WBMM> RFC 3535 - IAB 2002 Network Mgmt Workshop (May 2003)

WBMM> RFC 3535 - IAB 2002 Network Mgmt Workshop (May 2003)

WBMM> RFC 3535 - IAB 2002 Network Mgmt Workshop (May 2003)

McDonald, Ira imcdonald at sharplabs.com
Mon Jun 23 12:29:48 EDT 2003


Hi folks,

This short document is, in my humble opinion, an excellent
source for our requirements for PWG WBMM schemas, protocols, 
and management functionality:

    ftp://ftp.isi.edu/in-notes/rfc3535.txt

The "network operators" surveyed in RFC 3535 are ISPs (Internet
Service Providers), but their needs are very similar to third-
party service providers for enterprise network mgmt.

For a list of the positive and negative aspects of half-dozen 
current network management protocols (some proprietary), see
section 2 "Network Management Technologies" (first paragraph
appended below).

Noteworthy is section 3 "Operator Requirements" (appended below).

I suggest we review these requirements in the WBMM context.  I
believe that _most_ of them are highly relevant.

Cheers,
- Ira McDonald
  High North Inc


-----------------------------------------------------------------------
[excerpts from RFC 3535]

Abstract

   This document provides an overview of a workshop held by the Internet
   Architecture Board (IAB) on Network Management.  The workshop was
   hosted by CNRI in Reston, VA, USA on June 4 thru June 6, 2002.  The
   goal of the workshop was to continue the important dialog started
   between network operators and protocol developers, and to guide the
   IETFs focus on future work regarding network management.  This report
   summarizes the discussions and lists the conclusions and
   recommendations to the Internet Engineering Task Force (IETF)
   community.

Table of Contents

   1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
   2. Network Management Technologies  . . . . . . . . . . . . . . .  3
        2.1 SNMP / SMI / MIBs  . . . . . . . . . . . . . . . . . . .  4
        2.2 COPS-PR / SPPI / PIBs  . . . . . . . . . . . . . . . . .  5
        2.3 CIM / MOF / UML / PCIM . . . . . . . . . . . . . . . . .  6
        2.4 CLI / TELNET / SSH . . . . . . . . . . . . . . . . . . .  7
        2.5 HTTP / HTML  . . . . . . . . . . . . . . . . . . . . . .  8
        2.6 XML  . . . . . . . . . . . . . . . . . . . . . . . . . .  9
   3. Operator Requirements  . . . . . . . . . . . . . . . . . . . . 10
   4. SNMP Framework Discussions . . . . . . . . . . . . . . . . . . 12
   5. Consolidated Observations  . . . . . . . . . . . . . . . . . . 14
   6. Recommendations  . . . . . . . . . . . . . . . . . . . . . . . 16
   7. Security Considerations  . . . . . . . . . . . . . . . . . . . 17
   8. Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 17
   Normative References  . . . . . . . . . . . . . . . . . . . . . . 18
   Informative References  . . . . . . . . . . . . . . . . . . . . . 18
   Appendix - Participants . . . . . . . . . . . . . . . . . . . . . 19
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . . 19
   Full Copyright Statement  . . . . . . . . . . . . . . . . . . . . 20

<...>

2. Network Management Technologies

   During the breakout sessions, the protocol developers assembled a
   list of the various network management technologies that are
   available or under active development.  For each technology, a list
   of strong (+) and weak (-) points were identified.  There are also
   some characteristics which appear to be neutral (o).

   The list does not attempt to be complete.  Focus was given to IETF
   specific technologies (SNMP, COPS-PR, PCIM) and widely used
   proprietary technologies (CLI, HTTP/HTML, XML).  The existence of
   other generic management technologies (such as TL1, CORBA, CMIP/GDMO,
   TMN) or specific management technologies for specific problem domains
   (such as RADIUS, DHCP, BGP, OSPF) were acknowledged, but were not the
   focus of discussion.

<...>

3. Operator Requirements

   During the breakout session, the operators were asked to identify
   needs that have not been sufficiently addressed.  The results
   produced during the breakout session were later discussed and
   resulted in the following list of operator requirements.

   1.  Ease of use is a key requirement for any network management
       technology from the operators point of view.

   2.  It is necessary to make a clear distinction between configuration
       data, data that describes operational state and statistics.  Some
       devices make it very hard to determine which parameters were
       administratively configured and which were obtained via other
       mechanisms such as routing protocols.

   3.  It is required to be able to fetch separately configuration data,
       operational state data, and statistics from devices, and to be
       able to compare these between devices.

   4.  It is necessary to enable operators to concentrate on the
       configuration of the network as a whole rather than individual
       devices.

   5.  Support for configuration transactions across a number of devices
       would significantly simplify network configuration management.

   6.  Given configuration A and configuration B, it should be possible
       to generate the operations necessary to get from A to B with
       minimal state changes and effects on network and systems.  It is
       important to minimize the impact caused by configuration changes.

   7.  A mechanism to dump and restore configurations is a primitive
       operation needed by operators.  Standards for pulling and pushing
       configurations from/to devices are desirable.

   8.  It must be easy to do consistency checks of configurations over
       time and between the ends of a link in order to determine the
       changes between two configurations and whether those
       configurations are consistent.

   9.  Network wide configurations are typically stored in central
       master databases and transformed into formats that can be pushed
       to devices, either by generating sequences of CLI commands or
       complete configuration files that are pushed to devices.  There
       is no common database schema for network configuration, although
       the models used by various operators are probably very similar.
       It is desirable to extract, document, and standardize the common
       parts of these network wide configuration database schemas.

   10. It is highly desirable that text processing tools such as diff,
       and version management tools such as RCS or CVS, can be used to
       process configurations, which implies that devices should not
       arbitrarily reorder data such as access control lists.

   11. The granularity of access control needed on management interfaces
       needs to match operational needs.  Typical requirements are a
       role-based access control model and the principle of least
       privilege, where a user can be given only the minimum access
       necessary to perform a required task.

   12. It must be possible to do consistency checks of access control
       lists across devices.

   13. It is important to distinguish between the distribution of
       configurations and the activation of a certain configuration.
       Devices should be able to hold multiple configurations.

   14. SNMP access control is data-oriented, while CLI access control is
       usually command (task) oriented.  Depending on the management
       function, sometimes data-oriented or task-oriented access control
       makes more sense.  As such, it is a requirement to support both
       data-oriented and task-oriented access control.



More information about the Wims mailing list