Search Results

Search found 4786 results on 192 pages for 'traffic shaping'.

Page 134/192 | < Previous Page | 130 131 132 133 134 135 136 137 138 139 140 141 | Next Page >

ASA Slow IPSec Performance

- by Brent

I have a IPSec link between two sites over ASA 5520s running 8.4(3) and I am getting extremly poor performance when traffic passes over the VPN. CPU on the device is 13%, Memory at 408 MB, and active VPN sessions 2 so the load on the device is particularly low. Screenshot of wireshark file transfer between the two hosts over the VPN: The large amount of Header checksum failures is alarming, but I am not sure what to check now. I perf is showing around 4-5 Mbit/sec with differing TCP window sizes. Show Run on the ASA http://pastebin.com/uKM4Jh76 Show cry accelerator stats http://pastebin.com/xQahnqK3

Read the article
In Varnish, is it normal for the number of freed bytes to be 60% of those allocated?

- by user331397

I have an installation of Varnish 3.02 on an Amazon EC2 Medium Linux instance in front of two relatively low-traffic websites. After an uptime of 2 hours, there are 3400 objects in the cache. Using varnishstat, I checked the variables SMA.s0.c_bytes and SMA.s0.c_freed, which I assume correspond to the total number of bytes allocated since startup and the number freed, respectively. No objects should have had time to expire during these two hours, but still about 60% of the memory allocated since startup (330MB out of 560MB) has already been freed. Do you know if this is normal? If not, do you know what kind of configuration could be wrong?

Read the article
I would like to have a publicly accessable linux box hosted elsewhere. Who provides this service?

- by Eric Wilson

I would like to have a general purpose linux server available and publicly accessible. I understand that there are no lack of web-hosting companies, but I might want more control over the machine than is typical. I would want the ability to install software, such as an SVN server, and I would like to be able to expose various port numbers, as I may have a variety of extremely low traffic sites that I would want to have available. Obviously, one option is to host such a machine in my home. Is that my only option? Or is what I describe out there, possible as a virtual machine on a larger server?

Read the article
Redundant Router and Load Balancing vs. DDoS attack

- by colgatta

With a small server farm at a hoster with great support and conditions, I worry about the increasing number of DDoS attacks against this hoster (not my web project, but other clients on the same location). I have booked a redundant router and load balancer as managed service with this hoster to share the load with all the dedicated servers. However, I was lost again today because another one's project was attacked with DDoS for hours :-( Each hour means hundreds of dollars loss whenever my adserver and tracking is not reachable. Even time-out advertising have to be paid by me but can not be resold to my clients without the servers being available. All the time, the servers, the load and traffic is OK and health, but no chance to keep this stable/online if the hoster is vulnerable. Anyone has ideas or suggestions how to protect - even against DDoS?

Read the article
What type of amazon instance should I use and do I need auto scaling and load balancing?

- by Navetz

Hi I am looking to release a website that will initially have large amounts of uploads from users. The first will be 65GB and the rest will probably be close to 1TB. They could happen simultaneously. My question is what type of amazon server instance would be best for this? The website is just being released so the traffic wont be very high. I have been using a micro instance for development but it is time to launch and I need more power. Should I use auto scaling and a load balancer to increase the number of instances when I need it or Will a small or medium instance do the trick? If I do use auto scaling and load balancing how do I handle things like sessions and the database/file lookups? Does one instance become the primary instance and the rest become clones?

Read the article
Is it possible to use Linux to route between my office (which uses IPSec) and home network?

- by Sam

First of all, apologies if this seems vague - I'm not an admin of anything more than a home network. I have a Ubuntu box sitting on my network which does various odd tasks for me - svn serving, some file serving, Apache/MySQL/PHP which is all raring to go. I've started a new job and at the moment I'm using ShrewSoft VPN software to establish a VPN link to the office as I need it. I'd prefer to have something always running on my home network just for convenience. My home modem/router doesn't support holding a VPN connection open. What I would like to do is set up my Linux box to hold open a VPN connection to my office and keep it open permanently, and then all applicable traffic for the office be routed through this box. I'm not sure if this is possible, or how to configure the routing on the desktop PCs (Windows 7). Would appreciate any guides, etc that could help me out.

