Main

December 28, 2007

Virtual Machine Colocation?

I've been pondering colocation, but there are some up-front issues, like getting a machine, etc. In addition to the bandwidth costs, you pay for rack space, power, and cooling too, because a physical machine needs space, power, and cooling, and those are the limiting factors in data centers, far more than network

However, the truth is, there's nothing on this site, or many others, that requires a physical machine. It could be adequately supported by a virtual machine with ease. Right now, it's a home directory, sharing space on an Apache server and a MySQL database. Email is provided by a shared domain on another server. While intensive database usage can be an issue for VMs, because I use MovableType, the html is static. I only hit the database for comments and the like. So I don't see a problem there for a VM.

While the initial setup for an ESX system is not cheap, (VM servers are not small, nor inexpensive), the usage you get out of them has a solid ROI. Two to three solid servers would allow for a fair number of "colocated" VMs, and I know from personal experience that things like backing up VMs, and keeping them up and running is much less complicated than doing the same for a similar number of physical machines, and if you can get a reliable ratio of 10:1 virtual to physical machines, then I'll hazard that you start saving nicely on space, power, and cooling.

It would give you all the advantages of a physical colocation; full control, shell access, the ability to do what you wanted with your "server" and few of the disadvantages; no need to pay extra for rack space and power.

From the ISP side, I see an advantage too, since their plant and physical costs would presumably be less, dealing with backups gets simpler, and it lets them offer a colo plan for people who don't necessarily need a full - on physical server, but are outgrowing what a shared hosting plan can offer. Even though they don't have to charge for additional rack space or power anymore, they still have a lot of options based on VM config: image size, number of CPUs, guest OS costs, and amount of RAM allocated to the VM. They would still have the traditional bandwidth and other service charges too.

So my question is, I suppose, is this: Is this as good an idea as it seems, or am I missing something that makes it A Bad Idea? Given an ESX - based system, and keeping in mind that running things on Mac OS X is not particularly important to me, or to a lot of people, although with Leopard Server, that could change wrt ESX, is this something that could work without being a science project?


Technorati Tags:
, , ,


Categories:     Hardware, Network Notes, Technology
Posted by John C. Welch at 11:16 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

December 6, 2007

Deltas and other annoyances

Some folks have wondered why I think it's such a bad thing that Novell is doing the Linux port of Microsoft's Silverlight, instead of well, Microsoft.

From "Novell, Microsoft Readying Moonlight":

BOSTON—Novell will be delivering a Linux-based version of Microsoft's Silverlight cross-browser, rich Internet application technology within six months.
Silverlight 1.0 is out now for Windows and Mac OS X, but Linux users don't even get the 1.0 runtime for six months, and that's assuming no problems. Actually, it's Linux and Solaris users:
De Icaza said that under its agreement with Microsoft, Novell's role is to deliver a 100 percent compatible Linux version of Silverlight in the Moonlight technology, which will support the major Linux distributions. Contractually, Novell has agreed to support the top three Linux distributions, but de Icaza said the company will go beyond that to support all major Linux distributions, as well as Sun Microsystems' Solaris operating system.
(As it turns out, *BSD too. Thanks Miquel for the better information!) Furthermore, what about the Moonlight 2.0, the follow-on to Silverlight 2.0?
Microsoft recently changed Silverlight 1.1 to Silverlight 2.0; following suit, Novell has done the same with Moonlight. Silverlight 2.0 is based on .Net, thus Moonlight 2.0 will feature Mono.

De Icaza indicated that he expects Silverlight 2.0 to ship around March 2008, around the time of Microsoft's Mix '08 conference. Moonlight 2.0 will then ship anywhere between six and 12 months after Silverlight 2.0.

I know I'm a pessimistic misanthrope, but how is this good by any stretch? Anyone not on Silverlight's Favored Platforms, (and considering that 2.0 is a relabled 1.1, I'm still waiting to see how long it takes Microsoft to drop Mac OS X support. The record for such things outside of the Mac BU is not good), is going to be six months to a year behind in perpetuity.

This is why when Microsoft, Apple, or really, any platform vendor says "That's a third party opportunity", what you should be hearing is "Anyone who wants that is fixin' to take it in the shorts."


Technorati Tags:
,


Categories:     Mac Matters, Technology
Posted by John C. Welch at 12:08 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

December 5, 2007

A Primer to SNMP on Mac OS X 10.5 and Mac OS X 10.5 Server

"Simple Network Management Protocol"

Has there ever been a more misleading or misunderstood name? I don't think so. But, SNMP is one of the most widely used, if not the most widely-used network management protocol. If you wrap your head around it, you can do some really neat stuff to make your life easier. If you don't, well, you'll end up using it anyway, you just won't know what's going on.

Since I see a lot of SNMP questions, I felt it was a good idea to write something up on SNMP that went into some depth. First, just in case it comes up, I have read Andrina Kelly's excellent article on SNMP at MacEnterprise.org. Her article was focused on using snmpconf to do the basic setup in Mac OS X, and it's solid. This article is something of a superset of that, and is correctly viewed as a supplement to that article. In fact, I owe Andrina some thanks for that article, since it motivated me to write this one. (I'd say I owe her beer, but she's Canadian, and I'm not that rich.)

So first off, what's the deal with SNMP? Well, the 'deal' is that people wanted a flexible, relatively low overhead way to manage their network. They wanted a way to read and set information, and have devices inform them when something goes wrong, or is about to go wrong. The result is SNMP. Now, why "Simple", when, as we shall see, it's actually pretty complex. Well, it's "Simple" in the sense that there's not much to it. There's about three things that can happen in SNMP:

  1. You can query a value and get a reply

  2. You can set a value and get a return code

  3. An SNMP-enabled device can send you a notification, or "trap"

That's pretty much the entire range of SNMP right there, and of the three, two is the least common. It's what you do with those numbers that gives you the power, or rather, what utilities like Nagios, Cacti, and Lithium do with the numbers that make things interesting.

To really understand SNMP, we have to understand two things: Object Identifiers, or OIDs, and Management Information Bases, or MIBs.

OIDs and MIBs

Both OIDs and MIBs are defined by the Structure of Management Information, (SMI) RFCs, (1155 for SMIv1 which ties to SNMPv1, 2578 for SMIv2, which ties to SNMPv2. There are two follow-on SMI RFCs, 3780 and 3781, but they are not bound to SNMP in particular, although 3781 is a set of SNMP-specific extensions to 3780. (Note that there are about 75 RFCs that apply to SNMP overall, so I'm not listing them. If you want to read them, the IETF is the keeper of the keys, as it were, for RFCs, and is the best place to go for RFC information.)

Within the SMI(s), you have three basic items

  1. The Name, or OID, which is how you identify SNMP objects in a structured, unique manner.

  2. The type and syntax, (defined via Abstract Syntax Notation One, (ASN.1), which is what defines how data is represented and transmitted. This handles things like byte-order/endian issues, so that Intel systems can use SNMP with SPARC systems, and not have to worry about data formatting issues.

  3. Encoding, which defines how SNMP information is encoded/decoded for transmission over networks.

The part we care most about is the OID. OIDs are, for better clarity, (and believe me, OIDs need all the clarity they can get), arranged in a tree structure. So each part of an OID number tells you on what part of the overall OID 'tree' that data lives on. Each OID branch has a name and a purpose. For 99.9% of all uses, the "root" of the OID tree is .1.3.6.1, or iso(1).org(3).dod(6).internet(1). There are other structures in the OID tree, but for our needs, "root" is .1.3.6.1.

Within the .1.3.6.1 OID, there are four sub-branches:

  1. directory(1)

  2. mgmt(2)

  3. experimental(3)

  4. private(4)

Of these, we only care about 2 and 4. mgmt(2) is for 'standard' management objects, and private(4) is for company-specific objects. So standard OIDs for calculating traffic flow or CPU load would go under .1.3.6.1.2, but company - specific OIDs for say, the Airport Extreme Base station go under 1.3.6.1.4. This separation gives companies a lot of room to develop their own SNMP implementations without interfering with the standard ones.

Within each OID entry, you have a specific data type for the value returned by the OID. For example:

.1.3.6.1.2.1.1.3.0 = Timeticks: (1902335) 5:17:03.35

.1.3.6.1.2.1.1.4.0 = STRING: John C. Welch <jwelch@bynkii.com>

.1.3.6.1.2.1.1.5.0 = STRING: localhost

.1.3.6.1.2.1.1.6.0 = STRING: John Welch's cube

Since the first entry is the uptime of my system, that's returned as a Timeticks value. Each "tick" in this case is 1/100th of a second. The rest are strings, as they hold string data. Other values can include IpAddress, use for IPv4 addresses, NetworkAddress, which can be used for MAC addresses, Counter, a 32-bit counter, (in SNMPv2, Counter is Counter32, so as to distinguish it from the 64-bit Counter64), and Gauge, which is similar to a counter, but rather than constantly incrementing, it is used to show instantaneous value, such as the current traffic rate in bps of a router. (If you think of Counter as an odometer, and Gauge as a speedometer/tachometer, you've got the right mental picture.)

There are something like eighteen different data types in SNMP, and to be honest, you could easily reduce that to two or three. But, there's an advantage to more specific datatypes, and that is in processing the results. It's much easier to get a list of IP addresses in my routing table out of SNMP results if I know that the label for the data is going to be "IpAddress: <data>" That's not the only reason, but it comes in right handy.

So now, if an OID is a specific instance of a SNMP value, then what do we need MIBs for?

Well, something needs to exist to tell us what that OID is. The examples I used above are pretty obvious, and even if you weren't up on SNMP, you could probably guess at what the OID that returns "John Welch's cube" is used for. However, what happens when you get this: .1.3.6.1.2.1.4.14.0 = Counter32: 2 ? That's not real obvious. Well, luckily, OIDs have text labels as well as numerical labels. Changing a formatting parameter in your snmpwalk gets you:

.iso.org.dod.internet.mgmt.mib-2.system.sysUpTime.sysUpTimeInstance = Timeticks: (1990007) 5:31:40.07

.iso.org.dod.internet.mgmt.mib-2.system.sysContact.0 = STRING: John C. Welch <jwelch@bynkii.com>

.iso.org.dod.internet.mgmt.mib-2.system.sysName.0 = STRING: localhost

.iso.org.dod.internet.mgmt.mib-2.system.sysLocation.0 = STRING: John Welch's cube

That's pretty cool, as it's much easier to tell what something is when you have the text labels. So now, our previously inscrutable numerical OID becomes: .iso.org.dod.internet.mgmt.mib-2.ip.ipReasmReqds.0 = Counter32: 2. Okay, so it's not exactly crystal clear to a newbie, it's still easier to figure out.

