Search Results

Search found 3489 results on 140 pages for 'tcp'.

Page 130/140 | < Previous Page | 126 127 128 129 130 131 132 133 134 135 136 137  | Next Page >

• Ubuntu with KVM guest VM and broken bridges

  - by MadPsy

  I have an Ubuntu box with a KVM guest VM running. They use bridging so the guest VM attaches to the physical network of its host. The guest VM has 2 NICs in 2 different bridges. First NIC of the VM is tap5 and is in bridge br0 br0 8000.46720f5c572e no eth0.500 tap5 Second NIC of the VM is tap2 and is in bridge br100 br100 8000.76ad2fc96661 no eth0.100 eth0.101 eth0.103 eth0.104 eth0.105 tap2 On the host, br0 has an IP and br100 does not 21: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 46:72:0f:5c:57:2e brd ff:ff:ff:ff:ff:ff inet 192.168.100.4/24 brd 192.168.10.255 scope global br0 inet6 fe80::d6ae:52ff:febe:777/64 scope link valid_lft forever preferred_lft forever On the guest, its eth0 and eth1 interfaces both have IP addresses 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:3e:61:fb:7a:da brd ff:ff:ff:ff:ff:ff inet 192.168.100.6/24 brd 192.168.100.255 scope global eth0 inet6 fe80::23e:61ff:fefb:7ada/64 scope link valid_lft forever preferred_lft forever 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:3e:61:fb:7a:ea brd ff:ff:ff:ff:ff:ff inet 172.16.50.129/25 brd 172.16.50.255 scope global eth1 inet6 fe80::23e:61ff:fefb:7aea/64 scope link valid_lft forever preferred_lft forever On the guest VM, a tcpdump of its eth1 interface (tap2) shows traffic from its eth0 interface (tap5), as if the 2 bridges are themselves bridged. This means any interface on br100 is now bridged across to br0 - which is completely broken. root@chillispot:~# tcpdump -c 1 -n -v -i eth1 net 192.168.100.0/24 tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes 16:31:24.175583 IP (tos 0x0, ttl 64, id 48054, offset 0, flags [DF], proto TCP (6), length 148) 192.168.100.6.22 > 192.168.100.4.59505: Flags [P.], cksum 0x6c2b (correct), seq 1056321648:1056321744, ack 398642983, win 1700, options [nop,nop,TS val 197473436 ecr 200655363], length 96 What could be bridging the 2 bridges, except the guest VM (which is a stock Ubuntu install)? I am at a complete loss! Thanks.

  Read the article

• load-causing processes disappearing from "top" ps -o pcpu shows bogus numbers

  - by Alec Matusis

  I administer a large number of servers, and I have this problem only with Ubuntu 10.04 LTS: I run a server under normal load (say load average 3.0 on an 8-core server). The "top" command shows processes taking certain % of CPU that cause this load average: say PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 11008 mysql 20 0 25.9g 22g 5496 S 67 76.0 643539:38 mysqld ps -o pcpu,pid -p11008 %CPU PID 53.1 11008 , everything is consistent. The all of the sudden, the process causing the load average disappears from "top", but the process continues to run normally (albeit with a slight performance decrease), and the system load average becomes somewhat higher. The output of ps -o pcpu becomes bogus: # ps -o pcpu,pid -p11008 %CPU PID 317910278 1587 This happened to at least 5 different severs (different brand new IBM System X hardware), each running different software: one httpd 2.2, one mysqld 5.1, and one Twisted Python TCP servers. Each time the kernel was between 2.6.32-32-server and 2.6.32-40-server. I updated some machines to 2.6.32-41-server, and it has not happened on those yet, but the bug is rare (once every 60 days or so). This is from an affected machine: top - 10:39:06 up 73 days, 17:57, 3 users, load average: 6.62, 5.60, 5.34 Tasks: 207 total, 2 running, 205 sleeping, 0 stopped, 0 zombie Cpu(s): 11.4%us, 18.0%sy, 0.0%ni, 66.3%id, 4.3%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 74341464k total, 71985004k used, 2356460k free, 236456k buffers Swap: 3906552k total, 328k used, 3906224k free, 24838212k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 805 root 20 0 0 0 0 S 3 0.0 1493:09 fct0-worker 982 root 20 0 0 0 0 S 1 0.0 111:35.05 fioa-data-groom 914 root 20 0 0 0 0 S 0 0.0 884:42.71 fct1-worker 1068 root 20 0 19364 1496 1060 R 0 0.0 0:00.02 top Nothing causing high load is showing on top, but I have two highly loaded mysqld instances on it, that suddenly show crazy %CPU: #ps -o pcpu,pid,cmd -p1587 %CPU PID CMD 317713124 1587 /nail/encap/mysql-5.1.60/libexec/mysqld and #ps -o pcpu,pid,cmd -p1624 %CPU PID CMD 2802 1624 /nail/encap/mysql-5.1.60/libexec/mysqld Here are the numbers from # cat /proc/1587/stat 1587 (mysqld) S 1212 1088 1088 0 -1 4202752 14307313 0 162 0 85773299069 4611685932654088833 0 0 20 0 52 0 3549 27255418880 5483524 18446744073709551615 4194304 11111617 140733749236976 140733749235984 8858659 0 552967 4102 26345 18446744073709551615 0 0 17 5 0 0 0 0 0 the 14th and 15th numbers according to man proc are supposed to be utime %lu Amount of time that this process has been scheduled in user mode, measured in clock ticks (divide by sysconf(_SC_CLK_TCK). This includes guest time, guest_time (time spent running a virtual CPU, see below), so that applications that are not aware of the guest time field do not lose that time from their calculations. stime %lu Amount of time that this process has been scheduled in kernel mode, measured in clock ticks (divide by sysconf(_SC_CLK_TCK). On a normal server, these numbers are advancing, every time I check the /proc/PID/stat. On a buggy server, these numbers are stuck at a ridiculously high value like 4611685932654088833, and it's not changing. Has anyone encountered this bug?

  Read the article

• SSH Socks Proxy wiith iptables REDIRECT

  - by Radium

  I have googled and haven`t found the answer on my question. Help me please. There are two servers: serverA with public IP 12.0.0.10 and an private IP 10.0.0.5 serverB with public IP 20.0.0.11 I have setup SOCKS proxy on serverB to serverA: ssh -D20.0.0.11:2222 [email protected] So when on my local machine in a browser i specify SOCKS proxy 20.0.0.11:2222 (serverB:2222) as external IP while browsing i get 12.0.0.10 (serverA IP). That is ok. As well if i go onto http://10.0.0.5 (serverA private IP) it is also reachable. That is what i need. I want to make servers A private IP to be available through servers B public IP on certain ports but without specifying SOCKS in my browser. I could use ssh port forward but the problem is - i need to forward many ports and do not know which exactly - i know only the range. So when i connect to 20.0.0.11 to any port , for example, from 3000:4000 range, i want that traffic to be redirected to 10.0.0.5 on the same port. That is why i`ve decided maybe SOCKS proxy via SSH and iptables REDIRECT could help me. Client - serverBPublicIP (any port from range 3000:4000) - serverAPublicIP - serverAPrivateIP (the port was requested on serverBPublicIP) On serverB i do: ssh -D20.0.0.11:2222 [email protected] iptables -t nat -A PREROUTING -d 20.0.0.11 -p tcp --dport 3000:4000 -j REDIRECT --to-port 2222 But that does not work - when i telnet on 20.0.0.11:3001 for example i do not see any proxied traffic on the serverA. What should i do else? I have tried tcpsocks like this (in example i am telneting to 20.0.0.11:3001) Client -> 20.0.0.11:3001 -> iptables REDIRECT from 3001 --to-port 1111 -> tcpsocks from 1111 to 2222 -> SOCKS proxy from serverB to serverA on port 2222 -> serverA But i do not know what to do with the traffic on serverA. How to route it to its private IP. Help me please. I know, VPN removes all the hell i am trying to create, but i have no ability to use tun/tap device. It is disabled.

