Search Results

Search found 11313 results on 453 pages for 'ip aliasing'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 137/453 | < Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144  | Next Page >

  • Ubuntu Server attack? how to solve?

    - by saky
    Hello, Something (Someone) is sending out UDP packets sent from our whole ip range. This seems to be multicast DNS. Our server host provided this (Our IP Address is masked with XX): Jun 3 11:02:13 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:23 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:32 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:35 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 I checked my /var/log/auth.log file and found out that someone from China (Using ip-locator) was trying to get in to the server using ssh. ... Jun 3 11:32:00 server2 sshd[28511]: Failed password for root from 202.100.108.25 port 39047 ssh2 Jun 3 11:32:08 server2 sshd[28514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.100.108.25 user=root Jun 3 11:32:09 server2 sshd[28514]: Failed password for root from 202.100.108.25 port 39756 ssh2 Jun 3 11:32:16 server2 sshd[28516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.100.108.25 user=root ... I have blocked that IP address using this command: sudo iptables -A INPUT -s 202.100.108.25 -j DROP However, I have no clue about the UDP multicasting, what is doing this? who is doing it? and how I can stop it? Anyone know?

    Read the article

  • Unable to receive emails from Ubuntu postfix mail server

    - by Paddington
    I am unable to receive emails on an Ubuntu 11.04 server running postfix with the Plesk control panel. I can't see the mails even on webmail. I am able to send emails and am not getting any error messages on the email client when I try to receive. Here is the output of the logs: *tail -f /usr/local/psa/var/log/maillog Aug 29 10:38:31 cp9 postfix/tlsmgr[3811]: fatal: open database /var/lib/postfix/smtpd_scache.db: Invalid argument Aug 29 10:38:32 cp9 postfix/master[27738]: warning: process /usr/lib/postfix/tlsmgr pid 3811 exit status 1 Aug 29 10:38:32 cp9 postfix/master[27738]: warning: /usr/lib/postfix/tlsmgr: bad command startup -- throttling Aug 29 10:38:36 cp9 pop3d: Connection, ip=[::ffff:196.201.7.158] Aug 29 10:38:36 cp9 pop3d: IMAP connect from @ [::ffff:196.201.7.158]INFO: LOGIN, [email protected], ip=[::ffff:196.201.7.158] Aug 29 10:38:37 cp9 pop3d: 1346229517.874008 LOGOUT, [email protected], ip=[::ffff:196.201.7.158], top=0, retr=0, time=1, rcvd=24, sent=1716, maildir=/var/qmail/mailnames/essentialhuku.co.za/earle/Maildir Aug 29 10:14:05 cp9 postfix/tlsmgr[1133]: fatal: open database /var/lib/postfix/smtpd_scache.db: Invalid argument Aug 29 10:14:06 cp9 postfix/master[27738]: warning: process /usr/lib/postfix/tlsmgr pid 1133 exit status 1 Aug 29 10:14:06 cp9 postfix/master[27738]: warning: /usr/lib/postfix/tlsmgr: bad command startup -- throttling Aug 29 10:14:08 cp9 pop3d: Connection, ip=[::ffff:196.201.7.158

