introdunction to network management protocols - snmp & tr-069
TRANSCRIPT
Index
1 SUMMARY ................................................................................................................................1
1.1 GENERAL DESCRIPTION ........................................................................................................1
2 WHAT IS NETWORK MANAGEMENT ...............................................................................2
2.1 CONFIGURATION MANAGEMENT ...........................................................................................2
2.2 PERFORMANCE MANAGEMENT .............................................................................................2
2.3 ACCOUNTING MANAGEMENT................................................................................................2
2.4 FAULT MANAGEMENT ...........................................................................................................3
2.5 SECURITY MANAGEMENT .....................................................................................................3
2.6 THE ARCHITECTURE OF NETWORK MANAGEMENT ...............................................................3
3 SIMPLE NETWORK MANAGEMENT PROTOCOL.........................................................6
4 CPE WAN MANAGEMENT PROTOCOL (TR-069) ............................................................7
4.1 AUTO-CONFIGURATION AND DYNAMIC SERVICE PROVISIONING...........................................7
4.2 SOFTWARE/FIRMWARE IMAGE MANAGEMENT ......................................................................7
4.3 STATUS AND PERFORMANCE MONITORING ............................................................................7
4.4 DIAGNOSTICS ........................................................................................................................7
4.5 PROTOCOL COMPONENTS ......................................................................................................8
5 TERMINOLOGY .................................................................................................................... 11
5.1 B-NT : BROADBAND NETWORK TERMINATION ................................................................... 11
5.2 CPE : CUSTOMER PREMISE EQUIPMENT.............................................................................. 11
5.3 ACS : AUTO-CONFIGURATION SERVER ............................................................................... 11
5.4 DSLAM : DIGITAL SUBSCRIBER LINE ACCESS MULTIPLEXER ............................................ 11
5.5 BRAS : BROADBAND REMOTE ACCESS SERVER ................................................................. 11
5.6 PARAMETER ........................................................................................................................ 11
5.7 IETF : INTERNET ENGINEERING TASK FORCE ..................................................................... 11
5.8 RPC : REMOTE PROCEDURE CALL ...................................................................................... 11
5.9 SOAP : SIMPLE OBJECT ACCESS PROTOCOL ....................................................................... 11
5.10 BER : BASIC ENCODING RULE ............................................................................................12
6 REFERENCE...........................................................................................................................13
APPENDIX A. COMPARISON BETWEEN SNMP&CWMP....................................................14
APPENDIX B. EXPLANATION OF SOAP MESSAGE..............................................................15
APPENDIX C. INFORM MESSAGE ETHEREAL PCAP .........................................................17
1
1 Summary
1.1 General Description
Network management function is one of the most important functions, because it let the manager could
monitor the remote device in the distance. Simple Network Management Protocol [9], SNMP, is one of popular
network management methods. SNMP is referred to as "simple" because the agent requires minimal software.
After the SNMP, the new generation network management protocol, CPE WAN Management Protocol, was
developed. Many telecom and service providers are making TR-069 support a requirement for all new CPE
purchases and proposals, so we will introduce this new management protocol.
2
2 What is Network Management
In general, network management is a service that employs a variety of tools, applications, and devices to assist
human network managers in monitoring and maintaining networks. The network management has five main
functions:
2.1 Configuration Management
To monitor network and system configuration information so that the effects on network operation of various
versions of hardware and software elements can be tracked and managed.
Each network device has a variety of version information associated with it.
Configuration management subsystems store this information in a database for easy access. When a problem
occurs, this database can be searched for clues that may help solve the problem.
2.2 Performance Management
To measure and make available various aspects of network performance so that internet work performance
can be maintained at an acceptable level. Examples of performance variables that might be provided include
network throughput, user response times, and line utilization.
