1、毕业设计(论文)译文专用纸 第 1 页网络拓扑发现 snmp摘 要随着计算机网络技术的发展和 lnternet 在全世界范围内的普及,计算机网络作为信息社会的基础设施已应用到政府部门、商业、军事、教育等社会各领域。当前计算机网络的发展特点是:网络规模不断扩大,复杂性不断增加,网络的异构性也越来越高。在现有的技术条件下,人们希望有一个更加稳定可靠的网络环境,计算机网络管理系统就是应这样的需求而产生的。它对网络上的各种设备进行管理,通过监视和控制这些设备,及时地向管理人员报告网络状态,并且简化网络故障的处理,减少故障造成的损失,提高网络的服务质量和效率 1。一个好的网络管理系统首先需要掌握整个被管
2、网络的拓扑结构。网络的配置管理是发现和配置网络中对网络管理有意义的设备的过程,而网络的自动拓扑发现规则是配置管理的核心,是故障和性能管理的基础,同时它也是衡量一个商业网管系统成败的重要尺度。因此,拓扑发现算法的设计在整个网管系统的开发中有着举足轻重的地位。网络拓扑发现技术是利用网管协议或网络提供的可用工具,通过拓扑算法,发现网络中路由器、交换机及主机之间的连接关系,并且以图形的方式直观地显示出来,同时还要尽量减小发现网络设备和显示设备拓扑图的运行代价2 。为了发现更加详细的网络拓扑结构,网络的多层自动拓扑发现是必不可少的,业界通常把网络自动拓扑发现分为两部分,即 IP 管理域内网络层拓扑发现和
3、数据链路层拓扑发现,本文将详细地介绍网络拓扑自动发现算法。毕业设计(论文)译文专用纸 第 2 页1.拓扑发现算法的相关协议简介1.1 SNMP(Simple Network ManagementProtocol,简单网络管理协议)由于 SNMP 的简单和易于实现的特点,该管理协议已经成为目前应用最为广泛和最为流行的网络管理协议,也成为了事实上的标准3。它的设计目的是使网络管理站能够有效而简单地监视和控制网络设备,它由管理者、管理信息库(MIB)、代理(Agent)以及被管对象 4 部分组成,SNMP 的体系结构见图 1。图 1 SNMP 协议工作原理1. 管理者 是一段执行用户管理功能的程序代
4、码,通过 SNMP 相关原语,向代理发送命令请求获取被管设备上的各种状态信息。2. 管理信息库(MIB) 位于被管设备上,是一个守护线程,负责收集、整理和维护被管设备的各种状态信息,这些信息存放在管理信息库中。此外,它还负责收到管理者发送的请求并向管理者发送对应的响应报文。3. 代理(Agent) 驻留在各种被管对象中的软件,维护本地的 MIB 信息,接毕业设计(论文)译文专用纸 第 3 页受由管理站发来的 MIB 变量存取请求报文,经过身份检验后向管理站回送响应报文,这种响应报文包括管理站要求存取的 MIB 变量值或者是相应错误信息。4. 被管对象 就是被管理的各种物理设备的属性特征。SNM
5、P 规定了 5 种协议数据单元 PDU4,用来在管理进程和代理之间的交换。agetrequest 操作:从代理进程处提取一个或多个参数值。bget-nextrequest 操作:从代理进程处提取紧跟当前参数值的下一个参数值。csetrequest 操作:设置代理进程的一个或多个参数值。dgetresponse 操作:返回的一个或多个参数值。这个操作是由代理进程发出的,它是前面三种操作的响应操作。etrap 操作:代理进程主动发出的报文,通知管理进程有某些事情发生。12 ICMP(Internet Control Message Protocol,网际控制报文协议)基于 TCP/IP 协议的网络
6、设备几乎都支持所有的 ICMP 协议,该协议允许主机或路由器报告差错情况和提供有关异常情况的报告。ICMP 报文的类型很多,本算法中仅用到 2 种报文 回应请求报文或回应应答报文,如果对一个网段内所有可能的 IP 地址依次执行“Ping”操作,根据应答就可以发现该网段内所有当前活动的设备,然后对“Ping”通过的 IP 地址逐一执行 “Tracert”操作,就可发现子网内的活动主机信息,从而得到子网内部的拓扑情况。2. 算法描述本算法采用网络主干和子网的层次发现策略,将网络拓扑发现分成两个层次并采用不同的拓扑发现方法。第一层次用于发现主干网内的路由器以及它们的接口和子网的连接关系,采毕业设计(
7、论文)译文专用纸 第 4 页用基于 SNMP 协议的网络拓扑发现方法,通过遍历路由表来实现主干拓扑的自动发现;第二层次用于发现子网内存活主机的相关信息,采用基于 ICMP 协议的网络拓扑发现方法,通过 ICMP 协议的“Ping ”操作来发现子网中的主机。21 主干网拓扑的获取算法通过使用 SNMP 来访问被管设备中的 MIB,以此来发现设备信息以及它们之间的联系。凡是支持 SNMP 的设备可认为是一级网络设备,其余的则是主机设备。设计路由发现算法时,采用了类似于广度优先搜索的算法。这里主要用到了三条链表:待检路由设备网关链表、已检路由设备网关信息链表、子网信息链表。这需要从路由设备返回的应答
8、数据包解析出每条记录中的路由相关信息,如表l 所示。表 1 需解析出的路由相关信息MIB 对象 功能描述 对应的 OIDipRouteIfIndex 网关的接口号 1.3.6.1.2.1.4.21.1.2ipRouteNextHop 下一跳网关的 IP 地址 1.3.6.1.2.1.4.21.1.8ipRouteType 路由类型 Direct(3):路由到直连子网Indirect(4):路由到一非本地主机、网络或子网1.3.6.1.2.1.4.21.1.8ipRouteMask 网段的子网掩码 1.3.6.1.2.1.4.21.1.11ipAdEntAddr 网关的 IP 地址 1.3.6.
