Search Results

Search found 4786 results on 192 pages for 'traffic shaping'.

Page 60/192 | < Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >

  • Forwarding udp ports iptables packets "lost"?

    - by Dindihi
    I have a Linux router (Debian 6.x) where i forward some ports to internal services. Some tcp ports (like 80, 22...) are OK. I have one Application listening on port 54277udp. No return is coming from this app, i only get Data on this port. Router: cat /proc/sys/net/ipv4/conf/all/rp_filter = 1 cat /proc/sys/net/ipv4/conf/eth0/forwarding = 1 cat /proc/sys/net/ipv4/conf/ppp0/forwarding = 1 $IPTABLES -t nat -I PREROUTING -p udp -i ppp0 --dport 54277 -j DNAT --to-destination $SRV_IP:54277 $IPTABLES -I FORWARD -p udp -d $SRV_IP --dport 54277 -j ACCEPT Also MASQUERADING internal traffic to ppp0(internet) is active & working. Default Policy INPUT&OUTPUT&FORWARD is DROP What is strange, when i do: tcpdump -p -vvvv -i ppp0 port 54277 I get a lot of traffic: 18:35:43.646133 IP (tos 0x0, ttl 57, id 0, offset 0, flags [DF], proto UDP (17), length 57) source.ip > own.external.ip..54277: [udp sum ok] UDP, length 29 18:35:43.652301 IP (tos 0x0, ttl 57, id 0, offset 0, flags [DF], proto UDP (17), length 57) source.ip > own.external.ip..54277: [udp sum ok] UDP, length 29 18:35:43.653324 IP (tos 0x0, ttl 57, id 0, offset 0, flags [DF], proto UDP (17), length 57) source.ip > own.external.ip..54277: [udp sum ok] UDP, length 29 18:35:43.655795 IP (tos 0x0, ttl 57, id 0, offset 0, flags [DF], proto UDP (17), length 57) source.ip > own.external.ip..54277: [udp sum ok] UDP, length 29 18:35:43.656727 IP (tos 0x0, ttl 57, id 0, offset 0, flags [DF], proto UDP (17), length 57) source.ip > own.external.ip..54277: [udp sum ok] UDP, length 29 18:35:43.659719 IP (tos 0x0, ttl 57, id 0, offset 0, flags [DF], proto UDP (17), length 57) source.ip > own.external.ip..54277: [udp sum ok] UDP, length 29 tcpdump -p -i eth0 port 54277 (on the same machine, the router) i get much less traffic. also on the destination $SRV_IP there are only a few packets coming in, but not all. INTERNAL SERVER: 19:15:30.039663 IP source.ip.52394 > 192.168.215.4.54277: UDP, length 16 19:15:30.276112 IP source.ip.52394 > 192.168.215.4.54277: UDP, length 16 19:15:30.726048 IP source.ip.52394 > 192.168.215.4.54277: UDP, length 16 So some udp ports are "ignored/dropped" ? Any idea what could be wrong? Edit: This is strange: The Forward rule has data packets, but the PREROUTING rule has 0 packets... iptables -nvL -t filter |grep 54277 Chain FORWARD (policy DROP 0 packets, 0 bytes) 168 8401 ACCEPT udp -- * * 0.0.0.0/0 192.168.215.4 state NEW,RELATED,ESTABLISHED udp dpt:54277 iptables -nvL -t nat |grep 54277 Chain PREROUTING (policy ACCEPT 405 packets, 24360 bytes) 0 0 DNAT udp -- ppp0 * 0.0.0.0/0 my.external.ip udp dpt:54277 state NEW,RELATED,ESTABLISHED to:192.168.215.4

    Read the article

  • Cisco 2811 router ignored input errors

    - by elbekay
    I've got a Cisco 2811 (AdvIPServices 12.4(25e)) that is showing input errors on both its interfaces, all the errors are of the ignored type. The counter for ignore errors is not increasing continuously, which made me think it would be happening in line with traffic bursts, but there really isn't a large amount of traffic running through it at any time. Both the router interfaces are connected to a 4900 (IPBase 12.2(54)) series switch. The only things I can see are: There is a slight mismatch in duplex/speed negotiation settings, one side is set to auto/auto and one full/auto, however they have negotiated fine. There have been a few fallbacks on the interface buffers, and some trims in the public buffers. Any suggestions for things to look at? I will be correcting the duplex neg settings, and might try a buffer tune, but I don't think it will help.