    Read the article

  • ipmi - can't ping or remotely connect

    - by Fidel
    I've tried configuring the IPMI controller to accept remote connections, but I can't even ping it. Here is it status: #/usr/local/bin/ipmitool lan print 2 Set in Progress : Set Complete Auth Type Support : NONE PASSWORD Auth Type Enable : Callback : : User : NONE PASSWORD : Operator : PASSWORD : Admin : PASSWORD : OEM : IP Address Source : Static Address IP Address : 192.168.1.112 Subnet Mask : 255.255.255.0 MAC Address : 00:a0:a5:67:45:25 IP Header : TTL=0x40 Flags=0x40 Precedence=0x00 TOS=0x10 BMC ARP Control : ARP Responses Enabled, Gratuitous ARP Enabled Gratituous ARP Intrvl : 8.0 seconds Default Gateway IP : 192.168.1.1 Default Gateway MAC : 00:00:00:00:00:00 802.1q VLAN ID : Disabled 802.1q VLAN Priority : 0 RMCP+ Cipher Suites : 0,1,2,3 Cipher Suite Priv Max : uaaaXXXXXXXXXXX : X=Cipher Suite Unused : c=CALLBACK : u=USER : o=OPERATOR : a=ADMIN : O=OEM # /usr/local/bin/ipmitool user list 2 ID Name Enabled Callin Link Auth IPMI Msg Channel Priv Limit 1 true false true true USER 2 admin true false true true ADMINISTRATOR # /usr/local/bin/ipmitool channel getaccess 2 2 Maximum User IDs : 5 Enabled User IDs : 2 User ID : 2 User Name : admin Fixed Name : No Access Available : callback Link Authentication : enabled IPMI Messaging : enabled Privilege Level : ADMINISTRATOR # /usr/local/bin/ipmitool channel info 2 Channel 0x2 info: Channel Medium Type : 802.3 LAN Channel Protocol Type : IPMB-1.0 Session Support : multi-session Active Session Count : 0 Protocol Vendor ID : 7154 Volatile(active) Settings Alerting : disabled Per-message Auth : disabled User Level Auth : disabled Access Mode : always available Non-Volatile Settings Alerting : disabled Per-message Auth : disabled User Level Auth : disabled Access Mode : always available # /usr/local/bin/ipmitool chassis status System Power : on Power Overload : false Power Interlock : inactive Main Power Fault : false Power Control Fault : false Power Restore Policy : unknown Last Power Event : Chassis Intrusion : inactive Front-Panel Lockout : inactive Drive Fault : false Cooling/Fan Fault : false # arp Address HWtype HWaddress Flags Mask Iface 192.168.1.112 ether 00:A0:A5:67:45:25 C bond0 # /usr/local/bin/ipmitool -I lan -H 192.168.1.112 -U admin -P admin chassis power status Error: Unable to establish LAN session Unable to get Chassis Power Status In summary. It exists on the ARP list so arp's are being broadcast. I can't ping it and can't connect to it. Can anyone spot any glaring mistakes in the configuration? Many thanks, Fidel

    Read the article

  • how would it be possible to discover a cable modem's MAC remotely?

    - by amateurenthusiast
    i was reading the back archives of a canadian privacy law blog, and he linked to a judicial decision. apparently as part of an investigation in which were used yahoo chat and google's old 'hello' image trading program the officer was able to determine a suspect's modem's MAC address: In order to determine who STEPHTOSH was, the officer did a trace on a programme called WHO IS in an effort to learn from where STEPHTOSH was coming. WHO IS is a command program available to the public. The officer was able to ascertain that the person using the name STEPHTOSH was a Rogers Internet customer. The officer was able to obtain the Internet Protocol address, also known as the I.P. There is only one location for an I.P., which is unique to that subscriber. By use of the website known as DNS STUFF.com, one is able to find with which company this I.P. is registered. It was ascertained that the I.P. address used by STEPHTOSH was registered to Rogers Cable, from the Toronto area. The officer also learned the Cable Modem MAC address used by STEPHTOSH. This was all the information the officer was able to amass. now it was my understanding that the MAC address of any given device can only be accessed if you're only one 'hop' away on the Internet. the suspect in question was in Markham and the officer part of the Toronto Police, so it's conceivable that they both might have used Rogers internet. but would that still put them only one 'hop' away from each other? i thought the first hop after the modem was usually the ISP? and if he'd used a netBIOS query against this guy's machine it would return the ethernet card's MAC, not the modem's. so is this guy on the same rogers subnet as the suspect's cable modem, is that functionality part of google's Hello (i could only think that it would be possible if Hello operated as a virtual LAN or something), does the officer have remote access to the arp caches of the routers at Rogers or is he just full of crap and lying to make his case stronger?

    Read the article

  • RDP or SSH connection trough Windows 2008 server VPN hang after a while

    - by xt4fs
    I have been experiencing a very strange issue with our VPN setup on Windows Server 2008. That server is running as a Xen Virtual Machine. We use it for two purposes, permit our mobile workers to connect to another server hosted somewhere else that only allow that ip, and use it to RDP or ssh to many other virtual machine on the same server. The server has no performance issue and still a load of memory free. All other virtual machine has no problem whatsoever. Many of those virtual machine have public IP (web servers) and all their firewall are set to allow only ssh connection or RDP connection from their local interface. When I am connecting directly with either ssh or RDP to one of the other virtual machine everything run without any issues. However, when I am doing so through the VPN after some time the connection just hang, it usually continue after some time (5 or 10 minutes). It seems as more there is network usage more often it happen to a point where it is completely unusable. The worst thing I can do to hang it faster is to actually ping the vpn client IP from the local network, after some time the latency increase until it hang. This happen even if I do RDP to the local ip of the VPN server trough the VPN. The server report no problem and if I disconnect to the vpn and reconnect right away everything is alright. There is nothing wrong in the VPN server log. I have taught at the beginning that it could have been an issue with the Host server so I try to RDP,ssh directly to the guest and I have experience no issue while doing this, so it really seems to be a problem with the VPN server on Windows server 2008. Another very weird thing is it does not seems to be of any issue if you only do Internet (NAT) without trying to connect to any local ips.