  Read the article

• Pxe net install Centos with Static IP

  - by Stu2000

  I seem to be unable to perform a kickstart installation of centos5.8 with a netinstall. It correctly gets into the text installer, but keeps sending out a request for the dhcp server and failing. I have tried to manually set the IP everywhere. Here is my pxelinux.cfg file DEFAULT menu PROMPT 0 MENU TITLE Ubuntu MAAS TIMEOUT 200 TOTALTIMEOUT 6000 ONTIMEOUT local LABEL centos5.8-net kernel /images/centos5.8-net/vmlinuz MENU LABEL centos5.8-net append initrd=/images/centos5.8-net/initrd.img ip=192.168.1.163 netmask=255.255.255.0 hostname=client101 gateway=192.168.1.1 ksdevice=eth0 dns=8.8.8.8 ks=http://192.168.1.125/cblr/svc/op/ks/profile/centos5.8-net MENU end and here is my kickstart file: # Kickstart file for a very basic Centos 5.8 system # Assigns the server ip: 192.211.48.163 # DNS 8.8.8.8, 8.8.4.4 # London TZ install url --url http://mirror.centos.org/centos-5/5.8/os/i386 lang en_US.UTF-8 keyboard us network --device=eth0 --bootproto=static --ip=192.168.1.163 --netmask=255.255.255.0 --gateway=192.168.1.1 --nameserver=8.8.8.8,8.8.4.4 --hostname=client1-server --onboot=on rootpw --iscrypted $1$Snrd2bB6$CuD/07AX2r/lHgVTPZyAz/ firewall --enabled --port=22:tcp authconfig --enableshadow --enablemd5 selinux --enforcing timezone --utc Europe/London bootloader --location=mbr --driveorder=xvda --append="console=xvc0" # The following is the partition information you requested # Note that any partitions you deleted are not expressed # here so unless you clear all partitions first, this is # not guaranteed to work part /boot --fstype ext3 --size=100 --ondisk=xvda part pv.2 --size=0 --grow --ondisk=xvda volgroup VolGroup00 --pesize=32768 pv.2 logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00 --size=528 --grow --maxsize=1056 logvol / --fstype ext3 --name=LogVol00 --vgname=VolGroup00 --size=1024 --grow %packages @base @core @dialup @editors @text-internet keyutils iscsi-initiator-utils trousers bridge-utils fipscheck device-mapper-multipath sgpio emacs Here is my dhcp file: ddns-update-style interim; allow booting; allow bootp; ignore client-updates; set vendorclass = option vendor-class-identifier; subnet 192.168.1.0 netmask 255.255.255.0 { host tower { hardware ethernet 50:E5:49:18:D5:C6; fixed-address 192.168.1.163; option routers 192.168.1.1; option domain-name-servers 8.8.8.8,8.8.4.4; option subnet-mask 255.255.255.0; filename "/pxelinux.0"; default-lease-time 21600; max-lease-time 43200; next-server 192.168.1.125; } } Is it impossible to prevent it asking for a dynamic ip before trying to install from the net? Perhaps there is an error in of my files? My dhcp server is set to ignore client-updates, and is set to only works with one mac address whilst testing.

  Read the article

• Unable to locate Windows Server Error log files

  - by Sam007

  I am getting an error in my application on 500 Internal Server Error. The firebug gives me, NetworkError: 500 Internal Server Error - http://webgis.arizona.edu/ArcGIS/rest/services/webGIS/Shock_Models/GPServer/Income_Log/jobs/jc09c501156564f71abc5d98393581267/results/final_shp?dpi=96&transparent=true&format=png8&imageSR=102100&f=image&bbox=%7B%22xmin%22%3A-14519891.438356264%2C%22ymin%22%3A637618.0139790997%2C%22xmax%22%3A-6692739.741956295%2C%22ymax%22%3A6507981.786279075%2C%22spatialReference%22%3A%7B%22wkid%22%3A102100%7D%7D&bboxSR=102100&size=800%2C600 And when I goto that particular link, I get this error, Server Error - Object reference not set to an instance of an object. Any idea how I can correct it? UPDATE I was told to use fiddler and see the error details that is occurring over the network and this is the output that I got, SESSION STATE: Done. Response Entity Size: 849 bytes. == FLAGS ================== BitFlags: [ClientPipeReused, ServerPipeReused] 0x18 X-CLIENTPORT: 2010 X-RESPONSEBODYTRANSFERLENGTH: 849 X-EGRESSPORT: 2023 X-HOSTIP: 128.196.53.161 X-PROCESSINFO: firefox:2248 X-CLIENTIP: 127.0.0.1 X-SERVERSOCKET: REUSE ServerPipe#2 == TIMING INFO ============ ClientConnected: 15:53:51.383 ClientBeginRequest: 15:53:51.494 GotRequestHeaders: 15:53:51.494 ClientDoneRequest: 15:53:51.494 Determine Gateway: 0ms DNS Lookup: 0ms TCP/IP Connect: 0ms HTTPS Handshake: 0ms ServerConnected: 15:52:45.077 FiddlerBeginRequest: 15:53:51.495 ServerGotRequest: 15:53:51.495 ServerBeginResponse: 15:53:51.679 GotResponseHeaders: 15:53:51.679 ServerDoneResponse: 15:53:51.679 ClientBeginResponse: 15:53:51.679 ClientDoneResponse: 15:53:51.679 Overall Elapsed: 00:00:00.1850106 The response was buffered before delivery to the client. == WININET CACHE INFO ============ This URL is not present in the WinINET cache. [Code: 2] * Note: Data above shows WinINET's current cache state, not the state at the time of the request. * Note: Data above shows WinINET's Medium Integrity (non-Protected Mode) cache only. But I am still confused as to what the error is? This is the application. I am not sure if the error is due to the ArcGIS-Server or the Windows Server 2008. I am new on working with the Windows Server and wanted to know where can I look for the error lof files? This is the link which gives the details and the log info of the job executed. This is the output.

  Read the article

• isa 2004 - banned site rule cause slow internet

  - by Holian

  Hi Gods, We have windows server 2003 with isa 2004. Our clients uses internet with proxy. We have two isa rule: order name action protocolls from/listener to condition 1. trafic ALLOW all outbound all networks all networks all users 2. FTP ALLOW FTP Server EXTERNAL/INTERNAL/Local host 10.1.1.1 So we have to "bann" a few webpage (like facebook, youtube...etc...), so we make a new rule 0. banned DENY HTTP internal denied pages all users In the denied pages we have the *.facebook.com domain set. After we enable this rule, the entire internet slows down. The banning rule works well, redirect to an internal site, but the other sites.... If i open a page..it normally takes 3-10 sec to load, but after this rule this time is: 2-4 minutes. In the monitor / logging menu we got a few FAILED CONNECTION ATTEMPT like: Log type: Web Proxy (Forward) Status: 304 Not Modified Rule: All local traffic Source: Internal ( 10.1.1.1:0 ) Destination: External ( 172.24.28.22:3128 ) Request: GET http://www.konyvelozona.hu/wp-content/uploads/nyugdijas-holgy-2.jpg Filter information: Req ID: 17270b72 Protocol: http User: anonymous Additional information Client agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.3072... Object source: Verified Cache Processing time: 9047 Cache info: 0x18801002 MIME type: - In the event log we got a few log: Description: The Web Proxy filter failed to bind its socket to 10.1.1.1 port 80. This may have been caused by another service that is already using the same port or by a network adapter that is not functional. To resolve this issue, restart the Microsoft Firewall service. The error code specified in the data area of the event properties indicates the cause of the failure. The failure is due to error: 0x8007271d The Web Proxy filter failed to bind its socket to 127.0.0.1 port 80. This may have been caused by another service that is already using the same port or by a network adapter that is not functional. To resolve this issue, restart the Microsoft Firewall service. The error code specified in the data area of the event properties indicates the cause of the failure. The failure is due to error: 0x8007271d If i tpye: netstat -o -n -a | findstr 0.0:80 then i got, tcp 0.0.0.0:80 0.0.0.0:0 LISTEN 4 udp 0.0.0.0:8031 *.* 2780 udp 0.0.0.0:8082 *.* 2780 Some month ago we installed XMAP, but now we only use mysql. Apache service stopped. In the Xamp port check menu i see: Service POrt Status Apache (http) 80 Process: System Maybee this is the problem? I dont know what should i do now... Thank you folks.

