Network Working Group R. Enger Request for Comments: 1470 ANS FYI: 2 J. Reynolds Obsoletes: 1147 ISI Editors June 1993 FYI on a Network Management Tool Catalog: Tools for Monitoring and Debugging TCP/IP Internets and Interconnected Devices Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard. Distribution of this memo is unlimited. Abstract The goal of this FYI memo is to provide an update to FYI 2, RFC 1147 [1], which provided practical information to site administrators and network managers. New and/or updated tools are listed in this RFC. Additonal descriptions are welcome, and should be sent to: noctools- entries@merit.edu. Introduction A static document cannot incorporate references to the latest tools nor recent revisions to the older catalog entries. To provide a more timely and responsive information source, the NOCtools catalog is available on-line via the Internet and Usenet. news comp.networks.noctools ftp wuarchive.wustl.edu:/doc/noctools Because of publication delays and other factors, some of the entries in this catalog may be out of date. The reader is urged to consult the on-line service to obtain the most up-to-date information. The index provided in this document reflects the current contents of the on-line documentation. The NOCtools2 Working Group of the Internet Engineering Task Force (IETF) has compiled this revised catalog. Future revisions will be incorporated into the on-line NOCtools catalog. The reader is encouraged to submit new or revised entries for (near-immediate) electronic publication. NOCTools2 Working Group [Page 1] RFC 1470 FYI: Network Management Tool Catalog June 1993 The tools described in this catalog are in no way endorsed by the IETF. For the most part, we have neither evaluated the tools in this catalog, nor validated their descriptions. Most of the descriptions of commercial tools have been provided by vendors. Caveat Emptor. Acknowledgements This catalog is the result of work on the part of the NOCTools2 Working Group of the User Services Area of the IETF. The following individuals made especially notable contributions: Chris Myers, Darren Kinley, Gary Malkin, Mohamed Ellozy, and Mike Patton. Current Postings The current contents of the NOCtools catalog may be retrieved via anonymous FTP from wuarchive.wustl.edu. The entries are stored as individual files in the directory /doc/noctools. "No-Writeups" Appendix This section contains references to tools which are known to exist, but which have not been fully cataloged. If anyone wishes to author an entry for one of these tools please contact us at: noctools-request@merit.edu Keep in mind that if these or other tools are included in the future, they will be available in the on-line version of the catalog. Each mention is separated by a for improved readability. If you intend to actually print-out this section of the catalog, then you should probably strip-out the . How to Submit/Update an Entry 1) review the template included below to determine what information you will need to collect, 2) review the keywords to see what your indexing options are, 3) assemble (update) catalog entry to include results of 1) and 2). 4) Submit your entry using either of the following two methods: a) Post your submission to: comp.internet.noctools.submissions b) Email your submission to: noctools-entries@merit.edu New entries will be circulated automatically upon reception. As time permits, the NOCtools editors will review recent submissions and incorporate them into the master indexes. Enquiries regarding the NOCTools2 Working Group [Page 2] RFC 1470 FYI: Network Management Tool Catalog June 1993 status of a submission should be E-Mailed to: noctools-request@merit.edu Those submitting an entry to the catalog should insure that any E- mail addresses provided are correct and functional. Either the catalog editors or prospective users of your tool may wish to reach you. NOCTools2 Working Group [Page 3] RFC 1470 FYI: Network Management Tool Catalog June 1993 TEMPLATE NAME KEYWORDS [[,[,...,]]]; [[,[,...,]]]; [[,[,...,]]]; [[,[,...,]]]; [[,[,...,]]]. ABSTRACT MECHANISM CAVEATS BUGS LIMITATIONS HARDWARE REQUIRED NOCTools2 Working Group [Page 4] RFC 1470 FYI: Network Management Tool Catalog June 1993 SOFTWARE REQUIRED AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY DATE OF MOST RECENT UPDATE TO THIS CATALOG ENTRY Keywords This catalog uses "keywords" for terse characterizations of the tools. Keywords are abbreviated attributes of a tool or its use. To allow cross-comparison of tools, uniform keyword definitions have been developed, and are given below. Following the definitions, there is an index of catalog entries by keyword. Keyword Definitions The keywords are always listed in a prefined order, sorted first by the general category into which they fall, and then alphabetically. The categories that have been defined for management tool keywords are: o the general management area to which a tool relates or a tool's functional role; o the network resources or components that are managed; o the mechanisms or methods a tool uses to perform its functions; o the operating system and hardware environment of a tool; and o the characteristics of a tool as a hardware product or software release. NOCTools2 Working Group [Page 5] RFC 1470 FYI: Network Management Tool Catalog June 1993 The keywords used to describe the general management area or functional role of a tool are: Alarm a reporting/logging tool that can trigger on specific events within a network. Analyzer a traffic monitor that reconstructs and interprets pro- tocol messages that span several packets. Benchmark a tool used to evaluate the performance of network com- ponents. Control a tool that can change the state or status of a remote network resource. Debugger a tool that by generating arbitrary packets and moni- toring traffic, can drive a remote network component to various states and record its responses. Generator a traffic generation tool. Manager a distributed network management system or system com- ponent. Map a tool that can discover and report a system's topology or configuration. Reference a tool for documenting MIB structure or system confi- guration. Routing a packet route discovery tool. Security a tool for analyzing or reducing threats to security. Status a tool that remotely tracks the status of network com- ponents. NOCTools2 Working Group [Page 6] RFC 1470 FYI: Network Management Tool Catalog June 1993 Traffic a tool that monitors packet flow. The keywords used to identify the network resources or components that a tool manages are: Bridge a tool for controlling or monitoring LAN bridges. CHAOS a tool for controlling or monitoring implementations of the CHAOS protocol suite or network components that use it. DECnet a tool for controlling or monitoring implementations of the DECnet protocol suite or network components that use it. DNS a Domain Name System debugging tool. Ethernet a tool for controlling or monitoring network components on ethernet LANs. FDDI a tool for controlling or monitoring network components on FDDI LANs or WANs. IP a tool for controlling or monitoring implementations of the TCP/IP protocol suite or network components that use it. OSI a tool for controlling or monitoring implementations of the OSI protocol suite or network components that use it. NFS a Network File System debugging tool. Ring a tool for controlling or monitoring network components on Token Ring LANs. NOCTools2 Working Group [Page 7] RFC 1470 FYI: Network Management Tool Catalog June 1993 SMTP an SMTP debugging tool. Star a tool for controlling or monitoring network components on StarLANs. The keywords used to describe a tool's mechanism are: CMIS a network management system or component based on CMIS/CMIP, the Common Management Information System and Protocol. Curses a tool that uses the "curses" tty interface package. Eavesdrop a tool that silently monitors communications media (e.g., by putting an ethernet interface into "promiscu- ous" mode). NMS the tool is a component of or queries a Network Manage- ment System. Ping a tool that sends packet probes such as ICMP echo mes- sages; to help distinguish tools, we do not consider NMS queries or protocol spoofing (see below) as probes. Proprietary a distributed tool that uses proprietary communications techniques to link its components. RMON a tool which employs the RMON extensions to SNMP. SNMP a network management system or component based on SNMP, the Simple Network Management Protocol. Spoof a tool that tests operation of remote protocol modules by peer-level message exchange. X a tool that uses X-Windows. NOCTools2 Working Group [Page 8] RFC 1470 FYI: Network Management Tool Catalog June 1993 The keywords used to describe a tool's operating environment are: DOS a tool that runs under MS-DOS. HP a tool that runs on Hewlett-Packard systems. Macintosh a tool that runs on Macintosh personal computers. OS/2 a tool that runs under the OS/2 operating system. Standalone an integrated hardware/software tool that requires only a network interface for operation. Sun a tool that runs on Sun Microsystems platforms. (binary distribution built for use on a Sun.) UNIX a tool that runs under 4.xBSD UNIX or related OS. VMS a tool that runs under DEC's VMS operating system. The keywords used to describe a tool's characteristics as a hardware or software acquisition are: Free a tool is available at no charge, though other restric- tions may apply (tools that are part of an OS distribu- tion but not otherwise available are not listed as "free"). Library a tool packaged with either an Application Programming Interface (API) or object-level subroutines that may be loaded with programs. Sourcelib a collection of source code (subroutines) upon which developers may construct other tools. NOCTools2 Working Group [Page 9] RFC 1470 FYI: Network Management Tool Catalog June 1993 Tools Indexed by Keywords Following is an index of the most up-to-date catalog entries sorted by keyword, which is available via: news comp.networks.noctools.tools ftp wuarchive.wustl.edu:/doc/noctool This index can be used to locate the tools with a particular attribute: tools are listed under each keyword that characterizes them. The keywords and the subordinate lists of tools under them are in alphabetical order. Alarm ----- CMIP Library Dual Manager Eagle EMANATE EtherMeter LanProbe LANWatch MONET NetMetrix Load Monitor NetMetrix Protocol Analyzer NETMON for Windows NETscout NOCOL SNMP Libraries and Utilities from Empire Technologies SNMP Libraries and Utilities from SNMP Research snmpd from Empire Technologies SpiderMonitor XNETMON from SNMP Research xnetmon from Wellfleet Analyzer -------- LANVista LANWatch NetMetrix Protocol Analyzer NETscout PacketView Sniffer SpiderMonitor NOCTools2 Working Group [Page 10] RFC 1470 FYI: Network Management Tool Catalog June 1993 Benchmark --------- hammer & anvil iozone LADDIS LANVista nhfsstone SPIMS spray ttcp XNETMON from SNMP Research CMIS ---- CMIP library Generic Managed System MIB Browser Control ------- CMIP Library Dual Manager Eagle MIB Manager from Empire Technologies MONET NETMON for Windows proxyd SNMP Libraries and Utilities from Empire Technologies SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System snmpd from Empire Technologies TokenVIEW XNETMON from SNMP Research Debugger -------- Ethernet Box II LANVista NetMetrix Traffic Generator ping from UCB SPIMS XNETMON from SNMP Research Generator --------- hammer & anvil LADDIS LANVista NOCTools2 Working Group [Page 11] RFC 1470 FYI: Network Management Tool Catalog June 1993 NetMetrix Traffic Generator nhfsstone ping ping from UCB Sniffer SpiderMonitor spray TTCP Manager ------- Beholder CMIP Library CMU SNMP Distribution decaddrs by Wellfleet Dual Manager EMANATE Ethernet Box II getone by Wellfleet Interactive Network Map LanProbe LANVista MIB Manager from Empire Technologies MONET NetLabs CMOT Agent NetLabs SNMP Agent NETMON for Windows NETscout NNStat NOCOL OverVIEW SAS/CPE for Open Systems Software SNMP Development Kit SNMP Libraries and Utilities from Empire Technologies SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System snmpd from Empire Technologies tokenview Tricklet Wollongong-Manager XNETMON from SNMP Research XNETMON from Wellfleet xnetperfmon Map --- decaddrs by Wellfleet Dual Manager NOCTools2 Working Group [Page 12] RFC 1470 FYI: Network Management Tool Catalog June 1993 etherhostprobe EtherMeter Interactive Network Map LanProbe NETMON for Windows Network Integrator I NPRV SNMP Libraries and Utilities from SNMP Research XNETMON by SNMP Research XNETMON by Wellfleet Reference --------- EMANATE ethernet-codes HyperMIB MIB Manager from Empire Technologies XNETMON Routing ------- arp decaddrs by Wellfleet etherhostprobe getone by Wellfleet hopcheck MONET net_monitor NETMON for Windows netstat NPRV ping from UCB query traceroute Security -------- Computer Security Checklist Dual Manager Eagle EMANATE LAN Patrol SNMP Libraries and Utilities from SNMP Research XNETMON by SNMP Research xnetperfmon NOCTools2 Working Group [Page 13] RFC 1470 FYI: Network Management Tool Catalog June 1993 Status ------ Beholder CMIP Library CMU SNMP DiG dnsstats doc Dual Manager EMANATE fping getone by Wellfleet host Internet Rover lamers LanProbe mconnect MONET net_monitor Netlabs CMOT Agent Netlabs SNMP Agent NETscout NNStat NOCOL NPRV OverVIEW ping ping from UCB proxyd from SNMP Research SAS/CPE SNMP Development Kit SNMP Libraries and Utilities from Empire Technologies SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System PSI SNMP snmpd from Empire Technologies snmpd from SNMP Research TokenVIEW Tricklet vrfy XNETMON by SNMP Research xnetmon by Wellfleet xnetperfmon xup NOCTools2 Working Group [Page 14] RFC 1470 FYI: Network Management Tool Catalog June 1993 Traffic ------- etherfind EtherMeter Ethernet Box II EtherView getethers LAN Patrol LanProbe LANVista LANWatch ENTM MONET NetMetrix Load Monitor NetMetrix NFS Monitor NetMetrix Protocol Analyzer NetMetrix Traffic Generator NETMON by Mitre NETscout netwatch Network Integrator I nfswatch nhfsstone NNStat ositrace PacketView Sniffer SpiderMonitor spray tcpdump tcplogger trpt ttcp XNETMON by SNMP Research Bridge ------ decaddrs by Wellfleet EMANATE MIB Manager from Empire Technologies MONET proxyd by SNMP Research SAS/CPE SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System snmpd from SNMP Research XNETMON from SNMP Research NOCTools2 Working Group [Page 15] RFC 1470 FYI: Network Management Tool Catalog June 1993 CHAOS ----- Interactive Network Map LANWatch DECnet ------ decaddrs by Wellfleet LANVista LANWatch MONET net_monitor NetMetrix Protocol Analyzer NETMON for Windows NETscout Sniffer SNMP Libraries and Utilities from SNMP Research SpiderMonitor XNETMON from SNMP Research xnetperfmon from SNMP Research DNS --- DiG dnsstats doc lamers LANWatch NetMetrix Protocol Analyzer NOCOL Ethernet -------- arp Beholder Eagle EMANATE etherfind etherhostprobe EtherMeter Ethernet Box II ethernet-codes EtherView getethers LAN Patrol LanProbe LANVista LANWatch NOCTools2 Working Group [Page 16] RFC 1470 FYI: Network Management Tool Catalog June 1993 ENTM Interactive Network Map MONET NetMetrix Load Monitor NetMetrix NFS Monitor NetMetrix Protocol Analyzer NetMetrix Traffic Generator NETMON for Windows NETscout netwatch Network Integrator I nfswatch NNStat PacketView proxyd from SNMP Research SAS/CPE Sniffer SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System from SNMP Research snmpd from SNMP Research SpiderMonitor tcpdump XNETMON from SNMP Research xnetperfmon from SNMP Research FDDI ---- EMANATE ethernet-codes NetMetrix Load Monitor NetMetrix NFS Monitor NetMetrix Protocol Analyzer NetMetrix Traffic Generator nfswatch SAS/CPE SNMP Libraries and utilities from SNMP Research SNMP Packaged Agent System from SNMP Research snmpd from SNMP Research XNETMON from SNMP Research IP -- arp CMU SNMP Dual Manager Eagle EMANATE etherfind NOCTools2 Working Group [Page 17] RFC 1470 FYI: Network Management Tool Catalog June 1993 etherhostprobe EtherView fping getone from Wellfleet hammer & anvil hopcheck Internet Rover LanProbe LANVista LANWatch ENTM Interactive Network Map MIB Manager from Empire Technologies MONET net_monitor Netlabs CMOT Agent Netlabs SNMP Agent NetMetrix Load Monitor NetMetrix Protocol Analyzer NetMetrix Traffic Generator NETMON by Mitre NETMON for Windows NETscout netstat netwatch nfswatch nhfsstone NNStat NOCOL NPRV OverVIEW PacketView ping ping from UCB proxyd from SNMP Research query SAS/CPE SNMP Development Kit SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System from SNMP Research PSI SNMP snmpd from Empire Technologies snmpd from SNMP Research PSI SNMP SpiderMonitor SPIMS spray tcpdump NOCTools2 Working Group [Page 18] RFC 1470 FYI: Network Management Tool Catalog June 1993 tcplogger traceroute trpt ttcp XNETMON from SNMP Research xnetmon from Wellfleet xnetperfmon from SNMP Research OSI --- CMIP Library Dual Manager EMANATE LANVista LANWatch Netlabs CMOT Agent NetMetrix Protocol Analyzer NETMON for Windows NETscout NOCOL ositrace proxyd from SNMP Research SAS/CPE Sniffer SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System from SNMP Research snmpd from SNMP Research SpiderMonitor SPIMS XNETMON from SNMP Research xnetperfmon from SNMP Research NFS --- etherfind EtherView iozone LADDIS NetMetrix NFS Monitor NetMetrix Protocol Analyzer NETscout nfswatch nhfsstone Sniffer tcpdump NOCTools2 Working Group [Page 19] RFC 1470 FYI: Network Management Tool Catalog June 1993 Ring ---- Eagle EMANATE Interactive Network Map LANVista LANWatch NetMetrix Load Monitor NetMetrix NFS Monitor NetMetrix Protocol Analyzer NetMetrix Traffic Generator NETMON by Mitre NETMON for Windows NETscout netwatch PacketView proxyd from SNMP Research Sniffer SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System from SNMP Research snmpd from SNMP Research TokenVIEW XNETMON from SNMP Research xnetperfmon from SNMP Research SMTP ---- host Internet Rover LANWatch mconnect NetMetrix Protocol Analyzer Sniffer vrfy Star ---- EMANATE Interactive Network Map LAN Patrol LANWatch NETMON for Windows NETscout proxyd from SNMP Research Sniffer SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System from SNMP Research snmpd from SNMP Research NOCTools2 Working Group [Page 20] RFC 1470 FYI: Network Management Tool Catalog June 1993 XNETMON from SNMP Research xnetperfmon from SNMP Research Curses ------ Eagle Internet Rover net_monitor nfswatch NOCOL PSI SNMP Eavesdrop --------- etherfind Ethernet Box II EtherView LAN Patrol LANVista LANWatch ENTM NetMetrix Load Monitor NetMetrix NFS Monitor NetMetrix Protocol Analyzer NetNetrix Traffic Generator NETMON from Mitre NETscout netwatch nfswatch NNStat OSITRACE PacketView Sniffer SpiderMonitor tcplogger trpt NMS --- CMU SNMP decaddrs from Wellfleet Dual Manager EMANATE EtherMeter Ethernet Box II getone from Wellfleet Interactive Network Map MONET NOCTools2 Working Group [Page 21] RFC 1470 FYI: Network Management Tool Catalog June 1993 Netlabs CMOT Agent Netlabs SNMP Agent NETMON for Windows NETscout NNStat NOCOL OverVIEW proxyd from SNMP Research SNMP Development Kit SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System from SNMP Research PSI SNMP snmpd from Empire Technologies snmpd from SNMP Research TokenVIEW XNETMON from SNMP Research xnetmon from Wellfleet xnetperfmon from SNMP Research Ping ---- etherhostprobe fping getethers hopcheck Interactive Network Map Internet Rover LANWatch net_monitor NOCOL NPRV ping ping from UCB spray traceroute ttcp XNETMON from SNMP Research xup Proprietary ----------- Eagle EtherMeter Ethernet Box II LanProbe LANVista TokenVIEW NOCTools2 Working Group [Page 22] RFC 1470 FYI: Network Management Tool Catalog June 1993 RMON ---- Beholder SNMP ---- Beholder CMU SNMP decaddrs from Wellfleet Dual Manager EMANATE getone from Wellfleet Interactive Network Map MIB Manager from Empire Technologies MONET Netlabs SNMP Agent NetMetrix Load Monitor NetMetrix NFS Monitor NetMetrix Protocol Analyzer NetMetrix Traffic Generator NETMON for Windows NETscout NOCOL OverVIEW proxyd from SNMP Research SNMP Development Kit SNMP Libraries and utilities from SNMP Research SNMP Packaged Agent System from SNMP Research PSI SNMP snmpd from Empire Technologies snmpd from SNMP Research Wollongong-Manager XNETMON from SNMP Research xnetmon from Wellfleet xnetperfmon from SNMP Research Spoof ----- DiG doc Internet Rover host LADDIS mconnect nhfsstone NOCOL query SPIMS NOCTools2 Working Group [Page 23] RFC 1470 FYI: Network Management Tool Catalog June 1993 vrfy X - Dual Manager Interactive Network Map MIB Manager from Empire Technologies NetMetrix Load Monitor NetMetrix NFS Monitor NetMetrix Protocol Analyzer NetMetrix Traffic Generator SAS/CPE PSI SNMP XNETMON from SNMP Research xnetperfmon from SNMP Research xup DEC --- Wollongong-Manager DOS --- Computer Security Checklist Ethernet Box II hammer & anvil hopcheck iozone LAN Patrol LANVista netmon NETMON for Windows netwatch OverVIEW PacketView ping SAS/CPE SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System from SNMP Research snmpd from SNMP Research TokenVIEW Wollongong-Manager xnetperfmon from SNMP Research NOCTools2 Working Group [Page 24] RFC 1470 FYI: Network Management Tool Catalog June 1993 HP -- iozone SAS/CPE xup Macintosh --------- HyperMIB OS/2 ---- Beholder Tricklet Standalone ---------- LANVista Sniffer SNMP Packaged Agent System from SNMP Research SpiderMonitor Sun --- Avatar SunSNMPD Wollongong Manager UNIX ---- arp CMIP Library CMU SNMP decaddrs from Wellfleet DiG doc dnsstats Eagle etherfind etherhostprobe EtherView fping getethers getone from Wellfleet host Interactive Network Map Internet Rover iozone LADDIS NOCTools2 Working Group [Page 25] RFC 1470 FYI: Network Management Tool Catalog June 1993 lamers mconnect MIB Manager from Empire Technologies MONET net_monitor Dual Manager NetMetrix Load Monitor NetMetrix NFS Monitor NetMetrix Protocol Analyzer NetMetrix Traffic Generator NETMON from Mitre NETscout netstat Network Integrator I nfswatch nhfsstone NNStat NOCOL OSITRACE ping ping from UCB proxyd from SNMP Research query SAS/CPE SNMP Development Kit SNMP Libraries and Utilities from Empire Technologies SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System from SNMP Research PSI SNMP snmpd from Empire Technologies snmpd from SNMP Research SPIMS spray tcpdump tcplogger traceroute Tricklet trpt ttcp vrfy XNETMON from SNMP Research xnetmon from Wellfleet xnetperfmon from SNMP Research VMS --- arp ENTM NOCTools2 Working Group [Page 26] RFC 1470 FYI: Network Management Tool Catalog June 1993 fping net_monitor netstat NPRV ping SNMP Libraries and Utilities from SNMP Research tcpdump traceroute ttcp xnetperfmon from SNMP Research Free ---- arp Beholder CMIP Library CMU SNMP Distribution DiG dnsstats doc ENTM fping getethers hammer & anvil hopcheck host Interactive Network Map Internet Rover iozone lamers net_monitor netmon from Mitre netstat netwatch nfswatch nhfsstone NNStat NOCOL NPRV OSITRACE PING ping from UCB query SNMP Development Kit tcpdump tcplogger traceroute Tricklet NOCTools2 Working Group [Page 27] RFC 1470 FYI: Network Management Tool Catalog June 1993 trpt ttcp vrfy Library ------- CMIP Library CMU SNMP Dual Manager NetMetrix Protocol Analyzer NetMetrix Traffic Generator proxyd from SNMP Research SAS/CPE Sourcelib --------- Beholder CMIP Library CMU SNMP EMANATE HyperMIB Interactive Network Map Internet Rover LANWatch MIB Manager from Empire Technologies net_monitor NETMON for Windows NOCOL proxyd from SNMP Research SNMP Development Kit SNMP Libraries and Utilities from Empire Technologies SNMP Libraries and Utilities from SNMP Research SNMP Packaged Agent System from SNMP Research snmpd from SNMP Research SpiderMonitor Tricklet XNETMON from SNMP Research xnetperfmon from SNMP Research Tool Descriptions This section is an updated collection of brief descriptions of tools for managing TCP/IP internets. These entries are in alphabetical order, by tool name. The entries all follow a standard format. Immediately after the NAME of a tool are its associated KEYWORDS. Keywords are terse descriptions of the purposes or attributes of a tool. A more NOCTools2 Working Group [Page 28] RFC 1470 FYI: Network Management Tool Catalog June 1993 detailed description of a tool's purpose and characteristics is given in the ABSTRACT section. The MECHANISM section describes how a tool works. In CAVEATS, warnings about tool use are given. In BUGS, known bugs or bug-report procedures are given. LIMITATIONS describes the boundaries of a tool's capabilities. HARDWARE REQUIRED and SOFTWARE REQUIRED relate the operational environment a tool needs. Finally, in AVAILABILITY, pointers to vendors, online repositories, or other sources for a tool are given. Where tool names conflict, the vendor name is used as well. For example, MITRE, and SNMP Research each submitted an updated description of a tool called, "NETMON". These tools were independently developed, are functionally different, and run in different environments. MITRE's tool is listed as "NETMON_MITRE," and the tool from SNMP Research as "NETMON_WINDOWS_SNMP_RESEARCH". NOCTools2 Working Group [Page 29] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog ARP NAME arp KEYWORDS routing; ethernet, IP;; UNIX, VMS; free. ABSTRACT Arp displays and can modify the internet-to-ethernet address translations tables used by ARP, the address resolution protocol. MECHANISM The arp program accesses operating system memory to read the ARP data structures. CAVEATS None. BUGS None known. LIMITATIONS Only the super user can modify ARP entries. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED BSD UNIX or related OS, or VMS. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL Available via anonymous FTP from uunet.uu.net, in directory bsd-sources/src/etc. Available with 4.xBSD UNIX and related operating systems. For VMS, available as part of TGV MultiNet IP software package, as well as Wollongong's WIN/TCP and Process Software Corporation's TCPware for VMS. CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY This entry maintained by the NOCtools editors. Send email to noctools-request@merit.edu. NOCTools2 Working Group [Page 30] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog AVATAR-SNMP-TOOLKIT NAME SNMP Application Development Toolkit KEYWORDS manager;;SNMP;;sourcelib. ABSTRACT snmpapi is an api toolkit for developing SNMP applications and agents. The toolkit is simple and very fast that can be used for any type of application. It is very well suited for embedded systems such as bridges or routers. An example MIB II agent for Sun Sparcstations is provided. snmpapi is distributed in source form only. MECHANISM snmpapi is a library of C functions. CAVEATS None. BUGS None known. LIMITATIONS None. HARDWARE REQUIRED No restrictions. AVAILABILITY Available now. For more information, send e-mail to info@avatar.com. NOCTools2 Working Group [Page 31] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog AVATAR-SUNSNMPD NAME sunsnmpd KEYWORDS manager;;snmp;sun;. ABSTRACT sunsnmpd is a fully supported SNMP agent with MIB II support for Sun Sparscations running SunOS 4.1 or higher. sunsnmpd supports both SNMP GET and SET operations. MECHANISM sundnmpd is a daemon process which starts up at boot time from the rc.local file. It uses /dev/kmem to access kernel structures. CAVEATS None. BUGS None known. LIMITATIONS Must be started by a super user. HARDWARE REQUIRED Sun Sparcstations. AVAILABILITY Available now. Site licensing only. For more information, send e-mail to info@avatar.com. NOCTools2 Working Group [Page 32] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog ChameLAN-100 NAME ChameLAN 100 KEYWORDS analyzer, benchmark, debugger, generator, map, reference, status, traffic; bridge, DECnet, ethernet, FDDI, IP, OSI, NFS, ring; eavesdrop, SNMP, X; standalone, UNIX. ABSTRACT Tekelec's ChameLAN 100 is a portable diagnostic system for monitoring and simulation of FDDI, Ethernet and Token Ring networks -- simultaneously. Protocol analysis of multiple topologies, as well as mixed topoloies simultaneously, is a key feature of the product family. Tekelec's proprietary FDDI hardware guarantees complete real-time analysis of networks and network components at the full ring bandwidth of 125 Mbps. It passively connects to the network and captures 100 percent of the data, measures performance and isolates real-time problems. The simulation option offers full bandwidth load generation that allows you to create and simulate any network condition. It gives you the ability to inject errors and misformed frames. A set of confidence tests allow simple evaluation of new equipment. A ring map feature displays network topology and status of all nodes via the SMT process. Monitoring of FDDI, Ethernet and Token Ring allows the user to: view network status in real time; view network, node, or node pair statistics; capture frames; control capture using trigger and filter capabilities; view real-time statistics; view captured frames in decoded format; and view the last frame transmitted by each station. The following Real-Time Network Statistics of FDDI, Ethernet and Token Ring networks is displayed: frame rate, runts, byte rate, jabbers, CRC/align errors, and collisions. Product developers can use the ChameLAN 100 to observe NOCTools2 Working Group [Page 33] RFC 1470 FYI: Network Management Tool Catalog June 1993 and control various events to help debug their FDDI, Ethernet and Token Ring products. End users can perform real-time monitoring to test and diagnose problems that may occur when developing, installing or managing FDDI, Ethernet and Token Ring networks and network products. End users can use the ChameLAN 100 to aid in the installation and maintenance of Ethernet and Token Ring networks. To isolate specific network trouble spots the ChameLAN 100 uses filtering and triggering techniques for data capture. Higher level protocol decode includes TCP/IP, OSI and DECnet protocol suites. Protocol decode of IPX, SNMP, XTP, and AppleTalk are also supported. Development of additional protocol decodes is also under development. The ChameLAN 100 family also offers a Protocol Management Development System (PMDS) that enables users to develop custom protocol decode suites. The FDDI, Ethernet and Token Ring hardware interfaces feature independent processing power. Real-time data is monitored unobtrusively at full bandwidth without affecting network activity. Real-time data may also be saved to a 120MB or optional 200MB hard disk drive for later analysis. FDDI data is captured at 125 megabits per second (Mbps), Ethernet at 10 Mbps and Token Ring at 4 or 16 Mbps. MECHANISM This portable, standalone unit incorporates the power of UNIX, X-Windows and Motif. Its UNIX-based programming interface facilitates development of customized monitoring and simulation applications. The ChameLAN 100 may connect to the network at any location using standard equipment. Standard graphical Motif/X-Windows and TCP/IP allow remote control through Ethernet and 10Base T interfaces. Tekelec also offers a rackmounted model -- ChameLAN 100-X. Both models can be controlled via a Sun Workstation remotely. CAVEATS none. BUGS none known. NOCTools2 Working Group [Page 34] RFC 1470 FYI: Network Management Tool Catalog June 1993 LIMITATIONS none reported. HARDWARE REQUIRED None. The ChameLAN 100 is a self-contained unit, and includes its own interface cards. It installs into a network with standard interface connectors. SOFTWARE REQUIRED None. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL The ChameLAN 100 product famil y is available commercially. For more information or a free demo, call or write: 1.800.tek.elec Tekelec 26580 West Agoura Road Calabasas, CA 91302 Phone: 818.880.5656 Fax: 818.880.6993 The ChameLAN 100 is listed on the GSA schedule. CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Todd Koch Public Relations Specialist 818.880.7718 Internet: todd.koch@tekelec.com NOCTools2 Working Group [Page 35] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog CMU_SNMP NAME The CMU SNMP Distribution KEYWORDS manager, status; IP; NMS, SNMP; UNIX; free, sourcelib. ABSTRACT The CMU SNMP Distribution includes source code for an SNMP agent, several SNMP client applications, an ASN.1 library, and supporting documentation. The agent compiles into about 10 KB of 68000 code. The distribution includes a full agent that runs on a Kinetics FastPath2/3/4, and is built into the KIP appletalk/ethernet gateway. The machine independent portions of this agent also run on CMU's IBM PC/AT based router. The applications are designed to be useful in the real world. Information is collected and presented in a useful format and is suitable for everyday status monitoring. Input and output are interpreted symbolically. The tools can be used without referencing the RFCs. MECHANISM SNMP. CAVEATS None. BUGS None reported. Send bug reports to sw0l+snmp@andrew.cmu.edu. ("sw0l" is "ess double-you zero ell.") LIMITATIONS None reported. HARDWARE REQUIRED The KIP gateway agent runs on a Kinetics FastPath2/3/4. Otherwise, no restrictions. SOFTWARE REQUIRED The code was written with efficiency and portability in mind. The applications compile and run on the follow- NOCTools2 Working Group [Page 36] RFC 1470 FYI: Network Management Tool Catalog June 1993 ing systems: IBM PC/RT running ACIS Release 3, Sun3/50 running SUNOS 3.5, and the DEC microVax running Ultrix 2.2. They are expected to run on any system with a Berkeley socket interface. AVAILABILITY This distribution is copyrighted by CMU, but may be used and sold without permission. Consult the copy- right notices for further information. The distribu- tion is available by anonymous FTP from the host lancaster.andrew.cmu.edu (128.2.13.21) as the files pub/cmu-snmp.9.tar, and pub/kip-snmp.9.tar. The former includes the libraries and the applications, and the latter is the KIP SNMP agent. Please direct questions, comments, and bug reports to sw0l+snmp@andrew.cmu.edu. ("sw0l" is "ess double-you zero ell.") If you pick up this package, please send a note to the above address, so that you may be notified of future enhancements/changes and additions to the set of applications (several are planned). NOCTools2 Working Group [Page 37] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog COMPUTER-SECURITY-CHECKLIST NAME Computer Security Checklist KEYWORDS security; DOS. ABSTRACT This program consists of 858 computer security ques- tions divided up in thirteen sections. The program presents the questions to the user and records their responses. After answering the questions in one of the thirteen sections, the user can generate a report from the questions and the user's answers. The thirteen sections are: telecommunications security, physical access security, personnel security, systems develop- ment security, security awareness and training prac- tices, organizational and management security, data and program security, processing and operations security, ergonomics and error prevention, environmental secu- rity, and backup and recovery security. The questions are weighted as to their importance, and the report generator can sort the questions by weight. This way the most important issues can be tackled first. MECHANISM The questions are displayed on the screen and the user is prompted for a single keystroke reply. When the end of one of the thirteen sections is reached, the answers are written to a disk file. The question file and the answer file are merged to create the report file. CAVEATS None. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED No restrictions. NOCTools2 Working Group [Page 38] RFC 1470 FYI: Network Management Tool Catalog June 1993 SOFTWARE REQUIRED DOS operating system. AVAILABILITY A commercial product available from: C.D., Ltd. P.O. Box 58363 Seattle, WA 98138 (206) 243-8700 NOCTools2 Working Group [Page 39] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog CMIP-LIBRARY NAME CMIP Library KEYWORDS manager; osi; cmis; unix; free, sourcelib. ABSTRACT The CMIP Library implements the functionality of the Common Management Information Service/Protocol as in the full international standards (ISO 9595, ISO 9596) published in 1990. It is designed to work with the ISODE package and can act as a building block for the construction of CMIP-based agent and manager applications. MECHANISM The CMIP library uses ISO ROS, ACSE and ASN.1 presentation, as implemented in ISODE, to provide its service. CAVEATS None. BUGS None known. LIMITATIONS None known. HARDWARE REQUIRED Has been tested on SUN 3 and SUN 4 architectures. SOFTWARE REQUIRED The ISODE protocol suite, BSD UNIX. AVAILABILITY The CMIP library and related management tools built upon it, known as OSIMIS (OSI Management Information Service), are publicly available from University College London, England via FTP and FTAM. To obtain information regarding a copy send email to osimis-request@cs.ucl.ac.uk or call +44 71 380 7366. NOCTools2 Working Group [Page 40] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog DECADDRS NAME decaddrs, decaroute, decnroute, xnsroutes, bridgetab KEYWORDS manager, map, routing; bridge, DECnet; NMS, SNMP; UNIX. ABSTRACT These commands display private MIB information from Wellfleet systems. They retrieve and format for display values of one or several MIB variables from the Wellfleet Communications private enterprise MIB, using the SNMP (RFC1098). In particular these tools are used to examine the non-IP modules (DECnet, XNS, and Bridg- ing) of a Wellfleet system. Decaddrs displays the DECnet configuration of a Wellfleet system acting as a DECnet router, showing the static parameters associated with each DECnet inter- face. Decaroute and decnroute display the DECnet inter-area and intra-area routing tables (that is area routes and node routes). Xnsroutes displays routes known to a Wellfleet system acting as an XNS router. Bridgetab displays the bridge forwarding table with the disposition of traffic arriving from or directed to each station known to the Wellfleet bridge module. All these commands take an IP address as the argument and can specify an SNMP community for the retrieval. One SNMP query is performed for each row of the table. Note that the Wellfleet system must be operating as an IP router for the SNMP to be accessible. MECHANISM Management information is exchanged by use of SNMP. CAVEATS None. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED Distributed and supported for Sun 3 systems. NOCTools2 Working Group [Page 41] RFC 1470 FYI: Network Management Tool Catalog June 1993 SOFTWARE REQUIRED Distributed and supported for SunOS 3.5 and 4.x. AVAILABILITY Commercial product of: Wellfleet Communications, Inc. 12 DeAngelo Drive Bedford, MA 01730-2204 (617) 275-2400 NOCTools2 Working Group [Page 42] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog DIG NAME DiG KEYWORDS status; DNS; spoof; UNIX; free. ABSTRACT DiG (domain information groper), is a command line tool which queries DNS servers in either an interactive or a batch mode. It was developed to be more convenient/flexible than nslookup for gathering perfor- mance data and testing DNS servers. MECHANISM Dig is built on a slightly modified version of the bind resolver (release 4.8). CAVEATS none. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED BSD UNIX. AVAILABILITY DiG is available via anonymous FTP from venera.isi.edu in pub/dig.2.0.tar.Z. NOCTools2 Working Group [Page 43] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog EMANATE_SNMP_RESEARCH NAME EMANATE: Enhanced MANagement Agent Through Extensions from SNMP Research. KEYWORDS alarm, control, manager, reference, security, status; bridge, Ethernet, FDDI, IP, OSI, ring, star; NMS, SNMP; sourcelib. ABSTRACT The EMANATE system provides a run-time extensible SNMP agent that dynamically reconfigures an agent's MIB without having to recompile, relink, or restart the agent. An EMANATE capable SNMP agent can support zero, one, or many subagents and dynamically reconfigure to connect or disconnect those subagents' MIBs. The EMANATE system consists of several logically independent components and subsystems: o Master SNMP agent which contains an API to communicate with subagents. o Subagents which implement various MIBS. o Subagent Developer's Kit which contains tools to assist in the implementation of subagents. o EMANATE libraries which provide the API for the subagent. MECHANISM A concise API allows a standard means of communication between the master and subagents. System dependent mechanisms are employed for transfer of information between the master and subagents. CAVEATS None. BUGS None known. LIMITATIONS None reported. NOCTools2 Working Group [Page 44] RFC 1470 FYI: Network Management Tool Catalog June 1993 HARDWARE REQUIRED Multiple platforms including PC's, workstations, hosts, and servers are supported. Contact SNMP Research for more details. SOFTWARE REQUIRED C compiler. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL This is a commercial product available under license from: SNMP Research 3001 Kimberlin Heights Road Knoxville, TN 37920-9716 Attn: John Southwood, Sales and Marketing (615) 573-1434 (Voice) (615) 573-9197 (FAX) CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY users@seymour1.cs.utk.edu NOCTools2 Working Group [Page 45] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog ETHERFIND_SUN NAME etherfind KEYWORDS traffic; ethernet, IP, NFS; eavesdrop; UNIX. ABSTRACT Etherfind examines the packets that traverse a network interface, and outputs a text file describing the traffic. In the file, a single line of text describes a single packet: it contains values such as protocol type, length, source, and destination. Etherfind can print out all packet traffic on the ethernet, or traffic for the local host. Further packet filtering can be done on the basis of protocol: IP, ARP, RARP, ICMP, UDP, ND, TCP, and filtering can also be done based on the source, destination addresses as well as TCP and UDP port numbers. MECHANISM In usual operations, and by default, etherfind puts the interface in promiscuous mode. In 4.3BSD UNIX and related OSs, it uses a Network Interface Tap (NIT) to obtain a copy of traffic on an ethernet interface. CAVEATS None. BUGS None known. LIMITATIONS Minimal protocol information is printed. Can only be run by the super user. The syntax is painful. HARDWARE REQUIRED Ethernet. SOFTWARE REQUIRED SunOS. AVAILABILITY Executable included in Sun OS "Networking Tools and Programs" software installation option. NOCTools2 Working Group [Page 46] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog ETHERNET-CODES NAME ethernet-codes KEYWORDS reference; ethernet, fddi; ; ; ; ABSTRACT Mike Patton of MIT LCS has compiled a very comprehensive list of the IEEE numbers used on Ethernet and FDDI (with some permutation). This file contains collected information on the various codes used on IEEE 802.3 and EtherNet. There are three "pages": type codes, vendor codes, and the uses of multicast (including broadcast) addresses. MECHANISM FTP the file and use it like a secret decoder ring. CAVEATS Since this information is from collected wisdom, there are certainly omissions. BUGS Mike welcomes any further additions. They can be sent to a special mailbox that he has set up: MAP=EtherNet-codes@LCS.MIT.Edu LIMITATIONS See caveats. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED No restrictions. NOCTools2 Working Group [Page 47] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL The file is stored as flat, non-compressed ASCII text. It can be FTP'ed from: ftp.lcs.mit.edu Retreive the file: /pub/map/EtherNet-codes To submit additions or obtain further assistance, send email to: MAP=EtherNet-codes@LCS.MIT.Edu CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY This entry maintained by the NOCtools editors. Send email to noctools-request@merit.edu NOCTools2 Working Group [Page 48] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog GENERIC-MANAGED-SYSTEM NAME Generic Managed System KEYWORDS manager; osi; cmis; unix; free, sourcelib ABSTRACT The Generic Managed System (GMS) implements the functions that would be common to any OSI managed system. These include the parseing of CMIS requests, selection of managed objects according to the scoping and filtering rules, handling of notifications and event forwarding discriminators etc. The intention is that the implementors should use the GMS as a basis for their own managed object implementations. A support environment is provided to assist with this. MECHANISM The GMS uses the UCL CMIP library plus a library of C++ objects representing common managed objects and attribute types. CAVEATS The system is still experimental, is subject to change and is not yet well documented. BUGS See above. LIMITATIONS None known. HARDWARE REQUIRED Has been tested on SUN 3 and SUN 4 architectures. SOFTWARE REQUIRED The ISODE protocol suite, BSD UNIX, UCL CMIP Library, GNU C++ (g++). AVAILABILITY The CMIP library and related management tools built upon it, known as OSIMIS (OSI Management Information Service), are publicly available from University College London, England via FTP and FTAM. To obtain information regarding a copy send email to osimis-request@cs.ucl.ac.uk or call +44 71 380 7366. NOCTools2 Working Group [Page 49] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog GETETHERS NAME getethers KEYWORDS Traffic; Ethernet; Ping; UNIX; Free ABSTRACT Getethers runs through all addresses on an ethernet segment (a.b.c.1 to a.b.c.254) and pings each address, and then determines the ethernet address for that host. It produces a list, in either plain ASCII, the file format for the Excelan Lanalyzer, or the file format for the Network General Sniffer, of hostname/ethernet address pairs for all hosts on the local nework. The plain ASCII list optionally includes the vendor name of the ethernet card in each system, to aid in the determination of the identity of unknown systems. MECHANISM Getethers uses a raw IP socket to generate ICMP echo requests and receive ICMP echo replies, and then examines the kernel ARP table to determine the ethernet address of each responding system. CAVEATS Assumes that the ethernet it is looking at is either a Class C IP network, or part of a Class B IP network that is subnetted with a netmask of 255.255.255.0. (This is easy to change, but it's compiled in.) BUGS None known. LIMITATIONS None. HARDWARE REQUIRED Has been tested on Sun-3 and Sun-4 (SPARC) systems under SunOS 4.1.x, DEC VAXes under 4.3BSD. SOFTWARE REQUIRED Runs under SunOS 4.x and 4.3BSD; should be easy to port to any other Berkeley-like system. Requires raw sockets and the ioctl calls to get at the ARP table. NOCTools2 Working Group [Page 50] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL Public domain, and freely distributable. Available via anonymous FTP from harbor.ecn.purdue.edu; also has been posted to comp.sources.unix. The current version is Version 1.4 from May 1992. Contact point: Dave Curry Purdue University Engineering Computer Network 1285 Electrical Engineering Bldg. West Lafayette, IN 47907-1285 davy@ecn.purdue.edu CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Dave Curry (see address above). NOCTools2 Working Group [Page 51] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog GETONE_WELLFLEET NAME getone, getmany, getroute, getarp, getaddr, getif, getid. KEYWORDS manager, routing, status; IP; NMS, SNMP; UNIX. ABSTRACT These commands retrieve and format for display values of one or several MIB variables (RFC1066) using the SNMP (RFC1098). Getone and getmany retrieve arbitrary MIB variables; getroute, getarp, getaddr, and getif retrieve and display tabular information (routing tables, ARP table, interface configuration, etc.), and getid retrieves and displays system name, identifica- tion and boot time. Getone retrieves and displays the value of the designated MIB variable from the specified target system. The SNMP community name to be used for the retrieval can also be specified. Getmany works similarly for groups of MIB variables rather than individual values. The name of each variable, its value and its data type is displayed. Getroute returns information from the ipRoutingTable MIB structure, displaying the retrieved information in an accessible format. Getarp behaves similarly for the address translation table; getaddr for the ipAddressTable; and getif displays information from the interfaces table, supplemented with information from the ipAddressTable. Getid displays the system name, identification, ipFor- warding state, and the boot time and date. All take a system name or IP address as an argument and can specify an SNMP community for the retrieval. One SNMP query is performed for each row of the table. MECHANISM Queries SNMP agent(s). CAVEATS None. BUGS None known. NOCTools2 Working Group [Page 52] RFC 1470 FYI: Network Management Tool Catalog June 1993 LIMITATIONS None reported. HARDWARE REQUIRED Distributed and supported for Sun 3 systems. SOFTWARE REQUIRED Distributed and supported for SunOS 3.5 and 4.x. AVAILABILITY Commercial product of: Wellfleet Communications, Inc. 12 DeAngelo Drive Bedford, MA 01730-2204 (617) 275-2400 NOCTools2 Working Group [Page 53] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog HAMMER_ANVIL NAME hammer & anvil KEYWORDS benchmark, generator; IP; DOS; free. ABSTRACT Hammer and Anvil are the benchmarking programs for IP routers. Using these tools, gateways have been tested for per-packet delay, router-generated traffic over- head, maximum sustained throughput, etc. MECHANISM Tests are performed on a gateway in an isolated testbed. Hammer generates packets at controlled rates. It can set the length and interpacket interval of a packet stream. Anvil counts packet arrivals. CAVEATS Hammer should not be run on a live network. BUGS None reported. LIMITATIONS Early versions of hammer could not produce inter-packet intervals shorter than 55 usec. HARDWARE REQUIRED Hammer runs on a PC/AT or compatible, and anvil requires a PC or clone. Both use a Micom Interlan NI5210 for LAN interface. SOFTWARE REQUIRED MS-DOS. AVAILABILITY Hammer and anvil are copyrighted, though free. Copies are available from pub/eutil on husc6.harvard.edu. NOCTools2 Working Group [Page 54] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog HOPCHECK NAME hopcheck KEYWORDS routing; IP; ping; DOS; free. ABSTRACT Hopcheck is a tool that lists the gateways traversed by packets sent from the hopcheck-resident PC to a desti- nation. Hopcheck uses the same mechanism as traceroute but is for use on IBM PC compatibles that have ethernet connections. Hopcheck is part of a larger TCP/IP pack- age that is known as ka9q that is for use with packet radio. Ka9q can coexist on a PC with other TCP/IP packages such as FTP Inc's PC/TCP, but must be used independently of other packages. Ka9q was written by Phil Karn. Hopcheck was added by Katie Stevens, dkstevens@ucdavis.edu. Unlike traceroute, which requires a UNIX kernel mod, hopcheck will run on the standard, unmodified ka9q release. MECHANISM See the description in traceroute. CAVEATS See the description in traceroute. BUGS None known. HARDWARE REQUIRED IBM PC compatible with ethernet network interface card; ethernet card supported through FTP spec packet driver. SOFTWARE REQUIRED DOS. AVAILABILITY Free for radio amateurs and educational institutions; others should contact Phil Karn, karn@ka9q.bellcore.com. Available via anonymous FTP at ucdavis.edu, in the directory "dist/nethop". NOCTools2 Working Group [Page 55] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog INTERNET_ROVER NAME Internet Rover KEYWORDS status; IP, SMTP; curses, ping, spoof; UNIX; free, sourcelib. ABSTRACT Internet Rover is a prototype network monitor that uses multiple protocol "modules" to test network functional- ity. This package consists of two primary pieces of code: the data collector and the problem display. There is one data collector that performs a series of network tests, and maintains a list of problems with the network. There can be many display processes all displaying the current list of problems which is useful in a multi-operator NOC. The display task uses curses, allowing many terminal types to display the problem file either locally or from a remote site. Full source is provided. The data collector is easily configured and extensible. Contri- butions such as additional protocol modules, and shell script extensions are welcome. MECHANISM A configuration file contains a list of nodes, addresses, NodeUp? protocol test (ping in most cases), and a list of further tests to be performed if the node is in fact up. Modules are included to test TELNET, FTP, and SMTP. If the configuration contains a test that isn't recognized, a generic test is assumed, and a filename is checked for existence. This way users can create scripts that create a file if there is a prob- lem, and the data collector simply checks the existence of that file to determine if there is problem. CAVEATS None. BUGS None known. NOCTools2 Working Group [Page 56] RFC 1470 FYI: Network Management Tool Catalog June 1993 LIMITATIONS This tool does not yet have the capability to perform actions based on the result of the test. Rather, it is intended for a multi-operator environment, and simply displays a list of what is wrong with the net. HARDWARE REQUIRED This software is known to run on Suns and IBM RTs. SOFTWARE REQUIRED Curses, 4.xBSD UNIX socket programming libraries, BSD ping. AVAILABILITY Full source available via anonymous FTP from merit.edu (35.1.1.42) in the ~ftp/pub/inetrover directory. Source and executables are public domain and can be freely distributed for non-commercial use. This pack- age is unsupported, but bug reports and fixes may be sent to: wbn@merit.edu. NOCTools2 Working Group [Page 57] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog IOZONE NAME iozone KEYWORDS benchmark; nfs;; dos,hp,unix,vmx; free. ABSTRACT Software to assess the sequential file I/O capability of a system. May be useful as reference to compare against results obtained when files are accessed via NFS, Andrew, etc. MECHANISM This test writes a X MEGABYTE sequential file in Y byte chunks, then rewinds it and reads it back. [The size of the file should be big enough to factor out the effect of any disk cache.]