Search Results

Search found 5137 results on 206 pages for 'i like traffic lights'.

Page 130/206 | < Previous Page | 126 127 128 129 130 131 132 133 134 135 136 137  | Next Page >

• Migrating from DD-WRT to Tomato

  - by Collin Allen

  Is it possible to switch to the latest version of Tomato on a router that's already running DD-WRT? Using the default Linksys firmware on my WRT54GL v1.1, I had to upload a micro version of DD-WRT first. I imagine that, since I'm now running third-party firmware, I won't have to do that again to make the switch, but I thought I should check so as not to brick it. This router is taking a back seat to a new AirPort Extreme (for the 'n' capability), but I still want to have the soon-to-be-Tomato device sit between the AirPort Extreme and my modem for the superior traffic graphing.

  Read the article

• Open vSwitch and Xen Private Networks

  - by Joe

  I've read about the possibilities of using Open vSwitch with Xen to route traffic between domUs on multiple physical hosts. I'd like to be able to group the multiple domUs I have spread out across multiple physical hosts into a number of private networks. However, I've found no documentation on how to integrate Open vSwitch with Xen (rather than XenServer) and am unsure how I should go about doing so and then creating the private networks described. As you might have gathered then - from research I think Open vSwitch can do what I need it to, but I just can't find anything giving me a push in the right direction of how to actually use it to do so! This may well be because Open vSwitch is quite new (version 1.0 released on May 17). Any pointers in the right direction would be much appreciated!

  Read the article

• Web server behind MikroTik and dynamic dns

  - by danielrvt

  I recently purchased a MikroTik router, it works great! However, I haven't been able to make my web server work from outside my lan I'll explain better: I have two domains in my disposal, before I switched to Mikrotik, the were working perfectly and all my websites were online. Since I changed the router, every time I try to access my websites from outside my lan, my websites can't be found. I have my websites domains associated with a dynamic dns provider, I managed to create a port forwarding rule to redirect all my incoming traffic from port 80 to my web server, and it works, but only when I'm connected to my MikroTik router. Is there something else I have to do? PD: I also created a static dns rule in my router with my domains to associate it to my webserver (which is behind my router) PD2: All I want is to redirect requests from outside to my webserver...

  Read the article

• Changing default gateway on workstations connected to Windows Domain SBS server

  - by Gary B2312321321

  We have xp workstations connected onto a small business server acting as active directory/isa firewall/proxy (no dhcp). Is there a reason that after installing a 2nd firewall on the network (same subnet etc), that changing the default gateway on the workstations isnt sufficient to route inet traffic through the new firewall? A freshly setup linux box connects straight on to the alternate firewall with just ip, default gateway. dns settings. Will having ISA still active on the network confuse the process? Are there further config settings deeper down in windows that need attention? Any ideas pointers on this would be appreciated? Other info: Firewalls tried: Smoothwall and Ipcop; small ethernet netwoork 40 pcs; can ping to new firwalls from workstations; activating web proxy on new firewall and reconfiguring workstation browser works fine; Point of 2nd firewall is lack of some necessary features on ISA for a linux app; Would be nice to have some redundancy to though

  Read the article

• SquidGuard and Active Directory groups

  - by Massimo

  I'm configuring a Linux proxy with Squid and SquidGuard to filter Internet traffic. I know how to authenticate users against Active Directory in Squid, and then how to filter access for users using SquidGuard. The question: how to use Active Directory groups in SquidGuard instead of plain user names? My goal is to be able to configure rules like "members of this group can go anywhere" or "members of this group can only visit certain sites". I know SquidGuard can't manage group membership directly, but it can do LDAP searches on its own; but the syntax to look up wheter a user is member of a given group seems to be quite cryptic, and I couldn't find any good documentation around.

  Read the article

• What's a good, affortable router that will not give me problems when downloading torrents?

