Search Results

Search found 421 results on 17 pages for 'vlan'.

Page 9/17 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

  • Network throughput issue (ARP-related)

    - by Joel Coel
    The small college where I work is having some very strange network issues. I'm looking for any advice or ideas here. We were fine over the summer, but the trouble began few days after students returned to campus in force for the fall term. Symptoms The main symptom is that internet access will work, but it's very slow... often to the point of timeouts. As an example, a typical result from Speedtest.net will return .4Mbps download, but allow 3 to 8 Mbps upload speed. Lesser symptoms may include severely limited performance transferring data to and from our file server, or even in some cases the inability to log in to the computer (cannot reach the domain controller). The issue crosses multiple vlans, and has effected devices on nearly every vlan we operate. The issue does not impact all machines on the network. An unaffected machine will typically see at least 11Mbps download from speedtest.net, and perhaps much more depending on larger campus traffic patterns at the time. There is one variation on the larger issue. We have one vlan where users were unable to log into nearly all of the machines at all. IT staff would log in using a local administrator account (or in some cases cached credentials), and from there a release/renew or pinging the gateway would allow the machine to work... for a while. Complicating this issue is that this vlan covers our computer labs, which use software called Deep Freeze to completely reset the hard drives after a reboot. It could just the same issue manifesting differently because of stale data on machines that have not permanently altered low-level info for weeks. We were able to solve this, however, by creating a new vlan and moving the labs over to the new vlan wholesale. Instigations Eventually we noticed that the effected machines all had recent dhcp leases. We can predict when a machine will become "slow" by watching when a dhcp lease comes up for renewal. We played with setting the lease time very short for a test vlan, but all that did was remove our ability to predict when the machine would become slow. Machines with static IPs have pretty much always worked normally. Manually releasing/renewing an address will never cause a machine to become slow. In fact, in some cases this process has fixed a machine in that state. Most of the time, though, it doesn't help. We also noticed that mobile machines like laptops are likely to become slow when they cross to new vlans. Wireless on campus is divided up into "zones", where each zone maps to a small set of buildings. Moving to a new building can place you in a zone, thereby causing you to get a new address. A machine resuming from sleep mode is also very likely to be slow. Mitigations Sometimes, but not always, clearing the arp cache on an effected machine will allow it to work normally again. As already mentioned, releasing/renewing a local machine's IP address can fix that machine, but it's not guaranteed. Pinging the default gateway can also sometimes help with a slow machine. What seems to help most to mitigate the issue is clearing the arp cache on our core layer-3 switch. This switch is used for our dhcp system as the default gateway on all vlans, and it handles inter-vlan routing. The model is a 3Com 4900SX. To try to mitigate the issue, we have the cache timeout set on the switch all the way down to the lowest possible time, but it hasn't helped. I also put together a script that runs every few minutes to automatically connect to the switch and reset the cache. Unfortunately, this does not always work, and can even cause some machines to end up in the slow state for a short time (though these seem to correct themselves after a few minutes). We currently have a scheduled job that runs every 10 minutes to force the core switch to clear it's ARP cache, but this is far from perfect or desirable. Reproduction We now have a test machine that we can force into the slow state at will. It is connected to a switch with ports set up for each of our vlans. We make the machine slow by connecting to different vlans, and after a new connection or two it will be slow. It's also worth noting in this section that this has happened before at the start of prior terms, but in the past the problem has gone away on it's own after a few days. It solved itself before we had a chance to do much diagnostic work... hence why we've allowed it to drag so long into the term this time 'round; the expectation was this would be a short-lived situation. Other Factors It's worth mentioning that we have had about half a dozen switches just outright fail over the last year. These are mainly 2003/2004-era 3Coms (mostly 4200's) that were all put in at about the same time. They should still be covered under warranty, buy HP has made getting service somewhat difficult. Mostly in power supplies that have failed, but in a couple cases we have used a power supply from a switch with a failed mainboard to bring a switch with a failed power supply back to life. We do have UPS devices on all but three of four switches now, but that was not the case when I started two and a half years ago. Severe budget constraints (we were on the Dept. of Ed's financially challenged institutions list a couple years back) have forced me to look to the likes of Netgear and TrendNet for replacements, but so far these low-end models seem to be holding their own. It's also worth mentioning that the big change on our network this summer was migrating from a single cross-campus wireless SSID to the zoned approach mentioned earlier. I don't think this is the source of the issue, as like I've said: we've seen this before. However, it's possible this is exacerbating the issue, and may be much of the reason it's been so hard to isolate. Diagnosis At first it seemed clear to us, given the timing and persistent nature of the problem, that the source of the issue was an infected (or malicious) student machine doing ARP cache poisoning. However, repeated attempts to isolate the source have failed. Those attempts include numerous wireshark packet traces, and even taking entire buildings offline for brief periods. We have not been able even to find a smoking gun bad ARP entry. My current best guess is an overloaded or failing core switch, but I'm not sure on how to test for this, and the cost of replacing it blindly is steep. Again, any ideas appreciated.

    Read the article

  • Hyper-V server 2012 nic teaming setup and virtual switch configuration

    - by Calvin
    I have a server with 2 nics. I installed Hyper-v 2012 server (not windows server 2012, no gui) I am trying to set up load balancing. I have both nics in the same switch currently in trunk mode and no native vlan. I use the new-netlbfoteam command to create a team with both nics, I can then "set-netlbfoteamnic "Nic Team" -vlanid 4" so that its available to me with a DHCP or static address but as soon as I try to create a virtual switch it becomes unresponsive. My guess is that is due to it removing the vlan tagging I setup. if I add-netlbfoteamnic and set it for vlan 4, then set the IP I can ping it from my management computer but I just get an error "an error occurred while attempting to connect to server "xxxxxx" Check that the Virtual Machine Management service is running and that you are authorized to connect to the server."

    Read the article

  • Does IP helper forward subnet broadcasts?

    - by Eamon
    Hi, I have a device on a VLAN that uses UDP subnet broadcasts to advertise its presence to similar devices. This works fine on a single VLAN, but now I need to allow it to communicate with similar devices on a second VLAN. I thought of using the IP helper command in the router, but I am wondering if that only forwards global broadcasts (255.255.255.255)? My device sends out a subnet broadcast (e.g. 192.168.6.255) Will IP helper change the destination address to the target subnet (e.g. 192.168.7.255)? Eamon

    Read the article

  • Force10 S60 remote management

    - by StaringSkyward
    We've got a Force10 S60 switch to replace an older Cisco. I can't find a way to give the switch itself an IP address on the local VLAN so I can ssh to it. The config guide talks about using either a management interface on a separate management network or dedicating e.g. a gigabit port as a management port with a dedicated IP address. Ideally I would like to do what we do currently with the Cisco switches, which is in effect give the entire switch an IP so it can be reached from any host on the same VLAN without having to use up a physical port on the switch or physically connect the management port to another device. Is this possible with the S60 and if so, how would you give it, say the address 10.0.1.1 in vlan 10 (10.0.1.1/24)? Thanks!!!

    Read the article

  • How to set up wireless access on a Cisco router

    - by Carlos
    Hi, I've set up my 877W according to the configuration listed in this forum post: IPTV over Cisco 877 (It's the working configuration at the bottom of the post) Note that I have an 877W, so it also has a wireless radio. Now, I've gotten the whole setup to work, so IPTV is working, and I can access the internet via the ethernet ports. Now I'm trying to figure out how to allow access via the dot11radio interface. I've gathered that I basically need to create a bridge group, and bridge the radio to the internet VLAN. However, when I add a bridge-group 2 command to VLAN1, it seems to take down the whole internet VLAN. (The IPTV continues to work.) This makes the router itself inaccessible (I've got a laptop, so no serial) and I end up having to reboot the router. Can anyone tell me how to a) Allow wireless access to the internet (preferably with WEP, to match my old router) b) Determine what makes the router inaccessible when I add the new bridge group c) Forward the IPTV traffic onto a machine on my internet VLAN

    Read the article

  • How to assign single port into multiple vlans

    - by maroof Qadri
    Hi.. I have cisco switch 3560 and want to create vlans where in i can have a single port in multiple vlans. I tried creating one port e.g fa0/23 as trunk and then allowed it through multiple vlans but it doesnt work. The said port fa0/23 is not traceable through vlans. Example of what i am looking to establish. Vlan 1 : fa0/1 , fa0/2 , fa0/23 vlan 2 : fa0/3, fa0/4,fa0/23 vlan 3 : fa0/5,fa0/6,fa0/23 The Switchport multi command is not working on this switch which i always execute on cisco catalys 3500xl

    Read the article

  • Determining Maximum Txpower a WiFi Card Supports?

