8 marks

1.WAN
 When an enterprise grows to include branch offices, e-commerce services(or)global
operations, a single local area network (LAN) is no longer sufficient to meet its business
requirements.
 WAN access has become essential for larger businesses today. Introduction of WANs.
 A variety of WAN technologies meet the different needs of businesses.
What is a WAN
 A WAN is a data communication network that operates beyond the geographic scope of a
LAN.
 LAN connects computers, peripherals, and other devices in a single building(or) other
small geographic area.
 WAN allows the transmission of data across greater geographic distance.
 WAN uses facilities provided by the service provider/carrier [such as a telephone (or)
cable company] to connect the locations of an org to each other, to locations of another org,
to external services & too remote user.
 WAN support variety of data (video, voice & data).
WHY WAN:
 People in the regional /branch officers an org need to be able to communicate and these
resources with the central site.
 Org often want to share information with other org across large distance. In addition,
home computers
 Consumes to communicate with banks, stores & variety of providers of goods & services
via computers.
 Students do research for classes by accessing lib catalogues & publications located in
other parts of their country and in other parts of the world.
SMALL OFFICE:
 A single LAN to share information between computers and to share peripherals, such as a
printer, a large-scale plotter (to print engineering drawings), and fax equipment.
 The company recently upgraded its LAN to provide inexpensive voice over IP (VoIP)
service to save on the costs of separate phone lines for its employees.
 The company connects to the Internet through a common broadband service called Digital
Subscriber Line (DSL), which is supplied by the local telephone service provider. With so
few employees, bandwidth is not a significant problem.
CAMPUS (MULTIPLE LANs)
 Now it is a small to medium sized business with several hundred employees.
 As the business has expanded, the networks have also grown. Instead of a single small
LAN, the network now consists of several subnetworks.

The network includes:

 Intranet provides in hour documents & information to employee.
 Extranet provides project information only to designated customers.
BRANCH (WAN):
 For its branch and regional offices that are in nearby cities, the company decides to use
private dedicated lines through its local service provider.
 However, for the offices that are located in other countries, the Internet is now an
attractive WAN connection option. Although connecting offices through the Internet is
economical, it introduces security and privacy issues that the IT team must address.
Distributed (Global):
 The cost of the network and its related services is a significant expense. The company is
looking to provide its employees with the best network services at the lowest cost.
 To increase profitability, Span Engineering needs to reduce its operating expenses. It has
relocated some of its office facilities to less expensive areas.
 Web-based applications—including web conferencing e-learning, and online
collaboration tools—are being used to increase productivity and reduce costs.

 It is a type of computers network that is spread over different networks. An app may be
hosted and executed from a single machine but successes by many others.
Choosing a WAN Link Connection
2. Client-Server Model of Interaction:
Introduction:
The primary pattern of interaction among cooperating applications is known as the client-
server paradigm. Client-server interaction forms the basis of most network communication,
and provides the foundation for application services.
A server is a computer program that offers a service over a n/w. A server accepts a request
over the network, performs its service, and returns the result to the requester. For the simplest
services, each request arrives in a single IP datagram and the server returns a response in
another datagram. An executing program becomes a client when it sends a request to a
server and waits for a response.
Servers can perform simple or complex tasks. For example, a time-of-day server merely
returns the current time whenever a client sends the server a packet. A web server receives
requests from a browser to fetch a copy of a Web page; the server obtains a copy of the file
for the page and returns it to the browser.
Servers are implemented as application programs. The advantage of implementing servers
as application programs is that they can execute on any computing system that supports
TCP/IP communication.
UDP Echo Server:
A server starts execution before interaction begins and (usually) continues to accept requests
and send responses without ever terminating. A client is any program that makes a request
and awaits a response it (usually) terminates after using a server a finite number of times.

