A CSS command that would show return traffic...

We're running a pair of CSS's with a couple of back-end servers behind them. We could determine if the traffic is coming into the CSS by uing the sh flows command. However, this command will only show the connections from the CSS to the server, not back to the CSS, so if there's an asymetry in the flow, this command will not pick it up. Is there a similar command(s) that would show a return connection from back-end servers to the CSS?
Thanks..

Good morning,
No, there is not such a command, but you can easily confirm that there is no asymmetric traffic from the fact that connections work.
If the CSS doesn't see the full TCP handshake for a connection (which includes the client and server directions), it will close the connection and log a SYN attack.
On top of that, unless you are defining the servers as transparent, the CSS will apply NAT to the destination IP (from the VIP to the server), so, if there is asymmetric routing, the NAT is not undone for the return traffic, which will cause connections to fail.
I hope this helps
Daniel

Similar Messages

  • I received a text from verizon saying i made a charge with a third party  vendor that would show up on by bill

    I got a text from Verizon saying I made a charge with a third party vendor that will be on my verizon bill.  What the heck?????

    Don't be surprised. I received this same notice but verizon has almost no way for a person to find the answer easily. Plus there are several charges on my bill that are on the web page that link to the contract. The links go no where! !
    If they are going to charge something they need to find a way for people to know what is being charged.
    An Iphone6 was upgraded on October 6 under the Edge program. The charge was added almost immediately and appeared on the October 12 billing cycle. The older phone was returned to them under the Verizon Edge plan and it was received by verizon on the 13th of October. That credit has still not been applied to our account. It took them a matter of minutes to charge us for the new IPhone 6 but so far they have not been able to apply the credit for the edge return after eight days. All the links to this transaction are dead and there are no records on the verizon billing site to back up the charges. The message today is the first 'hint' that there may be a charge coming but no mention of the credit.

  • Help - column that would show col A or Col B val based on presentation var

    We are having difficulty in getting this to work.
    Here is what we have in the column formula:
    CASE WHEN @{variables.nabc}='Mgmt $' THEN SR_QUOTA_ACHIV_AGGR.MGMT_DOLLARS_MTD_AMT ELSE SR_QUOTA_ACHIV_AGGR.LGL_DOLLARS_MTD_AMT
    We get Syntax error.
    The variable is set in the prompt using a fake SQL
    SELECT CASE WHEN 1=0 THEN SR_QUOTA_ACHIV_AGGR.MGMT_DOLLARS_MTD_AMT ELSE 'MGMT $' END FROM ROAD_RUNNER UNION ALL SELECT CASE WHEN 1=0 THEN SR_QUOTA_ACHIV_AGGR.LGL_DOLLARS_MTD_AMT ELSE 'LGL $' END FROM RPT_TBL
    Any help will be greatly appreciated.

