End-to-end layer-2 link with CPE administration
Dears
I am working on a scenario to monitor a CPE in a layer-2 setup. The CPE is connected with the local PE across a last mile with a single vlan from the provider. The customer has purchased layer-2 end-to-end connection from local CPE to remote CPE. Within MPLS core, I have configured x-connect between local PE and remote PE to setup layer-2 link. Within the CPEs, I am bridging both the interfaces of the the router to handover end-to-end layer-2 link to customer. I also need to manage and monitor the CPE. What I am thinking of doing is that I have two PE routers within the local POP. On primary PE router, i will extend lastmile vlan from the switch and configure x-connect to remote PE. On the backup PE router, i will extend the same lastmile vlan from the switch and configure IP address on the PE vrf enabled interface to be imported in management network. On the CPE, the interface with lastmile connection is concurrently configured with bridge and IP configuration.
I need to know if is this a standard setup of management for this type of solution and what could be the possible technical limitations/complications within this overall solution keeping in mind that it is a layer-2 end-to-end connection and what impact it can have on my core network.
Regards
Hi All,
Can someone help me in this.
Regards
Similar Messages
-
when i open an irc link with a channel name that contains "~" at the end firefox (14.0.1) opens the same channel name but with "%7E" instead of "~" at the end
http://img835.imageshack.us/img835/2856/clipboard05nq.jpgI can not open the image, but I can say something in general about the tilde.<br>
The tilde "~" is an unreserved character and therefore it can be replaced by its percent-encoded form "%7E" inside a URI without changing meaning. See<br>
http://en.wikipedia.org/wiki/Percent-encoding<br>
According to section 2.3 of RFC3986 we should prefer the unencoded form so this behavior seems to be a bit out-dated.<br> -
Subsciption and notification in segw transaction end to end scenario with example
Subscription and notification scenario using service buider in sap netweaver gateway with end to end scenario with example .
Hi,
Please go through these links
/people/prateek.shah/blog/2005/06/08/introduction-to-idoc-xi-file-scenario-and-complete-walk-through-for-starters
/people/venugopalarao.immadisetty/blog/2007/01/24/troubleshooting-file-to-idoc-scenario-in-xi
/people/ravikumar.allampallam/blog/2005/06/24/convert-any-flat-file-to-any-idoc-java-mapping
/people/pooja.pandey/blog/2005/07/27/idocs-multiple-types-collection-in-bpm
/people/sravya.talanki2/blog/2005/08/17/outbound-idocs--work-around-using-party
/people/venugopalarao.immadisetty/blog/2007/01/24/troubleshooting-file-to-idoc-scenario-in-xi
Thanks
Vikranth Khimavath -
Internal error int reply to ClientHello on ACE20 module with end-to-end SSL
Hello, world!
We have weird behaviour of our Cisco ACE20 module configured for end-to-end SSL (initiation+termination) - the module from time to time replies with SSLv3/TLSv1 alert "Fatal: internal error" message to the client right after client have sent 'ClientHello' SSL message. So sometimes SSL connection works and sometimes will be immediately closed due to this fatal error. The behaviour is very similar to the one described below:
CSCtc52085—After a client sends a ClientHello message, the SSL hand shake may fail with a fatal alert internal error sent by the ACE. This behavior is intermittent and may occur under the following conditions:
1. An SSL service is configured with the session-cache timeout command (session reuse).
2. SSL connections are aborted by the client after the client sends a ClientHello message to the service in condition 1 and before an internal resource state is changed. This behavior puts the internal resource in an improper state. This error is very timing sensitive.
3. The next connection that uses the internal resource in the improper state fails with a fatal alert internal error. That connection does not have to go to the service in condition 1 to experience this error because the internal resource is shared by all the SSL services.
Workaround: None.
But we have software version A2(3.1) and this bug must have been resolved in this release (at least it's listed in resolved caveats section of release notes).
Software
loader: Version 12.2[123]
system: Version A2(3.1) [build 3.0(0)A2(3.1)]
system image file: [LCP] disk0:c6ace-t1k9-mz.A2_3_1.bin
Again, we don't have session-cache timeout configured on the ACE.
