Главная
АИ #45 (227)
Статьи журнала АИ #45 (227)
Integration of SNMP and CMIP protocol for Mobile Agent in LAN and Cloud Network ...

Integration of SNMP and CMIP protocol for Mobile Agent in LAN and Cloud Network Management

Рубрика

Информационные технологии

Ключевые слова

Cloud Computing
Network Management
Mobile Agent
Network Security

Аннотация статьи

The integration of SNMP (Simple Network Management Protocol) and CMIP (Common Management Information Protocol) for network management through Mobile Agents presents a promising evolution in the management of networked environments. SNMP, widely utilized for monitoring network devices, offers simplicity and speed, while CMIP provides a more robust framework for complex management tasks. By combining these protocols with Mobile Agent technology, which facilitates autonomous network management tasks, organizations can enhance their ability to monitor, configure, and control network resources efficiently. This integration not only improves operational efficiency but also fosters greater adaptability and scalability in managing diverse network architectures, ultimately contributing to more resilient network infrastructures.

Текст статьи

1. Introduction of Network Management Protocol

In Network management, for better Quality of Services (QOS), system/network administrators should be always aware of the status of the networking devices called agents, including their CPU loads, memory, storage usage etc. Currently, SNMP (Simple Network Management Protocol) has been widely used in remote monitoring of network devices and hosts. The main advantage of SNMP is simplicity in the design. Also, when the communicated messages between manager and agent entities are low. But low security is the main weakness of SNMP that recently is going to be better in the new versions.

On the other hand, to compensate lack of SNMP, CMIP has designed, and it can be used for lager networks. Object-oriented model will use to design and implement SNMP [1, p. 1157-1162]. The main advantage of CMIP is its ability to define the techniques to cover manual control, security, and filtering of the management information. The main weakness of CMIP is resource occupation time which is more than SNMP [2]. Table 1 summarize the list of the CMIP and SNMP services.

Table 1

CMIP and SNMP services

Attribute

SNMP version

CMIP

Description

SNMP V1

SNMP V2

SNMP V3

 

 

Security

No security features

Added community-based security

Security Added both encryption and authentication

Security supported both encryption and authentication

 

Message Format

Simple Network Management Protocol

Simple Network Management Protocol

Simple Network Management Protocol

 

 

Transport Protocol

UDP

UDP

UDP

UDP

 

Get Requests

Supported

Supported

Supported

M-GET

Obtain a value maintained by the managed object.

GetNext Requests

Supported

Supported

Supported

M-GET

Obtain a value maintained by the managed object.

Set Requests

Supported

Supported

Supported

M-SET

Set a value maintained by the managed object.

Trap Notifications

Supported

Supported

Supported

M-EVENT-REPORT

Report special conditions about a managed object.

Bulk Requests

Not supported

Supported

Supported

M-GET

Obtain a value maintained by the managed object.

Create Request

Not supported

Not supported

Not supported

M-CREATE

Instance of an object class will create.

Delete Request

Not supported

Not supported

Not supported

M-DELETE

Delete an instance of class.

2. Mobile Agent proxy for Network Management

The proposed Mobile Agent (MA) proxy agent provides the emulation of CMIS services by mapping them to the corresponding SNMP messages. It allows management of Internet MIB-II objects by a CMIP manager supporting CMIP network management protocol, and the CMIS services.

The MA proxy emulates services such as scoping and filtering, processing of CMIS operations and translation of SNMP traps to CMIS notifications. Figure 1 shows the context dataflow diagram of the CMIP/SNMP proxy agent.

image.png

Fig. 1. Mobile Agent proxy for network management

The MA proxy performs the following functionality:

Manage connection establishment/release with the CMIP manager.

Data transfer between the CMIP manager and Internet agent which consists of:

  • transfer of CMIP indication and response protocol data units (PDUs) with the CMIP manager.
  • transfer of SNMP request and response messages with the Internet agent.

Proxy service emulation functionality such as:

  • CMIS to SNMP mapping.
  • SNMP to CMIS mapping.

The MA proxy maintains a configuration file in the common data store to preserve the information during the message transfer. Figure 2 shows the data flow diagram for this service mapping.

image.png

Fig. 2. Service mapping CMIP and SNMP through Mobile Agent

2.1. Network Management Protocol Service Mapping

2.1.1. M-GET to GetRequestI GetNextRequest Mapping

On receiving a CMIS M-GET request, the proxy first verifies the existence of the base managed object. If the base object specified in the request does not exist in the Internet agent, then the proxy sends a “NoSuchObjectlnstance” CMIS error response back to the CMIPmanager [3].

The attributeldlist parameter of the CMIP PDU is a service-user option. If it is empty it means the proxy has to retrieve the value of all the attributes that are specified under the base managed object as per the GDMO template definitions [5].