  Read the article

• Transient network dropout for Xen DomU's

  - by Stephen C

  We've got a CentOS server running a cluster of virtuals. Occasionally the cluster's internal network drops out for a minute or so ... and then comes back. The problem is somehow related to the actual network traffic, but it is not a simple load issue. (The system is generally lightly loaded, and the problem occurs irrespective of actual load.) The setup: CentOS 5.6 on Dom0, various CentOS on the DomU's Hardware - a Dell R710 with a BroadCom NextXpress 2 NIC (sigh) using the latest drivers for the NIC from BroadCom Xen configured to use network-bridge and vif-bridge Some iptable tweaks to route an unrelated port to one of the virtuals. The system has one externally visible IP address, and Dom0 runs an Apache httpd configured with a number of virtual hosts each of which reverse proxies to web servers running on the virtuals. (The virtuals have to be NAT'ed, primarily because we don't have enough allocated public IP addresses.) The symptoms: Works fine most of the time. When someone tries to UPLOAD a large file to one virtuals, the internal network drops out ... for all virtuals: The Dom0 httpd sees a network timeout talking to the backend server on the virtual and reports a 502. A previously established ssh connection from Dom0 to any of the DomU's freezes. Our monitoring shows ping failures for traffic between virtuals. The Xen consoles to the DomU's do not freeze. No log messages in any log files that I can see, on either Dom0 or the DomU's ... apart from the Dom0 httpd logs. After a minute or so, the problem clears by itself. This is 100% reproducible. What we've tried: Downloading, building and installing the latest BNX2 driver on Dom0 Turning off MSI on the NIC - adding "options bnx2 disable_msi=1" to /etc/modprobe.conf Turning off tcp segmentation offload - "ethtool -K eth0 tso off". Sacrificing a black rooster at midnight. I've exhausted all my options apart from switching to KVM ... or slaughtering more roosters. Any suggestions?

  Read the article

• NGiNX performance degrades over time.

  - by Rylea Stark

  So here's the situation, I run a small cluster, Dedicated box for MySQL, and a dedicated PHP-FPM/NGINX box, Nginx talks to php-fpm via socket, As far as i can tell the problem does not lie in php-fpm, it lies somewhere in my configuration. What happens, is the site loads instant for a few moments after starting and slowly starts to degrade to load times of greater than 2 seconds, eventually taking 12 seconds to complete a load, PHP is configured to close a child after 175 requests, and spawn 20 at start and have a max of 60. Not really sure where the bottle neck is, most of my code is optimized and works flawlessly, but these issues with nginx will most likely force me to switch back over to Apache, And I really dont want to do that, NGINX.conf configuration below. user www-data; worker_processes 4; worker_cpu_affinity 0001 0010 0100 1000; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 512; multi_accept on; use epoll; } http { include /etc/nginx/mime.types; access_log /var/log/nginx/access.log; resolver_timeout 5s; satisfy all; ## Size Limits limit_zone brainbug $binary_remote_addr 5m; client_body_buffer_size 8k; client_header_buffer_size 75M; client_max_body_size 1k; large_client_header_buffers 2 1k; ## Timeouts client_body_timeout 60; client_header_timeout 60; keepalive_timeout 60; send_timeout 60; ## General Options ignore_invalid_headers on; recursive_error_pages on; sendfile on; server_name_in_redirect off; server_tokens off; ## TCP options tcp_nodelay on; #tcp_nopush on; output_buffers 128 512k; gzip on; gzip_http_version 1.0; gzip_comp_level 7; gzip_proxied any; gzip_min_length 0; gzip_buffers 32 32k; gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript image/jpeg image/png image/gif; ## Disable GZIP for MSIE 1-6 gzip_disable "MSIE [1-6].(?!.*SV1)"; ## Set a vary header so downstream proxies don't send cached gzipped content to IE6 gzip_vary on; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; }

  Read the article

• Windows 2008 R2 IPsec encryption in tunnel mode, hosts in same subnet

  - by fission

  In Windows there appear to be two ways to set up IPsec: The IP Security Policy Management MMC snap-in (part of secpol.msc, introduced in Windows 2000). The Windows Firewall with Advanced Security MMC snap-in (wf.msc, introduced in Windows 2008/Vista). My question concerns #2 – I already figured out what I need to know for #1. (But I want to use the ‘new’ snap-in for its improved encryption capabilities.) I have two Windows Server 2008 R2 computers in the same domain (domain members), on the same subnet: server2 172.16.11.20 server3 172.16.11.30 My goal is to encrypt all communication between these two machines using IPsec in tunnel mode, so that the protocol stack is: IP ESP IP …etc. First, on each computer, I created a Connection Security Rule: Endpoint 1: (local IP address), eg 172.16.11.20 for server2 Endpoint 2: (remote IP address), eg 172.16.11.30 Protocol: Any Authentication: Require inbound and outbound, Computer (Kerberos V5) IPsec tunnel: Exempt IPsec protected connections Local tunnel endpoint: Any Remote tunnel endpoint: (remote IP address), eg 172.16.11.30 At this point, I can ping each machine, and Wireshark shows me the protocol stack; however, nothing is encrypted (which is expected at this point). I know that it's unencrypted because Wireshark can decode it (using the setting Attempt to detect/decode NULL encrypted ESP payloads) and the Monitor Security Associations Quick Mode display shows ESP Encryption: None. Then on each server, I created Inbound and Outbound Rules: Protocol: Any Local IP addresses: (local IP address), eg 172.16.11.20 Remote IP addresses: (remote IP address), eg 172.16.11.30 Action: Allow the connection if it is secure Require the connections to be encrypted The problem: Though I create the Inbound and Outbound Rules on each server to enable encryption, the data is still going over the wire (wrapped in ESP) with NULL encryption. (You can see this in Wireshark.) When the arrives at the receiving end, it's rejected (presumably because it's unencrypted). [And, disabling the Inbound rule on the receiving end causes it to lock up and/or bluescreen – fun!] The Windows Firewall log says, eg: 2014-05-30 22:26:28 DROP ICMP 172.16.11.20 172.16.11.30 - - 60 - - - - 8 0 - RECEIVE I've tried varying a few things: In the Rules, setting the local IP address to Any Toggling the Exempt IPsec protected connections setting Disabling rules (eg disabling one or both sets of Inbound or Outbound rules) Changing the protocol (eg to just TCP) But realistically there aren't that many knobs to turn. Does anyone have any ideas? Has anyone tried to set up tunnel mode between two hosts using Windows Firewall? I've successfully got it set up in transport mode (ie no tunnel) using exactly the same set of rules, so I'm a bit surprised that it didn't Just Work™ with the tunnel added.

  Read the article

• Joining Windows 7 Professional to a Windows Server 2003 R2 x64 domain fails.