On the ACE we have following stats:
ACE1/VC_UNIX# sh stats crypto server
SSL Server Statistics:
SSL alert CLOSE_NOTIFY rcvd: 0
SSL alert UNEXPECTED_MSG rcvd: 0
SSL alert BAD_RECORD_MAC rcvd: 0
SSL alert DECRYPTION_FAILED rcvd: 0
SSL alert RECORD_OVERFLOW rcvd: 0
SSL alert DECOMPRESSION_FAILED rcvd: 0
SSL alert HANDSHAKE_FAILED rcvd: 0
SSL alert NO_CERTIFICATE rcvd: 0
SSL alert BAD_CERTIFICATE rcvd: 0
SSL alert UNSUPPORTED_CERTIFICATE rcvd: 0
SSL alert CERTIFICATE_REVOKED rcvd: 0
SSL alert CERTIFICATE_EXPIRED rcvd: 0
SSL alert CERTIFICATE_UNKNOWN rcvd: 0
SSL alert ILLEGAL_PARAMETER rcvd: 0
SSL alert UNKNOWN_CA rcvd: 0
SSL alert ACCESS_DENIED rcvd: 0
SSL alert DECODE_ERROR rcvd: 0
SSL alert DECRYPT_ERROR rcvd: 0
SSL alert EXPORT_RESTRICTION rcvd: 0
SSL alert PROTOCOL_VERSION rcvd: 0
SSL alert INSUFFICIENT_SECURITY rcvd: 0
SSL alert INTERNAL_ERROR rcvd: 0
SSL alert USER_CANCELED rcvd: 0
SSL alert NO_RENEGOTIATION rcvd: 0
SSL alert CLOSE_NOTIFY sent: 0
SSL alert UNEXPECTED_MSG sent: 1
SSL alert BAD_RECORD_MAC sent: 0
SSL alert DECRYPTION_FAILED sent: 0
SSL alert RECORD_OVERFLOW sent: 0
SSL alert DECOMPRESSION_FAILED sent: 0
SSL alert HANDSHAKE_FAILED sent: 2
SSL alert NO_CERTIFICATE sent: 0
SSL alert BAD_CERTIFICATE sent: 0
SSL alert UNSUPPORTED_CERTIFICATE sent: 0
SSL alert CERTIFICATE_REVOKED sent: 0
SSL alert CERTIFICATE_EXPIRED sent: 0
SSL alert CERTIFICATE_UNKNOWN sent: 0
SSL alert ILLEGAL_PARAMETER sent: 0
SSL alert UNKNOWN_CA sent: 0
SSL alert ACCESS_DENIED sent: 0
SSL alert DECODE_ERROR sent: 0
SSL alert DECRYPT_ERROR sent: 0
SSL alert EXPORT_RESTRICTION sent: 0
SSL alert PROTOCOL_VERSION sent: 0
SSL alert INSUFFICIENT_SECURITY sent: 0
SSL alert INTERNAL_ERROR sent: 16
SSL alert USER_CANCELED sent: 0
SSL alert NO_RENEGOTIATION sent: 0
SSLv2 client hello received: 0
SSLv3 client hello received: 0
TLSv1 client hello received: 68
SSLv3 negotiated protocol: 0
TLSv1 negotiated protocol: 68
SSLv3 full handshakes: 0
SSLv3 resumed handshakes: 0
Cipher sslv3_rsa_rc4_128_md5: 0
Cipher sslv3_rsa_rc4_128_sha: 0
Cipher sslv3_rsa_des_cbc_sha: 0
Cipher sslv3_rsa_3des_ede_cbc_sha: 0
Cipher sslv3_rsa_exp_rc4_40_md5: 0
Cipher sslv3_rsa_exp_des40_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_md5: 0
Cipher sslv3_rsa_exp1024_des_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_sha: 0
Cipher sslv3_rsa_aes_128_cbc_sha: 0
Cipher sslv3_rsa_aes_256_cbc_sha: 0
TLSv1 full handshakes: 33
TLSv1 resumed handshakes: 0
Cipher tlsv1_rsa_rc4_128_md5: 68
Cipher tlsv1_rsa_rc4_128_sha: 0
Cipher tlsv1_rsa_des_cbc_sha: 0
Cipher tlsv1_rsa_3des_ede_cbc_sha: 0
Cipher tlsv1_rsa_exp_rc4_40_md5: 0
Cipher tlsv1_rsa_exp_des40_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_md5: 0
Cipher tlsv1_rsa_exp1024_des_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_sha: 0
Cipher tlsv1_rsa_aes_128_cbc_sha: 0
Cipher tlsv1_rsa_aes_256_cbc_sha: 0
Total SSL client authentications: 0
Failed SSL client authentications: 0
SSL authentication cache hits: 0
SSL static CRL lookups: 0
SSL best effort CRL lookups: 0
SSL CRL lookup cache hits: 0
SSL revoked certificates: 0
Total SSL server authentications: 0
Failed SSL server authentications: 0
Session headers extracted: 0
Session headers failed: 0
Server cert headers extracted: 0
Server cert headers failed: 0
Client cert headers extracted: 0
Client cert headers failed: 0
Headers truncated: 0
Redirects due to cert not yet valid: 0
Redirects due to cert expired: 0
Redirects due to unknown issuer cert: 0
Redirects due to cert revoked: 0
Redirects due to no client cert: 0
Redirects due to no CRL available: 0
Redirects due to expired CRL: 0
Redirects due to bad cert signature: 0
Redirects due to other cert error: 0
Internal error: 27
Handshake FlushRX operations: 0
Handshake FlushTX operations: 0
Xscale messages rcvd from ME: 1313330
Xscale messages sent to ME: 2041768
Finish msg split across ssl recs: 0
Fasttx msg ring full: 0
SSL_ME tx msg ring full: 0
N2 encrypt_record: 0
N2 decrypt_record: 144433
N2 random: 439915
N2 handshake_hash: 878094
N2 hash: 0
N2 gpop_master: 291164
N2 gpop_import_master_secret: 5
N2 gpop_pkcs1v15enc: 144430
N2 gpop_pkcs1v15enc_crt: 0
N2 gpop_finish: 291140
N2 gpop_verify: 0
N2 gpop_pkcs1v15dec: 0
N2 gpop_pkcs1v15dec_crt: 146752
N2 rsa_server_full: 15
N2 resume: 12
UXP A: 24576
UXP B: 0
The "Internal error" counter increases with failed connections.
