Simple Nework Managemen Based on PHP and SNMP Krasimir Trichkov, Elisavea Trichkova bsrac: This paper aims o presen simple mehod for nework managemen based on SNMP - managemen of Cisco rouer. The paper examines communicaion and managemen of nework hardware wih php and SNMP. Key words: Nework managemen; Rouer; PHP; SNMP. INTRODUCTION Nowadays fas developing informaion echnologies make neworks more and more complex. Nework managemen is a criical soluion o enhance he adminisraive produciviy. Nework managemen means differen hings o differen people. In general, nework managemen is a service ha employs a variey of ools, applicaions, and devices o assis human nework managers in monioring and mainaining neworks. In his paper, some fundamenal knowledge for nework managemen and he fundamenal conceps of SNMP are reviewed. model for nework managemen is presened. This model describes he goal of nework managemen and is applicable for mos modern nework managemen proocols including SNMP. The hear of he nework managemen sysem is a se of applicaions ha mee he needs for nework managemen. a minimum, a sysem will include basic applicaions for performance monioring, configuraion conrol, and accouning. Sophisicaed sysems will include more elaborae applicaions in hose caegories, plus faciliies for faul isolaion and correcion, and for managing he securiy feaures of he nework. NETWORK MNGEMENT MODEL Figure 1 shows a model for nework managemen. In his model, he nework consiss of several devices ha have a managemen agen running in hem. The managemen agen has knowledge of he device parameers i runs on. Some of he device parameers are specific o he device ha is managed. For insance, rouer devices will have parameers ha describe he rouing able. ll devices can be expeced o have some common parameers such as he name of device, how long he device has been acive (up ime), and so on. Figure 1 shows ha he agens can be managed by a special device called he Nework Managemen Saion (NMS). The Nework Managemen Saion can issue specific requess o a device for informaion abou is nework parameers. The agen for he device will receive hese requess, and send back he requesed informaion. The Nework Managemen Saion, upon receiving he reply, knows he value of he requesed parameers. I can use his informaion o deduce informaion on he sae of he device and wheher he device requires aenion. I migh also be imporan o preven an unauhorized Nework Managemen Saion from obaining informaion on he devices on he nework. This requires ha some auhenicaion scheme be implemened ha will preven unauhorized access. [1] - 39 -
Bridge SNMP Nework Managemen Sysem (NMS) Managemen eniy Managed devices Nework Fig. 1. Model for nework managemen BSIC GOL OF NETWORK MNGEMENT Figure 2 shows he goal of nework managemen. The nework is shown as a "cloud" ha has boh inpu and oupu. The nework inpu is he shared daa and he aciviy generaed by users of he nework. The nework oupu is he increased efficiency ha resuls from informaion sharing. The nework is subjec o disurbances in he form of compuers, devices and nework links becoming in operaional. The goal of nework managemen is o monior he saus of he nework, and use conrol mechanisms o achieve he desired oupu (increased efficiency) despie he nework disurbances. The mechanisms used for monioring and conrolling he nework should be such as o have a minimal impac on he nework. In oher words, he proocols used o collec informaion should no impac he performance of he nework and he devices ha are managed. If he nework managemen mechanism uses up mos of he nework bandwidh, very lile will be available for he nework users. In his case he nework raffic will be disruped or he nework will slow down because user nework raffic mus compee wih nework managemen raffic for bandwidh. The nework agens running on he devices should no consume a grea deal of processing power on heir devices; oherwise, he device may no be able o perform is normal funcions in he desired ime. [1] Nework Monioring Conrol (NMC) Inpu Nework Oupu Disurbance Fig. 2. The goal of nework managemen MNGEMENT INFORMTION BSE (MIB) The parameers in he managed node are called managemen objecs. The se of hese managemen objecs is called he Managemen Informaion Base (MIB). MIB is a ype of daabase used o manage he devices in a communicaions nework. I is a hierarchical daabase ha defines he informaion ha an SNMP managemen sysem can reques from an agen using SNMP. The managed devices in a communicaions nework are called objecs and hey are a logical represenaion of physical neworking componens ha are SNMP-enabled (e.g. compuers, hubs, swiches and neworking sofware). MIB collecs all possible objecs in a nework and conains informaion abou he configuraion of hese neworking componens (e.g. he version of he sofware running on he componen, he IP address and por number, he amoun of available disk space for sorage). - 40 -
MIB role is a ype of direcory, which conains he logical names of he nework resources and heir configuraion parameers managed by SNMP. SNMP MNGEMENT PRDIGM The Nework Managemen Saion for SNMP is called he SNMP Manager. The SNMP Manager uses a managemen paradigm ha is called he remoe debugging paradigm (see Figure 3). In his paradigm, he SNMP Manager is similar o a programmer a a worksaion debugging programs from a remoe locaion. Such a hypoheical programmer would be ineresed in reading he values of variables in he program and changing he values of cerain criical variables. Likewise, he SNMP Manager should be able o read and updae values of MIB variables on he managed devices. The SNMP Manager should be able o perform he following acions: or read-wrie of MIB variables Trap-direced polls Simple raversal of variables in he managed node Inerne Rouing Table Rouer Trap Wrie SNMP Manager examines MIB objecs resuls polls Fig. 3. SNMP Manager Paradigm When an excepional condiion occurs a a managed device, such as failure of a link or a criical change in saus of a device, he managed device sends a rap SNMP message o he SNMP Manager. The rap message conains an indicaion of he even ha caused he generaion of he message. I is up o he SNMP Manager o respond o he rap message. The SNMP Manager can simply log he message in a rap log file, or ake more acion ha is exensive. The SNMP Manager can, for insance, reques addiional informaion from he device ha generaed he rap message. The addiional informaion can be obained hrough read requess for specific MIB variables. If he SNMP Manager is programmed for conrol of he device, i can issue a wrie reques o modify he value of a MIB variable. ll conrol acions wihin SNMP occur as a "side effec" of modifying a MIB variable. For example, if a device is o be powered-off remoely from an SNMP Manager, he SNMP Manager could send a wrie reques o modify a MIB variable called he ifpoweron variable. The managed device can be programmed so ha he ifpoweron variable causes he following side effec: he value of he variable is normally 1; if he value is 0, he device will be powered off. The managed device, upon sensing a value of 0 in is ifpoweron variable, can iniiae a device shudown. Because he MIB variables are ordered according o heir objec idenifiers, he SNMP manager can raverse all he variables in he device using an SNMP command called GeNex. This is called a simple raversal of he MIB. Because SNMP uses side effecs o iniiae conrol acions, he SNMP commands consis of only he following: Ge ( a MIB variable) Se (Wrie a MIB variable) GeNex (Reurn he nex MIB variable) - 41 -
Trap (Sen o SNMP manager o repor excepional condiions) Noe ha he erms rap and even are synonymous because he occurrence of an SNMP even generaes an SNMP rap message. [2] SMPLE OF MNGEMENT OF CISCO ROUTER Figure 4 shows absrac model of Web Service. I demonsraes he implemenaion of nework services, which can be invoked boh from a workflow orchesraion engine and hrough graphical user inerface. The role of he mediaion device is relaed wih he auomaic inerfacing and invocaion of nework informaion services, bu he riggering of hese services is performed from an objec, belonging o workflow execuion archiecure. [3] The mediaion archiecure is conneced ino hree iers funcional scheme of workflow execuion, including auomaic service invocaion for he neworked elemens: workflow engine and/or graphical user inerface; mediaion device o perform he auomaic funcionaliy for service invocaion and resuls communicaion o and from he nework echnical elemens; he nework echnical elemens, which are managed by he workflow engine. The web service is developed for he case of managemen of roues services. The lass are defined as user available Web services, which can be auomaically called by workflow engine. The sequence of operaion and he invocaion of he nework services wih mediaion devices are explained as follows. Clien, as par of he workflow sequence, invokes a nework service. The nework services are formalized wih WSDL (Web Service Descripion Language) descripion, relaed for he implemenaion of a se of Rouer Web Services. Clien of he workflow applicaions sends and SOP Reques messages o he nework Rouer Web Services. The Mediaion device is responsible for he ransmission of he parameers of he Requess o he nework Rouer Web Services. HTTP clien Reques/Response SOP Proocol GUI Workflow Engine WSDL pache Web server PHP SOP Server WSDL pache Tomca Web Service Proxy cive BPEL Engine Web Service Cisco rouer cive BPEL designer Reques o se informaion Reques o ge informaion Fig. 4. Common clien/server archiecure Verifying by Sysem dminisraor snmpse snmpge Cisco rouer-mib Currenly he Mediaion device is implemened o suppor he following working algorihm: Wih respec o he inernal rouer funcionaliies, he mediaion device can direcly perform uning of he rouer parameers. These operaions are implemened using - 42 -
he SNMP managemen proocol and MIB (Managemen Informaion Base) of rouer. For example: o view IP roue, mediaion device using snmp and rouer s MIB sends - snmpge ("$hos","$communiy",".1.3.6.1.2.1.4.21.1.7.0.0.0.0"). The hos is local rouer address (192.168.0.1), communiy sring is public, and.1.3.6.1.2.1.4.21.1.7.0.0.0.0 is descripion in rouer MIB of his operaion (IP roue). To sop IP address, mediaion device sends: snmpse("$hos", "$communiy",".1.3.6.1.2.1.2.2.1.7.9","i","2"). The ".1.3.6.1.2.1.2.2.1.7.9" describes ha his operaion will sop IP wih number 9 (he las digi), "i" presens ineger, and "1" - he saus (1-up, 2-down). For he case when he inernal rouer funcionaliies don allow auomaic and/or SNMP managemen (for example for securiy or MIB reasons), man-machine inerface has o be applied. In his case he mediaion device sends an E-mail o he sysem adminisraor for he invocaion of a se of commands rough a Command Line Inerface, suppored by he nework device. For example: o make NT (Nework ddress Translaion) or open por in firewall. fer he implemenaion of he nework operaions, he resuls, generaed by he nework devices are sen o he Mediaion devices. The las hen defines a respond message o he clien. Following he workflow archiecure of he workflow engine, a Send SOP Response messages is direced o he clien. In he end he Clien receives, he SOP Response messages and following he modelled workflow choreography can perform new nework service and o resubmi new message owards he nework rouer Web Services. CONCLUSIONS ND FUTURE WORK Nework managemen is a criical soluion o enhance he adminisraive produciviy. Nework managemen is o mainain and opimize he operaion of neworks ha includes mainly monioring and modifying he funcions of neworks. In his paper, some fundamenal knowledge for nework managemen and he fundamenal conceps of SNMP are reviewed. model for nework managemen is presened. This model describes he goal of nework managemen and is applicable for mos modern nework managemen proocols including SNMP. REFERENCES [1] hp://www.microsof.com/echne/archive/winnas/mainain/neworkm.mspx?mfr= [2]hp://www.cisco.com/en/US/ech/k869/k769/echnologies_whie_paper09186a00 800aea9c.shml [3] Elisavea Trichkova, Krasimir Trichkov, Elena Ivanova, Web Service Inegraed Sysem and Basic Securiy Conceps. Inernaional Conference uomaics and Informaics' 07, Ocober 3-6, 2007, Sofia, Bulgaria, VI-43 - VI-46. Conacs: ssis. Prof. Krasimir Trichkov, Deparmen Hierarchical Sysems, Insiue of Compuer and Communicaion Sysems BS, phone: (359 2) 979 2774, e-mail: krasi@hsi.iccs.bas.bg ssis. Prof. Elisavea Trichkova, Deparmen Hierarchical Sysems, Insiue of Compuer and Communicaion Sysems BS, phone: (359 2) 979 2774, e-mail: elisavea@hsi.iccs.bas.bg This paper is suppored by he projec: Creaive Developmen Suppor of Docoral Sudens, Pos-Docoral and Young Researches in he Field of Compuer Science, BG 051PO001-3.3.04/13, European social fund 2007 2013г. Operaional programme human resources developmen The paper has been reviewd. - 43 -