    tHEHi,
    Thanku for reply.
    I used the same approach what did u reply. But still i am facing the similar issue once i say ok to the query.
    It is showing the following error:-
    Error Codes: OPR4ONWY:U9IM8TAC:OI2DL65P:OI2DL65P
    State: HY000. Code: 10058. [NQODBC] [SQL_STATE: HY000] [nQSError: 10058] A general error has occurred. [nQSError: 27002] Near <,>: Syntax error [nQSError: 26012] . (HY000)
    SQL Issued: {call NQSGetQueryColumnInfo('SELECT CASE WHEN ''MGMT $''=''MGMT $'' THEN SR_QUOTA_ACHIV_AGGR.MGMT_DOLLARS_MTD_AMT ELSE SR_QUOTA_ACHIV_AGGR.LGL_DOLLARS_MTD_AMT, GEO_DIM.AREA, GEO_DIM.AREA_DESC, ORDER_SPLIT.BOOKED_DT, ORDER_SPLIT.ORD_SHIP_TO_SITE_CITY, ORDER_SPLIT.ORD_SHIP_TO_SITE_NBR, ORDER_SPLIT.ORD_SOLD_TO_SITE_CITY, ORDER_SPLIT.ORD_SOLD_TO_SITE_NBR, SR_QUOTA_ACHIV_AGGR.PROD_LINE_CD, SR_QUOTA_ACHIV_AGGR.QUOTA_CREDIT_COUNTRY_KEY, SR_QUOTA_ACHIV_AGGR.SALES_ORG_ID FROM ROAD_RUNNER')}
    SQL Issued: SELECT CASE WHEN 'MGMT $'='MGMT $' THEN SR_QUOTA_ACHIV_AGGR.MGMT_DOLLARS_MTD_AMT ELSE SR_QUOTA_ACHIV_AGGR.LGL_DOLLARS_MTD_AMT, GEO_DIM.AREA, GEO_DIM.AREA_DESC, ORDER_SPLIT.BOOKED_DT, ORDER_SPLIT.ORD_SHIP_TO_SITE_CITY, ORDER_SPLIT.ORD_SHIP_TO_SITE_NBR, ORDER_SPLIT.ORD_SOLD_TO_SITE_CITY, ORDER_SPLIT.ORD_SOLD_TO_SITE_NBR, SR_QUOTA_ACHIV_AGGR.PROD_LINE_CD, SR_QUOTA_ACHIV_AGGR.QUOTA_CREDIT_COUNTRY_KEY, SR_QUOTA_ACHIV_AGGR.SALES_ORG_ID FROM ROAD_RUNNER
    Thanks

  • Acrobat 9.0 Std - How do I create a button that will show / hide the menu bar?

    In Adobe Acrobat 8, I was able to create a button that would show the menu bar using Link Properties. In version 9.0, the option I used is missing.
    The other view options are there under "Execute a menu item": View > Toolbars > File, Edit, etc.
    Any help would be greatly appreciated - thanks!

    In Adobe Acrobat 8, I was able to create a button that would show the menu bar using Link Properties. In version 9.0, the option I used is missing.
    The other view options are there under "Execute a menu item": View > Toolbars > File, Edit, etc.
    Any help would be greatly appreciated - thanks!

  • Is there a terminal command that will close quicktime player once a video is finished?

    I'm running a python program that uses subprocess.call(['open', '-a', "Quicktime Player", filename]) to open a video and defaults write com.apple.QuickTimePlayerX MGPlayMovieOnOpen 1 starts it automatically. I'm wondering if there's a terminal way or a python way to close the video once it's finished.

    Hi, Thanks for the reply, I appreciate it.
    What do you mean by "pick up"?
    I mean to show what the DNS numbers are that the router is using.
    They are not entered in the DNS server field in Networks, TCP/IP tab.
    If you mean refresh the client settings, the DNS settings are obtained as part of the DHCP lease (or PPP connection in the case of PPP).
    The user/ OP is actually using PPPoA, when i googled PPPoA.. seems he is using Cisco perhaps.
    http://en.wikipedia.org/wiki/Point-to-PointProtocol_overATM (Asynchronous Transfer Mode)
    "PPPOA or PPPoA, Point-to-Point Protocol (PPP) over ATM, is a network protocol for encapsulating PPP frames in ATM AAL5. It is used mainly with cable modem, DSL and ADSL services.
    It offers standard PPP features such as authentication, encryption, and compression. If it is used as the connection encapsulation method on an ATM based network it can reduce overhead slightly (around 0.58%) in comparison to PPPoE".
    Essentially the original poster removed the OpenDNS #s from his DNS server field in the TCP/IP tab (b/c they seem to make Adobe.com inaccessible to him)
    removing them & allowing his router to "pick them up from the ISP" seems to solved his problem.
    However he can not, find what the numbers are that are being utilized,
    b/c they are not entered as usual in the Network, & part of the DHCP lease,
    or in Airport admin Utility.
    I/ we wondered, if there was a Terminal command that will show what the
    numbers are that are being used .
    Does that help clarify what I mean? Sorry to be so long winded.
    Eme '~[ )♥♪

  • Is there a Terminal command that will pick up DNS numbers?

