Computer Networks UNIT - V 5.

0 Introduction

The objective of this lesson is to understand the various application layer protocols and services provided to the end user. Further this chapter includes Email, FTAM and some of the network management standards and associated protocols.

5.1

Objective

The objective of this Chapter is to understand the various services provided by the Application Layer of the Open System Interconnection (OSI) model. The application layer is used to define a range of applications that handle file transfers, terminal sessions, and message exchange. At the end of the Chapter you learn about Electronic Mail, File Transfer Access and Management (FTAM), Simple Network Management Protocol (SNMP) and some of the network management functions.

5.2

Content

5.2.1 Electronic Mail The electronic mail or e-mail is the transmission of textual material from one place to another using electronic means for captures, transmission and delivery of information. In all virtually distributed environments, e-mail is the most heavily distributed application that is widely used across all architectures and vendor platforms. The first e-mail systems simply consisted of file transfer protocols with the convention that the first line of each message contained the recipients address. As time went on, the limitations of this approach became more obvious. In 1984, CCITT has drafted their X.400 recommendation, which was later taken over as the basis for OSIs MOTIS. Architecture and Services of MOTIS and X.400 Six basic operations of any e-mail system are: 1. 2. 3. 4. 5. 6. Composition refers to the process of creating messages and answers. Transfer refers to moving messages from the originator to the recipient. Reporting has to do with telling the originator about the message. Conversion may be necessary to make the message suitable for display on the recipients terminal or printer. Formatting pertains to the form of the displayed message on the recipients terminal. Disposition is the final step and concerns with what the recipient does with the message after receiving it.

Page 131

Computer Networks
In addition to these basic services, most mail systems provide a large variety of advanced features. When people move, or when they are away for some period of time, they may want their mail forwarded, so the system should be able to do this automatically. Most mail system allow used to create mailboxes to store incoming mail. Corporate managers often need to send a message to each of their subordinates, customers or suppliers. This gives the idea of a distribution list, which is a list of electronic mail address. When message is sent to the distribution list, identical copies are delivered to everyone on the list. Registered mail is another idea, to allow the originator to know that his message has arrived. Alternatively, automatic notification of undeliverable mail may be desired. In any case, the originator should have some control over the reporting of what happened. Mail systems generally distinguish three types of messages: user messages, replies and probes. User messages contain information sent from one user to another. Replies are system-generated messages sent back to an originator to report on whether his message was delivered or not. Probes are special test messages consisting of empty envelopes. The purpose of sending a probe is to find out if the destination is reachable. Further more, from the time and location stamps attached by all the intermediate machines along the way, the sender can also determine what route the message followed and how long each hop took. Electronic mail system has two basic parts: the user agents and the message transfer agents. The User Agent The user agent is a program that provides the interface to the mail system. It allows users to compose, send and receive mail and manipulate mailboxes. Some user agents have a fancy menu or icon-driven interface that requires a mouse, while others expect 1-character commands from the keyboard. Functionally, these are the same. It manages the dialogue with the user at the terminal, it talks to the message transfer system about accepting and delivering messages and deals with the message store. Let us consider the user interface first. The user agent is typically invoked by calling a program that accepts a variety of commands that relate to composing, sending and receiving messages and manipulating mailboxes. Some mail programs have fancy menu or icon driven front ends that are used with the mouse, while others have a list of 1character keyboard commands to provide the various functions. Typically the mail program will check the users mailbox for incoming mail before anything on the screen. Then it will announce the number of messages in the mailbox and wait for a command. As an example of how a user agent works, let us take a look at a typical mail scenario. After starting up the mail program, the user has to see the messages in the mail. A display as shown below appears on the screen.

Page 132

Computer Networks
An example display of the contents of a Mailbox # 1 2 3 4 5 6 7 8 Flags K KF KA Bytes 1030 2146 7136 3124 610 724 3240 425 Sender Johan Ann L.Jones RVR Erik Henri Janlo Peter Smith Edith Subject Bug in MINIX file system Request for information Comments about performance paper Improvement to the basic model Meeting postponed until Tuesday I think the solution is 0-0 Invitation to come see kangaroos Dont forget to prepare your exam