Time and Date Service:

The echo server is extremely simple, and little code is required to implement either the server
or client side. Used to set the system clock automatically without requiring the battery to
maintain time. If at least one machine on every n/w to run a time-of-day server a laptop only
needs to send a request & obtain the time.
Representation for the Date and Time:
The TCP/IP define the epoch date to the January 1, 1970 and store the time in a 32-bit
integer, a representation that accommodates all dates in the near future.
Time servers Interaction:
Sending a datagram to a time server is equivalent to making a request for the current time
the server responds by returning a UDP message that contains the current time.
The Complexity of Servers:
Servers are usually much more difficult to build than clients because production sewers are
concurrent which means the sewer can handle multiple request at the same time. The
Server must respond the other request while the slow transfer continues to do so a server
takes the following steps.
 Open port
 Wait for client
 Start copy
 Continues
The chief advantages in complexity and speed:
Server programs usually need to execute with highest privilege because they must read
system files, keep logs, and access protected data. Servers must protect themselves against
malformed requests or against requests that will cause the server program itself to abort.
Broadcasting Request:
When it boots a computer can use DHCP to obtain an address but the client does not know
the address of a server instead the client broadcasting it request.
Alternatives to The Client-Server Model:
A computer that runs ARP keep a cache of answers to improve the efficiency of later
queries. Caching improves the performance of client server interaction.
Pre collecting can allow a given system to continue executing even though other machines.
the early Unix program named runtime illustration the idea when involved runtime reports
the cup load a time.
Pre collection has one major disadvantage: it uses processor time and network bandwidth
even when no one cares about the data being collected.
Thus, pre collection is not among the most popular alternatives to client-server.

3.TCP: FINITE STATE MACHINE IMPLEMENTATION:

SYNAPSIS:
Closed state processing
Timid delay after closing
Time wait state processing
Fin-wait-2 state processing
Close-wait state processing
Last-ack state processing
 Established state processing
CLOSED STATE PROCESSING:
In CLOSED state representing a TCB that has been allocated but not used in any way.
The procedure TCP closed implements the CLOSED state.
A result any incoming segments generates a TCB RESET. The TCP reset to generate sends
the reset message.
Time wait state processing:
Internet protocol is a best effort delivery system.
Datagrams can be duplicated and delayed or out of order.
The TCP protocols use for delivery IP address.
Fin-wait-2 state processing:
The purpose of this processing can be implemented by the procedure tcpfin2.
This state machine handles FIN-WAIT-2
Close-wait state processing:
The shutdown states we have seen so far handles transition when an application programs
initiates shutdown with the close operation.
It uses end-of-states file to inform the application LAST-ACK.
Last-ack state processing
When the last-ask processing works the close-wait transition occurs the LAST-Ack
application issue use the close operation.
The procedure TCP lack-ack implementing the LAST-ACK state processing.
Established state processing
Once a connection has been established, both sides remain in the ESTABLISHED state the
exchange data and acknowledgments.
It’s called the procedure TCP ESTABLISHED.
4.X.25 network and support protocol:
the IS0 layering scheme has been the basis for several protocol implementations. Among the
protocols commonly associated with the IS0 model, the suite of protocols known as X.25 is
probably the best known and most widely used. X.25 was established as a recommendation of
the International Telecommunications
Union (ITU). In the X.25 view, a network operates much like a telephone system. Hosts do
not attach directly to communication wires of the network. Instead each host attaches to one
of the packet switches using a serial communication line. The host must follow a complicated
procedure to transfer packets onto the network.
Physical Layer.
X.25 specifies a standard for the physical interconnection between host computers and
network packet switches, as well as the procedures used to transfer packets from one machine
to another.
Data Link Layer.
The layer 2 portion of the X.25 protocol specifies how data travels between a host and the
packet switch to which it connects. X.25 uses the term frame to refer to a unit of data as it
passes between a host and a packet switch. the layer 2 protocol must define the format of
frames and spec@ how the two machines recognize frame boundaries. Because transmission
errors can destroy data, the layer 2 protocol includes error detection. Finally. because
transmission is unreliable, the layer 2 protocol specifies an exchange of acknowledgements
that allows the two machines to know when a frame has been transferred successfully. One
commonly used layer 2 protocol, as High-Level Data Link Communication, HDLC.
Network Layer.
network or communication subnet layer, this layer defines the basic unit of transfer across the
network and includes the concepts of destination addressing and rout- ing. The layer 3
software assembles a packet in the form the net- work expects and uses layer 2 to transfer it
(possibly in pieces) to the packet switch. Layer 3 must also respond to network congestion
problems.
Transport Layer.
Layer 4 provides end-to-end reliability by having the destina- tion host communicate with the
source host.
Session Layer.
Higher layers of the IS0 model describe how protocol software can be organized to handle all
the functionality needed by application programs. on its networks ,a carrier provides a spe-
cial purpose host computer called a Packet Assembler And Disassembler (PAD). Travelers
who carry their own computer and modem, dial up the local PAD, make a network
connection to the host with which they wish to communicate, and log in.
Presentation Layer.
IS0 layer 6 is intended to include functions that many ap- plication programs need when
using the network. For example, an IS0 standard known as Abstract Syntax Notation 1
(ASN.]), provides a representation of data that application programs use.
Application Layer.
Finally, IS0 layer 7 includes application programs that use the network. Examples include
electronic mail or file transfer programs.
The TCPAP 5-Layer Reference Model:

TCPDP software is organized into five conceptual layers - four software layers that build on a
fifth layer of hardware.
Application Layer.
At the highest layer, users invoke application programs that access services available across a
TCPDP internet. An application interacts with one of the transport layers protocols to send or
receive data. The application program passes data in the required form to the transport layer
for delivery.
Transport Layer.
The primary duty of the transport layer is to provide communication from one application
program to another. Such communication is often called end-to-end. It may also provide
reliable transport, ensuring that data arrives without error and in sequence. To do so, transport
protocol software arranges to have the receiving side send back acknowledgements and the
sending side retransmit lost packets. The transport software divides the stream of data being
transmitted into small pieces (sometimes called packets) and passes each packet along with a
destination address to the next layer for transmission.
Internet Layer.
It accepts a request to send a packet from the transport layer along with an identification of
the machine to which the packet should be sent. It encapsulates the packet in an IP datagram,
fills in the datagram header, uses the routing algorithm to determine whether to deliver the
datagram directly or send it to a router, and passes the datagram to the appropriate network
interface for transmission. The Internet layer also handles incoming datagrams.
Network Interface Layer.
The lowest layer TCPIIP software comprises a net- work interface layer, responsible for
accepting IP datagrams and transmitting them over a specific network.
5.Applications: Electronic Mail (SMTP, POP, IMAP, MIME)
Electronic Mail:
An electronic mail (e-mail) facility allows users to send memos across an internet. E-mail is
one of the most widely used application services. To handle delayed delivery, mail systems
use a technique known as spooling. When the user sends a mail message, the system places a
copy in its private storage (spool?) area along with identification of the sender, recipient,
destination machine, and time of deposit.

A client that uses the domain name system to map the destination machine name to an IP
address, and then attempts to form a TCP connection to the mail server on the destination
machine. If it succeeds, the transfer process passes a copy of the message to the remote
server, which stores the copy in the remote system's spool area. Once the client and server
agree that the copy has been accepted and stored, the client removes the local copy. If it
cannot form a TCP connection or if the connection fails, the transfer process records the time
delivery was attempted and terminates. If it finds that a mail message cannot be delivered
after an extended time (e.g., 3 days), the mail software returns the message to the sender.
Mailbox Names and Aliases:
User specify each recipient by giving a test string that contains two items separated by an at-
sign:
Local-part@domain-name
Second, the names used in such specifications are independent of other names assigned to
machines. Thus, mail sent to a user at example.com may go to a different machine. Third,
mail forwarding, in which some mail that arrives on a given machines is forwarded.
Alias Expansion and Mail Forwarding:
Most systems provide mail forwarding software that includes a mail alias expansion
mechanism. A mail forwarder allows the local site to map identifiers used in mail addresses
to a set of one or more new mail addresses.

