As per Relevance of the word management, we have this rfc below:
Network Working Group R. Stine,
Request for Comments: 1147 SPARTA, Inc
FYI: 2 April 1990
FYI on a Network Management Tool Catalog
Tools for Monitoring and Debugging TCP/IP
and Interconnected
Status of this
The goal of this FYI memo is to provide practical informa
tion to site administrators and network managers. This
provides information for the Internet community. It
not specify any standard. It is not a statement of IAB pol
icy or recommendations. Comments, critiques, and new
updated tool descriptions are welcome, and should be sent
Robert Stine, at stine@sparta.com, or to the NOCTools work
ing group, at noctools@merit.edu
Distribution of this memo is unlimited
1.
This catalog contains descriptions of several tools avail
able to assist network managers in debugging and
TCP/IP internets and interconnected
resources. Entries in the catalog tell what a tool does
how it works, and how it can be obtained
The NOCTools Working Group of the Internet Engineering
Force (IETF) compiled this catalog in 1989. Future
will be produced as IETF members become aware of tools
should be included, and of deficiencies or inaccuracies
Developing an edition oriented to the OSI protocol suite
also contemplated
The tools described in this catalog are in no way
by the IETF. For the most part, we have neither
the tools in this catalog, nor validated their descriptions
Most of the descriptions of commercial tools have been pro
vided by vendors. Caveat Emptor
1.1
The practice of re-inventing the wheel seems endemic to
field of data communications. The primary goal of
IETF NOCTools Working Group [Page 1]
RFC 1147 FYI: Network Management Tool Catalog April 1990
document is to fight that tendency in a small but
way. By listing the capabilities of some of the
network management tools, we hope to pool and
knowledge and experience. Another goal of this catalog
to show those new in the field what can be done to
internet sites. A network management tutorial at the end
the document is of further assistance in this area
Finally, by omission, this catalog points out the
management tools that are needed, but do not yet exist
There are other sources of information on available
management tools. Both the DDN Protocol Implementation
Vendors Guide and the DATAPRO series on data
and LANs are particularly comprehensive and informative
The DDN Protocol Implementation and Vendors Guide
a wide range of internet management topics,
evaluations of protocol implementations and
analyzers.* The DATAPRO volumes, though expensive (
your local university or technical libraries!), are
surveys of available commercial products for network manage
ment. DATAPRO also includes tutorials, market analyses
product evaluations, and predictions on technology trends
1.2
The tools described in this document are used for
the network resources, LANs, and devices that are
interconnected by TCP/IP internets. This document is not
however, a "how to" manual on network management. While
includes a tutorial, the coverage is much too brief and gen
eral to serve as a sole source: a great deal of
study is required of aspiring network managers. Neither
this catalog is an operations manual for particular tools
Each individual tool entry is brief, and emphasizes the
to which a tool can be put. A tool's documentation,
in some cases runs to hundreds of pages, should be
for assistance in its installation and operation
1.3
Section 1 describes the purpose, scope, and organization
this catalog
Section 2 lists and explains the standard keywords used
_________________________
* Instructions for obtaining the DDN Protocol Guide
given in Section 7 of the appendix
IETF NOCTools Working Group [Page 2]
RFC 1147 FYI: Network Management Tool Catalog April 1990
the tool descriptions. The keywords can be used as a sub
ject index into the catalog
Section 3, the main body of the catalog, contains
entries describing network management tools. The
entries in Section 3 are presented in alphabetical order,
tool name. The tool descriptions all follow a standard for
mat, described in the introduction to Section 3.
Following the catalog, there is an appendix that contains
tutorial on the goals and practice of network management
1.4
The compilation and editing of this catalog was sponsored
the Defense Communications Engineering Center (DCEC), con
tract DCA100-89-C-0001. The effort grew out of an
task to survey current internet management tools. The cata
log is largely, however, the result of volunteer labor
the part of the NOCTools Working Group, the User
Working Group, and many others. Without these
contributions, the catalog would not exist. The
from the Internet community for this endeavor has
extremely gratifying
Several individuals made especially notable contributions
Mike Patton, Paul Holbrook, Mark Fedor and Gary Malkin
particularly helpful in composition and editorial review
while Dave Crocker provided essential guidance
encouragement. Bob Enger was active from the first with
gut work of chairing the Working Group and building
catalog. Phill Gross helped to christen the NOCTools Work
ing Group, to define its scope and goals, and to
its role in the IETF. Mike Little contributed the
idea of enhancing and publicizing the management tool
through IETF participation
Responsibility for any deficiencies and errors remains,
course, with the editor
IETF NOCTools Working Group [Page 3]
RFC 1147 FYI: Network Management Tool Catalog April 1990
2.