    Hello all,
    Is there a Terminal command that will pick up the DNS numbers utilized by a router?
    The router options don't show any, though the router is set to use PPPoA to pick them up.
    I kindly TIA,
    Eme '~[ )♥♪

    Hi, Thanks for the reply, I appreciate it.
    What do you mean by "pick up"?
    I mean to show what the DNS numbers are that the router is using.
    They are not entered in the DNS server field in Networks, TCP/IP tab.
    If you mean refresh the client settings, the DNS settings are obtained as part of the DHCP lease (or PPP connection in the case of PPP).
    The user/ OP is actually using PPPoA, when i googled PPPoA.. seems he is using Cisco perhaps.
    http://en.wikipedia.org/wiki/Point-to-PointProtocol_overATM (Asynchronous Transfer Mode)
    "PPPOA or PPPoA, Point-to-Point Protocol (PPP) over ATM, is a network protocol for encapsulating PPP frames in ATM AAL5. It is used mainly with cable modem, DSL and ADSL services.
    It offers standard PPP features such as authentication, encryption, and compression. If it is used as the connection encapsulation method on an ATM based network it can reduce overhead slightly (around 0.58%) in comparison to PPPoE".
    Essentially the original poster removed the OpenDNS #s from his DNS server field in the TCP/IP tab (b/c they seem to make Adobe.com inaccessible to him)
    removing them & allowing his router to "pick them up from the ISP" seems to solved his problem.
    However he can not, find what the numbers are that are being utilized,
    b/c they are not entered as usual in the Network, & part of the DHCP lease,
    or in Airport admin Utility.
    I/ we wondered, if there was a Terminal command that will show what the
    numbers are that are being used .
    Does that help clarify what I mean? Sorry to be so long winded.
    Eme '~[ )♥♪

  • How do I set the ammount of URL's that will show when you click the drop down bar?

    I remember before I was able to set a certain amount of URL's that would show in the drop down menu. before I had 10 set and then I downloaded an add on and now it's only 4. I disabled that add on and it's still only 4.

    If you have the FastestFox extension (Tools > Add-ons > Extensions) then see:
    Location bar 4 websites: FastestFox Options > General, uncheck "Enhance Awesomebar"
    Your above posted system details show outdated plugin(s) with known security and stability risks.
    *Shockwave Flash 10.0 r45
    Update the [[Managing the Flash plugin|Flash]] plugin to the latest version.
    *http://www.adobe.com/software/flash/about/

  • Sample Command Output of show chassis inventory for CSS

    Hi,
    I am trying to get a sample command output of "show chassis inventory" for:
    CSS 11501
    CSS 11503
    CSS 11506
    Can anyone help?
    Thanks in advance.
    Mike

