Michael Schwartzkopff

SNMPv3 Informs

In a recent monitoring project we had to set up SNMPv3 informs form the servers in the data center to our monitoring system. Since I found no really convincing documentation in the net I decided to write something here how to receive SNMPv3 in the trapd and how to send informs from the disman part of the net-snmp agent.

Continue reading

Real Time Performance Monitoring

Every administrator should know the performance of the servers and services he is responsible for. Normally the performance of services if measured in actions per time. For instance for a database this would be accesses or inserts per second, for a webserver sites delivered per second. For a mailserver this figure are messages handled per second.

Of course every admin can estimate the performance of his servers. But measuring is always better the guessing. Measuring things on productive live systems is the task of a monitoring systems.

In this article I want to present a method to measure the performance of live systems in real time. This results in much more accurate values than any educated guess. I will demonstrate my method with a mail server, but the method can be applied to any service. You just have to measure the throughtput and CPU usage and combine both values with some simple math.

Continue reading

VPN to the Amazon Cloud behind a NAT Device

A customer asked me t ohelp him set up an IPsec tunnel to the Amazon cloud. The set up is described in an article. The Amazon VPN document clearly states that Customer Gateways must have a static IP adress but may be located behind a NAT device. Only NAT-T is not supported. Since the test network of my customer was located behind a NAT device, that we did not control, we just tried to set up the tunnel with a strongswan gateway on our side.

Continue reading

SNMP Proxy

A very little known feature of SNMP is the proxy. You can configure a good SNMP agent to proxy requests to an other SNMP entity. In this article I want do cast some light on this feature. I used it the request performance data form a switch that speaks only IPv4 while the transport network between the management station and the agents is IPv6.

Continue reading

Open Source System Management Conference 2014

Es lohnt sich immer, im Frühling nach Südtirol zu fahren. Ein Grund mehr ist die Open Source System Management Conference, die Würth-Phönix traditionell zu dieser Jahreszeit ausrichtet. Der Hersteller von neteye schafft es immer, interessante Redner einzuladen. Dieses Mal lag der Schwerpunkt des Nachmittagsprogramms auf der Technik, was die Teilnahme noch einmal interessanter machte.

Continue reading

Avira kann auch ICAP

In der Sicherheitsarchitektur eines Unternehmens darf ein Proxy Server nicht fehlen, der die Unternehmensrichtlinie zur Kommunikation mit dem Internet durchsetzt. Sein Partner im Team ist ein Server, der die Inhalte der Kommunikation durchsucht und bewertet. Der Protokoll zwischen beiden ist das Internet Content Adaptation Protocol, kurz ICAP. Auch der deutsche Hersteller Avira GmbH hat einen solchn IPAP Server im Programm.

Continue reading