Printscreen from wireshark attached.
Maybe someone has the problem like ours? I have no idea how to troubleshoot these "internal errors"... :-(
Thanks for your replies.Thanks for your reply.
The problem is not server-related, I have exactly the same situation if I do SSL termination only, with unencrypted connection between ACE and backend servers (another servers, with blank apache installed and listening on 443 port for non-SSL traffic) - generally speaking, it works, but often with these "internal errors" - not suitable for production.
Here is the output from the commands
# show np 1 me-stats -E0
SSL Server Statistics:
SSL alert CLOSE_NOTIFY rcvd: 0
SSL alert UNEXPECTED_MSG rcvd: 0
SSL alert BAD_RECORD_MAC rcvd: 0
SSL alert DECRYPTION_FAILED rcvd: 0
SSL alert RECORD_OVERFLOW rcvd: 0
SSL alert DECOMPRESSION_FAILED rcvd: 0
SSL alert HANDSHAKE_FAILED rcvd: 0
SSL alert NO_CERTIFICATE rcvd: 0
SSL alert BAD_CERTIFICATE rcvd: 0
SSL alert UNSUPPORTED_CERTIFICATE rcvd: 0
SSL alert CERTIFICATE_REVOKED rcvd: 0
SSL alert CERTIFICATE_EXPIRED rcvd: 0
SSL alert CERTIFICATE_UNKNOWN rcvd: 0
SSL alert ILLEGAL_PARAMETER rcvd: 0
SSL alert UNKNOWN_CA rcvd: 0
SSL alert ACCESS_DENIED rcvd: 0
SSL alert DECODE_ERROR rcvd: 0
SSL alert DECRYPT_ERROR rcvd: 0
SSL alert EXPORT_RESTRICTION rcvd: 0
SSL alert PROTOCOL_VERSION rcvd: 0
SSL alert INSUFFICIENT_SECURITY rcvd: 0
SSL alert INTERNAL_ERROR rcvd: 0
SSL alert USER_CANCELED rcvd: 0
SSL alert NO_RENEGOTIATION rcvd: 0
SSL alert CLOSE_NOTIFY sent: 0
SSL alert UNEXPECTED_MSG sent: 0
SSL alert BAD_RECORD_MAC sent: 0
SSL alert DECRYPTION_FAILED sent: 0
SSL alert RECORD_OVERFLOW sent: 0
SSL alert DECOMPRESSION_FAILED sent: 0
SSL alert HANDSHAKE_FAILED sent: 0
SSL alert NO_CERTIFICATE sent: 0
SSL alert BAD_CERTIFICATE sent: 0
SSL alert UNSUPPORTED_CERTIFICATE sent: 0
SSL alert CERTIFICATE_REVOKED sent: 0
SSL alert CERTIFICATE_EXPIRED sent: 0
SSL alert CERTIFICATE_UNKNOWN sent: 0
SSL alert ILLEGAL_PARAMETER sent: 0
SSL alert UNKNOWN_CA sent: 0
SSL alert ACCESS_DENIED sent: 0
SSL alert DECODE_ERROR sent: 0
SSL alert DECRYPT_ERROR sent: 0
SSL alert EXPORT_RESTRICTION sent: 0
SSL alert PROTOCOL_VERSION sent: 0
SSL alert INSUFFICIENT_SECURITY sent: 0
SSL alert INTERNAL_ERROR sent: 0
SSL alert USER_CANCELED sent: 0
SSL alert NO_RENEGOTIATION sent: 0
SSLv2 client hello received: 0
SSLv3 client hello received: 0
TLSv1 client hello received: 0
SSLv3 negotiated protocol: 0
TLSv1 negotiated protocol: 0
SSLv3 full handshakes: 0
SSLv3 resumed handshakes: 0
Cipher sslv3_rsa_rc4_128_md5: 0
Cipher sslv3_rsa_rc4_128_sha: 0
Cipher sslv3_rsa_des_cbc_sha: 0
Cipher sslv3_rsa_3des_ede_cbc_sha: 0
Cipher sslv3_rsa_exp_rc4_40_md5: 0
Cipher sslv3_rsa_exp_des40_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_md5: 0
Cipher sslv3_rsa_exp1024_des_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_sha: 0
Cipher sslv3_rsa_aes_128_cbc_sha: 0
Cipher sslv3_rsa_aes_256_cbc_sha: 0
TLSv1 full handshakes: 0
TLSv1 resumed handshakes: 0
Cipher tlsv1_rsa_rc4_128_md5: 0
Cipher tlsv1_rsa_rc4_128_sha: 0
Cipher tlsv1_rsa_des_cbc_sha: 0
Cipher tlsv1_rsa_3des_ede_cbc_sha: 0
Cipher tlsv1_rsa_exp_rc4_40_md5: 0
Cipher tlsv1_rsa_exp_des40_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_md5: 0
Cipher tlsv1_rsa_exp1024_des_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_sha: 0
Cipher tlsv1_rsa_aes_128_cbc_sha: 0
Cipher tlsv1_rsa_aes_256_cbc_sha: 0
Total SSL client authentications: 0
Failed SSL client authentications: 0
SSL authentication cache hits: 0
