SG300-20 behind firewall with two vlans
Hello,
i have the following network running: see attachment. The switch has two VLANs, one for the 10. network, the other should be for the 192. network. Now i want to access 10.0.1.11 from 192.168.178.1 but i get blocked by the firewall. The switch is now in the 192.network, but i want to connect the 10.* ports directly to the router. I am grateful for every hint.
Best regards,
Rome
I would recommend adding a 2nd vlan interface to your firewall, and enable inter vlan routing on the firewall.
It would be good to set a different network segment between the router and firewall,
It would look something like this.
router --> firewall vlan1 -->switch vlan1 -->192.168.178.x clients
firewall vlan10 -->switch vlan 10 --> 10.0.1.x clients
You don't say what the router or firewall models are, or the subnet masks...
The default gateways for the clients would point to the firewall, and it would do intervlan routing.
Or:
You can do intervlan routing on the switch.
set the switch in layer3 mode (this will factory reset the switch). Set up the 2 client vlans, including dhcp with default gateways for the clients pointing to the switch.
select a different network segment for the firewall to switch connection (say 192.168.180.x)
add a route, rules, and nat statements in the firewall for both networks 192.168.178 and 10.0.1.x.
add a default route in the switch pointing to the firewall.
that would look something like
router - firewall -(192.168.180.x) - switch - vlan 10.0.1.x
\- vlan 192.168.178
This would put the inter vlan routing load on the switch instead of the firewall.
you can also call in to the small business TAC and request assistance 866-606-1866 in US and Canada. These devices come with 1 year free tech support.
Hope this helps,
Dan
Similar Messages
-
Connectig an AP1131 act as WGB to AP root with two VLANS and two SSIDs
Someone Knows, if I can connect an AP 1131 configured as WGB to other AP 1131 acting as root with 2 Vlans and 2 SSIDs, and pass all of them to the WGB ethernet port, a mean, passing the traffic from the 2 differents VLANs with two differnts IP range from the ethernet AP root port, to the ethernet WGB port.
Thanks.Unfortunately it will not play. AP as a WGB can cary only one (native) VLAN. For interconnecting more VLANs you need a full wireless bridge but it cannot be AP11xx.
-
___How to access database behind firewall with JDBC___
How to access a database behind a firewall? I have an applet that runs from a server behind that firewall. I can make applet-servlet-database calls, but I cannot make applet-database calls. Therefore, I must go through servlets.
This causes a problem as the ResultSet object is not serializable. I have found two solutions using a search.
1) Store info into a Vector and transmit the vector. This option will take up a huge amount of time with large ResultSets.
2) Used sun's CachedRowSet which is serializable. I read the liscence under the CashedRowSet, and it does not allow use for "productive and commercial" use.
Does anyone have any other suggestions I am missing?I'm pretty sure there are other implementations of CachedResultSet out there that don't have the licensing restrictions on them, so maybe you could hunt down one of those.
As far as storing it in a Collection of some kind, I've never found a huge performance problem in doing so. When iterating through the ResultSet anyway, the additional cost of placing data in a different structure is minimal, even on larger results. -
OVM 3.0.3 - cannot add new server to VLAN group with bonded VLANs
I have a new OVS 3.0.3 server built with 2 bonded interfaces and a single VLAN running on top for the management interface. It gets discovered fine by OVM Manager (I'm running Version: 3.0.3.126, Build: 20111214_126)
I am trying to add it to a VLAN group with two VLANs -- the existing management VLAN (ID=300) plus one other (ID=301). (I already have one identical server assigned to the VLAN group, with both VLAN interfaces configured and running fine.) This works OK, and I can see VLAN 301 for the new server in Oracle VM Manager with no IP address assigned to it.
However, when I try to apply an IP address to the VLAN (via Hardware / Resources / VLAN Groups / Edit VLAN Group / Configure IP Addresses / VLAN Interfaces) it fails with this error:
Job Internal Error (Operation)com.oracle.ovm.mgr.api.exception.FailedOperationException: com.oracle.ovm.mgr.api.exception.FailedOperationException: OVMAPI_4010E Attempt to send command: dispatch to server: whyovmprd02 failed. OVMAPI_4004E Server Failed Command: dispatch https://?uname?:[email protected]:8899/api/1 ovs_br_config start 0004fb0010be2df bond0.301, Status: org.apache.xmlrpc.XmlRpcException: exceptions.RuntimeError:Command ['/etc/xen/scripts/ovs-network-bridge', 'start', 'bridge=0004fb0010be2df', 'netdev=bond0.301'] failed (1): stderr: ovs-network-bridge Start: No such device bond0.301
Oracle VM Manager seems to be expecting the subinterface for VLAN 301 to exist on the server already - which it doesn't of course, because the server has just been built, so it only has its management interface VLAN in place (VLAN ID 300)
I have managed to work around this by removing VLAN segment 301 from the VLAN group completely, then adding it back in with the IP addresses for both servers in place. This seems to convince Oracle VM Manager that it needs to create the bond0.301 subinterface before it configures it. However, I obviously had to shut down all VMs to do this, and it was really messy as VLAN 301 is the storage network, so my original server lost contact with the NFS storage for a while which caused it to fence etc.
There must be another way??! Any pointers would be very much appreciated.Avi Miller wrote:
It's fixed in 3.1. In the meantime, if you can remove and reapply the Virtual Machine role on that network, it'll recreate the bridges for you.Thanks for replying Avi. (I won't ask you for a release date for 3.1 :))
I did try that initially, but it didn't seem to help - I got this error back:
Job Internal Error (Operation)com.oracle.ovm.mgr.api.exception.FailedOperationException: OVMAPI_4010E Attempt to send command: dispatch to server: whyovmprd02 failed. OVMAPI_4004E Server Failed Command: dispatch https://?uname?:[email protected]:8899/api/1 ovs_if_meta bond0.301 ethernet:0004fb00100a35f{why-be-301}:STORAGE, Status: org.apache.xmlrpc.XmlRpcException: exceptions.Exception:ovs_set_metadata: interface /sys/class/net/bond0.301 does not exists
This appears to be from ovs_if_meta in /opt/ovs-agent-3.0/OVSVMNetConfig.py, which looks to be where the agent tries to write out the new roles for the network into the metadata file - it seems to be expecting the VLAN to exist already, and specifically checks in /sys to make sure that it is there.
Should / could I add a step to my kickstart build to force the 301 VLAN to be created maybe? This would bring it into line with the other VLAN that is used for management, which is of course sitting there ready and waiting as soon as the server is built. -
Two VLAN's port forwarding to one, problem
Hi all
This is my first ever Cisco router for forgive me, if this is a simple matter, but I have spent the entire weekend trying to figure this out - with no luck.
My employer has provided me with a Cisco 871W router for my homeoffice.
The router is pre-configured with two VLANs and BVIs; VLAN1 (BVI1) and VLAN2 (BVI2) for home and office connection on two different subnets (192.168.1.0 and 192.168.0.0).
My office connection is secured with IPSec or something similar - I have not that much insight in that aspect.
The configuration works for normal internet access (www, mail etc) on both networks, and the tunneling to my workplace works fint too.
My problem is that I would like to open up some ports for gaming etc. on the "home"-part of the configuration, but I cannot seems to get that to work.
The attached configuration is my current running configuration, which contains some of my trials on getting this to work, so it might look a bit odd.
If anyone could help me, I would appreciate it.
Regards
Jesper LauridsenHi,
By the looks of it, you have an extended access list called 'outside_access_in' applied to your outside interface fa4.
You would have to add a rule to this access list allowing the port in question.
You would then need a static NAT entry that would map the port to the internal host.
For instance, if you had a rule to allow port 80 like this:
permit tcp any any eq www
You would also need a NAT entry like this:
ip nat inside source static tcp 192.168.0.10 80 interface FastEthernet4 80
Assuming that 192.168.0.10 was the client PC. -
PAT with a single public IP and several servers behind firewall
Hi,
New to the ASA 5505 8.4 software version, but here is what I'm trying to do:
Single static public IP: 16.2.3.4
Need to PAT several ports to three separate servers behind firewall
One server houses email, pptp server, ftp server and web services: 10.1.20.91
One server houses drac management (port 445): 10.1.20.92
One server is the IP phone server using a range of ports: 10.1.20.156
Basically, need to PAT the ports associated with each server to the respective servers behind the ASA 5505.
Here is what I have. Is anything missing from this config? Do I need to include a global policy for PPTP and SMTP?
ASA Version 8.4(4)1
hostname kaa-pix
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 10.1.20.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 16.2.3.4 255.255.255.0
ftp mode passive
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network server_smtp
host 10.1.20.91
object service Port_25
service tcp source eq smtp
object service Port_3389
service tcp source eq 3389
object service Port_1723
service tcp source eq pptp
object service Port_21
service tcp source eq ftp
object service Port_443
service tcp source eq https
object service Port_444
service tcp source eq 444
object network drac
host 10.1.20.92
object service Port_445
service tcp source eq 445
access-list acl-out extended permit icmp any any echo-reply
access-list acl-out extended permit icmp any any
access-list acl-out extended permit tcp any interface outside eq pptp
access-list acl-out extended permit tcp any object server_smtp eq smtp
access-list acl-out extended permit tcp any object server_smtp eq pptp
access-list acl-out extended permit tcp any object server_smtp eq 3389
access-list acl-out extended permit tcp any object server_smtp eq ftp
access-list acl-out extended permit tcp any object server_smtp eq https
access-list acl-out extended permit tcp any object server_smtp eq 444
access-list acl-out extended permit tcp any object drac eq 445
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat (inside,outside) source static server_smtp interface service Port_25 Port_25
nat (inside,outside) source static server_smtp interface service Port_3389 Port_
3389
nat (inside,outside) source static server_smtp interface service Port_1723 Port_
1723
nat (inside,outside) source static server_smtp interface service Port_21 Port_21
nat (inside,outside) source static server_smtp interface service Port_443 Port_4
43
nat (inside,outside) source static server_smtp interface service Port_444 Port_4
44
nat (inside,outside) source static drac interface service Port_445 Port_445
object network obj_any
nat (inside,outside) dynamic interface
route outside 0.0.0.0 0.0.0.0 16.2.3.1 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
telnet timeout 5
ssh timeout 5
ssh key-exchange group dh-group1-sha1
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
prompt hostname context
no call-home reporting anonymousThanks Lcambron...I got PPTP to work. Everything else works fine. I can access email, access my web server, FTP server, and PPTP server. However, from the above configuration, I cannot access my DRAC over the internet..The DRAC runs on a different internal server, and over port 445. So I have th following lines:
object network drac
host 10.1.20.92
object service Port_445
service tcp source eq 445
access-list acl-out extended permit tcp any object drac eq 445
nat (inside,outside) source static drac interface service Port_445 Port_445
Am I missing something here? Internally, i can telnet to port 445 on 10.1.20.92, so I know it is listening. However, externally, i cannot telnet to my external ip address of the ASA through port 445.
