Search Results

Search found 489 results on 20 pages for 'routed'.

Page 4/20 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Windows 7 DHCP Default Gateway not Overridden by manual Default Gateway

    - by dgwilson
    We have recently installed Windows 7 for student computers. All student computers must be routed through our content filter which is located at 192.168.0.63. This was done in WinXP by adding a Default Gateway in the network adapter settings TCP/IP Properties Advanced Default Gateway. All teacher computers are routed through the DHCP assigned Default Gateway of 192.168.0.1. In WinXP the dhcp default gateway was correctly overridden by this manual setting. In Win7 it appears that the dhcp default gateway is retained and the manual one is added to the list so that there are two with the dhcp one having the primary metric. I have tried several ways to remove the dhcp default gateway such as, running the "route delete 0.0.0.0 192.168.0.1" command. Doing this from an administrator command prompt works but it just resets upon reboot. I've tried adding this command to the registry's Run section but it seems to run as a non-administrator and therefore will not complete successfully. Is there any way to prevent this and force the manual default gateway to override the dhcp one? Or to remove the dhcp assigned one automatically on boot/login? HELP! We CANNOT allow student computers to connect to the internet without going through the content filter.

    Read the article

  • Windows 7 DHCP Default Gateway not Overridden by manual Default Gateway

    - by dgwilson
    We have recently installed Windows 7 for student computers. All student computers must be routed through our content filter which is located at 192.168.0.63. This was done in WinXP by adding a Default Gateway in the network adapter settings TCP/IP Properties Advanced Default Gateway. All teacher computers are routed through the DHCP assigned Default Gateway of 192.168.0.1. In WinXP the dhcp default gateway was correctly overridden by this manual setting. In Win7 it appears that the dhcp default gateway is retained and the manual one is added to the list so that there are two with the dhcp one having the primary metric. I have tried several ways to remove the dhcp default gateway such as, running the "route delete 0.0.0.0 192.168.0.1" command. Doing this from an administrator command prompt works but it just resets upon reboot. I've tried adding this command to the registry's Run section but it seems to run as a non-administrator and therefore will not complete successfully. Is there any way to prevent this and force the manual default gateway to override the dhcp one? Or to remove the dhcp assigned one automatically on boot/login? HELP! We CANNOT allow student computers to connect to the internet without going through the content filter.

    Read the article

  • DD-WRT router causing IP address conflicts across network

    - by r.tanner.f
    My DD-WRT router has lost its mind! I just set up two DD-WRT routers, one as a WAP (working fine) and one in Client Bridge (routed) mode (the problem). Not long after setup I started seeing IP address conflicts on other machines. The event log always points the finger at my Client Bridge router's MAC address. Neighbour table overflow The log on my router is flooded with Neighbour table overflow errors. These start a minute or two after boot. The network is rather large, with +200 IP addresses being used in this subnet. The other router shows no such errors. Mass ARP requests from 1.1.1.1 I'm also seeing constant ARP requests (with the problem router's MAC address) from 1.1.1.1. Seems like it's bugging everything on the network for its MAC address and then promptly forgetting it (or never receiving a response). Configuration: Model: Buffalo N600 Firmware: DD-WRT v24SP2-MULTI (03/21/11) Wireless Mode: Client Bridge (routed) I'm not sure what configuration details are relevant and I'd rather not have comments flooded, so just ping me in this chat if you want to know something. Why is my router stealing IP addresses and how can I stop it?

    Read the article

  • Inter-VLAN Malicious Code Scanning

    - by Jackthedog
    I am trying to find an inbuilt solution on a Cisco Catayst 3750X Switch to scan all traffic routed from one VLAN to another for malicious code. The situation is that we currently have a development environment which is currently being redesigned to upgrade the network infrastructure to use the 3750X switches to manage server and workstation connectivity as well as inter-VLAN routing. We also have another system that is responsible for taking the builds created on the development environment and imaging various HDDs. Because these are two separate systems, we have a requirement in the workplace to anti-virus scan any data transferred between these systems. This is done by copying the data from the originating system to external USB HDD, scanning in a standalone workstation and then copying the data on to the receiving system. As you can imagine this is extremely tedious and impractical most of the time... (I don't make the rules). Anyway, with this redesign going on, we would like to join the imaging system to the network infrastructure of the development system, keeping separation by the use of VLANs and restricting traffic by using ACLs. As we still have the requirement to scan all traffic I would like to configure some sort of malicious code scanning when ever traffic is routed between these VLANs. I am aware I could install a separate in-line IPS/IDS device, however both systems will be using multiple ports on the switch (obviously), and we won't be able to put a device on each port. I would would prefer not to add additional hardware if the 3750x switch is capable of doing the job. Is anyone aware of any Cisco solution that I could use here, that ideally can be incorporated into the 3750x switch? Thanks in advance.

