Search Results

Search found 4578 results on 184 pages for 'connections'.

Page 42/184 | < Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >

  • Lot of FIN_WAIT2, CLOSE_WAIT , LAST_ACK and TIME_WAIT in Haproxy

    - by Tux
    We are running haproxy in production for around 10k+ concurrent users . But we are seeing lot of FIN_WAIT2, CLOSE_WAIT , LAST_ACK and TIME_WAIT in the netstat output. This output is on a 8G ubuntu-12.04 node. 8046 CLOSE_WAIT 1 CLOSING 1 established) 40869 ESTABLISHED 1212 FIN_WAIT1 7575 FIN_WAIT2 1 Foreign 2252 LAST_ACK 7 LISTEN 143 SYN_RECV 4920 TIME_WAIT Can someone please tell me what tweaking i need to do. Please note that all these connections are persistent connections . tcp_fin_timeout = 30 tcp_keepalive_time = 1800 Right now, the application is working fine. But wondering will be there any issues as we add more users to this haproxy node.

    Read the article

  • How is incoming SMTP mail being delivered despite blocked port

    - by Josh
    I setup a MX mail server, everything works despite port 25 being blocked, I'm stumped as to why I am able to receive email with this setup, and what the consequences might be if I leave it this way. Here are the details: Connections to SMTP over port 25 and 587 both reliably connect over my local network. Connections to SMTP over port 25 are blocked from external IPs (the ISP is blocking the port). Connections to Submission SMTP over port 587 from external IPs are reliable. Emails sent from gmail, yahoo, and a few other addresses all are being delivered. I haven't found an email provider that fails to deliver mail to my MX. So, with port 25 blocked, I am assuming other MTA servers fallback to port 587, otherwise I can't imagine how the mail is received. I know port 25 shouldn't be blocked, but so far it works. Are there mail servers that this will not work with? Where can I find more about how this is working? -- edit More technical detail, to validate that I'm not missing something silly. Obviously in the transcript below I've replaced my actual domain with example.com. # DNS MX record points to the A record. $ dig example.com MX +short 1 example.com $ dig example.com A +short <Public IP address> # From a public server (not my ISP hosting the mail server) # We see port 25 is blocked, but port 587 is open $ telnet example.com 25 Trying <public ip>... telnet: Unable to connect to remote host: Connection refused # Let's try openssl $ openssl s_client -starttls smtp -crlf -connect example.com:25 connect: Connection refused connect:errno=111 # Again from a public server, we see port 587 is open $ telnet example.com 587 Trying <public ip>... Connected to example.com. Escape character is '^]'. 220 example.com ESMTP Postfix ehlo example.com 250-example.com 250-PIPELINING 250-SIZE 10485760 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250-BINARYMIME 250 CHUNKING quit 221 2.0.0 Bye Connection closed by foreign host. Here is a portion from the mail log when receiving a message from gmail: postfix/postscreen[93152]: CONNECT from [209.85.128.49]:48953 to [192.168.0.10]:25 postfix/postscreen[93152]: PASS NEW [209.85.128.49]:48953 postfix/smtpd[93160]: connect from mail-qe0-f49.google.com[209.85.128.49] postfix/smtpd[93160]: 7A8C31C1AA99: client=mail-qe0-f49.google.com[209.85.128.49] The log shows that a connection was made to the local IP on port 25 (I'm not doing any port mapping, so it is port 25 on the public IP too). Seeing this leads me to hypothesize that the ISP block on port 25 only occurs when a connection is made from an IP address that is not known to be a mail server. Any other theories?

    Read the article

  • VMware networking - PortChannel or not?

    - by dunxd
    My ESX hosts each have 8 NICS. I have set up 2 NICs for our iSCSI SAN - each is connected to a different SAN switch. 2 NICs are set up for vMotion and Service Console - these are each connected to a different core switch (ports are trunked with VLANs dedicated to vMotion and Management) I now have four ports left over. Currently we have these set up each going into our default VLAN. Two NICs are connected to one core-switch and two are connected to the other. We decided to aggregate the connections to each switch - so they are teamed at the vswitch end, and port channelled at the physical switch end. I am now reading that port channelling these connections is not particularly useful, perhaps even over complicating things. Is there a particular problem with using port channels for VMware? What method provides the best balance between redundancy and performance?

