tyt13fi.htm

tcpip 协议学习电子书籍 第一次上传东西

<HTML>

<HEAD>

<TITLE>tyt13fi.htm</TITLE>

<LINK REL="ToC" HREF="index.htm" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/index.htm">

<LINK REL="Index" HREF="tppmsgs/msgs0.htm#3" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/htindex.htm">

<LINK REL="Next" HREF="tyt14fi.htm" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/tyt14fi.htm">

<LINK REL="Previous" HREF="tyt12fi.htm" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/tyt12fi.htm"></HEAD>

<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#800080"><A ID="I0" NAME="I0"></A>

<P><P ALIGN=CENTER>

<A HREF="tyt12fi.htm" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/tyt12fi.htm" TARGET="_self"><IMG SRC="blanprev.gif" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/blanprev.gif" WIDTH = 37 HEIGHT = 37 BORDER = 0 ALT="Previous Page"></A>

<A HREF="index.htm" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/index.htm" TARGET="_self"><IMG SRC="blantoc.gif" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/blantoc.gif" WIDTH = 37 HEIGHT = 37 BORDER = 0 ALT="TOC"></A>

<A HREF="tyt14fi.htm" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/tyt14fi.htm" TARGET="_self"><IMG SRC="blannext.gif" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/blannext.gif" WIDTH = 37 HEIGHT = 37 BORDER = 0 ALT="Next Page"></A>


<HR ALIGN=CENTER>

<P>

<UL>

<UL>

<UL>

<LI>

<A HREF="#E68E117" >Network Management Standards</A></LI>

<LI>

<A HREF="#E68E118" >What Is SNMP?</A></LI>

<UL>

<LI>

<A HREF="#E69E170" >Management Information Base (MIB)</A></LI>

<LI>

<A HREF="#E69E171" >Simple Network Management Protocol</A></LI>

<LI>

<A HREF="#E69E172" >Setting Up SNMP Under UNIX</A></LI>

<LI>

<A HREF="#E69E173" >SNMP Commands</A></LI></UL>

<LI>

<A HREF="#E68E119" >Network Topologies</A></LI>

<LI>

<A HREF="#E68E120" >Configuring a Network</A></LI>

<LI>

<A HREF="#E68E121" >Monitoring and Basic Troubleshooting Utilities</A></LI>

<UL>

<LI>

<A HREF="#E69E174" >Troubleshooting the Network Interface</A></LI>

<LI>

<A HREF="#E69E175" >Troubleshooting the Network (IP) Layer</A></LI>

<LI>

<A HREF="#E69E176" >Troubleshooting TCP and UDP</A></LI>

<LI>

<A HREF="#E69E177" >Troubleshooting the Application Layer</A></LI></UL>

<LI>

<A HREF="#E68E122" >Security</A></LI>

<LI>

<A HREF="#E68E123" >Summary</A></LI>

<LI>

<A HREF="#E68E124" >Q&amp;A</A></LI>

<LI>

<A HREF="#E68E125" >Quiz</A></LI></UL></UL></UL>

<HR ALIGN=CENTER>

<A ID="E66E13" NAME="E66E13"></A>

<H1 ALIGN=CENTER>

<CENTER>

<FONT SIZE=6 COLOR="#FF0000"><B>&#151; 13 &#151;</B>

<BR><B>Managing and Troubleshooting TCP/IP</B></FONT></CENTER></H1>

<BR>

<P>Today you will not learn how to configure and manage a network. The reason is simple: network management and configuration is a very complex issue that can be only briefly examined in a single chapter. If you are assigned the task of network administrator, there are a few good books available that help a little, but the only real teacher of network administration and troubleshooting is experience. The more you work with networks, the more you learn. Today's text presents an overview of network topologies and configuration issues and examines the basic steps in troubleshooting faulty TCP/IP systems. Remember that this is an overview only, intended to provide you with the background to the administration process.

<BR>

<P>Traditionally, network management means two different tasks: monitoring and controlling the network. <I>Monitoring </I>means watching the network's behavior to ensure that it is functioning smoothly and watching for potential troublespots. <I>Controlling </I>means changing the network while it is running, altering the configuration in some manner to improve performance or affect parts that are not functioning correctly.

<BR>

<P>On Day 1, &quot;Open Systems, Standards, and Protocols,&quot; I looked at the ISO standards; ISO addresses networks, as well. ISO goes further than just two aspects of network administration, however, dividing network management into five parts defined within the Open Systems Interconnection Reference Model (OSI-RM). These five parts are called Specific Management Functional Areas (SMFAs) in the standard. The five aspects are as follows:

<BR>

<UL>

<LI><B>Accounting management:</B> Providing information on costs and account usage.

<BR></LI>

<BR>

<LI><B>Configuration management:</B> Managing the actual configuration of the network.

<BR></LI>

<BR>

<LI><B>Fault management:</B> Detecting, isolating, and correcting faults, including maintaining error logs and diagnostics.

<BR></LI>

<BR>

<LI><B>Performance management:</B> Maintaining maximum efficiency and performance, including gathering statistics and maintaining logs.

<BR></LI>

<BR>

<LI><B>Security management:</B> Maintaining a secure system and managing access.

<BR></LI>

<BR>

</UL>

<P>The five groups have some overlap, especially between performance and fault management. However, the division of the network management tasks can help account for all the necessary aspects. In some cases, large organizations have dedicated people for each group. For many smaller LANs, the role of handling all the problems usually falls to one person, who seldom worries about whether their actions are ISO-compliant.

<BR>

<BR>

<A ID="E68E117" NAME="E68E117"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>Network Management Standards</B></FONT></CENTER></H3>

<BR>

<P>The Internet Advisory Board (IAB) has developed or adopted several standards for network management. These have been, for the most part, specifically designed to fit TCP/IP requirements, although they do whenever possible meet the OSI architecture. An Internet working group responsible for the network management standards adopted a two-stage approach to provide for current and future needs.

<BR>

<P>The first step involves the use of the Simple Network Management Protocol (SNMP), which was designed and implemented by the working group. SNMP is currently used on many Internet networks, and it is integrated into many commercially available products. As technology has improved, SNMP has evolved and become more encompassing.

<BR>

<P>The second step involves OSI network management standards, called the Common Management Information Services (CMIS) and Common Management Information Protocol (CMIP), both to be used in future implementations of TCP/IP. The IAB has published <I>Common Management Information Services and </I><I>Protocol over TCP/IP</I> (<I>CMOT</I>) as a standard for TCP/IP and OSI management.

<BR>

<P>Both SNMP and CMOT use the concept of network managers exchanging information with processes within network devices such as workstations, bridges, routers, and multiplexers. The primary management station communicates with the different management processes, building information about the status of the network. The architecture of both SNMP and CMOT is such that the information that is collected is stored in a manner that enables other protocols to read it.

<BR>

<P>The SNMP manager handles the overall software and communications between the devices using the SNMP communications protocol. Support software provides a user interface, enabling a network manager to observe the condition of the overall system and individual components and monitor any specific network device.

<BR>

<P>SNMP-managed devices all contain the SNMP agent software and a database called the Management Information Base (MIB). I look at the SNMP protocol and MIB layout later today, but for now a quick overview should help you understand how SNMP is used for network management. The MIB has 126 fields of information about the device status, performance of the device, its connections to different devices, and its configuration. The SNMP manager queries the MIB through the agent software and can specify changes to the configuration. Most SNMP managers query agents at a regular interval, such as fifteen minutes, unless instructed otherwise by the user.

<BR>

<P>The SNMP agent software is usually quite small (typically less than 64KB) because the SNMP protocol is simple. SNMP is designed to be a polling protocol, meaning that the manager issues messages to the agent. For efficiency and small size of executable programs, SNMP messages are enclosed within a UDP datagram and routed via IP (although many other protocols could be used). There are five message types available in SNMP:

<BR>

<UL>

<LI><B>Get request:</B> Used to query an MIB.

<BR></LI>

<BR>

<LI><B>Get next request:</B> Used to read sequentially through an MIB.

<BR></LI>

<BR>

<LI><B>Get response:</B> Used for a response to a get request message.

<BR></LI>

<BR>

<LI><B>Set request:</B> Used to set a value in the MIB.

<BR></LI>

<BR>

<LI><B>Trap:</B> Used to report events.

<BR></LI>

<BR>

</UL>

<P>UDP port 161 is used for all messages except traps, which arrive on UDP port 162. Agents receive their messages from the manager through the agent's UDP port 161.

<BR>

<P>Despite its widespread use, SNMP has some disadvantages. The most important might also be an advantage, depending on your point of view: the reliance on UDP. Because UDP is connectionless, there is no reliability inherent in the message sending. Another problem is that SNMP provides only a simple messaging protocol, so filtering messages cannot be performed. This increases the load on the receiving software. Finally, SNMP uses polling, which consumes a considerable amount of bandwidth. The trade-offs between SNMP and its more recent successor, CMIP, will make decisions regarding a management protocol more difficult in the future.

<BR>

<P>SNMP enables proxy management, which means that a device with an SNMP agent and MIB can communicate with other devices that do not have the full SNMP agent software. This proxy management lets other devices be controlled through a connected machine by placing the device's MIB in the agent's memory. For example, a printer can be controlled through proxy management from a workstation acting as an SNMP agent, which also runs the proxy agent and MIB for the printer.

<BR>

<P>Proxy management can be useful to off-load some devices that are under heavy load. For example, it is common under SNMP to use proxy to handle authentication processes, which can consume considerable resources, by passing this function to a less heavily used machine. Proxy systems can also affect the processing that needs to be performed at a bridge, for example, by having a proxy reformat the datagrams arriving, again to off-load the bridge from that time-consuming task.

<BR>

<P>After providing a quick overview, I can now look at SNMP in more detail. If you are satisfied with the overview, you can skip the next section, because most users never need to know about the make-up and layout of SNMP and MIB. If you want to know what's going on in a network, though, this information is invaluable.

<BR>

<BR>

<A ID="E68E118" NAME="E68E118"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>What Is SNMP?</B></FONT></CENTER></H3>

<BR>

<P>The Simple Network Management Protocol (SNMP) was originally designed to provide a means of handling routers on a network. SNMP, although part of the TCP/IP family of protocols, is not dependent on IP. SNMP was designed to be protocol-independent (so it could run under IPX from Novell's SPX/IPX just as easily, for example), although the majority of SNMP installations use IP on TCP/IP networks.

<BR>

<P>SNMP is not a single protocol but three protocols that together make up a family, all designed to work toward administration goals. The protocols that make up the SNMP family and their roles follow:

<BR>

<UL>

<LI><B>Management Information Base (MIB):</B> A database containing status information

<BR></LI>

<BR>

<LI><B>Structure and Identification of Management Information (SMI):</B> A specification that defines the entries in an MIB

<BR></LI>

<BR>