Search Results

Search found 4534 results on 182 pages for 'dns'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 134/182 | < Previous Page | 130 131 132 133 134 135 136 137 138 139 140 141  | Next Page >

  • SBS 2011 on different subnet than domain computers

    - by Ravi
    The setup is as follows: SBS 2011 in datacentre on subnet A Domain PCs at another location on subnet B There is a site-to-site VPN. The domain PCs have joined the domain and have the SBS as their primary DNS server. The domain PCs can ping the DC but the problem is that the DC cannot ping any of the remote subnet (subnet B) SBS --Switch -- Router A ------------------- Router B -- Switch -- Domain PCs What is strange is that router A can ping any host on the subnet B. Another host on Subnet A can also ping any host on subnet B. It's only the DC which cannot ping anything to that specific remote subnet B. I did a tracert from the SBS to router B. The packet reaches Router A from the SBS but then it fails. Am I missing some specific settings that needs to be done when SBS is on a different subnet than its member pcs ?

    Read the article

  • URL redirect to a virtual server on a VLAN

    - by zeroFiG
    I have a production site, running off 10 servers. I've been given another virtual server on the same network as these 10 servers, to use for testing purposes. This server doesn't have it's own DNS entry. Therefore I need to do a redirect to the site hosted on this virtual server for a sub-domain of the site running on the 10 other servers. So Basically I was wondering how I would configure a sub domain of my production server to point at the Virtual server for testing. I'm guessing I need to modify my site file in /etc/apache2/sites-available and add another virtual host like the following and modify the redirect match: <VirtualHost *> ServerName SUBDOMAIN.DOMAIN.com RedirectMatch 301 (.*) **IP ADDRESS** CustomLog /var/log/apache2/SUBDOMAIN.DOMAIN.com.access.log combined </VirtualHost> Do I set the redirect match to just the IP on the Virtual server, and then configure another site file in the sites-available directory, which will recption this redirect and point the browser towards the HTML root? Thanks, I hope I made myself clear.

    Read the article

  • email spam filering in bridging

    - by User4283
    I've a mail server, which handle multiple domains. Due to concern of spam and mail server performance. I've configured another machine which will be in bridging and mail server would be behind that it. How can i filter spam emails in bridging server without running any smtp services. Scenario Internet +------+ Spamfilter Server (in bridging mode) +---------+ MailServer SmartHost will work for outgoing email. In this scenario i can filter all incoming emails. There is also another option of DNS which i don't want to use.

    Read the article

  • Active Directory Domain Services on remote VPS

    - by Rob Angelier
    I really need help with configuring Active Directory Domain Services on a remote VPS. Situation we have a remote Windows Server 2008R2 VPS and i just installed the Active Directory Domain Services Role. A DNS Server was also configured by default at the end of the Active Directory installation. Problem I can't get my Windows 7 machine to register itself to the domain i have just created Question What are the steps i have to take to test my Active Directory configuration, and how do i connect clients to this Domain? I can provide screenshots and more information if neccesary. looking forward to your replies! best regards, Rob Angelier

    Read the article

  • FTP in DMZ, TCP Ports for LDAP Auth

    - by sam
    szenario: (outside)---(ASA5510)---(inside) -Windows2008 DC .....................(dmz) ..........-Win2008 FTP Server Which Ports do I need to open from DMZ-Inside that FTP Users can authentificated on the Inside DC? I have allready opend 389 (Ldap), 636 (secure Ldap) and 53 (dns). But the ftp Client stucks allways after processing the credentials and the FTP Server gives you an eventlog "logon error". the error messages indicates that there could be an issue with closed ports. if I turn the ACL to "IP", that means all ports are open, everything is working fine.

