CSS 11155 drops fragmented packets.
My CSS 11155 WebNS 6.10 drops fragmented packets to VIP configured on a layer 4 rule.
I have seen plenty on how to handle this with WebNS 7 but is there a way to handle this on version 6?
Regards,
Paul.
I have found the link for troubleshooting the CSS 11155 hardware, please have a look at it.
http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_installation_guide_chapter09186a00801760b3.html#wp1031725
Similar Messages
-
Hi ,
Today i face strange error i cant find solution. If anyone knows please help.
3/1/2013 6:30:43 PM x.x.x.x Error EFWLC01: *apfMsConnTask_0: spam_lrad.c:18962 LWAPP header parsing failed, dropping the packet
3/1/2013 6:30:42 PM x.x.x.x Error EFWLC01: *spamReceiveTask: spam_lrad.c:18962 LWAPP header parsing failed, dropping the packet
3/1/2013 6:30:42 PM x.x.x.x Error EFWLC01: *spamReceiveTask: spam_lrad.c:19081 Received invalid UDP port (5247) in the packet from AP 70:81:05:af:bb:e0, dropping the packet
Where as this 70:81:05:af:bb:e0 mac is of ap-manager Interface
During Error Message some clients were facing outage. But now error is not recieved again. I want to know root cause of this error message which i canot find on cisco website.
WLC Controller Model is AIR-WLC2106
Software Version 7.0.235.0
Up Time 199 days, 11 hours, 2 minutes
JawadUDP 5247 is the CAPWAP/LWAPP control protocol. The protocol packets obviously must have been corrupted and that is why the Controller could not interprete messages from the AP. The only resolution is to either use the Cisco bug toolkit and search if it is a bug perculiar to 2106 WLC or you open a TAC support case.
I would suggest that you hold off till the error occurs again. If it does, swap the AP and if it continues, open a TAC case.
Cheers -
Is it possible to use the scripting facility on the css 11155 to automate tasks such as activating and suspending content rules?
ThanksGilles,
Here is one example:
!The purpose of this script is to check the status of two services and if they are
!both down suspend the content rule. The script will also activate content rule
!if any of the services comes back up.
!no echo
set count "0"
sho service server-g | grep Alive
if STATUS "NEQ" "1"
modify count "++"
endbranch
sho service server-h | grep Alive
if STATUS "NEQ" "1"
modify count "++"
endbranch
if count "==" "2"
configure
owner test
content l3
suspend
exit
exit
endbranch
if count "NEQ" "2"
configure
owner test
content l3
act
exit
exit
endbranch
exit
end
I will post another example shortly
Pete.. -
Fragmenting packets over Ethernet to improve voice quality
Setup:
1750--Ethernet---Satellite Receiver---128K Sat Link---Sat. Recvr--Ether---1750
Question:
Since the Satellite Link is only 128K there will be a problem of Serialization Delay. Is there a way to fragment packets and Interleave over ethernet ? The same way it is done over Frame Relay or MLPPP.
In this setup how does one lower down "Serialization Delay" ?rocampo,
With a Satellite link, most the latency will be travel time and not serialization delay. I would expect VoIP quality to be an issue, since the users will have to tolerate long delays and have to wait to make sure the person on the other end has actually finished speaking before starting to speak. VoIP packets are generally small enough that they are already at or near Ethernet minimum packet size of 64 KBytes, so they are not fragmented on Ethernet. However, you may want to look into the QOS / COS capabilities of your LAN switches. But the real issue for you will be the large amount of latency across the satellite link. Be sure to use QOS on the satellite link, to send along VoIP packets on a preferred basis over other less time sensitive traffic. And you may want to see if you can use RTP header compression on the Satellite link to shrink the size of VoIP frames.
