Management of the next generation IP core network

Management of the Next Generation IP Core Network

16.04.1999

Pradip Lamsal
Department of Computer Science and Engineering
Helsinki University of Technology
Pradip.Lamsal@hut.fi

Abstract

Today, IPv6 is one of the hottest topics in the computer networks area both in terms of research and implementation. Like any new technology it is important that the management aspect of IPv6 networks is made clear before the complete transition of IPv4 to IPv6. Lots of new technologies and protocols, intended to help IPv6, have emerged. This makes the management of the networks, both the core network and the access networks, slightly different than that of IPv4 networks. This paper tries to explain the basic concepts of network management and then to describe how those concepts can be implemented to manage an IPv6 core network.

Contents

1 Introduction

2 Network Architecture
    2.1 Internet Architecture
        2.1.1 Autonomous System
        2.1.2 Core Network
    2.2 Routing
    2.3 Routing Protocols
        2.3.1 IGP
        2.3.2 EGP

3 Network Management Background
    3.1 What is Network Management?
        3.1.1 Network Monitoring
        3.1.2 Network Control
    3.2 Network Management Architecture
    3.3 Network Management Protocol
        3.3.1 SNMP
        3.3.2 CMIP
        3.3.3 RMON

4 ISO Network Management
4.1 ISO Functional Areas
4.2 Network Management Layers

5 IPv6
    5.1 Protocol Description
    5.2 IPv6 in the Core Network
    5.3 ICMPv6

6 IPv6 Core Network Management
    6.1 Network Management Protocol
    6.2 Basic Principle
    6.3 MIB
        6.3.1 IPV6 MIB
        6.3.2 ICMPV6 MIB
    6.4 Management Layer & Functional Areas
        6.4.1 Management Layer
        6.4.2 Fault Management
        6.4.3 Configuration Management
        6.4.4 Accounting Management
        6.4.5 Performance Management
        6.4.6 Security Management
    6.5 Operation & Management of BGP4+

7 Other Issues
7.1 Current Work in this Area
7.2 Future Direction

8 Conclusion

References

Further Reading

1 Introduction

As the network concept became very popular in the early 1980s there were a lot of big companies around the world introducing and expanding the network. This simplified the computing world significantly. Many networking technologies were introduced and different equipment using different technologies were used in the network. As the size of the network became bigger and more and more vendors started to appear in the market the networking world started to feel some difficulties. One of the major sources of the difficulties was that it was very hard to maintain large and multivendor networking devices.

A lot of things have changed since then. Networking devices have become more intelligent, new and more effective technologies have emerged and people have become more and more conscious about network management issues. However, the complexity of the network and the networking devices have increased at the same, if not, greater rate. Therefore, the management problems that existed around 30 years ago are still around. It is just that they look different and the impact they can have on the network is of different significance.

One of the major areas where a network can have difficulties is the day-to-day operation. The high level of complexity of all the networking technologies requires experts in those technologies in order to operate the network properly. When this is combined with the huge size of the network, managing the network manually becomes virtually impossible.

Our society today is more dependent on computer networks than it was yesterday and tomorrow it will be more dependent than it is today. A slight failure in any area of the network can have significant impact on society, both technically and socially. For this very reason an automated network management system, which can manage a wide range of technologies, has become a must.

2 Network Architecture

2.1 Internet Architecture

The Internet is a collection of different autonomous systems connected together by the core network as shown in Figure 1.

Figure 1: General internet architecture [7]

2.1.1 Autonomous System

An autonomous system, also referred to as an internet, is a collection of networks and subnetworks, which is independent and can be managed separately. It has its own routing algorithm and it can be managed independently. One network is connected to another network by a gateway called the interior gateway. The protocol an interior gateway uses to route a packet inside an autonomous system is called the Interior Gateway Protocol (IGP). The IGP used in an autonomous system can be different than that in another autonomous system. In telecommunications domain an autonomous system is often called an access network.

2.1.2 Core Network

The autonomous systems are connected together in a form of a network called the core network or the backbone network. The gateways that connect all the autonomous systems to the core network are called exterior gateways and the routing protocol these exterior gateways use is called the Exterior Gateway Protocol (EGP). Unlike IGPs the EGP cannot be different on different exterior gateways and it must be an internetwide standard.