Well, that is what you use MIBs for. MIBs help define and organize OIDs. If OIDs are thought of as languages, then MIBs are translators. This is especially important when you start talking about private MIBs, like ones used by vendors for their own products. For example, if you query a Netgear WG102 wireless base station without the proper MIBs, you get a lot of OIDs that look like:

.iso.org.dod.internet.private.enterprises.4526.4.3.1.1.0 = STRING: "00146C689987"

.iso.org.dod.internet.private.enterprises.4526.4.3.1.2.0 = STRING: "Version 4.0 Release 16 NA"

.iso.org.dod.internet.private.enterprises.4526.4.3.1.3.0 = STRING: "myap1"

.iso.org.dod.internet.private.enterprises.4526.4.3.1.7.0 = INTEGER: 840

So you can guess at what those values mean, but that's a pain, because you're never sure just what the numerical parts of that OID really mean. Now, the same OIDs, but with the proper MIB:

.iso.org.dod.internet.private.enterprises.netgear.wireless.wg102.sysSettings.sysMacAddress.0 = STRING: 00146C689987

.iso.org.dod.internet.private.enterprises.netgear.wireless.wg102.sysSettings.sysVersion.0 = STRING: Version 4.0 Release 16 NA

.iso.org.dod.internet.private.enterprises.netgear.wireless.wg102.sysSettings.sysAPName.0 = STRING: myap1

.iso.org.dod.internet.private.enterprises.netgear.wireless.wg102.sysSettings.sysCountryRegion.0 = INTEGER: unitedStates(840)

With the MIB, we can see that .enterprises.4526.4.3.1.1.0 is really .enterprises.netgear.wireless.wg102.sysSettings.sysMacAddress.0. For fairly obvious things, the MIB isn't a big deal. But when you really need to see what a specific OID is measuring, (critical when you're deciding what SNMP values you need to monitor), the MIB is critical. Luckily, most networking companies are pretty cool about MIBs. Some have them available for download, others give you updates when you download firmware updates, etc.

But what do you do when you get a company that's not always so...nice, about MIBs? Well, you can try to search for them on the vendor's site, however, I've found that it's easier to go to one of the MIB aggregation sites, like mibDepot, or one of a dozen others, and just snag the MIB from them. Since MIBs are just text files, they're easy enough to read. However, having the MIB is not the same as having the OID.

For example, I have the MIBs for quite a few Windows Server services, such as Exchange et al. That doesn't mean that all the Exchange information in a MIB, even a Microsoft MIB is going to be available. The vendor for the product you're trying to measure has to allow for their SNMP implementation to expose the information you seek. If they don't, then the MIB does you no good. MIBs only help you read what is there already, they don't create new data or information for you. Bearing that in mind, let's take a look at a MIB that ships with Leopard. To see what MIBs are standard in Mac OS X, go to /usr/share/snmp/mibs/ and take a look. You'll see a bunch of them, but for this example, we're going to take a look at the MIB for the WG102, primarily because it's short.:

WG102 DEFINITIONS ::= BEGIN



     IMPORTS

          OBJECT-GROUP

               FROM SNMPv2-CONF

          MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, enterprises, IpAddress


               FROM SNMPv2-SMI

          DisplayString, TruthValue

               FROM SNMPv2-TC;

The first line tells us the name of the MIB, in this case, "WG102". The next part starts the definitions of the MIB itself. In this case, the WG102 MIB imports some data it needs from other MIBs, such as OBJECT-GROUP from SNMPv2-CONF, MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, enterprises, and IpAddress from SNMPv2-SMI, PhysAddress from RFC1213-MIB, and DisplayString, TruthValue from SNMPv2-TC. Importing here works the way it does in Perl, Python, AppleScript, etc., and allows a MIB to use data and datatypes defined in other MIBs without having to explicitly identify that data and those datatypes itself.

wg102 MODULE-IDENTITY

          LAST-UPDATED "200509291000Z" -- Sep 29, 2005 at 10:00 GMT

          ORGANIZATION

               "NETGEAR Inc."

          CONTACT-INFO

               "4500 Great America Parkway

               Santa Clara, California 95054

               Phone: (408) 907-8000

               Fax: (408) 907-8097

               Web Site: http://www.netgear.com"

          DESCRIPTION

               "The MIB module for 802.11b/g ProSafe Wireless Access Point entities.

               iso(1).org(3).dod(6).internet(1).private(4).

               enterprises(1).netgear(4526).wireless(4).wg102(3)"

          ::= { wireless 3 }



--

-- Node definitions

--



          netgear OBJECT IDENTIFIER ::= { enterprises 4526 }





          wireless OBJECT IDENTIFIER ::= { netgear 4 }

This section provides more basic information about the MIB itself, such as information on the vendor, when it was updated last, and the OIDs it's going to identify. In a MIB, -- is the single line comment identifier, so when you see it used, it's for well, comments. In the case of this MIB, pretty much everything here is part of the netgear.wireless OID, or the .1.3.6.1.4.1.4526.4.3 tree. Looking at the first part of the first section we see:

sysSettings OBJECT IDENTIFIER ::= { wg102 1 }

Since this part comes after the 4526.4, we can tell that for this mib, sys(tem)Settings are in the .1.3.6.1.4.1.4526.4.3.1 tree.

          sysMacAddress OBJECT-TYPE

               SYNTAX DisplayString (SIZE(6..17))

               MAX-ACCESS read-only

               STATUS current

               DESCRIPTION

                    "This field indicates the system MAC Address."

               ::= { sysSettings 1 }

Looking at this first entry, we see that it's the sysMACAddress object type. The value it returns is a string, and Max-Access tells us it's a read-only value. The Status indicates this is a current value, (i.e. not deprecated or obsolete). Finally, we have a Description, and the actual number of the sysMacAddress in the .1.3.6.1.4.1.4526.4.3.1 tree. If we look at that OID on a WG102, we get: .1.3.6.1.4.1.4526.4.3.1.1.0 = STRING: 00146C689987, which is exactly what the MIB told us we'd see. Now, some of you see that OID and are wondering, "What's the deal with that 0? That's not in the MIB". First, correct, it's not in the MIB. Here's the deal. When you're looking at a listing of OIDs, there are two ways to show things. One is a list of vaguely related items, or scalar objects A scalar object can be related to the objects above and below it in a tree, but it doesn't have to be. The other way to display objects is as a table, where each individual item in the table has its own OID value, but it's part of the table OID. With a scalar object, there's only ever one. So, since computers start counting at 0, to get a scalar object's information, you end the OID with ".0". With a table, that last number would be the specific row in a table. So, if you wanted the third row of a given table, you'd use .2 on the end. In this case, the sysMacAddress is a scalar value, so we end the OID with a .0

An example of a table entry in a MIB is seen below:

          wlanSettings OBJECT IDENTIFIER ::= { wg102 2 }





-- **********************************************************************

-- * Wireless Settings Table

-- **********************************************************************

          wlanSettingTable OBJECT-TYPE

               SYNTAX SEQUENCE OF WlanSettingEntry

               MAX-ACCESS not-accessible

               STATUS current

               DESCRIPTION

                    "wlanSettingsallow for multiple instances on an agent."

               ::= { wlanSettings 1 }





          wlanSettingEntry OBJECT-TYPE

               SYNTAX WlanSettingEntry

               MAX-ACCESS not-accessible

               STATUS current

               DESCRIPTION

                    "An entry in the wlanSettingTable. It is possible for there

                    to be multiple AP interfaces on one agent, each with its

                    unique MAC address. The relationship between an AP

                    interface and an interface in the context of the Internet-

                    standard MIB is one-to-one. As such, the value of an

                    radioIndex object instance can be directly used to identify

                    corresponding instances of the objects defined herein. "

               INDEX { radioIndex }

               ::= { wlanSettingTable 1 }

The first two entries here are not accessible via SNMP, but help to identify the overall OID for the table. In this case, we see that the base OID for this table is .1.3.6.1.4.1.4526.4.3.2.1.1 (If you can't see this easily, don't worry. I'm only using specific parts of the MIB here, it's really rather large.)


          WlanSettingEntry ::=

               SEQUENCE {

                    radioIndex

                         INTEGER,

                    radioEnable

                         TruthValue,

                    wirelessMode

                         INTEGER,

                    channel

                         INTEGER,

                    txRate

                         INTEGER,

                    txPower

                         INTEGER,

                    beaconInterval

                         INTEGER,

                    dtimInterval

                         INTEGER,

                    rtsThreshold

                         INTEGER,

                    fragmentationThreshold

                         INTEGER,

                    dot11bPreamble

                         INTEGER,

                    superMode

                         TruthValue,

                    wmm
     
                         TruthValue,

                    wmmNoAck

                         TruthValue,
          
                    acEnabled

                         TruthValue,

                    acEnhancedRFSecurity

                         INTEGER,
     
                    acRogueDevDetection

                         TruthValue,

                    accessControlMode

                         INTEGER

                }

Here we have the row identifiers, and their basic types. From this we can tell that the table has 18 rows, starting with radioIndex, and ending with accessControlMode. From here, we go into the details for each row:

          radioIndex OBJECT-TYPE

               SYNTAX INTEGER

                    {

                    dot11a(0),

                    dot11bg(1)

                    }

               MAX-ACCESS read-only

               STATUS current

               DESCRIPTION

                    "This attribute shall indicate the radio's band."

               ::= { wlanSettingEntry 1 }

Our first row, radioIndex is kind of neat. First, it's an integer, but can have two possible values, 0, (for 802.11a) and 1, (for 802.11b/g). It's read-only, a current object, and has a row number of 1. (I'll explain where the 0 went in a bit) If we look at the specific entry for this row with just the numerical OID, and the text labels we see:

.1.3.6.1.4.1.4526.4.3.2.1.1.1.1 = INTEGER: dot11bg(1)
.iso.org.dod.internet.private.enterprises.netgear.wireless.wg102.wlanSettings.wlanSettingTable.wlanSettingEntry.radioIndex.dot11bg = INTEGER: dot11bg(1)

So, from just that, we can see this base station is set to work with 802.11b/g. The OID tells us what the device knows, the MIB explains what the OID means. Looking down the rest of the entries, we see just what all this table does:

     radioEnable OBJECT-TYPE

          SYNTAX TruthValue

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate whether the radio is enabled."

          ::= { wlanSettingEntry 2 }


     wirelessMode OBJECT-TYPE

          SYNTAX INTEGER

               {

               auto(0),

               dot11a(1),

               dot11b(2),

               dot11g(3)

               }

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate the desired wireless

               operating mode.

               
               Options are:

                auto - Both 802.11g and 802.11b wireless stations can be

                used.

               dot11a - Only 802.11a wireless stations can be used.

               dot11b - All 802.11b wireless stations can be used.

                     802.11g wireless stations can still be used

                     if they can operate in 802.11b mode.

               dot11g - Only 802.11g wireless stations can be used."

          ::= { wlanSettingEntry 5 }


     channel OBJECT-TYPE

          SYNTAX INTEGER (0..165)

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate the channel number to be

               used. And the zero indicates that auto channel selection is enabled."

          ::= { wlanSettingEntry 6 }


     txRate OBJECT-TYPE

          SYNTAX INTEGER

               {

               best(0),

               rate1Mbps(1),

               rate2Mbps(2),

               rate5dot5Mbps(3),

               rate6Mbps(4),

               rate9Mbps(5),

               rate11Mbps(6),

               rate12Mbps(7),

               rate18Mbps(8),

               rate24Mbps(9),

               rate36Mbps(10),

               rate48Mbps(11),

               rate54Mbps(12)

               }

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate the transmite rate. When

               the operatemode is:

               
                auto(0) - can set to 0:best, 1:1Mb/s, 2:2Mb/s,

                5.5:5.5Mb/s, 11:11 Mb/s, 6:6Mb/s, 9:9Mb/s,

                12:12Mb/s, 18:18Mb/s, 24:24Mb/s, 36:36Mb/s,

                48:48Mb/s, and 54:54Mb/s.

