Includes latest SNMPv2 and RMON2 specs
`
`SNMP
`SNMPv2
`and
`RMON
`
`Practical Network Management
`Second Edition
`
`William Stallings
`
`

`
`Networking
`
`SNMP, SNMPv2, and RMON
`Practical Network Management
`
`William Stallings
`
`In order to manage today's complex, multivendor network environments effectively
`and to plan intelligently for the future, you will need an understanding of network
`management technology and a thorough grasp of the existing and evolving standards.
`
`SNMP (Simple Network Management Protocol) is the most widely-deployed TCP/IP
`network management standard. This definitive guide is updated from the first edition
`to cover the final version of SNMPv2 and the increasingly popular RMON network
`management utility. It provides a comprehensive introduction to SNMP-based network
`management.
`
`You will find clear explanations of such general network management fundamentals as
`performance monitoring and security control, as well as a specific introduction to
`SNMP network management concepts and information. Both the SNMPvl and
`SNMPv2 protocols are described in depth. RMON2, the latest version of the Remote
`Network Monitoring management utility, is thoroughly documented, including practi(cid:173)
`cal techniques for its effective application.
`
`Geared for network designers, implementors, and system managers, the book
`discusses critical design issues, explores various approaches to meeting communica(cid:173)
`tions requirements, and gives systems professionals the understanding they need to
`evaluate specific vendors' network products.
`
`William Stallings heads his own consulting business, Comp-Comm Consulting,
`where he advises government agencies, computer and software vendors, and major
`users on the design, selection, and use of networking software and products. He is a
`frequent lecturer and author of numerous technical papers and books, including
`Networking Standards: A Guide to OS!, ISDN, LAN, and MAN Standards and SNMp,
`SNMPv2) and CMIP: The Practical Guide to Network-Management Standards) First Edition.
`He holds a PhD from MIT in Computer Science and a BS from Notre Dame in
`Electrical Engineering.
`
`Cover design by Avanda Peters
`Cover art by Dominique Sarraute, The Image Bank
`o Text printed on recycled paper
`Corporate & Professional Group
`Tj.T Addison-Wesley Publishing Company
`
`90000 I
`
`9 780201 634792
`ISBN 0-201-63479-1
`
`

`
`

`
`List of Acronyms
`
`ACSE
`ANSI
`ASN.J
`FTP
`lAB
`IEEE
`IETF
`IP
`ISO
`LAN
`MIB
`OS]
`PDU
`RFC
`RMON
`SMI
`SMP
`SNMP
`TCP
`TFTP
`UDP
`
`Association Control Service Element
`American National Standards Institute
`Abstract Syntax Notation One
`File Transfer Protocol
`Internet Architecture Board
`Institute of Electrical and Electronics Engineers
`Internet Engineering Task Force
`Internet Protocol
`International Organization for Standardization
`local-area network
`management information base
`Open Systems Interconnection
`protocol data unit
`Request for Comment
`Remote Network Monitoring
`structure of management information
`Simple Management Protocol
`Simple Network Management Protocol
`Transmission Control Protocol
`Trivial File Transfer Protocol
`User Datagram Protocol
`
`

`
`

`
`SNMP, SNMPv2, and RMON
`
`

`
`

`
`SNMP, SNMPv2, and RMON
`Practical Network Management
`
`Second Edition
`
`William Stallings
`
`~ TT
`ADDISON-WESLEY PUBLISHING COM PANY
`Reading, MassachusettS Menlo Park, California New York
`Don Mills, Ontario Wokingham, England Amsterdam
`Bonn
`Sydney
`Singapore
`Tokyo Madrid
`San Juan
`Seoul Milan Mexico City Taipei
`
`

