Automation of Discovering of an Enterprise Networks - - PowerPoint PPT Presentation

automation of discovering of an enterprise network s ict
SMART_READER_LITE
LIVE PREVIEW

Automation of Discovering of an Enterprise Networks - - PowerPoint PPT Presentation

Dec 03, 2022 125 likes •450 views

Advances in Methods of Information and Communication Technology, 2014 Automation of Discovering of an Enterprise Networks ICT-Infrastructure Link Layer Graph Anton Andreev Iurii A. Bogoiavlenskii Aleksandr Kolosov Department of Computer

slide-1
SLIDE 1

Advances in Methods of Information and Communication Technology, 2014

Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph

Anton Andreev Iurii A. Bogoiavlenskii Aleksandr Kolosov Department of Computer Science Petrozavodsk State University

October 21, 2014 Petrozavodsk, Russia

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 1 / 31

slide-2
SLIDE 2

Areas of graph usage

Network modeling and analysis Load simulation Network management and optimization LAN designing Network documentation

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 2 / 31

slide-3
SLIDE 3

Nest

Experimental platform for studying models and methods of ISP network management. IEEE 802 orientation Automatization of network graph discovery Graph visualization Data flows modeling Interface for work with graph structure Describing network with object model SON (Spatial-Organizational-Network)

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 3 / 31

slide-4
SLIDE 4

Tasks

Developing of data link layer graph discovering algorithm Finding a method of representation of VLAN

  • n link layer graph

Implementation of developed algorithm within Nest

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 4 / 31

slide-5
SLIDE 5

Network concept

MIB — Management Information Base.

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 5 / 31

slide-6
SLIDE 6

Network concept

MIB — Management Information Base

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 6 / 31

slide-7
SLIDE 7

Network concept

MIB — Management Information Base

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 7 / 31

slide-8
SLIDE 8

Graph building concept

SNMP - Simple Network Management Protocol

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 8 / 31

slide-9
SLIDE 9

Problem statement

Problem of link layer graph building

Heterogeneity of network devices Lack of common standards Possible inaccessibility of devices

Preferred data configuration

Pairs of device identifiers Addresses, names, numbers of interfaces

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 9 / 31

slide-10
SLIDE 10

Information about VLAN configuration

Demands

Numbers, addresses or names of interfaces VLAN numbers assigned to interfaces

Sources

Q-BRIDGE-MIB : dot1qPortVlanTable CISCO-VTP-MIB : vlanTrunkPortTable IF-MIB : ifStackTable

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 10 / 31

slide-11
SLIDE 11

CDP

Cisco Discovery Protocol, CISCO-CDP-MIB

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 11 / 31

slide-12
SLIDE 12

LLDP

Link Layer Discovery Protocol, IEEE 802.1AB, LLDP-MIB

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 12 / 31

slide-13
SLIDE 13

STP

Spanning Tree Protocol, IEEE 802.1D, BRIDGE-MIB Myung-Hee Son, Bheom-Soon Joo, Byung-Chul Kim, and Jae-Yong Lee. Physical Topology Discovery for Metro Ethernet Networks

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 13 / 31

slide-14
SLIDE 14

AFT

Address Forwarding Tables, BRIDGE-MIB (dot1dTpFdpTable) Hassan Gobjuka and Yuri J. Breitbart. Ethernet Topology Discovery for Networks With Incomplete Information.

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 14 / 31

slide-15
SLIDE 15

Algorithm of link layer graph building

Main idea: sequential use of different data sources Probe the specified network node Retrieve data using SNMP Create objects representing device on graph

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 15 / 31

slide-16
SLIDE 16

Algorithm of link layer graph building

Determine physical addresses of neighbours using STP data Find corresponding network addresses If an IP address of a certain device is not detected then this device is deferred to post-processing

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 16 / 31

slide-17
SLIDE 17

Algorithm of link layer graph building

Determine physical addresses of neighbours using STP data Find corresponding network addresses If an IP address of a certain device is not detected then this device is deferred to post-processing

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 17 / 31

slide-18
SLIDE 18

Algorithm of link layer graph building

Determine remaining connections using CDP data

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 18 / 31

slide-19
SLIDE 19

Algorithm of link layer graph building

Determine remaining connections using LLDP data

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 19 / 31

slide-20
SLIDE 20

Algorithm of link layer graph building

Find attached hosts using AFT

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 20 / 31

slide-21
SLIDE 21

Algorithm of link layer graph building

Create objects for broadcast domains and add interfaces to them

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 21 / 31

slide-22
SLIDE 22

Algorithm of link layer graph building

Handle all postponed devices Create graph objects for all inaccessible devices Put together all broadcast domains that have at least one common interface

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 22 / 31

slide-23
SLIDE 23

Disadvantages of testing in huge networks

Difficulty of checking of the results correctness Increased duration of data retrieving and processing Lack of variety in data forms Absence of control over device configuration Network behavior is unpredictable

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 23 / 31

slide-24
SLIDE 24

Advantages of program experimental environment

Total control ever network configuration Diversity of configuration variants Relatively low cost Absence of external factors Reproducible results

Program tools

Cisco Packet Tracer NetSim GNS3

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 24 / 31

slide-25
SLIDE 25

LLDP lab

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 25 / 31

slide-26
SLIDE 26

LLDP lab

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 26 / 31

slide-27
SLIDE 27

VLAN lab

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 27 / 31

slide-28
SLIDE 28

VLAN lab

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 28 / 31

slide-29
SLIDE 29

Testing results

Network Devices Collecting time, sec. Building time, sec. Nodes PetrSU 9 119 61 1318 GNS3 LLDP 3 5.9 0.9 3 GNS3 VLAN 3 7.1 1.25 7 We can be sure that device is inaccesible with SNMP only after timeout

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 29 / 31

slide-30
SLIDE 30

Results

Complex algorithm of link layer graph discovering (including VLANs) was developed 3 new classes were added to SON 12 new classes were coded in Nest, 15 were changed Added a total of 1254 of new lines of code, including 245 lines of comments Testing of an algorithm was done in PeterSU’s network and in virtual laboratories built with GNS3 The algorithms demonstrated acceptable levels of accuracy and speed

  • f building

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 30 / 31

slide-31
SLIDE 31

Future plans

Search for additional data sources Support of data sources about wireless devices

Thank you for your attention!

andreev@cs.karelia.ru

Anton Andreev Automation of Discovering of an Enterprise Network’s ICT-Infrastructure Link Layer Graph 21.10.2014 31 / 31