Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Deep packet inspection wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Internet protocol suite wikipedia , lookup
Computer network wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Distributed firewall wikipedia , lookup
Network tap wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Network Management Concepts: Models and Languages* *Mani Subramanian “Network Management: Principles and practice”, Addison-Wesley, 2000. Network Management Concepts: Models and Languages Network Management Systems Origin of Network Management OSI Management Models Organization Information Communication Functional Abstract Syntax Notation (ASN.1) Basic Encoding Rules, BER 1 Network Management Systems (NMS) A NMS is an integrated collection of tools for network monitoring and control Network management is concerned with system resources (e.g., hubs, bridges, routers, etc.) and the connectivity among them NME and NMA: collection of software devoted for NM task Network control host (Manager) Server (agent) NMA NME Appl NME Appl Comm OS Comm OS Router (agent) Workstation (agent) NME Comm NME Appl Comm OS OS Elements of NMS Network Management Entity (NME) o o o o Collect statistics on communication and related activities Store statistics locally Responds to commands from the network control center (e.g. report its object status, etc.) Generate messages to the network control center when local conditions change (e.g., port failure) Network Management Application (NMA) o o Interface allowing authorized users to manage the network Display mgnt information and issue control commands to NME To maintain high availability, two or more network control hosts (managers) are used! Network Management Components Network Agent monitors its respective objects either in response to a query from the NMS or triggered by a local alarm The agent communicates the relevant data to the NMS NMS Network Agent Network Agent Network Objects Network Objects Network Management Components A NMS manages all the components connected to a network which may be coming from different vendors This might require installing multiple NMS or a single NMS capable of managing multiple vendor components (Interoperability). Therefore, standards are required (2 major standards emerged: the Internet and OSI) NMS Network Agent Network Agent Network Objects Network Objects Interoperability Management related applications e.g., fault and configuration management) Application Services Objects Objects Management Protocol Vendor A Vendor B Objects Objects Transport Protocols Case of two service providers: each managed independently. Some mgnt information can be shared NMS Vendor A Messages Services & Protocols NMS Vendor B Network Agent Network Agent Network Agent Network Agent Network Objects Network Objects Network Objects Network Objects Distributed Network Management Manager Centralized management central control (makes sense when key resources reside in a central site and services are provided to remote users). Enables managers to maintain control over the entire configuration, balancing resources against needs, and optimizing the overall resource utilization Drawbacks traffic overhead, scalability and “single point of failure” NMA NME Appl Comm OS Server (agent) NME Appl Comm OS Router (agent) Workstation (agent) NME Comm NME Appl Comm OS OS Distributed Network Management Distributed management Advantages: replaces the single network Traffic overhead is minimized: control with interoperable workstations located on distributed LANs. local control for managers over their own segments. Hierarchical architecture is typically used where a central workstation (with backup) has global access rights and the ability to manage all network resources much of the traffic is confined to the local environment Greater scalability: more workstations can be deployed to provide additional management Eliminate the single “point of failure” by using multiple networked management stations Distributed Network Management Management clients (PCs, workstations) Each may have access to one or more mgnt servers Network Management server Management server Management application Management application MIB Network Devices with different Devices to management protocols be managed Proxy Network resources with management agents (servers, routers, etc.) Proxy MIB Proxies Ideally, all network components that are to be managed should include a network management entity (NME) with common network management software across all managers and agents. This may actually not be practical or possible: Proprietary management systems Some components (e.g., modems) may not support additional software It is