Each line refers to one message. In this example, the mail contains eight messages. Each display line contains several fields extracted from the envelope or header of the corresponding message. In a simple mail system, the choice of fields displayed is built into the program. In a more sophisticated system, the user can specify which fields are to be displayed by providing a user profile, a file describing the display format. In this example, the first field is the message number. The second field, Flags, can contain a K, meaning that the message is not new, but was read previously and kept in the mail box; an A, meaning that the message has already been answered; and /or an F, meaning that the message has been forwarded to some one else. Other flags are also possible. The third field tells how long the message is and the fourth one tells who sent the message. Since this field is simply extracted from the message, this field may contain first names, full names, initials, login names, or whatever else the sender chooses to put in that field. Finally, the Subject field gives a brief summary of what the message is about. If the Subject field is not included, then the mail tends not to get the highest priority. After the headers have been displayed, the user can perform any of the commands listed below: Command Parameter Description h c T s f A d u m k R n b # # Address # # # # # # mailbox Display header(s) on screen Display current header on screen Type message(s) on screen Send a message Forward message(s) Answer message(s) Delete message(s) Undeleted previously deleted message(s) Move message(s) to another mailbox Keep message(s) after exiting Read a new mailbox Go to next message and display it Back up to previous message and display it

Page 133

Computer Networks
G E # Go to a specific message but do not display it Exit mail system and update mailbox

Typical Mail Handling Commands to the User Agent Some of the commands require a parameter. The # sign means that the number of a message (or several messages) is expected. Alternatively, the letter a means all messages. The h command displays all the headers on the screen. The c command prints the current messages header on the screen. The t command types or displays on the screen, the requested message or messages. The next group of three commands deals with sending messages rather than receiving them. The s command sends a message by calling an appropriate editor to allow the user to compose the message. Spelling, grammar and diction checkers can see if the message is syntactically correct. The f command forwards a message from the mailbox, prompting for an address to send it to. The a command extracts the source address from the message to be answered and calls the editor to allow the user to compose the reply. The next group of commands is for manipulating mailboxes. The d command deletes a message from the mailbox, but the u command undoes the delete. The message is not actually deleted until the mail program is actually exited. The m command moves a message to another mailbox. This is the usual way to save important mail after reading it. The k command keeps the indicated message in the mailbox even after it is read. Finally, the r command is used to finish up with the current mailbox and go read another one. The n, b and g are for moving about in the current mailbox. It is common for a user to read message 1, answer, and move or delete it, and then type n to get the next one. The value of this command is that the user does not have to keep track of where he is. It is possible to go backwards using b or to a given message with g. Finally, the e command exits the mail program and makes whatever changes are required, such as deleting some messages and marking others as kept. This command overwrites the mailbox, replacing its contents. Let us now consider the protocol used between user agents. This protocol, to a large extent, defined by the header fields included in each message. Some of the common header fields are shown in the table below: Some Header Fields for Interpersonal Messages Field Originator Authorizing users Primacy recipients Copy recipients Blind copy recipients Reply recipients Reply time Description Who actually sent the message On whose behalf was it sent To whom is the message addressed Who gets carbon copies Who gets carbon copies secretly To whom should the reply be sent By when the reply desired

Page 134

Computer Networks
Message id In reply to Obsoleted messages Related messages Subject Importance Sensitivity Expiry time Message identifier Message to which this is a reply Message invalidated by this one Other messages relevant to this one What is the message about Message priority Public, company confidential, etc., Time when message ceases to be valid

The Originator field contains the name of the person who actually sent the message. The Authorizing users field tells who gave authority to send it. The next three determines who gets copies of the message. The Primary recipients are the people it is really intended for. Carbon copies are sent to the Copy recipients, often for administrative purposes. The Blind copy recipients also get copies but their names are not included in the copies sent to others. Thus the primary recipients get to know who received carbon copies, but not those who received blind carbon copies. This feature is widely used in many companies. The next group of fields relate to the reply. Then comes a group containing message identifiers: of this message, of the message it is replying to, of previous messages superseded by this one, and of other relevant messages. The Subject field summarizes the message. The Importance field can specify the message to be urgent or of some other priority. Sensitivity has to do with how secret the contents are and whether the sender wishes them disclosed to third parties. Finally the Expiry date field tells the how long the message is valid. Although the body of the message is not as tightly structured as the header, it does have some structure. The body consists of a main part and optionally one or more attachments. The Message Transfer Agent The message transfer system is concerned with relaying the message from the originator to the recipient. The message transfer agent accepts mails from user agents and sees to it that the mail is started on its way. The message transfer agent is the electronic post office. Just as with the postal system, a message visits several post offices before being delivered. If the message is from a user agent, the syntax is checked for validity, and if found invalid, it is sent back with an explanation. If it is valid, a message identifier and time stamp are affixed, and then it is treated the same way as a message arriving from another transfer agent. The next step is to see if the recipients user agent or mailbox is local. If so, the message can be delivered, queued for delivery or stored in the mailbox. If necessary, a reply message confirming delivery is generated and sent back. If the recipient is not local, the message is forwarded to another message transfer agent.