incoming and outgoing mail passes through the mail for- warder that expands aliases. Thus, if
the alias database specifies that mail address x maps to replacement y, alias expansion will
rewrite destination address x, changing it to y.
TCP/IP Standards For Electronic Mail Service:
The TCP/IP protocol effort is to provide for interoperability across the widest range of
computer systems and networks. To extend the interoperability of electronic mail, TCP/IP
divides its mail standards into two sets. The line begins to: and contains the electronic mail
address of the intended recipient on the remainder of the line. A line that beginsfrom:
contains the electronic mail address of the sender. Optionally, the sender may specify an
address to which replies should be sent (i.e., to allow the sender to specify that replies should
be sent to an address other than the sender's mailbox).
The mail message format is chosen to make it easy to process and transport across
heterogeneous machines. Keeping the mail header format straightforward allows it to be used
on a wide range of systems. Restricting messages to readable text avoids the problems of
selecting a standard binary representation and translating between the standard representation
and the local machine's representation.
Simple Mail Transfer Protocol (SMTP):
In addition to message formats, the TCP/IP protocol suite specifies a standard for the
exchange of mail between machines. That is, the standard specifies the exact format of
messages a client on one machine uses to transfer mail to a server on another. The standard
transfer protocol is known as the Simple Mail Transfer Protocol (SMTP). As you might
guess, SMTP is simpler than the earlier Mail Transfer Protocol, (MTP). Mail transactions
begin with a MAIL command that gives the sender identification as well as a FROM: field
that contains the address to which errors should be reported. A recipient prepares its data
structures to receive a new mail message, and replies to a MAIL command by sending the
response 250. After all RCPT commands have been acknowledged, the sender issues a
DATA command. In essence, a DATA command informs the receiver that the sender is ready
to transfer a complete mail message.
S: 220 Beta.GOV Simple Mail Transfer Service Ready C: HELO Alpha.EDU S: 250
Beta.GOV
C: MAIL FROM:<Smith@Alpha.EDU> S: 250 OK
C: RCPT TO:<JonesBBeta.GOV> S: 250 OK
C: RCPT TO:<Green@Beta.GOV> S: 550 No such user here
C: RCPT TO:<Brown@Beta.GOV> S: 250 OK
The error message contains a summary of the error as well as the header of the mail message
that caused the problem. When informing the client about a new address, the server may
choose to forward the mail that triggered the message, or it may request that the client take
the responsibility for forwarding.
Mail Retrieval and Mailbox Manipulation Protocols:
The SMTP transfer scheme described above implies that a server must remain ready to accept
e-mail at all times; the client attempts to send a message as soon as a user enters it. The
computer runs a conventional SMTP server, which always remains ready to accept e-mail. In
the second stage, the user forms a dialup connection, and then runs a proto- col that retrieves
messages from the permanent mailbox.]
Two protocols exist that allow a remote user to retrieve mail from a permanent mailbox. The
protocols have similar functionality: in addition to providing access, each protocol allows a
user to manipulate the mailbox content (e.g., permanently delete a message). The next two
sections describe the two protocols.
Post office Protocol:
The most popular protocol used to transfer e-mail messages from a permanent mailbox to a
local computer is known as version 3 of the Post office Protocol (POP3). To ensure correct
operation, the two servers must coordinate use of the mailbox so that if a message arrives via
SMTP while a user is extracting messages via POP3, the mailbox is left in a valid state.
Internet Message Access Protocol:
Version 4 of the Internet Message Access Protocol (IMAP4) is an alternative to POP3 that
uses the same general paradigm. Like POP3, IMAP4 defines an abstraction known as a
mailbox; mailboxes are located on the same computer as a server. Also, like POP3, a user
runs an MAP4 client that contacts the server to retrieve messages.
Un- like POP3, however, MAP4 allows a user to dynamically create, delete, or rename
mailboxes. MAP4 also provides extended functionality for message retrieval and processing.
A user can obtain information about a message or examine header fields without retrieving
the entire message. In addition, a user can search for a specified string and retrieve specified
portions of a message. Partial retrieval is especially useful for slow-speed dialup connections
because it means a user does not need to download useless information.
The MIME Extension for Non-ASCII Data
The Multipurpose Internet Mail Extensions (MIME) were defined to allow transmission of
non-ASCII data through e-mail. MIME does not change SMTP or POP3, nor does MIME
replace them.
Fran: bill@acollege.edu
To: john @example. can
MIME-Version: 1.0
Content-Type: image/gif
Content-Transfer-Encoding: base64
... data for the image ...
The MIME standard specifies that a Content-Type declaration must contain two identifiers, a
content type and a subtype, separated by a slash. In the example, image is the content type,
and gifts the subtype.

