VLAN prioritization for SAN traffic

I have a stack of 3750's running two VLANs, one for NFS traffic (id 130) and one for iSCSI traffic (id 150). I have jumbo framing (MTU 9000) on VLAN 150. I'd like to try prioritizing the iSCSI traffic using 802.1p. Can anyone point me to some configuration help? Does anyone have any thoughts or experiences with this idea? Thanks!

The MDS GE/iSCSI interface can set the DSCP value on outbound IP packets, but that is in the IP header (layer 3). From what I recall, the 802.1p bits are in the Layer 2 field between the MAC addresses and the Ethernet type, and from what I understand, the MDS does not provide any marking at that level.
You could mark via 802.1p inbound on the Ethernet Switch that the MDS GE port is attached to, but not directly out of the MDS GE port.
If you are interested in marking iSCSI using DSCP, here is web page describing how you set the iSCSI interface for the desired DSCP value.
Hope this helps,
Mike

Similar Messages

  • Putting QOS for voice traffic in switches.

    Hi All,
    does anybody know how to prioritize the voice traffic over data in the 2960 SW, in a scenario in which ethernet cable coming to ipphone & from IPphone to PC.

    Disclaimer
    The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
    Liability Disclaimer
    In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
    Posting
    Yes, I do.
    laugh - I was temped to stop with the above, as it directly answers your question, but I assume you want to know how.
    In principle, you recognize the VoIP traffic as being different from data traffic and provide it "special" egress treatment.  Normally you would enable QoS, and for egress, enable PQ, direct VoIP bearer traffic to that queue.  You might also direct VoIP signalling traffic to a queue that insures it's not unduly delayed or dropped.  You might also set rate caps on ingress VoIP traffic.
    Recognition of VoIP traffic can be done in different ways.  Your phones might support L2 CoS or L3 ToS marking, your switch might "analyze" ingress traffic, your switch might trust a Cisco VoIP phone, your switch and VoIP phones might use a dedicated VLAN.  Basically, there's lots of variables dealing with ingress.
    Unfortunately, you've provided insufficient information for specific recommendations.
    PS:
    BTW, your 2960 might also support auto-QoS, which may, or may not, be all you need to enable.

  • JumboFrames on cisco3750g for iSCSI traffic

    Hello Communality,
    I need you help!
    here is the goal: connect SAN and vmware ESXi by iSCSI via cisco3750g.
    on cisco I'm using a separated vlan for iSCSI traffic.
    So after turning on the JumboFrames on cisco ( system mtu jumbo 9000 > reload) I was trying to test it using PING command from the switch without success :-(
    #show system mtu
    System MTU size is 1500 bytes
    System Jumbo MTU size is 9000 bytes
    System Alternate MTU size is 1500 bytes
    Routing MTU size is 1500 bytes
    #ping 192.168.0.21 size 9000 df-bit repeat 1
    Type escape sequence to abort.
    Sending 1, 9000-byte ICMP Echos to 192.168.0.21, timeout is 2 seconds:
    Packet sent with the DF bit set
    Success rate is 0 percent (0/1)
    #show int gi1/0/3 mtu
    Port      Name               MTU
    Gi1/0/3   iSCSI              9000     
    #show vlan mtu
    VLAN    SVI_MTU    MinMTU(port)      MaxMTU(port)     MTU_Mismatch
    1    1500          9000              9000              No
    192   1500          9000              9000              No
    #show ru int gi1/0/3                        
    Building configuration...
    Current configuration : 108 bytes
    interface GigabitEthernet1/0/3
     description iSCSI
     switchport access vlan192
     switchport mode access
    end
    thanks!

    Hello
    Does the interface need to be an access port or trunk?
    res
    Paul

  • Which is prioritized for multicast traffic if FastSwitching and CEF is enable?