  - by Vinko Vrsalovic

  I have a windows 7 professional (spanish) laptop trying to join a Windows Server 2003 (english) domain. It detect correctly the SRV record, finding the proper domain controller, but then the join fails with the error message (snippet, because the error is in spanish) An Active Directory Domain Controller for This Domain Could Not be Contacted The DNS is correctly set, and client can ping by name and IP the server, the server can ping the client by IP. I've tested with the FW down to no avail. A host of other XP Pro clients are connected to the domain. I've restarted Net Logon and checked that Windows Time is up. Also the times are in sync between the server and the client. I'll put below diagnostics output. I'm wondering if there's anything special to be done on either the server or the client to have a Win 7 Pro join a 2k3 R2 domain. The following diagnostic information follows: netdiag /q for the DC dcdiag on the DC ipconfig /all on the Win 7 client netdiag /q on the DC: .................................. Computer Name: HI-X2 DNS Host Name: hi-x2.hi.local System info : Microsoft Windows Server 2003 R2 (Build 3790) Processor : EM64T Family 6 Model 23 Stepping 10, GenuineIntel List of installed hotfixes : KB923561 KB924667-v2 KB925398_WMP64 KB925902 KB926122 KB927891 KB929123 KB930178 KB932168 KB936357 KB938127 KB941569 KB942830 KB942831 KB943055 KB943460 KB944338-v2 KB944653 KB945553 KB946026 KB948496 KB950760 KB950762 KB950974 KB951066 KB951748 KB952004 KB952069 KB952954 KB954155 KB954550-v7 KB955069 KB955759 KB956572 KB956802 KB956803 KB956844 KB958469 KB958644 KB958869 KB959426 KB960225 KB960803 KB960859 KB961063 KB961118 KB961501 KB967715 KB967723 KB968389 KB968816 KB969059 KB969947 KB970238 KB970430 KB970483 KB971032 KB971468 KB971657 KB971737 KB971961 KB971961-IE8 KB972270 KB973037 KB973354 KB973507 KB973540 KB973687 KB973815 KB973825 KB973869 KB973904 KB973917-v2 KB974112 KB974318 KB974392 KB974571 KB975025 KB975467 KB975560 KB975713 KB976662-IE8 KB977290 KB977816 KB977914 KB978037 KB978262 KB978338 KB978542 KB978601 KB978706 KB979306 KB979309 KB979683 KB980182 KB980182-IE8 KB980232 KB980302-IE8 KB981332-IE8 KB981350 Q147222 Per interface results: Adapter : Local Area Connection Host Name. . . . . . . . . : hi-x2.hi.local IP Address . . . . . . . . : 10.0.1.199 Subnet Mask. . . . . . . . : 255.0.0.0 Default Gateway. . . . . . : 10.0.1.1 Dns Servers. . . . . . . . : 10.0.1.199 WINS service test. . . . . : Skipped Global results: [WARNING] You don't have a single interface with the 'WorkStation Service', 'Messenger Service', 'WINS' names defined. DNS test . . . . . . . . . . . . . : Passed PASS - All the DNS entries for DC are registered on DNS server '10.0.1.199'. IP Security test . . . . . . . . . : Skipped The command completed successfully dcdiag on the DC: Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\HI-X2 Starting test: Connectivity ......................... HI-X2 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\HI-X2 Starting test: Replications ......................... HI-X2 passed test Replications Starting test: NCSecDesc ......................... HI-X2 passed test NCSecDesc Starting test: NetLogons ......................... HI-X2 passed test NetLogons Starting test: Advertising ......................... HI-X2 passed test Advertising Starting test: KnowsOfRoleHolders ......................... HI-X2 passed test KnowsOfRoleHolders Starting test: RidManager ......................... HI-X2 passed test RidManager Starting test: MachineAccount ......................... HI-X2 passed test MachineAccount Starting test: Services ......................... HI-X2 passed test Services Starting test: ObjectsReplicated ......................... HI-X2 passed test ObjectsReplicated Starting test: frssysvol ......................... HI-X2 passed test frssysvol Starting test: frsevent ......................... HI-X2 passed test frsevent Starting test: kccevent ......................... HI-X2 passed test kccevent Starting test: systemlog ......................... HI-X2 passed test systemlog Starting test: VerifyReferences ......................... HI-X2 passed test VerifyReferences Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : hi Starting test: CrossRefValidation ......................... hi passed test CrossRefValidation Starting test: CheckSDRefDom ......................... hi passed test CheckSDRefDom Running enterprise tests on : hi.local Starting test: Intersite ......................... hi.local passed test Intersite Starting test: FsmoCheck ......................... hi.local passed test FsmoCheck ipconfig /all on the Windows 7 client: Configuraci¢n IP de Windows Nombre de host. . . . . . . . . : hi-p6 Sufijo DNS principal . . . . . : Tipo de nodo. . . . . . . . . . : h¡brido Enrutamiento IP habilitado. . . : no Proxy WINS habilitado . . . . . : no Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica: Sufijo DNS espec¡fico para la conexi¢n. . : Descripci¢n . . . . . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN Direcci¢n f¡sica. . . . . . . . . . . . . : 00-22-FB-63-47-A0 DHCP habilitado . . . . . . . . . . . . . : no Configuraci¢n autom tica habilitada . . . : s¡ Direcci¢n IPv4. . . . . . . . . . . . . . : 10.0.1.42(Preferido) M scara de subred . . . . . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada . . . . . : 10.0.1.1 Servidores DNS. . . . . . . . . . . . . . : 10.0.1.199 NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado Adaptador de Ethernet Conexi¢n de  rea local: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Descripci¢n . . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller Direcci¢n f¡sica. . . . . . . . . . . . . : 00-1E-33-1F-35-B1 DHCP habilitado . . . . . . . . . . . . . : s¡ Configuraci¢n autom tica habilitada . . . : s¡ Adaptador de t£nel isatap.{8926581E-09AC-4123-906B-DA6386AD2D60}: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP habilitado . . . . . . . . . . . . . : no Configuraci¢n autom tica habilitada . . . : s¡ Adaptador de t£nel Teredo Tunneling Pseudo-Interface: Sufijo DNS espec¡fico para la conexi¢n. . : Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP habilitado . . . . . . . . . . . . . : no Configuraci¢n autom tica habilitada . . . : s¡ Direcci¢n IPv6 . . . . . . . . . . : 2001:0:5ef5:73ba:1cec:3883:f5ff:fed5(Preferido) V¡nculo: direcci¢n IPv6 local. . . : fe80::1cec:3883:f5ff:fed5%13(Preferido) Puerta de enlace predeterminada . . . . . : :: NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado

  Read the article

• Switch flooding when bonding interfaces in Linux

  - by John Philips

  +--------+ | Host A | +----+---+ | eth0 (AA:AA:AA:AA:AA:AA) | | +----+-----+ | Switch 1 | (layer2/3) +----+-----+ | +----+-----+ | Switch 2 | +----+-----+ | +----------+----------+ +-------------------------+ Switch 3 +-------------------------+ | +----+-----------+----+ | | | | | | | | | | eth0 (B0:B0:B0:B0:B0:B0) | | eth4 (B4:B4:B4:B4:B4:B4) | | +----+-----------+----+ | | | Host B | | | +----+-----------+----+ | | eth1 (B1:B1:B1:B1:B1:B1) | | eth5 (B5:B5:B5:B5:B5:B5) | | | | | | | | | +------------------------------+ +------------------------------+ Topology overview Host A has a single NIC. Host B has four NICs which are bonded using the balance-alb mode. Both hosts run RHEL 6.0, and both are on the same IPv4 subnet. Traffic analysis Host A is sending data to Host B using some SQL database application. Traffic from Host A to Host B: The source int/MAC is eth0/AA:AA:AA:AA:AA:AA, the destination int/MAC is eth5/B5:B5:B5:B5:B5:B5. Traffic from Host B to Host A: The source int/MAC is eth0/B0:B0:B0:B0:B0:B0, the destination int/MAC is eth0/AA:AA:AA:AA:AA:AA. Once the TCP connection has been established, Host B sends no further frames out eth5. The MAC address of eth5 expires from the bridge tables of both Switch 1 & Switch 2. Switch 1 continues to receive frames from Host A which are destined for B5:B5:B5:B5:B5:B5. Because Switch 1 and Switch 2 no longer have bridge table entries for B5:B5:B5:B5:B5:B5, they flood the frames out all ports on the same VLAN (except for the one it came in on, of course). Reproduce If you ping Host B from a workstation which is connected to either Switch 1 or 2, B5:B5:B5:B5:B5:B5 re-enters the bridge tables and the flooding stops. After five minutes (the default bridge table timeout), flooding resumes. Question It is clear that on Host B, frames arrive on eth5 and exit out eth0. This seems ok as that's what the Linux bonding algorithm is designed to do - balance incoming and outgoing traffic. But since the switch stops receiving frames with the source MAC of eth5, it gets timed out of the bridge table, resulting in flooding. Is this normal? Why aren't any more frames originating from eth5? Is it because there is simply no other traffic going on (the only connection is a single large data transfer from Host A)? I've researched this for a long time and haven't found an answer. Documentation states that no switch changes are necessary when using mode 6 of the Linux interface bonding (balance-alb). Is this behavior occurring because Host B doesn't send any further packets out of eth5, whereas in normal circumstances it's expected that it would? One solution is to setup a cron job which pings Host B to keep the bridge table entries from timing out, but that seems like a dirty hack.

  Read the article

• Is this distributed database server idea feasible?