               
                dot11a(1) - can set to 0:best, 6:6Mb/s, 9:9Mb/s,

                12:12Mb/s, 18:18Mb/s, 24:24Mb/s,

                36:36Mb/s, 48:48Mb/s, 54:54Mb/s.

               
                dot11b(2) - can set to 0:best, 1:1Mb/s, 2:2Mb/s,

                5.5:5.5Mb/s, and 11:11 Mb/s.

               
                dot11g(3) - can set to 0:best, 6:6Mb/s, 9:9Mb/s,

                12:12Mb/s, 18:18Mb/s, 24:24Mb/s,

                36:36Mb/s, 48:48Mb/s, 54:54Mb/s."

          ::= { wlanSettingEntry 7 }


     txPower OBJECT-TYPE

          SYNTAX INTEGER

               {

               full(0),

               half(1),

               quarter(2),

               eighth(3),

               min(4)

               }

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate the transmitting power."

          ::= { wlanSettingEntry 8 }


     beaconInterval OBJECT-TYPE

          SYNTAX INTEGER (20..1000)

          UNITS "1024 microsecond"

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate the beacon interval."

          ::= { wlanSettingEntry 9 }


     dtimInterval OBJECT-TYPE

          SYNTAX INTEGER (1..255)

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate the DTIM period."

          ::= { wlanSettingEntry 10 }


     rtsThreshold OBJECT-TYPE

          SYNTAX INTEGER (0..2346)

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate the RTS threshold."

          ::= { wlanSettingEntry 11 }


     fragmentationThreshold OBJECT-TYPE

          SYNTAX INTEGER (256..2346)

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate the fragmentation threshold."

          ::= { wlanSettingEntry 12 }


     dot11bPreamble OBJECT-TYPE

          SYNTAX INTEGER

               {

               long(0),

               auto(1)

               }

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate the preamble setting.

               This setting is only applicable to 802.11b mode."

          ::= { wlanSettingEntry 13 }


     superMode OBJECT-TYPE

          SYNTAX TruthValue

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate whether super mode (super-A

               for 11a radio, Super-G for 11g radio) is enabled."

          ::= { wlanSettingEntry 14 }


     wmm OBJECT-TYPE

          SYNTAX TruthValue

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate whether wmm is enabled."

          ::= { wlanSettingEntry 15 }


     wmmNoAck OBJECT-TYPE

          SYNTAX TruthValue

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This attribute shall indicate whether wmm with no ack is enabled."

          ::= { wlanSettingEntry 16 }


     acEnabled OBJECT-TYPE

          SYNTAX TruthValue

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This field indicates whether enable AutoCell."

     ::= { wlanSettingEntry 17 }


     acEnhancedRFSecurity OBJECT-TYPE

          SYNTAX INTEGER

               {

               disable(0),

               enable(3)

               }

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This field indicates whether enable Enhanced RF Security."

          ::= { wlanSettingEntry 18 }


     acRogueDevDetection OBJECT-TYPE

          SYNTAX TruthValue

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "This field indicates whether enable Rogue Device Detection."

          ::= { wlanSettingEntry 19 }


     accessControlMode OBJECT-TYPE

          SYNTAX INTEGER

               {

               disabled(0),

               local(2),

               server(3)

               }

          MAX-ACCESS read-write

          STATUS current

          DESCRIPTION

               "The field indicates whether the access control list is

               enabled and the source of the database of the access

               control list."

          ::= { wlanSettingEntry 20 }

When we look at the values for each OID in the table, we get:

.1.3.6.1.4.1.4526.4.3.2.1.1.1.1 = INTEGER: dot11bg(1)

.1.3.6.1.4.1.4526.4.3.2.1.1.2.1 = INTEGER: true(1)

.1.3.6.1.4.1.4526.4.3.2.1.1.5.1 = INTEGER: dot11g(3)

.1.3.6.1.4.1.4526.4.3.2.1.1.6.1 = INTEGER: 0

.1.3.6.1.4.1.4526.4.3.2.1.1.7.1 = INTEGER: rate54Mbps(12)

.1.3.6.1.4.1.4526.4.3.2.1.1.8.1 = INTEGER: full(0)

.1.3.6.1.4.1.4526.4.3.2.1.1.9.1 = INTEGER: 100 1024 microsecond

.1.3.6.1.4.1.4526.4.3.2.1.1.10.1 = INTEGER: 1

.1.3.6.1.4.1.4526.4.3.2.1.1.11.1 = INTEGER: 2346

.1.3.6.1.4.1.4526.4.3.2.1.1.12.1 = INTEGER: 2346

.1.3.6.1.4.1.4526.4.3.2.1.1.13.1 = INTEGER: auto(1)

.1.3.6.1.4.1.4526.4.3.2.1.1.14.1 = INTEGER: false(2)

.1.3.6.1.4.1.4526.4.3.2.1.1.15.1 = INTEGER: false(2)

.1.3.6.1.4.1.4526.4.3.2.1.1.16.1 = INTEGER: false(2)

.1.3.6.1.4.1.4526.4.3.2.1.1.17.1 = INTEGER: true(1)

.1.3.6.1.4.1.4526.4.3.2.1.1.18.1 = INTEGER: disable(0)

.1.3.6.1.4.1.4526.4.3.2.1.1.19.1 = INTEGER: true(1)

.1.3.6.1.4.1.4526.4.3.2.1.1.20.1 = INTEGER: local(2)

Thanks to the MIB, we can see exactly what this table is telling us about this base station. Now, what about the 0? Well, in a table, you don't use it. 0's are for scalar values, so tables don't use it. However, since these are table values, you don't need the trailing .1 either. Looking for .1.3.6.1.4.1.4526.4.3.2.1.1.2 or .1.3.6.1.4.1.4526.4.3.2.1.1.2.1 will get you the same result.

Okay, enough with the OIDs and MIBs, lets get into actually using SNMP.

SNMP Commands

There are about twenty SNMP commands, and while it is good to learn what all of them do, in practice, there aren't that many you use regularly. Out of all of them, I tend to use snmpget and snmpwalk the most. There's a few others, but those two are about 95% of my direct SNMP command usage. There are a few things you want to keep in mind about SNMP commands, some common tips and tricks. Luckily, SNMP commands have a lot of commonality, so the options are pretty much the same for all. "man snmpcmd" will give you most of these.

There are quite a few more options, but these are the ones I use the most.

Oh, one other thing. Normally, SNMP uses UDP port 161. While you can use TCP, I really recommend you don't. SNMP does not care that much about reliability, nor does it send or get a lot of data. However, in even a medium - sized monitoring setup, you can be issuing hundreds of SNMP requests every few minutes. The overhead of TCP, combined with no real advantage to using TCP makes it a rather poor choice for SNMP over UDP.

snmpget

This is the most ubiquitous of the lot. It's the way you get single values from another device, and is probably the most commonly used SNMP command. Using snmpget is pretty simple:

snmpget options <IP address or DNS name of the target> <OID you're querying>

There are a lot of options for snmpget, (run snmpget with no parameters to see them all), but the common ones are the ones I listed above. The target is the machine you're querying. If you want to just play around with SNMP on your own machine, you can use localhost for the target. The OID can be specified either numerically or textually. If you're going to do it textually, then you want to use as small an OID specifier as possible. So, all put together, it looks like:

(Yes, I know, there's no .0 at the end of this OID. Sometimes, SNMP is like english. You get used to some rules, and then BAM! Neither "bomb", "tomb" or "comb" rhyme, and you're left wondering "What's up with that?")

snmpwalk

If you need to get a list of all the OIDs supported by a given target, or the supported elements in a specific OID tree, then you would use snmpwalk. The options for snmpwalk are the same as for snmpget, the difference being snmpget gives you a single result for an OID, the snmpwalk command returns you a list of OID values. You can list every supported OID on a machine by setting the starting OID to .1, or you can query a specific OID branch by being more specific, and either numerical or textual OID specifiers are valid:

Numerical OID specifier:

Textual OID specifier:One thing to be careful of, depending on the OID, snmpwalk can put a whack on a CPU, so if you're doing an entire OID tree, you probably want to pipe the output to more, and pause a bit in between hitting the space bar, or play with the timeout variables in the command. If you know you're going to be getting a lot of information in an snmpwalk command, you might consider using snmpbulkwalk instead, as it can be more efficient.

snmptable

This is a command I don't use that often, but it can be handy when you want to see every entry in a table without having to parse it out of snmpwalk. To use snmptable, you have to pass it the OID of a table, which can be a bit confusing at first. For example, let's say you want to look at the contents of the sysORTable with snmptable. If you look at it with snmpwalk, you'd get:

That gives you all the information, but you have to do a lot of matching between the three elements of the table.

In comparison, with snmptable, you get:

standard snmptable

Same information, but laid out nicer.

The options for snmptable are a bit different too. While you can use all the -On options, where you get a lot of use out of snmptable is in the -Cn options, as these deal with the table formatting. For example, snmptable with the -Cf , option gives you a comma-delimited table:

comma delimited snmptable

If you use the -Cl option, the data is left-justified:

left-justified snmp table

Keep in mind that you're querying the table, so there's no ending element specifier:

snmptable localhost .1.3.6.1.2.1.1.9

snmptable -Cf , localhost .1.3.6.1.2.1.1.9

snmptable -Cl localhost .1.3.6.1.2.1.1.9

snmpset

Finally, you have the way to set values, snmpset. This one is what I use when I have to deal with a lot of end machines in a hurry. For the most part, there's not a lot you use this for. You can set names, locations, and other minor information with it. Some vendors use it for interesting things. For example, there are some Netgear access points that you can reboot by setting the right OID to any non-0 number. The options for snmpset have one important difference, the type. The type is used to specify what kind of value you're attempting to set the OID to. The syntax for snmpset is:

snmpset <options> OID <type> value

The types for snmpset are:

i INTEGER

u UNSIGNED

s STRING

a IPADDRESS

b BITS

Those commands are pretty much 90% of my manual snmp command usage. However, before you use SNMP, you have to set it up.

Setting up SNMP on Mac OS X

While there are a number of ways to set up SNMP, including the ever-popular "just edit the conf files", the one I prefer is still snmpconf. Andrina did a good job of introducing it, now I'm going to beat it to death, because, well, that's what I do. One change you'll see from Mac OS X 10.5 is that the default snmp conf files are no longer kept in /usr/share/snmp. In Mac OS X 10.5, the defaults are kept in /etc/snmp/snmpd.conf.default. Neither location is wrong, but snmpconf favors /usr/share/snmp, and so do I. (Using the SNMP conventions here makes getting tips from people on other *nix platforms much easier.)

One thing with snmpconf that I like is its ability to automatically put the files you create in the "correct" place once you're done. To do that, you use the -i switch when you run it, like so: sudo snmpconf -i. snmpconf is, for those who care, a big, well-written perl script that helps you set up snmp, snmpd, and snmptrapd parameters. It's smart enough to notice that you have existing snmp conf files, including the ones in /etc/snmp, and will ask you if you want to merge those files with any you create. If you aren't confident about your ability to read these conf files and parse out extraneous/bad entries, then you'll want to choose "None" when asked. Since snmpconf takes the conf files in a specific order, (seen below) I will too. Note that I am not going to go over every option in snmpconf, just the most common ones.

