《網(wǎng)絡(luò)管理》第三版PPT課件
網(wǎng)絡(luò)管理第三版PPT課件,網(wǎng)絡(luò)管理,網(wǎng)絡(luò),管理,第三,PPT,課件
1IntroductionNetwork Management網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍2Network and Its ManagementlThe Functions of Networkscommunication(telephone network)broadcasting(television network)sharing information(computer network)網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍3lDevelopment of network technologyTransmissionlCable Microwave Satellite Optical cablelPDH SDHSwitchinglCircuit switch Packet switch Multi-access ATM High speed ether-netSystemlFixed Satellite Mobile ServicelTelephone Telegraph Fax Television Broadcasting DATA Image VOD 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍4lNetwork managementMonitoring the status of networksControlling the running of networksGuaranteeing the services to be available,reliable,secure&economic網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍5lOAM&POperation(運(yùn)營):coordinates actions between administration,maintenance,and provisioning.Administration(管理):designing the network,processing orders,assigning addresses,tracking usage,and accounting.Maintenance(維護(hù)):diagnose and repair things which do not work as plannedProvisioning(提供):installing equipment,setting parameters,verifying that the service is operational,updating,and de-installation.網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍6lThe Importance of NMComplex network equipmentBenefit of networkUsers requestslThe Development of NMTheory:network/distributed computing traffic and route control information securityTechniques:models,architecture and protocols網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍7lThe Goals of NMAvailability(有效/可用)Reliability(可靠)Opening(開放)Integration(綜合)Security(安全)Economy(經(jīng)濟(jì))網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍8lThe Modes of NMHandwork Combining handwork and automation Automation,Management net 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍9Fundamental Theories and Technologies lPerformance Analyzing TheoryIndicatorsFundamental theoriesl Queue theory Markov chain theory Switch ModelCircuit Switch lInformation Switch lMulti Access網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍10lReliability TheoryThe definitions of network reliabilitylOptimizing TheoryEnhancing performances and efficiency Improving plan and design網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍11lIntelligent Theory and TechnologyArtificial Intelligence(人工智能)Computing Intelligence(計(jì)算智能)Neural network(神經(jīng)網(wǎng)絡(luò))Genetic Algorithm(遺傳算法)Distributed Intelligence(分布式人工智能)lMulti-agent(多主體/智能體)網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍12lObject Oriented TechnologyProcedure Oriented Procedure sub proceduresub sub procedure verb surrounded techniqueObject Oriented Problems=Objects interactionsObject:attributes,operations,relations with othersnoun surrounded technique 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍13 OOs propertieslAbstract(抽象性)lEncapsulation(封裝性)lInheritance(繼承性)lAllomorphism(同質(zhì)異構(gòu)性)網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍14lDatabase Database:the core of NMS,MDB Whats Database?The Types of Database Hiberarchy Network Relation網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍15lThe data types of MDBMonitored dataTraffic volume Queue length Resend rate Configured dataTopology Secure keys User recordsControl dataTraffic parameters Routing tables網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍16lComputer SimulationFunctionslNetwork planning topology and techniquelNetwork operating performance analysisMerit lSimulating real networks(including amount of information,without much simplification)lLow cost網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍17lArchitectureConventional NMS(Network Management System)different services-different NMSdifferent vendors equipment-different NMSContents of this Course網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍18lModern Network Management Architecture Remote monitoring based management frameworkRemote monitoring modelsystem management model lManager lAgentlManaged Object網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍19lManagement Information communication ProtocolsCommunication protocolCMIP(Common Management Information Protocol)OSI based Connection-oriented 7 servicesSNMP(Simple Network Management Protocol)TCP/Ip based Connectionless(UDP)3 services網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍20lManagement Information ModelMulti-vender Hybrid networkUnified,consistent and standard information descriptionOSI ModellOO techlManaged Object(MO)SNMP ModellSimplified MO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍21Functions of NM lConfiguration ManagementCreating,extending and provisioninglPerformance ManagementQoS and Operation efficiency 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍22lFault ManagementDiscovering and correcting faults,Maintaining the availability of networkslSecurity