2.2 Routing

The approach that can be used for routing in an internet can be either centralised or distributed. In centralised routing scheme the routing information associated with each gateway is downloaded from a centralised database. This scheme is not very practical for the Internet. The Internet uses a distributed routing scheme. Here, each of the hosts and the gateways has routing information as a routing table. A routing table is a look up table where a packet’s destination address is matched with the nearest gateway, router or the hosts and forwarded to that destination. In the distributed routing scheme all the devices have to co-operate with each other in order to keep their routing tables up to date. Different protocols are used to achieve this.

When a packet travels from one hosts to another in two different autonomous systems the packet first goes to the exterior gateway. If the source network is not connected to the exterior gateway then the packet first travels through one or more interior gateways to get to the exterior gateway. The exterior gateway looks at the destination address of the packet and checks its routing table. It calculates the best path to get to the destination and finds the right exterior gateway through which the packet can enter the destination autonomous system. Once the packet enters the destination autonomous system it goes through the interior gateways to its destination. Interior gateways also use their routing tables to route the packet.

2.3 Routing Protocols

2.3.1 IGP

One of the most widely used IGPs is Routing Information Protocol (RIP). This protocol uses a technique called Distance Vector Algorithm (DVA), which is specific to TCP/IP. Link State (LS) and Open Shortest Path First (OSPF) are other examples of commonly available interior gateway protocols.

2.3.2 EGP

Border Gateway Protocol (BGP) is an EGP used in TCP/IP networks. Current BGP, BGP4, is capable of carrying routing information only for IPv4. Some extensions have been added to this protocol so that it can be used for other network layer protocols such as IPv6. And, this new protocol is called BGP4+.

BGP supports three different kinds of routing [2]. All of these can happen in a core network.

Inter-autonomous system routing: This is the routing between two or more exterior gateways in different autonomous systems.
Intra-autonomous system routing: This is the routing between two or more exterior gateways in the same autonomous system.
Pass-through autonomous system routing: This is the routing between two or more exterior gateways, which exchange traffic across an autonomous system that does not run BGP.

3 Network Management Background

3.1 What is Network Management?

Network management is all about managing a network so that the network is available and functional all the time. The management concept can be divided into two main categories: monitoring and controlling. [12]

3.1.1 Network Monitoring

Monitoring means observing and analysing the status and behaviour of the network, which involves end systems, intermediate systems and the core network. By monitoring a network the management entity (explained in §3.2) can get the static, dynamic and statistical information of the network. Things that can be monitored in a network are fault, performance, accounting information etc.

3.1.2 Network Control

Controlling involves modifying parameters and invoking some actions on the network, which involves end systems, intermediate systems and the core network. Things that fall into this category of network management are mainly the configuration and security aspects of the network. Configuring a network involves initialisation, maintenance and shut down of individual devices whereas security is mainly concerned with the security of the total network.

3.2 Network Management Architecture

In order to implement an automated network management system a network has to be integrated with some extra equipment that can help in managing the network. This network entity, which acts as a manager in this context, is generally referred to as the Network Management System (NMS). The devices, which are to be managed, are called the managed devices. An NMS uses a network management protocol to manage the managed devices.

Figure 2 shows the basic network management architecture.

Figure 2: Network management architecture [4]

The piece of software the NMS communicates with is called an agent. Sometimes an agent uses a proxy to manage a device.

Devices can be designed by several vendors but they should all look the same to the NMS. The NMS sees the device as a collection of logical entities called the managed objects. These managed objects are accessed through a virtual information store called the Management Information Base (MIB).

3.3 Network Management Protocol

Network management protocols are used by the NMS to access the managed devices. Two network management protocols that are commonly used are the Simple Network Management Protocol (SNMP) and Common Management Information Protocol (CMIP), which is an ISO standard. Remote Network Monitoring (RMON), which is not a protocol, has become an integral part of network management and will be described in this section.

3.3.1 SNMP

SNMP is mainly used in computer networks, which run the TCP/IP protocol. The first and simplest version of this protocol is known as SNMPv1, which developed to SNMPv2 and now the latest standard is SNMPv.3.

SNMP needs to run both on the NMS (called SNMP manager) and the managed device (called SNMP agent). The manager communicates with the agent, which in turn talks to the agent software running on the given managed device in order to manage the device. Figure 3 shows the architecture of SNMPv3 management entity.