  - by Lirik

  I found several routers on newegg and they're in the $50-60 range, but I'm not sure if they'll handle the number of connections that are created when downloading torrents (100-300 seeds and around 50 peers). My roommate watches netflix movies, my brother and I download torrents, so my NETGEAR router ends up choking on the traffic and I have to restart it quite frequently. I've already posted a couple of questions on the topic and I've come to the conclusion that I need a new router. What are some routers that I should consider (my budget is in the $50 range)?

  Read the article

• What's the performance on USB docking stations, and can they be used when laptop is closed?

  - by David

  I'm looking into a docking station for a Dell Studio laptop. I don't see the traditional docking stations I'm familiar with - the kind (for a Dell Latitude, for example) where you sit the laptop on top of a long row of pins. Instead, I'm seeing a lot of USB docking stations. When I close my laptop, I want it to go into sleep mode. If I then connect a USB docking station to the laptop while it's closed, will it wake up? What's the performance on USB 2.0 docking stations with a new Dell Studio? Can all of the video and internet traffic really go through a USB 2.0 connection while still providing the best video frame rates and internet speeds? When you undock, I assume you'd have to use the "Safely Remove Hardware" feature in Windows. Will that successfully 'remove' everything attached to the docking station - external drives, thumb drives, etc?

  Read the article

• howto only tunnel specific hosts route through openvpn client on tomato

  - by kcome

  I am relatively newbie in networking world although I did coding and know some sysadmin background for a long time. and here I'm only one step from my destination. The whole picture is : at home I use one LinkSys E3000 as the gateway(don't know yet if this is it's name), wireless AP and no other routing/switching devices. It serves 1 PC and 1 Mac with LAN, 1 Mac Mini + 1 iPad + 2 smartphones with WIFI. My goal is use an openvpn client on the E3000 (with tomato firmware) and make my iPad and smartphone's all WiFi traffic through it, and other devices route remain the same non-openvpn route. So far I'm able to connect openvpn client on E3000 to an openvpn server, tunnel all my devices' all traffic through that openvpn connection. What's left is howto selectively route by source IP (at least in my guessing) to the tunnel while don't bother others. I had learned some 'iptables' and 'route' in past few days however without much luck, so here comes my question. Here are some info which will help you get the structure. ifconfig -a output, some useless lines striped, and in the web interface C0:C1:C0:1A:E0:28 is WAN, C0:C1:C0:1A:E0:27 is LAN, C0:C1:C0:1A:E0:29 is 2.4G wifi AP, C0:C1:C0:1A:E0:2A is 5G wifi AP. root@router:/tmp/home/root# ifconfig -a br0 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:27 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:27 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth1 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:29 UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1 eth2 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:2A UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host ppp0 Link encap:Point-to-Point Protocol inet addr:172.200.1.43 P-t-P:172.200.0.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING MULTICAST MTU:1480 Metric:1 vlan1 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:27 UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1 vlan2 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:28 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 wl0.1 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:29 BROADCAST MULTICAST MTU:1500 Metric:1 brctl show output root@router:/tmp/home/root# brctl show bridge name bridge id STP enabled interfaces br0 8000.c0c1c01ae027 no vlan1 eth1 eth2 before openvpn route-up script root@router:/tmp/home/root# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.200.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 172.200.0.1 0.0.0.0 UG 0 0 0 ppp0 openvpn server push PUSH: Received control message: 'PUSH_REPLY,redirect-gateway,dhcp-option DNS 8.8.8.8,route 172.20.0.1,topology net30,ping 10,ping-restart 120,ifconfig 172.20.0.6 172.20.0.5' openvpn's stock route-up script Apr 24 14:52:06 router daemon.notice openvpn[1768]: /sbin/ifconfig tun11 172.20.0.6 pointopoint 172.20.0.5 mtu 1500 Apr 24 14:52:08 router daemon.notice openvpn[1768]: /sbin/route add -net 72.14.177.29 netmask 255.255.255.255 gw 172.200.0.1 Apr 24 14:52:08 router daemon.notice openvpn[1768]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 172.20.0.5 Apr 24 14:52:08 router daemon.notice openvpn[1768]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 172.20.0.5 Apr 24 14:52:08 router daemon.notice openvpn[1768]: /sbin/route add -net 172.20.0.1 netmask 255.255.255.255 gw 172.20.0.5 route after openvpn root@router:/tmp/home/root# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.20.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun11 72.14.177.29 172.200.0.1 255.255.255.255 UGH 0 0 0 ppp0 172.200.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 172.20.0.1 172.20.0.5 255.255.255.255 UGH 0 0 0 tun11 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 172.20.0.5 128.0.0.0 UG 0 0 0 tun11 128.0.0.0 172.20.0.5 128.0.0.0 UG 0 0 0 tun11 0.0.0.0 172.200.0.1 0.0.0.0 UG 0 0 0 ppp0 something I had noticed and tried: * on the web interface of openvpn client there is an option "Create NAT on tunnel", if i check this, there is the following script (probably executed after openvpn connection established) root@router:/tmp/home/root# cat /tmp/etc/openvpn/fw/client1-fw.sh #!/bin/sh iptables -I INPUT -i tun11 -j ACCEPT iptables -I FORWARD -i tun11 -j ACCEPT iptables -t nat -I POSTROUTING -s 192.168.1.0/255.255.255.0 -o tun11 -j MASQUERADE if i uncheck this option, the last line will not appear. Then I guess probably the my issue will be solved by iptables and NAT related commands, I just haven't got enough knowledge to figure them out. I tried run iptables -t nat -I POSTROUTING -s 192.168.1.6 -o tun11 -j MASQUERADE manually after openvpn connected (192.168.1.6 is the ip address of my iPad), then my iPad get internet with openvpn tunnel, however all other devices can't reach internet. in case if needed, here is the iptables about NAT root@router:/tmp/home/root# iptables -t nat -L -n Chain PREROUTING (policy ACCEPT) target prot opt source destination DROP all -- 0.0.0.0/0 192.168.1.0/24 WANPREROUTING all -- 0.0.0.0/0 172.200.1.43 upnp all -- 0.0.0.0/0 172.200.1.43 Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0 SNAT all -- 192.168.1.0/24 192.168.1.0/24 to:192.168.1.1 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain WANPREROUTING (1 references) target prot opt source destination DNAT icmp -- 0.0.0.0/0 0.0.0.0/0 to:192.168.1.1 Chain upnp (1 references) target prot opt source destination DNAT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5353 to:192.168.1.3:5353 Thanks in advance for helping and read this so much, I hope i made every info you need to give a help :)