I can create the following types of configuration files for you.

Select the file type you wish to create:

(you can create more than one as you run this program)



   1:  snmpd.conf

   2:  snmptrapd.conf

   3:  snmp.conf



Other options: quit



Select File:

snmpd.conf

This file is what configures snmpd, or the daemon that answers snmp queries from other computers. Taking that option, we see:

The configuration information which can be put into snmpd.conf is divided

into sections. Select a configuration section for snmpd.conf

that you wish to create:



   1:  Access Control Setup

   2:  Extending the Agent

   3:  Monitor Various Aspects of the Running Host

   4:  Agent Operating Mode

   5:  System Information Setup

   6:  Trap Destinations



Other options: finished

Option 1, Access Control Setup is fairly self-explanatory, it's where we set up who and what can query this machine. Taking this option gives us:

Section: Access Control Setup

Description:

  This section defines who is allowed to talk to your running

  snmp agent.



Select from:



   1:  a SNMPv3 read-write user

   2:  a SNMPv3 read-only user

   3:  a SNMPv1/SNMPv2c read-only access community name

   4:  a SNMPv1/SNMPv2c read-write access community name



Other options: finished, list

Again, this article is not going to deal with SNMPv3 except for an explanation at the end that briefly summarizes it. It's different enough to need its own article. Therefore the two options we care about the most are 3 and 4. Note, that while you have to have a read-only community to really use SNMP at all, read-write is not a major requirement, although a lot of config utilities, most notably HP use RW SNMP. Since these community strings are used in a completely unencrypted fashion, don't use a community string that is the same as a password you actually care about. Since the options for both are the same, we'll just look at option 4.

The first item you're asked for is the community name. Enter whatever you like, just avoid spaces or illegal chars like / or :. The next question is for a hostname or IP address to accept this community name from. Unless you want any device on your network to be able to use this community string, you want to limit it to boxes actually using SNMP queries and applications. If nothing else, auditors LOVE to jump on SNMP setups where you're not controlling access to SNMP information. The next option will ask if you want to restrict the OIDs that this community string can see. Again, answer in the way that best fits your needs. If you're not sure, hit RETURN for all of them. You can always lock it down later if you need to, and again, SNMP v1/2 is really insecure anyway. This is just keeping the stoops out.

Once you've set your options for the read-only and read-write community strings, enter "finished" to jump back to the main snmpd.conf menu.

Item 3 in that menu, Monitor Various Aspects of the Running Host is how you set up the computer to check certain items, and send traps if parameters you set are violated. This is similar to jobs you can set up using say, cron or launchd, but is designed to notify a remote system if something goes "wrong". The menu is below:

Select from:



   1:  Check for processes that should be running.

   2:  Check for disk space usage of a partition.

   3:  Check for unreasonable load average values.

   4:  Check on the size of a file.



Other options: finished, list

The options are fairly clear, so we'll just take a look at option two, Check for disk space usage of a partition. Selecting option 2 brings us to:

Select section: 2



Configuring: disk

Description:

  Check for disk space usage of a partition.

    The agent can check the amount of available disk space, and make

    sure it is above a set limit.  

    

     disk PATH [MIN=100000]

    

     PATH:  mount path to the disk in question.

     MIN:   Disks with space below this value will have the Mib's errorFlag set.

            Can be a raw byte value or a percentage followed by the %

            symbol.  Default value = 100000.

    

    The results are reported in the dskTable section of the UCD-SNMP-MIB tree



Enter the mount point for the disk partion to be checked on:

Pretty self-evident. Enter the mount point for the drive, then enter the minimum amount of space that should be available on that mount point. Once you do that, you go back to the menu. Use any other options you need, then type "finished" to go back to the main snmpd.conf menu.

Option 4 on the main menu, Agent Operating Mode should be used carefully, as it can do some very odd things to your snmpd setup. If you aren't sure what you are doing here, leave it alone.

Option 5, System Information Setup, is where you enter in the location of the system, the contact information for the administrator, and the proper value for the sysServices object. The sysServices object is how you define what kind of services the computer you're setting up provides, and somewhat corresponds to the OSI seven - layer model. If you aren't sure about how to set this up, leave it alone and take the defaults, the work in a majority of cases.

Option 6, Trap Destinations, is important if you're trying to set up traps, as this is where you tell the system you're configuring, where to send traps. Selecting it brings you to this menu:

Select section: 6



Section: Trap Destinations

Description:

Here we define who the agent will send traps to.



Select from:



   1:  A SNMPv1 trap receiver

   2:  A SNMPv2c trap receiver

   3:  A SNMPv2c inform (acknowledged trap) receiver

   4:  A generic trap receiver defined using snmpcmd style arguments.

   5:  Default trap sink community to use

   6:  Should we send traps when authentication failures occur



Other options: finished, list



Select section:

Items 1-3 here are fairly straightforward. You enter in the hostname of your network monitoring server, a community to use, and an optional port number. Option 4 is for more advanced setup. Option 5 lets you set a default trap community, to be used if one is not explicitly provided, and option 6 is for sending traps if an SNMP auth failure occurs. Considering the insecure nature of SNMP v1/v2, this is not a bad idea. Once you're done here, enter "finished" to get back to the main snmpd.conf menu. Since this was the last option, enter "finished" again to get back to the main snmpconf menu.

snmtrapdp.conf

Since snmptrapd is the daemon that receives traps, this is where you configure that daemon. Obviously, there's no need to do so if the machine you're setting up won't need to act as a trap receiver. The main menu looks like this:

The configuration information which can be put into snmptrapd.conf is divided

into sections. Select a configuration section for snmptrapd.conf

that you wish to create:



   1:  Authentication options

   2:  Output formatting for traps received.

   3:  Logging options

   4:  Runtime options

   5:  Trap Handlers



Other options: finished



Select section:

Option 1 lets you set how the trap receiver deals with authentication traps. 1 or yes sets it to ignore authentication traps, 0 or no sets it to not ignore them. Option 2 lets you set the options for formatting incoming traps. Option 3 deals with how you log traps and where you log them to. Option 4 sets forking and PID file options, and option 5 lets you run a shell program or script when a trap is received. Option 5 is where you can get a lot of power out of trap reception. Depending on how much work you want to do, you can really automate the heck out of how you respond to problems on your network, just with what comes with the OS.

Once you're done here, enter "finished" until you get to the main snmpconf menu. Our last configuration file is snmp.conf, which is where you set defaults for the various SNMP commands we discussed earlier.

snmp.conf

The main snmp.conf menu is shown below:

The configuration information which can be put into snmp.conf is divided

into sections. Select a configuration section for snmp.conf

that you wish to create:



   1:  Default Authentication Options

   2:  Debugging output options

   3:  Textual mib parsing

   4:  Output style options



Other options: finished



Select section:

Option 1 lets you set the default authentication options for the SNMP commands:

Section: Default Authentication Options

Description:

  This section defines the default authentication

  information.  Setting these up properly in your

  ~/.snmp/snmp.conf file will greatly reduce the amount of

  command line arguments you need to type (especially for snmpv3).



Select from:



   1:  The default port number to use

   2:  The default snmp version number to use.

   3:  The default snmpv1 and snmpv2c community name to use when needed.

   4:  The default snmpv3 security name to use when using snmpv3

   5:  The default snmpv3 context name to use

   6:  The default snmpv3 security level to use

   7:  The default snmpv3 authentication type name to use

   8:  The default snmpv3 authentication pass phrase to use

   9:  The default snmpv3 privacy (encryption) type name to use

  10:  The default snmpv3 privacy pass phrase to use



Other options: finished, list



Select section:

Since we aren't dealing with SNMPv3 in this article, we'll talk about options 1-3. The first three options are pretty simple. If you don't want to use the default port of 161, you set that in with option 1. The default version number, 1/2c/3 is set with option 2. Normally, I just set it to 2c. If you have older equipment, you may have to specify -v 1 in your SNMP commands, but for the most part, 2c should work on any equipment you deal with . Option 3 lets you set the default community string for your SNMP commands. For SNMP v1/v2 usage, setting your authentication options lets you set up defaults for the -c and -v options. Enter "finished" from here to get back to the main snmp.conf menu.

I rarely mess with options 2 or 3, so we'll skip to option 4, which sets your -On defaults. In the output style options, set the defaults for how you want the returns from various SNMP commands to be formatted. Once you're done, enter "finished" until you get back to the main snmpconf menu.

Since we're finished, enter "quit", and it will create the files in /usr/share/snmp for you, (the -i option to snmpconf does this), and voila, you're set up to use SNMP. If you want to get an idea for syntax, take a look at the various SNMP conf files, and the man pages for them, they can be of great use in helping you really optimize your SNMP setup.

Getting snmpd started

If you're running Mac OS X Server, then you enable this with Server Admin, in the main Setting tab for the server itself, (not in any of the services).

If you're running Mac OS X 10.4 Client, then you add the SNMPSERVER=-YES- line to /etc/hostconfig, or if the line is in there and set to -NO-, then you set it to -YES-.

In Mac OS X 10.5 Client, since all of this is run by launchd, the easiest way to start snmpd is to just use Lingon. For Mac OS X 10.5, you have to use version 2.0.2 or later. If you want to use Lingon for launchd control in Mac OS X 10.4, (a really good idea), then you need version 1.2.1.

In Lingon, expand the System Daemons, and select "org.net-snmp.snmpd". You'll get a Very Dire Warning from Lingon about mucking around with System Daemons. Since we have to, we smile, nod, and move on. Make sure the "Enabled" checkbox is checked, and that "Keep it running all the time no matter what happens" and "Run it when it is loaded by the system (at startup or login) is selected. Save and exit Lingon.

You can check to see if snmpd started with ps -ax|grep snmpd. If it didn't, you may have to either reboot, or use launchctl to start snmpd. Once it's running, assuming your setup is good, you should be all set with SNMP on that machine. This brings us to the ultimate question:

"I have all this stuff set up, i know how to configure it, but what can I DO with it?" Well, let's find out, hmm?

Stupid SNMP tricks

Keep in mind these are all on Mac OS X 10.5. Mac OS X 10.4 on PPC doesn't have as many hardware monitoring OIDs as Mac OS X 10.5, and Mac OS X 10.4 on Intel barely has any SNMP at all. It's really broke for Mac OS X 10.4 on Intel, so if you want to use SNMP with Intel Macs, your choices are compile your own SNMP setup, or upgrade to Mac OS X 10.5.

Now, we all know about using SNMP to track stuff like network throughput, and the like. Bah, that's boring. I mean, you need it but geez, EVERYONE does THAT. What we want is cools stuff:

For example, want to see the basic hardware SNMP thinks you have?

hrDeviceTable

That's pretty handy, but suppose you have multiple drives on a remote server, and you want to see which item in the hrDeviceTable is the boot device?

