Search Results

Search found 30252 results on 1211 pages for 'network programming'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 393/1211 | < Previous Page | 389 390 391 392 393 394 395 396 397 398 399 400  | Next Page >

  • help setting up an IPSEC vpn from my linux box

    - by robthewolf
    I have an office with a router and a remote server (Linux - Ubuntu 10.10). Both locations need to connect to a data supplier through a VPN. The VPN is an IPSEC gateway. I was able to configure my Linksys rv42 router to create a VPN connection successfully and now I need to do the same for Linux server. I have been messing around with this for too long. First I tried OpenVPN, but that is SSL and not IPSEC. Then I tried Shrew. I think I have the settings correct but I haven't been able to create the connection. It maybe that I have to use something else like a direct IPSEC config or something like that. If someone knows of a way to turn the following settings that I have been given below into a working IPSEC VPN connection I would be very grateful. Here are the settings I was given that must be used to connect to my supplier: Local destination network: 192.168.4.0/24 Local destination hosts: 192.168.4.100 Remote destination network: 192.167.40.0/24 Remote destination hosts: 192.168.40.27 VPN peering point: xxx.xxx.xxx.xxx Then they have given me the following details: IPSEC/ISAKMP Phase 1 Parameters: Authentication method: pre shared secret Diffie Hellman group: group 2 Encryption Algorithm: 3DES Lifetime in seconds:28800 Phase 2 parameters: IPSEC security: ESP Encryption algortims: 3DES Authentication algorithms: MD5 lifetime in seconds: 28800 pfs: disabled Here are the settings from my attempt to use shrew: n:version:2 n:network-ike-port:500 n:network-mtu-size:1380 n:client-addr-auto:0 n:network-frag-size:540 n:network-dpd-enable:1 n:network-notify-enable:1 n:client-banner-enable:1 n:client-dns-used:1 b:auth-mutual-psk:YjJzN2QzdDhyN2EyZDNpNG42ZzQ= n:phase1-dhgroup:2 n:phase1-keylen:0 n:phase1-life-secs:28800 n:phase1-life-kbytes:0 n:vendor-chkpt-enable:0 n:phase2-keylen:0 n:phase2-pfsgroup:-1 n:phase2-life-secs:28800 n:phase2-life-kbytes:0 n:policy-nailed:0 n:policy-list-auto:1 n:client-dns-auto:1 n:network-natt-port:4500 n:network-natt-rate:15 s:client-dns-addr:0.0.0.0 s:client-dns-suffix: s:network-host:xxx.xxx.xxx.xxx s:client-auto-mode:pull s:client-iface:virtual s:client-ip-addr:192.168.4.0 s:client-ip-mask:255.255.255.0 s:network-natt-mode:enable s:network-frag-mode:disable s:auth-method:mutual-psk s:ident-client-type:address s:ident-client-data:192.168.4.0 s:ident-server-type:address s:ident-server-data:192.168.40.0 s:phase1-exchange:aggressive s:phase1-cipher:3des s:phase1-hash:md5 s:phase2-transform:3des s:phase2-hmac:md5 s:ipcomp-transform:disabled Finally here is the debug output from the shrew log: 10/12/22 17:22:18 ii : ipc client process thread begin ... 10/12/22 17:22:18 < A : peer config add message 10/12/22 17:22:18 DB : peer added ( obj count = 1 ) 10/12/22 17:22:18 ii : local address 217.xxx.xxx.xxx selected for peer 10/12/22 17:22:18 DB : tunnel added ( obj count = 1 ) 10/12/22 17:22:18 < A : proposal config message 10/12/22 17:22:18 < A : proposal config message 10/12/22 17:22:18 < A : client config message 10/12/22 17:22:18 < A : local id '192.168.4.0' message 10/12/22 17:22:18 < A : remote id '192.168.40.0' message 10/12/22 17:22:18 < A : preshared key message 10/12/22 17:22:18 < A : peer tunnel enable message 10/12/22 17:22:18 DB : new phase1 ( ISAKMP initiator ) 10/12/22 17:22:18 DB : exchange type is aggressive 10/12/22 17:22:18 DB : 217.xxx.xxx.xxx:500 <- 206.xxx.xxx.xxx:500 10/12/22 17:22:18 DB : c1a8b31ac860995d:0000000000000000 10/12/22 17:22:18 DB : phase1 added ( obj count = 1 ) 10/12/22 17:22:18 : security association payload 10/12/22 17:22:18 : - proposal #1 payload 10/12/22 17:22:18 : -- transform #1 payload 10/12/22 17:22:18 : key exchange payload 10/12/22 17:22:18 : nonce payload 10/12/22 17:22:18 : identification payload 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v00 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v01 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v02 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v03 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( rfc ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports DPDv1 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is SHREW SOFT compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is NETSCREEN compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is SIDEWINDER compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is CISCO UNITY compatible 10/12/22 17:22:18 = : cookies c1a8b31ac860995d:0000000000000000 10/12/22 17:22:18 = : message 00000000 10/12/22 17:22:18 - : send IKE packet 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 ( 484 bytes ) 10/12/22 17:22:18 DB : phase1 resend event scheduled ( ref count = 2 ) 10/12/22 17:22:18 ii : opened tap device tap0 10/12/22 17:22:28 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:38 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:48 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:58 ii : resend limit exceeded for phase1 exchange 10/12/22 17:22:58 ii : phase1 removal before expire time 10/12/22 17:22:58 DB : phase1 deleted ( obj count = 0 ) 10/12/22 17:22:58 ii : closed tap device tap0 10/12/22 17:22:58 DB : tunnel stats event canceled ( ref count = 1 ) 10/12/22 17:22:58 DB : removing tunnel config references 10/12/22 17:22:58 DB : removing tunnel phase2 references 10/12/22 17:22:58 DB : removing tunnel phase1 references 10/12/22 17:22:58 DB : tunnel deleted ( obj count = 0 ) 10/12/22 17:22:58 DB : removing all peer tunnel refrences 10/12/22 17:22:58 DB : peer deleted ( obj count = 0 ) 10/12/22 17:22:58 ii : ipc client process thread exit ...

