[Search] [txt|pdf|bibtex] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02                                                      
Internet Draft    Distributed Management Framework      Aug, 1998


               Distributed Management Framework
             <draft-ietf-disman-framework-02.txt>

                       August 23, 1998


                           Authors:

                         Andy Bierman
                        Cisco Systems
                      abierman@cisco.com

                         Maria Greene
                         Ascom Nexion
                       greene@nexen.com

                         Bob Stewart
                        Cisco Systems
                      bstewart@cisco.com

                       Steve Waldbusser
             International Network Services (INS)
                      waldbusser@ins.com






1.  Status of this Memo

This document is an Internet-Draft.  Internet-Drafts are
working documents of the Internet Engineering Task Force
(IETF), its areas, and its working groups.  Note that other
groups may also distribute working documents as Internet-
Drafts.

Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time.  It is inappropriate to use Internet-
Drafts as reference material or to cite them other than as
"work in progress."

To view the entire list of current Internet-Drafts, please
check the "1id-abstracts.txt" listing contained in the





Disman Team          Expires Feb, 1999               [Page 1]


Internet Draft    Distributed Management Framework      Aug, 1998


Internet-Drafts Shadow Directories on ftp.is.co.za (Africa),
ftp.nordu.net (Northern Europe), ftp.nis.garr.it (Southern
Europe), munnari.oz.au (Pacific Rim), ftp.ietf.org (US East
Coast), or ftp.isi.edu (US West Coast).


2.  Abstract

This memo defines a distributed management architecture for
use with the SNMP network management architecture.

This memo does not specify a standard for the Internet
community.





































Disman Team          Expires Feb, 1999               [Page 2]


Internet Draft    Distributed Management Framework      Aug, 1998


3.  Overview

Distributed Management is the delegation of control from one
management station to another. While the SNMP Network
Management Framework does not specifically address distributed
management, this function is desired and has been implemented
and deployed in the internet using proprietary architectures.
It is desired that there be a standard upon which to promote
interoperability, as well as a common framework upon which
various systems can be built.

The goals of distributed management are:

  o Scalability through Distribution
    In order to build network management systems that have the
    power to manage very large networks, it is important to
    reduce bottlenecks in the management system. Therefore, a
    distributed systems approach is often helpful when
    building large management systems. A distributed approach
    is often very effective at reducing load on the central
    management station, and may be effective at reducing the
    load that the central management station places on
    backbone networks. However, a distributed approach usually
    has no benefit in reducing load on remote networks and has
    no benefit in reducing load on management agents. Further,
    in a distributed data collection architecture, if all data
    collected is eventually forwarded to the central
    management station (without aggregation or compression),
    then no benefit in backbone load or central management
    station load should be expected (except perhaps to time-
    shift this load to a time of excess capacity, at the
    expense of a lack of timeliness of data.

  o Disconnected or Low-Bandwidth Operation
    There are sometimes conditions when a management station
    will not be in constant contact with all portions of the
    managed network. This is sometimes by design in an attempt
    to lower communications costs (especially when
    communicating over a WAN or dialup link), or by accident
    as network failures affect the communications between the
    management station and portions of the managed network.

    For this reason, a distributed management station will be
    configured to perform network management functions, even
    when communication with the management station may not be





Disman Team          Expires Feb, 1999               [Page 3]


Internet Draft    Distributed Management Framework      Aug, 1998


    possible or efficient.  The distributed management station
    may then attempt to notify the management station when an
    exceptional condition occurs.  Thus, even in circumstances
    where communication with the distributed management
    station is not continuous, network management operations
    may run continuously, communicating with the management
    station conveniently and efficiently, on an as-needed
    basis.

  o Mirroring organization boundaries and processes
    Business organizations are typically set up in a
    hierarchical fashion. Multiple people in the hierarchy
    have different roles, responsibilites, and authority. The
    network management system often has to be configured to
    match this organization. Distributed network managers can
    be set up in a hierarchy that matches the roles of various
    people in the organization.

  o Promotes a modular system architecture
    A modular system architecture allows flexibility and re-
    usability of network management components. This also
    enables a multi-vendor approach to building management
    systems. A distributed network management system with
    well-defined interfaces creates this modular scheme.