    Hi Mchi,
    When I use the command: show chassis inventory. I found :
    Slot  Module                           Serial
    1     CSS5-SCM-2GE F0   JABxxxxxxx
    2     CSS5-IOM-2GE E0   JAB08xxxxxx
    3     CSS5-IOM-8FE F0   JAB0xxxxxxx
    4     CSS503-SM-INT     JAB09xxxxxxx
    this is the switch fabric module that connects the other modules.
    This is an internal module and it can't be removed/replaced.
    Use the show chassis command to display a chassis configuration for the CSS. The syntax and options for this command are as follows:
    •show chassis - Displays a summary of the chassis configuration.
    •show chassis slot number  - Displays the operational parameters for a slot in a CSS 11503 or CSS  11506 chassis. Enter an integer value for the chassis slot number.
    •show chassis verbose - Displays detailed information about the chassis configuration.
    •show chassis flash - Displays the operational and locked Flash software code on the CSS  11501, and the CSS 11503 or CSS 11506 SCM and I/O modules. An asterisk  (*) character before a Flash version of code and build number indicates  that it is active.
    •show chassis inventory - Displays the physical configuration of the CSS including part and serial numbers.
    •show chassis session-processors - Displays the weight and power summary of the session processors in the CSS chassis.
    CSS11506# show chassis inventory
    Chassis Inventory:
    Product Name:    CSS11506-2AC E0    SW Version:        07.50.1.05s
    Serial Number:   JAB09xxxxxx        Base Mac Address:  00-13-80-37-xx-xx
    Slot  Module            Serial
    1     CSS5-SCM-2GE F0   JAB0915xxxx
    2     CSS5-SCM-2GE F0   JAB0914xxxx
    3     CSS5-SSL-K9 F0    JAB0848xxxx
    4     CSS5-IOM-2GE E0   JAB0808xxxx
    7     CSS506-SM E0      JAB0911xxxx
    8     CSS506-SM E0      JAB0911xxxx
      Even a "show chassis verbose" command does  not indicate the presence of a GBIC.  It shows the Operational Status of  a port as "online" whether there is a GBIC installed or not.  For  example, in the output below Slot 4 has a GBIC installed in port 4/1,  but 4/2 is empty:
    CSS11506# sho chassis verbose
    Configuration for CSS11506-2AC E0:
    Product Name:    CSS11506-2AC E0    SW Version:        07.50.1.05s
    Serial Number:   JAB0916xxxx        Base Mac Address:  00-13-80-37-xx-xx
    Module(s) Found:                   6
    Power Supplies(s) Found:           2
    Fan(s) Found:                      3
    Slot/SubSlot  Operational                  Locked
       1/1        *07.50.1.05                       07.40.1.03
       2/1        *07.50.1.05                       07.40.1.03
       3/1        *07.50.1.05                       07.40.1.03
       4/1        *07.50.1.05                       07.20.2.06
    Slot Number:                       1  Type:       CSS5-SCM-2GE F0
    Serial Number:           JAB0915xxxx  Number of Ports:          2
    Operational Status:          primary
    Port Number:                      1  Port Name:          SCM-2GE
    Operational Status           online
    Port Number:                      2  Port Name:          SCM-2GE
    Operational Status           online
    Slot Number:                       2  Type:       CSS5-SCM-2GE F0
    Serial Number:           JAB0914xxxx  Number of Ports:          0
    Operational Status:           backup
    Slot Number:                       3  Type:        CSS5-SSL-K9 F0
    Serial Number:           JAB0848xxxx  Number of Ports:          0
    Operational Status:          primary
    Slot Number:                       4  Type:       CSS5-IOM-2GE E0
    Serial Number:           JAB0808xxxx  Number of Ports:          2
    Operational Status:          primary
    Port Number:                      1  Port Name:          IOM-2GE
    Operational Status           online
    Port Number:                      2  Port Name:          IOM-2GE
    Operational Status           online
    Slot Number:                       7  Type:          CSS506-SM E0
    Serial Number:           JAB0911xxxx  Number of Ports:          0
    Operational Status:       powered-on
    Slot Number:                       8  Type:          CSS506-SM E0
    Serial Number:           JAB0911xxxx  Number of Ports:          0
    Operational Status:       powered-on
    end of buffer.
    Maybe you can use "show tech"
    HTH
    Sachin

  • I am doing a lot of presenting with the ipad and want an app that would bullseye or show where I am to my audience. Anyone know of something like this?

    I am doing a lot of presenting with the ipad and want an app that would bullseye or show where I am to my audience. Anyone know of something like this?