ManagementPrivacy AuthenticationIntegritylAccounting Management Bill calculation and managementResource efficiency and business benefit網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍23Key Technologies lTraffic Control Congestion Traffic Control in High speed Net網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍24lRoutingCircuit Switch NetworkInformation Switch NetworkFundamentalslThe Shortest Route AlgorithmlMaximum Flow AlgorithmlMinimum Cost Algorithm 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍25lSelf HealingImportance Techniques:APS、SHR、SHNDR:High speed control mechanism 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍26lNetwork Information Security Cryptography lDESlPublic Key CryptographyInformation Security TechniqueslFire WalllVPNlVirus Protection 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍27lIntelligent NMExpert SystemES in NM lMaintaining FunctionslProvisioning FunctionslAdministrating FunctionsRunning ModeOn-lineOff-line網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍28lIntelligent AgentMaking agent work autonomicallyImproving performancelReal time low traffic loadlComputing Intelligence in High Speed NM RoutingResource assignmentAccept control Congestion control網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 1網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 Network Self-Healing Technology lOptical fiber based transport network(SDH/SONET)Huge transmission capacityHigh reliability requirement Various causes leading to fault lNetwork Survivability and Self-Healing Automatically reconfigure networks to protect services from physical failures2網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 Self-Healing SystemslAPSAutomatic Protection SwitcheslSHRSelf-Healing RingslSHN and DRASelf-Healing NetworksDigital cross-connect systems basedCentralized and distributed control3網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 lRestoration speedCustomers have different requirementslStrict:100%restoration in not more than 50 mslTolerant:30 minutes Connection Dropping Threshold(CDT):2slMust adopt distributed control mode4網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 Automatic Protection Switching lTwo types of APSl1+1APS1 working channel has 1 protection channelThe head end is permanently bridgedThe decision to switch is made by the tail endl1:n APSn working channels share a single protection channel1:1 APS is different from 1:n APS5網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 APS Protocol lRealize via the K1,K2 bytes in the SDH Segment OverheadlK1 is for reverse request(for bidirectional switching)lK2 is for confirmation6網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 Self-Healing Ring lThe types of SHRBidirectional SHR with 4 fibers7網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 Unidirectional SHR8網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 lSelf-Healing control schemesLine protection switchinglUse line overhead for switchinglRestore line demand from a failed facilityPath protection switchinglUse path overhead for switchinglRestore individual end-to-end service channel9網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 Unidirectional Self-Healing Ring lLine switched U-SHR(U-SHR/APS)10網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 11網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 lPath switched U-SHR(U-SHR/PP)12網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 13網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 Bidirectional Self-Healing RinglB-SHR/414網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 15網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 lB-SHR/216網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 17網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 Distributed Restoration lFundamental conceptsDCS based transmission networklEach DCS can be considered as a computer with multiple communication links and high processing powerlEach DCS is a node which can computes the path set within its own topology scopelEach node can run its database without depending on others18網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 lTerminology Link:an individual bidirectional carrier signal between two adjacent notes Path:a concatenation of links through the networkSpan:the set of all links in parallel between two adjacent nodesRoute:formed by concatenated spans Working link:carries live trafficSpare link:is in a fully equipped but is not in serviceAdjacent nodes:are directly connected by a spanCustodial nodes:are adjacent to the failure spanRestoration path:assembled from spare links in the network19網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 lSpan and path restoration Original path with failure Span restoration 20網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 Intermediate partial path restoration Path restoration21網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 lRestoration and routing Restoration of a span-cut requires multiple