9、1.2.1.4.20.1.1ifDescr 接口的描述(指定了 1.3.6.1.2.1.2.2.1.2毕业设计(论文)译文专用纸 第 5 页VLAN 号)用 SNMP 读取人口设备的 IP 路由表,并存入数据库,然后再从数据库中读取下一路由地址字段,通过循环且不重复地从数据库中读取下一路由地址字段便可实现对树的层次遍历。具体算法描述如下:初始化待访问路由器队列,初始化已访问路由器队列;把缺省路由器的标志 IP放人待访问路由器的队列中;while(待访问的路由器队列不为空时)从待访问的路由器队列中取出一个路由器,为 CurrentRouter;if(CurrentRouter 加入到已访问路由器
10、队列成功)初始化与本地相连的路由器队列和本地相连的子网队列;访问 CurrentRouter 路由表;(if(ipRouteType(136 12142118)= =indirect(4)把路由表中的各 ipRouteNextHop 不重复地放到与本地相连的路由器队列中;if(ipRouteType(136 12142118)=direct(3)把 ipRouteDest 和 ipRouteMask 不重复地放到与本地相连的子网队列中;然后访问 CurrentRouter 中的 ipAdEntAddr 和ipAdEntNetMask,并把它们不重复地放到与本地相连的子网队列中;遍历与本地相连的
11、路由器队列中的每个路由器,将其标志 IP 放到待访问的路由毕业设计(论文)译文专用纸 第 6 页器队列;)elseif(CurrentR0uter 属于已访问路由器队列 )break;22 子网拓扑发现算法子网拓扑发现主要利用的是 ICMP 协议来实现嘲由于很多主机为了安全性会考虑关闭 Ping 响应功能,有些主机甚至为了防止一些其他类型的 ICMP 攻击而拒绝处理所有来自外部的 ICMP 数据包(许多防火墙在默认情况下都启用了ICMP 过滤的能) ,但它们一般不会关闭本机对其他机器的 Ping 探测,也不会阻止自身对外发出 ICMP 错误汇报。因此,如果对一台活动主机发送 UDP 信包,指定
12、与该主机的一未开启端口进行通信,无论此目的主机是否设置了 ICMP 过滤,它都会返回一条目的端口不可达的 ICMP 错误消息(Type=3 ,Code=3),通知源主机通信不成功,源主机收到该 ICMP 响应后就可以知道目的主机是活动的,只有目的主机处于关闭状态,才不会有任何 ICMP 错误消息返回。主要采用以下几步实现: 确定该子网的网关、子网地址和子网掩码,子网地址通过对 IP 和 Mask 进行“与”操作获得; 通过网关的地址获得子网的类型; 通过子网地址和子网掩码获得该子网的机器数和可能存在的 IP 地址的范围; 向该子网内所有可能存在的 IP 地址对应的主机发送 UDP 信包,并指定
13、一个毕业设计(论文)译文专用纸 第 7 页冷僻的端口号(如 4320),将所有返回了 Type 一 3,Code 一 3 的 ICMP 消息的主机 IP 地址键入子网信息链表中当前节点的主机链表。在给定的子网中,对这个区间的 IP 地址进行多线程 Ping 操作,将检测到的IP 地址记录到 IP 地址表中。3.总结和将来的工作拓扑结构的自动发现一直是网络管理中重要的手段和工具,设计和开发一个有效且实用的网络拓扑发现工具也是网络管理系统开发中一个重要且难度比较大的部分,它涉及到很多网络通信协议的细节和具体实现。本文详细讨论了怎样利用 SNMP 来实现网络拓扑结构的自动发现,介绍了该拓扑发现算法的
14、主要流程,同时还对实现过程中需要实现的一些关键技术进行了详细分析。作为一个完整的网络拓扑发现算法,还应该要考虑网络中存在多子网6和 VLAN 的情形,这些因素的介人使网络拓扑发现变为一个越来越复杂的问题,这些问题都是后续工作的主要内容。4.参考文献1 Vaughan-Nichols S J. Mobile IPv6 and the Future of Wireless Internet AccessJ. Computer, 2003, 36 (2):18-20 2. J.D.Case, M. Fedor, M. Schoffstall, J.Davin, RFC 1157, “A Simple
15、 Network Management Protocol(SNMP),” 1990.53. K. McCloghrie, M. Rose, RFC 1213, “Management Information Base for Network Management of TCP/IP-based internets: MIB-II,” 1991.34. Glenn Mansfield, M. Ouchi, K.Jayanthi. el. “Techniques for automated Network Map 毕业设计(论文)译文专用纸 第 8 页Generation using SNMP”
16、IEEE INFOCOM, 1996. pp.473-4805. Hwa-Chun Lin, Hsin_Liang Lai, Shou-Chuan Lai, “Automatic Link layer Topology Discovery of IP Networks” IEEE, 19996. E.Decker, RFC 1493: Definitions of Managed Objects for Bridges http:/www.faqs.org/rfcs/rfc1493.html, 1993.7毕业设计(论文)译文专用纸 第 9 页原文The research of network
17、 topology discovery algorithmDeng-Guo Feng Science and Technology Press, September 2009ABSTRACTAlong with the development of the computer network technology and lnternet worldwide, computer network as the popularity of information society infrastructure has applied to the government, business, milit
18、ary, education and other social fields. The current development of computer networks features are: network scale unceasingly expands, the complexity increases, heterogeneous network is also higher and higher . on the existing technology conditions, people want to have a more stable and reliable netw
19、ork environment, the computer network management system is the result of demand. It has all sorts of equipment for network management, through monitoring and controlling these devices, timely report to management personnel the network state and simplify handling of network fault, reducing the loss c
20、aused by fault, increasing the network service quality and efficiency 1.A good network management system first needs to master the whole topology of the network. Network configuration management is found and configuration network to network management meaningful equipment process, and the network to
21、pology discovery rules is the automatic core configuration management, is the basis of fault and performance management, also it is the measure of a commercial network management system of the important measure success or failure. Therefore, the design of topology discovery algorithm in the whole de
22、velopment of network management system plays a vital role. Network topology discovery technology USES net agreement or networks offer usable tool, through the topological algorithm, found network routers, switches and host and connections between the way by graphical display intuitively, while also