    Read the article

  • adding or routing additional domain email addresses

    - by Mustafa Ismail Mustafa
    We have exchange 2007 and we bought a new domain name and we're still keeping the old one so that we can wean everyone off of the old emails. Now, I'm wondering how to go about this. I need to add the new domain as accepted and authoritative by the exchange server. Emails on the new domain need to get routed to the inbox and ditto the old emails, however, I want to be able to change the reply-to in the header to the new email address automatically. I also want to set the new email addresses as the defaults. Ideally, I'd like to be able to add a message at the bottom of every externally outgoing email saying that the new email is [email protected]. But this is a nice to have, certainly not a must have. I've added the new domain as authoritative, and managed to change the primary smtp email addresses to the new one, but sent emails are not being routed to them and neither are the old email addresses! Now how the heck would I go about fixing all of that? I'm completely stumped! TIA

    Read the article

  • Force local IP traffic to an external interface

    - by calandoa
    I have a machine with several interfaces that I can configure as I want, for instance: eth1: 192.168.1.1 eth2: 192.168.2.2 I would like to forward all the traffic sent to one of these local addresses through the other interface. For instance, all requests to an iperf, ftp, http server at 192.168.1.1 should be not just routed internally, but forwarded through eth2 (and the external network will take care of re-routing the packet to eth1). I tried and looked at several commands, like iptables, ip route, etc... but nothing worked. The closest behavior I could get was done with: ip route change to 192.168.1.1/24 dev eth2 which send all 192.168.1.x on eth2, except for 192.168.1.1 which is still routed internally. May be I could then do NAT forwarding of all traffic directed to fake 192.168.1.2 on eth1, rerouted to 192.168.1.1 internally? I am actually struggling with iptables, but it is too tough for me. The goal of this setup is to do interface driver testing without using two PCs. I am using Linux, but if you know how to do that with Windows, I'll buy it!

    Read the article

  • Cisco Catalyst 4500 Policy Based Routing

    - by Logan
    In order to test a new firewall I just set up I'm trying to implement policy based routing on our core switch. I want traffic from certain vlans to be routed to the new firewall while everything else continues being routed through the old firewall. I was trying to use this guide. Everything from that guide works fine except trying to run the "ip policy route-map" command in the interface configuration mode. IOS is telling me that such a command doesn't exist. A "show ip interface vlan" command says that policy routing is disabled. Any ideas? Output of "show ver": Cisco IOS Software, Catalyst 4500 L3 Switch Software (cat4500-IPBASEK9-M), Version 12.2(53)SG, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Thu 16-Jul-09 19:49 by prod_rel_team Image text-base: 0x10000000, data-base: 0x11D1E3CC ROM: 12.2(31r)SG2 Dagobah Revision 226, Swamp Revision 34 RTTMCB2223-1 uptime is 3 years, 22 weeks, 2 days, 19 hours, 28 minutes Uptime for this control processor is 51 weeks, 2 days, 18 hours, 2 minutes System returned to ROM by power-on System restarted at 19:22:02 UTC Tue Jul 12 2011 System image file is "bootflash:cat4500-ipbasek9-mz.122-53.sg.bin" ... cisco WS-C4510R (MPC8245) processor (revision 4) with 524288K bytes of memory. Processor board ID FOX103703W3 MPC8245 CPU at 400Mhz, Supervisor V Last reset from PowerUp 42 Virtual Ethernet interfaces 244 Gigabit Ethernet interfaces 511K bytes of non-volatile configuration memory. Configuration register is 0x2

    Read the article

  • DNS issue for internal website routing internet connection from remote location

