a variety of devices and operating systems including
broadband network devices(cable and DSL modems)
consumer electronic devices(cameras and image scanners)
networked office equipment(printers, FAX machines)
Uninterruptible Power Supplies(UPS)
network and system management(network analyzers)
operating systems(Windows systems, Unix systems)
Not including physical devices but also software(web servers and databases)
As previously mentioned, SNMP protocol enables users, network and system administrators to remotely monitor and configure devices on the network. Some examples are:
A system administrator can change the state of the SNMP device to know how much traffic is flowing through a network device. Once data is pulled from the particular device such as a router, it can be interpreted [11].
A system administrator could use it to monitor temperature of a router based on information gathered through the use of SNMP. Monitoring environmental conditions is vital because it the temperature rises to high, the device might be damaged [11].
SNMP which is defined in RFC 1157 by Case, Fedor, Schoffstall, & Davin from
IETF states:
2.2 The SNMP Architecture
Implicit in the SNMP architectural model is a collection of network management stations and network elements. Network management stations execute management applications which monitor and control network elements. Network elements are devices such as hosts, gateways, terminal servers, and the like, which have management agents responsible for performing the network management functions requested by the network management stations. The Simple Network Management Protocol (SNMP) is used to communicate management information between the network management stations and the agents in the network elements [12].
Figure 2.1-F1 illustrates the SNMP architecture [13]:
Figure 2.1-F1
2.2.1 SNMP components and functions
In Chapter 1, we stated that the SNMP architecture consists of an SNMP Manager, a managed SNMP device, an SNMP agent an SNMP Agent Management Information Databases. In this chapter, we are going in detail about what these are.
A SNMP manager is a server running software system that can handle management tasks for a network. Managers are often referred to as NMS. NMS is responsible for polling and receiving traps from agents in the network. A poll is the act of querying an agent e.g: router, switch server etc for some piece of information. The information gathered can be used to determine whether something bad has occurred. A trap is a way for a agent to tell the NMS that something happened. Therefore, the NMS will perform an action based on the information it receives from the agent.
A network that contains an SNMP agent and stays on a managed network is called a managed device. It can also be referred as network element. The task it performs are collecting and storing management information and make information available to SNMP managers. Examples of them are switches, routers, hubs and servers.
The SNMP agent is a piece of software that runs on the network devices that one is managing. It can be on a separate program such as (daemon, in Unix) or attached into the OS(Cisco’s IOS router). Most IP devices available today comes with some kind of SNMP built in. The agent provides management information to the NMS by monitoring a variety of operational aspects on a device. For example, an agent on a router can keep track on the state of each of its interfaces: which interface are up, which are down.
Management Information Base (MIB) consists of managed objects and is identified by object identifiers. It is accessed using network management protocol such as SNMP. There are two different types of managed objects, scalar and tabular. Scalar objects define a single object instance. Tabular objects define multiple related object instances.
2.3 SNMP and UDP
SNMP uses User Datagram Protocol (UDP) as the transport mechanism for SNMP messages. UDP is a connectionless protocol and therefore no end-to-end connection is made between the agent and the NMS when packets are sent [14]. UDP is also unreliable is terms that there is no acknowledgment of lost packets. Delivery is not guaranteed, and messages are not necessarily delivered in the order they were sent like in Transmission Control Protocol(TCP) [15] .
SNMP uses UDP port 161 for sending and receiving requests, and port 162 for receiving traps [15]. Every device that implements SNMP must use these port numbers as the defaults. Some vendors allow you to change the default, but if these defaults are changed, the NMS must be made aware of the changes so it can query the device on the correct ports.
The upside to the unreliable nature of UDP is that it requires low overhead, so the impact on your network’s performance is reduced [16].
2.4 SNMP Message format
The basic SNMP message format contains two parts: a message header and a Protocol Data Unit(PDU)
Message
Header
PDU
Figure 2.4-F1 illustrates the basic SNMP message format which consists of a Header and a PDU.
The message header contains:
Version number – (version of SNMP): both the manager and agent must use the same version of SNMP.
Community name – defines an access environment for a group of NMS. NMSs within the community are said to exist within the same administrative domain.
Protocol data unit (PDU) consist of five different types:
GetRequest,GetNextRequest, GetResponse, SetRequest and Trap. SNMPv1 specifies these five protocol data units (PDUs). Two other PDU’s, GetBulkRequest and InformRequest were added in SNMPv2 and carried over to SNMPv3[17].
PDU also contains:
Request ID – associates request with response.
Error status – indicates errors and error types. Only response operation sets this field and other operation sets it to zero.
Error index – associates error with a particular object instance. Only response operation sets this field and other operation sets it to zero.
Variable binding: associates a particular object instance with its current value
PDU Type
Request
ID
Error
Status
Error
Index
Variable
Binding
Figure 2.4-F2 illustrates the SNMP PDU message format.
2.5 Languages in SNMP
All SNMP devices must understand an SNMP message, which presents several major difficulties.