Regards,
Rob Bristow
AT&T Solutions
CCIE #3335 -
I have a cisco 7200 router and we are using it as a PPPoE server
We use POD
aaa authentication ppp default group radius
aaa authorization network default group radius
aaa accounting update periodic 1
aaa accounting network default start-stop group radius
aaa pod server auth-type any ignore server-key
aaa session-id common
but when i used "debug aaa pod" it showed
that POD is not working
*Jul 14 08:04:16.752: POD: a.b.c.27 server not enabled. Dropping POD packet
and the IOS that we are using is
c7200-spservicesk9-mz.124-11.T1.bin
Can anybody help me about this problemHi,
Can you add the following commands and retest:
aaa server radius dynamic-author
client
server-key cisco
auth-type any
ignore session-key
ignore server-key
aaa pod server auth-type any server-key cisco !
Hope this helps,
Soumya -
Firewall causing playstation 3 fragmented packets blocked!
Just wanted to post this as info to other RV220w users that have a playstation 3. By default a setting is on in the firewall that blocks fragmented packets.. With this setting on even if the ps3 is in the dmz some games wont work and if you test the ps3 connection it will tell you that either your router or service provider doesn't allow fragmented packets. Its under Firewall > Attack Prevention > check box "block fragmented packets".
the error from testing connection on ps3 is
The router in use may not support IP fragments, and the communication features of some games may be restricted.[email protected] wrote:
> I am using Netware 6.5 sp1a and bm 3.8 sp1a.
>
> I recently deleted some unneeded packet filter exceptions using
> iManager. When my server was restarted over the weekend the firewall is
> not allowing packets in the exception list to pass through.
> I get a message on the logger screen that states:
> "nbm filewall failed to read configuration from ds"
> What is actuall happening is all traffic is blocked as the exceptions do
> not seem to be working.
>
> I have checked ds and all looks healthy.
>
> Any ideas. I have been forced to disable filters on the public interface
> until I can fix the problem.
>
> Thanks,
>
Sorry but this is the wrong forum. You need to go to
novell.support.bordermanager.packet-filtering. This forum is for the
Novell Client Firewall that comes with BM 3.8
Brad -
Default class map is dropping all Packets
Hello I have a Cisco 871 router that used to have Access list based security. now I am trying the ZBFW for the first time. I thought I had a pretty good program until I found all my traffic was getting dropped. This is my first stab at ZBFWs and I am a bit confused esp with the default class part. Any help is greatly appreciated!!!!
The router is for my house and thus also has to have priority for gaming. I will add the gaming and voice QOS once I get it working,
Guest VLAN has access to 2 IP's in Data for printing.
Cisco871#sh run
Building configuration...
Current configuration : 8005 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service sequence-numbers
hostname Cisco871
boot-start-marker
boot-end-marker
logging buffered 4096
no logging console
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
clock summer-time PST recurring
crypto pki trustpoint TP-self-signed-4004039535
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4004039535
revocation-check none
rsakeypair TP-self-signed-4004039535
crypto pki certificate chain TP-self-signed-4004039535
certificate self-signed 01
3082024C 308201B5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34303034 30333935 3335301E 170D3038 30323037 30373532
32375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 30303430
33393533 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100CEC2 7B89C73F AB4860EE 729C3B64 82139630 239A2301 8EA8B4C4 05505E25
B0F24E7F 26ECEC53 3E266E80 F3104F61 BDDC5592 40E12537 2262D272 08D38F8E
147F5059 7F632F5E 635B9CDF 652FFE82 C2F45C60 5F619AF0 72E640E0 E69EA9EF
41C6B06C DD8ACF4B 0A1A33CF AF3C6BFB 73AD6BE0 BD84DD7F 435BD943 0A22E0E5
F4130203 010001A3 74307230 0F060355 1D130101 FF040530 030101FF 301F0603