                       Hello
    Here is the related configuration and output of show command below,
    In my understanding, there are 3 swtching mode, CPU, fast-swthing and CEF swthing,
    But if FastSwthing and CEF swithing are enable both, then which swithing mode is prioritized for mutlicast traffic?
    interface Vlan302
    ip address 10.0.20.1 255.255.255.0
    3750X#sh ip int vlan 302
    Vlan302 is down, line protocol is down
      Internet address is 10.0.20.1/24
      Broadcast address is 255.255.255.255
      *omit
      IP fast switching is enabled
      IP Flow switching is disabled
      IP CEF switching is enabled
      IP CEF switching turbo vector
      IP Null turbo vector
      IP multicast fast switching is enabled
      IP multicast distributed fast switching is enabled
      IP route-cache flags are Fast, CEF
      *omit
    interface Vlan301
    ip address 10.0.10.1 255.255.255.0
    no ip mroute-cache
    3750X#sh ip int vlan 301
    Vlan301 is down, line protocol is down
      Internet address is 10.0.10.1/24
      Broadcast address is 255.255.255.255
      *omit
      IP fast switching is enabled
      IP Flow switching is disabled
      IP CEF switching is enabled
      IP CEF switching turbo vector
      IP Null turbo vector
      IP multicast fast switching is disabled
      IP multicast distributed fast switching is disabled
      IP route-cache flags are Fast, CEF, No Distributed
      *omit
    Product : Cat3750X
    IOS version :  15.0(2)SE5
    Best Regards,
    Masanobu Hiyoshi

    Disclaimer
    The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
    Liability Disclaimer
    In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
    Posting
    I'm not 100% certain, but I believe FastSwitching and CEF switching apply to unicast, not multicast.  Your "IP mroute-cache" command enables/disables fast multicast switching.
    On a 3750, switching should be hardware based, for unicast and multicast, unless TCAM resources are insufficient.  If hardware switching falls back to non-hardware switching, you'll likely find process vs. Fast vs. CEF vs. multicast doesn't matter, all too slow.

  • VLAN tagging for Desktops

    I have a test VDI 3.1.1 system set up and I have to say, I'm quite impressed. In about a day, I was able to serve Windows 7 desktops, something we can't do with our current VMware View setup. One apparent limitation I have run into, however, is 802.1q VLAN tagging support for Desktop NICs. I have created a 2-way aggregate on nxge0 and nxge1. The portchannel these are connected to is set up for 802.1q tagging, and Solaris is plumbed with aggr13001 to tag its packets with VLAN 13, for example. However, traffic from Desktops is not so tagged, so its packets go nowhere. Is there any way to define a VLAN for a given Desktop Pool? This is important for us, as we tend to keep server systems on campus-only subnets, while desktops get Internet-routed addresses.
    Thanks,
    Charles

    Aggregation shouldn't have any adverse effect here. You need to configure VDI to use the correct VLANs on a per Pools basis. In the VDI Manager first navigate to the Desktop Provider -> Networks tab and 'Refresh' the networks. This will scan all VirtualBox hosts in the provider for currently plumbed interfaces, each of which will be listed by their subnet.
    After all networks are detected navigate to the Pool -> Settings tab and select 'Host Networking' followed by the required subnet(s). The primary subnet listed here is used for RDP connections.

  • VLAN Setup for VMware

    I'm new to creating VLANs on a Cisco switch, and I'm trying to create VLANs using the SG 300-10 for a VMware environment.  I'd like to use Virtual Switch Tagging on the ESX hosts, so I can use many VLANs over few physical NICs.  Plus using VST, I can just specify the VLAN ID (setup on the physical switch), on the port group for each VLAN.
    I've changed the SG 300 to layer 3, as I'd like inter-routing between my VLANs.  This is the type of setup I'm looking for:-
    VLAN1 - Default
    VLAN 10 (192.168.10.1) to 20 (192.168.20.1) linked to ports GE3 & GE4.  I've connected port GE3 to ESX1 (vmnic2) and port GE4 to ESX2 (vmnic2)
    The problem is when I check my physical network adapters (i.e. vmnic2) in vSphere, the IP Ranges for observed traffic in every VLAN specified for the configured port are not showing (i.e. networks 192.168.10.1 to 192.168.20.1) 
    I have attached screen captures of all my setup & configuration so far, I'm obviously making a mistake...
    Could someone please advise what I'm missing?
    Thank you