    Read the article

  • Network Load Balancing, intermittent port problem on Windows Server 2008

    - by Jimmy Chandra
    Trying to troubleshoot an intermittent problem on a Windows Server 2008 NLB. I think it might be related to an NLB issue. We are using Windows Network Load Balancing to balance load for our multiserver SharePoint front ends. Say... Web Front End 1 IP is 192.168.1.100 and Web Front End 2 IP is 192.168.1.101, the NLB is setup to load balance both WFE servers on any incoming traffic to the IP 192.168.1.200. Sometimes we got an intermittent issue where when we try to access the SharePoint site using 192.168.1.200:8080 (say the site is set up to run on port 8080) from a remote client, it will display page not found. Pinging the 192.168.1.200 will give responses, but when trying to telnet to 192.168.1.200:8080 it just won't connect. However, browsing the SharePoint site directly on individual WFE (192.168.1.100 and 192.168.1.101) show no problem whatsoever. My guess also (we didn't get a chance to try it yet, but I think it should work), if I try connecting remotely to individual server, it will respond just fine. But any attempt on trying to connect using the virtual IP (192.168.1.200) will fail miserably. Funny thing is, after a while it will return back to normal. Anyone had similar experience with this type of problem while implementing NLB before? We are doing this in a virtual environment.

    Read the article

  • 553-Message filtered - HELO Name issue?

    - by g18c
    I am having major issues sending from my SBS2011 machine to Message labs server-13.tower-134.messagelabs.com #553-Message filtered. Refer to the Troubleshooting page at 553-http://www.symanteccloud.com/troubleshooting for more 553 information. (#5.7.1) ## I have changed the IP and hostnames from the below. I am not on any IP or domain blacklists. I have setup SPF (which includes mailchimp servers): v=spf1 mx a ip4:95.74.157.22/32 a:remote.mydomain.com include:servers.mcsv.net ~all I am sure i have setup my HELO names correctly under the Exchange Management console, sending a test email from the SBS server and looking at the header shows the following: X-Orig-To: [email protected] X-Originating-Ip: [95.74.157.22] Received: from [95.74.157.22] ([95.74.157.22:52194] helo=remote.mydomain.com) by smtp50.gate.ord1a.rsapps.net (envelope-from <[email protected]>) (ecelerity 2.2.3.49 r(42060/42061)) with ESMTP id 11/90-10010-E529C835; Mon, 02 Jun 2014 11:04:09 -0400 Received: from MYSBSSVR.mydomain.local ([fe80::3159:95a6:23f:1bef]) by MYSBSSVR.mydomain.local ([fe80::3159:95a6:23f:1bef%10]) with mapi id 14.01.0438.000; Mon, 2 Jun 2014 19:03:56 +0400 Is is the main helo name there OK and do i need to worry about the second Received block where the MYSBSVR.mydomain.local is mentioned? I have asked the ISP to set the reverse DNS for my IP to remote.mydomain.com but they have instead put remote.MYDOMAIN.com - would this case cause HELO lookups to classify this as not matching? Anything else I can do to find out why i am being filtered?

    Read the article

  • Is iptable capable of this or should I go with mod_proxy?

    - by Jesper
    I'm trying to configure my network to receive an incoming connection on one device and then redirect it to another device on a specific port. Right now I'm on about port 80 and a device running apache. The problem I'm facing is that when the forwarding is done it also sets the source ip to the first device instead of the source ip the user that connects to the service has. Let me illustrate it: [Internet User] = 7.7.7.7 connects to [Device 1] = 1.1.1.1:80 [Device 1] forwards it to [Device 2] = 1.1.1.2:80 [Device 2] outputs response that [Internet User] sees So on [Device 2] I will naturally see [Device 1]s IP in the logs, but I wanna see if there is a way to connect the internet user through [Device 1] to [Device 2] while seeing the real source IP in the logs on [Device 2]. Is that possible? My rule-set looks like this at the moment: (on Device 1) iptables -P FORWARD ACCEPT iptables -t nat -I PREROUTING -j DNAT -p tcp --dport 80 --to-destination 1.1.1.2:80 iptables -t nat -I POSTROUTING -j SNAT -p tcp -d 1.1.1.2 --to-source 1.1.1.1 On [Device 2] it accepts all incoming on port 80 from [Device 1] as well as accepts all related and established connections. So, would there be any way to get the real source onto [Device 2]? Let me know if you need more information!