551D1104 18301682 144C7570 696E2E44 61627567 61626F6F 732E6F72 67301F06
03551D23 04183016 801473C6 E0784818 29A89377 23A22F5E BDD430CE E282301D
0603551D 0E041604 1473C6E0 78481829 A8937723 A22F5EBD D430CEE2 82300D06
092A8648 86F70D01 01040500 03818100 299AD241 442F976F 4F030B33 C477B069
D356C518 8132E61B 1220F999 A30A4E0C D337DCE5 C408E3BC 0439BB66 543CF585
8B26AA77 91FA510B 14796239 F272A306 C942490C A44336E0 A9430B81 9FC62524
E55017FA 5C5463D7 B3492753 42315BEC 32B78F24 D10B0CA7 D1844CD5 C3E466B9
3543BD68 A4B2692D 05CBF6DC C93C8142
quit
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.0.0.1 10.0.0.5
ip dhcp excluded-address 172.16.15.1 172.16.15.5
ip dhcp excluded-address 172.16.15.14
ip dhcp excluded-address 172.16.17.1 172.16.17.5
ip dhcp excluded-address 192.168.19.1 192.168.19.5
ip dhcp pool MyNetNative
import all
network 10.0.0.0 255.255.255.248
default-router 10.0.0.1
domain-name MyNetNet.org
dns-server 4.2.2.1 4.2.2.6 8.8.8.8 208.67.220.220
lease 0 2
ip dhcp pool MyNetData
import all
network 172.16.15.0 255.255.255.240
dns-server 172.16.15.14 4.2.2.1 4.2.2.6 8.8.8.8 208.67.220.220
default-router 172.16.15.1
domain-name MyDomain.org
ip dhcp pool MyNetVoice
import all
network 172.16.17.0 255.255.255.240
dns-server 172.16.15.14
default-router 172.16.17.1
domain-name MyDomain.org
ip dhcp pool MyNetGuest
import all
network 192.168.19.0 255.255.255.240
default-router 192.168.19.1
domain-name MyNetGuest.org
dns-server 4.2.2.1 4.2.2.6 8.8.8.8 208.67.220.220
ip domain name MyDomain.org
ip name-server 172.16.15.14
ip name-server 4.2.2.4
ip inspect log drop-pkt
multilink bundle-name authenticated
parameter-map type inspect TCP_PARAM
parameter-map type inspect global
username MyAdmin privilege 15 secret 5 MyPassword
archive
log config
hidekeys
class-map type inspect match-all MyNetGuest-access-list
match access-group 110
class-map type inspect match-any Base-protocols
match protocol http
match protocol https
match protocol ftp
match protocol ssh
match protocol dns
match protocol ntp
match protocol ica
match protocol pptp
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-all MyNetGuest-Class
match class-map MyNetGuest-access-list
match class-map Base-protocols
class-map type inspect match-all MyNetNet-access-list
match access-group 100
class-map type inspect match-any Voice-protocols
match protocol h323
match protocol skinny
match protocol sip
class-map type inspect match-any Extended-protocols
match protocol pop3
match protocol pop3s
match protocol imap
match protocol imaps
match protocol smtp
class-map type inspect match-all MyNetNet-Class
match class-map MyNetNet-access-list
match class-map Voice-protocols
match class-map Extended-protocols
match class-map Base-protocols
policy-map type inspect MyNetNet-zone_to_MyNetWAN-zone_policy
class type inspect MyNetNet-Class
inspect
class class-default
policy-map type inspect MyNetNet-zone_to_MyNetGuest-zone_policy
class type inspect MyNetNet-Class
inspect
class class-default
policy-map type inspect MyNetGuest-zone_to_MyNetNet-zone_policy
class type inspect MyNetGuest-access-list
inspect
class class-default
policy-map type inspect MyNetGuest-zone_to_MyNetWAN-zone_policy
class type inspect MyNetGuest-Class
inspect
class class-default
policy-map type inspect MyNetNet-zone
class class-default
pass
zone security MyNetNet-zone
zone security MyNetGuest-zone
zone security MyNetWAN-zone
zone-pair security MyNetNet->MyNetGuest source MyNetNet-zone destination MyNetGuest-zone
service-policy type inspect MyNetNet-zone_to_MyNetGuest-zone_policy
zone-pair security MyNetNet->MyNetWAN source MyNetNet-zone destination MyNetWAN-zone
service-policy type inspect MyNetNet-zone_to_MyNetWAN-zone_policy
zone-pair security MyNetGuest->MyNetWAN source MyNetGuest-zone destination MyNetWAN-zone
service-policy type inspect MyNetGuest-zone_to_MyNetWAN-zone_policy
zone-pair security MyNetGuest->MyNetNet source MyNetGuest-zone destination MyNetNet-zone
service-policy type inspect MyNetGuest-zone_to_MyNetNet-zone_policy
interface FastEthernet0
description Cisco-2849-Switch
switchport mode trunk
speed 100
