Search Results

Search found 5084 results on 204 pages for 'policy routing'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 127/204 | < Previous Page | 123 124 125 126 127 128 129 130 131 132 133 134  | Next Page >

  • DNS Round-robin failover and load balancing

    - by Tom O'Connor
    Having read all of the questions and answers (1 2 3 and so on) on here relating to DNS load balancing, and Round-robin DNS, there's still a number of unanswered questions.. Large companies, and I'm looking at Google, Facebook and Twitter here, do present multiple A records. 1) If DNS loadbalancing/failover is so dodgy, why do large organisations do it? There seems to be very little mention of "DNS Pinning", despite this (PDF) paper about it. 2) Why is DNS Pinning so seldom mentioned? 3) Are there any concrete examples of which ISPs and so on actually do rewrite DNS TTLs? That said, I'm not entirely backing the side for using DNS for failover or any form of load balancing. For most networks, BGP diverse routing still seems to be a better fit. DNS rears it's ugly head again. :(

    Read the article

  • ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

    - by Jeremy H.
    I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

    Read the article

  • How do I install a CentOS 5.5 in Xenserver?

    - by deweller
    When I try to install CentOS 5.5 in a new VM, I get an error that the installer is unable to retrieve stage2.img. I have verified the URL and I am able to download this file from a web browser. I suspect it is a networking/routing issue, but I can't figure out what is wrong. This is a new install of XenServer 5.6 on a new server. This server is remote, so I don't have physical access to the box - only ssh access. Can anyone give me some tips on what might be wrong here? Do I need to do something special to get a net install to work? For what its worth, I see the same error trying to install Debian Woody using a similar process. Thanks.

    Read the article

  • Question regarding the SELinux type enforcement file

    - by Luke Bibby
    In my SElinux te file, I define two new types called voice_t and data_t which certain directories will be classified in the fc file (/data/ will be of type data_t and /voice/ will be of type voice_t). I would like the one SELinux policy to be used for all servers in my network, but, some servers will log VoIP data and other servers will be used to log IP data. I only want the voice_t type to be defined on some servers and data_t to be defined on the others - is this possible? I have tried using an if statement with a boolean expression, and then defining the type when the condition is true but this does not seem to work (it tells me there is a syntax error at 'type data_t'' or 'type voice_t;'). Example: if (data_logger) { type data_t; } else { type voice_t; } Any help would be greatly appreciated. Cheers, Luke

    Read the article

  • ECMP Load Balancing in JUNOS

    - by SpacemanSpiff
    I'm trying to figure out how to use ECMP load balancing in JUNOS. I know this isn't the best way to load balance, but its quick and dirty and gets done what I need to. In ScreenOS this was pretty easy. Device: SRX220 JunOS: 10.3R2.11 Here's what I've got so far: routing-options { static { route 0.0.0.0/0 { next-hop [ 1.1.1.1 1.1.1.2 ]; metric 10; } } maximum-paths 2; Will that do it? Tom

    Read the article

  • BIND authoritative name server: SERVFAIL?

    - by Luca Tettamanti
    I have a BIND 9.6 instance that acts as a caching NS for the whole building and is also authoritative for an internal zone ("example" below): zone "example" { type master; file "example"; update-policy { grant dhcp-update subdomain example. A TXT; }; }; Due to a rogue switch we lost connectivity with the rest of the world, and the NS started answering SERVFAIL; what surprised me was that the server was also unable to respond to queries for the example domain. What is the reason of this behavior? Shouldn't the NS be able to answer since it has authoritative data? edit: The rest of the configuration is the standard one shipped with Debian: hints for the root servers and the zones for localhost and broadcast.

    Read the article

  • Printer Management in AD Domain

    - by Untalented
    Hello, I normally push out all my printers via group policy preferences. However, the new copy machines I have are using some stranger drivers and I can not install x64/x86 drivers on the same machine for my clients to pull drivers from. So now I have two machines setup with the printer so they can pull drivers. Ontop of this there is specific driver configuration settings such as requiring the user to enter an access code to print set. Once the printer is installed via GPP, it puts everything to the default such as color mode, and other custom settings we like. I considered just using a Windows Print Server for this, but I do not know a way to push/delete these from clients like I can with GPP. Does anyone know how I can have a GPP copy the custom configuration I have set in the driver or have any recommendations?