MIME Multipart Messages:

The MIME multipart content type is useful because it adds considerable flexibility. The
standard defines four possible subtypes for a multipart message; each provides important
functionality. Subtype mixed allows a single message to contain multiple, independent
submessages that each can have an independent type and encoding. Mixed multipart
messages make it possible to include text, graphics, and audio in a single message, or to send
a memo with additional data segments attached, similar to enclosures included with a
business letter.

Declarations of the content type and transfer encoding for a submessages, if included,
immediately follow the boundary line. In the example, the second submessages is declared to
be a GIF image.
5 marks:
1.FEATURES OF TCP/IP
TCP/IP is a set of protocols that enable communication between computers. Protocols are rules or
standards. If two devices in a network need to communicate, they need to use a common protocol.
FEATURES:
1.multi-vender support
TCP/IP implemented by many vendors. It is an industry standard and not limited to any specific
vender.
2.interoperability:
A user who is sitting on a windows box can downloaded files from a Linux machines, because both
os support TCP/IP.
3.logical addressing:
MAC every network adapter has a globally unique and permanent physical address which is
known as MAC address. The network adapter of each computer listens to every transmission on the
local network to determine whether a message is addressed to its own physical address. For a small
LAN this wore well. But when your computer is connected to a big network like internet, it may need
to listen to millions of transmissions per second. This may cause your network connection to stop
functioning.
To avoid this network administrators often divide (segment) big network intro smaller network using
routers to reduce network traffic from one network may not create problem in another network. A
network can be again subdivided into smaller subnets so that a message can travel efficiently from S
to D.
4.routability:
It is a network infrastructure device which can read logical add and direct data across the network it
its destination. TCP/IP is a routable protocol so TCP/IP data packets can be moved from one network
segment to another.
5.name resolution:
IP addresses are designed for the computers and it is difficult for humans to remember many IP
addresses. TCP/IP allows us to use humans’ friendly names, which are very easy to remember.
Name resolution servers (DNS servers) are used to resolve a human readable name (also known as
FQDN fully qualified domain names) to an IP add and vice versa.
6.error control and flow control:
TCP/IP ensure the reliable delivery of data from source computer to destination. TCP/IP defines of
these error checking, flow-control and ack functions.
7.multiplexing/de-multiplexing:
Multiplexing means accepting data from different app and directing that data to different app
listening on different receiving computers. On the receiving side, the data need to be directed to the
correct app. This is called de-multiplexing. We can run many network app on the same computer. By
using logical channels called parts. TCP/IP provides means for delivering packets to the correct app.
In TCP/IP, parts are identified by using TCP/IP port numbers.
2.The IPV4 Datagram
Header gives information such as the (physical) source and destination addresses. The internet
c&lf its basic transfer unit an Internet datagram. A datagram is divided into header and data areas.
Also like a frame, the datagram header contains the source and destination addresses. Header contains
IP ad- dresses whereas the frame header contains physical addresses.
Datagram Format
Datagram processing occurs in software, the contents and format are not constrained by any
hardware. For example, the first C bit field in a datagram (VERS) contains the version of the IP
protocol that was used to create the datagram. It is used to verify that the sender, receiver, and any
routers in between them agree on the format of the datagram.
The header length field (HLEN), also 4 bits, gives the datagram header length measured in
32-bit words. All fields in the header have fixed length except for the IP OPTIONS and corresponding
PADDING fields. The size of the data area can be computed by subtracting the length of the header
(HLEN) from the TOTAL LENGTH. TOTAL LENGTH field is 16 bits long.
A router is required to implement at least two priority schemes: one for normal traffic and one
for high-priority traffic. When the last three bits of the CODEPOINT field are zero, the router must
map a codepoint with precedence 6 or 7 into the higher priority class and other codepoint values into
the lower priority class.

We regard the service type specification as a hint to the routing algorithm that helps it choose
among various paths to a destination based on local policies and its knowledge of the hardware
technologies available on those paths. An internet does not guarantee to provide any particular type of
service.
Datagram Encapsulation
Before we can understand the next fields in a datagram, it is important to consider how
datagrams relate to physical network frames. They can be of any length the protocol designers choose.
We have seen that the Pv4 datagram format allots 16 bits to the total length field, limiting the
datagram to at most 65,535 octets. The idea of carrying one datagram in one network frame is called
encapsulation.