    - by BigGenius
    I have a Atheros R9285 wifi card. How can i determine , what is max. Txpower it can support? biggenius@hackbook:~$ iwconfig lo no wireless extensions. wlan0 IEEE 802.11abgn ESSID:"Default" Mode:Managed Frequency:2.437 GHz Access Point: 00:08:5C:9D:4F:40 Bit Rate=2 Mb/s Tx-Power=35 dBm Retry long limit:7 RTS thr:off Fragment thr:off Power Management:on Link Quality=24/70 Signal level=-86 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:140 Invalid misc:247 Missed beacon:0 eth0 no wireless extensions. biggenius@hackbook:~$ iw phy0 info Wiphy phy0 Band 1: Capabilities: 0x11ce HT20/HT40 SM Power Save disabled RX HT40 SGI TX STBC RX STBC 1-stream Max AMSDU length: 3839 bytes DSSS/CCK HT40 Maximum RX AMPDU length 65535 bytes (exponent: 0x003) Minimum RX AMPDU time spacing: 8 usec (0x06) HT TX/RX MCS rate indexes supported: 0-7 Frequencies: * 2412 MHz [1] (35.0 dBm) * 2417 MHz [2] (35.0 dBm) * 2422 MHz [3] (35.0 dBm) * 2427 MHz [4] (35.0 dBm) * 2432 MHz [5] (35.0 dBm) * 2437 MHz [6] (35.0 dBm) * 2442 MHz [7] (35.0 dBm) * 2447 MHz [8] (35.0 dBm) * 2452 MHz [9] (35.0 dBm) * 2457 MHz [10] (35.0 dBm) * 2462 MHz [11] (35.0 dBm) * 2467 MHz [12] (35.0 dBm) * 2472 MHz [13] (35.0 dBm) * 2484 MHz [14] (35.0 dBm) Bitrates (non-HT): * 1.0 Mbps * 2.0 Mbps (short preamble supported) * 5.5 Mbps (short preamble supported) * 11.0 Mbps (short preamble supported) * 6.0 Mbps * 9.0 Mbps * 12.0 Mbps * 18.0 Mbps * 24.0 Mbps * 36.0 Mbps * 48.0 Mbps * 54.0 Mbps Band 2: Capabilities: 0x11ce HT20/HT40 SM Power Save disabled RX HT40 SGI TX STBC RX STBC 1-stream Max AMSDU length: 3839 bytes DSSS/CCK HT40 Maximum RX AMPDU length 65535 bytes (exponent: 0x003) Minimum RX AMPDU time spacing: 8 usec (0x06) HT TX/RX MCS rate indexes supported: 0-7 Frequencies: * 5180 MHz [36] (35.0 dBm) * 5200 MHz [40] (35.0 dBm) * 5220 MHz [44] (35.0 dBm) * 5240 MHz [48] (35.0 dBm) * 5260 MHz [52] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5280 MHz [56] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5300 MHz [60] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5320 MHz [64] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5500 MHz [100] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5520 MHz [104] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5540 MHz [108] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5560 MHz [112] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5580 MHz [116] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5600 MHz [120] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5620 MHz [124] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5640 MHz [128] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5660 MHz [132] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5680 MHz [136] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5700 MHz [140] (35.0 dBm) (passive scanning, no IBSS, radar detection) * 5745 MHz [149] (35.0 dBm) * 5765 MHz [153] (35.0 dBm) * 5785 MHz [157] (35.0 dBm) * 5805 MHz [161] (35.0 dBm) * 5825 MHz [165] (35.0 dBm) Bitrates (non-HT): * 6.0 Mbps * 9.0 Mbps * 12.0 Mbps * 18.0 Mbps * 24.0 Mbps * 36.0 Mbps * 48.0 Mbps * 54.0 Mbps max # scan SSIDs: 4 max scan IEs length: 2257 bytes Coverage class: 0 (up to 0m) Supported Ciphers: * WEP40 (00-0f-ac:1) * WEP104 (00-0f-ac:5) * TKIP (00-0f-ac:2) * CCMP (00-0f-ac:4) * CMAC (00-0f-ac:6) Available Antennas: TX 0x1 RX 0x3 Configured Antennas: TX 0x1 RX 0x3 Supported interface modes: * IBSS * managed * AP * AP/VLAN * WDS * monitor * mesh point * P2P-client * P2P-GO software interface modes (can always be added): * AP/VLAN * monitor valid interface combinations: * #{ managed, WDS, P2P-client } <= 2048, #{ AP, mesh point, P2P-GO } <= 8, total <= 2048, #channels <= 1 Supported commands: * new_interface * set_interface * new_key * new_beacon * new_station * new_mpath * set_mesh_params * set_bss * authenticate * associate * deauthenticate * disassociate * join_ibss * join_mesh * remain_on_channel * set_tx_bitrate_mask * action * frame_wait_cancel * set_wiphy_netns * set_channel * set_wds_peer * Unknown command (82) * Unknown command (81) * Unknown command (84) * Unknown command (87) * Unknown command (85) * testmode * connect * disconnect Supported TX frame types: * IBSS: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * managed: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * AP: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * AP/VLAN: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * mesh point: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * P2P-client: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * P2P-GO: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 Supported RX frame types: * IBSS: 0x00d0 * managed: 0x0040 0x00d0 * AP: 0x0000 0x0020 0x0040 0x00a0 0x00b0 0x00c0 0x00d0 * AP/VLAN: 0x0000 0x0020 0x0040 0x00a0 0x00b0 0x00c0 0x00d0 * mesh point: 0x00b0 0x00c0 0x00d0 * P2P-client: 0x0040 0x00d0 * P2P-GO: 0x0000 0x0020 0x0040 0x00a0 0x00b0 0x00c0 0x00d0 Device supports RSN-IBSS.

    Read the article

  • interactive login on cgi script

    - by raindrop18
    I am new for perl-cgi script. and my objective is to create user/pass interactive script to log and get information from multiple device at once. instead of add the user/pass credential on the script itself. since i am new if some one show me how to write the interactive part of the script. thanks much!!! here is the current code usr/local/bin/perl -wl use CGI ':standard'; use Net::Telnet::Cisco; ### set the error fields to nulls $selerror = ""; ### Input from the screen - make sure data was input if (param() and param('Switches') ne "" and (param('Mac') ne "" or param('Interface Description') ne "" or param('VLAN') ne "" )) { ### Put the input devices into an array. @devices = param('Switches'); ### format the header data print header(); print start_html(-title=>"ShowSwitches",-BGCOLOR=>'aqua'); print "\n",h1("<CENTER>Show Switches</CENTER>"); print "\n",hr(),"\n"; ### Go thru the device array. foreach(@devices) { $error_msg = ""; $TAC_login_error = ""; $open_error = ""; $retry_open_error = ""; $prompt_error = ""; $password_error = ""; ### Take input host and use to send to Telnet $host = $_; $session = Net::Telnet::Cisco->new(Errmode => 'return', Timeout => 30); ### Connect to the host $session->open(Host =>"$host", Timeout => 15); $open_error = $session->errmsg; ### Login with TACACS if host can be connected to if ($open_error eq "") { $session->login('USER', 'PASS'); $TAC_login_error = $session->errmsg; ### Login with TACACS failed - try standard login if ($TAC_login_error ne "") { ### Connect to host $session->open(Host =>"$host", Timeout => 15); $retry_open_error = $session->errmsg; ### Wait for password prompt - multiple matches - devices may have different device prompts. if ($retry_open_error eq "") { $session->waitfor(Match => '/Password:.*$/', Match => '/Enter password:.*$/', Timeout => 20); $prompt_error = $session->errmsg; if ($prompt_error eq "") { ### Input password $session->print('getmeout'); $password_error = $session->errmsg; $session->waitfor('/.*>$/'); $password_error = $session->errmsg; } } } } ### No errors, then issue "show commands". if ($open_error eq "" and ($TAC_login_error eq "" or $retry_open_error eq "") and $prompt_error eq "" and $password_error eq "") { ### Show Mac if (param('Mac')) { $cmd = 'sh mac'; @output = $session->cmd("$cmd"); $show_error = ""; $show_error = $session->errmsg; print "\n",h2($host . ' - ' . $cmd); if ($show_error ne "") { $error_msg = 'Error for show mac - ' . $show_error; print b($error_msg),(br); print hr(),"\n"; $error_msg = ''; } else { print pre(@output); print hr(),"\n"; } } ### Show Interface Description if (param('Interface Description')) { $cmd = 'sh interface description'; @output = $session->cmd("$cmd"); $show_error = ""; $show_error = $session->errmsg; print "\n",h2($host . ' - ' . $cmd); if ($show_error ne "") { $error_msg = 'Error for show mac - ' . $show_error; print b($error_msg),(br); print hr(),"\n"; $error_msg = ''; } else { print pre(@output); print hr(),"\n"; } } ### Show VLAN if (param('VLAN')) { $cmd = 'sh vlan'; @output = $session->cmd("$cmd"); $show_error = ""; $show_error = $session->errmsg; print "\n",h2($host . ' - ' . $cmd); if ($show_error ne "") { $error_msg = 'Error for show vlan - ' . $show_error; print b($error_msg),(br); print hr(),"\n"; $error_msg = ''; } else { print pre(@output); print hr(),"\n"; } } } elsif ($TAC_login_error ne "" and $password_error ne "") { $error_msg = "Error - $host " . $TAC_login_error . ' - possible incorrect TACACS or standard password parameters on device.'; } elsif ($open_error ne "") { $error_msg = "Error - $host " . $open_error . ' - cannot connect to host - is it down??'; } elsif ($prompt_error ne "") { $error_msg = "Error - $host " . $prompt_error . ' - password prompt not recognized - invalid TACACS (or user) password.'; } elsif ($password_error ne "") { $error_msg = "Error - $host " . $password_error . ' - possible incorrect user/password parameters on device.'; } if ($error_msg ne "" ) { print b($error_msg),(br); print hr(),"\n"; } print hr(),"\n"; print end_html(),"\n"; } } else { ### No Show command was selected. if (param('Submit') and param('Mac') eq "" and param('Interface Description') eq "" and param('VLAN') eq "" ) { $selerror = 'No Show Displays were selected. Try again please!!'; } elsif ### No switch was selected. (param('Submit') and param('Switches') eq "") { $selerror = 'No devices were selected. Try again please!!'; } ### This formats the initial Show Web page. print header(-Pragma='no-cache'), start_html(-title=>"Show Displays",-BGCOLOR=>'aqua'), h1("<CENTER>Show Switches</CENTER>"),hr(), start_form(), b("Select Show Commands:"), br(), br(), checkbox(-name=>'Mac'), checkbox(-name=>'Interface Description'), checkbox(-name=>'VLAN'), br(),br(),hr(),br(), b("Select One or More Devices:"), br(), br(), scrolling_list (-name => 'Switches', -default=> "NONE", -values => ['cs6a', 'cs7a', 'cs7b', 'cs8b', 'cs9a', 'c9b', 'csa' ], -multiple => 'true', -size => 7, ), p(submit('Submit'),reset('Reset')), b($selerror), end_form(),hr(), end_html(); } #