unique replacement paths between the custodial nodes,the target number of paths is the number of working links failed Each restoration path must be a completely closed transmission pathA carrier signal completely fills a restoration path in space,time and frequencyThe restoration path-set must be mutually link-disjoint throughout and collectively consistent with the whole number link capacities of each span of the network22網(wǎng)絡(luò)管理教學(xué)安排網(wǎng)絡(luò)管理教學(xué)安排教學(xué)目的教學(xué)目的l課程內(nèi)容簡介以電信網(wǎng)、計(jì)算機(jī)網(wǎng)以及高速信息網(wǎng)為對象講授現(xiàn)代網(wǎng)絡(luò)管理技術(shù)l教學(xué)目標(biāo)使學(xué)生全面建立現(xiàn)代網(wǎng)絡(luò)管理的基本概念為從事網(wǎng)絡(luò)管理與控制工作或在研究生階段繼續(xù)深入學(xué)習(xí)提供堅(jiān)實(shí)的基礎(chǔ)教學(xué)方法教學(xué)方法l網(wǎng)絡(luò)管理課程特點(diǎn)內(nèi)容多,范圍廣,發(fā)展快涉及理論,協(xié)議標(biāo)準(zhǔn)和應(yīng)用等多方面內(nèi)容理論學(xué)習(xí)和應(yīng)用實(shí)踐l教學(xué)重點(diǎn)各種網(wǎng)絡(luò)管理模型現(xiàn)代網(wǎng)絡(luò)管理思想實(shí)驗(yàn)操作教學(xué)方法教學(xué)方法l課程要求認(rèn)真學(xué)習(xí)課本和課堂上的內(nèi)容。認(rèn)真做好每一個(gè)實(shí)驗(yàn)。要求主動(dòng)地上網(wǎng)、去圖書館閱讀相關(guān)技術(shù)資料,了解技術(shù)發(fā)展的最新動(dòng)態(tài)。重視課后習(xí)題和思考題l教學(xué)方式英文講義中文講授中文教材網(wǎng)絡(luò)管理教材網(wǎng)絡(luò)管理教材l教材網(wǎng)絡(luò)管理,郭軍,北京郵電大學(xué)出版社,2008l講義和參考資料下載http:/ 網(wǎng)絡(luò)管理,亨特,中國電力出版社,2000 SNMP 網(wǎng)絡(luò)管理,斯托林斯,中國電力出版社,2001Communication Networks Management,Kornel Terplan,Prentice Hall,1992考察方式考察方式 l實(shí)驗(yàn)課成績l期中:提交一篇論文,內(nèi)容將在課堂上布置l期末:考試聯(lián)系方式聯(lián)系方式l模式識別與智能系統(tǒng)實(shí)驗(yàn)室:教3-803l電話:62283059-1002lEmail:電信網(wǎng)簡介電信網(wǎng)簡介Network Management1介紹內(nèi)容介紹內(nèi)容l電信網(wǎng)構(gòu)成l物理網(wǎng)l業(yè)務(wù)網(wǎng)l支撐管理網(wǎng)2電信網(wǎng)構(gòu)成電信網(wǎng)構(gòu)成構(gòu)成構(gòu)成 用戶A交換機(jī)交換機(jī)傳輸鏈路(用戶線)用戶C傳輸鏈路(中繼線)用戶B用戶D(傳輸網(wǎng))傳輸鏈路(用戶線)傳輸鏈路(用戶線)電信網(wǎng)電信網(wǎng)是由傳輸、交換、終端設(shè)備和信令過程、協(xié) 議以及相應(yīng)的運(yùn)行支撐系統(tǒng)組成的綜合系統(tǒng),從概念上可分為物理網(wǎng)物理網(wǎng)、業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng) 和支撐管理網(wǎng)支撐管理網(wǎng)。業(yè)務(wù)網(wǎng):為疏通各種不同類型電信業(yè)務(wù)所形成的網(wǎng)絡(luò)物理網(wǎng)支 撐 管 理 網(wǎng)3物理網(wǎng)物理網(wǎng)l物理網(wǎng)物理網(wǎng)由用戶終端用戶終端、交換系統(tǒng)、傳輸系統(tǒng)交換系統(tǒng)、傳輸系統(tǒng) 等電信設(shè)備組成的實(shí)體結(jié)構(gòu),是電信網(wǎng)的物質(zhì)基礎(chǔ)。4物理網(wǎng)物理網(wǎng)l用戶終端用戶終端:電信網(wǎng)最外圍的設(shè)備將用戶所發(fā)送的各種形式的信息轉(zhuǎn)變?yōu)殡姶判盘査腿腚娦啪W(wǎng)路傳送,或?qū)碾娦啪W(wǎng)路中接收到的電磁信號、符號等轉(zhuǎn)變?yōu)橛脩艨勺R別的信息。l交換系統(tǒng)交換系統(tǒng)處于電信網(wǎng)路樞紐位置,是各種信息的集散中心,是實(shí)現(xiàn)信息交換的關(guān)鍵環(huán)節(jié)。它包括各種電話交換機(jī)、電報(bào)交換機(jī)、數(shù)據(jù)交換機(jī)、移動(dòng)電話交換機(jī)、分組交換機(jī)、寬帶異步轉(zhuǎn)移模式(ATM)交換機(jī)等。5物理網(wǎng)物理網(wǎng)l傳輸系統(tǒng):傳輸系統(tǒng):信息傳遞的通道。將用戶終端與交換系統(tǒng)之間或交換系統(tǒng)之間連接起來,形成網(wǎng)路。傳輸系統(tǒng)按傳輸媒質(zhì)不同l分為有線傳輸系統(tǒng)和無線傳輸系統(tǒng)。傳輸系統(tǒng)按其傳遞信號方式不同l可劃分為模擬傳輸系統(tǒng)和數(shù)字傳輸系統(tǒng)6業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng)l業(yè)務(wù)網(wǎng)指疏通電話、電報(bào)、傳真、數(shù)據(jù)、圖象等各類電信業(yè)務(wù)的網(wǎng)絡(luò)。l目前,電信局提供的業(yè)務(wù)網(wǎng)有電話網(wǎng)、數(shù)據(jù)通信網(wǎng)、綜合業(yè)務(wù)數(shù)字網(wǎng)(ISDN)、商業(yè)網(wǎng)、智能網(wǎng)、移動(dòng)通信網(wǎng)、因特網(wǎng)(INTERNET)7業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):電話網(wǎng)構(gòu)成電話網(wǎng)構(gòu)成 -用戶終端設(shè)備用戶終端設(shè)備(如電話機(jī))-交換設(shè)備交換設(shè)備(電話交換機(jī))-傳輸鏈路傳輸鏈路 中繼線、用戶線用戶A交換機(jī)交換機(jī)傳輸鏈路(用戶線)用戶C傳輸鏈路(中繼線)用戶B用戶D(傳輸網(wǎng))傳輸鏈路(用戶線)傳輸鏈路(用戶線)業(yè)務(wù)網(wǎng):為疏通各種不同類型電信業(yè)務(wù)所形成的網(wǎng)絡(luò)物理網(wǎng)支 撐 管 理 網(wǎng)8業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):電話網(wǎng)電話網(wǎng)l交交換方式:換方式:電路交換l電話網(wǎng)分類電話網(wǎng)分類(按服務(wù)地域分):本地電話網(wǎng)長途電話網(wǎng)國際電話網(wǎng)l我國電話網(wǎng)結(jié)構(gòu)我國電話網(wǎng)結(jié)構(gòu)我國電話網(wǎng)原來的網(wǎng)路等級為五級,為了簡化網(wǎng)絡(luò)結(jié)構(gòu),“九五”期間,我國電話網(wǎng)的等級結(jié)構(gòu)將由現(xiàn)有的五級演變?yōu)槿墶? 長途網(wǎng)本地網(wǎng)A省B省本地網(wǎng)1本地網(wǎng)2本地網(wǎng)3本地網(wǎng)4DC1 省際交換中心DC2 省內(nèi)交換中心本地網(wǎng)匯接局本地網(wǎng)端局 至國際出入口局業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):電話網(wǎng)等級結(jié)構(gòu)圖電話網(wǎng)等級結(jié)構(gòu)圖10 本地電話網(wǎng)長途交換中心端局用戶長途交換中心端局用戶匯接局本地電話網(wǎng)(a)由若干個(gè)端局組成(b)由若干個(gè)端局和匯接局組成長市中繼線 局間中繼線 用戶線業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):本地電話網(wǎng)示意圖本地電話網(wǎng)示意圖11業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):數(shù)據(jù)通信網(wǎng)數(shù)據(jù)通信網(wǎng)l數(shù)據(jù)通信數(shù)據(jù)通信計(jì)算機(jī)與計(jì)算機(jī)之間或計(jì)算機(jī)與終端之間的通信稱為數(shù)據(jù)通信,通信中傳送的是數(shù)據(jù)信號數(shù)據(jù)信號,因此,也可以說數(shù)據(jù)通信是傳送數(shù)據(jù)業(yè)務(wù)的通信。l數(shù)據(jù)信號數(shù)據(jù)信號是計(jì)算機(jī)需要處理或計(jì)算機(jī)處理過的信號,這些信號是具有某種含義的數(shù)字信號(“1”、“0”數(shù)碼)的組合。l數(shù)據(jù)通信網(wǎng)數(shù)據(jù)通信網(wǎng)為提供數(shù)據(jù)通信業(yè)務(wù)而組成的通信網(wǎng)。12業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):數(shù)據(jù)通信概念示意圖數(shù)據(jù)通信概念示意圖數(shù) 據(jù) 通 信 網(wǎng)主機(jī)主機(jī)終端終端13業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):數(shù)據(jù)通信網(wǎng)數(shù)據(jù)通信網(wǎng)l目前電信局向公眾提供數(shù)據(jù)基礎(chǔ)業(yè)務(wù)的通信網(wǎng)目前電信局向公眾提供數(shù)據(jù)基礎(chǔ)業(yè)務(wù)的通信網(wǎng)數(shù)字?jǐn)?shù)據(jù)網(wǎng)(DDN)分組交換網(wǎng)(PSPDN)幀中繼網(wǎng)(Frame Relay)無線數(shù)據(jù)網(wǎng)(CDPD)14數(shù)字?jǐn)?shù)據(jù)網(wǎng)示意圖數(shù)字?jǐn)?shù)據(jù)網(wǎng)示意圖骨干節(jié)點(diǎn)機(jī)接入節(jié)點(diǎn)機(jī)數(shù)據(jù)終端設(shè)備(DTU或Modem)骨干層 接入點(diǎn)層終端接入層至省DDN網(wǎng)接入節(jié)點(diǎn)層骨干層網(wǎng)絡(luò) 管理中心業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):數(shù)據(jù)通信網(wǎng)數(shù)據(jù)通信網(wǎng)(DDN)15業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):窄帶綜合業(yè)務(wù)數(shù)字網(wǎng)窄帶綜合業(yè)務(wù)數(shù)字網(wǎng)l窄帶綜合業(yè)務(wù)數(shù)字網(wǎng)(窄帶綜合業(yè)務(wù)數(shù)字網(wǎng)(NISDN)提供用戶間端對端的數(shù)字連接,能同時(shí)承擔(dān)電話和多種非話業(yè)務(wù)的電信網(wǎng)。