    Read the article

  • Options for small windows network setup without dedicated server?

    - by Mitch
    I'm very weak on networking and hope someone can point me in the right direction: I have written some windows client/server software which incorporates a database which is located on a windows server. I have a test installation running at a customer's office where the server has a static IP address. In this case its easy for the clients to access the database because of the fixed IP address. Also, customers with network servers generally have specialist support staff to set up my software, so its not such a problem for me. However I also need to offer the software to customers who have small offices with less than 10 PCs and no dedicated network server. In this case I want the customer to be able to nominate one PC as the database "server" and install my software and have the clients access it. But in this situation I believe the "server" PC may not have a dedicated IP address. Q1: What is the best way to set this up simply and make it work? Can I reliably reference the "server" by using its name, or is there a way to assign dummy fixed IP addresses? Ideally this needs to be workable on small networks running a mixture of XP/Vista/Windows7 as my target market may well have mixed OSes etc. I guess this would be akin to home networking? Many thanks Mitch

    Read the article

  • How to prioritize openvpn traffic?

    - by aditsu
    I have an openvpn server, with one network interface. VPN traffic is extremely slow. I tried to do traffic control with this configuration (currently): qdisc del dev eth0 root qdisc add dev eth0 root handle 1: htb default 12 class add dev eth0 parent 1: classid 1:1 htb rate 900mbit #vpn class add dev eth0 parent 1:1 classid 1:10 htb rate 1500kbit ceil 3000kbit prio 1 #local net class add dev eth0 parent 1:1 classid 1:11 htb rate 10mbit ceil 900mbit prio 2 #other class add dev eth0 parent 1:1 classid 1:12 htb rate 500kbit ceil 1000kbit prio 2 filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 1194 0xffff flowid 1:10 filter add dev eth0 protocol ip parent 1:0 prio 2 u32 match ip dst 192.168.10.0/24 flowid 1:11 qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10 qdisc add dev eth0 parent 1:11 handle 11: sfq perturb 10 qdisc add dev eth0 parent 1:12 handle 12: sfq perturb 10 But it's still extremely slow. I have an imaps connection that keeps transferring data continuously (I successfully limited the rate) but with openvpn I can't seem to get more than about 100kbit/s The internet connection speed is about 3mbit/s (symmetric) What could be the problem? Does the sport filter work for udp?

    Read the article

  • Windows 2008 R2 Servers Sending Arp Requests for IPs outside Subnet

    - by Kyle Brandt
    By running a packet capture on my my routers I see some of my servers sending ARP requests for IPs that exist outside of its network. For example if my network is: Network: 8.8.8.0/24 Gateway: 8.8.8.1 (MAC: 00:21:9b:aa:aa:aa) Example Server: 8.8.8.20 (MAC: 00:21:9b:bb:bb:bb) By running a capture on the interface that has 8.8.8.1 I see requests like: Sender Mac: 00:21:9b:bb:bb:bb Sender IP: 8.8.8.20 Target MAC: 00:21:9b:aa:aa:aa Target IP: 69.63.181.58 Anyone seen this behavior before? My understanding of ARP is that requests should only go out for IPs within the subnet... Am I confused in my understanding of ARP? If I am not confused, anyone seen this behavior? Also, these seem to happen in bursts and it doesn't happen when I do something like ping an IP outside of the network. Update: In response to Ian's questions. I am not running anything like Hyper-V. I have multiple interfaces but only one is active (Using BACS failover teaming). The subnet mask is 255.255.255.0 (Even if it were something different it wouldn't explain an IP like 69.63.181.58). When I run MS Network Monitor or wireshark I do not see these ARP requests. What happens is that on the router capturing I see a burst of about 10 requests for IPs outside of the network from the host machine. On the machine itself using wireshark or NetMon I see a flood of ARP responses for all the machines on the network. However, I don't see any requests in the capture asking for those responses. So it seems like maybe it is maybe refreshing the arp cache but including IPs that outside of the network. Also when it does this NetMon doesn't show the ARP requests?

