BGP help with UPnP/DDOS/DNS
Currently i have 2x1GB BGP routers running at my upstream provider. Recently we had a huge DDOS attack that was a UPnP/SSDP attack that was focused at a customer and it was also attacking our DNS server. The BGP routers & Switches were lit up like a christmas tree, all data lights were pretty much solid trying to process the data coming in. Then my BGP routers just shut themselves down i can only assume that was caused by a Buffer overload. Can someone please advise me on if there is something i can do to help prevent this kind of attack in the future?
Hello.
As a DDOS prevention you may use either a DDOS prevention service from third party, or just try to protect your subnets/hosts with
Remote Triggered Black Hole Filtering
https://tools.ietf.org/html/rfc5635
Also if you faced any issue with network link utilization (inside your network) - deploy QoS or upgrade the links.
PS: I wonder where you were not able to access your BGP routers?! Are they not fast enough to process 1G of data? Don't you protect management and control plane on the network devices?
Similar Messages
-
Help with Preference pane DNS settings for Mail
I have a mail (not Apple Mail) issue with my Entourage Mail. I keep getting
the following error message and I have verified the server settings in my
mail accounts are correct for ATT that uses pop.att.yahoo.com. I manage to
get mail most of the time but I still get the following error message:
Error Description
Error:
Entourage cannot find the server. Verify the server information is entered correctly in the Account Settings, and that your DNS settings in the Network pane of System Preferences are correct.
Explanation:
Could not retrieve mail
Error: -1370
My System Preferences/Network/Advanced/DNS point to my 2wire Gateway combo
modem/router. The router is set for Automatic DNS. I tried changing it to manual
and it did not works any better.
If I change the DNS setting in the preference pane in OS X, will it really use that
DMS address and bypass the router?
I played around with the namebench utility
http://www.macupdate.com/info.php/id/32784/namebench and each time you
run it, namebench makes a better recommendation - saying something is faster
than the previous recommendation.
I am lost on what I need to do correct the Network pane of my System Preferences.
Should it point to the router or to good DNS?
I do not think this is a Microsoft Entourage issue.
Have others seen this issue or is unique to my setup.Going to sleep on and see how it works in the morning.
The problem is solved and I have checked the Yes button that my
question has been answered. The following is a copy of a posting
two days ago to the Microsoft Entourage group that should work
just as well for Mail users.
If you are tied of getting the following Entourage error
message -3170 over and over again, read on.
Error:
Entourage cannot find the server. Verify the server information
entered correctly in the Account Settings, and that your DNS
settings in the Network pane of System Preferences are correct.
Explanation:
Could not retrieve mail
Error –3170
Thanks to a tip from Diane Ross I have gone two days without
getting the error message.
First, I know the Account Settings for my ATT DSL service
have been correct for some time and have not changed.
The short version of the fix that worked for was to open
the OS X 10.6.3 (Snow Leopard) System Preferences/
Network/Advanced/DNS panel and add some better Domain
Name Servers from my location.
The default (or before) OS X setting was:
DNS Servers: Search Domains:
192.168.1.254 gateway.2wire.com
Note both were dimmed. The server listed tells OS X to use
the ATT provided combo 2wire modem/router for my DSL service.
The change that seem to have worked for me was to leave the
Search Domain the same; however, I added some good servers that
bypass the 2wire gateway with its automatic DNS setting.
DNS Servers: Search Domains:
208.67.220.220 gateway.2wire.com
208.67.220.222
65.68.49.51
192.168.1.254
I found the ‘good’ or better DNS Servers by making several runs
using the free Google utility called namebench 1.2
<http://www.macupdate.com/info.php/id/32784/namebench>
This utility takes some time and will make suggestions from your
location. If you add the namebench recommendation and run it
again it will find a better recommendation. I had to make several
runs to find the better DNS Servers for my location. The first or
primary is called OpenDNS, the second is a backup for the OpenDNS
and the third is SBC Global TX now owned by ATT and I live in
Texas. Note I ended with the default IP address.
FYI, I tied using the selected servers in the 2wire gateway in the
manual mode rather than the default automatic mode and it just
did not work right. Some pages would not open and others were
slow. For this reason I run the router in the automatic mode for
DNS and control things using the OS X Network preference pane.
The addition of preferred DNS Servers in my Preference seems
to have slowed down and hopefully stopped Entourage 2008
version 12.2.4 -3170 error messages.
Message was edited by: aRKay -
Help with DNS setup for LAN only
I have a Mac Mini SNS 10.6.8 as our company's local standalone fileserver.
Everything has ran great for the past year (still is), but now I want to try and setup DNS for more control and services.
The server host name is servername (no FQDN), which shows up in Server Admin as servername.local.
I read and followed Hoffman Labs great step-by-step, but must have missed something, since I still cannot get DNS resolution.
Here is a brief summary of the Server Admin settings:
Host Name servername
Host (Server) IP 192.168.4.2
Router IP (also default public DNS IP) 192.168.4.1
Bonjour Wide Area = Not enabled
Settings Accept recursive queries = localnets
Settings Forwarder IPs = 8.8.8.8 & 8.8.4.4 (Google Public DNS)
now... Zones 1 Primary Zone = companyname.net (we own the domain)
Primary Zone Name = companyname.net
Nameserver Zone = companyname.net
Nameserver Host Name = servername.companyname.net
2 A Records:
servername 192.168.4.2
user1 192.168.4.3
Reverse mapping - automatic - OK
Testing Ran sudo changeip -checkhostname
Results:
Primary address = 192.168.4.2
Current hostname = servername
The DNS hostname is not available. Please repair DNS and re-run this tool.