    It sounds like either your hard drive or the SATA cable that connects it to the motherboard are failing. This could be heat related in your case, which is why you see it after it runs awhile. You can take it to the Genius Bar for a free evaluation. If you decide to test it yourself, I usually suggest moving the hard drive to an external enclosure. If it works there for awhile, the cable is probably the issue.
    http://www.amazon.com/Sabrent-2-5-Inch-Aluminum-Enclosure-EC-TB4P/dp/B005EIGUD4/ ref=sr_1_3?ie=UTF8&qid=1397647657&sr=8-3&keywords=2.5+enclosure
    http://www.ifixit.com/Device/MacBook_Pro_13%22_Unibody_Mid_2009

  • I have an iPod Touch but I currently don't have a PC.  I found an app that would allow me to connect to my network drive and I was able to transfer music files to it.  These files do not show under the Music app and I can't find any way to do it.

    I need help from some Apple people. I have an iPod Touch and I wanted to load it up with some fresh music but I currently don't have a PC. I found an app that would allow me to connect to my 2TB network drive directly and I was able to transfer a bunch of music files to the iPod. Unfortunately, these new files do not show under the Music app and I can't seem to find any way to convince the iPod that they are music. I can play them through the file manager only. Android doesn't have this problem, any music I put on my phone is recognized as music and can be played through any of the music apps. Am I missing something or is Apple to inflexible to handle this?

    You can't. The only way to get songs in the Music app is to sync from a computer or to download from iTunes.

  • My ipod warranty ran out a few months ago I have a nano 5th gen. The problem is that if I want to play a song it would show the album artwork for about 3 seconds and go back to the main menu with no music playing. It'snot the head phones or ear jack. help

    My ipod warranty ran out a few months ago I have a nano 5th gen. The problem is that if I want to play a song it would show the album artwork for about 3 seconds and go back to the main menu with no music playing. It'snot the head phones or ear jack. Please I Need Help

    See this Troubleshooting Assistant
    http://www.apple.com/support/ipod/five_rs/nano5gen/
    Reset
    How to reset iPod

  • Previously Firefox would show a number at the end of the file name (renaming the file by adding a number) showing that I had already downloaded a file at least once before. Recently that isn't happening. How do I get that feature back?

    When downloading, previously Firefox would show a number at the end of the file name (renaming the file by adding a number) showing that I had already downloaded a file at least once. Now that isn't happening. How do I get that feature back?

    When downloading, previously Firefox would show a number at the end of the file name (renaming the file by adding a number) showing that I had already downloaded a file at least once. Now that isn't happening. How do I get that feature back?

  • How to bind the user-defined watch to a specific server so that server's Health would show green ball and is linked to Monitoring watch?

    Hi,
    I create a user defined watch for BI4.1 ExplorerExplorationServer server in CMC -> Monitoring.
    Caution:
    node.ExplorerExplorationServer$'Server Running State'==1 ||
    node.ExplorerExplorationServer$'Server Running State'==2 ||
    node.ExplorerExplorationServer$'Server Running State'==4 ||
    node.ExplorerExplorationServer$'Server Running State'==6 ||
    node.ExplorerExplorationServer$'Server Running State'==7 ||
    node.ExplorerExplorationServer$'Health State'==1
    Danger:
    node.ExplorerExplorationServer$'Server Running State'==0 ||
    node.ExplorerExplorationServer$'Server Running State'==5 ||
    node.ExplorerExplorationServer$'Health State'==0
    However, in CMC -> Servers -> Explorer Services, the ExplorerExplorationServer shows "Information is not available" blue ball in Health.
    How do I bind the user-defined watch to a specific server so that server's Health would show green ball and is linked to Monitoring watch?
    Regards,
    Jin-Chong

    Hello JinChong,
    We had created User-defined Explorer watches on our environments and have run into issues.
    Have received many false alerts even though Explorer servers are running fine.
    After creating an AGS case it was informed to us that Explorer does not have monitoring capabilities.
    AGS is checking with solution architect of Explorer application about when the monitoring watches for explorer would be included.
    Regards,
    Rohit

  • Would like to automate this Powershell command that sets the UPN of all mail enabled users

