CSM 4.2 Service per packet for udp traffic

Similar Messages

• Set the max bytes per packet for an input stream

  Hi,
  I got this problem:
  I want to store some images into a DB. Now if the images are huge, the DB told me, that the packet size is too large
  maybe like that : 'Packet for query is too large (1668641 > 1048576)'
  I use an ByteArrayInputStream for the transmission to the DB.
  So if I am not able to set the max. packet size of the DB is it possible to cut the input stream into pieces to send them to the DB ?
  regards,
  Olek

  None of this makes any sense.
  The MySQL driver will be using TCP to talk to the database server. TCP is a stream oriented protocol. You can't control the size of the packets (other than the maximum by frigging with OS settings - don't do that). Neither can the server detect the sizes of incoming packets. It just sees a stream of bytes and has no idea where the write() boundries are or how the TCP protocol split that into IP packets - it's just a stream of bytes arriving in the same order they were sent.
  And... the max TCP segment size is nowhere near 32Mb, so that doesn't make any sense eeither.
  So, I conclude (especially in light of the answer about the config settings) that "packet" is a badly abused term by MySQL that allows it to limit the size of individual requests in order to provide some kind of protection against badly written clients and/or malicious attacks. If you need to send more data than this, just up the limit - especially if this is an intranet application where the client is under your control and attacks are unlikely.

• Low-latency prio queue for udp traffic, but not matching ACL?

  Hi,
  I have an OpenVPN service running behind an ASA for which I would like to prioritize the packets.
  The OpenVPN service connects to a remote OpenVPN service on 1194/udp, and accepts traffic on udp/1194 for yet another OpenVPN server.
  Here's what I did:
  access-list priority extended permit udp any any eq 1194
  priority-queue outside
  class-map priotraffic
  match access-list priority
  policy-map QoS_policy
  class priotraffic
    priority
  service-policy QoS_policy global
  priority-queue outside
  I know there are hundreds of packets per second on this OpenVPN, but still I only see 2 matched packets on the ACL "priority":
  # show access-list | inc priority
  access-list priority line 1 extended permit udp any any eq 1194 (hitcnt=2) 0xbbdd01d4
  Am I missing something? Must I know both src AND destination ports in order to achieve this?

  I started suspecting that it only matched packets for new connections (in iptables called NEW / UNREPLIED). I tested my thesis by restarting one of my openvpn tunnels, and indeed I see now a hit count of one packet.
  Question is, how come only new udp connections being matched? I would obviously like to prioritize all packets for an already established session.
  Thanks,
  By the way, the statistics after I reinitiated one of the tunnels:
  asa# show access-list | inc priority
  access-list priority line 1 extended permit udp any any eq 1194 (hitcnt=1) 0xbbdd01d4
  asa# show service-policy
  Global policy:
    Service-policy: QoS_policy
      Class-map: priotraffic
        Priority:
          Interface outside: aggregate drop 0, aggregate transmit 0
        Priority:
          Interface inside: aggregate drop 0, aggregate transmit 0
        Priority:
          Interface mobenga: aggregate drop 0, aggregate transmit 0
        Priority:
          Interface escom: aggregate drop 0, aggregate transmit 0
        Priority:
          Interface management: aggregate drop 0, aggregate transmit 0
        Priority:
          Interface server: aggregate drop 0, aggregate transmit 0
        Priority:
          Interface vpn: aggregate drop 0, aggregate transmit 0
        Priority:
          Interface cafe_member: aggregate drop 0, aggregate transmit 0
      Class-map: class-default

• Completely different AMF request packets for same remote service call from Flex to PHP using ZendAMF

