This topic covers the following topics:
■ Network management framework: FCAPS: The topic starts with an introduction to a management framework that is independent of IPv4 and IPv6. This framework provides the foundation of managing any network infrastructure.
■ IPv6 network management applications: This section provides information on integrating IPv6 with the existing IPv6 network management applications.
■ IPv6 network instrumentation: With IPv6 running in conjunction to IPv4, the network infrastructure extends the support of existing built-in tools such as MIBs, NetFlow, IP SLA, and EEM to support IPv6 deployments.
■ IPv6 network management: Enterprises typically focus on extending their network management infrastructure over IPv6 after they have successfully deployed IPv6 for the end-host connectivity. In this section, we look at various applications that are used for IPv6 network management.
■ IPv6 traffic-monitoring tools: This section focuses on tools to monitor, capture, and analyze IPv6 tools are needed for troubleshooting and network anomaly detection needs.
Network management and monitoring are essential building blocks and critical parts of operating any enterprise-class network. The primary objective of network management is to support the operational processes of the infrastructure including provisioning, change management, monitoring, reporting, and troubleshooting. This becomes challenging as organizations integrate IPv6 within their existing network infrastructure. As discussed in next topic, "Market Drivers for IPv6 Adoption," IPv6 as such is not a feature but a fundamental rewrite of the IP network layer model. Because IPv6 can coexist with the IPv4 infrastructure for the near future, existing tools, processes, and methodologies must evolve to support heterogeneous IPv4 and IPv6 networks.
Today, existing IPv4 networks are managed with a wide variety of tools ranging from scripts to complex and costly licensed-based and database-driven management applications. Although the vast majority of these tools have grown and matured with the IPv4 network infrastructure they manage, there is no parity between the features used to manage IPv4 and those used for IPv6. To begin with, the following questions need to be kept in mind when extending IPv4 tools to manage dual-stack, hybrid IPv4-IPv6 networks:
■ Are the network management applications deployed today capable of managing network infrastructure through IPv4 and IPv6? Which network applications are IPv4-capable-only? And which applications support dual-stack IPv4 and IPv6?
■ What devices are currently being managed? Are these devices capable of supporting management through IPv6 either through Simple Network Management Protocol (SNMP) IPv6 extensions or a mixture of other management protocols?
■ What is the nature of the Management Information Base (MIB) currently being used? Are they discrete IPv4 and IPv6 MIBs or the newer unified protocol-agnostics MIBs? Does the existing network infrastructure support IPv6 MIBs?
■ Will the tools used today fit into the transition plan and a long-term IPv6 "native or "IPv6-only" plan?
This topic outlines key concepts and identifies tools needed for managing IPv6 deployments. The topic assists network architects in managing their IPv6 designs and deployments as part of their existing IPv4 network management infrastructure. Table 11-1 lists the capabilities of popular Cisco devices. Throughout this topic, these features will be discussed in detail; however, the following table provides a good summary of which devices offer these features.
To help simplify and standardize network management, network managers have developed a comprehensive framework that addresses the range of management functions required to operate a network environment. This generic framework is independent of IPv4 or IPv6 as such, but it helps outline the foundation of managing any network infrastructure. The framework outlines five management functional areas: Fault, Configuration, Accounting, Performance, and Security Management (FCAPS). This comprehensive framework for network management addresses the wide range of management functions that are required in an operational network environment.
FCAPS was introduced by ISO in its first working draft (N1719). Each functional area can be addressed independently of each other. For example, fault-diagnosing activities required for troubleshooting network problems are very different from configuring network devices as such. The following sections provide an overview of the FCAPS functional areas.
Table 11-1 IPv6 Capabilities of Popular Cisco Switches
|
Management |
Protocol |
Nexus 7000 |
Catalyst 6500 |
Catalyst 4900 |
Catalyst 4500 |
|
Monitoring |
SNMP |
Y |
Y |
Y |
Y |
|
and reporting |
Syslog |
Y |
Y |
Y |
Y |
|
Network serv- |
NTP |
Y |
Y |
Y |
Y |
|
ices |
TFTP |
Y |
Y |
Y |
Y |
|
Control and |
Telnet |
Y |
Y |
Y |
Y |
|
operation |
SSH |
Y |
Y |
Y |
Y |
|
HTTP |
Y |
Y |
Y |
Y |
|
|
Netconf |
Y |
N |
Y |
N |
|
|
MIB |
Y |
Y |
Y |
Y |
|
|
Interface statistics |
Y |
Y |
Y |
Y |
|
|
ICMP |
Y |
Y |
Y |
Y |
|
|
NetFlow |
Y |
Y |
N |
Y (Sup 7E) |
|
|
IPSLA |
N |
Y |
Y |
Y |
|
Note Additional details on the FCAPS framework can be found at http://www.tech-faq.com/fcaps.html.
Fault Management
Fault management is the process of detecting, categorizing, logging, and reporting faults through proactive monitoring or reactive manual detection (for example, a user call to the Help Desk). It also includes the root cause analysis and event correlation.
Configuration Management
Configuration management is the control mechanism and discipline that increase the probability of implementing successful changes in the production network environment. This also includes being able to automatically manage network inventory, software licenses, and system certifications.
Accounting Management
Accounting management refers to a methodology of measuring managed resources and services rendered to end users within a billing period. This includes asset tracking, service-level reporting, and vendor management.
Performance Management
Performance management includes the capability to meet target service levels and to establish a detailed service-level baseline. This functional area also includes capacity planning, network performance analysis, and reporting.
Security Management
Security management includes network encryption, disaster recovery and contingency planning, security alert monitoring, reporting, and policy management.
Table 11-2 summarizes the functional areas, their features, and product examples.
Table 11-2 FCAPS Summary
|
FCAPS Functional Area |
Features |
Product Examples |
|
Fault |
Fault detection and correction Fault isolation and network recovery Alarm handling, alarm filtering, and alarm generation Trouble detection and logging Diagnosis Trouble correction Test and acceptance Network recovery Fault reporting |
Cisco Works Tivoli Netview Cisco Fabric Manager for managing storage networks |
|
Configuration |
Resource initialization Network provisioning Autodiscovery Backup and restore Database handling Change/inventory management Certifications |
Cisco Works Cisco Fabric Manager Cisco Data Center Network Management (DCNM) Network Registrar Network Compliance Manager |
|
Accounting |
Usage tracking Billing Asset tracking Service-level management Vendor management |
Cisco Works NetFlow Collectors: NetQoS |
Table 11-2 FCAPS Summary
|
FCAPS Functional Area |
Features |
Product Examples |
|
Performance |
Baseline definition |
Cisco Works |
|
Capacity planning |
NetFlow |
|
|
Performance analysis |
||
|
Monitoring |
||
|
Reporting |
||
|
Security |
Access control |
Cisco ACS (TACACS+/RADIUS) |
|
Security administration |
||
|
System audit |
||
|
Alert monitoring |
||
|
Encryption |
||
|
Policy management |