SSL static CRL lookups: 0
SSL best effort CRL lookups: 0
SSL CRL lookup cache hits: 0
SSL revoked certificates: 0
Total SSL server authentications: 0
Failed SSL server authentications: 0
Session headers extracted: 0
Session headers failed: 0
Server cert headers extracted: 0
Server cert headers failed: 0
Client cert headers extracted: 0
Client cert headers failed: 0
Headers truncated: 0
Redirects due to cert not yet valid: 0
Redirects due to cert expired: 0
Redirects due to unknown issuer cert: 0
Redirects due to cert revoked: 0
Redirects due to no client cert: 0
Redirects due to no CRL available: 0
Redirects due to expired CRL: 0
Redirects due to bad cert signature: 0
Redirects due to other cert error: 0
Internal error: 0
SSL Client Statistics:
SSL alert CLOSE_NOTIFY rcvd: 0
SSL alert UNEXPECTED_MSG rcvd: 0
SSL alert BAD_RECORD_MAC rcvd: 0
SSL alert DECRYPTION_FAILED rcvd: 0
SSL alert RECORD_OVERFLOW rcvd: 0
SSL alert DECOMPRESSION_FAILED rcvd: 0
SSL alert HANDSHAKE_FAILED rcvd: 0
SSL alert NO_CERTIFICATE rcvd: 0
SSL alert BAD_CERTIFICATE rcvd: 0
SSL alert UNSUPPORTED_CERTIFICATE rcvd: 0
SSL alert CERTIFICATE_REVOKED rcvd: 0
SSL alert CERTIFICATE_EXPIRED rcvd: 0
SSL alert CERTIFICATE_UNKNOWN rcvd: 0
SSL alert ILLEGAL_PARAMETER rcvd: 0
SSL alert UNKNOWN_CA rcvd: 0
SSL alert ACCESS_DENIED rcvd: 0
SSL alert DECODE_ERROR rcvd: 0
SSL alert DECRYPT_ERROR rcvd: 0
SSL alert EXPORT_RESTRICTION rcvd: 0
SSL alert PROTOCOL_VERSION rcvd: 0
SSL alert INSUFFICIENT_SECURITY rcvd: 0
SSL alert INTERNAL_ERROR rcvd: 0
SSL alert USER_CANCELED rcvd: 0
SSL alert NO_RENEGOTIATION rcvd: 0
SSL alert CLOSE_NOTIFY sent: 0
SSL alert UNEXPECTED_MSG sent: 4108
SSL alert BAD_RECORD_MAC sent: 0
SSL alert DECRYPTION_FAILED sent: 0
SSL alert RECORD_OVERFLOW sent: 0
SSL alert DECOMPRESSION_FAILED sent: 0
SSL alert HANDSHAKE_FAILED sent: 63355
SSL alert NO_CERTIFICATE sent: 0
SSL alert BAD_CERTIFICATE sent: 0
SSL alert UNSUPPORTED_CERTIFICATE sent: 0
SSL alert CERTIFICATE_REVOKED sent: 0
SSL alert CERTIFICATE_EXPIRED sent: 0
SSL alert CERTIFICATE_UNKNOWN sent: 0
SSL alert ILLEGAL_PARAMETER sent: 0
SSL alert UNKNOWN_CA sent: 0
SSL alert ACCESS_DENIED sent: 0
SSL alert DECODE_ERROR sent: 0
SSL alert DECRYPT_ERROR sent: 0
SSL alert EXPORT_RESTRICTION sent: 0
SSL alert PROTOCOL_VERSION sent: 0
SSL alert INSUFFICIENT_SECURITY sent: 0
SSL alert INTERNAL_ERROR sent: 37662
SSL alert USER_CANCELED sent: 0
SSL alert NO_RENEGOTIATION sent: 0
SSLv2 client hello received: 0
SSLv3 client hello received: 0
TLSv1 client hello received: 0
SSLv3 negotiated protocol: 0
TLSv1 negotiated protocol: 4062020
SSLv3 full handshakes: 0
SSLv3 resumed handshakes: 0
Cipher sslv3_rsa_rc4_128_md5: 0
Cipher sslv3_rsa_rc4_128_sha: 0
Cipher sslv3_rsa_des_cbc_sha: 0
Cipher sslv3_rsa_3des_ede_cbc_sha: 0
Cipher sslv3_rsa_exp_rc4_40_md5: 0
Cipher sslv3_rsa_exp_des40_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_md5: 0
Cipher sslv3_rsa_exp1024_des_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_sha: 0
Cipher sslv3_rsa_aes_128_cbc_sha: 0
Cipher sslv3_rsa_aes_256_cbc_sha: 0
TLSv1 full handshakes: 4015344
TLSv1 resumed handshakes: 0
Cipher tlsv1_rsa_rc4_128_md5: 0
Cipher tlsv1_rsa_rc4_128_sha: 0
Cipher tlsv1_rsa_des_cbc_sha: 0
Cipher tlsv1_rsa_3des_ede_cbc_sha: 0
Cipher tlsv1_rsa_exp_rc4_40_md5: 0
Cipher tlsv1_rsa_exp_des40_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_md5: 0
Cipher tlsv1_rsa_exp1024_des_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_sha: 0
Cipher tlsv1_rsa_aes_128_cbc_sha: 4062020
Cipher tlsv1_rsa_aes_256_cbc_sha: 0
Total SSL client authentications: 0
Failed SSL client authentications: 0
SSL authentication cache hits: 4059147
SSL static CRL lookups: 0
SSL best effort CRL lookups: 0
SSL CRL lookup cache hits: 0
SSL revoked certificates: 0
Total SSL server authentications: 4059888
Failed SSL server authentications: 0
Session headers extracted: 0
Session headers failed: 0
Server cert headers extracted: 0
Server cert headers failed: 0
Client cert headers extracted: 0
Client cert headers failed: 0
Headers truncated: 0
Redirects due to cert not yet valid: 0
Redirects due to cert expired: 0
Redirects due to unknown issuer cert: 0
Redirects due to cert revoked: 0
Redirects due to no client cert: 0
Redirects due to no CRL available: 0
Redirects due to expired CRL: 0
Redirects due to bad cert signature: 0
Redirects due to other cert error: 0
Internal error: 20380
Handshake FlushRX operations: 0
Handshake FlushTX operations: 0
Xscale messages rcvd from ME: 12092768
Xscale messages sent to ME: 0x0176adac
Finish msg split across ssl recs: 0
Fasttx msg ring full: 0
SSL_ME tx msg ring full: 0
N2 encrypt_record: 0
N2 decrypt_record: 4015344
N2 random: 8148797
N2 handshake_hash: 4322635
N2 hash: 0
N2 gpop_master: 4041700
N2 gpop_import_master_secret: 0
N2 gpop_pkcs1v15enc: 4041700
N2 gpop_pkcs1v15enc_crt: 0
N2 gpop_finish: 4031710
N2 gpop_verify: 0
N2 gpop_pkcs1v15dec: 0
N2 gpop_pkcs1v15dec_crt: 0
N2 rsa_server_full: 0
N2 resume: 0
UXP A: 24576
UXP B: 0
# show np 1 me-stats "-shttp -v"
HTTP Statistics (Current)
Unknown msgs received: 0 0
Data rx msgs received: 288293958 4
TCP proxy rx msgs received: 9816884 1
Ack trigger rx msgs received: 0 0
TCP event rx msgs received: 52961189 2
Dest decision tx msgs received: 55155089 1
LB dest decision tx msgs received: 0 0
Close tx msgs received: 83942817 0
Inspect allow tx msgs received: 0 0
Inspect drop tx msgs received: 0 0
DRAM blocks read: 577612022 16
Buffers dropped: 2702255 0
Regex states read: 38438408 25
Unproxy cancellations: 0 0
Redundant closes: 2990271 0
Internal errors: 0 0
Conn mismatch errors: 2748628 0
Exception with close: 6 0
Dest errors: 1 0
Total Packet count (Tx & Rx): 490169937 8
Stop regex: 12 0
(Context 5 Statistics)
Parse result LB msgs sent: 121180 0
Drop: LB queue full: 0 0
Parse result Inspect msgs sent: 0 0
Drop: Inspect queue full: 0 0
TCP data msgs sent: 96215 0
TCP queue full: 0 0
SSL data msgs sent: 516306 0
SSL queue full: 0 0
TCP fin msgs sent: 939 0
TCP rst msgs sent: 147 0
SSL fin msgs sent: 102907 0
SSL rst msgs sent: 38548 0
Bounced fin msgs sent: 1481 0
Bounced rst msgs sent: 2 0
Unproxy msgs sent: 25333 0
Drain msgs sent: 113966 0
Reuse msgs sent: 2304 0
Particles read: 1448314 0
HTTP requests: 121688 0
Reproxied requests: 17680 0
Headers inserted: 3825 0
Headers removed: 51 0
Headers rewritten: 0 0
HTTP redirects: 0 0
HTTP chunks: 42154 0
Unproxy conns: 25325 0
Pipelined requests: 0 0
Pipeline flushes: 0 0
Whitespace appends: 0 0
Response entries recycled: 24493 0
Second pass parsing: 0 0
Vserver mismatch errors: 5 0
Analysis errors: 0 0
Static parse errors: 20 0
Max parselen errors: 0 0
Resource errors: 75 0
Invalid path errors: 0 0
Bad HTTP version errors: 0 0
Header insert errors: 75 0
Header rewrite errors: 0 0
Invalid policy errors: 0 0
Invalid rserver errors: 0 0
Recycled requests: 0 0
SSL header insert success: 0 0
SSL header insert errors: 0 0
SSL spoof header deleted: 0 0
Drop: RST pipelined request: 0 0
There's nothing in ACE logs.