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
description SBS-Server
switchport access vlan 10
spanning-tree portfast
interface FastEthernet4
description WAN
no ip address
ip mtu 1492
ip nat outside
ip virtual-reassembly
zone-member security MyNetWAN-zone
ip tcp adjust-mss 1452
duplex auto
speed auto
no cdp enable
interface Vlan1
description MyNetNative
ip address 10.0.0.1 255.255.255.248
ip nat inside
ip virtual-reassembly
zone-member security MyNetNet-zone
ip tcp adjust-mss 1452
interface Vlan10
description MyNetData
ip address 172.16.15.1 255.255.255.240
ip nat inside
ip virtual-reassembly
zone-member security MyNetNet-zone
interface Vlan20
description MyNetVoice
ip address 172.16.17.1 255.255.255.240
ip nat inside
ip virtual-reassembly
zone-member security MyNetNet-zone
interface Vlan69
description MyNetGuest
ip address 192.168.19.1 255.255.255.240
ip nat inside
ip virtual-reassembly
zone-member security MyNetGuest-zone
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
access-list 100 remark MyNetnet
access-list 100 permit ip 10.0.0.0 0.0.0.7 any
access-list 100 permit ip 172.16.15.0 0.0.0.31 any
access-list 100 permit ip 172.16.17.0 0.0.0.15 any
access-list 110 remark MyNetGuest
access-list 110 permit ip 192.168.19.0 0.0.0.15 host 172.16.15.2
access-list 110 permit ip 192.168.19.0 0.0.0.15 host 172.16.15.3
access-list 110 deny ip 192.168.19.0 0.0.0.15 10.0.0.0 0.0.0.7
access-list 110 deny ip 192.168.19.0 0.0.0.15 172.16.15.0 0.0.0.31
access-list 110 deny ip 192.168.19.0 0.0.0.15 172.16.17.0 0.0.0.15
access-list 110 permit ip 192.168.19.0 0.0.0.15 any
control-plane
banner login ^CC
You know if you should be here or not.
if not please leave
NOW
^C
line con 0
no modem enable
line aux 0
line vty 0 4
privilege level 15
transport input telnet ssh
scheduler max-task-time 5000
ntp server 172.16.15.14
webvpn cef
end
Cisco871#sh zone security
zone self
Description: System defined zone
zone MyNetNet-zone
Member Interfaces:
Vlan1
Vlan10
Vlan20
zone MyNetGuest-zone
Member Interfaces:
Vlan69
zone MyNetWAN-zone
Member Interfaces:
FastEthernet4
Cisco871#sh zone-pair security
Zone-pair name MyNetNet->MyNetGuest
Source-Zone MyNetNet-zone Destination-Zone MyNetGuest-zone
service-policy MyNetNet-zone_to_MyNetGuest-zone_policy
Zone-pair name MyNetNet->MyNetWAN
Source-Zone MyNetNet-zone Destination-Zone MyNetWAN-zone
service-policy MyNetNet-zone_to_MyNetWAN-zone_policy
Zone-pair name MyNetGuest->MyNetWAN
Source-Zone MyNetGuest-zone Destination-Zone MyNetWAN-zone
service-policy MyNetGuest-zone_to_MyNetWAN-zone_policy
Zone-pair name MyNetGuest->MyNetNet
Source-Zone MyNetGuest-zone Destination-Zone MyNetNet-zone
service-policy MyNetGuest-zone_to_MyNetNet-zone_policy
Cisco871#sh int faste4
FastEthernet4 is up, line protocol is up
Hardware is PQUICC_FEC, address is 0016.9d29.a667 (bia 0016.9d29.a667)
Description: WAN
Internet address is 10.38.177.98/25
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:34:50, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 3 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
593096 packets input, 73090812 bytes
Received 592752 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
9940 packets output, 1016025 bytes, 0 underruns
0 output errors, 0 collisions, 3 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Zone-pair: MyNetNet->MyNetWAN
Service-policy inspect : MyNetNet-zone_to_MyNetWAN-zone_policy
Class-map: MyNetNet-Class (match-all)
Match: class-map match-all MyNetNet-access-list
Match: access-group 100
Match: class-map match-any Voice-protocols
Match: protocol h323
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol skinny
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol sip
0 packets, 0 bytes
30 second rate 0 bps
Match: class-map match-any Extended-protocols
Match: protocol pop3
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol pop3s
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol imap
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol imaps
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol smtp
0 packets, 0 bytes
30 second rate 0 bps