l業(yè)務(wù)功能業(yè)務(wù)功能因特網(wǎng)、視聆通的高速接入(64Kb/s-2Mb/s)數(shù)據(jù)專線的備份視像業(yè)務(wù)(桌面會議電視、遠(yuǎn)程教育、數(shù)字電話、連鎖店監(jiān)控系統(tǒng)等)國際ISDN16 ISDN網(wǎng)絡(luò)連接示意圖網(wǎng)絡(luò)連接示意圖ISDN匯接局ISDN交換局ISDN交換局PSPDNPSTNInternet用戶ISDN接口用戶ISDN接口PABXPABX路由器路由器局域網(wǎng)(LAN)局域網(wǎng)(LAN)會議電視會議電視業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):窄帶綜合業(yè)務(wù)數(shù)字網(wǎng)窄帶綜合業(yè)務(wù)數(shù)字網(wǎng)17業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):其它業(yè)務(wù)網(wǎng)其它業(yè)務(wù)網(wǎng)l商業(yè)網(wǎng)商業(yè)網(wǎng) 商業(yè)網(wǎng)是一個(gè)集多項(xiàng)通信服務(wù)于一身的全新通信網(wǎng)絡(luò),包括基本的電話業(yè)務(wù)、數(shù)據(jù)業(yè)務(wù)、64方電話會議、集中小交換機(jī)(Centrex)業(yè)務(wù)、ISDN業(yè)務(wù)等l智能網(wǎng)智能網(wǎng) 智能網(wǎng)提供的業(yè)務(wù)智能網(wǎng)提供的業(yè)務(wù):電話投票業(yè)務(wù)、記帳卡呼叫業(yè)務(wù)(200)、被叫集中付費(fèi)業(yè)務(wù)(800)等等l移動(dòng)通信移動(dòng)通信通信的雙方中至少有一方是在移動(dòng)中進(jìn)行信息交換 18BSMSBSMSBSMSBSMSMSC1MSC2P S T N移動(dòng)通信網(wǎng)公用通信網(wǎng)Internet PSTN:公用電話網(wǎng) MSC:移動(dòng)交換中心BS:基站 MS:移動(dòng)終端 公眾蜂窩移動(dòng)通信系統(tǒng)組成示意圖公眾蜂窩移動(dòng)通信系統(tǒng)組成示意圖業(yè)務(wù)網(wǎng)業(yè)務(wù)網(wǎng):移動(dòng)通信網(wǎng)移動(dòng)通信網(wǎng)19支撐管理網(wǎng)支撐管理網(wǎng)l支撐管理網(wǎng)為保證業(yè)務(wù)網(wǎng)正常運(yùn)行,增強(qiáng)網(wǎng)路功能,提高全網(wǎng)服務(wù)質(zhì)量而形成的網(wǎng)路。在支撐管理網(wǎng)中傳遞的是相應(yīng)的控制、監(jiān)測及信令等信號。l支撐管理網(wǎng)包括信令網(wǎng)、同步網(wǎng)信令網(wǎng)、同步網(wǎng)、管理網(wǎng)管理網(wǎng)20支撐管理網(wǎng)支撐管理網(wǎng)l信令網(wǎng)(七號信令網(wǎng))信令網(wǎng)(七號信令網(wǎng))七號信令網(wǎng)是接收、處理和傳送信令信號的專用網(wǎng)絡(luò)。l同步網(wǎng)同步網(wǎng)產(chǎn)生傳送基準(zhǔn)定時(shí)信號的網(wǎng)絡(luò)。l管理網(wǎng)管理網(wǎng)是接收、處理和傳送管理信息的專用網(wǎng)絡(luò)。其功能是對電信網(wǎng)進(jìn)行維護(hù)和管理。211SNMP Network Management ModelNetwork Management網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍2NETWORK MANAGEMENT:STANDARDSlISOOSICMIP-CMISlITU-TSG IVTMNlINTERNETINTERNET ENGINEERING TASK FORCE(IETF)SNMP網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍3CHARACTERISTICSlCMIPMANAGEMENT SHOULD BE POWERFULOBJECT ORIENTED APPROACHMANAGEMENT INFORMATION MUST BE EXCHANGED IN A RELIABLE FASHIONlTMNTHE ACTUAL PROTOCOLS ARE THOSE OF OSIlSNMPMANAGEMENT SHOULD BE SIMPLEVARIABLE ORIENTED APPROACHMANAGEMENT INFORMATION EXCHANGES MAY BE UNRELIABLE網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍4lDevelopment historyEarly years,ICMP(Internet Control Message Protocol)ICMP provides a means for transferring messages from routers and other hosts to a hostICMP has two useful message pairslecho/echo replyltimestamp/timestamp replyPING programDevelopment history網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍5lSimple Gateway Monitoring Protocol(SGMP)issued in Nov.1987lThree promising approaches emergedHigh-level Entity Management System(HEMS)Simple Network Management Protocol(SNMP):an enhanced version of SGMPCMIP over TCP/IP(CMOT)Development history網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍6lIABs developing strategy in 1988SNMP:short-term solutionCMOT:long-range solutionBoth SNMP and CMOT use the same database of MOs lIts impractical to be compatible for SNMP and CMOT at the object levellFinally,IAB allowed SNMP and CMOT to develop independentlyDevelopment history網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍7lThe progress of SNMPThe remote monitoring(RMON)lThe capability of monitoring whole net,extending SNMP MIBSNMPv2lExtension of Security,SMI and functionsSNMPv3lUnified architecturelUser-based security,view-based access controlThe progress of SNMP網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍12WHY DID SNMP SUCCEED?lSTANDARDS CAN BE OBTAINED FOR FREElSTANDARDS ARE AVAILABLE FROM FTP&WWW SERVERS IN AN ELECTRONIC FORMlRAPID DEVELOPMENT OF STANDARDSlPROTOTYPES MUST DEMONSTRATE THE NEED FOR,AND THE FEASIBILITY OF STANDARDS網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍13SNMP ArchitecturelOSI System Management ArchitecturelSNMP ArchitectureAsymmetrical two-tier organization modelSNMP Management stationSNMP Agent網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍14SNMP ArchitectureAsymmetrical two-tier organization model網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍15lKey elementsManagement stationlTypically,a stand-alone devicelServes as the interface for the human managerManagement agentlPlatforms equipped with SNMP,such as hosts,bridges,routers and hubs網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍16MIBlThe set of MOs shared by the manager and the agentlStandard MIB classes are defined by international organizationslMIB instances are realized in each agentNetwork management protocols lSNMP manager and agent,UDPlGet,Set and