Search Results

Search found 7154 results on 287 pages for 'networking'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 119/287 | < Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126  | Next Page >

  • Windows 7 VPN Error 619

    - by TravisPUK
    So I am running Windows 7 Enterprise. This morning I was able to VPN using the built in VPN (Connect to Work Network etc). I had to change my network's IP address range and now the VPN will not work. It just stalls on the Verifying user name and password... message. But then it returns the 619 error. Anybody know why changing my machine's IP address would cause this problem? Where should I be looking to try and fix this issue? I have tried this on a Windows XP machine that also had the IP address range change and this still connects fine using exactly the same connection details. EDIT The internal network range changed from 192.x.x.x to 10.x.x.x. This was done on the entire Active Directory. All machines are running fine and the Windows XP machine, that works going to the same client VPN mentioned above is on the same network. Both the XP and the Win 7 machines are using DHCP served by the Domain Controller. The client domain is not performing any IP range checks/restrictions. The VPN is outside the internal network, connection is being made via the Internet and not passing through any other machine, other than the normal domain machines, ie DNS etc. This is passing through a router and the router has the relevant VPN passthrough options configured. All internal machines are working correctly with other forms of VPN, ie Cisco, Sonic etc (these were tested on other machines, they are not installed on the Vista or Win7 machines). After further testing, this is occurring on all Win7 and Vista machines where they can no longer connect to the client VPN, however all XP machines can still connect fine. This has been tested on three Vista, two Win7 and five XP machines. All machines are on DHCP and tests have been done with both the firewalls turned on and off, as well as with fixed IPs being used. Thanks Travis

    Read the article

  • Strange traceroute to msdn.microsoft.com

    - by Jasper
    The problem is I could not view any msdn.microsoft.com/* site and the main site itself on my Ubuntu box on Google Chrome browser. Error is: Error 101 (net::ERR_CONNECTION_RESET): The connection was reset. When I run traceout I get different result: Here is simple one: traceroute msdn.microsoft.com traceroute to msdn.microsoft.com (65.55.11.235), 30 hops max, 60 byte packets 1 10.0.0.138 (10.0.0.138) 0.121 ms 0.131 ms 0.128 ms 2 192.168.0.1 (192.168.0.1) 1.730 ms 1.724 ms 2.024 ms 3 bzq-179-37-1.static.bezeqint.net (212.179.37.1) 18.314 ms 19.277 ms 20.694 ms 4 bzq-218-227-250.red.bezeqint.net (81.218.227.250) 22.806 ms 23.651 ms 24.820 ms 5 bzq-179-75-198.static.bezeqint.net (212.179.75.198) 26.650 ms 27.533 ms 28.791 ms 6 * * * 7 bzq-179-124-122.static.bezeqint.net (212.179.124.122) 76.032 ms 72.968 ms 74.660 ms 8 igblmdistc7504.uk.msft.net (195.66.224.140) 75.708 ms 76.797 ms 78.257 ms 9 ge-5-1-0-0.lts-64cb-1a.ntwk.msn.net (207.46.42.227) 80.125 ms 81.336 ms 82.671 ms 10 ge-7-0-0-0.nyc-64cb-1a.ntwk.msn.net (207.46.47.20) 179.232 ms so-7-1-0-0.ash-64cb-1b.ntwk.msn.net (213.199.144.158) 162.508 ms 163.223 ms 11 xe-0-0-1-0.co1-96c-1b.ntwk.msn.net (207.46.45.29) 227.964 ms ge-7-0-0-0.co1-64c-1b.ntwk.msn.net (207.46.40.90) 228.226 ms xe-0-0-1-0.co1-96c-1b.ntwk.msn.net (207.46.45.29) 212.781 ms 12 10.22.8.54 (10.22.8.54) 215.046 ms xe-5-2-0-0.co1-96c-1a.ntwk.msn.net (207.46.40.167) 214.825 ms 10.22.8.58 (10.22.8.58) 213.251 ms 13 10.22.8.62 (10.22.8.62) 212.745 ms 213.827 ms 10.22.8.50 (10.22.8.50) 215.655 ms 14 10.22.8.62 (10.22.8.62) 211.665 ms !X 10.22.8.50 (10.22.8.50) 214.491 ms !X 10.22.8.54 (10.22.8.54) 218.471 ms !X Line 1,2 : It's me Line from 3-7: It's my Internet provider Line 8 and on: I think I hit MS servers WTF line 12-14 ????? 10.22.8.x ???? then I run this traceroute: sudo traceroute -T msdn.microsoft.com traceroute to msdn.microsoft.com (65.55.11.235), 30 hops max, 60 byte packets 1 10.0.0.138 (10.0.0.138) 0.109 ms 0.127 ms * 2 * * * 3 * * * 4 * * * 5 * * * 6 * 65.55.11.235 (65.55.11.235) 16.019 ms 17.364 ms So I hit MSDN web site already at 6 hop ! WTF ??? This is host -a msdn.microsoft.com from me: host -a msdn.microsoft.com Trying "msdn.microsoft.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19522 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;msdn.microsoft.com. IN ANY ;; ANSWER SECTION: msdn.microsoft.com. 3274 IN CNAME msdn.microsoft.akadns.net. msdn.microsoft.akadns.net. 600 IN A 65.55.11.235 Received 91 bytes from 127.0.0.1#53 in 108 ms Could someone help me understand and fix it ??

    Read the article

  • windows 8 network cant connect to other computers

    - by Sickest
    we just setup a windows 7 ultimate file server, and all the other computers on the network, found the server expect the windows 8 computer. computers on the network: vista, win 7 ultimate, mac os, win 8 (problem) I setup a homegroup on the win 7 server pc, but the windows 8 computer can't find the homegroup, nor can it connect to the server by typing its network ext //server-pc i've tried to turn on all the windows 8 sharing to discovery ON, on Private and Public and all Networks, and got nothing. should be noted that the computer is using norton firewall/AV, im not sure if that's a factor

    Read the article

  • Problem connecting to SSH in office network

    - by Jeune
    I have trouble connecting via SSH to a server whenever I am in the office. I get as far as being prompted for my password and then after that there's a long wait which always ends in a Write failed: Broken pipe This is only for connecting via SSH. I use svn to commit files to a repository hosted on the same server and there are no hitches. Furthermore, this only happens in our office. When I go the university or whenever I am at home or at the coffee shop I am able to connect seamlessly. There are no firewalls in our office. It's just a basic wireless router connected to a modem setup. It's the same setup I have at home and I guess the same setup in the coffee shop. What are the causes for a broken pipe and why does this phenomenon only happen when I try connect via SSH and not when I work with svn on the same server? Updated: Some debug logs after authentication: debug3: packet_send2: adding 48 (len 64 padlen 16 extra_pad 64) debug2: we sent a password packet, wait for reply debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Entering interactive session. debug2: callback start debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug1: Sending environment. debug3: Ignored env ORBIT_SOCKETDIR debug3: Ignored env SSH_AGENT_PID debug3: Ignored env TERM debug3: Ignored env SHELL debug3: Ignored env XDG_SESSION_COOKIE debug3: Ignored env WINDOWID debug3: Ignored env GNOME_KEYRING_CONTROL debug3: Ignored env GTK_MODULES debug3: Ignored env USER debug3: Ignored env LS_COLORS debug3: Ignored env LIBGL_DRIVERS_PATH debug3: Ignored env SSH_AUTH_SOCK debug3: Ignored env DEFAULTS_PATH debug3: Ignored env SESSION_MANAGER debug3: Ignored env USERNAME debug3: Ignored env XDG_CONFIG_DIRS debug3: Ignored env DESKTOP_SESSION debug3: Ignored env LIBGL_ALWAYS_INDIRECT debug3: Ignored env PATH debug3: Ignored env PWD debug3: Ignored env GDM_KEYBOARD_LAYOUT debug1: Sending env LANG = en_PH.utf8 debug2: channel 0: request env confirm 0 debug3: Ignored env GNOME_KEYRING_PID debug3: Ignored env MANDATORY_PATH debug3: Ignored env GDM_LANG debug3: Ignored env GDMSESSION debug3: Ignored env SHLVL debug3: Ignored env HOME debug3: Ignored env GNOME_DESKTOP_SESSION_ID debug3: Ignored env LOGNAME debug3: Ignored env XDG_DATA_DIRS debug3: Ignored env DBUS_SESSION_BUS_ADDRESS debug3: Ignored env LESSOPEN debug3: Ignored env WINDOWPATH debug3: Ignored env DISPLAY debug3: Ignored env LESSCLOSE debug3: Ignored env XAUTHORITY debug3: Ignored env COLORTERM debug3: Ignored env OLDPWD debug3: Ignored env _ debug2: channel 0: request shell confirm 1 debug2: fd 3 setting TCP_NODELAY debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 UPDATE 2011-14-07: I am able to connect to the server via SSH now. I didn't do anything but that's because there is no one in the office but me! Having said that, is it possible that it has something to do with the number of sessions an SSH server can handle? UPDATE 2011-14-07: I try to login via SSH through Putty on another machine running windows together with my current SSH session in Ubuntu and now it seems my SSH session in Ubuntu has been dropped. I can't type into the terminal. Is Putty the culprit now?

    Read the article

  • Transparent proxy which preserves client mac address

    - by A G
    I have a customer that wants to intercept SSL traffic as it leaves their network. My proposed solution is to setup a proxy that is transparent and both layer 2 and layer 3 so it can simply be dropped into their network without any change in config required. The proxy has two NICs, one connected to the server, the other to the client. The client, proxy and gateway are under control of the customer, the server is not. For example: client --- Proxy --- gateway -|- server I have my proxy program configured with IP_TRANSPARENT socket option to it can respond to connections destined for a remote IP. I am using the following setup: iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --on-port 3128 --tproxy-mark 1/1 iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 1 ip rule add fwmark 1/1 table 1 ip route add local 0.0.0.0/0 dev lo table 1 The client in question is on its own subnet and has been configured so that the proxy is the default gateway. The result is: Client sends a frame to the proxy; source IP is client, source mac is client, destination IP is server, destination mac is proxy Proxy forwards this frame to the gateway; source IP is proxy, source mac is proxy, destination IP is server, destination mac is gateway Gateway forwards this to the server and gets a response back. Gateway sends reply back to proxy; source IP is server, source mac is gateway, destination IP is proxy, destination mac is proxy Proxy forwards this reply to client; source IP is server, source mac is proxy, destination IP is client, destination mac is client. The tproxy and iptables configuration lets the proxy send packets with a non local ip address. Is there a way to make something transparent at the mac address level? That is, put the client on the same subnet as the gateway. The gateway sees the source IP and mac as that of the client, even though they originated from the proxy. Could this be done by configuring the proxy as a bridge then use ebtables to escalate the traffic to be handled by iptables? When I use ebtables to push something up to iptables, it appears my proxy program doesn't respond to the packets as they are destined for the gateways's mac address, not the proxy's. What are some other potential avenues I could investigate? EDIT: When the client and gateway are on different subnets (and client has set the proxy as the gateway), it works as described in 1 to 5. But I want to know if it is possible to have the client and gateway on the same subnet and have the proxy fully transparent (ie client is not aware of the proxy). Thanks! EDIT 2: I can configure the proxy as a bridge using brctl, but cannot find a way to direct this traffic to my proxy program - asked here Possible for linux bridge to intercept traffic?. Currently, with the description numbered 1 to 5, it operates at layer 3; it is transparent on the client side (client thinks it is talking to the server's IP), but not on the gateway side (gateway is talking to the proxy's IP). What I want to find out is, is it possible to make this operate at layer 2, so it is fully transparent? What are the available options I should research? Thanks

    Read the article

  • router only assigns small number of IPs

    - by Liam Coates
    Been having a problem with my router for a while now, might just be because it is really old but here's the problem: If a lot of computers are connected to my home network someone will get disconnected. They are assigned IPs and it seems like at a certain point (and I don't know how many) you either get assigned the same IP as someone else or something else is happening and you get disconnected - until i soft reset it and it works again which takes 30 secs. I'd say my tablet, my PC, my sisters iPad, 2 laptops and a netbook is the most that can be connected at one time so that is 6 but that should be fine. The only way I know this is the problem is because I turned on my tablet and I was online on my PC, got disconnected but my tablet was still connected, this is just after i turned the tablet on so I know my router is having difficulty with IPs, it is like it assigned the same IP to the tablet which then clashed with my desktop and knocked me off. I see that sometimes the following solves it as well so I wrote a batch file with a menu to execute these commands as I have to do it so often. ipconfig /release ipconfig /flushdns ipconfig /renew Any ideas? Or shall I just get a new router as this one is old and maybe can't handle giving out that many IPs? Cheers!

    Read the article

  • Incorrect Windows 7 "No Internet Access" notice

    - by Joel Coehoorn
    In windows 7, I have a wifi network that shows up with a warning icon overlay and the "No internet access" description as shown in this image: The other network shown there is a VirtualBox VM, and is expected to show that way. Plainly, this notice is wrong as I have been browsing with that connection all afternoon and used it to post this question. So my question is, what makes this message come up, and how can I make it go away?

    Read the article

  • network topology including many services

    - by mete
    I know this is yet another question on how to setup network but I hope you are not bored of such questions yet. The site is also an office, so it includes windows dc, windows ad, exchange, sql, file sharing, development app servers and other pcs. In addition to office (internal) things, there are both test and prod environments consisting of a web server-app server-sql stack. There is also ftp service open to public. I consider: dmz1 - web server - exchange edge - ftp dmz2 - app server - sql for app server internal - dc and ad - exchange hub and transport - internal file sharing - sql for internal use - app servers for internal use - pcs public - dmz1, only web, ftp and smtp public - dmz2 not possible public - internal not possible dmz1 - dmz2 is possible from web servers to app servers by using http or ajp dmz1 - internal is only possible for exchange, otherwise not possible dmz2 - internal not possible Does this sound ok ? Any other recommendations ? It will be configured using either MS ISA or Jupiter SSG. Thank you.

    Read the article

  • Know which Apps to Remove From MSConfig with this Startup Applications List

    - by Mit Naik
    Just found userfull information on Internet and thought it would help all of users. This list of startup applications is a really handy resource for cleaning up msconfig entries that have overtaken old computers. It catalogs tons of different startup programs, what they do, and which ones you should delete, leave running, or decide based on the program's usefulness. It even has a nice search box so you can search through the tens of thousands of entries. Hit the link below to check it out, and if your relatives' computer is especially broken, be sure to check out our guide to fixing your relatives' terrible computer. http://www.sysinfo.org/startuplist.php Please update the list here if you got any other tools or sites which can be help full to others

    Read the article

  • My DNS cannot resolve an web site address?

    - by ipkiss
    Hello all, Recently, I could not access the webpage bbc.co.uk anymore, while I can access other websites smoothly. Ar first, I though there may be some problem with my laptop. However, if I use my laptop through my company network, I can load the page bbc.co.uk normally. Then, I though maybe my ADSL at home blocks that web address. However, I tried another laptop with my home ADSL and it can load the page bbc.co.uk very fast. Now I do not know what could be the problem. Can anyone tell me please? Thank you.

    Read the article

  • Connecting both WAN and LAN ports to the same hub

    - by C. Lee
    For some reason I wish to connect the WAN port and the LAN port on a router to the same hub and make the hub is connected to both networks, the Internet and a private network. Below is a diagram of the network configuration I'd like to build. I tried this and it didn't work as expected. PC 1 has no problem, but PC 2 cannot connect to the Internet. When I ping 192.168.0.1 from PC 2, all packets are lost. It works well when PC 2 is connected directly to the router. What's the problem with the network configuration above?

    Read the article

  • management network to a network port for additional ones munin and monit

    - by paolo
    management network to a network port for additional ones munin and monit I want to build a separate Netzwek for server management. I have several network cards a linux / debian / ubuntu with computer. Set both network cards sin in the /etc/network/interfaces. # The primary network interface #allow-hotplug eth0 #iface eth0 inet dhcp auto eth0 iface eth0 inet static address 10.0.0.240 netmast 255.255.255.0 network 10.0.0.0 brodacast 10.0.0.255 gateway 10.0.0.254 auto eth1 iface eth1 inet static address 10.0.10.240 netmast 255.255.255.0 network 10.0.10.0 brodacast 10.0.10.255 post-up ip route add 10.0.0.0/24 dev eth0 src 10.0.0.240 table eth0-WAN post-up ip route add default via 10.0.0.254 table eth0-WAN post-up ip route add 10.0.10.0/24 dev eth1 src 10.0.10.240 table eth1-LAN post-up ip route add default via 10.0.10.200 table eth1-LAN post-up ip rule add from 10.0.0.240 table eth0-WAN post-up ip rule add from 10.0.10.240 table eth1-LAN still i adjusted / etc/iproute2/rt_tables and following routes set up in the /etc/network/interfaces I want to have both applications and the network interface separately as munin and monit only on eth1 and not have to eth0. it goes to the reboot but sometimes not always. # Traceroute-i eth1 10.0.10.200 not go what am I doing wrong?

    Read the article

  • Network use of Gaming PC

    - by Matthew Patrick Cashatt
    Background After YEARS of waiting, I built the custom gaming PC of my dreams: Intel i7 - 975 Extreme Edition 3.3ghz (overclocked to 4.0) ATI Radeon 5970 2gb Corsair 256 gb SSD Drive 2 TB Sata II 3.0 7200rpm data drive 12 GB Kingston Hyper-X (1600mhz) DDR3 Windows 7 Ultra 64 bit And so on. . . Problem I hooked this beast up to our home theater and settled in for a great gaming season only to realize a couple of drawbacks: It's hard to accurately wax bad guys using a keyboard in your lap whilst reclined on your couch (and using a wireless keyboard). It's hard to read the text on the screen (i.e. menus, etc). I find that a 1:1 ratio (screen diagonal inch to inch away from screen) is optimum, but using the home theater, it's more like 1:3 which has me squinting unless I sit on the coffee table. The wife always seems to want the TV the same time I do and, unfortunately "Real Housewives of Beverly Hills" and Battlefield BC don't mix. I am losing the battle in the home theater room, but the PC has to stay there (long story). So, this leaves me with the option of playing in my home office which is about 30 feet away from the home theater. I am a software developer so I have a pretty decent set up in my office--multiple 1080p monitors, HP Envy 17 which can run games like Crysis in 720p with out stammering too much. Also, I can game very comfortably at my desk in the office. Still, even though the set up in my office can run games well enough, I don't want to regress to that when I have worked YEARS for an awesome gaming PC that can run everything on ultra high settings. My Question What are my options for running my games on the beastly desktop in the Home Theater, but physically playing in my office about 30 feet away? A really long HDMI cable? LAN/RDC? Details that May Help We have an open crawlspace so running cable from HT room to office is no problem. I already have networked the house with a LAN Any help is GREATLY appreciated. Thanks, Matt

    Read the article

  • Storage and bandwidth for a social network

    - by user38141
    I guess i asked a dumb question earlier. I am fairly new at this. I have a socal network being built in PHP wit MYsql. I was wondering how much bandwidth and storage would allow users to have have 500mins of streaming video and allow them to store photos and videos. Please forgive me. I am not a technology guy and just doing some research as I am learning as I go along.

    Read the article

  • mail server administration

    - by kibs
    MY postfix does not show that it is listening to the smtp daemon getting mesaage below: The message WAS NOT relayed Reporting-MTA: dns; mail.mak.ac.ug Received-From-MTA: smtp; mail.mak.ac.ug ([127.0.0.1]) Arrival-Date: Wed, 19 May 2010 12:45:20 +0300 (EAT) Original-Recipient: rfc822;[email protected] Final-Recipient: rfc822;[email protected] Action: failed Status: 5.4.0 Remote-MTA: dns; 127.0.0.1 Diagnostic-Code: smtp; 554 5.4.0 Error: too many hops Last-Attempt-Date: Wed, 19 May 2010 12:45:20 +0300 (EAT) Final-Log-ID: 23434-08/A38QHg8z+0r7 undeliverable mail MTA BLOCKED OUTPUT FROM lsof -i tcp:25 command master 3014 root 12u IPv4 9429 TCP *:smtp (LISTEN) (Postfix as a user is missing )

    Read the article

  • Offline Files (CSC) on Windows RT

    - by Aeyoun
    Windows RT does not have the Offline Files service. The Sync Center is also gone. Can it be enabled somehow? or can anyone recommend a replacement? My options are very limited on Windows 8.1 RT. The only thing it seems Microsoft is offering is something called Work Folders. These are only supported in Windows 8.1. I really want a more generic solution so that I can access files on OS X and Linux (like a samba share).

    Read the article

  • Troubleshoot dropped wireless connections

    - by Jack
    I was recently hired in the IT department of a small company (~180 users) and one of the issues that people have been complaining about is having their wi-fi connections drop during meetings. The company is using an HP ProCurve Wireless LAN with 10 APs and a controller unit located in the server room. I don't have any experience troubleshooting WLAN in a multi-AP environment, so I'm trying to at least gather information using free or cheap tools. I did a basic site survey using the free version of Ekahau HeatMapper and discovered the following in one of the conference rooms that has been a problem. The program picked up three access points (plus a bunch of others with much lower signals that were out of range): AP 1: SSID: "Unknown SSID" - Signal strength: -48 dBm - -40 dBm. Channel: 2 AP 2: SSID "CompanyMain" - Signal strength: -35 dBm or greater. Channel: 2. Security: WEP (This is the main SSID for the company's WLAN.) AP 3: SSID: "CompanyGuest" - Signal strength: -40 dBm - -35 dBm. Channel: 2. Security: WPA2 (This SSID is the company's "guest" WLAN, which was setup to allow Internet access, but prevent network access.) Is there anything that you see that is clearly a problem from the above? I'm assuming that the unknown SSID might be a big problem, and that it is an AP from a neighboring office that is causing interference. Does that seem likely? Also, regarding channel, should we try changing the channels of our APs to avoid interference with that unknown SSID? (Since everything seems to be on Channel 2?) Should our APs be on different channels? In other words, should the CompanyMain and CompanyGuest APs be on different channels? Finally, any recommendations for free/cheap tools to help me figure this out, and/or a good methodology to follow? Thanks in advance for any help. Jack

    Read the article

  • Windows 2008 R2 Servers Sending Arp Requests for IPs outside Subnet

    - by Kyle Brandt
    By running a packet capture on my my routers I see some of my servers sending ARP requests for IPs that exist outside of its network. For example if my network is: Network: 8.8.8.0/24 Gateway: 8.8.8.1 (MAC: 00:21:9b:aa:aa:aa) Example Server: 8.8.8.20 (MAC: 00:21:9b:bb:bb:bb) By running a capture on the interface that has 8.8.8.1 I see requests like: Sender Mac: 00:21:9b:bb:bb:bb Sender IP: 8.8.8.20 Target MAC: 00:21:9b:aa:aa:aa Target IP: 69.63.181.58 Anyone seen this behavior before? My understanding of ARP is that requests should only go out for IPs within the subnet... Am I confused in my understanding of ARP? If I am not confused, anyone seen this behavior? Also, these seem to happen in bursts and it doesn't happen when I do something like ping an IP outside of the network. Update: In response to Ian's questions. I am not running anything like Hyper-V. I have multiple interfaces but only one is active (Using BACS failover teaming). The subnet mask is 255.255.255.0 (Even if it were something different it wouldn't explain an IP like 69.63.181.58). When I run MS Network Monitor or wireshark I do not see these ARP requests. What happens is that on the router capturing I see a burst of about 10 requests for IPs outside of the network from the host machine. On the machine itself using wireshark or NetMon I see a flood of ARP responses for all the machines on the network. However, I don't see any requests in the capture asking for those responses. So it seems like maybe it is maybe refreshing the arp cache but including IPs that outside of the network. Also when it does this NetMon doesn't show the ARP requests?

    Read the article

  • Long connection times from PHP to MySQL on EC2

    - by Erik Giberti
    I'm having an intermittent issue connecting to a database slave with InnoDB. Intermittently I get connections taking longer than 2 seconds. These servers are hosted on Amazon's EC2. The app server is PHP 5.2/Apache running on Ubuntu. The DB slave is running Percona's XtraDB 5.1 on Ubuntu 9.10. It's using an EBS Raid array for the data storage. We already use skip name resolve and bind to address 0.0.0.0. This is a stub of the PHP code that's failing $tmp = mysqli_init(); $start_time = microtime(true); $tmp-options(MYSQLI_OPT_CONNECT_TIMEOUT, 2); $tmp-real_connect($DB_SERVERS[$server]['server'], $DB_SERVERS[$server]['username'], $DB_SERVERS[$server]['password'], $DB_SERVERS[$server]['schema'], $DB_SERVERS[$server]['port']); if(mysqli_connect_errno()){ $timer = microtime(true) - $start_time; mail($errors_to,'DB connection error',$timer); } There's more than 300Mb available on the DB server for new connections and the server is nowhere near the max allowed (60 of 1,200). Loading on both servers is < 2 on 4 core m1.xlarge instances. Some highlights from the mysql config max_connections = 1200 thread_stack = 512K thread_cache_size = 1024 thread_concurrency = 16 innodb-file-per-table innodb_additional_mem_pool_size = 16M innodb_buffer_pool_size = 13G Any help on tracing the source of the slowdown is appreciated. [EDIT] I have been updating the sysctl values for the network but they don't seem to be fixing the problem. I made the following adjustments on both the database and application servers. net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_sack = 0 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_fin_timeout = 20 net.ipv4.tcp_keepalive_time = 180 net.ipv4.tcp_max_syn_backlog = 1280 net.ipv4.tcp_synack_retries = 1 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.ipv4.tcp_rmem = 4096 87380 16777216 net.ipv4.tcp_wmem = 4096 87380 16777216 [EDIT] Per jaimieb's suggestion, I added some tracing and captured the following data using time. This server handles about 51 queries/second at this the time of day. The connection error was raised once (at 13:06:36) during the 3 minute window outlined below. Since there was 1 failure and roughly 9,200 successful connections, I think this isn't going to produce anything meaningful in terms of reporting. Script: date /root/database_server.txt (time mysql -h database_Server -D schema_name -u appuser -p apppassword -e '') /dev/null 2 /root/database_server.txt Results: === Application Server 1 === Mon Feb 22 13:05:01 EST 2010 real 0m0.008s user 0m0.001s sys 0m0.000s Mon Feb 22 13:06:01 EST 2010 real 0m0.007s user 0m0.002s sys 0m0.000s Mon Feb 22 13:07:01 EST 2010 real 0m0.008s user 0m0.000s sys 0m0.001s === Application Server 2 === Mon Feb 22 13:05:01 EST 2010 real 0m0.009s user 0m0.000s sys 0m0.002s Mon Feb 22 13:06:01 EST 2010 real 0m0.009s user 0m0.001s sys 0m0.003s Mon Feb 22 13:07:01 EST 2010 real 0m0.008s user 0m0.000s sys 0m0.001s === Database Server === Mon Feb 22 13:05:01 EST 2010 real 0m0.016s user 0m0.000s sys 0m0.010s Mon Feb 22 13:06:01 EST 2010 real 0m0.006s user 0m0.010s sys 0m0.000s Mon Feb 22 13:07:01 EST 2010 real 0m0.016s user 0m0.000s sys 0m0.010s [EDIT] Per a suggestion received on a LinkedIn question, I tried setting the back_log value higher. We had been running the default value (50) and increased it to 150. We also raised the kernel value /proc/sys/net/core/somaxconn (maximum socket connections) to 256 on both the application and database server from the default 128. We did see some elevation in processor utilization as a result but still received connection timeouts.

    Read the article

  • Windows redirect traffic to different DNS name not fixed IP address (hosts file equivalent)

    - by Arik Raffael Funke
    Using the Windows hosts file, one can redirect traffic for a domain to a specific IP address, e.g. domainA.com -- 127.0.0.1 I am looking for a SIMPLE way to do the same, but for a target domain name not for a target IP address (as this is dynamic), I.e. domainA.com -- domainB.com Addition: After the getting some initial answers I think I need to concretise my question. Situation: I have an application which looks up the IP of the target domain via DNS and then connects via HTTP to the IP address. I do not have control over any proxy settings. Option 1 Basically I am looking for a way to: intercept DNS requests for a domainA.com launch a DNS request for a domainB.com serve the IP of domainB.com in response to the request for domainA.com Without running an entire DNS server. Option 2 If a DNS server is the only way, in the alternative I would also be happy with an solution to how to define a non-standard DNS-server for a single application. Any ideas for wrapper applications, etc?

    Read the article

  • Creating a secure multicast tunnel with socat

    - by ams
    How we can create secure multicast tunnels ith socat? Assume that we have a list of IP address, CIDR network addresses that we want to create secure tunnel to them. I found this: socat STDIO UDP4-DATAGRAM:224.1.0.1:6666,range=192.168.10.0/24 but I want a secure tunnel and different adds with net addrs I want to create script that give the IPs and net addresses and creates a secure tunnel ./myscript IP1 NetAdd1 IP2 NetAdd2 .... How can I send these parameters to socat? Does socat multicast have any limits?

    Read the article

  • Secure openVPN using IPTABLES

    - by bob franklin smith harriet
    Hey, I setup an openVPN server and it works ok. The next step is to secure it, I opted to use IPTABLES to only allow certain connections through but so far it is not working. I want to enable access to the network behind my openVPN server, and allow other services (web access), when iptables is disabaled or set to allow all this works fine, when using my following rules it does not. also note, I already configured openVPN itself to do what i want and it works fine, its only failing when iptables is started. Any help to tell me why this isnt working will appreciated here. These are the lines that I added in accordance with openVPN's recommendations, unfortunately testing these commands shows that they are requiered, they seem incredibly insecure though, any way to get around using them? # Allow TUN interface connections to OpenVPN server -A INPUT -i tun+ -j ACCEPT #allow TUN interface connections to be forwarded through other interfaces -A FORWARD -i tun+ -j ACCEPT # Allow TAP interface connections to OpenVPN server -A INPUT -i tap+ -j ACCEPT # Allow TAP interface connections to be forwarded through other interfaces -A FORWARD -i tap+ -j ACCEPT These are the new chains and commands i added to restrict access as much as possible unfortunately with these enabled, all that happens is the openVPN connection establishes fine, and then there is no access to the rest of the network behind the openVPN server note I am configuring the main iptables file and I am paranoid so all ports and ip addresses are altered, and -N etc appears before this so ignore that they dont appear. and i added some explanations of what i 'intended' these rules to do, so you dont waste time figuring out where i went wrong : 4 #accepts the vpn over port 1192 -A INPUT -p udp -m udp --dport 1192 -j ACCEPT -A INPUT -j INPUT-FIREWALL -A OUTPUT -j ACCEPT #packets that are to be forwarded from 10.10.1.0 network (all open vpn clients) to the internal network (192.168.5.0) jump to [sic]foward-firewall chain -A FORWARD -s 10.10.1.0/24 -d 192.168.5.0/24 -j FOWARD-FIREWALL #same as above, except for a different internal network -A FORWARD -s 10.10.1.0/24 -d 10.100.5.0/24 -j FOWARD-FIREWALL # reject any not from either of those two ranges -A FORWARD -j REJECT -A INPUT-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT-FIREWALL -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT-FIREWALL -j REJECT -A FOWARD-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT #80 443 and 53 are accepted -A FOWARD-FIREWALL -m tcp -p tcp --dport 80 -j ACCEPT -A FOWARD-FIREWALL -m tcp -p tcp --dport 443 -j ACCEPT #192.168.5.150 = openVPN sever -A FOWARD-FIREWALL -m tcp -p tcp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -m udp -p udp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -j REJECT COMMIT now I wait :D

    Read the article

  • How to block/avoid a particular IP when connecting to websites?

    - by Mark
    I'm having trouble connecting to a particular website. I can view it through a proxy, but not from home. So I ran a traceroute: Tracing route to fvringette.com [76.74.225.90] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms <snip> 2 * * * Request timed out. 3 9 ms 7 ms 27 ms rd2bb-ge2-0-0-22.vc.shawcable.net [64.59.146.226] 4 8 ms 7 ms 7 ms rc2bb-tge0-9-2-0.vc.shawcable.net [66.163.69.41] 5 10 ms 9 ms 9 ms rc2wh-tge0-0-1-0.vc.shawcable.net [66.163.69.65] 6 27 ms 23 ms 22 ms ge-gi0-2.pix.van.peer1.net [206.223.127.1] 7 18 ms 18 ms 20 ms 10ge.xe-0-2-0.van-spenc-dis-1.peer1.net [216.187.89.206] 8 9 ms 11 ms 10 ms 64.69.91.245 9 * * * Request timed out. 10 * * * Request timed out. ... Looks like this "64.69.91.245" is somehow blocking me. Can I tell my computer to avoid/bypass that IP when trying to connect?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126  | Next Page >