    I'm new to creating VLANs on a Cisco switch, and I'm trying to create VLANs using the SG 300-10 for a VMware environment.  I'd like to use Virtual Switch Tagging on the ESX hosts, so I can use many VLANs over few physical NICs.  Plus using VST, I can just specify the VLAN ID (setup on the physical switch), on the port group for each VLAN.
    I've changed the SG 300 to layer 3, as I'd like inter-routing between my VLANs.  This is the type of setup I'm looking for:-
    VLAN1 - Default
    VLAN 10 (192.168.10.1) to 20 (192.168.20.1) linked to ports GE3 & GE4.  I've connected port GE3 to ESX1 (vmnic2) and port GE4 to ESX2 (vmnic2)
    The problem is when I check my physical network adapters (i.e. vmnic2) in vSphere, the IP Ranges for observed traffic in every VLAN specified for the configured port are not showing (i.e. networks 192.168.10.1 to 192.168.20.1) 
    I have attached screen captures of all my setup & configuration so far, I'm obviously making a mistake...
    Could someone please advise what I'm missing?
    Thank you

  • Administration port - network channel for admin traffic

    I am trying to configure a separate channel for Administration traffic on weblogic. I followed the oracle docos and configured the SSL, domain wide admin port, server listen address, ‘admin’ channel.
    The issue is admin traffic in not happening through the newly created channel.
    L2 network is not getting used. I can’t see any activity in the monitoring tab of new Channel. Also the netstat is showing that the port 9101/9102 is getting used on the 192.168.100.218 and not on 10.254.252.849.
    I also tried by setting up the newly created channel weight as 51, but no luck.
    Is JMX connectivity related to admin channel?
    Any help is highly appreciated. Thanks.
    Ipconfig:
    Admin: adminserver701.mycompany.internal, 192.168.100.238, 10.254.252.808
    Managed: appserver701.mycompany.internal, :192.168.100.218, 10.254.252.849
    Domain wide admin port: 9101
    Admin:
    Listen address –> adminserver701.mycompany.internal
    Channel –> admin -> 10.254.252.808/9101
    Startup -> -Dweblogic.admin.ListenAddress=admin://10.254.252.808:9101
    Managed:(appserver701)
    Listen address –> appserver701.mycompany.internal
    Admin port override: 9102
    Channel –> admin -> 10.254.252.849/9102
    Startup -> -Dweblogic.admin.ListenAddress=admin://10.254.252.849:9102
    AdminServer Logs:
    ####<Feb 18, 2013 1:53:33 PM EST> <Info> <JMX> <adminserver701.mycompany.internal> <soa_as> <[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361159613346> <BEA-149512> <JMX Connector Server started at service:jmx:iiop://adminserver701.mycompany.internal:9101/jndi/weblogic.management.mbeanservers.runtime .>
    ####<Feb 18, 2013 1:53:33 PM EST> <Info> <JMX> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361159613353> <BEA-149512> <JMX Connector Server started at service:jmx:iiop://adminserver701.mycompany.internal:9101/jndi/weblogic.management.mbeanservers.edit .>
    ####<Feb 18, 2013 1:53:33 PM EST> <Info> <JMX> <adminserver701.mycompany.internal> <soa_as> <[STANDBY] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361159613367> <BEA-149512> <JMX Connector Server started at service:jmx:iiop://adminserver701.mycompany.internal:9101/jndi/weblogic.management.mbeanservers.domainruntime .>
    ####<Feb 18, 2013 1:53:36 PM EST> <Notice> <Server> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361159616699> <BEA-002613> <Channel "DefaultAdministration" is now listening on 192.168.100.238:9101 for protocols admin, ldaps, https.>
