10 04 - Page 159 - Developer IT

Strange port forwarding problem

- by rAyt

I've got a strange port forwarding problem. The port forwarding to my internal webserver (10.0.0.10 on Port 80) works without a problem but the port forwarding to a windows server (10.0.0.15) on port 3389 doesn't work. The port 3389 is open. Any ideas? thanks! #!/bin/sh IPTABLES="/sbin/iptables" $IPTABLES --flush $IPTABLES --table nat --flush $IPTABLES --delete-chain $IPTABLES --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE $IPTABLES -t nat -A PREROUTING -p tcp -i eth0 -d 188.40.XXX.XXX --dport 3389 -j DNAT --to 10.0.0.15:3389 $IPTABLES -t nat -A PREROUTING -p tcp -i eth0 -d 188.40.XXX.XXX --dport 80 -j DNAT --to 10.0.0.10:80 $IPTABLES -t nat -A PREROUTING -p tcp -i eth0 -d 188.40.XXX.XXX --dport 222 -j DNAT --to 10.0.0.10:22 $IPTABLES --append FORWARD --in-interface eth1 -j ACCEPT

Read the article

JVM system time runs faster than HP UNIX OS system time

- by winston

Hello I have the following output from a simple debug jsp: Weblogic Startup Since: Friday, October 19, 2012, 08:36:12 AM Database Current Time: Wednesday, December 12, 2012, 11:43:44 AM Weblogic JVM Current Time: Wednesday, December 12, 2012, 11:45:38 AM Line 1 was a recorded variable during WebLogic webapp startup. Line 2 was output from database query select sysdate from dual; Line 3 was output from java code new Date() I have checked from shell date command that line 2 output conforms with OS time. The output of line 3 was mysterious. I don't know how it comes from Java VM. On another machine with same setting, the same jsp output like this: Weblogic Startup Since: Tuesday, December 11, 2012, 02:29:06 PM Database Current Time: Wednesday, December 12, 2012, 11:51:48 AM Weblogic JVM Current Time: Wednesday, December 12, 2012, 11:51:50 AM Another machine: Weblogic Startup Since: Monday, December 10, 2012, 05:00:34 PM Database Current Time: Wednesday, December 12, 2012, 11:52:03 AM Weblogic JVM Current Time: Wednesday, December 12, 2012, 11:52:07 AM Findings: the pattern shows that the longer Weblogic startup, the larger the discrepancy of OS time with JVM time. Anybody could help on HP JVM? On HP UNIX, NTP was done daily. Anyway here comes the server versions: HP-UX machinex B.11.31 U ia64 2426956366 unlimited-user license java version "1.6.0.04" Java(TM) SE Runtime Environment (build 1.6.0.04-jinteg_28_apr_2009_04_46-b00) Java HotSpot(TM) Server VM (build 11.3-b02-jre1.6.0.04-rc2, mixed mode) WebLogic Server Version: 10.3.2.0 Java properties java.runtime.name=Java(TM) SE Runtime Environment java.runtime.version=1.6.0.04-jinteg_28_apr_2009_04_46-b00 java.vendor=Hewlett-Packard Co. java.vendor.url=http\://www.hp.com/go/Java java.version=1.6.0.04 java.vm.name=Java HotSpot(TM) 64-Bit Server VM java.vm.info=mixed mode java.vm.specification.vendor=Sun Microsystems Inc. java.vm.vendor="Hewlett-Packard Company" sun.arch.data.model=64 sun.cpu.endian=big sun.cpu.isalist=ia64r0 sun.io.unicode.encoding=UnicodeBig sun.java.launcher=SUN_STANDARD sun.jnu.encoding=8859_1 sun.management.compiler=HotSpot 64-Bit Server Compiler sun.os.patch.level=unknown os.name=HP-UX os.version=B.11.31