Forgot to mention - we are running ACE in one-arm mode, but I don't believe it makes a difference. -
End-to-End user authentication with XI
Dear community,
we sit in a situation where the customer wants to have an end-to-end-authentication throughout an integration process.
The setup is as follows: a dialog-user in a legacy system uses an application that triggers an integration process through XI into SAP ERP. The dialog-user in the legacy system must be used for authentication in XI as well as SAP ERP.
To avoid having to re-create all users in XI and SAP ERP, ideally an LDAP instance would be used for authentication.
Based on my knowledge, the above scenario is not possible with XI and there is a 2 year old thread discussing the same without any positive outcome:
XI and user authentication VS R/3 systems
Nevertheless I consider this requirement as a pretty standard one. Has there been any development in this area - or how have similar customer requirements been met ?
Thanks a lot in advance !
JochenHi Jochen,
i've heard rumours saying that credential forwarding will be incorporated in the next XI release as it is a rather frequent requirement by customers and will make live much easier.
Maybe you can get a statement through your clients SAP account representative on the release date and the planned feature.
Regards
Christine -
Issues with 105 End to End tutorial
Hi,
In working my way through the end-to-end, I am running into two issues in part 5 (Human Workflow Task):
- the instruction suggests the Worklist Application's URL to be http://localhost:8888/integration/worklistapp. In my (automatically installed) environment however that should be http://localhost:8988/integration/worklistapp
- the login to be used for entering the Worklist Application is given as fmwadmin/welcome1. However: I cannot get access to the Worklist with that account. I have been able to locate the user fmwadmin from JDeveloper and when I check the system-jazn-data.xml file for the OC4J I can see the user as well. Is there a way to reset the password? Or can it be that instead of welcome1 another password should be used?
thank.
LucasAfter some additional trials, it seems that having messed with the jazn-system properties, I can now no longer deploy to the Server as per
#### Deployment incomplete. #### Dec 28, 2007 8:35:29 AM
Error while getting remote MBeanServer for url: ormi://127.0.0.1:23891/default:
Error reading application-client descriptor: Error communicating with server: Not authorized; nested exception is:
javax.naming.AuthenticationException: Not authorizedmessages.
I think I will now remove the Embedded OC4J in its entirety and re-run Configure SOA; which will probably mean that I cannot get into the Worklist Application after all.
So the question remains: what is the correct password for the fmwadmin user?
Lucas -
After an recent OS7 update my iPad2 requested a restore which I did, at the end my iPad jumped into "communicating with iTune" but it never communicates. I restored 3 time alreaady and I am not able to communicate with iTune to be able to use my iPad which is my working tool.
What should I do?Communicate with iTunes? What does this mean? Tell us what you are seeing on your screen and what you then try to do?
-
Problem in XI 30 with End-to-End Monitoring
Hi people,
I'm acceding to the End-to-End Monitoring in the Runtime Workbench.
After I introduce all the data for monitoring messages and click
Display.
It shows the error:
[code]java.lang.NullPointerException
at com.sap.plaf.frog.FrogScrollPaneUI$1.propertyChange(FrogScrollPaneUI.java:113)
at java.beans.PropertyChangeSupport.firePropertyChange(Unknown Source)
at java.beans.PropertyChangeSupport.firePropertyChange(Unknown Source)
at java.awt.Component.firePropertyChange(Unknown Source)
at javax.swing.JScrollPane.setHorizontalScrollBar(Unknown Source)
at javax.swing.plaf.basic.BasicComboPopup.createScroller(Unknown Source)
at javax.swing.plaf.basic.BasicComboPopup.<init>(Unknown Source)
at com.sap.plaf.frog.FrogComboPopup.<init>(FrogComboPopup.java:21)
at com.sap.plaf.frog.FrogComboBoxUI.createPopup(FrogComboBoxUI.java:410)
at com.sap.plaf.frog.FrogComboBoxUI.installUI(FrogComboBoxUI.java:178)
at javax.swing.JComponent.setUI(Unknown Source)
at javax.swing.JComboBox.setUI(Unknown Source)
at javax.swing.JComboBox.updateUI(Unknown Source)
at javax.swing.JComboBox.init(Unknown Source)
at javax.swing.JComboBox.<init>(Unknown Source)
at com.sap.jnet.clib.JNcToolBar$ComboBox.<init>(JNcToolBar.java:64)
at com.sap.jnet.clib.JNcToolBar.addComboBox(JNcToolBar.java:192)
at com.sap.jnet.clib.JNcAppWindow.newUI(JNcAppWindow.java:538)
at com.sap.jnet.clib.JNcAppWindow.newData(JNcAppWindow.java:966)
at com.sap.jnet.JNetData.createGraphFromDOM(JNetData.java:488)
at com.sap.jnet.JNetData.load(JNetData.java:674)
at com.sap.jnet.JNetData.load(JNetData.java:710)
at com.sap.jnet.JNetApplet.init(JNetApplet.java:545)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
[/code]
The version of my JVM is: build 1.5.0_08, but also I have test in
another computer with version 1.4.2_12 of the JVM. Additionally, the
version of JAVA Web Start is 1.0.1_02.
What could be happening?
Is a problem with my clients??? Is a problem with .jar????
Kind regards,Himadri,
In the exchange profile the port and host name are correct.
Venkat,
Yes, it shows the log-in pop up and I have access to the next window (it's divided in two parts, to the left I select the values; and to the right with the client java). But before acceding this window, it shows the error that I comment and the right part shows "JNET Aborted...".
If I press Start Selection, the java client try to load and shows the same error. -
can there be an original box of iphone 4s from a butt end from above and from below with the pictures of apples without the icon of icloud or it is an imitation?
I've not seen a box without that icon, but I can't say with certainty that some, particular from the initial release of the iPhone 4S, didn't come without that icon. If you have doubts, though, I'd suggest you just not buy that device, if that's what you were considering. Buying only from authorized iPhone resellers is almost always going to be safest. There's no way of knowing what you might get if you buy from other sellers. It may be a geniune iPhone, but be from another country and either locked to a carrier there or jailbroken to unlock it.
Regards. -
Oracle Backup End to End Automation with BRBACKUP and RMAN
Hi,
We are about to implement a Oracle on mySAP 2004 or 2004 i.e. either NW2004 or NW2004s. Currently we are on DB2 UDB.
We are going to use legato for backup.
legato networker module (I guess this is module built for BACKINT) for SAP is too costly, so we are looking at alternatives for backup using legato without using networker module.
We have virtual tape library (disk that emulates as tape library). we plan to keep 30 days/versions of backup there.
Can we use BRBACKUP and RMAN to achieve end to end backup automation without using networker module by using the BRBACKUP delivered options and integrating to RMAN.
I do see BRBACKUP options like tape_box and pipe_box. Are these will be useful to achieve this.
Other question is do we really need to integrate with RMAN. What are the advantages.
So far I see the advantages with RMAN are 1. incremental backups. 2. Online backups are handled more consistently than normal.
Appreciate your information.
Thank you,
Ravi Gandavarapu.Hi Jason,
Yes, we have SAN storage. Also thinking to use split-mirror for production.
Do this need legato networker module. Or we can put a script without out the module also?
>>There is one little complexity to this but if you're interested I'll explain it. <<
Would you please explain what it is ?
Again for my dev and qa systems we are not planning split-mirror.
My plan is to back them up straight to VTL (disk based). Do you think using RMAN here helps (because of incremental) ?
I was recently going through 10g features. Looks like 10g has a feature that you can merge incremental with level0. Does brbackup supports this?
Appreciate your info.
Ravi Gandavarapu. -
Hi folks,
Ronny's here again on forums, having particularly 2 (two) questions/problems to resolve:
1) Countdown Timer to the designated Date for Live-Broadcast-Event yet to take place
2) Detect End of Live Stream on FLVPlayback with FLVPlayback.isLive = true
attached is the .zip file (as3_Countdown Timer_ver 1.0.1_by Ronny Depp.zip) with all flash source files containing:
a) The FLash Source (file: timer_module.fla) - (FLA flash source file - Flash CS3 Professional, Flash Player 9, actionscript 3.0)
b) com.othenticmedia.utils.dateAndTimeManagement package including 2 .as actionscript 3.0 Class files.
i) com.othenticmedia.utils.dateAndTimeManagement.DateAndTimeManager Class in the said package. (file: DateAndTimeManager.as)
ii) com.othenticmedia.utils.dateAndTimeManagement.CountdownTimer Class in the package. (file: CountdownTimer.as)
c) The compiled SWF file version of this Application's blueprint. (file: timer_module.swf).
What i need to confirm is: ........................................................ see the next post of mine. (for Problems need to be Resolved)Problems to Resolve:
Problem#1) - Countdown Timer to the designated Date for Live-Broadcast-Event yet to take place.
Problem#2) - Detect End of Live Stream on FLVPlayback with FLVPlayback.isLive = true;
Problem#1 Description:
I need to pinpoint the Logical TimeSync Exception, i am still unable to figure out. That is I'm using a webservice in my Application to Synchronize the Time with the actual ET (eastern time) with accomodation of auto-adjustment for EDT GMT-4 (eastern daylight time) & EST GMT-5 (eastern standard time), times. I am using the zipcode: "10012" to pass it to the Web Service in urlRequest object, to retrieve the Current ET eastern time according to EDT & EST time settings for Manhattan/Brooklyn areas or others within New York, NY 10012.
Currently the Web Service is returning accurate date/time based on local EDT GMT-4 daylight time.
Is there some defined set of dates for EDT & EST times for New York region that I can check for to ensure the correct Dates/Times for Eastern Time in New York area ??? I am using NY zipcodes because i am sure to get correct ET values.
The Major Problem Part: is I need to correct the time by 2 seconds or approx. 2 secs, some millisecs.
When I retrieve the Time Value from WebService, it lags behind for 2 seconds as compared to DateObj i create using computer's local time, on my Windows XP Service Pack 2 with Automatic Updates turned-on. And I'm sure about my Windows will be having latest updates for Time Management already installed. I also added the 2 secs. to the TimeSync(ed) Date to make correction to this Date obj.