    I have command that changes the UPN of all mailbox users
    Get-ADUser -Filter * -properties homemdb | where {$_.homemdb -ne $null} | ForEach-Object ($_.SamAccountName) {$CompleteUPN = $_.SamAccountName + “@contoso.com”; Set-ADUser -Identity $_.DistinguishedName -UserPrincipalName $CompleteUPN}
    The command works using the AD module for
    powershell. What I would like to do it write a script that does the following.
    Runs the command above
    Only applies changes to users that need it. (I think this applies the setting to all users with the "homemdb")
    I was thinking of setting it as a scheduled task on one of the Domain Controllers. My
    powershell skills are lacking at best, so any guidance on how to set this up would be much appreciated. 
    Thanks

    Cannot bind parameter 'Filter' to the target.
    Exception setting "Filter":
    "Invalid filter syntax. For a description of
    the filter parameter syntax see the command help.
    "(RecipientType -eq
    'UserMailbox') -and
    (UserPrincipalName -notlike
    ('*@{1}' -f $UPNSuffix))" at position 68."
        + CategoryInfo         
    : WriteError:
    (:) [Get-User],
    ParameterBindingException
        + FullyQualifiedErrorId
    : ParameterBindingFailed,Microsoft.Exchange.Management.RecipientTasks.GetUser
    Read the error very carefully: "Invalid filter syntax"
    You filter: "(RecipientType -eq
    'UserMailbox') -and
    (UserPrincipalName -notlike
    ('*@{1}' -f $UPNSuffix))"
    This is not a good filter for anything.
    This is not legal in a filter: (UserPrincipalName
    -notlike ('*@{1}'
    -f $UPNSuffix))"
    See filter syntax for rules on the limited support for PowerShell syntax.   filters are a subset.
    ¯\_(ツ)_/¯

  • My MacAir has to go in for hardware repair, and I was told that if diagnostics couldn't trigger the error, it would be returned to me to guinea pig the specifics with a log. Why can't the crash reports generated by the computer itself be used?

    My MacAir has to go in for hardware repair, and I was told that if diagnostics couldn't trigger the error, it would be returned to me to guinea-pig the specifics with a log. Why can't the automatic crash reports generated by the computer itself be used?  I would think they would be the most accurate and specific record of incidents, and could easily be identified with the computer serial number.  What am I missing in this scenario?

    What you're missing is that diagnostics software doesn't cover everything in any laptop made by anyone.
    Intermittent problems, and genuine hardware induced faults typically, or course, are hard to pinpoint.
    jet fighter planes contain 1000s of sensors and multimillion dollar live diagnostics and still can't "see" more than 60% of hardware potential faults.
    Lucky you, the Air however contains extremely few parts, there isnt much to diagnose on one.
    The Air contains 90% fewer parts than a typical laptop from a mere 7 years ago.  

Maybe you are looking for

  • IPod Touch transfer to new mac laptop

    Hey guys, So I searched around and tried troubleshooting but im still having issues. My old laptop died and all of my music is on my iPod touch that im trying to sync with my new authorized itunes. When I hit SYNC it just says its going through the m

  • Is the ram in my Imac Al compatible with my macbook Core Duo???

    Is the ram in my Imac Al compatible with my macbook Core Duo??? The ram in my Imac is 2x 1GB. Thanks, KANE

  • EditingComponent in TreeCellEditor 1.2 to 1.5

    I have inherited some code and am faced with making a few changes and making sure it works with 1.5. It currently works with 1.2. I have a custom DefaultTreeCellEditor as shown below in part. In 1.5 editingComponent is null, so of course the call to

  • Make screenshots jpg with lion

    I am a first time owner of a mac (imac).  When I perform a screenshot, it is in a png format.  I need to change the format to jpg.  I keep reading that I should open it with preview and do save as... I now know that the new version of preview no long

  • LOG_ACCESS_ERROR exception  raised

    Hello, I am getting short dump said above at EBP release 700 . To create shopping cart  when click on link shop on home page,  error message shown  "Exception condition "LOG_ACCESS_ERROR" raised". Dump is generated showing  RAISE statement in the pro