vtu.allsyllabus.com www.allsyllabus.

com

SYLLABUS
Subject Code: 10CS834 Exam Hours: 03
I.A Marks: 25 Total Hours: 52
Hours/Week: 04 Exam Marks: 100

1. Introduction: Analogy of Telephone Network Management, Data and Telecommunication Network

,Distributed computing Environments, TCP/IP Based Networks: The Internet and Intranets,
Communications Protocols and Standards- Communication Architectures, Protocol Layers and Services;
Case Histories of Networking and Management The Importance of topology , Filtering Does Not Reduce
Load on Node, Some Common Network Problems; Challenges of Information Technology Managers,
Network Management: Goals, Organization, and Functions- Goal of Network Management, Network

m
Provisioning, Network Operations and the NOC, Network Installation and Maintenance; Network and

co
System Management, Network Management System platform, Current Status and Future of Network
Management.

s.
bu
2. Basic Foundations: Standards, Models, and Language: Network Management Standards, Network
Management Model, Organization Model,Information Model Management Information Trees,
la

Managed object Perspectives, Communication Model; ASN.1- Terminology, Symbols, and Conventions,
yl

Objects and Data Types, Object Names, An Example of ASN.1 from ISO 8824; Encoding Structure;
lls

Macros, Functional Model.

.a

3. SNMPv1 Network Management: Managed Network: The History of SNMP Management, Internet
w

Organizations and standards, Internet Documents, The SNMP Model, The Organization Model, System
w

Overview. The Information Model Introduction, The Structure of Management

w

Information, Managed Objects, Management Information Base. The SNMP Communication Model The
SNMP Architecture, Administrative Model,SNMP Specifications, SNMP Operations, SNMP MIB Group,
Functional Model.

4. SNMP Management RMON: Remote Monitoring, RMON SMI and MIB,RMONI1- RMON1 Textual
Conventions, RMON1 Groups and Functions,

1
www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Relationship Between Control and Data T ables, RMON1 Common and

Ethernet Groups, RMON Token Ring E xtension Groups, RMON2 The
RMON2 Management Information Base, RMON2 Conformance Specifications.

5. Broadband Netw ork M anagement: Broadband Access Networks and

Technologies: Broadband Access Networks, Broadband Access Technology;
HFCT Technology: The Broadband LAN, The Cable Modem, T he Cable
Modem Termination System, The HFC Plant, The RF Spectrum for Cable
Modem; Data Over Cable Reference Architecture; HFC Management Cable
Modem and CMTS Management, HFC Link Management, RF Spectrum
Management, DSL T echnology; Asymmetric Digital Subscriber Line

m
Technolo gy Role of the ADSL Access Net work in an Overall Net work,

co
ADSL Architecture, ADSL Channeling Schemes, ADSL Encoding Schemes;
ADSL Management ADSL Network Management Elements, ADSL

s.
Configuration Management, ADSL Fault Management, ADSL Performance
bu
Management, SNMP-Based ADSL Line MIB, MIB Integration with Interfaces
Groups in MIB-2, ADSL Configuration Profiles.
la

6. Network Management Applications: Configuration Management- Network

yl

Provisioning, Inventory Management, Net work Topology, Fault Management-

lls

Fault Detection, Fault Location and Isolation Techniques, Performance

Management Performance Metrics, Data Monitoring, Problem Isolation,
.a

Performance Statistics; Event Correlation Techniques Rule-Based

w

Reasoning, Model-Based Reasoning, Case-Based Reasoning, Codebook

w

correlation Model, State Transition Graph Model, Finite State Machine Model,
w

Security Management Policies and Procedures, Security Breaches and the

Resources Needed to Prevent Them, Firewalls, Cryptography,
Authentication and Authorization, Client/Server Authentication Systems,
Messages T ransfer Security, Protection of Networks from Virus Attacks,
Accounting Management, Report Manage ment, Policy-Based Management,
Service Level Management.

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

TEXT BOOKS:
Mani Subramanian: Network Management- Principles and Practice, 2nd
Pearson Education, 2010.
REFERENCE BOOKS:
J. Richard Burke: Network management Concepts and Practices: a Hands-On
Approach, PHI, 2008.

m
co
s.
bu
la
yl
lls
.a
w
w
w

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

TABLE OF CONTENTS

1. Introduction 6-14

1.1 Analogy of telephone network

1.2 Data and telecommunication network
1.3 Distributed computing environment
1.4 In t e rn et
1.5 Protocols and standards
1.6 IT m an ag em en t
1.7 Network and system management
1.8 Current status and future of network management

m
2. Basic Foundations: Standards, Models, and Language 15-27

co
2.1 Network Management Standards
2.2 Network Management Model

s.
2.3 Organization Model
2.4 Infor mation Model
bu
2.5 Co mmunication Model
2.6 ASN.1
la
2.7 Functional Model
yl

3. SNMPv1 Network M anagement 28-52

lls

3.1 Managed Network

.a

3.2 The SNMP Model

3.3 The Organization Model
w

3.4 The Information Model

3.5 Management Information Base
w

3.6 The SNMP Architecture

w

3.7 Administrative Model

3.8 Functional Model

4. SNMP Management RMON 53-61

4.1 Remote Monitoring

4.2 RMON SMI and MIB
4.3 RMONI1
4.4 RMON1 Groups and Functions
4.5 Relationship Between Co ntrol and Data Tables
4.6 RMON1 Co mmon and Ethernet Groups
4.7 RMON Token Ring Extension Groups
4.8 RMON2 Management Information Base

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

5. Broadband Netw ork Manage ment 62-84

5.1 Broadband Access Networks

5.2 Broadband Access Technology
5.3 HFCT Technology
5.4 HFC Management
5.5 Asymmetric Digital Subscriber Line Te chnolog y
5.6 ADSL Management

6. Network Management Applications 85-113

6.1 Configuration Management

6.2 Performance Management
6.3 Event Correlation Techniques

m
6.4 Security Management
6.5 Policy-Based Management

co
6.6 Service Level Management

s.
bu
la
yl
lls
.a
w
w
w

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Chapter 1
I NT RO D U C T I O N

1.1 Analogy of Telephone Network

Characteristics:
It is Reliable - does what is expected of it
Dependable - always there when you need
it (remember 911?)
Good quality (connection) - hearing each
other well
The reasons for that are good planning, design, and implementation .Good operation and
management of network.

m
Telephone Network Model
Notice the hierarchy of switches

co
Primary and secondary routes programmed
Automatic routing
Where is the most likely failure?

s.
Use of Operations Systems to ensure QoS
bu
To other
Regional centers
Sectional centers
la
Regional Center Regional Center Primary centers
Cla ss 1 switch Cla ss 1 switch Toll centers
yl

En d offices

To other
lls

Sectional Center Sectional Center Primary centers

Cla ss 2 switch Cla ss 2 switch Toll centers
En d offices
.a

Prima ry Center Prima ry Center To other

Cla ss 3 switch Cla ss 3 switch Class 4 toll points
w

En d offices
w

Toll Center Toll Center

Cla ss 4 switch Cla ss 4 switch
w

En d Office End Office

Cla ss 5 switch Cla ss 5 switch
Legend:
Loop
Dire ct Trunk
Toll-Connecting Trunk
Toll Trunk
Voice V o ic e

Figure 1.1 Telephone Network Model

Operations Systems / NOC

Monitor telephone network parameters S/N ratio, transmission loss, call blockage, etc.

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Real-time management of network

Trunk (logical entity between switches) maintenance system measures loss and S/N.
Trunks not meeting QoS are removed before customer notices poor quality
Traffic measurement systems measure call blockage. Additional switch planned to keep
the call blockage below acceptable level
Operations systems are distributed at central offices
Network management done centrally from Network Operations Center (NOC)

1.2 Data and Telecommunication Network

Computer data is carried over long distance by telephone (telecommunication network).
Output of telephone is analog and output of computers is digital. Modem is used to modulate
and demodulate .Computer data to analog format and analog to data should be done. Clear
distinction between the two networks is getting fuzzier with modern multimedia networks.

m
Data communication network

co
T erminal T erminal
Host

s.
bu
Modem Modem Modem
la
Loop Loop Loop
yl
lls

Voice Voice
.a

T elecommunication net work

w

Figure 1.2 Data and Telecom m unicat ion Networks

w

IBM SNA Architecture

w

IBM System Network Architecture (SNA) is a major step in network architecture SNA is based
on multitude of (dumb) terminals accessing a mainframe host at a remote location
LAN-WAN Network

LAN A LAN B

B r id g e / B rid g e /
Router Router

B r id g e /
Router

LAN C

WAN
communication link

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

W o r k s t a t io n W o r k s t a t io n

Cluster Cluster
controller controller

Communications
Communications
controller
controller

m
co
s.
M a in f r a m e
bu
Figure 1.3 IBM Systems Network Architecture Mo del
la

Major impacts of DCE are no more monopolistic service provider, no centralized IT controller,
yl

hosts doing specialized function and Client/Server architecture formed the core of DCE network
lls

Client/Server Model
.a

Control
w

transf er

Client Server
w

Control
transf er
w

Figure 1.4 Simple Client-Server Model

For example in Post office analogy; clerk the server, and the customer the client. Client always
initiates requests and Server always responds. Notice that control is handed over to the receiving
entity.
1.3 TCP/IP Based Networks

TCP/IP is a suite of protocols

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Internet is based on TCP/IP

IP is Internet protocol at the network layer level
TCP is connection-oriented transport protocol and ensures end-to-end connection
UDP is connectionless transport protocol and provides datagram service
Internet e-mail and much of the network management. Messages are based on
UDP/IP
ICMP part of TCP/IP suite

Architecture, Protocols and Standards

Communication architecture
Modeling of communication systems, comprising
functional components and
operations interfaces between them
Communication protocols
Operational procedures

m
intra- and inter-modules
Communication standards

co
Agreement between manufacturers on protocols of communication equipment on
physical characteristics and

s.
operational procedures bu
1.4 Communication protocols and standards
la
yl

User A User Z
Peer-Protocol Interface
lls

Application Layers Application Layers

.a

Transport Layers Transport Layers

w

Physical Medium

(a) Direct C ommu nication between E nd Sys tems

w

System A Intermedi ate system System Z

w

User A User Z
Peer-Protocol Interface

Application Layers Application Layers

T r a n s p o rt L a y e r
T r a n s p o rt L a y e r s T r a n s p o rt L a y e r s
Conversion

Physical Medium Physical Medium

(b) Com m unication between E nd S ystems via an Interme diate System

Figure 1.5 Basic Comm unication Architecture

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

OSI Reference Model

User / Application program

Layer 7 Application

Layer 6 Presentation

Layer 5 Session

Layer 4 Transport

Layer 3 Network

Layer 2 Data link

Layer 1 Physical

m
Physical medium

co
Figure 1.6 OSI Protocol Layers

s.
OSI Layers and Services
There are similarities between SNA and OSI. Simplicity of Internet specifies only layers
bu
3 and 4 .There is integrated application layers over Internet. Commonality of layers 1 and 2 as in
IEEE standard as shown in table
la

Application Protocols
yl
lls

Internet user OSI user

.a

Telnet Virtual Terminal

File Transfer Protocol File Transfer Access & Management
w

Simple Mail Transfer Message-orientedText

w

P ro t o c o l In t e rch an g e St an d a rd
w

Simple Network CommonManagement

M a n a g e m e n t P ro t o c o l Information Protocol

1.5 Common Network Problems

Loss of connectivity
Duplicate IP address
Intermittent problems
Network configuration issues
Non-problems
P e r f o r m a n c e p ro b l e m s

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

1.6 Challenges of IT Managers

Reliability
Non-real time problems
Rapid technological advance
Managing client/server environment
Scalability
Troubleshooting tools and systems
Trouble prediction
Standardization of operations - NMS helps
Centralized management vs sneaker-net

Layer L a y e r N a me Salient services provided by the layer

No.

m
1 Physical -Transfers to and gathers from the physical medium raw
bit data

co
-Handles physical and electrical interfaces to the
transmission medium
2 Data link
s.
-Consists of two sublayers: Logical li nk control (LLC) and
bu
Media access control (MAC)
-LLC: Formats the data to go on the medium; performs
la
error control and flow control
yl

-MAC: Controls data transfer to and from LAN; resolves

conflicts with other data on LAN
lls

3 Network Forms the switching / routing layer of the network

.a

4 T r a ns p or t -Multiplexing and de-multiplexing of messages from

a ppl i c at i o ns
w

-Acts as a transparent layer to appli cations and thus

w

isolates them from the transport system layers

w

-Makes and breaks connecti ons for connecti on-ori ented

communications
-Flow control of data in both directi ons
5 Session -Establishes and cl ears sessions for applicati ons, and
thus minimizes loss of data during large data exchange
6 Presentation -Provi des a set of standard protocols so that the display
would be transparent to syntax of the application
-Data encrypti on and decrypti on
7 Application -Provi des applicati on specific protocols for each specific
application and each specific transport protocol system

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

SN A OSI I N T E R NE T

End User A pplic ation Application

Presentation Services Presentation Application Specific

Protocols

Data Flow Control Session

Transmission Control Transport

Transport Connection- C o n n e c ti o n -
less: UDP oriented: T CP

S NICP
Network
IP
Path Control Network SNDCP

SNDAP

Data Link Data Link

Not Specified

Physical Physical

m
co
Figure 1.7 Comparisons of OSI, Internet, and SNA Protocol Layer Models

s.
bu
1.7 Network Management
la
yl

Network
Management
lls
.a

Network Network Network

w

Provisioning Operations Maintenance

w

Planning Fault Manage ment / Service Restoration F ault Management

w

Design Configuration Mana geme nt Trouble Tick et

Administration
Performance Manage ment / Traffic Ma nagem ent
Network Installation
Security Ma nage ment
Network Repairs
Accounting Manage ment
F acilities Installation
R e p o rt s M a n a g e m e n t & Mai ntenance
Routine Network
Inventory Mana ge ment T ests

Data Gathering & Analys es

Figure 1.8 Network Management Functional Groupings

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

1.8 Network Operations

Net wor k

Users

Management Configuration Data

Decision

TT Restoration
New Performance & Traffic Data
Technology

Engineering Group Operations Group I & M Group

NOC
- Network Planning & -Network Installation &
Design - Network Operations Maintenance

m
F aul t T T

co
Installation

s.
Figure 1.9 Network Management Functional Flow Chart
bu
Network Management Components
la

NMS
yl
lls
.a

Network Network
Agent Agent
w
w
w

Network Network
Objects Objects

Figure 1.10 Network Management Components

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Interoperability

NM S Messages NM S
Vendor A Services & Protocols Vendor B

Network Network Network Network

Agent Agent Agent Agent

Network Network Network Network

Objects Objects Objects Objects

m
co
Application

s.
Se r v i c e s
Objects O bj ec t s
bu
Management
Ve n d o r A Ve n d o r B
Pr o t o c o l
la
O bj ec t s O bj ec t s
Tr ans p or t
yl

Pr o t o c o l s
lls

(b) Services and Protocols

.a

Figure 1.11 Network Management Dumbbell Architecture

w
w
w

1.9 Current Status and Future of Network Management

Status:

SN M P m an ag em en t
Limited CMIP management
Operations systems
Polled systems

Future trends:

Object-oriented approach
Service and policy management
Business management
Web-based management

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Chapter 2
Basic Foundations: Standards, Models, and Language

Introduction
Network Management is the management of the network resources comprising nodes
(e.g., hubs, switches, routers) and links (e.g., connectivity between two nodes). System
Management is the management of systems and system resources in the network. Network
Management can also be defined as OAM&P (Operations, Administration, Maintenance, and
Provisioning) of network and services.