  I was trying to debug why one of the remote-services in our Flex application was failing randomly. What I found was interesting. Completely different AMF request packets were sent for same remote service call from Flex to PHP.
  When the service call succeeds the AMF request packet looks like the following:
  POST /video/flex/bin-debug/gateway.php HTTP/1.1
  Host: localhost
  User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.15) Gecko/20110303 Firefox/3.6.15
  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  Accept-Language: en-us,en;q=0.5
  Accept-Encoding: gzip,deflate
  Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
  Keep-Alive: 115
  Cookie: PHPSESSID=j6u30i8uu6c3cvp8f4kipcpf05
  Referer: http://localhost/video/flex/bin-debug/main.swf/[[DYNAMIC]]/5
  Content-type: application/x-amf
  C    ontent-length: 305
  Flex Message (flex.messaging.messages.RemotingMessage)     operation = getMemberFromEvent    clientId = 2F997CD0-7D08-8D09-1A9B-0000422676C8    destination = MembereventService    messageId = B46AB58D-2241-83F0-41E4-9FE745565492    timestamp = 0    timeToLive = 0    body =     [      280    ]    hdr(DSId) = nil
  And when the service fails the AMF request packet looks like this:
  ServiceRequest: getMemberFromEvent; RemoteService; getMemberFromEvent
  (mx.messaging.messages::RemotingMessage)#0
    body = (Array)#1
      [0] 250
    clientId = "1AA4FAAB-AEA5-8109-4B0D-000002B3A9A1"
    destination = "MembereventService"
    headers = (Object)#2
      DSEndpoint = (null)
      DSId = "nil"
    messageId = "2F92E6C0-FE92-A09B-B150-9FE2F28D9738"
    operation = "getMemberFromEvent"
    source = "MembereventService"
    timestamp = 0
    timeToLive = 0
  Also, following is the error message on Flex when the service fails:
  {Fault code=Channel.Call.Failed, Fault string=error, Fault detail=NetConnection.Call.Failed: HTTP: Failed, Destination=MembereventService}
  We are using Swiz as the micro-architecture for Flex development and Zend AMF for remoting between Flex and PHP.
  Any ideas what is wrong here, what is causing Flex to send different request packets for the same service & what I can do to fix it?

  Hi, I know that your post is almost 5 years ago, but have you found the solution to this issue?
  Thanks.

• CSM RST issues after SYN packet

  Environment:
  A couple of CSMs in a campus manage costumer's WAP browsing service. A VIP virtualizes WAP1 and WAP2 service on different tcp, udp port and CSM balances it to WAP gateway proxies.
  WAP gateway's proxies initiate new connection to internet passing through CSM.
  HTTP sessions are intercepted and balanced to transparent proxies to provide enrichment.
  NAT is implemented for all traffic that goes out to CSM.
  Other flows are managed by this CSM but they aren't involved in the reset issues.
  Behavior:
  Costumer sets up connection with his WAP gateway. WAP gateway initiates connection to internet properly and flow is properly balanced to transparent proxies.
  Transparent proxy also initiates new connection to internet.
  Sometime CSM sends RST to transparent proxies and they send to all other elements a 502 bad gateway error.
  RST packet is sent in two different cases.
  1. RST after a few SYN packets, 30 second between first and last SYN.
  2. RST immediately after the first SYN packet from transparent proxies.
  My ideas:
  I putted a test WEB server on the Client VLAN of CSM to leave out other network elements or internet problems
  The second issue probably is a sell-out of some resources. Looking “LB Rjct: no cl NAT port” counter on CSM's tech-support it increases. Probably one IP of NAT isn't enough anymore.
  No ideas for the first issue.
  Do you have any idea?
  Thanks in advance.
  Roberta

  when you say, RST after a few SYN, does it mean the 3-way handshake never completes ?
  So, the server never responds with a SYN/ACK ??
  30 sec is the pending timeout on the CSM.
  That's the time we allow the tcp 3-way handshake to complete.
  You can increase this timeout with the command 'pending ' under the vserver.
  You can verify if this is a pending timeout issue w/ the command :
  sho mod csm 3 tech proc 1 | i Pending
  Gilles.

• CEF and per-packet load balancing

  We have four OC3 links across the atlantic and I was looking for a solution which would allow load balacing across the four links on a per-packet basis (not session). The objective is both resiliency i.e. being able to handle link failures transparently & balancing the load across all the links. BGP multptah looked like the ideal soultion. However, I was told that the CEF packet based load balancing is no longer supported by CISCO. Is this correct ? Is it applicable for all models ? Are there any other potential solutions?
  Appreciate a response from the experts.