Read the article
VPN service for 4in6

- by Deshene

I have a local network with internet access. But unfortunately IPv4 internet connection speed is limited to 1mbps, which is realy sad. Fortunately I have a native IPv6, and there is no connection speed limit over IPv6. So, in order to get a good internet connection I made a plan: connect to the VPN-service over IPv6, and pass all IPv4 traffic through IPv6 tunnel, or something like that, I think you get the idea. I suggested to use service like HideMyAss.com, but unfortunately they don't support IPv6. The question is: Is there any existing VPN service that will make my dreams come true, and is easy to use, which I could connect over PPTP or OpenVPN (I want to set up connection to VPN in my router settings).

Read the article
startup cassandra layout

- by davidkomer

We've got a relatively low-traffic site (~1K pageviews/day) hosted on a single server, and expect it to grow significantly over the next few years. I'm thinking of moving over to Rackspace CloudServer or EC2 and firing up 3 nodes (all on CentOS): 2 x Web (Apache) - with loadbalancer 1 x MySQL (for the Wordpress powered part) The question is where to put Cassandra right now... Should it sit on each Web node, or the MySQL node? My thought right now is to put it on Web nodes. It's my understanding that Cassandra has the benefits of fault-tolerance (i.e. if we take a node down, the site is still operational). So even with only 2 nodes, we'd have that benefit as opposed to just putting it on the MySQL node. Also, as we scale up and add another node, a cassandra instance can come along with it and the php can always run its queries on localhost. Is this a good idea?

Read the article
unable to connect to remote sql server from SHDSL router

- by user529265

Got a new leased line network to our office that came with a SHDSL router (Watson). Currently, we are unable to use Sql Server management studio to connect to remote Sql databases. It errors out saying A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 0 - The specified network name is no longer available.) (Microsoft SQL Server, Error: 64) I logged into the Watson management panel and unblocked all the ports for TCP traffic (specified the range as 0 to 60000 and UDP as well - this include 1443 required for connecting to SQL Server). The router is the only thing that has changed. We are able to connect to it from other networks just fine. Is there something we are missing here. Any help would be greatly appreciated.

Read the article
Optimal Instance Size for EC2 Sharepoint Server

- by Rob Wilkerson

I'm surprised that I can't find any info about this, but I'm not a Windows admin and just a novice EC2 user. I have a client who wants to stand up a Sharepoint server on EC2 for internal use. The team is small (10-20) folks and traffic will be light. Mostly, the client is looking for one place to store documents (and revisions of documents) while making access easy for authenticated users anywhere in the world. They've settled on Sharepoint and have other EC2 instances so that seems like the natural fit, but I'm trying to figure out what to recommend for them. I'm currently thinking about a Medium instance. I'm afraid to go smaller because I think Windows would need a fair amount of memory just to run, but I'm very open to suggestions. Any advice would be much appreciated. I expect that the storage itself would happen in an EBS mount, but again, suggestions welcome. Thanks for your input.

Read the article
EC2 hostname ubuntu and ejabberd

- by aelbaz

I have questions related to the host name in Ubuntu EC2 instances. I have a IPS elastics for hosts that want to be seen from the internet and I have pointed out in the DNS entries with the computer name to those ips. For example, for elastic IP 11.11.11.11 DNS I added my computer name www.example.com. But I also want to rename the machines which they have, because it is a parameter of the service running on them (ejabberd server). EC2 instances are restarted when changing the host name, and seen on the client requesting dhcp hostname to dhcp Amazon. My question is ... What is the safest method to change the hostname: dhcp client modify, insert the command in rc.local, etc. ..? Could I have a problem with the internal resolution of traffic between EC2 instances? thanks

Read the article
SOCKS Proxy and HTTP Proxy considerations with push notifications

- by J.Ashworth

I'm working with push notifications in a mobile application, and I've been informed that a lot of our clients may be using SOCKS or HTTP proxies for outbound and inbound traffic. Is there anything in particular I need to program or document with regards to deploying our mobile app in this sort of environment? If you were setting up and installing the application server, what guarantees would you want from the person that had programmed it? Specifically regarding push notification services for all four major OSes (APNS, GCM, BPS and MPNS). I've got absolutely no experience with proxies or server deployment, in case you couldn't tell :)

Read the article
Windows RRAS multi-network routing

- by Brent Pabst

I am looking for advice, comments and suggestions from anyone who has used Windows RRAS (2008 R2 Pref.) as the primary routers for our multiple offices. We have multiple physical office locations and are looking into utilizing Windows Server 2008 R2 Core as redundant Active/Active routers/gateways for our network as opposed to a physical router from Cisco or Juniper, it costs a lot less! Any problems, issues or documentation anyone would recommend? We will still most likely have a firewall on the edge but the majority of our traffic will be inter-office with some external services. We will be using multiple Class B networks across our two offices.