    ####<Feb 18, 2013 1:53:36 PM EST> <Notice> <Server> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361159616700> <BEA-002613> <Channel "Channel-0" is now listening on 10.254.252.808:9101 for protocols admin, ldaps, https.>
    ####<Feb 18, 2013 1:55:12 PM EST> <Notice> <Server> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <cd259038c7dcf5a8:-26ac3ba0:13ceb6f767d:-8000-000000000000001a> <1361159712920> <BEA-002613> <Channel "Default" is now listening on 192.168.100.238:7001 for protocols iiop, t3, ldap, snmp, http.>
    ####<Feb 18, 2013 1:55:12 PM EST> <Notice> <Server> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <cd259038c7dcf5a8:-26ac3ba0:13ceb6f767d:-8000-000000000000001a> <1361159712920> <BEA-002613> <Channel "DefaultSecure" is now listening on 192.168.100.238:7002 for protocols iiops, t3s, ldaps, https.>
    ManagedServer Logs:
    ####<Feb 18, 2013 2:54:19 PM EST> <Info> <JMX> <appserver701.mycompany.internal> <adp_ms01> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361163259911> <BEA-149512> <JMX Connector Server started at service:jmx:iiop://appserver701.mycompany.internal:9102/jndi/weblogic.management.mbeanservers.runtime .>
    ####<Feb 18, 2013 2:54:20 PM EST> <Notice> <Server> <appserver701.mycompany.internal> <adp_ms01> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361163260350> <BEA-002613> <Channel "Channel-0" is now listening on 10.254.252.849:9102 for protocols admin, CLUSTER-BROADCAST-SECURE, ldaps, https.>
    ####<Feb 18, 2013 2:54:20 PM EST> <Notice> <Server> <appserver701.mycompany.internal> <adp_ms01> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361163260350> <BEA-002613> <Channel "DefaultAdministration" is now listening on 192.168.100.218:9102 for protocols admin, CLUSTER-BROADCAST-SECURE, ldaps, https.>
    ####<Feb 18, 2013 2:54:58 PM EST> <Notice> <Server> <appserver701.mycompany.internal> <adp_ms01> <[STANDBY] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <d3208ed6c2482016:-46ac5fed:13ceba69a8e:-7ffe-000000000000000e> <1361163298045> <BEA-002613> <Channel "DefaultSecure" is now listening on 192.168.100.218:7102 for protocols iiops, t3s, CLUSTER-BROADCAST-SECURE, ldaps, https.>
    ####<Feb 18, 2013 2:54:58 PM EST> <Notice> <Server> <appserver701.mycompany.internal> <adp_ms01> <[STANDBY] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <d3208ed6c2482016:-46ac5fed:13ceba69a8e:-7ffe-000000000000000e> <1361163298045> <BEA-002613> <Channel "Default" is now listening on 192.168.100.218:7101 for protocols iiop, t3, CLUSTER-BROADCAST, ldap, snmp, http.>
    AdminServer logs update while starting managed:
    ####<Feb 18, 2013 2:54:57 PM EST> <Info> <JMX> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <cd259038c7dcf5a8:-26ac3ba0:13ceb6f767d:-8000-0000000000000162> <1361163297488> <BEA-149506> <Established JMX Connectivity with adp_ms01 at the JMX Service URL of service: jmx:admin://appserver701.mycompany.internal:9102 /jndi/weblogic.management.mbeanservers.runtime.>
    Admin Server :
    [oracle@adminserver701 bin]$ netstat -an | grep 9101
    tcp 0 0 10.254.252.808:9101 0.0.0.0:* LISTEN
    tcp 0 0 192.168.100.238:9101 0.0.0.0:* LISTEN
    tcp 0 0 192.168.100.238:9101 192.168.100.218:59038 ESTABLISHED
    I am wondering if the JMX connectivity is using the server listen address (adminserver701.mycompany.internal) which will by default resolve to 192.168.100.238. Is there a way to force JMX to use 10.254.252.808?