. Finally, IOZONE deletes the temporary file. Options allow one to vary X and Y. In addition, 'auto test' runs IOZONE repeatedly using record sizes from 512 to 8192 bytes (adjustable), and file sizes from 1 to 16 megabytes (adjustable). It creates a table of results. CAVEATS The file is written (filling any cache buffers), and then read. If the cache is >= X MB, then most if not all the reads will be satisfied from the cache. However, if it is less than or equal to .5X MB, then NONE of the reads will be satisfied from the cache. This is becase after the file is written, a .5X MB cache will contain the upper .5 MB of the test file, but we will start reading from the beginning of the file (data which is no longer in the cache). In order for this to be a fair test, the length of the test file must be AT LEAST 2X the amount of disk cache memory for your system. If not, you are really testing the speed at which your CPU can read blocks out of the cache (not a fair test). BUGS none known at this time. NOCTools2 Working Group [Page 58] RFC 1470 FYI: Network Management Tool Catalog June 1993 LIMITATIONS IOZONE does not normally test the raw I/O speed of your disk or system-em. It tests the speed of sequential I/O to actual files. Therefore, this measurement factors in the efficiency of you machines file system, operating system, C compiler, and C runtime library. It produces a measurement which is the number of bytes per second that your system can read or write to a file. HARDWARE REQUIRED This program has been ported and tested on the following computer operating systems: Vendor Operating System Notes on compiling IOzone ----------------------------------------------------------------------- Apollo Domain/OS no cc switches -- BSD domain AT&T UNIX System V R4 AT&T 6386WGS AT&T UNIX 5.3.2 define SYSTYPE_SYSV Generic AT&T UNIX System V R3 may need cc -DSVR3 Convergent Unisys/AT&T SVR3 cc -DCONVERGENT -o iozone iozone.c Digital Equipment ULTRIX V4.1 Digital Equipment VAX/VMS V5.4 see below ** Digital Equipment VAX/VMS (POSIX) Hewlett-Packard HP-UX 7.05 IBM AIX Ver. 3 rel. 1 Interactive UNIX System V R3 Microsoft MS-DOS 3.3 tested Borland, Microsoft C MIPS RISCos 4.52 NeXt NeXt OS 2.x OSF OSF/1 Portable! POSIX 1003.1-1988 may need to define _POSIX_SOURCE QNX QNX 4.0 SCO UNIX System V/386 3.2.2 SCO XENIX 2.3 SCO XENIX 3.2 Silicon Graphics UNIX cc -DSGI -o iozone iozone.c Sony Microsystems UNIX same as MIPS Sun Microsystems SUNOS 4.1.1 Tandem Computers GUARDIAN 90 1. call the source file IOZONEC 2. C/IN IOZONEC/IOZONE;RUNNABLE 3. RUN IOZONE Tandem Computers Non-Stop UX ** for VMS, define iozone as a foreign command via this DCL command: $IOZONE :== $SYS$DISK:[]IOZONE.EXE NOCTools2 Working Group [Page 59] RFC 1470 FYI: Network Management Tool Catalog June 1993 this lets you pass the command line arguments to IOZONE SOFTWARE REQUIRED OS as shown in the hardware listing above. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL Author: Bill Norcott 1060 Hyde Avenue San Jose, CA 95129 norcott_bill@tandem.com Availability: This tool has been posted to comp.sources.misc. It is available from the usual archive sites. Program can be located using ARCHIE or other servers. CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY This entry is maintained by the noctools editors. Send email to noctools-request@merit.edu. NOCTools2 Working Group [Page 60] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog LADDIS NAME LADDIS KEYWORDS benchmark, generator; NFS; spoof; unix; free. ABSTRACT "LADDIS: A Multi-Vendor and Vendor-Neutral SPEC NFS Benchmark", Bruce Nelson, LADDIS Group & Auspex Systems. Over the past 24 months, engineers from Legato, Auspex, Data General, DEC, Interphase, and Sun (LADDIS) met regularly to create the LADDIS NFS benchmark: an unbiased, standard, vendor-independent, scalable NFS performance test. The purpose of the LADDIS benchmark is to give users a credible and undisputed test of NFS performance, and to give vendors a publishable standard performance measure that customers can use for load planning, system configuration, and equipment buying decisions. Toward this end, the LADDIS benchmark is being adopted by SPEC (the System Performance Evaluation Cooperative, creators of SPECmarks) as the first member of SPEC's System-level File Server (SFS) benchmark suite." "In particular, we have had unexpected interest from some router vendors in using LADDIS to both rate and stress-test IP routers. This is because LADDIS can send back-to-back full-size packet trains, and because it can generate a 90%-Ethernet util on simulated "real" NFS workloads, just like routers encounter in the real world. But LADDIS is for local Ethernet or FDDI nets only, not WAN." MECHANISM Generates NFS requests and measures responsiveness of the server. NOCTools2 Working Group [Page 61] RFC 1470 FYI: Network Management Tool Catalog June 1993 CAVEATS "LADDIS is not released yet by SPEC, although a free beta version, quite stable, is available now as PRE-LADDIS. So you might want to put PRE-LADDIS in your listing, noting that full LADDIS availability from SPEC is expected by the end of 1992." BUGS The licensee is requested to direct beta test comments via electronicmail to: "spec-preladdis-comments@riscee.pko.dec.com". This alias will forward all comments to the SPECSFS mailing list (which includes the LADDIS Group). LIMITATIONS LADDIS is for local Ethernet or FDDI nets only, not WAN. HARDWAE REQUIRED A host with LAN connectivity. Presumably, a host with enough horsepower to generate an adequate work load. SOFTWARE REQUIRED LADDIS is a sophisticated Unix-based NFS traffic generator program. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL Date: Mon, 10 Feb 92 13:12:20 PST From: bnelson (Bruce Nelson) Dear Person: The SPEC PRE-LADDIS beta test process became operational on Monday, February 3, 1992. This email describes the process as announced during the LADDIS Group's presentation at UniForum '92 and also at Interop '91. The content of the beta test license and the license request process are consistent with the proposals approved by the SPEC Steering Committee at the January 1992 meeting in Milpitas, California. The SPEC PRE-LADDIS beta test will consist of one beta test version of PRE-LADDIS distributed ONLY by electronic mail. The SPEC PRE-LADDIS Beta test software is licensed by SPEC, not by the LADDIS Group. NOCTools2 Working Group [Page 62] RFC 1470 FYI: Network Management Tool Catalog June 1993 To obtain the PRE-LADDIS Beta test software, an individual must: 1. Request the SPEC PRE-LADDIS beta test License by electronic mail to "spec-preladdis-beta-test@riscee.pko.dec.com" with a subject line of "Request SPEC PRE-LADDIS Beta Test License". 2. Print a hardcopy of the license and sign. 3. Attach a cover letter written on the individual's company letterhead requesting the PRE-LADDIS Beta Test Kit. 4. U.S. Mail the signed license and cover letter to: SPEC PRE-LADDIS Beta Test c/o NCGA, 2722 Merrilee Drive, Suite 200 Fairfax, VA 22031 After completing these steps, the SPEC PRE-LADDIS beta test kit will be emailed to the requestor from riscee.pko.dec.com. The licensee is requested to direct beta test comments via electronic mail to "spec-preladdis-comments@riscee.pko.dec.com". This alias will forward all comments to the SPECSFS mailing list (which includes the LADDIS Group). Note that PRE-LADDIS is ONLY available through electronic mail and ONLY through the process listed above in steps 1-4. If you do not have internet email available to you (which is unlikely if you are receiving THIS email), you must arrange delivery of PRE-LADDIS through some email-capable part of your organization, not through LADDIS members like Auspex, DEC, Sun, etc. CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY This entry is maintained by the NOCtools editors. Send E-mail to noctools-request@merit.edu. NOCTools2 Working Group [Page 63] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog LAN_PATROL NAME LAN Patrol KEYWORDS security, traffic; ethernet, star; eavesdrop; DOS. ABSTRACT LAN Patrol is a full-featured network analyzer that provides essential information for effective fault and performance management. It allows network managers to easily monitor user activity, find traffic overloads, plan for growth, test cable, uncover intruders, balance network services, and so on. LAN Patrol uses state of the art data collection techniques to monitor all activity on a network, giving an accurate picture of how it is performing. LAN Patrol's reports can be saved as ASCII files to disk, and imported into spreadsheet or database pro- grams for further analysis. MECHANISM The LAN Patrol interface driver programs a standard interface card to capture all traffic on a network seg- ment. The driver operates from the background of a standard PC, maintaining statistics for each station on the network. The information can be viewed on the PC's screen, or as a user-defined report output either to file or printer. CAVEATS None. Normal operation is completely passive, making LAN Patrol transparent to the network. BUGS None known. LIMITATIONS LAN Patrol can monitor up to 10,000 packets/sec on an AT class PC, and is limited to monitoring a maximum of 1024 stations for intervals of up to 30 days. Because LAN Patrol operates at the physical level, it will only see traffic for the segment on which it is installed; it cannot see traffic across bridges. NOCTools2 Working Group [Page 64] RFC 1470 FYI: Network Management Tool Catalog June 1993 HARDWARE REQUIRED Computer: IBM PC/XT/AT, PS/2 Model 30, or compatible. Requires 512K memory and a hard drive or double-sided disk drive. Display: Color or monochrome text. Color display allows color-coding of traffic information. Ethernet, StarLAN, LattisNet, or StarLAN 10 network interface card. SOFTWARE REQUIRED PC DOS, MS-DOS version 3.1 or greater. AVAILABILITY LAN Patrol many be purchased through network dealers, or directly from: Legend Software, Inc. Phone: (201) 227-8771 FAX: (201) 906-1151 NOCTools2 Working Group [Page 65] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog LANVista NAME LANVista KEYWORDS analyzer, benchmark, debugger, generator, manager, traffic; DECnet, Ethernet, IP, OSI, Ring; Eavesdrop, Proprietary; DOS, Standalone. ABSTRACT CXR/Digilog's LANVista family of protocol and statistical analyzers provide the tools to troubleshoot an Ethernet and Token Ring 4/16Mbps network. LANVista lets you capture frames to RAM and or disk, generate traffic for stress testing, test your network cable for fault isolation, and decode all 7 layers of many popular protocol stacks. LANVista's 100 family offers exceptional price/performance and a wide range of options. Combined with an integrated upgrade path to the fully distributed LANVista 200 system, the 100 line provides a reasonably priced entry into LAN management and protocol analysis. All LANVista models are fully operable under Microsoft Windows. Under Windows, LANVista can be operated in the background, gathering data and alarms as other tasks are completed. Displayed data may easily be cut from LANVista and pasted into other Windows applications such as Excel, Lotus 1-2-3, Harvard Graphics, etc. The versatile LANVista family can also be remotely controlled through the use of PC Anywhere, Commute, Carbon Copy, or other PC remote control packages. This feature allows the use of "co-pilot" mode which enables an operator at the central site to guide and train a remote operator through network management or analysis tasks. All LANVista models provide features vital to effective network management and troubleshooting. Basic capabilities include: Network database, statistics based on the entire network and on a node basis, Token Ring functional address statistics, Bridged traffic statistics, Protocol statistics, logging of statistics to a printer or file of user definable alarms, Hardware Pre-Capture filtering, Post capture filtering, Playback of captured data, Traffic simulation and On-line context NOCTools2 Working Group [Page 66] RFC 1470 FYI: Network Management Tool Catalog June 1993 sensitive Help. Protocol Interpreters used for decoding network traffic supported by LANVista include: TCP/IP, DECnet, Banyan Vines, XNS/MS-Net, AppleTalk, IBM Token Ring, Novell, 3Com 3+ Open, SNMP and OSI. MECHANISM LANVista is available in three forms. A kit version which consists of a plug-in PC card and Master software, a self contained unit that packages the kit version in a portable PC, and a Distributed system. The LANVista distributed system allows slave units placed anywhere in the world to be controlled from a single central location for centralized management of an enterprise network. LANVista's PC cards provides a physical interface to the LAN and frame preprocessing power. The Master software controls the PC card, and the display and processing of information gathered from the network. CAVEATS Optimal performance of LANVista's master software is achieved with DOS 5.0 by utilizing RAMDRIVE.SYS, SMARTDRV.SYS and High memory. BUGS None Known. LIMITATIONS None Known. HARDWARE REQUIRED IBM PC AT, 386, 486 or compatible. SOFTWARE REQUIRED DOS AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL LANVista is available worldwide. For information on a local sales representative contact: CXR/DIGILOG 900 Business Center Drive Horsham, PA 19044 Phone 1-800-DIGILOG FAX: 215-956-0108 GSA schedule pricing is honored. NOCTools2 Working Group [Page 67] RFC 1470 FYI: Network Management Tool Catalog June 1993 CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY CXR/DIGILOG Help Desk 1-800-DIGILOG Send email to: lanvista@digilog.uucp NOCTools2 Working Group [Page 68] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog LANPROBE NAME LanProbe -- the HP 4990S LanProbe Distributed Analysis System. KEYWORDS alarm, manager, map, status, traffic; ethernet; eaves- drop, NMS; proprietary. ABSTRACT The LanProbe distributed monitoring system performs remote and local monitoring of ethernet LANs in a pro- tocol and vendor independent manner. LanProbe discovers each active node on a segment and displays it on a map with its adapter card vendor name, ethernet address, and IP address. Additional informa- tion about the nodes, such as equipment type and physi- cal location can be entered in to the data base by the user. When the NodeLocator option is used, data on the actual location of nodes is automatically entered and the map becomes an accurate representation of the physical lay- out of the segment. Thereafter when a new node is installed and becomes active, or when a node is moved or becomes inactive, the change is detected and shown on the map in real time. The system also provides the network manager with precise cable fault information displayed on the map. Traffic statistics are gathered and displayed and can be exported in (comma delimited) CSV format for further analysis. Alerts can be set on user defined thres- holds. Trace provides a remote protocol analyzer capability with decodes for common protocols. Significant events (like power failure, cable breaks, new node on network, broadcast IP source address seen, etc.) are tracked in a log that is uploaded to Pro- beView periodically. ProbeView generates reports that can be manipulated by MSDOS based word processors, spreadsheets, and DBMS. NOCTools2 Working Group [Page 69] RFC 1470 FYI: Network Management Tool Catalog June 1993 MECHANISM The system consists of one or more LanProbe segment monitors and ProbeView software running under Microsoft Windows. The LanProbe segment monitor attaches to the end of an ethernet segment and monitors all traffic. Attachment can be direct to a thin or thick coax cable, or via an external transceiver to fiber optic or twist- ed pair cabling. Network data relating to the segment is transferred to a workstation running ProbeView via RS-232, ethernet, or a modem connection. ProbeView software, which runs on a PC/AT class works- tation, presents network information in graphical displays. The HP4992A NodeLocator option attaches to the opposite end of the cable from the HP4991A LanProbe segment mon- itor. It automatically locates the position of nodes on the ethernet networks using coaxial cabling schemes. CAVEATS None. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED HP 4991A LanProbe segment monitor HP 4992A NodeLocator (for optional capabilities) 80386 based PC capable of running MS-Windows SOFTWARE REQUIRED HP 4990A ProbeView MSDOS 3.0 or higher and Microsoft Windows/286 2.1. AVAILABILITY A commercial product available from: Hewlett-Packard Company P.O. Box 10301, Palo Alto, CA 94303-0890 NOCTools2 Working Group [Page 70] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog LANWATCH NAME LANWatch KEYWORDS alarm, analyzer, traffic; CHAOS, DECnet, DNS, ethernet, IP, OSI, ring, SMTP, star; eavesdrop; DOS; library, sourcelib. ABSTRACT LANWatch 2.0 is an inexpensive, powerful and flexible network analyzer that runs under DOS on personal com- puters and requires no hardware modifications to either the host or the network. LANWatch is an invaluable tool for installing, troubleshooting, and monitoring local area networks, and for developing and debugging new protocols. Network managers using LANWatch can inspect network traffic patterns and packet errors to isolate performance problems and bottlenecks. Protocol developers can use LANWatch to inspect and verify proper protocol handling. Since LANWatch is a software-only package which installs easily in existing PCs, network technicians and field service engineers can carry LANWatch in their briefcase for convenient network analysis at remote sites. LANWatch has two operating modes: Display and Examine. In Display Mode, LANWatch traces network traffic by displaying captured packets in real time. Examine Mode allows you to scroll back through stored packets to inspect them in detail. To select a subset of packets for display, storage or retrieval, there is an exten- sive set of built-in filters. Using filters, LANWatch collects only packets of interest, saving the user from having to sort through all network traffic to isolate specific packets. The built-in filters include alarm, trigger, capture, load, save and search. They can be controlled separately to match on source or destination address, protocol, or packet contents at the hardware and transport layers. LANWatch also includes suffi- cient source code so users can modify the existing filters and parsers or add new ones. The LANWatch distribution includes executables and source for several post-processors: a TCP protocol analyzer, a node-by-node traffic analyzer and a dump file listing tool. NOCTools2 Working Group [Page 71] RFC 1470 FYI: Network Management Tool Catalog June 1993 MECHANISM Uses many common PC network interfaces by placing them in promiscuous mode and capturing traffic. CAVEATS Most PC network interfaces will not capture 100% of the traffic on a fully-loaded network (primarily missing back-to-back packets). BUGS None known. LIMITATIONS LANWatch can't analyze what it doesn't see (see Caveats). HARDWARE REQUIRED LANWatch requires a PC or PS/2 with a supported network interface card. SOFTWARE REQUIRED LANWatch runs in DOS. Modification of the supplied source code or creation of additional filters and parsers requires Microsoft C 5.1 AVAILABILITY LANWatch is commercially available from FTP Software, Incorporated, 26 Princess Street, Wakefield, MA, 01880 (617 246-0900). NOCTools2 Working Group [Page 72] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog LLL_ENTM NAME ENTM -- Ethernet Traffic Monitor KEYWORDS traffic; ethernet, IP; eavesdrop; VMS; free. ABSTRACT ENTM is a screen-oriented utility that runs under VAX/VMS. It monitors local ethernet traffic and displays either a real time or cumulative, histogram showing a percent breakdown of traffic by ethernet pro- tocol type. The information in the display can be reported based on packet count or byte count. The per- cent of broadcast, multicast and approximate lost pack- ets is reported as well. The screen display is updated every three seconds. Additionally, a real time, slid- ing history window may be displayed showing ethernet traffic patterns for the last five minutes. ENTM can also report IP traffic statistics by packet count or byte count. The IP histograms reflect infor- mation collected at the TCP and UDP port level, includ- ing ICMP type/code combinations. Both the ethernet and IP histograms may be sorted by ASCII protocol/port name or by percent-value. All screen displays can be saved in a file for printing later. MECHANISM This utility simply places the ethernet controller in promiscuous mode and monitors the local area network traffic. It preallocates 10 receive buffers and attempts to keep 22 reads pending on the ethernet dev- ice. CAVEATS Placing the ethernet controller in promiscuous mode may severly slow down a VAX system. Depending on the speed of the VAX system and the amount of traffic on the lo- cal ethernet, a large amount of CPU time may be spent on the Interrupt Stack. Running this code on any pro- duction system during operational hours is discouraged. BUGS Due to a bug in the VAX/VMS ethernet/802 device driver, IEEE 802 format packets may not always be detected. A simple test is performed to "guess" which packets are NOCTools2 Working Group [Page 73] RFC 1470 FYI: Network Management Tool Catalog June 1993 in IEEE 802 format (DSAP equal to SSAP). Thus, some DSAP/SSAP pairs may be reported as an ethernet type, while valid ethernet types may be reported as IEEE 802 packets. In some hardware configurations, placing an ethernet controller in promiscuous mode with automatic-restart enabled will hang the controller. Our VAX 8650 hangs running this code, while our uVAX IIs and uVAX IIIs do not. Please report any additional bugs to the author at: Allen Sturtevant National Magnetic Fusion Energy Computer Center Lawrence Livermore National Laboratory P.O. Box 808; L-561 Livermore, CA 94550 Phone : (415) 422-8266 E-Mail: sturtevant@ccc.nmfecc.gov LIMITATIONS The user is required to have PHY_IO, TMPMBX and NETMBX privileges. When activated, the program first checks that the user process as enough quotas remaining (BYTLM, BIOLM, ASTLM and PAGFLQUO) to successfully run the program without entering into an involuntary wait state. Some quotas require a fairly generous setting. The contents of IEEE 802 packets are not examined. Only the presence of IEEE 802 packets on the wire is reported. The count of lost packets is approximated. If, after each read completes on the ethernet device, the utility detects that it has no reads pending on that device, the lost packet counter is incremented by one. When the total number of bytes processed exceeds 7fffffff hex, all counters are automatically reset to zero. HARDWARE REQUIRED A DEC ethernet controller. SOFTWARE REQUIRED VAX/VMS version V5.1+. NOCTools2 Working Group [Page 74] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY For executables only, FTP to the ANONYMOUS account (password GUEST) on CCC.NMFECC.GOV and GET the follow- ing files: [ANONYMOUS.PROGRAMS.ENTM]ENTM.DOC (ASCII text) [ANONYMOUS.PROGRAMS.ENTM]ENTM.EXE (binary) [ANONYMOUS.PROGRAMS.ENTM]EN_TYPES.DAT (ASCII text) [ANONYMOUS.PROGRAMS.ENTM]IP_TYPES.DAT (ASCII text) NOCTools2 Working Group [Page 75] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog Interactive Network Map NAME map -- Interactive Network Map KEYWORDS manager, map; CHAOS, ethernet, IP, ring, star; NMS, ping, SNMP, X; UNIX; free, sourcelib. ABSTRACT Map draws a map of network connectivity and allows interactive examination of information about various components including whether hosts can be reached over the network. The program is supplied with complete source and is written in a modular fashion to make addition of dif- ferent protocols stacks, displays, or hardcopy devices relatively easy. This is one of the reasons why the initial version supports at least two of each. Contri- butions of additional drivers in any of these areas will be welcome as well as porting to additional plat- forms. MECHANISM Net components are pinged by use of ICMP echo and, optionally, CHAOS status requests and SNMP "gets." The program initializes itself from static data stored in the file system and therefore does not need to access the network in order to get running (unless the static files are network mounted). CAVEATS As of publication, the tool is in beta release. BUGS Several minor nits, documented in distribution files. Bug discoveries should be reported by email to Bug- Map@LCS.MIT.Edu. LIMITATIONS See distribution file for an indepth discussion of sys- tem capabilities and potential. HARDWARE REQUIRED An X display is needed for interactive display of the map, non-graphical interaction is available in non- display mode. For hardcopy output a PostScript or Tek- NOCTools2 Working Group [Page 76] RFC 1470 FYI: Network Management Tool Catalog June 1993 tronix 4692 printer is required. SOFTWARE REQUIRED BSD UNIX or related OS. IP/ICMP is required; CHAOS/STATUS and SNMP can be used but are optional. X-Windows is required for interactive display of the map. AVAILABILITY The program is Copyright MIT. It is available via anonymous FTP with a license making it free to use and distribute for non-commercial purposes. FTP to host FTP.LCS.MIT.Edu, directory nets. The complete distribution is in map.tar.Z and some short documentation files are there (as well as in the distribution). Of most interest are ReadMe and Intro. To be added to the email forum that discusses the software, or for other administrative details, send a request to: MAP-Request@LCS.MIT.Edu NOCTools2 Working Group [Page 77] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog MCONNECT NAME mconnect KEYWORDS status; SMTP; spoof; UNIX. ABSTRACT Mconnect allows an interactive session with a remote mailer. Mail delivery problems can be diagnosed by connecting to the remote mailer and issuing SMTP com- mands directly. MECHANISM Opens a TCP connection to remote SMTP on port 25. Pro- vides local line buffering and editing, which is the distinction between mconnect and a TELNET to port 25. CAVEATS None. BUGS None known. LIMITATIONS Mconnect is not a large improvement over using a TELNET connection to port 25. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED BSD UNIX or related OS. AVAILABILITY Available with 4.xBSD UNIX and related operating sys- tems. NOCTools2 Working Group [Page 78] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog MIB-BROWSER NAME MIB Browser KEYWORDS manager; osi; cmis, x; unix; free, sourcelib. ABSTRACT The MIB Browser is an X Windows HCI tool that allows you to "browse" through the objects in a Management Information Base (MIB). The browser is generic in that it can connect to a CMIS agent without having any prior knowledge of the structure of the MIB in the agent. MECHANISM CMIP is used to transfer the values of attributes between the managed system and the browser. CAVEATS None. BUGS Unexpected termination of the agent can cause browser to crash (ISODE bug!). HARDWARE REQUIRED Unix workstation, has been tested on SUN 3 and SUN 4 architectures. SOFTWARE REQUIRED The ISODE protocol suite, BSD UNIX, X Windows, GNU C++ (g++), Interviews (2.6). AVAILABILITY The CMIP library and related management tools built upon it, known as OSIMIS (OSI Management Information Service), are publicly available from University College London, England via FTP and FTAM. To obtain information regarding a copy send email to osimis-request@cs.ucl.ac.uk or call +44 71 380 7366. NOCTools2 Working Group [Page 79] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog MONET NAME MONET -- the Hughes LAN Systems SNMP Network Management Center (formerly the Hughes LAN Systems 9100) software product runs on a Sun SPARCStation hardware platform. KEYWORDS control, graphics, network topology,manager, routing, status, traffic; bridge, configuration, performance, alarm management, relational database, mib parser for RDBMS, intelligent hub management, DECnet, ethernet, IP; NMS, SNMP; UNIX. ABSTRACT Monet provides the capability to manage and control SNMP-based networking products from any vendor including those from Hughes LAN Systems. A comprehensive relational database manages the data and ensures easy access and control of resources throughout the network. Monet provides multivendor management through its advanced Mib master MIB parser that allows the parsing of enterprise MIBs (ASN.1 format per RFC1212) directly into the RDBMS for use by Monet's applications. Major features include: Remote access with X: Use of the X/Motif user-interface, enabling remote access to the all applications. Database Management Stores and retrieves the information required to administer and configure the network. It can be used to: - Store and recall configuration data for all devices. - Provide availability history for devices. - Assign new internet addresses. - Provide administrative information such as physical location of devices, responsible person, maintenance history, asset data, hardware/software versions, etc. - Full-function SQL interface. - User-customizable RDBMS report generation. NOCTools2 Working Group [Page 80] RFC 1470 FYI: Network Management Tool Catalog June 1993 Graphics and Network Mapping The Graphics module enables the user to view the nodes in the network as "dynamic" icons in heirarchical maps. The network is represented by these heirarchical maps. Though there is a library of device icons, cities and geographical maps included, the user has access to a graphics editor that allows customizing and the creation of new icons and maps. A Device's icon may be selected to: - Register/deregister the device, - Access the open alarms and acknowledge faults for the selected device, - Ping the device to determine accessibility, - Draw graphs of any of the device's numeric MIB objects, either the values as retrieved in real-time or the history values previously stored in the RDBMS by the Performance Manager, - Telnet to the device, - Customize the graphical dynamics (color, fill, rotation, etc.) of the device's icon by associating them to the values of the device's MIB objects. Configuration Management - Retrieves configuration information from SNMP devices. - Stores device parameters in the RDBMS, with common sets of parameters used for multiple devices, or for multiple ports on a device, stored only once in the RDBMS. - Configures devices from the parameters stored in the RDBMS, including those relating to TCP/IP, DECnet and any other protocol/feature configurable via SNMP. - Polls devices to compare their current parameter values with those in the database and produce reports of the discrepancies. - Collect data about the state of the network. - Learn the parameters of the devices in the network and populate the database. Performance Management - Displays local network traffic graphically, by packet size, protocol, network utilization, sources and destinations of packets, etc. - Provides for the scheduling of jobs to retrieve NOCTools2 Working Group [Page 81] RFC 1470 FYI: Network Management Tool Catalog June 1993 MIB values of a device and store them in the RDBMS for review or summary reporting at a later time. - Allows high/low thresholds to be set on retrieved values with alarms generated when thresholds are exceeded. Fault Management - Provides availability monitoring and indicates potential problems. - Creates alarms from received SNMP traps, and from other internally-generated conditions, - Records alarms in the alarm log in the RDBMS. - Lists alarms for selected set of devices, according to various filter conditions, - Possible causes and suggested actions for the alarms are listed. - New alarms are indicated by a flashing icon and optional audio alert. - Visual indication of alarms bubbles up the network map heirarchy. - Cumulative reports can be produced. Utilities Function - View and/or terminate current NMC processes, - Access to database maintenance utilities. MECHANISM SNMP. CAVEATS None reported. BUGS None known. LIMITATIONS Maximum number of nodes that can be monitored is 18,000. This can include Hosts, Terminal Servers, PCs, Routers, and Bridges. HARDWARE REQUIRED The host for the NMC software is a Sun 4 desktop works- tation. Recommended minimum hardware is the Sun IPX Color workstation, with a 1/4" SCSI tape drive. SOFTWARE REQUIRED MONET V5.0, which is provided on 1/4" tape format, runs on the Sun 4.1.1 Operating System. NOCTools2 Working Group [Page 82] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL A commercial product of: Hughes LAN Systems Inc. 1225 Charleston Road Mountain View, CA 94043 Phone: (415) 966-7300 Fax: (415) 960-3738 RCA Telex: 276572 CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY kishoret@msgate.hls.com kzm@hls.com NOCTools2 Working Group [Page 83] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NET_MONITOR NAME net_monitor KEYWORDS routing, status; DECnet, IP; curses, ping; UNIX, VMS; free, sourcelib. ABSTRACT Net_monitor uses ICMP echo (and DECnet reachability information on VAX/VMS) to monitor a network. The mon- itoring is very simplistic, but has proved useful. It periodically tests whether hosts are reachable and reports the results in a full-screen display. It groups hosts together in common sets. If all hosts in a set become unreachable, it makes a lot of racket with bells, since it assumes that this means that some com- mon piece of hardware that supports that set has failed. The periodicity of the tests, hosts to test, and groupings of hosts are controlled with a single configuration file. The idea for this program came from the PC/IP monitor facility, but is an entirely different program with different functionality. MECHANISM Reachability is tested using ICMP echo facilities for TCP/IP hosts (and DECnet reachability information on VAX/VMS). A DECnet node is considered reachable if it appears in the list of hosts in a "show network" com- mand issued on a routing node. CAVEATS This facility has been found to be most useful when run in a window on a workstation rather than on a terminal connected to a host. It could be useful if ported to a PC (looks easy using FTP Software's programming libraries), but this has not been done. Curses is very slow and cpu intensive on VMS, but the tool has been run in a window on a VAXstation 2000. Just don't try to run it on a terminal connected to a 11/750. BUGS None known. NOCTools2 Working Group [Page 84] RFC 1470 FYI: Network Management Tool Catalog June 1993 LIMITATIONS This tool is not meant to be a replacement for a more comprehensive network management facility such as is provided with SNMP. HARDWARE REQUIRED A host with a network connection. SOFTWARE REQUIRED Curses, 4.xBSD UNIX socket programming libraries (lim- ited set) and some flavor of TCP/IP that supports ICMP echo request (ping). It has been run on VAX/VMS run- ning WIN/TCP and several flavors of 4BSD UNIX (includ- ing SunOS 3.2, 4.0, and 4.3BSD). It could be ported to any platform that provides a BSD-style programming li- brary with an ICMP echo request facility and curses. AVAILABILITY Requests should be sent to the author: Dale Smith Asst Dir of Network Services University of Oregon Computing Center Eugene, OR 97403-1211 Internet: dsmith@oregon.uoregon.edu. BITNET: dsmith@oregon.bitnet UUCP: ...hp-pcd!uoregon!dsmith Voice: (503)686-4394 With the source code, a makefile is provided for most any UNIX box and a VMS makefile compatible with the make distributed with PMDF. A VMS DCL command file is also provided, for use by those VMS sites without "make." The author will attempt to fix bugs, but no support is promised. The tool is copyrighted, but free (for now). NOCTools2 Working Group [Page 85] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NETLABS_CMOT_AGENT NAME Netlabs CMOT Agent KEYWORDS manager, status; IP, OSI; NMS. ABSTRACT Netlabs' CMOT code debuted in Interop 89. The CMOT code comes with an Extensible MIB, which allows users to add new MIB variables. The code currently supports all the MIB variables in RFC 1095 via the data types in RFC 1065, as well as the emerging MIB-II, which is currently in experimental stage. The CMOT has been benchmarked at 100 Management Operations per Second (MOPS) for a 1-MIPS machine. MECHANISM The Netlabs CMOT agent supports the control and moni- toring of network resources by use of CMOT message exchanges. CAVEATS None. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED Portable to most hardware. SOFTWARE REQUIRED Portable to most operating systems. AVAILABILITY Commercially available from: Netlabs Inc 11693 Chenault Street Ste 348 Los Angeles CA 90049 (213) 476-4070 lam@netlabs.com (Anne Lam) NOCTools2 Working Group [Page 86] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NETLABS_DUAL_MANAGER NAME Dual Manager KEYWORDS alarm, control, manager, map, security, status; IP, OSI; NMS, SNMP, X; UNIX; library. ABSTRACT Netlabs' Dual Manager provides management of TCP/IP networks using both SNMP and CMOT protoocls. Such management can be initiated either through the X- Windows user interface (both Motif and Openlook), or through OSI Network Management (CMIP) commands. The Dual Manager provides for configuration, fault, secu- rity and performance management. It provides extensive map management features, including scanned maps in the background. It provides simple mechanisms to extend the MIB and assign specific lists of objects to specific network elements, thereby providing for the management of all vendors' specific MIB extensions. It provides an optional relational DBMS for storing and retrieving MIB and alarm information. Finally, the Dual Manager is an open platform, in that it provides several Application Programming Interfaces (APIs) for users to extend the functionality of the Dual Manager. The Dual Manager is expected to work as a TCP/IP "branch manager" under DEC's EMA, AT&T's UNMA and other OSI-conformant enterprise management architectures. MECHANISM The Netlabs Dual Manager supports the control and moni- toring of network resources by use of both CMOT and SNMP message exchanges. CAVEATS None. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED Runs on Sun/3 and Sun/4s. NOCTools2 Working Group [Page 87] RFC 1470 FYI: Network Management Tool Catalog June 1993 SOFTWARE REQUIRED Available on System V or SCO Open Desktop environments. Uses X-Windows for the user interface. AVAILABILITY Commercially available from: Netlabs Inc 11693 Chenault Street Ste 348 Los Angeles CA 90049 (213) 476-4070 lam@netlabs.com (Anne Lam) NOCTools2 Working Group [Page 88] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NETLABS_SNMP_AGENT NAME Netlabs SNMP Agent. KEYWORDS manager, status; IP; NMS, SNMP. ABSTRACT Netlabs' SNMP code debuted in Interop 89, where it showed interoperation of the code with several imple- mentations on the show floor. The SNMP code comes with an Extensible MIB, which allows users to add new MIB variables. The code currently supports all the MIB variables in RFC 1066 via the data types in RFC 1065, as well as the emerging MIB-II, which is currently in experimental stage. The SNMP has been benchmarked at 200 Management Operations per Second (MOPS) for a 1- MIPS machine. MECHANISM The Netlabs SNMP agent supports the control and moni- toring of network resources by use of SNMP message exchanges. CAVEATS None. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED Portable to most hardware. SOFTWARE REQUIRED Portable to most operating systems. AVAILABILITY Commercially available from: Netlabs Inc 11693 Chenault Street Ste 348 Los Angeles CA 90049 (213) 476-4070 lam@netlabs.com (Anne Lam) NOCTools2 Working Group [Page 89] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NetMetrix-Load-Monitor NAME NetMetrix Load Monitor KEYWORDS alarm,traffic; Ethernet, FDDI, IP, Ring; Eavesdrop, SNMP, X; UNIX; ABSTRACT The NetMetrix Load Monitor is a distributed client-server monitoring tool for ethernet, token ring, and FDDI networks. A unique "dual" architecture provides compatibility with both RMON and X windows. RMON allows interoperability and an enterprise-wide view, while X windows enables much more powerful, intelligent applications at remote segments and saves network bandwidth. The Load Monitor provides extensive traffic statistics. It looks at load by time interval, source node, destination node, application, protocol or packet size. A powerful ZOOM feature allows extensive correlational analysis which is displayed in a wide variety of graphs and tables. You can answer questions such as: Which sources are generating most of the load on the network when it is most heavily loaded and where is this load going? Which source/destination pairs generate the most traffic over the day? Where should bridges and routers be located to optimally partition the network? How much load do applications, like the X Windows protocol, put on the network and who is generating that load when it is the greatest. A floating license allows easy access to the software tool anywhere you need it. MECHANISM NetMetrix turns the network interface into promiscuous mode to capture packets. CAVEATS none. BUGS none known. NOCTools2 Working Group [Page 90] RFC 1470 FYI: Network Management Tool Catalog June 1993 LIMITATIONS none. HARDWARE REQUIRED SPARC system SOFTWARE REQUIRED SunOS 4.0 or higher AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL NetMetrix is available from: Sales Department Metrix Network Systems, Inc. One Tara Boulevard Nashua, New Hampshire 03062 telephone: 603-888-7000 fax: 603-891-2796 email: info@metrix.com Government agencies please note that NetMetrix is on the GSA schedule. CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Norma Shepperd Marketing Administrator 603-888-7000 norma@metrix.com NOCTools2 Working Group [Page 91] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NetMetrix-NFS-Monitor NAME NetMetrix NFS Monitor KEYWORDS traffic; Ethernet, FDDI, NFS, Ring; Eavesdrop, SNMP, X; UNIX ABSTRACT The NetMetrix NFS Monitor is a distributed network monitoring tool which monitors and graphs NFS load, response time, retransmits, rejects and errors by server, client, NFS procedure, or time interval. Breakdown server activity by file system and client activity by user. A powerful ZOOM feature lets you correlate monitoring variables. You can see client/server relationships, compare server performance, evaluate NFS performance enhancement strategies. A floating license and the X Window protocol allows monitoring of remote ethernet, token ring and FDDI segments from a central enterprise-wide display. MECHANISM NetMetrix turns the network interface into promiscuous mode to capture packets. CAVEATS none. BUGS none known. LIMITATIONS none. HARDWARE REQUIRED SPARC system SOFTWARE REQUIRED SunOS 4.0 or higher NOCTools2 Working Group [Page 92] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL NetMetrix is available from: Sales Department Metrix Network Systems, Inc. One Tara Boulevard Nashua, New Hampshire 03062 telephone: 603-888-7000 fax: 603-891-2796 email: info@metrix.com Government agencies please note that NetMetrix is on the GSA schedule. CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Norma Shepperd Marketing Administrator 603-888-7000 norma@metrix.com NOCTools2 Working Group [Page 93] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NetMetrix-Protocol-Analyzer NAME NetMetrix Protocol Analyzer KEYWORDS alarm, analyzer, traffic; DECnet, DNS, Ethernet, FDDI, IP, OSI, NFS, Ring, SMTP; Eavesdrop, SNMP, X; UNIX; Library ABSTRACT The NetMetrix Protocol Analyzer is a distributed client-server monitoring tool for ethernet, token ring, and FDDI networks. A unique "dual" architecture provides compatibility with both RMON and X windows. RMON allows interoperability, while X windows enables much more powerful, intelligent applications at remote segments and saves network bandwidth. With the Protocol Analyzer, you can decode and display packets as they are being captured. Extensive filters let you sift through packets either before or after trace capture. The capture filter may be specified by source, destination between hosts, protocol, packet size, pattern match, or by a complete expression using an extensive filter expression language. Full 7-layer packet decodes are available for all major protocols including DECnet, Appletalk, Novell, XNS, SNA, BANYAN, OSI and TCP/IP. The decodes for the TCP/IP stack have all major protocols including NFS, YP, DNS, SNMP, OSPF, etc. Request and reply packets are matched. Packets can be displayed in summary, detail or hex, with multiple views to see packet dialogues side by side. A complete developers' kit is available for custom decodes. A floating license allows easy acess to the software tool anywhere you need it. MECHANISM NetMetrix turns the network interface into promiscuous mode to capture packets. NOCTools2 Working Group [Page 94] RFC 1470 FYI: Network Management Tool Catalog June 1993 CAVEATS none. BUGS none known. LIMITATIONS none. HARDWARE REQUIRED SPARC system SOFTWARE REQUIRED SunOS 4.0 or higher AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL NetMetrix is available from: Sales Department Metrix Network Systems, Inc. One Tara Boulevard Nashua, New Hampshire 03062 telephone: 603-888-7000 fax: 603-891-2796 email: info@metrix.com Government agencies please note that NetMetrix is on the GSA schedule. CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Norma Shepperd Marketing Administrator 603-888-7000 norma@metrix.com NOCTools2 Working Group [Page 95] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NetMetrix-Traffic-Generator NAME NetMetrix Traffic Generator KEYWORDS Debugger, Generator, Traffic; Ethernet, FDDI, IP, Ring; Eavesdrop, SNMP, X; UNIX; Library ABSTRACT The NetMetrix Traffic Generator is a distributed software tool which allows you to simulate network load or test packet dialogues between nodes on your ethernet, token ring, or FDDI segments. The Traffic Generator can also be used to test and validate management station alarms, routers, bridges, hubs, etc. An easy-to-use programming interface provides complete flexibility over variables such as bandwidth, packet sequence, and conditional responses. A floating license and the X Window System protocol allows testing of remote ethernet, token ring and FDDI segments from a central console. MECHANISM NetMetrix turns the network interface into promiscuous mode to capture packets. CAVEATS none. BUGS none known. LIMITATIONS none. HARDWARE REQUIRED SPARC system SOFTWARE REQUIRED SunOS 4.0 or higher NOCTools2 Working Group [Page 96] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL NetMetrix is available from: Sales Department Metrix Network Systems, Inc. One Tara Boulevard Nashua, New Hampshire 03062 telephone: 603-888-7000 fax: 603-891-2796 email: info@metrix.com Government agencies please note that NetMetrix is on the GSA schedule. CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Norma Shepperd Marketing Administrator 603-888-7000 norma@metrix.com NOCTools2 Working Group [Page 97] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NETMON_MITRE NAME NETMON and iptrace KEYWORDS traffic; IP; eavesdrop; UNIX; free. ABSTRACT NETMON is a facility to enable communication of net- working events from the BSD UNIX operating system to a user-level network monitoring or management program. Iptrace is a program interfacing to NETMON which logs TCP-IP traffic for performance measurement and gateway monitoring. It is easy to build other NETMON-based tools using iptrace as a model. NETMON resides in the 4.3BSD UNIX kernel. It is independent of hardware-specific code in UNIX. It is transparent to protocol and network type, having no internal assumptions about the network protocols being recorded. It is installed in BSD-like kernels by adding a standard function call (probe) to a few points in the input and output routines of the protocols to be logged. NETMON is analogous to Sun Microsystems' NIT, but the interface tap function is extended by recording more context information. Aside from the timestamp, the choice of information recorded is up to the installer of the probes. The NETMON probes added to the BSD IP code supplied with the distribution include as context: input and output queue lengths, identification of the network interface, and event codes labeling packet dis- cards. (The NETMON distribution is geared towards measuring the performance of BSD networking protocols in an IP gateway). NETMON is designed so that it can reside within the monitored system with minimal interference to the net- work processing. The estimated and measured overhead is around five percent of packet processing. The user-level tool "iptrace" is provided with NETMON. This program logs IP traffic, either at IP-level only, or as it passes through the network interface drivers as well. As a separate function, iptrace produces a host traffic matrix output. Its third type of output NOCTools2 Working Group [Page 98] RFC 1470 FYI: Network Management Tool Catalog June 1993 is abbreviated sampling, in which only a pre-set number of packets from each new host pair is logged. The three output types are configured dynamically, in any combination. OSITRACE, another logging tool with a NETMON interface, is available separately (and documented in a separate entry in this catalog). MECHANISM Access to the information logged by NETMON is through a UNIX special file, /dev/netmon. User reads are blocked until the buffer reaches a configurable level of full- ness. Several other parameters of NETMON can be tuned at com- pile time. A diagnostic program, netmonstat, is included in the distribution. CAVEATS None. BUGS Bug reports and questions should be addressed to: ie-tools@gateway.mitre.org Requests to join this mailing list: ie-tools-request@gateway.mitre.org Questions and suggestions can also be directed to: Allison Mankin (703)883-7907 mankin@gateway.mitre.org LIMITATIONS A NETMON interface for tcpdump and other UNIX protocol analyzers is not included, but it is simple to write. NETMON probes for a promiscuous ethernet interface are similarly not included. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED BSD UNIX-like network protocols or the ability to install the BSD publicly available network protocols in the system to be monitored. NOCTools2 Working Group [Page 99] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY The NETMON distribution is available by anonymous FTP in pub/netmon.tar or pub/netmon.tar.Z from aelred- 3.ie.org. A short user's and installation guide, NETMON.doc, is available in the same location. The NETMON distribution is provided "as is" and requires retention of a copyright text in code derived from it. It is copyrighted by the MITRE-Washington Networking Center. NOCTools2 Working Group [Page 100] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NETMON_WINDOWS_SNMP_RESEARCH NAME NETMON for Windows -- an SNMP-based network management tool that runs under Microsoft Windows 3.0 from SNMP Research. KEYWORDS alarm, control, manager, map, routing; DECnet, Ethernet, IP, OSI, ring, star; NMS, SNMP; DOS; sourcelib. ABSTRACT The NETMON application implements a powerful network management station based on a low-cost DOS platform. NETMON's network management tools for configuration, performance, security, and fault management have been used successfully with a wide assortment of wide- and local-area-network topologies and medias. Multiprotocol devices are supported including those using TCP/IP, DECnet, and OSI protocols. Some features of NETMON's network management tools include: o Fault management tool displays a map of the network configuration with node and link state indicated in one of several colors to indicate current status; o Configuration management tool may be used to edit the network management information base stored in the NMS to reflect changes occurring in the network; o Graphs and tabular tools for use in fault and performance management; o Mechanisms by which additional variables, such as vendor- specific variables, may be added; o Alarms may be enabled to alert the operator of events occurring in the network; o Events are logged to disk; o Output data may be transferred via flat files for additional report generation by a variety of statistical packages. The NETMON application comes complete with source code including a powerful set of portable libraries for generating and parsing SNMP messages. NOCTools2 Working Group [Page 101] RFC 1470 FYI: Network Management Tool Catalog June 1993 MECHANISM The NETMON for Windows application is based on the Simple Network Management Protocol (SNMP). Polling is performed via the powerful SNMP get-next operator and the SNMP get operator. Trap directed polling is used to regulate the focus and intensity of the polling. CAVEATS None. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED The minimum system is a IBM 386 computer, or compatible, with hard disk drive. SOFTWARE REQUIRED DOS 5.0 or later, Windows 3.0 in 386 mode, and TCP/IP kernel software from FTP Software. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL This is a commercial product available under license from: SNMP Research 3001 Kimberlin Heights Road Knoxville, TN 37920-9716 Attn: John Southwood, Sales and Marketing (615) 573-1434 (Voice) (615) 573-9197 (FAX) CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY users@seymour1.cs.utk.edu NOCTools2 Working Group [Page 102] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NETscout NAME NETscout(tm) KEYWORDS Alarm, Analyzer, Manager, Status, Traffic; DECnet, Ethernet, IP, OSI, NFS, Ring, Star, Eavesdrop; NMS, SNMP; UNIX; ABSTRACT The NETscout family of distributed LAN Analyzer devices are intended to provide network users with a comprehensive capability to identify and isolate fault conditions in data communications networks. NETscout has the capability to collect wide ranging statistical data, to display selectively captured and fully decoded network traffic, to set user-defined alarm conditions, and to obtain real-time updates from all segments of a widely dispersed internetwork from a centralized SNMP-compatible network management console. The NETscout family is based on standards so that operation may be realized in heterogeneous networks which constitute a multi-protocol, multi-topology, multi-vendor environment. The fundamental standards upon which NETscout is based are the Simple Network Management Protocol (SNMP), which defines the protocol for all inter-communications between NETscout devices, and the Remote Monitoring Management Information Base (RMON-MIB), which defines the type of information which is to be gathered and made available to the user for each network segment. NETscout clients provide a full array of monitoring and analysis features including intelligent seven level decoding of all majorprotocol stacks: DOD including TCP/IP XNS Novell DECNET including LAT ISO APPLETALK IBM Token Ring Vines NETBIOS/SMB SNMP including RMON-MIB SUN-NFS SMT NETscout agents support all nine groups of the RMON-MIB standard. NETscout agents can work with any SNMP-based network management system and currently NOCTools2 Working Group [Page 103] RFC 1470 FYI: Network Management Tool Catalog June 1993 support Ethernet and Token Ring. MECHANISM The operation of the NETscout family is divided into two distinct subcategories. The first is the "Client" which is the user console from which operational commands are issued and where all results and diagnostic information are displayed. In a NETscout topology it is feasible to have multiple clients active simultaneously within a single network. The second category is the "Agent", a hardware/software device which is attached to a specific network segment and which gathers statistical information for that segment as well as providing a window into that segment where network traffic may be observed and gathered for more detailed user analysis. A typical network will have multiple segments and multiple agents up to the point of having one agent for each logical network segment. NETscout Model 9210 is a software package which, when combined in a Sun SPARCstation in conjunction with SunNet Manager running under Open Windows, implements the NETscout client function. SunNet Manager provides the background operational tools for client operation while the NETscout software provides application-specific functions related to RMON-MIB support as well as all software necessary to perform the protocol decode function. SunNet Manager also implements a network map file which includes a topographical display of the entire network and is the mechanism for selecting network elements to perform operations. NETscout Model 9215 is a software package that operates in conjunction with SunNet Manager and implements the statistics monitoring function only. That is, it does not include the protocol decode function or the mechanism to retrieve actual data from a remote agent. It does, however, include complete statistics gathering and event and alarm generation. Frontier NETscout Models 9510 and 9515, and Model 9610 and 9615 are agent software packages that implement selected network diagnostic functions when loaded into a Sun SPARCstation (9510, 9515) or a SynOptics LattisNet Hub (9610, 9615) respectively which is NOCTools2 Working Group [Page 104] RFC 1470 FYI: Network Management Tool Catalog June 1993 connected to an Ethernet network segment using conventional network interface hardware. Models 9510 and 9610 support all nine RMON-MIB groups including "filters" and "packet capture" and thus provide for complete protocol monitoring and decode when used with a client equipped with protocol decode software. Models 9515 an 9615 include support for seven RMON-MIB groups which excludes "filters" and "data capture" and therefore perform network monitoring only through collection and presentation of network statistics, events, and alarms. All models also support the MIB2 system and interface groups. Frontier NETscout Models 9520 and 9525, and Model 9620 and 9625 are agent software packages that are identical in function to their respective models described above except that they are for use on Token Ring segments. CAVEATS The RMON-MIB standard for Token Ring applications has not yet beenformally released and is not approved. NETscout products correspond to the latest draft for Token Ring functions and will be updated as required to conform to the standard as it is approved. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED Sun SPARCstation or LattisNet Hub depending upon Model number. SOFTWARE REQUIRED Sun OS 4.1.1 for client and agent, SunNet Manager for client. NOCTools2 Working Group [Page 105] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL NETscout products are available commercially. For information regarding your local representative, contact: Frontier Software Development, Inc. 1501 Main Street Tewksbury, MA 01876 Phone: 508-851-8872 Fax: 508-851-6956 CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Marketing Frontier Software NOCTools2 Working Group [Page 106] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NETSTAT NAME netstat KEYWORDS routing; IP; UNIX, VMS; free. ABSTRACT Netstat is a program that accesses network related data structures within the kernel, then provides an ASCII format at the terminal. Netstat can provide reports on the routing table, TCP connections, TCP and UDP "listens", and protocol memory management. MECHANISM Netstat accesses operating system memory to read the kernel routing tables. CAVEATS Kernel data structures can change while netstat is run- ning. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED BSD UNIX or related OS, or VMS. AVAILABILITY Available via anonymous FTP from uunet.uu.net, in directory bsd-sources/src/ucb. Available with 4.xBSD UNIX and related operating systems. For VMS, available as part of TGV MultiNet IP software package, as well as Wollongong's WIN/TCP. NOCTools2 Working Group [Page 107] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NETWORK_INTEGRATOR NAME Network Integrator I KEYWORDS map, traffic; ethernet; UNIX. ABSTRACT This tool monitors traffic on network segments. All information is dumped to either a log file or, for real-time viewing, to a command tool window. Data is time-stamped according to date and time. Logging can continue for up to 24 hours. The tool is flexible in data collection and presenta- tion. Traffic filters can be specified according to header values of numerous protocols, including those used by Apple, DEC, Sun, HP, and Apollo. Bandwidth utilization can be monitored, as well as actual load and peak throughput. Additionally, the Network Integrator can analyze a network's topology, and record the location of all operational nodes on a network. Data can be displayed in six separate formats of bar graphs. In addition, there are several routines for producing statistical summaries of the data collected. MECHANISM The tools work through RPC and XDR calls. CAVEATS Although the tool adds only little traffic to a net- work, generation of statistics from captured files requires a significant portion of a workstation's CPU. BUGS None known. LIMITATIONS Must be root to run monitor. There does not seem to be a limit to the number of nodes, since it monitors by segments. The only major limitation is the amount of disk space that a user can commit to the log files. The size of the log files, however, can be controlled through the tool's parameters. NOCTools2 Working Group [Page 108] RFC 1470 FYI: Network Management Tool Catalog June 1993 HARDWARE REQUIRED Sun3 or Sun4. SOFTWARE REQUIRED 4.0BSD UNIX or greater, or related OS. AVAILABILITY Copyrighted, commercially available from Network Integrators, (408) 927-0412. NOCTools2 Working Group [Page 109] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NFSwatch NAME nfswatch KEYWORDS Traffic; Ethernet, IP, NFS; Curses, Eavesdrop; UNIX; Free ABSTRACT Nfswatch monitors all incoming ethernet traffic to an NFS file server and divides it into several categories. The number and percentage of packets received in each category is displayed on the screen in a continuously updated display. By default, nfswatch monitors all packets destined for the local host over a single network interface. Options are provided to specify the specific interface to be monitored, or all interfaces at once. NFS traffic to the local host, to a remote host, from a specific host, between two hosts, or all NFS traffic on the network may be monitored. Categories of packets monitored and counted include: ND Read, ND Write, NFS Read, NFS Write, NFS Mount, Yellow Pages (NIS), RPC Authorization, Other RPC, TCP, UDP, ICMP, RIP, ARP, RARP, Ethernet Broadcast, and Other. Packets are also tallied either by file system or file (specific files may be watched as an option), NFS procedure name (RPC call), or NFS client hostname. Facilities for taking "snapshots" of the screen, as well as saving data to a log file for later analysis (the analysis tool is included) are also available. MECHANISM Nfswatch uses the Network Interface Tap, nit(4) under SunOS 4.x, and the Packet Filter, packetfilter(4), under Ultrix 4.x, to place the ethernet interface into promiscuous mode. It filters out NFS packets, and decodes the file handles in order to determine how to count the packet. NOCTools2 Working Group [Page 110] RFC 1470 FYI: Network Management Tool Catalog June 1993 CAVEATS Because the NFS file handle is a non-standard (server private) piece of data, nfswatch must be modified to understand file handles used by various implementations. It currently knows about the SunOS 4.x and Ultrix file handle formats. BUGS Does not monitor FDDI interfaces. (It should be a simple change, but neither author has access to a system with FDDI interfaces for testing.) LIMITATIONS Up to 256 exported file systems and 256 individual files can be monitored at any time. Only NFS requests are counted; the NFS traffic generated by a server in response to those packets is not counted. HARDWARE REQUIRED Any Ultrix system (VAX or DEC RISC hardware) SOFTWARE REQUIRED Ultrix release 4.0 or later. For Ultrix 4.1, may require the patched "if_ln.o" kernel module, available from Digital's Customer Support Center. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL Copyrighted, but freely distributable. Available via anonymous FTP from harbor.ecn.purdue.edu, ftp.erg.sri.com, and gatekeeper.dec.com, as well as numerous other sites around the Internet. The current version is Version 3.0 from January 1991. Contact points: Dave Curry Jeff Mogul Purdue University Digital Equipment Corp. Engineering Computer Network Western Research Laboratory 1285 Electrical Engineering Bldg. 100 Hamilton Avenue West Lafayette, IN 47907-1285 Palo Alto, CA 94301 davy@ecn.purdue.edu mogul@decwrl.dec.com CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Dave Curry (see address above). NOCTools2 Working Group [Page 111] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NHFSSTONE NAME nhfsstone KEYWORDS benchmark, generator; NFS; spoof; UNIX; free. ABSTRACT Nhfsstone (pronounced n-f-s-stone, the "h" is silent) is an NFS benchmarking program. It is used on an NFS client to generate an artificial load with a particular mix of NFS operations. It reports the average response time of the server in milliseconds per call and the load in calls per second. The nhfsstone distribution includes a script, "nhfsnums" that converts test results into plot(5) format so that they can be graphed using graph(1) and other tools. MECHANISM Nhfsstone is an NFS traffic generator. It adjusts its calling patterns based on the client's kernel NFS statistics and the elapsed time. Load can be generated over a given time or number of NFS calls. CAVEATS Nhfsstone will compete for system resources with other applications. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED 4.xBSD-based UNIX NOCTools2 Working Group [Page 112] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY Available via anonymous FTP from bugs.cs.wisc.edu. Alternatively, Legato Systems will provide the program free of charge, if certain conditions are met. Send name and both email and U.S. mail addresses to: Legato Systems, Inc. Nhfsstone 260 Sheridan Avenue Palo Alto, California 94306 A mailing list is maintained for regular information and bug fixes: nhfsstone@legato.com or uunet!legato.com!nhfsstone. To join the list: nhfsstone-request@legato.com or uunet!legato.com!nhfsstone-request. NOCTools2 Working Group [Page 113] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NNSTAT NAME NNStat KEYWORDS manager, status, traffic; ethernet, IP; eavesdrop, NMS; UNIX; free. ABSTRACT NNStat is a collection of programs that provides an internet statistic collecting capability. The NNStat strategy for statistic collection is to collect traffic statistics via a promiscuous ethernet tap on the local networks, versus instrumenting the gateways. If all traffic entering or leaving a network or set of net- works traverses a local ethernet, then by stationing a statistic gathering agent on each local network a pro- file of network traffic can be gathered. Statistical data is retrieved from the local agents by a global manager. A program called "statspy" performs the data gathering function. Essentially, statspy reads all packets on an ethernet interface and records all information of interest. Information of interest is gathered by exa- mining each packet and determining if the source or destination IP address is one that is being monitored, typically a gateway address. If so then the contents of the packet are examined to see if they match further criteria. A program called "collect" performs global data collec- tion. It periodically polls various statspy processes in the domain of interest to retrieve locally logged statistical data. The NNSTAT distribution comes with several sample awk programs which process the logged output of the collect program. MECHANISM Local agents (statspy processes) collect raw traffic data via a promiscuous ethernet tap. Statistical, fil- tered or otherwise reduced data is retrieved from the local agents by a global manager (the "collect" pro- cess). NOCTools2 Working Group [Page 114] RFC 1470 FYI: Network Management Tool Catalog June 1993 CAVEATS None. BUGS Bug fixes, extensions, and other pointers are discussed in the electronic mail forum, bytecounters. To join, send a request to bytecounters-request@venera.isi.edu. Forum exchanges are archived in the file bytecounters/bytecounters.mail, available via anonymous FTP from venera.isi.edu. LIMITATIONS NNStat presumes a topology of one or more long haul networks gatewayed to local ethernets. A kernel mod required to run with SunOS4. These mods are described in the bytecounters archive. HARDWARE REQUIRED Ethernet interface. Sun 3, Sun 4 (SPARC), or PC RT workstation. SOFTWARE REQUIRED Distribution is for BSD UNIX, could easily be adapted to any UNIX with promiscuous ethernet support. AVAILABILITY Distribution is available via anonymous FTP from venera.isi.edu, in file pub/NNStat.tar.Z. Documenta- tion is in pub/NNStat.userdoc.ms.Z. NOCTools2 Working Group [Page 115] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NOCOL(8) NAME nocol - network monitoring tools for an IP network SYNOPSIS This is an overview of the NOCOL software. DESCRIPTION NOCOL (Network Operations Center On-Line) is a collection of network monitoring programs that run on Unix systems. The software consists of a number of monitoring agents that poll various parameters from any system and put it in a format suitable for post-processing. The post-processors can be a display agent, an automated troubleshooting program, an event logging program, etc. Presently, monitors for tracking reachability, SNMP traps, data throughput rate, and nameservers have been developed and are in use. Addition of more monitoring agents is easy and they will be added as necessary. A display agent- nocol(1) using curses has already been developed. Work on an "intelligent" module is currently in progress for event logging and some automatic troubleshooting. All data collected by the monitoring agents follows a fixed (non-readable) format. Each data entry is termed an event in NOCOL, and each event has certain flags and severity associated with it. The display agent nocol(1), displays the output of these monitoring agents depending on the severity of the event. There can be multiple displays running simultanously and all process the same set of monitored data. There are four levels of severity associated with an event- CRITICAL, ERROR, WARNING and INFO. The severity level is controlled independently by the monitoring agents, and the decision to raise or set an event's severity to any level depends on the logic imbedded in the monitoring agent. As an example, for the pingmon(8) monitor, if a site is unreachable via ping, it would be assigned a severity of WARNING by pingmon, which would then elevate to CRITICAL if the site is still unreachable after some time. In the case of trapmon(8), an SNMP trap message of EGP neighbor lost would be directly assigned a severity level of CRITICAL, while an Warm Start trap is NOCTools2 Working Group [Page 116] RFC 1470 FYI: Network Management Tool Catalog June 1993 assigned a severity of WARNING. The display agent (and other data post-processors) would use this event severity to decide whether to display it (or troubleshoot/log it) depending on the user selected display severity level. The software is very flexible and allows enhancements and development with a minimum amount of effort. The display module processes all the files present in the data directory, and displays them sequentially. This allows new monitoring programs to simply start generating data in the data directory and the display module will automatically start displaying the new data. The monitoring tools can be changed, and the only element that has to remain common between all the modules is the EVENT data structure. CURRENT MODULES NOCOL presently consists of the following modules: nocol which simply displays the data collected by the monitoring agents. It uses the curses screen management system to support a wide variety of terminal types. The criterion for displaying an event is: 1. Severity level of the event is higher than the severity level set in the display. 2. The display filter (if set) matches some string in the event line. The display can be in regular 80 column mode or in extended 132 column mode. Critical events are displayed in reverse video (if the terminal type supports it). Additional features like displaying informational messages in a part of the window, automatic resizing window sizes, operator acknowledgement via a bell when a new event goes critical are also available. ippingmon which monitors the reachability of a site via "ICMP" ping packets (ICMP was preferred over SNMP for many obvious reasons). This program can use the default out- put from the system's ping program, but an accompanying program ( multiping) can ping multiple IP sites at the NOCTools2 Working Group [Page 117] RFC 1470 FYI: Network Management Tool Catalog June 1993 same time and is preferable for monitoring a large list of sites. A site is marked unreachable if a certain number of packets is lost, and the severity level is increased each time that the site tests unreachable. osipingmon which is similar to the ippingmon module but uses the OSI ping program instead. No multiple ping program for OSI sites has been developed at this time. The only requirement is that the system's ping program output match the typical BSD IP ping program's output. nsmon which monitors the nameservers (named) on the list of specified hosts. It periodically sends an SOA query for the default domain and if the queried nameservers cannot resolve the query, then the site is elevated to CRITICAL status. tpmon For monitoring the throughput (kbits per second) to a list of hosts. The program connects to the discard socket on the remote machine (using a STREAM socket) and sends large packets for a small amount of time to evaluate the effective throughput. It elevates a site to WARNING level if the throughput drops below a certain threshold (set in the configuration file). trapmon Converts all SNMP traps into a format suitable for displaying using NOCOL. The severity of the various traps is preset (and can be changed during compilation time). PLATFORM Any Unix system with the curses screen management library and IP (Internet Protocol) programming facility. It has been tested on Sun Sparc 4.1.1, Ultrix, and NeXT systems. Porting to other platforms might require minor adjustments depending on the vagaries of the different vendors (mostly in the include files). AVAILABILITY NOCOL was developed at JvNCnet and has been in use for monitoring the JvNCnet wide area network since 1989. It is available via anonymous FTP from ftp.jvnc.net under pub/jvncnet-packages/nocol.tar.Z. The system running at NOCTools2 Working Group [Page 118] RFC 1470 FYI: Network Management Tool Catalog June 1993 JvNCet can be viewed by logging into the host nocol.jvnc.net with username nocol (an rlogin instead of telnet will handle your X window terminal types better). To be added to the NOCOL mailing list (for future updates and bug fixes), send a message to nocol-users- request@jvnc.net with your email address. FUTURE DEVELOPMENTS Possible future enhancements are: 1. Event logging. 2. Addition of an automated troubleshooting mechanism when a site severity level reaches a particular level. 3. SNMP monitors to watch the state of certain vari- ables (interface errors, packet rate, route state changes). AUTHOR The software was developed at JvNCnet over a period of time. The overall design and initial development was done by Vikas Aggarwal and Sze-Ying Wuu. Additional development is being done and coordinated by Vikas Aggarwal (vikas@jvnc.net). Copyright 1992 JvNCnet. (See the file COPYRIGHT for full details) SEE ALSO nocol(1) nocol(3) tpmon(8) tsmon(8) nsmon(8) NOCTools2 Working Group [Page 119] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NPRV NAME NPRV -- IP Node/Protocol Reachability Verifier KEYWORDS map, routing, status; IP; ping; VMS; free. ABSTRACT NPRV is a full-screen, keypad-oriented utility that runs under VAX/VMS. It allows the user to quickly scan through a user-defined list of IP addresses (or domain names) and verify a node's reachability. The node's reachability is determined by performing an ICMP echo, UDP echo and a TCP echo at alternating three second intervals. The total number of packets sent and received are displayed, as well as the minimum, average and maximum round-trip times (in milliseconds) for each type of echo. Additionally, a "trace route" function is performed to determine the path from the local sys- tem to the remote host. Once all of the trace route information has filled the screen, a "snapshot" of the screen can be written to a text file. Upon exiting the utility, these text files can be used to generate a logical network map showing host and gateway intercon- nectivity. MECHANISM The ICMP echo is performed by sending ICMP ECHO REQUEST packets. The UDP and TCP echoes are performed by con- necting to the UDP/TCP echo ports (port number 7). The trace route information is compiled by sending alter- nating ICMP ECHO REQUEST packets and UDP packets with very large destination UDP port numbers (in two passes). Each packet is initially sent with a TTL (time to live) of 1. This should cause an ICMP TIME EXCEEDED error to be generated by the first routing gateway. Then each packet is sent with a TTL of 2. This should cause an ICMP TIME EXCEEDED error to be generated by the second routing gateway. Then each packet is sent with a TTL of 3, and so on. This pro- cess continues until an ICMP ECHO REPLY or UDP PORT UNREACHABLE is received. This indicates that the remote host has been reached and that the trace route information is complete. NOCTools2 Working Group [Page 120] RFC 1470 FYI: Network Management Tool Catalog June 1993 CAVEATS This utility sends one echo packet per second (ICMP, UDP or TCP), as well as sending out one trace route packet per second. If a transmitted trace route packet is returned in less than one second, another trace route packet is sent in 100 milliseconds. This could cause a significant amount of contention on the local network. BUGS None known. Please report any discovered bugs to the author at: Allen Sturtevant National Magnetic Fusion Energy Computer Center Lawrence Livermore National Laboratory P.O. Box 808; L-561 Livermore, CA 94550 Phone : (415) 422-8266 E-Mail: sturtevant@ccc.nmfecc.gov LIMITATIONS The user is required to have SYSPRV privilege to per- form the ICMP Echo and trace route functions. The utility will still run with this privilege disabled, but only the UDP Echo and TCP Echo information will be displayed. This utility is written in C, but unfor- tunately it cannot be easily ported over to UNIX since many VMS system calls are used and all screen I/O is done using the VMS Screen Management Routines. HARDWARE REQUIRED Any network interface supported by TGV Incorporated's MultiNet software. SOFTWARE REQUIRED VAX/VMS V5.1+ and TGV Incorporated's MultiNet version 2.0. AVAILABILITY For executables only, FTP to the ANONYMOUS account (password GUEST) on CCC.NMFECC.GOV (128.55.128.30) and GET the following files: [ANONYMOUS.PROGRAMS.NPRV]NPRV.DOC (ASCII text) [ANONYMOUS.PROGRAMS.NPRV]NPRV.EXE (binary) [ANONYMOUS.PROGRAMS.NPRV]SAMPLE.IPA (ASCII text) NOCTools2 Working Group [Page 121] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog NSLOOKUP NAME nslookup KEYWORDS status; DNS, BIND; UNIX, VMS; free. ABSTRACT Nslookup is an interactive program for querying Internet Domain Name System (DNS) servers. It is essentially a user-friendly front end to the BIND "resolver" library routines. This program is useful for converting a hostname into an IP address (and vice versa), determining the name servers for a domain , listing the contents of a domain, displaying any type of DNS record, such as MX, CNAME, SOA, etc., diagnosing name server problems. By default, nslookup will query the default name server but you can specify a different server on the command line or from a configuration file. You can also specify different values for the options that control the resolver routines. MECHANISM The program formats, sends and receives DNS (RFC 1034) queries. CAVEATS None. BUGS None known. LIMITATIONS None known. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED BSD UNIX or related OS, or VMS. NOCTools2 Working Group [Page 122] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY NSLookup is included in the BIND distribution. Available via anonymous FTP from uunet.uu.net, in directory /networking/ip/dns/bind. Available with 4.xBSD UNIX and related operating systems. For VMS, available as part of TGV MultiNet IP software package, as well as Wollongong's WIN/TCP. NOCTools2 Working Group [Page 123] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog OSITRACE NAME OSITRACE KEYWORDS traffic; OSI; eavesdrop; UNIX; free. ABSTRACT OSITRACE is a network performance tool that displays information about ISO TP4 connections. One line of output is displayed for each packet indicating the time, source, destination, length, packet type, sequence number, credit, and any optional parameters contained in the packet. Numerous options are avail- able to control the output of OSITRACE. To obtain packets to analyze, OSITRACE uses Sun Microsystems' Network Interface Tap (NIT) in SunOS 3.4, 3.5, and 4.0.X. OSITRACE may also obtain data from the NETMON utility which is described as another tool entry. In Sun systems, OSITRACE may be easily installed: OSI kernel support is not needed, nor is any other form of OSI software support. MECHANISM This tool has been designed in such a way that code to process different protocol suites may be easily added. As such, OSITRACE also has the ability to trace the DOD TCP protocols. CAVEATS None. BUGS Bug reports and questions should be addressed to: ie- tools@gateway.mitre.org Requests to join this mailing list: ie-tools- request@gateway.mitre.org Questions and suggestions can also be directed to: Greg Hollingsworth, gregh@gateway.mitre.org LIMITATIONS None reported. NOCTools2 Working Group [Page 124] RFC 1470 FYI: Network Management Tool Catalog June 1993 HARDWARE REQUIRED No restriction. SOFTWARE REQUIRED SunOS 3.4, 3.5, or 4.0.X, or BSD UNIX-like network pro- tocols with NETMON installed. AVAILABILITY OSITRACE is copyrighted by the MITRE-Washington Net- working Center, but freely distributed "as is." It re- quires retention of a copyright text in code derived from it. The distribution is available by anonymous FTP in pub/pdutrace.tar or pub/pdutrace.tar.Z from aelred-3.ie.org. NOCTools2 Working Group [Page 125] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog OVERVIEW NAME OverVIEW KEYWORDS manager, status; IP; NMS, SNMP; DOS. ABSTRACT Network and internet monitor; Performance monitor; Fully Graphic user interface; Event logging; TFTP boot server MECHANISM OverVIEW uses SNMP to query routers, gateways and hosts. Also supports SGMP, PING and is committed to CMIP/CMOT. The SNMP queries allow dynamic determina- tion of configuration and state. Sets of related queries allows monitoring of congestion and faults. The hardware and software are sold as an integrated package. CAVEATS None. BUGS None known. LIMITATIONS 256 nodes, 256 nets HARDWARE REQUIRED 80286, 640K, EGA, mouse. SOFTWARE REQUIRED MS-DOS, OverVIEW, Network kernel, Mouse driver, SNMP agents for monitored devices. AVAILABILITY Fully supported product of Proteon, Inc. For more information, contact: Proteon, Inc. Phone: (508) 898-2800 2 Technology Drive Fax: (508) 366-8901 Westborough, MA 01581 Telex: 928124 NOCTools2 Working Group [Page 126] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog PING NAME ping KEYWORDS generator, status; IP; ping; DOS, UNIX, VMS; free. ABSTRACT Ping is perhaps the most basic tool for internet management. It verifies that a remote IP implementa- tion and the intervening networks and interfaces are functional. It can be used to measure round trip delay. Numerous versions of the ping program exist. MECHANISM Ping is based on the ICMP ECHO_REQUEST message. CAVEATS If run repeatedly, ping could generate high system loads. BUGS None known. LIMITATIONS PC/TCP's ping is the only implementation known support both loose and strict source routing. Though some ping implementations support the ICMP "record route" feature, the usefulness of this option for debugging routes is limited by the fact that many gateways do not correctly implement it. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED None. AVAILABILITY Ping is widely included in TCP/IP distributions. Pub- lic domain versions of ping are available via anonymous FTP from uunet.uu.net, in directory bsd- sources/src/etc, and from venera.isi.edu, in directory pub. NOCTools2 Working Group [Page 127] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog PROCESS-TCPWARE-SNMP NAME SNMP agent KEYWORDS alarm, manager, status, traffic; IP; SNMP; VMS;. ABSTRACT The SNMP agent listens for and responds to network management requests sent from SNMP-conforming network management stations. The SNMP agent also sends SNMP traps, under specific conditions, to identified trap receivers. SNMP communities and generation of traps are fully configurable. The SNMP agent supports all MIB-II variables except the EGP group. MECHANISM Network management variables are made available for inspection and/or alteration by means of the Simple Network Management Protocol (SNMP). CAVEATS None. BUGS No known bugs. LIMITATIONS Does not yet provide the ability for sites to add extra MIB definitions. HARDWARE REQUIRED Supported VAX processors. SOFTWARE REQUIRED VMS V4 or later AVAILABILITY The SNMP agent is included in TCPware for VMS, a commercial product available under license from: Process Software Corporation 959 Concord Street Framingham, MA 01701 +1 800 722 7770, +1 508 879 6994 (voice) +1 508 879-0042 (FAX) TELEX 517891 sales@process.com NOCTools2 Working Group [Page 128] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog PROXYD NAME proxyd -- SNMP proxy agent daemons from SNMP Research. KEYWORDS control, management, status; bridge, Ethernet, IP, OSI, ring, star; NMS, SNMP; UNIX; library, sourcelib. ABSTRACT SNMP proxy agents may be used to permit the monitoring and controlling of network elements which are otherwise not addressable using the SNMP management protocol (e.g., a network bridge that implements a proprietary management protocol). Similarly, SNMP proxy agents may be used to protect SNMP agents from redundant network management agents through the use of caches. Finally, SNMP proxy agents may be used to implement elaborate MIB access policies. The proxy agent daemon: - listens for SNMP queries and commands from logically remote network management stations, - translates and retransmits those as appropriate network management queries or cache lookups, - listens for and parses the responses, - translates the responses into SNMP responses, and - returns those responses as SNMP messages to the network management station that originated the transaction. The proxy agent daemon also emits SNMP traps to identified trap receivers. The proxy agent daemon is designed to make the addition of additional vendor- specific variables a straight-forward task. The proxy application comes complete with source code including a powerful set of portable libraries for generating and parsing SNMP messages and a set of command line utilities. MECHANISM Network management variables are made available for inspection and/or alteration by means of the Simple Network Management Protocol (SNMP). NOCTools2 Working Group [Page 129] RFC 1470 FYI: Network Management Tool Catalog June 1993 CAVEATS None. BUGS None known. LIMITATIONS This application is a template for proxy application writers. Only a few of the many LanBridge 100 variables are supported. HARDWARE REQUIRED System from Sun Microsystems, Incorporated. SOFTWARE REQUIRED Sun OS 3.5 or 4.x. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL This is a commercial product available under license from: SNMP Research 3001 Kimberlin Heights Road Knoxville, TN 37920-9716 Attn: John Southwood, Sales and Marketing (615) 573-1434 (Voice) (615) 573-9197 (FAX) CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY users@seymour1.cs.utk.edu NOCTools2 Working Group [Page 130] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog PROXYD_SNMP_RESEARCH NAME proxyd -- SNMP proxy agent daemons from SNMP Research. KEYWORDS control, management, status; bridge, Ethernet, IP, OSI, ring, star; NMS, SNMP; UNIX; library, sourcelib. ABSTRACT SNMP proxy agents may be used to permit the monitoring and controlling of network elements which are otherwise not addressable using the SNMP management protocol (e.g., a network bridge that implements a proprietary management protocol). Similarly, SNMP proxy agents may be used to protect SNMP agents from redundant network management agents through the use of caches. Finally, SNMP proxy agents may be used to implement elaborate MIB access policies. The proxy agent daemon: - listens for SNMP queries and commands from logically remote network management stations, - translates and retransmits those as appropriate network management queries or cache lookups, - listens for and parses the responses, - translates the responses into SNMP responses, and - returns those responses as SNMP messages to the network management station that originated the transaction. The proxy agent daemon also emits SNMP traps to identified trap receivers. The proxy agent daemon is designed to make the addition of additional vendor- specific variables a straight-forward task. The proxy application comes complete with source code including a powerful set of portable libraries for generating and parsing SNMP messages and a set of command line utilities. MECHANISM Network management variables are made available for inspection and/or alteration by means of the Simple Network Management Protocol (SNMP). NOCTools2 Working Group [Page 131] RFC 1470 FYI: Network Management Tool Catalog June 1993 CAVEATS None. BUGS None known. LIMITATIONS This application is a template for proxy application writers. Only a few of the many LanBridge 100 variables are supported. HARDWARE REQUIRED System from Sun Microsystems, Incorporated. SOFTWARE REQUIRED Sun OS 3.5 or 4.x. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL This is a commercial product available under license from: SNMP Research 3001 Kimberlin Heights Road Knoxville, TN 37920-9716 Attn: John Southwood, Sales and Marketing (615) 573-1434 (Voice) (615) 573-9197 (FAX) CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY users@seymour1.cs.utk.edu NOCTools2 Working Group [Page 132] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog QUERY NAME query, ripquery KEYWORDS routing; IP; spoof; UNIX; free. ABSTRACT Query allows remote viewing of a gateway's routing tables. MECHANISM Query formats and sends a RIP request or POLL command to a destination gateway. CAVEATS Query is intended to be used a a tool for debugging gateways, not for network management. SNMP is the pre- ferred protocol for network management. BUGS None known. LIMITATIONS The polled gateway must run RIP. HARDWARE REQUIRED No restriction. SOFTWARE REQUIRED 4.3BSD UNIX or related OS. AVAILABILITY Available with routed and gated distributions. Routed may be obtained via anonymous FTP from uunet.uu.net, in file bsd- sources/src/network/routed.tar.Z. Gated may be obtained via anonymous FTP from devvax.tn.cornell.edu. Distribution files are in directory pub/gated. NOCTools2 Working Group [Page 133] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog SAS-CPE NAME SAS/CPE(tm) for Open Systems Software KEYWORDS manager, status; bridge, ethernet, FDDI, IP, OSI, NFS; X; DOS, HP, UNIX; library. ABSTRACT SAS/CPE(tm) for Open Systems software is an integrated system designed to facilitate the analysis and presentation of computer performance and resource utilization data. SAS/CPE software features include: . Processing of raw computer and network performance data into detail-level SAS data sets. . Conversion and validation of logged data values to forms more useful for display and analysis (e.g., I/O counts are converted to I/O rates per second). . Numerous sample reports on performance data processed by SAS/CPE software. . Reduction of logged performance data into daily, weekly, monthly or yearly summarized values. . Menu-driven interface to the creation and management of multiple performance data bases. . Menu-driven report designing interface that allows users with no programming knowledge to create and manage custom reports from their performance data base. No SAS coding is needed for this interface. MECHANISM SAS/CPE for Open Systems processes and reports data from SNMP and other proprietary monitoring protocols, as well as du and accounting. CAVEATS The product is currently in alpha testing. BUGS None known. LIMITATIONS None reported. NOCTools2 Working Group [Page 134] RFC 1470 FYI: Network Management Tool Catalog June 1993 HARDWARE REQUIRED HP, SUN or IBM Workstation SOFTWARE REQUIRED The SAS(r) System Base Software, SAS/GRAPH Software and SAS/CPE for Open System Software AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL SAS/CPE for Open Systems Software is available from: SAS Institute Inc. SAS Campus Drive Cary, NC 27513 Phone 919-677-8000 FAX 919-677-8123 CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Send email to snodjs@mvs.sas.com. NOCTools2 Working Group [Page 135] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog SNIFFER NAME Sniffer KEYWORDS analyzer, generator, traffic; DECnet, ethernet, IP, NFS, OSI, ring, SMTP, star; eavesdrop; standalone. ABSTRACT The Network General Sniffer is a protocol analyzer for performing LAN diagnostics, monitoring, traffic genera- tion, and troubleshooting. The Sniffer protocol analyzer has the capability of capturing every packet on a network and of decoding all seven layers of the OSI protocol model. Capture frame selection is based on several different filters: protocol content at lower levels; node addresses; pattern matching (up to 8 logically-related patterns of 32 bytes each); and des- tination class. Users may extend the protocol interpretation capability of the Sniffer by writing their own customized protocol interpreters and linking them to the Sniffer software. The Sniffer displays network traffic information and performance statistics in real time, in user-selectable formats. Numeric station addresses are translated to symbolic names or manufacturer ID names. Network activities measured include frames accepted, Kbytes accepted, and buffer use. Each network version has additional counters for activities specific to that network. Network activity is expressed as frames/second, Kbytes/second, or per cent of network bandwidth utilization. Data collection by the Sniffer may be output to printer or stored to disk in either print-file or spread-sheet format. Protocol suites understood by the Sniffer include: Banyan Vines, IBM Token-Ring, Novell Netware, XNS/MS- Net (3Com 3+), DECnet, TCP/IP (including SNMP and applications-layer protocols such as FTP, SMTP, and TELNET), X Windows (for X version 11), NFS, and several SUN proprietary protocols (including mount, pmap, RPC, and YP). Supported LANs include: ethernet, Token-ring (4Mb and 16Mb versions), ARCNET, StarLAN, IBM PC Net- work (Broadband), and Apple Localtalk Network. NOCTools2 Working Group [Page 136] RFC 1470 FYI: Network Management Tool Catalog June 1993 MECHANISM The Sniffer is a self-contained, portable protocol analyzer that require only AC line power and connection to a network to operate. Normally passive (except when in Traffic Generator mode), it captures images of all or of selected frames in a working buffer, ready for immediate analysis and display. The Sniffer is a standalone device. Two platforms are available: one for use with single network topologies, the other for use with multi-network topologies. Both include Sniffer core software, a modified network interface card (or multiple cards), and optional proto- col interpreter suites. All Sniffer functions may be remotely controlled from a modem-connected PC. Output from the Sniffer can be imported to database or spreadsheet packages. CAVEATS In normal use, the Sniffer is a passive device, and so will not adversely effect network performance. Perfor- mance degradation will be observed, of course, if the Sniffer is set to Traffic Generator mode and connected to an active network. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED None. The Sniffer is a self-contained unit, and includes its own interface card. It installs into a network as would any normal workstation. SOFTWARE REQUIRED None. NOCTools2 Working Group [Page 137] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY The Sniffer is available commercially. For information on your local representative, call or write: Network General Corporation 4200 Bohannon Drive Menlo Park, CA 94025 Phone: 415-688-2700 Fax: 415-321-0855 For acquisition by government agencies, the Sniffer is included on the GSA schedule. NOCTools2 Working Group [Page 138] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog SNMP_DEVELOPMENT_KIT NAME The SNMP Development Kit KEYWORDS manager, status; IP; NMS, SNMP; UNIX; free, sourcelib. ABSTRACT The SNMP Development Kit comprises C Language source code for a programming library that facilitates access to the management services of the SNMP (RFC 1098). Sources are also included for a few simple client applications whose main purpose is to illustrate the use of the library. Example client applications query remote SNMP agents in a variety of modes, and generate or collect SNMP traps. Code for an example SNMP agent that supports a subset of the Internet MIB (RFC 1066) is also included. MECHANISM The Development Kit facilitates development of SNMP- based management applications -- both clients and agents. Example applications execute SNMP management operations according to the values of command line arguments. CAVEATS None. BUGS Fixed in the next release. LIMITATIONS None reported. HARDWARE REQUIRED The SNMP library source code is highly portable and runs on a wide range of platforms. SOFTWARE REQUIRED The SNMP library source code has almost no operating system dependencies and runs in a wide range of environments. Certain portions of the example SNMP agent code are specific to the 4.3BSD implementation of the UNIX system for the DEC MicroVAX. NOCTools2 Working Group [Page 139] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY The Development Kit is available via anonymous FTP from host allspice.lcs.mit.edu. The copyright for the Development Kit is held by the Massachusetts Institute of Technology, and the Kit is distributed without charge according to the terms set forth in its code and documentation. The distribution takes the form of a UNIX tar file. Bug reports, questions, suggestions, or complaints may be mailed electronically to snmp-dk@ptt.lcs.mit.edu, although no response in any form is guaranteed. Dis- tribution via UUCP mail may be arranged by contacting the same address. Requests for hard-copy documentation or copies of the distribution on magnetic media are never honored. NOCTools2 Working Group [Page 140] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog SNMP_Libraries_SNMP_RESEARCH NAME SNMP Libraries and Utilities from SNMP Research. KEYWORDS alarm, control, manager, map, security, status; bridge, DECnet, Ethernet, FDDI, IP, OSI, ring, star; NMS, SNMP; DOS, UNIX, VMS; sourcelib. ABSTRACT The SNMP Libraries and Utilities serve two purposes: 1) to act as building blocks for the construction of SNMP-based agent and manager applications; and 2) to act as network management tools for network fire fighting and report generation. The libraries perform ASN.1 parsing and generation tasks for both network management station applications and network management agent applications. These libraries hide the details of ASN.1 parsing and generation from application writers and make it unnecessary for them to be expert in these areas. The libraries are very robust with considerable error checking designed in. The several command line utilities include applications for retrieving one or many variables, retrieving tables, or effecting commands via the setting of remote network management variables. MECHANISM The parsing is performed via recursive descent methods. Messages are passed via the Simple Network Management Protocol (SNMP). CAVEATS None. BUGS None known. LIMITATIONS The monitored and managed nodes must implement the SNMP over UDP per RFC 1157 or must be reachable via a proxy agent. NOCTools2 Working Group [Page 141] RFC 1470 FYI: Network Management Tool Catalog June 1993 HARDWARE REQUIRED This software has been ported to numerous platforms including workstations, general-purpose timesharing systems, and embedded hardware in intelligent network devices such as repeaters, bridges, and routers. SOFTWARE REQUIRED C compiler, TCP/IP library. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL This is a commercial product available under license from: SNMP Research 3001 Kimberlin Heights Road Knoxville, TN 37920-9716 Attn: John Southwood, Sales and Marketing (615) 573-1434 (Voice) (615) 573-9197 (FAX) CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY users@seymour1.cs.utk.edu NOCTools2 Working Group [Page 142] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog SNMP_PACKAGED_AGENT_SNMP_RESEARCH NAME SNMP Packaged Agent System -- an SNMP host/gateway agent daemon including a complete protocol stack and runtime environment required to support an SNMP Agent from SNMP Research. KEYWORDS control, manager, status; bridge, Ethernet, FDDI, IP, OSI, ring, star; NMS, SNMP; DOS, standalone, UNIX; sourcelib. ABSTRACT The snmpd agent daemon listens for and responds to network management queries and commands from logically remote network management stations. The agent daemon also emits SNMP traps to identified trap receivers. The agent daemon is designed to make the addition of additional vendor-specific variables a straight-forward task. The snmpd application comes complete with source code including a powerful set of portable libraries for generating and parsing SNMP messages and a set of command line utilities. The Packaged Agent System is designed to aid the hardware manufacturer who is not experienced with the TCP/IP protocol suite. A lightweight, non-preemptive scheduler/tasking system for faster execution and less impact on slow CPUs is included in the package. Development environment is either MS DOS or UNIX. MECHANISM Network management variables are made available for inspection and/or alteration by means of the Simple Network Management Protocol (SNMP). CAVEATS None. BUGS None known. LIMITATIONS None reported. NOCTools2 Working Group [Page 143] RFC 1470 FYI: Network Management Tool Catalog June 1993 HARDWARE REQUIRED The Motorola 68XXX and the Intel 8088 and X86 platforms are fully supported. Other platforms can be supported. Contact SNMP Research for details. This software has been ported to numerous platforms including workstations, general-purpose timesharing systems, and embedded hardware in intelligent network devices such as repeaters, bridges, and routers. SOFTWARE REQUIRED C compiler. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL This is a commercial product available under license from: SNMP Research 3001 Kimberlin Heights Road Knoxville, TN 37920-9716 Attn: John Southwood, Sales and Marketing (615) 573-1434 (Voice) (615) 573-9197 (FAX) CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY users@seymour1.cs.utk.edu NOCTools2 Working Group [Page 144] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog SNMPD_SNMP_RESEARCH NAME snmpd -- an SNMP host/gateway agent daemon from SNMP Research. KEYWORDS control, mananger, status; bridge, Ethernet, FDDI, IP, OSI, ring, star; NMS, SNMP; DOS, UNIX; sourcelib. ABSTRACT The snmpd agent daemon listens for and responds to network management queries and commands from logically remote network management stations. The agent daemon also emits SNMP traps to identified trap receivers. The agent daemon is architected to make the addition of additional vendor-specific variables a straight-forward task. The snmpd application comes complete with source code including a powerful set of portable libraries for generating and parsing SNMP messages and a set of command line utilities. MECHANISM Network management variables are made available for inspection and/or alteration by means of the Simple Network Management Protocol (SNMP). CAVEATS None. BUGS None known. LIMITATIONS Only operating system variables available without source code modifications to the operating system and device device drivers are supported. HARDWARE REQUIRED This software has been ported to numerous platforms including workstations, general-purpose timesharing systems, and embedded hardware in intelligent network devices such as repeaters, bridges, and routers. NOCTools2 Working Group [Page 145] RFC 1470 FYI: Network Management Tool Catalog June 1993 SOFTWARE REQUIRED C compiler. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL This is a commercial product available under license from: SNMP Research 3001 Kimberlin Heights Road Knoxville, TN 37920-9716 Attn: John Southwood, Sales and Marketing (615) 573-1434 (Voice) (615) 573-9197 (FAX) CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY users@seymour1.cs.utk.edu NOCTools2 Working Group [Page 146] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog SPIDERMONITOR NAME SpiderMonitor P220, K220 and SpiderAnalyzer P320, K320 KEYWORDS alarm, analyzer, generator, traffic; DECnet, ethernet, IP, OSI; eavesdrop; standalone; sourcelib. ABSTRACT The SpiderMonitor and SpiderAnalyzer are protocol analyzers for performing ethernet LAN diagnostics, mon- itoring, traffic generation, and troubleshooting. The SpiderMonitor has the capability of capturing every packet on a network and of decoding the first four layers of the OSI protocol model. The SpiderAnalyzer has additional software for decoding higher protocol layers. Protocol suites understood: TCP/IP (including SNMP and applications-layer protocols), OSI, XNS, DEC- net and IPX. User-definable decodes can be written in 'C' with the Microsoft version 5.0 'C' compiler. A decode guide is provided. The SpiderAnalyzer supports multiple simultaneous filters for capturing packets using predefined patterns and error states. Filter patterns can also trigger on NOT matching 1 or more filters, an alarm, or a speci- fied time. The SpiderAnalyzer can also employ TDR (Time Domain Reflectometry) to find media faults, open or short cir- cuits, or transceiver faults. It can transmit OSI, XNS, and Xerox link-level echo packets to user- specified stations, performs loop round tests. In traffic generation mode, the SpiderAnalyzer has the ability to generate packets at random intervals of ran- dom lengths or any combination of random or fixed interval or length, generation of packets with CRC errors, or packets that are too short, or packets that are too long. Output from the SpiderMonitor/Analyzer can be imported to database or spreadsheet packages. NOCTools2 Working Group [Page 147] RFC 1470 FYI: Network Management Tool Catalog June 1993 MECHANISM The SpiderMonitor and Spider Analyzer are available as stand-alone, IBM PC compatible packages based upon a Compaq III portable system, or as a plug-in boards for any IBM XT/AT compatible machine. The model 220 (Spi- derMonitor) systems provide a functional base suited for most network management needs. The model 320 (Spi- derAnalyzer) systems provide extended functionality in the development mode and traffic generation mode as well more filtering capabilities than the 220 models. CAVEATS Traffic generation will congest an operational ether- net. BUGS None known. LIMITATIONS Monitoring of up to 1024 stations and buffering of up to 1500 packets. The model 220 provides for 3 filters with a filter depth of 46 bytes. The model 320 pro- vides for 4 filters and a second level of filtering with a filter depth of 64 bytes. HARDWARE REQUIRED PX20s are self contained, the KX20s require an IBM PC/XT-AT compatible machine with 5 megabytes of hard disk storage and the spare slot into which the board kit is plugged. SOFTWARE REQUIRED None. The SpiderAnalyzer requires the Microsoft 'C' Compiler, Version 5.0 for writing user defined decodes. AVAILABILITY The SpiderMonitor/Analyzer is available commercially. For information on your local representative, call or write: Spider Systems, Inc. 12 New England Executive Park Burlington, MA 01803 Telephone: 617-270-3510 FAX: 617-270-9818 NOCTools2 Working Group [Page 148] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog SPIMS NAME SPIMS -- the Swedish Institute of Computer Science (SICS) Protocol Implementation Measurement System tool. KEYWORDS benchmark, debugger; IP, OSI; spoof; UNIX. ABSTRACT SPIMS is used to measure the performance of protocol and "protocol-like" services including response time (two-way delay), throughput and the time to open and close connections. It has been used to: o benchmark alternative protocol implementations, o observe how performance varies when parameters in specific implementations have been varied (i.e., to tune parameters). SPIMS currently has interfaces to the DoD Internet Pro- tocols: UDP, TCP, FTP, SunRPC, the OSI protocols from the ISODE 4.0 distribution package: FTAM, ROSE, ISO TP0 and to Sunlink 5.2 ISO TP4 as well as Stanford's VMTP. Also available are a rudimentary set of benchmarks, stubs for new protocol interfaces and a user manual. For an example of the use of SPIMS to tune protocols, see: Nordmark & Cheriton, "Experiences from VMTP: How to achieve low response time," IFIP WG6.1/6.4: Protocols for High-Speed Networks, May 1989, Zurich. To be published. For an example of how SPIMS can be used to benchmark protocols, see: Gunningberg, Bjorkman, Nordmark, Sjodin, Pink & Stromqvist "Application Protocols and Performance Benchmarks", IEEE Communications Magazine, June 1989, Vol. 27, No.6, pp 30-36. Sjodin, Gunningberg, Nordmark, & Pink, "Towards Protocol Benchmarks', IFIP WG6.1/6.4 Protocols for High-Speed Networks, May 1989, Zurich, pp 57-67 NOCTools2 Working Group [Page 149] RFC 1470 FYI: Network Management Tool Catalog June 1993 MECHANISM SPIMS runs as user processes and uses a TCP connection for measurement set-up. Measurements take place between processes over the measured protocol. SPIMS generates messages and transfers them via the measured protocol service according to a user-supplied specifi- cation. SPIMS has a unique measurement specification language that is used to specify a measurement session. In the language there are constructs for different application types (e.g., bulk data transfer), for specifying frequency and sequence of messages, for dis- tribution over message sizes and for combining basic specifications. These specifications are independent of both protocols and protocol implementations and can be used for benchmarking. For more details on the internals of SPIMS, see: Nordmark & Gunningberg, "SPIMS: A Tool for Protocol Implementation Performance Measurements" Proc. of 13:th Conf. on Local Computer Networks, Minneapolis 1989, pp 222-229. CAVEATS None. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED SPIMS is implemented on UNIX, including SunOS 4., 4.3BSD UNIX, DN (UNIX System V, with extensions) and Ultrix 2.0/3.0. It requires a TCP connection for meas- urement set-up. No kernel modifications or any modifi- cations to measured protocols are required. NOCTools2 Working Group [Page 150] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL SPIMS is not in the public domain and the software is covered by licenses. Use of the SPIMS software represents acceptance of the terms and conditions of the licenses. The licenses are enclosed in the distribution package. Licenses and SPIMS cover letter can also be obtained via an Internet FTP connection without getting the whole software. The retrieval procedure is identical to the below university distribution via FTP. The file to retrieve is pub/spims-dist/licenses.tar.Z There are two different distribution classes depending on requesting organization: 1. Universities and non-profit organizations. To these organizations, SPIMS source code is distributed free of charge. There are two ways to get the software: 1. FTP. If you have an Internet FTP connection, you can use anonymous FTP to sics.se [192.16.123.90], and retrieve the file pub/spims-dist/dist910304.tar.Z (this is a .6MB compressed tar image) in BINARY mode. Log in as user anonymous and at the password prompt, use your complete electronic mail address. 2. On a Sun 1/4-inch cartridge tape. For mailing, a handling fee of US$150.00 will be charged. Submit a bank check with the request. Do not send tapes or envelopes. 2. Commercial organizations. These organizations can chose between a license for commercial use, or a license for internal research only and no commercial use whatsoever. For internal research use only: The SPIMS source code is distributed for a one time fee of US$500.00. Organizations interested in the research prototype need to contact us via e-mail and briefly motivate why they qualify (non-commercial use) for the NOCTools2 Working Group [Page 151] RFC 1470 FYI: Network Management Tool Catalog June 1993 research prototype. They will thereafter get a permission to obtain a copy from the same distribution source as for universities. Commercial use: A commercial version of SPIMS will eventually be distributed and supported by a commercial partner. nIn the meantime we will distribute the research prototype (source code) to interested organizations without any guaranty or support. Contact SICS for further information. For more information about the research prototype distribution and about a commercial license, contact: Swedish Institute of Computer Science Att: Birgitta Klingenberg P.O. Box 1263 S-164 28 Kista SWEDEN e-address: spims@sics.se Phone: +46-8-7521500, Fax: +46-8-7517230 CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Bengt Ahlgren Swedish Institute of Computer Science Box 1263 S-164 28 KISTA, SWEDEN Email: bengta@sics.se Tel: +46 8 752 1562 (direct) or +46 8 752 1500 Fax: +46 8 751 7230 NOCTools2 Working Group [Page 152] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog SPRAY_SUN NAME spray KEYWORDS benchmark, generator; IP; ping; UNIX. ABSTRACT Spray is a traffic generation tool that generates RPC or UDP packets, or ICMP Echo Requests. The packets are sent to a remote procedure call application at the des- tination host. The count of received packets is retrieved from the remote application after a certain number of packets have been transmitted. The differ- ence in packets received versus packets sent represents (on a LAN) the packets that the destination host had to drop due to increasing queue length. A measure of throughput relative to system speed and network load can thus be obtained. MECHANISM See above. CAVEATS Spray can congest a network. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED SunOS AVAILABILITY Supplied with SunOS. NOCTools2 Working Group [Page 153] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog TCPDUMP NAME tcpdump KEYWORDS traffic; ethernet, IP, NFS; UNIX, VMS; free. ABSTRACT Tcpdump can interpret and print headers for the follow- ing protocols: ethernet, IP, ICMP, TCP, UDP, NFS, ND, ARP/RARP, AppleTalk. Tcpdump has proven useful for examining and evaluating the retransmission and window management operations of TCP implementations. MECHANISM Much like etherfind, tcpdump writes a log file of the frames traversing an ethernet interface. Each output line includes the time a packet is received, the type of packet, and various values from its header. CAVEATS None. BUGS None known. LIMITATIONS Public domain version requires a kernel patch for SunOS. TCPware for VMS - currently interprets headers for IP, TCP, UDP, and ICMP only. HARDWARE REQUIRED Any Ultrix system (VAX or DEC RISC hardware) SOFTWARE REQUIRED Ultrix release 4.0 or later. For Ultrix 4.1, may require the patched "if_ln.o" kernel module, available from Digital's Customer Support Center. NOCTools2 Working Group [Page 154] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY Available, though subject to copyright restrictions, via anonymous FTP from ftp.ee.lbl.gov. The source and documentation for the tool is in compressed tar format, in file tcpdump.tar.Z. Also available from spam.itstd.sri.com, in directory pub. For VMS hosts with DEC ethernet controllers, available as part of TGV MultiNet IP software package and TCPware for VMS from Process Software Corporation. NOCTools2 Working Group [Page 155] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog TCPLOGGER NAME tcplogger KEYWORDS traffic; IP; eavesdrop; UNIX; free. ABSTRACT Tcplogger consists of modifications to the 4.3BSD UNIX source code, and a large library of post-processing software. Tcplogger records timestamped information from TCP and IP packets that are sent and received on a specified connection. For each TCP packet, information such as sequence number, acknowledgement sequence number, packet size, and header flags is recorded. For an IP packet, header length, packet length and TTL values are recorded. Customized use of the TCP option field allows the detection of lost or duplicate pack- ets. MECHANISM Routines of 4.3BSD UNIX in the netinet directory have been modified to append information to a log in memory. The log is read continuously by a user process and written to a file. A TCP option has been added to start the logging of a connection. Lots of post- processing software has been written to analyze the data. CAVEATS None. BUGS None known. LIMITATIONS To get a log at both ends of the connection, the modi- fied kernel should be run at both the hosts. All connections are logged in a single file, but software is provided to filter out the record of a sin- gle connection. HARDWARE REQUIRED No restrictions. NOCTools2 Working Group [Page 156] RFC 1470 FYI: Network Management Tool Catalog June 1993 SOFTWARE REQUIRED 4.3BSD UNIX (as modified for this tool). AVAILABILITY Free, although a 4.3BSD license is required. Contact Olafur Gudmundsson (ogud@cs.umd.edu). NOCTools2 Working Group [Page 157] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog TOKENVIEW_PROTEON NAME TokenVIEW KEYWORDS control, manager, status; ring; NMS, proprietary; DOS. ABSTRACT Network Management tool for 4/16 Mbit IEEE 802.5 Token Ring Networks. Monitors active nodes and ring errors. Maintains database of nodes, wire centers and their connections. Separate network management ring allows remote configuration of wire centers. MECHANISM A separate network management ring used with Proteon Intelligent Wire Centers allows wire center configura- tion information to be read and modified from a single remote workstation. A log of network events used with a database contain nodes, wire centers and their con- nections, facilitates tracking and correction of net- work errors. Requires an "E" series PROM, sold with package. CAVEATS Currently, only ISA bus cards support the required E series PROM. BUGS None known. LIMITATIONS 256 nodes, 1 net. HARDWARE REQUIRED 512K RAM, CGA or better, hard disk, mouse supported. SOFTWARE REQUIRED MS-DOS, optional mouse driver AVAILABILITY Fully supported product of Proteon, Inc. Previously sold as Advanced Network Manager (ANM). For more in- formation, contact: Proteon, Inc. Phone: (508) 898-2800 2 Technology Drive Fax: (508) 366-8901 Westborough, MA 01581 Telex: 928124 NOCTools2 Working Group [Page 158] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog TRACEROUTE NAME traceroute KEYWORDS routing; IP; ping; UNIX, VMS; free. ABSTRACT Traceroute is a tool that allows the route taken by packets from source to destination to be discovered. It can be used for situations where the IP record route option would fail, such as intermediate gateways dis- carding packets, routes that exceed the capacity of an datagram, or intermediate IP implementations that don't support record route. Round trip delays between the source and intermediate gateways are also reported allowing the determination of individual gateways con- tribution to end-to-end delay. Enhanced versions of traceroute have been developed that allow specification of loose source routes for datagrams. This allows one to investigate the return path from remote machines back to the local host. MECHANISM Traceroute relies on the ICMP TIME_EXCEEDED error reporting mechanism. When an IP packet is received by an gateway with a time-to-live value of 0, an ICMP packet is sent to the host which generated the packet. By sending packets to a destination with a TTL of 0, the next hop can be identified as the source of the ICMP TIME EXCEEDED message. By incrementing the TTL field the subsequent hops can be identified. Each packet sent out is also time stamped. The time stamp is returned as part of the ICMP packet so a round trip delay can be calculated. CAVEATS Some IP implementations forward packets with a TTL of 0, thus escaping identification. Others use the TTL field in the arriving packet as the TTL for the ICMP error reply, which delays identification. Sending datagrams with the source route option will cause some gateways to crash. It is considered poor form to repeat this behavior. NOCTools2 Working Group [Page 159] RFC 1470 FYI: Network Management Tool Catalog June 1993 BUGS None known. LIMITATIONS Most versions of UNIX have errors in the raw IP code that require kernel mods for the standard version of traceroute to work. A version of traceroute exists that runs without kernel mods under SunOS 3.5 (see below), but it only operates over an ethernet inter- face. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED BSD UNIX or related OS, or VMS. AVAILABILITY Available by anonymous FTP from ftp.ee.lbl.gov, in file traceroute.tar.Z. It is also available from uc.msc.umn.edu. A version of traceroute that supports Loose Source Record Route, along with the source code of the required kernel modifications and a Makefile for installing them, is available via anonymous FTP from zerkalo.harvard.edu, in directory pub, file traceroute_pkg.tar.Z. A version of traceroute that runs under SunOS 3.5 and does NOT require kernel mods is available via anonymous FTP from dopey.cs.unc.edu, in file ~ftp/pub/traceroute.tar.Z. For VMS, traceroute is available as part of TGV Mul- tiNet IP software package. NOCTools2 Working Group [Page 160] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog TRPT NAME TRPT -- transliterate protocol trace KEYWORDS traffic; IP; eavesdrop; UNIX; free. ABSTRACT TRPT displays a trace of a TCP socket events. When no options are supplied, TRPT prints all the trace records found in a system, grouped according to TCP connection protocol control block (PCB). An example of TRPT output is: 38241 ESTABLISHED:input [e0531003..e0531203)@6cc5b402(win=4000) -> ESTA- BLISHED 38241 ESTABLISHED:user RCVD -> ESTABLISHED 38266 ESTABLISHED:output 6cc5b402@e0531203(win=4000) -> ESTABLISHED 38331 ESTABLISHED:input [e0531203..e0531403)@6cc5b402(win=4000) -> CLOSE_WAIT 38331 CLOSE_WAIT:output 6cc5b402@e0531404(win=3dff) -> CLOSE_WAIT 38331 CLOSE_WAIT:user RCVD -> CLOSE_WAIT 38343 LAST_ACK:output 6cc5b402@e0531404(win=4000) -> LAST_ACK 38343 CLOSE_WAIT:user DISCONNECT -> LAST_ACK 38343 LAST_ACK:user DETACH -> LAST_ACK MECHANISM TRPT interrogates the buffer of TCP trace records that is created when a TCP socket is marked for debugging. CAVEATS Prior to using TRPT, an analyst should take steps to isolate the problem connection and find the address of its protocol control blocks. BUGS None reported. NOCTools2 Working Group [Page 161] RFC 1470 FYI: Network Management Tool Catalog June 1993 LIMITATIONS A socket must have the debugging option set for TRPT to operate. Another problem is that the output format of TRPT is difficult. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED BSD UNIX or related OS. AVAILABILITY Included with BSD and SunOS distributions. Available via anonymous FTP from uunet.uu.net, in file bsd- sources/src/etc/trpt.tar.Z. NOCTools2 Working Group [Page 162] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog TTCP NAME TTCP KEYWORDS benchmark, generator; IP; ping; UNIX, VMS; free. ABSTRACT TTCP is a traffic generator that can be used for test- ing end-to-end throughput. It is good for evaluating TCP/IP implementations. MECHANISM Cooperating processes are started on two hosts. The open a TCP connection and transfer a high volume of data. Delay and throughput are calculated. CAVEATS Will greatly increase system load. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED No restrictions. SOFTWARE REQUIRED BSD UNIX or related OS, or VMS. AVAILABILITY Source for BSD UNIX is available via anonymous FTP from vgr.brl.mil, in file ftp/pub/ttcp.c, and from sgi.com, in file sgi/src/ttcp.c. A version of TTCP has also been submitted to the USENET news group comp.sources.unix. For VMS, ttcp.c is included in the MultiNet Programmer's Kit, a standard feature of TGV MultiNet IP software package. NOCTools2 Working Group [Page 163] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog UNISYS-PARAMAX NAME Paramax Network Security Server KEYWORDS alarm, control, manager, security, status; ethernet, FDDI, IP; X; UNIX. ABSTRACT The Paramax Network Security Server (NSS) is a security officer's tool for centralized security management of TCP/IP-based networks. The NSS provides capability for collection, on-line storage, maintenance, and correlation of audit data from hosts, workstations, servers, and network devices. Through the X window based user interface, a security officer can review and analyze this audit data at the NSS, select and request filtered portions of host audit data, and receive and analyze security alerts from across the network. The NSS supports centralized access control of network resources through its capability to create and update user and host access permissions data. The user access permissions data identifies network addresses that each user is permitted to access. The host access permissions data identifies network addresses between which communication is permitted. The NSS supports centralized management of user authentication data (user IDs and passwords) and other user data for use by hosts, workstations, and servers in the network. It generates pseudo-random pronounceable passwords for selection and assignment to users by the security officer. The NSS deadman timer locks the NSS screen or logs the security officer off the NSS after periods of inactivity. A biometric authentication device is optional for rigorous fingerprint authentication of users at the NSS, and logins to the NSS itself are permitted only at the console. The NSS currently provides centralized security management for a System High Network. It is being upgraded for a Compartmented Mode environment. NOCTools2 Working Group [Page 164] RFC 1470 FYI: Network Management Tool Catalog June 1993 MECHANISM The NSS uses the Audit Information Transfer Protocol (AITP) for the transfer of security alerts and audit data. AITP is NOT proprietary, and the specification is available from the address listed below. Access to the NSS audit database is provided via the Structured Query Language (SQL). CAVEATS None. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED Hardware required is a Sun 4 (SPARCStation) with a color monitor, at least 600 MB disk, and 150 MB 1/4" cartridge tape drive. SOFTWARE REQUIRED SunOS Version 4.1.1 running the Sun OpenWindows X windowing environment and the SYBASE Relational Data Base Management System. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL Commercially available from: Paramax Systems Corporation 5151 Camino Ruiz Camarillo, California 93011-6004 805-987-6811 Peter Vazzana CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY Paramax Systems Corporation 5151 Camino Ruiz Camarillo, California 93011-6004 805-987-6811 Nina Lewis NOCTools2 Working Group [Page 165] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog WOLLONGONG-MANAGER NAME Management Station, Release 3.0 KEYWORDS manager; ; snmp, x; sun, dec, dos;. ABSTRACT Management Station is a network management software product that supports SNMP. Release 3.0 implements a distributed network management architecture that helps solve the scalability and reliability limitations of using a single cpu for all SNMP management tasks. Additionally, there are many applications provided that are all user-configurable. The following applications and their functionality is listed below: General Info: X Windows, 11.4 based implemented with OSF/Motif 1.1.1 toolkit. X Windows interface for all configuration files. Most applications have "verbose" mode for display of SNMP PDU traffic. On-line help and Reference manual pages. ANSI C compliant. Network Management Daemon: Responsible for device discovery, trap/alarm management and fault monitoring for the network map. Connection with other distributed daemons and any connected stations is accomplished with SNMP/TCP. Configured via Manager MIB; also incorporates SMUX MIB (RFC 1227). Sends any information to INGRES, Oracle or Sybase via an ESQL interface. User-defined actions include: send alarm to map; send info to flat file; execute ESQL command; call any UNIX system command; forward traps and filter user-defined alarms. User-defined alarms can use any boolean expression and MIB variable expressions can be combined with AND/OR statements. MIB Compiler ASN.1 MIB compiler with X Windows interface. Accepts RFC 1155 and 1212 format. Most vendor-specific MIBs and proposed Internet standard MIBs already included. NOCTools2 Working Group [Page 166] RFC 1470 FYI: Network Management Tool Catalog June 1993 Network Map Comprehensive network monitoring map with click and drag interface, hiearchical and virtual views. Toolkit and preferences applications, device discovery. Uses /etc/hosts file, NIS or DNS for device resolution. Background pixmapping capability, user-definable menu bar, network manager and console operator modes via UNIX group permissions. Multiple map use without limitation. MIB Form and MIB Form Editor User-designed, X-based SNMP applications. Alias for MIB variables and interprets returned values. GET NEXT and SET capability. User-defined polling and multi-device [agent] capability. Configured via X interface. MIB Chart and MIB Chart Editor Choice of strip chart, packed strip chart or bar graphs. User-specified polling interval, MIB variable(s) or MIB expressions using arithmetic operands. Plot actual value, delta or delta/interval. Plot multiple MIB expressions from multiple agents simultaneously. X Windows interface. Pause polling and grid options. MIB Tool X Windows application for the general viewing and 'walking' of MIB trees. GET NEXT and SET options. Window for viewing RFC 1212 MIB definitions. Command line interface option. Application Programming Interface Complete set of APIs for developers to write SNMP applications in character mode or X Windows. MECHANISM Management Station uses SNMP and ICMP Echo Request to monitor and control SNMP Agents. Network management daemon implements Wollongong's Manager MIB, SNMP over TCP and the SMUX protocol. NOCTools2 Working Group [Page 167] RFC 1470 FYI: Network Management Tool Catalog June 1993 CAVEATS none. BUGS See Product Release Notice. LIMITATIONS Limitations on number of management agents and network management daemons not known at this time. HARDWARE REQUIRED Sun SPARC workstations and servers DEC DECstations and DECsystems Motorola MPC (Delta 8000 series) 3/486 PC and PC-compatible 16 MB RAM n20 MB free disk space for installation Color monitor strongly recommended SOFTWARE REQUIRED SunOS 4.1-1 or greater & OpenWindows 2.0 or greater (SUN) X Windows, 11.4 or greater RISC ULTRIX 4.1 or greater (DEC) R32V2 (Motorola) Open Desktop 1.1 or greater (3/486) Provided on 1/4" cartridge, TK-50 or 3 1/2" diskettes, as appropriate, in cpio format. AVAILABILITY A commercial product of: The Wollongong Group, Inc. 1129 San Antonio Rd Palo Alto, CA. 94303 ph.: (800) 962 - 8649 (in California) (800) 872 - 8649 (outside California) fax: (415) 962 - 0286 NOCTools2 Working Group [Page 168] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog XNETDB NAME Xnetdb KEYWORDS database, manager, map, monitoring, status; IP; Ping, SNMP, Unix, X; free. ABSTRACT Xnetdb is a network monitoring tool based on X Windows and SNMP which also has integrated database and statistic viewing capabilities. Xnetdb will determine and display the status of routers and circuits it has been told to monitor by querying the designated sites and displaying the result. It can also query the status of certain designated SNMP variables, such as a default route for an important router. Additionally, it also has integrated database functionality in that it can display additional information about a site or circuit such as the equipment at the site, the contact person(s) for the site, and other useful information. Finally it can gather designated statistical information about a circuit and display it on demand. MECHANISM Xnetdb uses SNMP or ping to monitor things which its configured to monitor. It dynamically builds a network map on its display by querying entities and obtaining IP addresses and subnet masks. A configuration file tells xnetdb which IP hosts you want to monitor. CAVEATS While "ping" can be used to monitor hosts, more useful results are obtained using SNMP. BUGS Bugs and other assorted topics are discussed on the xnetdb mailing list. To join, send a note to "xnetdb-request@oar.net". LIMITATIONS None. HARDWARE REQUIRED No restrictions. NOCTools2 Working Group [Page 169] RFC 1470 FYI: Network Management Tool Catalog June 1993 SOFTWARE REQUIRED Most any variety of UNIX plus X-Windows and/or OpenWindows. AVAILABILITY Available via anonymous ftp from ftp.oar.net (currently 131.187.1.102) in the directory /pub/src. Special arrangements can be made for sites without direct IP access by sending a note to "xnetdb-request@oar.net". There are minimal licensing restrictions - these are detailed within the package. NOCTools2 Working Group [Page 170] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog XNETMON_SNMP_RESEARCH NAME XNETMON -- an X windows based SNMP network management station from SNMP Research. KEYWORDS alarm, benchmark, control, debugger, manager, map, reference, security, status, traffic; bridge, DECnet, Ethernet, FDDI, IP, OSI, ring, star; NMS, Ping, SNMP, X; UNIX; Sourcelib. ABSTRACT The XNETMON application implements a powerful network management station based on the X window system. XNETMON's network management tools for configuration, performance, security, and fault management have been used successfully with a wide assortment of wide- and local-area-network topologies and medias. Multiprotocol devices are supported including those using TCP/IP, DECnet, and OSI protocols. Some features of XNETMON's network management tools include: o Fault management tool displays a map of the network configuration with node and link state indicated in one of several colors to indicate current status; o Configuration management tool may be used to edit the network management information base stored in the NMS to reflect changes occurring in the network; o Graphs and tabular tools for use in fault and performance management (e.g. XNETPERFMON); o Mechanisms by which additional variables, such as vendor- specific variables, may be added; o Alarms may be enabled to alert the operator of events occurring in the network; o Events are logged to disk; o Output data may be transferred via flat files for additional report generation by a variety of statistical packages. The XNETMON application comes complete with source code including a powerful set of portable libraries for generating and parsing SNMP messages. NOCTools2 Working Group [Page 171] RFC 1470 FYI: Network Management Tool Catalog June 1993 MECHANISM XNETMON is based on the Simple Network Management Protocol (SNMP). Polling is performed via the powerful SNMP get-next operator and the SNMP get operator. Trap-directed polling is used to regulate focus and intensity of the polling. CAVEATS None. BUGS None known. LIMITATIONS Monitored and managed nodes must implement the SNMP over UDP per RFC 1157 or must be reachable via a proxy agent. HARDWARE REQUIRED X windows workstation with UDP socket library. Monochrome is acceptable, but color is far superior. SOFTWARE REQUIRED X windows version 11 release 4 or later or MOTIF. AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL This is a commercial product available under license from: SNMP Research 3001 Kimberlin Heights Road Knoxville, TN 37920-9716 Attn: John Southwood, Sales and Marketing (615) 573-1434 (Voice) (615) 573-9197 (FAX) CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY users@seymour1.cs.utk.edu NOCTools2 Working Group [Page 172] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog XNETMON_WELLFLEET NAME xnetmon, xpmon KEYWORDS alarm, manager, map, status; IP; NMS, SNMP; UNIX. ABSTRACT Xnetmon and xpmon provide graphical representation of performance and status of SNMP-capable network ele- ments. Xnetmon presents a schematic network map representing the up/down status of network elements; xpmon draws a pen plot style graph of the change over time of any arbitrary MIB object (RFC1066). Both xnet- mon and xpmon use the SNMP (RFC1098) for retrieving status and performance data. MECHANISM Xnetmon polls network elements for the status of their interfaces on a controllable polling interval. Pop-up windows displaying the values of any MIB variable are supported by separate polls. When SNMP traps are received from a network element, that element and all adjacent elements are immediately re-polled to update their status. The layout of the network map is stati- cally configured. Xpmon repeatedly polls (using SNMP) the designated network element for the value of the designated MIB variable on the user-specified interval. The change in the variable is then plotted on the strip chart. The strip chart regularly adjusts its scale to the current maximum value on the graph. CAVEATS Polling intervals should be chosen with care so as not to affect system performance adversely. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED Distributed and supported for Sun-3 systems. SOFTWARE REQUIRED SunOS 3.5 or 4.x; X11, release 2 or 3. NOCTools2 Working Group [Page 173] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY Commercial product of: Wellfleet Communications, Inc. 12 DeAngelo Drive Bedford, MA 01730-2204 (617) 275-2400 NOCTools2 Working Group [Page 174] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog XNETPERFMON_SNMP_RESEARCH NAME xnetperfmon -- a graphical network performance and fault management tool from SNMP Research. KEYWORDS manager, security, status; DECnet, Ethernet, IP, OSI, ring, star; NMS, SNMP, X; DOS, UNIX, VMS; sourcelib. ABSTRACT Xnetperfmon is a XNETMON tool used to produce plots of SNMP variables in graphical displays. The manager may easily customize the labels, step size, update interval, and variables to be plotted to produce graphs for fault and performance management. Scales automatically adjust whenever a point to be plotted would go off scale. MECHANISM The xnetperfmon application communicates with remote agents or proxy agents via the Simple Network Management Protocol (SNMP). CAVEATS All plots for a single invocation of xnetperfmon must be for variables provided by a single network management agent. However, multiple invocations of xnetperfmon may be active on a single display simultaneously or proxy agents may be used to summarize information at a common point. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED Systems supporting X windows. SOFTWARE REQUIRED XNETMON from SNMP Research and X Version 11 release 4 or later (option MOTIF) NOCTools2 Working Group [Page 175] RFC 1470 FYI: Network Management Tool Catalog June 1993 AVAILABILITY AND CONTACT POINT FOR INFORMATION ABOUT THIS TOOL This is a commercial product available under license from: SNMP Research 3001 Kimberlin Heights Road Knoxville, TN 37920-9716 Attn: John Southwood, Sales and Marketing (615) 573-1434 (Voice) (615) 573-9197 (FAX) CONTACT POINT FOR CHANGES TO THIS CATALOG ENTRY users@seymour1.cs.utk.edu NOCTools2 Working Group [Page 176] RFC 1470 FYI: Network Management Tool Catalog June 1993 Internet Tool Catalog XUP_HP NAME xup KEYWORDS status; ping, X; HP. ABSTRACT Xup uses the X-Windows to display the status of an "interesting" set of hosts. MECHANISM Xup uses ping to determine host status. CAVEATS Polling for status increases network load. BUGS None known. LIMITATIONS None reported. HARDWARE REQUIRED Runs only on HP series 300 and 800 workstations. SOFTWARE REQUIRED Version 10 of X-Windows. AVAILABILITY A standard command for the HP 300 & 800 Workstations. NOCTools2 Working Group [Page 177] RFC 1470 FYI: Network Management Tool Catalog June 1993 Appendix: "No-Writeups" This section contains references to tools which are known to exist, but which have not been fully cataloged. If anyone wishes to author an entry for one of these tools please contact: noctools- request@merit.edu. Each mention is separated by a for improved readability. If you intend to actually print-out this section of the catalog, then you should probably strip-out the . tuecho.c /* * Send / receive TCP or UDP echos in any of a number of bizzare ways. * * Joel P. Bion, March 1990 * Copyright (c) 1990 cisco Systems. All rights reserved. * * This "tuecho" program is distributed in the hope that it will be * useful, but WITHOUT ANY WARRANTY; without even the implied warranty * of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * * Prompts as: * Host: -- host to send echos to -- can be name or a.b.c.d -- * Enter protocol (0 = UDP, 1 = TCP) [0]: -- UDP or TCP * Size of data portion (bytes) [100]: -- bytes in data, excluding * headers -- Number of bursts [5]: -- number of bursts of packets to * send -- Packets per burst [1]: -- packets per burst, all sent AT * ONCE -- Timeout (seconds) [2]: -- how long to wait for data * Pause interval (seconds) [0]: -- Pause interval between bursts of * frames * Type of pattern (specify = 0, increment = 1) [1]: * -- if 0 specified, allow you to specify a 16bit pattern -- as four hex digits (see below). If 1, will create a -- "incrementing", cycling pattern from 0x0000 -> 0xffff -- ->. * Enter pattern (hex value) [abcd]: -- if "0" specified above */ Availability: ftp.uu.net:/networking/cisco/tuecho.c ftp.cisco.com:tuecho.c NOCTools2 Working Group [Page 178] RFC 1470 FYI: Network Management Tool Catalog June 1993 SPY An NFS monitoring/tracing tool Availability: A postscript file describing SPY is located on ftp.uu.net:/networking/ip/nfs/spy.ps.Z NOCTools2 Working Group [Page 179] RFC 1470 FYI: Network Management Tool Catalog June 1993 NFSTRACE This is the rpcspy/nfstrace package. It is described in detail in the paper "NFS Tracing by Passive Network Monitoring", which appeared in the January, 1992 USENIX conference. You'll need either a DEC machine running ULTRIX (with the packetfilter installed in the kernel) or a Sun running SunOS 4.x (with NIT). Or you'll need to do a bit of hacking. The package differs slightly from the version in the paper: - The handle->name translation facility has been removed. It's just too fragile to include in the general release. If you need it, contact me directly and I'll be happy to mail you the code. - The output format is a wee-bit different. - The IBM-RT Enet filter version is also not included, since I seem to be the only person in the world running it. RTs are really too slow for this anyway. To configure the package, edit the makefile in the obvious (to me at least) way. Note that the not all versions of SunOS NIT have working versions of the packet timestamp mechanism. Try to set the -DSTAMPS option in the makefile, and if that doesn't work, take it out. If you are actually going to use this to gather traces, I'd like to hear from you! Please send email, and share your results/traces if your organization will allow it. I maintain a mailing list of users for updates, etc. Send me mail to be added to it. Happy tracing. Matt Blaze Department of Computer Science Princeton University 35 Olden Street Princeton, NJ 08544 mab@cs.princeton.edu 609-258-3946 Availability: ftp.uu.net:/networking/ip/nfs/nfstrace.shar (or check archie) NOCTools2 Working Group [Page 180] RFC 1470 FYI: Network Management Tool Catalog June 1993 LAMER # Lame delegation notifier # Author: Bryan Beecher # Last Modified: 6/25/92 # # To make use of this software, you need to be running the # University of Michigan release of BIND 4.8.3, or any version # of named that supports the LAME_DELEGATION patches posted to # USENET. The U-M release is available via anonymous ftp from # terminator.cc.umich.edu:/unix/dns/bind4.8.3.tar.Z. # # You must also have a copy of query(1) and host(1). These # are also available via anonymous ftp in the aforementioned # place. # ------------------------------------------------------------- # ------------------------------------------------------------- # handle arguments # ------------------------------------------------------------- # -d # This flag is used to append a dot-day suffix to the LOGFILE. # Handy where log files are kept around for the last week # and contain a day suffix. # # -f # Change the LOGFILE value altogether. # # -w # Count up all of the DNS statistics for the whole week. # # -v # Be verbose. # # -t # Test mode. Do not send mail to the lame delegation # hostmasters. Availability: ftp.uu.net:/networking/ip/dns/lamer.tar.Z (or check archie) NOCTools2 Working Group [Page 181] RFC 1470 FYI: Network Management Tool Catalog June 1993 HOST host - look up host names using domain server SYNOPSIS host [-v] [-a] [-t querytype] [options] name [server] host [-v] [-a] [-t querytype] [options] -l domain [server] host [-v] [options] -H [-D] [-E] [-G] domain host [-v] [options] -C domain host [-v] [options] -A host DESCRIPTION host looks for information about Internet hosts or domains. It gets this information from a set of interconnected servers that are spread across the world. By default, it simply converts between host names and Internet addresses. However, with the -t, -a and -v options, it can be used to find all of the information about hosts or domains that is maintained by the domain nameserver. /* * Extensively modified by E. Wassenaar, Nikhef-H, * * The officially maintained source of this program is available * via anonymous ftp from machine 'ftp.nikhef.nl' [192.16.199.1] * in the directory '/pub/network' as 'host.tar.Z' * * Also available in this directory are patched versions of the * BIND 4.8.3 nameserver and resolver library which you may need * to fully exploit the features of this program, although they * are not mandatory. See the file 'README_FIRST' for details. * * You are kindly requested to report bugs and make suggestions * for improvements to the author at the given email address, * and to not re-distribute your own modifications to others. */ /* * New features * * - Major overhaul of the whole code. * - Very rigid error checking, with more verbose error messages. * - Zone listing section completely rewritten. * - It is now possible to do recursive listings into subdomains. * - Maintain resource record statistics during zone listings. * - Maintain count of hosts during zone listings. * - Exploit multiple server addresses if available. * - Option to exploit only primary server for zone transfers. * - Option to exclude info from names that do not reside in a domain. NOCTools2 Working Group [Page 182] RFC 1470 FYI: Network Management Tool Catalog June 1993 * - Implement timeout handling during connect and read. * - Write resource record output to optional logfile. * - Special MB tracing by recursively expanding MR and MG records. * - Special mode to check SOA records at each nameserver for domain. * - Special mode to check inverse mappings of host addresses. * - Code is extensively documented. */ NOCTools2 Working Group [Page 183] RFC 1470 FYI: Network Management Tool Catalog June 1993 PINGs Many many versions of the PING program exist. Each implementation has its own set of additional features. Here are a few more PINGs that are worth taking a look at. Version on ftp.cc.berkeley.edu:pub/ping: This version has duplicate packet detection, Record Route, ability to specify data pattern for packets, flood pinging, an interval option, Multicast support, etc. Version on nikhefh.nikhef.nl:/pub/network/rping.tar.Z: 'rping' is just like 'ping', but only a single probe packet is sent to test the reachability of a destination. As an option, the loose source routing facility is used to show the roundtrip route the packet has taken. Multiple addresses of remote hosts are tried until one responds. As an option, each of multiple addresses can be probed unconditionally. Contains a patch for making loose source routing work in case you have a SUN with an OMNINET ethernet controller. NOCTools2 Working Group [Page 184] RFC 1470 FYI: Network Management Tool Catalog June 1993 VRFY vrfy.tar.Z (Version 921021) 'vrfy' is a tool to verify email addresses and mailing lists. In its simplest form it takes an address "user@domain", figures out the MX hosts for "domain", and issues the SMTP command VRFY at the primary MX host (optionally all), or at "domain" itself if no MX hosts exist. Without "domain" it goes to "localhost". More complex capabilities are: recursively expanding forward files or mailing lists, and detecting mail forwarding loops. Full-blown RFC822 address specifications are understood. Syntax checking can be carried out either locally or remotely. Various options are provided to exploit alternative protocol suites if necessary, and to print many forms of verbose output. Obvious limitations exist, but on average it works pretty well. Needless to say you need internet (nameserver and SMTP) access. See the man page and the extensive documentation in the source for further details. Please send comments and suggestions to Eric Wassenaar If you want to receive notification of updates, please send an email with the keyword "subscribe" in the subject or the body to the address available as: nikhefh.nikhef.nl:/pub/network/vrfy.tar.Z NOCTools2 Working Group [Page 185] RFC 1470 FYI: Network Management Tool Catalog June 1993 XNETLOAD NAME xnetload - ethernet load average display for X SYNOPSIS xnetload[-toolkitoption ...] [-scale integer] [-update seconds] [-hl color] [-highlight color] [-jumpscroll pixels] [-label string] [-nolabel] host DESCRIPTION The xnetload program displays a periodically updating histo- gram of the ethernet load average for the specified host. The resulting graph is scaled as 0% to 100%, where 0% corresponds to 0mbs and 100% corresponds to 10mbs. NOTE: The specified host must be running rpc.etherd. This program has been run using X11R4 and X11R5, under the following operating systems: SUNOS 4.1.0 SUNOS 4.1.1 ULTRIX V4.2 IRIX 3.3.2 Assuming the Imake templates and Rules are in order and in the proper place on your system, these programs should compile and link straightforward by running the following sequence: xmkmf make Then, as root, issue the following: make install make install.man Then, on your host system, (or on any other system you can rlogin or rsh into) start the etherd daemon with the following (must be root): /usr/etc/rpc.etherd le0 & where le0 is the mnemonic for the primary ethernet interface. To start the xnetload program, the following command line is suggested: ./xnetload -hl red host & NOCTools2 Working Group [Page 186] RFC 1470 FYI: Network Management Tool Catalog June 1993 where "host" is the name of any reachable network node (including LOCALHOST) that is running the etherd daemon. A small xload window should appear on your local display with nine horizontal lines. The label: "Ethernet Load %" should appear in the upper left hand corner, just below any additional title bars or other decorations provided by your window manager. If the program comes up without the nine lines, or without the "Ethernet Load" label, then either your resource file is not properly installed in the appropriate app-defaults directory, or you may have picked up the wrong xnetload image. Try re-running "make install" as root, or be sure to include the "./" in front of the command name. Good Luck! The following changes have been made to this directory since R3: o Now use Athena StripChart widget. o Understands WM_DELETE_WINDOW. o 3-26-92 Modified from xload to xnetload by Roger Smith, Sterling Software at NASA-Ames Research Center, Mountain View, Calif. rsmith@proteus.arc.nasa.gov Availability: ftp proteus.arc.nasa.gov:pub/XEnetload.tar.Z (or check archie) NOCTools2 Working Group [Page 187] RFC 1470 FYI: Network Management Tool Catalog June 1993 NETTEST nettest, nettestd - Performs client and server functions for timing data throughput The nettest and nettestd commands invoke client and server programs that are used for timing data throughput of various methods of interprocess communication. For TCP and OSI con- nections, the nettest program establishes a connection with the nettestd program, and then it does count writes of size bytes, followed by count reads of size bytes. For UDP, the nettest program performs only writes; reads are not per- formed. The nettestd program, if used with UDP connections, reads the data packets and prints a message for each data packet it receives. The number and size of the reads and writes may not correlate with the number and size of the actual data packets that are transferred; it depends on the protocol that is chosen. If you append an optional k (or K) to the size, count, or bufsize value, the number specified is multiplied by 1024. This source for nettest and nettestd are provided on an "as is" basis. Cray Research does not provide any support for this code (unless you are a customer who has purchased the UNICOS operating system). We will gladly take bug reports for nettest/nettestd. Suggested fixes are prefered to just bug reports. Changes to allow nettest/nettestd to run on other architectures are also welcomed. We will try to incorporate bugfixes and update the publicly available code, but we can make no guarantees. For copyright information, see the notice in each source file. Send bug-reports/fixes to: E-mail: dab@cray.com U.S. Mail: David Borman Cray Research, Inc. 655F Lone Oak Drive Eagan, MN 55121 Notes: 1) The -b option to nettestd has not been tested... 2) The ISO code should work on a 4.4BSD system, but the gethostinfo() routine is specific to UNICOS... Availability: ftp sgi.com:/sgi/src/nettest NOCTools2 Working Group [Page 188] RFC 1470 FYI: Network Management Tool Catalog June 1993 ETHERCK etherck is a simple program that displays Sun ethernet statistics. If you have a high percents of input errors that are due to "out of buffers", then you can run the "iepatch" script to patch a kernel that uses the Intel ethernet chip ("ie"). A back of the envelope calculation shows that a .25% input error rate gives about a 10% degradation of NFS performance if 8k packets are being used. In our environment at Legato, patching the ie buffer allocation made the input error rate drop more than 2 orders of magnitude. This was after we had applied other networking fixes (e.g., using Prestoserve, going from thin wire to twisted pair) and pushed a higher load on the server. Note that both etherck and iepatch must be run by root (or you can make etherck setgid kmem). Availability: send EMAIL to: request@legato.com with a Subject line: send unsupported etherck The following is part of the 'help' file from the Legato Email Server: This message comes to you from the request server at Legato.COM, request@Legato.COM. It received a message from you asking for help. The request server is a mail-response program. That means that you mail it a request, and it mails back the response. The request server is a very dumb program. It does not have much error checking. If you don't send it the commands that it understands, it will just answer "I don't understand you". The request server has 4 commands. Each command must be the first word on a line. The request server reads your entire message before it does anything, so you can have several different commands in a single message. The request server treats the "Subject:" header line just like any other line of the message. You can use any combination of upper and lower case letters in the commands. The request server's files are organized into a series of directories and subdirectories. Each directory has an index, and each subdirectory has an index. The top-level index gives you an overview of what is in the subdirectories, and the index for each subdirectory tells you what is in it. NOCTools2 Working Group [Page 189] RFC 1470 FYI: Network Management Tool Catalog June 1993 The server has 4 commands: "help" command: The command "help" or "send help" causes the server to send you the help file. You already know this, of course, because you are reading the help file. No other commands are honored in a message that asks for help (the server figures that you had better read the help message before you do anything else). SEND a request to Legato to get the rest of the help file! NOCTools2 Working Group [Page 190] RFC 1470 FYI: Network Management Tool Catalog June 1993 NETCK netck is a shar file that contains the sources to build "netck", a network checker that uses the rstat(3R) protocol to gather and print statistics from machines on the network. netck is useful to help understand what part of what machines are potential NFS bottlenecks. To get this file, send email to the request server with the command "send unsupported netck". Availability: same as ETHERCK (send email To: request@legato.com; subject: HELP) NOCTools2 Working Group [Page 191] RFC 1470 FYI: Network Management Tool Catalog June 1993 References [1] Stine, R., Editor, "FYI on a Network Management Tool Catalog: Tools for Monitoring and Debugging TCP/IP Internets and Interconnected Devices", FYI 2, RFC 1147, Sparta, Inc., April 1990. Security Considerations Security issues are not discussed in this memo. Authors' Addresses Robert M. Enger Advanced Network and Services 1875 Campus Commons Drive, Suite 220 Reston, VA. 22091-1552 Phone: 703-758-7722 EMail: enger@reston.ans.net Joyce K. Reynolds Information Sciences Institute University of Southern California 4676 Admiralty Way Marina del Rey, CA 90292 Phone: (310) 822-1511 Email: JKREY@ISI.EDU NOCTools2 Working Group [Page 192]