    Read the article

  • Issues with VPN functionality

    - by Xorandor
    I've been working on setting up VPN connectivity to our office location. We bought a Cisco WRV210 which have a builtin VPN server. Cisco has some software QuickVPN, which is not as quick and easy as I had thought. I've had mixed experiences on different machines with connecting. Instead I configured an IPSec VPN tunnel following a guide from TheGreenBow here http://www.thegreenbow.com/doc/tgbvpn_cg_linksys_wrv200_en.pdf I followed their instructions and tried out an evaluation of their software, and VPN connection should be working ok. I'm able to do RDP to a machine on the network (using IP address, not machine name) and ping the router etc. What I'm trying to solve are two things: It's not like I'm "really" on the network. Or at least I'm restricted to some degree when going through the VPN. I can't access a machine on the network using machine name, only IP. I can't ping a machine, but the router just fine. Could this be that something is not set up properly? If so, I can ofcourse supply additional information. Second, when I log onto the VPN, I would really like my outgoing connection to go through the internet connection of the remote location. Basically if I connect to the VPN I want my outgoing IP to be that of the remote location's (needed for some IP resctrictions on some of our servers). At a previous work location it worked like this when we connected to our office VPN over PPTP and the builtin windows VPN client. I'm not a huge expert on the topic, so any hints will be appreciated.

    Read the article

  • TCP Handshake and port numbers

    - by Guido
    (I have a question about the TCP handshake and how port numbers are assigned, if this does not belong here, let me know.) Hi, I'm studying TCP/IP from the book "Internetworking with TCP/IP" by Douglas Comer. In the TCP chapter it mentions that TCP defines an "endpoint" as a pair (IP address, port number), and a connection is defined by two endpoints. This has a few implications, such as, a local TCP port could be in several connections at once, as long as there are no two from the same IP and the same remote port. This also means that the amount of established connections is almost limitless (2^16 for every IPv4 address. 2^48 in total). Now, in class, I was told that when one connects to a listening port, both sides agree on a different port to use, so the communication can happen and the listener socket remains free. This was also my belief before reading the book. Now I feel like I should obviously trust the book (It's Comer!), but is there any truth to the other explanation? Thanks

    Read the article

  • Debian/Ubuntu - No network connection

    - by leviathanus
    I have a very weird situation on my Ubuntu 12.04 LTS Server. I can not access (ping) my gateway, although I believe my config is ok - I attach the outputs. Any hints where to look? (I changed the beginning of the IP to something different, just obfuscation) ping 5.9.10.129 PING 5.9.10.129 (5.9.10.129) 56(84) bytes of data. From 5.9.10.129 (5.9.10.129) icmp_seq=2 Destination Host Unreachable From 5.9.10.129 (5.9.10.129) icmp_seq=3 Destination Host Unreachable From 5.9.10.129 (5.9.10.129) icmp_seq=4 Destination Host Unreachable uname -r 3.2.0-29-generic ifconfig eth0 eth0 Link encap:Ethernet HWaddr 3c:97:0e:0e:54:d7 inet addr:5.9.10.142 Bcast:5.9.10.159 Mask:255.255.255.224 inet6 addr: fe80::8e70:5aff:feda:c4ac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1216 errors:0 dropped:0 overruns:0 frame:0 TX packets:490 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:107470 (107.4 KB) TX bytes:34344 (34.3 KB) Interrupt:17 Memory:d2500000-d2520000 ip route default via 5.9.10.129 dev eth0 metric 100 5.9.10.128/27 via 5.9.10.129 dev eth0 5.9.10.128/27 dev eth0 proto kernel scope link src 5.9.10.142 route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 5.9.10.129 0.0.0.0 UG 1000 0 0 eth0 5.9.10.128 5.9.10.129 255.255.255.224 UG 0 0 0 eth0 5.9.10.128 0.0.0.0 255.255.255.224 U 0 0 0 eth0 iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination UPD: Eric, this is how routing information looks on a working server: 0.0.0.0 78.47.198.49 0.0.0.0 UG 100 0 0 eth0 78.47.198.48 78.47.198.49 255.255.255.240 UG 0 0 0 eth0 78.47.198.48 0.0.0.0 255.255.255.240 U 0 0 0 eth0 As I understand it, Hetzner tries to ensure security by this, so I can not take over an IP by changing my MAC. But this is another server, which has another netmask (255.255.255.240) UPD2: BatchyX, on the working server: 78.47.198.49 dev eth0 src 78.47.198.60 cache on the broken: 5.9.10.129 dev eth0 src 5.9.10.142 cache