common to have agents acting as proxies: A proxy acts on behalf of other nodes A manager communicates with a proxy to get information for a specific node Proxies Management application Proprietary management interface Proxy manager Client stub Server stub Protocol stack Protocol stack Standard operations and event reports Client proxy stub Protocol stack Server proxy stub Protocol stack Proprietary operations and event reports Polling and Event Reporting Information that is useful for monitoring is collected and stored by agents and is made available to one or more manager systems. MANAGER AGENTS Polling and event reporting are two techniques used for this purpose by both network managers and agents. MIB Polling and Event Reporting Polling A “request-response” interaction between a manager and agent. A query is made by a manager to an authorized agent to request values for various information elements The agent responds with information from its MIB The request may take any shape: asking for some specific values or could be about the structure used for the MIB Event Reporting the agent initiates, and the manager acts as a listener waiting for incoming information A “reporting period” may be defined and configured by the manager When a significant (unusual) event occurs (e.g., a fault), the agent reports to the manager Reporting is more efficient than polling, especially for monitoring objects whose values change only infrequently Polling and Event Reporting A network monitoring system employs both polling and reporting schemes Traditional TMN relies on event reporting whereas SNMP relies on polling and OSI falls in between The choice of either depends on number of factors: Amount of traffic generated Robustness in critical situations Delays in notifying Amount of processing in managed devices Reliable vs. unreliable transport Network monitoring applications supported Robustness of notification devices Network Management Concepts: Models and Languages Network Management Systems Origin of Network Management OSI Management Models Organization Information Communication Functional Abstract Syntax Notation (ASN.1) Basic Encoding Rules, BER 1 ICMP: Internet Control Message Protocol used by hosts & routers to communicate network-level information error reporting: unreachable host, network, port, protocol echo request/reply (used by PING) network-layer “above” IP: ICMP msgs carried in IP datagrams ICMP message: type, code plus first 8 bytes of IP datagram causing error Type 0 3 3 3 3 3 3 4 Code 0 0 1 2 3 6 7 0 8 9 10 11 12 0 0 0 0 0 description echo reply (ping) dest. network unreachable dest host unreachable dest protocol unreachable dest port unreachable dest network unknown dest host unknown source quench (congestion control - not used) echo request (ping) route advertisement router discovery TTL expired bad IP header Traceroute and ICMP Source sends series of UDP segments (probes) to dest First has TTL =1 Second has TTL=2, etc. Provide also unlikely port number When nth datagram arrives to nth router: Router discards datagram And sends to source an ICMP message (type 11, code 0) Message includes name of router& IP address When ICMP message arrives, source calculates RTT Traceroute does this 3 times Stopping criterion UDP segment eventually arrives at destination host Destination returns ICMP “host unreachable” packet (type 3, code 3) When source gets this ICMP, stops. PING and ICMP PING (Packet Internet Groper) is a simple management tool that depends on ICMP protocol Measure round trip delays, packet loss, etc. Isolates points of failure and areas of congestion Ping, ”Sends ICMP ECHO_REQUEST packets to network hosts”, used to: Test destination reachability, compute round trip time count the # of hops to destination may provide record route option Ping failure does not guarantee un-reachability Firewalls may filter pings Origin of NM Internet currently growth in the number of attached hosts, number of distinct administrative domains, multi-vendor equipment, etc. PING capability was not satisfactory! need for automated capabilities Standardized protocols with more functionalities than PING and yet as simple! SNMP (Simple Network Management Protocol) and CMIP (Common Management Information protocol) over TCP/IP have emerged and were approved by the IAB NM Standards Standard OSI / CMIP Salient Points SNMP/Internet TMN IEEE Web-based Management International standard (ISO / OSI) Management of data communications network - LAN and WAN Deals with all 7 layers Most complete Object oriented Well structured and layered Consumes large resource in implementation Industry standard (IETF) Originally intended for management of Internet components, currently adopted for