    Read the article

  • Going from dev to sysadmin advice [on hold]

    - by dotnetdev
    I've seen the threads on here about transitions to/from sysadmin. My story is I am a dev (technology is irrelevant), but in learning that technology it required a lot of server infrastructure. In the last few years, I thus had to setup a lot of infrastructure (AD, DNS, SQL etc) to learn said technology. I've noticed that I've enjoyed doing sysadmin and got quite good at it, and find it even engrossing (e.g. I am amazed by how decievingly complicated AD is, under the hood). I'm now thinking of moving into IT infrastructure after about 4 years in various dev (.NET) roles. Any advice? My concern is that I don't have any experience with hardware load balancers and firewalls like F5 etc, which some jobs require. How could I compensate for that? Also, I'm rubbish with my hands, would this be a factor? (i.e. maintaining physical kit)? Thanks

    Read the article

  • CentOS Existing host to new host with all data/files

    - by ganesh
    Good noon. Our small startup management decided to move our production server from existing provider to azure. We have centOS on both. It is for classified's related site, considerable amount of data and ~thousands users with their disc space quota. This is our first time moving our servers. I need your Guidance and suggestions on these. 1) How to migrate the mysql db (dump OR slave OR copy filesystem)? 2) How to manage the emails during the downtime. 3) Manage the files 4) How to security/Firewall check list for the new system 5) IP/DNS related Checklist 6) Anything that I missed out!. Since first time, planning to be more cautious. Any reference documents Highly appreciated. Thank you all!.

    Read the article

  • If I use openvpn, can vpn servers monitor my usernames/passwords?

    - by Duff
    Openvpn uses a type of encryption similar to ssl. This seems to suggest that even if I choose an incredibly shady VPN server, then my content will be secure. That is, the VPN server will be able to monitor what websites I patronize, but not the actual data I transfer. That said, I am not an expert at this type of thing. I wanted, therefore, to make sure that I understand correctly. Is it true that if I use openvpn that my username/passwords are secure, even if the VPN is untrustworthy? If not, why? (And how, if at all, can it be fixed?) Examples of things that I don't know much about that may (or may not! I honestly don't know much about this.) be related to my question are: DNS leakage, IPv6, tracking cookies, browser plugins and websites that don't support https.

    Read the article

  • Weird behaviour with OpenVPN: can not connect to a few websites

    - by Gaby Solis
    My OpenVPN server is Ubuntu 10.04.4 LTS and openvpn version is 2.x My client is on Win 7. He can access most sites but not Youtube, Facebook, Twitter, groups.google.com, etc My server.conf is: local x.x.x.x port 1194 proto udp dev tun ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server.crt key /etc/openvpn/keys/server.key dh /etc/openvpn/keys/dh1024.pem server 10.8.0.0 255.255.255.0 push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8" client-to-client keepalive 10 120 comp-lzo persist-key persist-tun status /etc/openvpn/keys/openvpn-status.log verb 4 I can access Youtube etc using SSH Tunnel + SOCKS Proxy, and the Ubuntu server can access all sites. so nothing is wrong with the Ubuntu server. With little information I can provide, I am not looking for a quck solution. How can I debug?

    Read the article

  • Facebook doesn't work on computer, but work on mobile device, both use the same router

    - by sasa
    I have a very strange problem and I'm thinking that can be problem with dns or something similar, but not sure and don't know how to solve. My computer is connected to router and every site works fine except facebook (Chrome and Firefox). Chrome shows "Error 101 (net::ERR_CONNECTION_RESET): The connection was reset." But, on mobile device witch is connected to the same router facebook works fine (Fb application and Delphin browser). Pinging facebook works fine. Clearing cookies and cache didn't help. Also, I performed antivirus and antimalware scan and there is nothing. What can be a problem? Update: I'm also connect notebook on that wifi router, and on it works fine. nslookup facebook.com Server: UnKnown Address: 192.168.1.1 Non-authoritative answer: Name: facebook.com Addresses: 2a03:2880:2110:3f01:face:b00c:: 2a03:2880:10:1f02:face:b00c:0:25 2a03:2880:10:8f01:face:b00c:0:25 69.171.224.37 69.171.229.11 69.171.242.11 66.220.149.11 66.220.158.11

    Read the article

  • Zimbra ZCS 7.2.1 MTA Deferring e-mail

    - by user139181
    Zimbra 7.1.2 and the MTA seems to be deferring e-mail when it is received. Oct 1 09:35:42 www postfix/error[16614]: 5FB8C1A803EE: to=<[email protected]>, relay=none, delay=0.15, delays=0.08/0.01/0/0.06, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to thedigiologygroup.org[75.149.56.27]:7025: Connection timed out) I can telnet to both 25 and 7025. I do get a $ telnet thedigiologygroup.org 25 Trying 75.149.56.27... Connected to thedigiologygroup.org. Escape character is '^]'. 220 thedigiologygroup.org ESMTP Postfix 500 5.5.2 Error: bad syntax 500 5.5.2 Error: bad syntax` I dont see email in the inbox obviously and I am not sure how to troubleshoot what is going on. Nothing DNS has changed. This box has been running for a year Zimbra was removed and re-installed after trying to upgrade to ZCS-8 with no luck.