2.1 Network Management Standards

Table 2.1 Network Management Standards

m
S t a n d a rd Salient Points
OSI / CMIP International standard (ISO / OSI)

co
Management of data communications network - LAN and
W AN

s.
Deals with all 7 layers
bu
Most complete
Object oriented
la
W ell structured and layered
Consumes large resource in implementation
yl

SNMP / Industry standard (IETF)

lls

Internet
Originally intended for management of Internet components,
currently adopted for W AN and telecommunicati on systems
.a

Easy to implement
w

Most widely implemented

T MN International standard (ITU-T)
w

Management of telecommunications network

w

Based on OSI network management framework

Addresses both network and administrative aspects of
m a n a g e me n t
IE E E IEEE standards adopted internationally
Addresses LAN and MAN management
Adopts OSI standards significantly
Deals with first two layers of OSI RM
W e b - b a se d W eb-Based Enterprise Management (W BEM)
M a n a g e me n t
Java Management Application Program Interface (JMAPI)

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

OSI/CMIP: Common Management Information Protocol

SNMP/Internet: Simple Network Management Protocol (IETF)
TMN: Telecommunications Management Network (ITU-T)
IEEE standards
Web-based Management
SNMP is the most widely used. SNMP and CMIP use polling methodology for additional load
on the network. It requires dedicated workstations for the NMS (Network Management System)

2.2 Network Management Model

Network
Management

m
co
Organization Information Communication Functional
Model Model Model Model

s.
bu
Figure 2.1 OSl Network Management Model
la

The Organization model describes the network management components, functions of

yl

components and their relationships. The OSI Information deals with Structure of management
information (SMI), it deals with syntax and semantics. It contains Management information base
lls

(MIB) and MIB deals with organization of management information. The Communication
models consists of Transfer syntax with bi-directional messages, Transfer structure (PDU).The
.a

Functional model deals with user oriented requirements.

w

The OSI defines five functional applications namely

w

Configure components
Monitor components
w

Measure performance
Secure information
Usage accounting
2.3 Organizational Model

This describes components of network management and their relationship. It defines the
terms object, agent and manager.
Manager is responsible for
o Manages the managed elements
o Sends requests to agents
o Monitors alarms
o Houses applications
o Provides user interface

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Agent is responsible for

o Gathers information from objects
o Configures parameters of objects
o Responds to managers requests
o Generates alarms and sends them to managers
Managed object performs
o Network element that is managed
o Houses management agent
o All objects are either managed or unmanaged

Two-Tier Model

MD B Manager

m
co
s.
Managed objects
bu
Unm anaged objects

MDB Managem ent Database

la

Agent process
yl
lls

Figure 2.2 T wo-Tier Network Management Organization Model

.a

The Agent built into network element for example the Managed hub, managed router. An
w

agent can manage multiple elements for example the Switched hub, ATM switch. The MDB is a
physical database. Unmanaged objects are network elements that are not managed - both hysical
w

(unmanaged hub) and logical (passive elements).

w

Three-Tier Model

The middle layer plays the dual role

Agent to the top-level manager

Manager to the managed objects
Example of middle level: Remote monitoring
agent (RMON)

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

M DB Manager

M DB Agent / Manager

Managed objects
MDB Management Database

Ag e n t p r o c e s s

Figure 2.3 Three-Tier Network Management Organization Model

m
co
Manager of Managers

s.
bu
MoM MD B
la

A ge nt Agent
yl

Agent NMS MD B Agent NMS MD B

M an ag er M an a ger
lls
.a

Managed objects
w

Manage d objects
w
w

Agent NMS

MoM Manager of Managers Manager

Agent
MD B Manageme nt Database

Agent process

Figure 2.4 Network Management Organization Model with MoM

Agent Network Management System manages the domain. Manager of Managers (MoM)
presents integrated view of domains. The Domain may be geographical, administrative, vendor-
specific products, etc
Peer Network Management Systems

Dual role of both NMSs

Network management system acts as peers

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Dumbbell architecture discussed in Chapter 1

Notice that the manager and agent functions a re
processes and not systems

Age nt N M S Ma n a g e r N MS

Ma n a g e r N MS A g e n t N MS

Figure 2.5 Dual Role of Management Process

2.4 Information Model

m
Figure in a book uniquely identified by ISBN, Chapter, and Figure number in that
hierarchical order. The ID: {ISBN, chapter, figure}. The three elements above define the

co
syntax. Semantics is the meaning of the three entities according to Websters dictionary. The
information comprises syntax and semantics about an object.

Structure of Management Information (SMI)

s.
bu
SMI defines for a managed object. It contains Syntax, Semantics and plus additional
la
information such as status.
Example
yl

sysDescr: {system1}
lls

Sy n t ax : OCTET STRING
Definition: "A textual description of the entity "
.a

Access: read-only
Status: mandatory
w

Management Data Base / Information Base

w
w

MD B Manager MIB

Managed objects

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

The distinction between MDB and MIB are

MDB physical database; e.g.. Oracle, Sybase

MIB virtual database; s ch e m a compiled into
management software

An NMS can automatically discover a managed object, such as a hub, when added to the
network. The NMS can identify the new object as hub only after the MIB schema of the hub is
compiled into NMS software

Management Information Tree

Root

.
Lev el 1

m
co
Lev el 2

s.
Lev el 3
bu
la

Figure 2.6 Generic Representation of Management Information Tree

yl
lls

Object Type and Instance

The object types are name,Syntax,Definition,Status and Access
.a

For the example of a circle

w

iso International St an d a rd s Organization

w

itu International Telecommunications Union

dod Department of Defense
w

Designation:
iso 1
org 1.3
dod 1.3.6
internet 1.3.6.1

The circle is syntax. Semantics is definition from dictionary. A plane figure bounded by a
single curved line, every point of which is of equal distance from the center of the figure.

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

it u is o iso-itu
0 1 2

or g
3

dod
6

internet
1

Figure2.7 OSI Management Information Tree

Managed Object Perspectives

m
co
A ccess: Object T ype:
Access Object ID and
privilege D e s c ri p t o r

s.
circle
bu
Status :
la
Impl ementaion
requirements
Syntax : Defintion :
yl

model of object Semantics -

textual description
lls

Figure 2.8(a) Internet Perspecti ve

.a
w

Notifications :
Notify changes in
attribute values
w
w

Object Class:
Circular
object Behaviour

Operations:
Push

Attributes : Attributes:
circle, dimension ellipse, dimension

Figure 3.9(b) OSI Perspective

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

object ID unique ID
and descriptor and name for the object
syntax used to model the object
access access privilege to a managed object
status implementation requirements
d ef i n i t i o n textual description of the semantics
of object type

o b j e ct cl a s s managed object
attributes attributes visible at its boundary
o p er a t i o n s operations which may be applied to it
b eh a vi o r behavior exhibited by it in response to operation

m
notifications notifications emitted by the object
Packet Counter Example

co
Characteristics
s. Example
bu
Object type P k t Co u n t e r
la
Sy nt ax Co u n t e r
yl

Ac c es s Read-only
lls

Status Mandatory
Description Co u n t s n u m b e r o f p a c k e t s
.a

Figure 2.10(a) Internet Perspective

w
w

Characteristics Exa m p l e
w

Object class P a c k e t Co u n t e r
A t t ri b ut es Single-val ued
Operations g et , s et
Beh av i or Retrieves or resets val ues
Notifications Generates notificati ons on new
value
Figure 2.10 (b) OSI Perspective

Figure 2.10 Packet Counter As Example of Managed Object

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

2.5 Communication Model

In Internet requests/responses are in OSI operations. In Internet traps and notifications are
in (SNMPv2).

Operations /
Re q u e s t s

Manager Re s p o n s e s Agent

Notifications / Network Elements /

A p p l ic a t i o n s
Traps M an age d O bj ec t s

m
co
Figure 2.11 Management Message Communication Model

Transfer Protocols
s.
bu
la
Manager Operations / Requests / Responses Agent
Applications Traps / Notifications Applications
yl
lls

Manager Agent
.a

SNMP (Internet)
C o m m u n i c a ti o n Communication
CMI P ( O S I)
Module Module
w
w

UDP / IP (Internet)
w

Transport Layers Transport Layers

OSI Lower Layer Profiles (OSI)

Phys ical Medium

Figure 2.12 Management Communication Transfer Protocols

Internet is based on SNMP and OSI is based on CMIP. OSI uses CMISE (Common
Management Information Service Element) application with CMIP.
OSI specifies both c-o and connectionless transport protocol; SNMPv2 extended to c-o,
but rarely used.

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

2.6 Abstract Syntax Notation One:ASN.1

ASN.1 is more than syntax; its a language. It addresses both syntax and semantics. There are
two types of syntax

Abstract syntax: set of rules that specify data type and structure for information storage.
Transfer syntax: set of rules for communicating information between systems.

Makes application layer protocols independent of lower layer protocols. It can generate
machine-readable code for example Basic Encoding Rules (BER) is used in management
modules.
Backus-Nauer Form (BNF)

BNF is used for ASN.1 constructs

Constructs developed from primitives
The below example illustrates how numbers are constructed from the primitive

m
<digit>
Simple Arithmetic Expression entity (<SAE>) is constructed from the primitives

co
<digit> and <op>

s.
bu
Definition:
<name> ::= <definition>
Rules:
la

<digit> ::= 0|1|2|3|4|5|6|7|8|9

yl

<number> ::= <number> | <digit> <number>

< o p > : : = + |-|x |/
lls

<SAE> ::= <number>|<SAE>|<SAE><op><SAE>

Example:
.a

9 is primitive 9
19 is construct of 1 and 9
w

619 is construct of 6 and 19

w

Simple Arithmetic Expression

w

SAE> ::= <number> | <SAE><op><number>

Example: 26 = 13 x 2
Constructs and primitives

Type and Value

Assignments values
<BooleanType> ::= BOOLEAN
<BooleanValue> ::= TRUE | FALSE
ASN.1 module is a group of assignments
person-name Person-Name :: =
{ first "John",
middle "I",

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

last "Smith"
}

Data Type: Example 1

Module name starts with capital letters

Data types:
Primitives: NULL, GraphicString
Constructs
Alternatives : CHOICE
List maker: SET, SEQUENCE
Repetition: SET OF, SEQUENCE OF:

Difference between SET and SEQUENCE

m
PersonnelRecord ::= SET
{ Name,

co
title GraphicString,
division CHOICE

s.
marketing [0] SEQUENCE
{Sector,
Country},
bu
research [1] CH O IC E
{product - based [0] NULL,
la
basic [1] NULL},
production [2] SEQUENCE
yl

{Product - line ,
Country } }
lls

etc.
.a

Example 1
w

ASN.1 Symbols
w

Sy m b o l Meaning
w

::= Defined as
| or, alternative, options of a list
- Signed number
-- Following the symbol are comments
{} Start and end of a list
[] Start and end of a tag
() Start and end of subtype
.. R an g e

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Data Type: Structure & Tag

Structure defines how data type is built

Tag uniquely identifies the data type

If the Structure is simple

PageNumber ::= INTEGER

ChapterNumber ::= INTEGER
St ru ct u re / Co n s t ru ct
BookPageNumber ::= SEQUENCE {ChapterNumber, Sep a r at o r, PageNumber}
Example: {1-1, 2-3, 3-39}
Tagged

Derived from another type; given a new ID In Fig, INTEGER is either universal or

m
application specific
Other types:

co
CHOICE, ANY

s.
BookPages ::= SEQUENCE OF { BookPageNumber}
or
bu
B o o k Pag es : : = SE Q U E N C E O F
{SEQUENCE
la
{ChapterNumber, Separator, PageNumber}
}
yl
lls

Data Type
.a

Tag

Structure
w
w
w

Number

Simple Structured T agged Other Class

Context-
Universal Application Private
specific

Figure 2.13 ASN.1 Data Type Structure and Tag

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

2.7Functional Model

OSI
Functional Model

Configuration Fault Performance Security Accounting

Management Management Management Management Management

The configuration management will set and change network configuration and
component parameters. It will set up alarm thresholds

m
Fault management will do detection and isolation of failures in network and trouble ticket
administration

co
Performance management monitors performance of network
Security managementAuthentication, Authorization and Encryption

s.
Accounting management-- Functional accounting of network usage
bu
la
yl
lls
.a
w
w
w

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Chapter 3
SNMPv1: Organization and Information Models

3.1 Managed Network: Case Histories

AT&T Network Management Centers

Network Control Centers
Network Operations Center
CNN World Headquarters
Centralized troubleshooting of NIC
Performance degradation due to NMS
Bell Operating company procedure

Managed LAN

m
NM S

co
192.168.252.110

172.17.252.1

s.
Router 2
bu
Backbone Network
la
yl

Router 1
172.16.4 6.1
lls

Hu b 1 Hu b 2
172.16.46.2 172.16.46. 3
.a

Figure 3.1 A Man age d LAN Network

w
w
w

NMS on subnet 192.168.252.1 manages the router and the hubs on subnet 172.16.46.1
across the backbone network .Information obtained querying the hub. Data truly reflects what is
stored in the hub

Managed Router: Port Addresses

Information acquired by NMS on the router interfaces

I n d e x r e f e r s t o t h e i n t er f a c e o n t h e ro u t e r
LEC is the LAN emulation card
Ethernet 2/0 interface refers to the interface
card 2 and port 0 in that card

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

I ndex Interface IP address Network Mask Network Link Address

Address

23 L EC. 1 .0 192.168.3.1 255.255.255.0 192.168.3.0 0x00000C3920B4

25 L EC. 3 .9 192.168.252.1 255.255.255.0 192.168.252. 0x00000C3920B4
5 0
13 Ethernet2/0 172.16 ..46.1 255.255.255.0 172.16 ..46.0 0x00000C3920AC
16 Ethernet2/3 172.16.49.1 255.255.255.0 172.16.49.0 0x00000C3920AF
17 Ethernet2/4 172.16.52.1 255.255.255.0 172.16.52.0 0x00000C3920B0
9 Ethernet1/2 172.16.55.1 255.255.255.0 172.16.55.0 0x00000C3920A6
2 Ethernet 0/1 172.16.56.1 255.255.255.0 172.16.56.0 0x00000C39209D
15 Ethernet2/2 172.16.57.1 255.255.255.0 172.16.57.0 0x00000C3920AE
8 Ethernet1/1 172.16.58.1 255.255.255.0 172.16.58.0 0x00000C3920A5
14 Ethernet2/1 172.16.60.1 255.255.255.0 172.16.60.0 0x00000C3920AD
3.2 History Internet SNMP Management
1970 Advanced R es e a rch Project Agency Network (ARPANET)
Internet control Message Protocol (ICMP)

m
Internet Engineering Task Force (IETF)
1990 SNMPv1

co
1995 SNMPv2
1998 SNMPv3

s.
Internet documents:
Request for Comments (RFC)
bu
IETF STD Internet Standard
FYI For your information
la
So u rc e fo r R FC s SNMP
ftp://nic.mil/rfc Management
yl

Documents
ftp://ftp.internic.net/rfc
lls

http://nic/internet.net/
RFC 1065 RFC 1066 RFC 1067
.a

SMI MIB I RFC 1098

RFC 1155 RFC 1156 SNMPv1
STD 16 RFC 1157
w

SNMPv1 Concise SMI STD 15

Traps RFC 1212
w

RFC 1215 STD 16

w

RFC 1158
MIB II
RFC 1213
STD 17

RFC 1442 RFC 1443 RFC 1444 RFC 1448 RFC 1449
SMIv2 Txt SMIv2 SNMPv2 SNMPv2
SMIv2 Protocol Ops Transport Map.
Conventions Conformances
RFC 1902 1905 RFC 1906
RFC 1903 RFC 1904