`
`Many of the designations used by manufacturers and sellers to distinguish their products are claimed
`as trademarks. Where those designations appear in this book and Addison~ Wesley was aware of a
`trademark claim, the designations have been printed with initial capital letters.
`
`The publisher offers discounts on this book when ordered in quantity for special sales.
`
`For more information, please contact:
`Corporate & Professional Publishing Group
`Addison-Wesley Publishing Company, Inc
`One Jacob Way
`Reading Massachusetts 01867
`
`Library of Congress Cataloging-in-Publication Data
`
`Stallings, William.
`SNMP, SNMPv2, and RMON : practical network management I William
`Sta1!ings. - 2nd cd .
`p. em.
`Rev. cd. of: SNMP, SNM Pv2, and CMIP, c1993.
`Includes bibliographical references and index.
`ISBN 0-201-63479-1
`1. Computer networks-Ma nagement. 2. Computer network protocols-
`Standards. 3. Simple Network Management Protocol (Computer network protocol)
`TK5 \05.5.S732 1996
`004.6'2-dc20
`
`I. Title.
`
`96-5916
`CII'
`
`CopyrighT Q 1996 by Addison-Wesley Publishing Company, inc
`
`All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or
`transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or
`otherwise, without the prior written permission of the publisher. Printed in the United States of
`America . Published simultaneously in Canada.
`
`0-201-63479-1
`1 2345678 9-MA-99989296
`First Printing July 1996
`
`

`
`As always,
`for Tricia Antigone
`and for Geoffroi, too
`
`

`
`

`
`Contents
`
`Preface
`Xl
`How to Read This Book
`
`X11I
`
`Chapter 1
`
`Overoiew ..... .. ........................................ ............... ..
`1.1
`Network Management Requirements 2
`1.2
`Netwotk Management Systems 7
`1.3
`Outline of the Book 16
`APPENDIX IA
`Internet Resources 19
`
`1
`
`Part I
`
`Network Management Fundamentals
`
`Chapter 2
`
`Network Monitoring ..... .... ... ... ...... .......... ... ... ... ... ... .. 27
`2.1
`Network-MonitoringArchitecture 27
`2.2
`Performance Monitoring 33
`2.3
`Fault Monitoring 44
`2.4
`Accounting Monitoring 47
`2.5
`Summary 48
`APPENDIX 2A Queueing (as text) Theory Concepts 49
`APPENDIX 2B Statistical Analysis Concepts 54
`
`Chapter 3
`
`Network Control ..... ... ....... ... ... ... ............. ... ... ... ... .... 57
`3.1
`Configuration Control 57
`3.2
`Security Control 61
`3.3
`Summa ry 68
`
`'"
`
`

`
`VI II
`
`CONTENTS
`
`Part II
`
`SNMPvl
`
`Chapter 4
`
`Chapter 5
`
`Chapter 6
`
`Chapter 7
`
`SNMP Network Manageme1lt Concepts .... ....... ... .... .... 71
`4.1
`Background
`71
`4 .2
`Basic Concepts 77
`4. 3
`Summary 82
`
`SNMP Manageme1lt Information .... .......... ......... ........ 83
`5. 1
`Structure of Management Information 84
`5.2
`Practical Issues 99
`5.3
`Summ ary 111
`APPENDIX SA TCP Connecti on States 111
`
`Standard MIRs ........................................... ............. 115
`6.1
`MIB·II 115
`6.2
`Ethernet Inrerface MIB 143
`6.3
`Summary 152
`APPENDIX 6A Case Diagrams 153
`APPENDIX 6B
`IP Addressing 154
`
`Simple Network Management Protocol (SNMP) ........... 157
`7. 1
`Basic Concepts 157
`7.2
`Protocol Specification 166
`7.3
`Transport-Level Support 184
`7.4
`SNM P Group 186
`7.5
`Practical Issues 186
`7.6
`Summary 196
`APPENDIX 7A Lexicographic Ordering 197
`
`Part III
`
`RMON
`
`Chapter 8
`
`Remote Network Monitoring: Statistics Collection ....... 201
`Ba sic Concepts 201
`8. 'I
`8.2
`statistics Group 214
`
`