    - by Michael Paul
    I have an issue that I could use some help with. Our company has a main location and a remote location. Previously, the remote location was connected to the main location through an internet connection VPN tunnel. The connection was pitifully slow at 1.5Mbps, so we upgraded it with a 75Mbps direct link. That meant the remote location lost it's internet access, so we routed their access through the main office internet connection. Everything works perfect except for one thing. The website we host is not accessible from the remote location unless the IP address is used. If I do NSLOOKUP on our website address from a machine connected to the main location network, it resolves correctly to the inside IP address. However, if I do the same from a remote location machine, it resolves to the website's outside IP address. Our internal DNS server(s) have a pointer and CNAME records set up, and everything was working perfectly before the connection was upgraded. In addition, the remote location has a domain controller, DNS server and DHCP server to service these requests at the remote location and prevent these requests from getting routed back and forth over the link. So I think was it happening is that for some reason the DNS server at the remote location is not resolving our website name correctly and passing the requests on to the routers, which then push the request out to the internet DNS system. That resolves the name to our external IP. This is purely a DNS issue, everything else works just fine. I am just stumped on this one. Any ideas on how to fix this? Edit: I forgot to mention that at the remote side of the link is a Cisco ASA-5505 and at the main office there is a Cisco ASA-5510. The link is connected between these 2 devices and the routing is handled in the 5510. Thanks, Michael

    Read the article

  • How to find the real IP to which IPVS is routing a virtual IP

    - by Wayne Conrad
    I'm trying to find a problem server hiding behind a virtual IP (using LVS/ipvs). I've got a test program that sends requests to the virtual IP until it gets the bad response, but how can I tell to which real IP a request to the virtual IP got routed? On the box doing the virtual IP magic, here's the virtual IP configuration (for the service I care about): IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn ... TCP 10.1.0.254:5025 nq -> 10.1.0.5:5025 Route 1 0 1 -> 10.1.0.6:5025 Route 1 0 5 -> 10.1.0.7:5025 Route 1 0 2 -> 10.1.0.9:5025 Local 1 0 3 -> 10.1.0.11:5025 Route 1 0 3 ... My client program is sending TCP requests to 10.1.0.254:5025, usually getting a good response but sometimes a bad response. With this few servers, I could send my request to each server in turn until I discover the culprit, but I wonder if that technique will scale as we add servers. What means exist for me to find out where requests got routed? Kernel: Linux 2.6.32 OS: Debian testing (whatever that's called these days). ipvsadm is version 1.25, compiled with ipvs v1.2.1

    Read the article

  • How can I stop IIS7 (integrated mode) from reporting a 404 before I get a chance to handle it?

    - by Gary McGill
    I have an ASP.NET MVC 2 application running on IIS7 in integrated mode. I'm trying to do my own 404 handling, but IIS7 seems to be intercepting the error and returning its own 404 message to the client before I get a chance to handle it. I'm not having much luck coming at the problem from a programming perspective over on Stack Overflow, so I wondered if maybe it's a configuration problem. Is there something I have to do to tell IIS to let me handle my own errors? (I'm trying to use Application_Error in my global.asax but it's not even getting there). There is a custom error page defined (at the machine level, I think) for 404 but when I tried removing that it didn't really help - it simply showed a bald one-liner message instead. My code still didn't get a look in. Is it perhaps something to do with the routing? Maybe the "mysite.com/nosuchpage" URL isn't being routed to me and that's why I don't get a chance to intercept it? Do I need to do something so that ALL requests get routed through my app?