    Read the article

  • Moving MS Exchange 2007 to another machine

    - by Mustafa Ismail Mustafa
    We have a machine that has been chugging along with the burden of both Exchange and DC and DNS all with SBS 2008. We have a better machine now and I'd like to move Exchange 2007 to that machine and take it off of this machine. In fact, I'm planning on formatting the old machine and get rid of SBS all together because it is making the machine SLOW. How would I go about making the move? I've read on previous versions of Exchange (2000), that all you do is install Exchange on the new machine and then start moving mailboxes one after the other. Well, what about all the different rules we have in place? How do those get moved? How do we de-commission the old exchange and set up the new exchange as the primary one? Come to think of it, how do we have both exchanges recognize each other on the same domain? TIA

    Read the article

  • Changing SPF (Sender Policy Framework) record for Google Apps

    - by bobo
    My boss asked me to set up Google Apps for a client and basically I have done everything including setting up MX records in DirectAdmin and re-creating the email accounts in Google Apps. I also sent a few test emails to ensure that it actually works and it seems fine. But then I discovered this article talking about changing the SPF record for the domain. http://www.google.com/support/a/bin/answer.py?answer=178723 After reading the introduction I think it would be better for me to change the SPF record according to this article. So I logged in to the DirectAdmin and navigated to the DNS management, and then I found that there's already a TXT SPF record there: v=spf1 a mx a:spf.cabin.com.hk include:gmail.com -all And it looks like it's already including gmail.com, but according to the article it should be: _spf.google.com rather than: gmail.com I dare not to change it before I understand what this record actually means. What would you do with this record if you were me?

    Read the article

  • AWS ELB as backend for Varnish Accelerator

    - by addisonj
    I am working on a large deployment on AWS that has high uptime requirements and variable loads throughout the day. Obviously, this is the perfect use case for ELB (Elastic Load Balancer) and autoscaling. However, we also rely on varnish for caching of API calls. My initial instinct was to structure the stack so that varnish uses ELB as a backend which in turn hits an appGroup. Varnish -> ELB -> AppServers However, according to a few sources that isn't possible as ELB constantly changes the IP address of its DNS hostname, which varnish caches on start, meaning changes to the IP won't be picked up by varnish. Reading around however, it looks like people are doing this so I am wondering what workarounds exist? Perhaps a script to reload the vcl periodically? In the case of where this is really just not a good idea, any idea of other solutions?

    Read the article

  • Accessing through VPN, which internet connection would be used

    - by Sriram
    I've a data card which has a limit of 2 GB up/download traffic per month. I've an office internet line which has an unlimited up/download. I've successfully connected to VPN using my data card and by changing certain configurations like DNS etc., have also been able to use my office line for internet (verified by doing a IP check - returns the static IP of our office). Now to my question - is it just a NAT which is happening or am I actually using my office line for all communication. Which one would reflect the usage/trace. The data card usage log at this moment does not reflect any usage (which is confusing since the VPN is over the data card connection). Further more (theoretically), would the net be any faster if my office line is let us say 8Mbps and the data card is 512kbps by doing this as against directly connecting the internet using the data card.