Performance management involves three main steps. First, performance data is gathered on variables of
interest to network administrators. Second, the data is analyzed to determine normal (baseline)
levels. Finally, appropriate performance thresholds are determined for each important variable so
that exceeding these thresholds indicates a network problem worthy of attention.
Management entities continually monitor performance variables. When a performance threshold is exceeded,
an alert is generated and sent to the network management system.
Each of the steps just described is part of the process to set up a reactive system. When performance becomes
unacceptable because of an exceeded user-defined threshold, the system reacts by sending a message.
Performance management also permits proactive methods: For example, network simulation can be used to
project how network growth will affect performance metrics. Such simulation can alert administrators to
impending problems so that counteractive measures can be taken.
2.3 Accounting Management
To measure network utilization parameters so that individual or group uses on the network can be regulated
appropriately. Such regulation minimizes network problems (because network resources can be apportioned
based on resource capacities) and maximizes the fairness of network access across all users.
As with performance management, the first step toward appropriate accounting management is to measure
utilization of all important network resources. Analysis of the results provides insight into current
usage patterns, and usage quotas can be set at this point. Some correction, of course, will be required to
reach optimal access practices. From this point, ongoing measurement of resource use can yield billing
information as well as information used to assess continued fair and optimal resource utilization.
3
2.4 Fault Management
To detect, log, notify users of, and (to the extent possible) automatically fix network problems to keep the
network running effectively. Because faults can cause downtime or unacceptable network degradation, fault
management is perhaps the most widely implemented of the ISO network management elements.
Fault management involves first determining symptoms and isolating the problem. Then the problem is fixed
and the solution is tested on all-important subsystems. Finally, the detection and resolution of the problem is
recorded.
2.5 Security Management
To control access to network resources according to local guidelines so that the network cannot be sabotaged
(intentionally or unintentionally) and sensitive information cannot be accessed by those without appropriate
authorization. A security management subsystem, for example, can monitor users logging on to a network
resource and can refuse access to those who enter inappropriate access codes.
Security management subsystems work by partitioning network resources into authorized and unauthorized
areas. For some users, access to any network resource is inappropriate, mostly because such users are usually
company outsiders. For other (internal) network users, access to information originating from a particular
department is inappropriate. Access to Human Resource files, for example, is inappropriate for most users
outside the Human Resources department.
Security management subsystems perform several functions. They identify sensitive network resources
(including systems, files, and other entities) and determine mappings between sensitive network resources
and user sets. They also monitor access points to sensitive network resources and log inappropriate access to
sensitive network resources.
2.6 The Architecture of Network Management
Figure 1 is the architecture of the network management. The network management system manages device
by sending commands to or receiving reports from the agent (a program) in the devices.
The agent is responsible for executing the NMS’s commands and reporting the status of the device it locates in.
4
Figure 1
Figure 2 is an GUI network management system
Figure 2
Managing
Server
Managed
Devices
5
Table 1 is the summary of the functions of the network management :
Goal
Performance
Management
Measure and make available various aspects of network performance so that
internetwork performance can be maintained at an acceptable level
Configuration
Management
Monitor network and system configuration information so that the effects on
network operation of various versions of hardware and software elements can
be tracked and managed.
Accounting
Management
Measure network utilization parameters so that individual or group uses on the
network can be regulated appropriately.
Fault
Management
Detect, log, notify users of, and automatically fix network problems to keep the
network running effectively.
Security
Management
Control access to network resources according to local guidelines so that the
network cannot be sabotaged and so that sensitive information cannot be
accessed by those without appropriate authorization.
Table 1
6
3 Simple Network Management Protocol
SNMP is a protocol that allows for remote and local management of items on the network including servers,
workstations, routers, switches and other managed devices.
Unlike traditional network management methods having complicated commands, SNMP has only few simple
commands for get/set configuration and status.
