Network Working Group JinXiang,Zhang Internet-Draft Information security test/evaluation center Jiahai,Yang Intended status: Best Current Practice Jianping,Wu Practice Network research center,Tsinghua University Expires: July 16, 2011 January 16, 2011 Retriving MIB Information based on NGI draft-jinxiang-operations-and-management-ngi-02 Abstract An important task of network management is to collect and analyze MIB information of various object combinations based on the Simple Network Management Protocol (SNMP) with proper frequency. The purpose of this document is to propose two algorithms to retrieve MIB information for a large (up to exponential) number of managed objects using SNMP in Next Generation Internet (NGI). Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on July 16, 2011. Copyright Notice Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of JinXiang,Zhang, et al. Expires July 16, 2011 [Page 1] Internet-Draft Retrieving MIB Information based on NGI January 2011 publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Self-Adaptive Algorithm . . . . . . . . . . . . . . . . . 4 2.1. Description of problems. . . . . . . . . . . . . . . . . . 4 2.2. Policy on fault tolerance. . . . . . . . . . . . . . . . . 4 2.3. Policy on self-adaptivity . . . . . . . . . . . . . . . . 4 2.4. Policy on dynamical recognition status of object . . . . . 6 2.5. Description of SAA . . . . . . . . . . . . . . . . . . . . 7 3. Group-Prefetching Algorithm . . . . . . . . . . . . . . . . . 8 3.1. Description of problems . . . . . . . . . . . . . . . . . 8 3.2. Policy on group prefetching . . . . . . . . . . . . . . . 8 3.3. Policy on extending MO of group self-adaptively . . . . . 10 3.4. Policy on shrinking MO of group self-adaptively. . . . . . 11 3.5. Policy on dynamical recognition status of object . . . . . 11 3.6. Policy on fault tolerance. . . . . . . . . . . . . . . . . 11 3.7. Description of GPA . . . . . . . . . . . . . . . . . . . 11 4. performance test . . . . . . . . . . . . . . . . . . . . . . . 13 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13 6. Security Considerations . . . . . . . . . . . . . . . . . . . 13 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 JinXiang,Zhang, et al. Expires July 16, 2011 [Page 2] Internet-Draft Retrieving MIB Information based on NGI January 2011 1. Introduction With rapid and wide deployment of IPV6, the network scale expands and the resources provided by network becomes more heterogeneous, and the traditional pattern of network management and information retrieval scheme becomes more and more difficult to meet the needs of network users based on IPv6. Furthermore, NGI(Next Generation Internet) based on IPv6 has some distinct features. Firstly the link bandwidth can be G bit or even T bit. Secondly, there are more applications, such as IPTV, HDTV and VoD. Finally, the existing management methods in IPv4 are not suitable for IPv6 network. On the other hand, according to the new Moore Law, the bandwidth and traffic capacity can be doubled in every six months. The number of managed objects increased exponentially. As the network management can be fulfilled through the information exchange between manager and agent, the performance of network management is affected by the scheme to collect MIB[1]. The traditional method of network management information retrieval is SIFD(Sequence and Interval Fixed Discrete single access Algorithm). But there are some weaknesses with this algorithm. Firstly, If there are a lot of managed objects (MO) in the managed network, SIFD cannot recognize which of the MOs are more important, Secondly, SIFD cannot access many discrete MOs simultaneously, Thirdly, SIFD may poll a MO although its agent is down. So SIFD may use up all network bandwidth and then result in network congestion. To resolve these problems, three enhanced information retrieval algorithms were proposed used to access table objects[2]. The first algorithm - Serial Algorithm retrieves the table objects using Get-Next operation, and the second algorithm - Pipelined Algorithm also accesses all the objects in a table by the repetitive retrieval of each column each time, moreover, the algorithm uses multiple threads technology, in which one thread accesses multiple rows in the table using Get-Next operation. The third algorithm - Parallel Algorithm adopts a multi-threaded approach, in which each thread generates its own stream of Get-Next requests and processes the resulting stream of responses. However, all the three algorithms are only used for the retrieval of table objects and needed to alter SNMP , so the algorithms are not suitable for any kinds of MOs. In this document we propose a Self-Adaptive Algorithm (SAA), that can be used to retrieve any kind of MOs in NGI. This algorithm can adjust the number of retrieved objects and the interval of retrieval self-adaptively based on self-adaptivity policy, fault tolerance policy and dynamical recognition status of objects etc.. It can be used to reduce network resource consumption without any modification of SNMP. JinXiang,Zhang, et al. Expires July 16, 2011 [Page 3] Internet-Draft Retrieving MIB Information based on NGI January 2011 The other algorithm we propose in this document is Group-Prefetching algorithm (GPA). With GPA, many small managed objects are gathered into one prefetching group to be accessed using group prefetching schemes. As a result, it can be used to decrease the retrieval frequency and network resource consumption without any modification of SNMP. 2. Self-Adaptive Algorithm Let us now consider an algorithm for management information retrieval with the SNMP in NGI. Self-Adaptive Algorithm can adjust the number of retrieving objects and interval of retrieval self- adaptively by using the policies of self-adaptivity, fault tolerance, dynamical recognition status of objects etc., and thus can use fewer network resources without alteration of SNMP. 2.1. Description on problems The model of SAA is as follows. if there are n MOs in the charge of m agents, where n > m, the algorithm will adjust the interval to the next polling based on the polling value, status and weights of current polling results of n MOs. Moreover, the greater the weight value is, the more possibly the MO of Gauge Counter Type overflows. The algorithm complies with the principles as follows. Firstly, Computation power of Network Management Station (NMS) consumed by the algorithm should be as little as possible, Secondly, the key transactions on managed equipment should not be affected by the Get and Get-Next operations on this equipment, Thirdly, the management traffic between NMS and agent must be as little as possible, Finally , the algorithm must be self-adaptive and robust. 2.2. Policy on Fault tolerance Since such MIB value as interface status and accounting bytes changes dynamically, the polling interval of these MOs must be reasonable. For example, the maximum value of actByts in the IP-Account-Table is 32 power of 2 sub-1, notated as Value-max= power(2,32)-1. So the algorithm should retrieve the actByts value before it overflows. Generally, if the baud rate of an interface is V b/s, the least overflowing time can be calculated as Tflow-min= (power(2,32)-1) *8/V (s). Furthermore, the real value of a MO can be recovered from Error.log in case it overflows. 2.3. Policy on Self-adaptivity The algorithm adjusts retrieval interval self-adaptively, and this adjustment is based on the accounting MO of Gauge Counter Type since the actByts MIB may overflow. The policy is specified as follows. JinXiang,Zhang, et al. Expires July 16, 2011 [Page 4] Internet-Draft Retrieving MIB Information based on NGI January 2011 Let Value[i-1] be the (i-1)th value and Tinter[i-1] be the interval between (i-2)th and (i-1)th. And the first retrieval time is defined as Tflow-min. Then Tinter[i], the ith retrieval interval, can be calculated as two situations. (1)Tinter[i] = max { Tflow-min, delta* Tinter[i-1]* Value-max / Value[i-1]}, If actByts MIB does not overflow and i >= 2 (2)Tinter[i] = Tflow-min, otherwise where delta is a balance factor to decrease the overflowing probability. From the above expression, we can see that the interval to next polling is determined by current value value[i-1]. Now let us illustrate how to determine the value of delta (to minimize the overflowing probability) using the following example. Consider a 100Mb/s interface. The minimum overflowing time of the MO of Gauge Counter Type is. Tflow-min = (power(2,32)-1)*8/(100*power(10,6))=343s*0.095h. To minimize the overflowing probability of the MO of Gauge Counter Type when deciding the optimal value of delta, we choose the sampling hits in the intervals of MOs and evaluate the performance when delta is 0.52, 0.54, 0.56, 0.58, 0.6, 0.618, 0.64, 0.66, 0.68 respectively. Firstly, let delta=0.52 and Tinter[i-1] =8.8 *Tflow-min, 9 *Tflow-min , 9.2 *Tflow-min, 9.4* Tflow-min, 9.6 *Tflow-min, 9.8* Tflow-min, 10 *Tflow-min respectively, we can calculate a group of Value[i]. Secondly, calculate Tinter[i] using the self-adaptivity policy. Thirdly, retrieve Value[i], and calculate the average value Value-avr[i]of the group. We repeat the three steps as above, and calculate the average value Value-avr[i] for other groups. Then we found the probabilitly that overflows in next interval decreases with delta, and the sampling frequency increases with delta. Contrarily, the more probable overflowing of next time is, the less the sampling frequency is. And we have found that the overflowing probability is minimum when delta is 0.618, the golden mean factor. At the same time, in order to ensure that the key data would not overflow, we decide whether to use self adaptivity policy according to the weight value. We denote the predefined threshold as "alarm". If the weight value exceeds alarm, we retrieve the MIB data immediately, and the self-adaptivity policy will not be used until the weight value is equal to or less than the threshold. So the second part of our self-adaptivity policy is as follows: JinXiang,Zhang, et al. Expires July 16, 2011 [Page 5] Internet-Draft Retrieving MIB Information based on NGI January 2011 (1)Retrieve MIB data timely, if Weight>= Alarm (2)Retrieve MIB data self adaptively, otherwise Assume that the current time of NMS is T-sys, the next retrieval time Taccess[i] can be calculated as Taccess[i]= T-sys + Tinter[i]. For example, with fixed interval Tinter[i-1]= Tflow-min, SIFD needs to retrieve MOs 11(1/Tflow-min) times in an hour. However, if Tinter[i-1]= Tflow-min =0.095h, Value[i-1]=1073741800, Tinter[i]= delta* Tinter[i-1]* Value-max /Value[i-1] =0.618*0.095*4=0.235h,SAA needs to retrieve MOs 5(1/1/ Tinter[i]) times in an hour. The retrieving frequency of SAA is 50% less than that of SIFD. In addition, if Tinter[i-1] is a random value, Our experiments shows that the minimum value of Tinter[i] is Tflow-min and the retrieving times of SAA is always less than that of SIFD. If the maximum value of actByts is 64 power of 2 sub 1, notated as Value-max=(power(2,64)-1), we have similar conclusions by SAA. 2.4. Policy on dynamical recognition status of object We define two configuration tables. One is called Tab-equip-all and it is used to store all equipment information, the other is called Tab-equip-active and it is used to store active equipment information . The active equipment is defined as follows. Def. 1. An Active Equipment is one equipment that is operating regularly. The active equipment table consists of all active equipments in the network, and the active equipment table is notated as Tab-equip-active. Each entry in Tab-equip-active is a quaternion notated as Rg , and Rg ={O-addr,O-oid,O-weight,O-stus }, where O-addr is IP address of the agent in charge of the MO, O-oid is the identifier of MO, such as DN or OID, O-weight is the weight value of MO,O-stus is the status of MO. Moreover, the retrieval interval can also be included in the table if necessary. The policy on dynamical recognition status of object is as follows. The algorithm only retrieves the MOs in Tab-equip-active, which ensures that the sleeping managed equipment cannot be polled. Nevertheless, New equipments or the equipments whose status are changed from sleeping to active should be added into Tab-equip-active table by the Event process. Finally, a MO should be deleted from Tab-equip-active table if the agent of the MO does respond three times. Moreover, as the storage space of MOs must be freed in certain time , the clearing frequency can also be decided by the self-adaptivity policy. JinXiang,Zhang, et al. Expires July 16, 2011 [Page 6] Internet-Draft Retrieving MIB Information based on NGI January 2011 2.5. Description of SAA We define the data structure of SAA as follows. typedef struct _ObjStruct { char *name; int type; int oid_length; ObjectID oid[MAX_SUBID_LEN]; } ObjStruct; /*data structure for MIB*/ typedef struct _InfoStruct { char IpAddress; /*IP address of Agent*/ ObjStruct *obj; int CriticlValue; /*weight value*/ bool Status; /*attribute status, initial value is 0, ie. sleeping*/ int Retrievalinterval; /*current interval, initial value is Tflow-min */ int NextRetrievaltime; /* next interval, initial value is Tflow-min */ } InfoStruct; /*data struct for Tab-equip-all and Tab-equip-active */ SAA algorithm can be described as follows. begin copy all information in Tab-equip-all to Tab-equip-active, and initialize a cyclic queue initialize the retrieval time according to system time T-sys L:sort IP addr in Tab-equip-active in ascending order of Taccess[i] if empty_queue(Tab-equip-active) then exit("all the MOs in the network cannot be accessed") IPhead=Head_queue(Tab-equip-active), setup a Session between NMS and agent whose IP is IPhead if fail three times then set status value to 0, delete the IPhead from the Tab-equip-active table, goto L retrieve all the relevant MIB information of the equipment if TYPE of the MO is Gauge Counter then begin adjust Value[i-1], Tinter[i-1]and Weight if IsFlow then Tinter[i]= Tflow-min else Tinter[i]= max{ Tflow-min, delta* Tinter[i-1]* Value-max / Value[i-1]} Taccess[i]= T-sys + Tinter[i] end else if TYPE of the MO is TABLE then free the store space using self-adaptivity policy store the MIB information in database, goto L end JinXiang,Zhang, et al. Expires July 16, 2011 [Page 7] Internet-Draft Retrieving MIB Information based on NGI January 2011 In the above description, empty_queue() is a BOOL function. The function returns TRUE if the cyclic queue of Tab-equip-active is empty, otherwise it returns FALSE. Head_queue() is a function used to get the head of Tab-equip-active queue and return the IP address of the first element. IsFlow is a BOOL variable, whose initial value is FALSE, and its value is set to be TRUE when overflowing. 3. Group-Prefetching Algorithm Let us now consider another algorithm for management information retrieval with the SNMP in NGI. with " Group-Prefetching Algorithm " , many small managed objects are gathered into one prefetching group to be accessed using group prefetching schemes, objects of group changed self-adaptively, fault tolerance etc., and thus can decrease the retrieval frequency and network resource consumption without alteration of SNMP. 3.1. Description of problems The model of GPA is as follows, Let us assume that there are n MOs in the charge of m agents, where n > m. With this algorithm, we will pick r small retrieving objects and put them into one prefetching group to access according to the status attribute and time attribute, where r= S(cur_g).TTL. return value in cache; otherwise. By grouping managed objects to cache and storing the attributes value of the managed objects locally, we reduce the overhead of network management. For example, in a 100Mb/s interface network, the overhead of network management, the packets include the packets used to obtain the IP address of Sub_Manager/Agent and the packets of request/ response. If there are 10 MOs that meet the needs of Group-Prefetching condition, the packet numbers of SIFD is 22 while GPA is 14, the rate is 0.64. the packet number of Policy of group prefetching of GPA is fewer than that of SIFD, only 0.64 times. 3.3. Policy on extending MO of group self-adaptively The algorithm can adjust the retrieval interval and the number of MO in the group self-adaptively by using the self-adaptivity policy. We use S(all_g) to denote all the MOs in a network, any_o indicate any MO in the network, any_o is in S(all_g) but does belong to any group. and its RTT(Round Trip Time)and time attribute are any_o.RTT and any_o.Tatt respectively, S(cur_g).Count indicates the number of MOs in S(cur_g). If any_o is not in S(cur_g) and S(cur_g).Count < Max_gsize,then If any_o.RTT = Alarm_Time then S(cur_g)= S(cur_g)-{ any_o }; otherwise S(cur_g); We compare the RTT of the accessed MO with the predefined threshold -Alarm_Time, If the the value of RTT is larger than Alarm_Time, we delete the MO from the group and access the MO discretely. And we reuse GPA to access the MO when RTT reduce. 3.5. Policy on dynamical recognition status of object We define two configuration tables, One is act_t,which is used to store information of active equipments. The other is cur_t, which is used to store equipment information of the MOs in current group . With this algorithm, We only retrieves the MOs of group in act_t, which ensures that the sleeping managed equipment can not be polled. If any_o is in S(cur_g),then if any_o.id is not in act_t then S(cur_g)= S(cur_g)-{ any_o }; otherwise S(cur_g); Thereinto, any_o.id is the id of Agent in charge of any_o , and IP address of agent represents its id. Nevertheless, New equipments or equipments whose status are changed from sleeping to active can be added to act_t by the Event process. Finally, a MO should be deleted from act_t if the agent of the MO does not respond three times. 3.6. Policy on fault tolerance if the equipment or NMS of one MO in a group is down and can not response, the values of MOs are not correct. There are several possible solutions. We can delete the MO from the group if NMS is down, otherwise,Or we can access the MO again if the packets are lost owing to protocol. These events should be recorded in error.log to recover the actual value of the MOs by NMS. 3.7. Description of GPA At first, we define the data structure of GPA as follows. typedef struct _ObjStruct { char *name; int type; int oid_length; ObjectID oid[MAX_SUBID_LEN]; JinXiang,Zhang, et al. Expires July 16, 2011 [Page 11] Internet-Draft Retrieving MIB Information based on NGI January 2011 unsigned char Tattr; /*time attribute*/ int RTT; /*round trip time of access*/ int Group_label; /*initial value is 0*/ } ObjStruct; /* data structure for MIB */ typedef struct _InfoStruct { ObjStruct *obj; bool Status; /*status attribute*/ } InfoStruct; /*data structure for element in S(cur_g) */ GPA algorithm used to access a group of MOs can be described using similar language as follows. begin if (cur_systime - S(cur_g).Tstamp )< S(cur_g).TTL return the value in cache else begin initialize a cyclic queue with elements in S(cur_g) reformed a request packet using all oid in S(cur_g) setup a Session between Sub_Manager and Agent if failure three times then record the error information in Error.log,Exit if S(cur_g).Tattr =1 then S(cur_g).TTL =min{ any_o.TTL |any one of any_o in S(cur_g) }; else if S(cur_g).Tattr =2 then S(cur_g).TTL =any value; if (cur_systime - S(cur_g).Tstamp ) >= S(cur_g).TTL Update value in cache and timestamp of MO; else return value in cache; If any_o is not in S(cur_g) and S(cur_g).Count < Max_gsize,then begin If any_o.RTT = Alarm_Time then S(cur_g)= S(cur_g)-{ any_o }; else S(cur_g) = S(cur_g); If any_o is in S(cur_g) then if any_o.id is not in act_t then S(cur_g)= S(cur_g)-{ any_o }; else S(cur_g) = S(cur_g); end write the information of MOs into database end JinXiang,Zhang, et al. Expires July 16, 2011 [Page 12] Internet-Draft Retrieving MIB Information based on NGI January 2011 4. performance test We test the performance of GPA in CERNET NOC, in which we configure 1000Mb/s network environment and InetBoss network management system. The number of MO is 50 while managed node is 3. Given Alarm_Time is 30ms, Max_gsize is 40, Pkt_SIFD Denotes the packets number using SIFD, and Pkt_GPA Denotes the packets number using GPA. The testing result is as followings Table 1 Packets in a network node |S(cur_g).Count |Pkt_SIFD |Pkt_GPA |Rate | | 10 | 22 | 14 | 0.64 | | 18 | 38 | 22 | 0.58 | | 21 | 44 | 25 | 0.57 | | 30 | 62 | 34 | 0.55 | | 36 | 74 | 40 | 0.54 | | 38 | 78 | 42 | 0.53 | From table 1 , we can draw a conclusion that the more the MOs in group, the less packets of GPA than that of SIFD 5. Acknowledgements This research was supported by National Natural Science Foundation of China "Research on Access Algorithm and storage schemes for management information based on next generation Internet" under grant Nos. 60473083. Some of the discussion about designing for IPV6 management came from private discussions with Hui Wang. 6. Security Considerations This document is informational and provides guidelines for management information retrieval. It introduces no new security concerns. 7. IANA Considerations This document makes not requests for IANA action. 8. References 8.1. Informative References [1] Case, J., Fedor, M., Schoffstall, M., and J. Davin, Simple Network Management Protocol (SNMP), RFC 1157, SNMP Research, Performance Systems International, Performance Systems International, MIT Laboratory for Computer Science, May 1990 [2] M. Rose, K. McCloghrie, and J. Davin, Bulk Table Retrieval with the SNMP, RFC 1187, SNMP Research, Performance Systems International, Performance Systems International, MIT Laboratory for Computer Science October 1990 [3] Jayant, R., Haritsa, M.O., Nicholas, R., et al.MANDATE: Managing networks using database technology. Journal on Selected Areas in communications, 1993, 11(9):1361~1372. JinXiang,Zhang, et al. Expires July 16, 2011 [Page 13] Internet-Draft Retrieving MIB Information based on NGI January 2011 9. Authors' Addresses JinXiang Zhang Network research Center ,Tsinghua University P.R.China No.1 QingHua Yuan, Haidian district Beijing Phone: +86 10 62795818 ext 6128 Fax: EMail: jxzhang@cernet.edu.cn Intellectual Property The IETF Trust takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in any IETF Document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Copies of Intellectual Property disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement any standard or specification contained in an IETF Document. Please address the information to the IETF at ietf-ipr@ietf.org. The definitive version of an IETF Document is that published by, or under the auspices of, the IETF. Versions of IETF Documents that are published by third parties, including those that are translated into other languages, should not be considered to be definitive versions of IETF Documents. The definitive version of these Legal Provisions is that published by, or under the auspices of, the IETF. Versions of these Legal Provisions that are published by third parties, including those that are translated into other languages, should not be considered to be definitive versions of these Legal Provisions. JinXiang,Zhang, et al. Expires July 16, 2011 [Page 14] Internet-Draft Retrieving MIB Information based on NGI January 2011 For the avoidance of doubt, each Contributor to the IETF Standards Process licenses each Contribution that he or she makes as part of the IETF Standards Process to the IETF Trust pursuant to the provisions of RFC 5378. No language to the contrary, or terms, conditions or rights that differ from or are inconsistent with the rights and licenses granted under RFC 5378, shall have any effect and shall be null and void, whether published or posted by such Contributor, or included with or in such Contribution. Disclaimer of Validity All IETF Documents and the information contained therein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). JinXiang,Zhang, et al. Expires July 16, 2011 [Page 15]