    Read the article

  • Need help identiying a nasty rootkit in Windows

    - by goofrider
    I have a nasty rootkit that not tools seem to be able to idenity. I know for sure it's a rootkit, but I can figure out which rootkit it is. Here's what I gathered so far: It creates multiple copies of itself in %HOME%\Local Settings\Temp with names like Q.EXE, IAJARZ.exe, etc., and install them as hidden services. These EXE have SysInternals identifiers in them so they're definitely rootkits. It hooked very deep in the system, including file read/write, security policies, registry read/write, and possibly WinSock/TCP/IP. When going to Sophos.com to download their software, the rootkit inject something called Microsoft Ajax Tootkit into the page, which injects code into the email submission form in order to redirect it. (EDIT: I might have panicked. Looks like Sophos does use an AJAZ email form, their form is just broken on Chrome so it looked like a mail form injection attack, the link is http://www.sophos.com/en-us/products/free-tools/virus-removal-tool/download.aspx ) Super-Antispyware found a lot of spyware cookies, in the name of .kaspersky.2o7.net, etc. (just chedk 2o7.net, looks like it's a legit ad company) I tried comparing DNS lookup from the infected systems and from system in other physical locations, no DNS redirections it seems. I used dd to copy the MBR and compared it with the MBR provided by ms-sys package, no differences so it's not infecting MBR. No antivirus or rootkit scanner be able to identify it. Most of them can't even find it. I tried scanning, in-situ (normal mode), in safe mode, and boot to linux live CD. Scanners used: Avast, Sophos anti rootkit, Kasersky TDSSKiller, GMER, RootkitRevealer, and many others. Kaspersky reported some unsigned system files that ought to be signed (e.g. tcpip.sys), and reported a number of MD5 mismatches. But otherwise couldn't identify anything based on signature. When running Sysinternal RootkitRevealer and Sophos AntiRootkit, CPU usage goes up to 100% and gets stucked. The Rootkit is blocking them. When trying running/installing HiJackThis, RootkitRevealer and some other scanners, it tells me system security policy prevent running/installing it. The list of malicious acitivities go on and on. here's a sample of logs from all my scans. In particular, aswSnx.SYS, apnenfno.sys and PROCMON20.SYS has a huge number of hooks. It's hard to tell if the rootkit replaced legit program files like aswSnx.SYS (from Avast) and PROCMON20.SYS (from Sysinternal Process Monitor). I can't find whether apnenfno.sys is from a legit program. Help to identify it is appreciated. Trend Micro RootkitBuster ------ [HIDDEN_REGISTRY][Hidden Reg Value]: KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg Root : 586bfc0 SubKey : Cfg ValueName : g0 Data : 38 23 E8 D0 BF F2 2D 6F ... ValueType : 3 AccessType: 0 FullLength: 61 DataSize : 32 [HOOKED_SERVICE_API]: Service API : ZwCreateMutant Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS OriginalHandler : 0x8061758e CurrentHandler : 0xaa66cce8 ServiceNumber : 0x2b ModuleName : aswSnx.SYS SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwCreateThread Image Path : c:\windows\system32\drivers\apnenfno.sys OriginalHandler : 0x805d1038 CurrentHandler : 0xaa5f118c ServiceNumber : 0x35 ModuleName : apnenfno.sys SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwDeleteKey Image Path : C:\WINDOWS\system32\Drivers\PROCMON20.SYS OriginalHandler : 0x80624472 CurrentHandler : 0xa709b0f8 ServiceNumber : 0x3f ModuleName : PROCMON20.SYS SDTType : 0x0 HiJackThis ------ O23 - Service: JWAHQAGZ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\JWAHQAGZ.exe O23 - Service: LHIJ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\LHIJ.exe Kaspersky TDSSKiller ------ 21:05:58.0375 3936 C:\WINDOWS\system32\ati2sgag.exe - copied to quarantine 21:05:59.0217 3936 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0342 3936 C:\WINDOWS\system32\BUFADPT.SYS - copied to quarantine 21:05:59.0856 3936 BUFADPT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0965 3936 C:\Program Files\CrashPlan\CrashPlanService.exe - copied to quarantine 21:06:00.0152 3936 CrashPlanService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0246 3936 C:\WINDOWS\system32\epmntdrv.sys - copied to quarantine 21:06:00.0433 3936 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0464 3936 C:\WINDOWS\system32\EuGdiDrv.sys - copied to quarantine 21:06:00.0526 3936 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0604 3936 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - copied to quarantine 21:06:01.0181 3936 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0321 3936 C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe - copied to quarantine 21:06:01.0430 3936 OTFSDMS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0492 3936 C:\WINDOWS\system32\DRIVERS\tcpip.sys - copied to quarantine 21:06:01.0539 3936 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0601 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - copied to quarantine 21:06:01.0664 3936 HKLM\SYSTEM\ControlSet003\services\TULPUWOX - will be deleted on reboot 21:06:01.0664 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - will be deleted on reboot 21:06:01.0664 3936 TULPUWOX ( UnsignedFile.Multi.Generic ) - User select action: Delete 21:06:01.0757 3936 C:\WINDOWS\system32\Drivers\usbaapl.sys - copied to quarantine 21:06:01.0866 3936 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0913 3936 C:\Program Files\VMware\VMware Player\vmware-authd.exe - copied to quarantine 21:06:02.0443 3936 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

    Read the article

  • Routing different domains on a VPS

    - by Hans Wassink
    We just went from shared hosting to a VPS server. We have several domain names that we have pointing to our dns, but they all point to the root of the server. What I would like now is a setup where every domain name gets its own map so we can run different sites on the VPS server. Like: www.example.com points to: /var/www/example.com www.imapwnu.com points to: /var/www/imapwnu.com First of all, is this possible? Second, I have root SSH access and Webmin, on a LAMP server running on Ubuntu. Webmin doesnt have Bind9 (I dont know if I need that, some forums pointed me towards something called bind). Thanks in advance

    Read the article

  • My windows xp wireless hotspot isn't working

    - by Dominic Grenier
    I add the hotspot the regular way. Yet it doesn't show up as available when I try to connect to it using my other Ubuntu laptop. And nothing can connect to it. Yesterday, I successfully made it work for 5 minutes and then it stopped without me changing any configuration. I've already tryed resetting the DNS. Edit: I've updated my Broadcom 802.11b/g driver to a generic but more recent version. I've also repaired the WMI, now the advanced tab of my primary connection is available and the hand meaning the connection is shared appeared. But the computers still connect the wrong way around. (Windows to ubuntu instead of ubuntu to windows) Reinstalled SP3...

    Read the article

  • Is there any viable alternative to using a linux/unix/BSD firewall/router/vpn?

    - by ObligatoryMoniker
    I am trying to purchase something to replace our Vyatta router that is running in a virtual machine on Hyper V (having the whole network go down when the host has to reboot is not convenient and I am getting the sense that this configuration may not be stable). Most posts on this topic suggest using Linux/OpenBSD/FreeBSD/etc with some recommendations to use appliances from vendors for specific purposes like firewall and VPN. We are a windows shop and it has been a stretch for us to make use of Vyatta but since it was free and straightforward to use we decided to use it. Now we need something that is easier for our team to (re)deploy and manage. I would rather purchase something windows based or an appliance that can do all of the following things: DHCP server (reservations, specified gateway, dns, etc) Static Routes that route traffic across three interfaces Easily Reproducible (Powershell script, Puppet, Chef, etc) Intuitive interface (Decent web interface would be fine but I don't want them to have to go to CLI) Does any one have any recommendations on what I should be looking at that might meet our needs?

    Read the article

  • multiple domains, one static IP address and latency

    - by shirish
    how is latency affected when multiple domains are using one single static IP address ? The scenario is in shared web-hosting By latency meaning the DNS lookup the client has to do. As far as I understand it, the browser would hit the root servers to try to figure out the IP Address and it belongs where and then when it comes to the correct server, it probably looks up some sort of table to determine which site names much and show that site as such via browser to the user. Is my understanding correct or backwards or what ?

    Read the article

  • Powershell, Task Scheduler or loop and sleep

    - by Paddy Carroll
    I have a job that needs to go off every minute or so, it loads a DLL i have written in C# that retrieves state for an SQL Server Mirror (Primary, Mirror and witness) for a number of databases; it allows us to poke DNS to show where the primary instances are. Please don't mention Clustering - We're not doing that. I can't be arsed to write a service, there simply isn't enough time do I Task Scheduler - every minute: Invoke a powershell script that loads the DLL does the business Task scheduler - At Startup : Invoke a similer powershell script that loads the DLL once but then loops and sleeps, refreshing the Object that the DLL exposes. Pros and cons?

    Read the article

  • powershell task scheduler or loop and sleep

    - by Paddy Carroll
    I have a job that needs to go off every minute or so, it loads a DLL written in C# that retrieves state for an SQL Server Mirror (Primary, Mirror and witness) for a number of databases; it allows us to poke DNS to show where the primary instances are. Please don't mention Clustering - We're not doing that. I can't be arsed to write a service, there simply isn't enough time do I Task Scheduler - every minute: Invoke a powershell script that loads the DLL does the business Task scheduler - At Startup : Invoke a similer powershell script that loads the DLL once but then loops and sleeps, refreshing the Object that the DLL exposes. Pros and cons?