MIB II for
SNMPv2
RFC 1907

Figure 3.2 SNMP Document Evolution

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

3.3 SNMP Model

Organization Model
Relationship between network element,
agent, and manager
Hierarchical architecture
Information Model
Uses ASN.1 syntax
SMI (Structure of Management Information
MIB ( Management Information Base)
Communication Model
Transfer syntax
SN M P o v e r T C P/ IP
Communication services addressed by messages
Security framework community-based model

m
3.4 The Organization Model

co
Two-Tier Organization Model

SNMP

s. SNMP SNMP
bu
Manager Manager Manager
la
SNMPAgent Network Agent
yl

Network Network
Element Element
lls

(a) One Manager - One Agent Model (b) Multiple Managers - One Agent Model
.a
w

Three-Tier Organization Model: RMON

w
w

SN MP
Manager

RMON
Probe

Managed
Objects

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Managed object comprises network element and

m an ag e m en t ag en t
R M O N a ct s as an ag en t an d a m an ag e r
RMON (Remote Monitoring) gathers data from MO,
analyses the data, and stores the data
Communicates the statistics to the manager

3.5 System Architecture

SNMP Manag er SNMP Agent

M an ag e- SNMP Manag er SNMP Agent

m ent Application Application
Dat a

GetNext-Request GetNext-Request
Get-Request Set-R eG
quete-sRtesponse Get-Request Set-Re
q eGt ue
R-ste s p o ns e

m
Trap Trap

co
s.
S N MP SN M P
bu
UDP UDP
la
IP IP
yl

DL C DLC
lls

PHY P HY
.a

Physical Medium
w

Figure 3.3 SNMP Network Mana gement Arc hitecture

w
w

Messages between manager and agent

Direction of messages - 3 from manager and
2 fro m ag en t
SNMP Messages
Get-Request
Sent by manager requesting data from agent
Get-Next-Request
Sent by manager requesting data on the next
M O t o t h e o n e s p e ci fi ed
Set-Request
Initializes or changes the value of network
element

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Get-Response
Agent responds with data for get and set
requests from the manager
Trap
Alarm generated by an agent

3.6 The Information Model

Managed Object

Object

Object Object
Type Instance

m
Name:

co
Syntax: Encoding:
OBJECT
ASN.1 BER
IDENTIFIER

s.
bu
Figure 3.4 Managed Object: Type and Instance
la
Object type and data type are synonymous
Object identifier is data type, not instance
yl
lls

Managed Object: Multiple Instances

.a

Object
w

Object Object
w

Typ e Instance 3
w

Object
Instance 2
Name:
Syntax: Encoding: Object
O B JE CT
ASN.1 BER Instance 1
IDENTIFIER

Figure 3.5 M anaged Object : Type with Multiple Instances

All 3 Com hubs of the same version have identical

identifier; they are distinguished by the IP address
Each IP address is an instance of the object

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

N a me
Uniquely defined by
DESCRIPTOR AND
OBJECT IDENTIFIER

internet OBJECT IDENTIFIER ::=

{iso org(3) dod(6) 1 }.

internet OBJECT IDENTIFIER ::= {iso(1) standard(3) dod(6) internet(1)}

internet OBJECT IDENTIFIER ::= {1 3 6 1}
internet OBJECT IDENTIFIER ::= {iso standard dod internet }
internet OBJECT IDENTIFIER ::= { iso standard dod(6) internet(1) }
internet OBJECT IDENTIFIER ::= { iso(1) standard(3) 6 1 }

Internet Subnodes

m
Internet

co
{1 3 6 1}

s.
bu
directory mgmt experimental private
la
(1) (2) (3) (4)
yl
lls

Figure 3.6 Subnodes und er Internet Node in SNMPv1

.a

directory OBJECT IDENTIFIER ::= {internet 1}

w

mg mt OBJECT IDENTIFIER ::= {internet 2}

experimental OBJECT IDENTIFIER ::= {internet 3}
w

private OBJECT IDENTIFIER ::= {internet 4}

w

Private MIB Example

I nt er net
{ 1 3 6 1}

private
(4)

ent er pr i s es
(1)

cisco hp 3 Co m Cabletron
(9) (11) ( 4 3) ( 52)

Figure 3.7 Private Subtree for Commercial Vendo rs

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

SNMP ASN.1
Data Type

Tag

Structure

Number

Class

Simple Defined Constructor

or or or
P ri m i ti v e Application Structured

Context-
Universal Application Private
specific

m
co
Figure 3.7 SNMP ASN.1 Data Type

s.
Primitive Data Types bu
S t ru c t u r e Data Type Comments
Primitive types INTEGER Subtype INTEGER (n1..nN)
la
Special case: Enumerated
INTEGER type
yl

OCTET STRING 8-bit bytes bi nary and textual data

lls

Subtypes can be specifi ed by

either range or fi xed
.a

OBJECT IDENTIFIER Object position in MIB

NULL Placehol der
w
w

get-request message has NULL for value fields and

w

get-response from agent has the values filled in

subtype:
INTEGER (0..255)
OCTET STRING (SIZE 0..255)
OCTET STRING (SIZE 8)
Enumerated
error-status INTEGER {
noError(0)
tooBig(1)
genErr(5)
authorizationError(16)
}

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Defi ned types NetworkAddress Not used

IpAddress Dotted decimal IP address
Co u n t e r W rap-around, non-negative
integer, monotonically increasi ng,
max 2^32 -1
G a ug e Capped, non-negative i nteger,
increase or decrease
TimeTicks Non-negative integer in
hundredths of second units
O p aq ue Application-wi de arbitrary ASN.1
syntax, double wrapped OCTET
S T RI NG

m
Defined data types are simple or base types

co
Opaque is used to create data types based on
previously defined data types

Defined or Application Data Type

s.
bu
Defi ned types N e t wo r k A d d r e s s Not used
la
IpAddress Dotted decimal IP address
Counter Wrap-around, non-negative
yl

integer, monotonically increasing,

lls

max 2^32 -1
G a ug e Capped, non-negative integer,
.a

increase or decrease
TimeTicks Non-negative integer in
w

hundredths of second units

w

O p aq u e Application-wide arbitrary ASN.1

syntax, double wrapped OCTET
w

S T RI NG

Constructor or Structured Data Type: SEQUENCE

Object OBJECT IDENTIFIER ObjectSyntax

1 ipAdEntAddr {ipAddrEntry 1} IpAddress
2 ipAdEntIfIndex {ipAddrEntry 2} INTEGER
3 ipAdEntNetMask {ipAddrEntry 3} IpAddress
4 ipAdEntBcastAddr {ipAddrEntry 4} INTEGER
5 ipAdEntReasmMaxSize {ipAddrEntry 5} INTEGER
6 ipAddrEntry {ipAddrTable 1} SEQUENCE

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

List: IpAddrEntry ::=

SEQUENCE {
i pAd Ent A d dr I pAd dr e s s
ipAdEntIfIndex INTEGER
i pAdE nt N et M as k IpAddress
ipAdEntBcastAddr INTEGER
i p A d E n t Re a s m Ma x S i z e INTEGER (0..65535)
}
Managed Object IpAddrEntry as a list

Basic Encoding Rules (BER) Tag, Length, and Value (TLV

m
Type Length Value

co
s.
Class P/C Tag Number
bu
(7-8th bits) (6th bit) (1-5th bits)
la

SNMP Data Types and Tags

yl

Type Tag
lls

OBJECT IDENTIFIER UNIVERSAL 6

SEQUENCE UNIVERSAL 16
.a

IpAddress APPLICATION 0
Counter APPLICATION 1
w

Gauge APPLICATION 2
TimeTicks APPLICATION 3
w

Opaque APPLICATION 4
w

Managed Object: Structure

OBJECT:
sysDescr: { system 1 }
Sy n t ax : O CT E T ST R I N G
Definition: "A textual description of the entity. This value
should include the full name and version
identification of the system's hardware type,
software operating-system, and networking
software. It is mandatory that this only contain
printable ASCII characters."
Access: read-only
Status: m an d at o ry

Figure 31 Specifications for System Description

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Managed Object: Macro

OBJECT-TYPE MACRO ::=
BEGIN
TYPE NOTATION ::= SYNTAX type(TYPE ObjectSyntax)
ACCESS Access
STATUS Status
VALUE NOTATION ::= value(VALUE ObjectName)

Access ::= read-only | write-only | not-accessible

Status ::= mandatory | optional | obsolete

END

Figure 3.2(a) OBJECT-TYPE Macro [RFC 1155]

m
sysDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))

co
ACCESS read-only
ST A T U S m a n d at o ry

s.
DESCRIPTION
A textual description of the entit y. This value should include the full name and
bu
version identification of the systems hardware type, software operating-system,
and networking software. It is mandatory that this only contain printable ASCII
la
ch a ra ct e rs .
::= {system 1 }
yl
lls

Figure 3.3(b) Scalar or Single Instance Macro: sysDescr

.a

[RFC 1213]
Aggregate Object
w

A group of objects
w

Also called tabular objects

Can be represented by a table with
w

Columns of objects
Rows of instances
Example: IP address table
Consists of objects:
IP address
Interface
Subnet mask (which subnet this address
belongs to)
Broadcast address (value of l.s.b. in IP
broadcast address)
Largest IP datagram that can be assembled
Multiple instances of these objects associated with
the node

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Aggregate M.O. Macro: Table Object

ipAddrTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpAddrEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION

"The table of addressing

information relevant to this entity's IP
addresses."
::= {ip 20}

ipAddrTable OBJECT-TYPE
::= {ip 20}
ipAddrEntry OBJECT-TYPE

m
::= {ipAddrTable 1}

co
Aggregate M.O. Macro: Entry Object

s.
ipAddrEntry OBJECT-TYPE
bu
SYNTAX IpAddrEntry
ACCESS not-accessible
STATUS mandatory
la

DESCRIPTION
yl

"The addressing information for one of this entity's IP addresses."

lls

INDEX { ipAdEntAddr }
.a

::= { ipAddrTable 1 }
w

IpAddrEntry ::=
SEQUENCE {
w

ipAdEntAddr
w

IpAddress,
ipAdEntIfIndex
INTEGER,
ipAdEntNetMask
IpAddress,
ipAdEntBcastAddr
INTEGER,
ipAdEntReasmMaxSize
INTEGER (0..65535)

Index ipAdEntAddr uniquely identifies an instance. May require more than one object in the
instance to uniquely identify it

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Aggregate M.O. Macro: Columnar Objects

ipAdEntAddr OBJECT-TYPE
SYNTAX IpAddress
ACCESS read-onl y
STATUS mandatory
DESCRIPTION

"The IP address to which this entry's

addressing information pertains."

::= { ipAddrEntry 1 }
ipAdEntReasmMaxSize OBJECT-TYPE
SYNTAX INTEGER (0..65535)
ACCESS read-onl y

m
STATUS mandatory
DESCRIPTION

co
"The size of the largest IP datagram which this
entity can re-assemble from incoming IP
fragmented datagrams received on this interface."

s.
::= { ipAddrEntry 5 }
bu
Tabular Representation of Aggregate Object
la
yl

TABLE
T
lls

ENTRY
E
.a
w

COLUMNAR COLUMNAR COLUMNAR COLUMNAR COLUMNAR

OBJECT 1 OBJECT 2 OBJECT 3 OBJECT 4 OBJECT 5
w

Figure 3.8(a) Multiple Instance Managed Object

w

The objects TABLE T and ENTRY E are objects that are logical objects. They define the
grouping and are not accessible. Columnar objects are objects that represent the attributes
and hence are accessible. Each instance of E is a row of columnar objects 1 through 5.
Multiple instances of E are represented by multiple rows.

3.7 Management Information Base

MIB-II (RFC 1213) is superset of MIB-I

Objects that are related grouped into object groups
MIB module comprises module name, imports from
other modules, and definitions of current module

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

RFC 1213 defines eleven groups.

Internet
{1 3 6 1}

directory mgmt experimental private

(1) (2) (3) (4)

mib-2
(1)

system (1) snmp (11)

interfaces (2) transmission (10)
at (3) cmot (9)

m
ip (4) egp (8)
icmp (5) udp (7)

co
tcp (6)

s.
bu
Figure 4.26 Internet MIB-II Group

Entity OID Description (brief)

la

s y s De s c r system 1 Textual description

yl

sysObjectID system 2 OBJECT IDENTIFIER of the entity

sysUpTime system 3 Ti me (in hundredths of a second since last reset)
lls

s y s Co n t a c t system 4 Contact person for the node

sysName system 5 Administrative name of the system
.a

s y s Loc at i o n system 6 Physical locati on of the node

w

sysServices system 7 Value designati ng the layer services provided by the

entity
w
w

System Group
syst e m
(mib-2 1)

s y s D es c r ( 1) sysServices (7)
s y s O bj ec t I d
s y s Loc at i on ( 6)
(2)
sysUpTime (3) sysName (5)

sysContact (4)

Figure 3.9 System Group

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

sysServices

sysServices OBJECT-TYPE
SYNTAX INTEGER (0..127)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"A value which indicates the set of services that this entity primarily offers.The value is a
sum. This sum initially takes the value zero, Then, for each layer, L, in the range1 through 7,
that this node performs transactions for, 2 raised to (L - 1) is added to the sum. For example, a
node which performs primarily routing functions would have a value of 4 (2^(3-1)). In
contrast, a node which is a host offering application services would have a value of 72
(2^(4-1) + 2^(7-1)). Note that in the context of the Internet suite of protocols, values should b
calculated accordingly:

m
layer functionality
1 p h y s i c a l ( e . g . , r e p e a t er s )

co
2 datalink/subnetwork (e.g., bridges)
3 internet (e.g., IP gateways)

s.
4 end-to-end (e.g., IP hosts)
7 applications (e.g., mail relays)
bu
For systems including OSI protocols, layers 5 and 6 may also be counted." :: = { system 7 }
la

Interfaces Group
yl
lls

interfaces
(mib-2 2)
.a
w

i f Num ber i f T a bl e
(1) ( 2)
w

ifEntry
w

(1)

ifIndex (1) ifSpecific (22)

ifDescr (2) i f O ut Q L e n ( 2 1 )
i f T y pe ( 3) i f O ut E r r o r s ( 2 0 )
i f M t u ( 4) i f O ut Di s c ar ds ( 19)
i f S pe ed ( 5) i f O ut N Uc as t P k t s ( 1 8 )
i f P hy s A ddr es s ( 6) ifOut UcastPkts (17)
i f A dm i ns t at us ( 7) i f O u t O c t et s ( 1 6 )
i f O p er S t at us ( 8) i f Unk n o w nP r ot os ( 15)
i f Las t C ha ng e ( 9) ifInErrors (14)
i f I nO c t et s ( 1 0) ifInDiscards (13)
i f I nUc as t P k t s ( 11) ifInNUcastPkts (12)