This catalog uses "keywords" for terse characterizations
the tools. Keywords are abbreviated attributes of a tool
its use. To allow cross-comparison of tools, uniform key
word definitions have been developed, and are given below
Following the definitions, there is an index of
entries by keyword
2.1 Keyword
The keywords are always listed in a prefined order,
first by the general category into which they fall, and
alphabetically. The categories that have been defined
management tool keywords are
o�+ the general management area to which a
relates or a tool's functional role
o�+ the network resources or components that
managed
o�+ the mechanisms or methods a tool uses to
its functions
o�+ the operating system and hardware environment of
tool;
o�+ the characteristics of a tool as a hardware pro
duct or software release
The keywords used to describe the general management area
functional role of a tool are
a reporting/logging tool that can trigger on
events within a network
a traffic monitor that reconstructs and interprets pro
tocol messages that span several packets
a tool used to evaluate the performance of network com
ponents
IETF NOCTools Working Group [Page 4]
RFC 1147 FYI: Network Management Tool Catalog April 1990
a tool that can change the state or status of a
network resource
a tool that by generating arbitrary packets and moni
toring traffic, can drive a remote network component
various states and record its responses
a traffic generation tool
a distributed network management system or system com
ponent
a tool that can discover and report a system's
or configuration
a tool for documenting MIB structure or system confi
guration
a packet route discovery tool
a tool for analyzing or reducing threats to security
a tool that remotely tracks the status of network com
ponents
a tool that monitors packet flow
The keywords used to identify the network resources or com
ponents that a tool manages are
a tool for controlling or monitoring LAN bridges
IETF NOCTools Working Group [Page 5]
RFC 1147 FYI: Network Management Tool Catalog April 1990
a tool for controlling or monitoring implementations
the CHAOS protocol suite or network components that
it
a tool for controlling or monitoring implementations
the DECnet protocol suite or network components
use it
a Domain Name System debugging tool
a tool for controlling or monitoring network
on ethernet LANs
a tool for controlling or monitoring network
on FDDI LANs or WANs
a tool for controlling or monitoring implementations
the TCP/IP protocol suite or network components
use it
a tool for controlling or monitoring implementations
the OSI protocol suite or network components that
it
a Network File System debugging tool
a tool for controlling or monitoring network
on Token Ring LANs
an SMTP debugging tool
a tool for controlling or monitoring network
on StarLANs
The keywords used to describe a tool's mechanism are
IETF NOCTools Working Group [Page 6]
RFC 1147 FYI: Network Management Tool Catalog April 1990
a tool that uses the "curses" tty interface package
a tool that silently monitors communications
(e.g., by putting an ethernet interface into "promiscu
ous" mode).
the tool is a component of or queries a Network Manage
ment System
a tool that sends packet probes such as ICMP echo mes
sages; to help distinguish tools, we do not
NMS queries or protocol spoofing (see below) as probes
a distributed tool that uses proprietary
techniques to link its components
a network management system or component based on SNMP
the Simple Network Management Protocol
a tool that tests operation of remote protocol
by peer-level message exchange
a tool that uses X-Windows
The keywords used to describe a tool's operating
are
a tool that runs under MS-DOS
a tool that runs on Hewlett-Packard systems
a tool that runs on Macintosh personal computers
IETF NOCTools Working Group [Page 7]
RFC 1147 FYI: Network Management Tool Catalog April 1990
an integrated hardware/software tool that requires
a network interface for operation
a tool that runs under 4.xBSD UNIX or related OS
a tool that runs under DEC's VMS operating system
The keywords used to describe a tool's characteristics as
hardware or software acquisition are
a tool is available at no charge, though other restric
tions may apply (tools that are part of an OS distribu
tion but not otherwise available are not listed
"free").
a tool packaged with either an Application
Interface (API) or object-level subroutines that may
loaded with programs
a collection of source code (subroutines) upon
developers may construct other tools
IETF NOCTools Working Group [Page 8]
RFC 1147 FYI: Network Management Tool Catalog April 1990
2.2 Tools Indexed by
Following is an index of catalog entries sorted by keyword
This index can be used to locate the tools with a
attribute: tools are listed under each keyword that charac
terizes them. The keywords and the subordinate lists
tools under them are in alphabetical order
In the interest of brevity, some liberties have been
with tool names. Capitalization of the names is as speci
fied by the tool developers or distributers. Note
parenthetical roman numerals following a tool's name are
actually part of the name. The use of roman numerals
differentiate tools with the same name is explained in
introduction of Section 3.