Abstract Syntax Notation One(ASN.1)
Each programming language have different sets of data types(integers, strings, bytes, characters, etc). If an SNMP manager were to send a message full of Java data types to an SNMP agent written in C, the SNMP agent may not understand the message. In order to solve this matter, SNMP uses ASN.1 to define the data types used to build an SNMP message. Since ASN.1 is independent of any particular programming language, the SNMP managers and agents may be written in any language [16].
Basic Encoding Rules(BER)
When a particular data type is send through the network, how should it be encoded? BER is able to solve this issue because it encodes SNMP messages into a format suitable for transmission across a network [16]. Regardless on the programming language used, all data types will be encoded in a systematic way before they are send across the network. In short, all data fields in an SNMP message must be a valid ASN.1 data type, and encoded according to the BER.
Structure of Management Information(SMI)
SMI provides a way to define managed objects and their behavior [18]. An agent has in its possession a list of the objects that it tracks. Management Information Base(MIB) is a database of managed objects that the agent tracks. The agent collects data and stores it in MIB. MIB is works like a dictionary because it defines a textual name for a managed object and explains its meaning.Â
2.6 Remote Monitoring(RMON)
Remote Monitoring (RMON) is a standard monitoring specification that enables various network monitors and console systems to exchange network-monitoring data. RMON provides network administrators with more freedom in selecting network-monitoring probes and consoles with features that meet their particular networking needs [19].
It was initially developed to address the problem of managing LAN segments and remote sites from a central location. The RMON specification which is also an extension of the SNMP MIB defines a set of statistics and functions between console systems and network probes. Resultant data is used to monitor network utilization for network planning and performance-tuning, as well as assisting in network fault diagnosis. Resultant data is used to monitor network utilization for network planning and performance-tuning, as well as assisting in network fault diagnosis.
Two version of RMON are available which are RMON1 (RMONv1) and RMON2 (RMONv2) [20]. RMON1 defined 10 MIB groups for basic network monitoring, which can now be found on most modern network hardware. RMON2 (RMONv2) is an extension of RMON that focuses on higher layers of traffic above the MAC layer. RMON2 allows network management applications to monitor packets on all network layers. This is the main difference between RMON1 which only allows network monitoring at MAC layer and below [20]. RMON places agents, called network probes, at various locations on the distributed network. Probes are standalone devices that contain a NIC, a processor, memory, and software
Protocol Structure – RMON: Remote Monitoring MIBs(RMON1 and RMON2)
The RMON1 and RMON2 focused at different network layers:
Monitored by OSI model
7. Application Layer
6. Presentation Layer
5. Session Layer
4. Transport Layer
3. Network Layer
2. Data Link Layer
(MAC Layer)
1.Physical Layer
RMON2
RMON1
2.7 Comparison between different network monitoring tools
There are many network monitoring tools available in the market. Examples are such as HP OpenView’s Network Node Manager (NNM), IBM’s Tivoli NetView and Computer Associates’ Unicenter TNG. Here, we are going to make comparison between a proprietary software which is HP OpenView’s Network Node Manager Starter Edition 7.5 and a free software which is SoftInventive Lab’s Total Network Monitor 1.1.3.
HP OpenView Network Node Manager Starter Edition 7.5 is quick to deploy, easy to operate and user friendly because it comes with a simple GUI for easier understanding.
Total Network Monitor 1.1.3 is user friendly as the software interface is designed to be simple as well. Any important feature is just one click away from you. HP OpenView Network Node Manager Starter Edition 7.5 provides easy-to-use tools that help you to identify and resolve problems quickly. However, Total Network Monitor 1.1.3 get to know failures in network system in time with aid of advanced alerting system but it takes time to resolve problems. For example, if you are away from your computer and Total Network Monitor 1.1.3 is running, you can set an option to allow message to be sent to your mailbox telling you the current situation.
Besides that, Network Node Manager allows scheduled backups for your critical network management information. Therefore, one does not have to worry about information getting stolen or corrupted. Unlike Total Network Monitor 1.1.3, it does not provide backups functionality. Compared to Total Network Monitor 1.1.3 which cannot be upgraded, HP OpenView Network Node Manager Starter Edition 7.5 provides upgrade to HP’s Network Node Manager Advanced Edition 7.5 for the expansion of your network management if required. With the upgrade, enhanced functionality enables one to manage larger and more complex network environments. Information is stored in a log file for Total Network Monitor 1.1.3 but Network Node Manager stores information in a database and it provides web based reports. This shows Network Node Manager has a more organised method of data storage.
On the other hand, HP offers HP OpenView training courses. The training will provide you to realise the full potential of HP solutions thus get better return on your IT investments. For more information, log on to HP’s official website. Price for this training and the program is not free as it is a proprietary software. Since Total Network Monitor 1.1.3 is a for free, no training is given because it is used to control the efficiency of a small scale network. Everything is based on trial and error. Total Network Monitor is not without its advantages, it has a scan wizard feature that allows users to find computers and other network devices on a network in order to add them to your personal monitoring project.