  Hello Rittick,
  an MPLS pseudowire will use only one link of the 4 links based on inner MPLS label, it cannot be spread over multiple parallel links.
  The MPLS pseudowire can travel within an MPLS TE LSP that can be protected by FRR.
  per packet load balancing does not apply to your scenario.
  You need to mark traffic of the critical application with an appropriate EXP settings. The EXP bits are copied to the outer (external) label.
  On the OC-3 physical interfaces you will configure a CBWFQ scheduler providing 100 Mbps of bandwidth to traffic with specific EXP marking. This is elastic and over unused links bandwidth will be left available to other traffic.
  On the LAN interface you need to mark the EXP bits in received packets using a policy-map
  access-list 101 permit tcp host x.x.x.x host y,y,y,y
  class CLASSIFY-BACKUP
  match access-group 101
  policy-map MARKER
  class CLASSIFY-BACKUP
  set mpls exp 3
  class class-default
  set mpls exp 0
  int gex/y/z
  service-policy in MARKER
  class-map BACKUP
  match mpls exp 3
  policy-map SCHED-OC3
  class BACKUP
  bandwidth 100000
  class class-default
  fair-queue
  int posx/y/z
  service-policy out SCHED-OC3
  applied on all pos interfaces.  The MPLS pseudowire will use one link only. Different pseudowires can use different OC-3 links. Load balancing of MPLS traffic is based on internal label (the VC label of the pseudowire)
  Note:
  you should check if it is possible to mark traffic received on the incoming interface of the pseudowire otherwise you need to mark IP precedence nearer to the host.
  Hope to help
  Giuseppe

• I am a long-term user of Lightroom as a standalone product with a perpetual licence. As a retired person on limited income, it is very disappointing to me that Adobe have introduced the 'Creative Cloud' (CC) subscription service in order for me to be able

  I am a long-term user of Lightroom as a standalone product with a perpetual licence. As a retired person on limited income, it is very disappointing to me that Adobe have introduced the 'Creative Cloud' (CC) subscription service in order for me to be able to continue upgrading this excellent product. It will be for me too expensive at the minimum cost of £9 per month. The additional services that CC brings are personally of no relevance or usefulness. Adobe should be prepared to support existing users who are, like myself, non commercial, amateur photographers by giving them the simple opportunity to upgrade to Lightroom 6 as a standalone, perpetual licence product. As a member of a camera club I know my co-members who use Lightroom are equally disappointed by this move to a subscription-only service.

  john beardsworth wrote:
  John Waller wrote:
  However, Adobe will soon introduce Cloud only features into Lightroom CC for which LR6 (perpetual license) owners will have to wait until LR7 (paid upgrade).
  That is possible, John, but it is only speculation on your part. Might, not will.
  kwdaves wrote:
  There is a "Lightroom 6" upgrade available for US $79 if you have a valid license for any of the earlier versions. From what I can tell, the only difference between Lightroom 6 Full, Lightroom 6 Upgrade and LightroomCC is in the license. The download file is the same.
  Other differences - with CC you get LrMobile/LrWeb and they throw in a free copy of Photoshop too.
  Yes, but when I bought my standalone license and clicked on the "Download" button it took me to the LightroomCC page. The downloaded file is named Lightroom 6, but in the CC app the installed program is LightroomCC (2015).

• Per Packet load Balancing in Cisco Switches

  Hi Team,
  Can we enable per packet load balancing/sharing in cisco 3560 and 4948 Switches ? I can see two routes are installed in routing table for a destination prefix but for traffic to specific destination is not going across both the link. The option what i am getting  in command line is ip load-sharing per-destination but not  ip load-sharing per-packet.
  Please do let me know is there any option to do per-packet load balancing
  I have tried disabling route-cache, cef etc.. no result.
  Rgds
  Rama

  Hi Ramachandra,
  On both these platforms per packet load balancing is not surpported.  it is a feature mostly seen in routers.
  it can use the following variables for the load sharing hash  (but the per packet is never used)
  Source ip
  Dest ip
  Source tcp port
  Dest tcp port
  so you can configure flow based sharing based on above parameters on both the switches.
  The more random variables going into the hash equation the more likely of an even distribution across links.
  The src/dst ports in the equation gives us this randomization. If the same (static) variables go into the hash, the
  same link is chosen.
  Follow this link for more details:
  http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/25sg/configuration/guide/cef.html#wp1150531
  cheers,
  sandeep