Thanks -
Issue with Adobe flex data.xml file not reachable from bsp behind firewall
Hi Gurus,
I have a problem with the <mx:HTTPService> tag the following is the actual tag,
<mx:HTTPService
id="Srv"
url="data.xml"
useProxy="false"
method="POST" result="resultHandler(event)"/>
When accessed locally I can see the data in the flex as the data.xml can be reached. when the same is accessed from internet behind firewall, the url is entirely different and the .swf file in the BSP page cannot access the data.xml. I cannot give the absolute url in the tag as the BSP page application is accessed differently in different servers. any help on this would be greatly appreciated
Thanks
AkbarSorry somehow I missed this question, an even easier way to do this is to allow your Flash movie to "script" ( this is the default behavior for a Flex application ) and then call some javascript to obtain exactly what the page URL is and then go from there to get your data:
import flash.external.ExternalInterface;
import mx.utils.URLUtil;
var
if(ExternalInterface.available){
pageURL = ExternalInterface.call("window.location.href.toString");
// Do whatever you need with the URL here.
var serverName:String = URLUtil.getServerNameWithPort(pageURL);
-d -
Two VLANs on same Switch with NAT problem.
Hello all.
I have few cisco devices at home that i am using to study from. I am using for now on this little setup a 2620XM and a 3500XL Switch. I have two vlans setup on the switch VLan10 and VLan20 using router on a stick. I have setup the inside and outside interfaces. I have the fa1/0 as my outside with a dhcp address of 192.168.1.10. I have also setup my internet router to see networks 172.20.0.0/24 and 172.20.1.0/24. I am able to ping back and forth from 192.168.1.0/24 to both networks. The issue comes when i try to apply NAT. I have tried two different setups and both have failed. I have two ping windows open on my PC on the 192.168.1.0/24 side both hitting vlan 10 and 20. Once i applied either Nat solution i lose ping on one vlan while still pinging the other, but both vlans can't go out to the internet. Below is the NAT solutions i have tried below. Also running config for both router and switch. If anybody can i assist i would really appreciate it.
NAT Solution 1
ip nat pool INET 192.168.1.10 192.168.1.10 netmask 255.255.255.0
ip nat inside source list 1 pool INET overload
access-list 1 permit any
NAT Solution 2
ip nat inside source list 100 interface fa1/0 overload
access-list 100 permit ip any any
Router config
R1#sh run
Building configuration...
Current configuration : 1470 bytes
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname R1
boot-start-marker
boot-end-marker
enable secret
no aaa new-model
ip subnet-zero
ip cef
interface FastEthernet0/0
no ip address
duplex auto
speed auto
interface FastEthernet0/0.5
encapsulation dot1Q 5 native
ip address 172.16.1.6 255.255.255.248
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 172.20.0.254 255.255.255.0
ip nat inside
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 172.20.1.254 255.255.255.0
ip nat inside
interface Serial0/0
no ip address
shutdown
interface Serial0/1
no ip address
shutdown
interface Serial0/2
no ip address
shutdown
interface Serial0/3
no ip address
shutdown
interface FastEthernet1/0
ip address dhcp
ip nat outside
duplex auto
speed auto
no cdp enable
router ospf 1
log-adjacency-changes
network 172.16.1.0 0.0.0.7 area 0
network 172.20.0.0 0.0.0.255 area 0
network 172.20.1.0 0.0.0.255 area 0
network 192.168.1.0 0.0.0.255 area 0
no ip http server
ip classless
line con 0
exec-timeout 0 0
password
logging synchronous
login
line aux 0
line vty 0 4
exec-timeout 0 0
password
logging synchronous
login
line vty 5 181
exec-timeout 0 0
password
logging synchronous
login
end
Switch Config
SW1#sh run
Building configuration...
Current configuration:
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname SW1
ip subnet-zero
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 5
switchport trunk allowed vlan 1,5,10,20,1002-1005
switchport mode trunk
interface FastEthernet0/2
interface FastEthernet0/3
interface FastEthernet0/4
switchport access vlan 10
interface FastEthernet0/5
switchport access vlan 10
interface FastEthernet0/6
switchport access vlan 10
interface FastEthernet0/7
switchport access vlan 10
interface FastEthernet0/8
switchport access vlan 10
interface FastEthernet0/9
switchport access vlan 10
interface FastEthernet0/10
switchport access vlan 10
interface FastEthernet0/11
switchport access vlan 10
interface FastEthernet0/12
switchport access vlan 20
interface FastEthernet0/13
switchport access vlan 20
interface FastEthernet0/14
switchport access vlan 20
interface FastEthernet0/15
switchport access vlan 20
interface FastEthernet0/16
switchport access vlan 20
interface FastEthernet0/17
switchport access vlan 20
interface FastEthernet0/18
switchport access vlan 20
interface FastEthernet0/19
switchport access vlan 20
interface FastEthernet0/20
switchport access vlan 20
interface FastEthernet0/21
switchport access vlan 20
interface FastEthernet0/22
switchport access vlan 20
interface FastEthernet0/23
shutdown
switchport trunk encapsulation dot1q
switchport mode trunk
interface FastEthernet0/24
shutdown
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/1
interface GigabitEthernet0/2
interface VLAN1
no ip address
no ip directed-broadcast
no ip route-cache
shutdown
interface VLAN5
ip address 172.16.1.1 255.255.255.248
no ip directed-broadcast
no ip route-cache
ip default-gateway 172.16.1.6
line con 0
transport input none
stopbits 1
line vty 0 4
login
line vty 5 15
login
endYou need to change your acl because NAT doesn't usually work with "any" as the source.
I tend to use extended acls so -
access-list 101 permit 172.20.0.0 255.255.255.0 any
access-list 101 permit 172.20.1.0 255.255.255.0 any
and then use your second solution ie. overload on the interface.
If you find you cannot ping between your vlans then you need to modify the above acl to deny traffic between the vlans/IP subnets then permit any as above but it should work without doing that.
Jon -
Hi Surendra,
I was just given this task to see how i can configure a second ssid for guest access in our environment.
this is our network setup prior to this request: Internet----Firewall (not ASA)---ce520---C1131AG and CME router is also connecting to the ce520 switch. we only have two vlans: one for voice and two for data.
Presently, there is no vlan configured on the AP because it on broadcasting ont ssid and wireless users gets IP from a windows DHCP server on the LAN. the configuration on the ce520 switch port for the AP and other switches say access vlan is the DATA vlan which automatically becomes the native vlan for all trunk port connecting the AP and other Stiches to the network.
Now with this new requirement, i have made my research and i have configured the AP to broadcast both the production and the guest Vlans. The two vlans are 20-DATA and 60-Guest. I made the DATA vlan on the AP the native vlan since the poe switch is using the DATA vlan as native on the trunk ports. I configured the firewall to serve as DHCP server for the guest ssid and i have added the ip helper-address on the guest vlan interface on all switches while the windows server remains the dhcp server for the production DATA Vlan. I have confirmed that the AP, switches can ping the default gateway of the guest dhcp server which is another interface on the firewall. I can now see and connect to all broadcasted ssids but the problem is I am not getting IP addresses from both the production dhcp server and guest dhcp server when i connected to the ssid one at a time.
My AP config is attached below.
Please tell me what am I doing wrong.
Do i need to redesign the whole network to have a native vlan other nthan the data vlan?
Does the access point need to be aware of the voice vlan?
Do the native Vlan on the AP need to be in Bridge-group 1 or can i leave it in bridge-group 20?
I will greatly appreciate your urgent response.
Thanks in advanced.Hi,
As far as i know we dont set the ip helper address on the radio interface. It should be on the L3 interface of corresposding VLANs i.e.
int vlan 20
ip helper-address 192.168.33.xxx
int vlan 60
ip helper-address 130.20.1.xxx
I'm assuming that your using SVI's (int Vlan 20 and int Vlan 60) rahter than physical interfaces. Also hope you have configured switch port as trunk where this AP is connected.
Modify the AP config as below since you are using data vlan as the native vlan
interface Dot11Radio0.20
encapsulation dot1Q 20 native
interface FastEthernet0.20
encapsulation dot1Q 20 native
Ideally your AP fastethernet configuration should looks like below and not sure how you missed this as this comes by default when you have multiple vlans for multiple ssids.
interface FastEthernet0.20
encapsulation dot1Q 20 native
no ip route-cache
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled
interface FastEthernet0.60
encapsulation dot1Q 60
no ip route-cache
bridge-group 60
no bridge-group 60 source-learning
bridge-group 60 spanning-disabled
Hope this helps.
Regards
Najaf -
ASA 5510 context base configuration in HA Mode with two different subnet
Hi
Please someone help me to configure the Firewall ASA 5510 in context based configuration in HA Mode with two different subnet....
IP Details are below.....:
interface Ethernet0/0
nameif outside
security-level 0
ip address 10.10.10.2 255.255.255.0 standby 10.10.10.3
interface Ethernet0/1
no nameif
security-level 0
no ip address
interface Ethernet0/1.101
description INSIDE1
vlan 101
nameif INSIDE1
security-level 90
ip address 172.22.0.2 255.255.255.0 standby 172.22.0.3
interface Ethernet0/1.102
description INSIDE2
vlan 102
nameif INSIDE2
security-level 80
ip address 172.22.1.2 255.255.255.0 standby 172.22.1.3
interface Ethernet0/3
description LAN Failover Interface
failover
failover lan unit primary
failover lan interface FAILOVER Ethernet0/3
failover replication http
failover interface ip FAILOVER 192.168.3.1 255.255.255.0 standby 192.168.3.2
route outside 0.0.0.0 0.0.0.0 10.10.10.1 1Hi Sanjeev,
If it is a context based configuration that you are doing then, you would need to configure context on the ASA first, you can refer to this document for it:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml
Thanks,
Varun Rao
Security Team,
Cisco TAC -
Can you help me with this ( vlan,accesslist,management )
here's the scenario I have two vlan 10 & 20
I have 2 switch and 1 router
the target of this setup is that vlan 10 can ping or reach vlan 20 but vlan 20 cannot be reach or ping vlan 10 it is that possible
Here's the setup
In SW0
vlan 10
name Management
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
interface FastEthernet0/2
switchport trunk allowed vlan 10
switchport mode trunk
In SW1
interface FastEthernet0/1
switchport trunk allowed vlan 20
switchport mode trunk
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
interface FastEthernet0/3
switchport access vlan 20
switchport mode access
In Router
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
ip access-group 1 out
interface FastEthernet0/0.20
no ip address
interface FastEthernet0/1
no ip address
duplex auto
speed auto
interface FastEthernet0/1.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
ip access-group 1 out
interface Vlan1
no ip address
shutdown
ip classless
access-list 1 deny 192.168.20.0 0.0.0.255
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 1 deny host 192.168.20.11
access-list 1 permit host 192.168.10.11
access-list 1 deny any
access-list 1 permit any
Im new so i dont know if my setup is correct ...
can any1 help me about this,,,
thanks.Hi,
let's suppose PC0(Vlan 10) wants to communicate with PC1(Vlan 20):
-traffic enters f0/0.10 with src 10.11 and dst 20.11 and it is forwarded out f0/1.20 where there is an egress ACL
-this is a standard ACL so it matches on source only and there is a hit for second entry permit 192.168.10.0 0.0.0.255
-now PC1 replies and traffic enters f0/1.20 and is forwarded out f0/0.10 where there is egress ACL
-there is a hit on first entry deny 192.168.20.0 0.0.0.255( packet src is 20.11 and dst 10.11)
So end result is that Vlan 10 cannot reach Vlan 20.
