Search Results

Search found 33162 results on 1327 pages for 'static ip address'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 221/1327 | < Previous Page | 217 218 219 220 221 222 223 224 225 226 227 228  | Next Page >

  • ntop to analyse bandwidth usage on multiple ASA 5505

    - by dunxd
    I have set up a netflow server at our data centre, which is connected via VPN to ~40 remote offices using Cisco ASA 5505. The aim is to analyse usage data and find out exactly how the remote connections are being used. I followed through http://techowto.files.wordpress.com/2008/09/ntop-guide.pdf to set up ntop and https://supportforums.cisco.com/docs/DOC-6114 to set up the ASAs. I can see from the Plugin Netflow Statistics page that netflow packets from my ASAs are being received - the counter is increasing. However, I am not seeing any breakdown on the Global Traffic Statistic page after switching to the Netflow interface. I'm just seeing a pie chart showing 100% traffic for eth0. The interfaces and documentation are a little hard to follow so I am not sure I have got things configured correctly. When setting up my NetFlow-device.2 I can specify Virtual NetFlow Interface Network Address - the web UI says This value is in the form of a network address and mask on the network where the actual NetFlow probe is located. is this a Network address (e.g. 192.168.0.0/24) or an actual host IP address (192.167.0.1/24)? If that should be a network address, is this the network in which one of my ASAs is or the network in which my ntop server is? If a host IP address, is this the IP address used by eth0 on my ntop server, the IP address of an ASA, or something else? Do I need a separate virtual interface for each ASA I am collecting netflow data from? Any guidance would be greatly welcome.

    Read the article

  • Oracle on windows cluster with online/offline IPs

    - by yzador
    I have a windows cluster (on windows 2008 server) with nodes in different subnets. So cluster has two IPs, one for each node (I'm talking not about node IP, but about cluster IP). One is online, the other is offline. Is it possible to run Oracle Fail Safe on this configuration? I've tried to install it, but it gives me the following error when trying to verify group or add database to group: FS-10220: Network name maps to IP address in the cluster resource but maps to IP address on the system

    Read the article

  • How to address a recurring low temperature error seen at every boot-up?

    - by GregC
    After updating to latest controller firmware, I started receiving the following error messages: LSI 2208 ROC: Temperature sensor below error threshold on enclosure 1 Sensors 5 thru 7 Is this something I should worry about, or is it a Red Herring? Details: I have a Sans Digital NexentaSTOR 24-disk JBOD enclosure connected to LSI 9286-8e RAID-on-Chip controller with two SAS cables. Seagate ES.2 3TB SAS hard drives populate every bay in the enclosure.

    Read the article

  • Capturing same interface with tshark with same or different capture filters

    - by Pankaj Goyal
    I am in stuck in a situation where an interface will be captured more than one time. Like :- $ tshark -i rpcap://1.1.1.1/lo -f "ip proto 1" -i rpcap://1.1.1.1/lo -f "ip proto 132" or (same filter) $ tshark -i rpcap://1.1.1.1/lo -f "ip proto 1" -i rpcap://1.1.1.1/lo -f "ip proto 1" what will happen in both the cases ? In first case, will the capture filter gets OR'ed or AND'ed ?? In second case, will the same packets be captured two times ?

    Read the article

  • File access with hostname or ip only - no domain?

    - by Jonathon
    It seems likely that this is an obvious question, but I'm having trouble tracking down any useful information. Normally when accessing files in a particular directory on a server, I'm able to create a virtual host, assign a domain, root directory location, etc -- however am in a situation where I have server space and need to access files with only a hostname. Is this possible? For example, let's say the hostname is 123hostname.com, and the file I want access to is in /home/sub-directory/filename.php. How do I get at it via a browser? I've tried: http://123hostname.com/home/sub-directory/filename.php ...and some other variations on that theme (that I can't post because new users are restricted to one link in messages). But generally stuck. Any help -- even if it's just to let me know that this isn't possible without some additional configuration -- would be great. Thank you!

    Read the article

  • What are the biggest, best CPUs that support Physical Address Extension?

    - by Giffyguy
    I'm looking for a CPU that will support PAE and fit into an LGA775 socket. This combination of technology is very much preferred for my current server hardware/software setup. My priorities in order of highest to lowest: PAE & LGA775 At least 1066Mhz FSB Largest CPU cache possible Multiple Cores if possible HyperThreading if possible Most other factors are of little-to-no consequence. I'm finding it very difficult to figure out what my options are. Intel doesn't have much useful information on PAE (since x64 is so dominant), and Wikipedia simply says that "PAE is provided by Intel Pentium Pro (and above) CPUs - including all later Pentium-series processors except the 400 MHz bus versions of the Pentium M." All of Intel's listed Pentium CPU's support Intel64, which makes me seriously doubt they will support PAE with a 32-bit OS. And Wikipedia's claim is so vague, I have no idea if they mean up-to-and-including the x64 Prescott CPUs. PAE is supposed to be an aspect of the x86 architecture, and I believe it is no longer supported in an x64 environment. Please correct me if I am wrong.

    Read the article

  • Is there a browser addon to redirect a link to another, modifying some address content automatically?

    - by kokbira
    Well, I'm looking for an addon that can redirect a link when I click on it in the following ways: Change from https to http Change from twitter.com/xxxxxxxxx to, for example, dabr.co.uk/xxxxxxxxx (added at 2010-02-15th, 20:30 GMT) Remove the "?utm_source=twitterfeed&utm_medium=twitter" from the end ou a URL Generally, replace a string with another (e.g. youtube->yt; so www.example.com/visitingyoutube would become www.example.com/visitingyt) PS: (added at 2010-02-15th, 20:30 GMT) @oKtosiTe, a clearer user case: Supposes that there is a link in Twitter that point to a URL X (URL X is http://www.newspapersite.com/2011-02-15_1304.html?utm_source=twitterfeed&utm_medium=twitter) In that case, I want to open that URL only until ".html", i.e., I want to open a URL Y, that is http://www.newspapersite.com/2011-02-15_1304.html What happens when I click normally in that link: 3.1. Browser goes to URL X What I want to happen when I click in that link: 4.1. The addon must transform URL X to URL Y (I must configure it before to change a piece of URL from "?utm_source=twitterfeed&utm_medium=twitter" to "" 4.2. The browser goes to URL Y

    Read the article

  • How to force iscsi initiator to login only once

    - by Disco
    Trying to setup a few CentOS nodes to connect to a Dell MD3600i array, i'm running into the issue that the MD3600i shows 4 different portals (with different IP addresses) and when i launch the initiator on host side well, it connects to every IP address it has seen during the discovery phase; resulting in duplicates. How can I 'force' the initiator to discard every other IP and let me choose only one IP portal to connect to ? Must be damn stupid but I can't figure out how. Thx

    Read the article

  • In TCP/IP terms, how does a download speed limiter in an office work?

    - by TessellatingHeckler
    Assume an office of people, they want to limit HTTP downloads to a max of 40% bandwidth of their internet connection speed so that it doesn't block other traffic. We say "it's not supported in your firewall", and they say the inevitable line "we used to be able to do it with our Netgear/DLink/DrayTek". Thinking about it, a download is like this: HTTP GET request Server sends file data as TCP packets Client acknowledges receipt of TCP packets Repeat until download finished. The speed is determined by how fast the server sends data to you, and how fast you acknowledge it. So, to limit download speed, you have two choices: 1) Instruct the server to send data to you more slowly - and I don't think there's any protocol feature to request that in TCP or HTTP. 2) Acknowledge packets more slowly by limiting your upload speed, and also ruin your upload speed. How do devices do this limiting? Is there a standard way?

    Read the article

  • Corosync :: Restarting some resources after Lan connectivity issue

    - by moebius_eye
    I am currently looking into corosync to build a two-node cluster. So, I've got it working fine, and it does what I want to do, which is: Lost connectivity between the two nodes gives the first node '10node' both Failover Wan IPs. (aka resources WanCluster100 and WanCluster101 ) '11node' does nothing. He "thinks" he still has his Failover Wan IP. (aka WanCluster101) But it doesn't do this: '11node' should restart the WanCluster101 resource when the connectivity with the other node is back. This is to prevent a condition where node10 simply dies (and thus does not get 11node's Failover Wan IP), resulting in a situation where none of the nodes have 10node's failover IP because 10node is down 11node has "given back" his failover Wan IP. Here's the current configuration I'm working on. node 10sch \ attributes standby="off" node 11sch \ attributes standby="off" primitive LanCluster100 ocf:heartbeat:IPaddr2 \ params ip="172.25.0.100" cidr_netmask="32" nic="eth3" \ op monitor interval="10s" \ meta is-managed="true" target-role="Started" primitive LanCluster101 ocf:heartbeat:IPaddr2 \ params ip="172.25.0.101" cidr_netmask="32" nic="eth3" \ op monitor interval="10s" \ meta is-managed="true" target-role="Started" primitive Ping100 ocf:pacemaker:ping \ params host_list="192.0.2.1" multiplier="500" dampen="15s" \ op monitor interval="5s" \ meta target-role="Started" primitive Ping101 ocf:pacemaker:ping \ params host_list="192.0.2.1" multiplier="500" dampen="15s" \ op monitor interval="5s" \ meta target-role="Started" primitive WanCluster100 ocf:heartbeat:IPaddr2 \ params ip="192.0.2.100" cidr_netmask="32" nic="eth2" \ op monitor interval="10s" \ meta target-role="Started" primitive WanCluster101 ocf:heartbeat:IPaddr2 \ params ip="192.0.2.101" cidr_netmask="32" nic="eth2" \ op monitor interval="10s" \ meta target-role="Started" primitive Website0 ocf:heartbeat:apache \ params configfile="/etc/apache2/apache2.conf" options="-DSSL" \ operations $id="Website-one" \ op start interval="0" timeout="40" \ op stop interval="0" timeout="60" \ op monitor interval="10" timeout="120" start-delay="0" statusurl="http://127.0.0.1/server-status/" \ meta target-role="Started" primitive Website1 ocf:heartbeat:apache \ params configfile="/etc/apache2/apache2.conf.1" options="-DSSL" \ operations $id="Website-two" \ op start interval="0" timeout="40" \ op stop interval="0" timeout="60" \ op monitor interval="10" timeout="120" start-delay="0" statusurl="http://127.0.0.1/server-status/" \ meta target-role="Started" group All100 WanCluster100 LanCluster100 group All101 WanCluster101 LanCluster101 location AlwaysPing100WithNode10 Ping100 \ rule $id="AlWaysPing100WithNode10-rule" inf: #uname eq 10sch location AlwaysPing101WithNode11 Ping101 \ rule $id="AlWaysPing101WithNode11-rule" inf: #uname eq 11sch location NeverLan100WithNode11 LanCluster100 \ rule $id="RAND1083308" -inf: #uname eq 11sch location NeverPing100WithNode11 Ping100 \ rule $id="NeverPing100WithNode11-rule" -inf: #uname eq 11sch location NeverPing101WithNode10 Ping101 \ rule $id="NeverPing101WithNode10-rule" -inf: #uname eq 10sch location Website0NeedsConnectivity Website0 \ rule $id="Website0NeedsConnectivity-rule" -inf: not_defined pingd or pingd lte 0 location Website1NeedsConnectivity Website1 \ rule $id="Website1NeedsConnectivity-rule" -inf: not_defined pingd or pingd lte 0 colocation Never -inf: LanCluster101 LanCluster100 colocation Never2 -inf: WanCluster100 LanCluster101 colocation NeverBothWebsitesTogether -inf: Website0 Website1 property $id="cib-bootstrap-options" \ dc-version="1.1.7-ee0730e13d124c3d58f00016c3376a1de5323cff" \ cluster-infrastructure="openais" \ expected-quorum-votes="2" \ no-quorum-policy="ignore" \ stonith-enabled="false" \ last-lrm-refresh="1408954702" \ maintenance-mode="false" rsc_defaults $id="rsc-options" \ resource-stickiness="100" \ migration-threshold="3" I also have a less important question concerning this line: colocation NeverBothLans -inf: LanCluster101 LanCluster100 How do I tell it that this collocation only applies to '11node'.

    Read the article

  • Online computer not responding to pings

    - by mastercork889
    I was doing a bit of scanning on my network lately, knew all the hostnames to each computer connected. But whilst pinging one of them ping returned Request timed out.. This is strange as I know the computer is online and that the computer responds correctly to pinging on a different (enterprise) network. Is there something on the computer, my network, or my computer that is bugging with this? - That's just a sub-question, I don't expect this to be the main answer. The real question: Why does this happen? Why does pinging the IP4 address not work? EDIT : Pinging the Hostname used to default to the IP4 address, but now it defaults to the IP6 address. Why does this happen? But now that it pings using IP6, how come it all of a sudden works? > ping -6 THE_COMPUTER Pinging THE_COMPUTER [lengthy IP6 address] with 32 bytes of data: Reply from [lengthy IP6 address]: time=1ms Reply from [lengthy IP6 address]: time=1ms Reply from [lengthy IP6 address]: time=1ms Reply from [lengthy IP6 address]: time=1ms Ping stats: Sent = 4, Recieved = 4, Lost = 0 (0% loss) But when this is done using IP4 it doesn't work. So there are now two questions: How come IP6 works and not IP4? Why does IP4 not work?

    Read the article

  • How to give everyone access to a office@companyname address and let everyone see what messages were

    - by Cosmin Prund
    This should be simple (because I assume everyone has this problem) but googling and searching of serverfault didn't help much. I'd like all messages sent to our "office@companyname" to be visible by everyone and I'd like anyone to be able to respond. I also need everyone to at least SEE that a given message has already been answered (the ability to see the actual response would be nice). I tried using an shared folder for this but it fails miserably because replying to emails leaves no trace, not even for the user that actually sent the message. I'm open to any kind of solution, even commercial add-on solutions.

    Read the article

  • What is the proper position for the loopback address in a DNS server selection list?

    - by Bigbio2002
    Best practices indicate that one should list 127.0.0.1 in the DNS list for the network adapter configuration for a Domain Controller, but not as the first one. With that said, what is the best place to put it in a list with more than two DNS servers listed? Second, last, or it doesn't matter? Also helpful would be an explanation as to why. Related question: What should the order of DNS servers be for the network adapter of a domain controller?

    Read the article

  • WSUS is not using Akamai CDN for syncronisation source

    - by Geekman
    I've just installed a WSUS onto our network, and I'm currently doing the initial sync. I've found that WSUS does not seem to be talking to an Akamai cache, but rather with MS directly. This is contrary to what I've always thought regarding Windows Update traffic. Tcpdump of our WSUS server doing initial sync... As you can see it's speaking with 65.55.194.221. For me to speak to this IP, I have to go over international transit links. Which is of course not ideal. 8:42:31.279757 IP 65.55.194.221.https > XXXX.XXXX.XXXX.XXXX.50888: Flags [.], seq 4379374:4380834, ack 289611, win 256, length 1460 18:42:31.279759 IP 65.55.194.221.https > XXXX.XXXX.XXXX.XXXX.50888: Flags [.], seq 4380834:4382294, ack 289611, win 256, length 1460 18:42:31.279762 IP 65.55.194.221.https > XXXX.XXXX.XXXX.XXXX.50888: Flags [.], seq 4382294:4383754, ack 289611, win 256, length 1460 18:42:31.279764 IP 65.55.194.221.https > XXXX.XXXX.XXXX.XXXX.50888: Flags [P.], seq 4383754:4384144, ack 289611, win 256, length 390 18:42:31.279793 IP XXXX.XXXX.XXXX.XXXX.50888 > 65.55.194.221.https: Flags [.], ack 4369154, win 23884, length 0 18:42:31.279888 IP XXXX.XXXX.XXXX.XXXX.50888 > 65.55.194.221.https: Flags [.], ack 4377914, win 23884, length 0 18:42:31.280015 IP XXXX.XXXX.XXXX.XXXX.50888 > 65.55.194.221.https: Flags [.], ack 4384144, win 23884, length 0 And yet, if I ping download.windowsupdate.com it seems to resolve to a local (national) Akamai node, just fine: root@some-node:~# ping download.windowsupdate.com PING a26.ms.akamai.net (210.9.88.48) 56(84) bytes of data. 64 bytes from a210-9-88-48.deploy.akamaitechnologies.com (210.9.88.48): icmp_req=1 ttl=59 time=1.02 ms 64 bytes from a210-9-88-48.deploy.akamaitechnologies.com (210.9.88.48): icmp_req=2 ttl=59 time=1.10 ms Why is this? And how can I change that (if possible)? I know that I can manually specify a WSUS source to sync with instead of pick the default MS Update like I currently have... But it seems like I shouldn't have to do this. NOTE: I've haven't confirmed if a WUA speaks with Akamai, just looking at WSUS as all WUAs will use our internal WSUS from now on. We'll be looking to join an IX shortly with the hopes of peering with an Akamai cache and have very fast access to Windows Updates. Before I let this drive my motivations for an IX at all I want to first confirm it's actually possible for WSUS to speak with an Akamai cache. I know this is somewhat networking related, but I feel like it has more to do with WSUS than anything, so someone who knows WSUS better than me will likely be able to figure this out.

    Read the article

  • How do I mount an external USB hard drive on my Sheevaplug?

