Chapter 12 Network Management Tools and Systems 12.1 Network Management Tools The catalog of network management tools is extensive,and we cannot do justice to the full range of these tools here.They are necessary for troubleshooting of problems in networks and supplement system tools that detect problems or failures and notify the various alarms.In this section,we will consider the tools used daily by network managers and operators to conduct their activities.Some of these tools can also be utilized by network users in their normal use of network services
12.1 Network Management Tools The catalog of network management tools is extensive, and we cannot do justice to the full range of these tools here. They are necessary for troubleshooting of problems in networks and supplement system tools that detect problems or failures and notify the various alarms. In this section, we will consider the tools used daily by network managers and operators to conduct their activities. Some of these tools can also be utilized by network users in their normal use of network services. Chapter 12 Network Management Tools and Systems
Network Management Tools 0199 Network Functional Resources and Role Mechanism Operating Acquisition Components Environment Examples: Examples: Examples: Examples: Free Alarm Bridge NMS DOS Library Manager Ethernet Ping Windows NT Sourcelib Security P SNMP Sun Traffic NFS A UNIX Figure 12.1 NOC Tool Categories [RFC 1470]
Table 12.1 Functional Role of Management Tools Function Description Alarm A reporting/logging tool that can be triggered by specific events with a network Analyzer A traffic monitoring tool that reconstructs and interprets protocol messages that span several packets Benchmark A tool used to evaluate the performance of network components Control a tool that can change the state or status of a remote network resource Debugger A tool that,by generating arbitrary packets and monitoring traffic,can drive a remote network component to various states and record its responses Generator a traffic generation tool Manager A distributed network management system or system component
Table 12.1 Functional Role of Management Tools Function Description Alarm A reporting/logging tool that can be triggered by specific events with a network Analyzer A traffic monitoring tool that reconstructs and interprets protocol messages that span several packets Benchmark A tool used to evaluate the performance of network components Control a tool that can change the state or status of a remote network resource Debugger A tool that, by generating arbitrary packets and monitoring traffic, can drive a remote network component to various states and record its responses Generator a traffic generation tool Manager A distributed network management system or system component
Map A tool that can discover and report a system's topology or configuration Reference A tool for documenting MIB structure or system configuration Routing A packet route discovery tool Security A tool for analyzing or reducing threats to security Status A tool that remotely tracks the status of network components Traffic A tool that monitors packet flow Table 12.2 Resources and Components Managed by Tools Resource/Component Description Bridge A tool for controlling/monitoring LAN bridges CHAOS A tool for controlling or monitoring implementations of the CHAOS protocol suite or network components that use it
Map A tool that can discover and report a system's topology or configuration Reference A tool for documenting MIB structure or system configuration Routing A packet route discovery tool Security A tool for analyzing or reducing threats to security Status A tool that remotely tracks the status of network components Traffic A tool that monitors packet flow Table 12.2 Resources and Components Managed by Tools Resource/Component Description Bridge A tool for controlling/monitoring LAN bridges CHAOS A tool for controlling or monitoring implementations of the CHAOS protocol suite or network components that use it
DECnet A tool for controlling or monitoring implementations of the DECnet protocol suite or network components that use it DNS A domain name system debugging tool Ethernet a tool for controlling or monitoring network components on Ethernet LANs FDDI A tool for controlling or monitoring network components on FDDI LANs or WANs P A tool for controlling or monitoring implementations of the TCP/IP protocol suite or network components that use it OSI A tool for controlling or monitoring implementations of the OSI protocol suite or network components that use it NFS A Network File System debugging tool Ring A tool for controlling or monitoring network components on token ring LANs SMTP An SMTP debugging tool Star A tool for controlling or monitoring network components on Star LANs
DECnet A tool for controlling or monitoring implementations of the DECnet protocol suite or network components that use it DNS A domain name system debugging tool Ethernet A tool for controlling or monitoring network components on Ethernet LANs FDDI A tool for controlling or monitoring network components on FDDI LANs or WANs IP A tool for controlling or monitoring implementations of the TCP/IP protocol suite or network components that use it OSI A tool for controlling or monitoring implementations of the OSI protocol suite or network components that use it NFS A Network File System debugging tool Ring A tool for controlling or monitoring network components on token ring LANs SMTP An SMTP debugging tool Star A tool for controlling or monitoring network components on Star LANs
Chapter 12 Network Management Tools and Systems Table 12.3 Mechanism Used in Management Tool Mechanism Description CMIS A network management system or component based on the Common Management Information System and Protocol (CMIS/CMIP) Eavesdrop a tool that silently monitors communications media (e.g.,by putting an Ethernet interface into "promiscuous"mode) NMS The tool is a component of or queries a Network Management System Ping A tool that sends packet probes such as ICMP echo messages;to help distinguish tools,we do not consider NMS queries or protocol spoofing as probes
Table 12.3 Mechanism Used in Management Tool Mechanism Description CMIS A network management system or component based on the Common Management Information System and Protocol (CMIS/CMIP) Eavesdrop A tool that silently monitors communications media (e.g., by putting an Ethernet interface into "promiscuous" mode) NMS The tool is a component of or queries a Network Management System Ping A tool that sends packet probes such as ICMP echo messages; to help distinguish tools, we do not consider NMS queries or protocol spoofing as probes Chapter 12 Network Management Tools and Systems
Chapter 12 Network Management Tools and Systems Proprietary A distributed tool that uses proprietary Communications techniques to link its components RMON A tool that employs the RMON extensions to SNMP SNMP A Network Management System or component based on the Simple Network Management Protocol (SNMP) Spoof A tool that tests operation of remote protocol modules by peer-level message exchange X A tool that uses X-Windows
Chapter 12 Network Management Tools and Systems Proprietary A distributed tool that uses proprietary Communications techniques to link its components RMON A tool that employs the RMON extensions to SNMP SNMP A Network Management System or component based on the Simple Network Management Protocol (SNMP) Spoof A tool that tests operation of remote protocol modules by peer-level message exchange X A tool that uses X-Windows
12.1.3 Basic Software Tools Numerous basic tools are either part of an operating system or are available as add-on applications that aid in obtaining network parameters or diagnosing network problems.We will describe some of the more popular ones here,under the three categories of status monitoring,traffic monitoring,and route monitoring. Network Status Tools.Table 12.5 lists some of the network status monitoring tools that are available in the UNIX and Microsoft Windows (95 and NT) environments. Table 12.5 Status Monitoring Tools Name Operating System Description Ifconfig UNIX Obtains and configures networking interface parameters and status ping UNIX/Windows Checks the status of node/host nslookup UNIX/Windows NT Looks up DNS for name-IP address translation dig UNIX Queries DNS server Host UNIX Displays information on Internet hosts/domains
12.1.3 Basic Software Tools Numerous basic tools are either part of an operating system or are available as add-on applications that aid in obtaining network parameters or diagnosing network problems. We will describe some of the more popular ones here, under the three categories of status monitoring, traffic monitoring, and route monitoring. Network Status Tools. Table 12.5 lists some of the network status monitoring tools that are available in the UNIX and Microsoft Windows (95 and NT) environments. Table 12.5 Status Monitoring Tools Name Operating System Description Ifconfig UNIX Obtains and configures networking interface parameters and status ping UNIX/ Windows Checks the status of node/host nslookup UNIX/Windows NT Looks up DNS for name-IP address translation dig UNIX Queries DNS server Host UNIX Displays information on Internet hosts/domains
Chapter 12 Network Management Tools and Systems Network Traffic Monitoring Tools.Table 12.6 lists seven traffic monitoring tools.One of the tools is ping, which we have just described as a status monitoring tool,As we stated earlier,by executing repeatedly a large number of ping commands (ICMP echo_request messages)and measuring how many were successfully received,we can calculate the percentage of packet loss.Recall that packet loss is a measure of throughput.The example presented in Figure 12.7 displays zero percent packet loss when five packets are transmitted and received.It also shows the round-trip packet transmission time,with minimum,average,and maximum of 40,40,and 42 milliseconds respectively
Network Traffic Monitoring Tools. Table 12.6 lists seven traffic monitoring tools. One of the tools is ping, which we have just described as a status monitoring tool, As we stated earlier, by executing repeatedly a large number of ping commands (ICMP echo_request messages) and measuring how many were successfully received, we can calculate the percentage of packet loss. Recall that packet loss is a measure of throughput. The example presented in Figure 12.7 displays zero percent packet loss when five packets are transmitted and received. It also shows the round-trip packet transmission time, with minimum, average, and maximum of 40, 40, and 42 milliseconds respectively. Chapter 12 Network Management Tools and Systems
Chapter 12 Network Management Tools and Systems Table 12.6 Traffic Monitoring Tools Name Operating System Description ping UNIX Windows Used for measuring round- trip packet loss bing UNIX Measures point-to-point bandwidth of a link etherfind UNIX Inspects Ethernet packets snoop UNIX Captures and inspects network packets tcpdump UNIX Dumps traffic on a network getethers UNIX Acquires all host addresses of an Ethernet LAN segment Iptrace UNIX Measures performance of gateways