  - by David

  I often use SQLite for creating simple programs in companies. The database is placed on a file server. This works fine as long as there are not more than about 50 users working towards the database concurrently (though depending on whether it is reads or writes). Once there are more than this, they will notice a slowdown if there are a lot of concurrent writing on the server as lots of time is spent on locks, and there is nothing like a cache as there is no database server. The advantage of not needing a database server is that the time to set up something like a company Wiki or similar can be reduced from several months to just days. It often takes several months because some IT-department needs to order the server and it needs to conform with the company policies and security rules and it needs to be placed on the outsourced server hosting facility, which screws up and places it in the wrong localtion etc. etc. Therefore, I thought of an idea to create a distributed database server. The process would be as follows: A user on a company computer edits something on a Wiki page (which uses this database as its backend), to do this he reads a file on the local harddisk stating the ip-address of the last desktop computer to be a database server. He then tries to contact this computer directly via TCP/IP. If it does not answer, then he will read a file on the file server stating the ip-address of the last desktop computer to be a database server. If this server does not answer either, his own desktop computer will become the database server and register its ip-address in the same file. The SQL update statement can then be executed, and other desktop computers can connect to his directly. The point with this architecture is that, the higher load, the better it will function, as each desktop computer will always know the ip-address of the database server. Also, using this setup, I believe that a database placed on a fileserver could serve hundreds of desktop computers instead of the current 50 or so. I also do not believe that the load on the single desktop computer, which has become database server will ever be noticable, as there will be no hard disk operations on this desktop, only on the file server. Is this idea feasible? Does it already exist? What kind of database could support such an architecture?

  Read the article

• Windows 7 & Virtual PC and Internet (gateway) problems on host PC

  - by Mufasa

  I upgraded to Windows 7 on a PC that is a few years old. The CPU was one revision away from having Hyper-V on it. So, I had to install Microsoft Virtual PC 2007 (v6.0.156.0) to run full XP instances instead of the seamless XP virtualization that is advertised so much. That's fine though; the 'older' version is useful since I use it to run different versions of the whole XP/IE stack for testing. (I'm a web developer.) ...And for the one 16-bit application we still use at the office for scheduling. * sigh * The virtual instances work fine, including networking. My issue is that after a reboot or coming out of sleep mode, my host Windows 7 won't connect to the Internet. It will connect to the local network fine. If I disable the "Virtual Machine Network Services" item (I'll call "VMNS" from here on) in the LAN Connection properties box, it starts working. But than the Virtual PC instances lose their network connectivity. If I re-enable VMNS again in the same instance, everything works (Internet on host and in the virtualized instances). But after the next reboot/sleep cycle this starts over. The route table gave me a clue though. When doing a cycle w/ VMNS enabled: IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 On-link 10.0.3.51 20 0.0.0.0 0.0.0.0 10.0.10.10 10.0.3.51 276 ... After VMNS is disabled, the first route goes away. I assume that is for VMNS to intercept virtualized instance's network connections and forward them correctly? Just a guess though. More info: I checked my Firewall settings and Services (because I'm sort of a control nazi and turn off a lot) but couldn't find anything that made sense and if turned on changed anything. So it might be something there I'm missing, but I don't know what. My current hacked solution: So, I figured I'd mess with the routes myself to see if that helped, it did. If I run a route delete 0.0.0.0 on the universal (0.0.0.0) gateway routes, and add back in just the 2nd line with route add 0.0.0.0 mask 0.0.0.0 10.0.10.10--the one that points to my actual gateway (10.0.10.10)--then I don't have to mess with the disable/enable cycle of VMNS, and everything works. Running those two commands is faster then bringing up connection options and disabling and re-enabling VMNS, but I still don't want to have use that hack script every boot either. (Oh, and I also tried messing with hard-coding TCP/IP settings in my network adapter, including setting high metrics, etc., but that didn't help either.) Any suggestions on the right way to fix this?

  Read the article

• How to circumvent ISP Limiting "Unknown" traffic - (SSH)Proxy, VPN

  - by connery

  I am having issues with using a proxy/VPN, with my current ISP (Comenersol, Spain). From my point of view they limit traffic by protocol or by traffic they "know" and "dont know". I'll explain my findings so far below. Internet connection in Spain: ~400-420KByte/sec (speedtest.net) OpenVPN Server in Sweden(pfsense): 100/100Mbit. LZO Compression. TCP. Tun. Aes128 Squid Proxy server in Sweden (pfsense): 100/100 (same box as the vpn server). Plain, no encryption. Runs in stealth mode to hide the use of proxy. NOT running OpenVPN or Squid Proxy, this is my findings: When I download a file from my pfsense box in Sweden, I get maximum speed When I run speedtest.net and choose any european server (including Swedish), I get max speed When I download a torrent (with non default port above 10K), I get limited to ~100KByte/sec. Encryption is turned off If I download something through https, I get max speed Running either Squid Proxy or VPN, this is my findings When I download a file from my pfsense box in Sweden, I get ~100KByte/sec When I run speedtest.net and choose any european server (including Swedish and Spanish), I get ~100Kbyte/sec When I download a torrent, I get same limitation ~100KByte/sec When I download something through https, I get ~100KByte/sec I verify the speeds above with speedtest.net measure, firefox measure in addition to having bmon running in terminal in the background. This way I am certain that the speeds I get presented, are in fact correct. If I connect through a different ISP with VPN or Squid Proxy, I get better speeds (400KByte/sec ++) In short: Whenever I tunnel my traffic through Sweden, my SPanish ISP throttles the traffic. I thought tunneling it through Squid would solve the issue, since I then would no longer hide my traffic through encryption. This does not seem to be the case. Wget and fetch gives same result. I did not try 'nc', but I assume this would give the same result. Does anyone know how to circumvent this issue? I would very much like to be able to get full speed with Swedish ip, as this would make me able to stream TV at higher quality than today. 100KByte/sec just does not cut it quality wise. Thanks for reading. Looking forward for your help.

  Read the article

• Trying to get DNS services running on Windows Server 2008 R2, what am I getting wrong ?

  - by LaserBeak

  Ok, So I am basically trying to get a home server pc up that will provide Domain name services, act as Mail server and web server. I have one static IP, well it's not officially static but hasn't changed in two years so I'll call it static. I have done the following: Configured router NAT/virtual port forward UDP/TCP port 53 to the internal IP of my server 192.168.1.16, in adapter settings specified the manual settings: 192.168.1.16 IP, gateway 192.168.1.1, Subnet: 255.255.255.0 and loopback DNS: 127.0.0.1 Using my public my public IP Checked using http://www.canyouseeme.org/ that port 53 is open and is not being blocked by my ISP. It can see services on this port. Registered Domain name (mydomain.com.au) Updated whois database through the domain registrars site and registered NameServer names: ns0.mydomain.com.au and ns2.mydomain.com.au, both have been associated with my single public IP. (Waited 24 hours) Update the nameserver for mydomain.com.au: primary ns0.mydomain.com.au secondary: ns2.mydomain.com.au (waited 24+ hours) Installed Server 2008 R2, install web server role and DNS role. Webserver works when I enter my public IP into browser of any PC/mobile, get IIS7 welcome page. In DNS server: Created new forward lookup zone: ; ; Database file mydoman.com.au.dns for mydomain.com.au zone. ; Zone version: 10 ; @ IN SOA mydomain.com.au. mydomain.testdomain.com. ( 10 ; serial number 900 ; refresh 600 ; retry 86400 ; expire 3600 ) ; default TTL ; ; Zone NS records ; @ NS ns0.mydomain.com.au. @ NS ns1.mydomain.com.au. ; ; Zone records ; @ A 192.168.1.16 www A 192.168.1.16 The Domain name services will however not work, the whois database updated with ns0.mydomain.com.au etc. but when I type in my site name www.mydomain.com.au from an external machine it will not open site and I can't even ping it (Can't find host) When I check the ns0.mydomain.com.au NS record using a tool Like: http://www.squish.net/dnscheck/ I get: Security: Server ns0.mydomain.com.au (XXX.XXX.XXX.XX <- my public IP) is recursive Domain exists but there is no such record Any ideas, thanks...