Le g en d: I N DE X i n b o l d

Figure 3.9 Interfaces Group

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

IP Group

ip
(mib-2 4)

i pF or war di ng ( 1) ipRoutingDiscards (23)

i p D ef a u l t T T L ( 2 ) i p N et T o M e d i aT a b l e ( 2 2 )

ipInReceives (3) i pRo ut eT abl e ( 21)

i pI n H dr E r r or s ( 4 ) ipAddrT able ( 20)
ipInAddrErrors (5) ipFragCreat es (19)

ipForwDatagrams (6) ipFragFails (18)

ipInUnknownProtos (7) ipFragOKs (17)
ipInDiscards (8) ipReasm Fails (16)
ipInDelivers (9) i pR e as m O K s ( 1 5)

m
ipOutRequests(10) ipReasmReqds (14)

i p O u t D i s c a r ds ( 1 1 ) ipReasmTimeout (13)

co
ipOutNoRoutes (12)

s.
Figure 3.10 IP Group
bu
la
ipForwarding: Gateway(1) and Router(2)
IP Address Table contains table of IP addresses
yl

IP Route Table contains an entry for each route

lls

IP Network-to-Media Table is address translation table

mapping IP addresses to physical addresses
.a

IP Address Translation Table

w
w

ipNetToMediaTable
(ip 22)
w

ipNetToMediaEntry (1)

ipNetToMediaIfIndex (1) ipNetT oMediaType (4)

ipNetToMediaPhysAddress (2) ipNetToMediaNetAddress (3)

Figure 3.11 IP Address Translation Table

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

ICMP Group icmp

(mib-2 5)

icmpInMsgs (1) icmpOutA ddrMask Reps (26)

icmpInErrors (2) icmpOutA ddrMasks (25)
icmpInDestUnre achs (3) icmpOutTimestampR eps (24)
icmpInTimeE xcds (4) icmpOutTimestamps (23)
ic m p I n P a r m Pr o b e ( 5 ) icmpOutEc hoR eps (22)
icmpInSrcQuen chs ( 6) i c m p O u tE c h o s ( 2 1 )
icmpInRedir ects (7) icmpOutRedirects (20)
icmpInEchos (8) ic m p O u t Sr c Q u e n c h s ( 1 9 )
icmpInEchoR eps (9) icmpOutP armProbe (1 8)
icmpInTimestamps (10) icmpOutTimeExcds (17)
icmpInTimestampReps (11) icmpOutDestUnreac hs (16)
icmpInAddr Masks (12) icmpOutErrors (15)
icmpInAddrMask Reps (13) icmpInMsgs (14)

m
co
Figure 3.12 ICMP Gro up

s.
Objects associated with ping
icmpOutEchos # ICMP echo messages sent
bu
icmpInEchoReps # ICMP echo reply messages
re c ei v ed
la
Objects associated with traceroute/tracert
icmpInTimeExcs # ICMP time exceeded messages received
yl
lls

TC P G ro up
.a

tc p
(mib-2 6)
w
w

tcpOut Rsts (15)

t c p Rt o A l g or i t h m ( 1)
tcpInErrors (14)
w

tcpRtoMin (2)
tcpConnTable 13)
tcpRtoM ax (3)
tcpRetranSegs (12)
tcpM axConn (4)
tcpActiveO pens (5) tcpOutSegs (11)
tcpP assiveO pens (6) tcpInS egs (10)
tcpAttem ptFails (7) tcpCurrEstab (9)
tcpEstabResets (8)

Figure 3.13 TCP Group

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

TCP Connection Table

Entity OID Description (brief)

tcpConnTable tcp 13 TCO connecti on table

tcpconnEntry TcpConnTable 1 Information about a particular TCP
connection
t c pC o nn St at e TcpConnEntry 1 State of the TCP connection
tcpConnLocalAddress TcpConnEntry 2 Local IP address
tcpConnLocalPort Tc p C o n n E n t r y 3 Loc al por t n u m ber
tcpConnRemAddress TcpConnEntry 4 Re m o t e I P a d d r e s s
tcpConnRemPort Tc p C o n n E n t r y 5 Re m o t e p o r t n u m b e r

m
tcpConnTable
(tcp 13)

co
t c p Co n n E n t r y

s.
( 1)
bu
tcpConnState (1) tcpCommRemPort (5)
tcpConnLocalAddress (2) tcpConnRemAddress(4)
la

tcpConnLocalPort (3)
yl
lls

Figure 3.14 TCP Connection Table

.a

UDP Group
w

Connectionless transport protocol group Has one table, UDP table

w
w

Entity OID Description (brief)

udpInDatagrams udp 1 Total number of datagrams delivered to the
users
udpNoPorts udp 2 Total number of received datagrams for
which there is no applicati on
udpInErrors udp 3 Number of received datagrams with errors
udpOutDatagrams udp 4 Total number of datagrams sent
udpTable udp 5 UDP Listener tabl e
udpEntry udpTable 1 Information about a particular connecti on or
UDP listener
u d p L o c a l A d d r e ss u dp E n t ry 1 Local IP address
udpLocalPort u dp E n t ry 2 Local UDP port

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

udp
(mib-2 7)

udpInDatagrams udpNoPorts udpInErrors udpOutDatagrams udpTable

(1) (2) (3) (4) (5)

udpEntry
(1)

udpLocAddress udpLocalPort
(1) (2)

m
Figure 3.15 UDP Group

co
s.
3.7 SNMPv1: Communication Model
SNMP Architecture
bu
SN M P M a n a g e r SNMP Agent
la
yl

M an ag e- StNNMPt-R
Meaqnuaegsetr SN M P A g e nt
Ge ex GetN ext- Request
m ent Application Application
e
lls

Dat a
Get-Request Set-ReqeuGstt-Response Get-Request Set-Reque Gset t-Respo nse

Trap
.a

Trap
w
w
w

S N MP S N MP

UDP UDP

IP IP

DL C DL C

PHY P HY

Physical Medium

Figure 3.16 SNMP Network Mana ge m ent Archit ecture

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

It is truly simple network management protocol . Five messages, three from manager and two
fro m ag en t
SNMP Messages
Get-Request
Get-Next-Request
Set-Request
Get-Response
Trap
Generic trap
Sp e ci fi c t rap
Time stamp
Generic trap
coldStart
warmStart
linkDown

m
linkUp
authenticationfailure

co
egpNeighborLoss
enterpriseSpecific

s.
Sp e ci fi c t rap
for special measurements such as statistics
bu
Time stamp: Time since last initialization

la

3.8 Administrative Model

yl
lls

Based on community profile and policy

SNMP Entities:
.a

SNMP application entities

- Reside in management stations and network
w

elements
w

- Manager and agent

SNMP protocol entities
w

- C o m m u n i c at i o n p ro c e s s e s (P D U h a n d l e r s )
- Peer processes that support application entities

SNMP Manag er SNM P Manager SNMP Manager

Authentication Sche me Authentication Scheme Authentication Scheme

Authentic Messages

Authentication Sche me

SNMP Agent

Figure 3.17 SNMP Community

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Security in SNMPv1 is community-based

Authentication scheme in manager and agent
Community: Pairing of two application entities
Community name: String of octets
Two applications in the same community
communicate with each other
Application could have multiple community names
Communication is not secured in SNMPv1 - no
encryption

SNMP Agent

READ- READ-
SNMP Access Mode
O N LY W RIT E

m
not-accessible read-only write-only read-write MIB Acc ess

co
Object 1 Object 2 Object 3 Object 4
SNMP MIB View

s.
Figure 3.18 SNMP Com munit y Profile
bu
MIB view
la
An agent is programmed to view only a subset of managed objects of a network
el e m en t
yl

Access mode
lls

Each community name is assigned an access mode:: read-only and read-write

C o m m u n i t y p r o fi l e : M I B v i e w + a c c e s s m o d e
.a

Operations on an object determined by community. Profile and the access mode of the
object
w

Total of four access privileges

Some objects, such as table and table entry are non-accessible
w

Administration model is SNMP access policy

w

SNMP community paired with SNMP. community profile is SNMP access policy

Pa ram et e rs :
Community / communities Manager
Agent / Agents
Manager / managers
Community

Community Profile 1
Agent 1
Community Profile 2 Agent 2

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Access Policy

Manager manages Community 1 and 2 network .Components via Agents 1 and 2. Agent 1
has only view of Community Profile 1, e.g. Cisco components. Agent 2 has only view of
Community Profile 2, e.g. 3Com components. Manager has total view of both Cisco and 3
components.
Generalized Administration Model

M an ag er 1
( Com m uni t y 1)

Com munity 1

Comm unity Profile 1

A g e nt 1

Com munity Profile 2 A ge nt 2

m
co
M an ag er 3
( Com m uni t y 1, C om m u ni t y 2)

s.
Com munity 2

Comm unity Profile 3

A g e nt 3
bu
Com munity Profile 4 A ge nt 4
la
M an ag er 2
( Com m uni t y 2)
yl
lls

F i g u re 3. 1 9 S N M P A c ce s s P o l i c y
.a

Manager 1 manages community 1, manager 2. community 2,and manager 3 (MoM) both

w

communities . 1 and 2
w

Proxy Access Policy

w

SNMP Manag er
(Community 1)

SNMP
Proxy Agent
Agent

non-SNMP
SNMP Community
Community

Figure 3.20 SNMP Pro xy Access Policy

www.allsyllabus.com
 vtu.allsyllabus.com www.allsyllabus.com

Proxy agent enables non-SNMP community. The elements are managed by an SNMP manager.
An SNMP MIB is created to handle the non-SNMP objects.

3.9 SNMP Protocol Specifications

SNMP Dat a
PDU
Application Application Versi on Comm unity S NM P P D U
PDU Header
Transport UDP
PDU Header Application PDU

Network IP
Transport PDU
PDU Header
Data Link DLC

m
Network PDU
PDU Header

co
Figure 3.20 Encapsulated SNMP Message
Protocol entities support application entities

s.
Communication between remote peer processes
Message consists of
bu
Version identifier
Community name
la
Protocol Data Unit
Message encapsulated and transmitted
yl
lls

Get and Set PDU

PD U Error Error VarBind 1 VarBind 1 VarBind n VarBind n
.a

RequestID ...
Ty p e Status Index name value name va l u e
w

PDUs ::=
w

CHOICE {
get-request Figure 5.8 GGeteatnd
ReSet
queTsytp-PeDPDU,
Us
w

get-next-request GetNextRequest-PDU,
get-response GetResponse-PDU,
set-request SetRequest-PDU,
trap Trap-PDU
}
PDU Types: enumerated INTEGER
get-request [0]
get-next-request [1]
s et -req u es t [2 ]
get-response [3]
trap [4]

www.allsyllabus.com
 vtu.allsyllabus.com www.allsyllabus.com

Error in Response

ErrorStatus ::=
INTEGER {
noError(0)
tooBig(1)
noSuchName(2)
bad value(3)
readOnly(4)
genErr(5)
}
Error Index: No. of VarBind that the first error occurred

Tra p P D U

m
PDU Agent Generic Specific VarBind 1 VarBind 1 VarBind n VarBind n
Ente Timestamp ...
Ty p e Address Trap Type Trap Type name value name value
rprise

co
Generic T rap Type Description (brief)

s.
coldStart(0) Sending protocol entity is reinitializing itself;
agent's confi gurati on or protocol entity
bu
impl ementati on may be altered
warmStart(1) Sending protocol entity is reinitializing itself;
agent configuration or protocol enti ty
implementati on not altered
la

linkDown(2) Failure of one of the communi cati on links

linkUp(3) One of the links has come up
yl

authenticationFailure(4) Authenti cati on failure

lls

egpNeighborLoss(5) Loss of EGP nei ghbor

enterpriseSpecific(6) Enterprise-specific trap
.a

Enterprise and agent address pertain to the system generating the trap. Seven generic
traps specified by enumerated INTEGER. Specific trap is a trap not covered by enterprise
w

specific trap time stamp indicates elapsed time since last re- initialization.
w

3.10 SNMP Operations

w

Get Request (sysDescr.0) Agent

M an ag er Proc ess
Process Get Respons e (sysDescr .0= "SunOS" )
Get Request (sysObjectI D.0)
Get Respons e ( sysObjectID.0= enterprises.11. 2.3.10.1.2 )
Get Request (sysUpTime.0)
Get Respons e (sysUpTime.0= 2247349530)
G et Re q u es t ( s y s C o nt ac t . 0)
G et Res p o ns e ( s y s C o nt ac t . 0= " " )
G et Re q u es t ( s y s N am e. 0)
G et Res p o ns e ( s y s N am e. 0= " n oc 1 " )
Get Request (sysLocation. 0)
G e t R e s p o n s e ( s y s L o c at i o n . 0 = " " )
Get Request (sysServices.0)
Get Respons e (sysServi ces.0= 72)

Figure 3.21 Get-Request Operation for Sys tem Grou p

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

MIB for Get-Next-Request

A B T Z

1. 1 2. 1 3. 1

1. 2 2. 2 3. 2

m
Figure 3.21 MIB for Operation Sequences

co
s.
bu
A More Complex MIB Example
la
yl
lls

1 2 3 9
.a
w
w

1 2 2 10 4 21
w

5 18 6 9

Figure 3.22 MIB Example for Lexicographic Ordering

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Get-Next-Request Operation

Manager Agent
Process Process
GetNextRequest (sysUpTime,
atPhysAddress)

GetResponse( (sysUpTime.0 = "315131795"),

(atPhysAddress.13.172.16.46.1 = "0000000C3920AC"))

GetNextRequest (sysUpTime,
atPhysAddress.13.172.16.46.1) atIfIndex atPhysAddressatNetAddress
23 0000000C3920B4192.168.3.1

m
13 0000000C3920AC172.16.46.1
16 0000000C3920AF172.16.49.1

co
GetResponse( (sysUpTime.0 = "315131800"),
(atPhysAddress.16.172.16.49.1 = "0000000C3920AF") )

s.
GetNextRequest (sysUpTime,
bu
atPhysAddress.16.172.16.49.1)
la
GetResponse( (sysUpTime.0 = "315131805"),
(atPhysAddress.23.192.168.3.1 = "0000000C3920B4") )
yl
lls

GetNextRequest (sysUpTime,
atPhysAddress.23.192.168.3.1)
.a

GetResponse( (sysUpTime.0 = "315131810"),

w

(ipForwarding.0 = "1") )
w
w

Figure 3.23 GetNextRequ est Example with Indices

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Chapter 4
SNMP Management -- RMON

RMON Components

Data SNMP BACKBONE SNMP RMON

Analyzer Traffic N ET W O R K Traffic Probe
Router Router

L AN

m
co
RMON Probe Data gatherer is a physical device. Data analyzer is a processor that
analyzes data. RMON Remote Network Monitoring

s.
4.1 Remote Monitoring bu
R e m o t e F D DI L A N
la
yl

Router with FDDI Probe

RMON
lls

F D DI
.a

Backbone Network
Router Bridge
w

Loc al LA N
w

Router
w

NM S Ethernet
Remot e Token Ring LA N Probe

Token Ring
Probe

Figure 4.1 Network Configuration with RM ONs

The RMON is embedded monitoring remote FDDI LAN. Analysis done in NMS
RMON Benefits
Monitors and analyzes locally and relays data;
Less load on the network
Needs no direct visibility by NMS;
More reliable information

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Pe rm i t s monitoring on a m o re fre q u e n t basis

and hence faster fault diagnosis
Increases productivity for administrators

4.2 RMON SMI and MIB

rmon (mib-2 16)

r m onC o nf or m a nc e ( 20)
statistics (1) probeConfig (19)
hi s t or y ( 2) usrHistory (18)
alarm (3) a1M atrix (17)
a1 Hos t ( 16)

m
hos t ( 4)
hos t T o p N ( 5) n1M atrix (15)
matrix (6) n1 Hos t ( 14)

co
filter (7) addressMap (13)
c apt ur e ( 8) protocolDist (12)
ev ent ( 9) protocolDir (11)

s.
T ok e n Ri ng ( 10)
RM O N 1 RM O N 2
bu
RM O N 1 E x t ens i on
la
Figure 4.2 RMON Group
yl