Trap網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍17GET網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍18GET-NEXT網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍19SET網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍20TRAP網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍21lTwo Methods to Get Information Polling-OnlyInterrupt-basedlPolling-OnlyA management station may be responsible for a large number of agentsA agent may maintain a large number of MOsIt becomes impractical for the station to regularly poll all agents for all of their readable objectsTrap-directedpolling網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍22lRecommended strategyAt infrequent intervals,the station poll the agents for some key informationThen the station refrains from pollingAgents are responsible for notifying the station of any unusual eventTrap-directedpolling網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍25ProxiesThree-tier organization modelTMN網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍27lManager accesses MOs through RMON ProbelRMON Probe preprocesses the raw dataRMONTMNLLA網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍28SNMP Management Information Model lSMI:Structure of Management InformationProvides a general framework for a MIB definitionlIdentifies data types used in the MIBlIdentifies how MOs are namedEncourages simplicity and extensibilitylThe MIB can store only simple data typesScalars two-dimensional arrays of scalarsOBJECT NAMING:MIBsInternetMIBiso(1)org(3)dod(6)Objectidentifier:1.3.6.1Registrationtree網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍31Internet MIB iso(1)org(3)dod(6)lObject identifier:1.3.6.1網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍32lDESCRIPTORDefining a mnemonic name for a object,all in lowercaseFor example,internet,mgmtlFour nodes under internetdirectorymgmtexperimentalprivatelmib-1 and mib-2 are at the same node under mgmt網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍33l定義被管對象標(biāo)識符句法編碼模式網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍34被管對象的標(biāo)識符被管對象的標(biāo)識符l被管對象的標(biāo)識符對象標(biāo)識符的兩種形式:lDESCRIPTOR和OBJECT IDENTIFIERlOBJECT IDENTIFIERASN.1中的基本數(shù)據(jù)類型對象標(biāo)識符,專門用來標(biāo)識對象l從對象樹派生出的一系列點(diǎn)分?jǐn)?shù)字串的形式,用來標(biāo)識對象例:internet OBJECT IDENTIFIER:=iso(1)org(3)dod(6)1網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍35被管對象的標(biāo)識符被管對象的標(biāo)識符lDESCRIPTOR對象節(jié)點(diǎn)加以說明由ASN.1定義例:mgmt OBJECT IDENTIFIER:=internet 2網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍36定義被管對象定義被管對象l定義被管對象標(biāo)識符句法編碼模式lRFC1155中對SMI的具體說明RFC1155RFC1155-SMIDEFINITIONS:BEGINEXPORTS-EVERYTHINGInternet,directory,mgmt,experimental,private,enterprises,OBJECT-TYPE,ObjectName,ObjectSyntax,SimpleSyntax,ApplicationSyntax,NetworkAddress,IpAddress,Counter,Gauge,TimeTicks,Opaque;-the path to the rootinternet OBJECT IDENTIFIER:=iso org(3)dod(6)1directoryOBJECT IDENTIFIER:=internet 1mgmtOBJECT IDENTIFIER:=internet 2experimentalOBJECT IDENTIFIER:=internet 3privateOBJECT IDENTIFIER:=internet 4enterprisesOBJECT IDENTIFIER:=private 1Part1:Part2:-definition of object types OBJECT-TYPE MACRO:=BEGINTYPE NOTATION:=“SYNTAX”type(TYPE ObjectSyntax)“ACCESS”Access “STATUS”StatusVALUE NOTATION:=value(VALUE ObjectName)Access:=“read-only”|“read-write”|“write-only”|“not-accessible”Status:=“mandatory”|“optional”|“obsolete”ENDRFC1155Part3:-names of objects in the MIBObjectName:=OBJECT IDENTIFIER-syntax of objects in the MIBObjectSyntax:=CHOICE simple SimpleSyntax,application-wide ApplicationSyntaxSimpleSyntax:=CHOICE numberINTEGER,stringOCTET STRING,objectOBJECT IDENTIFIER,emptyNULL ApplicationSyntax:=CHOICE addressNetworkAddress,counter Counter,gaugeGauge,ticksTimeTicks arbitrary Opaque RFC1155Part4:Part5:-application-wide typesNeworkAddress:=CHOICE intenetIpAddressIpAddress:=APPLICATION 0 IMPLICIT OCTET STRING(SIZE(4)Counter :=APPLICATION 1 IMPLICIT INTEGER(0.4294967295)Gauge:=APPLICATION 2 IMPLICIT INTEGER(0.4294967295)TimeTicks :=APPLICATION 3 IMPLICIT INTEGER(0.4294967295)Opaque :=APPLICATION 4 OCTET STRINGENDRFC1155Part6:網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍44DatatypeDescriptionINTEGEROCTETSTRINGOBJECTIDENTIFIERNULLIpAddressCounterGaugeTimeTicksOpaqueSEQUENCESEQUENCEOF整型數(shù),根據(jù)符號、長度和范圍的不同有多個(gè)變種。用于說明8bit長度的二進(jìn)制信息或文本信息,長度可變。整數(shù)序列,用于說明被管對象在MIB中的位置??罩?,占位符。句點(diǎn)分隔的十進(jìn)制IP地址。非負(fù)整數(shù),只能做增值運(yùn)算,達(dá)到最大值后從0開始。非負(fù)整數(shù),可增值和減值,達(dá)到最大值后被鎖定,等待復(fù)位。非負(fù)整數(shù),用作百分之一秒為單位的計(jì)時(shí)器。數(shù)據(jù)按OCTETSTRING編碼傳輸用于構(gòu)造清單結(jié)構(gòu)。用于構(gòu)造表結(jié)構(gòu)。