    This document defines an architectural framework for
    standards-based distributed management


4.  Relationship to the SNMP Management Framework

A distributed network management station is a management
station that receives requests from another manager and
executes those requests by performing management operations on
agents or other managers. Note that these requests may take a
long time to execute, and may be registered indefinitely. This
framework uses the services of the SNMP Management Framework.

4.1.  The SNMP Management Framework

The SNMP Management Framework presently consists of five major
components:

    o   An overall architecture, described in RFC 2271 [1].






Disman Team          Expires Feb, 1999               [Page 4]


Internet Draft    Distributed Management Framework      Aug, 1998


    o   Mechanisms for describing and naming objects and
        events for the purpose of management. The first
        version of this Structure of Management Information
        (SMI) is called SMIv1 and described in RFC 1155 [2],
        RFC 1212 [3] and RFC 1215 [4]. The second version,
        called SMIv2, is described in RFC 1902 [5], RFC 1903
        [6] and RFC 1904 [7].

    o   Message protocols for transferring management
        information. The first version of the SNMP message
        protocol is called SNMPv1 and described in RFC 1157
        [8]. A second version of the SNMP message protocol,
        which is not an Internet standards track protocol, is
        called SNMPv2c and described in RFC 1901 [9] and RFC
        1906 [10]. The third version of the message protocol
        is called SNMPv3 and described in RFC 1906 [10], RFC
        2272 [11] and RFC 2274 [12].

    o   Protocol operations for accessing management
        information. The first set of protocol operations and
        associated PDU formats is described in RFC 1157 [8]. A
        second set of protocol operations and associated PDU
        formats is described in RFC 1905 [13].

    o   A set of fundamental applications described in RFC
        2273 [14] and the view-based access control mechanism
        described in RFC 2275 [15].  Managed objects are
        accessed via a virtual information store, termed the
        Management Information Base or MIB.  Objects in the
        MIB are defined using the mechanisms defined in the
        SMI.  This memo specifies a MIB module that is
        compliant to the SMIv2. A MIB conforming to the SMIv1
        can be produced through the appropriate translations.
        The resulting translated MIB must be semantically
        equivalent, except where objects or events are omitted
        because no translation is possible (use of Counter64).
        Some machine readable information in SMIv2 will be
        converted into textual descriptions in SMIv1 during
        the translation process. However, this loss of machine
        readable information is not considered to change the
        semantics of the MIB.









Disman Team          Expires Feb, 1999               [Page 5]


Internet Draft    Distributed Management Framework      Aug, 1998


5.  Distributed Management Framework

The distributed management framework consists of applications
and services.

A distributed management application performs some management
function, often by monitoring and controlling managed
elements. These applications perform functions such as
threshold polling, historical data polling, or discovery.  The
specifications and communications protocols of some of these
applications will be defined by standards, while others will
be enterprise specific.

Distributed management services are a collection of services
that make up the run-time environment for the distributed
management application. These services are crucial to ensuring
the usability, scalability, and efficiency of the distributed
management applications that depend on them. Some of these
services are mandatory, while others are optional. Further,
even the mandatory services allow varying depths of support,
as described further, below.

Each of these services is made available through a MIB
interface.

The purpose of these services is to provide true enterprise
management that allows distributed management functions to be
used on an enterprise-wide basis without undue amounts of
administrative difficulty. These services also make a set of
applications more efficient because the service can perform
functions or store information once for all applications on
the local system. Further, less work is required to be put
into writing the application because some of the core
functions are performed elsewhere.


5.1.  Known Systems

The Known Systems service provides a list of all systems which
the distributed management system knows about and is prepared
to perform management operations upon. This list may be
populated by a continuously-running auto-discovery process, it
may be populated with SNMP SET requests, or it may be a static
list dictated by the system.