    Read the article

  • Routing table on Linux not respected

    - by MRHaarmann
    I have a very specific problem, building a Linux VPN endpoint (with external VPN Gateway), which should route certain networks over the tunnel, others via default gateway. The Linux VPN should do a NAT on the outgoing connections for the VPN peers. Setup is as following: Internet gateway LAN 192.168.25.1/24 VPN Gateway LAN 10.45.99.2/24 (VPN tunnel 10.45.99.1 to net 87.115.17.40/29, separate connection to Internet) Linux VPN Router eth0 192.168.25.71/24 eth0:503 10.45.99.1/24 Default 192.168.25.1 route to 87.115.17.40/29 via 10.45.99.2 (send_redirects disabled, ip_forward enabled) Linux clients (multiple): eth0 192.168.25.x/24 Default 192.168.25.1 route to 87.115.17.40/29 via 192.168.25.71 Ping to the machines via tunnel from the VPN Router is working. Now I want to establish a routing from my clients over the VPN gateway and the client packet gets routed to 192.168.25.1 ! traceroute output shows the packets get routed to 192.168.25.71, but then to 192.168.25.1. So the route is not respected in forward ! IPTables and Routing: ip route show 87.115.17.40/29 via 10.45.99.2 dev eth0 10.45.99.0/24 dev eth0 proto kernel scope link src 10.45.99.1 192.168.25.0/24 dev eth0 proto kernel scope link src 192.168.25.71 default via 192.168.25.1 dev eth0 iptables -A INPUT -i eth0:503 -j REJECT iptables -t nat -A POSTROUTING -o eth0:503 -j MASQUERADE iptables -A FORWARD -i eth0:503 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 192.168.25.0/24 -o eth0:503 -j ACCEPT So what is wrong with my setup ? The route is chosen correctly from localhost, but all the clients get forwarded to the Internet GW. thanks for helping, Marcus

    Read the article

  • LYNC 2010 Dial-In in Meeting DTMF issue

    - by user140116
    We are facing an issue in the LYNC2010 dial-in to a meeting. We redirect an Asterisk number to LYNC, whitch connects successfully in the dial-in plan of LYNC. After calling from external network to the given number, we hear LYNC aswering and prompting us to enter the PIN and afterwards the hash key. I should mention that all other dials to LYNC from Asterisk and vise versa are routed successfully. Also all DTMF we send to Asterisk from the phone (IVR, Extension, PIN etc) are routed also fine Afterwards we press the appropriate pin folowed by the hash keyand we get 'Sorry I can't find meeting with that number' Some pros mentioned that it might be dtmfmode=RFC2833 or dtmfmode=auto in Asterisk (All checked and tried). Some pros mentioned, that there is a problem in geeral in LYNC and DTMF (even with Cisco Call Manager). Some other pros mentioned that chack box 'Enable refer support' in Voice Routinh\Trunk Configuration' in LYNC has to be unchecked (Also tested). The problem stil remains and there is no way to enter a meeting room by dial-in. ANY idea would be appreciated!!!!!!!!

    Read the article

  • Requests are making it to my app server, but not into node.js -- why?

    - by Zane Claes
    I detailed in this question on StackOverflow how some random requests are not making it from the client to my Node.js app server, resulting in a gateway timeout. In summary, identical requests are, at random, not even making it far enough to trigger a console.log() in my first line of express middleware. I need to narrow down the problem, though, to find out WHERE the traffic is being lost and it was suggested that I try a packet sniffer on my app servers. Here's my setup: 2x Load Balancers (m1.larges) 2x node.js servers (also m1.large) Here's what's interesting/unusual: the node.js servers started as PHP servers with an Apache stack and continue to serve PHP files for my domain (streamified.me). However, I use a little httpd.conf magic on the app servers so that requests to api.streamified.me get routed over port 8888 to the node.js server: RewriteCond %{HTTP_HOST} ^api.streamified.me RewriteRule ^(.*) http://localhost:8888$1 [P] So, the request hits the load balancer = goes to an app server = gets routed to port 8888 if it's intended for the API = gets handled by node.js So, in the same httpd.conf file, I turned on RewriteLogLevel 5 and then created a simple PHP+CURL script on my localhost to hit my api.streamified.me with a random URL (which should cause node.js to trigger a simple "not found" response) until it resulted in a Gateway timeout. Here, you can see that it has happened -- and the rewrite log shows that the request was definitely received by the app server and forwarded to port 8888... but it was never received by node.js (or, at least, the first line of code in the first line of middleware never gets it...) Image Link: http://i.stack.imgur.com/3OQxS.png