Valkyrie:~ jwelch$ snmpwalk -Of localhost .iso.org.dod.internet.mgmt.mib-2.host.hrSystem|more

.iso.org.dod.internet.mgmt.mib-2.host.hrSystem.hrSystemUptime.0 = Timeticks: (1396937) 3:52:49.37

.iso.org.dod.internet.mgmt.mib-2.host.hrSystem.hrSystemDate.0 = STRING: 2007-12-4,22:13:36.0,-5:0

.iso.org.dod.internet.mgmt.mib-2.host.hrSystem.hrSystemInitialLoadDevice.0 = INTEGER: 1536

.iso.org.dod.internet.mgmt.mib-2.host.hrSystem.hrSystemNumUsers.0 = Gauge32: 2

.iso.org.dod.internet.mgmt.mib-2.host.hrSystem.hrSystemMaxProcesses.0 = INTEGER: 532

A couple of points:

  1. hrSystemNumUsers is based on ttys, so be careful how you take that number

  2. hrSystemMaxProcesses reflects the value you would see for kern.maxproc in sysctl

Want more information on local hard drives?

hrStorageTable

CPU load?

Valkyrie:~ jwelch$ snmptable -Cl localhost .iso.org.dod.internet.mgmt.mib-2.host.hrDevice.hrProcessorTable

SNMP table: HOST-RESOURCES-MIB::hrProcessorTable



hrProcessorFrwID        hrProcessorLoad

SNMPv2-SMI::zeroDotZero 11

SNMPv2-SMI::zeroDotZero 13

Disk information on the boot drive without having to do the math yourself:

Valkyrie:~ jwelch$ snmptable -Cl localhost .iso.org.dod.internet.mgmt.mib-2.host.hrDevice.hrDiskStorageTable

SNMP table: HOST-RESOURCES-MIB::hrDiskStorageTable



hrDiskStorageAccess hrDiskStorageMedia hrDiskStorageRemoveble hrDiskStorageCapacity

readWrite           unknown            false                  293036184 KBytes

Boot partition info:

Valkyrie:~ jwelch$ snmptable -Cl localhost .iso.org.dod.internet.mgmt.mib-2.host.hrDevice.hrPartitionTable

SNMP table: HOST-RESOURCES-MIB::hrPartitionTable



hrPartitionIndex hrPartitionLabel       hrPartitionID hrPartitionSize  hrPartitionFSIndex 

1                "EFI System Partition" "0xe000001"   0 KBytes         0

2                "Untitled"             "0xe000002"   187564032 KBytes 1

3                "Untitled"             "0xe000003"   105136236 KBytes 6

Note that the partition sizes may not perfectly match the Finder.

File system information, ala the mount command on a local machine, including bootable info:

Valkyrie:~ jwelch$ snmptable -Cl localhost .iso.org.dod.internet.mgmt.mib-2.host.hrDevice.hrFSTable

SNMP table: HOST-RESOURCES-MIB::hrFSTable



hrFSIndex hrFSMountPoint      hrFSRemoteMountPoint hrFSType                        hrFSAccess hrFSBootable hrFSStorageIndex 

1         "/"                 ""                   HOST-RESOURCES-TYPES::hrFSHFS   readWrite  true         31

2         "/dev"              ""                   HOST-RESOURCES-TYPES::hrFSOther readWrite  false        32

3         "/dev"              ""                   HOST-RESOURCES-TYPES::hrFSOther readWrite  false        33

4         "/net"              ""                   HOST-RESOURCES-TYPES::hrFSOther readWrite  false        34

5         "/home"             ""                   HOST-RESOURCES-TYPES::hrFSOther readWrite  false        35

6         "/Volumes/Untitled" ""                   HOST-RESOURCES-TYPES::hrFSNTFS  readOnly   false        36

7         "/Volumes/jcwelch"  ""                   HOST-RESOURCES-TYPES::hrFSOther readWrite  false        37

/Volumes/jcwelch is my iDisk, and I chopped off the backup date entries, since they don't really work consistently.

You can get a list of running processes...note that I'm showing you one entry from this list, as it's rather long:

Valkyrie:~ jwelch$ snmptable -Cl localhost .iso.org.dod.internet.mgmt.mib-2.host.hrSWRun.hrSWRunTable

SNMP table: HOST-RESOURCES-MIB::hrSWRunTable



hrSWRunIndex hrSWRunName   hrSWRunID               hrSWRunPath      hrSWRunParameters   hrSWRunType hrSWRunStatus 

1            "launchd"     SNMPv2-SMI::zeroDotZero "/sbin/launchd"  ""                  unknown     runnable

The hrSWRunIndex corresponds to the PID of the process.

The CPU time for PID 1:

cpu time for PID 1

The RSIZE for PID 1:

rsize for PID 1

That's just getting numbers. You start factoring in software like Nagios and Cacti, and you can do some neat things with SNMP info. For example, I was able to take the print jobs number for some workgroup multifunction printers we have, and by having Cacti show it as a counter and a gauge, I get not only a graph of the total print jobs on any given MFD, but I also have a graph of print frequency, so we can see when the printer is the busiest. It's a great way to justify new printers.

However, I've already dealt with Nagios, and Cacti is another article in and of itself, so that will wait for next time.

SNMPv3

As I said earlier, one of the big issues with SNMP v1/v2 is that it's completely insecure. Everything is done via plain text, including community strings, (read: "passwords"). That's kind of bad when you consider the kind of information you can get from SNMP, so SNMP v3 was created. It allows for encryption, and far better security in general than earlier versions. The problem is, it's only recently that v3 support is becoming ubiquitous. That's not to say that SNMPv3 should be avoided, but that you may not be able to implement it everywhere, especially where you have older equipment. If I get enough requests, I may go into setting up v3 in a separate article at some point.

Conclusion

As lengthy as this article is, I've barely scratched the surface of what you can do with SNMP, but this should give you a solid idea of what's involved with it, and what you can do with it.

For books, there are two that I use all the time, and are my primary references for SNMP in daily practice, and for this article:

Essential SNMP, Second Edition, by Douglas Mauro and Keven Schmidt from O'Reilly, and SNMP, SNMPv2, SNMPv3, and RMON 1 and 2 (3rd Edition), by William Stallings. Note that the Stallings book is more of a college-level text book. It goes into tons of detail, but is not a casual read by an stretch.


Technorati Tags:
, , , ,


Categories:     Mac Matters, Network Notes, Technology
Posted by John C. Welch at 00:27 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

November 27, 2007

I hate upgradeing

There's nothing like following the instructions for an upgrade, and still having it fail.

MovableType 4, you RULE


Technorati Tags:


Categories:     Other, Technology
Posted by John C. Welch at 01:23 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

November 25, 2007

Thoughts on the Kindle and e-readers

First, this isn't a review of the Kindle. That would require me to have one, and honestly, I don't care enough about one to even try to get a review copy. Of the Kindle itself, I'd have to say, it looks awkward, the design seems rather biased against lefties, and it's yet another piece of technozoomdweebie gear to carry around.

I got into smartphones years and years ago to get away from carrying multiple single-purpose gadgets. The idea of one that's taller and wider than any paperback I've ever carried, and weighs 5/8 of a pound has utterly no appeal to me. Really.

The idea that it will replace books is laughable on multiple levels. For one, 90% of my reading is on a plane. I can read a book on a plane from taxi to taxi, and the only interruption is the safety lecture. With a Kindle, you can't read from taxi to 10K feet, and during final approach. If I don't want to keep a book, I can leave it in a coffee shop. I'm only out a couple of bucks, and I've maybe made someone else's day. Sweet. With a Kindle? It's a damned albatross. Too big to shove in a pocket, too expensive to not worry about, just heavy enough to be annoying, and I'm not seeing anything in it that says "walk down the street and read me".

Yes, I read while walking. I'm good at it. I've got some awesome radar that lets me be deep into a book and register traffic, people, street signs, you name it. I've got an internal inertial nav system that's got to be seen to be believed. No one, and I mean, no one, is going to roll me for the latest Clive Cussler or "Destroyer". Really. But something electronic and shiny? That'll buy a rock or two. No thanks. I have enough overpriced electronic shit I have to worry about.

The other major problem with replacing books is that there isn't an online store that you want to browse the way you will a book store. Jeff Bezos can hump his Kindle until it's as sticky as a stripper's shoes, but you don't browse Amazon, not really. You might link-hop a bit, but face it, Amazon's strength is that it lets you get shit done like a SEAL sniper. You find your target, take the shot, and get out. That's not bad, not on any level. It's one reason why I use, no why I love Amazon so much for buying gifts and the like. They have a lot of stuff, it's easy to find, and it's usually pretty cheap. It's also really easy to get through the whole "trading money for stuff" part of the transaction.

But when I go into a bookstore, it's with the knowledge that I'm going to have hours to kill. I wander. Every section, (okay, not the romance novels. If I want porn, I just get it off the internet, not bodice-rippers), looking at covers, thumbing through ones that look interesting. I don't have a goal in mind. I want something to jump off the shelves at me. Maybe it's a magazine with an interesting article about the sinking of the Scorpion. Maybe it's a study of Keith Richards' guitar licks, or a history of the CIA. I go to book stores because I don't know what I want, and I want some random "a-ha" mojo to smack me in the head and make me take it home. I find most of my best books that way. Basically, I want some random author to run up and cerebrally bugger me. I'll smile and ask for more.

In a book store, I'm rather adventurous. Online? Not so much. Online, I'm going to get stuff I already know I want. Amazon is perfect for that. Low-hassle and convenient.

You aren't going to browse on a Kindle. Oh you can come as close as Amazon lets you, but in the end, you aren't browsing even remotely close to how you will in a real, honest-to-god book store. Besides, I adore used book stores, and Amazon sucks ass compared to that, 'cause Amazon ain't got no trade in lovin'.

That's not to say I think the Kindle will be a flop. Well, they need to fix that fucked-up design, make that thing about 12.5% of it's current cost, kill that stupid DRM shit, and make it fit in my damned pocket better. But there is a market for the Kindle, even outside of the technophile dingalings like Le Scoble or Winer, who cream their underoos every time someone hands them a new technotoy. (Please, for the love of humanity, don't show Sta-Puff 2.0 or Capt. Gouda the level of computerization in sex toys. Even if they could write worth a crap, the idea of either one of them even knowing what a sex toy is makes me vomit in my mouth a lot.)

The Kindle, while utterly horrid for replacing books, is fantastic for replacing dead trees in what I call "disposable reading", aka newspapers and magazines. (You'll note I've left off blogs. That's deliberate. I still pretty much hate the New Media Douchebags who are, mostly due to mass stupidity, and ease of manipulation, the "A-list" of the "blogodorkosphere". There are about six "blogs" worth reading. This one ain't one of them. Daring Fireball is. Other than those few, stop reading blogs with shitty writing. It rots your mind.)

Face it, you don't keep newspapers unless something truly important happened that day. You don't keep magazines except for the same reason, or they're National Geographic. You get the paper, read it, maybe do the puzzles, then chuck them, or leave them for someone else. You get Time, you read it, you dump it. They're disposable. Completely forgettable once the next edition comes. For this? The Kindle is brilliant. However, this brings to mind some form issues and a marketing plan that looks like they found the one for the Segway, and substituted "Kindle" for "Segway" throughout the document. Repeating the dumb doesn't make it smart. It just makes it refined dumb.