    Read the article

  • Proxification rulte for System process

    - by kseen
    I'm trying to configure Microsoft Visual Studio 2010 remote debugging and ran into issue: while connecting to remote computer running MSVSMON, client computer sends SYN request for connection. It makes it under the System process (as I see it in TCPView). As every network apps should be configured to use proxy in our network, I'm trying to add devenv.exe to proxification rules to make its traffic goes thru LAN's proxy server. It doesn't help. So my question is how can I make that low-level-system traffic will go through local area network proxy server?

    Read the article

  • Choosing between a dedicated and virtual dedicated server for my startup

    - by MarathonStudios
    I'm about to launch a startup site I've been working on for some time, and I'm just now looking over hosting plans. The site's main feature is fairly processor-heavy (a lot of text processing), so I probably need something other then shared hosting to ensure I don't get shut down for overusing resources. I would like to spend as little as possible on hosting until the site starts generating income, so under-$60/mo is my goal. One caveat is that I need a Windows box for this particular site, so it's harder to get a good deal. For that price, I can either get a bottom-tier dedicated (2gigs ram, pentium 4) or a middle-tier VPS (3gb RAM, a bit more traffic and HD) for a few bucks more per month. I had a bad experience with a low-end VPS a few months ago, so making sure that whatever I get can handle the basic traffic of a website as well as giving me what I need (extra processing power) is essential. Do you have any suggestions as to which way to go, or a certain hosting company you've worked with that you can recommend?

    Read the article

  • SuperMicro IPMI through OpenBSD PF Firewall

    - by thelsdj
    I'm trying to access a SuperMicro IPMI card that is behind an OpenBSD bridged firewall. A couple pieces of information: The OpenBSD firewall itself has a SuperMicro IPMI that I can access across the internet. The IPMI I'm trying to reach can be reached from behind the firewall. My gateway does arp request the IPMI and it does appear to respond (this is from the external interface of the firewall) 16:57:45.548892 arp who-has ipminame tell gwname 16:57:45.549500 arp reply ipminame is-at ipmimac But when I make a request to the IPMI IP from outside the firewall the external interface of the firewall shows no traffic with the IPMI ip as its destination. Any idea what might be causing this problem? Is there something about IPMI traffic that my gateway wouldn't like (the gateway is provided by my colocation provider so I can't easily debug it).

    Read the article

  • Enabling 8021q on a nic

    - by Chris Phillips
    Hi, I'm trying to get a vlan interface on a bonded nic (Centos 5.5) and whilst the interface has been very happily created with vconfig I'm seeing no traffic on it at all. Running tcpdump and tshark on the underlying eth0 I see no sign at all of vlan tags in the traffic, and I'm wondering if there's somethign I'm missing on the server side as the network dept say they are sending me the tagged data. I've got the 8021q module loaded, however under lsmod it shows it's only being used by the cxgb3 module, for an unused onboard iSCSI card, whereas my nics (on an HP DL380 G7) are driven by bnx2 and e1000e modules. Should these modules be listing 8021q as used module? should I have something conrete in /etc/modprobe.conf? Thanks Chris

    Read the article

  • Gre tunnel Linux Cisco

    - by mezgani
    I've created a GRE tunnel between LAN A and LAN B. LAN A is behind a router, and LAN B is behind a Linux box and this box has a pppoe interface. When i do tcpdump on Linux box i see that the traffic is routerd to Linux box (tunnel end), so my need is routing the tunnel traffic to internet. I've added these rules to my iptables script, and i stay unable to connect to internet from LAN A Permitting Linux to act as router (necessary to forward packets) echo "1" /proc/sys/net/ipv4/ip_forward iptables -A INPUT -p 47 -j ACCEPT iptables -A FORWARD -i ppp0 -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o gre0 -j MASEQUARADE What i've forgot to set in this case?