Disman Team          Expires Feb, 1999               [Page 6]


Internet Draft    Distributed Management Framework      Aug, 1998


This service also stores type and attribute information for
each of the known systems.

The purpose of this service is to allow a management
application to be executed on a list of systems so that true
enterprise management is possible rather than more ad-hoc
management functions. Further, the targets of management
applications can be configured separately from the
applications to reduce administrative burden as the list of
known systems changes.

An example of a known systems list is a list of all systems at
a site discovered by the autodiscovery module, along with
various addressing, type, and attribute information for each.


5.2.  Management Domains

The Management Domains service provides a list of known
systems which is a subset of the entire list of known systems.
The subset is defined by a rule, or filter, which selects only
the known systems that match or those that don't match certain
criteria.

These domains are multiple, potentially overlapping, sets of
devices based on (human) organizational boundaries that define
the extents over which management operations should be
performed.

The purpose of this service is to allow a management
application to be executed on a list of known systems within a
particular domain.  Further, as the domains change over time,
the application will automatically be kept up to date and will
only monitor the correct systems.

An example of a management domain is the subset of all known
systems that is on the engineering LAN.


5.3.  Management Operations Targets

The Management Operations Targets service provides a list of
known systems in a set of domains that match certain criteria
that indicate that it makes sense to perform a particular
management function on them.





Disman Team          Expires Feb, 1999               [Page 7]


Internet Draft    Distributed Management Framework      Aug, 1998


The purpose of this service is to direct management operations
to be performance only on those systems where that operation
would make sense. Because this is described as a filter, there
are no static configuration requirements that would be
unacceptable in a dynamically changing network environment.

An example of a management operation target list is the subset
of all known routers on the engineering LAN.

5.4.  Credential Delegation

The Credential Delegation Service allows credentials of a
network management user to be delegated to a distributed
management application so that it can perform secure
operations on behalf of that user.

Fundamental to this distributed management architecture is the
notion that distributed management operations must not run
with the credentials of the distributed manager. To do so
would require that the authorization of these credentials (or
subsets of this authorization) would need to be apportioned to
users of that distributed manager in a pre-defined and secure
way. This would require the creation of a access control
architecture mirroring the SNMP View-Based Access Control
architecture that would control what subsets of authority are
available to what users. The existing View-Based Access
Control mechanism was not designed for this task and is not
appropriate. Further, it would require that the distributed
manager be configured in a way that was consistent with the
access control policy embodied in the managed systems. This
would be extremely problematic because:

  1. This would require a massive amount of configuration to
  be replicated on the distributed manager

  2. If any part of this configuration on the distributed
  manager is inconsistent with that on the managed systems, a
  security hole could be exposed.

Because it is assumed that the distributed manager adds no
credentials to management operations, when a manager wishes to
configure a distributed manager to perform secure transactions
on its behalf, it must download to the distributed manager the
appropriate credentials to be placed in secure SNMP messages,
identifying them as the manager.  A credential contains at





Disman Team          Expires Feb, 1999               [Page 8]


Internet Draft    Distributed Management Framework      Aug, 1998


least the securityModel, securityName, securityLevel,
authentication and privacy keys, and an indication of which
management targets the credential should be used for.

5.4.1.  Definitions

-----------           ---------------              --------------
|         |           |             |              |            |
| Manager |---------->| Distributed |------------->| Management |
|         |  Disman   |   Manager   |    Target    |   Target   |
|         |   User    |             |     User     |            |
|         |           |             |   Identity   |            |
|         |           |             |              |            |
-----------           ---------------              --------------

  1. Disman User - The user whose credentials are used to
  configure the distributed manager for an operation and to
  download credentials for that operation. There is no
  relationship implied between the disman user and the
  user(s) who's credentials are installed (in other words,
  "joe" can install credentials for "ops-center-east" as
  well as "joe").