    Read the article

  • Port Forwarding failing only to Ubuntu servers from Draytek router

    - by Rufinus
    I know this is a kinda unusal question, but Draytek support (..which is very eager to solve the issue) seems to reach its limits. Scenario: Draytek Vigor Multiwan router with current firmware. Multiple WAN IP Aliases on one of the wan ports DMZ (or port forwarding doesnt matter) from wan ip alias to internal host currently i have two internal hosts: 192.168.0.51 (Ubuntu) 192.168.0.53 (Debian) both should be accessible from outside via one of the wan ip aliases. both are accessible with their internal ip's at all times (!) If the router gots restartet, both external ips are forwarding to its internal hosts. But after a few minutes up to 2 hours, the ubuntu host is no longer reachable via its external interface. The debian hosts on the other hand is reachable. In what does ubuntu differs from debian ? I know at least of one user with the exact same problem. see http://ubuntuforums.org/showthread.php?p=10994279 Any ideas ? TIA EDIT: via ping diagnostics directly on vigor, 192.168.0.53 is pingable, 192.168.0.51 is not. but both hosts are perfectly reachable from anywhere inside the network. if i restart ubuntu networking it works again for a short time.... i'm out of ideas.. EDIT 2: after further investigation, i noticed a ping from .51 to the network (or a host in the internet) is enough to make the port-forwarding working again. So i will add an Cronjob as a "keep-alive" ping. This will solve the problem, but the reason for this behaivor is still in the dark. Thanks to all commentors.

    Read the article

  • Enabling NAT forwarding using a second WAN interface and a second gateway on ubuntu

    - by nixnotwin
    I have 3 interfaces: eth0 192.168.0.50/24 eth1 10.0.0.200/24 eth2 225.228.123.211 The default gateway is 192.168.0.1 which I want to keep as it is in the changes I want to make. I want to masquerade eth1 10.0.0.200/24 and enable NAT forwarding to eth2. So I have done this: ip route add 225.228.123.208/29 dev eth2 src 225.228.123.211 table t1 ip route add default via 225.228.123.209 dev eth2 table t1 ip rule add from 225.228.123.211 table t1 ip rule add to 225.228.123.211 table t1 Now I can receive ping replies from any internet host if I did: ping -I eth2 8.8.8.8 To enable NAT forwarding I did this: sudo iptables -A FORWARD -o eth2 -i eth1 -s 10.0.0.0/24 -m conntrack --ctstate NEW -j ACCEPT sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE But it isn't working. To test I used a client pc and put it on 10.0.0.0/24 network and gateway was set as 10.0.0.200. I want to have 192.168.0.1 as default gateway. And the traffic that comes in via eth1 10.0.0.200/24 should be forwarded to eth2 225.228.123.211. I have enabled forwarding on ubuntua also.

    Read the article

  • Can I use a Windows Server 2003 Domain Controller but my home router for DNS?

    - by NetworkingWannabie
    Hi All Probably easiest to start with a description of my current setup, which works (oh, and this is a home setup not an office or anything): I have an ADSL modem with a static IP address (192.168.128.1), and its DHCP capability is disabled. I have a permanently powered up Windows Server 2003 machine with a fixed IP (192.168.128.2) which provides my domain controller, dhcp, and dns. The default gateway for everything is my ADSL modem everything is setup to use the WS2003 machine as the primary DNS with the ADSL modem as Secondary DNS just in case the server goes down (everything includes the server itself). Lastly, just in case it's relevant, I have my DHCP leases set to infinite (or whatever the right term is). Everything is pretty hunky dory. Except, that is, for the fact that my server is ALWAYS on, and it isn't always used, so I'm burning juice that I don't need to - my server burns around 120W which isn't immense but isn't irrelevant either, so I'd like to put it into a stand-by state when it isn't being used (the more standby the better) and then get the clients to wake it up. Am I correct in assuming that this won't work at the moment - A given client would need an IP address to wake the machine up, and it needs to machine to be awake to get an IP - catch 22? Assuming I'm correct, can I move to using my router (which is always on) for DHCP? What impact will this have on DC and DNS? Alternatively, does anyone have a better way for me to achieve this? Can I get the server to wake up when it sees clients look for a DHCP server, etc? Wow, that came out longer than expected! Thanks for your help.

    Read the article

  • Win7 VM @ ESXi Server @ VMWorkstation (Win7) - ping works only from VM -> HostOS, not vice versa

    - by DK2000
    right now I'm toying around with VM Ware stuff and not having any pcs then my laptop I decided to run an ESXi Server inside of VWmware Workstation. I was just curios to see if the server would allow to setup and run a VM. And after some tweaking there it was, working like a charm. Okay not that fast but startin' the VM from vSphere and "opening a console" gave my direct access to that VM. Now I wanted to see if I could ping the host from the VM (VM Workstation Network is set to "host only"). And it worked, at least from the VM I could ping the ESXi server and the host. From the host I am able to ping the ESXi Server but I can't ping the VM! I asked myself anyway where the VM got its ip adress from. At the DCHPs IP there is at no machine after all. I even tried to use that DHCP adress for my Host and it didn't work out. You can see my settings from the screenshot here (it's pretty wide so just a link): http://yfrog.com/n4desktopfeop The only thing that got me thinking was when I once changed the ESXi's IP from 192.168.92.137 to 192.168.0.137. I still was able to connect to the ESXi server via its new IP but when I tried to run the VM console from vSphere I got an error after a while that said "couldnt connect to 192.168.92.137:903". So vSphere connects just through a port of the ESXi server to the VM?!? Could I setup a Linux VM to use it as a DHCP that I'd at least have control over the IPs that are given. Which lowest end linux could be used for this purpose?!? Thank you for your time! :)

    Read the article

  • How can I configure multiple default gateways on a CISCO Router?

    - by Spirit
    Does any one knows a way to configure a cisco router with multiple gateways - multiple gateways of last resort? I've tried adding a gateway of last resort twice (with different metric) but only one is shown: Router(config)# ip route 0.0.0.0 0.0.0.0 2.2.2.2 10 Router(config)# ip route 0.0.0.0 0.0.0.0 3.3.3.3 100 And the show ip route output was: Router# show ip route Gateway of last resort is 2.2.2.2 to network 0.0.0.0 2.0.0.0/24 is subnetted, 1 subnets C 2.2.2.0 is directly connected, FastEthernet0/0 3.0.0.0/24 is subnetted, 1 subnets C 3.3.3.0 is directly connected, FastEthernet0/1 32.0.0.0/30 is subnetted, 1 subnets C 32.2.2.0 is directly connected, Serial0/2/0 S* 0.0.0.0/0 [10/0] via 2.2.2.2 The point is that i cannot see the other route with higher distance metric? Anyone has a sugestion? I mean will this config work if the link on 2.2.2.2 fails? Will the router choose the other network 3.3.3.3, if the link 2.2.2.2 fails?

    Read the article

  • apache httpd.conf - virtualhost configuration

    - by Adam
    I'm new to apache and httpd.conf The problem I'm having is I need different website to go to different vhost configs and if only the IP is requested it needs to go to the root index.html This works fine for the virtualhosts: <VirtualHost *:80> DocumentRoot /var/www/html/bali-accommodation.co ServerName www.bali-accommodation.co </VirtualHost> <VirtualHost *:80> DocumentRoot /var/www/html/balibeach.co ServerName www.balibeach.co </VirtualHost> <VirtualHost *:80> DocumentRoot /var/www/html/dating-website.co ServerName www.dating-website.co </VirtualHost> However when I just specify the IP it does to www.XXX.XXX.XXX.XXX (appends the www). I know in the websites there is a .htaccess redirect that adds the www but I didn't want the IP to go into the vhosts config. I tried adding this to the top of the Vhost config: <VirtualHost *:80> DocumentRoot /var/www/html ServerName localhost </VirtualHost> with above it shows the index.html perfectly but all the websites go into this catch all. I've also tried this for the websites vhosts: DocumentRoot /var/www/html/bali-accommodation.co ServerName www.bali-accommodation.co I've tried the above with and without the 'www' in the first line unsuccessfully. Is there a way to have the vhosts work for the domains and if someone just enters the IP it goes to the root index.html? /var/www/html/index.html? thankyou so much Adam

    Read the article

  • How to configure CISCO switch 2960 for port-based address allocation on a single port only?

    - by Jack
    CISCO 2960 allows you to configure so-called Port-Based address allocation. It makes the switch to associate IP address it is giving out via DHCP with port-identifier, which is random, switch created identifier. In practice it means that any machine connected to such configured port will always get the same IP address, regardless of what that machine's MAC address is. I want to have that feature configured on --some ports-- only. But no matter what commands I try it seems that this can only be done for all ports, all for none. Even though CISCO manual seems to indicate there's both global and per-port command to enable that. Here are relevant commands from CISCO manual: configure terminal ip dhcp use subscriber-id client-id (this configures the DHCP server to globally use the subscriber ID as the client ID on all incoming DHCP messages) interface FastEthernet0/1 ip dhcp server use subscriber-id client-id (Optional: Configures the DHCP server to use the subscriber ID as the client ID on all incoming DHCP messages on the interface) but it appears if I configure only per-interface than there's no effect at all, if I configure globally and per interface - CISCo behaves as if all ports were configured to use that feature. Any ideas?