    Read the article

  • What are the benefits of PHP?

    - by acme
    Everybody knows that people that have prejudices against certain programming languages. Especially PHP seems to suffer from problems of its past and some other things (like loose types) and is often called a non-serious programming language that should not be used for professional applications. In that special case PHP: How do you argue using PHP as your chosen programming language for web applications? What are the benefits, where is PHP better than ColdFusion, Java, etc.?

    Read the article

  • Game Institute Math Courses

    - by W3Geek
    I'm 21 years old and I suck at math, I mean really bad. I don't have the necessary logic to apply it towards programming. I would like to learn the math and logic of applying it. I found Game Institute (http://www.gameinstitute.com) awhile back and heard a lot of praise about them. Are there Math courses any good? Thank you. Edit: My high school was terrible and did not prepare me for any math. I am fairly decent at programming, I just don't have the logic to apply any mathematics to programming, as an example I don't understand the algorithm of finding the size of a user's screen. Yes I have heard of KhanAcademy (http://www.khanacademy.org/) and I have completed a lot of maths on his website but I still don't have the logic to apply any of it to programming.

    Read the article

  • OTN's Virtual Developer Day: Deep dive on WebLogic and Java EE 6

    - by ruma.sanyal
    Come join us and learn how Oracle WebLogic Server enables a whole new level of productivity for enterprise developers. Also hear the latest on Java EE 6 and the programming tenets that have made it a true platform breakthrough, with new programming paradigms, persistence strategies, and more: Convention over configuration - minimal XML Leaner and meaner API - and one that is an open standard POJO model - managed beans for testable components Annotation-based programming model - decorate and inject Reduce or eliminate need for deployment descriptors Traditional API for advanced users How to participate: register online, and we'll email you the details.