    Read the article

  • interactive login on perl cgi script- updated question [closed]

    - by raindrop18
    I am new for perl-cgi script. and my objective is to create user/pass interactive script to log and get information from multiple device at once. instead of add the user/pass credential on the script itself. since i am new if some one show me how to write the interactive part of the script. thanks much!!! here is the current code usr/local/bin/perl -wl use CGI ':standard'; use Net::Telnet::Cisco; # ### set the error fields to nulls $selerror = ""; # ### Input from the screen - make sure data was input if (param() and param('Switches') ne "" and (param('Mac') ne "" or param('Interface Description') ne "" or param('VLAN') ne "" )) { # ### Put the input devices into an array. @devices = param('Switches'); # ### format the header data print header(); print start_html(-title=>"ShowSwitches",-BGCOLOR=>'aqua'); print "\n",h1("<CENTER>Show Switches</CENTER>"); print "\n",hr(),"\n"; # ### Go thru the device array. foreach(@devices) { $error_msg = ""; $TAC_login_error = ""; $open_error = ""; $retry_open_error = ""; $prompt_error = ""; $password_error = ""; # ### Take input host and use to send to Telnet $host = $_; $session = Net::Telnet::Cisco->new(Errmode => 'return', Timeout => 30); # ### Connect to the host $session->open(Host =>"$host", Timeout => 15); $open_error = $session->errmsg; # ### Login with TACACS if host can be connected to if ($open_error eq "") { $session->login('USER', 'PASS'); $TAC_login_error = $session->errmsg; # ### Login with TACACS failed - try standard login if ($TAC_login_error ne "") { # ### Connect to host $session->open(Host =>"$host", Timeout => 15); $retry_open_error = $session->errmsg; # ### Wait for password prompt - multiple matches - devices may have different device prompts. if ($retry_open_error eq "") { $session->waitfor(Match => '/Password:.*$/', Match => '/Enter password:.*$/', Timeout => 20); $prompt_error = $session->errmsg; if ($prompt_error eq "") { # ### Input password $session->print('getmeout'); $password_error = $session->errmsg; $session->waitfor('/.*>$/'); $password_error = $session->errmsg; } } } } # ### No errors, then issue "show commands". if ($open_error eq "" and ($TAC_login_error eq "" or $retry_open_error eq "") and $prompt_error eq "" and $password_error eq "") { # ### Show Mac if (param('Mac')) { $cmd = 'sh mac'; @output = $session->cmd("$cmd"); $show_error = ""; $show_error = $session->errmsg; print "\n",h2($host . ' - ' . $cmd); if ($show_error ne "") { $error_msg = 'Error for show mac - ' . $show_error; print b($error_msg),(br); print hr(),"\n"; $error_msg = ''; } else { print pre(@output); print hr(),"\n"; } } # ### Show Interface Description if (param('Interface Description')) { $cmd = 'sh interface description'; @output = $session->cmd("$cmd"); $show_error = ""; $show_error = $session->errmsg; print "\n",h2($host . ' - ' . $cmd); if ($show_error ne "") { $error_msg = 'Error for show mac - ' . $show_error; print b($error_msg),(br); print hr(),"\n"; $error_msg = ''; } else { print pre(@output); print hr(),"\n"; } } # ### Show VLAN if (param('VLAN')) { $cmd = 'sh vlan'; @output = $session->cmd("$cmd"); $show_error = ""; $show_error = $session->errmsg; print "\n",h2($host . ' - ' . $cmd); if ($show_error ne "") { $error_msg = 'Error for show vlan - ' . $show_error; print b($error_msg),(br); print hr(),"\n"; $error_msg = ''; } else { print pre(@output); print hr(),"\n"; } } } elsif ($TAC_login_error ne "" and $password_error ne "") { $error_msg = "Error - $host " . $TAC_login_error . ' - possible incorrect TACACS or standard password parameters on device.'; } elsif ($open_error ne "") { $error_msg = "Error - $host " . $open_error . ' - cannot connect to host - is it down??'; } elsif ($prompt_error ne "") { $error_msg = "Error - $host " . $prompt_error . ' - password prompt not recognized - invalid TACACS (or user) password.'; } elsif ($password_error ne "") { $error_msg = "Error - $host " . $password_error . ' - possible incorrect user/password parameters on device.'; } if ($error_msg ne "" ) { print b($error_msg),(br); print hr(),"\n"; } print hr(),"\n"; print end_html(),"\n"; } } else { # ### No Show command was selected. if (param('Submit') and param('Mac') eq "" and param('Interface Description') eq "" and param('VLAN') eq "" ) { $selerror = 'No Show Displays were selected. Try again please!!'; } elsif # ### No switch was selected. (param('Submit') and param('Switches') eq "") { $selerror = 'No devices were selected. Try again please!!'; } # ### This formats the initial Show Web page. print header(-Pragma=>'no-cache'), start_html(-title=>"Show Displays",-BGCOLOR=>'aqua'), h1("<CENTER>Show Switches</CENTER>"),hr(), start_form(), b("Select Show Commands:"), br(), br(), checkbox(-name=>'Mac'), checkbox(-name=>'Interface Description'), checkbox(-name=>'VLAN'), br(),br(),hr(),br(), b("Select One or More Devices:"), br(), br(), scrolling_list (-name => 'Switches', -default=> "NONE", -values => ['cs6a', 'cs7a', 'cs7b', 'cs8b', 'cs9a', 'c9b', 'csa' ], -multiple => 'true', -size => 7, ), p(submit('Submit'),reset('Reset')), b($selerror), end_form(),hr(), end_html(); } #