Read the article
How can I setup a Firewall without NAT?

- by SRobertJames

We have 16 IP addresses from our ISP, and are setting up a SonicWall Firewall. I'd like to have the SonicWall do NAT for the LAN, but act as a firewall only (no NAT) for the servers which are using some of the 16 addresses. How do I set this up? If I set the WAN's subnet to include the 16 IPs, the SonicWall won't route the traffic to the LAN interface. Should I set the WAN subnet to only include the ones we are dedicating for NAT, and then keep the others on the LAN? Related point: How can I set multiple IP addresses for a SonicWall LAN interface?

Read the article
How do I make a backup of a live server?

- by Jurily

At my new job, I have a production server with the following qualities: Windows (XP I think), ancient hardware Absolutely vital database No backups whatsoever Everyone in the company has full admin rights, the passwords are stored in a .txt on the global share No installers, except for the OS The machine itself is sitting on a wooden shelf 5 feet above the ground against an external wall with frequent truck traffic on the other side; the shelf is already bent from the constant load Hasn't been rebooted in $DEITY knows how long, my predecessor wasn't even sure if it would survive it UPS is installed, but since everything is hooked up to it, it would last 10 minutes tops No spare parts or hardware budget How do I make a full backup with minimal impact on the server? I'm not sure how close it is to a total meltdown. For all I know, plugging in a USB stick could kill the company, and of course it will be all my fault, since "it was running fine before you touched it". The ideal solution would be a VM, so I have a test environment as well (separate of course).

Read the article
Is there a way to automate testing for a GNS3 network topology?

- by Chedy2149

I'm working on an MPLS backbone topology using GNS3, this topology includes configuration of several networking technologies such as IPv6, BGP, OSPF, IPv6 to IPv4 dynamic tunneling, MPLS based VPNs, MPLS based traffic engineering... So I'm a beginner with basic knowledge in networking (Ipv4 addressing, basic routing and switching) and I can't just easly test if my topology works or not, moreover fiddling with configuration I've noticed that sometimes when getting MPLS config right and missing BGP config all my topology is messed up. Given that I use Cisco 7200 series routers, is there any way to build a test harness for my topology in order to guarentee correctness with a single push button automated process?

Read the article
Downloads speed starts ok but after a few seconds they go down to 10kbps?

- by peterg

Since yesterday any file I try to download from any host start downloading ok (at 1mbps) but after a few seconds the speed start to decrease down to 10kbps. I use a mobile modem (huawei) and I connect to a wcdma network. What could be happening? I use kaspersky, and I checked the Network Monitor and I don't see any weird process using bandwidth. What other tests can I run? Recommend me some app to monitor the traffic to see if I have some malware or see where my bandwidth goes.

Read the article
How to do port forwarding in D-link Glb802c?

- by Manish

I have some questions about port forwarding on my D-Link Router GLB-802C. For example: My local machine's IP is 117.1.1.81 My router's IP is 117.1.1.1 My Public (Web) IP is 117.16.1.1 My questions are: What will be my Global Address 'To'? What will be my Global Address 'From'? In Destination Port "From" and "To" what do I select in the drop down list and port no for forwarding HTTP traffic (for my website)? In Local Port, what do I select in drop down list and port no?

Read the article
NAT and NGINX on the same server

- by Morten

I'm setting up a VPC cluster for my collaborative todo list application www.getdoneapp.com. To have my servers on the private network I need a NAT server so my servers on the private network can connect to the internet to receive updates and what not. The NAT server will consume an elastic IP address, so I'm wondering if I can just have that NAT server run nginx to direct traffic to my internal servers for HTTP. So the question is, is it a bad idea to run NGINX and NAT on the same server, or should I go for consuming 2 elastic IP addresses?

Read the article
How to block spam site republishing my content

- by Fo.

I noticed today that Google search results shows some spam copies of one of my sites. The url looks something like this: http://[subdomain].spamsite.com/www.example.com ...where example.com is my site. In my Apache access logs I'm noticing several lines like the following whenever I load the above url: 127.0.0.1 - - [219/Oct/2012:19:27:34 +0000] "OPTIONS * HTTP/1.0" 200 - "-" "Apache (internal dummy connection)" The spammer's site shows an exact up to date copy of my site, so I think they are pulling in live data. Any idea how I can block this traffic?

Read the article
Cisco access list logging. Why is there a difference between IPv4 and IPv6?

- by growse

I've got a Cisco 877 router. I've got an IPv4 access list and an IPv6 access list set up and configured similar to this: interface Dialer1 ... ip access-group INTERET-IN ipv6 traffic-filter IPV6-IN Each of these access lists has a final rule of deny ip/ipv6 any any log. However, in my syslog I notice that there's a difference in formatting between the two types of entries. IPv4 will say: %SEC-6-IPACCESSLOGP: list INTERNET-IN denied udp 88.89.209.63(137) -> 1.2.3.4(137), 1 packet Whereas the IPv6 list will say %IPV6_ACL-6-ACCESSLOGNP: list IPV6-IN/240 denied 59 2001:0:5EF5:79FD:14F9:B773:3EBA:3EE3 (Dialer1) -> 2001:800:1000:0::1, 8 packets Both have broadly the same information, but the IPv6 log entry is missing the protocol type and port, both of which are very useful if I'm trying to troubleshoot connectivity. Why is this? How do I get IPv6 deny logs to display the protocol and port used, if any?

Read the article
Just how slow should my VPN be?

- by David Heggie

I have a VPN setup between a remote office with 2 ADSL connections (8Mb downstream, 512Kb upstream) and a main office with a 10Mb EFM connection (10Mb both up and down). The VPN is an IPSec connection using a DrayTek 2930 router for the ADSL and a DrayTek 3200 router at the EFM end. However, I'm unable to get speeds over this connection (tested with iperf) of anything over 600Kb or so down from the main office (traffic will pretty much always be from the main office to the remote office) Whilst I realise that there is an overhead and I'm never going to get the "full" bandwidth available over this VPN, I'd like to think that there's something I should be looking at that may help improve it. I've tried using the DrayTek's built-in "VPN Trunking" features which are supposed to load-balance connections, but this doesn't seem to improve matters much. I guess my question is - is this the kind of performance I should expect from this kind of setup and I'll just have to live with it, or should I be able to squeeze something more out of it through some VPN magic?

Read the article
HTTPS redirects in nginx

- by CadentOrange

I'm trying to redirect all HTTP traffic to HTTPS. The web server I'm using is nginx. This is the server block I'm using to do the redirect. server { listen 80; rewrite ^ https://$server_name$request_uri? permanent; } This successfully redirects URLs like http://localhost to https://localhost. However, for URLs like http://localhost/table/ I get redirected to https://table which is incorrect. I would like it to re-direct to https://localhost/table/ Any help would be much appreciated. Update: It seems that the rewrite scheme has a problem with trailing slashes. For example, http://localhost/table gets correctly redirected but http://localhost/table/ does not.

Read the article
Is visiting HTTPS websites on a public hotspot secure?

- by Calmarius

It's often said that HTTPS SSL/TLS connections are encrypted and said to be secure because the communication between the server and me is encrypted (also provides server authentication) so if someone sniffs my packets, they will need zillions of years to decrypt if using brute force in theory. Let's assume I'm on a public wifi and there is a malicious user on the same wifi who sniffs every packet. Now let's assume I'm trying to access my gmail account using this wifi. My browser does a SSL/TLS handshake with the server and gets the keys to use for encryption and decryption. If that malicious user sniffed all my incoming and outgoing packets. Can he calculate the same keys and read my encrypted traffic too or even send encrypted messages to the server in my name?

Read the article
Linux NetSec/IDS Bridge

- by Blackninja543

What I am looking to make is a linux system that acts as a bridge. It simple forwards any data sent on one device over to the next device. It does not attempt to block incoming attacks or redirect any traffic. What it does to is perform an IDS role on the network. Any suspicious activity is logged and reported. Snort would be one such piece of software however I was wondering what other solutions and ideas the rest of the community has.

Read the article

< Previous Page | 130 131 132 133 134 135 136 137 138 139 140 141 | Next Page >