RMON1: Ethernet RMON groups (rmon 1 - rmon 9)

lls

RMON1: Extension: Token ring extension (rmon 10)

RMON2: Higher layers (3-7) groups (rmon 11 - rmon 20)
.a

4.3 RMON1
w
w

Row Creation & Deletion

EntryStatus data type introduced in RMON
EntryStatus (similar to RowStatus in SNMPv2)
used to create and delete conceptual row.
Only 4 states in RMON compared to 6 in SNMPv2

State E n u me - Description
ration
valid 1 Row exists and is active. It is fully configured and operational
createRequest 2 Create a new row by creating this object
underCreation 3 Row is not fully active
invalid 4 Delete the row by disassociating the mapping of this entry

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

4.4 RMON Groups and Functions

T o k e n Ri n g S t a ti s ti c s
T o k e n Ri n g T o k e n Ri n g History
Statistics History Control

Ethernet Statistics
Ethernet Ethernet History
Statistics History Control

Host an d Conversation Stati stics

Remotely
Data Host HostT opN Matrix Network
Monitored
Gathering Statistics Statistics Statistics Manager
Network

F i l te r G r o u p
Packet Channel Packet

m
Filtering Filtering Capture

co
Alarm Event
Generation Generation

s.
Figure 4.3 RMON1 Groups and F u nct ion s
bu
Probe gathers data. Its functions are
Statistics on Ethernet, token ring, and
la
hosts / conversations
Filter group filters data prior to capture of data
yl

Generation of alarms and events

lls

RMON1 MIB Groups & Tables
.a

Ten groups divided into three categories

Statistics groups (rmon 1, 2, 4, 5, 6, and 10))
w

Event reporting groups (rmon 3 and 9)

Filter and packet capture groups(romon 7 and 8)
w

Groups with 2 in the name are enhancements with RMON2

w

Textual Convention:
LastCreateTime and TimeFilter
LastCreateTime tracks change of data with the
changes in control in the control tables
Timefilter used to download only those rows that
c h a n g e d a f t e r a p a rt i c u l a r t i m e
FooTable (bold indicating the indices):
fo o T i m eM a r k fo o I n d e x fooCounts
fo o Co u n t s .0.1 5

fooCounts. 0.2 9

fooCounts. 1.1 5

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

fooCounts. 1.2 9

fooCounts. 2.1 5

fooCounts. 1.2 9

fooCounts. 3.1 5

fooCounts. 3.2 9

fooCounts. 4.2 9 -- (Note that row #1 does not exist for times 4 & 5
since the last update occurred at time-mark 3.)

fooCounts. 5.2 9 (Both rows #1 and #2 do not exist for time-mark greater
than 5.)Bold objects (fooTimeMark and fooIndex) are indices

m
Group OID Function Tables
Statistics rmon 1 Link level statistics -etherStatsTable

co
-etherStats2Table
History r mo n 2 Periodic statistical data -historyControlTable

s.
collection and storage for later -etherHistoryTable
retrieval -historyControl2Table
bu
-etherHistory2Table
Alarm rm o n 3 Generates events when the data -alarmTable
la
sample gathered crosses pre-
e s t a b li s h e d t h r e s h o l d s
yl

Host r mo n 4 Gathers statistical data on hosts -hostControlTable

-hostTable
lls

-hostTimeTable
-hostControl2Table
.a

HostTopN rm o n 5 Co mputes the top N hosts on -hostTopNcontrolTable

w

t h e re s p e c t i v e c a t e g o ri e s o f
statistics gathered
w

Matrix r mo n 6 Statistics on traffic between pair -matrixControlTable

w

of hosts -matrixSDTable
-matrixDSTable
-matrixControl2Table
Filter rm o n 7 Filter function that enables -filterTable
c a pt u re of d es i re d p ar am et e rs -channelTable
-filter2Table
-channel2Table
Packet rm o n 8 Packet capture capability to -buffercontrolTable
Ca p t u r e gather packets after they flow -captureBufferTable
through a channel
Event rm o n 9 Controls the generation of -e v e n t T ab l e
events and notifications
Token rm o n 1 0 See T abl e 8. 3 See Table 8.3
Ring

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

4.5 Control and Data Tables

dataT able

dataEntr y
controlT able

data data dat a

controlEntry
In d e x AddlIndex Other

data data dat a

In d e x AddlIndex Other
control control control control control control
In d e x DataS ource T ableSize O w ner Status Other

data data dat a

In d e x AddlIndex Other
control control control control control control

m
In d e x DataS ource T ableSize O w ner Status Other

data data dat a

co
In d e x AddlIndex Other

s.
Note on Indices:
Indices marked in bold letter
bu
Value of dataIndex same as value of controlIndex
la
Figure 4.4 Relationship between Control and Data Tables
yl
lls

Control table used to set the instances of data rows in the data table. Values of data index and
control index are the same. MatrixSDTable is the source-destination table. ControlDataSource
.a

identifies the source of the data. ControlTableSize identifies entries associated with the data
w

source. ControlOwner is creator of the entry.

w

Filter Group
w

Filter group used to capture packets defined by

logical expressions
Ch an n el i s a s t re a m o f d at a c ap t u red b a s ed o n a
logical expression
Filter table allows packets to be filtered with an
arbitrary filter expression
A row in the channel table associated with multiple
rows in the filter table

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

filterTable

filterEntry
channelTable

channelE ntry filter

filterIndex Filter
ChannelIndex
=1 Parameters
=1

channel channel channel channel Other filter

filterIndex Filter
Index =1 IfIn d e x = 1 Ac ceptType DataControl Channel ChannelIndex
=2 Parameters
Parameters =1

filter

m
filterIndex Filter
ChannelIndex
Other =3 Parameters
channel channel channel channel =2
Channel
Inde x = 2 IfIndex Acc eptType DataControl

co
Parameters

filter
Note on Indices: filterIndex Filter

s.
ChannelIndex
=4 Parameters
Indices marked in bold letter =2
Value of filterChannelIndex same as value of channelIndex
bu
la
yl

Packet Capture Group

lls

Packet capture group is a post-filter group

Buffer control table used to select channels
.a

Captured data stored in the capture buffer table

w
w
w

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

4.6 RMON Token Ring Extension Groups

Token Ring Group Function Tables

Statistics Current utilization tokenRingMLStatsTable
and error statistics of tokenRingMLStats2Table
Mac Layer
Promiscuous Statistics Current utilization tokenRingPStatsTable
and error statistics of tokenRingPStats2Table
promiscuous data
Mac-Layer History Historical utilization tokenRingMLHistoryTable
and error statistics of
Mac Layer
Promiscuous History Historical utilization tokenRingPHistoryTable
and error statistics of

m
promiscuous data
Ri n g St at i o n Station statistics ringStationControlTable

co
ringStationTable
ringStationControl2Table

s.
Ring Station Order Order of the stations ringStationOrderTable
Ring Station Configuration Active configuration ringStationConfigControlTable
bu
of ring stations ringStationConfigTable
So u rc e Ro u t i n g Utilization statistics sourceRoutingStatsTable
la
of source routing sourceRoutingStats2Table
information
yl

Two statistics groups and associated history groups

lls

MAC l ay er (St at i s t i cs group) collects

TR parameters
.a

Pro m i s cu o u s Statistics group collects packets

w

promiscuously on sizes and types of packets

Three groups associated with the stations. Routing group gathers on routing
w

4.7 RMON2
w

Applicable to Layers 3 and above

Functions similar to RMON1
Enhancement to RMON1
Defined conformance and compliance

ATM RMON
ATM Forum extended RMON to ATM. Switch extensions and ATM RMON defines objects
at the base layer. ATM protocol IDs for RMON2 defines additional objects at the higher levels.
ATM devices require cell-based measurements and statistics. Probe should be able to handle
high speed .

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Application
Layer

Up p e r L a y e r P r o t o c o l s ATM Protocol IDs for

RMON-2 RMON-2
(RFC 2021, 2074) Network Layer (Additions to RFC 2074)

Et h e r n e t T o k e n Ri n g Switch
'Base' Layer AT M
RMON RMON Ex t e n s i o n s
RMON
( RF C 1 7 5 7 ) ( RF C 1 5 1 3 ) f o r RM O N

IETF MIBs Additional MIBs

m
Figure 4.5 RMON MIB Framework (1995 ATM Forum)

co
ATM Probe Location

s.
bu
A TM
A TM
Switch
la
Switch
yl

RMON
RMON Probe
lls

Probe
.a

(a) External Probe with copy (b) Internal Probe with copy
w
w

ATM Switch A TM A TM
w

with internal Switch Switch

RMON Probe
RMON
Probe
(c) Internal Probe without copy (d) External Probe without copy

Figure 4.6 ATM Probe Location 1995 ATM Forum)

Stand-alone probe in (a) copies the cells

Embedded v e rs i o n in (b) reports data, but
has no access to switch fabric
Internal probe (c) similar to (b) with access to switch

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Stand-alone probe (d) taps network-to-network

interface between two ATM switches
(a) and (b) require duplex circuits, steering of traffic,
and design modification
Embedded designs (c) and (d) require no
modification

m
co
s.
bu
la
yl
lls
.a
w
w
w

www.allsyllabus.com
 vtu.allsyllabus.com www.allsyllabus.com

Chapter 5
Broadband Network Management

5.1 Broadband Access Networks

Three categories of customer base

Corporate or enterprise

S e r v i c e p ro v i d e r s

Residence or SOHO

m
Cable Modem DS L
Ca bl e HF C T el eph on e xDSL

co
Cus t o m er Cus t o m er
Modem Net wor k Lo op Modem
Net wor k Net wor k

s.
Cable Cent r al
M od e m Office
Head End
bu
E q u i pm e n t

S DH / S O NE T
WA N
la
Ro ut er /
A T M S wi t c h Satellite Communication
yl

and/or Telephone Loop

lls

W i r el es s
O C- n / W i r el es s
Business Ro ut er / Cus t o m er
.a

STS-n & Telephone

Cus t o m er s ATM Switch Net wor k
Link Lo op
w

Figure 5.1 Broadband Access Networks

w
w

5.2 Broadband Access Technology

Five types of access networks

OC-n / STS-n link

Gateway to service providers (not shown)

HFC / Cable modem

DSL

Wi r e l e s s

www.allsyllabus.com
 vtu.allsyllabus.com www.allsyllabus.com

Fixed wireless

Satellite communication

Access Technologies
Br o a d b a n d
Ac c e s s
Technology

HF C Sa t e l l i t e
x D SL Wireless
Communication

Telephony- Tw o- Tel ep h ony - T wo -

AD S L H DS L V DS L I SM M M DS LMDS
Return Way Re t u r n Way

m
co
One- Tw o-
Way Way

s.
Figure 5.2 Broadband Access Technologies
bu
Hybrid fiber coaxial technology plant / cable modem at customer premises
la
yl

Telephony ret u rn is one-way, downstream

(forward d i re ct i o n ) cable, upstream (rev e rs e
lls

direction) telephone
.a

Two-way downstream at high freq u en cy band

w

and upstream at low frequency band

w

Carries voice, video and data. Upstream bandwidth requirements less compared to downstream
bandwidth. xDSL: Digital subscriber line technology
w

Asymmetric DSL (ADSL)

High-speed DSL (HDSL)
Very-high speed DSL (VDSL)

Uses existing local loop telephone facilities.Wireless: Terrestrial fixed wireless systems

Instructional scientific and medical (ISM): 902 - 928 MHz (0.5 mile) and 2400 - 2483 MHz
(15 miles). Multichannel multipoint distribution service (MMDS) 2500 - 2686 MHz (35 miles).

Local multipoint distribution service 27,500 - 28,350 MHz and 31,000 - 31,300 MHz (3 miles).

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Satellite communication, Telephony return is one-way, downstream, wireless, upstream

telephone. Two-way downstream and upstream wireless networks.

5.3 HFC Network

Fiber - 2 one-way transmission

Coaxial - 2-way transmission

2-way amplifiers

Fiber node: optical - RF conversion

Ethernet

m
Cable
Modem

co
NIU

s.
Satellite
bu 2-WAY
Head Fiber COAX
W AN Fiber
End Node
Amplifier
la

ISP NIU
yl
lls

Cable
Modem
NIU Network Interface Unit
.a

TV Monitor
w

Workstation

Head end:
w
w

Signals from multiple sources multiplexed

Frequency conversion for local signal

Network interface device (NID) / unit (NIU). Demarcation point between customer
network and service provider networks

Cable modem: RF Ethernet, analog telephony, and video

B ro ad b an d L A N

Asymmetric bandwidth allocation for 2-way communication

RF spread-spectrum that carries multiple signals over HFC

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

RF spectrum allocation to carry multimedia services - voice, video and data

Broadband LAN

Downstream Signal
50 - 860 M H z Termination

He a d Cable Cable Cable

End Mo d e m A Mo d e m B Modem C

Upstream Signal Termination

5 - 42 MHz

m
Figure 5.3 Broadband L AN

co
s.
Digital-to-Analog Encoding bu
Di g i t a l Modulated analog
Digital
Modem Modem
la
carrier
1 1
yl

0 0
time frequency time
lls

Ch a n n e l
b a n d wi d t h
.a

Figure 5.4 Digital-to-Analog Encoding

w
w

bit rate
w

s y m b o l rat e
number of levels n = 2k
bit rate = symbol rate x k
Amplitude shift keying
Frequency shift keying
Phase shift keying
Quadrature phase shift keying
Four levels ( 00, 01. 10, 11)
Relatively insensitive to noise

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Used for low-band upstream

Quadrature amplitude modulation (not 4-levels)
Combination of AM and PM
16-QAM = 8 PM x 2 AM or 4 PM x 4 AM
Used for higher-band downstream
Cable Modem

HFC uses tree topology

Downstream in broadcast mode

Upstream transmission by cable modem coordinated by head end

Data over cable service specifications (DOCSIS) for cable modem ensures

m
interoperability

co
One-way cable modem uses telco-return

s.
Up s t r e a m Do w n s t r e a m
Toshiba 2 . 5 6 Ms y m/ s e c 5.36 Msym/sec
bu
R CA D C M 1 0 5 1 0 Mb p s 38 M b ps
Cisco 1 0 Mb p s 38 M b ps
la
LANcity 1 0 Mb p s 10 M b ps
Motorola 1 0 Mb p s 40 M b ps
yl
lls

Functions of Cable Modem

.a

Termination System
w

Equipment at the head end

All cable modems terminated on the head end
w

Gateway to the external network

w

Multiplexes and demultiplexes signals

Frequency converts upstream to downstream
signals
Can be designed either as a bridge or router
HFC Plant

Multiple fiber pairs run from head end to fiber node; each pair carries 2 one-way signals
Head end converts all (telephony, digital video, data, and analog video) signals to
optical carrier to transmit on the fiber.
Houses are connected from fiber node via coaxial cables
Coaxial cable are in tree topology and carries 2-way signal
Amplifiers on the coaxial cable have 2-way amplifiers that amplify the signals in both
directions
Drop from coaxial cable to NID (also called NIU) - called Tap-to-TV in CATV

www.allsyllabus.com
 vtu.allsyllabus.com www.allsyllabus.com

R F S pect ru m

Downstream (Forward)
Upstream G u a rd 5 4 - 7 5 0 M Hz
(R ev e rs e ) B and Anal og Digital Digital
5-42 MHz 42-54 MHz T el epho ny
Video Data Services Video
700-750 MHz
54-550 MHz 5 5 0 - 5 6 0 M Hz 5 6 0 - 7 0 0 M Hz

m
Upstream (Reverse)
5-42 MHz

co
Digital Digital
Telephony

s.
Video Control D a t a S erv i c es
2 5 - 4 0 M Hz
6-8 MHz 1 0 - 2 5 M Hz
bu
la

Figure 5.5 An Example of RF Frequency Assignment

yl
lls

Tel co Return
DOCS Reference Architecture
4
.a

Head 6 Cable Subscriber

W AN HFC Link 1
End Modem PC
w
w

Video
w

Cable Modem Data

Termi nation System 6
Transmi tter
(CMTS) Mod
Fiber
Swi tc h / Router 2 Term Data
Receiver
Demod
6
Servers

Operations Support System/ Security & Access

3 5
Element Manager Controller

INTERFACES:
1 CMCI Cable Modem to CPE Interface
2 CMTS-NSI CMTS Network Si de Interface
3 DOCS-OSSI Data Over Cable Servi ces Operatio ns Support System Interface
4 CMTRI Cable Modem to Tel co Return Interface
5 DOCSS Data Over Cabl e Security System
6 RFI Cable Modem to RF Interface

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

The architecture shows two-way (HFC link) and one-way (HFC link & telco return).