    Read the article

  • [Wireless LAN]hostapd is giving error whwn running in target board

    - by Renjith G
    hi, I got the following error when i tried to run the hostapd command in my target board. Any idea about this? /etc # hostapd -dd hostapd.conf Configuration file: hostapd.conf madwifi_set_iface_flags: dev_up=0 madwifi_set_privacy: enabled=0 BSS count 1, BSSID mask ff:ff:ff:ff:ff:ff (0 bits) Flushing old station entries madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3 ioctl[IEEE80211_IOCTL_SETMLME]: Invalid argument madwifi_sta_deauth: Failed to deauth STA (addr ff:ff:ff:ff:ff:ff reason 3) Could not connect to kernel driver. Deauthenticate all stations madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=2 ioctl[IEEE80211_IOCTL_SETMLME]: Invalid argument madwifi_sta_deauth: Failed to deauth STA (addr ff:ff:ff:ff:ff:ff reason 2) madwifi_set_privacy: enabled=0 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=0 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=1 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=2 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=3 Using interface ath0 with hwaddr 00:0b:6b:33:8c:30 and ssid '"RG_WLAN Testing Renjith G"' SSID - hexdump_ascii(len=27): 22 52 47 5f 57 4c 41 4e 20 54 65 73 74 69 6e 67 "RG_WLAN Testing 20 52 65 6e 6a 69 74 68 20 47 22 Renjith G" PSK (ASCII passphrase) - hexdump_ascii(len=12): 6d 79 70 61 73 73 70 68 72 61 73 65 mypassphrase PSK (from passphrase) - hexdump(len=32): 70 6f a6 92 da 9c a8 3b ff 36 85 76 f3 11 9c 5e 5d 4a 4b 79 f4 4e 18 f6 b1 b8 09 af 6c 9c 6c 21 madwifi_set_ieee8021x: enabled=1 madwifi_configure_wpa: group key cipher=1 madwifi_configure_wpa: pairwise key ciphers=0xa madwifi_configure_wpa: key management algorithms=0x2 madwifi_configure_wpa: rsn capabilities=0x0 madwifi_configure_wpa: enable WPA=0x1 WPA: group state machine entering state GTK_INIT (VLAN-ID 0) GMK - hexdump(len=32): [REMOVED] GTK - hexdump(len=32): [REMOVED] WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0) madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1 madwifi_set_privacy: enabled=1 madwifi_set_iface_flags: dev_up=1 ath0: Setup of interface done. l2_packet_receive - recvfrom: Network is down Wireless event: cmd=0x8b1a len=40 Register Fail Register Fail WPA: group state machine entering state SETKEYS (VLAN-ID 0) GMK - hexdump(len=32): [REMOVED] GTK - hexdump(len=32): [REMOVED] wpa_group_setkeys: GKeyDoneStations=0 WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0) madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=2 Signal 2 received - terminating Flushing old station entries madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3 ioctl[IEEE80211_IOCTL_SETMLME]: Invalid argument madwifi_sta_deauth: Failed to deauth STA (addr ff:ff:ff:ff:ff:ff reason 3) Could not connect to kernel driver. Deauthenticate all stations madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=2 ioctl[IEEE80211_IOCTL_SETMLME]: Invalid argument madwifi_sta_deauth: Failed to deauth STA (addr ff:ff:ff:ff:ff:ff reason 2) madwifi_set_privacy: enabled=0 madwifi_set_ieee8021x: enabled=0 madwifi_set_iface_flags: dev_up=0

    Read the article

  • Issue with VMWare vSphere and NFS: re occurring apd state

    - by Bastian N.
    I am experiencing issues with VMWare vSphere 5.1 and NFS storage on 2 different setups, which result in an "All Path Down" state for the NFS shares. This first happened once or twice a day, but lately it occurs much more frequent, as specially when Acronis Backup jobs are running. Setup 1 (Production): 2 ESXi 5.1 hosts (Essentials Plus) + OpenFiler with NFS as storage Setup 2 (Lab): 1 ESXi 5.1 host + Ubuntu 12.04 LTS with NFS as storage Here is an example from the vmkernel.log: 2013-05-28T08:07:33.479Z cpu0:2054)StorageApdHandler: 248: APD Timer started for ident [987c2dd0-02658e1e] 2013-05-28T08:07:33.479Z cpu0:2054)StorageApdHandler: 395: Device or filesystem with identifier [987c2dd0-02658e1e] has entered the All Paths Down state. 2013-05-28T08:07:33.479Z cpu0:2054)StorageApdHandler: 846: APD Start for ident [987c2dd0-02658e1e]! 2013-05-28T08:07:37.485Z cpu0:2052)NFSLock: 610: Stop accessing fd 0x410007e4cf28 3 2013-05-28T08:07:37.485Z cpu0:2052)NFSLock: 610: Stop accessing fd 0x410007e4d0e8 3 2013-05-28T08:07:41.280Z cpu1:2049)StorageApdHandler: 277: APD Timer killed for ident [987c2dd0-02658e1e] 2013-05-28T08:07:41.280Z cpu1:2049)StorageApdHandler: 402: Device or filesystem with identifier [987c2dd0-02658e1e] has exited the All Paths Down state. 2013-05-28T08:07:41.281Z cpu1:2049)StorageApdHandler: 902: APD Exit for ident [987c2dd0-02658e1e]! 2013-05-28T08:07:52.300Z cpu1:3679)NFSLock: 570: Start accessing fd 0x410007e4d0e8 again 2013-05-28T08:07:52.300Z cpu1:3679)NFSLock: 570: Start accessing fd 0x410007e4cf28 again As long as the issue occurred once or twice a day it really wasn't a problem, but now this issue has impact on the VMs. The VMs get slow or even hang, resulting in a reset through vCenter in the production environment. I searched the web extensively and asked in forums, but till now nobody was able to help me. Based on blog posts and VMWare KB articles I tried the following NFS settings: Net.TcpipHeapSize = 32 Net.TcpipHeapMax = 128 NFS.HartbeatFrequency = 12 NFS.HartbeatMaxFailures = 10 NFS.HartbeatTimeout = 5 NFS.MaxQueueDepth = 64 Instead of NFS.MaxQueueDepth = 64 I already tried other settings like NFS.MaxQueueDepth = 32 or even NFS.MaxQueueDepth = 1. Unfortunately without any luck. It would be great if someone could help me on this issue. It is really annoying. Thanks in advance for all the help. [UPDATE] As I explained in the comment below, here is the network setup: On the production setup the NFS traffic is bound to a separate VLAN with ID 20. I am using a HP 1810 24 Port Switch. The OpenFiler system is connected to the VLAN with 4 Intel GbE NICs with dynamic LACP. The ESXis both have 4 Intel GbE NICs using 2 static LACP trunks containing 2 NICs each. One pair is connected to the regular LAN and the other one to the VLAN 20. And here is a screenshot of the vSwitch: Switch configuration: Port configuration: On the lab setup its a single Intel NIC on each side without VLAN, but with different IP subnet.

    Read the article

  • Spanning-tree setup with incompatible switches

    - by wfaulk
    I have a set of eight HP ProCurve 2910al-48G Ethernet switches at my datacenter that are set up in a star topology with no physical loops. I want to partially mesh the switches for redundancy and manage the loops with a spanning-tree protocol. However, our connection to the datacenter is provided by two uplinks, each to a Cisco 3750. The datacenter's switches are handling the redundant connection using PVST spanning-tree, which is a Cisco-proprietary spanning-tree implementation that my HP switches do not support. It appears that my switches are not participating in the datacenter's spanning-tree domain, but are blindly passing the BPDUs between the two switchports on my side, which enables the datacenter's switches to recognize the loop and put one of the uplinks into the Blocking state. This is somewhat supposition, but I can confirm that, while my switches say that both of the uplink ports are forwarding, only one is passing any real quantity of data. (I am assuming that I cannot get the datacenter to move away from PVST. I don't know that I'd want them to make that significant of a change anyway.) The datacenter has also sent me this output from their switches (which I have expurgated of any identifiable info): 3750G-1#sh spanning-tree vlan nnn VLAN0nnn Spanning tree enabled protocol ieee Root ID Priority 10 Address 00d0.0114.xxxx Cost 4 Port 5 (GigabitEthernet1/0/5) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32mmm (priority 32768 sys-id-ext nnn) Address 0018.73d3.yyyy Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Gi1/0/5 Root FWD 4 128.5 P2p Gi1/0/6 Altn BLK 4 128.6 P2p Gi1/0/8 Altn BLK 4 128.8 P2p and: 3750G-2#sh spanning-tree vlan nnn VLAN0nnn Spanning tree enabled protocol ieee Root ID Priority 10 Address 00d0.0114.xxxx Cost 4 Port 6 (GigabitEthernet1/0/6) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32mmm (priority 32768 sys-id-ext nnn) Address 000f.f71e.zzzz Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Gi1/0/1 Desg FWD 4 128.1 P2p Gi1/0/5 Altn BLK 4 128.5 P2p Gi1/0/6 Root FWD 4 128.6 P2p Gi1/0/8 Desg FWD 4 128.8 P2p The uplinks to my switches are on Gi1/0/8 on both of their switches. The uplink ports are configured with a single tagged VLAN. I am also using a number of other tagged VLANs in my switch infrastructure. And, to be clear, I am passing the tagged VLAN I'm receiving from the datacenter to other ports on other switches in my infrastructure. My question is: how do I configure my switches so that I can use a spanning tree protocol inside my switch infrastructure without breaking the datacenter's spanning tree that I cannot participate in?

    Read the article

  • cisco parse show command

    - by tintifaxx
    I want to write a perl script which logs into cisco switches via telnet and parses the output of show mac-address-table. The problem is that different switches show me a different field layout. The WS-C3548-XL shows the fields in the order Destination Address Address Type VLAN Destination Port while the C2960 shows it like Vlan Mac Address Type Ports is there a way to tell show to print the fields in a predefined order?

    Read the article

  • Atheros Wireless card shows up as two different models?

