nv-l
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [NV-L] VPN tunnel monitoring

2007-01-10 13:52:48
Subject: RE: [NV-L] VPN tunnel monitoring
From: "Evans, Bill" <Bill.Evans AT hq.doe DOT gov>
To: "Tivoli NetView Discussions" <nv-l AT lists.ca.ibm DOT com>
Date: Wed, 10 Jan 2007 12:20:28 -0500 
These comments address our VPN.  Your experience may vary.  

VPN Tunnels are unique since they appear when established with an
"Interface nnn.nnn.nnn.nnn Added" trap and eventually go away with a
"Interface nnn.nnn.nnn.nnn Deleted" trap.  The garbage collection which
results in their removal from the system is not synchronous with the
customer abandoning the tunnel. (I think it's the daily NetView
configuration poll.) This gives me a situation where the tunnel is
Critical during the period between the hang-up and the removal of the
leftover interface.    

Automating the Interface Added and Interface Deleted traps should give
you the times for the tunnel. Your VPN administrator should be able to
identify what addresses they will use.  

I automated the Interface Added trap (IBM_NVIADD_EV) to pass the seventh
variable which contains the IP address (EXEC /opt/webmon/IFAdd.sh "$7").
In the IFAdd script I execute these commands to hide the tunnel so it
doesn't turn red and upset the console watchers (the Network Operations
desk) every time a VPN user exits. 

         ObjID=`/usr/OV/bin/ovtopodump ${IPAddress} | awk 'NR>1 {print
$2}'`
        /usr/OV/bin/event -b openview -e ACK_EV -a ${ObjID} -d
"Acknowledge ${IPAddress} ${ObjID}"
      /usr/OV/bin/nvmaputil.sh --unmanage-interface ${IPAddress} &

Bill Evans

-----Original Message-----
From: nv-l-bounces AT lists.ca.ibm DOT com
[mailto:nv-l-bounces AT lists.ca.ibm DOT com] On Behalf Of Mario Behring
Sent: Wednesday, January 10, 2007 10:45 AM
To: nv-l AT lists.ca.ibm DOT com
Subject: [NV-L] VPN tunnel monitoring

Hi list,

Can I somehow configure NV 715 to identify and monitor the availability
of VPN tunnels? I have several VPNs connected to a Cisco PIX. The
tunnels are configured over a MPLS link.

Any help is appreciated.

Thank you.

Mario












 
________________________________________________________________________
____________
Any questions? Get answers on any topic at www.Answers.yahoo.com.  Try
it now.


_______________________________________________
NV-L mailing list
NV-L AT lists.ca.ibm DOT com
Unsubscribe:NV-L-leave AT lists.ca.ibm DOT com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to 
internal IBM'ers only)
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [NV-L] VPN tunnel monitoring, Mario Behring
Next by Date:  Re: [NV-L] VPN tunnel monitoring, Leslie Clark
Previous by Thread:  Re: [NV-L] VPN tunnel monitoring, Stephen Hochstetler
Next by Thread:  Re: [NV-L] VPN tunnel monitoring, Mario Behring
Indexes:  [Date] [Thread] [Top] [All Lists]