Goodbye SNMP? Hello, WS-Management 176
Laoping writes "News.com has a story about a new Web services management specification designed to simplify network administration across a wide range of devices. A bunch of a big tech companies developed it together (Microsoft, Intel, AMD, Dell and Sun). Microsoft will build support for WS-Management into an update to Windows Server, which is due late next year, and in the version of its Microsoft Operations Manager management software due in 2006. The .PDF release, that makes it clear that it is meant to be a Simple Network Management Protocol killer. Now I am all for a replacement for SNMP, but is this the way go?"
wonder (Score:5, Funny)
Re:wonder (Score:4, Insightful)
If you've worked with SNMP, you know that it is a technically solid solution - low on resources, fast. However, SNMP _is_ complex. Finding OIDs in large MIBs, secure configuration, interpreting data are mostly difficult.
I give a technically sound, industry standard and less complex alternative for SNMP a good chance for quick adoptation.
Re:wonder (Score:3, Insightful)
Re:wonder (Score:2)
>configuration, interpreting data are mostly difficult.
These are valid points, however I'd not blame all that on SNMP itself.
It's mostly the tools. SNMP tools could be made much much better/easier.
Re:wonder (Score:4, Informative)
Re:wonder (Score:2)
We need a replacement and anyone who has studied Microsoft's MCSE materials know that MS has been wanting to ditch SNMP for years.
Not a bad idea.
Re:wonder (Score:2)
Why is it that every there's something new.... (Score:5, Insightful)
Read the article about the 32-bit MCUs a few stories down for yet another example.
Re:Why is it that every there's something new.... (Score:2)
If it didn't work first time around, why would it work now?
this page but without going blind (Score:3, Informative)
sounds like the next virus propagation method to (Score:1, Interesting)
connect the dots (Score:5, Informative)
Re:connect the dots (Score:4, Informative)
That said, SOAP isn't necessarily confined to HTTP transport, though of course in all practical reality it is, for now. But there's no tight binding there.
Anyway, what does the transport have to do with the "spectrum of object management requirements"? Or am I just not understanding your statement?
Re:connect the dots (Score:2)
Re:connect the dots (Score:3, Informative)
In web services land, HTTP is just one type of transport. SOAP is decoupled from the transport, so I think your concern is unfounded. Can you give me an example of how HTTP will
Re:connect the dots (Score:3, Informative)
I use Web Services too, within the context of Web Logic. There are so many unknowns and reliability issues under the hood. For simple http request
What is "Web Services"? (Score:2)
Is "Web Services" just the latest way to say "implemented using SOAP"?
Re:What is "Web Services"? (Score:2)
To answer your question: yes, more or less.
Of course, there are other considerations - security, authentication, and so forth. But those are just extras layered on top. Check out the XMLRPC spec to get a very basic idea of how it works. SOAP is like XMLRPC, but way mo
Re:connect the dots (Score:2)
Goodbye SNMP? Hardly. (Score:5, Insightful)
Re:Goodbye SNMP? Hardly. (Score:5, Insightful)
Re:Goodbye SNMP? Hardly. (Score:2)
You got one thing dead right though: RAM is the fundamental limit to tcp/ip. It is really the only excuse for not being able to do tcp/ip. Interesting that microcontrollers havent advanced ram more quickly. I'm still hacking on a 136 byte controller, for example.
Still seems like if you're going
Re:Goodbye SNMP? Hardly. (Score:2)
http://msdn.microsoft.com/library/default.asp?url
Re:Goodbye SNMP? Hardly. (Score:3, Interesting)
If I were doing this, I would take the strenghts
Re:Goodbye SNMP? Hardly. (Score:2, Insightful)
SNMP has evolved from time to improving from one version to another from data retrival to security.
Well its a well establised phenomenom and no one can change it in a day as most of the big fish in this business rely on it to satisfy their appetite.
Lots and lots of work is undergoin specially in SNMPs 3rd version as most of t
Re:Goodbye SNMP? Hardly. (Score:2)
Which is very suspiciously similar to WS-Management, 'cept for the shorter name and the completely different set of signatories. Both try and provide a distributed "resources" view of SOAP endpoints, because if they were called "Distributed Objects" we'd all realise that the "Distributed Objects bad, Service Oriented Architecture" was so much bollocks.