Read the article

More interruptions than cpu context switches

- by Christopher Valles

I have a machine running Debian GNU/Linux 5.0.8 (lenny) 8 cores and 12Gb of RAM. We have one core permanently around 40% ~ 60% wait time and trying to spot what is happening I realized that we have more interruptions than cpu context switches. I found that the normal ratio between context switch and interruptions is around 10x more context switching than interruptions but on my server the values are completely different. backend1:~# vmstat -s 12330788 K total memory 12221676 K used memory 3668624 K active memory 6121724 K inactive memory 109112 K free memory 3929400 K buffer memory 4095536 K swap cache 4194296 K total swap 7988 K used swap 4186308 K free swap 44547459 non-nice user cpu ticks 702408 nice user cpu ticks 13346333 system cpu ticks 1607583668 idle cpu ticks 374043393 IO-wait cpu ticks 4144149 IRQ cpu ticks 3994255 softirq cpu ticks 0 stolen cpu ticks 4445557114 pages paged in 2910596714 pages paged out 128642 pages swapped in 267400 pages swapped out 3519307319 interrupts 2464686911 CPU context switches 1306744317 boot time 11555115 forks Any ideas if that is an issue? And in that case, how can I spot the cause and fix it? Update Following the instructions of the comments and focusing on the core stuck in wait I checked the processes attached to that core and below you can find the list: PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ P COMMAND 24 root RT -5 0 0 0 S 0 0.0 0:03.42 7 migration/7 25 root 15 -5 0 0 0 S 0 0.0 0:04.78 7 ksoftirqd/7 26 root RT -5 0 0 0 S 0 0.0 0:00.00 7 watchdog/7 34 root 15 -5 0 0 0 S 0 0.0 1:18.90 7 events/7 83 root 15 -5 0 0 0 S 0 0.0 1:10.68 7 kblockd/7 291 root 15 -5 0 0 0 S 0 0.0 0:00.00 7 aio/7 569 root 15 -5 0 0 0 S 0 0.0 0:00.00 7 ata/7 1545 root 15 -5 0 0 0 S 0 0.0 0:00.00 7 ksnapd 1644 root 15 -5 0 0 0 S 0 0.0 0:36.73 7 kjournald 1725 root 16 -4 16940 1152 488 S 0 0.0 0:00.00 7 udevd 2342 root 20 0 8828 1140 956 S 0 0.0 0:00.00 7 sh 2375 root 20 0 8848 1220 1016 S 0 0.0 0:00.00 7 locate 2421 root 30 10 8896 1268 1016 S 0 0.0 0:00.00 7 updatedb.findut 2430 root 30 10 58272 49m 616 S 0 0.4 0:17.44 7 sort 2431 root 30 10 3792 448 360 S 0 0.0 0:00.00 7 frcode 2682 root 15 -5 0 0 0 S 0 0.0 3:25.98 7 kjournald 2683 root 15 -5 0 0 0 S 0 0.0 0:00.64 7 kjournald 2687 root 15 -5 0 0 0 S 0 0.0 1:31.30 7 kjournald 3261 root 15 -5 0 0 0 S 0 0.0 2:30.56 7 kondemand/7 3364 root 20 0 3796 596 476 S 0 0.0 0:00.00 7 acpid 3575 root 20 0 8828 1140 956 S 0 0.0 0:00.00 7 sh 3597 root 20 0 8848 1216 1016 S 0 0.0 0:00.00 7 locate 3603 root 30 10 8896 1268 1016 S 0 0.0 0:00.00 7 updatedb.findut 3612 root 30 10 58272 49m 616 S 0 0.4 0:27.04 7 sort 3655 root 20 0 11056 2852 516 S 0 0.0 5:36.46 7 redis-server 3706 root 20 0 19832 1056 816 S 0 0.0 0:01.64 7 cron 3746 root 20 0 3796 580 484 S 0 0.0 0:00.00 7 getty 3748 root 20 0 3796 580 484 S 0 0.0 0:00.00 7 getty 7674 root 20 0 28376 1000 736 S 0 0.0 0:00.00 7 cron 7675 root 20 0 8828 1140 956 S 0 0.0 0:00.00 7 sh 7708 root 30 10 58272 49m 616 S 0 0.4 0:03.36 7 sort 22049 root 20 0 8828 1136 956 S 0 0.0 0:00.00 7 sh 22095 root 20 0 8848 1220 1016 S 0 0.0 0:00.00 7 locate 22099 root 30 10 8896 1264 1016 S 0 0.0 0:00.00 7 updatedb.findut 22108 root 30 10 58272 49m 616 S 0 0.4 0:44.55 7 sort 22109 root 30 10 3792 452 360 S 0 0.0 0:00.00 7 frcode 26927 root 20 0 8828 1140 956 S 0 0.0 0:00.00 7 sh 26947 root 20 0 8848 1216 1016 S 0 0.0 0:00.00 7 locate 26951 root 30 10 8896 1268 1016 S 0 0.0 0:00.00 7 updatedb.findut 26960 root 30 10 58272 49m 616 S 0 0.4 0:10.24 7 sort 26961 root 30 10 3792 452 360 S 0 0.0 0:00.00 7 frcode 27952 root 20 0 65948 3028 2400 S 0 0.0 0:00.00 7 sshd 30731 root 20 0 0 0 0 S 0 0.0 0:01.34 7 pdflush 31204 root 20 0 0 0 0 S 0 0.0 0:00.24 7 pdflush 21857 deploy 20 0 1227m 2240 868 S 0 0.0 2:44.22 7 nginx 21858 deploy 20 0 1228m 2784 868 S 0 0.0 2:42.45 7 nginx 21862 deploy 20 0 1228m 2732 868 S 0 0.0 2:43.90 7 nginx 21869 deploy 20 0 1228m 2840 868 S 0 0.0 2:44.14 7 nginx 27994 deploy 20 0 19372 2216 1380 S 0 0.0 0:00.00 7 bash 28493 deploy 20 0 331m 32m 16m S 4 0.3 0:00.40 7 apache2 21856 deploy 20 0 1228m 2844 868 S 0 0.0 2:43.64 7 nginx 3622 nobody 30 10 21156 10m 916 D 0 0.1 4:42.31 7 find 7716 nobody 30 10 12268 1280 888 D 0 0.0 0:43.50 7 find 22116 nobody 30 10 12612 1696 916 D 0 0.0 6:32.26 7 find 26968 nobody 30 10 12268 1284 888 D 0 0.0 1:56.92 7 find Update As suggested I take a look at /proc/interrupts and below the info there: CPU0 CPU1 CPU2 CPU3 CPU4 CPU5 CPU6 CPU7 0: 35 0 0 1469085485 0 0 0 0 IO-APIC-edge timer 1: 0 0 0 8 0 0 0 0 IO-APIC-edge i8042 8: 0 0 0 1 0 0 0 0 IO-APIC-edge rtc0 9: 0 0 0 0 0 0 0 0 IO-APIC-fasteoi acpi 12: 0 0 0 105 0 0 0 0 IO-APIC-edge i8042 16: 0 0 0 0 0 0 0 580212114 IO-APIC-fasteoi 3w-9xxx, uhci_hcd:usb1 18: 0 0 142 0 0 0 0 0 IO-APIC-fasteoi uhci_hcd:usb6, ehci_hcd:usb7 19: 9 0 0 0 0 0 0 0 IO-APIC-fasteoi uhci_hcd:usb3, uhci_hcd:usb5 21: 0 0 0 0 0 0 0 0 IO-APIC-fasteoi uhci_hcd:usb2 23: 0 0 0 0 0 0 0 0 IO-APIC-fasteoi uhci_hcd:usb4, ehci_hcd:usb8 1273: 0 0 1600400502 0 0 0 0 0 PCI-MSI-edge eth0 1274: 0 0 0 0 0 0 0 0 PCI-MSI-edge ahci NMI: 0 0 0 0 0 0 0 0 Non-maskable interrupts LOC: 214252181 69439018 317298553 21943690 72562482 56448835 137923978 407514738 Local timer interrupts RES: 27516446 16935944 26430972 44957009 24935543 19881887 57746906 24298747 Rescheduling interrupts CAL: 10655 10705 10685 10567 10689 10669 10667 396 function call interrupts TLB: 529548 462587 801138 596193 922202 747313 2027966 946594 TLB shootdowns TRM: 0 0 0 0 0 0 0 0 Thermal event interrupts THR: 0 0 0 0 0 0 0 0 Threshold APIC interrupts SPU: 0 0 0 0 0 0 0 0 Spurious interrupts ERR: 0 All the values seems more or less the same for all the cores but this one IO-APIC-fasteoi 3w-9xxx, uhci_hcd:usb1 only affects to the core 7 (the same with the wait time of 40% ~ 60%) could be something attached to the usb port causing the issue? Thanks in advanced

