网络拓扑论述(snmp版本).doc

第16页毕业设计（论文）译文专用纸网络拓扑发现snmp摘 要随着计算机网络技术的发展和lnternet在全世界范围内的普及，计算机网络作为信息社会的基础设施已应用到政府部门、商业、军事、教育等社会各领域。当前计算机网络的发展特点是：网络规模不断扩大，复杂性不断增加，网络的异构性也越来越高。在现有的技术条件下，人们希望有一个更加稳定可靠的网络环境，计算机网络管理系统就是应这样的需求而产生的。它对网络上的各种设备进行管理，通过监视和控制这些设备，及时地向管理人员报告网络状态，并且简化网络故障的处理，减少故障造成的损失，提高网络的服务质量和效率 1。一个好的网络管理系统首先需要掌握整个被管网络的拓扑结构。网络的配置管理是发现和配置网络中对网络管理有意义的设备的过程，而网络的自动拓扑发现规则是配置管理的核心，是故障和性能管理的基础，同时它也是衡量一个商业网管系统成败的重要尺度。因此，拓扑发现算法的设计在整个网管系统的开发中有着举足轻重的地位。网络拓扑发现技术是利用网管协议或网络提供的可用工具，通过拓扑算法，发现网络中路由器、交换机及主机之间的连接关系，并且以图形的方式直观地显示出来，同时还要尽量减小发现网络设备和显示设备拓扑图的运行代价2。为了发现更加详细的网络拓扑结构，网络的多层自动拓扑发现是必不可少的，业界通常把网络自动拓扑发现分为两部分，即IP管理域内网络层拓扑发现和数据链路层拓扑发现，本文将详细地介绍网络拓扑自动发现算法。1. 拓扑发现算法的相关协议简介1.1 SNMP(Simple Network ManagementProtocol，简单网络管理协议)由于SNMP的简单和易于实现的特点，该管理协议已经成为目前应用最为广泛和最为流行的网络管理协议，也成为了事实上的标准3。它的设计目的是使网络管理站能够有效而简单地监视和控制网络设备，它由管理者、管理信息库(MIB)、代理(Agent)以及被管对象4部分组成，SNMP的体系结构见图1。图1 SNMP协议工作原理1. 管理者 是一段执行用户管理功能的程序代码，通过SNMP相关原语，向代理发送命令请求获取被管设备上的各种状态信息。2. 管理信息库(MIB) 位于被管设备上，是一个守护线程，负责收集、整理和维护被管设备的各种状态信息，这些信息存放在管理信息库中。此外，它还负责收到管理者发送的请求并向管理者发送对应的响应报文。3. 代理(Agent) 驻留在各种被管对象中的软件，维护本地的MIB信息，接受由管理站发来的MIB变量存取请求报文，经过身份检验后向管理站回送响应报文，这种响应报文包括管理站要求存取的MIB变量值或者是相应错误信息。4. 被管对象 就是被管理的各种物理设备的属性特征。SNMP规定了5种协议数据单元PDU4，用来在管理进程和代理之间的交换。agetrequest操作：从代理进程处提取一个或多个参数值。bget-nextrequest操作：从代理进程处提取紧跟当前参数值的下一个参数值。csetrequest操作：设置代理进程的一个或多个参数值。dgetresponse操作：返回的一个或多个参数值。这个操作是由代理进程发出的，它是前面三种操作的响应操作。etrap操作：代理进程主动发出的报文，通知管理进程有某些事情发生。12 ICMP(Internet Control Message Protocol，网际控制报文协议)基于TCP/IP协议的网络设备几乎都支持所有的ICMP协议，该协议允许主机或路由器报告差错情况和提供有关异常情况的报告。ICMP报文的类型很多，本算法中仅用到2种报文 回应请求报文或回应应答报文，如果对一个网段内所有可能的IP地址依次执行“Ping”操作，根据应答就可以发现该网段内所有当前活动的设备，然后对“Ping”通过的IP地址逐一执行“Tracert”操作，就可发现子网内的活动主机信息，从而得到子网内部的拓扑情况。2. 算法描述本算法采用网络主干和子网的层次发现策略，将网络拓扑发现分成两个层次并采用不同的拓扑发现方法。第一层次用于发现主干网内的路由器以及它们的接口和子网的连接关系，采用基于SNMP协议的网络拓扑发现方法，通过遍历路由表来实现主干拓扑的自动发现；第二层次用于发现子网内存活主机的相关信息，采用基于ICMP协议的网络拓扑发现方法，通过ICMP协议的“Ping”操作来发现子网中的主机。21 主干网拓扑的获取算法通过使用SNMP来访问被管设备中的MIB，以此来发现设备信息以及它们之间的联系。凡是支持SNMP的设备可认为是一级网络设备，其余的则是主机设备。设计路由发现算法时，采用了类似于广度优先搜索的算法。这里主要用到了三条链表：待检路由设备网关链表、已检路由设备网关信息链表、子网信息链表。这需要从路由设备返回的应答数据包解析出每条记录中的路由相关信息，如表l所示。表1 需解析出的路由相关信息MIB对象功能描述对应的OIDipRouteIfIndex网关的接口号.1.1.2ipRouteNextHop下一跳网关的IP地址.1.1.8ipRouteType路由类型Direct(3):路由到直连子网Indirect(4):路由到一非本地主机、网络或子网.1.1.8ipRouteMask网段的子网掩码.1.1.11ipAdEntAddr网关的IP地址.0.1.1ifDescr接口的描述(指定了VLAN号)..1.2用SNMP读取人口设备的IP路由表，并存入数据库，然后再从数据库中读取下一路由地址字段，通过循环且不重复地从数据库中读取下一路由地址字段便可实现对树的层次遍历。具体算法描述如下：初始化待访问路由器队列，初始化已访问路由器队列；把缺省路由器的标志IP放人待访问路由器的队列中；while(待访问的路由器队列不为空时)从待访问的路由器队列中取出一个路由器，为CurrentRouter；if(CurrentRouter加入到已访问路由器队列成功)初始化与本地相连的路由器队列和本地相连的子网队列；访问CurrentRouter路由表；(if(ipRouteType= =indirect(4)把路由表中的各ipRouteNextHop不重复地放到与本地相连的路由器队列中；if(ipRouteType=direct(3)把ipRouteDest和ipRouteMask不重复地放到与本地相连的子网队列中；然后访问CurrentRouter中的ipAdEntAddr和ipAdEntNetMask，并把它们不重复地放到与本地相连的子网队列中；遍历与本地相连的路由器队列中的每个路由器，将其标志IP放到待访问的路由器队列；)elseif(CurrentR0uter属于已访问路由器队列)break；22 子网拓扑发现算法子网拓扑发现主要利用的是ICMP协议来实现嘲由于很多主机为了安全性会考虑关闭Ping响应功能，有些主机甚至为了防止一些其他类型的ICMP攻击而拒绝处理所有来自外部的ICMP数据包(许多防火墙在默认情况下都启用了ICMP过滤的能)，但它们一般不会关闭本机对其他机器的Ping探测，也不会阻止自身对外发出ICMP错误汇报。因此，如果对一台活动主机发送UDP信包，指定与该主机的一未开启端口进行通信，无论此目的主机是否设置了ICMP过滤，它都会返回一条目的端口不可达的ICMP错误消息(Type=3，Code=3)，通知源主机通信不成功，源主机收到该ICMP响应后就可以知道目的主机是活动的，只有目的主机处于关闭状态，才不会有任何ICMP错误消息返回。主要采用以下几步实现： 确定该子网的网关、子网地址和子网掩码，子网地址通过对IP和Mask进行“与”操作获得； 通过网关的地址获得子网的类型； 通过子网地址和子网掩码获得该子网的机器数和可能存在的IP地址的范围； 向该子网内所有可能存在的IP地址对应的主机发送UDP信包，并指定一个冷僻的端口号(如4320)，将所有返回了Type一3，Code一3的ICMP消息的主机IP地址键入子网信息链表中当前节点的主机链表。在给定的子网中，对这个区间的IP地址进行多线程Ping操作，将检测到的IP地址记录到IP地址表中。3. 总结和将来的工作拓扑结构的自动发现一直是网络管理中重要的手段和工具，设计和开发一个有效且实用的网络拓扑发现工具也是网络管理系统开发中一个重要且难度比较大的部分，它涉及到很多网络通信协议的细节和具体实现。本文详细讨论了怎样利用SNMP来实现网络拓扑结构的自动发现，介绍了该拓扑发现算法的主要流程，同时还对实现过程中需要实现的一些关键技术进行了详细分析。作为一个完整的网络拓扑发现算法，还应该要考虑网络中存在多子网6和VLAN的情形，这些因素的介人使网络拓扑发现变为一个越来越复杂的问题，这些问题都是后续工作的主要内容。