Now, the fact that they are fairly similar means there is scope fo
War! (Score:5, Funny)
Clearly this is war! SNMP and M$-Management will battle it out for the top market share...oh wait...
Re:War! (Score:2)
Re:War! (Score:3, Insightful)
At least there is a 'hope' of interoperability.
but the important question is ... (Score:4, Insightful)
snmp v3 works perfectly fine as it is. let's leave well enough alone
but, this will probably work out well for intel
Re:but the important question is ... (Score:3, Funny)
you'll need a 3.8GHz P4 and a chipset with a mail co-processor built in.
-nB
Re:but the important question is ... (Score:5, Insightful)
Are you fucking kidding?
What an amazingly "Score: 5, Insightful" observation. It's almost enough to make a person believe that Intel doesn't sell more chips for networking and embedded applications than they do desktop CPUs. Which they do.
snmp v3... (Score:5, Insightful)
considering most vendors are still using v1 or v2, that should be 'lets leave snmp v3 alone'
to be perfectly honest, SNMP is anything but simple. the only thing simple about it is the protocol itself. it then got buried under avalanches of proprietary MIBs, all partially overlapping yet all mutually incompatible. some only partially documented (or not documented at all). not only that, the insistence of vendors using funky proprietary data types (or worse, strings) when existing datatypes would work perfectly fine.
what was needed imo was a MIB guideline and 'retarded implementation' verification. to ensure vendors didn't create obfuscated and spaghettified MIBs.
Re:but the important question is ... (Score:3, Informative)
Insightful? To me insightful would require actually having read the specification.
If you look at the spec, you'll see the answer to this question.
Re:but the important question is ... (Score:2)
Cisco? Nortel? (Score:5, Insightful)
.
Re:Cisco? Nortel? (Score:2)
What about WBEM? (Score:4, Insightful)
Anyone know why this is suddenly being pushed, and not WBEM?
Re:What about WBEM? (Score:2)
Re:What about WBEM? (Score:2)
Re:What about WBEM? (Score:4, Funny)
Because it sounds too much like a radio station.
Announcer: (in professional DJ as God voice) Listen in as the slashdot effects RAHWKS DOWN YOUR ROUTERS...
with DOUBLE-U BEE EEEE EHM!!!
Re:What about WBEM? (Score:2)
Re:What about WBEM? (Score:2)
Re:What about WBEM? (Score:2)
absurdly irrelevant abstractions knotted together
so as to make a correct implementation effectively
impossible. SNMP just doesn't work, as devices and
software from Cisco, Juniper, HP, Sun, demonstrate
on a daily basis for thousands of network professionals
around the world. It is closed in the sense that
any actual deployment depends on the dark-matter
morass of proprietary MIBs using non-standard datatypes
and proprietary extensions.
SNMP must die. This is NOT the
Interesting to see... (Score:2, Interesting)
Re:Interesting to see... (Score:2)
Sun are probably playing against IBM, even though they still hate MS and Dell. That or supporting MS on random WS specs was part of the sun/MS deal.
WBEM? (Score:2)
Microsoft has had a "implementation" (term used loosely) of WBEM in windows since as far back as at least Windows 2000 -- except it defined its own little corner of the MIB tree and didnt store anything in the actualy useful standard MIBs.
Of course, WBEM didnt have any marketing to go with it, so it died.
then again, at least its another shot to put SNMP in the grave where it belongs. especially before version 3, SNMP is a brutal and unreliable hack. im sure somebody wi
Re:WBEM? (Score:2)
I use it all the time with MRTG. Admitedly, I'm only scratching the surface of what SNMP can do, but it works great for what it does. The only big problem I see is a lack of error detection/correction, but considering how widespread SNMP is, I can't see it getting pushed out anytime soon.
Re:WBEM? (Score:3, Interesting)
when a piece of metal needs to be monitored from something that further than a piece or two of cat5 away, being forced into UDP can make SNMP borderline useless. did the packet drop, or is the network down? hmm.. ill use SNMP to see if its the network. hmmm, negative. did the packet drop, or is ... rin
Re:WBEM? (Score:2)
it IS a balanced protocol. the reason it uses UDP is BECAUSE of the possibility of the network dropping packets. snmp uses udp and 'manages' it by doing its own serial # and retry mechanism. snmp+udp gives as much reliability as mumble+tcp.
snmp over tcp has some advantages, but not the ones you are thinking of. I already said that snmp+udp gives sufficient reliability, flow control (etc). so adding extra stuff to an already sufficient solution just adds - well - ex
What's can't SNMP do? (Score:2)
Okay, I'm curious. SNMP allows for polling and for requesting feedback on events (traps). It provides exposed data structures that can present scalar values, trees, and multidimensional arrays. I can't
SNMP problems (Score:2)
encryption support for SNMP is also very poor. that is, few vendors implement it and it's very cumbersome to use even if it is implemented.
the huge proprietary convoluted MIBs vendors use also doesnt help much, especially when the documentation on them is poor to nonexistent. it's also very annoying when they use a proprietary MIB when an existing standard one would have fit just as well (or better).
Re:SNMP problems (Score:2)
Most vendors are now supporting DES, and there are implementations that support 3DES and AES.
cisco has been using snmpv3 for what 6 years in their routers?
but... but... (Score:5, Interesting)
That becomes nigh-on impossible with this WS-Management craziness.
Typical Microsoft - always thinking there is some pleb click-clicking away.
Imagine you have to change some rmon threshold on 400+ devices, or integrate this with the corporate asset database.
Now you get the picture.
Re:but... but... (Score:2)
Perfectly scriptable (Score:2)
You can call a method on a webservice with one line [cpan.org] of perl. Nuff said.
Ever heard of CIM? (Score:5, Interesting)
http://www.dmtf.org/standards/cim/
Microsoft already has a CIMOM implementation in its WMI service, although it uses DCOM to implement RPCs. Sun also has a CIMOM implementation for Solaris.
I find it very strange that the WS-Management
Re:Ever heard of CIM? (Score:3, Insightful)
So what?
I mean, what that moronic thing of replacing everything with this xml-over-http nonsense?
Everyone is crazy doing the same thing, except it is now all on tcp port 80. It is even impossible to apply any kind of policy without lots of application level analysis because every moron in the world is using HTTP to do everything.
SNMP is fine, and if the only thing that those people are trying t
Re:Ever heard of CIM? (Score:2)
Regarding SNMP v/s CIM, that is a lot like arguing C v/s C++ (or religion, for that matter). Don't want to go there.
CIM is over-complex (Score:2)
Re:CIM is over-complex (Score:2)
However, you aren't forced to use the schema. From what I have seen, most of the software that exposes management through CIM declares a new namespace and forgoes use of the CIM schema altogether.
Bandwidth overhead (Score:3, Interesting)
Re:Bandwidth overhead (Score:2)
You do have a point however, but not about the bandwidth. More importantly the network appliance now has to do HTTP and XML processing, something that takes a lot of memory (especially if implemented incorrectly).
I expect that most appliances won't have a problem with this, but it is something to think about. Especially for small, cheap devices. These can keep
Re:Bandwidth overhead (Score:2)
Well... It's obsolete...
Let me put it this way: back in about 1990, my computer had whopping 1MB memory and whopping 40MB hard drive. Today, my *video card* has 256MB memory, the computer itself has a gig, with 180GB hard drive.
Sure, SNMP will still have its place in embedded devices. However, even embedded devices today are much more powerful than they used to be. As for works
Re:Bandwidth overhead (Score:2)
Re:Bandwidth overhead (Score:3, Interesting)
The 'gotcha' (Score:5, Funny)
I'm not sold (Score:5, Interesting)
Re:I'm not sold (Score:2)
I can't say positive of negative on the news. Its a standard, and no matter what standard, it needs adoption and tools support. A new-technology for the sake of itself doesn't make the market jump, and I doubt that anyone 'using' the systems
Comment removed (Score:5, Informative)
Re:I'm not sold (Score:2)
That wasn't my point. What does:
ucdavis
give you? The database may be hierarchical but the data in messages is not. If the response is XML with one round trip you can retrieve an entire tree of information.
But you're right about traps. I didn't think they were that sophisticated.
Re:I'm not sold (Score:2)
I think anyone who has used SNMP in applications enough to acquire a nice, healthy hatred for it would agree: it's not fixable. I'm not saying this is the solution, but SNMP really does belong in the garbage.
Too bad SNMP and its
Help? (Score:2)
My question is: what is broken about it particularly? I am a programmer, so dont make the answer too "dumbed down".
Genuinely curious.
Thanks,
David
Re:Help? (Score:2)
Oh, easy answer then. Go download net-snmp (it's free!) and try to do something useful with it, talk to one of your snmp-enabled devices or something. While doing so remember that it's all supposed to be quite "simple" and robust.
I don't recall seing any great primers on SNMP.
Re:Help? (Score:2)
When I said "simple" I meant the protocol should be simple to conserve resources and reduce the potential for exploits. If you're having problems with a particular implementation I don't think that qualifies as an argument against the protocol. Using an XML/HTTP based implementation isn't necessarily going to be easier.
Re:Help? (Score:2)
That would be a fair point except that all the implementations suck. It's not like there are just a few places where you can point the finger.
Now that, I certainly agree with.
Re:I'm not sold (Score:2)
Wow. (Score:3, Interesting)
It was a PITA enough just to get all of the devices reporting to the same polling engines. I can't even imagine going through and changing it all to some halfassed XML implementation. If they really want it to be an "SNMP replacement", they should just improve on what's already available. Make it compatible with SNMP but more powerful.
They still have work to do... (Score:4, Funny)
Not everything from MS is evil (Score:3, Interesting)
People are more likely to adopt standards that they can implement without getting sued or shelling out large quantities of money to be allowed to adhere to. Despite the comments about the protocol being heavier than SNMP (TCP based, SOAP envelopes, etc.) I think there are cases where a richer, more extensible XML-based syntax would be nice for this kind of application. Or maybe SNMP is "good enough" that adoption will be limited (hard to say without reading the whole spec and comparing), but I don't think crapping on it just because it's Microsoft is fair, at least during those rare moments when they are playing well with others.
Best take: Tim Bray's "Loyal WS Opposition" (Score:2, Informative)
This has probably been covered elsewhere, but I found that Tim Bray's short essay on WS-Overload summed it up better than I could have:
Worth a look: http://tbray.org/ongoing/When/200x/2004/09/18/WS- [tbray.org]
Re:Best take: Tim Bray's "Loyal WS Opposition" (Score:2, Insightful)
Besides, the nice thing about standards is that there is so many of them to choose from.
The way it should be! (Score:2)
Jabber instead (Score:4, Interesting)
Re:Jabber instead (Score:2)
Almost certainly. Did you know that you can use DNS as a VOIP protocol?
Real question is whether it is any good in that mode and whether people are prepared to support that specification.
There are a couple of reasons why WS-Management is useful, the most impo
Re:Jabber instead (Score:2)
-sid
Or even together (Score:2)
Ummm... (Score:3)
Despite that, the only largely software-based companies involved are two VERY proprietary-obsessed companies??
Meanwhile, what can AMD and Intel offer to such a solution? Since when are they involved in building new networking-related systems?
Also, someone else on here brought up the issue of patent-encumbered technology. This will *definitely* be an issue with these vendors/manufacturers, seeing as they'll all be interested merely in their capital gain as opposed to simply contributing to the general technological advancement of the internet/networks in general...
"WS-Management can also be used to manage things like set-top boxes and TiVo-like digital video recorders"
Yup, all containing AMD or Intel CPUs, running an embedded MS/Sun OS... now we see why the CPU manufacturers are involved...
Am I the only one getting sick of hearing about these new "great" proposals made by huge companies when their true intent is blatantly obvious? SNMP *works*, yet for some reason, as usual, some big company has to come along and try and run it over with their new crippleware, claiming it's the New & Improved (tm) version of whatever it was that worked just fine before...
What about JMX (Score:3, Informative)
JMX [sun.com]
By going along with this new specification. Network Management, monitoring, and other SNMP-like operations in Java are moving to the JMX or java media extension framework. In Java 5, the VM has JMX hooks built in for monitoring and control. Alas, I have to agree that SNMP is tired and old, but it still is in place in a lot of environments (and in routers, firewalls, and other hardware appliances) and is really easy to interface and use. I doubt this will catch on very quickly...
security considerations. (Score:2, Insightful)
Glad I don't run Windows Server (Score:2, Funny)
Once this support is built, I have a feeling that if you so much as ping a Windows server, regardless of whether it's enabled, it'll instantly give you full-administrator in some fun only-by-Microsoft way. Combining IIS and the management level that they're talking about seems to just beg for disaster.