  Read the article

• Network Services disabled (not starting) on Windows XP

  - by Rickesh John

  I am currently running Windows XP Service Pack 3 on my system. But today, when I failed to connect to the internet, via a LAN cable, I realized that almost all of the vital network services had stopped functioning. Any attempts to start it through services.msc gives me the following message: Could not start the DNS Client Service on Local Computer Error 1068: The dependency service group failed to start All my software or services that are related to networking have stopped functioning, for example, Windows Firewall is turned off permanently, so is my Avast Anti-Virus' service of Real Time Shields and Web Shield. When I insert the LAN wire into my laptop, it registers itself, but this is what I get when I do a ping localhost C:>ping localhost Unable to contact IP driver, error code 2 Moveover, with ipconfig I get this : Windows IP Configuration An internal error occurred: The request is not supported. Please contact Microsoft Product Support Services for further help. Additional Information: Unable to query host name On some further poking around, I saw that none of the "NETWORK SERVICE" process in task manager, except svchost.exe were running. Also, when I first opened the task manager, I saw some 20 processes running with username column empty for most of them. With some search in Google, I found out that these services were important, DHCP DNS Net logon Network connection Network location Awareness TCP/IP Net BIOS Helper none of them, except Network Connections are working, they do not start. The event viewer of my system shows a bunch of 7000 and 7001 event errors. I have tried re installing the network driver, booting in safe mode with networking and tried to enable those services mentioned above. I had disabled System Restore some time back, so I have no restore points for my system. I tried a lot of things from Google searches but none of them worked. Also, with such a long list of issue, I am a little confused as to what should I search on the internet. :( One more thing I would like to mention, previous morning, my anti-virus Avast detected a RootKit buried deep in my system folders. It was removed, but maybe this was a problem caused by the root kit. I did run a boot-time scan but no viruses were found. Please please please advice. Is formatting and re-installation of Windows my only option?

  Read the article

• Opscenter repair service times out. ERROR: Requested range intersects a local range [...]

  - by jlemire-zs

  My production cluster had the repair service enabled since april 16th with the default 9 days time to completion and repairs would complete properly. However, since may 22nd, it is being disabled automatically by Opscenter: From /var/log/opscenter/opscenterd.log: [...] 2014-06-03 21:13:47-0400 [zs_prod] ERROR: Repair task (<Node 10.1.0.22='6417880425364517165'>, (-4019838962446882275L, -4006140687792135587L), set(['zs_logging', 'OpsCenter'])) timed out after 3600 seconds. 2014-06-03 22:16:44-0400 [zs_prod] ERROR: Repair task (<Node 10.1.0.22='6417880425364517165'>, (-4006140687792135587L, -4006140687792135586L), set(['zs_logging', 'OpsCenter'])) timed out after 3600 seconds. 2014-06-03 22:16:44-0400 [zs_prod] ERROR: More than 100 errors during repair service, shutting down repair service 2014-06-03 22:16:44-0400 [zs_prod] INFO: Stopping repair service [...] From /var/log/opscenter/repair_service/zs_prod.log: [...] 2014-06-03 22:16:44-0400 [zs_prod] ERROR: Repair task (<Node 10.1.0.22='6417880425364517165'>, (-4006140687792135587L, -4006140687792135586L), set(['zs_logging', 'OpsCenter'])) timed out after 3600 seconds. 2014-06-03 22:16:44-0400 [zs_prod] ERROR: Task (<Node 10.1.0.22='6417880425364517165'>, (-4006140687792135587L, -4006140687792135586L), set(['zs_logging', 'OpsCenter'])) has failed 1 times. 2014-06-03 22:16:44-0400 [zs_prod] ERROR: 101 errors have ocurred out of 100 allowed. 2014-06-03 22:16:44-0400 [zs_prod] ERROR: More than 100 errors during repair service, shutting down repair service 2014-06-03 22:16:44-0400 [zs_prod] INFO: Stopping repair service On the nodes on which the repair fails, from /var/log/cassandra/system.log: ERROR [RMI TCP Connection(93502)-10.1.0.22] 2014-06-03 20:12:28,858 StorageService.java (line 2560) Repair session failed: java.lang.IllegalArgumentException: Requested range intersects a local range but is not fully contained in one; this would lead to i mprecise repair at org.apache.cassandra.service.ActiveRepairService.getNeighbors(ActiveRepairService.java:164) at org.apache.cassandra.repair.RepairSession.<init>(RepairSession.java:128) at org.apache.cassandra.repair.RepairSession.<init>(RepairSession.java:117) at org.apache.cassandra.service.ActiveRepairService.submitRepairSession(ActiveRepairService.java:97) at org.apache.cassandra.service.StorageService.forceKeyspaceRepair(StorageService.java:2620) at org.apache.cassandra.service.StorageService$5.runMayThrow(StorageService.java:2556) at org.apache.cassandra.utils.WrappedRunnable.run(WrappedRunnable.java:28) These errors, which only occurs if the repair service is running, are the only errors these nodes experience. Outside of the repair task, the Cassandra cluster works perfectly. I am running Opscenter 4.1.2 with a 6 nodes DSE 4.0.2 cluster installed on linux virtual machines. The nodes run a vanilla installation of Ubuntu Server 12.04 64-bit and DSE was installed and secured according to the provided installation documentation. I have been experiencing that problem on my development cluster for a while too (with DSE 4.0.0, 4.0.1 and 4.0.2), but I thought this was because of some configuration error on my part. The problem has appeared spontaneously at some point too. The Cassandra cluster has been working very smoothly with a good write throughput. It is very stable and has enough resources to work with. We did not notice any problems with the applications that depend on it.

  Read the article

• Reliable access to Internet but not local network (not DNS or proxy issues)

  - by Ian Goldby

  I'm looking for help with a Vista Home Premium laptop that has trouble accessing any resource on our home network, but accesses the Internet just fine. The set-up is this: The Vista laptop and a MacBook Pro connect wirelessly to the router-modem. A Synology DS212j NAS drive has a wired connection to the router-modem. Devices on the local network are always referred to by IP address, so this cannot be a DNS issue. The MacBook Pro connects reliably to the NA via AFP (network shared folders), SMB (network shared folders) and HTTP. The Vista laptop connects to and browses sites on the Internet without any problems. It can log into the NAS via SMB and list the shared folders (so there is nothing wrong with the log-in credentials), but when it tries to open any of the folders Explorer just hangs with the spinning cursor for several minutes and then says "\192.168.1.64\shared\Photos is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The specified network name is no longer available." It can ping the NAS successfully. If I try to open the NAS drive's web interface, the browser just hangs. This is the same with IE, Firefox and Chrome. (There is no proxy.) I can log into the NAS drive with FTP and navigate directories, but when I try to list the contents of a directory with more than a handful of entries, the ftp client hangs. I set up a website on the MacBook. The Vista laptop was able to load some of the pages, but loading any of the images was very hit and miss. Images embedded in HTML pages never worked no matter how many times I reloaded the page, but when I linked directly to the image it did load (though several attempts were sometimes needed). I tried all of this with the Windows Firewall turned off, and with AVG turned off. That made no difference. I'd really appreciate any suggestions anyone can make. The fact that the Vista laptop has trouble with HTTP and FTP as well as SMB connections suggests to me that this is a problem at the TCP level or below. But don't forget it accesses sites outside the LAN with no problems.

  Read the article

• Share the same subnet between Internal network and VPN Clients

  - by Pascal

  I would like to set up a configuration where VPN clients connecting to my Forefront TMG can access all the resources of my Internal network without having the to use the option "Use default gateway on remote network" on the VPN's TCP/IP Ipv4 Advanced Settings. This is important to me, since they can use their own internet while accessing my network through VPN (the security implications of this are acceptable on my cenario) My Internal network runs on 10.50.75.x, and I set up Forefront TMG to relay the DHCP of my Internal network to the VPN clients, so they get IPs from the same range as the Internal network. This setup initially works, and the VPN clients use their own internet, and can access anything that is on the internal network. However, after a while, HTTP Proxy Traffic from the Internal network starts getting routed to the IP of the RRAS Dial In Interface, instead of the IP of the Internal's network gateway. When this happens, the HTTP Proxy starts getting denied for obvious reasons. My first question is: does this happen because Forefront TMG wasn't designed to handle a cenario that I described above, and it "loses itself"? My second question is: Is there any way to solve this problem, either through configuration or firewall policies? My third question is: If there's no way that it can work with the cenario above, is there another cenario that will solve my problem, and do what I'd like it to do properly? Below are my network routes: 1 => Local Host Access => Route => Local Host => All Networks 2 => VPN Clients to Internal Network => Route => VPN Clients => Internal 3 => Internet Access => NAT => Internal, Perimeter, VPN Clients => External 4 => Internal to Perimeter => Route => Internal, VPN Clients => Perimeter Tks!