I don't think this is what you wanted
Now of course traffic sourced from any PC in Vlan 20 destined to PC0 is filtered as you wanted because it is filtered on f0/0.10 outbound as above.
ACLs are stateless and communication in TCP/IP is bidirectional so the best way to achieve what you want to do if you want to filter more than Pings would be to use CBAC or ZBF or reflexive ACLs
Regards
Alain
Don't forget to rate helpful posts. -
SQL Injection, replace single quote with two single quotes?
Is replacing a single quote with two single quotes adequate
for eliminating
SQL injection attacks? This article (
http://www.devguru.com/features/kb/kb100206.asp
) offers that advice, and it
enabled me to allow users to search name fields in the
database that contain
single quotes.
I was advised to use "Paramaterized SQL" in an earlier post,
but I can't
understand the concept behind that method, and whether it
applies to
queries, writes, or both.Then you can use both stored procedures and prepared
statements.
Both provide better protection than simply replacing
apostrophes.
Prepared statements are simple:
Set myCommand = Server.CreateObject("ADODB.Command")
...snip...
myCommand.CommandText = "INSERT INTO Users([Name], [Email])
VALUES (?, ?)"
...snip...
myCommand.Parameters.Append
myCommand.CreateParameter("@Name",200,1,50,Name)
myCommand.Parameters.Append
myCommand.CreateParameter("@Email",200,1,50,Email)
myCommand.Execute ,,128 'the ,,128 sets execution flags that
tell ADO not to
look for rows to be returned. This saves the expense of
creating a
recordset object you don't need.
Stored procedures are executed in a similar manner. DW can
help you with a
stored procedure through the "Command (Stored Procedure)"
server behavior.
You can see a full example of a prepared statement by looking
at DW's
recordset code after you've created a recordset using version
8.02.
"Mike Z" <[email protected]> wrote in message
news:eo5idq$3qr$[email protected]..
>I should have repeated this, I am using VBScript in ASP,
with an Access DB.
> -
Currently we have the following
Cat 4003 with VLAN trunking turned on to multiple switches. Each port in those exterior switches is assigned to a vlan(we have about 60 different vlans).
What I would like to do is on those exterior switches have two vlans assigned to it.
We'd like to create a single IP Phone VLAN(let's call it 999) that can span our entire enterprise and would have dhcp deployed on it.
Each port is connected to an IP phone which has a 2 port switch in them. One port to the wall, one to the pc.
The switch ports on those phones support vlan tagging
How would setup an exterior switch to access 2 vlans that connect to 2 port switch on an IP phone?To facilitate ease of deployment, use VTP so that you can centrally create the vlans and propagate to each exterior switch. Now I believe you already do have a layer 3 engine or router that does routing between all these vlans. What switches are used on teh exterior ? This is to find out if voice vlan support is available.
In cat switches, voice vlan is created using command,
set port auxiliaryvlan vlan
In IOS based switches,
int fa0/1
switchport mode trunk
switchport trunk encap dot1q
switchport trunk native vlan
switchport voice vlan
switchport priority cos extend 0
or
int fa0/1
switchport mode access
switchport access vlan
switchport voice vlan
I am not sure about support of voice/aux vlan in 4003. We will have check your other switch models/ software versions to determine support for this command. -
How can i use IDSM-2 in inline mode for more than two VLANs?
can i use the IDSM-2 in inline mode to be ips to more than two VLANS
like this or it isn't
intrusion-detection module 5 data port 1 access-vlan 10,20,30,40,50
intrusion-detection module 5 data port 1 access-vlan 100,200
thank u all for your helpThe IDSM-2 ports need to be configured as trunk ports with multiple vlans rather than as access ports.
http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00807517eb.html#wp1068377
And instead of creating an inline interface pair by pairing Gig0/7 with Gig0/8 within the IDSM-2 configuration, you would create inline vlan pairs.
With an inline vlan pair you pair 2 vlans on the same interface.
You can have up to 255 inline vlan pairs on each interface (assumining you keep the total traffic from all of the pairs within the IDSM-2s performance limit of around 500Mbps)
How to create inline vlan pairs:
http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00807517bb.html#wp1047852
The other aspect you need to be aware of is that not all IOS versions will support configuring the IDSM-2 data ports as trunk ports for inline vlan pairs.
Your best bet is to use 12.2(18)SXF4 or a later version on the 12.2(18)SXF train.
The 12.2(33)SR train does not currently support the trunk feature for the IDSM-2. -
Election problem after repeated split-brains with two nodes
Hi
I'm using a customized source based on BDB-5.1.19 (excxx_repquote)
with two site one - MASTER and the other SLAVE...
nsite=2
ack=quorum
- the master is writing to quotedb at a rate of 10 txn per sec
- the test consist to isolate the client from the master (split brain) and reconnect it after a random time include from 1sec to 10sec
the test run well about 10 times but at a moment the process slave receive DB_EVENT_REP_ELECTION_FAILED
and the master enter in election mode and never exit from the CLIENT mode. I must say that to freeze the client I decide to kill me (kill -9 my pid) when I receive such event...
here is the verbose log on the master...
[1307872770:871621][6510/47655809107168] MASTER: rep_send_function returned: 110
[1307872770:973655][6510/47655809107168] MASTER: bulk_msg: Send buffer after copy due to PERM
[1307872770:973667][6510/47655809107168] MASTER: send_bulk: Send 266 (0x10a) bulk buffer bytes
[1307872770:973672][6510/47655809107168] MASTER: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 68 eid -1, type bulk_log, LSN [21][986648] perm
[1307872770:973693][6510/47655809107168] MASTER: will await acknowledgement: need 1
[1307872771:26623][6510/47655809107168] MASTER: rep_send_function returned: 110
[1307872771:126380][6510/1162996032] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 70 eid 0, type log, LSN [21][946345]
[1307872771:126407][6510/1162996032] MASTER: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 68 eid -1, type dupmaster, LSN [0][0] nobuf
[1307872771:126695][6510/1162996032] MASTER: rep_start: Found old version log 17
[1307872771:126753][6510/1162996032] CLIENT: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 68 eid -1, type newclient, LSN [0][0] nobuf
[1307872771:126833][6510/1183975744] CLIENT: starting election thread
[1307872771:126876][6510/1183975744] CLIENT: Start election nsites 2, ack 1, priority 100
[1307872771:126890][6510/1183975744] CLIENT: Election thread owns egen 69
[1307872771:127423][6510/1173485888] CLIENT: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 70 eid 0, type newclient, LSN [0][0]
[1307872771:130079][6510/1183975744] CLIENT: Tallying VOTE1[0] (2147483647, 69)
[1307872771:130113][6510/1183975744] CLIENT: Beginning an election
[1307872771:130134][6510/1183975744] CLIENT: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 68 eid -1, type vote1, LSN [21][986728] nobuf
[1307872771:130147][6510/1173485888] CLIENT: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 68 eid -1, type master_req, LSN [0][0] nobuf
[1307872771:130438][6510/1152506176] CLIENT: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 70 eid 0, type vote1, LSN [21][946437]
[1307872771:130460][6510/1162996032] CLIENT: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 70 eid 0, type alive, LSN [21][986728]
[1307872771:130467][6510/1152506176] CLIENT: Updating gen from 68 to 70
[1307872771:130482][6510/1162996032] CLIENT: Received ALIVE egen of 71, mine 69
[1307872771:130503][6510/1162996032] CLIENT: Election finished in 0.003602000 sec
[1307872771:130515][6510/1162996032] CLIENT: Election done; egen 70
[1307872771:130534][6510/1152506176] CLIENT: Received vote1 egen 71, egen 71
[1307872771:130581][6510/1152506176] CLIENT: Tallying VOTE1[0] (0, 71)
[1307872771:130593][6510/1089075520] CLIENT: starting election thread
[1307872771:130619][6510/1152506176] CLIENT: Incoming vote: (eid)0 (pri)100 ELECTABLE (gen)70 (egen)71 [21,946437]
[1307872771:130642][6510/1152506176] CLIENT: Not in election, but received vote1 0x282c 0x8
[1307872771:130674][6510/1089075520] CLIENT: Start election nsites 2, ack 1, priority 100
[1307872771:130692][6510/1089075520] CLIENT: Election thread owns egen 71
[1307872771:130704][6510/1194465600] CLIENT: starting election thread
[1307872771:130733][6510/1194465600] CLIENT: Start election nsites 2, ack 1, priority 100
[1307872771:132922][6510/1089075520] CLIENT: Tallying VOTE1[1] (2147483647, 71)
[1307872771:132949][6510/1089075520] CLIENT: Accepting new vote
[1307872771:132958][6510/1089075520] CLIENT: Beginning an election
[1307872771:132973][6510/1089075520] CLIENT: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 70 eid -1, type vote1, LSN [21][986728] nobuf
[1307872771:132985][6510/1194465600] CLIENT: election thread is exiting
[1307872771:133012][6510/1089075520] CLIENT: Tallying VOTE2[0] (2147483647, 71)
[1307872771:133037][6510/1089075520] CLIENT: Counted my vote 1
[1307872771:133048][6510/1089075520] CLIENT: Skipping phase2 wait: already got 1 votes
[1307872771:133060][6510/1089075520] CLIENT: Got enough votes to win; election done; (prev) gen 70
[1307872771:133071][6510/1089075520] CLIENT: Election finished in 0.002367000 sec
[1307872771:133084][6510/1089075520] CLIENT: Election done; egen 72
[1307872771:133111][6510/1089075520] CLIENT: Ended election with 0, e_th 1, egen 72, flag 0x2a2c, e_fl 0x0, lo_fl 0x6
[1307872771:133170][6510/1173485888] CLIENT: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 70 eid 0, type alive, LSN [0][0]
[1307872771:133187][6510/1173485888] CLIENT: Racing replication msg lockout, ignore message.
[1307872771:173744][6510/1162996032] CLIENT: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 70 eid 0, type vote2, LSN [0][0]
[1307872771:173769][6510/1162996032] CLIENT: Racing replication msg lockout, ignore message.
[1307872771:231593][6510/1183975744] CLIENT: Ended election with 0, e_th 0, egen 72, flag 0x2a2c, e_fl 0x0, lo_fl 0x1c
[1307872771:231629][6510/1183975744] CLIENT: election thread is exiting
[1307872777:443794][6510/1131526464] CLIENT: init connection to site 2.0.0.210:12345 with result 115
[1307872971:644194][6510/1131526464] CLIENT: init connection to site 2.0.0.210:12345 with result 115
[1307873165:844583][6510/1131526464] CLIENT: init connection to site 2.0.0.210:12345 with result 115
[1307873360:44955][6510/1131526464] CLIENT: init connection to site 2.0.0.210:12345 with result 115
[1307873554:245347][6510/1131526464] CLIENT: init connection to site 2.0.0.210:12345 with result 115
[1307873748:445736][6510/1131526464] CLIENT: init connection to site 2.0.0.210:12345 with result 115
[1307873942:646117][6510/1131526464] CLIENT: init connection to site 2.0.0.210:12345 with result 115
[1307874136:846509][6510/1131526464] CLIENT: init connection to site 2.0.0.210:12345 with result 115
.... and infinite stay to this situation
My question is why the Master is suddenly transformed into CLIENT and why it's never returning to the MASTER
Thanks in advance ...
here is the log for the client
[1307872315:455113][1282/1181583680] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type log, LSN [21][984396]
[1307872315:455134][1282/1160603968] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type log, LSN [21][984483] perm
[1307872315:609962][1282/1181583680] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type bulk_log, LSN [21][984733] perm
[1307872315:764958][1282/1181583680] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type bulk_log, LSN [21][984986] perm
[1307872315:919962][1282/1181583680] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type bulk_log, LSN [21][985238] perm
[1307872316:75018][1282/1181583680] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type bulk_log, LSN [21][985491] perm
[1307872316:229959][1282/1181583680] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type bulk_log, LSN [21][985741] perm
[1307872316:384949][1282/1181583680] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type bulk_log, LSN [21][985993] perm
[1307872316:499899][1282/1181583680] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type bulk_log, LSN [21][986141] perm
[1307872316:539895][1282/1181583680] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type log, LSN [21][986221]
[1307872316:540078][1282/1171093824] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type log, LSN [21][986307]
[1307872316:540100][1282/1160603968] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type log, LSN [21][986394] perm
[1307872316:694950][1282/1171093824] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type bulk_log, LSN [21][986648] perm
[1307872316:847349][1282/1129134400] MASTER: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 70 eid -1, type log, LSN [21][946345]
[1307872316:847698][1282/1171093824] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type dupmaster, LSN [0][0]
[1307872316:847999][1282/1181583680] MASTER: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type newclient, LSN [0][0]
[1307872316:848168][1282/1171093824] MASTER: rep_start: Found old version log 17
[1307872316:848222][1282/1181583680] CLIENT: Racing replication msg lockout, ignore message.
[1307872316:848398][1282/1171093824] CLIENT: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 70 eid -1, type newclient, LSN [0][0] nobuf
[1307872316:848504][1282/1192073536] CLIENT: starting election thread
[1307872316:848542][1282/1192073536] CLIENT: Start election nsites 2, ack 1, priority 100
[1307872316:848566][1282/1192073536] CLIENT: Election thread owns egen 71
[1307872316:849634][1282/1192073536] CLIENT: Tallying VOTE1[0] (2147483647, 71)
[1307872316:849654][1282/1192073536] CLIENT: Beginning an election
[1307872316:849680][1282/1192073536] CLIENT: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 70 eid -1, type vote1, LSN [21][946437] nobuf
[1307872316:851403][1282/1160603968] CLIENT: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type vote1, LSN [21][986728]
[1307872316:851448][1282/1160603968] CLIENT: Received vote1 egen 69, egen 71
[1307872316:851470][1282/1160603968] CLIENT: Received old vote 69, egen 71, ignoring vote1
[1307872316:851481][1282/1160603968] CLIENT: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 70 eid 0, type alive, LSN [21][986728] nobuf
[1307872316:851538][1282/1171093824] CLIENT: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 68 eid 0, type master_req, LSN [0][0]
[1307872316:851558][1282/1171093824] CLIENT: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 70 eid 0, type alive, LSN [0][0] nobuf
[1307872316:854254][1282/1160603968] CLIENT: /opt/bdb/ rep_process_message: msgv = 5 logv 17 gen = 70 eid 0, type vote1, LSN [21][986728]
[1307872316:854275][1282/1160603968] CLIENT: Received vote1 egen 71, egen 71
[1307872316:854317][1282/1160603968] CLIENT: Tallying VOTE1[1] (0, 71)
[1307872316:854339][1282/1160603968] CLIENT: Incoming vote: (eid)0 (pri)100 ELECTABLE (gen)70 (egen)71 [21,986728]
[1307872316:854353][1282/1160603968] CLIENT: Existing vote: (eid)2147483647 (pri)100 (gen)70 (sites)2 [21,946437]
[1307872316:854369][1282/1160603968] CLIENT: Accepting new vote
[1307872316:854379][1282/1160603968] CLIENT: Phase1 election done
[1307872316:854395][1282/1160603968] CLIENT: Voting for 0
[1307872316:854407][1282/1160603968] CLIENT: /opt/bdb/ rep_send_message: msgv = 5 logv 17 gen = 70 eid 0, type vote2, LSN [0][0] nobuf
[1307872317:960344][1282/1192073536] CLIENT: After phase 2: votes 0, nvotes 1, nsites 2
[1307872317:960389][1282/1192073536] CLIENT: Election finished in 1.111809000 sec
[1307872317:960401][1282/1192073536] CLIENT: Election done; egen 72
[1307872317:960412][1282/1192073536] CLIENT: Ended election with -30974, e_th 0, egen 72, flag 0x282c, e_fl 0x0, lo_fl 0x0
Kill me !!
--- my source
on the master I run manually :
txn_rate 1
loop_rate 10
loop 1 20000
* See the file LICENSE for redistribution information.
* Copyright (c) 2001, 2010 Oracle and/or its affiliates. All rights reserved.
* $Id$
* In this application, we specify all communication via the command line. In
* a real application, we would expect that information about the other sites
* in the system would be maintained in some sort of configuration file. The
* critical part of this interface is that we assume at startup that we can
* find out
* 1) what our Berkeley DB home environment is,
* 2) what host/port we wish to listen on for connections; and
* 3) an optional list of other sites we should attempt to connect to.
* These pieces of information are expressed by the following flags.
* -h home (required; h stands for home directory)
* -l host:port (required; l stands for local)
* -C or -M (optional; start up as client or master)
* -r host:port (optional; r stands for remote; any number of these may be
* specified)
* -R host:port (optional; R stands for remote peer; only one of these may
* be specified)
* -a all|quorum (optional; a stands for ack policy)
* -b (optional; b stands for bulk)
* -n nsites (optional; number of sites in replication group; defaults to 0
* to try to dynamically compute nsites)
* -p priority (optional; defaults to 100)
* -v (optional; v stands for verbose)
#include <cstdlib>
#include <cstring>
#include <iostream>
#include <string>
#include <sstream>
#include <sys/types.h>
#include <signal.h>
#include <db_cxx.h>
#include "RepConfigInfo.h"
#include "dbc_auto.h"
using std::cout;
using std::cin;
using std::cerr;
using std::endl;
using std::ends;
using std::flush;
using std::istream;
using std::istringstream;
using std::ostringstream;
using std::string;
using std::getline;
#include <stdio.h>
#include <readline/readline.h>
#include <readline/history.h>
#define CACHESIZE (10 * 1024 * 1024)
#define DATABASE "quote.db"
#define DATABASE2 "quote2.db"
const char *progname = "excxx_repquote";
#include <errno.h>
#ifdef _WIN32
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#define snprintf _snprintf
#define sleep(s) Sleep(1000 * (s))
extern "C" {
extern int getopt(int, char * const *, const char *);
extern char *optarg;
typedef HANDLE thread_t;
typedef DWORD thread_exit_status_t;
#define thread_create(thrp, attr, func, arg) \
(((*(thrp) = CreateThread(NULL, 0, \
(LPTHREAD_START_ROUTINE)(func), (arg), 0, NULL)) == NULL) ? -1 : 0)
#define thread_join(thr, statusp) \
((WaitForSingleObject((thr), INFINITE) == WAIT_OBJECT_0) && \
GetExitCodeThread((thr), (LPDWORD)(statusp)) ? 0 : -1)
#else /* !_WIN32 */
#include <pthread.h>
typedef pthread_t thread_t;
typedef void* thread_exit_status_t;
#define thread_create(thrp, attr, func, arg) \
pthread_create((thrp), (attr), (func), (arg))
#define thread_join(thr, statusp) pthread_join((thr), (statusp))
#endif
// Struct used to store information in Db app_private field.
typedef struct {
bool app_finished;
bool in_client_sync;
bool is_master;
bool no_dummy_wr;
} APP_DATA;
static void log(const char *);
void checkpoint_thread (void );
void log_archive_thread (void );
void dummy_write_thread (void );
class RepQuoteExample {
public:
RepQuoteExample();
void init(RepConfigInfo* config);
void doloop();
int terminate();
static void event_callback(DbEnv* dbenv, u_int32_t which, void *info);
void print_stocks_size(Db *dbp);
private:
// disable copy constructor.
RepQuoteExample(const RepQuoteExample &);
void operator = (const RepQuoteExample &);
// internal data members.
APP_DATA app_data;
RepConfigInfo *app_config;
DbEnv cur_env;
thread_t ckp_thr;
thread_t lga_thr;
thread_t dmy_thr;
// private methods.
void print_stocks(Db *dbp);
void print_env(DbEnv *dbenv);
void prompt();
RepQuoteExample *g_runner=NULL;
RepConfigInfo *g_config=NULL;
class DbHolder {
public:
DbHolder(DbEnv env, const char _dbname) : env(env)
dbp = 0;
if (_dbname) dbname=_dbname;
else dbname=DATABASE;
~DbHolder() {
try {
close();
} catch (...) {
// Ignore: this may mean another exception is pending
bool ensure_open(bool creating) {
if (dbp)
return (true);
dbp = new Db(env, 0);
u_int32_t flags = DB_AUTO_COMMIT;
if (creating)
flags |= DB_CREATE;
try {
//dbp->open(NULL, DATABASE, NULL, DB_BTREE, flags, 0);
//dbp->open(NULL, dbname, NULL, DB_BTREE, flags, 0);
dbp->open(NULL, NULL, dbname, DB_BTREE, flags, 0);
return (true);
} catch (DbDeadlockException e) {
} catch (DbRepHandleDeadException e) {
} catch (DbException e) {
if (e.get_errno() == DB_REP_LOCKOUT) {
// Just fall through.
} else if (e.get_errno() == ENOENT && !creating) {
// Provide a bit of extra explanation.
log("Stock DB does not yet exist");
} else
throw;
// (All retryable errors fall through to here.)
log("please retry the operation");
close();
return (false);
void close() {
if (dbp) {
try {
dbp->close(0);
delete dbp;
dbp = 0;
} catch (...) {
delete dbp;
dbp = 0;
throw;
operator Db *() {
return dbp;
Db *operator->() {
return dbp;
private:
Db *dbp;
DbEnv *env;
const char *dbname;
class StringDbt : public Dbt {
public:
#define GET_STRING_OK 0
#define GET_STRING_INVALID_PARAM 1
#define GET_STRING_SMALL_BUFFER 2
#define GET_STRING_EMPTY_DATA 3
int get_string(char **buf, size_t buf_len)
size_t copy_len;
int ret = GET_STRING_OK;
if (buf == NULL) {
cerr << "Invalid input buffer to get_string" << endl;
return GET_STRING_INVALID_PARAM;
// make sure the string is null terminated.
memset(*buf, 0, buf_len);
// if there is no string, just return.
if (get_data() == NULL || get_size() == 0)
return GET_STRING_OK;
if (get_size() >= buf_len) {
ret = GET_STRING_SMALL_BUFFER;
copy_len = buf_len - 1; // save room for a terminator.
} else
copy_len = get_size();
memcpy(*buf, get_data(), copy_len);
return ret;
size_t get_string_length()
if (get_size() == 0)
return 0;
return strlen((char *)get_data());
void set_string(char *string)
set_data(string);
set_size((u_int32_t)strlen(string));
StringDbt(char *string) :
Dbt(string, (u_int32_t)strlen(string)) {};
StringDbt() : Dbt() {};
~StringDbt() {};
// Don't add extra data to this sub-class since we want it to remain
// compatible with Dbt objects created internally by Berkeley DB.
Db *g_repquote=NULL;
RepQuoteExample::RepQuoteExample() : app_config(0), cur_env(0) {
app_data.app_finished = 0;
app_data.in_client_sync = 0;
app_data.is_master = 0; // assume I start out as client
app_data.no_dummy_wr = 0 ; //prevent to run dummy write
int (*old_rep_process_message)
__P((DB_ENV *, DBT *, DBT *, int, DB_LSN *));
int my_rep_process_message __P((DB_ENV arg1, DBT arg2, DBT arg3, int arg4, DB_LSN arg5))
printf("EZ->>> my_rep_process_message:%p\n",arg5);
old_rep_process_message(arg1,arg2,arg3,arg4,arg5);
void RepQuoteExample::init(RepConfigInfo *config) {
app_config = config;
cur_env.set_app_private(&app_data);
cur_env.set_errfile(stderr);
app_data.no_dummy_wr=config->no_dummy_wr;
if (app_data.no_dummy_wr)
printf("No dummy !!!\n");
//EZ->cur_env.set_errpfx(progname);
cur_env.set_event_notify(event_callback);
// Configure bulk transfer to send groups of records to clients
// in a single network transfer. This is useful for master sites
// and clients participating in client-to-client synchronization.
if (app_config->bulk)
cur_env.rep_set_config(DB_REP_CONF_BULK, 1);
// Set the total number of sites in the replication group.
// This is used by repmgr internal election processing.
if (app_config->totalsites > 0)
cur_env.rep_set_nsites(app_config->totalsites);
// Turn on debugging and informational output if requested.
if (app_config->verbose)
cur_env.set_verbose(DB_VERB_REPLICATION, 1);
cur_env.set_verbose(DB_VERB_REPMGR_MISC, 1);
cur_env.set_verbose(DB_VERB_RECOVERY, 1);
cur_env.set_verbose(DB_VERB_REPLICATION, 1);
cur_env.set_verbose(DB_VERB_REP_ELECT, 1);
cur_env.set_verbose(DB_VERB_REP_LEASE, 1);
cur_env.set_verbose(DB_VERB_REP_SYNC, 1);
cur_env.set_verbose(DB_VERB_REPMGR_MISC, 1);
// Set replication group election priority for this environment.
// An election first selects the site with the most recent log
// records as the new master. If multiple sites have the most
// recent log records, the site with the highest priority value
// is selected as master.
cur_env.rep_set_priority(app_config->priority);
// Set the policy that determines how master and client sites
// handle acknowledgement of replication messages needed for
// permanent records. The default policy of "quorum" requires only
// a quorum of electable peers sufficient to ensure a permanent
// record remains durable if an election is held. The "all" option
// requires all clients to acknowledge a permanent replication
// message instead.
cur_env.repmgr_set_ack_policy(app_config->ack_policy);
// Set the threshold for the minimum and maximum time the client
// waits before requesting retransmission of a missing message.
// Base these values on the performance and load characteristics
// of the master and client host platforms as well as the round
// trip message time.
cur_env.rep_set_request(20000, 500000);
// Configure deadlock detection to ensure that any deadlocks
// are broken by having one of the conflicting lock requests
// rejected. DB_LOCK_DEFAULT uses the lock policy specified
// at environment creation time or DB_LOCK_RANDOM if none was
// specified.
cur_env.set_lk_detect(DB_LOCK_DEFAULT);
// The following base replication features may also be useful to your
// application. See Berkeley DB documentation for more details.
// - Master leases: Provide stricter consistency for data reads
// on a master site.
// - Timeouts: Customize the amount of time Berkeley DB waits
// for such things as an election to be concluded or a master
// lease to be granted.
// - Delayed client synchronization: Manage the master site's
// resources by spreading out resource-intensive client
// synchronizations.
// - Blocked client operations: Return immediately with an error
// instead of waiting indefinitely if a client operation is
// blocked by an ongoing client synchronization.
cur_env.repmgr_set_local_site(app_config->this_host.host,
app_config->this_host.port, 0);
for ( REP_HOST_INFO *cur = app_config->other_hosts; cur != NULL;
cur = cur->next) {
cur_env.repmgr_add_remote_site(cur->host, cur->port,
NULL, cur->peer ? DB_REPMGR_PEER : 0);
// Configure heartbeat timeouts so that repmgr monitors the
// health of the TCP connection. Master sites broadcast a heartbeat
// at the frequency specified by the DB_REP_HEARTBEAT_SEND timeout.
// Client sites wait for message activity the length of the
// DB_REP_HEARTBEAT_MONITOR timeout before concluding that the
// connection to the master is lost. The DB_REP_HEARTBEAT_MONITOR
// timeout should be longer than the DB_REP_HEARTBEAT_SEND timeout.
cur_env.rep_set_timeout(DB_REP_HEARTBEAT_SEND, 5000000);
cur_env.rep_set_timeout(DB_REP_HEARTBEAT_MONITOR, 10000000);
// The following repmgr features may also be useful to your
// application. See Berkeley DB documentation for more details.
// - Two-site strict majority rule - In a two-site replication
// group, require both sites to be available to elect a new
// master.
// - Timeouts - Customize the amount of time repmgr waits
// for such things as waiting for acknowledgements or attempting
// to reconnect to other sites.
// - Site list - return a list of sites currently known to repmgr.
// We can now open our environment, although we're not ready to
// begin replicating. However, we want to have a dbenv around
// so that we can send it into any of our message handlers.
cur_env.set_cachesize(0, CACHESIZE, 0);
cur_env.set_flags(DB_REP_PERMANENT, 1);
//cur_env.set_flags(DB_TXN_WRITE_NOSYNC, 1);
/* u_int32_t maxlocks=300000;
if (maxlocks != 0)
cur_env.set_lk_max_locks(maxlocks);
u_int32_t maxlocks_o=300000;
if (maxlocks_o != 0)
cur_env.set_lk_max_objects(maxlocks_o);
u_int32_t maxmutex=300000;
if (maxmutex != 0)
cur_env.mutex_set_max(maxmutex);
DbEnv *m_env=&cur_env;
m_env->set_flags(DB_TXN_NOSYNC, 1);
m_env->set_lk_max_lockers(60000);
m_env->set_lk_max_objects(60000);
m_env->set_lk_max_locks(60000);
m_env->set_tx_max(60000);
//m_env->repmgr_set_ack_policy(DB_REPMGR_ACKS_NONE);
m_env->rep_set_timeout(DB_REP_ACK_TIMEOUT, 50 * 1000); //50ms
m_env->rep_set_timeout(DB_REP_CHECKPOINT_DELAY, 0);
//m_env->rep_set_timeout(DB_REP_CONNECTION_RETRY, 30 * 1000 * 1000); // 30 seconds
m_env->rep_set_timeout(DB_REP_ELECTION_TIMEOUT, 1 * 1000 * 1000); // 5 seconds
m_env->rep_set_timeout(DB_REP_FULL_ELECTION_TIMEOUT, 5 * 1000 * 1000); // 5 seconds
m_env->rep_set_timeout(DB_REP_CONNECTION_RETRY, 5 * 1000 * 1000);
//m_env->rep_set_timeout(DB_REP_ELECTION_RETRY, 10 * 1000 * 1000); //10 seconds
//m_env->rep_set_timeout(DB_REP_HEARTBEAT_MONITOR, 80 * 1000 * 1000); //80 seconds
//m_env->rep_set_timeout(DB_REP_HEARTBEAT_SEND, 500 * 1000); //500 milli seconds
//The minimum number of microseconds a client waits before requesting retransmission
u_int32_t rep_req_min = 40000; //40 000 microsec = 40 mili
//The maximum number of microseconds a client waits before requesting retransmission
u_int32_t rep_req_max = 1280000;// 1 280 000 microsec = 1.28 sec
u_int32_t rep_limit_gbytes = 0;
u_int32_t rep_limit_bytes = 100 * 1024 * 1024; // 100MB
m_env->rep_set_request(rep_req_min, rep_req_max);
m_env->rep_set_limit(rep_limit_gbytes, rep_limit_bytes);
cur_env.open(app_config->home, DB_CREATE | DB_RECOVER |
DB_THREAD | DB_INIT_REP | DB_INIT_LOCK | DB_INIT_LOG |
DB_INIT_MPOOL | DB_INIT_TXN , 0);
//keep old function for chain
//old_rep_process_message=cur_env.get_DB_ENV()->rep_process_message;
//derouting
//cur_env.get_DB_ENV()->rep_process_message=my_rep_process_message;
/*int _i;
cur_env.log_get_config(DB_LOG_DIRECT, &_i);printf ("DB_LOG_DIRECT = %d\n",_i);
cur_env.log_get_config(DB_LOG_DSYNC, &_i);printf ("DB_LOG_DSYNC = %d\n",_i);
cur_env.log_get_config(DB_LOG_AUTO_REMOVE, &_i);printf ("DB_LOG_AUTO_REMOVE = %d\n",_i);
cur_env.log_get_config(DB_LOG_IN_MEMORY, &_i);printf ("DB_LOG_IN_MEMORY = %d\n",_i);
cur_env.log_get_config(DB_LOG_ZERO,&_i);printf ("DB_LOG_ZERO = %d\n",_i);
// Start checkpoint and log archive support threads.
(void)thread_create(&ckp_thr, NULL, checkpoint_thread, &cur_env);
(void)thread_create(&lga_thr, NULL, log_archive_thread, &cur_env);
(void)thread_create(&dmy_thr, NULL, dummy_write_thread, &cur_env);
cur_env.repmgr_start(3, app_config->start_policy);
}int RepQuoteExample::terminate() {
try {
// Wait for checkpoint and log archive threads to finish.
// Windows does not allow NULL pointer for exit code variable.
thread_exit_status_t exstat;
(void)thread_join(lga_thr, &exstat);
(void)thread_join(ckp_thr, &exstat);
(void)thread_join(dmy_thr, &exstat);
// We have used the DB_TXN_NOSYNC environment flag for
// improved performance without the usual sacrifice of
// transactional durability, as discussed in the
// "Transactional guarantees" page of the Reference
// Guide: if one replication site crashes, we can
// expect the data to exist at another site. However,
// in case we shut down all sites gracefully, we push
// out the end of the log here so that the most
// recent transactions don't mysteriously disappear.
cur_env.log_flush(NULL);
cur_env.close(0);
} catch (DbException dbe) {
cout << "error closing environment: " << dbe.what() << endl;
return 0;
void RepQuoteExample::prompt() {
cout << "QUOTESERVER";
if (!app_data.is_master)
cout << "(read-only)";
cout << "> " << flush;
void log(const char *msg) {
time_t currentTime;
// get and print the current time
time (¤tTime); // fill now with the current time
char buff[255];
strncpy(buff,ctime(¤tTime),sizeof(buff));
char *p;
for(p =buff ; *p != '\n'; p++);
*p = '\0';
cerr << buff << " - " << msg << endl;
// Simple command-line user interface:
// - enter "<stock symbol> <price>" to insert or update a record in the
// database;
// - just press Return (i.e., blank input line) to print out the contents of
// the database;
// - enter "quit" or "exit" to quit.
void RepQuoteExample::doloop() {
DbHolder dbh1(&cur_env,DATABASE);
DbHolder dbh2(&cur_env,DATABASE2);
DbHolder *dbh=&dbh1;
DbTxn *txn;
string input;
bool truncate = false;
char *c;
using_history();
g_repquote=*dbh;
int loop_rate = 0;
int txn_rate = 500;
while (prompt(), /*getline(cin, input)*/c=readline(NULL)) {
input=std::string(c);
add_history(c);
free(c);
int start_loop = 0;
int end_loop = 0;
int start_loop_d = 0;
int end_loop_d = 0;
istringstream is(input);
string token1, token2, token3;
truncate = false;
start_loop = 0;
end_loop = 0;
// Read 0, 1 or 2 tokens from the input.
int count = 0;
if (is >> token1) {
count++;
if (is >> token2)
count++;
if (is >> token3)
count++;
if (count == 1) {
if (token1 == "truncate" ) {
truncate = true;
else if (token1 == "env" ){
print_env(&cur_env);
continue;
else if (token1 == "verbose" ) {
app_config->verbose = !app_config->verbose;
if (app_config->verbose)
cur_env.set_verbose(DB_VERB_REPLICATION, 1);
cur_env.set_verbose(DB_VERB_REPMGR_MISC, 1);
cur_env.set_verbose(DB_VERB_RECOVERY, 1);
cur_env.set_verbose(DB_VERB_REP_ELECT, 1);
cur_env.set_verbose(DB_VERB_REP_LEASE, 1);
cur_env.set_verbose(DB_VERB_REP_SYNC, 1);
cur_env.set_verbose(DB_VERB_REPMGR_MISC, 1);
log("verbose is on");
else
cur_env.set_verbose(DB_VERB_REPLICATION, 0);
cur_env.set_verbose(DB_VERB_REPMGR_MISC, 0);
cur_env.set_verbose(DB_VERB_RECOVERY, 0);
cur_env.set_verbose(DB_VERB_REP_ELECT, 0);
cur_env.set_verbose(DB_VERB_REP_LEASE, 0);
cur_env.set_verbose(DB_VERB_REP_SYNC, 0);
cur_env.set_verbose(DB_VERB_REPMGR_MISC, 0);
log("verbose is off");
continue;
else if (token1 == "print" ) {
print_stocks(*dbh);
count = 0;
else if (token1 == "db1" ) {
dbh=&dbh1;
g_repquote=*dbh;
log( "switch to Db1");
count = 0;
else if (token1 == "db2" ) {
dbh=&dbh2;
g_repquote=*dbh;
log( "switch to Db2");
count = 0;
else if (token1 == "exit" || token1 == "quit") {
app_data.app_finished = 1;
break;
} else {
log("Format: <stock> <price>");
continue;
else if (count == 2)
if (token1 == "loop_rate" ){
loop_rate = atoi(token2.c_str());
continue;
if (token1 == "txn_rate" ){
txn_rate = atoi(token2.c_str());
continue;
else if (count == 3)
if (token1 == "loop" ) {
start_loop = atoi(token2.c_str());
end_loop = start_loop + atoi(token3.c_str());
if (token1 == "delete" ) {
start_loop_d = atoi(token2.c_str());
end_loop_d = start_loop_d + atoi(token3.c_str());
// Here we know count is either 0 or 2, so we're about to try a
// DB operation.
// Open database with DB_CREATE only if this is a master
// database. A client database uses polling to attempt
// to open the database without DB_CREATE until it is
// successful.
// This DB_CREATE polling logic can be simplified under
// some circumstances. For example, if the application can
// be sure a database is already there, it would never need
// to open it with DB_CREATE.
if (!dbh->ensure_open(app_data.is_master))
continue;
try {
if (count == 0)
if (app_data.in_client_sync)
log( "Cannot read data during client initialization - please try again.");
else
print_stocks_size(*dbh);
else if (!app_data.is_master)
log("Can't update at client");
else {
if (truncate)
u_int32_t no_remove;
txn = NULL;
cur_env.txn_begin(NULL, &txn, DB_TXN_NOWAIT);
try
(*dbh)->truncate(txn, &no_remove, 0);
// commit
txn->commit(0);
txn = NULL;
} catch (DbException &e) {
std::cout << "Error on txn commit: " << e.what() << std::endl;
// } catch (DbDeadlockException &) {
if (txn != NULL)
(void)txn->abort();
// std::cout << "Error on txn commit: " << std::endl;
else if (start_loop)
int j=0;
for (int i=start_loop; i<=end_loop; i=i+txn_rate)
//transaction begin
txn = NULL;
cur_env.txn_begin(NULL, &txn, 0);
for (j=i; j<=end_loop && j<=(i+txn_rate); j++)
Dbt key, value;
std::string key1, value1;
std::stringstream sstrm;
sstrm << "key" << j << ends;
key1 = sstrm.str();
key.set_data((void *)key1.c_str());
key.set_size((u_int32_t)strlen(key1.c_str()));
sstrm.str("");
int payload = rand() + j;
sstrm << "price" << payload << ends;
value1 = sstrm.str();
value.set_data((void *)value1.c_str());
value.set_size((u_int32_t)strlen(value1.c_str()));
// Perform the database put
(*dbh)->put(txn, &key, &value, 0);
printf("Kill me !!\n");
kill(getpid(),-9);
exit(0);
try
// commit
txn->commit(0);
txn = NULL;
} catch (DbException &e) {
std::cout << "Error on txn commit: " << e.what() << std::endl;
if (loop_rate>0)
usleep(txn_rate * 1000 * 1000 / loop_rate);
else if (start_loop_d)
int j=0;
for (int i=start_loop_d; i<=end_loop_d; i=i+100)
//transaction begin
txn = NULL;
cur_env.txn_begin(NULL, &txn, 0);
for (j=i; j<=end_loop_d && j<=(i+100); j++)
Dbt key, value;
std::string key1, value1;
std::stringstream sstrm;
sstrm << "key" << j << ends;
key1 = sstrm.str();
key.set_data((void *)key1.c_str());
key.set_size((u_int32_t)strlen(key1.c_str()));
// Perform the database put
(*dbh)->del(txn, &key, 0);
try
// commit
txn->commit(0);
txn = NULL;
} catch (DbException &e) {
std::cout << "Error on txn commit: " << e.what() << std::endl;
else
const char *symbol = token1.c_str();
StringDbt key(const_cast<char*>(symbol));
const char *price = token2.c_str();
StringDbt data(const_cast<char*>(price));
(*dbh)->put(NULL, &key, &data, 0);
} catch (DbDeadlockException e) {
log("please retry the operation");
dbh->close();
} catch (DbRepHandleDeadException e) {
log("please retry the operation");
dbh->close();
} catch (DbException e) {
if (e.get_errno() == DB_REP_LOCKOUT) {
log("please retry the operation");
dbh->close();
} else
throw;
dbh->close();
void RepQuoteExample::event_callback(DbEnv* dbenv, u_int32_t which, void *info)
static char buf[256];
APP_DATA app = (APP_DATA)dbenv->get_app_private();
info = NULL; /* Currently unused. */
switch (which) {
case DB_EVENT_REP_CLIENT:
app->is_master = 0;
app->in_client_sync = 1;
sprintf(buf,"%s - %s",progname,"CLIENT");
//EZ->dbenv->set_errpfx(buf);
log("DB_EVENT_REP_CLIENT.");
break;
case DB_EVENT_REP_MASTER:
app->is_master = 1;
app->in_client_sync = 0;
sprintf(buf,"%s - %s",progname,"MASTER");
//EZ->dbenv->set_errpfx(buf);
log("DB_EVENT_REP_MASTER.");
break;
case DB_EVENT_REP_NEWMASTER:
log("DB_EVENT_REP_NEWMASTER.");
app->in_client_sync = 1;
break;
case DB_EVENT_REP_PERM_FAILED:
// Did not get enough acks to guarantee transaction
// durability based on the configured ack policy. This
// transaction will be flushed to the master site's
// local disk storage for durability.
log("DB_EVENT_REP_PERM_FAILED.");
log("Insufficient acknowledgements to guarantee transaction durability.");
break;
case DB_EVENT_REP_STARTUPDONE:
app->in_client_sync = 0;
log("DB_EVENT_REP_STARTUPDONE.");
break;
case DB_EVENT_REP_ELECTION_FAILED:
log("DB_EVENT_REP_ELECTION_FAILED.");
//g_runner->init(g_config);
printf("Kill me !!\n");
kill(getpid(),-9);
exit(0);
break;
case DB_EVENT_REP_DUPMASTER:
log("DB_EVENT_REP_DUPMASTER.");
break;
default:
dbenv->errx("ignoring event %d", which);
void RepQuoteExample::print_stocks_size(Db *dbp) {
DB_BTREE_STAT *statp;
dbp->stat(NULL, &statp, 0);
log("db_stat");
cout << "***************************************** >>>>>>>>>>> : database contains " << (u_long)statp->bt_ndata << " records\n";
void RepQuoteExample::print_env(DbEnv *dbenv) {
dbenv->stat_print(DB_STAT_ALL);
void RepQuoteExample::print_stocks(Db *dbp) {
StringDbt key, data;
#define MAXKEYSIZE 10
#define MAXDATASIZE 20
char keybuf[MAXKEYSIZE + 1], databuf[MAXDATASIZE + 1];
char kbuf, dbuf;
memset(&key, 0, sizeof(key));
memset(&data, 0, sizeof(data));
kbuf = keybuf;
dbuf = databuf;
DbcAuto dbc(dbp, 0, 0);
cout << "\tSymbol\tPrice" << endl
<< "\t======\t=====" << endl;
int no_records =0;
for (int ret = dbc->get(&key, &data, DB_FIRST);
ret == 0;
ret = dbc->get(&key, &data, DB_NEXT)) {
key.get_string(&kbuf, MAXKEYSIZE);
data.get_string(&dbuf, MAXDATASIZE);
no_records++;
cout << "\t" << keybuf << "\t" << databuf << endl;
cout << "********************** NO Records " << no_records << endl;
cout << endl << flush;
dbc.close();
static void usage() {
cerr << "usage: " << progname << " -h home -l host:port [-CM]"
<< "[-r host:port][-R host:port]" << endl
<< " [-a all|quorum][-b][-n nsites][-p priority][-v]" << endl;
cerr << "\t -h home (required; h stands for home directory)" << endl
<< "\t -l host:port (required; l stands for local)" << endl
<< "\t -C or -M (optional; start up as client or master)" << endl
<< "\t -r host:port (optional; r stands for remote; any "
<< "number of these" << endl
<< "\t may be specified)" << endl
<< "\t -R host:port (optional; R stands for remote peer; only "
<< "one of" << endl
<< "\t these may be specified)" << endl
<< "\t -a all|quorum (optional; a stands for ack policy)" << endl
<< "\t -b (optional; b stands for bulk)" << endl
<< "\t -n nsites (optional; number of sites in replication "
<< "group; defaults " << endl
<< "\t to 0 to try to dynamically compute nsites)" << endl
<< "\t -p priority (optional; defaults to 100)" << endl
<< "\t -v (optional; v stands for verbose)" << endl;
exit(EXIT_FAILURE);
int main(int argc, char **argv) {
RepConfigInfo config;
char ch, portstr, tmphost;
int tmpport;
bool tmppeer;
config.no_dummy_wr = false;
// Extract the command line parameters
while ((ch = getopt(argc, argv, "E:a:bCh:l:Mn:p:R:r:vw")) != EOF) {
tmppeer = false;
switch (ch) {
case 'a':
if (strncmp(optarg, "all", 3) == 0)
config.ack_policy = DB_REPMGR_ACKS_ALL;
else if (strncmp(optarg, "quorum", 6) != 0)
usage();
break;
case 'b':
config.bulk = true;
break;
case 'C':
config.start_policy = DB_REP_CLIENT;
break;
case 'E':
config.start_policy = DB_REP_ELECTION;
break;
case 'h':
config.home = optarg;
break;
case 'l':
config.this_host.host = strtok(optarg, ":");
if ((portstr = strtok(NULL, ":")) == NULL) {
cerr << "Bad host specification." << endl;
usage();
config.this_host.port = (unsigned short)atoi(portstr);
config.got_listen_address = true;
break;
case 'M':
config.start_policy = DB_REP_MASTER;
break;
case 'n':
config.totalsites = atoi(optarg);
break;
case 'p':
config.priority = atoi(optarg);
break;
case 'R':
tmppeer = true; // FALLTHROUGH
case 'r':
tmphost = strtok(optarg, ":");
if ((portstr = strtok(NULL, ":")) == NULL) {
cerr << "Bad host specification." << endl;
usage();
tmpport = (unsigned short)atoi(portstr);
config.addOtherHost(tmphost, tmpport, tmppeer);
break;
case 'v':
config.verbose = true;
break;
case 'w':
config.no_dummy_wr = true;
//config.priority = 2;
break;
case '?':
default:
usage();
// Error check command line.
if ((!config.got_listen_address) || config.home == NULL)
usage();
RepQuoteExample runner;
g_runner=&runner;
g_config=&config;
try {
runner.init(&config);
runner.doloop();
} catch (DbException dbe) {
cerr << "Caught an exception during initialization or"
<< " processing: " << dbe.what() << endl;
runner.terminate();
return 0;
// This is a very simple thread that performs checkpoints at a fixed
// time interval. For a master site, the time interval is one minute
// plus the duration of the checkpoint_delay timeout (30 seconds by
// default.) For a client site, the time interval is one minute.
void checkpoint_thread(void args)
DbEnv *env;
APP_DATA *app;
int i, ret;
env = (DbEnv *)args;
app = (APP_DATA *)env->get_app_private();
for (;;) {
// Wait for one minute, polling once per second to see if
// application has finished. When application has finished,
// terminate this thread.
for (i = 0; i < 60; i++) {
sleep(1);
if (app->app_finished == 1)
return ((void *)EXIT_SUCCESS);
// Perform a checkpoint.
// original line
if ((ret = env->txn_checkpoint(0, 0, 0)) != 0) {
//if ((ret = env->txn_checkpoint(0, 0, DB_FORCE)) != 0) {
env->err(ret, "Could not perform checkpoint.\n");
return ((void *)EXIT_FAILURE);
// This is a simple log archive thread. Once per minute, it removes all but
// the most recent 3 logs that are safe to remove according to a call to
// DBENV->log_archive().
// Log cleanup is needed to conserve disk space, but aggressive log cleanup
// can cause more frequent client initializations if a client lags too far
// behind the current master. This can happen in the event of a slow client,
// a network partition, or a new master that has not kept as many logs as the
// previous master.
// The approach in this routine balances the need to mitigate against a
// lagging client by keeping a few more of the most recent unneeded logs
// with the need to conserve disk space by regularly cleaning up log files.
// Use of automatic log removal (DBENV->log_set_config() DB_LOG_AUTO_REMOVE
// flag) is not recommended for replication due to the risk of frequent
// client initializations.
void log_archive_thread(void args)
DbEnv *env;
APP_DATA *app;
char **begin, **list;
int i, listlen, logs_to_keep, minlog, ret;
env = (DbEnv *)args;
app = (APP_DATA *)env->get_app_private();
logs_to_keep = 3;
for (;;) {
// Wait for one minute, polling once per second to see if
// application has finished. When application has finished,
// terminate this thread.
for (i = 0; i < 60; i++) {
sleep(1);
if (app->app_finished == 1)
return ((void *)EXIT_SUCCESS);
// Get the list of unneeded log files.
if ((ret = env->log_archive(&list, DB_ARCH_ABS)) != 0) {
env->err(ret, "Could not get log archive list.");
return ((void *)EXIT_FAILURE);
if (list != NULL) {
listlen = 0;
// Get the number of logs in the list.
for (begin = list; *begin != NULL; begin++, listlen++);
// Remove all but the logs_to_keep most recent
// unneeded log files.
minlog = listlen - logs_to_keep;
for (begin = list, i= 0; i < minlog; list++, i++) {
if ((ret = unlink(*list)) != 0) {
env->err(ret,
"logclean: remove %s", *list);
env->errx(
"logclean: Error remove %s", *list);
free(begin);
return ((void *)EXIT_FAILURE);
free(begin);
#define DATABASE_DUMMY "dummy.db"
void create_dummy_db(DB_ENV env, DB *dbp)
DB_ENV *dbenv=env;
int ret;
u_int32_t db_flags;
if ((ret = db_create(dbp, dbenv, 0)) != 0)
dbenv->err(dbenv, ret, "create_dummy_db: db_create");
db_flags = DB_AUTO_COMMIT | DB_CREATE;
//if ((ret = (*dbp)->open(*dbp,NULL, DATABASE, NULL, DB_BTREE, db_flags, 0)) != 0)
if ((ret = (*dbp)->open(*dbp,NULL, NULL, DATABASE_DUMMY, DB_BTREE, db_flags, 0)) != 0)
dbenv->err(dbenv, ret, "create_dummy_db: DB->open");
void reopen_dummy_db(DB_ENV env, DB *dbp)
DB_ENV *dbenv=env;
int ret;
u_int32_t db_flags;
if ((ret = db_create(dbp, dbenv, 0)) != 0)
dbenv->err(dbenv, ret, "create_dummy_db: db_create");
db_flags = DB_AUTO_COMMIT | DB_CREATE;
//if ((ret = (*dbp)->open(*dbp,NULL, DATABASE, NULL, DB_BTREE, db_flags, 0)) != 0)
if ((ret = (*dbp)->open(*dbp,NULL, NULL, DATABASE_DUMMY, DB_BTREE, db_flags, 0)) != 0)
dbenv->err(dbenv, ret, "reopen_dummy_db: DB->open");
void perform_db_operation(DB_ENV env, DB *dbp, bool bRead)
//main loop
//DB *dbp=NULL;
DB_ENV *dbenv=env;
int ret;
u_int32_t db_flags;
DBT key, data;
char buf[20]="dummy", *rbuf;
rbuf=buf;
if (*dbp == NULL)
create_dummy_db(dbenv, dbp);
if (! bRead)
memset(&key, 0, sizeof(key));
memset(&data, 0, sizeof(data));
key.data = buf;
key.size = (u_int32_t)strlen(buf);
data.data = rbuf;
data.size = (u_int32_t)strlen(rbuf);
if ((ret = (*dbp)->put(*dbp, NULL, &key, &data, 0)) != 0)
if (ret == DB_REP_HANDLE_DEAD)
//create_dummy_db(dbenv, dbp);
reopen_dummy_db(dbenv, dbp);
(*dbp)->err(*dbp, ret, "DB->put :");
else
if (ret != DB_KEYEXIST)
(*dbp)->err(*dbp, ret, "perform_db_operation: DB->put");
else
DB_BTREE_STAT *statp;
(*dbp)->stat(*dbp,NULL, &statp, 0);
std::cout<<"dbp read stats: key#"<< statp->bt_nkeys <<std::endl;
void dummy_write_thread(void args)
DbEnv *env;
APP_DATA *app;
char **begin, **list;
int i, listlen, logs_to_keep, minlog, ret;
DB *m_dbp; // a pointer
env = (DbEnv *)args;
app = (APP_DATA *)env->get_app_private();
logs_to_keep = 3;
for (;;) {
if (! app->no_dummy_wr)
if (app->is_master)
perform_db_operation(env->get_DB_ENV(),&m_dbp,false);
//env->txn_checkpoint(0, 0, DB_FORCE);
usleep(1 * 1000 * 1000);
else
if (app->is_master)
//DB *db_quote=g_repquote->get_DB();
//perform_db_operation(env->get_DB_ENV(),&db_quote,true);
//if (g_repquote)
// g_runner->print_stocks_size(g_repquote);
//env->txn_checkpoint(0, 0, DB_FORCE);
//perform_db_operation(env->get_DB_ENV(),&m_dbp,false);
env->rep_flush();
usleep(4 * 1000 * 1000);
my script to simulate the split brain
#!/bin/sh
[ -z "$node1" ] && node1=10.10.32.121
[ -z "$node2" ] && node2=10.10.32.91
trap myend 0 1 2 3 6 9 14 15
myend()
echo "Receive signal to stop test..."
un_split_brain
echo "done"
exit 1
split_brain()
echo -n "Split-Brain at node $node..."
snmpset -m ALL -v 2c -c svil 10.10.0.100 ifAdminStatus.41 i 2 >/dev/null 2>&1
echo "done"
un_split_brain()
echo -n "Undo Split-Brain at node $node..."
snmpset -m ALL -v 2c -c svil 10.10.0.100 ifAdminStatus.41 i 1 >/dev/null 2>&1
echo "done"
is_slave()
local r=$(ssh root@$1 "tail -2 /tmp/BDB.log" | grep -c CLIENT)
[ $r -gt 1 ] && ret=1 || ret=0
return $ret
is_master()
local r=$(ssh root@$1 "tail -2 /tmp/BDB.log" | grep -c MASTER)
[ $r -gt 1 ] && ret=1 || ret=0
return $ret
wait_for_master()
echo -n "Waiting for MASTER at node $node ... "
is_master $node
r=$?
while ( [ ! $r -eq 1 ] )
do
usleep 500000
is_master $node
r=$?
echo -n "."
done
echo "done"
wait_for_slave()
local r
local tm
tm=0
echo -n "Waiting for SLAVE at node $node ... "
is_slave $node
r=$?
while ( [ ! $r -eq 1 ] )
do
usleep 500000
is_slave $node
r=$?
echo -n "."
tm=$((tm+1))
[ $tm -gt 120 ] && break
done
[ $tm -gt 120 ] && ret=0 || ret=1
echo "done"
return $ret
run_test_split_brain()
local nt
nt=1
nfails=0
x=4
[ -z "$1" ] && node=$node2
while ((1))
do
printf "*************** TEST [%02d] ********************\n" $nt
split_brain
wait_for_master
x=$((RANDOM%9))
echo -n " waiting $x sec ..."
sleep $x
echo "done"
un_split_brain
wait_for_slave
r=$?
[ ! $r -eq 1 ] && echo "`date` - test [$nt] - fails ..." || echo "`date` - test [$nt] - OK ."
[ ! $r -eq 1 ] && nfails=$((nfails+1))
perc_failure=$(echo "100.0 - $nfails / $nt * 100.0" | bc -l)
echo "************************************************ [% Success test $perc_failure % ]"
nt=$((nt+1))
x=$((RANDOM%9))
echo -n " waiting $x sec ..."
sleep $x
done
run_test_split_brain
here is the makefile to run to two environments
i run:
- make run
and in another window sh test_split_brain.sh
node1?=10.10.32.121
node2?=10.10.32.91
nsite?=2
debug?=0
all: RepQuoteExampleEric install
RepConfigInfo.o: RepConfigInfo.cpp RepConfigInfo.h
g++ -I/usr/local/BerkeleyDB.5.1/include/ -g -O0 -c RepConfigInfo.cpp -o RepConfigInfo.o
RepQuoteExampleEric: RepQuoteExampleEric.cpp RepConfigInfo.o
g++ -I/usr/local/BerkeleyDB.5.1/include/ -g -O0 RepQuoteExampleEric.cpp RepConfigInfo.o -o RepQuoteExampleEric -L /usr/local/BerkeleyDB.5.1/lib/ -lreadline -lcurses -ldb_cxx
kill:
-ssh -X root@$(node1) "killall -9 /root/RepQuoteExampleEric"
-ssh -X root@$(node2) "killall -9 /root/RepQuoteExampleEric"
run: RepQuoteExampleEric kill install clean_env
ssh -X root@$(node1) "xterm -geom 100x20+100+100 -e \"LD_LIBRARY_PATH=/usr/local/BerkeleyDB.5.1/lib/ /root/RepQuoteExampleEric -h /opt/bdb/ -l 2.0.0.110:12345 -r 2.0.0.210:12345 -a quorum -b -n $(nsite) -v | tee /tmp/BDB.log\"" &
ssh -X root@$(node2) "xterm -geom 100x20+800+100 -e \"LD_LIBRARY_PATH=/usr/local/BerkeleyDB.5.1/lib/ /root/RepQuoteExampleEric -h /opt/bdb/ -l 2.0.0.210:12345 -r 2.0.0.110:12345 -a quorum -b -n $(nsite) -v -w | tee /tmp/BDB.log\"" &
run_node2: clean_env2
ssh -X root@$(node2) "xterm -geom 100x20+800+100 -e \"LD_LIBRARY_PATH=/usr/local/BerkeleyDB.5.1/lib/ /root/RepQuoteExampleEric -h /opt/bdb/ -l 2.0.0.210:12345 -r 2.0.0.110:12345 -a quorum -b -n $(nsite) -v -w | tee /tmp/BDB.log\"" &
debug_node2: clean_env2
ssh -X root@$(node2) "xterm -geom 100x20+800+100 -e \"LD_LIBRARY_PATH=/usr/local/BerkeleyDB.5.1/lib/ /root/RepQuoteExampleEric -h /opt/bdb/ -l 2.0.0.210:12345 -r 2.0.0.110:12345 -a quorum -b -n $(nsite) -v -w | tee /tmp/BDB.log\"" &
sleep 3
ssh -X root@$(node2) /sbin/pidof RepQuoteExampleEric >/tmp/pid
ssh -X root@$(node2) ~/kdbg /root/db-5.1.19/examples/cxx/excxx_repquote/RepQuoteExampleEric -p `cat /tmp/pid`
run_debug_node1: RepQuoteExampleEric kill install clean_env
ssh -X root@$(node1) "xterm -geom 100x20+100+100 -e \"LD_LIBRARY_PATH=/usr/local/BerkeleyDB.5.1/lib/ /root/kdbg /root/RepQuoteExampleEric\" " &
ssh -X root@$(node2) "xterm -geom 100x20+800+100 -e \"LD_LIBRARY_PATH=/usr/local/BerkeleyDB.5.1/lib/ /root/RepQuoteExampleEric -h /opt/bdb/ -l 2.0.0.210:12345 -r 2.0.0.110:12345 -a quorum -b -n $(nsite) -v\"" &
run_debug_node2: RepQuoteExampleEric kill install clean_env
ssh -X root@$(node1) "xterm -geom 100x20+100+100 -e \"LD_LIBRARY_PATH=/usr/local/BerkeleyDB.5.1/lib/ /root/RepQuoteExampleEric -h /opt/bdb/ -l 2.0.0.110:12345 -r 2.0.0.210:12345 -a quorum -b -n $(nsite) -v\" " &
ssh -X root@$(node2) "xterm -geom 100x20+800+100 -e \"LD_LIBRARY_PATH=/usr/local/BerkeleyDB.5.1/lib/ /root/kdbg /root/RepQuoteExampleEric\"" &
install: RepQuoteExampleEric
scp RepQuoteExampleEric root@$(node1):~
scp RepQuoteExampleEric root@$(node2):~
clean_env: clean_env1 clean_env2
clean_env1:
ssh -X root@$(node1) rm -rf /opt/bdb/*
clean_env2:
ssh -X root@$(node2) rm -rf /opt/bdb/*
Maybe you are looking for
-
H264 asynchron after rendering
dear community, I have recently bought Adobe Premiere Elements 11 to cut recorded TV program. It was recored from DVB-C via Terrratec H5 Stick using Terratec Home Cinema. First i tried cutting t with 2 different free programs, Smart Cutter and Avidem
-
When watching a movie every 7 seconds there is a very short freeze or shutter. The last 5 movies have had this problem. Iam unsure what to do.
-
Error when attempting to maintain cube by submitting task to Job Queue
Hi, I've been working with Cubes/Dimensions on AWM 10.2.0.3 for the last little while and have been maintaining cubes by selecting the Run maintenance task immediately in this session. This has been working reasonable well for me. I am now looking at
-
Touch pad not working on Pavilion ZT3000
My touchpad on my HP pavilion ZT3000 (yes, ancient but awesome) is not working after the latest update on XP . I can only use my usb mouse to move on the system. How I can determine (which link under device manage do I click on to see if it needs to
-
Purchased book - downloaded as app now won't sync
I went to the audible books section and purchased a book - I did not notice that it's categorized as an app (don't know if that means anything), and now it will not sync to my iphone. Can someone help? Thanks in advance1