`
`Chapter 9
`
`Chapter 10
`
`CONTENTS
`
`IX
`
`history Group 216
`8.3
`host Group 221
`8.4
`hostTopN Group 226
`8.5
`8.6 matrix Group 229
`tokenRing Extensions to RMON 233
`8.7
`8.8
`Summary 239
`APPEN DIX SA EntryStatus Textual Convention 239
`
`Remote Network Monitoring: Alarms and Filters ...... ... 241
`9.1
`alarm Group 241
`9.2
`fil ter Group 246
`9.3
`Packet capture Group 256
`9.4
`event Group 259
`9.5
`Practical Issues 262
`9.6
`Summary 265
`
`RMON2 ................................................................. 267
`10.1 Overview 267
`10.2
`Protocol Directory Group 277
`10.3
`Protocol Distribution Group 283
`10.4 Address Map Group 283
`10.5 RMON2 host Groups 289
`10.6 RMON2 matrix Groups 294
`10.7 User History Collection Group 303
`10.8
`Probe Configuration Group 308
`10.9
`Extensions to RMON1 for RMON2 Devices 312
`10.1 0 Summary 314
`
`Part IV
`
`SNMPv2
`
`Chapter 11
`
`SNMPv2: Management Information .............. ............. 317
`11.1
`Background 317
`11.2
`Structure of Management Information 321
`11.3
`Summary 343
`APPENDIX IlA Row- Status Textual Convention 345
`
`

`
`x
`
`CONTENTS
`
`Chapter 12
`
`Chapter 13
`
`Appendices
`
`Appendix A
`
`Appendix B
`
`SNMPv2: Protocol ..... .............................................. 353
`12.1
`Protocol Operations 353
`12.2 Transport Mappings 380
`12.3 Coexistence with SNMPv1 380
`12.4
`Summary 386
`
`SNMPv2: MIBs and Conformance ............................. 387
`13.1
`SNM Pv2 Management Information Base 387
`13.2 Conformance Statements for SNMPv2 393
`Evolution of the interfaces Group of MIB-U 401
`13.3
`13.4
`Summary 411
`APPENDIX 13A TestAndlncr Textual Conventi on 411
`
`The TCPIIP Protocol Suite ........................................ 415
`Operation of TCP and IP 416
`A.l
`The TePtlP Layers 417
`A.2
`TCPtIP Applications 420
`A.3
`User Datagram Protocol (UDP) 421
`AA
`TCPtIP Standards 422
`A.S
`
`Abstract Syntax Notation One (ASN.l) ...................... 425
`B.l
`Abstract Syntax 425
`B.2
`ASN.l Concepts 428
`B.3
`ASN.l Macro Definitions 442
`B.4
`Basic Encoding Rules 449
`B.5
`Alternative Encoding Rules 459
`
`Glossary 461
`References 467
`Index 469
`
`