  Read the article

• How to allow unprivileged apache/PHP to do a root task (CentOS)

  - by Chris

  I am setting up a sort of personal dropbox for our customers on a CentOS 6.3 machine. The server will be accessible thru SFTP and a proprietary http service base on PHP. This machine will be in our DMZ so it has to be secure. Because of this I have apache running as an unprivileged user, hardened the security on apache, the OS, PHP, applied a lot of filtering in iptables and applied some restrictive TCP Wrappers. Now you might have suspected this one was coming, SELinux is also set to enforcing. I'm setting up PAM to use MySQL so my users in the web application can login. These users will all be in a group that can use SSH only for SFTP and users will be chrooted to their own 'home' folder. To allow this SELinux wants the folders to have the user_home_t tag. Also the parent directory needs to be writable by root only. If these restrictions are not met SELinux will kill the SSH pipe immediately. The files that need to be accessible thru both http and SFTP so I have made a SELinux module to allow Apache to search/attr/read/write etc. to directories with the user_home_dir_t tag. As sftp users are stored in MySQL I want to setup their home dirs upon user creation. This is a problem since Apache has no write access to the /home dir, it's only writable by root since it's required to keep SELinux and OpenSSH happy. Basically I need to let Apache do only a few tasks as root and only within /home. So I need to somehow elevate the privileges temporarily or let root do these tasks for apache instead. What I need to have apache do with root privileges is the following. mkdir /home/userdir/ mkdir /home/userdir/userdir chmod -R 0755 /home/userdir umask 011 /home/userdir/userdir chcon -R -t user_home_t /home/userdir chown -R user:sftp_admin /home/userdir/userdir chmod 2770 /home/userdir/userdir This would create a home for the user, now I have an idea that might work, cron. That would mean the server needs to check for users that have no home every minute, then when creating users the interface would freeze for an average of 30 seconds before the account creation can be confirmed which I do not prefer. Does anybody know if something can be done with sudoers? Or any other idea's are welcome... Thanks for your time!

  Read the article

• Trying to setup virtual hosts on unix PHP on nginx

  - by user1634653

  I have tried to install php5-fpm and Nginx on Ubuntu machine, but I got a problem. When I have only one virtual host on a unix port it is all fine but when I try to add another virtual host Nginx goes to default web page "Welcome to Nginx!" but when I run it on a tcp port example port 9000 it work fine with multisites. It is a fresh install of ubuntu 11.10, Nginx 1.2.3 with php5-fpm installed. It also has extra php installs such as php-apc. I can only give the links to the virtual hosts because I am doing it from a mobile phone. Here are the links for the two virtual hosts I am using: http://ic0nic.co.uk/ic0nic.txt, http://ic0nic.co.uk/sourproxy.txt also I want to use unix port because I find it a whole lot faster. Edit: Here are the nginx configs server { server_name ic0nic.co.uk www.ic0nic.co.uk; root /var/www/ic0nic.co.uk; listen 8080; index index.html index.htm index.php; include conf.d/drop; location / { try_files $uri $uri/ /index.php?q=$uri&$args; } location ~ \.php$ { fastcgi_buffers 8 256k; fastcgi_buffer_size 128k; fastcgi_intercept_errors on; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass unix:/dev/shm/php-fpm-www.sock; root /var/www/ic0nic.co.uk; } } server { server_name sourproxy.co.uk www.sourproxy.co.uk; root /var/www/sourproxy.co.uk/; listen 8080; index index.html index.htm index.php; include conf.d/drop; location / { try_files $uri $uri/ /index.php?q=$uri&$args; } location ~ \.php$ { fastcgi_buffers 8 256k; fastcgi_buffer_size 128k; fastcgi_intercept_errors on; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/sourproxy.co.uk$fastcgi_script_name; fastcgi_pass unix:/dev/shm/php-fpm-www.sock; } }

  Read the article

• Why would a process monitoring script use exit 1; on finding no problems?

  - by user568458

  General question: On a Linux (Centos) server, if a process monitoring script run by cron is set to close with exit 1; rather than exit 0; on finding that everything is okay and that no action is needed, is that a mistake? Or are there legitimate reasons for calling exit 1; instead of exit 0; on the "Everything's fine, no action needed" condition? exit 0; on finding no problems seems to me to be more appropriate. But maybe there's something I'm not aware of. For example, maybe there's something specific to Cron? Or maybe there's a convention in process monitoring scripts that 'failure' means 'this script failed to need to fix a problem' (rather than what I would expect which is that exit 1; would mean 'the process being monitored has failed'?) My specific case: I'm looking at a process monitoring script written by my web hosting company. By process monitoring script, I mean a script executed by Cron on a regular basis that checks if an important system process is running, and if it isn't running, takes actions such as mailing an administrator or restarting the process. Here's the (generalised) structure of their script, for a service running on port 8080 (in this case, Apache Tomcat): SERVICE=$(/usr/sbin/lsof -i tcp:8080 | wc -l); if [ $SERVICE != 0 ]; then exit 1; else #take action fi Seems simple enough even for someone with limited knowledge like me, except the exit 1; part seems odd. As I understand it, exit 0; closes a program and signifies to the parent that executed the program that everything is fine, exit n; where n0 and n<127 signifies that there has been some kind of error or problem. Here, their script seems to go against that rule - it calls exit 1; in the condition where everything is fine, and doesn't exit after taking remedial action in the problem condition. To me, this looks like a mistake - but my experience in this area is limited. Are there cases where calling exit 1; in the "Everything's fine, no action needed" condition is more appropriate than calling exit 0;? Or is it a mistake? Wider context is pretty simple. It's a Centos VPS, running Plesk. The script is being called by Cron via Plesk's "Scheduled tasks" Cron manager. There's no custom layer between Cron and this script that would respond in an unusual way to the exit call. It's a fairly average, almost out-of-the box Plesk-managed Centos VPS (in so far as there is such a thing). The process being monitored by this script is Apache Tomcat.

  Read the article

• How to make Nginx fire 504 immediately is server is not available?

  - by Georgiy Ivankin

  I have Nginx set up as a load balancer with cookie-based stickiness. The logic is: If the cookie is NOT there, use round-robbing to choose a server from cluster. If the cookie is there, go to the server that is associated with the cookie value. Server is then responsible for setting the cookie. What I want to add is this: If the cookie is there, but server is down, fallback to round-robbing step to choose next available server. So actually I have load balancing and want to add failover support on top of it. I have managed to do that with the help of error_page directive, but it doesn't work as I expected it to. The problem: 504 (and the fallback associated with it) fires only after 30s timeout even if the server is not physically available. So what I want Nginx to do is fire a 504 (or any other error, doesn't matter) immediately (I suppose this means: when TCP connection fails). This is the behavior we can see in browsers: if we go directly to server when it is down, browser immediately tells us that it can't connect. Moreover, Nginx seems to be doing this for 502 error: if I intentionally misconfigure my servers, Nginx fires 502 immediately. Configuration (stripped down to basics): http { upstream my_cluster { server 192.168.73.210:1337; server 192.168.73.210:1338; } map $cookie_myCookie $http_sticky_backend { default 0; value1 192.168.73.210:1337; value2 192.168.73.210:1338; } server { listen 8080; location @fallback { proxy_pass http://my_cluster; } location / { error_page 504 = @fallback; # Create a map of choices # see https://gist.github.com/jrom/1760790 set $test HTTP; if ($http_sticky_backend) { set $test "${test}-STICKY"; } if ($test = HTTP-STICKY) { proxy_pass http://$http_sticky_backend$uri?$args; break; } if ($test = HTTP) { proxy_pass http://my_cluster; break; } return 500 "Misconfiguration"; } } } Disclaimer: I am pretty far from systems administration of any kind, so there may be some basics that I miss here. EDIT: I'm interested in solution with standard free version of Nginx, not Nginx Plus. Thanks.

