Displaying 20 results from an estimated 8000 matches similar to: "Routing issue"
2014 Apr 22
1
35 second wait when cache expired
Hello,
I've got an issue with RHEL6 running smbd & winbindd version
3.6.9-168.el6_5. This is authenticating against a Windows 2008R2 domain
using the rid backend.
If I run any command that has to look up user info I get a 35 second delay,
after this initial delay it's fine until the cache time-out, then it
happens again.
This is making logins and most commands hang for 35 seconds
2019 Apr 24
2
答复: Iptables blocks out going connetion some times
Hello, Stephen, thank you for input.
Yes, these servers have the same firewall rules, and both of them have the same problem from time to time, most of time they are good.
Actually, these servers are newly installed to be used as the Glusterfs storage server, so not much data flowing at this time.
>From the sysctl output, I suppose it can't be a conntrack table overflow :
2019 Apr 24
2
Iptables blocks out going connetion some times
Hi?guys.
There is a wierd problem with iptables recently, hopes somebody can help me.
I have installed Centos 7.2.1511 on a bare metal Dell server these days,
disabled firewalld and enabled iptables.services, and setup a group of very
simple rules, as the following:
# iptables-save
# Generated by iptables-save v1.4.21 on Tue Apr 23 09:15:14 2019
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT
2013 Sep 12
15
large packet support in netfront driver and guest network throughput
Hi All,
I am sure this has been answered somewhere in the list in the past, but I can''t find it. I was wondering if the linux guest netfront driver has GRO support in it. tcpdump shows packets coming in with 1500 bytes, although the eth0 in dom0 and the vif corresponding to the linux guest in dom0 is showing that they receive large packet:
In dom0:
eth0 Link encap:Ethernet HWaddr
2016 Nov 21
2
Winbind traffic not encrypted
A problem here getting winbind traffic to be encrypted using Kerberos.
I have set up a test environment with a pair of servers (actually lxc
containers):
- samba server (ubuntu 16.04, stock samba 4.3.11)
- client machine (ubuntu 16.04) joined with "net ads join" and winbind
The client machine has the following in /etc/samba/smb.conf:
-------
[global]
#netbios name = client-ad
2011 Dec 01
0
Are squeeze Xen dom0 kernels subject to this the same IPv6 GSO problem?
Hi,
I have three squeeze servers running:
ii linux-image-2.6.32-5-xen-amd64 2.6.32-38 Linux 2.6.32 for 64-bit PCs, Xen dom0 support
ii xen-hypervisor-4.0-amd64 4.0.1-4 The Xen Hypervisor on AMD64
All three servers have Intel gigabit NICs, but one server uses the
e1000e driver and the other two use the igb driver.
They've been in production for around 6 months now
2011 Dec 13
0
Are Debian squeeze dom0 kernels subject to this same IPv6 GSO problem?
Hi,
I have three Debian squeeze servers running:
ii linux-image-2.6.32-5-xen-amd64 2.6.32-38 Linux 2.6.32 for 64-bit PCs, Xen dom0 support
ii xen-hypervisor-4.0-amd64 4.0.1-4 The Xen Hypervisor on AMD64
All three servers have Intel gigabit NICs, but one server uses the
e1000e driver and the other two use the igb driver.
They''ve been in production for around 6
2016 Nov 22
1
Winbind traffic not encrypted
On Tue, 22 Nov 2016 15:19:34 +0000
Brian Candler via samba <samba at lists.samba.org> wrote:
> On 21/11/2016 17:21, Brian Candler wrote:
> > I'd quite like to be able to fetch a ticket using the keytab
>
> I found a solution to that part by using a different form of
> principal name with "hostname$"
>
> root at client-ad:~# kinit -k -t
2009 Dec 30
4
[Bug 627] New: NATed TCP-connections fail arbitrarily
http://bugzilla.netfilter.org/show_bug.cgi?id=627
Summary: NATed TCP-connections fail arbitrarily
Product: netfilter/iptables
Version: linux-2.6.x
Platform: All
OS/Version: All
Status: NEW
Severity: blocker
Priority: P1
Component: ip_conntrack
AssignedTo: laforge at netfilter.org
2015 Jul 07
2
using http from syslinux.efi
Hello,
I'm trying to use http from syslinux.efi but it fails while trying to
establish the connection to a FreeBSD http server. A packet capture shows:
TCP healthd > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=1094 TSecr=0
TCP http > healthd [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 WS=64 TSval=1596927428 TSecr=1094
TCP healthd > http [ACK] Seq=1 Ack=1 Win=2097152
2013 Feb 21
1
Problem with managesieve proxy
Hi folks,
I'm setting up a new dovecot email service and have a proxy server running in
front of it to facilitate migrating users from my very old UW-IMAP-based mail
server to the new one.