CMTS Components

Video

Cable Modem Data

Termination System 6
(CMTS) Transmitter
Mod
Fiber
Switch / Router 2 Term Data
Receiver
Demod
6
Servers

m
Operations Support System/ Security & Access
3 5
Element Manager Controller

co
s.
Switch / router routes the traffic between cable modems and to the external network. It
interfaces to CMTS via the terminator (term). Modulator (mod) and demodulator demod)
bu
transform digital data from and to analog format. Combiner and splitter and filter perform the
complimentary functions of muxing and demuxing. Transmitter converts the RF signals to
la

optical carrier; receiver down-converts the optical signal. Servers handle the applications and
yl

databases. Security is managed by the security and access controller. OSS and element manager
perform network and service management.
lls

DOCS Interfaces
.a
w
w

Telco Return

4
w

Head 6 Cable Subscriber

WA N HFC Link 1
End Modem PC

Video

Cable Modem Data

Termination System 6
Transmitter
(CMTS) Mod
Fiber
Swi t c h / R o u t er 2 T e rm Data
Receiver
Demod
6
Servers

Operations Support System/ Security & Access

3 5
Element Manager Controller

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Three groups of interfaces:

Data interfaces
Cable modem to CPE (1)
CMTS-NSI (2)
Operations support systems and telco-return
OSS (3)
Telco-return (4)
R F a n d s e c u ri t y
DOCS security system (5)
RF interface (6)

5.4 HFC Management

It is more complex than either computer network or telecommunication network. This

involves both physical and data layers. Multiple physical facilities. Legacy cable system.

m
Multimedia service. It has RF spectrum management. Service and business management is

co
important for MSOs and customer. Shared media impacts security and bandwidth. Security
and privacy of home network

s.
HFC Protocol Architecture
bu
Head End Ca b l e M o d e m
la

Ap p l i c a t i o n s , Modem Applications
yl

Ap p l i c a t i o n s
SNMP Manager SNMP Agent
lls

SN M P, F T P, SN M P, F T P,
SN M P
HT T P , E T C HTTP, ETC
.a

T C P / UD P T C P / U DP T C P / UD P
w

IP IP IP
w

ATM HF C HF C Et h e r n e t Ethernet
SO N ET
Li nk Li nk Li nk Li nk Li nk
w

Figure 5.6 Protocol La yer Architecture in HFC System

Head end has both NM applications and manager

C ab l e m o d e m s h av e SN M P ag en t s

NMS can be regionalized; then, h e ad ends could

behave as RMONs

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

CM Management MIBs

mib-2
(internet.2.1)

system (1) doc s D ev ( 69 )

interfaces (2) transmission (10)

i f MI B ( 3 1 )

m
docsIfMib (127) docsTrCmMIB (128)

co
Figure 5.7 Cable Modem Management MIBs

s.
bu
la
yl

Three categories of MIBs

lls

Standard MIBs:
.a

s y s t e m , i n t e rfa c es , i fM I B
w

CM and CMTS interfaces

w

docIfMIB .. RF Interfaces in CM and CMTS,

w

base line privacy and QoS

docsTrCmMIB .. telephony-return interface

CM and CMTS objects

docsDevMIB

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

DOCS Interface MIB

transmission
(mib-2 10)

docsIfMIB
(127)

docsIfMIBObjects (1) docsQosMIB (6)

docsIfNotification (2) docsBpiMIB (5)
docsIfConformance
(3)

docsIfBaseObjects(1) docsIfCmtsObjects (3)

m
docsIfCmObjects (2)

docsBpiMIBObjects docsBpiConformance

co
(1) (3)
docsBpiNotification

s.
bu (2)

docsQosMIBObjects
(6)
la

docsQosIpPktClassTable (1) docsFlowToClassTable (6)

yl

docsQosEthPktClassTable (2) docsSidToClassTable (5)

docsQosServiceClassGroup (3) docsQosFlowTable (4)

lls
.a

RF MAC Interface
w

Network Layer
w
w

RF MAC Layer

Downstream1 Upstream1 U p s t r e a m2

RF Physical Layer

Figure 5.8 RF MAC Interface

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Multiple RF channels upstream and downstream

Layered structure
Specified using RFC 1573 ifMIB

DOCS Cable Device MIB

Entity OID Description

docsDevMIBObjects docsDev 1 Objects of the cable
modem and CMTS device
docsDevBase docsDevMIBObjects 1 Extends MIB-II System

m
Group with objects
needed for cable device

co
system management
docsDevNmAccessTable docsDevMIBObjects 2 Defines the minimum

s.
level of SNMP access
security
bu
docsDevSoftware docsDevMIBObjects 3 Provides information for
network-downloadable
la
software upgrades
docsDevServer docsDevMIBObjects 4 Provides information
yl

about the progress of the

lls

interaction with various

provisioning servers
.a

docsDevEvent docsDevMIBObjects 5 Provides control and

logging for event
w

reporting
w

docsDevFilter docsDevMIBObjects 6 Configures filters at link

layer and IP layer for
w

bridged data traffic

docsDevCpe docsDevMIBObjects 7 CPE IP management and
anti-spoofing group on
cable modems

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

HFC Failure Models

Window
(M o d e m v o l t a g e )

Smooth
(C o n n e c t o r l o s s )

Sharp
(Signal/Noise)

m
co
Event Index

s.
HFC Link Management bu
Signal strength critical

Requires continuous monitoring of a m p l i fi e rs

la

using transponders (CheetahNet)

yl

Legacy system requires proxy server

lls

RF Spectrum Management
.a

Allocation of s p e ct ru m for services -

w

upstream and downstream

w

Frequency agility management

w

DSL Access Technology

Why is DSL attractive?

Sh an n o n l i mi t of data rate is 30,000 bps

(3-KHz, 30 dB S/N channel)

Digital transmission over loop (DSL) i m p ro v es

data rate

T1/DS1 (1.544Mbps) 18,000 feet

T2/DS2 (6.312 Mbps) 12,000 feet

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

DSL Limitations

Loop conditions with no direct copper to the house

Loaded coils in loop (used to increase analog

distance) cannot carry digital signal

Modern subdivisions h av e fi b e r to the neighborhood

or curb with digital mux

Operating c o m p an y inventory dated (administrative

issue)

5.5 ADSL Network

m
co
B roa db a n d ADSL
ATU-C Splitter Splitter ATU-R
Ne t w o r k Loop

Voi c e
s.
bu
Voice

Figure 5.9 ADSL Access Network

la

ADSL... Asymmetric Digital Subscriber Line

yl
lls

ATU-C ADSL transmission unit - central office

ATU-C ADSL transmission unit - remote/residence

.a
w

Splitter separates voice and data

w

ADSL Spectrum Allocation with Guard Band Modulation Schemes

w

FDM
Upstream Downstream

POTS
4 KHz 25 KHz 200 KHz 1.1 MHz
Frequency

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Carrierless amplitude phase (CAP) modulation

Discrete multiTone modulation (DMT): 4kHz tones

Both CAP and DMT are QAM-based

DMT outperforms CAP

4-to-1 downstream throughput

10-to-1 upstream throughput

Rate adaptive

On-going active monitoring

m
Maximum loop variation coverage

co
Standard and hence interoperability

s.
ADSL Forum bu
TR-001 A DS L F o r u m S y s t e m R e f e r e n c e M o d e l
la
TR-005 A DS L N e t w o r k E l e m e n t M a n a g e m e n t S y s t e m
TR-006 SNMP-based ADSL LINE MIB; see also draft-
yl

ietf-adslmib-adsllinemib-09.txt
lls

TR-014 DMT Line Code Specific MIB

TR-015 CAP Line Code Specific MIB
.a

TR-016 CMIP-based Network Management Framework

w
w

ADSL Forum is an industry consortium to

w

achieve interoperability

accelerate implementation

address end-to-end system operation

s e c u ri t y

m an ag e m en t

Physical layer standard T1-413 (ANSI)

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

VDSL Network

Optical
Central Twisted Home
Fiber Network VDSL
Office VDSL Pair Network
Unit

Used in FTTN configuration. Asymmetric band allocation (similar to ADSL). Fiber

carries multiple channels to ONU. Channels demultiplexed at ONU and carried to customer

m
premises on multiple twisted pairs. Shorter distance of twisted pairs permission of higher data

co
rate - 55.2 Mbps downstream and 2.3 Mbps upstream

ADSL Network

s.
Private Public Premises
Network
bu Network Network

A D S L A c c e s s N e tw o rk

OS OS
la
SM TE (s)
Service Broadband Settop TV
Systems Network
yl

Access PDN SM TE (s)

Narrowband Node ATU-C
O n - l in e S e r v ic e s ATU-R PC I/O PC
I n t e r n e t Ac c e s s Network
L A N Ac c e s s
Intera cti ve V ideo
A DS L ADSL
lls

Video Conf Packet SM TE (s)

Network LLLLL ISDN ISDN
L
STM
.a

Packet
ATM STM

ATM Packet
w

ATM

Tran s po r t M o des
w

ADSL Asynchronous Digital Subscriber Line

w

AT M Asynchronous Transfer Mode

ST M S ynchronous Transfer Mode
TE T erminal Equipment
OS Operations System
PDN Premises Distri buti on Network
SM Service Module

Figure 5.10 Over all Network and AD SL

Transport Modes

Synchronous transport mode (STM)

Bit synchronous transmission ( T1/E1)

End-to-end packet mode

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Used for SOHO (IP packets)

ATM / STM

ATM WAN (Public network) and

STM access network

ATM / Packet

ATM WAN and packet access network (IP)

End-to-end ATM

Interfaces

An interface can have multiple physical connections

m
V interface

co
VC interface between acces s node and
external network and interfaces
U interfaces - o ff the splitters; Will be eliminated with

s.
ADSL-Lite
bu
POTS interfaces - low pass filter interfaces for POTS
T and B are customer premises network interfaces
T between PDN and service modules
la

B auxiliary data input (e.g., satellite feed)

yl

ADSL Channeling Schemes

lls

Transport bearer channels

.a

Seven AS downstream ch an n el s
- multiples (1-, 2-, 3- or 4-) T1 rate of 1.536 Mbps
w

Three LS duplex channels

w

- 160. 384, and 576 Kbps

w

B u f f e ri n g s c h e m e

Fast channel: uses fast buffers for real-time data

Interleaved channel: used for non-real-time data

Both fast and interleaved channels c a rri ed on the

same physical channel

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

5.6 ADSL Management

T-R T/S
V-C Se r v i c e
Module
Network Termination
Switch S wi t c h
Broadband PHY PH Y Home
ATU-C ATU-R
Network Layer Layer Ne t w o r k

U-C2
Se r v i c e
U-R2
Module
Hi g h High
Pa s s Pa s s
Filter Filter
Loop
PS T N PS T N
L ow U-CU-R Lo w Telephone Set
Pa s s Pa s s POTS or

m
Fi l t er Filter Voice-Band Modem

co
Splitter-C Splitter-R

s.
Interfaces:
T-R Interface between ATU-R and Switching layers
bu
T/S Interface between ADSL Network Termination and customer installation or home network
U-C Interface between Loop and ATU-C (analog)
UC2 Interface between POTS splitter and ATU-C
la
U-R Interface between Loop and ATU-R (analog)
U-R2 Interface between POTS splitter and ATU-R
yl

V-C Logical interface between ATU-C and a digital network element such as one or more switching systems
lls
.a

Figure 5.10 ADSL Forum System Reference Model for Management

w

Management Elements
w
w

Management of elements done across V-interface:

Management communications protocol

across V-interface

Management communications protocol

across U-interfaces

Parameters and operations across ATU-C

Parameters and operations across ATU-R

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

ATU-R side of the T interface

Note addition of physical layer and switching in the

m a n a g e m e n t a r c h i t e c t u r e r e p r e s e n t at i o n

Management of physical layer involves:

Physical channel

Fa s t ch an n el

Interleaved channel

Management of type of line encoding

DMT

m
CAP

co
Signal Power and Data Rate Mgmt

s.
bu
Reduce power
la

Maximum noise margin

yl

Increase rate if noise margin > Upshift noise margin

Upshift noise margin
lls

Steady state operation

.a

Target noise margin

Steady state operation
w

Downshift noise margin

w

Decrease rate if noise margin < Downshift noise margin

w

Minimum noise margin

Increase power

Figure 5.11 Noise Margins

Five levels of noise margin

Signal power controlled by noise margin

Data rat e: In c re as e or d e c re as e b as ed on
threshold margins

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Data rat e adaptation m o d es : Manual (1),

automatic at start-up (2), and dynamic (3)

Configuration Management Parameters

Pa r a m e t e r Component Line Descri ption
ADSL Li ne type ADSL Line N/A Five types: no channel, fast,
i nterl eaved, either or both
ADSL Li ne coding ADSL Line N/A ADSL coding type
Target noise margin A T U- C/ R Phy Noise margin under steady
state (BER= <10-7)
Max. noi se margin A T U- C/ R Phy Modem reduces power above
this threshold
Min. noi se margin A T U- C / R P h y M o d e m i n c r e a s es p o w e r b e l o w
this margin
Rate adaptati on mode A T U- C/ R Phy Mode 1: Manual
Mode 2: Select at start-up
Mode 3: Dynamic

m
Upshift noise margin A T U- C/ R Phy Threshold for modem incr eases
d at a r at e
Min. ti me interval for upshift A T U- C/ R Phy Ti me i nterval to upshi ft

co
rate adaptati on
Downshift noi se margin A T U- C/ R Phy Threshold for modem
decreases data rate

s.
Min. time interval for downshift A T U- C/ R Phy Ti me i nterval to downshift
rate adaptati on
bu
Desired max. rate A T U- C / R F/I Max rates for ATU-C/R
Desired min. rate A T U- C/ R F/I Min. rates for ATU-C/R
Rate adaptati on ratio A T U- C/ R Phy Di stri buti on ratio between fast
la
and i nterl eaved channels for
avail able excess bit r ate
yl