網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍45ASN.1宏定義宏定義lASN.1中宏的作用l宏的模板MACRO :=BEGINTYPE NOTATION:=VALUE NOTATION:=END網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍46IMPORTSObjectName,ObjectSyntax From RFC-1155-SMIOBJECT-TYPE MACRO:=BEGINTYPE NOTATION:=“SYNTAX”type(TYPE ObjectSyntax)“ACCESS”Access“STATUS”Status DescrPart ReferPart IndexPart DefValPartVALUE NOTATION:=value(VALUE ObjectName)Access:=“read-only”|“read-write”|“write-only”|“not-accessible”Status:=“mandatory”|“optional”|“obsolete”|“deprecated”DescrPart:=“DESCRIPTION”value(description DisplayString)|emptyReferPart:=“REFERENCE”value(reference DisplayString)|emptyIndexPart:=“INDEX”“”IndexTypes“”IndexTypes:=IndexType|IndexTypes“,”IndexTypeIndexType:=value(indexobject ObjectName)|type(indextype)DefValPart:=“DEFVAL”“”value(defvalue ObjectSyntax)“”|emptyDisplayString:=OCTET STRING SIZE(0.255)END被管對象類定義Part1Part2Part3網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍47lexample of the definition of object type icmpInMsgsOBJECT-TYPESYNTAX CounterACCESSread-onlySTATUS mandatory:=icmp 1定義了icmp節(jié)點(diǎn)下的被管對象,描述符是icmpInMsgsicmp的OBJECT IDENTIFIER是:1.3.6.1.2.1.5icmpInMsgs的是:1.3.6.1.2.1.5.1網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍48lexample of the definition of object type sysDescrOBJECT-TYPESYNTAX DisplayString(SIZE(0.255)ACCESSread-onlySTATUS mandatoryDESCRIPTION“A textual description of the entity.This value should include the full name and version identification of the systems hardware type,software operating system,and networking software.It is mandatory that this contain only printable ASCII characters.”:=system 1網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍49Encoding StructurelThe ASN.1 syntax that contains the MI is encoded using the basic encoding rules(BER)lSNMP adopts a specific encoding structureTLV:Type,Length and Value網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍50BER基本編碼方法基本編碼方法網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍51BER中的中的Identifier字段字段(Tag number 31)網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍52Class8thbit7thbitUniversalApplicationContext-specificPrivate00110101DatatypeTagINTEGEROCTETSTRINGNULLOBJECTIDENTIFIERSEQUENCESEQUENCEOFIpAddressCounterGaugeTimeTicksOpaqueUNIVERSAL2UNIVERSAL4UNIVERSAL5UNIVERSAL6UNIVERSAL16UNIVERSAL16APPLICATION0APPLICATION1APPLICATION2APPLICATION3APPLICATION400100000000101010000000010110001lFor example,the encoding of OCTET STRING 0A1BH網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍53Class8thbit7thbitUniversalApplicationContext-specificPrivate00110101DatatypeTagINTEGEROCTETSTRINGNULLOBJECTIDENTIFIERSEQUENCESEQUENCEOFIpAddressCounterGaugeTimeTicksOpaqueUNIVERSAL2UNIVERSAL4UNIVERSAL5UNIVERSAL6UNIVERSAL16UNIVERSAL16APPLICATION0APPLICATION1APPLICATION2APPLICATION3APPLICATION400110 000000111011000001001100000lFor example,the encoding of Internet 1 3 6 1436100000001網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍54MIB-II lOID(Object IDentifire):mib-21 3 6 1 2 1 GroupOIDDescriptionSysteminterfaceat(addresstranslation)ipicmptcpudpegpcmotdot3(transmission)snmpmib-21mib-22mib-23mib-24mib-25mib-26mib-27mib-28mib-29mib-210mib-211關(guān)于系統(tǒng)的總體信息關(guān)于系統(tǒng)到子網(wǎng)的各個(gè)接口的信息關(guān)于internet到子網(wǎng)地址映射信息關(guān)于系統(tǒng)中IP的實(shí)現(xiàn)和運(yùn)行的信息關(guān)于系統(tǒng)中ICMP的實(shí)現(xiàn)和運(yùn)行的信息關(guān)于系統(tǒng)中TCP的實(shí)現(xiàn)和運(yùn)行的信息關(guān)于系統(tǒng)中UDP的實(shí)現(xiàn)和運(yùn)行的信息關(guān)于系統(tǒng)中EGP的實(shí)現(xiàn)和運(yùn)行的信息為CMOT協(xié)議保留為傳輸信息保留關(guān)于系統(tǒng)中SNMP的實(shí)現(xiàn)和運(yùn)行的信息網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍55System GroupObjectOIDSyntaxAccesssysDescrsystem1DisplayString(SIZE(0.255)ROsysObjectIDsystem2OBJECTIDENTIFIERROsysUpTimesystem3TimeTicksROsysContactsystem4DisplayString(SIZE(0.255)RWsysNamesystem5DisplayString(SIZE(0.255)RWsysLocationsystem6DisplayString(SIZE(0.255)RWsysServicesystem7INERGER(0.127)RO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍56Interface Group 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍57Interface Group(continued)ObjectOIDSyntaxAccessifNumberinterfaces1INTEGERROifTableinterfaces2SEQUENCEOFifEntryNAifEntryifTable1SEQUENCENAifIndexifEntry1INTEGERROifDescrifEntry2DisplayString(SIZE(0.255)ROifTypeifEntry3INTEGERROifMtuifEntry4INERGERROifSpeedifEntry5GaugeROifPhysAddressifEntry6PhysAddressROifAdminStatusifEntry7INTEGERRWifOperStatusifEntry8INTEGERROifLastChangeifEntry9TimeTicksROifInOctetsifEntry10CounterRO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍58Interface Group(continued)ifInUcastPktsifEntry11CounterROifInNUcastPktsifEntry12CounterROifInDiscardsifEntry13CounterROifInErrorsifEntry14CounterROifInUnkownProtosifEntry15CounterROifOutOctetsifEntry16CounterROifOutUcastPktsifEntry17CounterROifOutNUcastPktsifEntry18CounterROifOutDiscardsifEntry19CounterROifOutErrorsifEntry20CounterROifOutQLenifEntry21GaugeROifSpecificifEntry22OBJECTIDENTIFIERRO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍59Address translation Group ObjectOIDSyntaxAccessatTableat1SEQUENCEOFAtEntryNAatEntryatTable1SEQUENCENAatIfIndexatEntry1INTEGERRWatPhysAddressatEntry2PhysAddressRWatNetAddressatEntry3NetworkAddressRW網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍60Ip Group ObjectOIDSyntaxAccessipForwardingip1INTEGERRWipDefaultTTLip2INTEGERRWipInReceivesip3CounterROipInHdrErrorsip4CounterROipInAddrErrorsip5CounterROipForwDatagramsip6CounterROipInUnknownProtosip7CounterROipInDiscardsip8CounterROipInDeliversip9CounterROipOutRequestsip10CounterROipOutDiscardsip11CounterROipOutNoRoutesip12CounterRO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍61Ip