    Read the article

  • Detecting man-in-the-middle attacks?

    - by Ilari Kajaste
    There seem to be many possible ways to create man-in-the-middle attacks on public access points, by stealing the access point's local IP address with ARP spoofing. The possible attacks range from forging password request fields, to changing HTTPS connections to HTTP, and even the recently discovered possibilit of injecting malicious headers in the beginning of secure TLS connections. However, it seems to be claimed that these attacks are not very common. It would be interesting to see for myself. What ways are there to detect if such an attack is being attempted by someone on the network? I guess getting served a plain HTTP login page would be an obvious clue, and of course you could run Wireshark and keep reading all the interesting ARP traffic... But an automated solution would be a tiny bit more handy. Something that analyzes stuff on the background and alerts if an attack is detected on the network. It would be interesting to see for myself if these attack are actually going on somewhere.

    Read the article

  • Why would you ever set MaxKeepAliveRequests to anything but unlimited?

    - by Jonathon Reinhart
    Apache's KeepAliveTimeout exists to close a keep-alive connection if a new request is not issued within a given period of time. Provided the user does not close his browser/tab, this timeout (usually 5-15 seconds) is what eventually closes most keep-alive connections, and prevents server resources from being wasted by holding on to connections indefinitely. Now the MaxKeepAliveRequests directive puts a limit on the number of HTTP requests that a single TCP connection (left open due to KeepAlive) will serve. Setting this to 0 means an unlimited number of requests are allowed. Why would you ever set this to anything but "unlimited"? Provided a client is still actively making requests, what harm is there in letting them happen on the same keep-alive connection? Once the limit is reached, the requests still come in, just on a new connection. The way I see it, there is no point in ever limiting this. What am I missing?

    Read the article

  • How to skip pushing the default gateway via DHCP in OpenWRT?

    - by francadaval
    I have a router with OpenWRT that I want to resolve IP addressing with DHCP without setting a default gateway. I have added a DHCP-Option parameter with value 3,0.0.0.0 that is supposed to set the default gateway by DHCP. Instead, the router IP is defined as default gateway for DHCP connections. How can I set a null default gateway (0.0.0.0) for connections configuration by DHCP? As said in a comment: I want this router to service a VirtualBox network that doesn't set a default gateway via DHCP.

    Read the article

  • Allowing Remote Connection in IIS on Windows 7

    - by GiddyUpHorsey
    I'm trying to give access to a website in IIS on my Win 7 machine to another person on my network. He's unable to access it. I was wondering if perhaps it was because IIS isn't configured to allow remote connections (I seem to remember having to do this sort of thing on Win XP). I've hunted around in IIS and googled but am not finding a way to configure remote connections on Win 7. Some of the answers I've found seem to refer to Win Server 2008 and talk about a management service in IIS Manager, but it doesn't appear to be present on my machine.

    Read the article

  • Do parent website application pools serve child application pools as well?

    - by Mike G
    I am running a .NET web application in its own application pool on IIS7. The parent website is set to run in its own application pool. Today we noticed a huge number of connections going to IIS. I tried to browse a plain ol' .html page in the directory of the web application and it hangs. I then try to browse another plain .html file in the root of the parent website, and it too hangs. In performance monitor, i see there are some 8k connections to the default website and climbing. I cant seem to understand if my application was the problem, or IIS itself. If it was my application, wouldnt the html page in the root of the parent website still be able to be served? edit: Also, if i shut down the app pool to my application, the html page on the root of the parent website is still not able to be displayed.

    Read the article

  • Mysql hosting for application backend

    - by churnd
    I've been asked to help set up a way for a volunteer animal rescue organization to use an application to keep track of animals they've rescued. This application already exists, and can use it's own local database or connect to a MySQL database server. Since there are several volunteers spread out over a large region, a database server would be the best way to go. Money is a big problem, obviously. So, I'm looking for a very cheap or hopefully free database server or webhost that allows tcp/ip connections to their database servers. Backups will be handled on our end, so basically I just need the hosted mysql server. I've seen 000webhost.com, x10hosting, and xtreemhost, which all look promising, but they either aren't clear on remote mysql connections, or don't allow it at all. Looking forward to your recommendations! The animals thank you! :)

    Read the article

  • Properly Hosting Multiple Sites on VDS

    - by Aristotle
    I'm going to be moving about 7-10 websites (5-8 with Databases - MySQL) onto our new Virtual Private Server. I'm curious what the best way to host many sites on a single server is though. Do I create a directory for each site immediately within my root directory, and then point the domain names for each site to http://123.123.123.123/siteDirectory - or is there a more appropriate way to do this? I'm very interested in maintining control over how many concurent connections each site can have at any given time - would I be able to do that on the directory-level, or am I required to limit the concurrent-connections to the VPS itself?

    Read the article

  • Linux/bsd tcp load balancing with 10 gigabit ethernet

    - by user37899
    Okay, I've been looking at layer 4 load balancing solutions for 10 gigabit links. I need the following properties Works at 10Gig ethernet speeds. Can support long live tcp connections. up to 1mil live tcp connections. Balancer not involved in the return path. Fault tolerant with tcp session fail over. low latency and good through put. can be scripted. Either a software or hardware solution. Can it be done? Anyone doing this?

    Read the article

  • AWS Autoscaling issue with existing nodes in ELB

    - by Ram Prasad
    I already have a ELB setup called MyLoadBalancer. I already have 2 nodes running on it with health checks (that checks a URL on the node to see if they are up) Created an autoscaling group (min 2, Max 10) Associated launchconfig mylaunchconfig that provisions a node using an AMI Created a trigger, that checks for avg min connections of 100 and Max of 500 (checks the load balancer and it is support to increase the node count by 1, if avg connections are 500 and decrease by one if less than 100) as-create-or-update-trigger MyTrigger --auto-scaling-group MyAutoScalingGroup --namespace "AWS/ELB" --measure RequestCount --statistic Average --dimensions "LoadBalancerName=MyLoadBalancer" --period 60 --lower-threshold 500 --upper-threshold 800 --lower-breach-increment=-1 --upper-breach-increment=1 --breach-duration 600 Now the issue is, as soon as I put in the trigger, it start 2 nodes .... but there are already two nodes in the LB. So, why is it provisioning 2 more nodes, when the nodes are there ? is it because it is not recognizing the existing 2 nodes ? then how do I add the existing nodes to the AutoScaling group ?

    Read the article

  • Full speed internal switch bandwidth but per-port set external bandwidth?

    - by garg
    I am in an environment where all the machines are behind a switch that I don't have access to. Each ethernet wall port has limited bandwidth depending on how much has been paid for each port. The problem is that some people have 10Mbps connections and some have 100Mbps connections and this causes problems with local intranet file transfers and operating system/software deployments. Operating systems can take hours to be deployed if the machine is on 10mbps. Do you know if it is possible with most switches to set a rule that would limit bandwidth coming in/going out to an extranet, but keep full bandwidth if the packets are destined to go to a local machine? For example, the internet might be limited to 10Mbps, but internal servers would get gigabit speeds? Thanks

    Read the article

  • Hyper-V Cluster with failover - NETWORKING

    - by Adam
    Hi We are looking to setup a 3 node Hyper-V cluster with live migration and failover using: 3 x Dell R710's with dual quad core Xeon & 128 GB RAM & 6 NICs in each 1 x Dell MD 3220i SAN We will be running this setup from a data center and so co-locating our kit. Can anybody explain how we should setup the network connections to make the system redundant? We have looked into this great article but are not sure how to get a 3 server setup correctly and reliably: http://faultbucket.ca/2011/01/hyper-v-failover-cluster-setup/. I believe we need network connections for: live migration, heartbeat, management, hyper-v etc. I assume as we are running it from a DC all IPs will have to be public IPs? Are AD servers will be VMs. One on each Hyper-V server and setup not to be HA.

    Read the article

  • Windows 2008 Incoming Connection: Where/How is Server IPv4 address defined

    - by revelate
    We're evaluating a VM hosted externally which runs Windows Server 2008 R2 Web Server Edition and wish to access it via a VPN connection for maintenance and administration. RRAS isn't included in Web Server Edition, but it does have a form of VPN server called "Incoming Connections". This appears to work well and even supports multiple simultaneous connections. As we'll be using this VPN regularly we'd like to know if this is a viable solution or if we'd be better off upgrading to Standard Edition and full-fledged RRAS. In particular we're accessing the VM via the Private IP given by the Incoming Connection (currently 169.254.135.207) so we'd like know: if the server private IP might change every so often? if so is there any way to define it manually? or should we be using the server name rather than the private IP address? if so how can we be sure that it will resolve correctly? Name resolution over the "Incoming Connection" has worked on and off during our tests. Thanks for your help

    Read the article

  • What's constitute an entry on the IPTables and how to find out which client it is originated from

    - by cbd
    I have a Billion BiPac 7700N Modem/Router/Access Point and I connect another router (TP-Link TL-WR1043ND) in wan-bypass mode to extend the wireless coverage. Lately, I noticed that the connection through TP-Link has been dropping out quite regularly. Having read some posts on the Internet, I checked system log on 7700N and found that there are many "nf_conntract: expectation table full" errors, which I suppose the iptables are full. My questions: What does constitute an entry on the iptable? Is it a client or a connection (which means one client can have multiple connections) How could I find out where are those connections originated from? Note: Many reported that the issue is usually related to having torrents running but I don't have any torrents running. Thank you.

    Read the article

  • lighttpd server-status

    - by krys
    I have enabled lighttpd mod_status as /server-status. When I go to the URL, I get the status page. I am interested in monitoring connections -- most specifically KeepAlive connections to make sure KeepAlive is working correctly. The problem is I only see the full connection info for the /server-status request itself. All other requests do not have the URI or hist columns filled in: X.X.X.X 0/0 0/4673 handle-req 0 test.mydomain.com /server-status (/server-status) This makes it difficult to know which URL was last handled by a particular connection. Is there something special that I need to do to show this information(URI) in /server-status?

    Read the article

  • Windows Firewall issues

    - by Will Vousden
    I'm not sure whether this is a Windows problem or a .NET problem (i.e. whether it belongs here on on SO), but I've written a small HTTP server program in C# (using the .NET HttpListner class) which works fine for the most part, but Windows Firewall seems to be refusing to let connections through to it from anything other than localhost. I've added exceptions for TCP and UDP in the "Inbound Rules" section of the firewall settings, essentially duplicating existing rules for other HTTP-based services which work fine (e.g. foo_httpcontrol). Specifically, I've added separate rules for TCP and UDP connections covering all ports, specific to the executable I'm running. There's no problem when Windows Firewall is disabled, but if I enable it, the connection simply times out.

    Read the article

  • [Closed] Oracle JDBC connection with Weblogic 10 datasource mapping, giving problem java.sql.SQLExce

    - by gauravkarnatak
    Oracle JDBC connection with Weblogic 10 datasource mapping, giving problem java.sql.SQLException: Closed Connection I am using weblogic 10 JNDI datasource to create JDBC connections, below is my config <?xml version="1.0" encoding="UTF-8"?> <jdbc-data-source xmlns="http://www.bea.com/ns/weblogic/90" xmlns:sec="http://www.bea.com/ns/weblogic/90/security" xmlns:wls="http://www.bea.com/ns/weblogic/90/security/wls" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.bea.com/ns/weblogic/920 http://www.bea.com/ns/weblogic/920.xsd"> <name>XL-Reference-DS</name> <jdbc-driver-params> <url>jdbc:oracle:oci:@abc.XL.COM</url> <driver-name>oracle.jdbc.driver.OracleDriver</driver-name> <properties> <property> <name>user</name> <value>DEV_260908</value> </property> <property> <name>password</name> <value>password</value> </property> <property> <name>dll</name> <value>ocijdbc10</value> </property> <property> <name>protocol</name> <value>oci</value> </property> <property> <name>oracle.jdbc.V8Compatible</name> <value>true</value> </property> <property> <name>baseDriverClass</name> <value>oracle.jdbc.driver.OracleDriver</value> </property> </properties> </jdbc-driver-params> <jdbc-connection-pool-params> <initial-capacity>1</initial-capacity> <max-capacity>100</max-capacity> <capacity-increment>1</capacity-increment> <test-connections-on-reserve>true</test-connections-on-reserve> <test-table-name>SQL SELECT 1 FROM DUAL</test-table-name> </jdbc-connection-pool-params> <jdbc-data-source-params> <jndi-name>ReferenceData</jndi-name> <global-transactions-protocol>OnePhaseCommit</global-transactions-protocol> </jdbc-data-source-params> </jdbc-data-source> When I run a bulk task where there are lots of connections made and closed, sometimes it gives connection closed exception for any of the task in the bulk task. Below is detailed exception' java.sql.SQLException: Closed Connection at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:111) at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:145) at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:207) at oracle.jdbc.driver.OracleStatement.ensureOpen(OracleStatement.java:3512) at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3265) at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePreparedStatement.java:3367) Any ideas?

    Read the article

  • HTTP downloads slow - FTP of same file very fast - Windows 2003

    - by Paul Hinett
    I am having some issues with download speeds on my site via http, i am averaging around 70kbps downloading a file that is around 70mb. But if i connect to my server via FTP and download the same file on the same computer / connection i am averaging about 300+kbps. I know my server has alot of connections at any one time, probably around 400 connections. My server has a 1gbps connection to the internet so there is plenty of bandwidth available, as proven with the FTP. I have no throttling of any kind enabled in IIS. If interested there is a test file here you can download to check the speed: http://filesd.house-mixes.com/test.zip I am based in the UK and the server is in Washington, USA if that makes any difference. Paul

    Read the article

  • Updating Cisco VPN config to add vpnc support

    - by Igor Kuzmitshov
    I have a Cisco 1841 configured for VPN connections of two types: Peer-to-peer for partners' routers (IPsec) — using different crypto isakmp key and crypto map with set peer, set transform-set, match address for every peer (same map name, different priorities). That crypto map name is added to the WAN interface. Client access (PPTP) — using vpdn-group with accept-dialin protocol pptp. Now, a new partner wants to connect using vpnc client. The latter needs IPSec ID (group name) and IPSec secret in addition to username and password. I guess that IPSec secret is pre-shared key that can be specified in crypto isakmp key on Cisco. But I could not find any VPN tutorials involving groups. Hence, my questions: How to add IPSec ID (group name) and IPSec secret on Cisco router for vpnc connections? Should I add a new crypto map matching all addresses as well? Is it possible to add this configuration without breaking the existing setup? Thank you.

    Read the article

  • Proven and Scalable Comet Server

    - by demetriusnunes
    What is the most proven, scalable comet server solution out there that can handle up to 100.000 real-life connections per node using HTTP streaming (not long-poll)? It must be a free, preferably open-source project. We've already tried Meteor (Perl), with no success. Meteor was able to scale just up to 20.000 connections per node. We are looking right now at these options: APE (C++), Orbited (Python), Grizzly (Glassfish), Cometd (Jetty). Any big success stories with any of these?