    Read the article

  • NGINX returning 404 error on a valid url

    - by Harrison
    We have a site that runs PHP-FPM and NGINX. The application sends invitations to site members that are keyed with 40 character random strings (alphanumerics only -- example below). Today for the first time we ran into an issue with this approach. The following url: http://oursite.com/notices/response/approve/1960/OzH0pedV3rJhefFlMezDuoOQSomlUVdhJUliAhjS is returning a 404 error. This url format has been working for 6 months now without an issue, and other urls following this exact format continue to resolve properly. We have a very basic config with a simple redirect to a front controller, and everything else has been running fine for a while now. Also, if we change the last character from an "S" to anything other than a lower-case "s", no 404 error and the site handles the request properly, so I'm wondering if there's some security module that might see something wrong with this specific string... Not sure if that makes any sense. We are not sure where to look to find out what specifically is causing the issue, so any direction would be greatly appreciated. Thanks! Update: Adding a slash to the end of the url allowed it to be handled properly... Would still like to get to the bottom of the issue though. Solved: The problem was caused by part of my configuration... Realized I should have posted, but was headed out of town and didn't have a chance. Any url that ended in say "css" or "js" and not necessarily preceded by a dot (so, for example, http://site.com/response/somerandomestringcss ) was interpreted as a request for a file and the request was not routed through the front controller. The problem was my regex for disabling logging and setting expiration headers on jpgs, gifs, icos, etc. I replaced this: location ~* ^.+(jpg|jpeg|gif|css|png|js|ico)$ { with this: location ~* \.(jpg|jpeg|gif|css|png|js|ico)$ { And now urls ending in css, js, png, etc, are properly routed through the front controller. Hopefully that helps someone else out.

    Read the article

  • NGINX returning 404 error on a valid url

    - by Harrison
    We have a site that runs PHP-FPM and NGINX. The application sends invitations to site members that are keyed with 40 character random strings (alphanumerics only -- example below). Today for the first time we ran into an issue with this approach. The following url: http://oursite.com/notices/response/approve/1960/OzH0pedV3rJhefFlMezDuoOQSomlUVdhJUliAhjS is returning a 404 error. This url format has been working for 6 months now without an issue, and other urls following this exact format continue to resolve properly. We have a very basic config with a simple redirect to a front controller, and everything else has been running fine for a while now. Also, if we change the last character from an "S" to anything other than a lower-case "s", no 404 error and the site handles the request properly, so I'm wondering if there's some security module that might see something wrong with this specific string... Not sure if that makes any sense. We are not sure where to look to find out what specifically is causing the issue, so any direction would be greatly appreciated. Thanks! Update: Adding a slash to the end of the url allowed it to be handled properly... Would still like to get to the bottom of the issue though. Solved: The problem was caused by part of my configuration... Realized I should have posted, but was headed out of town and didn't have a chance. Any url that ended in say "css" or "js" and not necessarily preceded by a dot (so, for example, http://site.com/response/somerandomestringcss ) was interpreted as a request for a file and the request was not routed through the front controller. The problem was my regex for disabling logging and setting expiration headers on jpgs, gifs, icos, etc. I replaced this: location ~* ^.+(jpg|jpeg|gif|css|png|js|ico)$ { with this: location ~* \.(jpg|jpeg|gif|css|png|js|ico)$ { And now urls ending in css, js, png, etc, are properly routed through the front controller. Hopefully that helps someone else out.

    Read the article

  • Hyper-V Live Migration across Sites!

    - by Ryan Roussel
    One of the great sessions I sat in on at Tech Ed this week was stretching a Windows 2008 R2 Hyper-V  Failover Cluster across sites.  With this ability, you could actually implement a Hyper-V cluster where you could migrate or even Live Migrate VMs across sites.   With this area’s propensity for Hurricanes, this will be a very popular topic for me over the next few months. While this technology is possible today, it’s also very complicated and can be very expensive to implement.    First your WAN connection has to support the ability to trunk your VLAN across both sites in order to Live Migrate.  This means you can’t use a Layer 3 routed connection like MPLS.  It has to be a Metro Ethernet connection or "Dark Fiber”.  Dark Fiber is unused Fiber already in the ground that can be leased from  various providers. Both of these connections would allow you to trunk layer 2 across your WAN.  Cisco does have the ability to trunk layer 2 across a routed connection by muxing the traffic but this is only available in their Nexus product line which has a very steep price tag.   If you are stuck with MPLS or the like and Nexus switching is not a realistic possibility, you will have to implement a multi-subnet cluster in which case Live Migration won’t be possible.  However you can still failover VMs to the remote site with some planning and manual intervention.  The consideration here is that the VMs will be on a different subnet once migrated, so you will have to change the IP addressing of your VMs.  This also has ramifications with DNS and Name resolution to control your down time.  DHCP with Reservations for your VMs is the preferred method to achieve the IP changes as this will automate that part of the process.   Secondly, you will have to have  a mechanism to replicate your storage across both sites.  Many SAN vendors natively support hardware based synchronous and asynchronous replication.  Some even support cluster shared volumes which were introduced in 2008 R2.   If your SANs do not support this natively, there are alternative file based replication products either software based like Double Take or hardware appliance like EMC.  Be sure to check with your vendor on the support of Disk majority if you’re replicating your quorum disk between SANs.   The last consideration is the ability to maintain quorum for your cluster.  If your replication provider does not support Disk Majority through replication, you will have to explore Node Majority with File Share Witness.  This will affect your design as a 3 node cluster with 1 node at the remote site and FSW at the production site would not have the ability to maintain quorum if the production site was lost. MS best practice for this would be to implement an even node cluster with 2 nodes at  each site and the FSW at a third site.   And there you have it.  While some considerations and research goes into implementing this solution, even a multi-subnet solution would be invaluable to organizations in the implementations of “warm” DR sites.