If the CMIS request attribute is not empty, the proxy will verify the specified attributes(s) for the base object class. If it is not defined in the base object class, the proxy returns a “noSuchAttribute” CMIS error and does not send SNMP request to the Internet agent.

image.png

Fig. 3. Data flow for mapping the M-GET service to an SNMP GetRequest/ GetNextRequest

After successful validation of the M-GET indication PDU, the proxy constructs a SNMP message format with the PDU type set to SNMP GetRequest or GetNextRequest. Thus, the proxy has mapped an incoming CMIP M-GET indication PDU to a SNMP GetRequest/GetNextRequest message. This message is however partially built as it requires the other fields of the message to be appropriately mapped. This is achieved by the proxy by performing name mapping functionality, which supplies the variable binding list. The Request Id, Source and Destination addresses are extracted from the address translation table [1, p. 1157-1162; 2; 3].

2.1.2. M-SET to SetRequest Mapping

When a CMIS M-SET request is received, the proxy first checks whether the specified base managed object exists. If the base object is not found in the Internet agent, the proxy sends a “NoSuchObjectInstance” CMIS error response to the CMIP manager [3, 4, 5].

For each chosen object instance in the CMIP M-SET indication, the proxy creates one or more SNMP SetRequest messages to update the attributes identified by the CMIS modificationList parameter, following the modify operator specified. The proxy supports only the "replace" modify operator; if no operator is specified in the CMIS request, "replace" is assumed by default. The proxy consults its MIB schema to confirm that the attribute being modified has the REPLACE property necessary for CMIS M-SET emulation. If an unsupported modify operator is included in an M-SET request, the proxy returns a “Setlist error” CMIS error to the CMIP manager [3, 4, 5].

image.png

Fig. 4. Data flow for mapping the M-SET service to an SNMP SetRequest

2.1.3. M-CREATE to SetRequest Mapping

The proxy is tasked with validating each incoming CMIS M-CREATE indication. It checks if an instance can be created based on the CREATE clause in the NAME BINDING templates specified for the object class. If creation is not permitted, it returns a “classInstance-Conflict” CMIS error response [5; 6, p. 349-360; 7, p. 17-26].

The proxy further assesses if the instance requested can be created under the superior object instance specified in the M-CREATE request, as defined by the NAME BINDING template. If the NAME BINDING template does not support the specified containment relationship, it returns an “invalidObjectInstance” CMIS error. Additionally, if the object instance already exists, a “duplicate managed object instance” CMIS error is issued [5; 6, p. 349-360; 7, p. 17-26].

If the CMIS M-CREATE indication includes a reference object, the proxy retrieves the referenced instance from the Internet managed agent. To obtain reference object values, it sends an SNMP GetNextRequest. If the reference object is missing, the proxy sends a “No such reference object” CMIS error to the CMIP manager [5; 6, p. 349-360; 7, p. 17-26].

2.1.4. M-DELETE to SetRequest Mapping

The proxy determines from the NAME BINDING templates if the instance specified in the request may be deleted. If the NAME BINDING does not allow the deletion of the identified object, an “Access denied” CMIS error is returned [3, 4, 5].

If the object instance identified in the CMIS M-DELETE request exists, the delete operation is performed. Deletion of an object instance is realized by setting the status columnar object to an invalid value. Object deletion is achieved by sending an SNMP SetRequest to change the rowStatus value to “destroy” [3, 4, 5].

image.png

Fig. 5. Data flow for mapping the M-DELETE service to an SNMP

2.1.5. Other CMISE Request Processing

The Proxy agent handles the M-CANCEL-GET and M-ACTION requests as follows:

2.1.5.1. M-CANCEL-GET Service

The proxy agent does not need to send any SNMP request to emulate a CMIS M-CANCEL-GET request. When an M-CANCEL-GET indication is received, the proxy stops sending any further CMIS M-GET responses to the CMIP manager for that particular canceled request. Additionally, upon receipt of an M-CANCEL-GET indication, the proxy ceases all future SNMP GetRequests to the Internet agent related to the canceled M-GET request. If the Internet agent still returns GetResponses for the canceled request, the proxy will discard these responses [3, 4, 5].

The M-CANCEL-GET indication PDU includes the Invoke identifier of the M-GET request to be canceled. If the proxy does not recognize the Invoke identifier, it returns a “no such invoke identifier” CMIS error to the CMIP manager [3, 4, 5].

2.1.5.2. M-ACTIONService

Since Internet MIBs lack defined actions, the CMIS M-ACTION operation does not correspond to any SNMP operation. As a result, the proxy does not handle this operation; upon receiving an M-ACTION indication, it simply returns an “Unrecognized operation” CMIS error response [1, p. 1157-1162; 2; 3].

