Maintaining source IP address

Similar Messages

• Tracing TCP Source/Destination Addresses/Ports for ongoing connections

  On Solaris 10 U4 through U7, I'm trying the following just to perform basic tracking of TCP source/destination addresses and ports, using code similar to what is available in tcpsnoop_snv and tcptop_snv.
  The odd thing is that the addresses/ports appear to be zeroed out - are they being cached outside of the conn_t data structure?
  #!/usr/sbin/dtrace -Cs
  #pragma D option switchrate=10hz
  #pragma D option bufsize=512k
  #pragma D option aggsize=512k
  #include <sys/file.h>
  #include <inet/common.h>
  #include <sys/byteorder.h>
  #include <sys/socket.h>
  #include <sys/socketvar.h>
  /* First pass, for all TCP Read/Write actions, collect source/destination
     IP + Port - after a few secs, print them all out */
  fbt:ip:tcp_send_data:entry
    /* Outgoing TCP */
    self->connp = (conn_t *)args[0]->tcp_connp;
  fbt:ip:tcp_rput_data:entry
    /* Incoming TCP */
    self->connp = (conn_t *)arg0;
  fbt:ip:tcp_send_data:entry,
  fbt:ip:tcp_rput_data:entry
  /self->connp/
    /* fetch ports */
  #if defined(_BIG_ENDIAN)
    self->lport = self->connp->u_port.tcpu_ports.tcpu_lport;
    self->fport = self->connp->u_port.tcpu_ports.tcpu_fport;
  #else
    self->lport = BSWAP_16(self->connp->u_port.tcpu_ports.tcpu_lport);
    self->fport = BSWAP_16(self->connp->u_port.tcpu_ports.tcpu_fport);
  #endif
    /* fetch IPv4 addresses */
    this->fad12 =
      (int)self->connp->connua_v6addr.connua_faddr._S6_un._S6_u8[12];
    this->fad13 =
      (int)self->connp->connua_v6addr.connua_faddr._S6_un._S6_u8[13];
    this->fad14 =
      (int)self->connp->connua_v6addr.connua_faddr._S6_un._S6_u8[14];
    this->fad15 =
      (int)self->connp->connua_v6addr.connua_faddr._S6_un._S6_u8[15];
    this->lad12 =
      (int)self->connp->connua_v6addr.connua_laddr._S6_un._S6_u8[12];
    this->lad13 =
      (int)self->connp->connua_v6addr.connua_laddr._S6_un._S6_u8[13];
    this->lad14 =
      (int)self->connp->connua_v6addr.connua_laddr._S6_un._S6_u8[14];
    this->lad15 =
      (int)self->connp->connua_v6addr.connua_laddr._S6_un._S6_u8[15];
  /* At this point, this->{f|l}ad1{2345}->connua_v6addr.connua_{f|l}addr._S6_un.S6_u8
      are empty - where is this data? */
  }

  http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v7.50/command/reference/CmdGrpC.html#wp1139667
  portmap [base-port base_number|disable|enable|number-of-ports number|vip-address-range number]
  disable
  Instructs the CSS to perform Network Address Translation (NAT) only on the source IP addresses and not on the source ports of UDP traffic hitting a particular source group. This option does not affect TCP flows.
  For applications with high-numbered assigned ports (for example, SIP and WAP), we recommend that you preserve those port numbers by configuring destination services in source groups. Destination services cause the CSS to NAT the client source ports, but not the destination ports.
  Note If you disable flows for a UDP port using the flow-state table and configure the portmap disable command in a source group, traffic for that port that matches on the source group does not successfully traverse the CSS.
  The CSS maintains but ignores any base-port or number-of ports (see the options above) values configured in the source group. If you later reenable port mapping for that source group, any configured base-port or number-of ports values will take effect. The default behavior for a configured source group is to NAT both the source IP address and the source port for port numbers greater than 1023.
  There is no possibility to disable it for TCP.
  We need to source nat the port to guarantee that the server response comes back on the same module/CPU and the internal packet allocation algorithm is based on src and dst ports.µ
  Gilles:

• Ip igmp snooping querier on Nexus, what source IP address to use?

