A Performance Application for Proactive Network ...

12 downloads 3670 Views 385KB Size Report
May 6, 1995 - This management shall provide mechanisms to monitor, control and also coordinate the activities performed in a network. At present, a new ...
A Performance Application for Proactive Network Management Analucia Schiaffino Morales De Franceschi

Luiz Fernando Kormann Carlos Becker Westphall Federal University of Santa Catarina Network and Management Laboratory - PLAGERE Project P.O. Box 476 - CTC/INE - ZIP 88040-970 - Trindade - Florianopolis - SC - Brazil Phone: +55 (048) 23 1 9738/ 23 1 9739 Fax: +55 (048) 23 P 9770 [email protected] / [email protected] / [email protected] Abstract

remote-monitoring concept. Section 3 describes the test environment. In Section 4 are given two practical examples wich illustrate the real necessity for implementing proactive management along with descriptions of proactive management modules which will be implemented in the future. Finally, the conclusion and references will be presented.

The new concept of proactive network management aims at identijjing the existing troubles in advance to any performance degradation, as well as providing support for future decisionmaking actions. Within this context, a proposal for performance evaluation applying the proactive concepts is here introduced Moreover, theoretical and practical aspects emphasize the importance of the approach in question. In addition, simulation facilities and programming concepts for distributed system were employed to obtain the required results. And jnally, the outcomes were analyzed in order to conjrm the expected performance improvement.

2. Proactive network management Normally, the task of management begins after the already existent performance degradation. Management systems are frequently designed for emiting alarms and for notifying current and presently arising events [I]. This activity is called reactive methodology. On the contrary, proactive management provides systems variable pre-search in advance to the service degradation of management applications.

1. Introduction The significant increase of distributed computing systems demands an efficient management. This management shall provide mechanisms to monitor, control and also coordinate the activities performed in a network. At present, a new concept for network management is being researched. Proactive management concept enables to identify the existing troubles in advance to any performance degradation [1][2], as well as provides support for future decision-making actions. Proactive management aims at maintaining the quality of the offered services at a desirable level, improving the overall network performance. Therefore, organizations will decrease their investments in fault recoveries, and as a consequence save time and gain a more efficient control over resource usage. Moreover, the proactive network management provides a description of the network behavior allowing the creation of a network profile which is statistically correct. Hence, the proactive methodology aims at reducing managerial work in recovering faults that may damage the network performance. This work is organized in five sections, Section 2 outlines some theoretical aspects of proactive management and the network

2.1 Proactive management model A presentation of some basic components to proactive management will be uncovered in this section. Here will be described the adaptability of any network management application to the proactive management architecture. Figure 2-1 illustrates a schematic design of the basic components for the implementation of proactive control. Here are seen two main modules, one for central management (the network management platform), and the other for managing the network segment (the proactive module). Each segment can only have one proactive module, or when unfeasible, as in those cases where the segment is too small, the monitoring will be distributed amongs many segments. And fmally, there is a mechanism for the communication between the system entities. Network management platform, in a proactive concept, centralizes those management informations derived from subnetworks. At present, for the development of this work, SunNet Manager (SNM) version 2.2 from Sun Connect is being employed. The proactive module is being programmed to

15

Monitoring Network Management Information Base). The BTNG agent also enables the creation of table instances and packet filtering [4] as defined in [5]. The communication service between the management system and the proactive module is made through the SNMP protocol [ 6 ] . Presently, the BTNG agent allows the SNM platform to access a part of the W O N MIB variables. Implementation aspects with regards to this service will be described in Section 5.

notify the management system of any parameters that indicate decreases of network performance. These parameters will then be analyzed in order for corrective actions to be performed by the manager. In addition, decision making actions should be automatized through the use. of artificial intelligence, or the installation of troubleticket systems.