    Read the article

  • Stunnel too many clients

    - by davidsmalley
    I'm trying to hook up stunnel and haproxy to forward https connections through to some backend servers. I've got haproxy setup right, and I seem to have stunnel set up right. Trouble is that when I hit the setup with a load test after a while I start to see these log entries: 2010.05.05 11:24:43 LOG7[3498:3086792368]: https accepted FD=512 from 10.195.158.225:52579 2010.05.05 11:24:43 LOG4[3498:3086792368]: Connection rejected: too many clients (=500) I guess I've hit a limit somewhere but I wasn't sure how to fix it, there doesn't seem to be a config file option for stunnel to change this. Does anyone know how to configure stunnel for a potentially large number of connections?

    Read the article

  • Forwarding RDP via a Linux machine using iptables: Not working

    - by Nimmy Lebby
    I have a Linux machine and a Windows machine behind a router that implements NAT (the diagram might be overkill, but was fun to make): I am forwarding RDP port (3389) on the router to the Linux machine because I want to audit RDP connections. For the Linux machine to forward RDP traffic, I wrote these iptables rules: iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-destination win-box iptables -A FORWARD -p tcp --dport 3389 -j ACCEPT The port is listening on the Windows machine: C:\Users\nimmy>netstat -a Active Connections Proto Local Address Foreign Address State (..snip..) TCP 0.0.0.0:3389 WIN-BOX:0 LISTENING (..snip..) And the port is forwarding on the Linux machine: # tcpdump port 3389 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 01:33:11.451663 IP shieldsup.grc.com.56387 > linux-box.myapt.lan.ms-wbt-server: Flags [S], seq 94663035, win 8192, options [mss 1460], length 0 01:33:11.451846 IP shieldsup.grc.com.56387 > win-box.myapt.lan.ms-wbt-server: Flags [S], seq 94663035, win 8192, options [mss 1460], length 0 However, I am not getting any successful RDP connections from the outside. The port is not even responding: C:\Users\outside-nimmy>telnet example.com 3389 Connecting To example.com...Could not open connection to the host, on port 3389: Connect failed Any ideas? Update Per @Zhiqiang Ma, I looked at nf_conntrack proc file during a connection attempt and this is what I see (192.168.3.1 = linux-box, 192.168.3.5 = win-box): # cat /proc/net/nf_conntrack | grep 3389 ipv4 2 tcp 6 118 SYN_SENT src=4.79.142.206 dst=192.168.3.1 sport=43142 dport=3389 packets=6 bytes=264 [UNREPLIED] src=192.168.3.5 dst=4.79.142.206 sport=3389 dport=43142 packets=0 bytes=0 mark=0 secmark=0 zone=0 use=2 2nd update Got tcpdump on the router and it seems that win-box is sending an RST packet: 21:20:24.767792 IP shieldsup.grc.com.45349 > linux-box.myapt.lan.3389: S 19088743:19088743(0) win 8192 <mss 1460> 21:20:24.768038 IP shieldsup.grc.com.45349 > win-box.myapt.lan.3389: S 19088743:19088743(0) win 8192 <mss 1460> 21:20:24.770674 IP win-box.myapt.lan.3389 > shieldsup.grc.com.45349: R 721745706:721745706(0) ack 755785049 win 0 Why would Windows be doing this?

    Read the article

  • Providing a public Web-Hosting service on MS Windows - advice and resources

    - by crgnz
    Are there any resources offering advice on how to setup a microsoft based web-hosting service? I currently offer LAMP hosting with cPanel, but there is some demand for IIS & SQL Server. As far as I can tell MS Windows Web Server 2008 R2 edition allows unlimited IIS connections. And a per-processor license for MS SQL Server Web Edition 2008 also permits unlimited connections. Where I am falling down is that I can't figure out how to get "unlimited" Active Directory users. I can't use 2008R2 Web Server edition for AD, so I will need the 2008R2 standard edition, I think. Does Microsoft have a provision for using AD in an ISP scenario? I am looking at using the cPanel Enkompas system to manage the Windows software, and Enkompas requires AD for user authentication. Any advice would be greatly appreciated!

    Read the article

< Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >