IBM Network Management

Independent Evaluations of Networking Products and Tools

Managing a Network with NetView and LAN Network Manager

A look at IBM's Network Management Tools

Orchestrating a 50-node local area network by hand often means fumbling in the dark to solve problems. You fall back on trial-and-error methods to determine which components may have caused a network failure. You know the locations of the workstations because you moved them yourself. You know which network adapters are in which machines because you installed them. When a network reconfiguration is called for, you stay up late with pencil and paper to map out the new network layout. When a problem occurs, you find out about it when someone walks into your office with a complaint. When you need to investigate, you walk to that cubicle to see what's going on.

On that scale, managing network is rather easy. But what if you had a thousand network nodes to manage? Ten thousand? What if the nodes were scattered across the city? The country? What if you managed several different Token Ring LANs, all connected to a central mainframe and all part of a nationwide network?

Let's watch the administrator of a large, sophisticated network at work for a moment:

The network administrator notes the network alert that suddenly pops into the upper right hand corner of the LAN Network Manager screen. She picks a menu selection and looks at the alert in detail: a Link Error has occurred, and it's brought down a LAN bridge over in the engineering department. Choosing other menu options, the administrator reconfigures a standby bridge to temporarily substitute for the failed unit. The phone rings. ``I just lost my connection to file server three!'', complains the fellow from the engineering department. ``I know.'' the administrator says. ``Reboot your computer and log back on. Everything should be okay now. The file server is still up; it was just the primary bridge that failed. I've routed around it...oh, would you tell the other folks in Engineering to also reboot their computers and log back on? Thanks!''

After a few minutes, the administrator checks her work, from her workstation, by asking LAN Network Manager to poll the network adapter cards on that segment of the LAN. After receiving positive responses, she turns to the phone and calls a repair technician to have the failed bridge unit serviced.

The Secret Life of Token Ring

Token Ring has always had amazing capabilities in the areas of internal diagnostics and ring management, capabilities that have gone largely untapped by network management software. Unlike ARCNET and Ethernet, Token Ring LANs circulate a constant stream of Medium Access Control (MAC) frames that provide a wealth of information regarding the network's status. These MAC frames are used privately by the network adapter cards to keep the network running, but they can be intercepted by network management applications to reveal what's happening under the covers.

Few vendors offer software tools that capture these MAC frames for network management purposes. Only one vendor--IBM--augments the MAC frames with another protocol layer of management services as defined by System Network Architecture (SNA). In large companies, Token Ring LANs are often part of SNA networks. SNA is an IBM standard for networking that encompasses...well, everything. Terminals, PCs, LANs, controllers, mainframes, and even remote printers come under the SNA umbrella. An SNA network node is characterized as either an ``entry point'' or a ``focal point''. An entry point can generate SNA statistics and status information; a focal point receives the data and presents it to an operator.

Within SNA, IBM has defined a Management Services standard that defines how network management products talk to one another. For example, the IBM standard says that an alert (a record of an error or other significant event) includes such fields as the node address at which the error occurred, the date and time of the error, the ID of the management component reporting the error, the probable cause, and a recommended action. (The node initiating the alert, of course, may not be able to fill in all these items.) Developed by IBM, SNA is nonetheless a well-known and fully-documented standard that many computer manufacturers adhere to so that their hardware and software are IBM compatible.

Not all Token Ring workstations are peers. One workstations is designated the Active Monitor, which means it assumes additional responsibilities for controlling the ring. The Active Monitor maintains the ring's timing control, issues new tokens (if necessary) to keep things going, and generates diagnostic frames under certain circumstances. The Active Monitor can be any one of the workstations on the network and is chosen when the ring is initialized. If the Active Monitor fails for some reason, there is an automatic procedure by which the other workstations (the Standby Monitors) negotiate with one another to choose a new Active Monitor.

The IEEE 802.5 (Token Ring) standard defines six types of MAC control frames. A workstation sends a Duplicate Address Test frame when it first joins the ring, to ensure that its address is unique. To let other workstations know it's still alive, the Active Monitor sends an Active Monitor Present frame every so often. A Standby Monitor Present frame is sent periodically by other workstations. A Standby Monitor sends Claim Token frames when it suspects the Active Monitor may have died (the Standby Monitors then negotiate among themselves to determine which one becomes the new Active Monitor). A workstation sends a Beacon frame in the event of a major network problem, such as a broken cable or a workstation transmitting without waiting for a Token (going out of turn). And a Purge frame is sent after a ring initializes itself or after a new Active Monitor is established.

Network management software locates the Active Monitor on the LAN by looking for the Active Monitor Present MAC frames. Software then watches for Beacon frames and uses them to trigger diagnostic actions. Using the standard ring polling technique defined in the IEEE 802.5 Token Ring specification, the software can also determine the status of each network adapter card on the network. If an adapter is found to be disabled and the Token Ring LAN is part of an SNA network, an alert can be generated. When errors occur on a Token Ring workstation, the real culprit is sometimes a different workstation. A ``Nearest Active Upstream Neighbor'' (NAUN) workstation, because it's the node that is responsible for passing a token or frame downstream to this workstation, may have malfunctioned and corrupted the data. Network management software can detect the NAUN relationship and use it to point you in the right direction.

SNA on Token Ring

Above the MAC layer, SNA management services provide that Logical Link Control (LLC) layer frames can be issued by either a focal point or an entry point that needs to perform management tasks. If SNA-aware support software is loaded into a workstation, that workstation can be queried, tested, and diagnosed from a remote location. SNA is rich in management/maintenance functions. SNA defines services for performing traces, recording memory snapshots (even from a remote system), requesting/responding to tests, and generating/recording statistics.

To trace events on a particular segment of the network, for example, the focal point issues an Activate Link (ACTLINK) request. It then follows this request with an Activate Trace (ACTTRACE) request, records the resulting Record Trace Data (RECTRD) events, and finally issues a Deactivate Trace (DACTTRACE) request. The RECTRD messages contain the link address, the trace type, and the trace data. An ACTTRACE request might specify that the trace include data for an entire segment (transmission group) or for a specific link.

A Request Maintenance Statistics (REQMS) request asks an SNA node to report resource maintenance statistics, and specifies whether those statistics counters should be reset (zeroed) after being reported. A Token Ring workstation on an SNA network can respond to this request with adapter engineering change level data, network software version data, traffic counts, and error counts. The workstation can, if error counts exceed predetermined thresholds, initiate the sending of these statistics even without having received a REQMS message.

As you can see, SNA is not lacking in services for both maintenance and management of a network.

The View from LAN Network Manager

It won't surprise you to learn that IBM has a product that helps network administrators manage Token Ring LANs, especially those that are part of larger SNA networks. IBM's LAN Manager provides a simple menu interface that works with NetView (a mainframe IBM product) or by itself on a single- or multi-segment Token Ring network. Don't confuse IBM LAN Manager with Microsoft's LAN Manager product: the IBM offering is a true network management application while Microsoft's product is a network operating system. IBM has announced a name change for its product; beginning in April, it will be called LAN Network Manager. (Thank you, IBM, for eliminating the confusion!)

IBM LAN Manager is SAA-compliant, and the renamed version that will appear in April will run under OS/2 Extended Edition Presentation Manager. It'll use OS/2 EE Database Manager to store and retrieve network configuration data and network error event histories (alerts). The current LAN Network Manager maintains configuration files and alert lists, but these are not accessible with SQL commands.

IBM says Version 1.1 will be available late in 1991, and that 1.1 adds more NetView commands (80 commands, up from 12), more protocols, and a pictorial (graphics) representation of the LAN. Version 1.1 will also use the ISO Common Management Information Protocols (CMIP) and will encode data according to the ``Specification of Basic Encoding Rules for Abstract Syntax Notation'' (ASN.1, ISO 8825). Byte-flipped machines like Intel-equipped IBM PCs will be able to nonchalantly communicate with Apple, DEC, and Sun computers. IBM obviously wants to be a friendly neighbor when it comes to multivendor network management.

Running alone, LAN Network Manager acts as a focal point on a network. When used with NetView, though, LAN Network Manager is also an entry point--an agent--to the mainframe product. When used as an entry point, LAN Network Manager is, in SNA terms, a System Services Control Point (SSCP) node. It uses an SNA SSCP-Physical Unit communications session to talk to NetView. There are usually several SSCPs in a SNA network, and they provide essential management services: helping to activate or deactivate the network, allocating network resources, managing the recovery of the network from communications failures, collecting traffic data, interacting with network operations people, executing their commands, and coordinating the interconnection of the different segments of the network. NetView itself is an SSCP node that offers central management of a large, geographically-diverse network.

What does this do for you, you ask? Network management operations can be initiated and controlled from any terminal or workstation on the network, whether or not it is physically part of the Token Ring network being managed. This is especially useful to network administrators who are geographically remote from the LANs they care for.

NetView Close-up

NetView incorporates and combines the features of several other IBM mainframe products. Network Communications Control Facility (NCCF) works across multiple-domain networks to (1) record alerts, (2) divide up management responsibilities among several network operators, and (3) run command-script programs. Network Logical Data Manager (NLDM) records session/routing information, including response time data. Network Problem Determination Application (NPDA) analyzes network problems and presents the results at several levels of detail. At the lowest level, NPDA reveals the probable cause of an error or failure.

NetView integrates these and other functions into a simple menu-driven management application. A NetView operator can easily look at a particular SNA node's health, as well as analyze statistics and/or reconfigure (or reset) network devices. For instance, a LAN Network Manager or NetView operator can reconfigure a LAN bridge to have a different network address or a different hopcount limit (the maximum number of bridges through which a frame can pass on its journey). From either NetView or LAN Network Manager, a person can collect performance and traffic statistics from LAN bridges, including a count of of the frames that have been discarded or not forwarded because of error conditions and a count of broadcast frames intended for reception by all workstations.