First, stop obsessing about portability, and think about more ways for ease of use to make the Kindle v.X better for disposable reading. For example, do the deal with Starbucks, Panera, Indie Coffee shops to build Kindles into the tables. Dump the keyboard and go for gorgeous screens. Don't worry about battery life, and instead make them AC power only, and stupid easy to maintain. Go for an iPhone-style screen that can be cleaned with Windex and a paper towel, but one that's 8.5"x11", and at an initial cost to the shop of about fifty bucks a unit. Don't stop there. Waiting rooms cry out for Kindles, and would be a willing audience for them. Who here loves medical waiting rooms? Love them old magazines and big pharma ads? Yeah? No? Thought not.

Airports are another great place for Kindle v.2. Large amounts of people waiting in predictable places, wanting something to make the time go faster. What better place for an unlimited amount of reading? Ads won't be a problem here, we have ads in papers, magazines, and TV news now. For once, you have an audience that won't mind ads. Sweet!

For the portable versions...honestly, pick something to focus on in v.2. In this case, the reading experience. Leave the file upload stuff alone. Concentrate on making it as pleasurable to read as possible. Jack the res higher. Much higher. iPhone-and-then-some higher. Make it smaller. Actually, make it fold. And get rid of the friggin' keyboard, there's far too many ways to get around that silliness, and we all know it, especially when you're talking about a lamer keyboard like on the Kindle v.1. That's just some cowardly nod to whiners for whom the lack of a keyboard somehow equates to being useless. They suck, and their opinion is not only stupid, but proven wrong. They need to get over it. There's nothing about reading that requires a keyboard.

Also, sponsor recharging stations. Along with the static mounts in airports, coffee shops, what have you, have inductive recharging stations. Lay the Kindle down, pick up a charge while you read.

Finally, drop the fucking DRM. That shit doesn't work. It's never worked, and it never will. It's absolutely stupid that even v.1 came with it. If there were publishers that wouldn't play without it, Bezos should have flipped them the finger and let them sit on the outside looking in. So what if I buy a book and want to move it onto someone else's. Why should that cost anyone anything. Note...move, not copy. It's worked for books for oh...centuries. I think that's a good model. No lamer "you can only loan it for n days" shite either. I want to turn a friend onto a magazine article I think they'd like, I just make with the tappity-tappy, and bang, they've got mail. Sure, it cost me a couple bucks, but how do you think I let them read the latest cool article in my copy of Time now? Same way. Again, just in case you didn't get it: DRM is for idiots who think that they're smarter than every other person on the planet. Or Ballmer. Which is the same thing, when you think about it.

If it seems I'm advocating an infrastructure as much as the device, well, I am. Look, e-readers have by and large failed like cost-cutting on the Titanic, because they're all enclosed worlds. You can't do anything with them but read stuff you either send yourself, or download yourself. What's up with that? Lame. Why not let indie bookstores have Kindles and Kindle stations where they can offer up their own downloads for customers of stuff they think is cool? Same thing for libraries? Hell, libraries could make all kinds of cool uses out of this damned thing, and face it, they're on board bigtime if it increases reading and patronage. Why ignore a built-in fanbase? if you get out of the mindset that created Kindle v.1, you have a real potential to create the next...fuckit, the first next big thing. Screw following everyone else's example, do it different, and do it right.

But that's going to involve some risk-taking, and some looking ahead beyond the next quarter, or the next mastubatory outflow of the technophiles. Because if you sell it to technophiles, it's doomed. Who does Apple sell to? Not the technophiles. Who is the Wii aimed at? Not the technophiles. Technophiles are like baby birds. They're cute, until you realize that what they really are are a bunch of small, loud, brainless nincompoops who spend all day sitting in their own shit, waiting to be fed by the momma bird, and don't even realize they're getting nothing but ABC worms in the form of warmed-over vomit.

Again...don't listen to the Technorati Circle Jerk Crowd. They're all short-sited dingalings who think the entire world is going to get better because of HDTV and blogging. They're stupid. Design Kindle for people who read newspapers and magazines. Who want to sit down and enjoy every aspect of reading. Fuckit, figure out a way to turn a damned page by dragging your hand across the screen, instead of this next/back button bullshit. Make this thing cool to people in a diner in Des Moines and a southern restaurant in Binghampton. Make it something that Our Lord of the Bad Haircut Megachurch in Arkansas wants to put in all the pews. (Face it, the religious market are sheep by design and intent. You get some fundie megachurches putting this in, and the money will flow like rain in a hurricane man.) If the technophiles whine, give them a USB key and some bullshit speech with the words "new media" and "community building" in it. They'll be so into the afterglow that it won't occur to them that you're ignoring them. Look at the set of people who aren't inane technophiles compared to the set that is. Which one's bigger? Yeah, thought so, and face it, we're talking about Amazon. Even the computer illiterate know what Amazon is. That's a hell of a lead. If you don't fuck it up.

The Kindle has some real potential. The question however, is this: Does Bezos want to just be better than existing e-readers, or does he actually want to change the world?


Technorati Tags:
, , , , , , , , , ,


Categories:     Other, Technology
Posted by John C. Welch at 00:18 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

October 22, 2007

September NPD Game Console Sales

Well, to put it bluntly, Halo 3 did something I was doubtful it could do: It had a huge effect on Xbox 360 Sales. AKA: Wow! For the first time since I started keeping track of these numbers, the Xbox 360 was the number one - selling console according to NPD. Numbers below:

Xbox 360: 527,800 Units
Wii: 501,000 Units
PS2: 215,000 Units
PS3: 119,400 Units

So even for being in second place, the Wii had a hell of a month, increasing their numbers from Sept. by almost 100K units. However, that's nothing like the month the Xbox 360 had. Personally, I think the entire Xbox team, and everyone associated with it at Microsoft should be kissing the asses of the Halo 3 team until they're soda-cracker white. That's pretty astounding that one game could do that.

Percentage of change from August:

Xbox 360: Up almost 91% Daaaaaaaaamn
Wii: Up close to 24%
PS2: Up by 6%
PS3: Down by around 9%

So really, the only loser here was the PS3. However, even taking the PS3's drop into account, there doesn't appear to be any cannibalization to account for the increased sales of the other three consoles. The 360's increase is far out of line compared to the PS3's decrease for there to be a direct correlation there, and there's no way you can say the 360 sales hurt the Wii at all. (Who in their right minds cries about a 24% increase even though Wii availability is still constrained?) It was just a hell of a month for everyone but Sony.

Now the real trick will be the next few months leading into the holiday buying season. Was the Xbox 360's increase strictly due to a...er....Halo effect, (dude, how could I AVOID that pun), or is this a sign of renewed sales strength over the long term for the 360?


Technorati Tags:
, , , ,


Categories:     Other, Technology
Posted by John C. Welch at 16:01 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

September 7, 2007

Mike Elgan needs a new thinkin' brain

His current one's gone all Dvorak in the middle.

One of his Computerworld articles, re-published by Macworld, entitled "It's official: Apple is the new Microsoft", while guaranteed to get you hits, is not the most factual look at things. Nor the best thought-out.

First, he's using some weak relationships to justify his claims, and with the EMI deal, they're really weak:

People love iPods (including me; my family of four has purchased 12 iPods in the past few years). But iPods come bundled with iTunes. Want to buy music from Apple? Guess what? You must install iTunes. Want an Apple cell phone from AT&T? Yep! ITunes is required even if you want only to make phone calls. Want to buy ringtones for your Apple phone? iTunes.
I ask, what's your point? None of this is hidden, none of this is unknown. You want an iPod, you use iTunes. However, that's not the same as his implication that you are forced to use the iTunes store exclusively. I have a number of tracks on my iPod from other places that sell MP3s from bands that aren't on iTunes, like Snocap. MP3s still work. As well, there are a number of ways to get ringtones on your iPhone that don't require iTunes at all. If you never wish to synchronize your iPhone to a computer, then you need iTunes exactly *once*...to activate it. After that, delete iTunes and have a party. You only need it for updates after that. Find a friend with iTunes, and use their system. It's no more onerous than Verizon or Sprint making you use their stores to activate their phones, or not letting you update the phones without their approved method. Actually, considering the hell that is smartphone updates in general, Apple's implementation is far superior.
Apple not only “bundles” iTunes with multiple products, it forces you to use it. At least with Internet Explorer, you could always just download a competitor and ignore IE.
You can no more ignore IE in Windows than you can ignore Cocoa in Mac OS X. That's because IE is not in fact, an standalone product. Like Safari, it has a rather huge number of system frameworks that are all over Windows. IE is simply an implementation of various frameworks and libraries. Just like Safari. Mike's being a bit disingenuous here.
But operating systems have browsers as part of core functionality, too. Doesn’t Mac OS X come with Safari? Doesn’t the iPhone?
As does Windows and damned near every Linux distribution.
And “bundling” works. Steve Jobs bragged this week that Apple has distributed 600 million copies of iTunes to date. The overwhelming majority of those copies were iTunes for Windows. And iTunes for Windows’ popularity isn’t driven by software product quality. ITunes is the slowest, clunkiest, most nonintuitive application on my system. But I need it because I love my iPods.
Bundling, or maintaining control over the entire experience? On Windows, you can't claim that Apple is "forcing" you do do anything Mike, and we both know it. You want an iPod, you deal with that ecosystem, the same as if you want a Zune or an Xbox 360.
At least with Windows, you could reformat your PC and install Linux or any number of other PC-compatible operating systems. Can I reformat my iPod and install something else? Can I uninstall iTunes but keep using the iTunes store and my iPods? Apple strongly discourages all that, claiming that the iPod, the iPod software and iTunes are three components of the same product. But that’s what Microsoft said about Windows and IE.
Okay this part is just stupid. But if Mike wants to play...can I reformat my Zune and run Linux or any number of other PC-compatible OS's? Why..no, no you cannot. Nor can you with a Windows Mobile device, or any one of a hundred devices running embedded OS's. Why?

Because neither the iPod, nor the Zune, nor the Treo, nor the Motorola Q is a PC-compatible device.

Mike should be ashamed of himself for trying to compare a handheld device to a full-on PC and whining that he can't use it just like something that has completely different hardware. That's almost moron-level logic there. But Mike has to make his point somehow, so he's taking what he can get.

The only downside is that he works out every day at the gym, where cardio machines face TVs that broadcast sound over FM radio. Six months later, when his iPod is stolen, he goes to buy another player — this time, he hopes, with an FM radio in it. Several competitors offer this feature, but not iPods. He’s about to choose a new player with an FM radio when it hits him: None of his files — now totaling 300 songs and 50 movies — will play on the new player. He bought and paid for all this content, but it only works with iPods and iTunes.
Lord. Um...Mike? The iPod Radio Remote. Solves the problem nicely. If you're going to rag on a product for its failings, make sure you know the product better. As well, if your dad bought anything from the EMI non-DRM'd collection, then he'd have almost no problems at all here. See, Mike is confusing the problems caused by the stupidity that is DRM, something Apple has, quite publicly come out against, with his need to fill space on the article. If DRM were to get properly buried, then your dad would have no problem at all. Perhaps you should have shown him how to legally get his music without DRM, and spared him any trouble at all.
Apple has an iPod customer for life. Microsoft never had this kind of monopoly power. Sorry, dad. I should have bought you a tie.
I've got a bunch of companies locked into Exchange that say Mike's talkin' stupid here.
That same shock rippled through the iPhone enthusiast community yesterday when Jobs announced with a straight face that iPhone ringtones based on iTunes songs would cost the full price of the song, plus 99 cents extra. What? The full song costs 99 cents! How on Earth can Apple seriously charge the same amount again for the ability to hear just 30 seconds of the song — the same length as the free iTunes “samples”?
The same way that Verizon/Sprint/AT&T/etc use their monopoly power on its devices to charge you over twice that for a song to play, and the same song as a ringtone. Apple is hardly breaking new ground here. I think Mike needs to vent more at the group of liars and thieves that are all cell carriers here. As sad as it sounds, Apple is actually not hitting you as badly as everyone else. Does it suck? Sure. But, come on. Custom Ringtones are a luxury item for any phone. You can own an iPhone forever and never use one. In fact, out of every cell phone I've had since 1998, the iPhone is only the third one I've ever used any kind of custom ringtone on, and only the second where I had different ringtones for different people. It's a ringtone, not air.
Apple fully understands the power of monopoly pricing. The company has sold the 8GB iPhone for two prices in its short, three months of existence: $599 and, now, $399. When the iPhone was the only way to get the whole multitouch, big-screen, Wi-Fi iPod experience — when the product had no alternatives — the price was $599. One analyst estimated Apple’s cost to build an iPhone is $245.83. I don’t know if that’s true but, if so, more than half the user cost was profit. That’s theater soda pricing. But as soon as Apple introduced an alternative to the iPhone — the iPod Touch — Apple dropped the price by one-third.
See, i cannot believe that Mike Elgan is so ignorant of the costs of a device such as the iPhone that he'd take a materials-only quote that isn't even authoritative and assume that engineering, developing and manufacturing have zero cost. He simply cannot be that ignorant, I refuse to believe it. Therefore, he's got to be playing some games here, and I really dislike that. As far as the price drops, well duh. That can't be a surprise to anyone. The amount? Maybe. But the drop itself? No way dude.
Imagine if another company were allowed to compete in the OS X media player market. These players would all drop to below $300. Don’t hold your breath, though; it’ll never happen. Apple has the power to exclude all others from software than runs on its media players. Microsoft could only dream of such power.
Ah, my favorite part. The part where I can just say "Bullshit". Mike, you're so full of shit here that it beggars the imagination. There's nothing keeping someone from having another media player on OS X. In fact, I have one right now. VLC. There's nothing Apple is doing or can do, physically or psychologically that's keeping Microsoft from allowing the full range of Windows Media to be functional on Mac OS X. There's nothing Apple is doing, nor can do that would prevent Microsoft and one of its partners from creating a Creative Store or an MTV store, or even the Zune store on Mac OS X. The fact of the matter is that Microsoft refuses to bring the full Windows Media experience to any non-Microsoft platform unless it's through something like Silverlight. You don't get full Windows Media on non Microsoft platforms, period. But that's a Microsoft decision, not Apple.
Although full details haven’t been revealed, NBC apparently wanted more “flexibility” to charge higher prices for its TV shows on iTunes. Apple said no, and NBC was sent packing. NBC now plans to sell shows on alternative locations, such as its own Web site and on Amazon.com. Prediction: NBC will come crawling back to Apple and beg the company for inclusion, and on Apple’s terms. Why? Because iTunes is increasingly becoming the only venue in which media companies can succeed selling music and TV show.

Jobs rules like Bill Gates never did. If you want to succeed in the digital music or downloadable TV business, you’ll do things his way.

Again, bullshit. Here, let me just use Active X controls outside of IE on Windows. What? I can't? But that means I can only use Windows for these web sites I need to do my job! DAMN YOU STEVE JOBS!

The only reason Jobs has the influence he does is because the music and media companies blatantly state they hate their customers and want to make it as hard as possible for anyone to view content outside of methods that they lock down far tighter than Jobs has to date. It's also because, well, face it. Other than Apple, the media companies are pretty damned stupid. if NBC can't succeed without Apple, that's not Apple's fault. They could easily make sure their content is usable by iTunes and iPods et al without deal one with Apple. But I bet they won't. Instead, they'll use some overly complicated and restrictive Windows Media DRM bullshit, and wonder why they aren't selling. Again, not Apple's fault. iTunes and the iPod handle a wide range of formats, only one of which is Apple-only. Again, Mike is guilty of playing with reality to make his story work better.

Is Apple a monopolist, copycat and bully? Yes, and deservedly so. And if anyone thinks Apple’s success is a problem, well, bringing in the lawyers wasn’t the solution for Microsoft, and it won’t be the solution for Apple.
This comparison is funny when you consider how hard Apple pushes for no DRM on anything in the iTunes store, which would effectively gut any ability for them to "lock" you to the iPod or iTunes from a content POV.

Mike, the next time you have an article to write, and no good ideas, just tell us about something cute your kids did over the weekend. It'd be better than this tripe.

Technorati Tags: , , , , ,

Categories:     Other, Technology
Posted by John C. Welch at 15:25 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

Deja Vu all over again

So Daring Fireball linked me to a story on pulling our heads out of our asses with regard to HTML support in email. I especially like this part:

So, it's not going anywhere and it's broken. If we can all get past this point together, it's obvious that the best path forward is to work with desktop and web-based email client manufacturers to improve how HTML emails are rendered, not argue amongst ourselves about personal preference.
I must admit, it sounded vaguely familiar to me, like I'd seen another post with the same basic idea...
But I think that if the major email client vendors, such as Microsoft, Qualcomm, Lotus, Apple, Ximian, etc., would get together and create an email subset of HTML...perhaps emHTML? Then you could have a nice, standard, way to have increased formatting in emails without making it an internet version of Word. So I think I shall have to officially get off the “Email must be nothing but ASCII text” train. It's going to happen anyway folks, so how about dealing with it proactively, as opposed to the fingers-in-ears-and-yelling reaction that the 'Net Pharts have to change.
That's right, I had seen it before, because I friggin' wrote about it over three years ago!

Jesus, when does the cool part of "being ahead of my time" kick in? Like the money and the naked adoring young women following me about wherever I go, making my life a living hell until I slink out of sight, unheard of until my untimely demise in a Mexican brothel?

Technorati Tags: ,

Categories:     Network Notes, Other, Technology
Posted by John C. Welch at 01:17 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

May 11, 2007

Sometimes, "Huh?" is all you got

Normally, I tend to ignore lawsuits against Apple, because well, they're lawsuits. I mean, they happen, it's a fact of life, especially for a company like Apple. As well, outside of ones that fall into areas I at least understand, most lawsuits are pretty Byzantine, and I'm not anything close to a lawyer.

But every once in a while you see something that when you read it, makes you actively doubt your sanity. And your sight. Because as you're reading it, you're thinking "I cannot be reading this. I have gone insane, and I am off in Wonderland. Any moment, I shall see an semi-invisible cat." Because that's the only explanation. You're nuts. It's either that or the people making the words you're reading are just...either insane or so clueless as to appear insane. It's Clarkian, in a way.

Take for example, the lawsuit filed by Media Rights Technology, (MRT) against Apple, Adobe, Real, and Microsoft. Now, I've read the press release from MRT's CEO, Hank Risan on this. It's almost incoherent. It starts with a rambling history of the MRT executive's association with the Museum of Musical Instruments, and how they almost got sued by RIAA because a Microsoft update had created a hole in their copy protection. Now, why it was MOMI's fault, (The MOMI web site appears to be defunct, so no point in providing a link) I have no idea. I really cannot see how RIAA would think that MOMI's DRM being circumventable was their fault. But I imagine, that like a lot of people, they realized they didn't have the resources to fight RIAA, so they caved. They then created MRT, a company devoted to solving the Stream Ripping Problem. (First of all, this is a problem? Most of the streams out there have all the quality of Weird Al's first recording studio. Who the hell is spending tons of time saving this stuff?)

Their solution was their X1 Secure Recording Control, prototyped at MRT's Bluebeat.com web site, their slogan, "Digital Radio Done Right". THe release then rambles on about how cool they are, and how evil stream ripping is. No, really, here's a sample:

Soon after, Bianca and I formed Media Rights Technologies (MRT) and assembled a talented team of hardware and software engineers, as well as experts on intellectual property. Our goal was to solve the core Stream Ripping problem in digital media and to limit the copyright infringement liability of content distributors and educational institutions. In 2004, we launched BlueBeat.com, which allowed the Recording Industry to test our X1 Secure Recording Control prototype. By 2006, BlueBeat was granted the first global webcasting license, which included an anti-Stream Ripping provision, from the Phonographic Performance Limited (PPL) in London, so that BlueBeat could further test secure webcasting, even in China. We also launched a popular Mark Twain MySpace profile (http://www.myspace.com/69088237) which demonstrates how media can be enjoyed and traded in a fully DMCA-compliant manner.

In 2001, Cary Sherman, President of the RIAA, shared with me his prediction that the Stream Ripping of performance-based content would significantly impact digital entertainment revenues. Cary was right: according to recent MRT studies, Stream Rippers are growing at the rate of well over 15 million units per month, with over 250 million user downloads in the last few years, costing the entertainment industry $20 to $50 billion annually. The problem has now eclipsed P2P file sharing as the #1 form of digital piracy.


Yes. That's right. Internet Radio Stream Ripping is now the number one form of digital piracy. Who says? Why MRT. Based on real studies. Who did the studies? Why MRT, who else? Here we go 'round the Mulberry Bush, while dropping a lot of aaaac-id

Then we get into stream rippers. First, Hank goes after Microsoft, who, according to him, provide a stream ripper, aka Sound Recorder. In trying to make a case for just how bad Sound Recorder in Vista is, he posts this bit of scatological spew:

Microsoft has even built into the Vista OS a native ripper, called Sound Recorder, which will deaggregate performance-based streams of unlimited duration and convert them into unprotected WMA downloads, easily uploaded onto Zune players. This year, Microsoft's Q1 profit surged 65 percent to $4.93 billion, boosted by sales of Vista, while the Recording Industry's profits have plummeted.

That's right. MICROSOFT and VISTA are to blame for the financial woes of the recording industry. Not bad music, not suckling at the teat of derivative acts like it was manna, not hanging onto a business model that no one agrees with, not foisting no - talent hacks off on the music - buying public. No. Sound Recorder. Are you feeling a bit off yet? Maybe the old mental baseline getting a little wobbly?

It gets...better?

yes, i know, some of you have gone to Bluebeat's web site already and are dying to point out a bit of an issue, but i already know. have patience dear readers, all things at their proper time.

So now, MRT is, according to them, the bestest thing EVAR. Even RIAA agrees, well sort of:

The MRT X1 Recording Control solution has been proven by the RIAA and IFPI to be effective against Stream Ripping, and has been designed for rapid deployment on a RAND basis. RIAA executive Vice President and General Counsel Steven Marks comments, "We do see stream ripping as harmful to the music industry. It's an issue we've brought to the attention of Webcasters, but so far, nothing has been done about it, even though there are technical solutions that do exist. We've encouraged Internet radio companies to speak with MRT because, from what we've seen, it certainly looks like a technical solution."

Now, to me, this is reminiscent of the Crest tagline: "4 out of 5 dentists recommend a toothpaste with fluoride". Of course, the implication is "...just like Crest". To me, this looks like RIAA is saying "Hey, this anti-stream stuff that MRT has is cool, and a solution to the problem, you should think about using it." That's not exactly "OMGWTFKHAAAAAN!!!111, MRT IS TEH B0MBZ0R, U MUST USE THEM!!!11"

But then again, I'm not Hallucinatin' Hank, so, I imagine my foul embrace of logic and lucidity are working against me here.