Group(countinued)ipReasmTimeOutip13INTEGERROipReasmReqdsip14CounterROipReasmOKsip15CounterROipRaesmFailsip16CounterROipFragsOkip17CounterROipFragsFailsip18CounterROipFragsCreatesip19CounterROipAddrTableip20SEQUENCEOFIpAddrEntryNAipRouteTableip21SEQUENCEOFIpRouteEntryNAipNetToMediaTableip22SEQUENCEOFIpNetToMedisEntryNAipRoutingDiscardsip23CounterRO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍62Icmp Group ObjectOIDSyntaxAccessicmpInMsgsicmp1CounterROicmpInErrorsicmp2CounterROicmpInDestUnreachsicmp3CounterROicmpInTimeExcdsicmp4CounterROicmpInParmProbsicmp5CounterROicmpInSrcQuenchsicmp6CounterROicmpInRedirectsicmp7CounterROicmpInEchosicmp8CounterROicmpInEchoRepsicmp9CounterROicmpInTimestampsicmp10CounterROicmpInTimestampRepsicmp11CounterROicmpInAddrMasksicmp12CounterRO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍63Icmp Group(continued)icmpInAddrMaskRepsicmp13CounterROicmpOutMsgsicmp14CounterROicmpOutErrorsicmp15CounterROicmpOutDestUnreachsicmp16CounterROicmpOutTimeExcdsicmp17CounterROicmpOutParmProbsicmp18CounterROicmpOutSrcQuenchsicmp19CounterROicmpOutRedirectsicmp20CounterROicmpOutEchosicmp21CounterROicmpOutEchoRepsicmp22CounterROicmpOutTimestampsicmp23CounterROicmpOutTimestampRepsicmp24CounterROicmpOutAddrMasksicmp25CounterROicmpOutAddrMaskRepsicmp26CounterRO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍64Tcp Group ObjectOIDSyntaxAccesstcpRtoAlgorithmtcp1INTEGERROtcpRtoMintcp2INTEGERROtcpRtoMaxtcp3INTEGERROtcpMaxConntcp4INTEGERROtcpActiveOpenstcp5CounterROtcpPassiveOpenstcp6CounterROtcpAttemptFailstcp7CounterROtcpEstabResetstcp8CounterROtcpCurrEstabtcp9GaugeROtcpInSegstcp10CounterROtcpOutSegstcp11CounterROtcpRetranSegstcp12CounterROtcpConnTabletcp13SEQUENCEOFTcpConnEntryNAtcpInErrorstcp14CounterROtcpOutRststcp15CounterRO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍65Udp Group ObjectOIDSyntaxAccessudpInDatagramsudp1CounterROudpNoPortsudp2CounterROudpInErrorsudp3CounterROudpOutDatagramsudp4CounterROudpTableudp5SEQUENCEOFUdpEntryNAudpEntryudpTable1SEQUENCENAudpLocalAddressudpEntry1IpAddressROudpLocalPortudpEntry2INTEGERRO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍66Egp Group ObjectOIDSyntaxAccessegpInMsgsegp1CounterROegpInErrorsegp2CounterROegpOutMsgsegp3CounterROegpOutErrorsegp4CounterROegpNeighTableegp5SEQUENCEOFEgpNeighEntryNAegpAsegp6INTEGERRO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍67網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍68SNMP Communication Model lService FunctionsSNMPStation to Agentlget-request,get-next-request and set-requestAgent to Stationlget-response and trapOSICommunicationModelCMIP-CMIS網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍70SNMP Communication Model lAccess ControllInstance IdentificationlSNMP Message網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍71Access Control lDistributed applicationsOne Station to many agents One Agent to many stationslAccess ControlAuthentication service Access policyProxy service網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍72Community and Security lA community defines authentication,access control and proxy service relationship between an agent and a set of stationslCommunityA local concept at the agentA unique name used for the stations within the community to request their operationsOne agent may have many communities網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍73lThe community names are contained in the messages sent to the agent by the stationslThe community names play the roles of passwordslThe community name is used to start an authentication procedure,and encrypting and decrypting procedure can also be involvedAuthentication scheme網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍74Access policy lBy defining a community,an agent limits access to its MIB to a selected set of stationslBy using more than one community,the agent can provide different categories of MIB access to different stations 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍75lTwo aspects to the access controlSNMP MIB viewlA subset of the objects within a MIB SNMP access modelREAD-ONLY or READ-WRITElSNMP community profileThe combination of a MIB view and an access modelA community profile is associated with each communitylThe combination of a community and a community profile is referred to access policy網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍76Proxy service lFor each device that the proxy system represents,it maintains an access policylThus,the proxy knows which MIB objects can be used to manage the proxied system and their access mode網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍77Instance IdentificationlEvery object in a MIB has a unique object identifier,which id defined by the position of the object in the tree-structured MIBlBut,the object identifiers identify