You can also use NetView's NCCF component to query or command LAN Network Manager, without actually sitting down at a LAN Network Manager workstation. You can ask for the current status of a Token Ring node, remove the node from the network, perform a point-to-point test between two nodes, reset LAN Network Manager, and ask for a display of the current configuration of a LAN segment.

There are two ways to programmatically control NetView or to obtain network status and event history information from it. NetView incorporates a script file processor that an administrator can use to automate the system's response to certain events. Programming the script language facility embedded in NetView is quite a bit like writing scripts for a PC communications program. For instance, you can easily write a program that wakes up when a particular kind of alert is received. Your program might try to automatically recover from the error by sending a ``reset-device'' command to the problem node.

The Application Program Interface (API) to NetView is more complicated, but it allows custom-written programs in a high-level language to access NetView configuration data files and alert histories. The NetView API can also be used by an application program to trigger an alert of its own, perhaps to signal a problem with a database file. NetView files the resulting alert in its history file and takes an appropriate action (as defined by you). This action might consist, for example, of a notification that operator intervention is required. A new aspect of the NetView programming interface is an LU 6.2 (peer-to-peer communications) facility. LU 6.2 is a dialog-oriented protocol within SNA. With simple verbs such as Allocate, Receive-and-Wait, Send-Data, Confirm, and Deallocate, the LU 6.2 protocol makes it easy to query NetView or perform custom network management tasks (implemented by a staff of programmers, of course).

Yet another IBM product, NetView/PC, provides a programming interface to NetView that other vendors can use to interface their equipment to NetView. Companies like Synoptics, AT&T Paradyne, and Codex have products that work with NetView and that are based on the NetView/PC interface. The devices that use this interface include Ethernet adapters, modem management hardware, and T1 network resources.

Auditing and Controlling Your Network

LAN Network Manager works with other IBM products to control access to the network. Beginning in April, it will let you set up rules saying when certain workstations can log on. In conjunction with the IBM LAN Station Manager and 8230 Token Ring Controlled Access Unit (CAU), LAN Network Manager can detect intruder logins, generate an alert, and automatically remove the offender from the network by reprogramming/resetting the 8230 CAU. LAN Network Manager itself, of course, is password-protected.

Do you know exactly where all your company's PCs are located? LAN Network Manager, LAN Station Manager, and the CAU work together to help map your LANs as they dynamically change over time. The CAU incorporates a data-reporting function that notifies LAN Network Manager of adapter, lobe, and segment identifications for workstations on the LAN. The LAN Station Manager program product will be available late in 1991 and will come in both DOS and OS/2 versions. It collects device information from each workstation and sends the information to LAN Network Manager. It maintains a station database that contains user-specific information such as room number, serial number, and a symbolic machine name. LAN Station Manager is intended to be installed on each and every workstation. LAN Network Manager (or NetView) can trigger the CAU and/or LAN Station Manager to report what they know and thus correlate a particular workstation with a particular building location. Voila! Instant asset management. You'll finally be able to track down where all the PCs are in the company!

Speaking of mapping your network--also later this year, Network LAN Manager version 1.1 will be able to display a pictorial representation of your LANs. It will use IBM's GraphicsView/2 to show OS/2 workstations and their node status on the network. The network can be viewed at the LAN level, the LAN segment level, or the LAN access unit/lobe level. Another product, called NETCENTER, also uses graphics to depict the network. It provides yet another control/monitor function to the operator. Running under PC/DOS, NETCENTER lets you manage both SNA and non-SNA resources on a NetView network.

I mentioned that IBM will use CMIP in its new products; be aware that the extent of IBM's CMIP and SNMP usage will be fairly limited. One of the few places CMIP comes into the picture is between the new CAU device and LAN Network Manager. Other diagnostic and management functions within the network will generally not be CMIP-compliant. The primary protocol used by IBM in its network management products is defined in SNA's Management Services, and this will remain true for years to come. However, IBM does provide the means, with its TCP/IP Release 2 product, for device faults that originate in SNMP nodes to be recorded in the central Alert List. When I asked one of the developers at IBM about future CMIP support, he said it would be added as the definition of CMIP becomes clearer.

The Right Tool for the Right Job

Token Ring has hidden strengths, and it's too bad there aren't more network management applications that take advantage of these strengths. I believe LAN Network Manager is the first network management product to fully use the the management information inherent in every Token Ring LAN, along with the network management standards laid down by IBM as part of their System Network Architecture. The internals of Token Ring and SNA are certainly not confidential. Perhaps soon we'll see other tools from other vendors.

In the meantime, though, these products from IBM can give you an inside look at the health of your network. LAN Network Manager and NetView are sophisticated yet simple. Don't try to buy them for a small office LAN, though; these are big-time tools for large networks. If you have at least a medium-sized Token Ring LAN, you !might think of getting LAN Network Manager. It'll set you back about $4,000 (one time fee). NetView for your mainframe is a bit more, of course--about $3,000 per month in license fees, depending on processor type and operating system.

When you need tools like these, you need them badly.

Back