Page 135

Computer Networks
In most, systems, a log of message agents that have handled the message is appended to the envelope. Not only does this make it easier to track down problems, but it also makes it possible to check for loops. If a message transfer agent receives a message containing itself in the log, it knows the message is looping and has to take special measures to break the loop. Delivery to a local user agent is not always trivial, because the originator and the recipient may have different types of equipment. Possible message types include: 1. 2. 3. 4. 5. 6. 7. ASCII Text Analog Facsimile Digital Facsimile Digitized Voice Videotext Telex External (Some Other System)

If the recipient cannot directly accept the message type, the message transfer agent can attempt to convert it before delivery. Not all conversions are feasible. If the conversion cannot be done, the message cannot be delivered. Although ISO has not standardized all the details of the store-and-forward operation between message transfer agents, it has adopted CCITTs general framework for what is called the remote operation service. Four operations have been standardized: 1. 2. 3. 4. Invoke remote operation on another computer. Return result of a remotely invoked operation to the caller. Return error message to the invoker. Reject remote operation call as invalid.

Some fields of the envelope of the message transfer agent is listed below: Field Originators address Recipients address Alternate recipient allowed Alternate recipient Message id Priority Originator report request MTA report request Deferred delivery Latest delivery Content return Description Mail address of the sender Mail address of the recipient Is redirection to someone else allowed Second choice recipient Message identification Slow (cheap), normal, fast (expensive) What reporting does originator want What reporting does MTA want Do not deliver before this time Do not deliver after this time Should content be returned on nondelivery

Page 136

Computer Networks
Information type Conversion prohibited Lossy conversion prohibited Explicit conversion Encryption identification Content integrity check Originators signature Message security label Proof of delivery Text, facsimile, digitized voice, etc No conversion allowed Only perfect conversion allowed Conversion is known to be required Index into encryption key table Check sum on contents Digital signature Classified, secret, top secret, etc Recipient s signature

The need for Originators address and the Recipients address are obvious. The next two fields deal with the possibility that the message can be delivered to the destination machine but not to the recipients. If the message is confidential, the originator can set the Alternate recipient allowed field to FALSE, it will not be forwarded to the postmaster. It is also possible to specify a second choice recipient. The second group concerns delivery. The Originators report request allows the originator to specify that a reply message should be sent back if the message is delivered, if it is not delivered, always, or never. If the reply specifies to whom it was actually delivered and when that happened. The MTA report request allows the message transfer agent to ask for its own reporting, distinct from the user reporting. The Deferred delivery time field gives the earliest allowed delivery time. If the message actually arrives earlier, it must be held. The reverse situation is when a delivery after a certain time is not worth the trouble. This time is indicated by Latest delivery time. Finally, Content return request can be set to insure if the message cannot be delivered, it is returned. This feature is especially useful for people who send a lot of mail and do not keep copies of it, so if something comes back as undeliverable they will know what it was. The third group deals with the conversion between the ASCII text, teletex, facsimile, digitized voice and other information types. The final group deals with security. It provides for message encryption, checksums on the contents, the originators digital signature, security codes and the recipients digital signature. 5.2.2 Protocols for File Management Data usage often varies among different applications. However, a common model for all data files and databases can provide a common foundation for file transfer, access, and management among diverse applications. This model is called the virtual filestore. Virtual filestore contains the files characteristics, structure, and attributes. Its objective is to reduce the amount of detail needed to communicate with a file located in a remote part of the network. The basic idea of virtual filestore is to provide a mapping of file definitions to/from actual files, which are called real filestores. The filestore definitions form a schema of the file; subset descriptions of files form subschemas. The schema provides a map of the data, shows the names of the attributes, and establishes relationships of data elements. It provides the overall view of the database. The subschema is the specific user