Max. i nterleave delay A T U- C/ R F/I Max. transmissi on delay

allowed by i nterleavi ng process
lls

Alarm threshol ds A T U- C/ R Phy 15-mi nute count threshold on

loss of signal, frame, poser and
error-seconds
.a

Rate up threshold A T U- C / R F/I Rate-up change al arm

Rate down threshold A T U- C/ R F/I Rate-down change alarm
Vendor ID A T U- C/ R Phy Vendor ID assi gned by T1E1.4
w

Version No. A T U- C/ R Phy Vendor specific versi on

Serial No. A T U- C/ R Phy Vendor specific Serial No.
w
w

Fault Management
Parameter Component Line Description
ADSL Line status ADSL Line Phy Indicates operational and
various types of failures of
the link
Alarms thresholds ATU-C/R P hy Generates alarms on failures
or crossing of thresholds
Unable to initialize ATU-R ATU-C/R P hy Initialization fail ure of ATU-R
from ATU-C
R a te c h a n g e ATU-C/R P hy Event generati on when rate
changes when crossi ng of
shift margins in both
upstream and downstream

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Failure indication of physical channel by NMS

Failure indication of logical channels

Failure indication of ATU-C/R

Self-test of ATU-C/R as per T1.413

Noise margin threshold alarms

Rate change due to noise margin

Performance Management

P a ra m e t e r Co m p o n e n t Line Descripti on

m
Line attenuation A T U- C / R Phy Measured power loss in dB
from transmitter to receiver

co
AT U
Noise margin A T U- C / R Phy Noise margin in dB of the

s.
ATU with respect to received
signal
bu
Total output power A T U- C / R Phy Total output power from the
modem
la
Max. attainable rate A T U- C / R Phy Max. currently attai nable
dat a r at e by t h e m o de m
yl

Current rate A T U- C / R F /I Current transmit rate to

lls

which the modem is adapted

Previ ous rate A T U- C / R F /I Rate of the modem before
.a

the last change

Channel data block l ength A T U- C / R F /I Data block on which CRC
w

check is done
w

Interl eave delay A T U- C / R F /I Transmit delay introduced

by the interleavi ng process
w

St at i s t i c s A T U- C / R Phy 15 minute / 1 day failure

F/I statistics

A DS L S N M P M I B

Su b -l ay e rs handled by ifMIB
ifStackTable {ifMib.ifMIBObjects 2} (RFC 1573)

P ro p o s e ifTypes
adslPhysIf ::= {transmission 94}
adslInterIf ::= {transmission 124}
adslFastIf ::= {transmission 125}

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

adslF orum
(1.3.6.1.4.1.xx)

adslMIB
(1 )

adslLineMib
(1 )

adslTraps (2) adslCon formance (2)

adslMibObjects(1)

adslLineT able ( 1)

m
adslAtucPhysT able (2) adslLineAlarmConfProfileT able(15
adslAturPh ysTable (3) adslLineConfProfileT able(14) )
adslAtucCha nT able (4) adslAturC hanInterv alTable (13)

co
adslAturC hanT able (5) adslAtucChanIntervalT able(12)
adslAtucPerfDataT able (6) adslAturC hanP erfDataT able (11)
adslAturPerfDataT able (7) adslAtucChanP erfD ataT able (10)

s.
adslAtucIntervalT able (8) adslAturIntervalT able (9)
bu
adslLCSMi b (16)
la

adslDMT Mib (1) adslCAP Mib (1)

yl

Figure 5.12 ADSL SNMP MIB

lls
.a

Proposed IF Types
Higher Layer IF Higher Layer IF
w

(e.g.: ATM) (e.g.: ATM)

w
w

Fast Channel IF Interleaved Channel IF

(ATU-C & ATU-R) (ATU-C & ATU-R)
ifType = Fast (125) ifType = Interleaved (124)
ifIndex = k ifIndex = j

Physical Line IF
(ATU-C & ATU-R)
ifType = ADSL (94)
ifIndex = i

Figure 5.13 Relationship between ADSL Entries

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

ADSL Interfaces Table

MIB Variable Physical Line (i) Interleaved Fast

Channel (j) Channel (k)
ifDescr NOR M A L N ORM A L NO R M A L
ifType (IANA) 94 124 12 5
ifSpeed ATU-C Line Tx ATU-C channel ATU-C channel
rate Tx rate T x r a te
ifPhyAddress NU L L N UL L NULL
ifAdminStatus NOR M A L N ORM A L NO R M A L
ifOperStatus NOR M A L N ORM A L NO R M A L
ifLastChange NOR M A L N ORM A L NO R M A L
ifLinkUpDownTrap NOR M A L N ORM A L NO R M A L

m
Enable (default: Enable) (default: Enable) (default: Enable)
ifConnectPresent True False False

co
ifHighSpeed NU L L N UL L NULL

s.
bu
ADSL Profiles Management
la
yl

Configuration profile
lls

P e r f o r m a n c e p r o fi l e
.a

Alarm profile
w

Traps
w

Generic
w

Loss of frame
Loss of signal
Loss of power
Error-second threshold
Data rate change
Loss of link
ATU-C initialization failure

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Configuration Profile: Mode I - Dynamic

Configuration
ADSL-Line i f I ndex i f T abl e profileIndex
Profile Table

1 Profile-1
1 i1 ADSL Line Entry
2 Profile-2
j1 Interleav ed Chan

k1 Fast Chan Entry

2 i2 ADSL Line Entry n Profile-n

j2 Interleav ed Chan

k2 Fast Chan Entry

m
co
x ix ADSL Line Entry

jx Interleav ed Chan
kx
Fast Chan Entry

s.
bu
Figure 5.14 Use of Profiles in MODE-I (Dynamic)

Configuration Profile: Mode II - Static

la
yl

ADSL-Line ifIndex ifTable profileIndex Configuration

Profile T able
lls

i1
1 i1 ADSL Line Entry Profile-i1
.a

j1 Interleaved Cha n

k1 Fast Ch an E ntry
w
w

2 i2 i2
ADSL Line Entry Profile-i2
w

j2 Interleaved Cha n

k2
Fast Ch an E ntry

x ix ix
ADSL Line Entry Pro file-in

jx
Interleaved Cha n
kx
Fast Ch an E ntry

Figure 5.15 Use of Profiles in M ODE-II (St atic)

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Chapter 6

Network Management Applications

Network and Systems Management

Business
Management

Service
Management

Network System

m
Management Management

co
Element Resource
Management Management

s.
bu
Network System
Elements Resources
la
Networked Information Systems
yl
lls

Figure 6.1 Network and System Management

.a
w

T M N a rch i t e ct u re ex p an d e d t o i n cl u d e s y s t e m s m an ag e m en t
w

Management Applications
w

OSI Model

Configuration
Fau l t
Pe rfo r m an c e
S e c u ri t y
Accounting

R e p o rt s

Service Level Management

Policy-based management

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

6.1 Configuration Management

Network Provisioning

Inventory Management

Equipment

Facilities

Network Topology

Database Considerations

Circuit Provisioning

m
Network Provisioning is provisioning of network resources such as design,
installation and maintenance. It is Circuit-switched network. Packet-switched network,

co
configuration for Protocol , Performance, QoS .

s.
ATM networks bu
Examples:
la
TIRKS (Trunk In t eg rat ed R e co rd Keeping
System) for circuit-switched networks
yl
lls

E1 in TIRKS for equipment management

F1 in TIRKS for facilities management

.a
w

Network Topology
w

It is Manual. Auto-discovery by NMS using Broadcast ping, ARP table in devices.

w

Mapping of network is by Layout, Layering. The Views are Physical and Logical.

Traditional LAN Configuration

One-to-one mapping between physical and logical configuration

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Hu b 1

Port A
A1
S egm ent A

A2

Router

Port B
Segment B B1

Hu b 2
B2
Figure 13.2 LAN P hysical Configuration

A1 A2
Segment A / H ub 1

m
Router

Segment B / H ub 2

co
B1 B2

s.
Figure 6.2 Logical Configur ation of T wo LAN Segm ents
bu
Virtual LAN Configuration
la
yl
lls

Hu b 1
.a

Segment A
A1
w

Segment B B1
w

Port A / Segment A
Port A / Segment B Segment A
w

Router

Switch A2
Segment B
Hu b 2
B2

Figure 6.3 VLAN Physical Configuration

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

A1 (Hub 1) A2 (Hub 2)
Se g m e n t A / H u b 1 & 2

Router
switch
Se g m e n t B / H u b 1 & 2

B1 (Hub 1) B2 (Hub 2)

Figure 6.4 Lo gical Configuration of Two VLAN Segments

Physical and logical configurations different. Physical location obtained from System group

6.2 Fault Management

m
Fault is a failure of a network component

co
Results in loss of connectivity

s.
Fault management involves: bu
Fault detection

Polling
la
yl

Traps: linkDown, egpNeighborLoss

lls

Fault location
.a

Detect all components failed and trace down the tree topology to the source. Fault
isolation by network and SNMP tools. Use artificial intelligence / correlation techniques.
w

Restoration of service. Identification of root cause of the problem. Problem resolution.

w

6.3 Performance Management

w

Tools

Performance Metrics

Data Monitoring

Problem Isolation

Pe rfo rm an c e St at i s t i cs

Tools:

Protocol analyzers

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

R MO N
M RT G

Performance Metrics

Macro-level

Throughput
Response time
Availability
Reliability

Micro-level

Bandwidth

m
Utilization
Error rate

co
Peak load
Average load

s.
bu
6.4 Traffic Flow Measurement
la
Network Characterization
yl

Four levels defined by IETF (RFC 2063)

lls

Three measurement entities:

.a

Meters gather data and build tables

w

Meter readers collect data from meters

w

Managers oversee the operation

w

Meter MIB (RFC 2064)

NetrMet - an implementation(RFC 2123)

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

International
Backbones / N atio nal

Regional / Midlevel

Stub / Enterprise

End-Systems / Hosts

Figure 6.4 Tr affic Flow Measure me nt Network Characteriz ati on

m
co
Data Monitoring and Problem Isolation

s.
Data monitoring bu
Normal behavior

Abnormal behavior (e . g . , excessive collisions,

la

high packet loss, etc)

yl

Se t up t rap s (e.g., p a ram et e rs in alarm group

lls

in RMON on object identifier of interest)

.a

Set up alarms for criticality

w

Manual and automatic clearing of alarms

w

Problem isolation
w

Manual mode using network and SNMP tools

Problems in multiple components needs

tracking down the topology

Automated mode using correlation technology

Performance Statistics

Traffic statistics

Error statistics

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Used in

QoS tracking
Performance tuning
Validation of SLA
Trend analysis
Facility planning
Functional accounting
6.5Event Correlation Techniques

B a s i c el e m en t s

Detection and filtering of events

Correlation of observed events using AI
Localize the source of the problem

m
Identify the cause of the problem
Techniques

co
Rule-based reasoning
Model-based reasoning

s.
Case-based reasoning
bu
Codebook correlation model
State transition graph model
Finite state machine model
la

Rule-Based Reasoning
yl
lls

Working Memory Data Level

.a
w

Modify
Create Remove
attributes
new data data
of data
w

elements elements
elements
w

Recognize Inference Engine Act Control Level

Match Select
Invoke
potential best
action
rules rule

Knowledge Level Knowledge Level

Figure 6.5 Basic Rule-Based Reasoning Paradigm

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Knowledge base contains expert knowledge on problem symptoms and actions to be taken
if -> then, condition -> action. Working memory contains topological and
state information of the network; recognizes system going into faulty stat e. Inference engine in
cooperation with knowledge base decides on the action to be taken. Knowledge executes the
action

Rule-Based Reasoning

Ru l e - b as ed p a rad i g m i s an i t e rat i v e p ro c es s
RBR is brittle if no precedence exists
An exponential growth in knowledge base poses
problem in scalability
Problem with instability
i f p a ck et l o s s < 1 0 % al a rm g re en
if packet loss => 10% < 15% alarm yellow

m
if packet loss => 15% alarm red

co
Solution using fuzzy logic

s.
bu
Configuration for RBR Example
la

Ba c k b o n e
Al a r m A
yl

Ro u t e r A
lls

Ro u t e r B Al a r m B
.a
w
w

Hu b C Al a r m C
w

Server D1 S e r v e r D2 Server D3 Server D4 Alarms Dx

Figure 6.7 RBR-Based Correlation Example Scenario

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Model-Based Reasoning

NMS / Correlator

Backbone
Network

Router
Model
Router

m
Hub1 Hub2 Hub3
Hub1 Hub2 Hub3 Model Model Model

co
Physical Network Equivalent Model

s.
Figure 6.8 Model-Based Reasoning Event Correlator
bu
Object-oriented model
la

Model is a representation of the component it models

yl

Model has attributes and relations to other models

Relationship between o b j e ct s reflected in a similar
lls

relationship between models

Case-Based Reasoning
.a

Case
w

Library
w
w

Input Retrieve Adapt Process

Figure 6.9 General CBR Architecture

Unit of knowledg

RBR rule

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

CBR case

CBR based on the case experienced before;extend to the current situation by adaptation

Three adaptation schemes

Parameterized adaptation

Abstraction / re-specialization adaptation

Critic-based adaptation

CBR: Abstraction / Re-specialization

m
Trouble: file_transfer_throughput=F
Additional data: none

co
Resolution: A=f(F), adjust_network_load=A
Resolution status: good

s.
bu
Trouble: file_transfer_throughput=F
Additional data: none
la
Resolution: B=g(F), adjust_network_bandwidth=B
Resolution status: good
yl
lls

Trouble: file_transfer_throughput=F
Additional data: adjust_network_load=no
.a

Resolution: B=g(F), adjust_network_bandwidth=B

w

Resolution status: good

w

Abstraction / Re-specialization Adaptation

w

Two possible resolutions

A = f(F ) Adjust network load level

B = g (F) Adjust bandwidth

Resolution based on constraint imposed

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

CBR-Based Critter
Network

Spectrum

Configuration
Management

Fault
Detection

CRITTER

Fault Management

Fault Resolution
Case
Library

Input Retrieve Adapt Propose Process

m
Application User-based

co
Determinators
Techniques Adaptation

s.
bu User

Figure 6.10 CRITTER Architecture

la
yl

CRITTER is CBR-based trouble resolution system

lls

Integrated with Cabletron Spectrum NMS

.a

P ro p o s e is additional (5th) module to C BR

architecture; permits manual intervention
w

Codebook Correlation Model: Generic Architecture

w
w

Configuration Event
Model Model

Correlator Problems

Network Monitors

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Monitors capture alarm events. Configuration model contains the configuration of

the network Event model represents events and their causal relationships. Correlator correlates
alarm events with event model and determines the problem that caused the events

Codebook Approach

Correlation algorithms based upon coding approach to even correlation. Problem

events viewed as messages generated by a system and encoded in sets of alarms. Correlator
decodes the problem messages to identify the problems.

Two phases:

1. Codebook selection phase: P ro b l e m s to be

monitored identified and the symptoms they
g en e rat e a re associated with the problem.

m
This generates codebook (problem-symptom matrix)

co
2. Correlator compares alarm events with codebook

s.
and identifies the problem. bu
Causality Graph
la
E4 E5 E6 E7
yl
lls
.a
w

E1 E2 E3
w
w

Figure 6.11 Causality Graph

Each node is an event

An event may cause other events
Directed edges start at a causing event and
terminate at a resulting event
Picture causing events as problems and
resulting events as symptoms

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Labeled Causality Graph

S1 S2 S3 S4

P1 P2 P3

Figure 6.12 Labeled Causality Graph

m
co
Ps are problems and Ss are symptoms

s.
P1 c au s es S1 an d S2 bu
Note d i re ct ed edge from S1 to S2 removed;
S2 is caused directly or indirectly (via S1) by P1
la

S2 could also be caused by either P2 or P3

yl

Codebook
lls

P1 P2 P3
S1 1 1 0
.a

S2 1 1 1
w

S3 0 1 1
S4 0 0 1
w
w

Codebook is problem-symptom matrix

It is d e ri v e d from causality g ra p h after removing

directed edges of propagation of symptoms

Number of symptoms => number of problems

2 rows are adequate to identify uniquely 3 problems

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Correlation Matrix
P1 P2 P3
S1 1 1 0
S3 0 1 1

Correlation matrix is reduced codebook

Correlation Graph

S1 S3

m
co
P1 P2 P3

s.
bu
Figure 6.13 Correlation Graph for
la
yl

Generalized Causality Graph

lls
.a

9 10
w

5
11
w

8
7
w

3 4

1 2

(a) Event Causality Graph

Causality graph has 11 events - problems and symptoms. Mark all nodes that have onl y
emerging directed edges as problems - Nodes 1, 2, and 11. Other nodes are symptoms.

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

P-S Causality Graph

S
S S
9 P 10

5
11
8
S
7

3 4 S

1 2

P P

m
(b) Pr oblem-Symptom Causality Graph

co
To reduce causality graph to correlation graph:

s.
Symptoms 3, 4, and 5 are cyclical: rep l a c e with
o n e s y mp t o m, s a y 3
bu
S7 and S1 0 are c au s e d by S3 and S5 and
la
h en c e i g n o red
yl

S8 causes S9. Keep S9 and eliminate S8; reason

lls

for this would be more obvious if we go through

reduction of codebook to correlation matrix
.a

Correlation Graph and Matrix

w
w

9 3 6
w

1 11 2

Figure 6.14 Correlation Graph

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

P1 P2 P11
S3 1 1 1
S6 0 1 0
S9 1 0 1

Codebook Enhancements

Codebook d e s c ri b e d so far as s u m es Hamming

distance of 1 for uniqueness
Noise affects accuracy
Increase Hamming distance to >1
Probability of a problem causing a symptom
assumed as 1. It can be m ad e Si = Pr(Pj ) to
be more realistic

m
State Transition Model
Used in Seagates NerveCenter correlation system

co
Integrated in NMS, such as OpenView
Used to determine the status of a node

s.
bu
ping node
la

response ping
yl
lls

receive response
.a
w

Figure 6.15 State Transition Diagram for Ping / Response

w
w

State Transition Model Example

NMS / Correlator

Backbone
Network

Router

Hub1 Hub2 Hub3

Physical Network

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

NMS pings hubs every minute

Failure indicated by the absence of a response

State Transition Graph

ping hub

response pi ng

r ec ei v e r es p o ns e

No r es p ons e

m
pinged twice
(Ground stat e)

co
No r es p ons e

s.
pinged 3 times

No r es p ons e
bu
Re qu es t
No r es p o ns e
r ec ei v e r es p o ns e
from Router, ping router
la
from router
No action
Res po ns e
yl

Res ponse received

lls

from Router

Action: Send Alarm

.a

F i g u r e 6 . 1 6 S t at e T r a n s i t i o n G r a p h E x a m p l e
w

Finite State Machine Model

w

Client S er v er
w

Re qu es t
S en d R e qu es t Rec ei v e R eq u es t
M es s ag e

Comm unication
Res p ons e Re qu es t S en d Rec ei v e
Ch an nel

Res po ns e
Rec ei v e R es p ons e S en d R es po ns e
M es s ag e

Figure 6.17 Communicating Finite State Machine

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Finite state machine model is a passive system; state transition graph model is an active
system. An observer agent is present in each node and reports abnormalities, such as a Web
agent. A central system correlates events reported by the agents. Failure is detected by a node
entering an illegal state

6.6 Security Management

Security threats
Policies and Procedures
Resources to prevent security breaches
Firewalls
Cryptography
Authentication and Authorization
Client/Server authentication system
Message transfer security

m
Network protection security

co
Security Threats

s.
bu
Modification of information
Masquerade
Message stream modification
la
yl
lls

Management Management
Entity A Entity B
.a
w

Disclosure
w

Figure 6.18 Security Threats to Management Information

w

SNMPv3 addressed security threats using USM (user-based security model). USM has two
modules:

Authentication module

One-to-one mapping between physical and logical

configuration

P ri v a c y m o d u l e

Data confidentiality

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Message timeliness

M e s s ag e p ro t e ct i o n

Policies and Procedures

Basic guidelines to set up policies and procedures:

1. Identify what you are trying to protect.

2. Determine what you are trying to protect it from.
3. Determine how likely the threats are.
4. Implement measures, which will protect your assets in a cost-effective manner.
Review the process continuously and make improvements to each item if a weakness is found .
R e fe ren c e s :

m
Formal statement of rules for protecting organizations technology and assets (RFC

co
2196)

s.
Introduction to Firewalls (NIST) bu
Orange Book by National Computer Security Center (NCSC) rates computers based on
security design features
la

Secured Communication Network

yl
lls
.a

Client A
w

F i r e wa l l
Se c u r e d Cl i e n t B
w

Gateway
Ne t w o r k A Rout er
Ne t w o r k B
w

Se r v e r A

Figure 6.19 Secured Communication Network

Firewall secures traffic in and out of Network A

Security breach could occur by intercepting the message going from B to A, even if B
has permission to access Network A

Most systems implement authentication with user id and password

Authorization is by establishment of accounts

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Firewalls

Protects a network from external attacks

Controls traffic in and out of a secure network

Could be implemented in a router, gateway, or a special host

B e n e fi t s

Reduces risks of access to hosts

Controlled access

Eliminates annoyance to the users

Protects privacy (e.g. finger)

Hierarchical implementation of policy and
and technology (e.g. finger)

m
Packet Filtering Firewall

co
Trash

s.
bu
SM T P G at e w ay
Ethernet
la
Packet Filtering
FTP Gateway I nt e rn et
Ro u t e r
yl

S c ree ne d
lls

SMTP & FTP

.a

Secured Network
w

Figure 6.20 Packet Filtering Router

w

Uses protocol specific criteria at DLC, network, and transport layers.Implemented

w

in routers - called screening router or packet filtering routers.

Filtering parameters:

Source and/or destination IP address

Source and/or destination TCP/UDP port

address, such as ftp port 21

Multistage screening - address and protocol. Works best when rules are simple.

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Application Level Gateway

Secured Secured
Firewall 1 Firewall 2 Internet
Network LAN

Proxy
Services
Application
Gateway

Figure 6.21 Application Level Gateway

Firewalls 1 and 2 route traffic only from and to the secured LAN

m
Secured LAN is gateway LAN
Behavior of application gateway dependent on the application

co
FTP traffic stored and forwarded after validation
TELNET hosts validated for the session and then direct communication established

s.
Cryptography bu
Secure communication requires
la
Integrity protection: ensuring that the message is not tampered with
yl

Authentication validation: ensures the originator identification

lls

S e c u ri t y t h r e a t s
.a

Modification of information
Masquerade
w

Message stream modification

w

Disclosure
Hardware and software solutions
w

Most secure communication is software based

Secret Key Cryptography

Transmission
Channel
Plaintext EncrypStieocnret Key C i p h e rt e x t DecryptiSoencret Key Plaintext

Figure 6.22 Basic Cryptographic Communication

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Caesar cipher: each letter replaced by another letter, which is three letters behind in the
alphabet
Maximum of 26 attempts to decode Caesar cipher
Monoalphabetic cipher: Replace a letter with another randomly chosen; Maximum
attempts to decode 26!
One secret key is needed between each pair
Two standard algorithms for secret key:

DES (Data Encryption St an d a rd ):

64-bit message blocks and 56-bit key
IDEA (International Data Encryption Algorithm):
64-bit message blocks and 128-bit key

Message block derived using CBC (Cipher Block Chaining)

m
Principle b as ed on rearranging the blocks several
times based on predetermined algorithm and secret key

co
Public Key Cryptography

s.
bu
Transmission
Ch a n n e l
la
Plaintext En c r y p t i o n Ciphertext Decryption Plaintext
Public Key Private Key
yl
lls
.a

Figure 6.23 Public Key Cryptographic Communication

w
w

Asymmetric cryptography - public and private key

Public key is distributed by the receiver to the senders to encrypt the message.
w

Private key is used by receiver to decode ciphertext

Mailbox analogy
Commonly used public key is RSA (Rivest, Shamir, and Adleman); 512-bit key, variable
block size
RSA less efficient than DES and IDEA; used to encrypt secret key

Message Digest

Message digest is a cryptographic hash algorithm added to a message

One-way function
Analogy with CRC
If the message is tampered with the message digest at the receiving end fails to validate

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

MD5 (used in SNMPv3) commonly used MD

MD5 takes a message of arbitrary length (32-Byte) blocks and generates 128-bit
message digest
SHS (Secured Hash Standard) message digest proposed by NIST handles 264 bits and
generates 160-bit output

Digital Signature

Plaint ext Plaint ext

Plaintext Plaintext

Rita's Private Key (R)

Ian's Private Key (S) Ri t a' s P ubl i c K ey ( R)
Transmission I a n ' s P u b l i c K ey ( S )

Chan nel
Digital Signature
Encryption Signed Ciphert ext Decryption
Signature Validation

m
co
s.
Figure 6.24 Sign ed Public Key Cr yptogra phic Co mmunicati on
bu
la
Principle reverse of public key
Signature created using private key and validated using public key
yl

Digital signature is a message digest generated from plaintext and private key by a
lls

hashing algorithm
Digital signature is concatenated with the plaintext and encrypted using public key
.a

Authentication and Authorization
w

Authentication verifies user identification

w

Client/server environment
w

Ticket-granting system
Authentication server system
Cryptographic authentication
Messaging environment

e-mail
e-commerce
Authorization grants access to information

Read, read-write, no-access

Indefinite period, finite period, one-time use

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Ticket-Granting System

Kerberos

User Client Authentication

Inp ut Workstation Server

Application
Tick et-
Server /
Granting
Service
Server

m
Figure 6.26 Tick et-Granting System

co
Authentication Server

s. A u t h e n t ic a t i o n
bu
User Client Server
Authentication
I nput W o rk s t a t i o n
la
P rox y S e rv er
yl

S e r v ic e
lls
.a

A p p l ic a t i o n
Server / Authentication
w

S erv i c e
w
w

Figure 6.27 Authentication Server

Architecture of Novell LAN

Authentication server does not issue ticket
Login and password not sent from client workstation
User sends id to central authentication server
Authentication s e rv er a ct s as p ro x y agent to the cl i en t
and authenticates the user with the application server
Process transparent to the user

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Message Transfer Security

Messaging one-way communication

Secure m e s s ag e needs to be authenticated

an d s e cu red

Three secure mail systems

Privacy Enhanced Mail (PEM)

Pretty Good Privacy (PGP)

X-400: OSI specifications that d e fi n e

framework; not implementation specific

m
Privacy Enhanced Mail

co
Developed by IETF (RFC 1421 - 1424)

s.
End-to-end cryptography bu
Provides
la
Confidentiality
yl

Authentication
lls

Message integrity assurance

.a

Non repudiation of origin

w

Data encryption key (DEK) co u l d be secret or

w

public key-based originator and receiver

w

ag re ed u p o n m et h o d

PE M processes b as ed on cryptography and

m e s s ag e en co d i n g

MIC-CLEAR (Message Integrity Code-CLEAR)

MIC-ONLY

ENCRYPTED

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

PEM Processes

MIC
Encrypted DEK
Text

SMTP Format SMTP MIC MIC-CLEAR e-mail

User Plaintext MIC/DEK
Conversion Text Generator PEM System

MIC
(a) MIC-CLEAR PEM Process Encrypted DEK

m
Encoded Text
MIC/DEK

co
Encoder
SMTP Format SMTP MIC MIC ONLY e-mail
User Plaintext
Text
(Printable
Conversion Generator PEM System
code)

s.
MIC
bu
Encrypted DEK
(b) MIC-ONLY PEM Process
Encrypted &
Encoded
la
Message
MIC/DEK
yl

Encoder
SMTP Format SMTP MIC Padding & ENCRYPTED e-mail
User Plaintext
Text
(Printable
Conversion Generator Encryption PEM System
lls

code)

Legend:
.a

DEK Data Encryption Key

IK Interexchange Key
w

MIC Message Integrity Code

(c) ENCRYPTED PEM Process
SMTP Simple Mail Transfer Protocol
w

Figure 13. 40 PEM Processes

w

DEK a random number generated per message basis: used to encrypt the message text
and generate MIC. IK a long-range key agreed upon between the sender receiver used to
encrypt DEK: IK is either public or secret. Public key avoids repudiation.

Pretty Good Privacy

PGP secure mail package developed by Zimmerman

Available in public domain

Signature generation

Uses MD5 to generate hash code

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Encrypts hash code with senders private key

using RSA algorithm

Encryption of the message done using IDEA or RSA

Compression done with ZIP

e-mail conversion done using Radix-64

PGP similar to en c ry p t e d PEM with added

compression

P ubl i c K ey
Signature

Encrypted &
Compressed

m
Message

Encryption Compression

co
Plaintext

e-mail e-mail
Concatenation
conversion system

s.
Signature
Plaintext
Generation
bu
Private Key
la
yl
lls

Figure 6.28 P GP Proc ess

.a
w

SNMPv3 Security
w

Authentication key equivalent to DEK in PEM or private key in PGP

w

Authentication key generated using user password and SNMP engine id

Authentication key may be used to encrypt message
USM prepares the whole message including scoped PDU
HMAC, equivalent of signature in PEM and PGP, generated using authentication key
and the whole message
Authentication module provided with authentication
key and HMAC to process incoming message

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Encrypted
scopedP D U

scopedP D U Pr i v a c y
USM
Encryption Key Module wholeMsg
HMAC Gen.
authenticated
Au t h e n t i c a t i o n wholeMsg
Module
authKey
password
USM
authoritativeSnmpE ngin eId

Figure 6.29 SNMP Secure Communication

Virus Attacks

Executable programs that make copies and insert them into other programs
Attacks hosts and routers

m
Attack infects boot track, compromises cpu, floods network traffic, etc.
Prevention is by identifying the pattern of the virus and implementing protection in virus

co
ch e ck ers

s.
Accounting Management bu
Least developed
Usage of resources
la
Hidden cost of IT usage (libraries)
Functional accounting
yl

Business application
lls

6.7 Policy-Based Management

.a

Domain s p a ce consists of objects (al a rm s with

w

attributes)
w

Rule space consists of rules (if-then)

w

Policy Driver controls action to be taken

Distinction between policy and rule; policy assigns

responsibility and accountability

Service Level Management

SLA m an ag em en t of service equivalent to

QoS of network

S L A d e fi n e s

Identification of services and characteristics

www.allsyllabus.com
vtu.allsyllabus.com www.allsyllabus.com

Negotiation of SLA

Deployment of agents to monitor and control

Generation of reports

SLA characteristics

Se rv i c e p a ra m et e rs

Se rv i c e l ev el s

Component parameters

Component-to-service mappings

m
co
s.
Network
bu
Attributes
la
yl

P o li c y S p a c e
lls

Do m a i n S p a c e
.a
w

P o l i c y D r iv e r Action Space
w
w

Rule Space

Figure 6.30 Policy Management Architecture

www.allsyllabus.com