    Hi
    For first question the answer is no. With the administration port, you enable the SSL between the admin server and Node manager-managed Servers. You can still use the web console.
    For teh second question, you can use ANT or can use the WLS Scripting ..you can get more details in dev2dev.bea.com
    Jin

  • Configuration for Queue Prioritization for EOIO Queues

    Hi,
    Please can anybody help me in configuring the queue prioritization for EOIO Queues.
    Regards
    Srinivas

    hi,
    Check these help..
    Eo/EOIO?BE - Queue - ? - /people/sap.india5/blog/2006/01/03/xi-asynchronous-message-processing-understanding-xi-queues-part-i
    Please go through these links
    /people/sap.india5/blog/2006/01/03/xi-asynchronous-message-processing-understanding-xi-queues-part-i
    For queues in message mapping
    /people/venkat.donela/blog/2005/06/09/introduction-to-queues-in-message-mapping
    Here are the Queues for Asynchronous Message Processing
    http://help.sap.com/saphelp_nw2004s/helpdata/en/7b/94553b4d53273de10000000a114084/frameset.htm
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/f078394a-4469-2910-c4bf-853c75674694
    Thanks,
    Vijaya.

  • Is Cisco Nexus 5596UP support vlan base Policing and traffic shaping on code NX OS version: 5.1(3)N1(1)

    Is Cisco Nexus 5596UP support vlan base Policing and traffic shaping on code NX OS version: 5.1(3)N1(1)
    where i couldn't see any police command under the policy map 

    I have tested this issue on another 5548UP with L3 running the same NX-OS version and get the same problem. Show CDP from the switch is not discovering devices, but the neightbors can see the 5K in question. Reboot sometimes will fix it, but not always. I suspect a problem with the software since that doesn't happen in NX-OS 5.2. The one I am using is
    Software
      BIOS:      version 3.6.0
      loader:    version N/A
      kickstart: version 5.1(3)N2(1)
      system:    version 5.1(3)N2(1)

  • Outbound PAT for SMTP traffic

    Cisco ASA 5505, Software 8.0(3)
    ASA IP: xxx.xxx.xxx.yy4/29
    This is part of my ASA config that ensures PAT for incomming SMTP traffic:
    access-list acl_inbound_outside extended permit tcp any host xxx.xxx.xxx.yy7 eq smtp
    nat-control
    global (outside) 1 interface
    nat (inside) 0 access-list acl_no_nat_inside
    nat (inside) 1 0.0.0.0 0.0.0.0
    static (inside,outside) tcp xxx.xxx.xxx.yy7 ftp 172.27.1.1 smtp netmask 255.255.255.255
    access-group acl_inbound_outside in interface outside
    This ensures SMTP traffic to xxx.xxx.xxx.yy7 reach my SMTP server.
    But outgoing SMTP traffic is from xxx.xxx.xxx.yy4 (WAN IP of ASA).
    How can I set up that ONLY SMTP traffic from 172.27.1.1 is PATed behind IP xxx.xxx.xxx.yy7 and other traffic from 172.27.1.1 will be NATed to
    xxx.xxx.xxx.yy4?

    Hi,
    It seems that there is either a typo or mistake in the configuration above.
    You are forwarding "ftp" port to "smtp" port
    Shouldnt it be
    static (inside,outside) tcp xxx.xxx.xxx.yy7 smtp 172.27.1.1 smtp netmask 255.255.255.255
    So in addition to forwarding the "smtp" port you also want all outgoing "smtp" traffic from this single host/server to use the public IP address xxx.xxx.xxx.yy7
    Then you can configure this
    access-list SMTP-POLICYPAT remark Policy PAT for SMTP traffic
    access-list SMTP-POLICYPAT permit tcp host 172.27.1.1 any eq smtp
    global (outside)  25 xxx.xxx.xxx.yy7
    nat (inside) 25 access-list SMTP-POLICYPAT
    Hope this helps
    Please do remember to mark the reply as the correct answer if it answered your question.
    - Jouni

  • The access to our new chess hall may be blocked by your local firewall. You would need to reconfigure your firewall to open port 15010 for TCP traffic.