alarm
CMIP Library
EtherMeter
LanProbe
LANWatch
NETMON (III) Snmp
osilog
Snmp Libraries
snmptrapd
SpiderMonitor
Unisys
WIN/MGT
xnetmon (I)
XNETMON (II) CMIP
NETMON (III
analyzer
LANWatch
Sniffer Snmp
SpiderMonitor
Unisys
benchmark WIN/MGT
hammer XNETMON (II
Unisys
IETF NOCTools Working Group [Page 9]
RFC 1147 FYI: Network Management Tool Catalog April 1990
curses
Internet Rover Comp. Security
net_monitor
nfswatch
osimon
snmpperfmon LAN
netmon (I
debugger NETMON (III
SPIMS
DECnet Snmp
decaddrs snmpd (II
LANWatch
NETMON (III) XNETMON (II
net_monitor
Snmp Libraries
SpiderMonitor
XNETMON (II)
xnetperfmon
LAN
DNS
DiG NETMON (II
LANWatch
netmon (I)
nslookup
IETF NOCTools Working Group [Page 10]
RFC 1147 FYI: Network Management Tool Catalog April 1990
ethernet
arp
ConnectVIEW CMIP
ENTM CMU
etherfind
etherhostprobe
EtherMeter
EtherView
LAN Patrol
LanProbe
LANWatch Internet
map
NETMON (III) netmon (I
netwatch NETMON (II
Network Integrator
nfswatch
NMC net_
NNStat
proxyd
SERAG
Sniffer
Snmp Libraries
snmpd (II)
SpiderMonitor
tcpdump
Unisys NCC
WIN/MGT Station
XNETMON (II)
xnetperfmon
SNMP
FDDI
Unisys NCC
Unisys
IETF NOCTools Working Group [Page 11]
RFC 1147 FYI: Network Management Tool Catalog April 1990
HP
xup
CMU
Dual
Internet
Netlabs CMOT
Netlabs SNMP
netmon (I
NETMON (II
NETMON (III
net_
SNMP
Snmp
snmpd (I
snmpd (II
IETF NOCTools Working Group [Page 12]
RFC 1147 FYI: Network Management Tool Catalog April 1990
snmpxconn
snmpxmon CMIP
snmpxperf CMU
snmpxperfmon
snmpxrtmetric
SpiderMonitor Dual
SPIMS
spray
Tcpdump
Tcplogger Netlabs CMOT
Traceroute Netlabs SNMP
TRPT NETMON (III
TTCP
Unisys NCC
WIN/MGT Station
xnetmon (I)
XNETMON (II)
xnetperfmon
SNMP
library Snmp
CMIP Library
Dual Manager snmpd (I
LANWatch snmpd (II
proxyd
WIN/MGT Station
Macintosh
HyperMIB
Unisys
WIN/MGT
xnetmon (I
XNETMON (II
IETF NOCTools Working Group [Page 13]
RFC 1147 FYI: Network Management Tool Catalog April 1990
map
decaddrs CMU
etherhostprobe
EtherMeter
LanProbe Dual
map
NETMON (III)
Network Integrator
NPRV
Snmp Libraries Netlabs CMOT
snmpxconn Netlabs SNMP
snmpxmon NETMON (III
Unisys NCC
xnetmon (I)
XNETMON (II)
NFS SNMP
etherfind Snmp
EtherView
nfswatch snmpd (I
nhfsstone snmpd (II
Sniffer
tcpdump
Unisys
WIN/MGT
xnetmon (I
XNETMON (II
IETF NOCTools Working Group [Page 14]
RFC 1147 FYI: Network Management Tool Catalog April 1990
OSI
CMIP Library
Dual Manager
LANWatch
Netlabs CMOT Agent NETMON (III
NETMON (III)
osilog
osimic
osimon Snmp
OSITRACE snmpd (II
sma
Sniffer XNETMON (II
Snmp Libraries
XNETMON (II)
xnetperfmon
ping
etherhostprobe
hopcheck
Internet Rover NETMON (III
map
netmon (I) net_
net_monitor
NPRV
ping
spray Snmp
traceroute
TTCP
Unisys NCC
xup
WIN/MGT
XNETMON (II
EtherMeter
LanProbe Comp. Security
SERAG
TokenVIEW Dual
LAN
reference XNETMON (II
Unisys
IETF NOCTools Working Group [Page 15]
RFC 1147 FYI: Network Management Tool Catalog April 1990
SMTP
Internet Rover CMIP
LANWatch CMU
mconnect
Sniffer Internet
SNMP NETMON (III
CMU SNMP net_
decaddrs
Dual Manager SNMP
getone Snmp
map Snmpd (II
Netlabs SNMP Agent
NETMON (III) XNETMON (II
NMC
SNMP Kit
Snmp Libraries
snmpask Internet
snmpd (I)
snmpd (II)
snmplookup
snmpperfmon
snmppoll
snmpset
snmpsrc
snmpstat
snmptrapd
snmpxconn
snmpxmon LAN
snmpxperf
snmpxperfmon
snmpxrtmetric NETMON (III
Unisys NCC
WIN/MGT Station
xnetmon (I) Snmp
XNETMON (II) snmpd (II
xnetperfmon XNETMON (II
IETF NOCTools Working Group [Page 16]
RFC 1147 FYI: Network Management Tool Catalog April 1990
status
CMIP Library
CMU SNMP
ConnectVIEW
DiG
Dual Manager LAN
getone
Internet Rover
LanProbe NETMON (II
mconnect
Netlabs CMOT Agent Network
Netlabs SNMP Agent
netmon (I)
net_monitor
NMC
NNStat
NPRV
nslookup
osimic
osimon
OverVIEW
ping
proxyd Unisys
sma WIN/MGT
SNMP
Snmp
snmpd (I
snmpd (II
Unisys
WIN/MGT
xnetmon (I
XNETMON (II
IETF NOCTools Working Group [Page 17]
RFC 1147 FYI: Network Management Tool Catalog April 1990
UNIX
arp
CMIP Library
CMU SNMP
decaddrs
DiG
Dual Manager
etherfind
etherhostprobe
EtherView
getone
Internet Rover
map Unisys
mconnect WIN/MGT
NETMON (II) xnetmon (I
netstat XNETMON (II
Network Integrator
net_
nhfsstone
NMC
NNStat
nslookup
osilog net_
osimic
osimon
OSITRACE
ping Snmp
proxyd
query
SERAG
sma XNETMON (II
SNMP Kit
Snmp
snmpd (I
snmpd (II
IETF NOCTools Working Group [Page 18]
RFC 1147 FYI: Network Management Tool Catalog April 1990
Dual
WIN/MGT
XNETMON (II
IETF NOCTools Working Group [Page 19]
RFC 1147 FYI: Network Management Tool Catalog April 1990
3. Tool
This section is a collection of brief descriptions of
for managing TCP/IP internets. These entries are in alpha
betical order, by tool name
The entries all follow a standard format. Immediately
the NAME of a tool are its associated KEYWORDS.
are terse descriptions of the purposes or attributes of
tool. A more detailed description of a tool's purpose
characteristics is given in the ABSTRACT section.