Datagram Size, Network MTU, and Fragmentation

Time to Live (TTL)

 In principle, field TIME TO LIVE specifies how long, in seconds, the datagram is allowed to
remain in the internet system. Routers and hosts that process datagrams must decrement the TIME TO
WE field as time passes and remove the datagram from the internet when its time expires.
Internet Datagram Options

Record Route Option

Source Route Options

Timestamp Option
The timestamp option works like the record route option in that the timestamp option contains an
initially empty list, and each router along the path from source to destination fills in one item in the
list. Each entry in the list contains two 32-bit items: the IP address of the router that supplied the entry
and a 32-bit integer timestamp. Figure 7.15 shows the format of the timestamp option.

3.Internet Management (SNMP)

Introduction
protocols that provide network level services and application pro- grams that use those services, an
internet needs software that allows managers to debug problems, control routing, and find computers
that violate protocol standards. We refer to such activities as internet management. TCP/IP internet
management software, and describes an internet management protocol.
The Level of Management Protocols:
In a TCP/IP internet, a manager needs to examine and control routers and other network devices.
Because such devices attach to arbitrary networks, protocols for internet management operate at the
application level and communicate using TCP/IP transport-level protocols.
Architectural Model:
The most significant advantage of placing network management protocols at a high level becomes
apparent when one con- siders a large internet, where a manager's computer does not need to attach
directly to all physical networks that contain managed entities.
client software usually runs on the manager's workstation. Each participating router or host? runs a
server program. Technically, the server software is called a management agent or merely an agent. A
manager invokes client software on the local host computer and specifies an agent with which it
communicates. After the client contacts the agent, it sends queries to obtain information. not all
devices in a large internet fall under a single manager. Most managers only control devices at their
local sites; a large site may have multiple managers. Internet management software uses an
authentication mechanism to ensure only authorized managers can access or control a particular
device. Some management proto- cols support multiple levels of authorization, allowing a manager
specific privileges on each device.
Protocol Framework:
TCPIIP network management protocols divide the management problem into two parts and specify
separate standards for each part. The first part concerns communication of information. The second
part concerns the data being managed.
A Standard Network Management Protocol:
The TCP/LP standard for network management is the Simple Network Management Protocol
(SNMP). The protocol has evolved through three generations. Consequently, the current version is
known as SNMPv3, and the predecessors are known as SNMPvl and SNMPv2. In addition to
specifying details such as the message format and the use of transport protocols, the SNMP standard
defines the set of operations and the meaning of each.
A Standard for Managed Information:
A device being managed must keep control and status information that the manager can access. For
example, a router keeps statistics on the status of its network interfaces. SNMP does not specify
exactly which data can be accessed on which devices. Instead, a separate standard specifies the details
for each type of device. Known as a Management Information Base (MIB), The MIB for TCP/IP
divides management information into many. Categories. The choice of categories is important
because identifiers used to specify items include a code for the category. Figure 30.2 lists a few
example

Examples of MIB Variables:

more than 100 separate MIBs have been defined as part of the standards process; they specify more
than 10,000 individual variables. In addition, many vendors have defined MIB variables for their
specific hardware or software products.

When a query arrives, software in the agent on the router is responsible for mapping between the MIB
variable and the data structure the router uses to store the in- formation.
The Structure of Management Information:
In addition to the standards that specify MIB variables and their meanings, a separate standard
specifies a set of rules used to define and identify MIB variables. The rules are known as the Structure
of Management Information (SMZ) specification. the rules in the SMI describe how the MIB refers to
tables of values (e.g., the IP routing table).
Formal Definitions Using ASN.l:

The TCP/IP network management protocols use a formal notation called ASN.1 to &fine names and
types for variables in the management information base. The precise notation makes the formal and
con- rents of variables unambiguous.
Structure and Representation of MIB Object Names:
We said that ASN.1 specifies how to represent both data items and names. Names used for MIB
variables are taken from the object identifier namespace administered by IS0 and ITU. The object
identifier namespace is absolute (global), meaning that names are struc- tured to make them globally
unique. The root of the object identifier hierarchy is unnamed, but has three direct descendants
managed by: ISO, ITU, and jointly by IS0 and ITU. IS0 has allocated one subtree for use by other
national or international standards organizations
For example, the name 1 .3.6.1.2 denotes the node labelled mgmt, the Internet management subtree.
The MIB has been assigned a node under the mgmt subtree with label mib and numeric value 1.
Because all MIB variables fall under that node, they all have names beginning with the prefix
1.3.6.1.2.1.