WAN and telecommunication systems Easy to implement Most widely implemented International standard (ITU-T) Management of telecommunications network Based on OSI network management framework Addresses both network and administrative aspects of management IEEE standards adopted internationally Addresses LAN and MAN management Adopts OSI standards significantly Deals with first two layers of OSI Web-Based Enterprise Management (WBEM) Java Management Application Program Interface (JMAPI) NM Standards OSI (Open System Interconnection) NM Adopted by the ISO (International Standards Organization) Its management protocol is the CMIP (Common Management Information Protocol) Very comprehensive and addresses the 7 layers of OSI Managed objects are based on object classes and inheritance rules Management of data communications network - LAN and WAN Complex and consumes large resource in implementation designed 1980’s: too slowly standardized NM Standards Simple Network Management protocol (SNMP) Industry standard (IETF) Managed objects are defined as scalars with few characteristics such as data types, read-only, read-write attributes Originally intended for management of Internet components, currently adopted for WAN and telecommunication systems Easy to implement Most widely implemented NM: most vendor equipment supports SNMP NM Standards Telecommunication Management Network (TMN) IEEE Adopted Internationally International Standard (ITU) Based on OSI Network Management Addresses LAN/MAN management Management of telecommunications networks Based on OSI Network Management Addresses both network and administrative aspects of management Deals with first two layers of OSI (physical and data link layers) NM Standards Web-based Management Based on Web technology (web servers and browsers) Still an evolving technology Web-Based Enterprise Management (WBEM) Desktop Management Task Force (DMTF) is actively developing specs for WBEM DMTF had chosen Microsoft OO management model Java Management Extensions (JMX) Based on JAVA applets developed by Sun Microsystems Network Management Concepts: Models and Languages Network Management Systems Origin of Network Management OSI Management Models Organization Information Communication Functional Abstract Syntax Notation (ASN.1) Basic Encoding Rules, BER 1 Network Management Models Network Management Organization Model Information Model Organization Model the components of a NM system, their functions, and relationships (it defines manager, agent, object) Communication Model Functional Model Information Model Structure of Management Information (SMI: Syntax and semantics) Management Information Base (MIB: Organization of management information) Network Management Models Network Management Organization Model Information Model Communication Model Transfer syntax with bidirectional messages; Transfer structure (PDU) Communication Model Functional Model Functional Model Application functions Configure components Monitor components Measure performance Secure information Usage accounting Organization Model Managed object A network element that is managed (e.g., routers, bridges, hubs, etc.) Houses SNMP management agent MDB Manager Managed objects Unmanaged objects Objects are classified into managed/unmanaged Managed object has a running management agent MDB Management Database Agent process Two-Tier Network Management Organization Model Organization Model Management Station (Manager) Interface for network managers to monitor and control the network MDB Manager Contains management applications (data analysis, fault recovery, etc.) Translation capabilities from manager’s requirements into actual monitoring and control of remote elements Contains DB of information extracted from MIBs of all the managed entities in the Network Managed objects Unmanaged objects MDB Management Database Agent process Two-Tier Network Management Organization Model Organization Model Management Agent Gathers information from objects Configures parameters of objects (e.g., enable/disable a router port, shut down a port on a hub, etc.) Responds to requests for information and actions from managers Generates alarms and sends them to managers MDB Manager Managed objects Unmanaged objects MDB Management Database Agent process Two-Tier Network Management Organization Model Organization Model Middle layer plays the dual role Agent to the top-level manager Manager to the managed objects MDB Manager MDB Agent / Manager collects, processes and stores data locally Performs statistical operation on the data and passes it to top level manager The intermediate system could be at a local site and passes info. to a remote site. Example of middle level: Remote monitoring agent (RMON) Managed objects MDB Management Database Agent process Three-Tier Network Management Organization Model Organization Model MoM Manager of Managers NMS Network Management System MoM MDB Agent Agent Agent NMS Agent NMS MDB Manager Managed objects MDB Manager Managed objects Different network domains, each managed locally Agent NMS manages the domain MoM presents integrated view of domains Domain may be geographical, administrative, vendor-specific products, etc. Communication Model SNMP MANAGER MIB AGENT Resources are represented as objects (or data variables) Collection of objects is a MIB (more later) A manager performs monitoring by retrieving the value of MIB objects A manager causes an action to take place or changes the configuration settings by modifying values of specific variables Communication Model SNMP MANAGER MIB AGENT Management stations and agents are linked by a network management protocol SNMP is used for the management of TCP/IP networks o o o Get: manager or management station can retrieve the value of objects at the agent Set: set the values of objects at the agent Trap: agent notifies manager on significant events Protocol Architecture Management station Network manager Host Agent process Agent process Manager process -SNMP uses UDP port 161 - connection-less SNMP Central MIB UDP Network-dependent (e.g., Ethernet, X.25, ATM) protocols Host UDP UDP TCP UDP Network-dependent protocols Agent process Agent process FTP, etc. SNMP SNMP TCP UDP UDP UDP FTP, etc. SNMP Router Agent Userprocess process SNMP SNMP IP IP Agent process Agent process Agent Userprocess process Internetwork Internetwork IP Network-dependent protocols UDP UDP IP Network-dependent protocols Interprets SNMP messages and controls the agent’s MIB Communication Model Management data is communicated between agent and manager as well as between managers Three aspects: Transport medium of message exchange (transport protocol) Message format (application protocol) Actual message (commands and responses) Operations / Requests Manager Applications Responses Agent Notifications / Traps Network Elements Managed Objects Management Message Communication Model Communication Model SNMP Manager Application SNMP Messages SNMP Agent UDP UDP IP IP Layer 1 & 2 Networ k Trap GetResponse Central MIB SetRequest manages object GetNextRequest SNMP managed objects GetRequest Trap GetResponse SetRequest GetNextRequest GetRequest Management application Layer 1 & 2 Trap-Directed Polling SNMP encourages the manager to use trapdirected polling A manager may be responsible for a large number agents, each maintains a large number of managed objects It is impractical to regularly poll all agents for all their readable objects (management overhead on the network may be very excessive!) managing entity managing data entity agent data managed device agent data network management protocol managed device agent data agent data managed device managed device Trap-Directed Polling Initially a manager may poll all the agents for some key information e.g., interface characteristics (# pckts in/out, etc..) managing entity managing data entity network Then, each agent is management responsible for notifying protocol (through trap messages) the manager of any unusual event agent data e.g., high pckt drop rate at some interface agent data managed device agent data managed device agent data managed device managed device Substantial savings in network capacity and agent processing (use network resources for the right reason!) Information Model The representation of objects and information relevant to their management This information is usually communicated between agents and management processes SMI (Structure of Management Information) defines the syntax and semantics of management information stored in MIB (Management Information Base) Example sysDescr: { system 1 } Syntax: OCTET STRING Definition: "A textual description of the entity. " Access: read-only Status: mandatory MIB Contains information about objects Organized by grouping of related objects Defines relationship between objects Agent MIB vs. Manager MIB MIB Agent: local information MIB Manager: info. on all network components Information Model MDB physical database; e.g.. Oracle MDB Manager MIB MIB virtual database; schema compiled into management software Contains measured or administratively configured values of NEs Info necessary for processes to exchange info. (e.g., #ports/hub) A NMS can automatically discover (periodic broadcast of PING messages) a managed object, such as a hub, when added to the network Managed objects Once detected, its information (e.g., The NMS can identify a new address, number of ports, etc.) is added added object only