4. 参考文献1 Vaughan-Nichols S J. Mobile IPv6 and the Future of Wireless Internet AccessJ. Computer, 2003, 36 (2):18-20 2. J.D.Case, M. Fedor, M. Schoffstall, J.Davin, RFC 1157, “A Simple Network Management Protocol(SNMP),” 1990.53. K. McCloghrie, M. Rose, RFC 1213, “Management Information Base for Network Management of TCP/IP-based internets: MIB-II,” 1991.34. Glenn Mansfield, M. Ouchi, K.Jayanthi. el. “Techniques for automated Network Map Generation using SNMP” IEEE INFOCOM, 1996. pp.473-4805. Hwa-Chun Lin, Hsin_Liang Lai, Shou-Chuan Lai, “Automatic Link layer Topology Discovery of IP Networks” IEEE, 19996. E.Decker, RFC 1493: Definitions of Managed Objects for Bridges /rfcs/rfc1493.html, 1993.7原文The research of network topology discovery algorithm Deng-Guo Feng Science and Technology Press, September 2009 ABSTRACTAlong with the development of the computer network technology and lnternet worldwide, computer network as the popularity of information society infrastructure has applied to the government, business, military, education and other social fields. The current development of computer networks features are: network scale unceasingly expands, the complexity increases, heterogeneous network is also higher and higher . on the existing technology conditions, people want to have a more stable and reliable network environment, the computer network management system is the result of demand. It has all sorts of equipment for network management, through monitoring and controlling these devices, timely report to management personnel the network state and simplify handling of network fault, reducing the loss caused by fault, increasing the network service quality and efficiency 1.A good network management system first needs to master the whole topology of the network. Network configuration management is found and configuration network to network management meaningful equipment process, and the network topology discovery rules is the automatic core configuration management, is the basis of fault and performance management, also it is the measure of a commercial network management system of the important measure success or failure. Therefore, the design of topology discovery algorithm in the whole development of network management system plays a vital role. Network topology discovery technology USES net agreement or networks offer usable tool, through the topological algorithm, found network routers, switches and host and connections between the way by graphical display intuitively, while also minimize found network equipment and display devices running costs 2.In order to find more detailed network topology structure, network topology discovery of multi-layer automatic is necessary, the industry usually put topology discovery network automatically into two parts, namely IP management domain topology discovery and network layer data link layer topology discovery, this article will detail network topology automatically find algorithm.1. The agreement, topology discovery algorithm profile1.1 SNMP (Simple Management Protocol, a Simple Network management protocol)Because of the simplicity and easy realization of SNMP, the management agreement has become the most widely used and most popular network management protocols, it also become the DE facto standard 3. Its purpose is to make the design of the data which can be effective and simple network to monitor and control network equipment, it consists of managers, management information base (MIB), agents (Agent) and the object composed of four, SNMP architecture (see figure 1.Figure 1 SNMP protocol working principle1. Managers - is