  Read the article

• JMeter Stress testing

  - by mcondiff

  MAMP server hosting a Joomla instance. I'd like to hear the community's thoughts on the best way to stress test the server and find it's breaking point on concurrent users etc. Currently I have setup a test plan which I have going to the home page, grabbing the index.php, css, js and all images and have run tests on 1 to 100 users and a varying number of loops. What I'd like to know is how do I determine at what number of concurrent requests or looping requests is a good way to gauge if my server can handle the proposed increase in traffic? What is a good KB/sec, Throughput, Average, Max, Min via the Aggregate Report and at what number of threads/loops etc? I have googled and have not found immediate answers to these questions and thought to come here. More or less I have just used this http://jakarta.apache.org/jmeter/usermanual/jmeter_proxy_step_by_step.pdf to guide me and then I have been winging it in terms of Thread and Loop numbers. Any light shed on these subject would be much appreciated.

  Read the article

• Reverse proxy with SSL and IP passthrough?

  - by Paul

  Turns out that the IP of a much-needed new website is blocked from inside our organization's network for reasons that will take weeks to fix. In the meantime, could we set up a reverse proxy on an Internet-based server which will forward SSL traffic and perhaps client IPs to the external site? Load will be light. No need to terminate SSL on the proxy. We may be able to poison DNS so original URL can work. How do I learn if I need URL rewriting? Squid/apache/nginx/something else? Setup would be fastest on Win 2000, but other OSes are OK if that would help. Simple and quick are good since it's a temporary solution. Thanks for your thoughts!

