| 3.1
| Introduction 25
|
| 3.2
| What Is Network Management? 25
|
| 3.3
| The Scope Of Network Management 26
|
| 3.4
| Variety And Multi-Vendor Environments 27
|
| 3.5
| Element And Network Management Systems 28
|
| 3.6
| Scale And Complexity 29
|
| 3.7
| Types Of Networks 31
|
| 3.8
| Classification Of Devices 31
|
| 3.9
| FCAPS: The Industry Standard Definition 32
|
| 3.10
| The Motivation For Automation 33
|
| 3.11
| Why Automation Has Not Occurred 33
|
| 3.12
| Organization Of Management Software 34
|
| 3.13
| Summary 36
|
| 4.1
| Introduction 39
|
| 4.2
| Intuition For Configuration 39
|
| 4.3
| Configuration And Protocol Layering 40
|
|
| 4.3.1
| Topology And Layer 2 40
|
|
| 4.3.2
| Logical Subnets And Layer 3 41
|
|
| 4.3.3
| Access And Layer 4 41
|
|
| 4.3.4
| Applications And Layer 5 (or Layer 7) 42
|
| 4.4
| Dependencies Among Configuration Parameters 43
|
| 4.5
| Seeking A More Precise Definition Of Configuration 44
|
| 4.6
| Configuration And Temporal Consequences 44
|
| 4.7
| Configuration And Global Consistency 45
|
| 4.8
| Global State And Practical Systems 46
|
| 4.9
| Configuration And Default Values 46
|
| 4.10
| Partial State, Automatic Update, And Recovery 47
|
| 4.11
| Interface Paradigm And Incremental Configuration 48
|
| 4.12
| Commit And Rollback During Configuration 49
|
| 4.13
| Automated Rollback And Timeout 50
|
| 4.14
| Snapshot, Configuration, And Partial State 50
|
| 4.15
| Separation Of Setup And Activation 51
|
| 4.16
| Configuring Multiple Network Elements 52
|
| 4.17
| Summary 52
|
| 5.1
| Introduction 55
|
| 5.2
| Network Faults 55
|
| 5.3
| Trouble Reports, Symptoms, And Causes 56
|
| 5.4
| Troubleshooting And Diagnostics 56
|
| 5.5
| Monitoring 57
|
| 5.6
| Baselines 58
|
| 5.7
| Items That Can Be Monitored 59
|
| 5.8
| Alarms, Logs, And Polling 59
|
| 5.9
| Identifying The Cause Of A Fault 60
|
| 5.10
| Human Failure And Network Faults 62
|
| 5.11
| Protocol Layering And Faults 62
|
| 5.12
| Hidden Faults And Automatic Correction 63
|
| 5.13
| Anomaly Detection And Event Correlation 64
|
| 5.14
| Fault Prevention 64
|
| 5.15
| Summary 65
|
| 6.1
| Introduction 67
|
| 6.2
| Business Model And Network Charges 67
|
| 6.3
| Service Level Agreements (SLAs) 68
|
| 6.4
| Service Fees 68
|
| 6.5
| Accounting For Flat-Rate Service 69
|
| 6.6
| Accounting For Use-Based Service 69
|
| 6.7
| Tiered Levels Of Service 70
|
| 6.8
| Exceeding Quotas And Penalties 70
|
| 6.9
| Assessing Financial Penalties 71
|
| 6.10
| Traffic Policing And Strict Enforcement Of Limits 71
|
| 6.11
| Technologies For Limiting The Rate Of Traffic 72
|
| 6.12
| Priorities And Absolute Guarantees 73
|
| 6.13
| Absolute Bandwidth Guarantees And MPLS 73
|
| 6.14
| Relative Bandwidth Guarantees And Priorities 73
|
| 6.15
| Priorities And Types Of Traffic 74
|
| 6.16
| Peering Agreements And Accounting 74
|
| 6.17
| Summary 75
|
| 7.1
| Introduction 77
|
| 7.2
| Aspects Of Performance 77
|
| 7.3
| Items That Can Be Measured 78
|
| 7.4
| Measures Of Network Performance 78
|
| 7.5
| Application And Endpoint Sensitivity 79
|
| 7.6
| Degraded Service, Variance In Traffic, And Congestion 80
|
| 7.7
| Congestion, Delay, And Utilization 81
|
| 7.8
| Local And End-To-End Measurements 81
|
| 7.9
| Passive Observation Vs. Active Probing 82
|
| 7.10
| Bottlenecks And Future Planning 83
|
| 7.11
| Capacity Planning 83
|
| 7.12
| Planning The Capacity Of A Switch 84
|
| 7.13
| Planning The Capacity Of A Router 84
|
| 7.14
| Planning The Capacity Of An Internet Connection 85
|
| 7.15
| Measuring Peak And Average Traffic On A Link 86
|
| 7.16
| Estimated Peak Utilization And 95\v'-.35m'\s-4t\s0\v'+.35m'\v'-.35m'\s-4h\s0\v'+.35m' Percentile 87
|
| 7.17
| Relationship Between Average And Peak Utilization 87
|
| 7.18
| Consequences For Management And The 50/80 Rule 88
|
| 7.19
| Capacity Planning For A Complex Topology 89
|
| 7.20
| A Capacity Planning Process 89
|
|
| 7.20.1
| Forecasting Future Load 89
|
|
| 7.20.2
| Measuring Existing Resource Use 90
|
|
| 7.20.3
| A Load Model Based On A Traffic Matrix 90
|
|
| 7.20.4
| Flows And Aggregates 92
|
|
| 7.20.5
| Deriving Estimates And Validation 93
|
|
| 7.20.6
| Experimenting With Possible Changes 93
|
| 7.21
| Route Changes And Traffic Engineering 94
|
| 7.22
| Failure Scenarios And Availability 94
|
| 7.23
| Summary 95
|
| 8.1
| Introduction 97
|
| 8.2
| The Illusion Of A Secure Network 97
|
| 8.3
| Security As A Process 98
|
| 8.4
| Security Terminology And Concepts 98
|
| 8.5
| Management Goals Related To Security 99
|
| 8.6
| Risk Assessment 100
|
| 8.7
| Security Policies 101
|
| 8.8
| Acceptable Use Policy 102
|
| 8.9
| Basic Technologies Used For Security 102
|
|
| 8.9.1
| Encryption Technologies 102
|
|
| 8.9.2
| Perimeter Control Technologies 103
|
|
| 8.9.3
| Content Control Technologies 104
|
| 8.10
| Management Issues And Security 105
|
| 8.11
| Security Architecture: Perimeter Vs. Resources 105
|
| 8.12
| Element Coordination And Firewall Unification 106
|
| 8.13
| Resource Limits And Denial Of Service 107
|
| 8.14
| Management of Authentication 107
|
| 8.15
| Access Control And User Authentication 108
|
| 8.16
| Management Of Wireless Networks 109
|
| 8.17
| Security Of The Network 110
|
| 8.18
| Role-Based Access Control 111
|
| 8.19
| Audit Trails And Security Logging 112
|
| 8.20
| Key Management 112
|
| 8.21
| Summary 113
|
| 9.1
| Introduction 117
|
| 9.2
| The Principle Of Most Recent Change 117
|
| 9.3
| The Evolution Of Management Tools 118
|
| 9.4
| Management Tools As Applications 118
|
| 9.5
| Using A Separate Network For Management 119
|
| 9.6
| Types Of Management Tools 120
|
| 9.7
| Physical Layer Testing Tools 121
|
| 9.8
| Reachability And Connectivity Tools (ping) 122
|
| 9.9
| Packet Analysis Tools 123
|
| 9.10
| Discovery Tools 124
|
| 9.11
| Device Interrogation Interfaces And Tools 126
|
| 9.12
| Event Monitoring Tools 127
|
| 9.13
| Triggers, Urgency Levels, And Granularity 127
|
| 9.14
| Events, Urgency Levels, And Traffic 129
|
| 9.15
| Performance Monitoring Tools 129
|
| 9.16
| Flow Analysis Tools 132
|
| 9.17
| Routing And Traffic Engineering Tools 133
|
| 9.18
| Configuration Tools 133
|
| 9.19
| Security Enforcement Tools 134
|
| 9.20
| Network Planning Tools 134
|
| 9.21
| Integration Of Management Tools 135
|
| 9.22
| NOCs And Remote Monitoring 136
|
| 9.23
| Remote CLI Access 137
|
| 9.24
| Remote Aggregation Of Management Traffic 138
|
| 9.25
| Other Tools 140
|
| 9.26
| Scripting 141
|
| 9.27
| Summary 141
|
| 10.1
| Introduction 143
|
| 10.2
| The Remote Management Paradigm And Applications 143
|
| 10.3
| Management Functions And Protocol Definition 144
|
| 10.4
| The Read-Write Paradigm 145
|
| 10.5
| Arbitrary Operations And Virtual Items 146
|
| 10.6
| Standards For Network Management Protocols 146
|
| 10.7
| SNMP Scope And Paradigm 147
|
| 10.8
| Basic SNMP Commands And Optimizations 148
|
| 10.9
| Asynchronous Traps And Event Monitoring 148
|
| 10.10
| Traps, Polling, Bandwidth, And CPU Cycles 149
|
| 10.11
| Management Information Base (MIB) And Variables 150
|
| 10.12
| A Hierarchy Of MIB Variable Names 151
|
| 10.13
| Advantages And Disadvantages Of A Hierarchy 153
|
| 10.14
| Complex Data Aggregates And MIB Tables 154
|
| 10.15
| Granularity Of Aggregate Access 155
|
| 10.16
| Transport Protocols And Interaction 155
|
| 10.17
| Updates, Messages, And Atomicity 156
|
| 10.18
| The Remote Monitoring MIB (RMON) 157
|
| 10.19
| A Manager's View Of MIB Variables 158
|
| 10.20
| Security And The Community String 159
|
| 10.21
| Summary 160
|
| 11.1
| Introduction 163
|
| 11.2
| Basic Traffic Analysis 163
|
| 11.3
| The Flow Abstraction 164
|
| 11.4
| The Two Types Of Flows 165
|
| 11.5
| The Purpose Of Flow Analysis 166
|
| 11.6
| Levels Of Flow Aggregation 167
|
| 11.7
| Online And Offline Flow Analysis 168
|
| 11.8
| Examples Of Flow Data Analysis 169
|
| 11.9
| Flow Data Capture And Filtering 171
|
| 11.10
| Packet Inspection And Classification 173
|
| 11.11
| Capture For Online And Offline Analysis 174
|
| 11.12
| Flows Using Packet Content 175
|
| 11.13
| Flows And Optimized Forwarding 175
|
| 11.14
| Flow Data Export 177
|
| 11.15
| Origin Of NetFlow Technology 178
|
| 11.16
| Basic NetFlow Characteristics 178
|
| 11.17
| Extensibility And Templates 179
|
| 11.18
| NetFlow Message Transport And Consequences 180
|
| 11.19
| Effect Of Configuration Choices 181
|
| 11.20
| Summary 182
|
| 12.1
| Introduction 185
|
| 12.2
| Definitions Of Forwarding And Routing 185
|
| 12.3
| Automation And Routing Update Protocols 186
|
| 12.4
| Routing Basics And Route Metrics 186
|
|
| 12.4.1
| Shortest Paths And Route Metrics 187
|
|
| 12.4.2
| Types And Scope Of Routing 188
|
| 12.5
| Example Routing Update Protocols 188
|
| 12.6
| Management Of Routes 189
|
| 12.7
| The Difficulty Of Route Management 189
|
| 12.8
| Use Of Routing Metrics To Enforce Policy 190
|
| 12.9
| Overcoming Automation 191
|
| 12.10
| Routing And Management Of Quality-of-Service 192
|
| 12.11
| Traffic Engineering And MPLS Tunnels 193
|
| 12.12