23、minimize found network equipment and display devices running costs 2.毕业设计(论文)译文专用纸 第 10 页In order to find more detailed network topology structure, network topology discovery of multi-layer automatic is necessary, the industry usually put topology discovery network automatically into two parts, name
24、ly IP management domain topology discovery and network layer data link layer topology discovery, this article will detail network topology automatically find algorithm.1. The agreement, topology discovery algorithm profile1.1 SNMP (Simple Management Protocol, a Simple Network management protocol)Bec
25、ause of the simplicity and easy realization of SNMP, the management agreement has become the most widely used and most popular network management protocols, it also become the DE facto standard 3. Its purpose is to make the design of the data which can be effective and simple network to monitor and
26、control network equipment, it consists of managers, management information base (MIB), agents (Agent) and the object composed of four, SNMP architecture (see figure 1.Figure 1 SNMP protocol working principle1. Managers - is a section of executing user management functions the program code, through t
27、he original language, to related SNMP agent by sending command request access on the various equipment of state information.毕业设计(论文)译文专用纸 第 11 页2. The database of management information (MIB) - located in the (pipe facilities, is a daemon thread responsible for collecting, sorting and maintenance of
28、 equipment by tube of state information, the information stored in database management. In addition, it is also responsible for receiving and sending requests to managers sent the corresponding response message managers.3. Agency (Agent) - lives in various of software, maintenance tube object local
29、MIB information, accept MIB variables by the data access requests from the message, after identity to send data back inspection message, this response response of the data message including MIB variable value requires access or corresponding error messages.4. The object of management - is various ph
30、ysical equipment attributes. Five kinds of provisions SNMP protocol data unit units = PDU4, used in management process and agent of exchange between.Athe operation of get - request : from acting process place extraction one or more parameter values.B. the operation of get next -request : in the curr
31、ent parameters extracted follows a parameter values.C. the operation of get - request : set agent process one or more parameter values.D. the operation of get-response: return to one or more of the parameter values. The operation is issued by the agency, it is the process of three operating response
32、 operation.E. the operation of trap:agency process a message, notify voluntarily administration process theres something happening.1.2 ICMP Protocol, macro Control (Internet Internet Control Message Protocol)Based on TCP/IP protocol network equipment almost support all the ICMP protocol, this agreem
33、ent allow host or router report the situations and provide relevant mistake the abnormal situation report. ICMP messages type many, this algorithm is used only in response to request two message - a message or respond to a message, if response network segment of all possible IP address within execut
34、ing in sequence “the Ping“ operation, according to response can find this segment of the 毕业设计(论文)译文专用纸 第 12 页current activity within all of “devices, and the IP address of the Ping“ through one Tracert “operation performed“ can be found.2. Algorithm describedThe algorithm utilizes network backbone a
35、nd the hierarchical found strategy, putting subnet network topology discovery into two levels and using different topology discovery methods.The first level for discovery backbone routers and their within the interface and subnet connections, based on SNMP protocol network topology discovery methods
36、, through traversal routing tables to realize the automatic found; trunk topologyThe second level for discovery subnet information related to live within the host based on ICMP protocol network topology discovery methods, through the ICMP protocol “Ping“ operation to find out the host. 2.1 backbone