    Read the article

  • URL routing in an MVC framework - PHP

    - by Walderman
    I'm developing an MVC framework in PHP from scratch; mostly for the learning experience but this could easily end up in a live project. I went through this tutorial as a base and I've expanded from there. Requests are made like this: examplesite.com/controller/action/param1/param2/ and so on... And this is my .htaccess file: RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?rt=$1 [L,QSA] So all requests go to index.php and they are routed to the correct controller and action from there. If no controller or action is given, then the default 'index' is assumed for both. I have an index controller with an index action, which is supposed to be the home page of my site. I can access it by going to examplesite.com (since the index part is assumed). It has some images, a link to a stylesheet, and some scripts. They are linked with paths relative to index.php. I thought this would be fine since all request go to index.php and all content is simply included in this page using php. This works if I go to examplesite.com. I will see all of the images and styles, and scripts will run. However, if I go to examplesite.com/index, I am routed to the correct part of the site, but all of the links don't work. Does the browser think I am in a different folder? I would like to be able to use relative paths for all of the content in my site, because otherwise I need to use absolute paths everywhere to make sure things will show up. Is this possible?

    Read the article

  • Bind9 seems to route wildcard DNS even though they are not enabled?

    - by Andrei
    For some reason bind9 seems to route wildcard DNS even though they are not defined anywhere? Accessing anyrandomstring.domain.com routes to the domain even though they are not explicitly defined anywhere? Neither is wildcard defined anywhere in the files in /var/cache/bind/ I typed sudo service bind9 reload a couple of times now. Any ideas? Update: also tried using rndc Update2: ran sudo service bind9 stop and then accessed a random subdomain and it got routed

    Read the article

  • Dual NIC internet access

    - by JavaRocky
    Q1. If a computer had two NICs, lets say windows, on which interface would HTTP traffic (or any for that matter) go out on. Not sure how the routes table would look like. Q2. If one of the NICs link becomes unresponsive, would traffic be automatically routed to the other NIC? Thanks.

    Read the article

  • Restrict VPN client traffic to certain domains/IP

    - by mr-euro
    Hi Is there any way to restrict a VPN client to only route certain traffic via the VPN and the rest via their local gateway? For example: traffic to a certain IP or domain gets routed across the VPN and all other requests do not. Let me know if you need more details. Thank you.

    Read the article

  • How do I send traffic to specific IP addresses through VPN and others directly to the internet?

    - by keithwarren7
    I am running Windows 7 and using the Cisco VPN adapter to connect to a private network where I access resources starting with the IP address 172.. My problem is that when connected to the VPN all external traffic is routed through the VPN. I want to set things up so only certain IP addresses go through the VPN and everything else goes out over the local adapter and out to the internet as normal. How?

    Read the article

  • Link aggregation with freebsd8 and a cicso 3550, what am i doing wrong?