    - by geermc4
    Hi I've been fighting these wireless drivers for a few days and just recently i noticed that the model the Wireless controller appears in lspci is different sometimes. This is the data i have after installing Ubuntu Server 64 bit ~# lspci -k .... 04:00.0 Network controller: Atheros Communications Inc. AR9285 Wireless Network Adapter (PCI-Express) (rev 01) Subsystem: AzureWave Device 1d89 Kernel driver in use: ath9k Kernel modules: ath9k ran some updates, restarted, all was good, all though it did say that linux-headers-server linux-image-server linux-server where beeing kept back. After that i installed ubuntu-desktop (aptitude install ubuntu-desktop --without-recommends) restarted and not only is the wireless not working anymore, but the hardware is listed as a different card ~# lspci -k .... 04:00.0 Ethernet controller: Atheros Communications Inc. AR5008 Wireless Network Adapter (rev 01) has no available drivers for it, still i tried to modprobe ath9k, they show up in lsmod as loaded, but still iw list shows nothing. this is what it looked like before the ubuntu-desktop instalation Wiphy phy0 Band 1: Capabilities: 0x11ce HT20/HT40 SM Power Save disabled RX HT40 SGI TX STBC RX STBC 1-stream Max AMSDU length: 3839 bytes DSSS/CCK HT40 Maximum RX AMPDU length 65535 bytes (exponent: 0x003) Minimum RX AMPDU time spacing: 8 usec (0x06) HT TX/RX MCS rate indexes supported: 0-7 Frequencies: * 2412 MHz [1] (14.0 dBm) * 2417 MHz [2] (15.0 dBm) * 2422 MHz [3] (15.0 dBm) * 2427 MHz [4] (15.0 dBm) * 2432 MHz [5] (15.0 dBm) * 2437 MHz [6] (15.0 dBm) * 2442 MHz [7] (15.0 dBm) * 2447 MHz [8] (15.0 dBm) * 2452 MHz [9] (15.0 dBm) * 2457 MHz [10] (15.0 dBm) * 2462 MHz [11] (15.0 dBm) * 2467 MHz [12] (15.0 dBm) (passive scanning) * 2472 MHz [13] (14.0 dBm) (passive scanning) * 2484 MHz [14] (17.0 dBm) (passive scanning) Bitrates (non-HT): * 1.0 Mbps * 2.0 Mbps (short preamble supported) * 5.5 Mbps (short preamble supported) * 11.0 Mbps (short preamble supported) * 6.0 Mbps * 9.0 Mbps * 12.0 Mbps * 18.0 Mbps * 24.0 Mbps * 36.0 Mbps * 48.0 Mbps * 54.0 Mbps max # scan SSIDs: 4 max scan IEs length: 2257 bytes Coverage class: 0 (up to 0m) Supported Ciphers: * WEP40 (00-0f-ac:1) * WEP104 (00-0f-ac:5) * TKIP (00-0f-ac:2) * CCMP (00-0f-ac:4) * CMAC (00-0f-ac:6) Available Antennas: TX 0x1 RX 0x3 Configured Antennas: TX 0x1 RX 0x3 Supported interface modes: * IBSS * managed * AP * AP/VLAN * WDS * monitor * mesh point * P2P-client * P2P-GO software interface modes (can always be added): * AP/VLAN * monitor interface combinations are not supported Supported commands: * new_interface * set_interface * new_key * new_beacon * new_station * new_mpath * set_mesh_params * set_bss * authenticate * associate * deauthenticate * disassociate * join_ibss * join_mesh * remain_on_channel * set_tx_bitrate_mask * action * frame_wait_cancel * set_wiphy_netns * set_channel * set_wds_peer * connect * disconnect Supported TX frame types: * IBSS: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * managed: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * AP: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * AP/VLAN: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * mesh point: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * P2P-client: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 * P2P-GO: 0x0000 0x0010 0x0020 0x0030 0x0040 0x0050 0x0060 0x0070 0x0080 0x0090 0x00a0 0x00b0 0x00c0 0x00d0 0x00e0 0x00f0 Supported RX frame types: * IBSS: 0x00d0 * managed: 0x0040 0x00d0 * AP: 0x0000 0x0020 0x0040 0x00a0 0x00b0 0x00c0 0x00d0 * AP/VLAN: 0x0000 0x0020 0x0040 0x00a0 0x00b0 0x00c0 0x00d0 * mesh point: 0x00b0 0x00c0 0x00d0 * P2P-client: 0x0040 0x00d0 * P2P-GO: 0x0000 0x0020 0x0040 0x00a0 0x00b0 0x00c0 0x00d0 Device supports RSN-IBSS. What's with the hardware change? If it has 2, how can i make the AR9285 always load and disable AR5008, or, is it the same and it's just showing it different? :| Oh and I've tried this on Ubuntu 10.04 server, xubuntu 12.04, ubuntu 12.04 desktop and server. Thanks in advanced. -- Here's some more info, i have it setup in 2 hard drives, 1 works and the other one i'm using to figure it out The one that works... # lshw -class network *-network description: Ethernet interface product: RTL8111/8168B PCI Express Gigabit Ethernet controller vendor: Realtek Semiconductor Co., Ltd. physical id: 0 bus info: pci@0000:03:00.0 logical name: eth0 version: 06 serial: 54:04:a6:a3:3b:96 size: 1Gbit/s capacity: 1Gbit/s width: 64 bits clock: 33MHz capabilities: pm msi pciexpress msix vpd bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd 1000bt 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=r8169 driverversion=2.3LK-NAPI duplex=full firmware=rtl_nic/rtl8168e-2.fw ip=192.168.2.147 latency=0 link=yes multicast=yes port=MII speed=1Gbit/s resources: irq:43 ioport:e000(size=256) memory:d0004000-d0004fff memory:d0000000-d0003fff *-network description: Wireless interface product: AR9285 Wireless Network Adapter (PCI-Express) vendor: Atheros Communications Inc. physical id: 0 bus info: pci@0000:04:00.0 logical name: wlan0 version: 01 serial: 74:2f:68:4a:26:73 width: 64 bits clock: 33MHz capabilities: pm msi pciexpress bus_master cap_list ethernet physical wireless configuration: broadcast=yes driver=ath9k driverversion=3.2.0-18-generic-pae firmware=N/A latency=0 link=no multicast=yes wireless=IEEE 802.11bgn resources: irq:18 memory:fea00000-fea0ffff Here's where it doesn't # lshw -class network *-network description: Ethernet interface product: RTL8111/8168B PCI Express Gigabit Ethernet controller vendor: Realtek Semiconductor Co., Ltd. physical id: 0 bus info: pci@0000:03:00.0 logical name: eth0 version: 06 serial: 54:04:a6:a3:3b:96 size: 1Gbit/s capacity: 1Gbit/s width: 64 bits clock: 33MHz capabilities: pm msi pciexpress msix vpd bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd 1000bt 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=r8169 driverversion=2.3LK-NAPI duplex=full firmware=rtl_nic/rtl8168e-2.fw ip=192.168.2.160 latency=0 link=yes multicast=yes port=MII speed=1Gbit/s resources: irq:43 ioport:e000(size=256) memory:d0004000-d0004fff memory:d0000000-d0003fff *-network UNCLAIMED description: Ethernet controller product: AR5008 Wireless Network Adapter vendor: Atheros Communications Inc. physical id: 0 bus info: pci@0000:04:00.0 version: 01 width: 64 bits clock: 33MHz capabilities: pm msi pciexpress bus_master cap_list configuration: latency=0 resources: memory:fea00000-fea0ffff Update I've noticed that if i blacklist the ath9k and ath9k_common modules lspci gives me the AR9285, but then I need to modprobe ath9k for it to work, does this make any sense? If so, why?

    Read the article

  • jQuery / jqGrids / Submitting form data troubles...