I must be doing something wrong, but I don't know what it is. Please help.Did you intend to have both "example.com" and "example.net" listed there? Are those domains really different? I'm going to assume that was an obfuscation error. (This is part of the "fun" of obfuscation, unfortunately. Of having to differentiate errors in the actual configuration from errors that were introduced during the obfuscation.)
>Oddly, even though I had manually assigned our Comcast gateway's DNS to Google DNS IPs, the gateway summary still shows up as Comcast's DNS server IPs. So I removed the manually assigned Google DNS IPs from the gateway.
The gateway (or whatever you're using as your DHCP server) should be configured with the DNS server address of 192.168.4.2. All other hosts on your network (if you're planning to use your local DNS everywhere on your LAN) should also reference 192.168.4.2, either through an explicit static configuration, or as the address that was received from the DHCP server.
And as for IP routing, are all your hosts, network printers, network gateways, DHCP servers, etc., all in the range of 192.168.4.1 to 192.168.4.254? (They should be, if you're using a /24-class 255.255.255.0 subnet mask.)
But then I don't know where this configuration has gone off the rails... (Over the years, I've seen and have made my own configuration errors, I've been "bagged" by DNS caches, and I've hit various bugs in DNS implementations.) What you have stated here should work.
I'd start at the top of the DNS configuration article, and not stray from what is written there. That there has been Google DNS and have had ISP DNS configured at the gateway does mean there were some areas that have strayed from the article. I'd suggest following the DNS server configuration directions exactly.
Setting up DNS services with OS X Server isn't difficult, but it can be a little fussy.
If you don't understand something that's written in that article -- or if you believe you need to enter something different than what's listed there -- then please stop and ask about it. Either ask here, or ask over there. (This feedback also helps improve that article.)
Straying from what's written in that article is certainly and entirely feasible, but that's something best left until after the adminstrator is more familiar with running a DNS server. Once you know how and why and where you can stray, there are all sorts of things you can do within a DNS configuration. -
itunes could not connect to internet.. i have read all your solution but non help, include firewall, restart dns, check IE setting ETC... PLS HELP, my phone can't sync with itune...........
i could not do anything with itune, check updates, help. etc..
i am using windows 7.. and the latest itune, (previous itune also can't sync) -
i need help with my WRT54GS V5.1 wireless router. it cannot connect to the internet and i don't know why. at the moment i have to use an ethernet cable coming from a virgin media modem. information that might be usefull. one of the antennas on the router is broke i am using windows vista on a toshiba laptop. the model is WRT54GS V5.1 thanks for people who help note: i am only 13 so somethings you say i might not understand.
Access Setup page of router .....
Click wireeless tab .... have a note of the wireless settings on that page .... Please click on the tab "Application and gaming" and click on sub
tab "Port range forwarding"
1) On the first line in Application box type in "Xbox", in start box
type in 88, in end box type in 88, in protocol keep it both, in ip
address type in 192.168.1.20 and give a check mark on enable box.
2) On the second line in Application box type in "Xbox", in start box
type in 3074, in end box type in 3074, in protocol keep it both, in ip
address type in 192.168.1.20 and give a check mark on enable box.
3) Now save the settings
4) Once you return to the setup page, click on the tab "Administration"
and disable the UPNP and save the settings.
5) Now assign the given ip address on your xbox
ip address :- 192.168.1.20
subnet mask :- 255.255.255.0
default gateway :- 192.168.1.1
Please assign the dns address on the xbox
primary dns :- 4.2.2.2
secondary dns :- 192.168.1.1
6) Please try to test your xbox live. -
WRT310N: Help with DMZ/settings (firmware 1.0.09) for wired connection
Hello. I have a WRT310N and have been having a somewhat difficult time with my xbox 360's connection. I have forwarded all the necessary ports (53, 80, 88, 3074) for it to run, and tried changing MTU and what-not.
I don't know if I have DMZ setup incorrectly, or if it's my settings.
Setup as follows:
PCX2200 modem connected via ethernet to WRT310N.
The WRT310N has into ethernet port 1 a WAP54G, and then upstairs (so that my Mother's computer can get a strong signal) I have another WAP54G that I believe receives its signal from the downstairs 54G.
In the back of the WRT310N, I have my computer connected via ethernet port 3, and my Xbox 360 connected via ethernet port 4.
Now, I first figured I just have so many connections tied to the router and that is the reason for being so slow. However, when I unplug all the other ethernet cords and nothing is connected wirelessly, except for my Xbox connected to ethernet port 4, it is still poor. Also, with everything connected (WAP54G and other devices wirelessly) I get on my PC and run a speedtest. For the sake of advice, my speedtests I am running on my PC are (after 5 tests) averagely 8.5 Mbps download, and 1.00 Mbps upload, with a ping of 82ms.
Here is an image of the results:
http://www.speedtest.net][IMG]http://www.speedtest.net/result/721106714.png
Let me add a little more detail of my (192.168.1.1) settings for WRT310N.