  Read the article

• Restrict iPhone messaging to corprate osx server messaging service

  - by Vincent

  I have not found much information about this. We have company owned iPhone and iPads. We would like our employees to be able to message but require all messaging traffic to go through our local mountain lion osx server (not setup yet). How would the phones and server need to be configured to accomplish this. Specifically is it possible to restrict the user from adding additional accounts? How about another app that would use the server? Do you know of any good documentation on setting up this service on osx server and iPhone? I am open to other solutions, opensource messaging servers.....

  Read the article

• RRAS VPN Server on Windows 2008 Behind NAT

  - by Chris

  Ok, so I have kind of a funky setup, let me see if I can describe it. I have a single VMware host with a public IP address 74.xx.xx.x Inside that host, I have 3 VM's Web Server - 1 NIC - 192.168.199.20 SQL Server - 1 NIC - 192.168.199.30 RRAS/VPN Server - 2 NICs 192.168.199.40 & 192.168.199.45 Due to Limitations of my ISP, all of the VM's are connected to the host VIA NAT. I have NAT setup for the webserver so all incoming requests on 74.xx.xx.x via port 80 route to 192.168.199.20. This works fine. Now I want to set up a Windows 2008 VPN server inside this NAT network and forward the correct traffic to it. My questions are as follows? What are the TCP/UDP ports that i have to forward? What special configuration is needed on the server and clients since this is behind a NAT Any other advice would be wonderful.

  Read the article

• port forwarding on windows server 2008 to Hyper-v machines

  - by This is it

  I have a host machine (win server 2008 R2) with several Hyper-V virtual machines. I want to be able to redirect certain ports of host to virtual machines. There is virtual network connection between host and virtual machines (192.168.10.xxx). Host is also attached to external network (10.10.10.123). Virtual machines have several other networks between them. E.g., I want to be able to redirect traffic from 10.10.10.123 12345 to 192.168.10.321 54321 I tried RRAS in windows server but for it to work Default gateway to 10.10.10.123 has to be set in virtual machines. Virtual machines can not be on external network.

  Read the article

• Broadcom NIC Teaming with Hyper-V R2

  - by Brian McCleary

  I have read a few contradictory articles regarding support or at least configuration with teaming of Broadcom NIC's and Hyper-V. I have a pair of Dell R805's with 4 Broadcom 5708 NIC's in them. I have teamed them up (one team for public connections and one for private connections) and I have installed Hyper-V. I am getting some intermittent connection issues though and I'm concerned that it might be due to the teaming. Basically I am wondering if anyone has successfully setup NIC teaming in the parent partition and used the teamed adapters through the Hyper-V switch. If so, what is the configuration/proper steps that you used to configure this. I have the server running Windows Server 2008 R2. Right now the server is in test mode, but my concern is that we won't see any issues until we move it into production and get some heavy traffic on the ports.

  Read the article

• Do i need a dedicated server for load balancing?

  - by Ben

  I'm completely new to the concept of load balancing so i hope this question isn't a "stupid question" because i've been searching around and im having a hard time understanding this. So to my understanding, in order to load balance, i need a separate machine with an ip address i can direct all traffic to. I initially thought i needed to rent 3 dedicated servers, one for load balancing and the other two as backend servers. Would a dedicated server be too much for a load balancer or do hosting companies have special types of computers for that process? Then i read somewhere else that i can install a load balance software in both of the two servers and configure it in a way that doesn't require me to rent another machine/dedicated server for load balancing. So im a bit confuse on how to actually implement a load balancer and whether or not i need a dedicated server for the sole purpose of acting as a load balancing machine. Also, i was recommended to use HAproxy so i'll be heading that direction for load balancing.

  Read the article

• Linked vSphere servers preventing cloning?

