[ih] state of the internet probes? (was Re: AOL in perspective)

[Karl Auerbach]

I thought that HEMS was a really interesting design.  I liked it a lot.  
(Glen Trewitt worked with me on the Interop show nets, so I was in 
proximity to a HEMS advocate.)

I got enthused about network management/control topics when I overheard 
(through an open window) you and Dan Lynch talking about it over lunch 
at one of the TCP/IP Interoperability events in Monterey, California.

After I had done the Epilogue SNMP stack I looked again at SNMP and said 
"we can do better".

So I set out to do it "better" (and implemented it as well.) Turned out 
that I improved SNMP reading performance by multiple orders of 
magnitude, was able to do write/set operations far more effectively and 
with better synchronization, preserved much of the semantics and naming 
structure of MIBs, and the implementation was far smaller.

One of the big realizations was that "network management" is a far 
different thing than "network troubleshooting".  SNMP was designed for 
the context of a failing, network, hence the choice of UDP.  KNMP was 
designed for managing a network that was running well enough to create 
and sustain TCP connections.  Over the years I have become increasingly 
convinced that we need to great network management and network 
diagnose/repair as separate things.

Some of the ideas for KNMP came from HEMS, some from ... hang on ... 
CMIP ... and some from a paper ("Towards Useful Management") written by 
my wife (Chris Wellens) and I in Marshall Rose's "Simple Times": 
https://www.cavebear.com/docs/simple-times-vol4-num3.pdf

I, lacking any sense of humility, called it "KNMP" - you get one guess, 
only one, what the 'K' stands for. ;-)

https://www.iwl.com/idocs/knmp-overview

I never submitted KNMP to the IETF because I did not want to swim 
against the Netconf current.