For starters, my Father's IT guy at his workplace set up this WRT310N and WAP54G's. So some of these settings may be his doing. I just don't know which.
"Setup" as Auto-configurations DHCP. I've added my Xbox's IP address to the DHCP reservation the IP of 192.168.1.104. This has (from what I've noticed) stayed the same for days.
MTU: Auto, which stays at 1500 when I check under status.
Advanced Routing: NAT routing enabled, Dynamic Routing disabled.
Security: Disabled SPI firewall, UNchecked these: Filter Anonymous Internet Requests, Multicast, and Internet NAT redirection.
VPN passthrough: All 3 options are enabled (IPSec, PPTP, L2TP)
Access Restrictions: None.
Applications and Gaming: Single port forwarding has no entries. Port Range Forwarding I have the ports 53 UDP/TCP, 88 UDP, 3074 UDP/TCP, and 80 TCP forwarded to IP 192.168.1.104 enabled. (192.168.1.104 is the IP for my xbox connected via ethernet wired that is in DHCP reserved list)
Port Range Triggering: It does not allow me to change anything in this page.
DMZ: I have it Enabled. This is where I am a bit confused. It says "Source IP Address" and it has me select either "Any IP address" or to put entries to the XXX.XXX.XXX.XXX to XXX fields. I have selected use any IP address. Then the source IP area, it says "Destination:" I can do either "IP address: 192.168.1.XXX" or "MAC address:" Also, under MAC Address, it says DHCP Client Table and I went there and saw my Xbox under the DHCP client list (It shows up only when the Xbox is on) and selected it.
Under QoS: WMM Enabled, No acknowledgement disabled.
Internet Access Priority: Enabled. Upstream Bandwith I set it to Manual and put 6000 Kbps. I had it set on Auto before, but I changed it. I have no idea what to put there so I just put a higher number.
Then I added for Internet Access Priority a Medium Priority for Ethernet Port 4 (the port my xbox is plugged into).
Administration: Management: Web utility access: I have checked HTTP, unchecked HTTPS.
Web utility access via Wireless: Enabled. Remote Access: Disabled.
UPnp: Enabled.
Allow Users to Configure: Enabled.
Allow users to Disable Internet Access: Enabled.
Under Diagnostics, when I try and Ping test 192.168.1.104 (xbox when on and connected to LIVE), I get:
PING 192.168.1.104 (192.168.1.104): 24 data bytes
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
--- 192.168.1.104 data statistics ---
5 Packets transmitted, 0 Packets received, 100% Packet loss
Also, when I do Traceroute Test for my Xbox's IP, I just keep getting:
traceroute to 192.168.1.104 (192.168.1.104), 30 hops max, 40 byte packets
1 * * * 192.168.1.1 Request timed out.
2 * * * 192.168.1.1 Request timed out.
As for the Wireless Settings, it is all on the default settings with Wi-Fi Protected setup Enabled.
To add, I have tried connecting my modem directly to the Xbox and my connection is much improved. I have no difficulty getting the NAT open, for it seems my settings are working for that. Any help with these settings would be VERY much appreciated.
Message Edited by CroftBond on 02-18-2010 01:09 PMI own 2 of these routers (one is a spare) with the latest firmware and I have been having trouble with them for over a year. In my case the connection speed goes to a crawl and the only way to get it back is to disable the SPI firewall. Rebooting helps for a few minutes, but the problem returns. All of the other fixes recommended on these forums did not help. I found out the hard way that disabling the SPI Firewall also closes all open ports ignoring your port forwarding settings. If you have SPI Firewall disabled, you will never be able to ping your IP from an external address. Turn your SPI Firewall back on and test your Ping.
John -
Windows Server 2008 R2 with multiple Roles OS Rebuild, Need help with Certificates.
Hi,
I have rebuilt a Server for my client and I require help with certificates..
I am unsure exactly what to do to get this server working as it was.
Example, The Windows Server 2008 R2 has Microsoft Exchange, DNS, DHCP, ADDS, FileServices,Network Policy and access Services and Webservices roles installed on a single box.
Since the Server OS Rebuild I am getting 2 issues that pop up usually when Outlook in opened on a client Workstation,
I have not dont anything certificate wise to the server since OS Install, and the messages I get and best described here
I seen on a backdrive, a few certificate files I dont know if we can use these files for anything but we have the following files of drive E (Backup)
e:\server.xxxx.com.au\gd_iis_intermediates.p7b
e:\server.xxxx.com.au\server.xxxx.com.au.crt
e:\ssl\2013-2018.cer
1st Message is about a Proxy certificate I dont get this often but saw it today and my client clicked ok too quickly.
I have seen it and didnt see it again after trying to close outlook and reopen
I looked up google images and tried to find it...
It's like this, (There is a problem with the proxy server's security certificate.
The security certificate is not from a trusted certifying authority.)
2nd Message is about Security Alert, Autodiscover.xxxx.com.au Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the sites security certificate.
-X- The security certificate was issued by a company you have not chosen to trust. View the certificate to determine whether you want to trust the certificating authority
-TICK- The security certificate date is valid
-X- The name on the security certificate is invalid or does not match the name of the site
Do you want to preceed
[Yes][No][View Certificate ...]
3rd Message is very Close to the 2nd Message, is about Security Alert, xxxx-server.xxxx.local, Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the sites security certificate.