    Read the article

  • How to set up Windows server 2008 to receive email?

    - by Saul
    First off apologies, I'm from a medical background not a networking one, but I've got roped into setting up a windows 2008 server. So far web server running, fixed IP address assigned (within a large private network of the National Health Service in the UK if that makes any difference) and the network team have assigned a DNS entry for me which works, so the server can be addressed as nww.myserver.nhs.uk I've only got ports open on the router for 80 and 443 (http and https) at the moment, so presume I need a different port to enable email services. My need is to be able to accept an email to the domain name like [email protected] in order to pick up a confirmation mail from an SSL issuer (Comodo) I guess to confirm that I control the domain. After that I don't actually need mail services on the server. I see lots of stuff about setting up SMTP services but thought that was about mail out and re-routing, but how do you get the server to "listen" for mail to the domain (assuming I open port xyz or whatever it is) ?

    Read the article

  • Bridging LXC containers to host eth0 so they can have a public IP

    - by Vianney Stroebel
    UPDATE: I found the solution there: http://www.linuxfoundation.org/collaborate/workgroups/networking/bridge#No_traffic_gets_trough_.28except_ARP_and_STP.29 # cd /proc/sys/net/bridge # ls bridge-nf-call-arptables bridge-nf-call-iptables bridge-nf-call-ip6tables bridge-nf-filter-vlan-tagged # for f in bridge-nf-*; do echo 0 $f; done But I'd like to have expert opinions on this: is it safe to disable all bridge-nf-*? What are they here for? END OF UPDATE I need to bridge LXC containers to the physical interface (eth0) of my host, reading numerous tutorials, documents and blog posts on the subject. I need the containers to have their own public IP (which I've previously done KVM/libvirt). After two days of searching and trying, I still can't make it work with LXC containers. The host runs a freshly installed Ubuntu Server Quantal (12.10) with only libvirt (which I'm not using here) and lxc installed. I created the containers with : lxc-create -t ubuntu -n mycontainer So they also run Ubuntu 12.10. Content of /var/lib/lxc/mycontainer/config is: lxc.utsname = mycontainer lxc.mount = /var/lib/lxc/test/fstab lxc.rootfs = /var/lib/lxc/test/rootfs lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 lxc.network.name = eth0 lxc.network.veth.pair = vethmycontainer lxc.network.ipv4 = 179.43.46.233 lxc.network.hwaddr= 02:00:00:86:5b:11 lxc.devttydir = lxc lxc.tty = 4 lxc.pts = 1024 lxc.arch = amd64 lxc.cap.drop = sys_module mac_admin mac_override lxc.pivotdir = lxc_putold # uncomment the next line to run the container unconfined: #lxc.aa_profile = unconfined lxc.cgroup.devices.deny = a # Allow any mknod (but not using the node) lxc.cgroup.devices.allow = c *:* m lxc.cgroup.devices.allow = b *:* m # /dev/null and zero lxc.cgroup.devices.allow = c 1:3 rwm lxc.cgroup.devices.allow = c 1:5 rwm # consoles lxc.cgroup.devices.allow = c 5:1 rwm lxc.cgroup.devices.allow = c 5:0 rwm #lxc.cgroup.devices.allow = c 4:0 rwm #lxc.cgroup.devices.allow = c 4:1 rwm # /dev/{,u}random lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgroup.devices.allow = c 1:8 rwm lxc.cgroup.devices.allow = c 136:* rwm lxc.cgroup.devices.allow = c 5:2 rwm # rtc lxc.cgroup.devices.allow = c 254:0 rwm #fuse lxc.cgroup.devices.allow = c 10:229 rwm #tun lxc.cgroup.devices.allow = c 10:200 rwm #full lxc.cgroup.devices.allow = c 1:7 rwm #hpet lxc.cgroup.devices.allow = c 10:228 rwm #kvm lxc.cgroup.devices.allow = c 10:232 rwm Then I changed my host /etc/network/interfaces to: auto lo iface lo inet loopback auto br0 iface br0 inet static bridge_ports eth0 bridge_fd 0 address 92.281.86.226 netmask 255.255.255.0 network 92.281.86.0 broadcast 92.281.86.255 gateway 92.281.86.254 dns-nameservers 213.186.33.99 dns-search ovh.net When I try command line configuration ("brctl addif", "ifconfig eth0", etc.) my remote host becomes inaccessible and I have to hard reboot it. I changed the content of /var/lib/lxc/mycontainer/rootfs/etc/network/interfaces