I call my custom fucntion addSeconds(dateObj:Date, secs:int) to add 2 seconds to the Date by Converting Seconds to Milliseconds.
Please comb through the as code in files attached and Help Me Out !!!
Problem#2 Description:
Secondly I need to Detect the End of Stream state while using FLVPlayback component, an rtmp:// live Stream from FLASH MEDIA SERVER.
I need to Play a YuMe Post-Roll Ad when Steam Finishes/Ends.
Live Broadcast Stream Event starts every night on Wednesdays & Saturdays exactly at 10:59 PM EDT GMT-4.
Live Events only Streams/Broadcasts the stream for 50secs. exactly. When [playback stopped] it plays a PostRoll Ad and after the CountdownTimer again comes back to life. The Next upcoming Event is calculated & the Countdown begins until Next Event's time/date is reached.
Here is the code on the frame 1 on the MainTimeline: (rest of the params like source, volume, skinAutoHide are Set using Property Inspector for FLVPlayback instance on Stage)
//myStream instance of FLVPlayback is on the Stage
myStream.isLive = true;// Frame 1 Actions in the FLA
myStream.addEventListener(VideoEvent.COMPLETE, onEndOfStream);
myStream.addEventListener(VideoEvent.STATE_CHANGE, onState);
myStream.addEventListener(String(VideoError.NO_CONNECTION), onStreamError);
myStream.addEventListener(NetStatusEvent.NET_STATUS, netStatusHandler);
/*if(myStream.stopped){
trace("tracy: "+myStream.state);
} else if(myStream.state == VideoState.STOPPED){
trace("tracy: "+myStream.state);
function onStreamError(event:VideoError) {
trace(event.code + "\n\t" + event);
function onState(event:VideoEvent) {
trace(event.state + "\n\t" + event.toString());
function onEndOfStream(event:VideoEvent) {
trace(event.state + "\n\t" + event.toString());
function netStatusHandler(event:NetStatusEvent):void {
switch (event.info.code) {
case "NetConnection.Connect.Success":
//connectStream();
break;
case "NetStream.Play.StreamNotFound":
trace("Stream not found: "/* + myStream.source*/);
break; -
ACE end-to-end SSL with Client Authentication
we have a need to perform an end-to-end SSL with the ACE doing client authentication. Is there a mechanism to allow the ACE to inspect certain fields in the user certificate? All I see are checks for signature, validity, expiration, etc. Nothing that would allow me to inspect a user cert field such as "OU" and take an action based on content of the field.
any ideas? thanks
Bob Overberg
RABA Technologies
SRA International, Inc.Thanks for the quick response. Is there another Cisco device that does have those capabilities?
thanks.
Bob O. -
What can I do I got my iPad fixed at a different brand place but not apple and I have ended up a few weeks later with dust inside my screen is their anything apple can still do for me?
If another person or company serviced your iPad, your warranty has been voided. Apple will do an out-of-warranty exchange. Have you contacted the original service provider, and complained?
-
Marque vlans voip with DSCP end-to-end
Hello,
I want to mark all vlan voip with DSCP (value 46) end to end,could you plz tell me how i can do it?,
SW:2960 or 3560
SW_BB0:3570
Router3800
Phone type:Avaya
Phone <-------->SW<-------->SW_BB0 <--------> RouterX <--------> RouterY <------> RouterZ <--------> Router-customer<-------->Phone
Best regardHi Paolo,
So should I configure DSCP just on first Switch or router?
And if you could please tell me the best place where I apply the config?
James -
hello i have been trying to install i tunes 10 on to my pc but as i get to the end of installation it comes up with the message windows installer package failed contact support or vendor how do i solve this im running vista of an acer laptop many thanks
Let's try the following user tip with that one:
"There is a problem with this Windows Installer package ..." error messages when installing iTunes for Windows
Maybe you are looking for
-
Defining Dimensions, Attribute Hierarchies for a Link Table(Many to Many)
I have 3 Tables in the Database Table 1: Transactions (Fact Table) - PK(TransactionId) Table 2: Relationship (Dimension1) - PK(Relationship Id), FK_TransactionId, FK_CompanyId, RelationshipType Table 3: Companies (Dimension 2) - PK(CompanyId) Table 2
-
Digital signature on xml string
Hello I'm trying to sign an xml string, but when I do so, I receive: HIERARCHY_REQUEST_ERR: An attempt was made to insert a node where it is not permitted. at com.sun.org.apache.xerces.internal.dom.CoreDocumentImpl.insertBefore(Unknown Source)
-
How to insert data from webdypro form to ztable
hi all, i have created one webdynpro form and i have created one ztable in sap system. when ever i have to give information in input fields in webdypro page, at that time the information should go to ztable in sap system. i am developing in webdynpro
-
Bootcamp 64 bit for MacBook Pro 13" 2010?
When inserting my Snow Leo disk, it says 64 bit isn't supported for this device. There is however a 64 bit update for the same device in the downloads section of Apple.com, but I can't install that.
-
Experts, I recorded FBRA in LSMW to mass reset cleared items. While in LSMW - create batch input, I'm getting "BDC_OPEN_GROUP, group .. is invalid" error. What is this? and how can I fix it. Thanks, Sri