    Read the article

  • Yoga Pro 2 Wi-Fi not working

    - by user293004
    I installed Ubuntu 14.04 on my new Yoga Pro 2 and the wireless is not working. It started with Windows 8 on it. The Network Manager says Wi-Fi is disabled by hardware switch. I tried putting a blacklist file in ect/modprobe.d as has been suggested in many places. I called the file "blacklist-ideapad_laptop.conf" and wrote in the file blacklist ideapad_laptop I checked to make sure that the wireless is enabled in the BIOS. It is. I ran rfkill list all and it displayed: 0: hci0: Bluetooth Soft blocked: no Hard blocked: no 2: phy0: Wireless LAN Soft blocked: no Hard blocked: yes I ran iwlist wlan0 scan and it displayed: wlan0 Failed to read scan data : Network is down I ran sudo rmmod ideapad_laptop and it displayed: rmmod: ERROR: Module ideapad_laptop is not currently loaded. I ran ifconfig wlp1s0 up and it displayed: wlp1s0: ERROR while getting interface flags: No such device. I ran "lspci" and it displayed: 01:00.0 Network controller: Intel Corporation Wireless 7260 (rev 6b) I ran sudo lshw -c network and it displayed: *-network DISABLED description: Wireless interface product: Wireless 7260 vendor: Intel Corporation physical id: 0<br> bus info: pci@0000:01:00:0.0 logical name: wlan0 version: 6b serial: 7c:7a:91:5f:9b:fa width: 64 bits clock: 33MHz capabilities: pm msi pciexpress bus_master cap_list ethernet physical wireless configuration: broadcast=yes driver=iwlwifi driverversion=3.13.0-24-generic firmware=22.24.8.0 latency=0 link=no multicast=yes wireless=IEEE 802.11bgn resources: irq:61 memory:b0400000-b0401fff This No wireless with Intel Centrino Advanced-N 7260 seems to be dealing with a similar issue. It suggests that I need to update my firmware. So I downloaded iwlwifi-7260-ucode-23.214.9.0 from Intel's website. I put the file "iwlwifi-7260-9.ucode" in /lib/firmware and ran "sudo lshw -c network" again. It displayed exactly as before. Is there something else I need to do install the new firmware?

    Read the article

  • "Never to forget information" for programmers [closed]

    - by Milan
    Hi there! I'm new to programming and I would like to make a list of most important pieces of knowledge of programming and CS that would be useful no matter what specific programming language I would use in the future. For instance, if I would make this kind of list for Law studies, there would be stuff like Articles of Constitution etc. Those pieces of information I would put in Anki, and repeat it from time to time. Speaking in terms of CS and programming I mean on the most useful: mathematical theorems algorithms (examples of elegant solutions, comparison of two solutions etc.) pieces of code anything else that is vital (and very handy) to have in mind Do you think that making this kind of knowledge list makes sense?

    Read the article

  • Remote Desktop over SSH SOCKS proxy to bypass firewall

    - by scrumpyjack
    Hi folks, I'm trying to connect to a Windows server from my Mac using RDC2.1 for Mac. The problem is the server I need to connect to is guarded by the evil dragon - IP-based access control on a completely separate network. I have an IP I can get in on, but it's at my office (i.e. a completely separate network). Because that network isn't set up for VPN, I've set up a SOCKS proxy through an SSH tunnel (which is all working fine). (SSH proxy) Me (on my Mac) ----------> Office Linux box ----> Windows server (home network) (office network) (other network) From my Linux server in my office (the SSH server) I can telnet to port 3389 on the Windows server, no problem. But from my Mac I can't get so much as a squeak out of it. Any ideas?

    Read the article

  • Can make the proxy settings invisible when I share my internet connection via wifi?

    - by Neil
    This is probably a long shot... I have an HTC Desire and frustratingly found out after I got it that it doesn't support network proxy settings. We have a wireless network at my office that uses a proxy. My desktop at work runs ubuntu. I was wondering if the following set up would work: Plug a USB Wireless adapter into the desktop that has a working internet connection using the proxy. Setup the wireless adapter as an ad-hoc network Share the internet connection over the ad-hoc network. Make it so that the use of the proxy is invisible to users of the shared network connection. Connect the Android phone to the ad-hoc wireless network and utilise the internet connection. My question is this: Is this possible or should I give up now and not even try? I think I can handle steps 1, 2, 3 and 5. I just have no idea if step 4 even makes sense, let alone is possible. Thanks