| Precomputation Of Backup Paths 193
|
| 12.13
| Combinatorial Optimization And Infeasibility 195
|
| 12.14
| Precomputation And Fast Convergence For IP Routing 196
|
| 12.15
| Traffic Engineering, Security, And Load Balancing 196
|
| 12.16
| Overhead, Convergence, And Routing Protocol Choices 197
|
| 12.17
| OSPF Areas And The Principle Of Hierarchical Routing 198
|
| 12.18
| Management Of Routing And Hidden Problems 199
|
| 12.19
| The Global Nature Of Routing 200
|
| 12.20
| Summary 201
|
| For Further Study 202
|
| 13.1
| Introduction 205
|
| 13.2
| Limits Of Configuration 205
|
| 13.3
| Iterative Improvement Using The Upgrade Paradigm 206
|
| 13.4
| Extending Functionality Without An Upgrade Cycle 207
|
| 13.5
| The Traditional Concept Of Scripting 207
|
| 13.6
| Scripts And Programs 208
|
| 13.7
| Stand-Alone Management Scripts 209
|
| 13.8
| CLI, The Unix Expect Program, And Expect Scripts 210
|
| 13.9
| Example Expect Script 211
|
| 13.10
| Management Scripts, Homogeneity, And Expect 212
|
| 13.11
| An Example Stand-Alone Script With Graphical Output 214
|
| 13.12
| Using Scripts As An Extension Mechanism 223
|
| 13.13
| Example Server With Scripting Extensions 223
|
| 13.14
| Example Of Server Extension Points 225
|
| 13.15
| Script Interface Functionality 226
|
| 13.16
| Example Server Extension Script 227
|
| 13.17
| Example Script That Manipulates A Reply 230
|
| 13.18
| Handling Multiple Tasks With A Single Script 232
|
| 13.19
| Script Timing, External Access, And Overhead 233
|
| 13.20
| Summary 234
|
| For Further Study 235
|
| 14.1
| Introduction 239
|
| 14.2
| Network Automation 240
|
| 14.3
| Dividing The Problem By Network Type 241
|
| 14.4
| Shortcomings Of Existing Automation Tools 242
|
| 14.5
| Incremental Automation Vs. A Blank Slate 243
|
| 14.6
| Interface Paradigm And Efficiency 244
|
| 14.7
| The Goal Of An Automated Management System 246
|
| 14.8
| Desiderata For An Automated Management System 248
|
| 14.9
| Multiple Sites And Managers 250
|
| 14.10
| Authority Domains And Role-Based Access Control 250
|
| 14.11
| Focus On Services 251
|
| 14.12
| Policies, Constraints, And Business Rules 251
|
| 14.13
| Correlation Of Multiple Events 253
|
| 14.14
| Mapping From Logical To Physical Locations 253
|
| 14.15
| Autonomy, Manual Override, And Policy Changes 254
|
| 14.16
| Summary 255
|
| 15.1
| Introduction 257
|
| 15.2
| Paradigms For Management System Design 258
|
| 15.3
| Characteristics Of A Top-Down Approach 258
|
| 15.4
| Characteristics Of A Bottom-Up Approach 259
|
| 15.5
| Selecting Any Or All In A Bottom-Up Design 260
|
| 15.6
| Weaknesses of The Two Design Paradigms 260
|
| 15.7
| A Hybrid Design Methodology 261
|
| 15.8
| The Critical Need For Fundamental Abstractions 262
|
| 15.9
| An Analogy To Operating Systems 263
|
| 15.10
| Separation Of Management From Elements 264
|
| 15.11
| Mapping From Abstractions To Network Elements 264
|
| 15.12
| Northbound And Southbound Interfaces 265
|
| 15.13
| A Set Of Architectural Approaches 266
|
|