the object types rather than object instances,lAn access is toward to a specific instance of an objectlColumnar objects:Objects appear in tables網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍78Interface Group 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍79Interface Group(continued)ObjectOIDSyntaxAccessifNumberinterfaces1INTEGERROifTableinterfaces2SEQUENCEOFifEntryNAifEntryifTable1SEQUENCENAifIndexifEntry1INTEGERROifDescrifEntry2DisplayString(SIZE(0.255)ROifTypeifEntry3INTEGERROifMtuifEntry4INERGERROifSpeedifEntry5GaugeROifPhysAddressifEntry6PhysAddressROifAdminStatusifEntry7INTEGERRWifOperStatusifEntry8INTEGERROifLastChangeifEntry9TimeTicksROifInOctetsifEntry10CounterRO網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍80Interface Group(continued)ifInUcastPktsifEntry11CounterROifInNUcastPktsifEntry12CounterROifInDiscardsifEntry13CounterROifInErrorsifEntry14CounterROifInUnkownProtosifEntry15CounterROifOutOctetsifEntry16CounterROifOutUcastPktsifEntry17CounterROifOutNUcastPktsifEntry18CounterROifOutDiscardsifEntry19CounterROifOutErrorsifEntry20CounterROifOutQLenifEntry21GaugeROifSpecificifEntry22OBJECTIDENTIFIERROifIndexifDescrifType1*2*3*4*5*1.3.6.1.2.1.2.2.1.11.3.6.1.2.1.2.2.1.21.3.6.1.2.1.2.2.1.3ifTable構(gòu)成的表格ifEntry1.3.6.1.2.1.2.2.1網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍82lRandom-accessA special columnar object in a table:INDEXSNMP adds the INDEX value to the identifier of a columnar object to identify itlFor example,ifTable contains a columnar object,ifType,and its identifier islFor the second interface type,the identifier is 1.3.6.1.2.1.2.2.1.31.3.6.1.2.1.2.2.1.3.2網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍83lConceptual Table and Row Objectshave no identifier,their ACCESS characteristic is not-accessible。lScalar ObjectsA scalar object has only one instanceIts identifier is object type identifier+0 網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍84lSerial-access(Lexicographical Ordering)An object identifier is a sequence of integers,can be considered as the numbers of chapters,sections and sebsections of a bookOne can determine the order of two identifiers by the lexicographical order(A:1.2.1,B:1.1.2.1)Get-next-request accesses objects according to the lexicographical order網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍85SNMP FormatslInformation is exchanged between a Station and an Agent in the form of an SNMP message網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍86GetRequest-PDU,GetNextRequest-PDU and SetRequest-PDU Response PDUTrap PDUVariable bindings網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍87lTransmission of an SNMP MessageThe PDU is constructed,using the ASN.1 structure defined in RFC1157This PDU is then passed to an authentication service,together with the source and destination transport addresses and a community nameThe protocol entity then constructs a message,consisting of a version field,the community name,and the result from step 2This new ASN.1 object is then encoded using the BER and passed to the transport service網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍88lReceipt of an SNMP Message The message is checked syntacticallyThe version number is verifiedpasses the user name,the PDU portion of the message,and the transport addresses to an authentication serviceThe protocol entity does a basic syntax-check of the PDUUsing the named community,the appropriate SNMP access polity is selected and the PDU is processed accordingly網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍89GetRequest PDU lIs issued by an SNMP entity on behalf of a station applicationlThe receiving SNMP entity responds to it with a GetResponse PDU containing the same request-idlThe GetRequest operation is atomiclErrors:noSuchName,tooBig and genErr網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍90GetNextRequest PDU lIs almost identical to the GetRequest PDU,the same PDU exchange pattern and the same formatlThe only difference:In the GetNextRequest PDU,for each variable,the respondent is to return the value of the object instance that is nextlA useful function:allowing the station to discover the structure of a MIB view dynamically網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍91SetRequest PDU lIs issued by an SNMP entity on behalf of a station application lThe variablebindings list includes both object instance identifiers and the values to be assigned lThe receiving SNMP entity responds to it with a GetResponse PDU containing the same request-idlThe SetRequest operation is atomiclErros:noSuchName,tooBig,genErr and badValue網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍92Trap PDU lIs issued by an SNMP entity on behalf of an agent applicationlIs used to provide the station with an asynchronous notification of some significant eventlIts format is quite different from that of the other PDUs網(wǎng)網(wǎng) 絡(luò)絡(luò) 管管 理理 教教 程程 郭 軍93The SNMP Group in MIB-IIObjectOIDSyntaxAccesssnmpInPktssnmp1CounterROsnmp
收藏