  Am looking at a problem with servers in the same vlan across multiple switches that are unable to communicate using multicast. I have found that in the systen I'm to set up I need to apply the ip igmp snooping querier command, in the vlan, but it needs a source IP address.
  Different documents make conflicting recommendations for this address, one suggests that any unused address will do, another suggests to use the IP address that is configured on the SVI for the vlan.
  Which is correct?

  Eventually I had to ask Cisco TAC, the response was that any IP address within the subnet could be used. The recommendation was to allocate an unused address in the vlan subnet for this purpose, use the same address on multiple switches should resiliance be required.

• ISCSI Initiator favourites revert to using the IPv6 or the apipa IP address from other NICs instead of the source IP address that I specified

  Windows 2008 R2
  ISCSI Initiator favourites revert to using the IPv6 or the apipa IP address from other NICs instead of the source IP address that I specified. 
  When I manually connect to multiple targets and specify the correct ISCSI source IP address, I check the favourites and everything looks okay. But when the server is rebooted I check the favourites again and the source IP is now referencing the IPv6 and
  sometimes the apipa address. 
  I have unbound IPv6 from the ISCSI NICS but this has made no difference.
  Can anyone explain why this is happening?
  Although the server still reconnects to the storage oaky, I’m concerned that if a path goes down that is might try to use the wrong interface to re-establish a connection.
  Thanks.  

  Hi,
  IPV6 is supported with MS iSCSI. Do you have Multiple Connections per Session (MCS) configured? Is your storage configured to use both IPv4 and IPv6?
  If yes, please see if http://support.microsoft.com/kb/2014131 helps.
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• How to change the source ip address

  hi all,
  i got the problem that how to change the source ip address when i
  get a website's page!
  i mean i want to change the source ip address when i access the
  remote website, sure i know when change the source ip, i can not get
  the result correctly when changing the source ip address, but it is not
  important to get the result i just want to send out a "click" event to the website by calling a post method in the site!
  does anybody have some ideas?
  Best Regards,
  Eric Gau

  Here's some code that connects to google and does a get:
  import java.io.*;
  import java.net.*;
  public class HTTPTest {
      private Socket sock;
      private BufferedReader in;
      private BufferedWriter out;
      private boolean running = false;
      HTTPTest() {
      private void go(String site) {
          try {
              sock = new Socket(site, 80);
              in = new BufferedReader(new InputStreamReader(sock.getInputStream()));
              out = new BufferedWriter(new OutputStreamWriter(sock.getOutputStream()));
              System.out.println("Connected");
              out.write("GET / HTTP/1.1\r\n\r\n");
              out.flush();
              doRead();
          } catch (IOException e) {
              e.printStackTrace();
      private void doRead() {
          running = true;
          String line;
          System.out.println("Read started");
          while (running) {
              try {
                  line = in.readLine();
              } catch (IOException e) {
                  e.printStackTrace();
                  line = null;
              if (line == null) {
                  running = false;
              } else {
                  System.out.println(line);
          System.out.println("Socket closed");
      public static void main(String [] args) {
          String site;
          if (args.length > 0) {
              site = args[0];
          } else {
              site = "google.ca";
          new HTTPTest().go(site);
  }

• Redirect based on source IP address????

  I have a site that I don't want our competitors to view! By
  tracking code, I have managed to obtain their source IP addresses.
  After looking around, there is a .php solution to my problem
  but my host is not well suited to .php files (although it does some
  processing).
  My pages are in .shtml (to process css drop-down menus
  correctly) and I understand that this attached code, if put at the
  top of the page before anything else, will work.
  I have managed to get one working
  http://www.donbur.co.uk/gb/newindex.php
  but am having difficulty getting this code to work elsewhere.
  The problem is, when I try to put this code into either a
  template or as an include, it won't process correctly or the page
  won't render at all.
  Do I have to use .php files or can I insert php script into
  an .shtml document.
  Getting really confused now.... HELP

  Thanks for the constructive advice...
  quote:
  >After looking around, there is a .php solution to my
  problem but my host is not well
  >suited to .php files (although it does some processing).
  What does this mean? Does your hosting plan include php
  support or not?
  You can't just put a php script into any page. It needs to be
  a .php page or you need to reconfigure the server to parse other
  pages for php. But if your hosting plan doesn't support php then it
  won't work in any case.
  My host is BT Internet and they claim not to process .php
  files which is why our main .php site is hosted elsewhere; however,
  it seems that, although it has difficulty (to clarify: doesn't
  render) with main full scripts, it does seem to process simple
  <?php echo commands for example.
  It has been suggested on another forum that the .shtml files
  are set to be recognised by .php in the cpanel but our host will
  not do this...
  Our competitors are not particularly smart or up-to-date and
  this would have been reasonably effective; however, I bow to better
  judgement and close this topic.

• Load balancing based on source IP address

  Hi,
  I configured a CSS to balance the load depending on source IP address to suppport a application feature in the server.
  We have two firewalls and behind we have different users. We have also two servers behind the CSS.
  Firewalls perform NAT with a unique outside IP address. So, for example, in these conditions the CSS balances requests coming from FW 1 to server 1 and requests coming from FW 2 to server 2. Is it correct this scenario?
  Is it possible that requests coming from FW 1 could be forwarded to Server 2 and viceversa?
  Could anyone answer me?
  Thanks in advance.
  Best regards.
  Giuseppe.

  Giuseppe,
  it all depends on how you configured your CSS.
  Did you use an ACL to force traffic from SRC1 to server1 and traffic from SRC2 to server2 ?
  Or did you simply configure sticky based on source ip or a source ip hash loadbalancing ?
  Except the ACL, all other methods do not guarantee that the traffic will be splitted in 2.
  Gilles.

• Route call based on source IP address

  Hello Guys,
  Is there a way to route calls based on source IP address?
  I want to redirect calls to specific queues based on the ip of the phone who's starting it.
  Any ideas?
  Thanks in advance.
  Filipe Leite                  

  Hi Filipe
  I'm assuming here that you are using CallManager rather than CME?
  One option might be to use the 'device mobility' feature to assign a specific CSS to devices based on their IP subnet. That CSS could have the appropriate partitions to route to a seperate trigger that directs calls to a separate CSQ.
  Of course, whether you can do this depends on whether it would be appropriate to override the device CSS in this way.
  Aaron

• Log connection attempts and source IP address for connections that fail/timeout on RADIUS

  How can I log the connection attempts and source IP address for connections that fail RADIUS authentication?  I'm using RD Gateway on 2012 R2 in conjunction with Azure Multi-Factor Authentication Server on another 2012 R2 server.  When a user fails
  multifactor authentication or the authentication times out, all I get is Security event 6273 on the RD Gateway that the radius server did not process the request, and only the radius server's IP is logged.  There's nothing logged in TerminalServices-Gateway\Operational
  because the TS Gateway hasn't yet processed the connection attempt (all auditing options for RD Gateway are enabled).  The MFA/Radius Server is only logging the connection from the TSGateway - it doesn't know the original client's IP address.
  I'm looking for the equivalent of an IIS log - somewhere the RD Gateway should log the initial HTTPS connection attempt and the source IP address of the client.  I need to be able to track down potentially fraudulent login attempts. 

  Hi,
  Thank you for your posting in Windows Server Forum.
  This error might be caused by one of the following conditions:
  •  The user does not have valid credentials
  •  The connection method is not allowed by network policy
  •  The network access server is under attack
  •  NPS does not have access to the user account database on the domain controller
  •  NPS log files or the SQL Server database are not available
  To perform these procedures, you must be a member of Domain Admins.
  Please check for more information:
  Event ID 6273 — NPS Authentication Status
  http://technet.microsoft.com/en-us/library/cc735399(v=ws.10).aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• BP - Maintain Ship to address

  Hello friends,
  I have to maintain SHIP to address in SRM system.
  BP is the transaction code for this. I have a input file in excel format. So I am planning to do a BDC for this. I am wondering if BDC is suitable for this approach or would there be any other method for this.
  Any Function Module or BAPI.
  Any help ont this wpuld be of great help to me.
  Ster

  Hi,
  This FM will serve  the purpose.You just need to know the BP id of the ORG for which you ned to create the ship to addressess.
  Also see this related thread for more details:
  Re: Mass creation of delivery address
  BR,
  Disha.

• Please first maintain vendor's address

  hi Experts,
  While doing ME41. I found this emails. I check in XK02.but dont know how to find..
  Please first maintain vendor's address
  Message no 06043
  Kindly reply..
  regards
  Babar

  Hi,
  Please check the below link with Point no : 20
  http://help.sap.com/saphelp_ides/helpdata/en/fd/45c39e9d6411d189b60000e829fbbd/content.htm

• Source URL/Address - Hazel

  Hazel is not supporting my credit card so I cant get it. But in the trial version Hazel has this property "Source URL/Address" which is the same information as "Where from" value in "Get info" in the contextual menu of a file. 
  Does anyone know how to access this Where from value through AppleScript? If Hazel can do it why cant AppleScript?

  Hi
  set the_path to POSIX path of (choose file) as string
  set the_where_froms to (do shell script "mdls -name kMDItemWhereFroms " & quoted form of the_path)
  Hope this helps.
  H

• Question to Maintaining Source System IDs

  We go to RSA1, and choose Assignment source system to source system ID in toolbar, system display source system ID field and Source system ID text field. So the question to this activity is that is this Source system ID flexible, not fixed.
  1) E.g.in our case BW source system call THTCLNT100, so could we just use TH100 as source system.
  2) Once we create one source system in BW system under Source system Tab, should we also follow this steps, namely Maintaining Source System IDs for this new created source system?
  Thanks for the answer.
  Edited by: hi ni on Apr 14, 2008 5:39 PM

  Hi,
  as far as I know, the id can only be a character of length 2 so in your case just TH or T1 or something else. It's normally up to you. Once maintained it cannot be changed anymore.
  regards
  Siggi

• Doing Source IP address NAT. Using 1 address vs using many

  I have a few implimentations where I am using source groups to do NAT on the client's source IP address. It is possible to always translate the source IP address to the same one, or to have it be different depending on the content rule you hit.
  Is there any advantage of one over the other?

  Thanks for the thoughts. I am aware of the content rule limitation, and actually, (depending on your definition of PAT vs NAT) the CSS can do NAT of the source IP address using source groups and an ACL. It can translate the source IP address of an incoming packet from a client into a different IP address. You don't really have a pool of addresses like you do on a Cisco router, you can specify a single IP address to translate the source address to, or different ones depending on the content rule you hit, so it is kind of like NATing with overload on a router. I am doing it now.
  The basic steps for doing NAT on the source(I.E.-Client's) IP address are:
  group [groupx]
  ip address [source address you want to change client IP to]
  active
  acl 1
  clause 10 permit any any destination [VIP of content rule] sourcegroup [groupx]
  apply circuit-(VLANx)
  If the inbound packet on VLANx matches all the criteria in the clause statement, the "sourcegroup" part of the clause statement links you to the ip address that you want to NAT your client's source address to.
  You can build on this and make it as fancy as you like, even translating the source address to different addresses depending on the content rule you hit. I'm just wondering if there is an advantage of using many different IP addresses over using just one.

• VRF selector using PBR or Source IP address

  Could anyone can tell which is the better choice of VRF selector using PBR or Source IP address? From Cisco doc, VRF selection based on Source take advance over PBR. My feeling is that PBR may match more criterias than just match source IP address.
  Thanks

  I would personally use the "VRF selection based on source IP address" only where the "VRF selection using PBR" is not available since the latter is a superset of the former.
  Hope this helps,