after the to MDB MIB schema of the new MIB does not need to be updated if another hub from same vendor already added object is compiled exist into manager MIB. Management Information Tree Both Internet and OSI define objects uniquely by a tree structure Each managed object occupies a node in the tree underneath the root Designation of objects: iso 1 org 1.3 dod 1.3.6 internet 1.3.6.1 Root itu 0 Level 1 Level 2 Standard organizations: define management of objects under them iso-itu 2 org 3 dod 6 Level 3 Management Information Tree iso 1 Managed Objects internet 1 OSI Management Information Tree Object Type and Instance Access: Access privilege object ID Object Type: Object ID and Descriptor circle unique ID and descriptor and name for the object syntax used to model the object access access privilege to a managed object (read-only, etc) status implementation requirements (e.g., optional or mandatory) definition textual description of the semantics of object type Status: Implementation requirements Syntax : model of object Definition: Semantics textual description Internet Perspective Object Type and Instance object class managed object attributes attributes visible at its boundary operations access operations that can be applied to it behavior behavior exhibited by it in response to an operation Notifications notifications emitted by the object Object Class: Circular object Operations: Push : Attributes: circle, dimension Behavior Object Class: Elliptical object Notifications : Notify changes in attribute values Attributes: ellipse, dimension OSI Perspective Object Type and Instance Characteristics Example Object type PktCounter Syntax Counter Access Read-only Status Mandatory Description Counts number of packets Internet Perspective Characteristics Example Object class Packet Counter Attributes Single-valued Operations get, set Behavior Retrieves or resets values Notifications Generates notifications on new value OSI Perspective Packet Counter As Example of Managed Object Function Model OSI Functional Model Configuration Management Monitor performance of network Security management Detection and isolation of failures in network Trouble ticket administration Performance management Security Management Accounting Management set and change network configuration and component parameters Set up alarm thresholds Fault management Performance Management Configuration management Fault Management Authentication Authorization Encryption Accounting management Functional accounting of network usage Network Management Concepts: Models and Languages Network Management Systems Origin of Network Management OSI Management Models Organization Information Communication Functional Abstract Syntax Notation (ASN.1) Basic Encoding Rules, BER 1 Abstract and Transfer Syntaxes User is concerned with semantics of data User The user of data transfer comp. e.g., SNMP, FTP, TELNET for TCP/IP User Presentation Mapping Application Mapping Component Local Local Storage Mechanisms for transfer of data between end systems (e.g., TCP or UDP) User Abstract Syntax Application Component Encoding Rules Data Transfer Component Transfer Syntax Concerned with syntax of data Local Mapping Encoding Rules Data Transfer Component Binary representation of data Local Storage Abstract and Transfer Syntaxes For the application component, information is presented in an abstract syntax that deals with data types and data values o Abstract syntax is the set of rules used to specify data types and structures for storage of information Abstract syntax is used to exchange info. between application components in systems o Makes application layer protocols independent of lower layer protocols Abstract syntax must be mapped into some form for presentation to the human user And to some local format for storage (e.g. of this mapping is in the case of MIB; however, elements within MIB are defined using abstract syntax) Abstract and Transfer Syntaxes The transfer syntax defines a unified representation of the data to be exchanged between data transfer components o Transfer syntax represents the set of rules for communicating information between systems Mapping from abstract syntax to transfer syntax is accomplished by means of encoding o o A common representation for the exchange of data between different systems Can generate machine-readable code: Basic Encoding Rules (BER) is used in management modules ASN.1 is based on the Backus system and uses the formal syntax and grammar of the Backus-Nauer Form (BNF) ASN.1 is independent from lower layer protocols Backus-Nauer Form (BNF) Definition: <name> ::= <definition> where <entity> denotes “entity” and the symbol “::=“ represents “defined as” primitive definitions: <digit> ::= 0|1|2|3|4|5|6|7|8|9 <op> ::= +|-|x|/ similarly, an entity number can be constructed from primitives: <number> ::= <number> | <digit> <number> Example: 9 is primitive 9 19 is construct of 1 and 9 619 is construct of 6 and 19 ASN.1 Assignments Assignments <BooleanType> ::= BOOLEAN data type assignment (or name of the entity) <BooleanValue> ::= TRUE | FALSE value assignment (assigned value to the data type) Group of assignments: Modules Start with capital letters Usually modules are built from primitive (atomic) data types (e.g., INTEGER, REAL, etc..) May use ASN.1 constructs (e.g., SET, SEQUENCE, etc.) Constructors are used to build structured data types Backward and forward references, and inline definition ASN.1 Modules PersonnelRecord ::= SET Constructs: “list makers” Name, { GraphicString, title division CHOICE { A module PersonnelRecord [0] SEQUENCE marketing (a set of data types) {Sector, Primitives data types Country}, [1] CHOICE research {product-based [0] NULL, Construct: alternatives [1] NULL}, basic [2] SEQUENCE production {Product-line, }} Country } Three construction mechanisms (develop structured data types): Alternatives: CHOICE List: SET and SEQUENCE Repetition: SET OF and SEQUENCE OF ASN.1 Modules PersonnelRecord ::= SET Lists built with “SEQUENCE” { Name, maintains the correct order title GraphicString, division CHOICE { PersonnelRecord is a set of marketing [0] SEQUENCE different data types, each uniquely {Sector, associated with a name and can Country}, be encoded and transmitted research [1] CHOICE in any order. {product-based [0] NULL, basic [1] NULL}, production [2] SEQUENCE {Product-line, Country } }} Example: “Smith”, “Manager”, {“North”, “Chile”} “Manager”, “Smith”, {“North”, “Chile”} {“North”, “Chile”}, “Smith”, “Manager” ASN.1 Symbols Symbol ::= | -{} [] () .. Meaning Defined as or, alternative, options of a list Signed number Following the symbol are comments Start and end of a list Start and end of a tag Start and end of subtype Range Data Types Data Types Convention Example Object name Initial lowercase letter sysDescr, etherStatsPkts Application data type Initial uppercase letter Counter, IpAddress Module Initial uppercase letter PersonnelRecord Macro, MIB module All uppercase letters RMON-MIB Keywords All uppercase letters INTEGER, BEGIN Data types are generally defined based on a structure and a tag: Structure: simple (or atomic), structured, etc.. Tag: class and a tag ASN.1 simple types Basic Types o o o o o o BOOLEAN INTEGER ENUMERATED REAL BIT STRING OCTET STRING Character String Types (various subsets of ISO 10646-1) o o o o o o o NumericString (0-9,<space>) PrintableString (0-9,A-Z,a z,<space>,<special>) VisibleString GraphicString TeletexString UTF8String IA5String ASN.1 simple types Syntax : <type name> ::= type Example: counter ::= INTEGER IpAddress ::= OCTET STRING PageNumber ::= INTEGER ChapterNumber::= INTEGER Months ::= ENUMERATED {january (1), february (2), march (3), april (4), may (5), june (6), july (7 august (8), september (9), october (10), november (11), december (12)} ASN.1 simple types A subtype is derived from a parent type Syntax: <subtype name> ::= <type> ( <constraint> ) Examples: Counter ::= INTEGER ( 0..4294967295 ) IpAddress ::= OCTET STRING ( SIZE(4) ) Spring ::= Months ( march | april | may ) Summer ::= Months ( june | july | august ) SmallPrime ::= INTEGER ( 2 | 3 | 5 | 7 | 11 ) ASN.1 structured types A data type is structured type when it contains other types (i.e., have components) BookPageNumber ::= SEQUENCE {ChapterNumber, Separator, PageNumber} separator is a VisibleString data type with value “-” Example: {1-1, 2-3, 3-39} BookPages ::= SEQUENCE OF { BookPageNumber } BookPages ::= SEQUENCE OF { SEQUENCE {ChapterNumber, Separator, PageNumber}} Example: {1-1, 1-2,..,2-1, 2-2,…..} ASN.1 structured types The pages of a book could also be specified as a collection of individual pages in random order BookPages ::= SET OF { SEQUENCE {ChapterNumber, Separator, PageNumber} } ASN.1 Tagged Types Tag uniquely identifies a data type and is required for encoding the data types for communication Comprises class and tag number Class: o o o o Universal - similar to global variables Application - only in the application used Context-specific - specific context in application Private - used extensively by commercial vendors Example: BOOLEAN INTEGER research product-based Universal 1 Universal 2 Application [1] Context-specific under research [0] ASN.1 Tagged Types UNIVERSAL 1 BOOLEAN UNIVERSAL 2 INTEGER UNIVERSAL 3 BIT STRING - basic types UNIVERSAL 4 OCTET STRING UNIVERSAL 9 REAL UNIVERSAL 10 ENUMERATED UNIVERSAL 6 OBJECT IDENTIFIER - object types UNIVERSAL 7 ObjectDescriptor UNIVERSAL 26string