    - by Kelso
    Ive been messing with jqgrids alot of the last couple days, and I have nearly everything the way I want it from the display, tabs with different grids, etc. Im wanting to make use of Modal for adding and editing elements on my grid. My problem that Im running into is this. I have my editurl:"editsu.php" set, if that file is renamed, on edit, i get a 404 in the modal.. great! However, with that file in place, nothing at all seems to happen. I even put a die("testing"); line at the top, so it sees the file, it just doesnt do anything with it. Below is the content. ........ the index page jQuery("#landings").jqGrid({ url:'server.php?tid=1', datatype: "json", colNames:['ID','Tower','Sector', 'Client', 'VLAN','IP','DLink','ULink','Service','Lines','Freq','Radio','Serial','Mac'], colModel:[ {name:'id', index:'id', width : 50, align: 'center', sortable:true,editable:true,editoptions:{size:10}}, {name:'tower', index:'tower', width : 85, align: 'center', sortable:true,editable:false,editoptions:{readonly:true,size:30}}, {name:'sector', index:'sector', width : 50, align: 'center',sortable:true,editable:true,editoptions:{readonly:true,size:20}}, {name:'customer',index:'customer', width : 175, align: 'left', editable:true,editoptions:{readonly:true,size:35}}, {name:'vlan', index:'vlan', width : 35, align: 'left',editable:true,editoptions:{size:10}}, {name:'suip', index:'suip', width : 65, align: 'left',editable:true,editoptions:{size:20}}, {name:'datadl',index:'datadl', width:55, editable: true,edittype:"select",editoptions:{value:"<? $qr = qquery("select * from datatypes"); while ($q = ffetch($qr)) {echo "$q[id]:$q[name];";}?>"}}, {name:'dataul', index:'dataul', width : 55, editable: true,edittype:"select",editoptions:{value:"<? $qr = qquery("select * from datatypes"); while ($q = ffetch($qr)) {echo "$q[id]:$q[name];";}?>"}}, {name:'servicetype', index:'servicetype', width : 85, editable: true,edittype:"select",editoptions:{value:"<? $qr = qquery("select * from servicetype"); while ($q = ffetch($qr)) {echo "$q[id]:$q[name];";}?>"}}, {name:'voicelines', index:'voicelines', width : 35, align: 'center',editable:true,editoptions:{size:30}}, {name:'freqname', index:'freqname', width : 35, editable: true,edittype:"select",editoptions:{value:"<? $qr = qquery("select * from freqband"); while ($q = ffetch($qr)) {echo "$q[id]:$q[name];";}?>"}}, {name:'radioname', index:'radioname', width : 120, editable: true,edittype:"select",editoptions:{value:"<? $qr = qquery("select * from radiotype"); while ($q = ffetch($qr)) {echo "$q[id]:$q[name];";}?>"}}, {name:'serial', index:'serial', width : 100, align: 'right',editable:true,editoptions:{size:20}}, {name:'mac', index:'mac', width : 120, align: 'right',editable:true,editoptions:{size:20}} ], rowNum:20, rowList:[30,50,70], pager: '#pagerl', sortname: 'sid', mtype: "GET", viewrecords: true, sortorder: "asc", altRows: true, caption:"Landings", editurl:"editsu.php", height:420 }); jQuery("#landings").jqGrid('navGrid','#pagerl',{edit:true,add:true,del:false,search:false},{height:400,reloadAfterSubmit:false},{height:400,reloadAfterSubmit:false},{reloadAfterSubmit:false},{}); now for the editsu.php file.. $operation = $_REQUEST['oper']; if ($operation == "edit") { qquery("UPDATE customers SET vlan = '".$_POST['vlan']."', datadl = '".$_POST['datadl']."', dataul = '".$_POST['dataul']."', servicetype = '".$_POST['servicetype']."', voicelines = '".$_POST['voicelines']."', freqname = '".$_POST['freqname']."', radioname = '".$_POST['radioname']."', serial = '".$_POST['serial']."', mac = '".$_POST['mac']."' WHERE id = '".$_POST['id']."'") or die(mysql_error()); } Im just having a hard time troubleshooting this to figure out where its getting hung up at. My next question after this would be to see if its possible to make it so when you click "add", that it auto inserts a row into the db with a couple variable predtermined and then bring up the modal window, but ill work on the first problem first. thanks!

    Read the article

  • Cisco SR520w FE - WAN Port Stops Working

    - by Mike Hanley
    I have setup a Cisco SR520W and everything appears to be working. After about 1-2 days, it looks like the WAN port stops forwarding traffic to the Internet gateway IP of the device. If I unplug and then plug in the network cable connecting the WAN port of the SR520W to my Comcast Cable Modem, traffic startings flowing again. Also, if I restart the SR520W, the traffic will flow again. Any ideas? Here is the running config: Current configuration : 10559 bytes ! version 12.4 no service pad no service timestamps debug uptime service timestamps log datetime msec no service password-encryption ! hostname hostname.mydomain.com ! boot-start-marker boot-end-marker ! logging message-counter syslog no logging rate-limit enable secret 5 <removed> ! aaa new-model ! ! aaa authentication login default local aaa authorization exec default local ! ! aaa session-id common clock timezone PST -8 clock summer-time PDT recurring ! crypto pki trustpoint TP-self-signed-334750407 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-334750407 revocation-check none rsakeypair TP-self-signed-334750407 ! ! crypto pki certificate chain TP-self-signed-334750407 certificate self-signed 01 <removed> quit dot11 syslog ! dot11 ssid <removed> vlan 75 authentication open authentication key-management wpa guest-mode wpa-psk ascii 0 <removed> ! ip source-route ! ! ip dhcp excluded-address 172.16.0.1 172.16.0.10 ! ip dhcp pool inside import all network 172.16.0.0 255.240.0.0 default-router 172.16.0.1 dns-server 10.0.0.15 10.0.0.12 domain-name mydomain.com ! ! ip cef ip domain name mydomain.com ip name-server 68.87.76.178 ip name-server 66.240.48.9 ip port-map user-ezvpn-remote port udp 10000 ip ips notify SDEE ip ips name sdm_ips_rule ! ip ips signature-category category all retired true category ios_ips basic retired false ! ip inspect log drop-pkt no ipv6 cef ! multilink bundle-name authenticated parameter-map type inspect z1-z2-pmap audit-trail on password encryption aes ! ! username admin privilege 15 secret 5 <removed> ! crypto key pubkey-chain rsa named-key realm-cisco.pub key-string <removed> quit ! ! ! ! ! ! crypto ipsec client ezvpn EZVPN_REMOTE_CONNECTION_1 connect auto group EZVPN_GROUP_1 key <removed> mode client peer 64.1.208.90 virtual-interface 1 username admin password <removed> xauth userid mode local ! ! archive log config logging enable logging size 600 hidekeys ! ! ! class-map type inspect match-any SDM_AH match access-group name SDM_AH class-map type inspect match-any SDM-Voice-permit match protocol sip class-map type inspect match-any SDM_ESP match access-group name SDM_ESP class-map type inspect match-any SDM_EASY_VPN_REMOTE_TRAFFIC match protocol isakmp match protocol ipsec-msft match class-map SDM_AH match class-map SDM_ESP match protocol user-ezvpn-remote class-map type inspect match-all SDM_EASY_VPN_REMOTE_PT match class-map SDM_EASY_VPN_REMOTE_TRAFFIC match access-group 101 class-map type inspect match-any Easy_VPN_Remote_VT match access-group 102 class-map type inspect match-any sdm-cls-icmp-access match protocol icmp match protocol tcp match protocol udp class-map type inspect match-any sdm-cls-insp-traffic match protocol cuseeme match protocol dns match protocol ftp match protocol h323 match protocol https match protocol icmp match protocol imap match protocol pop3 match protocol netshow match protocol shell match protocol realmedia match protocol rtsp match protocol smtp extended match protocol sql-net match protocol streamworks match protocol tftp match protocol vdolive match protocol tcp match protocol udp class-map type inspect match-any L4-inspect-class match protocol icmp class-map type inspect match-all sdm-invalid-src match access-group 100 class-map type inspect match-all dhcp_out_self match access-group name dhcp-resp-permit class-map type inspect match-all dhcp_self_out match access-group name dhcp-req-permit class-map type inspect match-all sdm-protocol-http match protocol http ! ! policy-map type inspect sdm-permit-icmpreply class type inspect dhcp_self_out pass class type inspect sdm-cls-icmp-access inspect class class-default pass policy-map type inspect sdm-permit_VT class type inspect Easy_VPN_Remote_VT pass class class-default drop policy-map type inspect sdm-inspect class type inspect SDM-Voice-permit pass class type inspect sdm-cls-insp-traffic inspect class type inspect sdm-invalid-src drop log class type inspect sdm-protocol-http inspect z1-z2-pmap class class-default pass policy-map type inspect sdm-inspect-voip-in class type inspect SDM-Voice-permit pass class class-default drop policy-map type inspect sdm-permit class type inspect SDM_EASY_VPN_REMOTE_PT pass class type inspect dhcp_out_self pass class class-default drop ! zone security ezvpn-zone zone security out-zone zone security in-zone zone-pair security sdm-zp-in-ezvpn1 source in-zone destination ezvpn-zone service-policy type inspect sdm-permit_VT zone-pair security sdm-zp-out-ezpn1 source out-zone destination ezvpn-zone service-policy type inspect sdm-permit_VT zone-pair security sdm-zp-ezvpn-out1 source ezvpn-zone destination out-zone service-policy type inspect sdm-permit_VT zone-pair security sdm-zp-self-out source self destination out-zone service-policy type inspect sdm-permit-icmpreply zone-pair security sdm-zp-out-in source out-zone destination in-zone service-policy type inspect sdm-inspect-voip-in zone-pair security sdm-zp-ezvpn-in1 source ezvpn-zone destination in-zone service-policy type inspect sdm-permit_VT zone-pair security sdm-zp-out-self source out-zone destination self service-policy type inspect sdm-permit zone-pair security sdm-zp-in-out source in-zone destination out-zone service-policy type inspect sdm-inspect ! bridge irb ! ! interface FastEthernet0 switchport access vlan 75 ! interface FastEthernet1 switchport access vlan 75 ! interface FastEthernet2 switchport access vlan 75 ! interface FastEthernet3 switchport access vlan 75 ! interface FastEthernet4 description $FW_OUTSIDE$ ip address 75.149.48.76 255.255.255.240 ip nat outside ip ips sdm_ips_rule out ip virtual-reassembly zone-member security out-zone duplex auto speed auto crypto ipsec client ezvpn EZVPN_REMOTE_CONNECTION_1 ! interface Virtual-Template1 type tunnel no ip address ip virtual-reassembly zone-member security ezvpn-zone tunnel mode ipsec ipv4 ! interface Dot11Radio0 no ip address ! encryption vlan 75 mode ciphers aes-ccm ! ssid <removed> ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root ! interface Dot11Radio0.75 encapsulation dot1Q 75 native ip virtual-reassembly bridge-group 75 bridge-group 75 subscriber-loop-control bridge-group 75 spanning-disabled bridge-group 75 block-unknown-source no bridge-group 75 source-learning no bridge-group 75 unicast-flooding ! interface Vlan1 no ip address ip virtual-reassembly bridge-group 1 ! interface Vlan75 no ip address ip virtual-reassembly bridge-group 75 bridge-group 75 spanning-disabled ! interface BVI1 no ip address ip nat inside ip virtual-reassembly ! interface BVI75 description $FW_INSIDE$ ip address 172.16.0.1 255.240.0.0 ip nat inside ip ips sdm_ips_rule in ip virtual-reassembly zone-member security in-zone crypto ipsec client ezvpn EZVPN_REMOTE_CONNECTION_1 inside ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 75.149.48.78 2 ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source list 1 interface FastEthernet4 overload ! ip access-list extended SDM_AH remark SDM_ACL Category=1 permit ahp any any ip access-list extended SDM_ESP remark SDM_ACL Category=1 permit esp any any ip access-list extended dhcp-req-permit remark SDM_ACL Category=1 permit udp any eq bootpc any eq bootps ip access-list extended dhcp-resp-permit remark SDM_ACL Category=1 permit udp any eq bootps any eq bootpc ! access-list 1 remark SDM_ACL Category=2 access-list 1 permit 172.16.0.0 0.15.255.255 access-list 100 remark SDM_ACL Category=128 access-list 100 permit ip host 255.255.255.255 any access-list 100 permit ip 127.0.0.0 0.255.255.255 any access-list 100 permit ip 75.149.48.64 0.0.0.15 any access-list 101 remark SDM_ACL Category=128 access-list 101 permit ip host 64.1.208.90 any access-list 102 remark SDM_ACL Category=1 access-list 102 permit ip any any ! ! ! ! snmp-server community <removed> RO ! control-plane ! bridge 1 protocol ieee bridge 1 route ip bridge 75 route ip banner login ^CSR520 Base Config - MFG 1.0 ^C ! line con 0 no modem enable line aux 0 line vty 0 4 transport input telnet ssh ! scheduler max-task-time 5000 end I also ran some diagnostics when the WAN port stopped working: 1. show interface fa4 FastEthernet4 is up, line protocol is up Hardware is PQUICC_FEC, address is 0026.99c5.b434 (bia 0026.99c5.b434) Description: $FW_OUTSIDE$ Internet address is 75.149.48.76/28 MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 01:08:15, output 00:00:00, output hang never Last clearing of "show interface" counters never Input queue: 0/75/23/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 1000 bits/sec, 0 packets/sec 336446 packets input, 455403158 bytes Received 23 broadcasts, 0 runts, 0 giants, 37 throttles 41 input errors, 0 CRC, 0 frame, 0 overrun, 41 ignored 0 watchdog 0 input packets with dribble condition detected 172529 packets output, 23580132 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out 2. show ip route Gateway of last resort is 75.149.48.78 to network 0.0.0.0 C 192.168.75.0/24 is directly connected, BVI75 64.0.0.0/32 is subnetted, 1 subnets S 64.1.208.90 [1/0] via 75.149.48.78 S 192.168.10.0/24 is directly connected, BVI75 75.0.0.0/28 is subnetted, 1 subnets C 75.149.48.64 is directly connected, FastEthernet4 S* 0.0.0.0/0 [2/0] via 75.149.48.78 3. show ip arp Protocol Address Age (min) Hardware Addr Type Interface Internet 75.149.48.65 69 001e.2a39.7b08 ARPA FastEthernet4 Internet 75.149.48.76 - 0026.99c5.b434 ARPA FastEthernet4 Internet 75.149.48.78 93 0022.2d6c.ae36 ARPA FastEthernet4 Internet 192.168.75.1 - 0027.0d58.f5f0 ARPA BVI75 Internet 192.168.75.12 50 7c6d.62c7.8c0a ARPA BVI75 Internet 192.168.75.13 0 001b.6301.1227 ARPA BVI75 4. sh ip cef Prefix Next Hop Interface 0.0.0.0/0 75.149.48.78 FastEthernet4 0.0.0.0/8 drop 0.0.0.0/32 receive 64.1.208.90/32 75.149.48.78 FastEthernet4 75.149.48.64/28 attached FastEthernet4 75.149.48.64/32 receive FastEthernet4 75.149.48.65/32 attached FastEthernet4 75.149.48.76/32 receive FastEthernet4 75.149.48.78/32 attached FastEthernet4 75.149.48.79/32 receive FastEthernet4 127.0.0.0/8 drop 192.168.10.0/24 attached BVI75 192.168.75.0/24 attached BVI75 192.168.75.0/32 receive BVI75 192.168.75.1/32 receive BVI75 192.168.75.12/32 attached BVI75 192.168.75.13/32 attached BVI75 192.168.75.255/32 receive BVI75 224.0.0.0/4 drop 224.0.0.0/24 receive 240.0.0.0/4 drop 255.255.255.255/32 receive Thanks in advance, -Mike