a section of executing user management functions the program code, through the original language, to related SNMP agent by sending command request access on the various equipment of state information.2. The database of management information (MIB) - located in the (pipe facilities, is a daemon thread responsible for collecting, sorting and maintenance of equipment by tube of state information, the information stored in database management. In addition, it is also responsible for receiving and sending requests to managers sent the corresponding response message managers.3. Agency (Agent) - lives in various of software, maintenance tube object local MIB information, accept MIB variables by the data access requests from the message, after identity to send data back inspection message, this response response of the data message including MIB variable value requires access or corresponding error messages.4. The object of management - is various physical equipment attributes. Five kinds of provisions SNMP protocol data unit units = PDU4, used in management process and agent of exchange between.Athe operation of get - request : from acting process place extraction one or more parameter values.B. the operation of get next -request : in the current parameters extracted follows a parameter values.C. the operation of get - request : set agent process one or more parameter values.D. the operation of get-response: return to one or more of the parameter values. The operation is issued by the agency, it is the process of three operating response operation.E. the operation of trap:agency process a message, notify voluntarily administration process theres something happening.1.2 ICMP Protocol, macro Control (Internet Internet Control Message Protocol)Based on TCP/IP protocol network equipment almost support all the ICMP protocol, this agreement allow host or router report the situations and provide relevant mistake the abnormal situation report. ICMP messages type many, this algorithm is used only in response to request two message - a message or respond to a message, if response network segment of all possible IP address within executing in sequence the Ping operation, according to response can find this segment of the current activity within all of devices, and the IP address of the Ping through one Tracert operation performed can be found.2. Algorithm describedThe algorithm utilizes network backbone and the hierarchical found strategy, putting subnet network topology discovery into two levels and using different topology discovery methods.The first level for discovery backbone routers and their within the interface and subnet connections, based on SNMP protocol network topology discovery methods, through traversal routing tables to realize the automatic found; trunk topologyThe second level for discovery subnet information related to live within the host based on ICMP protocol network topology discovery methods, through the ICMP protocol Ping operation to find out the host. 2.1 backbone topological acquisition algorithmBy using SNMP to access the MIB pipe facilities, in order to find out equipment information and the relations among them. All the equipment can think and support SNMP is first-order network equipment, the rest is to host equipment. Design mute discovery algorithm, using a similar to breadth first search algorithm. list, sub Here basically use the three linked list: waiting list, routing equipment gateway already inspection routing equipment gateway information net information list. This requires the response from routing equipment returns to resolve the each road record