Match: class-map match-any Base-protocols
Match: protocol http
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol https
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol ftp
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol ssh
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol dns
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol ntp
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol ica
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol pptp
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol icmp
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol tcp
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol udp
0 packets, 0 bytes
30 second rate 0 bps
Inspect
Session creations since subsystem startup or last reset 0
Current session counts (estab/half-open/terminating) [0:0:0]
Maxever session counts (estab/half-open/terminating) [0:0:0]
Last session created never
Last statistic reset never
Last session creation rate 0
Maxever session creation rate 0
Last half-open session total 0
Class-map: class-default (match-any)
Match: any
Drop (default action)
5196 packets, 256211 bytes
Cisco871#sh log
Syslog logging: enabled (1 messages dropped, 0 messages rate-limited,
0 flushes, 0 overruns, xml disabled, filtering disabled)
No Active Message Discriminator.
No Inactive Message Discriminator.
Console logging: disabled
Monitor logging: level debugging, 0 messages logged, xml disabled,
filtering disabled
Buffer logging: level debugging, 1745 messages logged, xml disabled,
filtering disabled
Logging Exception size (4096 bytes)
Count and timestamp logging messages: disabled
Persistent logging: disabled
No active filter modules.
ESM: 0 messages dropped
Trap logging: level informational, 1785 message lines logged
Log Buffer (4096 bytes):
001779: *Feb 15 11:00:55.979: %FW-6-DROP_UDP_PKT: Dropping Other pkt 172.16.15.6:61806 => 168.94.0.1:53 with ip ident 511 due to policy match failure
001780: *Feb 15 11:00:59.739: %FW-6-DROP_TCP_PKT: Dropping Other pkt 172.16.15.6:4399 => 168.94.69.30:443 due to policy match failure -- ip ident 515 tcpflags 0x7002 seq.no 974122240 ack 0
001781: *Feb 15 11:01:26.507: %FW-6-DROP_UDP_PKT: Dropping Other pkt 172.16.15.6:51991 => 168.94.0.1:53 with ip ident 625 due to policy match failure
001783: *Feb 15 11:01:57.891: %FW-6-DROP_UDP_PKT: Dropping Other pkt 172.16.15.6:64470 => 168.94.0.1:53 with ip ident 677 due to policy match failureHello Charlie,
I would recomend you to investigate a little bit more about how the ZBFW features works
Now I am going to help you on this one at least, then I will give you a few links you could use to study
We are going to study traffic from MyNetNet-zone to the MyNetWan-zone
First the zone-pair
zone-pair security MyNetNet->MyNetWAN source MyNetNet-zone destination MyNetWAN-zone
service-policy type inspect MyNetNet-zone_to_MyNetWAN-zone_policy
so lets go policy-map
policy-map type inspect MyNetNet-zone_to_MyNetWAN-zone_policy
class type inspect MyNetNet-Class
inspect
class class-default
Finally to the class map
class-map type inspect match-all MyNetNet-Class
match class-map MyNetNet-access-list
match class-map Voice-protocols
match class-map Extended-protocols
match class-map Base-protocols
That keyword MATCH-ALL is the one causing the issues!!
Why?
Because you are telling the ZBFW to inspect traffic only if matches all of those class-maps so a packet will need to math the base protocols and the extended protocol and as you know that is not possible ( Just one protocol )
So here are the links
http://blogg.kvistofta.nu/cisco-ios-zone-based-policy-firewall/
https://supportforums.cisco.com/thread/2138873
http://pktmaniac.info/2011/08/zone-based-firewalls-something-to-keep-in-mind/
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00808bc994.shtml
You have some work to do
Please remember to rate all the helpful posts
Julio
CCSP -
CSS with page fragments does not seem to work
Hi,
I am using creator 2 update 1 and I have some problems setting styleClass to a page fragment, I read some older posts about this issue but I couldn't find a solution for this.
