Re: [nv-l] NetView managing devices with dynamic IP addresses

[David.Hustace@tavve.com]

Dale,

I think before I could really offer
any hints/advice I would want to know more about your goals for managing
the kiosks.

        1.
Are you just wanting to monitor up/down devices? (ICMP)
        2.
Do you use data collection for reporting and threshold monitoring?
        3.
How many devices and what types of devices are in the kiosk that you are
monitoring?

A few comments:

        DDNS
could be helpful/harmful.  For instance, it could be helpful because
ovwdb will always have the correct "IP Hostname" stored, however,
any name caching done on the local system inside NetView (i.e. SNMP configuration
caching) and on the system (i.e. Solaris name server caching daemon: ncsd)
would be a challange to manage and keep correct IP addresses current.  You
will get an event when NetView detects and IP address change and you could
configure an action clears these caches.

        If
you are using snmpCollect to gather data and monitor thresholds, then you
will have problems with the stored data because the data is stored using
the IP address of the interface polled.

        Depending
on the number of devices in the kiosks and the costs associated, you may
want to deploy a remote monitoring device inside the kiosk that polls and
collects data remotely then forwards that information to the NMS.  The
device would probably have to handle duplicate IP addresses being monitored
by othere devices in other kiosks reporting to the NetView NMS.

        If
you are just monitoring UP/Down status, you will probably want to use some
polling logic that takes into account the transient outages and outages
in the topology that impact the kiosk(s).


HTH,
Dave

"Dale Shaw" <DShaw@exceed.com.au> 02/11/2003 09:51 PM

To:        <nv-l@lists.tivoli.com>         cc:                 Subject:        [nv-l] NetView managing devices with dynamic IP addresses

Greetings,

I have searched through the archives and found lots of great
information, but I didn't find anything that completely answered my
question..

I am working on a large deployment of wireless kiosks that will access
application servers in a central site over an IPSec VPN (tunnel mode,
but 'remote access' -- i.e. tunnel is from kiosk to gateway, not gateway
to gateway). NetView is currently installed and is managing another
connected kiosk network but those kiosks are not wireless, are not
coming in over a VPN and all have statically-assigned IP addresses and
associated DNS entries (A/PTR).

I have very little experience with NetView, and to be honest this
potential issue is only very vaguely anything to do with me, but it's
got me curious, so I thought I'd fire off this post.

I guess the question is "how does NetView deal with devices which
do not
have a static IP address?", but here's some more detail on the
environment..

Whenever a kiosk fires up, it automatically establishes an encrypted
tunnel with a concentrator device in the central network. The
concentrator will dynamically assign an IP address (from a
locally-defined pool) to the tunnel and for all intents and purposes,
the 'real' IP address (assigned to the wireless NIC in the kiosk) is not
contactable while the tunnel is up. For those familiar with IPSec VPNs,
we are not using split tunneling or any sort of functionality that
enables the end device to communicate 'in the clear' while the tunnel is
up.

We actually -want- to discover and manage these 'virtual' addresses,
because we cannot talk to the kiosks via any other address.

This obviously introduces some management challenges. For various other
reasons, we will only go down the path of statically-assigning these
"virtual" IP addresses to individual tunnels if management issues
dictate it has to be that way. The kiosks (or more accurately, the
concentrator on their behalf) -will- perform a DDNS registration based
on their tunnel/virtual address, but I don't know if that means anything
for NetView.

We're looking at approximately 3,500 kiosks operating in this way, and
we will want NetView to be managing all of them. We're running 7.1.2 on
Windows 2000 (SP3) right now and in the next couple of days we'll be
giving 7.1.3 a shot on a test server. From NetView's point of view, all
the kiosks will be in a single, large IP network (probably just an
RFC1918 /16).

This might be a no-brainer, but any tips, advice, anecdotes would be
greatly appreciated.

Cheers,
Dale

--
 Dale Shaw                  
     Tel: +61 2 62603500
 Systems Consultant               Fax:
+61 2 62603511
 Exceed Systems Integration    Mobile: +61 412 135539
 Level 1, 69 Dundas Court      E-mail: dshaw@exceed.com.au
 Phillip ACT 2606 Australia       Web: http://www.exceed.com.au

---------------------------------------------------------------------
To unsubscribe, e-mail: nv-l-unsubscribe@lists.tivoli.com
For additional commands, e-mail: nv-l-help@lists.tivoli.com

*NOTE*
This is not an Offical Tivoli Support forum. If you need immediate
assistance from Tivoli please call the IBM Tivoli Software Group
help line at 1-800-TIVOLI8(848-6548)