VisibleString - character types UNIVERSAL 5 ... NULL UNIVERSAL 23 UTCTime - miscellaneous types UNIVERSAL 24 GeneralizedTime UNIVERSAL 16 types SEQUENCE [OF] - structured UNIVERSAL 17 SET [OF] ASN.1 Tagged Types PersonnelRecord ::= SET { Name, title GraphicString, division CHOICE { marketing [0] SEQUENCE Tag nb is 1 (overrides {Sector, that of BOOLEAN) Country}, research [1] CHOICE {product-based [0] NULL, Application specific basic [1] NULL}, production [2] SEQUENCE {Product-line, Context specific (subset of Country } }} an application, and limited to the application) ASN.1 Object Types Used to name and describe information objects Such as standard documents, data structures, managed objects In general, an information object is a class of information, e.g., file format, rather than an instance of such a class (i.e., individual file) Object identifier is a unique identifier for a particular object and its value consist of a set of integers Object descriptor is a human readable description of an information object ASN.1 Object Types root ccitt(0) iso(1) joint-iso-ccitt(2) org(3) internet(1) mgmt(2) mib-2(1) dod(6) private(4) experimental(3) enterprise(1) internet OBJECT IDENTIFIER ::= {iso(1) org(3) dod(6) 1 } private OBJECT IDENTIFIER ::= {internet 4 } ASN.1 Object Types Private type is used extensively by vendors of network products A vendor is assigned a node on the MIT, all branches and leaves under that node will be assigned private data types by the vendor i tu 0 is o 1 o rg 3 dod 6 i n te rn e t 1 p riv a te 4 e n te rp ri s e 1 ibm OBJECT IDENTIFIER ::= {iso(1) org(3) dod(6) internet(1) private(4) enterprize(1) 2} IB M 2 i s o -i tu 2 Network Management Concepts: Models and Languages Network Management Systems Origin of Network Management OSI Management Models Organization Information Communication Functional Abstract Syntax Notation (ASN.1) Basic Encoding Rules, BER 1 Encoding Structure ASN.1 syntax containing management information is encoded using the Basic Encoding Rules (BER) that is defined for the transfer syntax BER is a specification developed and standardized by CCITT and OSI ASCII data is converted to bit-oriented data TLV, Type-Length-Value: is a specific encoding structure Type: indicates the ASN.1 type, class of the type Length: length of the actual value representation Value: the value of the ASN.1 type as a string of octets Encoding Structure Type Class (7-8th bits) Length P/C (6th bit) Value Tag Number (1-5th bits) 1 byte P/C (1-bit) specifies whether the structure is simple or a construct 0 for simple 1 for construct Encoding Structure Type Class (7-8th bits) Length P/C (6th bit) Value Tag Number (1-5th bits) 1 byte Class (2 bits): specifies the class being used Class Universal Application Context-specific Private 8th bit 0 0 1 1 7th bit 0 1 0 1 Encoding Structure Type Class (7-8th bits) Length P/C (6th bit) Value Tag Number (1-5th bits) 1 byte Tag Number: designates the tag value in binary Example: 00 0 00010 for encoding INTEGER Universal class Primitive Tag value = 2 Tag number < 31 Identifier Octet Bits 8 7 Class 6 5 P/C 4 3 2 Tag number 0 = Primitive 1 = Constructed 0 0 = Universal 0 1 = Application 1 0 = Context-specific 1 1 = Private 1 Tag number >= 31 Leading octet Class P/C 1 1 1 1 1 2nd octet 1 Last octet ... 1 + ... + = Tag number 0 + Encoding of Length Field Short form ( L < 128 octets) one octet L octets 0 Length L Contents (or Value) field Long form ( 128 L < 21008 octets) first octet 1 K K octets L octets Length L Contents field Example, L = 128: 10000001 10000000 Binary equivalent of 128 BER, Examples distance INTEGER ::= 27 Type Length Value 02 01 1B 00 0 00010 UNIVERSAL P today INTEGER ::= 129 02 02 2 00 81 Length is 2 to indicate 2 octets for Value DayOfYear ::= [APPLICATION 17] IMPLICIT INTEGER today DayOfYear ::= 129 51 02 01 0 10001 APPLICATION P 17 00 81 BER, Examples Birthday ::= SEQUENCE { name VisibleString, day DayOfYear } myBirthday Birthday ::= { name "Jane", day 129 } Birthday Length Contents 30 ?? 0A VisibleString 1A DayOfYear 51 Type Definition UNIVERSAL 16 00 1 10000 Value Assignment BER Encoding Length Contents 04 "Jane" Length Contents 02 00 81 MACROS Macro is used to create new data types <macroname> MACRO ::= BEGIN TYPE NOTATION ::= <syntaxOfNewType> VALUE NOTATION ::= <syntaxOfNewValue> <auxiliaryAssignments> END OBJECT-IDENTITY MACRO ::= BEGIN inse7120 OBJECT-IDENTITY TYPE NOTATION ::= “STATUS” Status “DESCRIPTION” Text VALUE NOTATION ::= Value (VALUE OBJECT IDENTIFIER) Status ::= “current” | “deprecated” | “obsolete” Text END ::= ““““ string ”””” STATUS current DESCRIPTION "A graduate-level network management course offered by the CIISE at Concordia University." ::= {ciiseclasses 50}