Figure 3 shows the SNMP management architecture :
Figure 3
Request
Response
Trap
Agent Process
TCP/IP MIB-II
TCP/IP
SNMP Manager
NMS Agent Command
Server Device
7
4 CPE WAN Management Protocol (TR-069)
The CPE WAN Management Protocol defines a mechanism that encompasses secure auto-configuration of a
CPE, and also incorporates other CPE management functions into a common framework. This protocol is
specified by DSL forum to be Technical Report - 069, TR-069 [8].
It provides the following main capabilities :
4.1 Auto-Configuration and Dynamic Service Provisioning
The protocol allows an ACS to provision a CPE or collection of CPE based on a variety of criteria. The
provisioning mechanism includes specific provisioning parameters and a general mechanism for adding
vendor-specific provisioning capabilities as needed.
4.2 Software/Firmware Image Management
The CPE WAN Management Protocol provides tools to manage downloading of CPE software/firmware
image files. The protocol provides mechanisms for version identification, file download initiation (ACS
initiated downloads and optional CPE initiated downloads), and notification of the ACS of the success or
failure of a file download.
4.3 Status and Performance Monitoring
The protocol provides support for a CPE to make available information that the ACS may use to monitor
the CPE’s status and performance statistics. The protocol defines a common set of such parameters, and
provides a standard syntax for vendors to define additional non-standard
4.4 Diagnostics
The protocol provides support for a CPE to make available information that the ACS may use to diagnose
connectivity or service issues. The protocol defines a common set of such parameters and a general
mechanism for adding vendor-specific diagnostic capabilities.
8
Figure 4 shows the CPE WAN Management Protocol configuration architecture :
Figure 4
4.5 Protocol Components
The CPE WAN Management Protocol comprises several components that are unique to this
protocol and makes use of several standard protocols. Figure 5 shows the protocol stack defined by CPE WAN
Management Protocol.
Figure 5
CPE/ACS Management Application
RPC Methods
SOAP
HTTP
SSL/TLS
TCP/IP
(may haveDHCP) Internet, ISP network,
Frame Relay…
(TR-069)
TR-104
LAN
WAN
9
Figure 6 shows the descriptions for the above, each protocol in the protocol stack :
Figur
e 6
Protocol
Layer Description
CPE/ACS
Application
The application uses the CPE WAN Management Protocol on the CPE and ACS, respectively. The
application is locally defined and not specified as part of the CPE WAN Management Protocol
RPC
Methods
The specific RPC methods that are defined by the CPE WAN Management Protocol (TR-69)
SOAP A standard XML-based syntax used here to encode remote procedure calls. Specifically
SOAP 1.1 [5]
HTTP HTTP 1.1 [3]
SSL/TLS The standard Internet transport layer security protocols. Specifically, either SSL 3.0 [6] (Secure Socket
Layer), or TLS 1.0 [7] (Transport Layer Security). Use of SSL/TLS is RECOMMENDED but is not required
TCP/IP Standard TCP/IP
10
Figure 7 shows the managing message of the CPE WAN Management Protocol .
Figure 7
POST /dps/TR069 HTTP/1.1
Host: demo.dimark.com:8888
User-Agent: TR69_CPE-1.0
Connection: keep-alive
SOAPAction:
Cookie: JSESSIONID=9418E79390E6E98A036FE1A3A4F1EEEF
Content-Type: text/xml
Content-Length: 1361
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cwmp="urn:dslforum-org:cwmp-1-0"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope">
<SOAP-ENV:Header>
<cwmp:ID SOAP-ENV:mustUnderstand="1">263236</cwmp:ID>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<cwmp:GetParameterNamesResponse>
<ParameterList SOAP-ENC:arrayType="cwmp:ParameterInfoStruct[4]">
<ParameterInfoStruct>
<Name>InternetGatewayDevice.LANDeviceNumberOfEntries</Name>
<Writable>0</Writable>
</ParameterInfoStruct>
<ParameterInfoStruct>
<Name>InternetGatewayDevice.WANDeviceNumberOfEntries</Name>
<Writable>0</Writable>
</ParameterInfoStruct>
<ParameterInfoStruct>
<Name>InternetGatewayDevice.LANDevice.</Name>
<Writable>0</Writable>
</ParameterInfoStruct>
<ParameterInfoStruct>
<Name>InternetGatewayDevice.WANDevice.</Name>
<Writable>0</Writable>
</ParameterInfoStruct>
</ParameterList>
</cwmp:GetParameterNamesResponse>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
HTTP message
11
5 Terminology
In this section, it lists all abbreviations used in this document.