MECHANISM section describes how a tool works. In CAVEATS
warnings about tool use are given. In BUGS, known bugs
bug-report procedures are given. LIMITATIONS describes
boundaries of a tool's capabilities. HARDWARE REQUIRED
SOFTWARE REQUIRED relate the operational environment a
needs. Finally, in AVAILABILITY, pointers to vendors
online repositories, or other sources for a tool are given
We deal with the problem of tool-name clashes --
tools that have the same name -- by appending
roman numerals to the names. For example, BYU, MITRE,
SNMP Research each submitted a description of a tool
"NETMON." These tools were independently developed,
functionally different, run in different environments,
are no more related than Richard Burton the 19th
explorer and Richard Burton the 20th century actor. BYU'
tool "NETMON" is listed as "NETMON (I)," MITRE's as "
(II)," and the tool from SNMP Research as "NETMON (III)."
The parenthetical roman numerals reveal only the order
which the catalog editor received the tool descriptions
They should not be construed to indicate any sort of prefer
ence, priority, or rights to a tool name
IETF NOCTools Working Group [Page 20]
Internet Tool Catalog
routing; ethernet, IP; UNIX, VMS; free
Arp displays and can modify the internet-to-
address translations tables used by ARP, the
resolution protocol
The arp program accesses operating system memory
read the ARP data structures
None
None known
Only the super user can modify ARP entries
HARDWARE
No restrictions
SOFTWARE
BSD UNIX or related OS, or VMS
Available via anonymous FTP from uunet.uu.net,
directory bsd-sources/src/etc. Available with 4.
UNIX and related operating systems. For VMS,
as part of TGV MultiNet IP software package, as well
Wollongong's WIN/TCP
IETF NOCTools Working Group [Page 21]
Internet Tool Catalog CMIP
CMIP
alarm, control, manager, status; OSI; UNIX; free
library, sourcelib
The CMIP Library implements the functionality of
Common Management Information Service/Protocol as
the documents ISO DP 9595-2/9596-2 of March 1988.
can act as a building block for the construction
CMIP-based agent and manager applications
The CMIP library uses ISO ROS, ACSE and ASN.1 presenta
tion, as implemented in ISODE, to provide its service
None
None known
The M-CREATE, M-DELETE and M-ACTION protocol
are not implemented in this version
HARDWARE
Developed on Sun3, tested on Sun3 and VAXStation
SOFTWARE
The ISODE protocol suite, BSD UNIX
The CMIP library and related management tools
upon it, known as OSIMIS (OSI Management
Service), are publicly available from University Col
lege London, England via FTP and FTAM. To
information regarding a copy send email
gknight@ac.ucl.cs.uk or call +44 1 380 7366.
IETF NOCTools Working Group [Page 22]
Internet Tool Catalog CMU
The CMU SNMP
manager, status; IP; NMS, SNMP; UNIX; free, sourcelib
The CMU SNMP Distribution includes source code for
SNMP agent, several SNMP client applications, an ASN.1
library, and supporting documentation
The agent compiles into about 10 KB of 68000 code.
distribution includes a full agent that runs on
Kinetics FastPath2/3/4, and is built into the
appletalk/ethernet gateway. The machine
portions of this agent also run on CMU's IBM PC/
based router
The applications are designed to be useful in the
world. Information is collected and presented in
useful format and is suitable for everyday status moni
toring. Input and output are interpreted symbolically
The tools can be used without referencing the RFCs
SNMP
None
None reported. Send bug reports
sw0l+snmp@andrew.cmu.edu. ("sw0l" is "ess double-
zero ell.")
None reported
HARDWARE
The KIP gateway agent runs on a Kinetics FastPath2/3/4.
Otherwise, no restrictions
SOFTWARE
The code was written with efficiency and portability
mind. The applications compile and run on the follow
ing systems: IBM PC/RT running ACIS Release 3, Sun3/50
running SUNOS 3.5, and the DEC microVax running
2.2. They are expected to run on any system with
IETF NOCTools Working Group [Page 23]
Internet Tool Catalog CMU
Berkeley socket interface
This distribution is copyrighted by CMU, but may
used and sold without permission. Consult the copy
right notices for further information. The distribu
tion is available by anonymous FTP from the
lancaster.andrew.cmu.edu (128.2.13.21) as the
pub/cmu-snmp.9.tar, and pub/kip-snmp.9.tar. The
includes the libraries and the applications, and
latter is the KIP SNMP agent
Please direct questions, comments, and bug reports
sw0l+snmp@andrew.cmu.edu. ("sw0l" is "ess double-
zero ell.") If you pick up this package, please send
note to the above address, so that you may be
of future enhancements/changes and additions to the
of applications (several are planned).
IETF NOCTools Working Group [Page 24]
Internet Tool Catalog COMPUTER SECURITY
Computer Security
security; DOS
This program consists of 858 computer security ques
tions divided up in thirteen sections. The
presents the questions to the user and records
responses. After answering the questions in one of
thirteen sections, the user can generate a report
the questions and the user's answers. The
sections are: telecommunications security,
access security, personnel security, systems develop
ment security, security awareness and training prac
tices, organizational and management security, data
program security, processing and operations security
ergonomics and error prevention, environmental secu
rity, and backup and recovery security
The questions are weighted as to their importance,
the report generator can sort the questions by weight
This way the most important issues can be
first
The questions are displayed on the screen and the
is prompted for a single keystroke reply. When the
of one of the thirteen sections is reached, the
are written to a disk file. The question file and
answer file are merged to create the report file
None
None known
None reported
HARDWARE
No restrictions
SOFTWARE
DOS operating system
IETF NOCTools Working Group [Page 25]
Internet Tool Catalog COMPUTER SECURITY
A commercial product available from
C.D., Ltd
P.O. Box 58363
Seattle, WA 98138
(206) 243-8700
IETF NOCTools Working Group [Page 26]
Internet Tool Catalog
control, manager, routing, security, status; bridge
ethernet, ring; NMS, proprietary; DOS
The ConnectVIEW Network Management System consists
various software managers that control and manage Hal
ley System's internets made of of ConnectLAN 100 ether
net and ConnectLAN 200 Token Ring Brouters.
management software provides an icon-based
network display with real-time monitoring and report
ing, along with configuration, fault, performance
security management functions for managing
brouters. A Planning function is also provided
allows users to draw their networks
Proprietary
The ConnectVIEW software must be running under Micro
soft Windows, preferably on a dedicated management sta
tion. There is, however, no degradation of
throughput
None known
Currently works only with Halley System's products
HARDWARE
Requires a PC/AT compatible, with 640KB RAM,
adapter and monitor, keyboard, mouse, and
adapter
SOFTWARE
MSDOS 3.3 or higher. Microsoft Windows/286
2.1.
Commercially available from
Halley Systems, Inc
2730 Orchard
San Jose, CA 95134
IETF NOCTools Working Group [Page 27]
Internet Tool Catalog
decaddrs, decaroute, decnroute, xnsroutes,
manager, map, routing; bridge, DECnet; NMS, SNMP; UNIX
These commands display private MIB information
Wellfleet systems. They retrieve and format
display values of one or several MIB variables from
Wellfleet Communications private enterprise MIB,
the SNMP (RFC1098). In particular these tools are
to examine the non-IP modules (DECnet, XNS, and Bridg
ing) of a Wellfleet system
Decaddrs displays the DECnet configuration of
Wellfleet system acting as a DECnet router, showing
static parameters associated with each DECnet inter
face. Decaroute and decnroute display the
inter-area and intra-area routing tables (that is
routes and node routes). Xnsroutes displays
known to a Wellfleet system acting as an XNS router
Bridgetab displays the bridge forwarding table with
disposition of traffic arriving from or directed
each station known to the Wellfleet bridge module.
these commands take an IP address as the argument
can specify an SNMP community for the retrieval.
SNMP query is performed for each row of the table
Note that the Wellfleet system must be operating as
IP router for the SNMP to be accessible
Management information is exchanged by use of SNMP
None
None known
None reported
HARDWARE
Distributed and supported for Sun 3 systems
SOFTWARE
Distributed and supported for SunOS 3.5 and 4.x
IETF NOCTools Working Group [Page 28]
Internet Tool Catalog DECADDRS, DECAROUTE, et al
Commercial product of
Wellfleet Communications, Inc
12 DeAngelo
Bedford, MA 01730-2204
(617) 275-2400
IETF NOCTools Working Group [Page 29]
Internet Tool Catalog
status; DNS; spoof; UNIX; free
DiG (domain information groper), is a command line
which queries DNS servers in either an interactive or
batch mode. It was developed to be
convenient/flexible than nslookup for gathering perfor
mance data and testing DNS servers
Dig is built on a slightly modified version of the
resolver (release 4.8).
none
None known
None reported
HARDWARE
No restrictions
SOFTWARE
BSD UNIX
DiG is available via anonymous FTP from venera.isi.
in pub/dig.1.0.tar.Z
IETF NOCTools Working Group [Page 30]
Internet Tool Catalog DUAL
Dual
alarm, control, manager, map, security, status; IP
OSI; NMS, SNMP, X; UNIX; library
Netlabs' Dual Manager provides management of TCP/
networks using both SNMP and CMOT protocols.
management can be initiated either through the X
Windows user interface (both Motif and Openlook),
through OSI Network Management (CMIP) commands.
Dual Manager provides for configuration, fault, secu
rity and performance management. It provides
map management features, including scanned maps in
background. It provides simple mechanisms to
the MIB and assign specific lists of objects
specific network elements, thereby providing for
management of all vendors' specific MIB extensions.
provides an optional relational DBMS for storing
retrieving MIB and alarm information. Finally,
Dual Manager is an open platform, in that it
several Application Programming Interfaces (APIs)
users to extend the functionality of the Dual Manager
The Dual Manager is expected to work as a TCP/
"branch manager" under DEC's EMA, AT&T's UNMA and
OSI-conformant enterprise management architectures
The Netlabs Dual Manager supports the control and moni
toring of network resources by use of both CMOT
SNMP message exchanges
None
None known
None reported
HARDWARE
Runs on Sun/3 and Sun/4s
IETF NOCTools Working Group [Page 31]
Internet Tool Catalog DUAL
SOFTWARE
Available on System V or SCO Open Desktop environments
Uses X-Windows for the user interface
Commercially available from
Netlabs
11693 Chenault Street Ste 348
Los Angeles CA 90049
(213) 476-4070
lam@netlabs.com (Anne Lam
IETF NOCTools Working Group [Page 32]
Internet Tool Catalog
ENTM -- Ethernet Traffic
traffic; ethernet, IP; eavesdrop; VMS; free
ENTM is a screen-oriented utility that runs
VAX/VMS. It monitors local ethernet traffic
displays either a real time or cumulative,
showing a percent breakdown of traffic by ethernet pro
tocol type. The information in the display can
reported based on packet count or byte count. The per
cent of broadcast, multicast and approximate lost pack
ets is reported as well. The screen display is
every three seconds. Additionally, a real time, slid
ing history window may be displayed showing
traffic patterns for the last five minutes
ENTM can also report IP traffic statistics by
count or byte count. The IP histograms reflect infor
mation collected at the TCP and UDP port level, includ
ing ICMP type/code combinations. Both the ethernet
IP histograms may be sorted by ASCII protocol/port
or by percent-value. All screen displays can be
in a file for printing later
This utility simply places the ethernet controller
promiscuous mode and monitors the local area
traffic. It preallocates 10 receive buffers
attempts to keep 22 reads pending on the ethernet dev
ice
Placing the ethernet controller in promiscuous mode
severly slow down a VAX system. Depending on the
of the VAX system and the amount of traffic on the lo
cal ethernet, a large amount of CPU time may be
on the Interrupt Stack. Running this code on any pro
duction system during operational hours is discouraged
IETF NOCTools Working Group [Page 33]
Internet Tool Catalog
Due to a bug in the VAX/VMS ethernet/802 device driver
IEEE 802 format packets may not always be detected.
simple test is performed to "guess" which packets
in IEEE 802 format (DSAP equal to SSAP). Thus,
DSAP/SSAP pairs may be reported as an ethernet type
while valid ethernet types may be reported as IEEE 802
packets
In some hardware configurations, placing an
controller in promiscuous mode with automatic-
enabled will hang the controller. Our VAX 8650
running this code, while our uVAX IIs and uVAX IIIs
not
Please report any additional bugs to the author at
Allen
National Magnetic Fusion Energy Computer
Lawrence Livermore National
P.O. Box 808; L-561
Livermore, CA 94550
Phone : (415) 422-8266
E-Mail: sturtevant@ccc.nmfecc.
The user is required to have PHY_IO, TMPMBX and
privileges. When activated, the program first
that the user process as enough quotas
(BYTLM, BIOLM, ASTLM and PAGFLQUO) to successfully
the program without entering into an involuntary
state. Some quotas require a fairly generous setting
The contents of IEEE 802 packets are not examined
Only the presence of IEEE 802 packets on the wire
reported
The count of lost packets is approximated. If,
each read completes on the ethernet device, the
detects that it has no reads pending on that device
the lost packet counter is incremented by one
When the total number of bytes processed
7fffffff hex, all counters are automatically reset
zero
HARDWARE
A DEC ethernet controller
IETF NOCTools Working Group [Page 34]
Internet Tool Catalog
SOFTWARE
VAX/VMS version V5.1+.
For executables only, FTP to the ANONYMOUS
(password GUEST) on CCC.NMFECC.GOV and GET the follow
ing files
[ANONYMOUS.PROGRAMS.ENTM]ENTM.DOC (ASCII text
[ANONYMOUS.PROGRAMS.ENTM]ENTM.EXE (binary
[ANONYMOUS.PROGRAMS.ENTM]EN_TYPES.DAT (ASCII text
[ANONYMOUS.PROGRAMS.ENTM]IP_TYPES.DAT (ASCII text
IETF NOCTools Working Group [Page 35]
Internet Tool Catalog
traffic; ethernet, IP, NFS; eavesdrop; UNIX
Etherfind examines the packets that traverse a
interface, and outputs a text file describing
traffic. In the file, a single line of text
a single packet: it contains values such as
type, length, source, and destination. Etherfind
print out all packet traffic on the ethernet,
traffic for the local host. Further packet
can be done on the basis of protocol: IP, ARP, RARP
ICMP, UDP, ND, TCP, and filtering can also be
based on the source, destination addresses as well
TCP and UDP port numbers
In usual operations, and by default, etherfind puts
interface in promiscuous mode. In 4.3BSD UNIX
related OSs, it uses a Network Interface Tap (NIT)
obtain a copy of traffic on an ethernet interface
None
None known
Minimal protocol information is printed. Can only
run by the super user. The syntax is painful
HARDWARE
Ethernet
SOFTWARE
SunOS
Executable included in Sun OS "Networking Tools
Programs" software installation option
IETF NOCTools Working Group [Page 36]
Internet Tool Catalog
map, routing; ethernet, IP; ping; UNIX; free
Output list of hosts on an ethernet that respond to
ARP. Produces a list in the following format
08:00:20:01:96:62 128.18.4.114 apptek
08:00:20:00:02:fe 128.18.4.115 apptek
08:00:20:00:57:6a 128.18.4.116 apptek
08:00:20:00:65:34 128.18.4.117 apptek
08:00:20:06:58:6f 128.18.4.118 apptek
08:00:20:00:03:4f 128.18.4.119 apptek
The first column is the ethernet address, the
the IP address, and the third is the hostname (which
omitted if the name could not be found via gethost
byaddr). A starting and ending IP address may
specified on the command line, which will limit
search
Etherhostprobe sends a UDP packet to the ``echo'' port
then looks in the kernel's ARP cache for
corresponding address entry. Explicit response (
lack of same) to the UDP packet is ignored. The
will be checked up to four times at one-quarter-
intervals. Note that this allows the program to be
by a user with no special privileges
Etherhostprobe will fill the kernel's ARP cache
possibly useless entries, possibly causing delays
programs foolishly attempting to accomplish real work
Etherhostprobe causes -lots- of ARPs to be generated
possibly fooling network monitoring software (or peo
ple) into concluding that something is horribly broken
Etherhostprobe spends up to one second looking for
possible address. Thus, exhaustively searching
class-C network will take about four minutes,
exhaustively searching a class-B network will
about 18 hours. Exhaustively searching a class-A net
work will take the better part of a year, so don't
IETF NOCTools Working Group [Page 37]
Internet Tool Catalog
think about it
Etherhostprobe will be fooled by gateways that imple
ment proxy ARP; every possible address on the proxy
ARPed subnet will be listed with the gateway's
address
None known
If a given machine is not running IP ARP at the
that it is probed, it will be considered nonexistent
In particular, if a given machine is down at the
that it is probed . . .
All hosts being probed must be on the same (
bridged) ethernet
HARDWARE
No restrictions, but see below
SOFTWARE
Runs on SunOS 3.5, and possibly elsewhere. The
non-standard portion of code is ``tx_arp.c'',
reads the kernel's ARP cache
Copyrighted, but freely distributed. Available
anonymous FTP from spam.itstd.sri.com (128.18.10.1).
From pub directory, file EHP.1 for etherhostprobe,
files IPF.1 and IPF.2 for ipForwarding
IETF NOCTools Working Group [Page 38]
Internet Tool Catalog
EtherMeter (tm), model LANB/150
alarm, map, traffic; ethernet; NMS, proprietary; stan
dalone
The Network Applications Technology (NAT)
product is a dedicated ethernet traffic monitor
provides statistics on the ethernet segment to which
is attached. The EtherMeter reports three major
of statistics. For good packets, it reports the
number of good packets seen on the segment, the
of multicast and broadcast packets, and the
number of bytes in all packets seen. For packets
errors, it reports the number of CRC errors,
packets, oversize packets, and alignment errors.
also reports the distribution of packet by type,
the number of protocols seen on the segment. A
of transmit collisions is reported. Peak and
ethernet utilization rates are also reported, etc
Alarms can be set for utilization rate, packet rate
total error count, and delta error
The EtherMeter reports the statistics to a
Management Station (NMS), also available from NAT,
IP/UDP datagrams, so that the meters can be
through routers. The NMS displays graphical and/
textual information, and EtherMeter icons turn
to indicate status. Alarms can be set, and if the lev
els are exceeded an audible alarm is generated on
NMS, and the EtherMeter icon changes from green to yel
low on the network map
The EtherMeter is a self-contained board that
either be plugged into a PC/AT bus for power
installed in a small stand-alone enclosure. The
can be obtained with either a 10BASE5 thick
transceiver cable connector, or a 10BASE2 thin
BNC connector
The EtherMeter is primarily a passive device whose
impact on the network will come from the
packets sent to the NMS. The EtherMeter is assigned
IP address for communication with the NMS
IETF NOCTools Working Group [Page 39]
Internet Tool Catalog
None known
Proprietary protocol currently in use. The company
stated its intention to develop SNMP for the
product in the first half of 1990. Currently the
does not keep log files. This limitation is ack
nowledged, and plans are underway to add ASCII log
capability to the NMS
HARDWARE
An EtherMeter board and a PC/AT bus to plug it into,
a stand-alone enclosure with power supply (
from NAT). A Network Management Station and
software is required as well, to fully interact
the EtherMeter devices
SOFTWARE
The EtherMeter software is included in ROM on the dev
ice. The NMS software is bundled in with the
hardware
The EtherMeter device, stand-alone enclosure, and Net
work Management Station, are available
from
Network Application Technology, Inc
21040 Homestead
Cupertino, California 95014
Phone: (408) 733-4530
Fax: (408) 733-6478
IETF NOCTools Working Group [Page 40]
Internet Tool Catalog
EtherView(tm
traffic; ethernet, IP, NFS; eavesdrop; UNIX
EtherView is a network monitoring tool which runs
Sun workstations and allows you to monitor your hetero
geneous internet network. It monitors all systems
the ethernet. It has three primary functions
Load Profile: It allows users to monitor the load
the ethernet over extended periods of time. The net
work administrator can use it to characterize load gen
erated by a node on the network, determine which sys
tems and applications generate how much of the load
how that load fluctuates over long periods of time
NFS Profile: It allows the network administrator
determine the load on NFS servers, the average
time NFS servers and the mix of NFS load on each of
servers. Users can use the data to benchmark
NFS servers, determine which servers are overloaded
deduce the number of clients that each server can sup
port and evaluate the effectiveness of NFS accelera
tors
Protocol Analyzer: Users can capture packets based
source, destination, application, protocol, bit pat
tern, packet size or a boolean filtering expression
It provides all standard features such as
buffer size, packet slicing and bit pattern
triggering criterion. It does automatic disassembly
NFS, TCP, UDP, IP, ICMP, ARP and RARP packets.
can be examined in any combination of summary, hex
detail format
EtherView uses the Sun's NIT interface to turn the eth
ernet interface into promiscuous mode to capture pack
ets. A high level process manages the interface and
low level process does the actual capturing and filter
ing. Shared memory is used to communicate between
two processes
None known
IETF NOCTools Working Group [Page 41]
Internet Tool Catalog
Because of limitations in Sun's NIT interface, Ether
View will not capture packets originating from the sys
tem where it is run
EtherView requires super-user privileges on the
where it is run
HARDWARE
EtherView runs on all models of Sun-3, Sun-4 and Sun
386i
SOFTWARE
Sun-3 - SunOS 4.0.3. (SunOS 4.0 with NIT fixes).
Sun-4 - SunOS 4.0.
Sun-386i - SunOS 4.0.
Runs under SunView
Will run under X Windows in future
EtherView is copyrighted, commercial product of
Matrix Computer Systems, Inc
7 1/2 Harris
Nashua, NH 03062
Tel: (603) 888-7790
email: ...uunet!matrix!
IETF NOCTools Working Group [Page 42]
Internet Tool Catalog GETONE, GETMANY, et al
getone, getmany, getroute, getarp, getaddr, getif
getid
manager, routing, status; IP; NMS, SNMP; UNIX
These commands retrieve and format for display
of one or several MIB variables (RFC1066) using
SNMP (RFC1098). Getone and getmany retrieve
MIB variables; getroute, getarp, getaddr, and
retrieve and display tabular information (
tables, ARP table, interface configuration, etc.),
getid retrieves and displays system name, identifica
tion and boot time
Getone retrieves and
the value of the designated MIB variable from
specified target system. The SNMP community name to
used for the retrieval can also be specified.
works similarly for groups of MIB variables rather
individual values. The name of each variable,
value and its data type is displayed. Getroute
information from the ipRoutingTable MIB structure
displaying the retrieved information in an
format. Getarp behaves similarly for the
translation table; getaddr for the ipAddressTable;
getif displays information from the interfaces table
supplemented with information from the ipAddressTable
Getid displays the system name, identification, ipFor
warding state, and the boot time and date. All take
system name or IP address as an argument and
specify an SNMP community for the retrieval. One
query is performed for each row of the table
Queries SNMP agent(s).
None
None known
None reported
IETF NOCTools Working Group [Page 43]
Internet Tool Catalog GETONE, GETMANY, et al
HARDWARE
Distributed and supported for Sun 3 systems
SOFTWARE
Distributed and supported for SunOS 3.5 and 4.x
Commercial product of
Wellfleet Communications, Inc
12 DeAngelo
Bedford, MA 01730-2204
(617) 275-2400
IETF NOCTools Working Group [Page 44]
Internet Tool Catalog HAMMER &
hammer &
benchmark, generator; IP; DOS; free
Hammer and anvil are the benchmarking programs for
routers. Using these tools, gateways have been
for per-packet delay, router-generated traffic over
head, maximum sustained throughput, etc
Tests are performed on a gateway in an
testbed. Hammer generates packets at controlled rates
It can set the length and interpacket interval of
packet stream. Anvil counts packet arrivals
Hammer should not be run on a live network
None reported
Early versions of hammer could not produce inter-
intervals shorter than 55 usec
HARDWARE
Hammer runs on a PC/AT or compatible, and
requires a PC or clone. Both use a Micom
NI5210 for LAN interface
SOFTWARE
MS-DOS
Hammer and anvil are copyrighted, though free.
are available from pub/eutil on husc6.harvard.edu
IETF NOCTools Working Group [Page 45]
Internet Tool Catalog
routing; IP; ping; DOS; free
Hopcheck is a tool that lists the gateways traversed
packets sent from the hopcheck-resident PC to a desti
nation. Hopcheck uses the same mechanism as
but is for use on IBM PC compatibles that have
connections. Hopcheck is part of a larger TCP/IP pack
age that is known as ka9q that is for use with
radio. Ka9q can coexist on a PC with other TCP/
packages such as FTP Inc's PC/TCP, but must be
independently of other packages. Ka9q was written
Phil Karn. Hopcheck was added by Katie Stevens
dksteve