    Read the article

  • windows firewall and network location switch after establishing a vpn connection

    - by Konrads
    Hello, I am looking for a reasonable solution for network location switching after VPN connection is established for Windows 7. The scenario is as follows: For location public (employee plugging in his laptop in hotel, public wi-fi,etc) all inbound connections are restricted, only outbound VPN + www is enabled. Employee then initiates a VPN connection, VPN pushes routes to 10.0.0.0/8 subnet Now I would like to have lax security rules for traffic from/to 10.0.0.0/8 that comes through the VPN interface, while still protecting the laptop from traffic that comes via uplink interface as if it was private. How to achieve this switching and duality? One option I see is switching to IPSec...

    Read the article

  • Monitoring Maximum Process Network Activity

    - by user125973
    We have a collocated server on which we run some OpenVZ hosts. Recently, we have had to pay a lot extra we keep exceeding our bandwidth quota. Our quota is 5 Mb/s but we have spike to almost 50. I looked at the graphs and there are some spikes happening at some intervals. I want to know which process is causing this so I need a tool that monitors the processes and gives me the one with the maximum instant traffic (It doesn't matter how much traffic we have as long as we don't exceed the 5Mb/s quota). Does anyone have a recommendation for this? My hosts are CentOS 5 with OpenVZ so I can see all the containter processes from the host, if that helps in any way.

    Read the article

  • Force Steam (and other programs that do not specify proxy settings) to use a proxy

    - by joshhunt
    My school requires a proxy for all internet access. If you want to use the internet, it is impossible to not use a proxy. This makes it a problem for many programs that don't seem to let you enter proxy settings. How can I use Steam when I am behind a proxy? Is it possible to somehow enter the details into a configuration file, or force it to get the settings from Internet Explorer? If not, does software exist for creating a 'virtual' network adapter which will pass all traffic (or all protocol x traffic) through the proxy? Although I am facing this specific problem on Windows 7, solutions for all operating systems are welcome.

    Read the article

  • 2 HP Procurve 4000M switches and Comcast SMC Gateway

    - by Cole Tierney
    We've got 2 HP Procurve 4000M switches joined by a trunk. Switch 1 is connected to a Cisco 2600 router which is connected to a T1. Internet traffic for hosts on switch 2 must pass through the trunk to switch 1. We're now switching to Comcast who's given us 4 port SMC router. I would like to connect each switch to the comcast router to reduce traffic on the trunk, but I don't want to create a loop. The switches support spanning tree protocol, but I don't know how this would work with the comcast router. Would a triangle network like this work? Thanks for any tips.

    Read the article

  • Assign two static IP addresses to one mac address

    - by Timo Ylikännö
    Can Isc-dhcp-server give two static ip addresses to one mac address? I have several home terminals in my network. Each terminal have two interfaces. One for public traffic and one for a management traffic. Both interfaces have same mac address. DHCP server can detect interfaces via dhcp option field and dhcp class declarations. Every terminal have to have static ip address instead of dynamic address. With dynamic address and dynamic pools this would be an easy task. Or is there any dhcp server that can do this?

    Read the article

  • Why would my router have different MAC addresses for IP and IPv6 transactions?

    - by user329161
    Today I was using tcpdump and I noticed my computer was having IPv6 traffic with a particular MAC address that I could not match with an IP using nmap or arping. After looking at the tcpdump logs a little more closely, I figured out it was another MAC address my router was using but exclusively for IPv6 traffic. 22:49:01.936830 90:0d:cb:ff:31:91 (oui Unknown) > 33:33:00:00:00:01 (oui Unknown), ethertype IPv6 (0x86dd), length 158: fe80::920d:cbff:feff:3191 > ip6-allnodes: ICMP6, router advertisement, length 104 Why would a router offer a different MAC address for IPv6?