  - by brian

  I've currently got a pair of vSphere5 standard servers (physical, not VAs) managing about a hundred ESX 4.1 and 5 hosts in two different physical and logical datacenters. With our last purchase, we bought another vSphere license for the new vS server. I unmanaged all the ESX servers in one datacenter and added them to new vSphere server. Our previous single-vS-server layout used to be: -vSphere1 --Datacenter1 (where the physical ESX host was located) ---Folder ----ESX server1 --Datacenter2 ---Folder ----ESX server2 Now it looks like -vSphere1 --Datacenter1 ---Folder ----ESX server1 -vSphere2 (new vSphere server) --Datacenter2 ---Folder ----ESX server2 ESX server2 was removed from vSphere1's inventory and added to vSphere2's, so it is now managed by vSphere2. This is nice and all, as no vSphere <-- ESX management traffic leaves the physical datacenter, except for one huge oversight: when I go to clone a VM, the opposite vSphere server (and thus other datacenter) does not show up in the list on the first page of the wizard. Is this a bug, a license limitation, or is it just simply not possible to clone a VM from an ESX box managed by one vS server to another ESX box managed by a /different/ vS server?

  Read the article

• Setup Cisco RVS4000 QOS for VOIP

  - by andyknas

  Just switched from dedicated T1's with analog phone lines to cable modem with 10/2 uplink. We're having some VOIP call quality issues on the outgoing side when bandwidth is stressed and I need to setup QOS or a VLAN on our RVS4000 router. Currently all phone traffic (talkswitch device and ip phones) are on it's own d-link PoE switch, and all workstations are on a LinkSys 1GB switch. Both switches are plugged into ports on the RVS4000. I'd like to set it up so that the dlink port has ~512Mbsp dedicated to it for voice at all times. It's my understanding that with a VLAN or QOS I can set this up. I've got QOS setup already with port 5060 to have high priority but it doesn't seem to make a difference.

  Read the article

• Linux networking "jail" for a single process

  - by halp

  I need to tune up a networking app for network specific things like: make it use a DNS server different than the default one from /etc/resolv.conf make sure it does not try to connect to certain hosts/ports using tcp/udp connections I know I can get away with just modifying /etc/resolv.conf and writing some iptables rules, but going for a default DENY firewall policy for outgoing IP packets can trigger malfunctions in other services running on the server. I know I can set up a virtual machine with a whole OS and run my app there, but it seems a bit overkill. Is it possible to have a networking "jail" for a single app (think single Linux process) that could accept iptables-like rules for network traffic (think in terms of IP packets and above) allowed to and from this particular app? Maybe this is achievable through some dynamically loaded library that can deal with the networking layer, the same manner tsocks does, but more fine-grained?

  Read the article

• Transition domain to new web host without waiting for DNS propagation

  - by jcmoney

  I was considering switching to Amazon EC2 to host my website to handle more traffic. It seems like I would have to update DNS records to point to the new server but I was wondering if there was a way to avoid having to wait for the new DNS record to propagate. Putting the code on both hosts would not work for me since the app writes to a database pretty frequently. I thought about just using a meta redirect or php redirect on the old host to redirect to the new host ip but was wondering if there's a better more accepted way of doing this.

  Read the article

• OpenVPN make redirect-gateway optional

  - by Tuinslak

  Hi there, I'm currently running an OpenVPN server for multiple clients. All traffic is directed through the VPN (it's set up as gateway; push "redirect-gateway def1"). So far, all is working fine. However, I'd like to connect a couple of servers to this virtual private network, without these servers using the OVPN daemon as gateway. These servers have to be accessible from both their WAN as well as their LAN IP address. Certain services will be accessible only from the LAN side. Is there any way, for a client, to ignore the push redirect-gateway option? Kind regards, Tuinslak

  Read the article

• OpenVPN on ec2 bridged mode connects but no Ping, DNS or forwarding

  - by michael

  I am trying to use OpenVPN to access the internet over a secure connection. I have openVPN configured and running on Amazon EC2 in bridge mode with client certs. I can successfully connect from the client, but I cannot get access to the internet or ping anything from the client I checked the following and everything seems to shows a successful connection between the vpn client/server and UDP traffic on 1194 [server] sudo tcpdump -i eth0 udp port 1194 (shows UDP traffic after establishing connection) [server] sudo iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination [server] sudo iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- ip-W-X-Y-0.us-west-1.compute.internal/24 anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination [server] openvpn.log Wed Oct 19 03:11:26 2011 localhost/a.b.c.d:61905 [localhost] Inactivity timeout (--ping-restart), restarting Wed Oct 19 03:11:26 2011 localhost/a.b.c.d:61905 SIGUSR1[soft,ping-restart] received, client-instance restarting Wed Oct 19 03:41:31 2011 MULTI: multi_create_instance called Wed Oct 19 03:41:31 2011 a.b.c.d:57889 Re-using SSL/TLS context Wed Oct 19 03:41:31 2011 a.b.c.d:57889 LZO compression initialized Wed Oct 19 03:41:31 2011 a.b.c.d:57889 Control Channel MTU parms [ L:1574 D:166 EF:66 EB:0 ET:0 EL:0 ] Wed Oct 19 03:41:31 2011 a.b.c.d:57889 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ] Wed Oct 19 03:41:31 2011 a.b.c.d:57889 Local Options hash (VER=V4): '360696c5' Wed Oct 19 03:41:31 2011 a.b.c.d:57889 Expected Remote Options hash (VER=V4): '13a273ba' Wed Oct 19 03:41:31 2011 a.b.c.d:57889 TLS: Initial packet from [AF_INET]a.b.c.d:57889, sid=dd886604 ab6ebb38 Wed Oct 19 03:41:35 2011 a.b.c.d:57889 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=EXAMPLE/CN=EXAMPLE_CA/[email protected] Wed Oct 19 03:41:35 2011 a.b.c.d:57889 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=EXAMPLE/CN=localhost/[email protected] Wed Oct 19 03:41:37 2011 a.b.c.d:57889 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Oct 19 03:41:37 2011 a.b.c.d:57889 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Oct 19 03:41:37 2011 a.b.c.d:57889 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Oct 19 03:41:37 2011 a.b.c.d:57889 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Oct 19 03:41:37 2011 a.b.c.d:57889 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Wed Oct 19 03:41:37 2011 a.b.c.d:57889 [localhost] Peer Connection Initiated with [AF_INET]a.b.c.d:57889 Wed Oct 19 03:41:39 2011 localhost/a.b.c.d:57889 PUSH: Received control message: 'PUSH_REQUEST' Wed Oct 19 03:41:39 2011 localhost/a.b.c.d:57889 SENT CONTROL [localhost]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,route-gateway W.X.Y.Z,ping 10,ping-restart 120,ifconfig W.X.Y.Z 255.255.255.0' (status=1) Wed Oct 19 03:41:40 2011 localhost/a.b.c.d:57889 MULTI: Learn: (IPV6) -> localhost/a.b.c.d:57889 [client] tracert google.com Tracing route to google.com [74.125.71.104] over a maximum of 30 hops: 1 347 ms 349 ms 348 ms PC [w.X.Y.Z] 2 * * * Request timed out. I can also successfully ping the server IP address from the client, and ping google.com from an SSH shell on the server. What am I doing wrong? Here is my config (Note: W.X.Y.Z == amazon EC2 private ipaddress) bridge config on br0 ifconfig eth0 0.0.0.0 promisc up brctl addbr br0 brctl addif br0 eth0 ifconfig br0 W.X.Y.X netmask 255.255.255.0 broadcast W.X.Y.255 up route add default gw W.X.Y.1 br0 /etc/openvpn/server.conf (from https://help.ubuntu.com/10.04/serverguide/C/openvpn.html) local W.X.Y.Z dev tap0 up "/etc/openvpn/up.sh br0" down "/etc/openvpn/down.sh br0" ;server W.X.Y.0 255.255.255.0 server-bridge W.X.Y.Z 255.255.255.0 W.X.Y.105 W.X.Y.200 ;push "route W.X.Y.0 255.255.255.0" push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220" tls-auth ta.key 0 # This file is secret user nobody group nogroup log-append openvpn.log iptables config sudo iptables -A INPUT -i tap0 -j ACCEPT sudo iptables -A INPUT -i br0 -j ACCEPT sudo iptables -A FORWARD -i br0 -j ACCEPT sudo iptables -t nat -A POSTROUTING -s W.X.Y.0/24 -o eth0 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward Routing Tables added route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface W.X.Y.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 0.0.0.0 W.X.Y.1 0.0.0.0 UG 0 0 0 br0 C:>route print =========================================================================== Interface List 32...00 ff ac d6 f7 04 ......TAP-Win32 Adapter V9 15...00 14 d1 e9 57 49 ......Microsoft Virtual WiFi Miniport Adapter #2 14...00 14 d1 e9 57 49 ......Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Net work Adapter 10...00 1f d0 50 1b ca ......Realtek PCIe GBE Family Controller 1...........................Software Loopback Interface 1 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3 36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 10.1.2.1 10.1.2.201 25 10.1.2.0 255.255.255.0 On-link 10.1.2.201 281 10.1.2.201 255.255.255.255 On-link 10.1.2.201 281 10.1.2.255 255.255.255.255 On-link 10.1.2.201 281 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 10.1.2.201 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 10.1.2.201 281 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 0.0.0.0 0.0.0.0 10.1.2.1 Default =========================================================================== C:>tracert google.com Tracing route to google.com [74.125.71.147] over a maximum of 30 hops: 1 344 ms 345 ms 343 ms PC [W.X.Y.221] 2 * * * Request timed out.