`
`Preface
`
`The relentless growth in the information-processing needs of organizations has been accompanied
`both by the rapid development in computer- and data-networking technology TO support those
`needs and by an explosion in the variety of equipment and networks offered by vendors. Gone arc
`the days when an organization would rely Oil a single vendor and a relatively straightforward
`architecture to suppOrt its needs. The world is no longer divided into The pure mainframe-based,
`IBM-compatible, centralized environment and the PC-based, single-LAN-type, distributed envi(cid:173)
`ronment. Today's typical organization has a large and growing but amorphous network architec(cid:173)
`ture, with a variety of local-area networks (LANs) and wide-area networks (WANs), supported
`by bridges and routers, and a variety of distributed computing services and devices, including
`pes, workstations, and servers. And, of course, despite over two decades of premature eulogies,
`the mainframe lives on in countless distributed and some centralized configurations.
`To manage these systems and networks, which continue to grow in scale and diversity, a rich
`set of automated network management tools and applications is needed. Fundamental to the
`operation of such tools and applications in a mu!tivendor environment are standardized tech(cid:173)
`niques for represenring and exchanging information relating to network management.
`in response to these needs, managers and users have turned overwhelmingly to o ne standard :
`the Simple Network Management Protocol (SNMP) and the relared Remote Network Monitor(cid:173)
`ing (RMON) specification. SNM P was initially specified in the latel980s and quickly became the
`standard means for multi vendor network management. However, SNMP was too limited to meet
`all the critical needs fo r network management. Two enhancements have solidified the role of
`SNMP as the indispensable network management tool. Fi rst, the RMON specification, wh ich is
`built on SNMP, was released in 1991 . RMON defines algorithms and data bases for managing
`remore LANs. Second, an enhanced version of SNMP, known as SNMPv2, was released in 1993.
`SNM Pv2 provides more functionality and greater efficiency than the original version of SNMP.
`In 1996 both RMON and SNMP,,2 were updated and extensively revised. This book is
`based on these most recent versions.
`
`Objective
`
`in order to manage today's systems effectively and to plan intelligently for the fUTUre use of net(cid:173)
`work management systems, the systems manager needs an understanding of the technology of
`xo
`
`

`
`XII
`
`PREFACE
`
`network management and a thorough grasp of the details of [he existing and evolving sta ndards.
`It is the objective of [his book to fill this need.
`This book provides a comprehensive introduction to SNM P-based network and inrer(cid:173)
`network managemenr. The first parr of the book is a survey of network managemenr technology
`and techniques, to enable the reader to place the various vendor offerings inro the conrcxt of his
`or her requirements. The second part of the book presenrs the original SNMP famil y of standards,
`which is still the most widely deployed version. The third part looks at the revised version of
`RMON, which includes an update of [he original RMON specification, plus RI" ION2, which
`extends R.MON functionality. The final part of the book examines SNMPv2 in detail. Through(cid:173)
`out, practical issues related to the use of these standards and products based on these standards
`arc examined.
`
`Intended Audience
`This book is intended for a broad range of readers interested in network managemcm, including
`
`.. Students alld professionals in data ,,,ocessing and data commullications: This book is in(cid:173)
`tended as a basic tutor ial and reference source for th is exciting area.
`.. Network mallagemellt designers and implementors: This book discusses critica l design is(cid:173)
`sues and explores approaches to meeting communication requirements.
`.. Network management system cllstomers and system mallagers: This book helps the reader
`understand what features and structures arc needed in a network management faci lity and
`provides information abom current and evolving standards to enable the reader to assess a
`specific vendor's offering.
`
`Acknowledgments
`[ would like to thank the reviewers of this book, who generously provided feedback on part or all
`of the manuscript: K. K. Ramakrishnan of AT&T; Russell Diet'l of Technically Elite Concepts;
`Ravi Prakash of FTP Software; Ole Jacobsen of [ntcrop Company; Clif Baker of the Research
`Libraries Group; Sandra Durham of Cisco; and Ian Taylor of Cygnus. In addition , the two main
`amhors of RMON2-Andy Bierman of Bierman Consulting, and Robin [ddoll of AXON Net(cid:173)
`works-provided detailed reviews of the RMON material.
`Also, [ am grateful to the peop[e who reviewed both the original proposal for this book and
`an ea rly draft: Lyman Chapin of BBN; Radia Perlman of Novell; Glen Glater, Christopher
`Heigham, and Pcter Schmidt of Midnight Network s.
`
`