  2. Target User Identity - The user identity used in SNMP
  messages between the distributed manager and management
  targets.

  3. Credential - The set of secrets that are transferred
  to the distributed manager giving it the authority to act
  as an identity.

  4. Owner - The disman user who sets up a distributed
  management function, including the credentials for the
  function.

  5. Invoker - The user who invokes a previously setup
  distributed management function. The owner may choose to
  allow others to invoke a function, potentially allowing
  that function to operate with the owner's credentials (of
  course the owner would want to tightly constrain what the
  function was configured to perform).

  6. Invokation Identity - The identity of the credentials
  a function is operating with. These may be of the owner,
  of the invoker, or possibly the union of both





Disman Team          Expires Feb, 1999               [Page 9]


Internet Draft    Distributed Management Framework      Aug, 1998


  credentials.

Because multiple Disman Users will have access to a
Distributed Manager, the Credential Delegation Service will be
responsible for ensuring that credentials are only used by
authorized users. The Credential Delegation Service will
include:

  1. Credential Store - a MIB in which to transfer and
  store credentials

  2. MIB prototype - a prototype MIB fragment that will be
  added to disman functions that wish to use the Credential
  Store

  3. Access Control Policy - a policy for configuration of
  the VACM MIB for use with the Credential Delegation
  Service. This will limit access to the credential store.


5.5.  Delegation Control

The Delegation Control Service provides functions that limit
the resource usage of a distributed management application
that has had control delegated to it.

Network management applications are often responsible for
adding stress on the network and causing problems. Examples
are excessive polling load on slow-speed networks or on router
CPUs. This problem will become even more dangerous when
network management functions are delegated to distributed
management stations.

Policies need to be configured that limit average and burst
polling, notification, and broadcast rates.  These rates may
be defined for the sending system as a whole, per end node, or
per management application on the sending system.

It is also important to have a "Deadman's switch" so that
delegated applications will not continue indefinitely if their
"sponsor" has forgotten about them.









Disman Team          Expires Feb, 1999              [Page 10]


Internet Draft    Distributed Management Framework      Aug, 1998


5.6.  Scheduling

The Scheduling Service allows the execution of distributed
management applications to be controlled so that they run at a
particular time, periodically, or based on the occurance of
another event.

5.7.  Reliable Notification

The Reliable Notification Service provides services that
ensure that notifications are received correctly.

For example, all the information that describes an event may
not fit within a single PDU, so an eventID varbind is defined
that associates multiple PDU's as describing the same event.
It is also necessary to know if the entire notification has
been received or if more PDU's are still outstanding.

Further, a receiving management station must be given more
information so that it can distinguish duplicated inform PDU's
because events are not idempotent. No rule makes it mandatory
for the requestID to be unique for all PDUs sent from a
system.

In addition, a logging mechanism provides for retrieval of
notifications after a communications failure.

5.8.  Notification Destinations

The Notification Destination Service provides services for
configuring destinations for notifications.

When management functions are delegated and MLMs are given the
autonomy to generate notifications, they need to be configured
as to where the notifications should be sent.  Additionally,
retry counts and numbers need to be configured. Average and
burst notification rates need to be defined.

6.  Acknowledgments

This document was produced by the IETF Distributed Network
Management Working Group.








Disman Team          Expires Feb, 1999              [Page 11]


Internet Draft    Distributed Management Framework      Aug, 1998


7.  References

[1]  Harrington, D., Presuhn, R., and B. Wijnen, "An
     Architecture for Describing SNMP Management Frameworks",
     RFC 2271, Cabletron Systems, Inc., BMC Software, Inc.,
     IBM T. J. Watson Research, January 1998

[2]  Rose, M., and K. McCloghrie, "Structure and
     Identification of Management Information for TCP/IP-based
     Internets", RFC 1155, Performance Systems International,
     Hughes LAN Systems, May 1990

[3]  Rose, M., and K. McCloghrie, "Concise MIB Definitions",
     RFC 1212, Performance Systems International, Hughes LAN
     Systems, March 1991

[4]  M. Rose, "A Convention for Defining Traps for use with
     the SNMP", RFC 1215, Performance Systems International,
     March 1991

[5]  Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
     "Structure of Management Information for Version 2 of the
     Simple Network Management Protocol (SNMPv2)", RFC 1902,
     SNMP Research,Inc., Cisco Systems, Inc., Dover Beach
     Consulting, Inc., International Network Services, January
     1996.