Chapter 3: Methodology and tools
3.1 The Systems Development Life Cycle (SDLC)
The Systems Development Life Cycle (SDLC) is a model that explains the process of creating or altering systems, and the models and methodologies that people use to develop these systems [21]. It describes the stages in a project from an initial planning stage until maintenance of the completed project. A variety of SDLC models have been created to guide users such as waterfall, spiral, rapid application development (RAD) and incremental [22]. Some methods apply better for specific types of projects, but the most important factor for the success of a project is how closely a particular plan is followed.
For our simple network monitoring tool, we will be using the waterfall model. The waterfall model is the oldest existing model and is regarded as “the Systems Development Life Cycle”.
Planning
Analysis
Testing
Maintenance
Design
Implement
Figure 3.1-F1
The relationship of each stage to the next can be described as a waterfall, as show in Figure 3.1-F1 where the output for a specific stage serve as the initial input for the next stage. These stages can be characterized and divided as required but they generally follow the same basic steps in the waterfall model.
Planning
The planning stage establishes a view on the intended project as information and resources are gathered [23]. It also evaluates the project structure, risks involved, determine goals and find out the difficulty in carrying out a designated task.
Analysis
The analysis phase tries to gain an understanding of the current system and how it works. This step involves “separating” the system in different sections to analyze the situation and the project goals.
Design
The design stage describes features and operations that should be added, ensuring that every feature is functioning [24]. It is also about how things should work and how they should look. The output of this stage will describe the new system as a collection of modules. Some examples include screen layouts, process diagrams and many more.
Implement
This phase is all about translating the design into code. Programming tools like compilers, interpreters, debuggers are used to generate the code. For this project, Java language is used.
Testing
In the testing stage, programs are written as individual modules, and they are tested individually. Once this is complete, they are combined and the system is then tested as a whole. Errors, bugs and interoperability are checked to verify the correctness and completeness of the software [25].
Maintenance
The maintenance phase includes upgrading, fixing problems, correction and adapting to changes such as moving to a different platform. This is perhaps the most important step that seems to go on forever.
3.2 Qualitative versus Quantitative
Research methods can be classified into ways. However, the most common distinctions are between qualitative and quantitative research methods.
Quantitative research is a more subjective form of research [26]. This is because the research explores attitudes, behaviors and experiences of participants to help researchers form a more complete picture [27]. It attempts to get feedback and opinion from these participants. Besides that, qualitative research is necessary in situations where it is unclear what exactly is being looked for in a study [26]. While, quantitative research generally knows exactly what it’s looking for before the research begins, the focus of study for qualitative research may become more apparent as time progresses. Usually, data collected from qualitative research is less concrete if compared to quantitative research. This because the researcher is the data gathering tool and he/she uses methods such as case study research [28]. The interpretations given by research subjects are more detailed and therefore more difficult to be generalized. This is time consuming. Furthermore, researchers tend to become more emotionally attached to qualitative research, and so their own bias plays a major role in getting the results. According to Donald Campbell, “All research ultimately has a qualitative grounding” [28].
On the other hand, aim of qualitative research is to classify features, count them, and construct statistical models in an attempt to explain what is observed. This is an objective research method compared to qualitative research because it tends to seek precise measurement. While in qualitative research, researcher may only know roughly in advance what he/she is looking for, the target of quantitative research is that researcher knows clearly in advance what is being measured before measurement takes place and their study is set up with a clear blueprint. Compared to qualitative research, researchers use tools to collect data and the data which is collected is in the form of numbers or statistics. This enables efficient collection of data that is less time consuming and we are able to test hypotheses. Examples of quantitative methods include survey methods, laboratory experiments and numerical methods [29]. Freddy Kerlinger once said “There’s no such thing as qualitative data. Everything is either 1 or 0″[28].
After much consideration, the quantitative research method will be more suitable for our project. The reason is because we already have an idea on what to do, which is building a simple network monitoring tool to monitor a network. Furthermore, the method of data collection is by using tools. There are five features that would be chosen after comparing the different network monitoring tools. These features are difficult to be implemented because adding a feature that is good in a program takes time. So, it will be a challenge to implement them. The first feature is user friendly, it will have a simple GUI for easy understanding. Secondly is a set of easy-to-use tool that help one to identify and resolve problems quickly. Next, is the ability to perform backups so that vital information will not be lost in case of any misfortune. Information will be stored in a log file so records can be checked. Lastly, failures in network system must be found out in time with the aid of advanced alerting system such as sending an email to your mailbox informing of the current situation.
3.3 Timeline
Project I Timeline
W1
W2
W3
W4
W5
W6
W7
W8
W9
W10
W11
Chapter1
X
X
X
X
X
Chapter2
X
X
X
X
X
Chapter3
X
X
X
Project II Timeline (Estimate)
W1
W2
W3
W4
W5
W6
W7
W8
W9
W10
W11
Chapter4
X
X
X
X
X
Chapter5
X
X
X
X
X
Chapter6
X
X
X
X
X
Order Now