to: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 179.43.46.233 netmask 255.255.255.255 broadcast 178.33.40.233 gateway 92.281.86.254 It takes several minutes for mycontainer to start (lxc-start -n mycontainer). I tried replacing gateway 92.281.86.254 by : post-up route add 92.281.86.254 dev eth0 post-up route add default gw 92.281.86.254 post-down route del 92.281.86.254 dev eth0 post-down route del default gw 92.281.86.254 My container then starts instantly. But whatever configuration I set in /var/lib/lxc/mycontainer/rootfs/etc/network/interfaces, I cannot ping from mycontainer to any IP (including the host's) : ubuntu@mycontainer:~$ ping 92.281.86.226 PING 92.281.86.226 (92.281.86.226) 56(84) bytes of data. ^C --- 92.281.86.226 ping statistics --- 6 packets transmitted, 0 received, 100% packet loss, time 5031ms And my host cannot ping the container: root@host:~# ping 179.43.46.233 PING 179.43.46.233 (179.43.46.233) 56(84) bytes of data. ^C --- 179.43.46.233 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4000ms My container's ifconfig: ubuntu@mycontainer:~$ ifconfig eth0 Link encap:Ethernet HWaddr 02:00:00:86:5b:11 inet addr:179.43.46.233 Bcast:255.255.255.255 Mask:0.0.0.0 inet6 addr: fe80::ff:fe79:5a31/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:64 errors:0 dropped:6 overruns:0 frame:0 TX packets:54 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4070 (4.0 KB) TX bytes:4168 (4.1 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:32 errors:0 dropped:0 overruns:0 frame:0 TX packets:32 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2496 (2.4 KB) TX bytes:2496 (2.4 KB) My host's ifconfig: root@host:~# ifconfig br0 Link encap:Ethernet HWaddr 4c:72:b9:43:65:2b inet addr:92.281.86.226 Bcast:91.121.67.255 Mask:255.255.255.0 inet6 addr: fe80::4e72:b9ff:fe43:652b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1453 errors:0 dropped:18 overruns:0 frame:0 TX packets:1630 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:145125 (145.1 KB) TX bytes:299943 (299.9 KB) eth0 Link encap:Ethernet HWaddr 4c:72:b9:43:65:2b UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3178 errors:0 dropped:0 overruns:0 frame:0 TX packets:1637 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:298263 (298.2 KB) TX bytes:309167 (309.1 KB) Interrupt:20 Memory:fe500000-fe520000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:300 (300.0 B) TX bytes:300 (300.0 B) vethtest Link encap:Ethernet HWaddr fe:0d:7f:3e:70:88 inet6 addr: fe80::fc0d:7fff:fe3e:7088/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:54 errors:0 dropped:0 overruns:0 frame:0 TX packets:67 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4168 (4.1 KB) TX bytes:4250 (4.2 KB) virbr0 Link encap:Ethernet HWaddr de:49:c5:66:cf:84 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) I have disabled lxcbr0 (USE_LXC_BRIDGE="false" in /etc/default/lxc). root@host:~# brctl show bridge name bridge id STP enabled interfaces br0 8000.4c72b943652b no eth0 vethtest I have configured the IP 179.43.46.233 to point to 02:00:00:86:5b:11 in my hosting provider (OVH) config panel. (The IPs in this post are not the real ones.) Thanks for reading this long question! :-) Vianney

    Read the article

  • RODC password replication and A/D sites and subnets

    - by Gregory Thomson
    I work at a school district with about 30 school sites. Windows 2008 A/D setup - all central at the district office. In A/D, all is under one site, and no subnets defined. One A/D forest and only one domain under that. We're now looking to start putting RODCs at the schools to put the authentication and DNS out there closer to them. I haven't worked with A/D sites and subnets, and only a little with RODC password replication. But just got an invite to a meeting to talk about this tomorrow... If we start breaking down the A/D pieces into sites/subnets, can we also use that as a way to help apply an RODC password replication policy in a way that matches so that only each school sites' users passwords are replicated/cached on their RODC?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 130 131 132 133 134 135 136 137 138 139 140 141  | Next Page >