    Read the article

  • SMTP server on Win2008, SPF ecc

    - by Ronnie
    I want be able to send outgoing email from my website. I want to setup Win2008 smtp to be able to send them respecting all the spam rules. My checklist is: the smtp should be able to accept outgoing email only from internal sites: I will limit it to relay only 127.0.0.1 is this correct? it should have set SPF, DKIM and all the policy avaiable to not be marked as spam: how you would configure it for the internal SMTP? Should I use another kind of server like hMail server? I should be able to send like 30 email from each user session on the website without obliging the user to wait that the email is effectivly sent (I thought to save it on a folder and then use a batch to send them asynchronously). What are my options? What other steps would you add to be sure that the outgoing email is not marked as spam?

    Read the article

  • Fortigate - Accessing a Virtual Server address from several interfaces

    - by Jeremy G
    I am setting up a new application in its own DMZ on our Fortigate 300C firewalls. I have defined a load-balancing configuration for part of the application, and this works fine for traffic coming in from our internal network. However, I would also like this application to be reachable from other DMZs, for inter-application traffic, and from the SSL VPN interface. I can't seem to define the required policy, and it seems this is due to Virtual Servers being bound to the client interface on the Fortigate rather than the server interface (and so my virtual IP is not accessible from any of these other interfaces) Does anyone have an idea how I might go about this ? I guess I could create other virtual IPs for each interface, but this gets complicated to handle as clients need to change the address they use depending on how they are connecting. Thanks, Jeremy G

    Read the article

  • Linux networking "jail" for a single process

    - by halp
    I need to tune up a networking app for network specific things like: make it use a DNS server different than the default one from /etc/resolv.conf make sure it does not try to connect to certain hosts/ports using tcp/udp connections I know I can get away with just modifying /etc/resolv.conf and writing some iptables rules, but going for a default DENY firewall policy for outgoing IP packets can trigger malfunctions in other services running on the server. I know I can set up a virtual machine with a whole OS and run my app there, but it seems a bit overkill. Is it possible to have a networking "jail" for a single app (think single Linux process) that could accept iptables-like rules for network traffic (think in terms of IP packets and above) allowed to and from this particular app? Maybe this is achievable through some dynamically loaded library that can deal with the networking layer, the same manner tsocks does, but more fine-grained?

    Read the article

  • Wireless clients have no route to ethernet clients in OpenWrt router

    - by superjoe30
    I'm using OpenWrt Kamikaze 8.09 on a Linksys WRT54g v1.1 router. I just flashed it with default settings and got everything working, except my wireless laptop cannot ping my desktop which is wired to the router. What can I do to fix this? (My desktop can ping other desktops wired to the router) My routing table: config 'defaults' option 'syn_flood' '1' option 'input' 'ACCEPT' option 'output' 'ACCEPT' option 'forward' 'REJECT' config 'zone' option 'name' 'lan' option 'input' 'ACCEPT' option 'output' 'ACCEPT' option 'forward' 'REJECT' config 'zone' option 'name' 'wan' option 'input' 'REJECT' option 'output' 'ACCEPT' option 'forward' 'REJECT' option 'masq' '1' config 'forwarding' option 'src' 'lan' option 'dest' 'wan' option 'mtu_fix' '1' config 'redirect' option 'src' 'wan' option '_name' 'ssh' option 'proto' 'tcp' option 'src_dport' '22' option 'dest_ip' '192.168.1.100' option 'dest_port' '22' config 'redirect' option 'src' 'wan' option '_name' 'http' option 'proto' 'tcp' option 'src_dport' '8888' option 'dest_ip' '192.168.1.100' option 'dest_port' '8888'

    Read the article

  • What are the best practices for service accounts?

    - by LockeCJ
    We're running several services in our company using a shared domain account. Unfortunately, the credentials for this account are widely distributed and being used frequently for both service and non-service purposes. This has led to a situation where it is possible that the services will be temporarily down due to this shared account being locked. Obviously, this situation needs to change. The plan is to change the services to run under a new account, but I don't think this goes far enough, as that account is subject to the same locking policy. My questions is this: Should we be setting up the service accounts differently than other domain accounts, and if we do, how do we manage those accounts. Please keep in mind that we are running a 2003 domain, and upgrading the domain controller is not a viable solution in the near term.