But then we get to the real crux:

If the Internet Radio Equality Act is to pass, it must include an anti-Stream Ripping provision.

On March 1, 2007, the Copyright Royalty Board (CRB) issued rates for Internet broadcasting covering a period from 2006 to 2010. The CRB rates represent a 30 percent increase per year in royalties retroactive to 2006. The "per performance" rates also include a $500 minimum fee per channel. The basis for the rate hikes was primarily a result of the webcasting community failing to adopt content control technology that would maintain the integrity of the streamed performance. Currently every webcaster, except for BlueBeat.com, allows consumers to Stream Rip entire webcasts, enabling the deaggregation copyrighted content, turning every performance into an acquisition.

Okay, sense is restoring itself. Hank wants money. However, with the current backlash against DRM, spawned in different ways by Sony, Apple, EMI and others, well, I imagine he's not getting a lot of takers. However, if you make it illegal to stream un-DRM'd music, well, then all of a sudden Hank has a different future, and it's spelled $$$$$. This explains why he's such a fan of the PERFORM Act. I mean, after all, why wouldn't he be. Getting the government to force the use of a technology you market is every technology seller's dream. I bet just saying "PERFORM" gives Hank a woody.

But he can't just rag on un-DRM'd streams. Because if all he does is rag on unprotected streams, then he gets the whole we already HAVE DRM, stupid. So he has to deal with that, right? Of course, and he does so by saying "Existing DRM is imperfect, so therefore it is enabling DMCA violations". No, really:

SoundExchange and the Recording Industry argued correctly that their content was vulnerable to copying and redistribution by consumers. This is because webcasters like Clear Channel and Yahoo have failed to provide adequate protection for their copyrighted content, instead using unprotected media solutions created by Adobe, Microsoft, Real Networks and Apple.

This is like saying that because your home security system is imperfect, you encouraged someone to burgle your home.

Ow, my head just went 'splody.

Again, just to be clear, Hank is arguing that imperfect DRM, which from what I can tell, is all DRM that isn't MRT's, enables and encourages copyright violation. Of course, he has to argue that, because if he doesn't, then his lawsuit goes down the toilet. Hank is saying that circumventable DRM, which is, by definition, all of it, is the same thing as encouraging people to violate copyright. So, in Hank's eyes, Apple and everyone who isn't an MRT licensee is actively encouraging and enabling copyright violation. Time for the DMCA C&D letters to go out.

Because it's not just that they aren't adequately protecting streams. No, it's more that they aren't sending large checks to MRT:

MRT and BlueBeat have developed a technological measure which effectively controls access to copyrighted material. That product, the X1 SeCure Recording Control, has been tested by the industry's standards bodies, the RIAA and IFPI, and has been proven effective against stream ripping, while protecting privacy and limiting infringement liability for users, distributors and academic institutions. It has been designed for rapid deployment on a reasonable and non-discriminatory (RAND) basis.

Therefore, Media Rights Technologies (MRT) and BlueBeat.com have issued cease and desist letters to Microsoft, Adobe, Real Networks and Apple with respect to the production or sale of such products as the Vista OS, Adobe Flash Player, Real Player, Apple iTunes and iPod.

MRT asserts Apple, Microsoft, Real and Adobe have produced billions of these products without regard for the DMCA or the rights of American Intellectual Property owners, actively avoiding the use of MRT's technologies. Failure to comply with this demand could result in a federal court injunction to any of the above named parties to cease production or sale of their products and/or the imposition of statutory damages of at least $200 to $2500 for each product distributed or sold.


That's the insane part. It's not that they are pissed that Apple, Microsoft and the rest aren't using "effective" DRM. It's that they aren't MRT customers!

This has nothing to do with "protecting artists" or "preserving intellectual property" or any of the other blowhard verbiage that Hank and the rest are wrapping this in. This is about greed. Hank came up with a product that he figured would be not only a shoo-in, but damned near required by law, and everyone ignored it because it's stupid. This isn't a story about a small company crusading against evil giants, it's about greed on a scale that makes Cortez and Pizarro look like ascetics. The amount of ego and delusion it takes to say "If you aren't using our product you're encouraging theft" beggars the imagination.

Hank Risan and MRT are nothing more than wannabe Robber Barons, and they're so worried that they missed the golden age of DRM that they're trying to create another situation a la AT&T during their halcyon days when the US Government made it illegal to use a different phone system.

There's two really sad points here. First, I can bypass Hank's bullshit DRM with a 1/8" stereo plug on a cable plugged into the sound input on my MacBook Pro. That's right. His entire bullshit is bypassed by fifty cents worth of cheap audio gear. If I spend more money, say five bucks, I can get a really good cable. Will it be a perfect reproduction? No. But it'll be close enough, at least the quality of a cassette recording. Yeah, that analog transition's a bitch, ain't it Hank. (Watch, he'll push to outlaw all analog audio equipment.)

The other sad point is one I alluded to earlier. Hank's big demo site? Bluebeat.com? "Digital Radio Done Right"? Hank's big example of how MRT's X1 SeCure Recording Control can easily be used and rapidly deployed on a reasonable and non-discriminatory basis?

It doesn't work on Macs yet. No, I'm not making it up. From Bluebeat's Hardware and Software Requirements page:

Supported Operating Sytems
Windows XP
Windows 2000
Windows ME
Windows 98 SE
Coming soon for Mac OS X!

I kid you not. It's so easy to use and deploy that the people who make it can't put out a Mac version. "Well, maybe X1 doesn't yet work on Macs" you might say. Well, from MRT's products page:

SeCure X1 Recording Control

Our SeCure X1 recording suppression technology effectively prevents and manages the unauthorized transcoding and redistribution of copyrighted works, providing a comprehensive industry-wide solution that works in tandem with existing technologies. X1 SeCure:
Manages digital recording of computer-based audio playback.
Promotes audio content distribution on the Internet.
Operates on physical media. streaming, or download delivery systems.
Supports Microsoft Windows 98 SE, ME, 2000, XP, and Mac OS 10.3.9 and newer.

So they make it, it runs on Mac OS X, yet they somehow can't manage to get a functional Mac OS X product out on the sight they're using to show how their idea is "Digital Radio Done Right"??? (Yes, I did notice the gaping hole in their supported platforms. Evidently in Hank's fantasy land, Linux doesn't exist, or won't be allowed to listen to streams at all. CRAP!!! I just got a cramp from rolling my eyes too much. OW!

What is this, "South Park" and the Chewbacca Defense? Ladies and Gentleman of the jury, Apple and Microsoft do not use our technology to protect content they don't create or distribute, therefore, they are stealing that continent. Let me say this again, anyone not using our product is a thief. Any other conclusion does not make sense.

I mean, it's almost working, I know my head's about to explode.

But the clincher is the final paragraph in Hallucinatin' Hank's diatribe of dumb:

"Together these four companies are responsible for 98 percent of the media players in the marketplace; CNN, NPR, Clear Channel, MySpace Yahoo and YouTube all use these infringing devices to distribute copyrighted works," states MRT CEO Hank Risan. "We will hold the responsible parties accountable. The time of suing John Doe is over."

No Hank, what is over is the time of small-minded, greedy bullies like you attempting to dictate policy and technology to the world solely to line your pockets. The only thing this lawsuit should generate is a large lump on Hank's skull, from where the judge whacks him with the gavel.

Technorati Tags: , , , , , , , ,

Categories:     Mac Matters, Other, Technology, Windows
Posted by John C. Welch at 23:35 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

April 13, 2007

Apple delays Leopard

And a billion MacMacs jump off a building. This will be seen in time as a good thing.

People get a grip. This isn't like Microsoft's problems with Longhorn/Vista. It's a single delay. Now, if they get close to October, and delay it again? Then you have a problem. But please, one delay in the OS? Oh wait, AppleTV was delayed, OHMYGODWTFKHAAAAAAAAAAAAN!!!!!111

However, to all my IT compatriots continually bitching that Apple doesn't have roadmaps: Now do you see why I say roadmaps are bullshit with perfume? Face it, what good would a Leopard Roadmap have done you as of yesterday?

Not one damned bit.

Stop drinking the Roadmap Flavor-Aid.

Technorati Tags: , , ,

Categories:     Mac Matters, Technology
Posted by John C. Welch at 10:23 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

April 6, 2007

To every one who keeps wanting "killer" features..

Yes, I mean like Le Scoble and his quest for the killer application for the iPhone, which is, by itself a killer application, and all the other people who want "just one more feature" on simple, easy to use things:

Read this and be silent whilst thou contemplates the great wisdom within its words.

Technorati Tags:

Categories:     Other, Technology
Posted by John C. Welch at 09:45 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

February 8, 2007

Gates, William H. Gates, SOOOPER-Genius

So once again, those marketing SOOPER GENIUSES at Microsoft have shown us why Microsoft is known as the marketing and branding powerhouse of the computer world. From Phonenews.com's, Windows Mobile 6 Formally Announced article:

Also Windows Mobile 6 marks a significant change in branding, meant to better identify the devices. PDA devices that do not include a phone are now Windows Mobile Classic devices. Smartphones will now be referred to as Windows Mobile Standard devices. Phone Edition will now be titled Windows Mobile Professional. Microsoft hopes that by having Standard, Classic, and Professional devices and versions, that users will be able to better identify compatible software.

Yeah, because more names for what people think of as the same thing always helps. Look at the glass-like clarity that Vista's six or so SKUs have brought us.

Of course it is an improvement on what Billy H. thought: (Side Note: I am now picturing Gates with some big round white helmet ala "Spaceballs".)

PhoneNews.com asked Bill Gates about the naming scheme of Windows Mobile at the Treo 700w announcement, and he responded that he did not see a need for such changes. He stated that he "didn't see (the now-older naming situation of PDA, Phone Edition, and Smartphone) as having any form of conflict.

That Bill. Always on top of what normal people think.

Technorati Tags: , ,

Categories:     Technology, Windows
Posted by John C. Welch at 07:01 | Permalink

©2003-until I'm fucking dead and then some. you steal my shit, and I will fuck with you like you were a lonely shepherd's slowest sheep.


Comments ()

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.
digital.forest Where Internet solutions grow

There, a PayPal Button.

Bing
About the Author
How I do stuff on this site
Family
The Artwork of Melissa Findley
Diane Francis @ the National Post Eric Francis @ the Calgary Sun

BUY MY BOOK! BUY MY BOOK!
Non-DRM eBook PDF:
Get it direct from Peachpit!

Kindle Version:


Dead Tree Version:


Apple Amazon Links
Mac OS X Server 10.6 Snow Leopard

Mac OS X 10.6 Snow Leopard

Mac OS X 10.6 Snow Leopard Family Pack (5-User)

Amazon Book Links
Legacy of Ashes: The History of the CIA

The Donnas: Bitchin'

Wizards at War (The Young Wizards, Book 8)

The Demon's Sermon on the Martial Arts

The Collected Stories of Arthur C. Clarke

JavaScript and Ajax for the Web, Sixth Edition

Awakening Warrior: Revolution in the Ethics of Warfare

FOB Links

Mac Web Writers

Techie Links

Review Victims