    How do I do the following so I can get into my chess program??
    The access to our new chess hall may be blocked by your
    local firewall. You would need to reconfigure your firewall to open port 15010
    for TCP traffic.

    This is not really Firefox related.
    What you need to do here is to read the firewall manual which usually explains how to create a rule for what you want to do.
    If you're using the Windows XP firewall, see this Microsoft article: http://windows.microsoft.com/en-US/windows-vista/Firewall-frequently-asked-questions

  • Need Help on Configuring the Site to Site VPN from Cisco 2811 to Websense Cloud for web Traffic redirect

    Hi All,
    I need help on Configuring the Site to Site VPN from Cisco 2811 to Websense Cloud for web Traffic redirect
    2811 having C2800NM-ADVIPSERVICESK9-M
    2811 router connects to the Internet SW then connects to the Internet router.
    Note- For Authentication am using the Device ID & Pre share key. I am worried as all user traffic goes with PAT and not firing up my tunnel for port 80 traffic. Can you please suggest what can be the issue ?
    Below is router config for VPN & NAT
    crypto keyring ISR_Keyring
      pre-shared-key hostname vpn.websense.net key 2c22524d554556442d222d565f545246
    crypto isakmp policy 1
    encr 3des
    authentication pre-share
    group 2
    crypto isakmp keepalive 10
    crypto isakmp profile isa-profile
       keyring ISR_Keyring
       self-identity user-fqdn [email protected]
       match identity user vpn-proxy.websense.net
    crypto ipsec transform-set ESP-NULL-SHA esp-null esp-sha-hmac
    crypto map GUEST_WEB_FILTER 10 ipsec-isakmp
    set peer vpn.websense.net dynamic
    set transform-set ESP-NULL-SHA
    set isakmp-profile isa-profile
    match address 101
    interface FastEthernet0/1
    description connected to Internet
    ip address 216.222.208.101 255.255.255.128
    ip access-group HVAC_Public in
    ip nat outside
    ip virtual-reassembly
    duplex full
    speed 100
    no cdp enable
    crypto map GUEST_WEB_FILTER
    access-list 101 permit tcp 192.168.8.0 0.0.3.255 any eq www
    access-list 103 deny   ip 192.168.8.0 0.0.3.255 host 85.115.41.187 log
    access-list 103 deny   ip 192.168.8.0 0.0.3.255 host 85.115.41.181 log
    access-list 103 deny   ip 192.168.8.0 0.0.3.255 host 85.115.41.182 log
    access-list 103 deny   ip 192.168.8.0 0.0.3.255 86.111.216.0 0.0.1.255
    access-list 103 deny   ip 192.168.8.0 0.0.3.255 116.50.56.0 0.0.7.255
    access-list 103 deny   ip 192.168.8.0 0.0.3.255 86.111.220.0 0.0.3.255
    access-list 103 deny   ip 192.168.8.0 0.0.3.255 103.1.196.0 0.0.3.255
    access-list 103 deny   ip 192.168.8.0 0.0.3.255 177.39.96.0 0.0.3.255
    access-list 103 deny   ip 192.168.8.0 0.0.3.255 196.216.238.0 0.0.1.255
    access-list 103 permit ip 192.168.8.0 0.0.3.255 any
    ip nat pool mypool 216.222.208.101 216.222.208.101 netmask 255.255.255.128
    ip nat inside source list 103 interface FastEthernet0/1 overload
    ip nat inside source route-map nonat pool mypool overload

    How does Websense expect your source IPs in the tunnel? 192.168.8.0 0.0.3.255 or PAT'ed 216.222.208.101 ?
    Check
    show crypto isakmp sa
    show crypto ipsec sa
    show crypto session
    You'd better remove the preshared key from your post.

  • Can i use 3750 for SAN

    hi.
    my question is can i use the switch 3750 for SAN?? and what must i do to make it right ??
    thnx

    The Catalyst 3750 cannot be used for fibre channel SANs at this time. It can be used in conjunction with the MDS9500 switch with an IP storage services module (IPS module) or an SN5428-2 storage router to connect hosts to storage using iSCSI or geographically separate switches using FCIP. The MDS9500 and SN5428-2 have gigabit Ethernet interfaces that could be connected to a 3750 with GigE.

  • Which network is Oracle using for RAC traffic ? where you will get info ? ?

    Hi,
    I am using two node RAC on Oracle 10g R2 (10.2.0.3.0) version on SUN Solaris 10 . I want to know "Which network is Oracle using for RAC traffic ? where you will get info "
    --Kumar                                                                                                                                                                                                                                                                                                                                                                                           

    Hi Kumar,
    In 10g, you can query x$ksxpia. If the cluster_interconnect information is stored in OCR (default), you will get
    SQL> select INST_ID,PUB_KSXPIA,PICKED_KSXPIA, NAME_KSXPIA,IP_KSXPIA from x$ksxpia;
    If you specified the cluster_interconnects parameter in your init.ora:
    Columns to look in : INST_ID P PICK NAME_KSXPIA IP_KSXPIA
    And also you can use 'oradebug ipc' to see which interconnects the database is using:
    SQL> oradebug setmypid
    SQL> oradebug ipc
    Hope it helps...
    Thanks
    LaserSoft

  • Cascade Catalyst 3560 switch for loaded traffic

    I have a layer 3 Catalyst switch 3560 with 24 FE interfaces.
    I need to pump traffic from traffic generator into port 1 and propagate it to other ports; the last port will be connected back to the traffic generator.
    I suppose that I need to cascade some of the switchports but how do I configure the catalyst switch for this setup? Is it making use of routed port and static routing?

    Hi Ankur,
    Thanks for the reply.
    The traffic generator are layer 3 interfaces which I can assign IP address.
    You mentioned that I do not need any routing, but I require traffic coming from the traffic generator(e.g FE1) going into switchport 1 to traverse through the rest of the switchports before exiting from the last switchport back to the traffic generator(e.g FE2). Therefore, I need advice on how to setup the catalyst switch to achieve this.If I assign ip address for this traffic to end at the traffic generator-FE2, the generated traffic will enter the switch at switchport 1 and directly exit from the last switchport without any traversing done. Btw, do I need to cascade my switch with cross cable in this aspect?
    Thanks in advance for your advice.
    Regards,
    Raymond

Maybe you are looking for

  • 570 or 580... please explain the pros/cons

    Looking at putting together a budget list for the next budget year (not till July, but I needed a break from editing so I'm doing it now) and I've got a question about video cards. I've done a good bit of searching here, but haven't found a clear ans

  • Default description of interaction in Interaction centre

    Hi All, Currently whenever we end the interaction on Web IC,interaction is created automatically with description empty. Our requirment is to default the description text for the interaction record if user does not create the interaction manually in

  • What does a software or product installation do of the previous version of software?

    Does it removes the old version and install new version again or it modifies previous version and adds something to it?

  • Constantly getting invalid url.

    I have checked my keychain, date/time, reset my preferences, cleared my cashed, turned off and on...nope.  Nothing works.  Can anyone tell me what has happened.  It is even starting to pop upon my iPhone 5.  Bryan

  • WoW, wine and the x3100

    Just made the switch back to linux, due to a job I may be getting. Major issue's with WoW though. So I'm pretty much going to post a screen shot. I've tried many different WTF configs, and the default still give me this problem so I'm not going to po