`
`How to Read This Book
`
`Chapter I provides an overview of the conceptS used throughout this book and includes a
`chaptcr-by-chapter summ:lry. Following this introductory chapter, the book consists of four parts
`and twO supponing a ppcndiccs. The accompanying figure (Figure P.l : A Reading Gllide) provides
`a suggested reading strategy fo r the book.
`If you are unfamilia r with ne[work management concepts, or have only a superficial under(cid:173)
`standing, you should rcad Parr I (Chapters 2 and 3), which provides a basic introduction to the
`fundamentals of nerwork management technology.
`$NM P was developed fo r use in a TCPIIP environment, and the reader unfamiliar with this
`pro[()eol suite should read Appendix A, which provides an overview. The SNMP and RMON
`specifications rely heavily on the use of Abstract Syntax Notation O ne (ASN.l), including the
`macro faci lity. The reader not up to speed on this notation should consult Appendix B before
`proceeding.
`Part II (Chapters 4 through 7) deals with version "] of SNMP and related M Ills. The remain(cid:173)
`der of the book bui lds on Ihis part.
`Parts III and IV can be read in either order. Part III (Chapters 8, 9, and 10) deals with remote
`monitoring (RMON), which is an important facility Ihal can be provided with SNM P. RMON2,
`discussed in Chapter 10, makes use of some of the notation from SNMPv2 in ils definitions.
`However, RMON2 can be used with an SNM Pvl infrastructu re and does not require implemen(cid:173)
`tation of SNMPv2. The few references to SNMPv2 are explained in Chapter 10 SO ThaT Pan 111
`can be read independently of Pari rv. Pa ri IV (Chaplers 11, 12, and 13) covers SNMP version 2
`(SNMPv2).
`
`XIII
`
`

`
`Read Chapter 1
`(Overview)
`
`Do you have a
`background in
`network management?
`V,,
`
`(
`
`(
`
`Do you have a
`basic grasp
`of TCP/ IP?
`V,,
`
`Do you have a
`basic grasp of ASN.l,
`including macros?
`
`V"
`
`Read Chapters 4- 7
`(SNMPvl)
`
`No
`
`No
`
`No
`
`Read Chapters 2 and 3
`(Network Management
`Fundamentals)
`
`Read Appendix A
`(TCP/IP)
`
`Read Appendix B
`(ASN.l)
`I
`
`j
`
`Read Chapters 8-10
`(RMON)
`I
`
`I
`
`j
`
`j
`
`Read Chapters 11-1 3
`(SNMPv2)
`I
`
`Save book for
`future reference
`
`FIG URE P. l
`
`A Reading Guide
`
`

`
`CHAPTER 1
`
`Overview
`
`Networks and distributed processing systems arc of growing importance and, indeed, have be(cid:173)
`come critical in the business world. Within a given organization, the trend is toward larger, morc
`complex networks supporting more applications and more users. As these nClworksgrow in scale,
`two facts become painfully evident:
`
`... The network and its associated resources and distribmcd applications become indispensable
`to the organization.
`... More things can go wrong, disabling the network or a portion of the network, or degrading
`performance to an unacceptable level .
`
`A large network cannot be put together and managed by human effort alone. The com(cid:173)
`plexity of such a system dictates the use of automated network management tools. The urgency
`of the need for such tools-and the difficulty in supplying them-is increased if the network
`includes equipment from multiple vendors.
`As networked installations become larger, more complex, and more heterogeneous, the cost
`of network management rises. To control costs, standardized tools arc needed that can be used
`across a broad spectrum of product types, including end systems, bridges, routers, and telecom(cid:173)
`munications equ ipment, and that can be used in a mixed-vendor environment. In response to this
`need, the Simple Network Management Protocol (SNM P) was developed to provide a tool for
`multi vendor, interoperable network management.
`SNM P actually refers to a set of standards for network management, including a protocol,
`a database Structure specification, and a set of data objects. SNMP was adopted as the standard
`for TCP/ IP-based internets in [989 and has enjoyed widespread popularity. In 1991 a supplement
`(0 SNM P, known as Remote Network M onitoring (RMON ), was issued; RMON extends the
`capabilities of SNMP to include management of local-area networks (LANs) as well as the devices
`attached to those networks. In 1993 an upgrade to S MP, known as SN MP version 2 (SNMl'v2),
`was proposed; a revisioll ofSNMPv2 was issued in 1996. SNMPv2 adds functional enhancements
`(0 SNMP and codifies the use of SNMP on OS I-based networks. Also in 1996, RMON was ex(cid:173)
`tended with an addition known as RMON2.
`The bulk of this book is devoted to a study of SNMP, RMON, and SNMPv2, and to some
`of the practical issues associated with each. The remainder of this chapter, and the next two,
`provide an overview of network management in general.
`
`