I have a navigation fragment that holds simple hyperlinks inside.
I want to give all the hyperlinks the same background-image so I create a new entry in the default resources/stylesheet.css of my project and try to set it to each hyperlink in its styleless entry in its properties.
1. first you can't choose a styleClass for the fragment when clicking on (...) - it does not show any style class
2. when I just set it by hand to the property , the creator does not have an effect on the hyperlinks (their style is not changed) , if I put for each hyperlink in its "Inline" style (property style) all the values that defined in the styleClass I want to use then the results are fine but this mean I need to take care of the style for each hyperlink alone and not use the styleClass ...
Any ideas?
thanks.OK, I found what the problem was: the URL to the background-image was wrong, only when I picked the image through the css editor it got the correct URL to the image and displayed it in all the hyperlinks
-
Catalyst 3524 - Capturing fragmented packets
Greetings,
I have run into an interesting issue with a trunked connection to my ASA.
Scenario: ASA-5510 connected to a Catalyst 3524 switch via a dot1q trunk. There are approximately 12 vlans configured and passing traffic.
The ASA interface shows no errors; the Catalyst switch is incrementing runts fairly rapidly.
From what I have read this typically is a cabling or hardware issue. We changed ports and cables on the Catalyst switch to rule out that side. Both ASA and Switch are set to Full Duplex/ Speed 100.
From a troubleshooting perspective, I am limited on my packet captures due to the switch and/or my NIC hardware discarding 'bad' packets. I don't have access to a hardware packet capturing device or a NIC with that capability.
To anyone's knowledge, is there a way to capture the packets being dropped at the switch port? I have a port monitor set up and have disabled "checksum offloading" on my NIC; so far that is the best I have come up with.
It looks like the switch will increment the runts counter, but not log any of that info.
I am eliminating any other port issues I see on the switch, but that hasn't made a difference so far.
My apologies for the long post, but I do appreciate your patience and expertise!
Thanks for your time!Thanks for the info - I will be able to use that for future troubleshooting!
I have resolved the incrementing runts issue with an IOS upgrade on the switch (to current level for the Cat 3524).
After the upgrade, the counters no longer increment. I was hoping this would be the case; we were just waiting for a maintenance window to complete the upgrade.
Thanks again! -
Drop multicast packets at layer 2 or 3 ??
In one of packet tracer activity in the book "network fundamentals", it said that devices that are not configured to receive multicast traffic will drop packet at Layer 3. However, in the book "routing protocols and concepts", it said differently. It said " In addition, multicasting updates require less processing by devices that are not RIP enabled. Under RIPv2, any device that is not configured for RIP will discard the frame at the data link layer " (it means Layer 2).
Can anyone help me to explain this? Thank you very much.Hi,
I would keep the TOR switches (3000) as layer-2 only. Create the SVIs for all your vlans on the 9396 and do the inter-vlan there. This keep your design pretty simple.
HTH -
CSS Style drop down menu (contribute 3.11)
Hi,
I am having a problem viewing any styles in the styles drop
down menu at the top of my page when editing.
I am the administrator of the site and I set up the options
like this:
Administrator settings > Styles and fonts >
Document level CSS (pull down)
First 3 checkboxes checked, and show only CSS styles included
in this CSS file (browsed and selected a css file with a single
style).
Checked the remainding 3 checkboxes
No matter what I do I have not been successful in ever seeing
a style of my own within this list.
I have tried...
1) Not using a secure site
2) Allowing a different user on a different PC to attempt to
create a new page
3) Locating the stylesheet in many different locations
4) Hardcoding the styles into the template
5) Show all styles (which wouldn't work anyway since the
pages are PHP based)
6) Banging head violently against wall.
I should mention that I am using a PHP based template which
works fine apart from this styles drop down menu.
Please please please help (asap)!
Thanks,
Dan.dotcom012 wrote:
> I have a web site that uses a javascript and a style
script to
> control some drop down menus at the top, each page has
to have this
> in the <head> area. Is there a way to make say a
CSS so that i can
> say update that one page if say a link needs to be
changed or added
> so i don't have to go to each of the 120 pages to change
the menu! So
> far right now, i have to go to each page, go into the
javascript code
> and update the link or whatever. Is there an easier way?
You may want to read this article, it shows how to use
external files (CSS,
SS-Includes, JS, etc):
http://www.tjkdesign.com/articles/maintenance.asp
HTH,
Thierry
Articles and Tutorials:
http://www.TJKDesign.com/go/?0
The perfect FAQ page:
http://www.TJKDesign.com/go/?9
CSS-P Templates:
http://www.TJKDesign.com/go/?1
CSS Tab Menu:
http://www.TJKDesign.com/go/?3 -
CSS Menu drop down part not working for ie8 and flashing shut on iPhone 5 browser
My CSS drop down menu will not show up in ie8 and flashes then shuts on iPhone 5 browsers (responsive design)..using code from a themeforest template. I am using CSS (HTML only) in the BC menu system. without further adieu here is the code.
HTML (I removed the BC javascript)______________________
<div id="navigation">
<ul>
<li><a href="/index.htm">Home</a></li>
<li><a href="/about">About</a>
<ul>
<li><a href="/leadership">Leadership</a></li>
<li><a href="/giving">Giving</a></li>
<li><a href="/careers">Careers</a></li>
<li><a href="/contact">Contact</a></li>
</ul>
</li>
</ul>
</div>
CSS______________________
#navigation {
float: right;
#navigation ul, #navigation li {
list-style:none;
padding:0;
margin:0;
display:inline;
#navigation ul li{
float:left;
position:relative;
#navigation ul li a {
font-family: Arial, sans-serif;
display: inline-block;
color: #888;
padding: 40px 6px 10px 6px;
margin: 0 5px;
text-decoration: none;
font-size: 14px;
border-bottom: 3px solid transparent;
#navigation ul li a:hover{
border-bottom: 3px solid #555;
#navigation ul ul {
opacity: 0;
margin: -3px 0 0 5px;
filter: alpha(opacity=0);
position: absolute;
top:-99999px;
left: 0;
background: #fff;
border: 1px solid #dddddd;
border-top: 3px solid #555;
z-index: 999;
#navigation ul ul li a:hover {
border-bottom: 1px solid #ddd;
#navigation ul ul li a {
padding: 8px 0;
display: block;
width: 130px;
margin: 0 16px;
font-family: Arial, sans-serif;
font-weight: normal;
font-size: 12px;
border-bottom: 1px solid #dddddd;
border-top: 1px solid transparent;
#navigation ul ul ul {
position:absolute;
top:-99999px;
left:100%;
opacity: 0;
margin: -3px 0 0 0;
z-index: 999;
#navigation ul ul ul li a {
border-bottom: 1px solid #dddddd !important;
border-top: 1px solid transparent;
#navigation ul ul li:last-child a, #navigation ul ul li:last-child a:hover {
border-bottom: 1px solid transparent
#navigation ul ul ul li:last-child a {
border-bottom: 1px solid transparent !important
#navigation ul li:hover>ul{
opacity: 1;
position:absolute;
top:99%;
left:0;
#navigation ul ul li:hover>ul{
position:absolute;
top:0; left:100%;
opacity: 1;
z-index:497;
background: #fff border: 0;
#navigation ul li:hover > a {
color: #444;
#navigation ul ul li:hover > a {
border-top: 1px solid transparent;
color: #444;
#current {
font-weight: bold !important;
color: #444 !important;
border-bottom: 3px solid #555 !important;Well to show the menu it runs off opacity, Opacity is not cross browser and IE8 as you noticed will not work with it.
This menu method of a CSS menu is also not mobile friendly.
You will need the MS filters to work in older IE's
http://css-tricks.com/snippets/css/cross-browser-opacity/ -
6500 with SLB blade dropped the packets from HA device.
A weird behavior observed in 6500 with SLB blade. the topology is as below:
client--HA---6500 with SLB----server farm
The first Syn packet reached the 6500 with client MAC address as source MAC and can be forwarded to the server correctly. But due to HA vendor special behavior, the second Syn packet's source MAC is rewritten to HA device MAC address and this Syn is dropped by the 6500.
