[ih] GOSIP & compliance

[Jack Haverty]

I can provide some recollections of the origin and intent of ANM - 
Automated Network Management.

Sometime in early 1983, Bob Kahn and I were talking one day about the 
Internet.  In particular, we were musing about how the Internet might be 
operated and managed as EGP was introduced and the Internet became a 
loose confederation of individual Autonomous Systems, each operated and 
managed by a separate organization.   That was quite different from the 
ARPANET, which had a centralized management approach with the NOC and 
refined it over a decade of operation. We had used that ARPANET model as 
a guide to put the first management mechanisms into the "core gateways", 
basically using the success of the ARPANET techniques to get the 
Internet going quickly as a reliable operational communications 
facility.   But, as the saying goes, it was obvious that "it won't scale".

Another difference from the ARPANET model was that many of the network 
mechanisms that were in ARPANET IMPs had now been placed into the 
attached Host computers.  Packetization decisions, flow control, 
retransmission, reordering, and other such "virtual circuit" mechanisms 
were now performed by Host software rather than in the Switch.  Making 
the situation even more complex, there was a need for non-guaranteed 
"datagram" service for use in applications such as interactive packet voice.

With so many players now involved in providing the network service, the 
ARPANET approach of central monitoring and control from "the NOC" would 
not be viable.   Manual coordination, e.g., phone calls between various 
NOC and Host operators to diagnose problems, seemed unlikely to work - 
especially since Host operators didn't seem to think that TCP behavior 
was their problem.

So the notion was that some kind of automation needed to be put into the 
management architecture, with tasks commonly done previously in the 
ARPANET NOC instead being done by computers and heuristic software.   
I.e., the goal was to automate at least some of the processes of network 
management.

One example I recall is detecting problems in the Internet, e.g., 
excessive retransmissions, duplicates, lost datagrams, or such behavior 
that was unusual (whatever that might mean).  Gateways (routers) could 
collect all sorts of data about traffic flow, packet drops, and TTL 
timeouts.   But only Hosts could detect the need to retransmit, discard 
duplicates, and monitor behavior of flow control Windows.  Each of the 
related "operators" could clearly collect data and make it available via 
SNMP or similar protocol.  Even a simple TCP connection through the 
Internet would involve three or more operators, of the Hosts at the 
endpoints and at least one Autonomous System in the transit path.  With 
the proliferation of LANs, it seemed likely that a common scenario would 
involved 4, 5 or more separate "managers" for each TCP (or UDP) "connection"

So the focus of Automated Network Management was of course defining the 
mechanisms to collect such data from multiple sources, but more 
importantly exploring what some intelligent software could *do* with 
that data, i.e., analyze it, draw conclusions about what, if any, 
problem existed, and do something to mitigate the situation.

One example might be if excessive latency was detected, such that some 
user application was being disrupted.   This could happen in packet 
voice, for example, if an audio packet didn't reach its destination in 
time to be sent to the speaker.   At the time, we had been experimenting 
with "dial-up" circuits, where additional bandwidth could be added to 
the Internet between 2 points by creating a dial-up circuit between 
those points.   So one function of ANM might be to detect that the 
problem was occurring, isolate where the delay was occurring, and create 
a bypass path using dial-up to reduce the latency between those 2 
points.   That might lead to some future architecture where the topology 
of the Internet was highly dynamic, with many "circuits" between routers 
being added and subtracted between appropriate routers as decided on the 
fly by the Automated system.   It might even be possible to predict the 
need for a topology change based on past experience or trend curves, and 
achieve Problem Avoidance rather than Problem Detection.

Obviously there is a lot of detail missing in what I just wrote, 
describing how to detect the problem, how to figure out where a dial-up 
circuit should be added, and how to monitor the subsequent activity and 
detect when that dial-up link could be terminated. And of course make 
sure that such actions didn't drive the routing protocols and mechanisms 
to insanity.   And of course there were many other scenarios involved in 
network operations that might be able to be automated.

That was all research to be done.   IIRC, I wrote something as a 
proposal to be added to the next ARPA contract.   As usual, it probably 
basically said "Send money; we promise to do good stuff" with 
deliverables being only Quarterly Reports.  The work could begin when 
the contract renewed for the next government fiscal year in Septamber 
1983.   What I just wrote above was probably just in my head, not yet 
written down but the work would start in a few months.  IIRC, Bob Kahn 
and I were both happy with that.

Where the "Politics" came in to the picture was on July 1, 1983. BBN had 
a significant reorganization on that date, and I discovered that many of 
my projects had been reallocated and now would reside in several 
different divisions and different subsidiaries.

By contract renewal, those changes were complete.  I was in one 
subsidiary, and ANM in another.  So I never actually worked on ANM, and 
lost track of what it became in its new home.   Perhaps someone else can 
describe what happened.   Did any ot the research make it into today's 
operating ISPs?  When I was involved in operating a corporate internet 
in the early 90s, it would have been nice to have ANM tools!

Jack Haverty

On 3/31/22 17:06, Bernie Cosell via Internet-history wrote:
> On 31 Mar 2022 at 17:50, Craig Partridge via Internet-history wrote:
>
>> It is indeed -- great memory!
>> Craig
>>
>> On Thu, Mar 31, 2022 at 5:38 PM Barbara Denny via Internet-history <
>> internet-history at elists.isoc.org> wrote:
>>
>>>   Craig,
>>>
>>> Is ANM ( Automated Network Management) the name of Jil's project you
>>> couldn't recall? This popped up in my head today.
> Bruce Laird and I "inherited" it.  I don't know exactly the poltics of it all, but our
> project was to get it working on SUN workstations  [It was written in Lisp].   We
> got it working and deployed in several places.  And then we embarked on a more
> ambitious version: to make fully distributed.   The idea was that there could be a
> sort of "cloud" of systems receiving network monitoring data and then it would
> forward through to another cloud of systems that'd process all that data in
> various ways.
>
> As I did decades before in the early ARPAnet NMC code, one idea was to
> aggregate the data coming in an figure out what was *really* wrong.  On the
> ARPAnet, for example, if the network got disconnected all the nodes on the
> "other side" of the net would show up as "down" - - not very helpful to the staff.
> So I hacked it to know the network topology  and it could figure out where the
> *actual* outage was and then put "unknown" for the ones it couldn't see.   We
> had intended to do something like that with all the network-status feeds and it
> was intended to be extensible on both sides [that is, more ways to collect data
> and more ways to process/understand/display it].
>
> Alas.  I don't know how it all turned out: I ended up retiring and passed the
> project onto other folk.
>
>    /Bernie\
>
>                   Bernie Cosell
>           bernie at fantasyfarm.com
> -- Too many people; too few sheep --
>