    Read the article

  • Packet logging on PIX firewall

    - by georged.id.auindex.htm
    We have a Cisco PIX 515 firewall and I would like to set up a simple logging that would give us a traffic breakdown for billing by: source destination protocol port size time PIX is plugged into Catalyst 2970 and I was told that the best thing since sliced bread for logging is to get Netflow and get Catalyst to log. My concern, however, (besides the Netflow cost) is that I really don't want to "listen" to the internal noise and all I'm interested in are the external traffic stats above for billing and analysis purposes. What would be the simplest and the easiest solution? Cheers George

    Read the article

  • Cisco ASA - VPN and Hairpinning....

    - by Nordberg
    Hi, We have 2 sites that will be linked by a IPSEC VPN between 2 Cisco ASAs: Site 1 8Mb ADSL Connection Cisco ASA 505 Site 2 2Mb SDSL Connection Cisco ASA 505 Basically, both sites need access to a service at the end of another IPSEC VPN, Site 3, which I plan to terminate at Site 2. This is due to the way the service is sold - it's billed per gateway. So if both Site 1 and Site 2 had their own VPN connection to Site 3, it would cost us twice as much... Anyway, my idea is to have all traffic from Site 1 destined for Site 3 to go via the VPN between Site 1 and Site 2. The end result being all traffic that hits Site 3 has come via Site 2. I understand this is known as hairpinning but I'm struggling to find a great deal of information on how this is setup. So, firstly, can anyone confirm that what I'm trying to achieve is possible and, secondly, can anyone point me in the direction of an example of such a configuration? Many Thanks.

    Read the article

  • NFS or GFS for LVS 10 Server Setup

    - by Michael Robinson
    Currently we have a 10 servers LVS hosting setup. The people we hired to set it up did not anything about GFS which was our preferred Central Storage File System Solution. As we have tight time constraint, we just told them to use whatever they were familiar with which is NFS. I have since done some research and it seems that NFS is not ideal for the type of high traffic site we are hoping to build. I couldn't find much info online about the signaficance differences between the 2. As we to setup all servers again right now, should we stick with NFS or find someone who knows how to setup GFS amd go with that. We need a setup that is highly reliable and scalable as we intend. As after initial setup is done, we expect high increases in traffic and load.

    Read the article

  • windows server 2008 vs ubuntu 11 [closed]

    - by user472875
    I am working on implementing a custom server application that should be capable of handling a very large volume of traffic. I am aware that this type of question has been asked a lot, but I haven't been able to find a good answer. What I'm really looking for is for a server with given specs which OS will be able to handle a larger traffic faster and more reliably. I do not care about rights management or any other features. I am fairly good with both platforms, and so I would like to pick the OS with better performance on a clean install, and with nothing else running. Thanks in advance.

    Read the article

  • TCP Proxy on windows supporting SOCK5

    - by acidzombie24
    I been using privoxy just fine for the moment. However now i need to redirect non http traffic through a proxy that supports SOCK5. I looked at RINETD and spent some time googling (which led me to a SF question suggesting RINETD) but i couldnt figure out how to make it work. Specifically how to give it a listening port for my .NET apps to connect to and the SOCK5 proxy addr/port to connect to (.NET does not support using SOCK5 which is why i need a proxy). What is a simple to use proxy on windows? It must support TCP traffic (instead of only http) and supports SOCK5. -edit- portable solution preferred. I should be able to run it on my usb stick under a limited user.

    Read the article

  • can Snort be installed on VPS?

    - by jack
    Hi Linux Admins I want the maximum security for my linux vps. I found many tutorials round the net but it doesn't cover the Snort. Only those like portentry, logsentry, tripwire and so on. So I'm beginning to think that Snort is not appropriate for a linux host. I think it's suitable only as a proxy/middle-man that checks traffic before passing to acutual targets. I'd like to whether Snort can be installed on VPS which serves typical servers like web/mail. Can Snort be in complict with OSSEC which I think it doesn't check the traffic but the log files only for Intrusion Detection/Anomaly? Thank you.