Figure 3: SNMPv3 architecture [8]

The SNMP engine is in both the manager and the agent. The applications labelled as (M) are only in the manager and the ones labelled as (A) are only in the agent. Only notification originator is both in the manager and the agent.

3.3.2 CMIP

CMIP is used extensively on telecommunications devices. It defines the procedure for the transmission of management information and the syntax for the management services between the NMS and the agent.

3.3.3 RMON

RMON defines a remote monitoring MIB that helps the NMS in the monitoring side of management in the network. SNMP is good enough to monitor a gateway but RMON helps to monitor the whole core network, not only one device.

In order to monitor a network properly the RMON agent can be put on one managed device in the network and then be controlled. The MIB contains different managed objects, which can store the monitored data. This MIB can be configured by the NMS so that it captures the desired information. There are also some managed objects, which can be used to represent a command when they are set to some specific values. And, these properties of RMON can be used with SNMP.

4 ISO Network management

In the past telecommunications networks and data communications networks have been more or less completely separate in terms of network management. The telecommunications vendors use ISO (International Standards Organisation) network management model whereas the data communications vendors use standards published other standard bodies. ISO standards are big and precise but not restricted only to the telecom networks. Since the core concepts behind the both networks are the same and the two areas are merging together the ISO model has its own significance in the combined network. The concepts described in §4.1 and §4.2 originate from the telecom network management but are applicable in data communications networks as well.

4.1 ISO Functional Areas

The ISO network management model consists of five functional areas:

Fault management: The goal of fault management is to detect, log, notify and automatically fix the network problems to keep the network running efficiently.
Configuration management: The main purpose of configuration management is to monitor and control the configuration information of the network.
Accounting management: This area deals with billing aspect of the network.
Performance management: Performance management deals with the quality of service the network is providing. Information related to performance such as bit error rates, alarms and traffic loading provides vital statistics that can be used in network planning, marketing and maintenance.
Security management: This part of the network management system controls the security of the network.

All of these functional areas are related to both network monitoring and network control parts of the management. However, fault management, accounting management and performance management are more important for network monitoring and configuration and security management are more important for network control part of the management. [3, 12, 13]

4.2 Network Management Layers

The management functionality can be considered to be partitioned into four logical layers. Each layer represents particular aspects of management functionality. Figure 4 shows the four management layers on top of a physical layer, called the element layer.

Figure 4:TMN management layers

Element Layer: Element layer is NOT a management layer. It represents the elements that are being managed and for this reason this layer can be perceived as a physical layer containing the managed elements. All the exterior and interior gateways are in the element layer.

Element Management Layer: This layer contains the functionality to manage and monitor a set of similar network elements. For example, a set of exterior gateways (theoretically, from any vendor) can be managed by an element management layer entity. This management entity interacts directly with the agent software on the managed device and does not know the topology of the network.

Network Management Layer: A network management layer entity should know the entire network and is responsible for managing the whole network. A network management layer entity uses the element management layer entities to co-ordinate the activities across the network.

Service Management Layer: This layer is responsible for the contractual aspects of services provided by a carrier to its customers. The element on this layer has access to the network management layer through which it monitors and controls the network resources. Some examples of services at this layer are Virtual Private Network (VPN), Internet telephony, Advanced Intelligent Network (AIN) etc.

Business Management Layer: This is the topmost layer and is responsible for the overall management of the enterprise. Agreement between operators is an example of the service provided by the business management layer. This layer is not used extensively and is viewed as a goal setting layer.

5 IPv6

5.1 Protocol Description

IPv6, also referred to as IPng (IP next generation), is a new network layer protocol designed to replace the current internet protocol IPv4. The basic principle behind this new protocol is the same as that of IPv4. However, there are some fundamental changes, which can be summed up in five categories:

Expanded addressing capabilities: IPv6 can have 128 bit addressing space, which supports more hosts than the current 32 bit addressing scheme in IPv4.
Header format simplification: Some headers have been dropped or made optional in order to reduce the processing cost of the IP packets.
Improved support for extensions and options: The IPv6 header is made more flexible than before and thus it supports more extensions and options.
Flow labelling capability: The flow label option in the header gives a chance to treat some packets as special packets. This can be very useful when handling the real time traffic, which requires minimum transport delay.
Authentication and privacy capabilities: There are extensions to support authentication, data integrity and data confidentiality in IPv6.

Because of these new features in IPv6, the packets have to be handled differently.