• Load Balancing per packet not working properly

  Hi,
  I am attaching you the configs of issue. There are two links E1 links from
  Karac-1(Serial0/0/0:0 & 0:1) and Karac-2 with (Tunnel10) which were connected with Khask-1w
  Now the issue is that Load balancing per packet were not done sucessfully the NMS snap shot is already attached.
  Load balancin g only configured in KarAC-1 & 2
  What is the resolution of this problem traffic only use on two links but third links were not utilize.
  Kind regards,Salman Ahmed

  Hi Paolo!
  I have one doubt pertaining to per-packet load-sharing. In order to connect my two data-centres- A & B, Site A is having two WAN links and Site B is having two WAN links - one from ISP1 (30Mbps link) and the other from ISP2 (50Mbps link). I am doing static route load balancing using same AD values for both the ISPs. I have configured "ip load-sharing per-packet" on both the outgoing interfaces.
  The load is getting distributed equally across both the links but total bandwidth utilization across both the links is not going beyond 30Mbps. The combined bandwidth of both links is 80Mbps (50+30). However links are not getting fully utilized even though heavy load is there on the links. Can you please tell me how to make full use of both the wan links at both the ends? OR Can you tell me how I can distribute the traffic across both the links with full utilization without using per-packet load sharing. Moreover, my links can be configured statically only at both the ends.

• Packet per packet load sharing

  hi, my question:
  i have two routers which are connected over two links (same type, same speed).
  now i want to change from per destination to per packet load-sharing.
  i know there is the command "ip load-shar per packet" but my question:
  must i use this command on all 4 interfaces (2 interfaces - two router),
  or must i only configure this on one interface per router ??
  thanks for answer !

  hi there. I have one doubt pertaining to per-packet load-sharing. In order to connect my two remote sites- A & B, Site A is having two WAN links and Site B is having two WAN links - one from ISP1 (30Mbps link) and the other from ISP2 (50Mbps link). I am doing static route load balancing using same AD values for both the ISPs. I have configured "ip load-sharing per-packet" on both the outgoing interfaces.
  The load is getting distributed equally across both the links but total bandwidth utilization across both the links is not going beyond 30Mbps. The combined bandwidth of both links is 80Mbps (50+30). However links are not getting fully utilized even though heavy load is there on the links. Can you please tell me how to make full use of both the wan links at both the ends?

• Cat3560 ip load-sharing per-packet

  What IOS for the cat3560 have on interface configuration mode command:
  ip load-sharing per-packet ?
  On my cat3560 with IOS c3560-ipservicesk9-mz.12.2-25.SEB4.bin
  I have only:
  Switch_A(config-if)#ip load-sharing ?
  per-destination Deterministic distribution
  <cr>
  Thanks in advance.

  none, the platform does not support per packet load-sharing at all. Same with higher end catalyst switches.
  Please rate helpful posts.

• Being charged £12.00 per month for BT Sport when I...

  Hello,
  I have previously sent this to a support email address but have received no response.
  I want to sign up to BT TV and get a Youview box, but when checking my account, I saw that I am getting changed £12.00 per month for BT Sport. This is a service which I do not even use, I signed up to it as a customer service advisor on the telephone advised that it was free to me as I am an Infinity broadband customer.
  I need this resolved, I am perfectly happy with the phone and broadband service we receive from you and I am excited to get BT TV, but I really am disappointed about this (it will explain why the budget kept going AWOL!) This appears to have been happening since November 2013, with some obscure charges of around £7.00 in other months. I want this service cancelled and I would really appreciate the charges for this service reimbursed.
  Kind regards,
  Craig
  Solved!
  Go to Solution.