Page 137

Computer Networks
view of the database, that is, the user subset of the schema. Network designers: Must provide for a physical design that satisfies all user subschemas at all nodes in the network. The emerging ISO standards also provide methods to join different subschemas between systems. Such a system must provide for consistent states for all data operating in virtual filestore. A consistent state means that all databases are accurate and correct, and any replicated copies contain the same values in the data fields. The time delay in gathering data for analysis may be significant. In some cases, the data may be outdated upon receipt by the component tasked with the analysis and resolution. The problem may not be suspended. File Transfer Access and Management (FTAM) File transfer and remote file access are two types of the common applications in any computer network. People who are working together on a project commonly need to share files. One approach is to have a machine where the original of each file is held and have copies transferred together to machines as needed. Another approach is to have each file live on the machine where it was created and have users on other machines ask for copies when they need them. Remote file access is similar to file transfer, except that only pieces of files are read or written, rather than entire files. The techniques used for file transfer and remote file access are similar, so one will not make much of distinction between them until one comes to the subject of file replication. Furthermore, access to a file located on a remote computer that has its own users is hardly different from accessing a file on a dedicated file server machine that has no local users, so one will not make much of a distinction between these two cases either. For simplicity, one assumes that files are located on file server machines, with users on client machines wanting to transfer these files in whole or in part for reading and writing. File Servers A file server can be characterized by three properties: File Structure, File Attributes and File operations. Every file server has three models. Different file servers have different models. In the first model, a file is an unstructured lump of data without any substructure known to the file server. The next model is the flat file, which consists of an ordered sequence of records. All the records of a file need not be of the same size and type. Furthermore, some or all of the records may have labels (keys) associated with them. These labels are not part of the data of the file, just as the file is not either. The most general model of a file is the hierarchical file, which takes the shape of a tree. Each mode of the tree may be a label, a data record, both or neither.

Page 138

Computer Networks

Figure 5.1: Files (a) Unstructured (b) Sequence of Records (c) Hierarchical All files have attributes that describe them. Each file must have a name or other identifier and a size telling how much storage it currently occupies. In practice, most file servers maintain various attributes as well. Some attributes are created when the file is created, and are frozen thereafter. Others can be explicitly changed by user operations. The Allowed operation attribute allows the creator of a file to specify, for example, that some operations are not valid on this file. Access control determines who may access the file and how. The File available attribute can be used to indicate that there may be a slight delay when opening the file. The Content type attribute could tell something about the record structure. The Legal qualifications attribute is a string that might contain information relating to various national privacy laws. Some of the possible operations with respect to the files are create, delete, select, deselect, open, close, read and change. Operations with respect to contents of files are locate, read, insert, replace, extend and erase. All files must deal with access control and protection in some way. One of the methods is to verify the sender of each request, either by having the sender include a password in each request or by using one of the digital signature methods. A more elaborate method is to have one or more passwords per file. In this system, anyone presenting a valid password is allowed to perform the corresponding operations, without regard to the senders true identity. Spare capability-based protection, with a bit map to indicated permitted operation is a variant of this data. Concurrency Control Network file servers have multiple clients to take care of. If two or more clients accidentally happen to access the same file at more or less the same time, problem can occur. One widely implemented solution is to permit clients to lock files before using them. Two kinds of locks are used, Shared locks and Exclusive locks. Shared locks are Page 139

Computer Networks
typically used for reading; exclusive locks are normally used for writing. When reading a file, client generally does not mind the existence of other readers, but wants the shared lock simply to prevent the file from being changed while it is busy. Locking introduces several annoying problems. If client 1 has a lock on file A and client 2 has lock on file B and each one is trying to get the other file, neither will ever succeed. Another problem with locking is, what happens if a client holding some locks crashes? Unless something is done, the locked files will remain locked forever. If the server is not informed about client crashes the only thing it can do is adopt a policy of automatically breaking locks on files that are not accessed for some specified time interval. However, if a client is too slow, it may discover that some of its locks have timed out part way through a complex multifile update leading to chaos. As an alternative to having clients set individual locks, some file servers support atomic actions, often called transactions in the context of file servers. When this facility is available, a client can tell the server to begin a transaction, followed by any number of opens and file operations and finished by a command to end the transaction. It is up to the server to carry out the entire request in an atomic way, without interference from other client request. Replicated Files Networks have several file servers for several reasons. For example to split the workload over multiple servers, to allow file access to occur even if one file server is down and to increase reliability by having independent backups of each file. One strategy for file replication is to let each user open accounts with as many file servers as one wants and manage all the replications by themselves. This puts a considerable administrative burden on the user. One would prefer the replication to be done automatically by the file servers themselves. As long as files are never modified, maintaining multiple copies is easy. The trouble comes when one copy is updated; the other must be updated too. The simplest solution and one, which is widely used in practice, is primary copy replication. In this scheme, one copy is designated as the master and all the others are slaves. Updates are always made to the master, which then propagates them to the slaves. A more robust method, especially with multiple clients active, is voting. To read a file, it is required to obtain a read quorum, Nr. To modify a file, one needs a write quorum, Nw, subject to the constraint Nr + Nw > N. Only after the appropriate number of servers have been asked if they are willing to participate and agree, the operation can be performed. An interesting variation on voting is voting with ghosts. In most applications, reads are much more common than writes, so Nr is typically a small number and Nw is nearly N. This choice means that if a few servers are down, it may be impossible to obtain a write quorum to all. Voting with ghosts solve this problem by creating a dummy server, with no storage, for each real server that is down. A ghost is not permitted in a read quorum, in which case it just throws away the file written to it. A write only succeeds if at least one server is real. When a failed server is rebooted, it must obtain a