  Read the article

• Mysql out of disk space

  - by Paddy

  I have just finished developing a rails app which has a mysql db as a backend. The app is meant for high traffic and will store lots of information. I am planning to set up my own web server and host the site from it. If in future my disk space runs out i would want to expand by adding more space. But say if my mysql database is housed in my /disk0s1 and by adding a new drive i have more partitions (and hence more disk space), how then would i extend my database to store information on those partitions too, and at the same time prevent any information from being written on the original partition. Should i go for multiple databases? if so how? If i went for a hosting solution i wouldn't be bothering about this as i would just have to worry about making payments for the extra space :) I always wondered how space is added on-the-go by these webhosts. Is there any specific mysql configuration that i have to make?

  Read the article

• Bulk Email Verification Tool

  - by JoefrshnJoeclean

  I'm looking for a bulk email validation tool to parse a list of 60K email addresses. Our company sends out 8 Million email newsletters a month via our mailing list software - MDAEMON. MDAEMON ships with a bad email address validator but I'm not quite comfortable with its results as it captures returned email addresses with SMTP errors of 500 and above. (We want to keep emails that return a Full Mailbox error or bounce backs that see us as SPAM) To further prune the list, we use Advanced Email Verifier. But I tested a random sample of this list and found a couple emails to be valid. Since our company relies heavily on traffic from our newsletters, I am wondering what other Windows-based bulk email verifier tools are out there?

  Read the article

• Apache error_log repeated attempts to access forum.php

  - by bMon

  About every two seconds I am getting: [Sat Feb 19 19:00:01 2011] [error] [client 69.239.204.217] script '/var/www /html/forum.php' not found or unable to stat [Sat Feb 19 19:00:04 2011] [error] [client 69.239.204.217] File does not exist: /var/www/html/404.shtml ..in my /var/log/httpd/error_log file. Sometimes the request will be for forum_asp.php. I'm assuming its a bot trying to access insecure forum files, but I'm not so sure since it appears each is a unique IP and not just a few rouge IPs hitting it consecutively. And whois results of the ip's aren't all the classic ISP in Russia or China, they are more end user address (comcast, etc). Any insight into whats going on here would be appreciated. Also, any techniques people use to do a "live monitor" of web traffic would be appreciated. Right now I'm doing a: tail -f error_log Thanks.

  Read the article

• Load-balancing between a Procurve switch and a server

  - by vlad

  Hello I've been searching around the web for this problem i've been having. It's similar in a way to this question: How exactly & specifically does layer 3 LACP destination address hashing work? My setup is as follows: I have a central switch, a Procurve 2510G-24, image version Y.11.16. It's the center of a star topology, there are four switches connected to it via a single gigabit link. Those switches service the users. On the central switch, I have a server with two gigabit interfaces that I want to bond together in order to achieve higher throughput, and two other servers that have single gigabit connections to the switch. The topology looks as follows: sw1 sw2 sw3 sw4 | | | | --------------------- | sw0 | --------------------- || | | srv1 srv2 srv3 The servers were running FreeBSD 8.1. On srv1 I set up a lagg interface using the lacp protocol, and on the switch I set up a trunk for the two ports using lacp as well. The switch showed that the server was a lacp partner, I could ping the server from another computer, and the server could ping other computers. If I unplugged one of the cables, the connection would keep working, so everything looked fine. Until I tested throughput. There was only one link used between srv1 and sw0. All testing was conducted with iperf, and load distribution was checked with systat -ifstat. I was looking to test the load balancing for both receive and send operations, as I want this server to be a file server. There were therefore two scenarios: iperf -s on srv1 and iperf -c on the other servers iperf -s on the other servers and iperf -c on srv1 connected to all the other servers. Every time only one link was used. If one cable was unplugged, the connections would keep going. However, once the cable was plugged back in, the load was not distributed. Each and every server is able to fill the gigabit link. In one-to-one test scenarios, iperf was reporting around 940Mbps. The CPU usage was around 20%, which means that the servers could withstand a doubling of the throughput. srv1 is a dell poweredge sc1425 with onboard intel 82541GI nics (em driver on freebsd). After troubleshooting a previous problem with vlan tagging on top of a lagg interface, it turned out that the em could not support this. So I figured that maybe something else is wrong with the em drivers and / or lagg stack, so I started up backtrack 4r2 on this same server. So srv1 now uses linux kernel 2.6.35.8. I set up a bonding interface bond0. The kernel module was loaded with option mode=4 in order to get lacp. The switch was happy with the link, I could ping to and from the server. I could even put vlans on top of the bonding interface. However, only half the problem was solved: if I used srv1 as a client to the other servers, iperf was reporting around 940Mbps for each connection, and bwm-ng showed, of course, a nice distribution of the load between the two nics; if I run the iperf server on srv1 and tried to connect with the other servers, there was no load balancing. I thought that maybe I was out of luck and the hashes for the two mac addresses of the clients were the same, so I brought in two new servers and tested with the four of them at the same time, and still nothing changed. I tried disabling and reenabling one of the links, and all that happened was the traffic switched from one link to the other and back to the first again. I also tried setting the trunk to "plain trunk mode" on the switch, and experimented with other bonding modes (roundrobin, xor, alb, tlb) but I never saw any traffic distribution. One interesting thing, though: one of the four switches is a Cisco 2950, image version 12.1(22)EA7. It has 48 10/100 ports and 2 gigabit uplinks. I have a server (call it srv4) with a 4 channel trunk connected to it (4x100), FreeBSD 8.0 release. The switch is connected to sw0 via gigabit. If I set up an iperf server on one of the servers connected to sw0 and a client on srv4, ALL 4 links are used, and iperf reports around 330Mbps. systat -ifstat shows all four interfaces are used. The cisco port-channel uses src-mac to balance the load. The HP should use both the source and destination according to the manual, so it should work as well. Could this mean there is some bug in the HP firmware? Am I doing something wrong?

  Read the article

< Previous Page | 126 127 128 129 130 131 132 133 134 135 136 137  | Next Page >