         --karl--


On 9/17/25 2:48 PM, Craig Partridge via Internet-history wrote:
> I wrote too swiftly.  I suspect Jack may be remembering a DARPA project
> that Jil Wescott led that sought to build a distributed network management
> service (the idea being the service talked to all devices on the network,
> and then any monitoring app could simply connect to the service and learn
> what was going on -- this meant managed devices weren't getting bombarded
> with pings and such and could do their job).  Her team included Charlie
> Lynn and Ross Callon and Karen Seo, and in odd moments, me.
>
> I took some of the lessons from that project to HEMS.  I will say I got the
> lesson half-right/half-wrong.  The right part, and this one of Jil's big
> takeaways, was if the network is a mess, you are only going to get some
> management packets through, so make sure each has as much information/does
> as much as possible.  The wrong part was my take was a sick network meant
> use TCP, because TCP will fight to get your data -- whereas others argued
> it was UDP, because UDP, while unreliable, often did a great job of getting
> *a* packet through.
>
> SNMP chose UDP (rightly) and put the minimum info in each packet (which I
> continue to think was a mistake :-)).
>
> Craig
>
> On Wed, Sep 17, 2025 at 3:39 PM Craig Partridge <craig at tereschau.net> wrote:
>
>> SNMP was a simplified network management protocol influenced primary by
>> HEMS (which got to the RFC stage and a prototype but never launched) and a
>> little bit by the nascent CMIP.
>>
>> Craig (who co-created HEMS with Glen Trewitt)
>>
>> On Wed, Sep 17, 2025 at 3:32 PM Jack Haverty via Internet-history <
>> internet-history at elists.isoc.org> wrote:
>>
>>> Right, SNMP came later, as a "Simplified" version of NMP - Network
>>> Management Protocol, which may have only existed in email discussions.
>>>
>>> IIRC, the earliest work on Internet management was done by David
>>> Floodpage as part of the "make Internet 24x7" work, and documented in
>>> some IENs, e.g., https://www.rfc-editor.org/ien/ien132.txt
>>>
>>> All that led eventually to SNMP, which is what is most likely to be
>>> recognized today.
>>>
>>> Jack
>>>
>>> On 9/17/25 13:46, Barbara Denny via Internet-history wrote:
>>>>    Jack,
>>>> I think you may have meant to type SMTP or something else,  not SNMP.
>>>> SNMP was more in the time frame of my looking at network management
>>> startups.
>>>> barbara
>>>>       On Wednesday, September 17, 2025 at 01:29:11 PM PDT, Barbara Denny
>>> via Internet-history<internet-history at elists.isoc.org> wrote:
>>>>     Sun was definitely selling workstations when I got to SRI in the
>>> fall of 1983.  I remembered being surprised that I had a model 100 in my
>>> office when I arrived.
>>>> Then in the mid to late? 1980s  Network management startup offerings
>>> would just use ping to figure out their customer's network (well maybe not
>>> all of them).  I briefly looked at them to decide what we might install for
>>> a military testbed in South Korea.
>>>> barbara
>>>>       On Wednesday, September 17, 2025 at 12:58:28 PM PDT, Jack Haverty
>>> via Internet-history<internet-history at elists.isoc.org> wrote:
>>>>    FYI, I don't recall ever seeing any "status report" myself, probably
>>>> because I didn't use any of the computers involved.  I don't know much
>>>> of the history of BSD.    My recollection is that the incident involved
>>>> the DEC Vax machines which were becoming more prolific at the time.   It
>>>> was sometime around 1980 +- a few years, definitely before July 1983
>>>> when I switched jobs.
>>>>
>>>> I remember that the way the incident was stopped involved someone at
>>>> ARPA (Vint Cerf?  Barry Leiner?  Bob Kahn?).   They had leverage over
>>>> the OS since it was a project funded by ARPA.   The source of the
>>>> changes in traffic may not have been the OS itself, but perhaps some
>>>> user-level program that was either distributed with, or updated, a new
>>>> OS release.    It's possible that Sun was involved too, if only because
>>>> ARPA projects were significant customers.   But I thought Sun emerged a
>>>> bit later in the 1980s.
>>>>
>>>> /Jack
>>>>
>>>> On 9/17/25 08:46, Jeremy C. Reed wrote:
>>>>> On Thu, 4 Sep 2025, Jack Haverty via Internet-history wrote:
>>>>>
>>>>>> Several years later, circa 1980, we had a similar experience with the
>>>>>> ARPANET and the emerging Internet which was being built around it.
>>>>>> Lots of now inexpensive minicomputer gear had appeared on the
>>>>>> Internet, connected by LANs to the ARPANET.  I was the "Internet guy"
>>>>>> at BBN, and one day a NOC operator stuck his head in my office and
>>>>>> said something like "What's your Internet doing!!?"  It was probably
>>>>>> a bit more colorful than that.  The ARPANET was thrashing again, and
>>>>>> the NOC had traced the problem to traffic to/from gateways.   That
>>>>>> made it my problem.
>>>>>>
>>>>>> Debug, XNET, SNMP, ... IIRC, it turned out that Berkeley had just
>>>>>> released a new version of BSD, and announced it to the user
>>>>>> community.  There were a lot of BSD systems out there.   The new BSD
>>>>>> included a new feature, that probed all the gateways out on the
>>>>>> ARPANET and generated a status report of "State of the Internet".
>>>>>> Updated automatically of course.
>>>>>>
>>>>>> The server that performed all that probing was part of the new OS
>>>>>> release.  And... it was "enabled" by default.   So as the new release
>>>>>> propagated out into all those systems, they all started probing every
>>>>>> gateway continuously.   Like Marc's SURVEY program, this caused the
>>>>>> ARPANET to internally hemorrhage.   A quick call to ARPA, and a quick
>>>>>> order to Berkeley, and the cyberattack stopped. Took a while IIRC.
>>>>> What is this automated probing of all gateways to generate a report?
>>>>>
>>>>> (I tried looking at all known BSD releases but cannot find yet.)
>>>>>
>>>>> I had also read a story about an overload and that Sun or Berkeley had
>>>>> a new release with a tool to continuously probe every gateway on the
>>>>> Arpanet to maintain a little display of the state.  (I cannot find who
>>>>> I got it from and I asked again this month who I thought I got it from
>>>>> but no memory of it.)
>>>>>
>>>>> Does anyone know what this tool was? Was it Sun or BSD?
>>>>>
>>>>> Any example of the status report or display?
>>>>
>>>>
>>> --
>>> Internet-history mailing list
>>> Internet-history at elists.isoc.org
>>> https://elists.isoc.org/mailman/listinfo/internet-history
>>> -
>>> Unsubscribe:
>>> https://app.smartsheet.com/b/form/9b6ef0621638436ab0a9b23cb0668b0b?The%20list%20to%20be%20unsubscribed%20from=Internet-history
>>>
>>
>> --
>> *****
>> Craig Partridge's email account for professional society activities and
>> mailing lists.
>>
>