Read the article

Successful login with iscsiadm on target still doesn't create block device

- by Halfgaar

I've set up an experiment to test iscsitarget and initiator, which at some point worked. Later, I turned the setup back on and much to my dismay, the initiator machine stopped making block devices for its successful logins. As far as I know, I haven't changed anything on either machine. Some details: # iscsiadm -m node --login Logging in to [iface: default, target: iqn.2010-12.nl.ytec.arbiter:arbiter.lun1, portal: 10.0.0.1,3260] Logging in to [iface: default, target: iqn.2010-12.nl.ytec.arbiter:arbiter.lun2, portal: 10.0.0.1,3260] Login to [iface: default, target: iqn.2010-12.nl.ytec.arbiter:arbiter.lun1, portal: 10.0.0.1,3260]: successful Login to [iface: default, target: iqn.2010-12.nl.ytec.arbiter:arbiter.lun2, portal: 10.0.0.1,3260]: successful Sessions: # iscsiadm -m session tcp: [3] 10.0.0.1:3260,1 iqn.2010-12.nl.ytec.arbiter:arbiter.lun1 tcp: [4] 10.0.0.1:3260,1 iqn.2010-12.nl.ytec.arbiter:arbiter.lun2 Netstat: # netstat -n -p|grep 3260 tcp 0 0 10.0.0.2:48719 10.0.0.1:3260 ESTABLISHED 1078/iscsid tcp 0 0 10.0.0.2:48718 10.0.0.1:3260 ESTABLISHED 1078/iscsid /var/log/syslog doesn't give errors: Jan 27 11:41:49 vmnode001 kernel: [ 378.041749] scsi7 : iSCSI Initiator over TCP/IP Jan 27 11:41:49 vmnode001 kernel: [ 378.044180] scsi8 : iSCSI Initiator over TCP/IP lsscsi doesn't show my devices: [0:0:1:0] cd/dvd TSSTcorp DVD-ROM TS-L333A D100 /dev/sr0 [4:0:0:0] disk ATA Hitachi HUA72105 A74A - [4:0:1:0] disk ATA Hitachi HUA72105 A74A - [4:1:0:0] disk Dell VIRTUAL DISK 1028 /dev/sda And there are no block devices in /dev for it: # ls -1 /dev/sd* /dev/sda /dev/sda1 /dev/sda2 /dev/sda3 /dev/sda4 I tried loading all scsi kernel modules I could find, but that doesn't seem to be the problem. I reall don't get this; it used to work. I found people with similar problems (here and here) but no solution. Initiator is Debian Sqeeuze (testing), target is Debian Lenny (stable). iscsitarget is 0.4.16+svn162-3.1+lenny1, open-iscsi (initiator) is 2.0.871.3-2squeeze1. Target kernel: 2.6.26-2-amd64, initiator kernel: 2.6.32-5-amd64

Read the article

Cisco Catalyst 3550 + Alteon 184 Load-Balancing Issues...

- by upkels

I have just deployed a couple Cisco Catalyst 3550 switches, and a couple Alteon 184 Web Switches for load-balancing. I can ping all RIPs and VIPs to/from the Alteon. Topology Before: (server) <- (Alteon) <- (Internet) Topology Now: (server) <- (3550) <- Alteon <- (Internet) Cisco Port Configuration (Alteon Uplink Port): description LB_1_PORT_9_PRIMARY switchport access vlan 10 switchport mode access switchport nonegotiate speed 100 duplex full Alteon Port 9 Configuration (VLAN 10 WAN): >> Main# /c/port 9/cur Current Port 9 configuration: enabled pref fast, backup gig, PVID 10, BW Contract 1024 name UPLINK >> Main# /c/port 9/fast/cur Current Port 9 Fast link configuration: speed 100, mode full duplex, fctl none, auto off Cisco Configuration (Load-Balanced Servers Port): description LB_1_PORT_1_PRIMARY switchport access vlan 30 switchport mode access switchport nonegotiate speed 100 duplex full Alteon Port 1 Configuration (VLAN 30 LOAD-BALANCED LAN): >> Main# /c/port 1/cur Current Port 1 configuration: enabled pref fast, backup gig, PVID 30, BW Contract 1024 name LB_PORT_1 >> Main# /c/port 1/fast/cur Current Port 1 Fast link configuration: speed 100, mode full duplex, fctl both, auto on Each of my servers are on vlan 10 and 30, properly communicating. I have tried to turn on VLAN tagging on the Alteon, however it seems to cause all communications to stop working. When I tcpdump -i vlan30 on any of the webservers, I see normal ARP communications, and some STP communications, which may or may not be part of the problem: ... 15:00:51.035882 STP 802.1d, Config, Flags [none], bridge-id 801e.00:11:5c:62:fe:80.8041, length 42 15:00:51.493154 IP 10.1.1.254.33923 > 10.1.1.1.http: Flags [S], seq 707324510, win 8760, options [mss 1460], length 0 15:00:51.493336 IP 10.1.1.1.http > 10.1.1.254.33923: Flags [S.], seq 3981707623, ack 707324511, win 65535, options [mss 1460], len gth 0 15:00:51.493778 ARP, Request who-has 10.1.3.1 tell 10.1.3.254, length 46 etc... I'm not sure if I've provided enough information, so please let me know if any more is necessary. Thank you!

Read the article

ServerName wildcards in Apache name-based virtual hosts?

- by Martijn Heemels

On our LAN I've set up several 'fake' TLDs in the DNS server, with the intention of using them for Apache name-based virtual hosting. I'd like to combine this with mass-virtual-hosting (i.e. VirtualDocumentRoot) on an Ubuntu 10.04 LAMP server. However, I can't get it to select the right vhost! Here is a summary of the Apache config: NameVirtualHost 10.10.0.205 <VirtualHost 10.10.0.205> ServerName *.test VirtualDocumentRoot /var/www/%-3.0.%-2/test/%1/ CustomLog /var/log/apache2/access.log vhost_combined </VirtualHost> <VirtualHost 10.10.0.205> ServerName *.dev VirtualDocumentRoot /var/www/%-3.0.%-2/dev/%1/ CustomLog /var/log/apache2/access.log vhost_combined </VirtualHost> A hostname such as www.domain.com.dev, correctly resolves to 10.10.0.205, but always selects the top vhost, instead of the bottom one, which matches more closely. I was under the impression that Apache would first try to match the ServerName before defaulting to the top vhost for a given IP. What am I doing wrong? Or is this not possible and must I use another IP for each TLD? apachectl -S outputs (trimmed): 10.10.0.205:* is a NameVirtualHost default server *.test port * namevhost *.test port * namevhost *.dev

Read the article

Cisco ASA 8.2 ACL For NAT

- by javano

Sadly I have gone back in time to ASA 8.2(5)33 which I am not so familiar with. I have configured NAT between two interfaces but traffic isn't passing becasue I can't get the ACL to work; (The full config which isn't very big is here but to keep this post tidy I have just pasted the important parts below); interface Ethernet0/0 switchport access vlan 108 ! interface Ethernet0/6 switchport access vlan 104 ! interface Ethernet0/7 switchport access vlan 105 ! interface Vlan104 description BUILDING2 nameif BUILDING2 security-level 0 ip address 10.104.0.1 255.255.255.0 ! interface Vlan105 description BUILDING1 nameif BUILDING1 security-level 0 ip address 10.105.0.1 255.255.255.0 ! interface Vlan108 description Main LAN VLAN nameif lan security-level 0 ip address 172.22.0.215 255.255.255.0 ! object-group network obj_net_Remote_Hosts network-object host 111.111.111.3 network-object host 111.111.111.65 object-group network obj_host_pc1_eth1 network-object host 10.104.0.111 object-group network obj_host_pc2_eth1 network-object host 10.104.0.112 object-group network obj_host_pc3_eth1 network-object host 10.104.0.106 object-group network obj_host_pc4_eth1 network-object host 10.104.0.107 object-group network obj_net_PCs description IPs of PCs group-object obj_host_pc1_eth1 group-object obj_host_pc2_eth1 group-object obj_host_pc3_eth1 group-object obj_host_pc4_eth1 access-list acl_NAT_pc1_91 extended permit tcp host 10.104.0.111 host 111.111.111.3 eq 8101 access-list acl_Permit_PCs extended permit tcp object-group obj_net_PCs object-group obj_net_Remote_Hosts eq 8101 ! global (BUILDING1) 11 111.111.222.91 netmask 255.255.255.255 nat (BUILDING2) 11 access-list acl_NAT_pc1_91 access-group acl_Permit_PCs in interface BUILDING2 route BUILDING1 111.111.111.3 255.255.255.255 10.105.0.2 1 route BUILDING1 111.111.111.65 255.255.255.255 10.105.0.2 1 When I try and connect from PC1 to ip 111.111.111.3 I see the following error logged on the ASA console; %ASA-2-106001: Inbound TCP connection denied from 10.104.0.111/38495 to 111.111.111.3/8101 flags SYN on interface blades What the duce!

Read the article

Network outside internal not reaching TMG Forefront 2010 (Hyper-V environment)

- by Pascal

Below is my environment: I have 1 physical machine running Windows 2008 R2, with the Hyper-V role. This machine has 3 physical NICs: One for Internet One for Internal Network One for Wireless Network All 3 have their respective Virtual Networks in Hyper-V, and I have an extra Private virutal machine network for a DMZ Network. In one of the virtual machines, I have TMG Forefront 2010 SP1 installed, with all 4 networks available to it. Below is the IPCONFIG /ALL at the firewall: Windows IP Configuration Host Name . . . . . . . . . . . . : FRW-EXP1-02 Primary Dns Suffix . . . . . . . : exp1.eti.br Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : Yes WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : exp1.eti.br Ethernet adapter Internet: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter #4 Physical Address. . . . . . . . . : 00-15-5D-01-06-0E DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::6d05:6033:4cfc:bdf5%15(Preferred) IPv4 Address. . . . . . . . . . . : 189.100.110.xxx(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.240.0 Lease Obtained. . . . . . . . . . : quarta-feira, 5 de janeiro de 2011 11:17:24 Lease Expires . . . . . . . . . . : quarta-feira, 5 de janeiro de 2011 16:07:02 Default Gateway . . . . . . . . . : 189.100.96.xxx DHCP Server . . . . . . . . . . . : 201.6.2.43 DHCPv6 IAID . . . . . . . . . . . : 436213085 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6D-75-6F-00-15-5D-01-06-0B DNS Servers . . . . . . . . . . . : 201.6.2.163 201.6.2.43 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Rede Interna: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter #3 Physical Address. . . . . . . . . : 00-15-5D-01-06-0C DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::51ff:4723:ce4c:bbc3%14(Preferred) IPv4 Address. . . . . . . . . . . : 10.50.75.10(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 352327005 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6D-75-6F-00-15-5D-01-06-0B DNS Servers . . . . . . . . . . . : 10.50.75.1 10.50.75.2 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter DMZ: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter #2 Physical Address. . . . . . . . . : 00-15-5D-01-06-0A DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::d4c5:75cf:e9aa:73e1%13(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.10.1(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 301995357 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6D-75-6F-00-15-5D-01-06-0B DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Wireless: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter Physical Address. . . . . . . . . : 00-15-5D-01-06-0B DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::459:8ca6:d02:8da1%11(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 234886493 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6D-75-6F-00-15-5D-01-06-0B DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 NetBIOS over Tcpip. . . . . . . . : Enabled I have the Networks below at Forefront: External: IP addresses external to the Forefront TMG Networks Internal: 10.50.75.0 - 10.50.75.255 Local Host: Perimiter: 192.168.10.0 - 192.168.10.255 Wireless: 192.168.1.0 - 192.168.1.255 In the Networks Rules, I have: 1 => Route => Local Host => All Networks 2 => Route => Quarantined; VPN => Internal 3 => NAT => Internal; VPN => Perimiter 4 => NAT => Internal; Perimiter; Quarantined; VPN; Wireless => External My problem is that I can only communicate with the Internal and External networks. If a ping www.google.com or 10.50.75.21 from the Forefront VM, I get answer backs without a problem. If I try to ping a machine at the Perimiter network or the Wireless network, it doesn't get routed back to Forefront, and it's the default gateway on all Networks. Here as ping samples: PS C:\Users\Administrator.TPB1> ping www.google.com Pinging www.l.google.com [64.233.163.104] with 32 bytes of data: Reply from 64.233.163.104: bytes=32 time=11ms TTL=58 Reply from 64.233.163.104: bytes=32 time=8ms TTL=58 Ping statistics for 64.233.163.104: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 8ms, Maximum = 11ms, Average = 9ms Control-C PS C:\Users\Administrator.TPB1> ping 10.50.75.21 Pinging 10.50.75.21 with 32 bytes of data: Reply from 10.50.75.21: bytes=32 time=1ms TTL=128 Reply from 10.50.75.21: bytes=32 time=1ms TTL=128 Reply from 10.50.75.21: bytes=32 time=1ms TTL=128 Reply from 10.50.75.21: bytes=32 time=1ms TTL=128 Ping statistics for 10.50.75.21: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 1ms, Average = 1ms PS C:\Users\Administrator.TPB1> ping 192.168.10.3 Pinging 192.168.10.3 with 32 bytes of data: Reply from 192.168.10.1: Destination host unreachable. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.10.3: Packets: Sent = 4, Received = 1, Lost = 3 (75% loss), PS C:\Users\Administrator.TPB1> The ping to the 192.168.10.3 gets the Destination host unreachable. Below is the ipconfig for the perimiter VM: PS C:\Users\Administrator.Administrator> ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : app-exp1-02 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unkown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter Physical Address. . . . . . . . . : 00-15-5D-01-06-08 DHCP Enabled. . . . . . . . . . . : No IPv4 Address. . . . . . . . . . . : 192.168.10.3 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.10.1 DNS Servers . . . . . . . . . . . : 201.6.2.163 201.6.2.43 Trying to ping 192.168.10.1 ( the gateway ) from the DMZ machine also does not work. When I use Log & Reports to monitor packets from Wireless network and Perimiter network, I don't get any packets link PING or HTTP that I try to send. But I do get a lot of spoofing messages for NETBIOS broadcasts... it's like Forefront thinks it's coming from a different network, but I don't know why. Please Help! Tks