5.2 IPv6 in the Core Network

When IPv6 runs on the core network the complexity it creates is due to the changes mentioned in §5.1. All the managed devices in the core network have to support the new protocol, which means supporting all the new features in IPv6. Especially, the external gateways have to support all the new protocols designed for IPv6.

5.3 ICMPv6

Internet Control Message Protocol (ICMPv6) is an integral part of IPv6 implementations, especially when it comes to network management. ICMPv6 is used with IPv6 by both the hosts and the gateways. It is used mainly for error reporting, reachability testing, congestion control, performance measuring, subnet addressing and route-change notification.

6 IPv6 Core Network Management

6.1 Network Management Protocol

SNMP is the protocol that is normally used for the management of a core network. It is simple to use, not as versatile as CMIP but still good enough for the data communications network. The earlier versions of SNMP were not very secure but the latest version, SNMPv3, has a lot of emphasis on security. Security with additional administrative capabilities has been the driving force behind the evolution of SNMPv3.

The security subsystem of SNMP (refer to Figure 3) provides security services such as the authentication and privacy of messages. Furthermore, it can also have multiple security models defined by the users. All SNMP messages have one of the three levels of security as outlined below:

Without authentication and without privacy
With authentication and without privacy
With authentication and with privacy

The management operations in SNMP are of following types:

Get: Retrieves an object instance from the agent.
Get-next: Retrieves the next object instance from a table or list within an agent.
Set: Sets object instances within an agent.
Trap: Informs asynchronously the NMS of some events.
Inform: Allows one manager to send trap type information to another manager and request a response.
Get-bulk: allows a manager to retrieve efficiently large blocks of data such as multiple rows in a table, which would otherwise require the transmission of many small blocks of data.

6.2 Basic Principle

Management of a core network involves managing the managed devices involved, which are the exterior gateways. The agent running on those gateways should have all the information that an NMS requires for the management purpose.

When the NMS wants to get some information the SNMP manager running on the NMS sends an SNMP query to the SNMP agent running on the gateway. The SNMP agent then forwards the query to the agent software on the gateway. This agent then determines the type of the query, identifies the right managed object, queries that managed object and finally returns the result to the SNMP agent. This SNMP agent then forwards the result to the SNMP manager. This fundamental principle applies to both the monitoring and controlling aspects of network management.

6.3 MIB

All the devices that are connected to IPv6 core network must have IPv6 and ICMPv6 MIBs on its agent software. Other MIBs depend on the protocol running on other layers. For instance, if the network has TCP on its transport layer then the agent software should have TCP MIB on top of IPv6 and ICMPv6 MIBs. And, if it has UDP then UDP MIB should exist on top of the IPv6 MIB.

6.3.1 IPv6 MIB

The MIB of IPv6 contains several managed objects at different hierarchical levels. They all store different information. There are six managed objects, which are in the form of tables and they provide information for the basic management of Ipv6 managed devices. [9]

ipv6IfTable: It contains the information on the device’s IPv6 interfaces.
ipv6IfStatsTable: It contains on the traffic statistics of the device’s IPv6 interfaces.
ipv6AddrPrefixTable: It contains information on address prefixes that are associated with the entity’s IPv6 interfaces.
ipv6AddrTable: It contains the addressing information relevant to the device’s IPv6 interfaces.
ipv6RouteTable: It contains an entry for each valid IPv6 unicast route that can be used for packet forwarding determination.
ipv6NetToMediaTable: It contains the Ipv6 address to ‘physical’ address equivalencies.

Other relevant IPv6 managed objects will be mentioned wherever appropriate.

6.3.2 ICMPv6 MIB

Like IPv6 MIB the ICMPv6 MIB also contains the managed objects in hierarchical level. Most of the managed objects record errors or problems. There are 32 managed objects to record the statistics about messages, 17 of which record the messages going out of an ICMP interface and the remaining 17 record the messages coming into the interface. [10] These managed objects record the information such as number of ICMP errors, number of ICMP destinations unreachable and number of ICMP router advertisement messages. Besides these 32 managed objects there are other objects which are to check ICMP compliance.

6.4 Management Layer & Functional Areas

6.4.1 Management Layer

A core gateway is a network layer (layer 3) device. It is managed directly by an element management layer entity. Unfortunately, there is no single organisation in the world that manages all the core gateways. At the moment a core gateway in a country is managed by a government organisation or an Internet Service Provider (ISP). Therefore, managing the core network at the network management layer is virtually impossible. In countries such as the US, where there are several core routers, network management might be a possibility.

6.4.2 Fault Management

The main objective of fault management is to monitor the faults in the core network as quickly as possible and to identify their cause so that the remedial action may be taken [12]. The external gateways record the faults. The MIBs of Ipv6 and ICMPv6 have several managed objects to record different kinds of faults. When the gateways receive an SNMP request for fault measurement the agent software passes the records to the manager.

For the core network it is very important to predict the faults before they overload the network. This can be done by lowering the limit of the fault threshold in the gateways. This way the gateways can generate alarms as soon as the faults cross the new threshold and the manager can do something in order to avoid the situation. [12, 13]

6.4.3 Configuration Management

Configuration management involves initialising, maintaining and shutting down of individual components in the core network, which are the exterior gateways. While the core network is operational the configuration management is also responsible of monitoring the configuration and making changes according to request. This request can come as an NMS request or an event in the network. For instance, if fault management detects and isolates a fault on a core link then configuration management might have to change the configuration in order to bypass the fault. [12, 13]

The main functions of configuration management can be outlined as follows:

Configuration management should define the configuration information, which is specification and attributes of the exterior gateways.
It should set and modify the configuration information.
It should define and modify the association between the core link and the gateways.
It should be able to initialise and terminate the operation of the gateway. This should not affect the operation of the other exterior gateways and their core links. [12]

6.4.4 Accounting Management

Accounting management involves in keeping track of the usage of the network resource [12, 13]. The accounting information of a core network shows the resources used by the owner of the core gateway.

6.4.5 Performance Management

The performance of the core network is very critical as the core network carries a large amount of traffic. There are several indicators, which indicate the performance of a core network. Some of the common indicators are:

Availability: This indicates the percentage of the time the core network is available to the users.
Response time: This indicates the time the gateways take to react to a given input or request.
Accuracy: This indicates how accurate the transmission in the core network is.
Throughput: This indicates how efficient the core network is.
Utilisation: This indicates how much resource (links, gateways etc) is used.

Most of the information, including those mentioned above, are stored in the MIB of IPv6, ICMPv6 and/or the protocols above and below IPv6 protocol.

All the performance related measurements are done by the agent software running on the exterior gateways. When the exterior gateways receive SNMP requests regarding the performance these measurements are passed to the SNMP manager.

6.4.5 Security Management

From network management’s point of view security management involves

Maintaining security information: The management keeps track of activity or attempted activity with a certain group of objects, which are regarded as security objects. The security objects include keys, authentication information, access-right information and operating parameters of security services and mechanics.
Controlling resource access: The management is responsible for giving access to certain management resources so that an intruder cannot modify the resources’ configuration information. The resources, which are considered as ‘should be secured’, are security codes, routing tables, alarm threshold levels, accounting tables etc.
Controlling the encryption process: The management system should encrypt the messages between the NMS and the agent. The protocol itself is becoming more and more secure. SNMPv3 is meant to be more secure than the current SNMPv2.

6.6 Operation & Management of BGP4+

BGP4+ is the protocol used to exchange network reachability information with other BGP devices. This information also includes the list of autonomous system paths i.e., the list of the autonomous systems that the reachability information traverses.

BGP4+ packets are transferred through the network as normal TCP/IP packets. It uses all the transport layer protocol’s facilities such as fragmentation, retransmission and sequencing.

Each BGP4+ gateway has a routing table, which contains all the feasible paths to a particular network. This routing table is updated when the gateway gets new information from another gateway. When a BGP4+ gateway connected to the core network it exchanges its entire BGP4+ routing table with other gateways. After that the information is sent only when the routing table changes and only the changed information is sent.

The management of BGP4+ is tightly coupled with the communication between the gateways and does not require external management system. This is due to the fact that the routing table is dynamic. BGP4+ supports the following four different messages: [11]

Open message: This opens a BGP communications session between the gateways.
Update message: This message is used when the routing table of other gateways has to be updated. Update message is very important and it uses TCP to ensure reliability.
Notification message: Notification message is sent when an error is detected. Notifications close an active session and also inform other gateways why the session is being closed.
Keep-alive message: This message is used to inform other BGP4+ gateways that this device is active.

7 Other Issues

7.1 Current Work in this Area

The management of an IPv6 network is assumed not to be very different from the management of IPv4 networks. There are some new and some enhanced protocols and all of them are meant to be compatible with SNMPv2, which is the management protocol for IPv4 core network. The problems in this area are yet to be discovered because the implementation of IPv6 is just starting. Projects such as 6Bone are slowly replacing the IPv4 by IPv6 and the current management technologies are being used with modification to match with the new protocols.

7.2 Future Direction

Since data communications and telecommunications are heading towards the same direction more and more devices will be seen to use technologies from both areas. ATM, which is designed for both data and voice, is being used slowly. This will force both areas to borrow each other’s technologies and protocols. This way more and more devices will be seen to have a bit of both. From management’s point of view, this means only one management system for all the devices on the network. Of course, it is hard to predict where the technology will head in the future but looking at the consumers’ demands and the recent developments in this area it looks like that we will have only one global network for data, voice and video.

8 Conclusion

Network management is complex but not impossible. IPv6 is definitely more complicated than IPv4, but at the same time it provides more features both for implementation and management. Migration of SNMPv2 to SNMPv3 provides more secure management operations. This is very useful in the whole network, both the core network and the autonomous systems. The concepts of ISO functional areas and management layer make the whole management system very modular and easier to implement.

References

[1] Bates, T., Chandra, R., Katz, D. & Rekhter, Y., Multiprotocol Extensions for BGP-4, RFC 2283 http://www.cis.ohio-state.edu/htbin/rfc/rfc2283.html

[2] Cisco, Border Gateway Protocol (BGP), 1999
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/55143.htm

[3] Cisco, Network Management Basics, 1997
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/55018.htm

[4] Cisco, Simple Network Management Protocol, 1997
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/55029.htm

[5] Conta, A. & Deering, S., Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification, RFC 2463, 1998
http://www.cis.ohio-state.edu/htbin/rfc/rfc2463.html

[6] Deering, S. & Hinden, R., Internet Protocol, Version 6 (IPv6) Specification, RFC 2460, 1998
http://www.cis.ohio-state.edu/htbin/rfc/rfc2460.html

[7] Halsall, F., Data Communications, Computer Networks and Open Systems, 4^th ed., Addison-Wesley, UK, 1997, 907p

[8] Harrington, D., Presuhn, R. & Wijnen, B., An Architecture for Describing SNMP Management Frameworks, RFC 2271, 1998
http://www.cis.ohio-state.edu/htbin/rfc/rfc2271.html

[9] Haskin, D. & Onishi, S., Management Information Base for IP Version 6: Textual Conventions and General Group, RFC 2465, 1998
http://www.cis.ohio-state.edu/htbin/rfc/rfc2465.html

[10] Haskin, D. & Onishi, S., Management Information Base for IP Version 6: ICMPv6 Group, RFC 2466, 1998
http://www.cis.ohio-state.edu/htbin/rfc/rfc2466.html

[11] Rekhter, Y. & Li, T., A Border Gateway Protocol 4 (BGP-4), RFC 1771
http://www.cis.ohio-state.edu/htbin/rfc/rfc1771.html

[12] Stallings, W., SNMP, SNMPv2, and CMIP The Practical guide to Network Management Standards, 3^rd Printing, Addison-Wesley, Massachusetts, 1993, 625p

[13] Stevenson, D. W., Network Management- What it is and what it isn’t, 1995
http://netman.cit.buffalo.edu/Doc/DStevenson/

Further Reading

Case, J., McCloghrie, K., Rose, M. & Waldbusser, S., Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2), RFC 1448, 1993
http://www.cis.ohio-state.edu/htbin/rfc/rfc1448.html

Cisco, Network Management Solutions for IP-VPN Services, 1999
http://www.cisco.com/warp/public/779/servpro/solutions/csm/vpn_wp.htm

Cisco, Cisco Service Management System, 1999
http://www.cisco.com/warp/public/779/servpro/solutions/csm/cstmn_pl.htm

Cisco, Cisco Service Management System, 1999
http://www.cisco.com/warp/public/779/servpro/solutions/csm/csm_wp.htm

Hinden, R. M., IP Next Generation Overview, 1995
http://playground.sun.com/ipng/INET-IPng-Paper.html

Levi, D., Meyer, P. & Steward, B., SNMPv3 Applications, RFC 2273, 1998
http://www.cis.ohio-state.edu/htbin/rfc/rfc2273.html