`
`2
`
`OVERVIEW'
`
`'"eofu" ~~~~~====:J
`Security features E
`Restoral capability :E~~~~~~~~~---'
`
`Ability to delete/add
`
`Ability to Monitor
`network availability
`Traffic rerouting
`
`Improved automation
`
`User registration
`
`Improved reporting
`Ability to Monitor
`response time
`
`o
`
`10
`
`20
`
`30
`
`40
`
`50
`
`60
`
`Percent responding "very critical"
`
`lmpo rta nt Network M anagement Features
`
`,
`FIGU RE 1.1
`
`1.1 N etwork Management Requirements
`With any design, it is best ro begin with a definition of the users' requ iremen ts. This is certainly
`Tfue of an area as complex as network management. One way to do this is to consider the features
`that are most important to the user. Figure 1.1 shows the results of a recent survey. Given the cost
`of network management-and the magnitude of the task-it should be no surprise that ease of
`use is by far of mOSt critiCal importance to users. Z
`Another breakdown of users' requirements is provided in (Terplan 1992), which lists the
`following as rhe principal driving forces for justifying an investment in ner.vork management:
`
`• Controllillg corporate strategic assets: Networks and distributed computing resources arc
`increasingly vital resources for mOST organizations. Without effective comrol, these re(cid:173)
`sources do not provide the payback that corporate management requires.
`... Controlling complexity: The continued growth in the number of nenvork components, end
`users, interfaces, protocols, and vendors threatens management with loss of control over
`what is connected ro the network and how network resources are used.
`Improving service: End users expect the same or improved service as The information and
`computing resources of the organization grow and distribute.
`... Balancing variOIlS needs: The information and computing resources of an organization must
`provide a spectrum of end users with various applications ar given levels of support, wi th
`
`...
`
`

`
`Network Management Requirements
`
`3
`
`TABLE 1.1
`
`051 Management Functional Areas
`
`Faull management
`The facilities that enable the detection, isolation, and correction of abnormal operation of the
`OSI environment
`Accounting management
`The facilit ies that enable charges to be established for the use of managed objects and costs to
`be identified fo r the use of those managed objects
`Configuration and name man agement
`The facilities that exercise control over, identify, collect data from, and provide data to man(cid:173)
`aged ob jects for the purpose of assisting in providing for the continuous operation of inter(cid:173)
`connection services
`Performance management
`The facilities needed to evaluate the behavior of managed objects and the effectiveness of
`communication activities
`Security management
`The facilities that address those aspects of OSI security essential to operate OSI network
`management correctly and to protect managed objects
`
`specific requirements in the areas of performance, availability, and security. The network
`manager must assign and control resources to balance these various needs.
`.. Reducillg downtime: As the network resources of an organization become more important,
`minimum availabil ity requirements approach 100 percent. In addition to proper redundant
`design, network management has an indispensable role to play in ensuring high availability
`of its resources .
`.. Controlling costs; Resource utilization must be monitOred and controlled to enable essential
`end-user needs to be satisfied with reasonable cost.
`
`While such su rveys and qualitative statements are useful and can guide the designer in de(cid:173)
`veloping the details of a network management fac ility, a functional breakdown of requirements is
`needed to structure the overall design process. Table 1.1 lists the key functional areas of network
`management as defined by the International O rganization for Standardization (ISO). Although
`this functional classification was developed for the OSI environment, it has gained broad accep(cid:173)
`tance by vendors of both standardized and proprietary network management systems.
`
`1.1.1 Fault Management
`1.1.1.1 Overview
`To maintain the proper operation of a complex network, a network manager must take care that
`systems as a whole, and each essential componem individually, are in proper working order.
`When a fault occurs, it is important, as rapidly as possible, for the network manager to
`
`

`
`4
`
`OVERVIE\V
`
`.. Determine exactly where the fault is.
`
`.. Isolate the rest of the nerwork from the failure so that it can continue to function without
`interference.
`
`.. Reconfigure or modify the network in such a way as to minimize the impact of operation
`without the failed component(s).
`
`.. Repair or replace the failed component(s) to restore the network to its initial state.
`
`Central to the definition of fault managemem is the fundamental concept of a fault. Faults
`are to be distinguished from errors. A fau ll is an abnormal condition that requires management
`attention (or action) to repa ir, whereas an error is a single event. A fault is usually indicated by
`the failure to operate correctly or by excessive errors. For example, if a communications line is
`physica lly cut, no signals can get through. Or a crimp in the cable may ca use wild distortions so
`that there is a persistently high bit-error rate. Certain errors (e.g., a single bit error on a commu(cid:173)
`nication line) may occur occasiona lly and are not norma lly considered to be faul ts. It is usually
`possible to compensate for errors using the error-comrol mechanisms of the various protocols.
`
`1.1, 1.2 User Requirements
`End users expect fast and reliable problem resolution. Most end users will tOlerate occasional
`outages. When these infrequent outages do occur, however, the end user generally expects to
`receive immediate nQ[ification and to have the problem corrected right away. To provide this level
`of fault resolution requires very rapid and reliable fau lt detection and diagnostic management
`functions. The impact and duration of faults can also be minimized by the use of redundant
`components and alternate communication routes, to give the nerwork a degree of "fault toler(cid:173)
`ance." The fault management capability itself shou ld be redundant to increase network reliability.
`Users expect to be kept informed of the network stams, including both scheduled and
`unschedu led disruptive mai ntenance. Users expect reassurance of correct network operation
`through mechanisms that use coofidence tests or analyze dumps,logs, alerrs, or statistics.
`After correcting a fault and restoring a system to its full operational state, the fault manage(cid:173)
`ment service must ensure that the problem is truly resolved and that no new problems are intro(cid:173)
`duced . This requirement is called problem [Tacking and control .
`As with other areas of network management, fau lt management shou ld have a minimal
`effect on network performance.
`
`1.1.2 Accounting Management
`1.1.2.1 O verview
`In many corporate networks, individua l divisions or cost centcrs, or even individual project ac(cid:173)
`coums, are charged for the use of nenvork services. These arc internal accouming procedures
`rather than actual cash transfers, but nevertheless they are importam to the participating end
`
`

`
`Network Mallagement Requiremellts
`
`5
`
`users. Furthermore, even if no such internal charging is employed, the network manager needs to
`be able to track the use of network resources by end user or end-user cl ass for a number of reasons,
`including the follow ing:
`
`" An end user or group of end users may be abusing its access privileges and burden ing the
`network at the expense of other end users.
`... End users may be making inefficient use of the network, and the network manager can assist
`in changing procedures to improve performance.
`" The network manager is in a better position to plan for network growth if end-user activity
`is known in sufficient detai l.
`
`1.1.2.2 User Requirements
`The network manager needs to be able to specify the kinds of accounting information to be re(cid:173)
`corded at various nodes, the desi red interval between sending the recorded info rmation to higher(cid:173)
`level management nodes, and the algorithms to be used in calculating the cha rging. Accounting
`reports should be generated under network manager control.
`In order to limit access to accounting information, the accounting facility must provide the
`capability to verify end users' authorization to access and manipu late that information.
`
`1.1.3 Configuration and Name Management
`1.1.3.1 Overview
`Modern data comm unication networks are composed of individual components and logical sub(cid:173)
`systems (e.g., the device driver in an operating system) that can be configured to perform many
`different appl ications . The same device, for example, can be configured to act either as a router
`or as an end-system node, or both. Once it is decided how a device is to be used, the configuration
`manager can choose the appropriate software and set of attributes and values (e.g., a transport(cid:173)
`layer retransmission ti mer) for that device.
`Configuration management is concerned with initializing a network and gracefully shutting
`down part or all of the network. It is also concemed with maintaining, adding, and updating
`the relationships among components and the status of components themselves during network
`operanon.
`
`1.1 .3.2 User Requirements
`Startup and shutdown operations on a network arc the specific responsibilities of configuration
`management. It is often desirable for these operations on certain components to be performed
`unattended (e.g., starting or shutting down a network i!Herface unit).
`The network manager needs the capability to identify the components that comprise the
`network and to define the desired connectivity of these components. Those who regularly con(cid:173)
`figure a network with the same or a similar set of resou rce attributes need ways to define and
`
`