    Read the article

  • Tomcat Solr times out

    - by user568458
    (Plesk 10.4 centos 5.8 linux apache2 server, with Tomcat5 on port 8080 and Apache Solr) I get "The connection has timed out" on requesting domain.com:8080 or www.domain.com:8080 or ip.ad.dr.ess:8080 Every reason I can find why this might be seems not to be the case: Plesk thinks Tomcat is running fine and lists it as an active service. The firewall currently has an accept all rule on port 8080. There's nothing relevant in the catalina tomcat logs (/var/log/tomcat5) - just some stuff from last time tomcat was started. There's no record at all of the requests that fail. netstat -lnp | grep 8080 gives the following, which I beleive means Tomcat is listening to requests to port 8080 on all ip addresses from any ip and any port (please correct me if I'm wrong): : tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 4018/java This covers every cause of this time out that I can find - so I must be missing something fundamental. It seems Tomcat is running, listening to the right port, is getting an appropriate IP address, is not obstructed by a firewall and is not failing after receiving a request in a way which would be recorded in the logs (so I believe it can't be out of memory, or anything like that). I'm all out of ideas on how to continue debugging this. I must have overlooked something obvious. Can anyone help?

    Read the article

  • Network Load Balancing and AnyCast Routing

    - by user126917
    Hi All can anyone advise on problems with the following? I am planning on installing the following setup on my estate: I have 2 sites that both have a large amount of users. Goals are to keep things simple for the users and to have automatic failover above the database level. Our Database will exist at the primary site and be async mirrored to the secondary site with manual failover procedures.The database generate sequential ID's so distributing it is not an option. I plan to site IIS boxes at both sites with all of the business logic on them and heavy operations. The connections to SQL will be lightweight and DB reads will be cached on IIS. On this layer I plan to use Windows network load balancing and have the same IP or IPs across all IIS boxes at both sites. This way there will be automatic failover and no single point of failure. Also users can have one web address regardless of which site they are in automatically be network load balanced to their local IIS. This is great but obviously our two sites are on different subnets and as this will be one IP address with most of our traffic we can't go broadcasting everything across the link between the sites. To solve this problem we plan to use AnyCast routing over our network layer to route the traffic to the most local box that is listening which will be defined by the network load balancing. Has anyone used this setup before? Can anyone think of any issues with this? Also some specifics I can't find anywhere at the moment. If my Windows box is assigned an IP and listening on that IP but network load balancing is not accepting specific traffic then will AnyCast route away from that? Also can I AnyCast on a socket level?

    Read the article

  • Problems installing GIT on Ubuntu through SSH

    - by jamadri
    I'm having trouble installing git using this command: sudo apt-get install git-core It's giving me the problems below and I'm not quite sure how to get this to work correctly. I try running sudo apt-get update and after it just gives me problems. If anyone knows how to solve this or a possible way of getting GIT on your machine differently it would be of much help. I've never had a problem with using apt-get. Do you want to continue [Y/n]? y WARNING: The following packages cannot be authenticated! liberror-perl git-core patch Install these packages without verification [y/N]? y Err http://us.archive.ubuntu.com jaunty/main git-core 1:1.6.0.4-1ubuntu2 404 Not Found [IP: 91.189.92.183 80] Err http://us.archive.ubuntu.com jaunty/main patch 2.5.9-5 404 Not Found [IP: 91.189.92.183 80] Failed to fetch http://us.archive.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.6.0.4- 1ubuntu2_amd64.deb 404 Not Found [IP: 91.189.92.183 80] Failed to fetch http://us.archive.ubuntu.com/ubuntu/pool/main/p/patch/patch_2.5.9- 5_amd64.deb 404 Not Found [IP: 91.189.92.183 80] E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing? Anything reply that can help fix this would be helpful. I'm not sure if it's the git servers or my connection that might be the problem. I've used apt-get to pull other things, it's just failing with git.

    Read the article

  • Hyper-V: Dedicated NIC for Guests VMs

    - by TheLizardKing
    I have two NIC cards and created a private virtual network for my virtual machines and unchecked "Allow management operating system to share this network adapter" which basically turns my Guest NIC into this sorta shell of a NIC card on the host machine and the only thing checked in it's properties is "Microsoft Virtual Network Switch Protocol" which I am fine with. Everything works and everything is connected. My issue is that for some reason my guest (Ubuntu Server with legacy network drivers) is not talking properly to my DHCP server. Specifically my DHCP server reserves the guest's IP address using it's MAC address but the guest isn't picking it up. It's picking up any old IP it can get and I can't even ping the hostname from another PC on the network but it pings fine if I use the IP. I see the guest showing up in my DHCP table but I can't get the reservation to stick. Is there some reason it's only partially communicating with my DHCP server? Pinging it's hostname on itself reveals it's using 127.0.0.1 instead of it's network IP. Is this an issue with the legacy drivers used in Hyper-V?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144  | Next Page >