the prefix 1.3.6.1.2.1.4. If one wanted to write out the textual labels instead of the numeric
representation, the name would be:
iso. org. dod. internet. mgmt. mib. ip
Simple Network Management Protocol:
In addition to defining the form and meaning of messages exchanged and the representation of names
and values in those messages, network management protocols also define administrative relationships
among routers being managed. That is, they provide for authentication of managers.
Some early protocols, for example, supported commands that allowed the manager to: reboot the
system, add or delete routes, disable or enable a particular net- work interface, or remove cached
address bindings. The main disadvantage of building management protocols around commands arises
from the resulting complexity. The protocol requires a separate command for each operation on a data
item. For example, the command to delete a routing table entry differs from the command to disable
an interface. As a result, the protocol must change to accommodate new data items.
SNMP as interesting alternative approach to network management. Instead of defining a large set of
commands, SNMP casts all operations in a fetch-store paradigm? Conceptually, SNMP contains only
two commands that allow a manager to fetch a value from a data item or store a value into a data item.
The chief advantages of using a fetch-store paradigm are stability, simplicity, and flexibility. SNMP is
especially stable because its definition remains fixed, even though new data items are added to the
MIB and new operations are defined as side-effects of storing into those items. SNMP is simple to
implement, understand, and debug because it avoids the complexity of having special cases for each
command. Finally, SNMP is especially flexible because it can accommodate arbitrary commands in
an elegant framework.

Operations get-request and set-request provide the basic fetch and store operations; response provides
the reply. The trap operation allows managers to program servers to send information when an event
occurs. For example, an SNMP server can be programmed to send a manager a trap message
whenever one of the attached net- works becomes unusable (i.e., an interface goes down).
Searching Tables Using Names:
the client can still use the get-next-request operation to search the table by sending the prefix:
iso . org . dod. internet. mgmt . mib . ip. ipAddrTable. ipAddrEntry. ipAdEntNetMask
which, in numeric form, is:
1.3.6.1.2.1.4.20.1.3
The server returns the network mask field of the first entry in ipAddrTable. The client uses the full
object identifier returned by the server to request the next item in the table.
SNMP Message Format:
Unlike most TCP/IP protocols, SNMP messages do not have fixed fields. Instead, they use the
standard ASN.1 encoding. Thus, a message can be difficult for humans to decode and understand.
shows how an SNMP message can be described with an ASN.l-style grammar. In general, each item
in the grammar consists of a descriptive name followed by a declaration of the item's type. For
example, an item such as
 msgversion INTEGER (0...2147483647)

, the message starts with a code for SEQUENCE which has a length of 103 octetst. The first item in
the sequence is a 1-octet integer that specifies the protocol version; the value 3 indicates that this is an
SNMPV3 message. Successive fields define a message ID and the maximum message size the sender
can accept in a reply. Security information, including the name of the user (CommerBook) follows the
message header. The Get Request-PDU occupies the tail of the message. The sequence labelled
Scoped specifies a context in which to interpret the remainder of the message. The octet A0 specifies
the operation as a get-Request. Finally, the sequence of pairs contains one binding, a single object
identifier bound to a null value. The identifier is encoded as expected except that the fist two numeric
labels are combined into a single octet.
New Features in SNMPv3:
version 3 of SNMP represents an evolution that follows and extends the basic framework of earlier
versions. The primary changes arise in the areas of secu- rity and administration. First, SNMPv3 is
designed to have both general and flexible security policies, making it possible for the interactions
between a manager and managed devices. Second, the system is designed to make administration of
security easy.
v3 supports message authentication to ensure that instructions originate from a valid manager, privacy
to ensure that no one can read messages as they pass between a manager's station and a managed
device, and authorization and view-based access con- trol to ensure that only authorized managers
access particular items. an authorized manager can change the configuration of security items listed
above without being physically present at the device.