    Read the article

  • How can I expire non-active sessions on my Netscreen SSG140?

    - by David Mackintosh
    I have a Juniper Netscreen SSG-140. While experimenting with a VoIP service, I defined a custom policy that was to be used to permit the possible ports in use to be sent back to the VoIP server from systems connecting across the internet. Because I'd had problems in the past with VoIP systems getting broken when their UDP sessions were expired out faster than their keep-alives were generated, I set the timeout on this custom service to be 'never'. After much experimentation, I happened to notice that my session count on the firewall has grown from a couple thousand to over 36000. After discussion with the VoIP "expert", I set the timeout to be 30 minutes; however, all the sessions set up during the experimentation process are still there, more than 3 days later. Is there a way I can force these old sessions to get expired and removed from the session table, or am I looking at resetting my firewall? (Both firewalls, actually -- they are in a cluster.)

    Read the article

  • Sonicwall networking

    - by Syed
    My Sonicwall LAN subnet is 192.168.1.0/24 X0: LAN IP 192.168.1.253 I also have intranet router 192.168.1.108 routing to 192.168.2.0/24 network. Internet is through WAN (X1) is all working fine. My LAN PC's can connect to intranet 192.168.2.0/24 via static route from LANsubnet to 192.168.2.0/24 as 192.168.1.108 as gateway. Now I have LAN2 10.2.1.254 (10.2.1.0/24)on X4 port. I can access Internet from LAN2, now I want to allow intranet from LAN2. What static routes do I need to make this work?

    Read the article

  • Unable to authenticate Windows XP clients agains Snow Leopard Server PDC after 10.6.2 upgrade

    - by Roland
    I have setup a Snow Leopard Server 10.6.1 as a PDC without problems to authenticate Windows XP clients. Joining a Windows XP client to the SLS PDC Domain and log in from a Windows XP client to the SLS PDC Domain are working. After the update to Snow Leopard Server 10.6.2 the authentication is broken. opendirectory_smb_pwd_check_ntlmv1 gave -14090 [eDSAuthFailed] By changing the Windows XP "Network security: LAN Manager authentication level" policy to NTVLM2 responses only the authentication agains a SMB share is possible, but trying to join SLS PDC Domain is still not possible. opendirectory_smb_pwd_check_ntlmv2 gave -14090 [eDSAuthFailed] Any ideas? Is anyone else having similar authentication difficulties?

    Read the article

  • How do I stop IIS from sending minutely GET requests to my proxied mongrel server?

    - by brad
    I have a rails application running on Windows Server 2008 running IIS7.5. I am using Application Request Routing to send requests to the Mongrel server via IIS (I didn't want to set it up like this but this was the environment I have been forced to use). IIS seems to send a GET request to the Mongrel server once every minute. This is not a huge deal but it does cause a lot of pollution in my logs and also creates a large amount of unwanted session data. I would really like to stop it from doing this. Is there a way?

    Read the article

  • Transfer VLAN tagged packets over WLAN?

    - by stefan.at.wpf
    I have the following composition of devices: [selfmade router] - ethernet - [WLAN router 1] ----- wlan ------ [WLAN router 2] WLAN router 2 has 5 ethernet ports, each as an own VLAN, so 5 VLANs. I want to manage the routing and firewalling between those VLANs at selfmade router. What technique would I use to pass the tagged vlan packets from WLAN router 2 to selfmade router? Could I use a bridge from WLAN router 2 to WLAN router 1 which itself has a bridge from WLAN router 1 to selfmade router or do I have a wrong understanding of a bridge? Thanks for any hint on this :-)

    Read the article

  • Ethernet interface number changed, and old one does not exist, but does not leave IP address

    - by Sagar
    I have a virtual machine with Mandriva 2007.0 (yes, old - unfortunately we do not have a choice here). Anyway, the problem: Before reboot: active network interface = eth0. No other interfaces present, and network manager confirms this. Static IP address set to 172.31.2.22. No issues, everything working properly, routing et al. -------Reboot--------- After reboot: active network interface = eth1, with a DHCP address. Network manager shows eth0 as disconnected, and not connectable. When I try to set eth1 up with the static IP address (same one), it says "In Use". I then tried ifconfig eth0 172.31.2.29 just to free it up from the eth0 interface so I could use it with eth1 (since this is connected). Result: ifconfig eth0 172.31.2.29 SIOCSIFADDR: No such device eth0: unknown interface: No such device Nothing else changed. Any ideas what could be happening, or at least how I can get my IP address back?

    Read the article

  • Cant route VLAN over VPN between Cisco ASA 5505 and Cisco 870

    - by user60984
    We've had an existing VPN between a 5505 and 870 for some time. We've just added VLANs to the network on the 5505 side. We can't seem to figure out how to get devices on the VLANs to communicate with devices on the 870 network which have no VLANs. We're thinking we might have to use a router of sorts to handle the routing before hitting the ASA. We thought PFsense might work well. We've been banging our heads against this thing for 2 days so any immediate help would be great. We're up against a deadline. Thanks!!!

    Read the article

  • iproute2 rules and iptables NAT... what is the difference?

    - by Jakobud
    We have 2 different ISP connections. Our previous "IT guy" setup our firewall like so: When /etc/rc.local was executed on startup, it did a bunch of ip rule add and ip route add commands in order to route certain internal hosts to use certain ISP connections. Then at the end of /etc/rc.local, he executed our iptables firewall rules that were generated by Firewall Builder. These iptables rules have both Policy and NAT rules setup in them. What I don't understand, is why did he use iproute2 to specify rules and routes but also specify NAT rules for iptables? Why didn't he just do it all in one or the other instead of using them both? Could he have got rid of the iproute2 rules and routes and just put all those same rules into the iptables NAT settings?

    Read the article

  • Bonjour/mDNS Broadcast across subnets

    - by Matthew Savage
    I have just setup a new OSX Server in our office and verified that everything is working fine over our wired network (192.168.126.0/24). The problem that I am having is that our clients (Mac Laptops) are mainly connected via Wireless, which are running on a different subnet (192.168.1.0/24), and the mDNS Broadcast isn't reaching this subnet. The network configuration is somewhat foreign to myself (I don't manage the network in this location, but as of just recently the servers), however I don't believe there is any firewalls or routing rules between the two subnets which might cause the traffic to be rejected. I'm wondering if this is simply the mDNS broadcast not able to broadcast over the two different subnets (I'm still reading up on broadcast to understand it more) or there is something else which I might be able to try.

    Read the article

  • Nt4.0 Printer Driver not compatible with Vista?

    - by PhillC
    I've got a Brother Fax-8360P printer that has a standard printer port so it can be connected to my WindowsXP machine. I've found some drivers on the net that work and it is a pretty decent laser printer. However, when I try and connect up to it from my Vista machine over the network, it tells me that "The printer driver is not compatible with a policy enabled on your computer that blocks NT4.0 drivers". Main question - is it possible to alter this so that my Vista machine will allow me to print via the network. Secondary question - does anyone know of any generic driver that will work instead?

    Read the article

  • ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

    - by Jeremy H.
    I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

    Read the article

  • Problems with login scripts on Terminal Server 2008

    - by discovery
    We are having issues with login scripts not running on Windows 2008 Terminal Server. This is a brand new implementation and they have never worked. The test user in question doesn't have any problems running login scripts on their workstation. I have tried logging into the server directly with their account, but still no scripts run. I have setup a test account with Domain Admins rights in the same OU as theirs and the scripts don't run. I can manually run the scripts from the SYSVOL\somedomain.com\Policies folder and they run fine. The Terminal 2008 Server is in a mixed 2003/2008 domain. The user can run the gpupdate on the server without error. I have also run the Group Policy Results for this user and the terminal server and everything looks good, no errors. Any suggestions?

    Read the article

  • How to fix? => Your system administrator does not allow the user of saved credentials to log on to the remote computer

    - by Pure.Krome
    At our office, any of our Windows 7 Clients get this error message when we try and RDP to a remote W2K8 Server outside of the office :- Your system administrator does not allow the user of saved credentials to log on to the remote computer XXX because its identity is not fully verified. Please enter new credentials A quick google search leads to some posts they all suggest I edit group policy, etc. I'm under the impression, that the common fix for this, is to follow those instructions -per Windows7 machine-. Ack :( Is there anyway I can do something via our office Active Directory .. which auto updates all Windows 7 clients in the office LAN?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 123 124 125 126 127 128 129 130 131 132 133 134  | Next Page >