[6]  Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
     "Textual Conventions for Version 2 of the Simple Network
     Management Protocol (SNMPv2)", RFC 1903, SNMP Research,
     Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc.,
     International Network Services, January 1996.

[7]  Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
     "Conformance Statements for Version 2 of the Simple
     Network Management Protocol (SNMPv2)", RFC 1904, SNMP
     Research, Inc., Cisco Systems, Inc., Dover Beach
     Consulting, Inc., International Network Services, January
     1996.

[8]  Case, J., Fedor, M., Schoffstall, M., and J. Davin,
     "Simple Network Management Protocol", RFC 1157, SNMP
     Research, Performance Systems International, Performance
     Systems International, MIT Laboratory for Computer
     Science, May 1990.





Disman Team          Expires Feb, 1999              [Page 12]


Internet Draft    Distributed Management Framework      Aug, 1998


[9]  Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
     "Introduction to Community-based SNMPv2", RFC 1901, SNMP
     Research, Inc., Cisco Systems, Inc., Dover Beach
     Consulting, Inc., International Network Services, January
     1996.

[10] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
     "Transport Mappings for Version 2 of the Simple Network
     Management Protocol (SNMPv2)", RFC 1906, SNMP Research,
     Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc.,
     International Network Services, January 1996.

[11] Case, J., Harrington D., Presuhn R., and B. Wijnen,
     "Message Processing and Dispatching for the Simple
     Network Management Protocol (SNMP)", RFC 2272, SNMP
     Research, Inc., Cabletron Systems, Inc., BMC Software,
     Inc., IBM T. J. Watson Research, January 1998.

[12] Blumenthal, U., and B. Wijnen, "User-based Security Model
     (USM) for version 3 of the Simple Network Management
     Protocol (SNMPv3)", RFC 2274, IBM T. J. Watson Research,
     January 1998.

[13] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
     "Protocol Operations for Version 2 of the Simple Network
     Management Protocol (SNMPv2)", RFC 1905, SNMP Research,
     Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc.,
     International Network Services, January 1996.

[14] Levi, D., Meyer, P., and B. Stewart, "SNMPv3
     Applications", RFC 2273, SNMP Research, Inc., Secure
     Computing Corporation, Cisco Systems, January 1998

[15] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based
     Access Control Model (VACM) for the Simple Network
     Management Protocol (SNMP)", RFC 2275, IBM T. J. Watson
     Research, BMC Software, Inc., Cisco Systems, Inc.,
     January 1998












Disman Team          Expires Feb, 1999              [Page 13]


Internet Draft    Distributed Management Framework      Aug, 1998


Table of Contents


1 Status of this Memo ...................................    1
2 Abstract ..............................................    2
3 Overview ..............................................    3
4 Relationship to the SNMP Management Framework .........    4
4.1 The SNMP Management Framework .......................    4
5 Distributed Management Framework ......................    6
5.1 Known Systems .......................................    6
5.2 Management Domains ..................................    7
5.3 Management Operations Targets .......................    7
5.4 Credential Delegation ...............................    8
5.4.1 Definitions .......................................    9
5.5 Delegation Control ..................................   10
5.6 Scheduling ..........................................   11
5.7 Reliable Notification ...............................   11
5.8 Notification Destinations ...........................   11
6 Acknowledgments .......................................   11
7 References ............................................   12






























Disman Team          Expires Feb, 1999              [Page 14]