    - by Flamewires
    Hey, I am trying to setup Link Aggrigation with LACP (well, anything that provides increased bandwidth and failover using my setup will work). I'm running FreeBSD 8.0 on 3 machines. M1 is running 2 10/100 ethernetcards setup for link aggrigation using lagg. for reference: ifconfig em0 up ifconfig tx0 up ifconfig create lagg0 ifconfig lagg0 laggproto lacp laggport tx0 laggport em0 192.168.1.16 netmask 255.255.255.0 I plugged them into ports 1 and 2 of a Cicso 3550. then ran: configure terminal interface range Fa0/1 - 2 switchport mode access switchport access vlan 1 channel-group 1 mode active (everythings in vlan 1) Now Im able to connect the other computers to other ports on the switch and failover works great, i can unplug cables in the middle of a transfer and the traffic gets rerouted. However, im not noticing any speed increase. My test setup: load balancing: i tried dst and src on the switch, neither seemed to give me a speed increase. I am SCPing 2 500 meg files from the lagg computer to other computers (one each) which are also running 10/100 full duplex cards. I get transfer speeds of about 11.2-11.4 Mbps to a single host, and about half that (5.9-6.2) Mbps when transferring to both at the same time. From what I understood with destination load balancing the router was suppose to balance traffic headed for 1 computer over 1 port and traffic headed for another over a diff(in this case) the other port. With destination-MAC address forwarding, when packets are forwarded to an EtherChannel, the packets are distributed across the ports in the channel based on the destination host MAC address of the incoming packet. Therefore, packets to the same destination are forwarded over the same port, and packets to a different destination are sent on a different port in the channel. For the 3550 series switch, when source-MAC address forwarding is used, load distribution based on the source and destination IP address is also enabled for routed IP traffic. All routed IP traffic chooses a port based on the source and destination IP address. Packets between two IP hosts always use the same port in the channel, and traffic between any other pair of hosts can use a different port in the channel. (Link) What am i doing wrong/what would i need to do to see a speed increase beyond what i could do with just a single card?

    Read the article

  • Understanding packet flows over RVI

    - by choco-loo
    I'm trying to get a full grasp of firewall filters and how to apply them on a Juniper EX4200 switch - to be able to block ports, police traffic and shape traffic. The network architecture is as follows internet >-< vlan4000 >-< vlan43 vlan4000 is a public "routed" block (where all the IPs are routed to and the internet gw is) vlan43 is a vlan with public IPs with devices (servers) attached There are static routes and RVI's on the EX4200 to send all traffic via vlan4000's gateway to reach the internet. I've set up filters on both input and output of the respective RVI's and VLAN's - with simple counters, to measure traffic flow from a server inside of vlan43 and a server on the internet. Using a combination of iperf for UDP and TCP tests and fping for ICMP tests - I observed the following, icmp vlan43>internet internet>vlan43 unit4000-counter-in 0 0 unit4000-counter-out 0 0 unit43-counter-in 100 100 unit43-counter-out 0 0 vlan4000-counter-in 6 4 vlan4000-counter-out 107 104 vlan43-counter-in 101 100 vlan43-counter-out 100 100 tcp vlan43>internet internet>vlan43 unit4000-counter-in 0 0 unit4000-counter-out 0 0 unit43-counter-in 73535 38480 unit43-counter-out 0 0 vlan4000-counter-in 7 8 vlan4000-counter-out 73543 38489 vlan43-counter-in 73535 38481 vlan43-counter-out 38938 75880 udp vlan43>internet internet>vlan43 unit4000-counter-in 0 0 unit4000-counter-out 0 0 unit43-counter-in 81410 1 unit43-counter-out 0 0 vlan4000-counter-in 18 7 vlan4000-counter-out 81429 8 vlan43-counter-in 81411 1 vlan43-counter-out 1 85472 My key goals are to set up a few filters and policers, as there will be many more VLANs - that all need protecting from each other and the internet. Then globally limit/police all outbound traffic to the internet Block inbound ports to vlan43 (eg. 22) Limit outbound traffic from vlan43 (to the internet) Limit outbound traffic from vlan43 (to other vlans) Limit outbound traffic from vlan4000 (to the internet from all vlans) Route traffic from vlans via specific routing instances (FBF) The question What I want to understand is why there isn't ever any activity on unit4000 or vlan4000 inbound or outbound counter - is this because there isn't a device on this VLAN - and that the traffic is only traversing it? And with regards to the TCP test - why is there twice as many packets on unit43-counter-in, vlan4000-counter-out and vlan43-counter-in - is this counting both the inbound and outbound traffic?

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >