Rule for Control Plane traffic Transparent Firewall

Similar Messages

• Create settlement rule for Maintenance plan

  We have a requirement to create a maintenance plan and assign a settlement rule to the same. I was able to create the maintenance plan using MPLAN_CREATE. I created the settlement rule using the function module K_SRULE_SAVE_UTASK. My problem is when I go to IP03 to check if the settlement rule has been created for the maintenance item, it is not found. When I go to IP02 and click on create and go into the settlement rule maintenance screen, I'm able to see the settlement rule created using the function module.but in the MPOS table, I don't see the indicator IND_ABRVO ( settlement rule indicator ) being maintained.
  Can you please help in finding out what I'm missing.
  Edited by: Sujay Venkateswaran Krishnakumar on Dec 31, 2009 11:34 AM

  Sri Vas,
     Is this specific to a particular WBS element or does it happen for ANY WBS element? The WBS element may not have been setup properly.Check the same WBS element directly by going to the WBS element change transaction.Also check the account assignment and status of the WBS element that Ramesh had suggested. If the WBS element has been defined properly,Try changing the settlement rule to a cost center  and see if you still get this error.
  Regards
  Narasimhan

• Control Plane Policing (CoPP) for Data Center

  Hi All,
  I am planning to apply CoPP on different routers and switches of Data Center. This Data Center comprises of Cisco 6513 (VSS), Catalyst 3750, Cisco 3845 and Cisco 2811.
  My question are:
  1. Do we have to apply CoPP on Catalyst 3750, as these are DMZ switches only?
  2. How to find the packet processing rate from router and switches?
  3. Any best practices CoPP template for routers running OSPF and BGP?
  Thanks and Regards,
  Ahmed.

  1. You would need to apply CoPP to all routers/switches that are 
  manageable from untrusted sites. So even if you have non-DMZ switches 
  that will be able to be telneted to from the outside for example, 
  CoPPing them would be helpful for you.Do we not need to apply
  CoPP on switches and routers that are not telneted from outside?
  Control plan traffic is traffic that goes to the control plane of the router like management traffic, snmp etc. If there is a firewall securing you from the outside I would feel my switches are more secure and it is not easy to bring them to their knees with an attacker doing too much from the outside. Control plane policing applies to all control plane traffic, but it is mostly against outsiders that someone would try to protect himself.
  2. "sh proc
  cpu" would give you some  insight for processes like ssh or telnet and
  how much the take. Not  control packet rate processing though.I
  want to know the maximum packet processing rate of a router or switch?
  I don't think you will be able to pull that number.
  3. Depends
  on how powerful the  router is, how many commands you are running, how
  much route processing  is going on.Best practice for a router
  running OSPF with 200 routes?
  Don't know of any.
  PK

• Control Plane and Data Plane

  Hi there,
  I'm trying to figure out how to determine and how to differentiate between control plane and data plane especially in troubleshooting MPLS VPN. Any keyword that distinguish between them? It seems to be confusing for a newbie here :)
  Thanks in advance.
  maher

  Hi Maher,
  The control plane is simply the set of processes that are responsible for disseminating information on routes, labels etc within a network. This includes routing protocols whose job is to communicate information on routes between different routers. The information provided by these protocols is then used to building routing/forwarding tables.
  The data plane is simply an abstraction used to describe the actual flow of data packets using paths determined by the control plane. The control plane traffic carries control traffic (which is not end-user data) whereas the data plane traffic is actual end-user data.
  There is no single command that you can use to distinguish between the two. The commands you have on a router that can be used to view control plane operation are as such:
  sh ip route
  sh ip cef
  sh ip bgp ...
  sh ip ospf ...
  sh mpls forwarding-table...
  etc... and many, many more
  Typically, there isn't a clear demarcation between commands that display control plane info and those that display data plane information... You could use commands such as the following to get some idea of data traffic flowing through a router:
  sh interfaces
  sh policy-map interface
  etc.
  Hope that helps - pls rate the post if it does.
  Paresh

• Settlement rules for CO Orders

  Hi Guru, need your help to set up new settlement rules for CO Orders, to different plan versions. Can this be done in a massive way?

  Hi...
  Firstable, you have to create all plan version in the Controlling area, and activate the CO integration planning.
  You can create many settlement rules for each plan version but individually on the transaction KO02 -> Settlement Rule -> New rule...
  If you want to creat it automatically, maybe you can try to create a LSMW for this transaction. There are masive modification for other field to internal orders (Transactions KOK2 and KOK4)
  Regards,
  Karim

• Check rule in invoice plan

  Hi,
      please revert back , how i should create the "Check rules" for invoice plan. and cutomizing "Terms of Payment key" (tcodes).
  Thanks&Regards,
  Benge

  Hi there,
  Please look at the documentation on how to set up the duplicate invoice
  check -
  SPRO ->
     MM ->
      LIV ->
       Incoming invoice ->
        Set check for duplicate invoices
  Please also see note 394316.
  Please understand that the standard 'duplicate invoice check' looks at       
  the following fields.                                                        
  1) Company code....Configurable     4) Currency.....Always checked           
  2) Document date...Configurable     5) Vendor.......Always checked           
  3) Reference.......Configurable     6) Amount.......Depending on             
                                                      Reference field          
  Only the Company code, Document date, and Reference fields are               
  configurable in transaction OMRDC as to whether or not the system looks      
  at these three fields along with the Currency, Vendor, and Amount.           
  If they are checked, the duplicate invoice check considers them.  If         
  none are checked, then the system only looks at the Currency, Vendor,        
  and Amount.                                                                               
  If you activate the reference document number in IMG,                        
  Depending on the reference document number entry,the system checks           
  as follows:                                                                               
  1. If you have entered a reference document number,the system checks         
  whether the invoice matches in the following attributes:                     
     Company code                                                              
     Vendor                                                                    
     Currency                                                                  
     Invoice date                                                              
     Reference document number                                                                               
  2. If you have not entered a reference document number, the system           
  checks whether the invoice matches in the following attributes:              
     Company code                                                              
     Vendor                                                                    
     Currency                                                                  
     Invoice date                                                              
     Amount in document currency                                                                               
  Depending on the system settings, a warning message or an error              
  message appears if the system finds an invoice that matches all              
  attributes.                                                                               
  Please also keep in mind:The field Chk double inv. (Check for duplicate      
  invoice) must be flagged on the Accounting view in the vendor master         
  record.                                                                               
  The check is done in FM MRM_DUPLICATE_INVOICE_CHECK so you may be  
  able to look at it closer through the code                         
  From release 4.7 or higher, BADI MRM_HEADER_CHECK is available to  
  make such check ( note 1156325).                                   
  Hope this helps.
  Regards,
  Matthew

• Control Plane POLICY

  Hi,
  I did configuration for CCP on sw 4500 but it do the process cpu to grow up. On normal case the process is about 25% but when i configure the policy for control plane the cpu is about 40% and has peaks over 80%.
  Please help me
  thanks.

  Hi!
  It interested for me too!

• IPv6 for management and control plane on WLCs and LWAPs

  Good morning, everybody!
  I am trying to find answer to a question that has been previously asked by people but never successfully answered
  The question is about IPv6 support on Cisco Wireless LAN Controllers and access points... Does Cisco have a roadmap to include support for IPv6 used in CAPWAP, control plane and management? There are couple of posts on this topic that do not unfortunately provide any answer to this point.
  https://supportforums.cisco.com/message/3018843
  https://supportforums.cisco.com/docs/DOC-15667
  Infamous "Cisco IPv6 Solution" at http://www.cisco.com/en/US/partner/technologies/collateral/tk648/tk872/tk373/technologies_white_paper_09186a00802219bc_ps6553_Products_White_Paper.html briefly states "Wireless Solutions... In future, IPv6 control plane features may get added to those components."
  Has anyone heard of any more specific roadmap for IPv6 support for CAPWAP, control plane and management on WLCs and LWAPs?

  Full ipv6 support will never be available on the Wism and 440x controllers because they have a NPU to forward traffic and it was not designed with ipv6 in mind.
  The 5508 and Wism2 and all new controllers all have CPU based forwarding and ipv6 is coming in next releases.
  WLC 8.0 is only for december 2011/2012 and I have to say I don't know if it will support native ipv6.
  my 2 cents

• Control Plan for FMEA

  Hi,
  I created control plan using QPCP transaction. I clicked on FMEA Tab and assigned the FMEA in the control plan. The traffic light status is coming in red. Kindly let me know where i am going wrong.
  Regards,
  Pragalathan

  Hi,
  This is because of Non transfer of Characteristics from FMEA to Control Plan...
  Refer below link for process:
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/0063c232-199e-2c10-5482-eed82c19b416?quicklink=index&overridelayout=true
  Check & revert.
  Regards,
  Anup

• Error to connecting business rules for Planning application outline

  Hi all,
  I recently migrated database schemas from uat to prod.i configured evrything successfully.when
  I loged into EAS console with user(other than admin)that user has all acces to create business rules,
  I tried to create new business rule to select planning application.
  I am getting this error" error connecting to essbase server<servername>:<appname>
  in error details "error connecting to pllanning server<servername>:<appname>"
  and "error loading objects from data source:java.sql.SQLException: [Hyperion][Oracle JDBC Driver]Object has been closed."
  Please anybody help on these
  regards
  vas

  hi john,
  we are using hyperion planning 9.3.1.1.11 version,
  we were new installatalled Production server and configured,but i did not test the business rules in production server,
  next my DBA exported Oracle Dabase Schemas from UAT server to Production sever those scema names are same in UAT and Production server,so my DBA droped The Schemas in production and replaced the UAT scemas in production server,
  After i manually configured the production server with Migrated scemas, in configuration i changed the server names with production sever and Database names while configuration ,Hyperion planning datasource names are same in UAT and Production ,i manually edited the server names and Database names, i configured to For EAS ,Shared Services,Planning
  Everything configured sucessfully,i am able to log on to application Planning url,and refreshed everything,
  But i am logon to EAS console, i tried to create the Business rule with associate Planning Application I am getting this error Connecting to essbase server<server name>:<appname>
  In error details "error connecting to pllanning server,servername>:<appname.
  and error loading objects from datasource:com.java.sqlexception;[hyperion][oracle jdbc driver]object has been close.
  please help on these
  thanking you
  srini

• Plan settlement rules for internal orders

  Hi all,
          I am having a problem in setting up plan settlement rules for the internal orders. I have created a order and tried to set up a plan settlement rule. I am trying to settle the order to a Profitability segment PSG category. Everything is fine until here. Then when I am trying to change the profit center in the Profitability segment it is greyed out. I am unable to change it. This is not the case with actual settlement. In actual settlement you can change the profit center in the settlement rule but not in case of plan settlement. Can someone please help me in this. I need to change the profit center in the plan settlement rule. This is very urgent.
  Many thanks,
  Sarada

  Hi,
  Please check if it has any planned values already posted on this order already.  In this case, unless these values are settled it will not allow you to change the profit center.
  Also, the reason for the allowing a change of profit center in actual settlement rule might be that there are no actual values posted in the order.
  Good luck!!!
  Thanks and Regards,
  Bhuvaneswari.S

• Does Firefox respect user account control rules for windows xp sp3, anything to do specifically to enable that ?

  xp sp3
  1.5g R / 2.46g P4
  <u>edit information copied from System Info troubleshooting: </u>
  More Information
  *1)Does Firefox latest version obey/confirm to the rules for user account control for windows xp sp3 ?
  * 2)Need I do anything specific at the time of installation and/or setting up/configuring preferences ?
  *3)Or do I need to install Firefox separately for the limited users or in each users account ?
  *4)Would it be possible/desirable/necessary to install it directly into some folder of the user other than the common program files folder ?
  *5)In any of these situations, should I or should I not make the installation with 'Run As' admin privilege.
  *6)If I install separately for the user/s, with/without admin privileges, will the install write to , or enable user activity to write to, the other common windows folders(where user write is otherwise disallowed).
  Please kindly clarify. I am waiting for an answer before I reinstall Firefox and a lot of other apps(these were done earlier before creating the user accounts. Please note that I do not mind installing separately for any/all users. But security will be my preference as much as possible(PARANOIA). I am having to deal with a couple of users who cant understand all this and the folks are too old to understand.
  Thanking you in anticipation
  neoser
  ------------

  A far as I recall from when I did use XP the procedure was to install Firefox using an Admin account, preferably the Administrator account.
  By doing that the Firefox installer would create Firefox within the programs directory. And each separate user account could then use Firefox. Importantly each user account has a Firefox profile and so have their own separate and individual bookmarks, cookies, passwords, cache etc.
  IIRC UAC was not available for XP. Permissions and what you could do would also differ; I seem to remember; depending on whether it was using FAT or NTFS. In some setups a knowledgeable admin account user could probably fully access any other account.

• Do you know a unicast protocol for the Ethernet control plane?

  Hi,
  Does anyone know a protocol for the Ethernet control plane which has a unicast destination address?
  MVRP, MMRP, MSTP, RSTP, all these protocols have a multicast reserved destination address.
  Perhaps we have to look non-802.1Q control plane protocols.
  Best regards,
  Michel

  Hi Peter,
  > I wonder if any of the OAM protocols, especially the one providing the loopback/ping test is unicast-based.
  In G.8013 (07/2011) section 7.3:
  "The Ethernet loopback function (ETH-LB) is used to verify connectivity of a MEP with a MIP or
  peer MEP(s). There are two ETH-LB types:
  • Unicast ETH-LB.
  • Multicast ETH-LB".
  > In any case, think of LOOP frames sent by Catalyst switches to detect  self-looped ports. In these frames,
  > the source and destination MAC  address are set to the unicast MAC of the egress port.
  As I said above, it's a good case for my little study.
  The LOOP frame, from Cisco, was certainly interesting and important before 2004.
  Since 802.3ah-2004 we have the OAM remote loopback (in link OAM, and not network OAM as ETH-LB).
  Best regards,
  Michel

• ATP Rule for Planned Orders

  Hi Experts,
  I have configured the ATP rule for Planned Orders. So I only want to check the component stock and Production Orders when running ATP check for the Parent Material.
  In OPJJ, I only selected the following options.
  Include Safety Stock : Ticked
  Check without RLT : Ticked
  Incl.production orders : X (Take all production Orders into account)
  No other options or boxes have been selected
  Also I have included the relevant Checking group in MRP 3 for the Parent Material (Checking Rule has been assigned to that Checking Group in Config) and also maintain the Plant Parameters for MRP (assign the checking rule to the plant)
  So, For an example :
  Parent : A
  Components : B and C
  Parent Material A has only 5 Planned Orders starting on same day 20.05.2014 each qty 5
  Components B got stock 300
  Components C got stock 1
  When I ran ATP Check for the Parent material A using COHV, qty 1 has been allocated to all the planned orders as committed. Why is this happening ?
  I also checked in CO09 for the Component Material C, and it says ATP Qty is only 1. I expected the system would allocate that stock 1 to one of the Orders but it seems to be not working as I expect.
  Any explanations will be much appreciated and will not hesitate to avoid the points.
  Kind regards,
  Ishara

  Hi DB49,
  Appreciate your reply. Please see the following comments.
  Right now I have been assuming that you have performed an availability check manually for one of the planned orders, and you got the same results (overconfirmation).  Please confirm.
  Yeah I have performed for one order and it gave me the same result.  Also, when I perform for the 2nd Order, it allocates the quantity.
  OK, basic things you should already have checked:
  You have maintained the checking rule for planned orders (OPPQ or OPPR)
  You have maintained the ATP group for the materials (OVZ2)
  You have assigned the ATP group to the Material Master of the components (MM02)
  You have maintained the scope of check according to the rules you mentioned earlier (OPPJ).
  You have no planning strategy in the component material that would have invoked a special ATP.
  I checked everything apart from point 2 (OVZ2). I have maintained that via MRP Group and that MRP Group has been linked to Master Data (MRP 3)
  Really appreciate your support in this.
  Kind regards,
  Ishara

• Why is CSS rule for NavDiv controling CSS rule for ContentDiv?

  Help Please.  CSS rules are controling my layout and I cannot add a list into my content.
  The CSS rule for my NavigateDiv appears to control the List in my ContentDiv and I cannot get the ContentDiv list to format.
  css file: http://swilkins.free0host.com/roswell/roswell.css
  html file:http://swilkins.free0host.com/roswell/attractions2.html
  I want to put a list under State Parks in the ContentDiv
  What is required to have the contents CSS not controlled by the navigate ul, li CSS?
  Using Dreamweaver CS4, Windows Vista
  I posted this yesterday and was requested to post my files.  I did so, however didn't receive a response.
  Thanks in Advance

  Change this:
  #navigate ul, li {
       float: left;
       list-style: none;
       margin: 0px;
       padding: 0px;
       display: block;
  To this:
  #navigate ul, #navigate li {
       float: left;
       list-style: none;
       margin: 0px;
       padding: 0px;
       display: block;
  And you have a few validation errors in your code. Use these on-line code validation tools.
  HTML Validator - http://validator.w3.org
  CSS Validator - http://jigsaw.w3.org/css-validator/
  Nancy O.
  Alt-Web Design & Publishing
  Web | Graphics |  Print | Media Specialists
  www.alt-web.com/
  www.twitter.com/altweb