-X- The security certificate was issued by a company you have not chosen to trust. View the certificate to determine whether you want to trust the certificating authority
-TICK- The security certificate date is valid
-TICK- The name on the security certificate is invalid or does not match the name of the site
Do you want to preceded
[Yes][No][View Certificate ...]
If you can help guide me thou this as I'm very new to setting up certificates. I had a friend tell me about something in DNS.. but he has been super busy and I want to learn what to do.
Thank-You.Hiya,
quite a lot has the same confusions as you do, so I've written a simple explanation on the subjet of certificates
http://jesperarnecke.wordpress.com/2014/03/22/certificates-simple-explanation/
Let me know if that helps you and if you need further assistance. -
Firefox Doesn't display correctly and is very laggy on sites with CloudFlare DDoS Protection
Since 35.0 and above i have been getting weird behaviour on sites with CloudFlare DDoS protection.
When i open the site in a new window, it takes a really long time and sometimes doesn't display at all and gives me a blank page. and now it just starts to say "New Tab" and i can't hit refresh.
When the site actually loads after 20 something attempts, the site is laggy, any action takes upwards of 20 seconds.
Whenever i try to open something, i get a blank page with the URL at tabs. Whenever i try to like or post anything, it delays by 15-20 seconds.
Site i am trying to use with much failure. http://hypixel.net/
Anyone else having this issue?''Gnospen [[#answer-693501|said]]''
<blockquote>
maybe it would help if you open "troubleshooting information" (under help)
and copy it to clipboard and paste it here
</blockquote>
"application": {
"name": "Firefox",
"version": "35.0.1",
"userAgent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 Firefox/35.0",
"supportURL": "https://support.mozilla.org/1/firefox/35.0.1/WINNT/en-US/",
"numTotalWindows": 1,
"numRemoteWindows": 0
"crashes": {
"submitted": [
"id": "bp-267af71f-8bf3-46cc-883e-ff65e2150222",
"date": 1424594056152,
"pending": false
"pending": 1
"modifiedPreferences": {
"accessibility.typeaheadfind.flashBar": 0,
"browser.cache.disk.smart_size.first_run": false,
"browser.cache.disk.smart_size.use_old_max": false,
"browser.cache.disk.capacity": 358400,
"browser.cache.disk.smart_size_cached_value": 358400,
"browser.cache.frecency_experiment": 4,
"browser.fixup.domainwhitelist.googler": true,
"browser.fixup.domainwhitelist.google": true,
"browser.fixup.domainwhitelist.gmail": true,
"browser.fixup.domainwhitelist.totaldramawiki": true,
"browser.fixup.domainwhitelist.omegle": true,
"browser.newtab.url": "http://mystart.incredibar.com/?a=6PRnKQcHXQ&i=26&did=10963&loc=skw",
"browser.places.smartBookmarksVersion": 7,
"browser.sessionstore.upgradeBackup.latestBuildID": "20150122214805",
"browser.sessionstore.max_resumed_crashes": 100,
"browser.sessionstore.enabled": true,
"browser.startup.homepage_override.mstone": "35.0.1",
"browser.startup.homepage": "http://mystart.incredibar.com/?a=6PRnKQcHXQ&i=26&did=10963&loc=skw|http://www.youtube.com/",
"browser.startup.homepage_override.buildID": "20150122214805",
"dom.max_chrome_script_run_time": 0,
"dom.mozApps.used": true,
"extensions.lastAppVersion": "35.0.1",
"font.internaluseonly.changed": true,
"gfx.direct3d.last_used_feature_level_idx": 0,
"keyword.URL": "http://mystart.incredibar.com/?a=6PRnKQcHXQ&i=26&did=10963&loc=skw&search=",
"media.gmp-gmpopenh264.lastUpdate": 1423171183,
"media.gmp-gmpopenh264.version": "1.3",
"media.gmp-manager.lastCheck": 1424516177,
"network.cookie.prefsMigrated": true,
"places.database.lastMaintenance": 1424565640,
"places.history.expiration.transient_current_max_pages": 104858,
"plugin.disable_full_page_plugin_for_types": "application/pdf",
"plugin.state.nppdf": 2,
"plugin.importedState": true,
"privacy.sanitize.timeSpan": 0,
"privacy.cpd.cookies": false,
"privacy.sanitize.migrateFx3Prefs": true,
"privacy.cpd.sessions": false,
"storage.vacuum.last.places.sqlite": 1424326926,
"storage.vacuum.last.index": 1
"lockedPreferences": {},
"graphics": {
"numTotalWindows": 1,
"numAcceleratedWindows": 1,
"windowLayerManagerType": "Direct3D 11",
"windowLayerManagerRemote": true,
"adapterDescription": "Intel(R) HD Graphics 4000",
"adapterVendorID": "0x8086",
"adapterDeviceID": "0x0166",
"adapterSubsysID": "00000000",
"adapterRAM": "Unknown",
"adapterDrivers": "igdumd64 igd10umd64 igd10umd64 igdumd32 igd10umd32 igd10umd32",
"driverVersion": "8.15.10.2712",
"driverDate": "3-26-2012",
"adapterDescription2": "",
"adapterVendorID2": "",
"adapterDeviceID2": "",
"adapterSubsysID2": "",
"adapterRAM2": "",
"adapterDrivers2": "",
"driverVersion2": "",
"driverDate2": "",
"isGPU2Active": false,
"direct2DEnabled": true,
"directWriteEnabled": true,
"directWriteVersion": "6.2.9200.16571",
"webglRenderer": "Google Inc. -- ANGLE (Intel(R) HD Graphics 4000 Direct3D9Ex vs_3_0 ps_3_0)",
"info": {