packets of routing information, such as table l.3.Table 1 need to resolve the routing informationMIB objectThe description of functionOIDipRouteIfIndexThe port of gateway.1.1.2ipRouteNextHopThe ip of next hop .1.1.8ipRouteTypeThe type of routeDirect(3): Routing to straight lotus seed netsIndirect(4): Route to a non local host network or subnet.1.1.8ipRouteMaskSegment of the subnet mask.1.1.11ipAdEntAddrThe ip of gateway.0.1.1ifDescrThe description of the interfaces (specifies the VLAN number..1.2Using SNMP to read IP routing table of population equipment, and deposited in the database, and then read from the database, next routing address field by cyclic and not repeated next read from the database can be realized routing address field of tree level traversal. Specific algorithm are described below:Initialize stay access routers queue, initialization has accessed routers queues; The default routers mark IP put people stay access routers in the queue;While (the queue of visiting router not null)The router to visit from the queue for Current Router removed a router,;If (Current Router join has access routers queue success)Initialize local connected with the router queue and local connected subnet queues;Visit Current Router routing table;(If (Route Type (.1.1.8) = = indirect (4)In the routing table Route NextHop not repeatedly on each with local connected router queue;If (Route Type (.1.1.8) = = direct (3)The ipRoute Dest and ipRouteMask not repeatedly on and local connected subnet queue; Then the CurrentRouter ipAdEntAddr and visitIpAdEntNetMask, and put them not repeatedly on and local connected subnet queue;Traverse and local connected router in a queue, will the logo for each router to access router IP in queues;)CurrentR0uter belong to elseif (already access routers queue)The;2.2 The algorithm of subnet topology discovery The main advantage of subnet topology discovery ICMP protocol is to be realized. Because a lot of host to mockery and security will consider closing the Ping response function, some host even in order to prevent some other types of ICMP attack and refuse to handle all the ICMP packets from external (many firewall by default enable ICMP filtering all can), but they are generally not shut down the machine to other machines, also wont stop Ping detection of foreign report issued ICMP mistake itself. Therefore, if a activities machine to send letter bag, the designated and UDP a untapped the host, whether this communication port to set the ICMP whether its destination, it will return a filter of the port unreachable entries ICMP error messages (Type = 3, Code = 3), notify the source host communication is not successful, source host received after the ICMP response can know purpose of host is only purpose host activities in full close state, it wont have any ICMP error messages back.Mainly adopts the following steps to achieve:1. Sure the subnet gateway, subnet addresses and subnet Mask, subnet addresses for IP and goes through and operation obtain;2. Through the gateway address get subnet type;3. Through the subnet addresses and subnet mask get this subnet machine number and the possible existence of IP address range;4. To this subnet all possible within the IP address of the corresponding machine to send UDP packets, and appoint letter a little-used socket (such as 423), will all returned to Type a 3, Code a 3 ICMP messages of the hosts IP address Type subnet information list hosts of the current node list.5. In a given in this interval subnet the IP address for multi-threaded Ping operation and will detect IP address records to IP address list.4. CONCLUSIONS AN