I have a mysql proxy table that directs inbound IMAP and LMTP connections to
the correct server, works great. Managesieve connections are not working
through the proxy using either with the sieverules
2015 Jul 08
0
using http from syslinux.efi
On Tue, Jul 7, 2015 at 10:12 AM, BALATON Zoltan via Syslinux
<syslinux at zytor.com> wrote:
> Hello,
>
> I'm trying to use http from syslinux.efi but it fails while trying to
> establish the connection to a FreeBSD http server. A packet capture shows:
>
> TCP healthd > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=1094
> TSecr=0
> TCP http > healthd
2017 Oct 15
3
can only ssh unidirectional
Dear developer,
This issue may be not related to openssh but I am not sure. So post it here for some luck.
The issue is like this:(you can see more formatted description at (https://serverfault.com/questions/878504/can-only-ssh-unidirectional)
I have two centos 7.2 server. One machine ip is
10.104.196.18, another machine is 10.240.197.21. I can successfully ssh from 10.104.196.18 to
2012 Jun 29
3
Proxy config help please
Hello, I am new to dovecot and I am initially trying to setup a basic
imap proxy with password forwarding, I can start the dovecot service,
connect and give it my password, and that is where I hang. My config
is:
root at imap-test:/etc/dovecot# doveconf -n
# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS
auth_debug = yes
auth_verbose = yes
debug_log_path =
2017 May 14
2
ssh ethernet tunnel jumbo frame udp is not work
root at ne-vlezay80:~# tcpdump -i tap0 -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap0, link-type EN10MB (Ethernet), capture size 262144 bytes
00:23:53.206672 ARP, Request who-has 10.194.0.2 tell 10.194.0.200, length 28
00:23:53.206691 ARP, Reply 10.194.0.2 is-at 52:54:00:38:b9:0b, length 28
00:23:53.710691 STP 802.1d, Config, Flags [none], bridge-id
2017 Jun 17
1
client reconnect fails (was gluster heal entry reappears)
Hi Ravi,
back to our client-cannot-reconnect-to-gluster-brick problem ...
> Von: Ravishankar N [ravishankar at redhat.com]
> Gesendet: Montag, 29. Mai 2017 06:34
> An: Markus Stockhausen; gluster-users at gluster.org
> Betreff: Re: [Gluster-users] gluster heal entry reappears
>
> > On 05/28/2017 10:31 PM, Markus Stockhausen wrote:
> > Hi,
> >
> > I'm
2013 Jan 06
2
audit events confusion
On a rather full customer web server, I am trying to track down whose
web site script is trying to make outbound network connections when they
should not be. In /etc/security/audit_control, I added to the flags line
dir:/var/audit
flags:lo,aa,-nt
minfree:5
to log failed network connection. When I try an make an outbound
connection to something that is blocked in pf, it seems to sometimes
work.
2017 Apr 25
3
Flooding Samba DC with random requests
Hi,
yesterday we experienced a heavy request flooding from multiple servers being a domain member against our Samba Sernet DCs.
All those servers are domain members and allow login using PAM (Samba+Winbind).
Running TCPDump we had like 400 Requests per 5 seconds like this:
tcpdump -i eth0 dst port 389
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0,
2014 Jul 31
2
can't use icecast2 in ubuntu 12.04
Thomas B. R?cker (il 30/07/2014 23:26) ha scritto:
You could run "tcpdump -ni eth0 port 8000" and try to access the
> icecast web interface. If you don't see any output, then traffic to port
> 8000 is blocked externally.
good point of view.
Ok, let's try:
root at mail2:/home/spaziouser# tcpdump -ni eth0 port 8000
tcpdump: verbose output suppressed, use -v or -vv
2013 Feb 13
3
Unusual TCP/IP Packet Size
Monitoring a tcpdump between two systems, a FreeBSD 9.1 system has the following interface:
msk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=c011b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,TSO4,VLAN_HWTSO,LINKSTATE>
ether 00:11:2f:2a:c7:03
inet 10.0.1.199 netmask 0xffffff00 broadcast 10.0.1.255
inet6 fe80::211:2fff:fe2a:c703%msk0 prefixlen 64 scopeid