5.1 B-NT : Broadband Network Termination
5.2 CPE : Customer Premise Equipment
A DSL B-NT is one of form of broadband CPE. This could be ADSL modem.
5.3 ACS : Auto-Configuration Server
This is a device in the broadband network responsible for auto-configuration of the CPE for advanced
services.
5.4 DSLAM : Digital Subscriber Line Access Multiplexer
The DSLAM at the access provider is the equipment that really allows DSL to happen. A DSLAM takes
connections from many customers and aggregates them onto a single, high-capacity connection to the
Internet. It may provide additional functions including routing or dynamic IP address assignment
for the customers.
5.5 BRAS : Broadband Remote Access Server
This is the connection point to the network(Internet, WAN) and application service providers(ISP,
Corporate Network…etc)
5.6 Parameter
A name-value pair representing a manageable CPE parameter made accessible to an ACS for reading
and/or writing.
5.7 IETF : Internet Engineering Task Force
The Internet Engineering Task Force (IETF) is a large open international community of network designers,
operators, vendors, and researchers concerned with the evolution of the Internet architecture and the
smooth operation of the Internet. It is open to any interested individual.
5.8 RPC : Remote Procedure Call
An RPC is analogous to a function call. Like a function call, when an RPC is made, the calling
arguments(parameters) are passed to the remote procedure and the caller waits for a response to be
returned from the remote procedure.
5.9 SOAP : Simple Object Access Protocol
SOAP provides a simple and lightweight mechanism for exchanging structured and typed information
between peers in a decentralized, distributed environment using XML.
12
5.10 BER : Basic Encoding Rule
This is ASN.1 encoding rules for producing self-identifying and self-delimiting transfer syntax for data
structures described in ASN.1 notations.
BER is a self-identifying and self-delimiting encoding scheme, which means that each data element can
be identified, extracted and decoded individually.
Each data element is encoded as a type identifier, a length description, the actual data elements, and
where necessary, an end-of-content marker. These types of encodings are commonly called
type-length-value or TLV encodings.
13
6 Reference
1. IETF, http://www.ietf.org/
2. DSL Forum, http://www.dslforum.org
3. RFC 2616, Hypertext Transfer Protocol—HTTP/1.1, http://www.ietf.org/rfc/rfc2616.txt
4. RFC 2617, HTTP Authentication: Basic and Digest Access Authentication,
http://www.ietf.org/rfc/rfc2617.txt
5. Simple Object Access Protocol (SOAP) 1.1, http://www.w3.org/TR/2000/NOTE-SOAP-20000508
6. The SSL Protocol, Version 3.0, http://www.netscape.com/eng/ssl3/draft302.txt
7. RFC 2246, The TLS Protocol, Version 1.0, http://www.ietf.org/rfc/rfc2246.txt
8. Technical Report 069(TR-069) : CPE WAN Management Protocol, Jeff Bernstein, Tim Spets, May
2004.