Page 140

Computer Networks
read quorum to locate the most recent version, which it then copies to itself before starting normal operation. FTAM is organized around the concept of the attribute, which describes the properties of a file. Presently, four groups of attributes are defined. Kernel group: Properties common to all files Storage group: Properties of files that is stored Security group: Properties for access control Private group: Properties beyond FTAM scope The kernel group consists of the file name, a description of the file structure (Sequential, hierarchical), access restrictions (deletion, reads, etc.), location of the file user, and the identification of the application entities involved in the FTAM communications process. The storage group describes several properties of a file. The properties are either information about the ongoing characteristics of the file or information about the latest operations on the file. The following properties are included in the storage group: Date and time of last read, change, or attribute change.

Identifications of creator, last reader, last modifier, or last attribute modifier. File size and availability.

Identification of party to be charged for file storage and file access activities. Description of any locks on the file. Identification of initiating FTAM user.

The security group includes attributes on access permission criteria, encryption procedures, and legal qualifications (trademarks, copyrights, etc.). The private group is not defined by the FTAM standard. It is used for files beyond the virtual filestore attributes. The FTAM model is a hierarchical structure resembling a tree. The tree can have a single root and a number of nodes below the root. Each node is identified and can have a data type associated with it. In virtual filestore, the conventional notion of a data record is called a data unit (DU), and a node may or may not have a data unit associated with it. The DUs are related to each other through a hierarchical structure called file access data units (FADUs). Operations on a file are performed on a FADU through FADU identifiers (or names). The FADU is identified as a typed data unit at the presentation layer. The DU is considered to be the smallest amount that can be accessed. Page 141

Computer Networks
The FTAM can take several forms for purposes of accessing a file or a portion of a file. For example, a file can be accessed starting from the root and traversing down through the nodes in a set order. As another example, FADUs can be accessed by next, last, previous, and beginning signals. The preorder tree traversal is a method to describe the structure of the tree by defining the ordering of the nodes in the following manner: Enter the tree through the top node. Go through the nodes from the top, going down and to the left. Go to the right in the tree when no paths remain to go down. Go up in the tree if the search cannot go down.

Figure 5.2: FTAM Architecture

Page 142

Computer Networks

Figure 5.3: FTAM File Hierarchy Yet another way to view FTAM is through the concept of file service regimes. A file service is performed through a series of steps, which build up a set of file contexts. The steps may include the following: The initiator and responder handshaking with each other to establish their identities. Identification of the file to be accessed. Establishing the file attributes. Providing for any file management actions. Location of the units in the file to be accessed. Operating on the units in the file. The file service regime defines how FTAM primitives are used for the file activity. A regime is a period in which a common state is valid for the service users.

Page 143

Computer Networks

Figure 5.4: FTAM Regime Regimes provide the protocol for file selection, file opens/closes, data transfer, and recovery operations. Four types of file service regimes are defined: Application association regime: exists during the lifetime of application association of two file service users. File selection regime: exists during the time in which a particular file is associated with the application association. File access regime: exists during a particular set of presentation contexts, concurrency controls, and commitment controls in operation for data transfer. Data transfer regime: exists when a particular access context and direction of transfer are in force. The dialogue proceeds through a series of protocol exchanges, such as the reading of a file access data unit. Specific times in which these exchanges occur are called phases. During a phase, FTAM imposes strict rules on state transitions and the use of primitives and state diagrams. The phases are sequential; they cannot be nested. 5.2.3 Network Management Functions From a technology standpoint, network management can be depicted as the intersection of eight different functional areas.