    Read the article

  • Learn Many Languages

    - by Jeff Foster
    My previous blog, Deliberate Practice, discussed the need for developers to “sharpen their pencil” continually, by setting aside time to learn how to tackle problems in different ways. However, the Sapir-Whorf hypothesis, a contested and somewhat-controversial concept from language theory, seems to hold reasonably true when applied to programming languages. It states that: “The structure of a language affects the ways in which its speakers conceptualize their world.” If you’re constrained by a single programming language, the one that dominates your day job, then you only have the tools of that language at your disposal to think about and solve a problem. For example, if you’ve only ever worked with Java, you would never think of passing a function to a method. A good developer needs to learn many languages. You may never deploy them in production, you may never ship code with them, but by learning a new language, you’ll have new ideas that will transfer to your current “day-job” language. With the abundant choices in programming languages, how does one choose which to learn? Alan Perlis sums it up best. “A language that doesn‘t affect the way you think about programming is not worth knowing“ With that in mind, here’s a selection of languages that I think are worth learning and that have certainly changed the way I think about tackling programming problems. Clojure Clojure is a Lisp-based language running on the Java Virtual Machine. The unique property of Lisp is homoiconicity, which means that a Lisp program is a Lisp data structure, and vice-versa. Since we can treat Lisp programs as Lisp data structures, we can write our code generation in the same style as our code. This gives Lisp a uniquely powerful macro system, and makes it ideal for implementing domain specific languages. Clojure also makes software transactional memory a first-class citizen, giving us a new approach to concurrency and dealing with the problems of shared state. Haskell Haskell is a strongly typed, functional programming language. Haskell’s type system is far richer than C# or Java, and allows us to push more of our application logic to compile-time safety. If it compiles, it usually works! Haskell is also a lazy language – we can work with infinite data structures. For example, in a board game we can generate the complete game tree, even if there are billions of possibilities, because the values are computed only as they are needed. Erlang Erlang is a functional language with a strong emphasis on reliability. Erlang’s approach to concurrency uses message passing instead of shared variables, with strong support from both the language itself and the virtual machine. Processes are extremely lightweight, and garbage collection doesn’t require all processes to be paused at the same time, making it feasible for a single program to use millions of processes at once, all without the mental overhead of managing shared state. The Benefits of Multilingualism By studying new languages, even if you won’t ever get the chance to use them in production, you will find yourself open to new ideas and ways of coding in your main language. For example, studying Haskell has taught me that you can do so much more with types and has changed my programming style in C#. A type represents some state a program should have, and a type should not be able to represent an invalid state. I often find myself refactoring methods like this… void SomeMethod(bool doThis, bool doThat) { if (!(doThis ^ doThat)) throw new ArgumentException(“At least one arg should be true”); if (doThis) DoThis(); if (doThat) DoThat(); } …into a type-based solution, like this: enum Action { DoThis, DoThat, Both }; void SomeMethod(Action action) { if (action == Action.DoThis || action == Action.Both) DoThis(); if (action == Action.DoThat || action == Action.Both) DoThat(); } At this point, I’ve removed the runtime exception in favor of a compile-time check. This is a trivial example, but is just one of many ideas that I’ve taken from one language and implemented in another.

    Read the article

  • Ubuntu 9.04 Cannot Connect to visible open wifi ap (reason 6)

    - by Andrew Bolster
    I'm travelling currently so the last network i connected successfully to was my home wpa-psk network. I hadn't tried anything until i got to my accommodation that is an open network (that I'm on now on the Win7 partition on my laptop). The network (and a similar archetypical 'linksys' open network, aswell as some protected local networks are correctly displayed in network-manager and upon selection, it happily spins around to its hearts content for a while before saying 'no chance boy'. /var/log/syslog spills out the usual combination of wpa_supplicant and kernel messages, the most interesting of are that the kernel deauthentication reason 6 response. 6 apparently means class2FrameFromNonAuthStation...Client attempted to transfer data before it was authenticated. Anyone seen anything like this? I've already tried going closer to the router to no avail. I don't remember seeing this any other time I've connected to a open AP, even if that AP is far away. (Signal strength for this AP is good, kismet says its around -57dBm, well above the threshold of -80dBm, and I've tried all the suggestions from the 'Related Questions'

    Read the article

  • Virtual Networks in Oracle Solaris - Part 5

    - by user12616590
               A         long         time      ago in a    blogosphere   far, far away... I wrote four blog entries to describe the new network virtualization features that were in Solaris 11 Express: Part 1 introduced the concept of network virtualization and listed the basic virtual network elements. Part 2 expanded on the concepts and discussed the resource management features. Part 3 demonstrated the creation of some of these virtual network elements. Part 4 demonstrated the network resource controls. I had planned a final entry that added virtual routers to the list of virtual network elements, but Jeff McMeekin wrote a paper that discuses the same features. That paper is available at OTN. And this Jeff can't write any better than that Jeff... All of the features described in those blog entries and that paper are also available in Solaris 11. It is possible that some details have changed, but the vast majority of the content is unchanged.

    Read the article

  • wireless card not detected

    - by user281219
    i have a old HP Compaq NX6125 with a new lunbuntu 14.04 32 bits install , but the wireless card is not working I have already done this steps and the wireless leds on the laptop are on but can't see any where the wireless interface , cloud`t do the last two steps . sudo apt-get remove bcmwl-kernel-source sudo apt-get install firmware-b43-installer b43-fwcutter Then Reboot And you need to activate the card from settings/network/wireless make it ON After this search for wireless icon at the task bar and look for your wifi. lshw -class network: *-network:0 description: Ethernet interface product: NetXtreme BCM5788 Gigabit Ethernet vendor: Broadcom Corporation physical id: 1 bus info: pci@0000:02:01.0 logical name: eth0 version: 03 serial: 00:0f:b0:f7:d1:0f size: 100Mbit/s capacity: 1Gbit/s width: 32 bits clock: 66MHz capabilities: pm vpd msi bus_master cap_list ethernet physical tp 10bt 10bt-fd 100bt 100bt-fd 1000bt 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=tg3 driverversion=3.134 duplex=full firmware=5788-v3.26 ip=192.168.1.120 latency=64 link=yes mingnt=64 multicast=yes port=twisted pair speed=100Mbit/s resources: irq:23 memory:d0000000-d000ffff *-network:1 description: Network controller product: BCM4318 [AirForce One 54g] 802.11g Wireless LAN Controller vendor: Broadcom Corporation physical id: 2 bus info: pci@0000:02:02.0 version: 02 width: 32 bits clock: 33MHz capabilities: bus_master configuration: driver=b43-pci-bridge latency=64 resources: irq:22 memory:d0010000-d0011fff *-network description: Wireless interface physical id: 1 logical name: wlan2 serial: 00:14:a5:77:9e:10 capabilities: ethernet physical wireless configuration: broadcast=yes driver=b43 driverversion=3.13.0-29-generic firmware=666.2 link=no multicast=yes wireless=IEEE 802.11bg

    Read the article

  • How do you deal with information overload?

    - by talonx
    There are so many (good) programming blogs out there. Some of them are consistent in what they post - as in they stick to programming topics. Some of them occasionally post on other unrelated topics. Also, not every programming post might be relevant to me. I might have read one good post once, and not wishing to miss any future good ones - subscribed to the blog. Subscribing to too many blog feeds usually leads to just skimming through all of them (which takes time as well). Another option might be to subscribe to aggregators, like Hacker News - but that too has a huge rate of link accumulation. How do you manage if you wish to keep up with the programming blogosphere and still maintain a good signal to noise ratio?

    Read the article

  • How do I modify these VPN connection settings for Xfce?

    - by Dave M G
    I have signed up for a VPN (Virtual Private Network) service, and I configured it for use on my computer that runs Gnome Classic with the following instructions: In Terminal, install openvpn packages with sudo apt-get install network-manager-openvpn. 1. Restart the network manager with sudo restart network-manager 2. Run sudo wget https://www.xxxxxxx.com/ovpnconfigure.zip 3. Extract the files from the zip with unzip ovpnconfigure.zip. 4. Move cert.crt to /etc/openvpn 5. Open the Network Manager on the menu bar. 6. Choose add and select the OpenVPN connection type, and click Create. 7. Enter Private Internet Access SSL for the Connection Name. 8. Enter xxxxxx.xxxxxxxx.com for the Gateway 9. Select Password and enter your login credentials. 10. Browse and select the CA Certificate we saved in Step 3. 11. Choose Advanced and enable LZO Compression. 12. Apply and exit. 13. Connect using the Network Manager. It worked, but now I want to set up access to the same VPN service on another machine that runs Mythbuntu, which uses Xfce as its desktop manager. So every point from 5 on doesn't apply. How can I modify the above instructions so that I can get my VPN service working with Xfce. As a further note, while I can access the Xfce desktop directly if I need to, it's more convenient for me to access it via the command line and SSH from on of my other computers. A command line process would be ideal. (I looked for this, and found instructions only for PPTP access, whereas I need OpenVPN.)

    Read the article

  • Involving kids into programing - which language? [closed]

    - by boj
    Possible Duplicate: What are some good tools for introducing kids to programming? Long-long time ago I had a great book by Frank DaCosta about writing adventure games in Basic, it had a great influence on me. I would like to show the world of programming to my child too but I have two problems: I can not found books like DaCosta's (but we can replace it with our fantasy so not a big deal) Which programming language should I use? Small Basic?

    Read the article

  • How do I prevent TCP connection freezes over an OpenVPN network?

    - by Jason R
    New details added at the end of this question; it's possible that I'm zeroing in on the cause. I have a UDP OpenVPN-based VPN set up in tap mode (I need tap because I need the VPN to pass multicast packets, which doesn't seem to be possible with tun networks) with a handful of clients across the Internet. I've been experiencing frequent TCP connection freezes over the VPN. That is, I will establish a TCP connection (e.g. an SSH connection, but other protocols have similar issues), and at some point during the session, it seems that traffic will cease being transmitted over that TCP session. This seems to be related to points at which large data transfers occur, such as if I execute an ls command in an SSH session, or if I cat a long log file. Some Google searches turn up a number of answers like this previous one on Server Fault, indicating that the likely culprit is an MTU issue: that during periods of high traffic, the VPN is trying to send packets that get dropped somewhere in the pipes between the VPN endpoints. The above-linked answer suggests using the following OpenVPN configuration settings to mitigate the problem: fragment 1400 mssfix This should limit the MTU used on the VPN to 1400 bytes and fix the TCP maximum segment size to prevent the generation of any packets larger than that. This seems to mitigate the problem a bit, but I still frequently see the freezes. I've tried a number of sizes as arguments to the fragment directive: 1200, 1000, 576, all with similar results. I can't think of any strange network topology between the two ends that could trigger such a problem: the VPN server is running on a pfSense machine connected directly to the Internet, and my client is also connected directly to the Internet at another location. One other strange piece of the puzzle: if I run the tracepath utility, then that seems to band-aid the problem. A sample run looks like: [~]$ tracepath -n 192.168.100.91 1: 192.168.100.90 0.039ms pmtu 1500 1: 192.168.100.91 40.823ms reached 1: 192.168.100.91 19.846ms reached Resume: pmtu 1500 hops 1 back 64 The above run is between two clients on the VPN: I initiated the trace from 192.168.100.90 to the destination of 192.168.100.91. Both clients were configured with fragment 1200; mssfix; in an attempt to limit the MTU used on the link. The above results would seem to suggest that tracepath was able to detect a path MTU of 1500 bytes between the two clients. I would assume that it would be somewhat smaller due to the fragmentation settings specified in the OpenVPN configuration. I found that result somewhat strange. Even stranger, however: if I have a TCP connection in the stalled state (e.g. an SSH session with a directory listing that froze in the middle), then executing the tracepath command shown above causes the connection to start up again! I can't figure out any reasonable explanation for why this would be the case, but I feel like this might be pointing toward a solution to ultimately eradicate the problem. Does anyone have any recommendations for other things to try? Edit: I've come back and looked at this a bit further, and have found only more confounding information: I set the OpenVPN connection to fragment at 1400 bytes, as shown above. Then, I connected to the VPN from across the Internet and used Wireshark to look at the UDP packets that were sent to the VPN server while the stall occurred. None were greater than the specified 1400 byte count, so the fragmentation seems to be functioning properly. To verify that even a 1400-byte MTU would be sufficient, I pinged the VPN server using the following (Linux) command: ping <host> -s 1450 -M do This (I believe) sends a 1450-byte packet with fragmentation disabled (I at least verified that it didn't work if I set it to an obviously-too-large value like 1600 bytes). These seem to work just fine; I get replies back from the host with no issue. So, maybe this isn't an MTU issue at all. I'm just confused as to what else it might be! Edit 2: The rabbit hole just keeps getting deeper: I've now isolated the problem a bit more. It seems to be related to the exact OS that the VPN client uses. I have successfully duplicated the problem on at least three Ubuntu machines (versions 12.04 through 13.04). I can reliably duplicate an SSH connection freeze within a minute or so by just cat-ing a large log file. However, if I do the same test using a CentOS 6 machine as a client, then I don't see the problem! I've tested using the exact same OpenVPN client version as I was using on the Ubuntu machines. I can cat log files for hours without seeing the connection freeze. This seems to provide some insight as to the ultimate cause, but I'm just not sure what that insight is. I have examined the traffic over the VPN using Wireshark. I'm not a TCP expert, so I'm not sure what to make of the gory details, but the gist is that at some point, a UDP packet gets dropped due to the limited bandwidth of the Internet link, causing TCP retransmissions inside the VPN tunnel. On the CentOS client, these retransmissions occur properly and things move on happily. At some point with the Ubuntu clients, though, the remote end starts retransmitting the same TCP segment over and over (with the transmit delay increasing between each retransmission). The client sends what looks like a valid TCP ACK to each retransmission, but the remote end still continues to transmit the same TCP segment periodically. This extends ad infinitum and the connection stalls. My question here would be: Does anyone have any recommendations for how to troubleshoot and/or determine the root cause of the TCP issue? It's as if the remote end isn't accepting the ACK messages sent by the VPN client. One common difference between the CentOS node and the various Ubuntu releases is that Ubuntu has a much more recent Linux kernel version (from 3.2 in Ubuntu 12.04 to 3.8 in 13.04). A pointer to some new kernel bug maybe? I'm assuming that if that were so, then I wouldn't be the only one experiencing the problem; I don't think this seems like a particularly exotic setup.

    Read the article

  • netmask: command not found

    - by Ian R.
    I purchased a new server with a few ip's so I modified the /etc/network/interfaces file recently so that my ip's can go live. While editing that file I created a backup and deleted the original file. I recreated the interfaces file using the touch command and gave +x permissions but now, when trying to restart the interface (/etc/network/interfaces restart) I get all sorts of errors: /etc/network/interfaces: line 10: iface: command not found /etc/network/interfaces: line 11: address: command not found /etc/network/interfaces: line 12: netmask: command not found /etc/network/interfaces: line 13: auto: command not found Can any1 point what I forgot to do? Thanks.

    Read the article

  • configuring linux server to send traffic to local machines using local IP address

    - by gkdsp
    Two linux servers, server1 and server2, are on the same local network (they also have access to an external network). Server2 has a local IP of 192.168.0.2 and a host name of host2.mydomain.com. QUESTION 1: If an application on server1 sends traffic to server2 using a host name of host2.mydomain.com, what determines whether this traffic is routed to server2 using the local or external network? QUESTION 2: To ensure that all traffic sent from server1 to server2 always uses the local network, could I simply include in the server1 /etc/hosts file the following? 192.168.0.2 host2.mydomain.com ...the thinking being, if the servers are always on the same network there should never be a need for server2 to send traffic to server1 via the external network (that I can think of anyway). Is this done in practice, or is some other method preferred?

    Read the article

  • Interview question ranking FizzBuzz (1), implementing malloc (10)

    - by blrs
    I'd like to have your opinion on the difficulty of the following interview question: Find the subarray with maximum sum in an array of integers in O(n) time. This trivial sounding problem was made famous by Jon Bentley in his Programming Pearls where he uses it to demonstrate algorithm design techniques. On a scale of 1-10, 1 being the FizzBuzz (or HoppityHop) test and 10 being implement the C stdlib function malloc(), how would you rank the above problem? I think the people who can best answer this question are those who have read Programming Pearls and have tried to solve this problem on their own. To motivate those who haven't, 'Programming Pearls' gets featured many times in the 'Top 10 programming books' list.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 389 390 391 392 393 394 395 396 397 398 399 400  | Next Page >