3. The test environment

.i

In order to perform the required tests and to implement the proactive management two sub-networks were employed. The SNM platform running on the SPARC 20 workstation from Sun Microsystems was installed at the LRG sub-network while both the remote agent and the Proactive Module were installed at the INF sub-network. The latter is composed of a variety of devices, such as microcomputers, workstations and laser printers. lJFSC Network Segment Subset Irg subnet

SunNet Manager

Figure 2-1 Proactive management basic components. The main functions of the proactive management model consist of the remote monitoring of network segments and the constant verification of service degradation tendencies. The three main components to this model are as follows: the baseline, the verification service and the remote-monitoring agent. The baseline (or network profile) is the major component of proactive management and is obtained through baselining samples of activities over large periods of time. This is followed by the need to identify normal performance behavior through statistically valid variables [31. Performance management associates a baseline with others functions, such as capacity planning and traffic level patteming both with the goal of evaluation connectivity options [ 13. The verification service must periodically collect the variables derived from the remote monitoring agent, and convert them into performance metrics wich will be compared to the baseline parameters. This service detects performance degradation tendencies and notifies the network management platform on troubles that may arise. The remote agent being used in this work Beholder The Next Generation (BTNG) which has been developed by the DNPAP Research Group from the Delft University of Technology Netherlands. The software is public domain and available through FTP at the dnpap.et.tudelft.nlsite. Beholder is an Ethernet monitor that employs the SNMP protocol and supports the nine distinct groups of the RMON MIB (Remote

RMON agent gatkring infonmtions

inf subnet

ethemet

Figure 3-1 The test environment.

3.1 Simulation The Baseline is being established by the generation of a test environment modelled with the employment of the simulation techniques and appropriate tools. The information collection for environment modelling requires the use of the remote agent described in Section 2. Once the information has been collected, the behavior of the test environment can be properly designed. Table I presents a subset of the results and the parameters used for modelling the simulation. Some important results contained in the baseline are also outlined 173.

16

Once this situation is set, alarms are emitted to inform of unacceptable levels of traffic. As a consequence, retrieving actions are only realized after an already existent performance degradation. Such reactive behavior is commonly implemented in the main commercial management platforms. Figure 4-1 illustrates this approach.

Table I Parameters and results expected of simulator. Modelling parameters total number of hosts

Simulator results

arrival packet rate uacket length distribution input rate (octets per second; pkts

Proactive Behavior Der sec.) total number of lost packets

I utilization rate

Decisions-makinqactions: Decrease traffic load at critical interval; Minimizecontrd messages; etc.

I

4. Practical examples

il,

Two examples illustrating the importance of performance evaluation for proactive management are presented in this section. The first discusses the differences between proactive and reactive approaches. And the second, indicates some corrective actions required to perform the proactive management. This example illustrates a periodical collection of data and a provision of log records containing the number of input packets received by the hosts included in the test segment. Moreover, differences between proactive and reactive methodologies are also outlined.

Figure 4-2 Total number of packets per time unit. In a proactive management concept, subsequent to baselining the network behavior (compousing a profile) is the determination of preventive actions wich will assure higher performance during periods of network traffic overload. Such actions aid in the reduction of traffic at the maximum peak rate (see Figure 4-2), and improve the utilization of network resources. The following example demonstrates some of the aforementioned actions. Example 2 presents the output and input average rates (in packets) of those hosts most used in the test segment, as well as some preventive actions for improving network performance. Basing on Figure 4-3, the following conclusions were obtained: I . While the Venus workstation had a high input average rate (approximating 77.000 packets) its output was inordinately inferior ; 2. While the Grad-gw host had an input average rate of 3.000 packets its output rate climbed to approximately 35.000 packets; and, 3. Finally, the remaining hosts input and output rates were proportionally equivalent. The Venus (server) workstation is a mail exchanger and a gateway for the test segment. The first case example is proceeded by the collection of three samples used to verify the realibility of the previous graphical results. Further analyses confirmed the workstation behavior during the time sampled.

Figure 4-1 Total number of packets per time unity.

The network manager shall define thresholds and monitor the situations where those thresholds are reached or overcome.

17

the managing system. This verification service, provided with a calculating and analysis submodule, will be implemented in C programming languange. The calculating submodule will collect the information derived from the agent and convert them into performance metrics [9]. The second submodule will then compare the calculated metric values to the baseline parameters and as a result tendencies of performance reduction may be detected. This work introduces two approaches for constructing the communication between service entities. The first applies the concept of sockets, and the second is based on the development of an SNM subagent. One form of implementing communication mechanisms between the main entities in a system is by the usage of resources known as sockets. More specifically these devices are used as interfaces for communication aspects presented in a distributed system [IO]. The SNM platform provides a method for implementing communication between system entities through the usage of the Snmpd proxy agent. This agent enables the exchange of information between both the SNMP and the SNM entities. What is being proposed is an analysis of the viability for constructing subagents embeded with SNM facilities to recognize the managed objects existing in the remotemonitoring agent. With the success of this research there will be some advantages such as the construction of subagents through the use of pre-defined constructions provided by the SNM platform [11][12][13]. Such approach discards the low level programing as is required for the implementation of sockets.

The Figure 4-3 portrays a prototype of a baseline where the average rates represented are the maximum values supported by the test segment. Exceeding values result in a decrease of network performance.

Venus cere vesta d jaasta aplo marte memo

k

grad-gw hidra

x-rib -t“638I

Figure 4-3 Input and output average rates

Considering the input and output peak rates of the Apolo Workstation as respectively 3 1.000 and 46.000 packets, two distinct behaviors were observed when reaching the threshold rates: a) output rates superior to 46.000 double the number of collisions at the interface; b) input rates superior to 31.000 packets, due to the eventual lack of resources, result in an expressive increase to the number of lost packets. The following preventive actions were proposed in order to avoid the previously mentioned behavior:

6. Conclusion and Future Works At present, there is an emerging effort to implement the proactive management concept. Such tendency can be seen by the increasing release of network equipments (i.e. protocol analyzers, network monitors, ...) with embeded proactive management. Some theoretical and practical activities demostrating the necessity of performance evaluation for proactive network management were described in this work. In order to obtain the proper results, the network traffic behavior was monitored and the usage of some resources was analyzed. These activities enabled the verification of the proactive management as a mechanism to improve the network performance and enhance the control over the resource utilization. Future works will concentrate on implementing proactive management for configuration aspects, as well as analyzing the viability of proactive concept on others management applications. In addition, proactive actions should be automatized through both the use of expert systems or the installation of troubleticket systems. And finally, the model proposed in this work may be extended to support the proactive management on current network technologies such as Token Ring, FDDI and ATM.

1. User recommendations in the reduction on the usage of high resource spending services (FTP, Telnet, Mail) during peak traffic periods; 2. The scheduling of processes for those intervals of reduced traffic or when the network is idle. Continuos employment of corrective actions before reaching the threshold rates will assure a more stable network performance [SI.

5. Implementation aspects As the baseline is being developed and the management platform along with the remote agent are already available, future works will concentrate on constructing the verification service and the communication between the service entities. The verification service must compare the data derived from the remote agent to the baseline parameters and verify for tendencies of performance degradation. As a consequence notifications reporting reductions of performance are sent to

18

7. References DAUBER, Steven. Finding Fault. Byte, March, 1991. JAM, Raj. The Art of Computer Systems Performance Analysis. John Wiley & Sons : EUA, 1991. JANDER, Mary. Proactive LAN MAnagement Data Communications, March, 1993. STALLINGS, William. Packet Filtering in the SNMP Remote Monitor. Dr. Dobb's Journal, November, 1994. WALDBUSSER, S. Remote Network Monitoring Management Information Base. RFCI271, November, 1991. ROSE, Marshall T. The Simple Book An Introduction to Management of TCP/IP based Internets. 347p. Prentice-Hall: USA, 1991. BOGGS, D.R, MOGUL, J.C., KENT, C.A. Measured Capacity of an Ethernet: Myths and Reality. WRL Research Report 88/4, Digital Westem Research Laboratory, Palo Alto, CA, USA, 1988. RUBIN, I. Traffic and Performance Management of High Speed Nefworks. ISINM'95, Fourth IFIPhEEE Intemational Symposium on Integrated Network Management, Tutorial 6, may, 1995. GOLDSZMIDT, G; YEMMI, Y. Evaluation Management Decisions via Delegation. IEEE/IFIP Intemational Symposium on Network Mbagement, April, 1993. COMER, Douglas E. Internetworking With TCP/IP Principles, Protocols and Architecture. vol I , 381 p. PrenticeHall International, Inc. : USA, 1988. Sun Microsystems Inc. SunNet Manager - Tutorial - How Write an Agent. USA, 1989 SunConnect. SunNet Manager 2.2.Programmer's Guide. USA, 1993. SunConnect. SunNet Manager 2.2.Reference Manual. USA, 1993.

19