2.1.6. Registration and Naming

Registration ensures the uniqueness of management information element types, while naming provides a way to distinguish instances of each type and position them correctly within the MIB. Defining managed object classes involves registering globally unique identifiers, called object identifiers, which represent various elements of the managed object class, such as its name, attribute types, and more. These identifiers are essential in management protocols for uniquely identifying different aspects of managed objects, including their attributes, operations, and notifications. All Internet groups and conceptual tables are translated into CMIP managed object classes, with column and scalar objects becoming attributes within these object classes. Additionally, name bindings for positioning object instances within the naming hierarchy must also be registered [3, 4, 5].

image.png

Fig. 6. Registration under the joint ISO/CCITT subtree

2.2. Name Translation from ISO/CCITT to Internet

Managed object class selection is used to identify a set of managed object instances in the management information tree on which a CMIS request is applicable. This is accomplished by the CMIS scoping operation. Scoping is used to select candidate object instances in the management information tree (MIT) to which operations may apply. Before object instance OIDs can be translated from the CMIP management information tree, it is necessary to get the set of managed objects that are within the scope [5; 6, p. 349-360; 7, p. 17-26].

On receiving a request from the CMIP manager the proxy first determines the set of object classes that are within the scope. The information regarding the superior and the subordinate object classes contained in the name binding template is used for tree traversal during scoping. If the scope parameter is absent in the request the default scope is the base object itself. The object class also contains the attribute name specified as the filter parameter [3, 4, 5].

The selected scoped object classes and the attribute identifier fist’s that are supplied by the CMIS request are used by the proxy to extract the ISO/CCITT registration OIDs from the GDMO MIBs. As discussed, earlier CMIP object class OIDs and the CMIP attribute OIDs follow the general pattern. Thus, by stripping off the OIDs associated with MOG and ATT in the CMIP registration tree we can get the Internet OIDs. In order to get the Internet object name we need to append internet object OID with the naming attribute associated with it. The naming attribute is extracted from the distinguished name (DN) which is supplied with any CMIS request [5; 6, p. 349-360; 7, p. 17-26].

2.2.1. SNMP to CMIS Error Translation

The proxy agent translates the incoming SNMP error responses to CMIS error responses to be sent to the CMIP manager [4]. Table 2 describes this error mapping.

Table 2

SNMP to CMIS Error Translation

SNMP Errors

Translated CMIS Errors

noError

Complexity limitation

noSuchName

No such object instance

badValue

Processing failure

readonly

Processing failure

genErr

Processing failure

noAccess

No such attribute

wrongType

Invalid attribute value

wrongLength

Processing failure

wrongEncoding

Processing failure

wrong Value

Invalid attribute value

noCreation

Invalid object instance

inconsistentValue

Invalid attribute value

resourceUnavailable

Resource limitation

commitFailed

Processing failure

undoFailed

Processing failure

authorizationError

Access denied

notWritable

Access denied

inconsistentName

Mistyped argument

2.2.2. Filter Operation

A filter is a Boolean expression that includes one or more assertions regarding the presence or values of attributes within the scoped managed object. The proxy applies this filter to all object instances received from the managed agent, selecting only those that meet the filter criteria. It then sends the filtered CMIS response PDUs to the CMIP manager [2, 3].

2.3. SNMP Trap to CMIS M-EVENT-REPORT Mapping

The `NOTIFICATION-TYPE` macro defines the data an SNMP agent sends when an exceptional event occurs, packaged as a Trap PDU. Upon receiving a Trap PDU, the proxy agent forwards the information to the CMIP ISO/CCITT manager. It uses the Trap PDU parameters to construct a CMIS `M-EVENT-REPORT` request PDU, where all SNMP traps are mapped to a generic CMIS notification event type named `InternetAlarm` [6, p. 349-360; 7, p. 17-26].

The `Description` clause within the macro becomes the Event Information parameter, providing a detailed description of the event. Additionally, the SNMP Trap PDU includes a variable-bindings list, where the first variable, `sysUpTime.0`, is used to set the Event Time parameter in the `M-EVENT-REPORT` request [5; 6, p. 349-360].

3. Benefits of the Proposed Model

  • Reduced Communication Costs: Communication latency and network traffic can greatly affect the performance and coordination of two programs running on separate computers. However, in a Mobile Agent platform, if one program is a mobile agent, it can migrate to the computer where the other program is running and communicate with it locally, effectively turning remote communication into local communication [8].
  • Asynchronous Execution: Once a mobile agent migrates to the target computer, it no longer depends on continuous interaction with its original source. This allows the agent to continue processing on the destination computer, even if the source computer is offline or the network connection between them is disrupted. This feature is especially valuable for smart environments or unstable networks, such as wireless communication [9].
  • Direct Manipulation: When a mobile agent operates locally on the host computer it visits, it can directly access and control that computer’s hardware and software (provided access permissions are granted). This capability is particularly beneficial in network management, allowing for direct detection and resolution of device failures. Additionally, positioning a mobile agent close to a real-time system can reduce delays from network congestion [9; 10; 11, 25-36].
  • Dynamic Deployment: Mobile agents serve as an efficient deployment mechanism, as they can dynamically determine their destination and deploy their code and data only when needed [9; 10; 11, 25-36].
  • Simplified Development of Distributed Applications: Traditional distributed applications generally require a client-side program, a server-side program, and additional code for handling communication and exceptions. With Mobile Agents, however, a single program can be designed to handle distributed tasks by carrying its data and instructions directly to the target computer [9; 10; 11, 25-36].
  • Enhanced Network Management: Mobile Agent can fully implement the CMIP protocol, providing more advanced commands than the SNMP protocol, such as M-Get, M-Set, M-Action, M-Create, M-Delete, and M-Event-Report and also retain SNMP support for managing and controlling devices that use SNMP-based communication [9].

Conclusions

This paper presents the integration of popular Cloud Network Management at an abstract level, using lab experiments without full implementation. In future research, we aim to provide a more detailed design for each component of the model and develop its full functionality. Moving forward, we will also analyze the use of monitor traffic flows within the cloud and conduct pilot testing in a production environment.

Список литературы

  1. Bettaz M., Maouche M. Towards an Ontology for Network Management: Analysis and Refinement, 2023 10th IEEE Uttar Pradesh Section International Conference on Electrical, Electronics and Computer Engineering (UPCON), Gautam Buddha Nagar, India, 2023, P. 1157-1162, doi: 10.1109/UPCON59197.2023.10434647.
  2. Tian Y.C., Gao J. Network Management Architecture. In: Network Analysis and Architecture. Signals and Communication Technology. Springer, Singapore, (2024). Doi: 10.1007/978-981-99-5648-7_9.
  3. Koskinen M., Integrating open-source computer and network monitoring software to an automation supervision system, Master’s Programme in Automation and Electrical Engineering (TS2013), 2024.
  4. Olawuyi J.O., Ukaegbu C.S., Benson-Emenike M.E., Computer network fault management system using the OSI standards, Africa journal of science, technology and social science, 2011.
  5. Tuncay Saydam and Rajindra Sirsikar, Design of CMIP-SNMP Proxy Gateway for Network Management Interoperability, Journal of Network and Systems Management, Vol. 6, №. 2, 1998.
  6. Eckhart K., Design of a proxy for managing CMIP agents via SNMP, P. 349-360, Computer Communications 20 (1997).
  7. Ruan Z., Marc L, Network management integrating SNMP/CMIP protocol implementations, P. 17-26, Ann Telecomnun, 49, № 1-2, 1994.
  8. Ichiro S. Mobile Agents, August 2010.
  9. Nguyen M.P., Nguyen A.V., Tran Q.N. (2020); Cloud network management model based on Mobile Agent; DOI: 10.15625/vap.2020.00150.
  10. Nguyen M.P. Nguyen A.V., Tran Q.N. (2021); Enhanced security and performance of the Smart Traffic Management System VNSMAPS by using Mobile Agent and Map Reduce. DOI: 10.15625/vap.2021.0100.
  11. Nguyen M.P. Nguyen Ai Viet; Tran Quy Nam; Long Cu Kim; Vijender Kumar Solanki, "Enhanced SDN Security Using Mobile Agent" in Creative Approaches Towards Development of Computing and Multidisciplinary IT Solutions for Society, Wiley, 2024, P. 25-36, doi: 10.1002/9781394272303.ch3.

Поделиться

198

Nguyen M. P., Nguyen A. V., Tran Q. N. Integration of SNMP and CMIP protocol for Mobile Agent in LAN and Cloud Network Management // Актуальные исследования. 2024. №45 (227). Ч.I.С. 15-22. URL: https://apni.ru/article/10464-integration-of-snmp-and-cmip-protocol-for-mobile-agent-in-lan-and-cloud-network-management

Обнаружили грубую ошибку (плагиат, фальсифицированные данные или иные нарушения научно-издательской этики)? Напишите письмо в редакцию журнала: info@apni.ru
Актуальные исследования

#52 (234)

Прием материалов

21 декабря - 27 декабря

осталось 6 дней

Размещение PDF-версии журнала

1 января

Размещение электронной версии статьи

сразу после оплаты

Рассылка печатных экземпляров

17 января