"AzureCanvasBackend": "direct2d",
"AzureSkiaAccelerated": 0,
"AzureFallbackCanvasBackend": "cairo",
"AzureContentBackend": "direct2d"
"javaScript": {
"incrementalGCEnabled": true
"accessibility": {
"isActive": false,
"forceDisabled": 0
"libraryVersions": {
"NSPR": {
"minVersion": "4.10.7",
"version": "4.10.7"
"NSS": {
"minVersion": "3.17.2 Basic ECC",
"version": "3.17.2 Basic ECC"
"NSSUTIL": {
"minVersion": "3.17.2",
"version": "3.17.2"
"NSSSSL": {
"minVersion": "3.17.2 Basic ECC",
"version": "3.17.2 Basic ECC"
"NSSSMIME": {
"minVersion": "3.17.2 Basic ECC",
"version": "3.17.2 Basic ECC"
"userJS": {
"exists": true
"extensions": [
"name": "Adblock Plus",
"version": "2.6.7",
"isActive": false,
"id": "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}"
"name": "FastFreeConverter",
"version": "5.6",
"isActive": false,
"id": "extension@Fast_Free_Converter.com"
"name": "Mozilla hotfix",
"version": "2.0",
"isActive": false,
"id": "[email protected]"
"name": "Updater By SweetPacks",
"version": "2.0.0.609",
"isActive": false,
"id": "{8E9E3331-D360-4f87-8803-52DE43566502}"
"experiments": []
} -
Hi,
I'm trying to inplement the fix that is decribed here http://support.apple.com/kb/ts4041 about creating reverse lookup zones and pointers. Although there is information there about it, it links to Microsoft's website with details about it but they're pretty vague. I was wondering whether anyone would be able to provide assisstance to someone without much DNS experience?
Thanks.The workarounds or fixes discussed in that technical note are all sequences over on Microsoft Windows Server and involve the Windows Server 2008 DNS server.
Which particular sequence are you trying with Windows Server, and what's confusing you about it? (So that somebody here might be able help with this.)
What OS X Server version? If you're trying to do IPv6 on 10.6.8, AFAIK that involves manually editing the zone files, and that can perturb Server Admin.app. Based on a quick look, there's no IPv6 AAAA record support in the GUI. (But you're probably using the Microsoft Windows Server DNS servers?)
Which Windows Server?
The best fix is to register a real domain and migrate the local network and the domain servers over to that. The Apple networking engineers have recommended against using .local for DNS for a while. They've indicated they try to make this work, but that it likely won't be reliable. Microsoft is moving away from this, as well. -
I can't get bonjour to run on my computer. I have tried uninstalling, installing the previous version and downloading bonjour for windows from apple.The service starts normally and is running but the IE plugin shows "bonjour service not available", running the printing wizard shows the same. I ran the dns-sd which shows
c:\>dns-sd -V
DNSServiceGetProperty failed -65537
c:\>dns-sd -I
Registering Service Test.testtxt.tcp.local.
DNSService call failed -65537
I have itunes 8 installed, haven't found the need to use bonjour before so would usually uninstall it. Don't know much about bonjour, tried searching the forums but couldn't come up with anything. Can anyone help with this?I get into the same situation consistently after switching the network connection from Ethernet LAN to Wireless LAN. The only fix I know of is to restart the PC.
-
Help with Windows Sharing Please
Hello,
I am new to Mac and this is my first mac book 17 running Mac OS X 10.4.8 pro i've purchased through work. I only recieved this 2 days ago. I am having a problem connecting to my windows 2003 active server / domain controller at work and I am having a problem connecting to my windows xp computer share at home when i take my laptop home with me.
At work I am connecting to my network via wired built in ethernet with the following ip
IP - 10.43.144.190
SN - 255.255.240.0
GW - 10.43.144.2
DNS1 - 10.43.144.80 - This is my primary Domain controller DNS
DNS2 - 10.43.144.81 - This is my secondary Domain controller DNS
I also have parralels installed running windows xp for my proprietary software that only run on xp with the following address
IP - 10.43.144.191
SN - 255.255.240.0
GW - 10.43.144.2
DNS1 - 10.43.144.80 - This is my primary Domain controller DNS
DNS2 - 10.43.144.81 - This is my secondary Domain controller DNS
the only difference is that my ip has change.
The problem that i am having is when i go to the finder and network i see all my computers on the network even my windows server. but it won't let me connect. i get an error the the alias no longer exsits do i want to fix or delete.
So i try installing directory access plug-in via directory access and when i go to connect to my domain controller i get an error that it cannot find or resolve my domain name.
Know if your familiar with stupid windows in order for you to connect to AD your computer must be able to resolve the domain name via DNS. to when i go to ping my domain name eg. my.company.com i get an error cannot resolve. but when i ping the ip address it sees the server.
So the first problem that i see with mac is that for some reason it resolves the ip address but i need it to resolve the domain name, and i can't for the life of me figure out how to do this.
and if your answer is to modify the hosts file - i tried that and if your familiar with windows networking that won't work on windows machines either - again STUPID WINDOWS.
So in short how do i connect to my 2003 AD Server.
The reason i know that my laptop will connect to my domain is that remember i installed parralels on this macbook with windows xp. well guess what - you got it, I connect to my domain. so i know that it isn't a hardware issue or a network issue its a mac issue.
Finally i am having the same problem at home connecting to my network via the airport. I see my computer but cannot connect to my computer with windows xp shares. Any suggestions?
If anyone could help me it would be much appreciated. I tried calling MAC support and they were no use. They said they were transfering my problem to the engineers. and then they said that they couldn't help me becuase its beyond their scope of repairs. but if its a mac os x problem how can it be beyond their repair? I mean come on I purchased this mac for work, told by the sales man that i would have no problems and that mac support is there for me if i cannot connect but they seem like they aren't. I could've went and purchased a dell and not have this headache of connecting to my server of workstation.
Again sorry for the ranting but if anyone can help me out it would be much appreciatedNot to sure how to direct you with your issue at home, but here is some help with the server at work.
As I know it, you have two routes. You are obviously (to me) familiar with networking so you might already know that you can install File Services for Macintosh on the server. It's a component of Windows Server that allows you to connect Macs via AFP to the server. Just install it, share a folder and connect via AFP. Easy, but the drawback is that you are limited to 31 character filename lengths on the Mac share.
I am assuming you want to stay SMB. For that, you need to disable SMB signing on the server via a Group Policy. Here is a link describing that:
http://simultaneouspancakes.com/Lessons/archives/2004/12/howtodisable.shtml
Also, Microsoft has an article on binding a Mac to the domain. It's not necessary, but you can do it if you want to get Active Directory working between the Mac and the server. It will require that the long username for an Admin user on the Mac be exactly the same as a user on the Windows network. If it's different, it won't bind.
I don't know how that will affect your laptop when in use at home.
Hope that helps. -
I think I need help with driver (software) settings for D110a
I think I need help with driver (software) settings for D110a all-in-one
Product: D110a all-in-one
OS: Windows XP Professional
Error messages: None
Changes before problem appeared: None--new installation
The quality of photo images (mostly JPG files) in printouts is awful even though the files display beautifully on the PC screen. I am using
IrfanView software for displaying/printing. As far as I can tell, IrfanView is not the problem.
When I print the same images on a Deskjet 5150 attached to a different PC also running XP Pro and IrfanView, the quality of the printouts is at
least acceptable, Some would probably say good or very good.
It's dificult to explain in words the problem with the printouts. A picture of really pretty vegetables (squashes, tomatoes, watermelon, etc) comes
out much too red. Moreover, the red, which appears shaded on the screen, seems to be all one shade in the D110a printouts.
Something similar happens to a view of a huge tree in full leaf. On screen, there are subtle variations in the "greenness" of the leaves. In the
printout, all green is the same shade. In the same printout, the trunk of the tree is all a single shade of grey. It isn;t even obvious that the
trunk is a round, solid object.
I liken the effect to audio that disappears entirely when you lower the volume and gets clipped into square waves in even moderately loud passages.
I don't know whether the D110a driver software permits adjusting the parameters that appear to be set incorrectly, and if adjustments are possible,
how I would identify which parameters to adjust, how I would access them, or how I would adjust them. I'm hoping that someone can help. Thanks.
I forgot to mention that I have used the diagnostic application and it tells me that there are no problems.
e-mail me at [email protected]brazzmonkey wrote:
Hi everyone,
I noticed the following message when network starts on my gateway
Warning: This functionality is deprecated.
Please refer to /etc/rc.conf on how to define a single wired
connection, or use a utility such as netcfg.
Then I realized the way network settings should be written in rc.conf has changed. But I can't figure out how this should be done.
Currently, my set up is the following (old way):
INTERFACES=(eth0 eth1)
eth0="dhcp"
eth1="eth1 192.168.0.10 netmask 255.255.255.0 broadcast 192.168.0.255"
ROUTES=(!gateway)
eth0 is on DHCP because the IP is dynamically assigned my ISP.
eth1 has a fix IP because it's on the LAN side.
No problem to use DHCP on eth0 with the new settings.
But for eth1, I don't know what I am supposed to write for gateway.
Wiki isn't clear on that one either, and it looks like many articles still refer to the old way.
Any guidance appreciated, thanks.
brazzmonkey,
you can't define 2 interfaces the old way (even though I saw some tricky workaround somewhere in the forums).
Use, f.e., netcfg:
Comment your old lines.
In /etc/rc.conf insert:
NETWORKS=(Eth0-dhcp Eth1-static)
DAEMONS=(..... !network @net-profiles ....)
In /etc/network.d create 2 files:
First one is named Eth0-dhcp.
Contents:
CONNECTION="ethernet"
DESCRIPTION="Whatever text"
INTERFACE=eth0
HOSTNAME="your hostname"
IP="dhcp"
DHCP_TIMEOUT=15
Second one is named Eth1-static.