Page 144

Computer Networks
Configuration Management Backup/restore Management Security Management Network Management Functions Distribution Management Fault Management

Accounting Management Performance Management

Operations Management

Figure 5.5: Network Management Functions 1. Configuration and Name Management (CM) CM facilities deal with the addition, deletion, modification, distribution and browsing of managed resources i.e. it enables control over the configuration of a communication subsystem. It also enables nodes to be closed down when a fault occurs or workload changes. 2. Distribution Management (DM) DM facilities deal with distribution of software in the networked workstations. DM software allows an administrator to plan and distribute updates across the network to the workstations and servers. Afterwards, the changes can be tested and even reverted if the test fails. 3. Fault Management (FM) FM facilities deal with detecting managed resource faults and alerting the appropriate administrators. It also provides isolation, examines error logs, accepts and acts upon error detection notification, traces faults, and corrects faults arising from abnormal operation. 4. Operations Management (OM) OM facilities are concerned about the (remote) control of managed resources in a distributed system, which may include such activities like stopping and restarting specific application software and rebooting a workstation. Most software packages combine operations management and fault management in one product. 5. Performance Management (PM) PM facilities evaluate the behavior of network layer, entity resources and the effectiveness of communication activities. It can also adjust operating characteristics and generate network utilization reports by monitoring a stations performance. 6. Accounting Management (AM) Page 145

Computer Networks
AM facilities calculate the amount of network time used by each segment of the network and facilitate a billing system for the usage of resources. Examples include keeping track of how many licenses have been granted to users, enforcing network licenses, and accounting for disk or CPU usage on a server machine. 7. Security Management (SM) SM facilities provide for the protection of the network resources. It includes authorization facilities, access controls, encryption, authentication, maintenance and examination of security logs. This also deals with putting fire-walls around sensitive resources for instance, securing a host to prevent remote log-ins. 8. Backup/Restore Management (BM) A BM facility deals with the recovery from disk failure as well as the rollback to previous versions of files to recover data or programs that were lost because of user error. 5.2.4 Simple Network Management Protocol (SNMP) Basic Concepts of SNMP Simple Network Management Protocol is a standard that deals with network management covering services, protocols and management information bases. Simple Network Management Control is to treat the network as a collection of cooperative and communicating entities. A manageable network consists of one or more management stations and a collection of agent systems or network elements. A management station executes network management operations that monitors or controls the agent systems. An agent system is a device that has an agent responsible for performing the network management operations requested by the manager. The Management Information Base (MIB) is a collection of management information that can be accessed through SNMP. The SNMP agent contains the intelligence required to access the MIB values. MIBs are organized into modules and objects and can be defined by standard bodies such as the IETF MIB-II, or by specific vendors (enterprises specific MIBs). SNMP communicates management information between a manager and an agent. SNMP allows a manager to retrieve management information from or to alter (set) management information on an agent. An agent can also emit unsolicited messages (called traps or events) to alter managers of noteworthy local events such as a systems reboot. Network Management Architecture

Page 146

Computer Networks
A network management system is a collection of tools for network monitoring and control. A network management system is designed to view the entire network as a unified architecture, with addresses and labels assigned to each point and the specific attributes of each element and link known to the system. The active elements of the network provide regular feedback of status information to the network control center. The model of network management that is used for SNMP includes the following key elements: Management station Management agent Management information base Network management protocol

The management station is typically a stand-along device and serves as the interface for the human network manager into the network management system. The management station will have, at minimum, A set of management applications for data analysis, fault recovery, and so on. A capability of translating the network manager may monitor and control the network. The capability of translating the network managers requirements into the actual monitoring and control of remote elements in the network. A database of information extracted from the management information bases of all the managed entities in the network. The other active element in the network management system is the management agent. Key platforms, such as hosts, bridges, routers, and hubs, may be equipped with SNMP so that they may be managed from a management station. The management agent responds to requests for information from a management station, responds to requests for actions from the management station, and may asynchronously provide the management station with important information. To manage resources in the network, each resource is represented as an object. An object is, essentially, a data variable that represents one aspect of the managed agent. The collection of objects is referred to as a management information base (MIB). The MIB functions as a collection of access points at the agent for the management station. The management station and agents are linked by a network management protocol. The protocol used for the management of TCP/IP networks is the Simple Network Management Protocol (SNMP). This protocol includes the following key capabilities: Get: enables the management station to retrieve the value of objects at the agent Set: enables the management station to set the value of objects at the agent Notify: enables an agent to notify the management station of significant events Page 147

Computer Networks

Network Management Protocol Architecture SNMP is a simple and dominant tool for network management. It defines a limited, easily implemented management information base (MIB) of scalar variables and two-dimensional tables, and it defines a streamlined protocol to enable a manager to get and set MIB variables and to enable an agent to issue unsolicited notifications, called traps. This simplicity is the strength of SNMP. SNMP is easily implemented and consumes modest processor and network resources. The three foundation specifications are as follows: Structure and Identification of Management Information for TCP/IPBased Networks: Describes how managed objects contained in the MIB are defined. Management Information Base for Network Management of TCP/IPBased Internets: Describes the managed objects contained in the MIB. Simple Network Management Protocol Defines the protocol used to manage these objects. SNMP was designed to be an application-level protocol that is a part of the TCP/IP protocol suite. It is intended to operate over the User Datagram Protocol, a standalong management station, a manager process controls access to the central MIB at the management station and provides an interface to the network manager. The manager process achieves network management by using SNMP, which is implemented on top of UDP, IP, and the relevant network-dependent protocols (e.g., Ethernet, FDDI, X.25). Each agent must also implement SNMP, UDP, and IP. In addition, there is an agent process that interprets the SNMP messages and controls the agents MIB. For an agent device that supports other applications such as FTP, TCP as well as UDP is required. Simple Network Management Protocol Network management protocols specify communication between the network programs. In addition to defining the form and meaning of messages exchanged and the representation of names and values in those messages, network management protocols also define administrative relationships among gateways being managed. That is, they provide for authentication of managers. Network management protocols usually contain a large number of commands. SNMP takes an interesting alternative approach to network management. Instead of defining a large set of commands, SNMP casts all operations in fetch-store paradigm. Conceptually, SNMP contains only two commands that allow a manager to fetch a value

Page 148

Computer Networks
from a data item or store a value into a data item. All other operations are defined as side effects of these two operations. For example, although SNMP does not have an explicit reboot operation, an equivalent operation can be defined by declaring a data item that gives the time to next reboot and allows the manager to assign it a value (including zero). The chief advantages of using a fetch-store paradigm are stability, simplicity, and flexibility. SNMP is especially stable because its definition remains fixed, even though new data items are added to the MIB and new operations are defined as side effects of storing into those items. SNMP is simple to implement, understand, and debug because it avoids the complexity of having special cases for each command. Finally, SNMP is especially flexible because it can accommodate arbitrary commands in an elegant framework. SNMP offers more than the two operations described. The set of possible SNMP Operations Command get-request get-next-request get-response set-request trap Meaning Fetch a value from a specific variable Fetch a value without knowing its exact name Reply to a fetch operation Store a value in a specific variable Reply triggered by an event

Get-next-request allows the manager to iterate through a table of items. Operations get-response, and set-request provide the basic fetch and store operations (as well as replies to those operations). SNMP specifies that operations must be atomic, meaning that if a single SNMP message specifies operations on multiple variables, the server either performs all operations or none of them. In particular, no assignments will be made if any of them are in error. The trap operation allows managers to program server, to send information when an event occurs. For example, an SNMP server can be programmed to send a manager a trap message whenever one of the attached networks becomes unusable (i.e., an interface goes down). Searching Tables using Names It is possible to denote individual elements of a table by appending a suffix to the object identifier for the table. A client program may wish to examine entries in a table for which it does not know all valid suffixes. The get-next-request operation allows a client to iterate through a table without knowing how many items the table contains. The rules are quite simple. When sending a get-next-request, the client supplies a prefix of a valid object identifier, p. The server examines the set of object identifiers for all variables it controls, and responds by sending a get-response command for the one that has object identifier lexicographically greater than P. Because the MIP uses suffixes to index tables a client can send the prefix of an object identifier corresponding to a table and receive the first element in the table. The client can send the name of the first element in a table and receive the second, and so on. SNMP Message Format

Page 149

Computer Networks
Unlike most TCP/IP protocols, SNMP messages do not have fixed fields. Instead, they use the standard ASN.1 encoding. An SNMP message consists of three main parts: a protocol version, an SNMP community identifier (used to group together the gateways managed by a given manager), and a data area. The data area is divided into protocol data units (PDUs). Each PDU consists of a request (sent by client) or a response (sent by server). Proxies In SNMP all agents as well as management stations must support user Datagram protocol (UDP) and IP. This limits direct management to such devices and excludes other devices, such as some bridges and modems, that do not support any part of the TCP/IP protocol suite further, there may be numerous small systems (PCs, work stations) that do implement TCP/IP to support their applications. The strength of SNMP is its simplicity. SNMP provides a basic set of network management tools in a package that is easy to implement and easy to configure. As users have come to rely more and more on SNMP to manage ever expanding networks with ever-growing workloads. Its deficiencies have become all too apparent. These deficiencies fall into three categories. 1. 2. 3. Tack of support for distributed network management Functional deficiencies Security deficiencies

The first two categories of deficiencies are addressed in SNMPr2 and the third has been addressed in SNMPr3.

5.3

Revision Points

User Agent Page 150

Computer Networks
A front-end application called a User Agent (UA) that provides facilities for creating, addressing, sending, receiving, and forwarding messages. Other features include the ability to attach files and other information to messages and the ability to manage a personal address book. Message Transfer Agent A Message Transfer Agent (MTA) that transfers messages from the UA and delivers them to mail servers. A message might need to move between a numbers of mail servers before it reaches its destination. FTAM File Transfer Access & Management (FTAM) is an OSI standard that provides file transfer services between client (initiator) and server (responder) systems in an open environment. It also provides access to files and management of files on diverse systems. In these respects, it strives to be a universal file system. An interesting feature of FTAM is that it is implemented in all seven layers of the OSI protocol stack. Network Management Network management involves active and passive monitoring of network resources for the purpose of troubleshooting, detecting potential problems, improving performance, documentation, and reporting. SNMP Simple Network Management Protocol (SNMP) is a popular management protocol defined by the Internet community for TCP/IP networks. It is a communication protocol for collecting information from devices on the network.

5.4

Intext Questions
1. What is E-mail? 2. Give the basic operations of any e-mail system. 3. Write notes on user agent. 4. What is the role of message transfer agent in e-mail? 5. What are the four attributes defined in FTAM? 6. Define storage group. List down the properties included in it. 7. Write notes on file service regimes. 8. List down the different network management functions available. 9. Write notes on the basic concepts of SNMP. 10. Write notes on SNMP message formats.

Page 151

Computer Networks 5.5 Summary

The electronic mail or e-mail is the most heavily used distributed application across the world. It is the transmission of textual material from one place to another using electronic means for captures, transmission and delivery of information. E-mail system has two basic parts: the user agents and the message transfer agent. The user agent is a program that provides the interface to the mail system. It allows the user to compose, send and receive mail and manipulate mailboxes. The message transfer agent accepts mail from user agents and sends the mail on its way. It is the electronic post office. Data usage often varies among different applications. Virtual filestore is a common model for all data files and databases that provides a common foundation for file transfer, access and management. SNMP is a standard that deals with network management covering services, protocols and management information bases.

5.6

Terminal Exercises
1. The purpose of the UA is ___________ 2. When a message is sent using SMTP, _____________ UA(s) are involved. 3. A ________________ can transform non-SMTP mail to SMTP format and vice versa. 4. An SNMP agent can send _______________ messages. 5. ___________ runs the SNMP client program; _____________ runs the SNMP server program.

5.7

Supplementary Materials
1. Andrew S.Tannenbaum, Computer Networks, 4th Edition, Pearson Education. 2. Behrouz A.Forouzan, Data Communication and Networking, Tata McGraw Hill Edition. 3. William Stallings, Data and Computer Communications, Pearson Education. 4. Douglas C.Comer, Computer Networks and Internet, Pearson Education. Page 152

Computer Networks

5.8

Assignments
1. Electronic mail systems need directories so people's e-mail addresses can be looked up. To build such directories, names should be broken up into standard components (e.g., first name, last name) to make searching possible. Discuss some problems that must be solved for a worldwide standard to be acceptable. 2. What three functions can SNMP perform to manage network devices?

5.9 Suggested Reading/ Reference Books/Set Books

1. http://www.software.com 2. http://www.banyan.com 3. http://www.imap.org 4. http://www.internic.net/rfc/rfc821.txt 5. http://www.yahoo.com/Computers_and_Internet/Software/Internet/Electroni c_Mail

5.10 Learning Activities

Write a white paper on Network Management functions.

5.11 Keywords
Electronic mail User Agent (UA) Message Transfer Agent (MTA) Simple Mail Transfer Protocol (SMTP) File Transfer Access and management (FTAM) Simple Network Management Protocol (SNMP)

Page 153