Is this a special feature for 6500? And is it possible to change this behavior?
Thanks in advance.Thanks for your reply.
1, HA device is from other vendor. It works as transparent mode and the session will be processed by 2 blades in the round-robin schedule.
The first SYN is processed by the master and reach the 6500 with client MAC as the source MAC. the second SYN is processed by the slave and the source MAC is rewritten to the slave's interface mac. This SYN packet is dropped by either 6500 or CSM, not quite sure.
2, The image on the 6500 is as below:
Cisco Internetwork Operating System Software
IOS (tm) s72033_rp Software (s72033_rp-PK9SV-M), Version 12.2(17d)SXB10, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Thu 11-Aug-05 14:15 by kellythw
Image text-base: 0x40020FBC, data-base: 0x41F20000
cisco WS-C6503-E (R7000) processor (revision 1.1) with 458752K/65536K bytes of memory.
Processor board ID FOX0930005J
SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache
3, which command should be used to "Capture a trace of the csm etherchannel"?
It seems that only the SYN with rewritten source MAC is dropped. The SYN with client MAC works fine.
Should you need any other information, pls let me know.
Thanks & Regards -
I'm writing an RTP de-packetizer for MPEG-4 video, but the JMF RTP implementation seems to be dropping packets. I've verified that the packets are arriving on my computer in order and on time. But some are never given to my de-packetizer. Has anyone else come across this, and if you have, have you found a solution?
ScottThere are some video and audio codecs in JMF that have this problem. 1 in every 6 packets is lost.. I guess it's not a problem but rather a bug in RTP sequencing. Packets are probably not lost... Just the RTP sequence is misplaced..
there are some existing threads that discussed this in the past. try to search. -
Cat3750-Metro-Not Pass Last Fragment Packet
Hello,
I have a cat 3750 metro on a customer, although the customer is not using any metro feature I am having a problem with passing packets grater than 4,9K, the switch is not passing the last fragment of the packet when the packet is routed, if the packet is switched no problem .
I have made an upgrade to the last (12.2.25.SEE) version and did not resolve.
Thus any one has a clue.
I will try to change the SVI to the physical interfaces (no switchport) to see if something changes?
Thanks@prabodh:
SQL> declare
2 TYPE tab_person_id is of table of number(15) index by pls_integer;
3 begin
4 null;
5 end;
6 /
TYPE tab_person_id is of table of number(15) index by pls_integer;
ERROR at line 2:
ORA-06550: line 2, column 23:
PLS-00103: Encountered the symbol "OF" when expecting one of the following:
( array limited new private range record VARRAY_ char_base
number_base decimal date_base clob_base blob_base bfile_base
table ref object fixed varying opaque sparse
The symbol "OF" was ignored.Check What you are posting.
@ qwestion: What is your Database Version? It is a implementation restriction.
Maybe you are looking for
-
Upgrading firmware on my wrt54gs v6
I have downloaded the upgrade file for my specific router, but when I try to run the file it says that it is corrupt-I am having difficulty getting my itouch to connect and was hoping this would solve the issue...can someone please help! Thanks.
-
Apache giving a Directory index forbidden by rule: /Users/me/Music/iTune
I am trying to configure Apache to display my iTunes folders so that I can download them to my Playstation 3. The Playstation 3 either gives me a network error, or a "Directory index forbidden by rule: /Users/me/Music/iTunes/" in Apache. The network
-
I am running Firefox 3.6.9 and have updated to Flashplayer 10.1 r53, but the system keeps telling me when I check for plugin updates that Flashplayer is vulnerable and a security risk??? I have contacted Adobe is that was a lot of help NOT Does anyon
-
Hi, I'm trying to send ratios from a development environment to a production environment but when they are transported keeps the original RFC destination instead of changing it to the destination environment and the cockpit send an error when tries t
-
i just bought "What makes you beautiful" by One Direction and everytime i click on it to play it it just skips right to the next song. it does the same thing on my ipod. Do i have to buy it again?