Contents:
CONNECTION='ethernet'
DESCRIPTION='whatver'
INTERFACE='eth1'
HOSTNAME='hname'
IP='static'
ADDR='192.168.0.10'
GATEWAY='192.168.0.1' # your gateway IP
DNS=('192.168.0.1') # your DNS server
The names Eth0-dhcp and Eth1-static are not magic. They just must be the same in rc.conf and in /etc/network.d.
Hope it helps.
mektub
PS: netcfg must be installed.
Last edited by Mektub (2011-07-20 14:07:05) -
Help with a simple 1811 configuration
I have a very basic level of understanding with Cisco products and I need help with what should be simple and even doable by me.
I have a Cisco 1811 integrated router and am simply trying to use it on my home network. I can configure the router with an enable secret password, password encryption, VTY, aux, and cons logins with no issues. The router has 2 Ethernet interfaces, 0 and 1 and 8 switch ports.
The idea is to bring Comcast ISP service into one of the Ethernet ports and then have three machines on the switch ports able to access the Internet. Also I have an off-the shelf wireless router that I thought I would just plug that into an available switch port and allow a wireless AP as well.
This is so simply, that I can't believe I can't figure it out, but I can't.
I set int F1 to DHCP, performed a 'no shut', and connected the ISP's router and have an up and up indication. I have setup a static network with my three machines on the switch ports and enabled all applicable ports and have up and up indications - however, no traffic flow, even amongst my static Layer 2 switched LAN - not even a 'ping'. By my understanding of Layer 2, this should work right now, whether the ISP service is working or not - WHAT AM I DOING WRONG?
The addressing scheme I have ended up on is 172.16.1.0/28
Obviously without the first hurdle cleared, of why the switched LAN doesn’t work, I haven't got any deeper. Do I need to configure NAT? I don't think I would need to in the scenario right?
All of my experience, and none at the CCNA level, has been with larger Cisco equipment. One thing I noticed on the 1811 was that when trying to create a new VLAN, it appears to work yet does not do anything and the 'sh vlans' output returns nothing, not even the VLAN1 I can see with 'sh ip int brief".
Anyway, if anyone has time to help a newbie out I would appreciate it; I’m lost.
Thanks,
JoshThanks for the help Andrew! You know, I think if this was two separate devices (switch and router) I think I would be up and running, but this integrated stuff is throwing me off, not to mention that the IOS is a much older version (I guess) than what I'm used to.
They were throwing this 1811 in the trash can at work, so I just emptied the trash can. I have no documentation at all but I have since found the 1800 series documentation on Cisco.com and have tried to implement the basic configurations cited; with what seems like success, but still no joy. I did have to recover the password and did so with 0x2142, I bypassed the setup and compared the default configuration with what is listed in the documentation and they DO NOT match; I also tried to go through setup mode with the same indications. Additionally I've also learned that the 1800 series is pre-configured on certain options (DHCP, VLAN), which is new to me - I thought Cisco routers were not configured by default - isn't that kind of the point? (By the way, the below port status may not be correct since I now have all the ports unplugged)
Anyway, here is the 'show run' command, the 'sh ip int brief' command, followed by the 'sh version' command:
Show Run
Casino#sh run
Building configuration...
Current configuration : 2006 bytes
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname Casino
boot-start-marker
boot-end-marker
enable secret 5 $1$meWw$nsMTp6US7axi/uE0MWULK.
enable password 7 06535E741C1B584C55
no aaa new-model
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 172.16.1.1
ip dhcp pool Casino
import all
network 172.16.1.0 255.255.255.240
default-router 67.165.208.1
dns-server 68.87.89.150
domain-name hsd1.co.comcast.net
no ip domain lookup
ip domain name GinRummy.localhost
ip name-server 68.87.85.102
ip name-server 68.87.69.150
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
multilink bundle-name authenticated
archive
log config
hidekeys
interface Loopback0
ip address 172.16.1.1 255.255.255.240
interface FastEthernet0
no ip address
shutdown
duplex auto
speed auto
interface FastEthernet1
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
interface BRI0
no ip address
encapsulation hdlc
shutdown
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
interface FastEthernet5
interface FastEthernet6
interface FastEthernet7
interface FastEthernet8
interface FastEthernet9
interface Vlan1
no ip address
ip nat inside
ip virtual-reassembly
interface Dialer0
ip address negotiated
ip mtu 1492
encapsulation ppp
dialer pool 1
ppp authentication chap
ip forward-protocol nd
no ip http server
no ip http secure-server
ip nat pool Casino 172.16.1.2 172.16.1.14 netmask 255.255.255.240
ip nat inside source list 1 interface Dialer0 overload
access-list 1 permit 172.16.1.0 0.0.0.15
dialer-list 1 protocol ip permit
control-plane
line con 0
password 7 080E5916584B4442435E5C
login
line aux 0
password 7 013C135C0A59475A70191E
login
line vty 0 4
password 7 09635B51485756475A5954
login
end
Show IP Interface Brief
Casino#sh ip int brief
Interface IP-Address OK? Method Status Prl
FastEthernet0 unassigned YES NVRAM administratively down do
FastEthernet1 unassigned YES DHCP up do
BRI0 unassigned YES NVRAM administratively down do
BRI0:1 unassigned YES unset administratively down do
BRI0:2 unassigned YES unset administratively down do
FastEthernet2 unassigned YES unset up do
FastEthernet3 unassigned YES unset up do
FastEthernet4 unassigned YES unset up do
FastEthernet5 unassigned YES unset up do
FastEthernet6 unassigned YES unset up do
FastEthernet7 unassigned YES unset up do
FastEthernet8 unassigned YES unset up do
FastEthernet9 unassigned YES unset up up
Vlan1 unassigned YES NVRAM up up
Loopback0 172.16.1.1 YES manual up up
Dialer0 unassigned YES manual up up
NVI0
'show version'
Casino#sh ver
Cisco IOS Software, C181X Software (C181X-ADVIPSERVICESK9-M), Version 12.4(15))
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Thu 24-Jan-08 13:05 by prod_rel_team
ROM: System Bootstrap, Version 12.3(8r)YH12, RELEASE SOFTWARE (fc1)
Casino uptime is 52 minutes
System returned to ROM by reload at 17:09:25 UTC Fri Jul 1 2011
System image file is "flash:c181x-advipservicesk9-mz.124-15.T3.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco 1812 (MPC8500) processor (revision 0x400) with 118784K/12288K bytes of m.