    Read the article

  • big speed difference on a network link with and without VPN tunnel

    - by xirtyllo
    Scenario: We have a network link between two offices. The link is provided by a third party company through a VLAN on their network, but to us it is totally transparent -as if we had a simple ethernet cable going from one location to the other-. We have one router at each side of the link, with 3 VPN tunnels in between the two. The test: When I test the speed of the network link with the routers in place, with one laptop directly connected to the router on each side, I consistently get ~30/35Mbps. But if I take out the routers and I test the link connecting the laptops directly to the ethernet cable at each side, I consistently get ~85/88Mbps. It's quite a big performance hit, and I would tend to think that the VPN tunnels are responsible for the slow down. Is it normal that this configuration (two routers with three VPN tunnels between them) takes away so much bandwidth? More info: The encryption algorithm used for the VPN tunnels is AES128. The routers model is Zyxel USG200 and Zyxel USG1000, and their CPU, memory, and storage use is well within normal limits. The nominal bandwidth of the network link is 100Mbps. The network link in question is supplied by a third party company (the building in between our two offices). Basically it passes through their network as a VLAN, but the VLAN is completely transparent to us (e.g. no configuration required on our side, just like one single cable from end to end). Unfortunately (or maybe fortunately) I cannot directly test different routers configurations as I'm not the person in charge of it.

    Read the article

  • PXE booting LACP hosts on Force10 S50N with FTOS

    - by lolwutreddit
    Hardware: S50N Firmware: FTOS 8.4.2.6 Problem: We're trying to PXE boot some servers that are connected via port-channel interfaces with LACP. Current Work-around: we PXE boot a server with a single interface (eth0), and then use a Perl script to turn up the port-channel interfaces after the server is built. Details: Is anyone doing anything similar on Force10 S50 switches with FTOS? If not, is anyone doing this on another S series, or larger chassis-based Force10? I'm wondering if Native VLAN will solve this, since ports in a port-channel cannot explicitly have a VLAN set, and they don't seem to use the tagged or untagged VLAN that the port channel is in. I will confirm this next (I think it's the only thing I haven't tried) Juniper Example: http://broken.net/openindiana/how-to-pxe-boot-systems-on-lacp-using-juniper-switches/ Cisco: there are plenty of documented ways to solve this issue on IOS and Nexus Update/Edit: since there seems to be no way to use interface or port-channel mode commands to get the individual interfaces to show up in spanning-tree (rtsp in this case), the ports should never go into a forwarding state. I'm not going to mess with it anymore unless a) someone that has experience passes it on, or b) Force10 comes up with a solution for this (I'm guessing it will only be introduced on other S platforms (S55, S60), since the S50 seems to be near EOL). I'm basing that on the fact that the Open Automation type features are only being supported on the newer switches.

    Read the article

  • Setup of HP ProCurve 2810-24G for iSCSI?