Read the article

CentOS: eth0 not starting on boot

- by Cameron Aziz

Whenever I reboot a CentOS Hyper-V VM, eth0 does not start automatically. All I need to do is perform ifup eth0 and all is fixed, but that isn't feasible from ssh! I am starting in runlevel 3. After I perform ifup eth0 on the console: [root@localhost ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:15:5D:2B:2B:07 inet addr:10.10.0.3 Bcast:10.10.0.255 Mask:255.255.255.0 inet6 addr: fe80::215:5dff:fe2b:2b07/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:34 errors:0 dropped:0 overruns:0 frame:0 TX packets:49 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4656 (4.5 KiB) TX bytes:6399 (6.2 KiB) Interrupt:9 Base address:0xa000 [root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 BOOTPROTO=none IPADDR=10.10.0.3 NETMASK=255.255.255.0 GATEWAY=10.10.0.1 USERCTL=no ONBOOT=yes [root@localhost ~]# chkconfig --list | grep network network 0:off 1:off 2:on 3:on 4:on 5:on 6:off

Read the article

OpenLDAP replication fails, "syncrepl_entry: rid=666 be_modify failed (20)"

- by Pavel

I've configured a second host to replicate the main LDAP server via syncrepl in the slapd.conf: syncrepl rid=666 provider=ldaps://my-main-server.com type=refreshAndPersist searchBase="dc=Staff,dc=my-main-server,dc=com" filter="(objectClass=*)" scope=sub schemachecking=off bindmethod=simple binddn="cn=repadmin,dc=my-main-server,dc=com" credentials=mypassword When I restart slapd, it writes to /var/log/debug Jun 11 15:48:33 cluster-mn-04 slapd[29441]: @(#) $OpenLDAP: slapd 2.4.9 (Mar 31 2009 07:18:37) $ ^Ibuildd@yellow:/build/buildd/openldap2.3-2.4.9/debian/build/servers/slapd Jun 11 15:48:34 cluster-mn-04 slapd[29442]: slapd starting Jun 11 15:48:34 cluster-mn-04 slapd[29442]: null_callback : error code 0x14 Jun 11 15:48:34 cluster-mn-04 slapd[29442]: syncrepl_entry: rid=666 be_modify failed (20) Jun 11 15:48:34 cluster-mn-04 slapd[29442]: do_syncrepl: rid=666 quitting I've looked into the sources for the return code and found only #define LDAP_TYPE_OR_VALUE_EXISTS 0x14 in include/ldap.h. Anyway, I don't quite get what the error message means. Can you help me debugging this problem and figure out why the LDAP replication doesn't work? I've managed to put a "manual" copy via slapcat and slapadd into the database, but I'd like to sync automatically. UPDATE: "Solved" by removing /var/lib/ldap/* and re-importing the database with slapadd.

Read the article

Unicorn 3.3.1 and Rack 1.1.0 issues?

- by user41422

I'm upgrading from the Ruby Enterprise Edition 1.8.6 to the latest 1.8.7 version with Unicorn to facilitate an upgrade to Rails 2.3.10, and am running into some issues. Should I uninstall the older versions of these gems? Here's the log messages: I'm upgrading from the Ruby Enterprise Edition 1.8.6 to the latest 1.8.7 version with Unicorn to facilitate an upgrade to Rails 2.3.10, and am running into some issues. Should I uninstall the older versions of these gems? I, [2011-02-02T22:06:16.328076 #30672] INFO -- : listening on addr=0.0.0.0:8080 fd=3 I, [2011-02-02T22:06:16.333137 #30672] INFO -- : Refreshing Gem list /srv/ree/bin/unicorn_rails must be run inside RAILS_ROOT: #<Gem::LoadError: can't activate rack (~> 1.1.0, runtime) for ["actionpack-2.3.10", "rails-2.3.10"], already activated rack-1.2.1 for ["unicorn-3.3.1"]> I, [2011-02-02T22:07:12.259436 #30701] INFO -- : listening on addr=0.0.0.0:8080 fd=3 I, [2011-02-02T22:07:12.259952 #30701] INFO -- : Refreshing Gem list /srv/ree/bin/unicorn_rails must be run inside RAILS_ROOT: #<Gem::LoadError: can't activate rack (~> 1.1.0, runtime) for ["actionpack-2.3.10", "rails-2.3.10"], already activated rack-1.2.1 for ["unicorn-3.3.1"]> I, [2011-02-02T22:09:27.787177 #30772] INFO -- : listening on addr=0.0.0.0:8080 fd=3 I, [2011-02-02T22:09:27.787691 #30772] INFO -- : Refreshing Gem list /srv/ree/bin/unicorn_rails must be run inside RAILS_ROOT: #<Gem::LoadError: can't activate rack (~> 1.1.0, runtime) for ["actionpack-2.3.10", "rails-2.3.10"], already activated rack-1.2.1 for ["unicorn-3.3.1"]> I, [2011-02-02T22:10:44.175407 #30846] INFO -- : listening on addr=0.0.0.0:8080 fd=3 I, [2011-02-02T22:10:44.175928 #30846] INFO -- : Refreshing Gem list /srv/ree/bin/unicorn_rails must be run inside RAILS_ROOT: #<Gem::LoadError: can't activate rack (~> 1.1.0, runtime) for ["actionpack-2.3.10", "rails-2.3.10"], already activated rack-1.2.1 for ["unicorn-3.3.1"]>

Read the article

Syntax of mac2vlan file in freeradius?

- by Edik Mkoyan

below is the content of mac2vlan file in freeradius When I uncomment this 00:01:02:03:04:05,VLAN1 it logs parsing error including configuration file /etc/raddb/modules/mac2vlan /etc/raddb/modules/mac2vlan[10]: Parse error after "00:01:02:03:04:05" Errors reading /etc/raddb/radiusd.conf what is the correct syntax? # -*- text -*- # # $Id$ # A simple file to map a MAC address to a VLAN. # # The file should be in the format MAC,VLAN # the VLAN name cannot have spaces in it, for example: # 00:01:02:03:04:05,VLAN1 # 03:04:05:06:07:08,VLAN2 # ... passwd mac2vlan { filename = ${confdir}/mac2vlan format = "*VMPS-Mac:=VMPS-VLAN-Name" delimiter = "," #}

Read the article

Routing subnet over GRE tunnel

- by eMgz

Hi, Im trying to configure a GRE over IPSec connection between two subnets. The IPSec tunnel is opened and now I want to add a GRE tunnel over it: ip tunnel add GRE01 mode gre remote 10.244.0.1 local 10.244.245.32 ttl 255 ip link set GRE01 up ip addr add 10.244.248.126 dev GRE01 ip route add 10.244.248.125 dev GRE01 Now I have an interface GRE01 (ifconfig): GRE10 Link encap:UNSPEC HWaddr <h_addr> inet addr:10.244.248.126 P-t-P:10.244.248.126 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) And the following routes (ip route list): 10.244.248.125 dev GRE10 scope link <pub_subnet> dev eth0 proto kernel scope link src <pub_ip> default via <pub_gw> dev eth0 metric 100 As a last step, I need now to route my subnet over the tunnel: ip route add 10.245.1.224/28 10.244.248.125 However, I am getting the error Error: either "to" is duplicate, or "10.244.248.125" is a garbage. So, what I didn't understand is why I can't route my subnet over the tunnel, once the only route I have there says that it should route the tunnel IP over the GRE01 interface. Any hint? Thanks.

Read the article

Understanding tcptraceroute versus http response

- by kojiro

I'm debugging a web server that has a very high wait time before responding. The server itself is quite fast and has no load, so I strongly suspect a network problem. Basically, I make a web request: wget -O/dev/null http://hostname/ --2013-10-18 11:03:08-- http://hostname/ Resolving hostname... 10.9.211.129 Connecting to hostname|10.9.211.129|:80... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: ‘/dev/null’ 2013-10-18 11:04:11 (88.0 KB/s) - ‘/dev/null’ saved [13641] So you see it took about a minute to give me the page, but it does give it to me with a 200 response. So I try a tcptraceroute to see what's up: $ sudo tcptraceroute hostname 80 Password: Selected device en2, address 192.168.113.74, port 54699 for outgoing packets Tracing the path to hostname (10.9.211.129) on TCP port 80 (http), 30 hops max 1 192.168.113.1 0.842 ms 2.216 ms 2.130 ms 2 10.141.12.77 0.707 ms 0.767 ms 0.738 ms 3 10.141.12.33 1.227 ms 1.012 ms 1.120 ms 4 10.141.3.107 0.372 ms 0.305 ms 0.368 ms 5 12.112.4.41 6.688 ms 6.514 ms 6.467 ms 6 cr84.phlpa.ip.att.net (12.122.107.214) 19.892 ms 18.814 ms 15.804 ms 7 cr2.phlpa.ip.att.net (12.122.107.117) 17.554 ms 15.693 ms 16.122 ms 8 cr1.wswdc.ip.att.net (12.122.4.54) 15.838 ms 15.353 ms 15.511 ms 9 cr83.wswdc.ip.att.net (12.123.10.110) 17.451 ms 15.183 ms 16.198 ms 10 12.84.5.93 9.982 ms 9.817 ms 9.784 ms 11 12.84.5.94 14.587 ms 14.301 ms 14.238 ms 12 10.141.3.209 13.870 ms 13.845 ms 13.696 ms 13 * * * … 30 * * * I tried it again with 100 hops, just to be sure – the packets never get there. So how is it that the server does respond to requests via http, even after a minute? Shouldn't all requests just die? I'm not sure how to proceed debugging why this server is slow (as opposed to why it responds at all).

Read the article

How to put several files in one archive?

- by Roman

I have 10 files which I need to send per e-mail. It is inconvenient for me all 10 files and it will be inconvenient for the receiver to download all 10 files (it can be annoying to do the same operation 10 times). I would like to put all 10 files into one files (I think it can be done as archive). How can I do it? Important details. I am working in the Windows 7 and prefer to do the mentioned operation from the command line. In the directory, where I have my 10 files, I have many other files which I would not like to include into the archive. The files are small, so compression rate and size do not play any role. I just one to have an easy way to put 10 files into one and then easily to extract these 10 files.

Read the article

debian 6 losing a large amount of packets

- by Sc0rian

I have a rather strange problem. We covered all the obvious hardware related issues (different nic, eth cable and switch) however I cannot seem to stop eth dropping packets. I have 4 servers all exactly the same. driver: e1000e version: 1.2.20-k2 firmware-version: 1.8-0 bus-info: 0000:06:00.0 They are all running the latest kernel(2.6.32-5-amd64). However they do this: RX packets:17073870634 errors:0 dropped:14147208 overruns:0 frame:0 another server: eth0 Link encap:Ethernet HWaddr e0:69:95:05:2f:cb inet addr:10.10.10.86 Bcast:10.10.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5455209277 errors:0 dropped:375445 overruns:0 frame:0 TX packets:3666134366 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:6688414486673 (6.0 TiB) TX bytes:1611812171539 (1.4 TiB) Interrupt:20 Memory:d0600000-d0620000 eth1 Link encap:Ethernet HWaddr 00:1b:21:b7:7a:ce inet addr:10.10.0.86 Bcast:10.10.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:15473695728 errors:0 dropped:5808325 overruns:0 frame:0 TX packets:20112364421 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:9192378766434 (8.3 TiB) TX bytes:20216368266761 (18.3 TiB) Interrupt:17 Memory:d0280000-d02a0000 A massive amount of dropped packets. I have tried to load on the latest driver, 1.9.5. This did nothing. I'm not sure what else to do.

Read the article

CentOS 5 VPN Server won't work

- by Miro Markarian

I have a CentOS 5 server configured to be both a L2TP server and a PPTP server + a radius server for hosting the AAA. My problem is that, the L2TP works great and I can connect to it, but can't connect to PPTP and every-time it ends up with error #619 when it gets to the verifying username and password section. Here is the log I got from /var/log/messages Dec 17 07:40:02 serverdl pptpd[8570]: CTRL: Client 5.52.247.62 control connection started Dec 17 07:40:03 serverdl pptpd[8570]: CTRL: Starting call (launching pppd, opening GRE) Dec 17 07:40:03 serverdl pppd[8571]: Plugin radius.so loaded. Dec 17 07:40:03 serverdl pppd[8571]: RADIUS plugin initialized. Dec 17 07:40:03 serverdl pppd[8571]: Plugin radattr.so loaded. Dec 17 07:40:03 serverdl pppd[8571]: RADATTR plugin initialized. Dec 17 07:40:03 serverdl pppd[8571]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded. Dec 17 07:40:03 serverdl pppd[8571]: pptpd-logwtmp: $Version$ Dec 17 07:40:03 serverdl pppd[8571]: pppd 2.4.4 started by root, uid 0 Dec 17 07:40:03 serverdl pppd[8571]: Using interface ppp0 Dec 17 07:40:03 serverdl pppd[8571]: Connect: ppp0 <--> /dev/pts/2 Dec 17 07:40:03 serverdl pptpd[8570]: GRE: read(fd=7,buffer=80515e0,len=8260) from network failed: status = -1 error = Protocol not available Dec 17 07:40:03 serverdl pptpd[8570]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6) Dec 17 07:40:03 serverdl pppd[8571]: Modem hangup Dec 17 07:40:03 serverdl pppd[8571]: Connection terminated. Dec 17 07:40:03 serverdl pppd[8571]: Exit. Dec 17 07:40:03 serverdl pptpd[8570]: CTRL: Client 5.52.247.62 control connection finished Just yesterday when I hadn't set up the L2TP yet PPTP was working great but then I uninstalled it and removed all it's config from /etc/* and installed L2TP first and then installed PPTP after it. and then it stopped to work. I believe it must be a radiusclient issue because both of the PPTP and L2TP services use radius to authenticate. And another thing I think must be the issue is that when assigning IPs to the PPP interfaces, I have done the following config. Is that right? For L2TP: localip 10.10.10.1 remoteip 10.10.10.2-254 For PPTP: localip 10.10.9.1 remoteip 10.10.9.2-254

Read the article

Port forwarding with multiple IP's

- by Jon

I work at a company which uses a Fortigate 60 router, something I'm not really familiar with. Everything worked fine with it until a week ago when Comcast came in and replaced our modem. It seemed as though the process went smoothly - our connection came back up and our static IP remained the same. However, none of our port forwarding is working. What has me confused is the Comcast modem apparently has two IP addresses. The WAN2 interface for it in the Fortigate router is set to 10.1.10.10. However, all of our port forwarding settings are set to an external IP address of 10.1.10.50. Now this setup used to work fine, so something with the Comcast modem must have changed. How can I find out what? I tried setting a computer to a local IP of 10.1.10.15 so I could open up the web interface for the modem, but I can't even ping 10.1.10.10 when I do that. Any ideas? Thanks!

Read the article

Cisco Catalyst 3550 + Alteon 184 Load-Balancing Issues

- by upkels

I have just deployed a couple Cisco Catalyst 3550 switches, and a couple Alteon 184 Web Switches for load-balancing. I can ping all RIPs and VIPs to/from the Alteon. Topology Before: (server) <- (Alteon) <- (Internet) Topology Now: (server) <- (3550) <- Alteon <- (Internet) Cisco Port Configuration (Alteon Uplink Port): description LB_1_PORT_9_PRIMARY switchport access vlan 10 switchport mode access switchport nonegotiate speed 100 duplex full Alteon Port 9 Configuration (VLAN 10 WAN): >> Main# /c/port 9/cur Current Port 9 configuration: enabled pref fast, backup gig, PVID 10, BW Contract 1024 name UPLINK >> Main# /c/port 9/fast/cur Current Port 9 Fast link configuration: speed 100, mode full duplex, fctl none, auto off Cisco Configuration (Load-Balanced Servers Port): description LB_1_PORT_1_PRIMARY switchport access vlan 30 switchport mode access switchport nonegotiate speed 100 duplex full Alteon Port 1 Configuration (VLAN 30 LOAD-BALANCED LAN): >> Main# /c/port 1/cur Current Port 1 configuration: enabled pref fast, backup gig, PVID 30, BW Contract 1024 name LB_PORT_1 >> Main# /c/port 1/fast/cur Current Port 1 Fast link configuration: speed 100, mode full duplex, fctl both, auto on Each of my servers are on vlan 10 and 30, properly communicating. I have tried to turn on VLAN tagging on the Alteon, however it seems to cause all communications to stop working. When I tcpdump -i vlan30 on any of the webservers, I see normal ARP communications, and some STP communications, which may or may not be part of the problem: ... 15:00:51.035882 STP 802.1d, Config, Flags [none], bridge-id 801e.00:11:5c:62:fe:80.8041, length 42 15:00:51.493154 IP 10.1.1.254.33923 > 10.1.1.1.http: Flags [S], seq 707324510, win 8760, options [mss 1460], length 0 15:00:51.493336 IP 10.1.1.1.http > 10.1.1.254.33923: Flags [S.], seq 3981707623, ack 707324511, win 65535, options [mss 1460], len gth 0 15:00:51.493778 ARP, Request who-has 10.1.3.1 tell 10.1.3.254, length 46 etc... I'm not sure if I've provided enough information, so please let me know if any more is necessary. Thank you!

Read the article

pf not execute udp port specific block rule

- by seaquest

The traffic I want to block can be sniffed as below with tcpdump: 19:16:22.391164 IP 95.95.95.95.2036 > 10.10.10.10.443: UDP, length 8192 So I wanted to write a rule block any udp destination port 443 traffic. block drop quick on igb3 inet proto udp to any port 443 Traffic does not match and does not blocked. However, It matches and blocks if I write rule as below: block drop quick on igb3 inet proto udp to 10.10.10.10 Do you have any remarks? I am using pf in Freebsd.

Read the article

MySQL Cluster Failover doesn't work

- by Lukasz

I have two servers, where First server 10.100.15.150: 1. one mgm server 2. one ndbd 3. one mysql api Second server 10.100.15.160: 1. one ndbd 2. one mysql api When i start all 'parts' of cluster it looks : Cluster Configuration [ndbd(NDB)] 2 node(s) id=21 @10.100.15.150 (mysql-5.1.56 ndb-7.1.17, Nodegroup: 0) id=22 @10.100.15.160 (mysql-5.1.56 ndb-7.1.17, Nodegroup: 0, Master) [ndb_mgmd(MGM)] 1 node(s) id=3 @10.100.15.150 (mysql-5.1.56 ndb-7.1.17) [mysqld(API)] 2 node(s) id=11 @10.100.15.150 (mysql-5.1.56 ndb-7.1.17) id=12 @10.100.15.160 (mysql-5.1.56 ndb-7.1.17) When i shutdown first machine - 10.100.15.150, on second the nbdb process also has been shutdown so i cannot use this data node and cluster fail ... How i must configure this cluster to get FailOver working ? Thx

Read the article

do I need to create an AD site for VPN network

- by ykyri

I have Windows Domain level 2008 R2. There are four GC DC in four different physical locations. I have Kerio-based VPN network for replication and remote administration. Here is how network configured: dc1: local IP: 192.168.0.10 VPN IP: 192.168.1.10 dc2: local IP: 10.10.8.11 VPN IP: 192.168.1.11 dc3: local IP: 10.10.9.12 VPN IP: 192.168.1.12 dc4: local IP: 10.10.10.13 VPN IP: 192.168.1.13 That's simple, replication and all works fine but when running dcdiag on dc3 I have an error: A warning event occurred. EventID: 0x000016AF During the past 4.12 hours there have been 216 connections to this Domain Controller from client machines whose IP addresses don't map to any of the existing sites in the enterprise. <...> The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'. The first word after this string is the client name and the second word is the client IP address. Here is netlogon.log lines example: 05/30 12:07:39 DOMAIN.NAME: NO_CLIENT_SITE: dc2 192.168.1.11 05/31 09:52:11 DOMAIN.NAME: NO_CLIENT_SITE: dc4 192.168.1.13 05/31 19:49:31 DOMAIN.NAME: NO_CLIENT_SITE: adm-note 192.168.1.101 07/01 05:16:26 DOMAIN.NAME: NO_CLIENT_SITE: dc1 192.168.1.10 All VPN-joined computers are generates same log line as above. Computer amd-note is for example administrator's notebook, also have VPN. Question is should I add new AD site and bind VPN subnet 192.168.1.0/24 with that site?

Read the article

Have two exchange servers to communicate together

- by Data-Base

We have Exchange Server 2007 using our domain ddd.com. We created an isolated network with a firewall/gateway and installed a DC and Exchange Server 2010 using a demo/test domain (ddd.loc). We opened all the needed ports in the firewall (10.10.2.88) to the Exchange Server 2010. In our main Domain Controller (10.10.2.3) we defined the domain ddd.loc with IP 10.10.2.88 (firewalls). We also we defined MX records to the same IP (10.10.2.88) We did that so when we send email from my email [email protected] it will go to the Exchange Server 2010. Anyways, all the pings test from to any servers are OK. But we are not able to send or receive emails. Between these Exchange Servers we can not send any email from the 2010 to any email in general (emails are pending). Also, in Exchange 2007 we are getting error #550 5.1.1 RESOLVER.ADR.RecipNotFound; not found ##

Read the article

LXC, Port forwarding and iptables

- by Roberto Aloi

I have a LXC container (10.0.3.2) running on a host. A service is running inside the container on port 7000. From the host (10.0.3.1, lxcbr0), I can reach the service: $ telnet 10.0.3.2 7000 Trying 10.0.3.2... Connected to 10.0.3.2. Escape character is '^]'. I'd love to make the service running inside the container accessible to the outer world. Therefore, I want to forward port 7002 on the host to port 7000 on the container: iptables -t nat -A PREROUTING -p tcp --dport 7002 -j DNAT --to 10.0.3.2:7000 Which results in (iptables -t nat -L): DNAT tcp -- anywhere anywhere tcp dpt:afs3-prserver to:10.0.3.2:7000 Still, I cannot access the service from the host using the forwarded port: $ telnet 10.0.3.1 7002 Trying 10.0.3.1... telnet: Unable to connect to remote host: Connection refused I feel like I'm missing something stupid here. What things should I check? What's a good strategy to debug these situations? For completeness, here is how iptables are set on the host: iptables -F iptables -F -t nat iptables -F -t mangle iptables -X iptables -P INPUT DROP iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -t nat -A POSTROUTING -o lxcbr0 -j MASQUERADE iptables -t nat -A PREROUTING -p tcp --dport 7002 -j DNAT --to 10.0.3.2:7000

Read the article

Remote network traffic not passing through VPN

- by John Virgolino

We have the following topology: LAN A LAN B LAN C 10.14.0.0/16 <-VPN-> 10.18.0.0/16 --- SONICWALL <-VPN-> M0N0WALL --- 10.32.0.0/16 Traffic between LAN A and LAN B works perfectly. Traffic between LAN C and LAN B works perfectly. Traffic between LAN A and LAN C, not so much. LAN A's gateway has a route to LAN C that points to the Sonicwall. The Sonicwall has a route to LAN A pointing to the VPN gateway connecting LAN B to LAN A. Tracing packets on the Sonicwall shows the LAN C destined traffic to arrive on the Sonicwall, but it does not forward the traffic, it dies there. Traffic from LAN B gets forwarded. Tracing packets on the Sonicwall while sending traffic from LAN C destined for LAN A shows nothing. This tells me that the M0N0WALL is not forwarding traffic for the 10.14.0.0 network and the Sonicwall is not forwarding from 10.14.0.0. The SA on the Sonicwall terminates on the WAN ZONE and is defined to use an address group that incorporates both the 10.14.0.0 and 10.18.0.0 networks. The M0N0WALL is configured for the 10.18.0.0 network and I have tried with both a static route to 10.14.0.0 and without on the M0N0WALL. I tried manually adding the 10.14.0.0 network to the SA on the M0N0WALL, but that really aggravated it and the SA never came up, so I reverted. I have checked all the firewall rules to make sure nothing is blocked. All of the Sonicwall auto-added rules look right. Specs: Sonicwall TZ200, Enhanced OS M0N0WALL v1.32 I'm at a loss at this point. Any help would be appreciated.

Search Results

Search found 30514 results on 1221 pages for '10 04'.

Page 159/1221 | < Previous Page | 155 156 157 158 159 160 161 162 163 164 165 166 | Next Page >

- by rAyt

- by winston

- by Christopher Valles

- by Halfgaar

- by upkels

- by Martijn Heemels

- by javano

- by Pascal

- by Cameron Aziz

- by Pavel

- by user41422

- by Edik Mkoyan

- by eMgz

- by kojiro

- by Roman

- by Sc0rian

- by Miro Markarian

- by Jon

- by upkels

- by seaquest

- by Lukasz

- by ykyri

- by Data-Base

- by Roberto Aloi

- by John Virgolino

< Previous Page | 155 156 157 158 159 160 161 162 163 164 165 166 | Next Page >