--sean
Why should I or should I not quit SNMP (Score:3, Informative)
-Implementations can fit in a few kb memory footprint. I don't see web services beating that any time soon. (Oh, and not all the devices on the planet are 4Ghz P4's with a gigabyte of ram so it is still important not to be a memory hog on many areas).
-For relatively simple purposes, S(imple)NMP is almost as simple as it gets. Like say, for the monitoring of the temperature of a router, using something like web services would surely be overkill.
-There are many implementations for your favorite unix flavor. Probably best is the excelent net-snmp [sourceforge.net] package. The 5.x version has many new methods of extending the main agent instrumentation through compiled in modules, dynamicaly loadable modules, external (pass) scripts, even embedded perl. Solaris 10 will be using the net-snmp package as part of the standard installation.
-The protocol is extremely efficient so there is little presure on the underlying medium. The PDU's are encoded in BER, so the implementations are abundant and quite standard. And yes, this is very very important because practicaly all versions of agents and toolkits are 100% compatible between them.
-Because the SMI is defined in ASN.1, there is no ambiguity in the structure of the management information. See previous bullet why this is important.
-There are excellent tools like HP OpenView NNM which can really simplify monitoring of even extremely large networks.
Now let's see some of its disadvantages:
-Poor security, corrected in version 3 (somewhat complex) but still most people use version 1 or 2c.
-Setable objects are IMHO a nightmare to use. For those of you who are reloading their router by setting sysUpTime to 0, I may seem dead wrong, but it appears that most people's safe bet would be just to log in to the machine and do the job they want. To generalize that idea, SNMP is unbeatable when it comes to monitoring things, but when it comes to actualy controlling things from away, it loses. Perhaps that is exactly the niche that those web services will complement (not replace!) SNMP.
-Extremely difficult to describe complex data structures using SMI. But then again I may be too impatient.
Lastly, though it will sound bitter, there is no clear evidence that web services or WBEM or whatever will be able to actualy help network administrators do their job better than they do it today.
And remember everyone, there is no big company that can necessarily know your job and your needs better than you, as much as they profess to. So on this matter we must not take the word of those who are trying to sell us the New Management Ubertool but on the contrary try to evaluate it in the real world and figure out if it actualy is usefull or not.
And that's my five cents for tonight.
other disadvantages (Score:2)
vendors using proprietary datatypes (or strings) when existing standard datatypes work just fine. laziness? stupidity? beats me.
SNMP also works very poorly through NAT. or lossy/high latency WANs.
vendors seem to think the 'simple' in SNMP means they can cut corners and do a minimal implementation, so you get devices which crash when you request large sets of data. a simple snmpwalk can cra
Standards bloat (Score:2)
If it guarantees delivery... (Score:2, Interesting)
I've seen systems that are snmp based, where a cluster is used, and if the system has a fail-over many old traps are read again and alerted on. I think if the sending application can get an acknowledgement from the central app (netiq, netcool, compaq insight manager, tivoli, hp openview, etc) these type of false alerts would go away. When the sender can see the alert as a transaction it el
Too heavyweight (Score:2)
If I was to build a cheap DSL modem, switch, IP camera or wireless gateway, I would probably be working with an 8/16 bit processor and limited memory to save money. In such a case, I would want to minimize my code and memory footprint and my CPU requirements.
Now lets look at XML. It is a bloated, complex, textual way of representing information. It requires some sort of a parser to read requests and storage of strings rat
security issue (Score:2, Interesting)
Re:Microsoft (Score:1)
Re:Anyone read this as... (Score:2)
I'm reading the "Master and Commander" books right now, and it's a blizzard of topsail, topgallantsail, stun'sl, spritsails, jibs of a half dozen types, staysails, etc etc etc - probably thirty-plus sails. And that's not even counting the rigging, masts, stays, cannons, etc. It makes my head spin and I was in Sea Cadets for eight years learning this kind of stuff!
Computing just chooses to try to make the complexity a bit faster to type by acronymization, that's all.
Re:Pants? (Score:2)
2. ???
3. Profit!!!1!