  I think you will find that the charge is for YouView content provided by BT.
  I have asked a moderator to provide assistance, they will post an invite on this thread.
  While you are waiting
  If you would like to try Live Chat they may be able to help you.
  They are the only BT employees on this forum, and are a UK based team of people, who take personal ownership of your problem.
  Once you get a reply, make sure that you are logged into the forum, then click on their name, you will see a screen like this. Click on the link as shown below.
  Please do not send them a personal message, as they may not be on duty for a long time, and your message will not be tracked properly.
  For your own security, do not post any personal details, on this forum. That includes any tracking number you are give.
  They will respond either by phone or e-mail within 5-6 working days.
  Please use the tracked e-mail, to reply, not via the forum. Thanks
  This is the form you should see when you click on the link. If you do not see this form, then you have selected the wrong link.
  When you submit the form, you will receive an enquiry number, so please keep a note of it
  There are some useful help pages here, for BT Broadband customers only, on my personal website.
  BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.

• Look for: components used for Service Brokerage (CSB) for mobile networks

  I am looking for developers/company offering components used for Central Service Brokerage (CSB) for mobile networks. It aims to store consumer profiles and directs service requests (shopping, travel & meeting services, hospitality and insurance) from mobile consumers to connected retailers and appointed service providers.
  I would be higly interested in almost ready to use components/architecture which can be used in new service/start-up situation.

  Hey Anthony,
  Yes, a lot to read, thanks for reading though!
  For the External Web Services, since I have it set to fe-pool.domain.local right now, I figure this is as simple as flipping it to fe-pool.domain.com within Topology Builder | Enterprise Edition Front End Pools | Edit properties | Web services?
  After which, I assume I will need to create a new host A record for fe-pool.domain.com, pointing to the Pub IP 1.2.3.4 I have set up to forward directly onto my FE Server of 18.20? I am a bit of confused as to how this external web service is contacted,
  does the mobile app use lyncdiscover.domain.com to find this information? In other words, does the lyncdiscover allow the mobile app to get inside the topology, the topology reports to the mobile app that "Hey, fe-pool.domain.com is going to be your External
  web service as defined in the topology" ? If its just that easy this should be a quick change.
  As for your next question, on the F5 level I'm pretty certain it is just set to take any packets coming in from pub IP 1.2.3.4 : 80 or 8080, or 443, or 4443, to allow it to go to that FE server IP on any of those ports. I don't believe it is actually taking
  a 443 packet, and converting it into a 4443 destination. Also note, I am forcing lyncdiscover to use port 80, instead of 443 because I am unable to get a new pub cert with the lyncdiscover SAN.
  As for the domain user, it is simply just my single user and I am flipping the SIP domain in the control panel within the user properties. domain.com and domain.local are both configured SIP domains in my topology, however i have domain.com as the default.

• I have to pay per month for using airport express?

  I have to pay per month for using airport express?

  You would need to investigate which Internet Service Providers (ISPs) are available in your area. You can then contact them about pricing for their services. Typically, you pay more for faster Internet upload/download speeds.
  Most ISPs will provide you with a modem and get the service established at your home. From there, you would connect the AirPort Express to this modem to provide a wireless network.

• Why can I get unlimited Verizon Service at Walmart for $45 but not here?

  I'm wondering if anyone knows why I can go down to Walmart and get a Verizon phone with unlimited internet, text and calling for $45 a month but when I go into a Verizon store I have to pay minimum $103 per month for a smaller service plan and then I also have to sign a ridiculous 2 year service agreement. Does anyone know why this is or should I ask the FTC? Please don't say it's because they give me a $600 phone for $100 because I just paid full price for an iPhone 5s.

  Chipster - My grandpa has a Trac-fone; it's a (removed)!  He can never figure out how to add minutes, which aren't cheap.  Texts are deducted as minutes.  He forgets to renew them, as they expire frequently if you don't buy a year's worth at one time.  He has to get one of his kids to add his minutes for him; or, he wastes 3 hours going to Wal*Mart to have them do it!  Tracfone, does however, send plenty of texts reminding you when your minutes expire; and, usage expiration does show up on the face of the phone.  But, unless you're willing to put up with the hassle and expense, they do have a nice LG model.  Depending on where you buy it (like HSN.com), you can get double minutes for life.  Frankly, grandma and I like the paperless Verizon plan (she doesn't text), whereby the bill is the same, every month, and is paid for automatically; no muss - no fuss!
  Comment edited as required by the Terms of Service.
  Message was edited by: Admin Moderator