`
`6
`
`OVERVIEW
`
`modify default attributes and to load these predefined sets of attributes into the specified network
`components. The network manager must be able to change the connectivity of network compo(cid:173)
`nentS when end-users' needs change. The rt'Configuration of a network is often desired in response
`to performance evaluation or in support of network upgrade, fault recovery, or security checks.
`End users often need or want to be informed of the status of network resources and compo(cid:173)
`nents. Therefore, end users shou ld be notified when changes in configuration occur. Configura(cid:173)
`tion reports can be generated either on some routine periodic basis or in response to a request for
`such a report. Before reconfiguration, end users often want to inquire about the upcoming status
`of resources and their attributes.
`Network managers usually want only authorized end users (operators) to manage and con(cid:173)
`Trol network operation (e.g., software distribution and updating).
`
`1.1.4 Performance Management
`1.1.4.1 Overview
`Modern data communications networks are composed of many and varied components, which
`mUSt intercommunicate and share data and resources. In some cases, it is critical to the effective(cid:173)
`ness of an application that the communication over the network be within certain performance
`limi ts.
`Performance management of a computer nenvork comprises two broad functional cate(cid:173)
`gories-monitoring and controlling. Monitoring is the func tion that tracks activities on the
`network. The controlling function enables performance management to make adjustments to
`improve nenvork performance. Some of the performance issues of concern to the network man(cid:173)
`ager arc as follows:
`
`... What is the level of capacity utilization?
`
`...
`
`Is there excessive traffic?
`
`... Has through put been reduced to unacceptable levels?
`... Are there bottlenecks?
`
`...
`
`Is response time increasing?
`
`To deal with these concerns, the network manager must focus on some initial set of resources
`to be monitored in order to assess performance levels. This includes associating appropriate met(cid:173)
`rics and values with relevant network resources as indicators of different levels of performance.
`For example, what counT of retransmissions on a transport connection is considered to be a per(cid:173)
`formance problem requiring attention? Ilerformance management, therefore, must monitor many
`resources to provide information in determining network operating level. By collecting this infor(cid:173)
`mation, analyzing it, and then using the resultant analysis as feedback to the prescribed set of
`values, the network manager can become more and more adept at recognizing situations indica(cid:173)
`tive of present or impending performance degradation.
`
`

`
`Netll/ork Mallagemellt Systems
`
`7
`
`1.1 .4.2 User Requirements
`Before using a network for a particular application, an end user may want to know such things
`as the avcrage and worst-case response times and the rel iability of nel\vork services. Thus perfor(cid:173)
`mance must be known in sufficient detail to assess specific end-user queries. End users expect
`network services to be managed in a way that consistently affords their applications good re(cid:173)
`sponse time.
`Network managers need performance statistics to help them plan, manage, and maintain
`large networks. Performance statistics can be used to recognize potential bottlenecks before they
`cause problems so that appropriate corrective action can be taken. For example, the network
`manager can change routing tables to balance or redistribute traffic load during times of peak use
`or when a bottleneck is identified by a rapidly growing load i