9. Simple Network Management Protocol (SNMP), http://www.faqs.org/rfcs/rfc1067.html
10. Abstract Syntax Notation (ASN.1), http://asn1.elibel.tm.fr/en/
14
Appendix A. Comparison between SNMP&CWMP
This section provides the different between SNMP and CWMP :
SNMP CWMP
Support Organization
IETF (The Internet Engineering Task Force) [1]
DSL Forum [2]
Protocol Layer
Application Layer
Transport Protocol
UDP TCP
Well-Known Port
UDP Port 161 - SNMP Messages UDP Port 162 - SNMP Trap
Messages NON ( HTTPS : 443 )
Encoding ASN.1 [10] / BER (Basic Encoding
Rule) XML / SOAP
Security
SNMP V2 --- Community Name SNNP V3 --- SNMP V2 and Security
for Messages, Access Control
HTTP Authentication (Basic/Digest) [4] SSL/TLS
Managed Objects
MIB (Management Information Base) Parameters
Number of protocol defined
managed objects
Few Many
Identifying managed
object object ID (OID) parameter’s name
How to know managed
objects pre-defined Dynamic
Active Contacting
Network Management System (the system knows the addresses of
managed CPEs)
CPE (CPE knows the address of the management system)
Contacting Persistency
Could be hold until the CPE shutdown / reboot / exception
Having no other request in both end, terminating the connection.
Table 2
15
Appendix B. Explanation of SOAP message
Figure 8
POST /dps/TR069 HTTP/1.1
Host: demo.dimark.com:8888
User-Agent: TR69_CPE-1.0
Connection: keep-alive
SOAPAction:
Cookie: JSESSIONID=9418E79390E6E98A036FE1A3A4F1EEEF
Content-Type: text/xml
Content-Length: 1361
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cwmp="urn:dslforum-org:cwmp-1-0"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope">
<SOAP-ENV:Header>
<cwmp:ID SOAP-ENV:mustUnderstand="1">263236</cwmp:ID>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<cwmp:GetParameterNamesResponse>
<ParameterList SOAP-ENC:arrayType="cwmp:ParameterInfoStruct[4]">
<ParameterInfoStruct>
<Name>InternetGatewayDevice.LANDeviceNumberOfEntries</Name>
<Writable>0</Writable>
</ParameterInfoStruct>
<ParameterInfoStruct>
<Name>InternetGatewayDevice.WANDeviceNumberOfEntries</Name>
<Writable>0</Writable>
</ParameterInfoStruct>
<ParameterInfoStruct>
<Name>InternetGatewayDevice.LANDevice.</Name>
<Writable>0</Writable>
</ParameterInfoStruct>
<ParameterInfoStruct>
<Name>InternetGatewayDevice.WANDevice.</Name>
<Writable>0</Writable>
</ParameterInfoStruct>
</ParameterList>
</cwmp:GetParameterNamesResponse>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
HTTP
headers
SOAP
RPC
elements of the
arrary of structure
type
RPC’s
parameter
name
The arrary
of structure
type
16
The C language form of the above SOAP RPC message is as the following (the meanings of the colors of the
font are the same as the ones of the above SOAP message):
/* Extern function prototype declaration */
extern GetParameterNamesResponse ( ParameterInfoStruct ParameterList[] );
/* Declare the structure data type */
struct ParameterInfoStruct
{ char Name[256+1]; /* Maximum length of the string */
bool Writable;
};
struct ParameterInfoStruct ParameterList[4]; /* Declaring the variable of structure data type */
/* Filling the value of the fields */
strcpy( ParameterList[0].Name, “InternetGatewayDevice.LANDeviceNumberOfEntries” ); ParameterList[0].Writable = 0; strcpy( ParameterList[1].Name, “InternetGatewayDevice.WANDeviceNumberOfEntries” ); ParameterList[1].Writable = 0; strcpy( ParameterList[2].Name, “InternetGatewayDevice.LANDevice.” ); ParameterList[2].Writable = 0; strcpy( ParameterList[3].Name, “InternetGatewayDevice.WANDevice.” ); ParameterList[3].Writable = 0;
/* Calling the RPC */
GetParameterNamesResponse ( ParameterList );
17
Appendix C. Inform message Ethereal PCAP
Captured on 2005-12-26
18
19
20