    - by James
    I've acquired a Sheevaplug running - I think - Ubuntu. I'd like to mount an external USB hard drive, but I don't know the name of the device that needs mounting. When I list the devices under /dev, a long list is produced. How do I find out which device listed needs to be mounted? Update: When I run dmesg after plugging the device in, I see the following at the end: usb 1-1: new high speed USB device using ehci_marvell and address 6 usb 1-1: device not accepting address 6, error -71 usb 1-1: new high speed USB device using ehci_marvell and address 7 usb 1-1: device not accepting address 7, error -71 usb 1-1: new high speed USB device using ehci_marvell and address 8 usb 1-1: device not accepting address 8, error -71 usb 1-1: new high speed USB device using ehci_marvell and address 9 usb 1-1: device not accepting address 9, error -71 And when I view /var/log/messages, I can see this: Sep 23 21:26:03 debian kernel: usb 1-1: new high speed USB device using ehci_ma$ Sep 23 21:26:04 debian kernel: usb 1-1: new high speed USB device using ehci_ma$ Sep 23 21:26:05 debian kernel: usb 1-1: new high speed USB device using ehci_ma$ Sep 23 21:26:05 debian kernel: usb 1-1: new high speed USB device using ehci_ma$ Unfortunately, I don't know what these mean.

    Read the article

  • Correct use of SMTP "Sender" header?

    - by Eric Rath
    Our web application sends email messages to people when someone posts new content. Both sender and recipient have opted into receiving email messages from our application. When preparing such a message, we set the following SMTP headers: FROM: [email protected] TO: [email protected] SENDER: [email protected] We chose to use the author's email address in the FROM header in an attempt to provide the best experience for the recipient; when they see the message in their mail client, the author is clear. To avoid the appearance of spoofing, we added the SENDER header (with our own company email address) to make it clear that we sent the message on the author's behalf. After reading RFCs 822 and 2822, this seems to be an intended use of the sender header. Most receiving mail servers seem to handle this well; the email message is delivered normally (assuming the recipient mailbox exists, is not over quota, etc). However, when sending a message FROM an address in a domain TO an address in the same domain, some receiving domains reject the messages with a response like: 571 incorrect IP - psmtp (in reply to RCPT TO command) I think this means the receiving server only saw that the FROM header address was in its own domain, and that the message originated from a server it didn't consider authorized to send messages for that domain. In other words, the receiving server ignored the SENDER header. We have a workaround in place: the webapp keeps a list of such domains that seem to ignore the SENDER header, and when the FROM and TO headers are both in such a domain, it sets the FROM header to our own email address instead. But this list requires maintenance. Is there a better way to achieve the desired experience? We'd like to be a "good citizen" of the net, and all parties involved -- senders and recipients -- want to participate and receive these messages. One alternative is to always use our company email address in the FROM header, and prepend the author's name/address to the subject, but this seems a little clumsy.

    Read the article

  • Powershell script to delete secondary SMTP addresses of Exchange 2010 Mail Contacts

    - by Zero Subnet
    I have a few thousand Exchange 2010 Mail Contacts who get erroneously assigned internal SMTP addresses by the default recipient policy. I'm trying to use the following command to delete these addresses (keeping the primary SMTP) and disabling the automatic update from recipient policy so the SMTP addresses don't get recreated again. Get-MailContact -OrganizationalUnit "domain.local/OU" -Filter {EmailAddresses -like *@domain.local -and name -notlike "ExchangeUM*"} -ResultSize unlimited -IgnoreDefaultScope | foreach {$contact = $_; $email = $contact.emailaddresses; $email | foreach {if ($_.smtpaddress -like *@domain.local) {$address = $_.smtpaddress; write-host "Removing address" $address "from Contact" $contact.name; Set-Mailcontact -Identity $contact.identity -EmailAddresses @{Remove=$address}; $contact | set-mailcontact -emailaddresspolicyenabled $false} }} I'm getting the following error though: You must provide a value expression on the right-hand side of the '-like' operator. At line:1 char:312 + Get-MailContact -OrganizationalUnit "domain.local/testou" -Filter {EmailAddresses -like "@domain.local" -and name -notlike "ExchangeUM"} -ResultSize unlimited -IgnoreDefaultScope | foreach {$contact = $; $ email = $contact.emailaddresses; $email | foreach {if ($.smtpaddress -like <<<< *@domain.local) {$address = $_.smt paddress; write-host "Removing address" $address "from Contact" $contact.name; Set-Mailcontact -Identity $contact.ident ity -EmailAddresses @{Remove=$address}; $contact }} + CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException + FullyQualifiedErrorId : ExpectedValueExpression Any help as to how to fix this?

    Read the article

  • Do I need to have a company so that I can buy an SSL certificate that will display green at the address bar?

    - by André Pena
    I have a non-comercial website in which the users store some sensitive information so I feel the need to have a SSL certificate, but it seems that if I don't have a registered company I can't buy a green certificate. I have some related questions: Is it true that if I don't have a company, I can't have a green certificate? If I issue a standard (non-business) certificate that won't go green (from GoDadday, for instance), will it go red? Or will it have a less ugly display.. something more neutral that won't scary the user.

    Read the article

  • dig @my-server-ip mydomain.com works from inside, not from outside?

    - by x4954
    My server has 2 ips: x.x.x.73 and x.x.x.248. I can access my site via these ips, using Web browser. {Now, from a CentOS machine (not my server), using terminal} If I: dig @x.x.x.73 mydomain.com dig @x.x.x.248 mydomain.com I get the result: Connection timed out; no server could be reached. Could somebody please tell me how to fix it? Thank you. More information: If I log in to my server using ssh and do: dig @x.x.x.73 mydomain.com dig @x.x.x.248 mydomain.com I can see my zone shown as expected: ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5_7.1 <<>> @x.x.x.73 mydomain.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12757 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;mydomain.com. IN A ;; ANSWER SECTION: mydomain.com. 38400 IN A x.x.x.73 mydomain.com. 38400 IN A x.x.x.248 ;; AUTHORITY SECTION: mydomain.com. 38400 IN NS ns2.mydomain.com. mydomain.com. 38400 IN NS ns1.mydomain.com. ;; ADDITIONAL SECTION: ns1.mydomain.com. 38400 IN A x.x.x.73 ns2.mydomain.com. 38400 IN A x.x.x.248 ;; Query time: 20 msec ;; SERVER: x.x.x.73#53(x.x.x.73) ;; WHEN: Sun Jan 15 11:46:30 2012 ;; MSG SIZE rcvd: 129 BIND version 9.3.6, Centos 5. Logging to my server using ssh, do inga "dig google.com" also shows expected results.

    Read the article

  • Group traffic shaping with traffic control?

    - by mmcbro
    I'm trying to limit the output bandwidth generated by an application with linux tc. This application sends me the source port of the request that I use has a filter to limit each user at a given downloadspeed. I feel that my setup could be managed way better if I had a better knowledge of linux tc. At the application level users are categorized as members of a group, each group have a limited bandwidth. Example : Members of group A : 512kbit/s Members of group B : 1Mbit/s Members of group C : 2Mbit/s When a user connects to the application, it retrieves the source port to the origin of the request from the user and sends me the source port and the bandwidth at which the user must be limited depending on group to which it belongs. With these informations I must add the appropriate rules so that the user (the source port in reality) is limited to the right bandwidth. If the user that connect isn't a member of any group it should be limited at a default bandwidth speed. I'm actually managing this by using a self made daemon that add or remove rules from when it receive a request from the application. With my little knowledge of tc I'm not able to limit other users (ones that aren't in a group, all others in fact) at a default speed and my configuration seems awful to me. Here is the base of my tc qdisc and classes : tc qdisc add dev eth0 root handle 1: htb tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbps ceil 125mbps To classify a user at a given speed I have to add one subclass and then associate one filter to it : # a member of group A tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512kbps ceil 512kbps # tts associated filter to match his source port tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 50001 flowid 1:11 # a member of group A again tc class add dev eth0 parent 1:1 classid 1:12 htb rate 512kbps ceil 512kbps # tts associated filter to match his source port tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 61524 flowid 1:12 # a member of group B again tc class add dev eth0 parent 1:1 classid 1:13 htb rate 1000kbps ceil 1000kbps # tts associated filter to match his source port tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 57200 flowid 1:13 I already know that a source port could be the same if its coming from a different IP address the thing is the application is behind a proxy so I don't have to manage any IP address in that situation. I would like to know how to manage the fact that for all other users (request/source port, whatever you name it) could be limited at a given speed each. I mean that each connection should be able to use at max 100kbit/s for example, not a shared 100kbit/s. I also would like to know if there is a way to simplify my rules. I don't know if it is possible to use only one class per group and associate multiple filters to the same class so each users could be handled by one class and not one class per user. I appreciate any advice, thanks.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 217 218 219 220 221 222 223 224 225 226 227 228  | Next Page >