| 15.13.1
| Monolithic Architecture 266
|
|
| 15.13.2
| Extensible Framework 268
|
|
| 15.13.3
| Software Backplane 268
|
|
| 15.13.4
| Tiered Hierarchy 270
|
|
| 15.13.5
| Database-Centric 272
|
| 15.14
| Useful Implementation Techniques 273
|
| 15.15
| Late Binding Of A Programmatic Interface 275
|
| 15.16
| Validation Of External Expectations 276
|
| 15.17
| An Architecture Of Orthogonal Tools 278
|
| 15.18
| Summary 279
|
| 16.1
| Introduction 283
|
| 16.2
| Data For Management Software 283
|
| 16.3
| The Issue Of Data Representation 284
|
| 16.4
| Internal Representation And Programming Language 286
|
| 16.5
| The Effect Of Programming Paradigm On Representation 286
|
| 16.6
| Objects And Object-Based Representation 287
|
| 16.7
| Object Representation And Class Hierarchy 288
|
| 16.8
| Persistence, Relations, And Database Representation 288
|
| 16.9
| Representations At Various Points And Times 289
|
| 16.10
| Translation Among Representations 290
|
| 16.11
| Heterogeneity And Network Transmission 291
|
| 16.12
| Serialization And Extensibility 292
|
| 16.13
| The Need For Semantic Specification 293
|
| 16.14
| Semantic Validity And Global Inconsistency 293
|
| 16.15
| Information Models And Model-Driven Design 294
|
| 16.16
| Information And Data Models 295
|
| 16.17
| Class Hierarchies In An Object-Oriented Model 296
|
| 16.18
| Multiple Hierarchies 298
|
| 16.19
| Hierarchy Design And Efficiency 299
|
| 16.20
| Cross-Hierarchy Relationships And Associations 300
|
| 16.21
| Prescriptive Models And Generality 301
|
| 16.22
| Purpose Of Models And Semantic Inference 303
|
| 16.23
| Standardized Information Models 303
|
| 16.24
| Graphical Representation Of Models (UML) 304
|
| 16.25
| The Issue Of Complexity 306
|
| 16.26
| Mapping Objects To Databases And Relations 307
|
| 16.27
| Representation And Storage Of Topology Information 307
|
| 16.28
| Ontology And Data Mining 309
|
| 16.29
| Summary 309
|
| 18.1
| Introduction 323
|
| 18.2
| Fundamental Abstractions For A Management System 323
|
| 18.3
| Separation Of Control And Validation 324
|
| 18.4
| Boundary Between A Network And End Systems 324
|
| 18.5
| Taxonomy Of Network Management Architectures 325
|
| 18.6
| Extent Of Functionality Offered By Existing Systems 325
|
| 18.7
| Management Of Routing And Traffic Engineering 325
|
| 18.8
| Automated Address Assignment 325
|
| 18.9
| Analysis Of Routing 326
|
| 18.10
| Security Policy Enforcement 326
|
| 18.11
| Infrastructure Redesign For Automated Management 326
|
| 18.12
| Peer-To-Peer Propagation Of Management Information 327
|
| 18.13
| Routing Failure Analysis 327
|
| 18.14
| Limits Of Automated Topology Discovery 327
|
| 18.15
| Data Mining Of NetFlow Data 327
|
| 18.16
| Storage Of Network State 328
|
| 18.17
| Anomaly Detection Using Bayesian Filtering 328
|
| 18.18
| Cost Of Protection In Scripting 328
|
| 18.19
| Late-Binding Interface Management Applications 328
|
| 18.20
| Boundary Between Management System And Elements 329
|
| 18.21
| Summary 329
|