    Read the article

  • Unable to access internal network through PfSense WAN port

    - by Sean
    Our branch office is unable to connect to our internal network for some reason. However we can connect to the branch office domain controller from behind PfSense. The following is our setup: |Branch DC - 192.168.0.101 | |Branch Firewall - 192.168.0.2 | |(Internet) | |Local Firewall - 192.168.3.1 | |PFSense WAN port - 192.168.3.100 |PFSense LAN port - 192.168.1.1 | | DC1 - 192.168.1.2|DC2 - 192.168.1.4 Branch DC can ping and connect to PFSense WebGUI on the WAN port successfully (we set this up using the PfSense documentation). DC1 and DC2 can connect outbound to the Branch DC. There seems to be a rule that prevents internal access on the WAN port. However our rules are set to allow all traffic on the LAN and WAN ports. It would be ideal to just disable the firewall altogether since we already have a firewall but when we do this, PfSense doesn't allow any internal traffic at all. I look forward to any assistance and thank you ahead of time.

    Read the article

  • How can I secure Postgres for remote access when not in a private network?

    - by orokusaki
    I have a database server on a VMWare VM (Ubuntu 12.04.1 LTS server), and it just occurred to me that the server is accessible via the web, since the same physical server contains a VM that hosts public websites. My iptables in the database are such that only SSH traffic, loopback traffic, and TCP on port 5432 are allowed. I will only allow host access to the Postgres server from the IP of the other VM on the same physical machine. Does this seem sufficient for security, assuming there aren't gaping holes in my general OS configuration, or is Postgres one of those services that should never be web facing, (assuming there are some of "those"). Will I need to use hostssl instead of host in my pg_hba.conf, even though the data will travel only on my own network, presumably?

    Read the article

  • Load balancing two web servers with ultra monkey

    - by Mark L
    Hello, In 2006 a company I was working with setup two load balancers to balance traffic between two web servers. We used ultra monkey to do so. I'm hoping to do the same now. My question: Would anyone recommend using ultra monkey to balance traffic between two linux boxes running apache? Are there other linux-based alternatives which have since proven to be better for this task? Would you still install debian sarge on a load balancer given it's age? Thanks everyone!

    Read the article

  • monitoring TCP/IP performance on Solaris

    - by Andy Faibishenko
    I am trying to tune a high message traffic system running on Solaris. The architecture is a large number (600) of clients which connect via TCP to a big Solaris server and then send/receive relatively small messages (.5 to 1K payload) at high rates. The goal is to minimize the latency of each message processed. I suspect that the TCP stack of the server is getting overwhelmed by all the traffic. What are some commands/metrics that I can use to confirm this, and in case this is true, what is the best way to alleviate this bottleneck?

    Read the article

  • How to configure QoS on home router

    - by Joril
    I have a USR9105 router and I'd like to configure its QoS to prioritize web traffic (browser) over everything else (e.g. torrents). I'm confused by its interface though: "IP precedence" allows selecting a number from 0 to 7, while "IP type of service" can be one of "Normal Service", "Minimize cost", "Maximize reliability", "Maximize throughput" and "Minimize delay". How should I set it up? Is QoS the wrong solution to avoiding torrents slowing down browsing to a crawl? Should I set up a proxy and traffic shaping instead?

    Read the article

  • How to configure QoS on home router

    - by Joril
    I have a USR9105 router and I'd like to configure its QoS to prioritize web traffic (browser) over everything else (e.g. torrents). I'm confused by its interface though: "IP precedence" allows selecting a number from 0 to 7, while "IP type of service" can be one of "Normal Service", "Minimize cost", "Maximize reliability", "Maximize throughput" and "Minimize delay". How should I set it up? Is QoS the wrong solution to avoiding torrents slowing down browsing to a crawl? Should I set up a proxy and traffic shaping instead?

    Read the article

< Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >