Professional Documents
Culture Documents
• Figure shows a
network where
remote SNMP
devices are
monitored through
an SNMP
management
platform.
• An RMON probe is also placed on Ethernet LAN. RMON groups operate at the MAC layer
while newer RMON groups operate at the network layer and above.
• RFC 1757 defines 10RMON groups where each collects information on variables and sends
it back to central management station for analysis.
• Statistics: Maintains error and Utilization statistics for the specific LAN segments
being monitored by RMON agent. E.g.: CRC/alignment, multicast, broadcast.
• History: Obtains statistical samples such as packet count, error count and utilization
and sore them for lateral retrieval.
• Alarm: Administration control of sampling interval and threshold for any variable
monitored by RMON agent. E.g.: absolute or relative values, rising/falling
thresholds.
• Host: Host traffic measurements such as packets or bytes sent and received, errors
etc.
• Host Top N: Reporting on Top N Host statistics.
• Traffic Matrix: Stores errors and statistics between source and destination nodes on a
network
• Filter: Provides a filter engine for packet recognition
• Event: Time and data stamped logging and printing of events
• Packet Capture: Buffering criteria for packets that match filter criteria
• Token Ring: Configuration and statistical information on source routing and statistics
on a ring
• RMON 2 provides new groups that operate at the network layer and higher
The Common Management Information Service (CMIS) is the service interface specified in ITU. It
defines the service interface that is implemented by the Common Management Information Protocol
(CMIP) as specified in ITU-T Recommendation.
The OSI CMISE management services are presented in figure1.
Q3.Describe the services offered by CMISE
• SNMP provides only trivial authentication i.e. it is suitable for monitoring rather than
control.
• SNMP does not support explicit actions i.e., an action is taken by changing a parameter or
setting an object value (indirectly).
• SNMP does not support manager-to-manager communications.
• Limited notifications
• Limited performance
• Transport dependence
• Lack of hierarchies
• Lack of security
I) SNMP Manager:
1. A manager or management system is a separate entity that is responsible to communicate
with the SNMP agent implemented network devices.
2. This is typically a computer that is used to run one or more network management systems.
3. SNMP Manager’s key functions:
a. Queries agents.
b. Gets responses from agents.
c. Sets variables in agents.
d. Acknowledges asynchronous events from agents.
II) Managed Devices:
1. A managed device or the network element is a part of the network that requires some form
of monitoring and management
2. Example: Routers, Switches, Servers, Workstations, Printers, UPSs, etc.
III) SNMP Agent:
1. The agent is a program that is packaged within the network element.
2. It makes information available to the SNMP manager, when it is queried for.
3. These agents could be standard (e.g. Net-SNMP) or specific to a vendor (e.g. HP insight
agent)
4. SNMP agent’s key functions:
a. Collects management information about its local environment.
b. Stores and retrieves management information as defined in the MIB.
c. Signals an event to the manager.
d. Acts as a proxy for some non–SNMP manageable network node.
IV) Management Information Base (MIB):
1. Every SNMP agent maintains an information database describing the managed device
parameters.
2. The SNMP manager uses this database to request the agent for specific information and
further translates the information as needed for the Network Management System (NMS).
3. This commonly shared database between the Agent and the Manager is called Management
Information Base (MIB).
4. MIB contains standard set of statistical and control values defined for hardware nodes on a
network.
5. MIB files are the set of questions that a SNMP Manager can ask the agent.
6. Agent collects these data locally and stores it, as defined in the MIB.
i) Rule-based reasoning (RBR) is the earliest form of correlation technique. It is also known
by many other names, including rule-based expert system, expert system, production system,
and blackboard system.
ii) It has a working memory, an inference engine and a knowledge base. The three levels
representing the three components are the data level, control level, and knowledge level,
respectively.
iii) The knowledge base contains expert knowledge as to (1) definition of a problem in the
network and (2) action that needs to be taken if a particular condition occurs.
iv) The knowledge base information is rule-based in the form of if-then or condition-action,
containing rules that indicate which operations are to be performed when.
v) The working memory contains, as working memory elements, the topological and state
information of the network being monitored.
vi) The working memory recognizes when the network goes into a faulty state.
vii) The inference engine, in cooperation with the knowledge base, compares the current
state with the left side of the rule-base and finds the closest match to output the right side of
the rule. The knowledge base then executes an action on the working memory element.
viii) the rule-based paradigm is interactive among the three components and is iterative.
Several strategies are available for the rule-based paradigm.
ix) A specific strategy is implemented in the inference engine. When a specific rule has been
chosen, an action is performed on the working memory element, which can then initiate
another event. This process continues until the correct state is achieved in the working
memory.
x) Rules are established in the knowledge base from the expertise of people in the field. The
rule is an exact match and the action is very specific.
xi) If the antecedent and action in the rule do not match, the paradigm breaks and it is called
brittle. However, it can be fixed by adding more rules, but doing so increases the database
size and degrades performance, called a knowledge acquisition bottleneck.
xii) As the number of working memory elements grows, memory requirements grow
exponentially. In addition, the action is specific, which can cause unwanted behavior.
xiii) For example, we can define the alarm condition for packet loss as follows:
If packet loss < 10% alarm green
If packet loss => 10% < 15% alarm yellow
If packet loss => 15% alarm red
xiv) The left side conditions are the working memory elements, which if detected would
execute the appropriate rule defined in the rule-base
xv) This action could cause the alarm condition to flip back and forth in boundary cases. An
application of fuzzy logic is used to remedy this problem, but it is difficult to implement.
• An RBR-Based Correlation Example :
Fig2: An RBR-Based
Correlation Example
Scenario
v) Four correlation rules
are specified in Figure3.
vi) Rule 0 has no
associated condition
with, but rules 1-3 are
conditional. To allow for
propagation time, a correlation window of 20 seconds is set.
xi. The four TMN management services—business, service, network, and element—are at the top of
the hierarchy. They invoke the system management functions defined as the five components
comprising the system management functional areas: configuration, fault, performance, security,
and accounting.
xii. The management applications in the system functional areas perform either system management
functions or TMN functions. The TMN function blocks OSF, WSE NEE ME and QAF consist of
TMN functional components such as the NMF and MIB. The data communication function (DCF),
although not part of the TMN function blocks, is included for completeness.
xiii. The system management functions include object management and alarm management. we
could have embedded the system management functions in TMN function blocks and TMN
functional components, but we show them separately in order to present a non-OSI environment.
xiv. the OSI primitive services of M-GET, M-SET, and so on. Equivalent SNMP services are GET-
REQUEST, SET-REQUEST, and so on. The TMN environment is a distributed environment.
xv. The applications communicate remotely with the communication transport service by means of
the RPC. In the OSI model, the RPC is accomplished with ROSE and ACSE. The former does the
remote operation and the latter establishes and releases the application association. In the SNMP
management model, the remote
operation is accomplished by
using the RPC and TCP/IP.
i. This PDU is generated by a protocol entity only at the behest of its SNMP application entity (this
also applies for GetNextRequest and SetRequest PDU).
ii. The error-status and error-index in GetRequest PDU is always set to 0. This is because error
codes are generated only for a response, not for a request.
iii. In case no error occurs, the receiver of the GetRequest PDU responds back with GetResponse
PDU, which contains the name and the value corresponding to each object in the received variable
binding list.
• GetNextRequest:
i. This PDU is identical to GetRequest PDU, except that the PDU type is different.
ii. In case no error occurs, the receiver of the GetNextRequest PDU responds back with a
GetResponse PDU, which contains the name and the value of the immediate successor
corresponding to each object in the received variable binding list.
iii. GetNextRequest is useful in traversing a conceptual table of objects maintained in an MIB.
• GetResponse:
i. This PDU is used to set values of object instances within an agent. In case no error occurs, then
for each object named in the variable binding list of the received message, the corresponding value
is assigned to the variable.
ii. A GetResponse PDU is also generated to inform the sender of the results of the SetRequest.
i. Traps are unsolicited message sent by the agents to the NMS. They are sent asynchronously to
inform the NMS of the occurrence of some event. Trap PDUs do not elicit a response from the
receiver.
ii. Except the Trap PDU, the message format for the remaining PDUs is identical. Each PDU
contains the following fields:
• Request-ID: This field is used to distinguish between multiple outstanding requests i.e. it is
used to associate an incoming response with an outstanding request.
• Error status: A non-zero value of this field indicates that an exception condition has
occurred.
• Error index: In case of exception condition, this field identifies the variable in the list that
caused the exception.
• Examples of this service are (1) retrieving performance and configuration information for a
UNI link and (2) public NMS reporting of a UNI link failure via an alarm or trap message to
the user NMS.
• Class II service provides greater capability to the user, who can request the public NMS to
add, delete, or change virtual connections between pairs of the customer's UNIs.
• An example would be a customer wanting to establish a new virtual path or increase the
number of virtual circuits in a given virtual path.
• A customer network management (CNM) manages both private and public ATM networks.
A CNM agent residing in the public ATM network provides the M3 service.
• The service is limited to the portion of the public service provider's network that the user's
circuit traverses. If the user's circuit traverses multiple service providers, a separate interface
with each provider is needed.
• The CNM sends requests to the carrier management system (see Figure1), which acts as an
agent to the CNM. The carrier management system then invokes the request on the network
elements or other NMS and returns the responses to CNM.
M5 Interface:
• The final interface M5 is between the NMSs of two service providers. It is most complicated
of all interfaces.
• M5 supports interactions and exchange of management information between any two public
networks.
• M5 supports interactions and exchange of management information between any two public
networks.
For M1, M2, M4 Refer (Discuss Ml, M2 and M4 interface in ATM network management) asked in
May 2015.
• Four entities,
ifInNUcastPkts,
ifOutNUcastPkts,
ifOutQLen, and ifspecific
have been depricated.
• Interim Local Management
Interface (ILMI), which is an
implementation of the M1 /M2 interfaces, enables the exchange of status, configuration, accounting
and control information between any two ATM devices - such as two ATM switches - across a user-
to-network interface (UNI).
• For ILMI to function, every ATM switch or network terminator and every ATM network that
deploys a public or private network UNI must be equipped with a UNI Management Entity (UME)
which supports an ILMI MIB.
• Two adjacent (or peer) UMEs can communicate using the common attributes provided by the
ILMI.
(2) M3 Interface: Customer Network Management of Public Networks.
• The Customer Network Management (CNM) interface defines the interaction taking place
between the customer and carrier management systems in order to give the customer a view into the
carrier’s network.
• Ultimately, carriers plan to extend their CNM offerings so that network managers will have real-
time control over the services they use.
• Currently, the most characteristic capabilities of CNM for ATM networks are the performance of
tests, the reception of event notifications, the definition of traps, the administration and generation
of trouble reports, the support of security features, and the retrieval of configuration, usage, and
performance information from the M3 MIB that defines objects for the customer portion of a public
network.
• The CNM applications may regarded as an example of the classical Manager/Agent model.
• A CNM application is acting as a manager that communicates with a CNM agent residing in an
ATM network.
• The CNM agent is capable of supplying the required management information and carrying out
management tasks related to the managed resources.
• It communicates with the carrier’s Network Management System (NMS) which comprises the
whole set of management functions supported by the carrier. Therefore, the CNM agent usually
supports only the portion of these management functions that pertain to the service provided to the
customer. The interfacing between a CNM agent and a NMS should be based in open standards, in
order to ensure that the CNM agent is flexible
(3) M4 Interface: Public Network Management
• The M4 interface specifies requirements for managing individual network elements.
• It defines a protocol-independent MIB that identifies the information items to be exchanged
between ATM devices and the system that manages them.
• This MIB is a logical information tree, consisting of managed entities, that provides a framework
for the development of protocol-specific MIBs, such as those based on SNMP or CMIP, that would
potentially enable the management of ATM networks consisting of diverse devices of heterogeneous
nature.
• Another aspect of the M4 interface, revealing its potential for integrated network management, is
its relationship with TMN.
• Specifically, M4 addresses the interactions between the lower three TMN layers, namely the
Element Layer, the Element Management Layer and the Network Management Layer.
• Furthermore, the M4 specification addresses almost every area of ATM management (i.e., fault,
performance, configuration, and security management). Undeniably, it is a complete specification
that makes 8 provisions for managing both the current and the future public
(4) M5 Interface:
• The Final Interface M5 is between the NMSs of two service providers. It is most complicated of
all interfaces.
• M5 supports interaction & exchange of management information between any two public
networks.
Types Interaction Purpose Services Protocol
M1 CPE / NMS Management of SNMP
user terminal
equipment
M2 P-Switch / NMS Management of Similar to M4 SNMP
the ATM private
network
M3 NMS / NML Management Public network SNMP
interaction configuration and
between private status gathering.,
and public ii.,Add & deletion
domains of pre-authorized
VCs., iii.new
connection request
M4 NML / EML Management of Fault and CMIP,(Q3),or
or,EML / NE NE's and EMLs performance SNMP
management,
ii.,Configuration
and circuit
provisioning,
iii.,accounting
M5 NML / NML Management Cross public No standard yet
interaction network
between different management
owned public
domains
ILMI Private/public Service control Service activation, ILMI - SNMP
service assurance
(maintenance),
usage metering
(performance,
billing)