  Read the article

• Share a Printer on Your Network from Vista or XP to Windows 7

  - by Mysticgeek

  The other day we looked at sharing a printer between Windows 7 machines, but you may only have one Windows 7 machine and the printer is connected to a Vista or XP computer. Today we show you how to share a printer from either Vista or XP to Windows 7. We previously showed you how to share files and printers between Windows 7 and XP. But what if you have a printer connected to an XP or Vista machine in another room, and you want to print to it from Windows 7? This guide will walk you through the process. Note: In these examples we’re using 32-bit versions of Windows 7, Vista, and XP on a basic home network. We are using an HP PSC 1500 printer, but keep in mind every printer is different so finding and installing the correct drivers will vary. Share a Printer from Vista To share the printer on a Vista machine click on Start and enter printers into the search box and hit Enter. Right-click on the printer you want to share and select Sharing from the context menu. Now in Printer Properties, select the Sharing tab, mark the box next to Share this printer, and give the printer a name. Make sure the name is something simple with no spaces then click Ok. Share a Printer from XP To share a printer from XP click on Start then select Printers and Faxes. In the Printers and Faxes window right-click on the printer to share and select Sharing. In the Printer Properties window select the Sharing tab and the radio button next to Share this printer and give it a short name with no spaces then click Ok. Add Printer to Windows 7 Now that we have the printer on Vista or XP set up to be shared, it’s time to add it to Windows 7. Open the Start Menu and click on Devices and Printers. In Devices and Printers click on Add a printer. Next click on Add a network, wireless or Bluetooth printer. Windows 7 will search for the printer on your network and once its been found click Next. The printer has been successfully added…click Next. Now you can set it as the default printer and send a test page to verify everything works. If everything is successful, close out of the add printer screens and you should be good to go.   Alternate Method If the method above doesn’t work, you’ll can try the following for either XP or Vista. In our example, when trying to add the printer connected to our XP machine, it wasn’t recognized automatically. If you’re search pulls up nothing then click on The printer that I want isn’t listed. In the Add Printer window under Find a printer by name or TCP/IP address click the radio button next to Select a shared printer by name. You can either type in the path to the printer or click on Browse to find it. In this instance we decided to browse to it and notice we have 5 computers found on the network. We want to be able to print to the XPMCE computer so we double-click on that. Type in the username and password for that computer… Now we see the printer and can select it. The path to the printer is put into the Select a shared printer by name field. Wait while Windows connects to the printer and installs it… It’s successfully added…click Next. Now you can set it as the default printer or not and print a test page to make sure everything works successfully. Now when we go back to Devices and Printers under Printers and Faxes, we see the HP printer on XPMCE. Conclusion Sharing a printer from one machine to another can sometimes be tricky, but the method we used here in our setup worked well. Since the printer we used is fairly new, there wasn’t a problem with locating any drivers for it. Windows 7 includes a lot of device drivers already so you may be surprised on what it’s able to install. Your results may vary depending on your type of printer, Windows version, and network setup. This should get you started configuring the machines on your network—hopefully with good results.  If you you have two Windows 7 computers, then sharing a printer or files is easy through the Homegroup feature. You can also share a printer between Windows 7 machines on the same network but not Homegroup. Similar Articles Productive Geek Tips Share a Printer Between Windows 7 Machines Not in the Same HomegroupShare Files and Printers between Windows 7 and XPHow To Share Files and Printers Between Windows 7 and VistaEnable Mapping to \HostnameC$ Share on Windows 7 or VistaUse the Homegroup Feature in Windows 7 to Share Printers and Files TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips Revo Uninstaller Pro Registry Mechanic 9 for Windows PC Tools Internet Security Suite 2010 PCmover Professional Enable Check Box Selection in Windows 7 OnlineOCR – Free OCR Service Betting on the Blind Side, a Vanity Fair article 30 Minimal Logo Designs that Say More with Less LEGO Digital Designer – Free Create a Personal Website Quickly using Flavors.me

  Read the article

• Share a Printer on Your Network from Vista or XP to Windows 7

  - by Mysticgeek

  The other day we looked at sharing a printer between Windows 7 machines, but you may only have one Windows 7 machine and the printer is connected to a Vista or XP computer. Today we show you how to share a printer from either Vista or XP to Windows 7. We previously showed you how to share files and printers between Windows 7 and XP. But what if you have a printer connected to an XP or Vista machine in another room, and you want to print to it from Windows 7? This guide will walk you through the process. Note: In these examples we’re using 32-bit versions of Windows 7, Vista, and XP on a basic home network. We are using an HP PSC 1500 printer, but keep in mind every printer is different so finding and installing the correct drivers will vary. Share a Printer from Vista To share the printer on a Vista machine click on Start and enter printers into the search box and hit Enter. Right-click on the printer you want to share and select Sharing from the context menu. Now in Printer Properties, select the Sharing tab, mark the box next to Share this printer, and give the printer a name. Make sure the name is something simple with no spaces then click Ok. Share a Printer from XP To share a printer from XP click on Start then select Printers and Faxes. In the Printers and Faxes window right-click on the printer to share and select Sharing. In the Printer Properties window select the Sharing tab and the radio button next to Share this printer and give it a short name with no spaces then click Ok. Add Printer to Windows 7 Now that we have the printer on Vista or XP set up to be shared, it’s time to add it to Windows 7. Open the Start Menu and click on Devices and Printers. In Devices and Printers click on Add a printer. Next click on Add a network, wireless or Bluetooth printer. Windows 7 will search for the printer on your network and once its been found click Next. The printer has been successfully added…click Next. Now you can set it as the default printer and send a test page to verify everything works. If everything is successful, close out of the add printer screens and you should be good to go.   Alternate Method If the method above doesn’t work, you’ll can try the following for either XP or Vista. In our example, when trying to add the printer connected to our XP machine, it wasn’t recognized automatically. If you’re search pulls up nothing then click on The printer that I want isn’t listed. In the Add Printer window under Find a printer by name or TCP/IP address click the radio button next to Select a shared printer by name. You can either type in the path to the printer or click on Browse to find it. In this instance we decided to browse to it and notice we have 5 computers found on the network. We want to be able to print to the XPMCE computer so we double-click on that. Type in the username and password for that computer… Now we see the printer and can select it. The path to the printer is put into the Select a shared printer by name field. Wait while Windows connects to the printer and installs it… It’s successfully added…click Next. Now you can set it as the default printer or not and print a test page to make sure everything works successfully. Now when we go back to Devices and Printers under Printers and Faxes, we see the HP printer on XPMCE. Conclusion Sharing a printer from one machine to another can sometimes be tricky, but the method we used here in our setup worked well. Since the printer we used is fairly new, there wasn’t a problem with locating any drivers for it. Windows 7 includes a lot of device drivers already so you may be surprised on what it’s able to install. Your results may vary depending on your type of printer, Windows version, and network setup. This should get you started configuring the machines on your network—hopefully with good results.  If you you have two Windows 7 computers, then sharing a printer or files is easy through the Homegroup feature. You can also share a printer between Windows 7 machines on the same network but not Homegroup. Similar Articles Productive Geek Tips Share a Printer Between Windows 7 Machines Not in the Same HomegroupShare Files and Printers between Windows 7 and XPHow To Share Files and Printers Between Windows 7 and VistaEnable Mapping to \HostnameC$ Share on Windows 7 or VistaUse the Homegroup Feature in Windows 7 to Share Printers and Files TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips Revo Uninstaller Pro Registry Mechanic 9 for Windows PC Tools Internet Security Suite 2010 PCmover Professional Enable Check Box Selection in Windows 7 OnlineOCR – Free OCR Service Betting on the Blind Side, a Vanity Fair article 30 Minimal Logo Designs that Say More with Less LEGO Digital Designer – Free Create a Personal Website Quickly using Flavors.me

  Read the article

< Previous Page | 126 127 128 129 130 131 132 133 134 135 136 137  | Next Page >