37、topological acquisition algorithmBy using SNMP to access the MIB pipe facilities, in order to find out equipment information and the relations among them. All the equipment can think and support SNMP is first-order network equipment, the rest is to host equipment. Design mute discovery algorithm, us
38、ing a similar to breadth first search algorithm. list, sub Here basically use the three linked list: waiting list, routing equipment gateway already inspection routing equipment gateway information net information list. This requires the response from routing equipment returns to resolve the each ro
39、ad record packets of routing information, such as table l.3.Table 1 need to resolve the routing informationMIB object The description of function OIDipRouteIfIndex The port of gateway 1.3.6.1.2.1.4.21.1.2ipRouteNextHop The ip of next hop 1.3.6.1.2.1.4.21.1.8ipRouteType The type of routeDirect(3): Ro
40、uting to straight 1.3.6.1.2.1.4.21.1.8毕业设计(论文)译文专用纸 第 13 页lotus seed netsIndirect(4): Route to a non local host network or subnetipRouteMask Segment of the subnet mask1.3.6.1.2.1.4.21.1.11ipAdEntAddr The ip of gateway 1.3.6.1.2.1.4.20.1.1ifDescr The description of the interfaces (specifies the VLAN
41、number1.3.6.1.2.1.2.2.1.2Using SNMP to read IP routing table of population equipment, and deposited in the database, and then read from the database, next routing address field by cyclic and not repeated next read from the database can be realized routing address field of tree level traversal. Speci
42、fic algorithm are described below:Initialize stay access routers queue, initialization has accessed routers queues; The default routers mark IP put people stay access routers in the queue;While (the queue of visiting router not null)The router to visit from the queue for Current Router removed a rou
43、ter,;If (Current Router join has access routers queue success)Initialize local connected with the router queue and local connected subnet queues;Visit Current Router routing table;(If (Route Type (1.3.6.1.2.1.4.21.1.8) = = indirect (4)In the routing table Route NextHop not repeatedly on each with lo
44、cal connected router queue;毕业设计(论文)译文专用纸 第 14 页If (Route Type (1.3.6.1.2.1.4.21.1.8) = = direct (3)The ipRoute Dest and ipRouteMask not repeatedly on and local connected subnet queue; Then the CurrentRouter ipAdEntAddr and visitIpAdEntNetMask, and put them not repeatedly on and local connected subne
45、t queue;Traverse and local connected router in a queue, will the logo for each router to access router IP in queues;)CurrentR0uter belong to elseif (already access routers queue)The;2.2 The algorithm of subnet topology discovery The main advantage of subnet topology discovery ICMP protocol is to be
46、realized. Because a lot of host to mockery and security will consider closing the Ping response function, some host even in order to prevent some other types of ICMP attack and refuse to handle all the ICMP packets from external (many firewall by default enable ICMP filtering all can), but they are
47、generally not shut down the machine to other machines, also wont stop Ping detection of foreign report issued ICMP mistake itself. Therefore, if a activities machine to send letter bag, the designated and UDP a untapped the host, whether this communication port to set the ICMP whether its destinatio
48、n, it will return a filter of the port unreachable entries ICMP error messages (Type = 3, Code = 3), notify the source host communication is not successful, source host received after the ICMP response can know purpose of host is only purpose host activities in full close state, it wont have any ICM
49、P error messages back.Mainly adopts the following steps to achieve:1. Sure the subnet gateway, subnet addresses and subnet Mask, subnet addresses for IP and goes through “and“ operation obtain;2. Through the gateway address get subnet type;3. Through the subnet addresses and subnet mask get this subnet machine number 毕业设计(论文)译文专用纸 第 15 页and the possible existence of IP address range;4. To this subnet all possible within the IP address of the corresponding machine to send UDP packets, and appoint
