Network Management Protocols and Tools Study

Seminar Paper 2000 43 Pages

Computer Science - Technical Computer Science


Table of contents

1.2.1 SNMP (Simple Network Management Protocol) SNMP at a glance. History of the network management protocol About the protocol SNMP Architecture
1.2.2 CMIP (Common Management Information Protocol) CMIP at a glance CMIP architecture
1.3.1 Management Information System MIB Structure SNMP MIB CMIP MIB Object Naming Syntax Structure of Management Information Feature Comparison
1.3.2 Management Access Model
1.3.3 Scalability
1.3.4 Performance
1.3.5 Reliability
1.3.6 Security
1.4.1 CORBA (Common Object Request Broker Architecture)
1.4.2 DCOM (Distributed Component Object Model)

2.1.1 Network Management Tools Diagnostic Tools Monitoring Tools Management Tools
2.1.2 Network Management Solutions Novell ManageWise Hewlett Packard OpenView IBM (Tivoli) NetView
2.3.1 Sniffer.
2.3.2 Ping
2.3.3 Traceroute
2.3.4 Multi Router Traffic Grapher (MRTG)
2.3.5 Fluke LANMeter


1 Network Management Protocols

1.1 Executive Summary

The report covers the evaluation of the network management protocols SNMP (Simple Network Management Protocol) and CMIP (Common Management Information Protocol). The history of the network management protocol is explained in the beginning to set the base for an understanding of the need for efficient network management protocols, which carry management information in their payload. The description and thorough comparison of the two protocols reveal several highlights: SNMP and CMIP are designed with different backgrounds and purposes. SNMP is appreciated due to its simplicity and ease of implementation and criticized for its lack of security issues and overall performance. CMIP was designed to overcome the shortcomings of SNMP and to outweigh it in every field. This aim has been achieved but what renders the protocol useless is the fact that it requires too much network resources. SNMP remains the network management protocol of choice.

After the presentation of the two protocols the attention is drawn to the impact of middleware on the management processes. Middleware can be considered as a layer of software that supports multiple communication protocols, multiple programming languages, and runs on various computer platforms. It helps to integrate otherwise incompatible system components by providing standardized mechanisms that distributed components can use to communicate over a network. With middleware the best of both worlds (SNMP versus CMIP) can be achieved. The most important middleware technologies are the Distributed Component Object Model (DCOM) and the Common Object Request Broker Architecture (CORBA). Although middleware eats up network resources significantly, it adds value to the corporative network due to its high performance and standardized interfaces that enable managers to employ network devices with the focus on the gained benefit rather than on their potential integration in the current network environment. One can see that network management, supported by middleware, moves towards the coverage of all layers in the OSI reference model.

1.2 Purpose and Scope of SMNP and CMIP

This part of the report will describe the two main major network management protocols in detail. Each protocol will be analysed separately focussing on their overall concept and architecture.

1.2.1 SNMP (Simple Network Management Protocol) SNMP at a glance History of the network management protocol

With the declaration in 1983 of the Ministry Of Defence that TCP/IP should be the new standard Internet protocol, the ARPANET died and was replaced through the Internet. The Internet grew rapidly without having any management control standard. Therefore developers tried to build up a network management model. The earliest one was das High-Level Entity Management System (HEMS), however it did not find its use on the Internet. (Klein[1], 1999; Selegran, 1999)

In 1987 the Open Systems Interconnection group (OSI) presented a new model that was called CMIP (Common Management Information Protocol). It could only be used for OSI-based networks; therefore it was replaced by CMOT (CMIP over TCP), which has been declared as the new network management protocol standard. However, CMOT was not widely used.

In 1987 a group of network developers introduced a new protocol, SGMP (Simple Gateway Management Protocol). Its architecture was simple and it could be integrated seamlessly into an existing network. It found acceptance relatively fast. (Klein[1], 1999; Selegran, 1999)

In 1988 the ten Internet Activity Boards (IAB) met and discussed which of the three protocols should be used for the Internet. As a result, CMOT was considered to be the optimal solution for a network management protocol, whereas SGMP was the suggested short-term solution due to its wide acceptance. HEMS was dropped. Therefore it was necessary to develop an

Internet Management Framework as an interim solution for systems to move from SMGP to CMOT protocols. This framework was called SNMP (Simple Network Management Protocol). (Klein[1], 1999; Pras, 1995; Selegran, 1999)

In April 1989 the IAB recommended SNMP to be the new standard for the TCP Internet Management Framework . At that time problems and disagreements occurred based on many details of this Internet Management Framework between CMOT- and SNMP- associations. Therefore it was decided by the IAB to give up the idea of a joint framework management and to start the further development of both frameworks instead. (Klein, 1999[1])

In 1990 the SNMP convinced IAB to recommend their protocol as the standard protocol worldwide. (Klein, 1999[1]; Selegran, 1999) About the protocol

SNMP (Simple Network Management Protocol) is the first network management protocol standard. As already stated, it comes from a de facto based background of TCP/IP communication and is an application-layer protocol. The protocol facilitates the exchange of management information between network devices. One or multiple management stations configure, monitor and receive messages from the nodes within the network. (Fear, 1996; Ford, 1996)

SNMP is formally specified in various Request For Comment (RFC) documents; it is relatively straightforward and easy to understand. This is one of the major reasons why it became such a popular network management protocol. It became a standard since vendors developed SNMP-based management applications. As already mentioned earlier it was considered to be a “quickly designed ‘band-aid’ solution to internetwork management difficulties while other, larger and better protocols were being designed.” (Fear, 1996)

But due to the fact that no better solution was released, SNMP became the network management protocol of choice. (Fear, 1996; Ford, 1996; Pras 1995) SNMP Architecture

SNMPv1 (Version 1) works after the following principles:

illustration not visible in this excerpt

One can distinguish between two different types of management units, the SNMP managers and the agents. A network management station (NMS) is a workstation, where multiple network management applications are running. Medium to large network management systems are usually built on a third-party software platform (network management suite) like for instance HP OpenView or IBM NetView (Tivoli). The NMS is used to collect information from the managed nodes via agents and present it in a comfortable way to its user. An agent has the task to monitor one or various network nodes and to gather data (management information) about what they are doing and what their status is. This management information is then sent to the NMS. There are two techniques that are used for the communication between the managed devices and the NMS: polling and event-reporting. Polling is a request-response interaction between a manager and an agent. The manager requests information from the agent, and the agent responds to the manager with the requested information. Event reporting is an action that an agent initiates. It sends information to the manager, who waits then for the incoming data. Most of the work within the SNMP management is done by the management applications that are running on the NMS. Since NMS has the resources to cope with this type of management, whereas the resources of a node are often limited in terms of CPU performance or limited memory and should be saved for their real tasks. In other words, the performance impact on the managed devices and agents should be minimized. There are various types of nodes. Some manage and are manageable ( bilevel entities ), some understand different versions of SNMP protocols ( bilingual entities ), some are not manageable and others act as proxy-agents for further nodes. For example proxy-agents act as a gateway for nodes that do not support network management protocols at all or are only compatible with

different types of network management protocols. In the last case the proxy acts as a translator between multiple protocols. (Ford, 1996; Klein, 1999[2]) Basically, SNMP messages exchanged over the network contain two parts, a message header and a Protocol Data Units (PDU). While the message header comprises a version number and the community name (the common area of the management system and the managed node), the PDU contains the specified SNMP operations. These include variables that have both titles and values. In total there are five different types of PDU, which SNMP uses to monitor network events: Two are reading terminal data, two are setting terminal data and one is used for monitoring network events, such as terminal start-ups or shut-downs. SNMPv1 is based on a simple request-response principle. It provides four operations to serve as the commends mentioned above: The reading (get) commands enable the network manager to monitor the managed devices and the writing (set) commands are used by the NMS to control the variables stored in the managed devices. Traversal operations (get-next) determine which variables of a managed device support and can sequentially gather information in variable tables (like for example router tables). Finally, the ‘trap’-command reports certain events asynchronously to the NMS. It is not a response to a former request. (Fear, 1999; Ford, 1996)

SNMP operates over the connectionless UDP for two reasons: First of all it is an unreliable transport provider, in which data can get lost. But in case of repeated provider failures, it is still possible to exchange at least a fraction of the whole management information. A connection-orientated provider delivers either all the data or nothing at all. Connectionless providers act similar to the best-effort approach, where in case of failures some of the data may reach its destination and thereby management will be still possible in a limited way. SNMP does not perform retransmissions by itself. It is up to the manager to detect data loss and to initiate retransmission. (Pras, 1995)

The second implication for UDP is that managers have to perform checks to detect whether agents are still operational. Unlike connection-oriented providers, who have life-time control functions to check whether an agent is operational or not, the manager has the responsibility to take care of this issue. (Pras, 1995)

It is important to stress that SNMP only defines how the management information is exchanged over the network and not which information exists at all. This is defined in the MIBs (Management Information Base) of the managed nodes. A MIB is a collection of data-object descriptions that contains the definitions of the elements the network manager wants to be informed about. Each resource that is to be managed is represented as an object (SNMP is an object-based but not an object-oriented protocol). One can imagine a MIB as a structured collection of such objects. Each system in a network like a router, bridge, server or workstation maintains a MIB that “reflects the status of the managed resources of that system.” (Ford, 1996)

However, network management bases on reading and modifying the values of these objects and thereby controlling the resources at that system. (Ford, 1996)

1.2.2 CMIP (Common Management Information Protocol) CMIP at a glance

In contrast to SNMP, CMIP was developed by the International Organization for Standardization (ISO) with totally different goals. Whereas SNMP was originally designed for the use by IP devices only, CMIP was intended to be non-protocol specific and for the use in all network environments. The IAB recommended CMIP “as the basis for a network management protocol to satisfy future requirements.” (Ford, 1996)

It comes from a de jure standard-based background associated with the Open Systems Interconnection (OSI). In network management and distributed systems protocols alone cannot provide communication. Therefore the OSI proposes an object-oriented management model that provides the required standard resource descriptions. In this environment management information is represented as managed objects and managed object classes. (Bailey, 1998) As already mentioned in the history of the management protocols (earlier in this report) the CMIP protocol was supposed to replace the SNMP protocol in the late eighties. It was designed to be better than SNMP by overcoming the

weaknesses of SNMP and thus, to become a greater and more comprehensive network manager. Within this network management environment the agents are capable to initiate more communication between the manager and the agent, to define and communicate more complex traps to the manager and to support more devices. (Fear, 1996; Ford, 1996; Ranganathan, no date)

Due to its almost unlimited development budget many governments and companies believed in its success, but since problems with the implementation occurred, its widespread availability has been delayed. Currently it is only available in a very limited form from developers themselves. Because of the large development costs CMIP is used by the governments and the corporations that funded it. Moreover it is widely used in the telecommunication domain and telecommunication devices. (Fear, 1996; Ford, 1996; Plakosh, 1997) CMIP architecture

The CMIP design is quite similar to SNMP, since PDUs are used as variables for monitoring the network too. The difference is that the protocol consists of 11 distinct PDU types (SNMP consists of 5) that contain complex and sophisticated data structures with three attributes:

- Variable attributes (for example the data type (int, string, etc.))
- Variable behaviour (for example what actions of this variable are possible to be triggered)
- Notifications (the generation of a report by the variable when a specific event occurs).

In comparison to SNMP, it employs only one of the three attributes above. That makes the architecture of CMIP very complex. (Fear, 1996; Selegran, 1999) Generally, OSI network protocols provide common network architecture for all devices on each layer of the ISO reference model. In the same manner, CMIP provides an entire network management protocol environment for the use with any network device. (Ford, 1996; Selegran, 1999)

However, the Common Management Information Services (CMIS) defines the OSI services provided by each network computer for network management. Usually these are more general rather than specific. Common Management Information Protocol (CMIP) is the protocol that implements the CMIS services by defining the information transfer mechanism: It does “not specify the functionality of the network management application, it only defines the information exchange mechanism of the managed objects and not how the information is to be used or interpreted.” (Plakosh, 1997)

CMIP uses a connection-oriented transport mechanism and above all, it has got a built in security support for issues like authorisation and access control. (Bailey, 1998; Ford, 1996; Plakosh, 1997; Selegran, 1999)

CMIP bases on a client/server model: the managing system is the client, the managed system the server. The protocol can manage a large number of agents, which are capable of processing information before they pass it back to the management system. Furthermore the object-orientation allows sharing and grouping resources in particular classes and subclasses. Inheritance and relationships between specifications of classes make it an efficient management system: The object-orientation enables designers and developers the ability “to think of resources in an abstract way, as vertices and arcs, or as queues and servers”. (Ford, 1996)

As a result, CMIP has a lot of powerful capabilities that allow an efficient network management but require more complex tools.

1.3 SNMP versus CMIP – Comparison

The SNMP and CMIP protocols differ significantly in various terms. Both protocols are contrasted in the sections below.

1.3.1 Management Information System MIB Structure SNMP MIB

The Management Information System of the SNMP protocol is structured in a hierarchical description of managed objects and variables. Leaf nodes record and store the information. A characteristic feature of an SNMP MIB is that the directory structure is static. The location of managed information is determined when the tree is being created. The MIB is split into multiple functional subtrees that represent groups of related variables, which refer to particular managed

illustration not visible in this excerpt

objects. SNMP is object-based rather than object-oriented as its counterpart CMIP. The subtrees symbolize logical containments whereas the leaves stand for instances of the managed objects. This is different in the CMIP protocol where new objects can be added incrementally and dynamically.

The leaves at the bottom of the tree comprise either single or multiple instance variables.

Multiple instance variables are structured like a table with various columns and rows. The key column indicates the table index and lead to an efficient identification and access to managed variables. Multiple key columns are inefficient. (Bailey, 1998; Cashman, no year; Selegran, 1999) CMIP MIB

In order to manage information the MIB of the CMIP protocol requires extended object-oriented database frameworks. It offers the full object-orientation benefits like encapsulation, inheritance, relationships or action and event notifications.

illustration not visible in this excerpt

The event driven collection of object descriptions increases the communication between the network devices initiated by the agents. This is already stated earlier in this report and can be considered to be a major advantage of CMIP. The MIT consists of instances and managed objects that are

organized in a hierarchical MIB tree. The difference to SNMP is that managed information is stored in both internal and leaf nodes. That means in particular that dynamic changes are allowed in the tree structure of the MIT. This leads to an increase in flexibility. Instances of the same class are located in individual nodes rather than combined in tables. (Bailey, 1998; Cashman, no year; Selegran, 1999) Object Naming

In SNMP the nodes are labeled with a global name and a local number. The number can uniquely identify objects in the tree.

OSI’s MITs provide managed nodes with a unique identification through relative ‘distinguished name’ (DN) attributes. Following the DN attributes along the path from root to managed object these objects can be accessed and their information managed. Since the MIT is dynamic and its tree structure can change over time (depending on the creation or deletion of objects), the DN depends on the specific hierarchical structure and the content of the MIT. This is different to the SNMP protocol where the paths are static identifiers, which are defined at design time. The advantages of the DN attributes are significant, because they allow performing scope and filter operations to quicken the access to managed information. (Bailey, 1998; Cashman, no year) Syntax

In SNMP the syntax is defined by ASN.1, a language used to describe the syntax of data structures. Primitive data types include integer, octet string or object identifier.

The CMIP syntax bases on the Guidelines for the Definition of Managed Objects (GDMOs). They provide the rules for defining managed objects. Substantial extensions to ASN.1 are supported by GDMO too. More than 100 definitions of data types for managed information are available (compared to less than 10 available in SNMP). (Cashman, no year; Selegran, 1999)



ISBN (eBook)
File size
668 KB
Catalog Number
Institution / College
UNITEC New Zealand – Information Systems
1,7 (A-)
Network Netzwerk CMIP SNMP Comparison CORBA MIB Tools




Title: Network Management Protocols and Tools Study