Ipfilter & zones w/ qfe cards

I am running 3 zones, using qfe0, qfe1 and qfe2. However ipf seems to see all packets as being to and from qfe1. And sometimes from all 3 interfaces?!
For example, running a default 'block in log all | pass out all keep state'
qfe0 = 10.0.0.1 = zone 0
qfe1 = 20.0.0.1 = zone 1
qfe2 = 30.0.0.1 = zone 2
pinging 10.0.0.1 shows as follows in #ipmon
11/01/2008 18:45:25.816300 qfe2 @0:2 b x.x.x.128,57117 -> 10.0.0.1,143 PR tcp len 20 60 -S IN
11/01/2008 18:45:25.816341 qfe0 @0:2 b x.x.x.128,57117 -> 10.0.0.1,143 PR tcp len 20 60 -S IN
11/01/2008 18:45:25.816372 qfe1 @0:2 b x.x.x.128,57117 -> 10.0.0.1,143 PR tcp len 20 60 -S IN
HELP!
Mike Spenard
/etc/ipf/pfil.ap
#major minor lastminor modules
#le -1 0 pfil
#qe -1 0 pfil
#hme -1 0 pfil
qfe -1 0 pfil
#eri -1 0 pfil
#ce -1 0 pfil
#bge -1 0 pfil
#be -1 0 pfil
#vge -1 0 pfil
#ge -1 0 pfil
#nf -1 0 pfil
#fa -1 0 pfil
#ci -1 0 pfil
#el -1 0 pfil
#ipdptp -1 0 pfil
#lane -1 0 pfil
#dmfe -1 0 pfil

Hi.
please show eeprom local-mac-address? at global zone.
It should be true. In case false - set to true and reboot global zone ( whole system).
Check ifconfig -a for every zone for uniq MAC.
Regards.

Similar Messages

Ipfilter & zones w/qfe cards -- BUG?!

I am running 3 zones, using qfe0, qfe1 and qfe2. However ipf seems to see all packets as being to and from qfe1. And sometimes from all 3 interfaces?!
For example, running a default 'block in log all | pass out all keep state'
qfe0 = 10.0.0.1 = zone 0
qfe1 = 20.0.0.1 = zone 1
qfe2 = 30.0.0.1 = zone 2
pinging 10.0.0.1 shows as follows in #ipmon
11/01/2008 18:45:25.816300 qfe2 @0:2 b x.x.x.128,57117 -> 10.0.0.1,143 PR tcp len 20 60 -S IN
11/01/2008 18:45:25.816341 qfe0 @0:2 b x.x.x.128,57117 -> 10.0.0.1,143 PR tcp len 20 60 -S IN
11/01/2008 18:45:25.816372 qfe1 @0:2 b x.x.x.128,57117 -> 10.0.0.1,143 PR tcp len 20 60 -S IN
HELP!
Mike Spenard
/etc/ipf/pfil.ap
#major minor lastminor modules
#le -1 0 pfil
#qe -1 0 pfil
#hme -1 0 pfil
qfe -1 0 pfil
#eri -1 0 pfil
#ce -1 0 pfil
#bge -1 0 pfil
#be -1 0 pfil
#vge -1 0 pfil
#ge -1 0 pfil
#nf -1 0 pfil
#fa -1 0 pfil
#ci -1 0 pfil
#el -1 0 pfil
#ipdptp -1 0 pfil
#lane -1 0 pfil
#dmfe -1 0 pfil

jasonwryan wrote:
hadrons123 wrote:/usr/lib/lightdm/lightdm:
...and another one
Good catch!
I still see no mention of these issues in the wiki, maybe somebody could add a note / warning?
https://wiki.archlinux.org/index.php/LightDM

QFE Card on Solaris 10 and Ultra 5

Hi,
I have installed a Sun qfe card on my Sun Ultra 5 running Solaris 10.
ifconfig -a shows the ports configured, running, up and with the correct IP and netmask. It's using local MAC address so each card has it's own MAC.
I cant ping or ping from the qfe interfaces, the onboard hme is fine.
I've disabled ipf, checked the ndd settings match the hme interface.
The strange thing is if I snoop the mac address of the qfe port I can see network traffic but if I snoop the IP address there is nothing.
It looks like the card is functioning properly (I've tried a know good one) but something between the MAC and IP is getting screwed?
Any ideas?

Here's a link to the OBP 3.x Reference manual at Docs.Sun.Com.
http://docs.sun.com/app/docs/doc/806-1377-10?q=openboot+command+reference
Keep it for future reference about the systemboard firmware.
Go into OBP and change the setting for "local-mac-address?" in firmware.
Change it from false to true.
See if that lets you run your system with all five interface ports as unique devices.
You can search these forums as well as do a generic Google search
on keyword local-mac-address, for an understanding of how it may help.
It's NOT discussed in that OBP manual I linked above.

QFE card problem

Hi everyone,
I've installed a qfe (gumby) card in mu ultra 5 , it looks to be configured ok, ip addresses and netmasks all ok but I dont appear to be able to use the interfaces.
The onboard hme0 is fine, can ping and be ping'ed from other devices connected to my router.
I tried connecting all interfaces to a hub with my laptop attached and can ping hme0 from my laptop, infact I can ping all the qfe interfaces from my laptop until I disconnect hme0 and they all time out again (I'm guessing the ping is routed through hme0 to qfe# when this happens).
Here is the info
# uname -a
SunOS server1 5.10 Generic sun4u sparc SUNW,Ultra-5_10
# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 192.168.0.5 netmask ffffff00 broadcast 192.168.0.255
ether 8:0:20:9c:32:1c
qfe0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
inet 192.168.0.6 netmask ffffff00 broadcast 192.168.0.255
ether 8:0:20:ea:e9:a6
qfe1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4
inet 192.168.0.11 netmask ffffff00 broadcast 192.168.0.255
ether 8:0:20:ea:e9:a7
qfe2: flags=1000803<UP,BROADCAST,MULTICAST,IPv4> mtu 1500 index 5
inet 192.168.0.12 netmask ffffff00 broadcast 192.168.0.255
ether 8:0:20:ea:e9:a8
qfe3: flags=1000803<UP,BROADCAST,MULTICAST,IPv4> mtu 1500 index 6
inet 192.168.0.13 netmask ffffff00 broadcast 192.168.0.255
ether 8:0:20:ea:e9:a9
I have not installed the qfe drivers as I don not have the cd but I presume by Solaris 10 this was all included in the OS.
Any ideas would be a real help.

I hope not, but the poster has placed multiple physical interfaces on the same subnet. This is not a valid configuration on Solaris unless IPMP is being used, and the reason is exactly what was given. One of the interfaces will be used for outbound traffic (hme0 in this case), so connectivity disappears if it becomes disabled.
Darren

Linux drivers for SUN Quad PCI card

Hi everyone.
I have a question regarding drivers for a Sun QUAD network card. I belive it is a X1034A card.
The card is also marked with a label saying: *5015406063174* and a barcode. On another label it says: P04280713
Is there any chance that this card would function under a Linux operating system on an intel x86 server?
Does anyone know where I could find the drivers for this configuration?
Best regards,
Rod

Take a closer look at the actual card,
particularly at the central Ethernet chip.
If I recall correctly, it is a DEC DC2115x chipset for 10/100Mbit connectivity,
and should be natively recognized by Linux.
The 501-5406 QFE card, as shown on a 3rd party web site.
Install it and boot your system.
You should know in just a few moments whether it'll work,
or whether the Sun firmware is of any concern.

Drivers for Sun Floppy under Win 2000 on SUN Pci card.

Hi,
I'm running a Sun Blade 150 with Solaris 8. I have a Sun Pci card with Windows 2000 loaded. When Win2k boots, it asks for drivers for a "sun floppy". I've looked around for these drivers but I can't find them. Can anyone point me to them. Thanks.

Take a closer look at the actual card,
particularly at the central Ethernet chip.
If I recall correctly, it is a DEC DC2115x chipset for 10/100Mbit connectivity,
and should be natively recognized by Linux.
The 501-5406 QFE card, as shown on a 3rd party web site.
Install it and boot your system.
You should know in just a few moments whether it'll work,
or whether the Sun firmware is of any concern.

Shopping cart creation category dropdown selecting the most used category

Hi SRM gurus,
While creating a shopping cart one of our most used category gets selected by default before we start doing anything.
Everytime we have to change the category.
Is there a way that will become blank and we can select from the dropdown or the find list.
Kindly suggest.
We are using SRM component version 4.0, SRM server 5.0, our patch level 0008.
Thx. & reg.,
Sridhar.

Hi
Yes.. This was happening with us when we used SRM 4.0 version.
We have used an BADI Implementation to resolve this issue.
The BADI name is BBP_F4_READ_ON_EXIT 
For Product category -> Product category (attr. WGR, PRCAT) GET_CATEGORY Method, you need to go ahead.
Read the documenation of this BADI and you will get the problem resolved after implementing the same.
Here is the documentation
BBP_F4_READ_ON_EXIT
Short Text
Restrict the Display in Input Helps and Search Helps
You can use the Business Add-In (BAdI) BBP_F4_READ_ON_EXIT to restrict (or augment) the list of values and favorites that are output in the input and search helps. You can only process data elements for which input helps exist on HTML templates. The following three BAdIs are also available:
BBP_F4_READ_ON_ENTRY
Use this BAdI if you do not just want to restrict the favorites and values list but also want to select this yourself.
BBP_F4_MEM_UPDATE
BBP_F4_SAVE_DB
The following three modules are used to process the values per data element:
BBP_GET_<data element>_F4
Supplies a list of all values and user-specific favorites. You can influence how this module works using BAdI BBP_F4_READ_ON_ENTRY and BBP_F4_READ_ON_EXIT.
BBP_UPD_<data element>_FAV
Updates the favorites in internal function group storage. You can influence how this module works using BAdI BBP_F4_MEM_UPDATE.
BBP_SET_<data element>_FAV
Writes the current favorites to the database. You can influence how this module behaves using BAdI BBP_F4_SAV_DB.
Use
Only implement this BAdI and only program the appropriate method if you want to restrict or augment the value set of standard selection.
If you determine favorites using a BAdI, the standard modules do not process the favorites further. Warning: If, deviating from standard selection, you determine the list of favorites yourself using a BAdI, you have to temporarily store the favorites in the methods of the BAdIs and carry out final saving to the database yourself.
Standard settings
If data is added via the methods, no check of this data occurs. The check has to occur in the methods themselves.
The interfaces of the methods of the BAdI are (almost) always the same:
IV_LANGUAGE
Language for determination of the texts
IV_USER
User for which the values are requested
ET_<data element>_LIST
The list of valid values changed by you
EV_X_FAV_PROCESSED
Use "X" to stipulate that you have filled the favorites list. Only present if favorites table exists for relevant data element.
ET_<data element>_FAVOURITES
Changed favorites list for user IV_USER. Only exists if favorites table exists for relevant data element.
The methods have to fill the structures of the transfer tables completely. Incompletely filled structures can cause followup errors and unforseen consequences.
Activities
Reading of value lists and favorites using function module BBP_GET_<data element>_F4 occurs as follows:
1. First the BAdI BBP_F4_READ_ON_ENTRY is called. It is possible to fill the input list (and favorites) with default values.
a) In the case of default values, exactly these values are returned to the initiator. No further processing or check occurs and the module is exited.
b) If no default values exist, the standard selection is carried out.
2. Before the values are transferred externally you can restrict or augment the number of hits using the BAdI BBP_F4_READ_ON_EXIT. You can therefore delete entries from or add entries to the input list or favorites list.
3. BAdI BBP_F4_READ_ON_EXIT provides an individual method for each data element for which an input help and/or favorites table exists. These are listed below.
If you use this method, you need to indicate processing using the parameter EV_X_LIST_PROCESSED or EV_X_FAV_PROCESSED. Otherwise the selection is lost.
List of available methods per data element in BBP_F4_READ_ON_EXIT:
Field/Data element Method
Currency GET_CURRENCY
Region GET_REGION
Country GET_COUNTRY
Language GET_LANGUAGE
Industry GET_INDUSTRY
Academic title GET_ACADEMIC
Time zones GET_TIMEZONE
Procurement cards GET_PCARD
Legal forms GET_LEGAL
Format for name format GET_NAMEFORM
Quality management systems GET_QMSYSTEM
Fixed values GET_DOMVALUE
Form of address texts GET_TITLEKEY
Units of measure GET_UNIT
Bank data GET_BANKINFO
Tax number types GET_TAXNUMT
Tax numbers per country GET_TAXTYPE
Tax groups per tax type GET_TAXGROUP
Terms of payment GET_PAYMTERM
RFC destinations GET_RFC_LOGS
Logical systems GET_LOGSYS
Tax codes GET_TAXCODE
Catalogs (attribute CAT) GET_CATALOG
Roles (attribute ROLE) GET_ROLE
Account assignment categories (attribute KNT) GET_KNT_ATTR
Purchasing organizations (from PdOrg) GET_PURCHORG
Purchasing organizations (per company) GET_PORGCOMP
Purchasing group (from PdOrg) GET_PURCHGRP
Purchasing group (per company) GET_PGRPCOMP
Product category (attr. WGR, PRCAT) GET_CATEGORY
Products GET_PRODUCT
Goods recipient plant (attr. REQUESTER) GET_GRCPLANT
Goods recipient user (attr. REQUESTER) GET_GRCUSER
Requester (attribute REQUESTER) GET_BOBUSER
Cost centers (attribute CNT) GET_COSTCENT
Asset classes (attribute ANK) GET_ASSETCL
Assets (attribute AN1) GET_ASSETNO
Asset subnumbers (attribute AN2) ET_ASSETSUB
Network (attribute NET) GET_NETWORK
WBS element (attribute PRO) GET_WBSELEM
Order (attribute ANR) GET_ORDERNO
Customer order (attribute AUN) GET_SDDOC
Customer order item (attribute APO) GET_SDDOCPOS
Document type (attribute BSA) GET_DOCTYPE
Transaction type (attribute TEND_TYPE) GET_TENDTYPE
Incase you face any problems, do let me know.
Hope this will help.
Please reward suitable points.
Regards
- Atul

Configure ce interface to accept all frames (regardless of 802.1q tag)?

On Solaris 9,
is it possible to configure a ce interface so it accepts
all Ethernet frames it receives, regardless of the presence,
absence, or value of an 802.1q tag?
I'm trying to run packet sniffing software on a ce interface
(I'm not using the interface for IP). The Ethernet switch
I'm attached to forwards to me copies of traffic from many
different VLANs, via a port mirroring function. Most of
this traffic is tagged with various 802.1q VLAN tags.
Some of this traffic may be untagged.
My difficulty is that since the Sun Gigaswift 'ce' interface
supports 802.1q, if I configure the interface so it
doesn't "do" VLANs (e.g. 'ifconfig ce5 plumb'), the ce interface
discards any incoming frames that have 802.1q tags.
Alternatively, if I configure the ce interface so it "does"
VLANs (e.g. 'ifconfig ce10005 plumb'), I end up having to
configure dozens of logical ce interfaces (one per VLAN) each
of which will only receive frames tagged for one particular VLAN;
I don't end up with an interface that receives all VLAN frames.
I want one logical interface that receives all the frames,
so I can point my sniffing software at it.
There's no problem doing this with a card that doesn't support
802.1q, since that card will happily accept all frames and pass
them up. So I can do this on qfe or bge interfaces. But I need
to do this using interfaces available on a PCI card
(my V880 has several port mirrors coming from various Ethernet switches),
the interfaces need to be 1000 Mbps (which rules out the qfe card), and
I'd like to stay with copper (which rules out the bge card).
That's why I'm trying to do it with the quad ce card, but I'm
stymied by it support for 802.1q. (If there were just some way
I could turn off 802.1q support for specific ce instances.)
Is there a way I can accomplish this with the
copper Gigaswift interface (Cassini driver) in Solaris 9?
If not, is there another 1000 Mbps copper interface (provided on PCI card)
that can do this?
Or does this become possible in Solaris 10?

Oops, when I wrote "bge" above, I meant "ge", of course.
(ge is fiber gigagbit ethernet interface and doesn't know about 802.1q.)

Netra t1 105: Solaris 8 & 9 install failures

Hi Everyone,
I have two (2) Sun Netra T1 105 machines, each with a single 360MHz Ultra SPARC IIi and 256MB RAM. Both have 18.2GB drives that have been wiped clean.
I am connecting using Winblows 2000 and Hyperterminal, serial port B, 9600,8,n,1.
I want to install a fresh copy of Solaris 9 on these systems, but I am having absolutely no luck. I boot from the Solaris 9 install CD and the systems just hang. I've also tried to do network installs, and they hang as well.
I thought it might be my Solaris 9 install media, so I tried to install Solaris 8 using several different releases - 4/01, 10/01 & 2/02. Each time, I get the same result - the boxes just hang.
I make it this far (serial, MAC, and hostid x'ed out to keep our security folks happy):
Netra t1 (UltraSPARC-IIi 360MHz), No Keyboard
OpenBoot 3.10.25 ME, 256 MB memory installed, Serial #XXXXXXXX.
Ethernet address 8:0:20:XX:XX:XX, Host ID: XXXXXXXX.
ok boot cdrom
Boot device: /pci@1f,0/pci@1/pci@1/ide@e/cdrom@2:f File and args:
SunOS Release 5.9 Version Generic 64-bit
Copyright 1983-2002 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
And then it hangs forever. In the OBP, I've set the input and output ttys to ttyb to eliminate LOM interference.
Here is a snapshot of the printenv output:
ok printenv
Variable Name Value Default Value
tpe-link-test? true true
scsi-initiator-id 7 7
keyboard-click? false false
keymap
watchdog-timeout 65535 65535
watchdog-enable? false false
ttyb-rts-dtr-off false false
ttyb-ignore-cd false true
ttya-rts-dtr-off false false
ttya-ignore-cd false true
ttyb-mode 9600,8,n,1,- 9600,8,n,1,-
ttya-mode 9600,8,n,1,- 9600,8,n,1,-
cpci-probe-list 0,1,2,3,4,5,6,7,8,9,a,b, ... 0,1,2,3,4,5,6,7,8,9,a,b, ..
pcia-probe-list 1 1
pcib-probe-list 1,2,3 1,2,3
mfg-mode off off
diag-level min max
d7s-flipped? false false
#power-cycles 67
system-board-serial#
system-board-date
last-poweroff-cause 0 0
env-monitor disabled enabled
shutdown-temperature 74 72
warning-temperature 69 67
fcode-debug? false false
output-device ttyb ttya
input-device ttyb ttya
load-base 16384 16384
auto-boot-retry? false false
use-boot-table? false false
boot-command boot boot
auto-boot? false true
watchdog-reboot? false false
diag-file
diag-device net net
boot-file
boot-device disk net disk net
local-mac-address? true false
net-timeout 0 0
ansi-terminal? true true
screen-#columns 80 80
screen-#rows 34 34
silent-mode? false false
use-nvramrc? false false
nvramrc
security-mode none
security-password
security-#badlogins 21
oem-logo
oem-logo? false false
oem-banner
oem-banner? false false
hardware-revision
last-hardware-update
diag-switch? false false
I have the feeling I am missing something very simple, but I am at a loss. Any assistance is greatly appreciated!
Chad E. Carlson
Skandia Technology Center, Inc.
Shelton, CT USA

This could be part of the problem. How exactly did you wipe the disks in the other machine, and what type of machine was it?I installed the disks into a Sun Netra T1125, partioned (using format) and newfs'd them to create basic file systems.
How about a "boot cdrom -s"? If it boots this way, does "format" see the disks ok?Tried this, same result. The systems don't make it past the licensing terms message.
As for the mini tests - I ran them against every device, and everything seems OK. The floppy test threw an error because I didn't have a floppy drive installed.
I have a 4 port QFE card installed in the machine - all of the loopback tests passed, but the transceiver tests failed. None of the ports are connected (no cables). The two built in Ethernet ports also passed loopback, and 1 passed the transceiver test (the other failed) - the transceiver that passed has a network cable installed.
Testing /pci@1f,0/pci@1/pci@1/pci@f/SUNW,qfe@3,1
Internal loopback test -- succeeded.
Transceiver check -- failed
Selftest failed. Return code = -1
Testing /pci@1f,0/pci@1/pci@1/pci@f/SUNW,qfe@2,1
Internal loopback test -- succeeded.
Transceiver check -- failed
Selftest failed. Return code = -1
Testing /pci@1f,0/pci@1/pci@1/pci@f/SUNW,qfe@1,1
Internal loopback test -- succeeded.
Internal loopback test -- succeeded.
Transceiver check -- failed
Selftest failed. Return code = -1
Testing /pci@1f,0/pci@1/pci@1/pci@f/SUNW,qfe@0,1
Internal loopback test -- succeeded.
Transceiver check -- failed
Selftest failed. Return code = -1
Testing /pci@1f,0/pci@1,1/network@3,1
Internal loopback test -- succeeded.
Transceiver check -- failed
Selftest failed. Return code = -1
Testing /pci@1f,0/pci@1,1/scsi@2
Testing /pci@1f,0/pci@1,1/network@1,1
Internal loopback test -- succeeded.
Transceiver check -- passed
Could I be experiencing problems because of the QFE card?? Doesn't seem logical, but.... perhaps I will yank it out and try again....

Solaris command to show all network interfaces in a server (plumb/unplumb)?

Hi there,
Is there a Solaris command to show all the network interfaces in a server
(plumb/unplumb etc...).
I have a V880 that has an eri0 on board, plumbed up. It also has a couple
of ge0, ge1, and ce0, and a qfe card.
ifconfig -a only shows eri0.
(I am using something like "dladm show-link", but this is really for
the link-aggregation).
How do I show the remaining network interfaces?
Thanks
Tony

You can see all installed interfaces by running 'grep network /etc/path_to_inst'. An example:
grep network path_to_inst
"/node@1/pci@8,600000/network@1" 0 "ge"
"/node@1/pci@9,700000/network@1,1" 0 "eri"
"/node@1/pci@9,700000/pci@2/network@0" 0 "ce"
"/node@1/pci@9,700000/pci@2/network@1" 1 "ce"
"/node@1/pci@9,700000/pci@2/network@2" 2 "ce"
"/node@1/pci@9,700000/pci@2/network@3" 3 "ce"
"/node@1/pci@9,600000/network@2" 4 "ce"
shows, ge0, eri0, ce0 - ce4

Maximum Number of NICs and Ethernet Ports

Dear Friend,
I am looking into constructing a Sun system with the maximum number of ethernet ports.
Q1: is there a Solaris 8 specific maximum number of ethernet ports that it can support?
Q2: i know you can get quad ethernet cards, but anyone know of cards that offer more than four per card?
Q3: assuming the cards will be PCI, which sun machine offers the maximum number of PCI slots?
I really appreciate your help
many thanks
wagwan

Hi Rukbat
Thanks for your response.
> A1: There isn't any limitation within the OS.
> Your limitations are from the hardware of the system.
Indeed, I did not think there would be a limit from within the OS. I have had a research sun machine with some 12+1 ports, an ol'Ultra-10 actually. i got upto that many ports by using three qfe's and there is one port already on the system (hme0)
>If you have too much packet traffic for your cpu modules
> and RAM, you'll have delays, data corruption, or even
> system panics.
one accepts that there would be delays - naturally. but I am not sure why there would be data corruption or even panics. that to me sounds very very serious.
the ultra-10 seems to be working ok; I never saw it crash once. But I must confess that the traffic load is not THAT high.
> Long time ago, there was a general rule-of-thumb
> for the QFE cards:
> -- one cpu per TWO ethernet ports,
> if the modules are faster than 200MHz.
erm erm I would say that is pretty low, but I would not call myself an expert on this really.
> I'm sure there is a similar suggestion for QGE's and fast
> cpu's in this 21st century.
i would like to think that one modern cpu should be ok for about 10 ports with reasonable traffic load. I am judging this by the old Ultra-10 I have built, beside which I have no supporting evidence.
> A2: There are no Sun-qualified adapters with more than
> four ports per card.
i am surprised at that.
> Third party hardware? you'd be on your own and need
> support from those manufacturers.
yes I agree
> Besides, there is only so much room on the card's
> backplate if you want to actually plug in the wires.
I take your point about the physical space on the backplate. I have found one company that is knocking up 6-port devices, and from what I gather, that is as much as one is gonna get.
> A3: A Sunfire E6900 would be able to be configured for 32
> PCI slots if you configured the system as a single
> domain. An E20k can give you up to 36 slots on a single
> domain, and an E25k can give you up to 72 PCI slots in
> a single domain.
that is a good hint actually. that is the high-end range I think.
in any case, I think the sort of machine I would be looking for is in sun's mid-range of servers. something like a V440, which has 6 PCI slots for use. I could potentially have (6x6)+2=38 ports. It is also capable of taking four 1.593-GHz UltraSPARC IIIi processors, and my gut feeling is that the four processors will be ok to support 38 ports.
I am still open to take advice of course. Indeed I would very much appreaciate further thoughts!
Regards,
bigAl

Using LogicalHostname

Hello
I am Trying to Set up a two-node cluster.
I am pasting the contents of both the /etc/hosts and ifconfig -a output.
Node 1
# cat /etc/hosts
# Internet host table
127.0.0.1 localhost
192.18.75.223 shaw.red.iplanet.com shaw loghost
#192.18.75.223 shaw loghost
#192.18.75.221 telstra # Cluster Node
192.18.75.221 telstra.red.iplanet.com telstra # Cluster Node
192.18.75.155 meadows.red.iplanet.com meadows
# pwd
/usr/cluster/bin
# ls
claccess clreslogicalhostname clsnmpmib libimsinfo2.so scha_cluster_get scshutdown
cldev clresource clsnmpuser pmfadm scha_control scsnapshot
cldevice clresourcegroup clta pnmd scha_resource_get scstat
cldevicegroup clresourcetype cltelemetryattribute sccheck scha_resource_setstatus scswitch
cldg clressharedaddress cluster scconf scha_resourcegroup_get sctelemetry
clinterconnect clrg clvxvm scdidadm scha_resourcetype_get scversions
clintr clrs hactl scdpm scinstall scvxinstall
clnas clrslh haget scdsbuilder scnas scwtadm
clnasdevice clrssa halockrun scdsconfig scnasdir
clnode clrt hasp_check scdscreate scprivipadm
clq clsetup hatimerun sceventmib scrgadm
clquorum clsnmphost libimsinfo.so scgdevs scsetup
# pwd
/usr/cluster/bin
# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
eri0: flags=9000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,NOFAILOVER> mtu 1500 index 2
inet 192.18.75.223 netmask ffffff00 broadcast 192.18.75.255
groupname sc_ipmp0
ether 0:3:ba:2f:8b:6e
qfe0: flags=1008843<UP,BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500 index 4
inet 172.16.0.129 netmask ffffff80 broadcast 172.16.0.255
ether 8:0:20:b6:84:ac
qfe1: flags=1008843<UP,BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500 index 3
inet 172.16.1.1 netmask ffffff80 broadcast 172.16.1.127
ether 8:0:20:b6:84:ad
clprivnet0: flags=1009843<UP,BROADCAST,RUNNING,MULTICAST,MULTI_BCAST,PRIVATE,IPv4> mtu 1500 index 5
inet 172.16.4.1 netmask fffffe00 broadcast 172.16.5.255
ether 0:0:0:0:0:1
Node 2:
# cat /etc/hosts
# Internet host table
127.0.0.1 localhost
192.18.75.221 telstra.red.iplanet.com telstra loghost
#192.18.75.221 telstra loghost
192.18.75.223 shaw.red.iplanet.com shaw # Cluster Node
#192.18.75.223 shaw # Cluster Node
192.18.75.155 meadows.red.iplanet.com meadows
# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
eri0: flags=9000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,NOFAILOVER> mtu 1500 index 2
inet 192.18.75.221 netmask ffffff00 broadcast 192.18.75.255
groupname sc_ipmp0
ether 0:3:ba:2d:0:a7
eri0:1: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4> mtu 1500 index 2
inet 192.18.75.155 netmask ffffff00 broadcast 192.18.75.255
qfe0: flags=1008843<UP,BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500 index 4
inet 172.16.0.130 netmask ffffff80 broadcast 172.16.0.255
ether 8:0:20:bc:c0:cc
qfe1: flags=1008843<UP,BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500 index 3
inet 172.16.1.2 netmask ffffff80 broadcast 172.16.1.127
ether 8:0:20:bc:c0:cd
clprivnet0: flags=1009843<UP,BROADCAST,RUNNING,MULTICAST,MULTI_BCAST,PRIVATE,IPv4> mtu 1500 index 5
inet 172.16.4.2 netmask fffffe00 broadcast 172.16.5.255
ether 0:0:0:0:0:2
Question:
1) If i want to add say another say 4 Logical Host names, to this existing two-node cluster . I ONLY have IP Addresses with me, how do I go about creating 4 More Logical Hostnames ?.
2) How about the interfaces, do I need to do use ifconfig to configure the interface ?
Thanks a lot in Advance

Hi,
logical hosts are usually setup as part of a resource group that defines a highly available service. See this doc for more information: http://docs.sun.com/app/docs/doc/819-0703/6n343k6fu?a=view
In order to make these new IP addresses available for the cluster, you should add them into all(!) /etc/hosts //etc/ipnodes) files, so that they are available even if your nameservice should fail. You must not configure these IP addresses using ifconfig. THe cluster will do this for you once you have configured the logical host as part of a resource group and start it.
BTW: you have configured both cluster interconnects on your qfe card. You could achieve a minimal higher availability by moving one of them to your onboard port and the public net to the qfe card. So, if your whole qfe card should fail, you still have a working cluster interconnect. On the other hand, in that case you would also have no more public net:-( and your service would failover anyway. Hmmm, I havfe to think this through. The docs state that you should spread your cluster interconnects to different NICs.
Hope that helps
Hartmut

Mknod error when pkgadd of SUNWqfed - device is not created

I am trying to install a second quad FE card in a sparcstation 20. There is a quad ethernet card in there right now, which is live.
I ran the pkgadd command to install the SUNWqfed and SUNWqfedu packages. When the SUNWqfed package was being installed I noticed an error
Executing postinstall script
Usage: mknod name [b/c major/minor] [p] failed Postinstall script did not complete successfully.
I uninstalled the package and tried it again but it still failed, and I tried another downloaded copy of the packages with the same error. I also saw that the path_to_install file did not have the entries for the qfe card.
Any idea how I can fix this and install the card?
Thank you
Edited by: HCCS on Feb 7, 2008 1:32 PM

I already have a quad ethernet card in this system and it is the live interface. I tried to physically remove it before installing the package, with the same results.
Also, I was looking at the SUNWqfed postinstall script that was
indicated as where it was failing and the link in points to nothing. There is no clone@0:qfe file to link to.
ln -s ../devices/pseudo/clone@0:qfe ${BASEDIR}/dev/qfe id=`grep "^qfe " ${NAMEMAJOR} | awk '{printf("%s", $2)}'`
mknod ${BASEDIR}/devices/pseudo/clone@0:qfe c 11 $id
The path_to_install file only has entries for the qe interface, nothing for the qfe.
Thanks for your help.

Nettr: ioctl failed: I/O error - when configuring sun trunking

Hello,
I'm having a problem while trying to get sun trunking 1.3 configured. I'm getting the error, "/etc/opt/SUNWconn/bin/nettr: ioctl failed: I/O error" when executing the command, " /etc/opt/SUNWconn/bin/nettr -setup 0 device=qfe members=0,1,2,3 policy=1 lacp=p ptimer=1".
I have an Ultra 80 with an installed qfe card. I can see the instances of the qfe in /etc/path_to_inst, and the card is currently unplumbed.
The installation of Sun trunking 1.3 was fine and I rebooted the system prior to running the nettr command.
Anyone seen this problem before. Any help would be appreciated.

"If I guess correctly you are saying that in order for this to work the switch needs to support aggregation as well?"
Yes. I had to have the four ports on my Cisco setup to accept aggregation. I believe it is because they are being presented with the same MAC address. Here are what my ports look like:
CoreB#show run int gi5/17
Building configuration...
Current configuration : 190 bytes
interface GigabitEthernet5/17
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode dynamic desirable
spanning-tree portfast
channel-group 6 mode active
end
CoreB#show run int gi5/18
Building configuration...
Current configuration : 190 bytes
interface GigabitEthernet5/18
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode dynamic desirable
spanning-tree portfast
channel-group 6 mode active
end
CoreB#show run int gi6/17
Building configuration...
Current configuration : 190 bytes
interface GigabitEthernet6/17
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode dynamic desirable
spanning-tree portfast
channel-group 6 mode active
end
CoreB#show run int gi6/18
Building configuration...
Current configuration : 190 bytes
interface GigabitEthernet6/18
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode dynamic desirable
spanning-tree portfast
channel-group 6 mode active
end

Iws 6.0 web server load question

What are the advantages (if any) of running multiple web server instances (iplanet 6.0 sp4) vs. one server with increased thread count. I'm unclear after reading through documentation what the limits of one iplanet httpd server are...I know you can manupulate threads as needed but how does one process scale with increased load vs. having two on the box?
Can one process handle all the traffic from a 100mb full duplex qfe card (ie, could the card handle the pipe being fully utilized)? It seems to me that if it's threaded than it should be able to...what would another process do that threads can't?
I ask this question because I've got an application coming with these specs:
Top end load capability of 150 hits per second.
13,500 users per day with average 3.6 server interactions per second
And I've got two Sun 280r's with 2 900mhz cpu each sitting behind a load balancer.
TIA

What are the advantages (if any) of running multiple
web server instances (iplanet 6.0 sp4) vs. one server
with increased thread count.Using multiple web server instances (or a single instance with multiple processes) can improve scalability on machines with large numbers of processors, especially when using in-process dynamic content, such as Java Servlets or NSAPI plugins, or when using SSL.
Using a single web server instance with a single process generally results in a more efficient use of resources, particularly memory, and consolidates configuration and administration activities.
Can one process handle all the traffic from a 100mb
full duplex qfe card (ie, could the card handle the
pipe being fully utilized)?A single iPlanet Web Server 6.0 process on the hardware you describe (2 CPU 280R) should be able to saturate a 100Mb link when serving unencrypted static content. Using multiple processes would not improve performance in this situation.

Ipfilter & zones w/ qfe cards

Similar Messages

Maybe you are looking for