Processor board ID FHK120622J3, with hardware revision 0000
10 FastEthernet interfaces
1 ISDN Basic Rate interface
31488K bytes of ATA CompactFlash (Read/Write)
Configuration register is 0x2102
Thanks again for your help,
Josh -
cont contact apple server error please help with ipad touch 4. im just fed up with apple please help me because why is it only apple with these kind of problems?
If you mean updae server
Update Server
Try:
- Powering off and then back on your router.
- iTunes for Windows: iTunes cannot contact the iPhone, iPad, or iPod software update server
- Change the DNS to either Google's or Open DNS servers
Public DNS — Google Developers
OpenDNS IP Addresses
- For one user uninstalling/reinstalling iTunes resolved the problem
- Try on another computer/network
- Wait if it is an Apple problem
Otherwise what server are you talking about -
Help with privacy on my mac, how to stop prevent people im certain are...
certain individuals are tampering with my comp. and releasing my personal info and its been going on awhile, i just dont know deep into depth with mac how to prevent this, iv noticed when i change a password and think its ok then they will just reset it to no password (mac mail) i believe it has to do with my ip dns proxy settings etc. as im not sure exactly how these should be set up so its only me using my connection, i know also they are in my building that are sharing it, it would be easier if i lived alone lol i know there is a way around this please help! also i have the latest software snow leopard
You're a bit vague on the symptoms of the problem, but there are a few things you should know.
First, if you're using a wireless network, make sure it has WPA encryption (not WEP, and don't even think about no password in your situation!), and make sure that it's protected with a good password. Make it something with a mix of upper and lowercase letters, numbers and even some punctuation. If your wireless network is not protected, there's a lot of data that can be mined from your everyday network traffic by someone nearby who can get access to your network.
Second, does anyone you don't trust have physical access to the machine? If so, you need to run a super-paranoid anti-virus scan. I do not ordinarily recommend [MacScan|http://macscan.securemac.com>, because its paranoid beyond all belief and throws up red flags at some perfectly legit software... but if someone has installed some kind of keylogger or remote access software (something that isn't necessarily classifiable as malware, but is being used for malicious ends), MacScan will probably find it. For the truly paranoid, erasing the hard drive and reinstalling the system from scratch may be a good idea. (Whether this is a good idea or qualifies you for the tin-foil-hat club depends on the maliciousness and technical sophistication of the individual(s) with access to your machine.)
You should also, if someone untrusted has physical access, make sure you use a good password on your admin account and never leave yourself logged in while the machine is unattended. If you come back and your password doesn't work, that person has probably reset your password, and you should immediately consider the machine compromised again. And you should probably encrypt any sensitive data, since an account password can be easily reset and provides no real protection.
Third, make sure that you go to System Preferences -> Sharing and turn everything off. That will ensure there are no doors open for remote attackers.
Finally, with such vague information as you've provided, it's possible the behavior you're seeing may not even involve your Mac at all. If only your online accounts are being compromised, perhaps they have been hacked, and you just need to change the passwords on all of them to something more secure.
Maybe you are looking for
-
I am online everyday. I turn on my computer and click on the Firefox icon. A web browser appears but not with my Yahoo! homepage. Instead of seeing my Yahoo! homepage I see a screen that says, "Well this is embarrassing." I read that the problem is d
-
Hey, I have this file that I need to read so i can handle the contents. It was created in MSDOS and as I have very little experience in that topic, I wondered if anyone can point me in the right direction. I tried reading it as a ascii and binary fil
-
[solved] trying to select on a table type
Hello I am trying to shift data from one schema to another, but while I am shifting it I also want to perform a consolidation on it. My SQL looks like declare cursor basedata_cur is select cost_centre_id, mm.new_expid expense_type_id, period_id, year
-
XLR - 'Security settings in Microsoft Excel prohibit XL Reporter to run'
Dear All, Our customer is on SAP2007 and EXCEL 2007. When I import a XLR and run it, I got the error message in the short text. SAP notes 853821 and 924561 are for EXCEL 2003. Can anybody let me know what setting I should check for EXCEL 2007? Thanks
-
Can't clear drop down addresses
Hi all ... i have cleared history and emptied the cache and re-set safari but when I type in a character in the address window it still drops down all the sites I've visited ... I want to clear this out ... anyone any ideas please ... Roger