[Top] [All Lists]

[nv-l] NetView managing devices with dynamic IP addresses

To: <nv-l@lists.tivoli.com>
Subject: [nv-l] NetView managing devices with dynamic IP addresses
From: "Dale Shaw" <DShaw@exceed.com.au>
Date: Wed, 12 Feb 2003 13:51:42 +1100
Delivered-to: mailing list nv-l@lists.tivoli.com
Delivery-date: Wed, 12 Feb 2003 03:02:52 +0000
Envelope-to: nv-l-archive@lists.skills-1st.co.uk
List-help: <mailto:nv-l-help@lists.tivoli.com>
List-post: <mailto:nv-l@lists.tivoli.com>
List-subscribe: <mailto:nv-l-subscribe@lists.tivoli.com>
List-unsubscribe: <mailto:nv-l-unsubscribe@lists.tivoli.com>
Mailing-list: contact nv-l-help@lists.tivoli.com; run by ezmlm
Thread-index: AcLSQKr+PbOkVIivSZO11A28n0Cykw==
Thread-topic: NetView managing devices with dynamic IP addresses

I have searched through the archives and found lots of great
information, but I didn't find anything that completely answered my

I am working on a large deployment of wireless kiosks that will access
application servers in a central site over an IPSec VPN (tunnel mode,
but 'remote access' -- i.e. tunnel is from kiosk to gateway, not gateway
to gateway). NetView is currently installed and is managing another
connected kiosk network but those kiosks are not wireless, are not
coming in over a VPN and all have statically-assigned IP addresses and
associated DNS entries (A/PTR).

I have very little experience with NetView, and to be honest this
potential issue is only very vaguely anything to do with me, but it's
got me curious, so I thought I'd fire off this post.

I guess the question is "how does NetView deal with devices which do not
have a static IP address?", but here's some more detail on the

Whenever a kiosk fires up, it automatically establishes an encrypted
tunnel with a concentrator device in the central network. The
concentrator will dynamically assign an IP address (from a
locally-defined pool) to the tunnel and for all intents and purposes,
the 'real' IP address (assigned to the wireless NIC in the kiosk) is not
contactable while the tunnel is up. For those familiar with IPSec VPNs,
we are not using split tunneling or any sort of functionality that
enables the end device to communicate 'in the clear' while the tunnel is

We actually -want- to discover and manage these 'virtual' addresses,
because we cannot talk to the kiosks via any other address.

This obviously introduces some management challenges. For various other
reasons, we will only go down the path of statically-assigning these
"virtual" IP addresses to individual tunnels if management issues
dictate it has to be that way. The kiosks (or more accurately, the
concentrator on their behalf) -will- perform a DDNS registration based
on their tunnel/virtual address, but I don't know if that means anything
for NetView.

We're looking at approximately 3,500 kiosks operating in this way, and
we will want NetView to be managing all of them. We're running 7.1.2 on
Windows 2000 (SP3) right now and in the next couple of days we'll be
giving 7.1.3 a shot on a test server. From NetView's point of view, all
the kiosks will be in a single, large IP network (probably just an
RFC1918 /16).

This might be a no-brainer, but any tips, advice, anecdotes would be
greatly appreciated.


 Dale Shaw                        Tel: +61 2 62603500
 Systems Consultant               Fax: +61 2 62603511
 Exceed Systems Integration    Mobile: +61 412 135539
 Level 1, 69 Dundas Court      E-mail: dshaw@exceed.com.au
 Phillip ACT 2606 Australia       Web: http://www.exceed.com.au

To unsubscribe, e-mail: nv-l-unsubscribe@lists.tivoli.com
For additional commands, e-mail: nv-l-help@lists.tivoli.com

This is not an Offical Tivoli Support forum. If you need immediate
assistance from Tivoli please call the IBM Tivoli Software Group
help line at 1-800-TIVOLI8(848-6548)

<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web