    - by 3molo
    Hi, I have a pair of ProCurve 2810-24G that I will use with a Dell Equallogic SAN and Vmware ESXi. Since ESXi does MPIO, I am a little uncertain on the configuration for links between the switches. Is a trunk the right way to go between the switches? I know that the ports for the SAN and the ESXi hosts should be untagged, so does that mean that I want tagged VLAN on the trunk ports? This is more or less the configuration: trunk 1-4 Trk1 Trunk snmp-server community "public" Unrestricted vlan 1 name "DEFAULT_VLAN" untagged 24,Trk1 ip address 10.180.3.1 255.255.255.0 no untagged 5-23 exit vlan 801 name "Storage" untagged 5-23 tagged Trk1 jumbo exit no fault-finder broadcast-storm stack commander "sanstack" spanning-tree spanning-tree Trk1 priority 4 spanning-tree force-version RSTP-operation The Equallogic PS4000 SAN has two controllers, with two network interfaces each. Dell recommends each controller to be connected to each of the switches. From vmware documentation, it seems creating one vmkernel per pNIC is recommended. With MPIO, this could allow for more than 1 Gbps throughput.

    Read the article

  • Intel DriverInstall issue on HP ProLiant server DL580G5

    - by TomTom
    Given: A HP ProLiant server to be used for Hyper-V server (R 2) Problem: The server has a HP NC364T quad port card, which actually is an Intel 1000 Pro adapter. We are stuck getting this adapter properly working. We need to get it working with: 2 trunks of 2 ports each one of them fully vlan "aware" (without filtering anything - so that Hyper-V can do the VLAN filtering). So far we did: Install the server Install latest PSP. Problem here - tool does not work to set up teaming. We tried to install the latest ProWin pack from Intel - the drivers there are a LOT more current (26th of Marrch 2010, 9.13.41.0). The intalled driver (Microsoft) is ancient (march 2009, 9.13.4.10) A driver update fails both on command line (pnputil) as well as the PortLock device manager executable. No informatoin is provided. the ANS toolset can not create teams (fails with error - again, no reason provided), I know of no logs and the event log has no information either. Questions: What are the best drivers to use? How do we actually install them? How can we then set up teaming and how do we set up the VLAN behavior wanted?

    Read the article

  • Microsoft Windows DHCP: Steering IPv4 clients into specific scopes based on MAC

    - by Easter Sunshine
    We have visitors on our campus who bring their own laptops and devices and use our wireless and wired networks. When we receive a copyright infringement notice (typically BitTorrenting), we are required to quarantine that MAC address so that it no longer has Internet access. No matter what website it tries to visit, it is sent to a web page explaining to the user that the device has been quarantined. We have thus far implemented this in ISC DHCP on Linux. We have multiple VLANs with one or more public-IP subnets and one RFC1918 quarantine subnet each. All clients are leased IPs in the public-IP subnet(s) unless you're in a list of known bad MACs. Then, you are sent to the quarantine subnet so that your traffic is unroutable on the Internet (you are isolated by subnet only, not by VLAN). We would like to move to Windows DHCP in light of the IPAM role but I cannot figure out how to replicate this in Windows DHCP 2012 (Assign DHCP IPs for specific MAC prefixes on Windows Server 2008 R2 suggests it was not possible in 2008 R2), even while using policies. So here's what I'd like: The administrator/help desk provides and maintains a list of MAC addresses that are to be quarantined. The DHCP server places those MACs into the quarantine subnet on the respective VLAN, no matter which VLAN the client is in. I don't think reservations would work: We currently have about 300 registered bad MACs and about 12 VLANs. I don't want to make 300 x 12 reservations nor have to add 12 reservations per new MAC address. Not to mention all of the quarantine subnets are /24s. We do not have NPS/NAC. You do not have to register your MAC address get network access. We use Cisco routers/switches. Thanks.

    Read the article

  • Configuring https access on HP A5120 Switch

    - by GerryEgan
    I am trying to configure HTTPS management on a HP a5120 switch running Version 5.20.99, Release 2215 and not having much luck. I have followed the manual by creating an SSL policy first and then enabling the HTTPS server with the SSL policy: ssl server-policy sslpol ip https ssl-server-policy sslpol ip https enable When I try and log onto the switch with Google Chrome I get the following error: Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. When I look this up I have found references to errors due to TLS being used in SSL. I can find no way to specify the SSL version in the server policy. The manual has a configuration example that uses MSCEP to retrieve a certificate but in Windows 2008 R2 that feature is only available in Enterprise and Datacentre editions which I don't have. I have SSH configured and it is using a locally generated certificate so I'm not sure if I can use that but I'd like to if possible. Has anybody been able to setup HTTPS management on HP A series switches without MSCEP? Any and all help appreciated! here is a copy of my config with the interfaces removed: version 5.20.99, Release 2215 # sysname MYSYSNAME # irf domain 10 irf mac-address persistent timer irf auto-update enable undo irf link-delay # domain default enable system # telnet server enable # vlan 1 # vlan 100 description Management # radius scheme system primary authentication 127.0.0.1 1645 primary accounting 127.0.0.1 1646 user-name-format without-domain # domain system access-limit disable state active idle-cut disable self-service-url disable # user-group system group-attribute allow-guest # local-user admin password cipher authorization-attribute level 3 service-type ssh telnet terminal service-type web # stp enable # ssl server-policy sslpol pki-domain MYDOMAIN # interface NULL0 # interface Vlan-interface199 ip address 192.168.199.140 255.255.255.0 # interface GigabitEthernet1/0/1 poe enable stp edged-port enable # interface Ten-GigabitEthernet2/1/2 # dhcp-snooping # ntp-service unicast-server 192.168.1.71 # ssh server enable # ip https ssl-server-policy sslpol ip https enable # load xml-configuration # user-interface aux 0 1 user-interface vty 0 15 authentication-mode scheme

    Read the article

  • PowerConnect 3548p SNTP and web interface not working

    - by Force Flow
    I have been unable to get SNTP and access to the web interface working properly on a Dell PowerConnect 3548p. In the logs, this message appears over and over again: 04-Jan-2000 20:19:29 :%MNGINF-W-ACL: Management ACL drop packet received on interface Vlan 172 from 172.17.0.3 to 172.18.0.10 protocol 17 service Snmp 172 is the management vlan. 172.17.0.3 is the DNS server 172.18.0.10 is the switch's IP address. The DNS server and the switch are located on different subnets and separated by routers. I am unable to access the web interface of the switch from the 172.17.x.x subnet. I can only access the web interface of the switch if I am accessing it from the 172.18.x.x subnet. There is also a managed linksys switch on the 172.18.x.x subnet on the 172 vlan, which has no problem with SNTP. I can also access it from the 172.17.x.x network. So, it stands to reason that this is not a firewall or routing issue, but with the 3548p switch. I suspect the issue is with management permissions/ACLs on the 3348p switch, but that's about as much as I've been able to determine so far. Any ideas?

    Read the article

  • Ubuntu 12.04 open port 80 inside WLAN

    - by Eduard
    I have an nginx server running on ubuntu 12.04 that serves http through port 80 and https through port 443. Everything works fine if I access it from the same computer via localhost, 127.0.0.1 or the local IP 192.168.0.11. If I try to access the server from another computer in the same VLAN it does not work for http; it works for https. I have changed my nginx configuration to also listen to port 8000 for http; I can then access http from the other computer in the same VLAN via "http://192.168.0.11:8000". I also have a web server running on port 80 on a windows machine and can access it from another device in the same VLAN, therefore the router is not blocking incoming http traffic. The nginx process is run by root. I have used tcpdump and I see that packets are arriving to Ubuntu: 192.168.0.16.49735 192.168.0.11.80 and that some response is being given 192.168.0.11.80 192.168.0.16.49735 (I do not know what the response is though). There is no request arriving at the nginx web server (I have checked the access log). I have iptables empty. I have unsuccessfully tried to find a solution for a long time to this, it has now become a matter of happiness or bitterness :).

    Read the article

  • ProCurve ACL to prevent a subnet from leaving the switch

    - by kce
    I have a single HP ProCurve 2610 in a remote location that is connected in with the rest of the network via SHDSL. There are two Layer-3 networks on this segment. ACLs are setup to deny one subnet (192.0.2.0/24) from ever being able to leave the switch by virtue of being applied to port attached to the upstream connection. The other subnet should be permitted to freely leave the switch. Both subnets are on the same VLAN. Unfortunately SFlow very clearly show broadcast traffic from 192.0.2.0/24 on the upstream connection. ProCurve ACLs are not my strong suit but I feel like I'm missing something very simple here. ip access-list extended "Filter for Camera Network" deny ip 192.0.2.0 0.0.0.255 0.0.0.0 255.255.255.255 log permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 exit interface 24 name "DSL - UPLINK" access-group "Filter for Camera Network" in exit Unless I am mistaken traffic from 192.0.2.0/24 should be dropped as it crosses the uplink port (int 24) whereas all other traffic will be permited by the following default allow rule. What exactly am I missing here? EDIT: Firstly, why do you have two subnets contained in the same VLAN? Because that's how it was configured by a previous administrator and while it makes conceptual sense that a single subnet is "mapped" to a single VLAN there's no technical constraint that I am aware of that makes this have to be the case. Instead of filtering inbound traffic on your uplink, you should be filtering outbound traffic. The HP2600 series can only filter inbound traffic on interfaces. Should I change my filter to deny any to 192.0.2.0/24?

    Read the article

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >