WAAS - Dropping TCP Traffic

I'm having issues with TCP traffic between my edge and my core. Using L2 redirection at my edge with a 4507 (l3) and L2 redirection at my core with a 6500Sup720. I have a dedicated VLAN for my WAE's at both sites.
I issue the 'sh tfo connection summary' on my Core WAE and I see the following:
Local-IP:Port Remote-IP:Port ConnType
HostAIP:45056 HostBIP:80 PT AD Int Error
Does anyone know what the 'PT AD Int Error' indicates?

Michael,
We'll need to collect some additional information to determine what is going on. Can we start with the following (assuming you can reproduce the condition):
1. Change the disk logging level to 'debug':
conf
logg disk prior debug
end
2. Enable TFO AD debugging;
debug tfo conn auto
3. Disable the debug:
un all
4. Send me the syslog.txt file from the local1 directory.
Would it also be possible to collect a packet capture from the WAE showing this state?
Thanks,
Zach

Similar Messages

  • Firewall Dropping Packets - %FW-6-DROP_PKT: Dropping tcp session X.X.X.X X.

    Hi,
    Can anyone explain this error and what is a stray Segment with the IP ident 46866. I can't seem to find this error on the Cisco web site the only bug appears to be to do with Zone firewalls. I have an 877 Router on a remote site configured with IPSEC and a Tunnel back to the main office and I'm getting reported connection issues to network drives on servers located local to the LAN and on the headend LAN. Can't seem to find any other errors apart from this one.
    %FW-6-DROP_PKT: Dropping tcp session X.X.X.X X.X.X.X due to
    Stray Segment with ip ident 46866 tcpflags 0x5010 seq.no 1237259566 ack 3465174792
    If any one could help or point me in the right direction that would be great. Failing that I'm jumping off this building.
    Ta
    Jim

    This may help:
    Caveat "CSCsj30582"
    http://www.cisco.com/en/US/docs/ios/12_4t/release/notes/124TCAVS.html
    Symptoms: A Cisco IOS router that is running ZPF (Zone-based Policy Firewall) intermittently drops ESP packets even when it is configured to pass them. This causes traffic over an IPsec VPN tunnel through this router to fail intermittently, although the tunnel is up and phase 1 (isakmp) and phase 2 (ipsec) SAs have been established. If the router is configured to log dropped packets, it will log a %FW-6-DROP_PKT syslog message for these packets.
    Conditions: This symptom is observed on a Cisco IOS router that is enabled with ZPF (Zone-based Policy Firewall) and that is configured to pass the ESP traffic based on a "match access-group" policy, where the access list has entries to permit the ESP traffic specifically from one host to another.
    For example:
    class-map type inspect match-any cm-esp match access-group 100
    policy-map type inspect in2out class type inspect cm-esp pass
    access-list 100 permit esp host 10.0.0.2 host 10.1.1.2 access-list 100 permit esp host 10.1.1.2 host 10.0.0.2
    Workaround: Configure the access list so that the source is "any", for example:
    access-list 100 permit esp any host 10.1.1.2 access-list 100 permit esp any host 10.0.0.2
    First Alternate Workaround: Use the classic Cisco IOS firewall instead of ZPF; that is, use "ip inspect".
    Further Problem Description: If an explicit deny rule is added to the above example, for example:
    access-list 100 permit esp host 10.0.0.2 host 10.1.1.2 access-list 100 permit esp host 10.1.1.2 host 10.0.0.2 access-list 100 deny esp any any
    Then the show access-list command will indicate that the dropped packets are hitting the deny rule, although they should match one of the permit rules:
    Router# show access-lists 100
    Extended IP access list 100 10 permit esp host 10.0.0.2 host 10.1.1.2 (999 matches) 20 permit esp host 10.1.1.2 host 10.0.0.2 (999 matches) 30 deny ip any any (1 match)

  • Switch sending tcp traffic to incorrect interface

    Need help diagnosing a layer 2 networking issue. We had a report from an end user of slow file server access from his computer but local applications were responding normally. No one else was having issues in his area. Port mirrored the employees access port (Gi1/0/33) and noticed traffic from another computer crossing onto his port. Our design is to have one computer per port. This traffic was not intended for his computer as it was another employee opening and closing files on the file server (file server located on another switch). Checked MAC address table and his MAC address was the only one associated on the port. Traced the 2nd employees MAC address to a neighboring port (Gi1/0/35). Only MAC address associated on Gi1/0/35 was the 2nd employees. Cleared the mac address entry for Gi1/0/33 only and the extra traffic was eliminated immediately. 
    Why would a switch send tcp traffic to a port that a client does not communicate on? I asked the second employee if they noticed any issue in accessing the file server and none were reported.  Switch is a 3750x with version 12.2. 

    I've been double checking everything this morning and I feel we were not attacked. All the MAC addresses in my capture are valid system addresses. ISE does not show any authorized machines attempting to connect to the switch. We have DHCP snooping enabled throughout the organization. That was a great article to learn from though.
    I've included a visio of the setup and a snippet of the wire capture and arp/mac tables as were captured during the incident. Traffic from the fileserver intended for employee 2 was flooding the port employee 1 was connected on. The destination MAC address of the packets were not meant for employee 1. 
    Default config for both ports:
     switchport access vlan 101
     switchport mode access
     ip access-group ACL_DEFAULT in
     authentication event fail action next-method
     authentication host-mode multi-auth
     authentication open
     authentication order dot1x mab
     authentication priority dot1x mab
     authentication port-control auto
     authentication violation restrict
     mab
     snmp trap mac-notification change added
     snmp trap mac-notification change removed
     dot1x pae authenticator
     dot1x timeout tx-period 10
     spanning-tree portfast
     spanning-tree bpduguard enable
    Am I missing something? Was this an attack? Was it a fluke? 

  • The access to our new chess hall may be blocked by your local firewall. You would need to reconfigure your firewall to open port 15010 for TCP traffic.

    How do I do the following so I can get into my chess program??
    The access to our new chess hall may be blocked by your
    local firewall. You would need to reconfigure your firewall to open port 15010
    for TCP traffic.

    This is not really Firefox related.
    What you need to do here is to read the firewall manual which usually explains how to create a rule for what you want to do.
    If you're using the Windows XP firewall, see this Microsoft article: http://windows.microsoft.com/en-US/windows-vista/Firewall-frequently-asked-questions

  • IPhone app to intercept TCP traffic

    Hi,
    I would like to write an app for iPhone that will run in background and intercept all TCP traffic on iPhone generated by Safari browser.
    Is it possible to write such an app? Any relevant links or articles would be much appreciated.
    Anyone aware of similar app that runs on normal iPhone (not jailbreak)?
    Thanks.
    Ambi.

    >intercept all TCP traffic on iPhone generated by Safari browser.
    Your app does not have access outside of it's own sandbox....it's a privacy thing and a good one too.

  • Constant TCP traffic on LAN

    I'm getting constant TCP traffic between my computer (192.168.1.101) and the Linksys wireless -G router gateway (192.168.1.1). I used Wireshark to inspect the traffic, and various "agents" on various ports are pushing data to park-agent on port 5431. Each time I start Wireshark, I seem to get a different agent sending data to park-agent:
    taurus-wh (port 1610)
    commonspace (1592)
    danf-ak2 (1041)
    tripwire (1169)
    bmc-patiddb (1313)
    I don't know how to fix this. Any help much appreciated. Thanks.

    http://www.pc-library.com/ports/tcp-udp-port/5431/ indicates this port may be used by Trojan.Win32.Vaklik.dr. I would advise making sure your Anti Virus/Anti Malware software is up to date, run a full system scan,and see if the problem stops. If not, you should seek help either from your AV software vendor, or from one of the numerous security sites on the internet.
    Tomato 1.25vpn3.4 (SgtPepperKSU MOD) on a Buffalo WHR-HP-G54
    D-Link DSM-320 (Wired)
    Wii (Wireless) - PS3 (Wired), PSP (Wireless) - XBox360 (Wired)
    SonyBDP-S360 (Wired)
    Linksys NSLU2 Firmware Unslung 6.10 Beta unslung to a 2Gb thumb, w/1 Maxtor OneTouch III 200Gb
    IOmega StorCenter ix2 1TB NAS
    Linksys WVC54G w/FW V2.12EU
    and assorted wired and wireless PCs and laptops

  • Debugging TCP traffic

    I have an access list as shown:
    access-list 199 permit tcp host <ip address> any
    What debugging command can I use so that I can see the TCP traffic from this specific list?
    Thanks

    Corey
    There is an implicit part of the answer by Ankur and I think it helps to make it explicit. If you add the log keyword to the access list, then you also need to apply the access list to appropriate interface(s). And you would need to determine if there is any interaction between this access list and any other access lists that may be applied on any interface.
    I believe that you were probably looking for the debug ip packet 199 as Ankur has said. This modifies the debug output and only shows traffic that matches the access list. This can be very effective in reducing the impact of a debug that is potentially very disruptive.
    Also if you are telnetted to a router when you do this you will need to do terminal monitor so that you can see the debug output.
    HTH
    Rick

  • %FW-4-TCP_OoO_SEG: Dropping TCP Segment

    Any idea what this means? Why are these packets being dropped?
    Mar  2 13:46:11.315: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:1826858942 1492 bytes is out-of-order; expected seq:1826829902. Reason: TCP reassembly queue overflow - session 10.2.31.31:50052 to 31.13.69.42:80
    Mar  2 13:52:13.439: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:1264022358 1492 bytes is out-of-order; expected seq:1263984606. Reason: TCP reassembly queue overflow - session 10.2.31.31:50228 to 184.84.239.17:80
    Mar  2 14:08:46.261: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:3591782745 1492 bytes is out-of-order; expected seq:3591717405. Reason: TCP reassembly queue overflow - session 10.2.31.13:58412 to 207.46.206.46:80
    Mar  2 14:08:47.825: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:3591726117 1492 bytes is out-of-order; expected seq:3591720309. Reason: TCP reassembly queue overflow - session 10.2.31.13:58412 to 207.46.206.46:80

    Ronni,
    It looks like you are running some firewall inspection features on your router. What's happening is your out-of-order queue is getting full and dropping packets.
    One thing you can try is increasing the queue size:
    ip inspect tcp reassembly queue length
    I would suggest starting with a size of about 80 to see if it has any effect on the logs. If you are still seeing an issue, could you provide a 'show ip inspect statistics' and any relevant configuration?
    Thanks!
    Joey

  • WAAS don't traffic Optimized

    Hi ,
    I've problem with some waas device of my infrastructure .
    the version i 4.4.1.
    when I check the statistic I see that Optimization is null.
    waasballdre1#show statistics conn
    Current Active Optimized Flows:                      0
       Current Active Optimized TCP Plus Flows:          0
       Current Active Optimized TCP Only Flows:          0
       Current Active Optimized TCP Preposition Flows:   0
    Current Active Auto-Discovery Flows:                 4
    Current Reserved Flows:                              10
    Current Active Pass-Through Flows:                   26
    Historical Flows:                                    85
    O-ST: Origin State, T-ST: Terminal State
    E: Established, S: Syn, A: Ack, F: Fin, R: Reset
    s: sent, r: received, O: Options, P: Passthrough
    Local IP:Port       Remote IP:Port      Peer ID           O-ST T-ST ConnType   
    10.2.144.11:80      10.20.21.42:4256    N/A               Sr   Sso  EXTERNAL CLIENT
    10.2.144.12:80      10.20.21.42:4261    N/A               Sr   Sso  EXTERNAL CLIENT
    10.2.144.11:80      10.20.21.42:2343    N/A               Sr   Sso  EXTERNAL CLIENT
    10.2.144.12:80      10.20.21.42:2347    N/A               Sr   Sso  EXTERNAL CLIENT
    Local IP:Port         Remote IP:Port        Peer ID           ConnType         
    150.217.21.17:1137    10.1.144.73:4637      N/A               PT In Progress   
    10.9.144.44:50352     10.9.21.42:2000       N/A               PT In Progress   
    150.217.21.17:1137    10.1.144.78:1548      N/A               PT In Progress   
    150.217.21.17:1137    10.1.144.88:3140      N/A               PT In Progress   
    192.86.102.121:80     10.1.144.86:3620      N/A               PT No Peer       
    150.217.21.17:1137    10.1.144.83:4067      N/A               PT In Progress   
    10.9.21.42:2000       10.9.144.32:15133     N/A               PT In Progress   
    10.1.144.86:3620      192.86.102.121:80     N/A               PT No Peer       
    I have controlled the application policy and now is identical to other device that it good work .
    what can I do?
    thanks.
    Roberto

    Hi Ahmad,
    in the step 1 is ok and I've post the output:
    al-balldre#sh ip wccp 61 detail
    WCCP Client information:
            WCCP Client ID:          10.5.144.33
            Protocol Version:        2.0
            State:                   Usable
            Initial Hash Info:       FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
                                     FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
            Assigned Hash Info:      FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
                                     FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
            Hash Allotment:          256 (100.00%)
            Packets s/w Redirected:  392369
            Connect Time:            03:30:42
            Bypassed Packets
              Process:               0
              Fast:                  0
              CEF:                   0
    al-balldre#sh ip wccp 62 detail
    WCCP Client information:
            WCCP Client ID:          10.5.144.33
            Protocol Version:        2.0
            State:                   Usable
            Initial Hash Info:       FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
                                     FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
            Assigned Hash Info:      FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
                                     FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
            Hash Allotment:          256 (100.00%)
            Packets s/w Redirected:  459781
            Connect Time:            03:30:47
            Bypassed Packets
              Process:               0
              Fast:                  0
              CEF:                   0
    al-balldre#
    and in the interface is all configuired with any site (I've check).
    THE TEST
    waasballdre1#sh statistics connection | in 10.1.144.243
    10.1.144.243:2472     10.1.21.41:445        N/A               PT No Peer       
    yes I'm using wccp gre
    waasballdre1#sh wccp gre    
    Transparent GRE packets received:              1324923
    Transparent non-GRE packets received:          0
    Transparent non-GRE non-WCCP packets received: 0
    Total packets accepted:                        896070
    Invalid packets received:                      19
    Packets received with invalid service:         0
    Packets received on a disabled service:        0
    Packets received too small:                    0
    Packets dropped due to zero TTL:               0
    Packets dropped due to bad buckets:            0
    Packets dropped due to no redirect address:    0
    Packets dropped due to loopback redirect:      0
    Pass-through pkts on non-owned bucket:         0
    Connections bypassed due to load:              0
    Packets sent back to router:                   0
    GRE packets sent to router (not bypass):       0
    Packets sent to another WAE:                   0
    GRE fragments redirected:                      0
    GRE encapsulated fragments received:           2840
    Packets failed encapsulated reassembly:        0
    Packets failed GRE encapsulation:              0
    Packets dropped due to invalid fwd method:     0
    Packets dropped due to insufficient memory:    0
    Packets bypassed, no pending connection:       0
    Connections bypassed during wccp shutdown:     0
    Connections bypassed due to bypass-list lookup:0
    Conditionally Accepted connections:            0
    Conditionally Bypassed connections:            0
    L2 Bypass packets destined for loopback:       0
    Packets w/WCCP GRE received too small:         0
    Packets dropped due to received on loopback:   2
    Packets dropped due to IP access-list deny:    0
    Packets fragmented for bypass:                 0
    Packets fragmented for egress:                 0
    Packet pullups needed:                         0
    Packets dropped due to no route found:         0
    waasballdre1#
    waasballdre1#show egress-methods
    Intercept method : WCCP
          WCCP negotiated return method : WCCP GRE
                            Egress Method      Egress Method
          Destination        Configured            Used     
          any          IP Forwarding           IP Forwarding
    Intercept method : Generic L2
                            Egress Method      Egress Method
          Destination        Configured            Used     
          any          not configurable        IP Forwarding
    waasballdre1#
    ----------part of configuration of my waas
    sh run:
    wccp router-list 1 10.5.144.1
    wccp tcp-promiscuous service-pair 61 62 failure-detection 30
    wccp tcp-promiscuous service-pair 61 62 router-list-num 1
    wccp version 2
    nota : I've copy one file in the PC of the Balldre from my server in the center site . when the copy is finished , I've paste  again and the time for the copy is the same.
    The waas does not cache.
    thanks.
    R

  • WAAS wccp tcp-promiscuous service-pair configuration question

    I have a WAE 512 that I upgraded to 4.5.1, the WCCP configuration was automatically changed in the configuration to the following:
    wccp router-list 1 192.168.20.1
    wccp tcp-promiscuous service-pair 61 62 failure-detection 30
    wccp tcp-promiscuous service-pair 61 62 router-list-num 1
    wccp version 2
    I have a WAVE-674 that I am going to replace this 512 with and I installed 5.0.1 on the 674.  I went through the automatic setup process and the wccp configuration came up like this:
    wccp router-list 7 192.168.20.1
    wccp tcp-promiscuous service-pair 1 2
    router-list-num 7
    exit
    And it informed me that I needed to put the wccp redirects for 61 in on LAN and 62 in on WAN, standard on the router and wccp 2, which I already have done.
    My question is, should my 5.0.1 configuration look the same as my 4.5.1 configuration, or does it matter?  I only found one document on the internet that had this "wccp tcp-promiscuous service-pair 1 2" in a Cisco PDF document where they were removing it to put some GRE specific configurations. 

    hi Beau,
    something went wrong with the new WAVE 674 wccp configuration,  if the wccp router is the same (192.168.20.1) make sure it looks the same as in 4.5.1 version.
    Also for devices with WAAS version 5.0, you must explicitly configure the egress method.
    http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v501/configuration/guide/traffic.html#wp1275623
    if you need assistance choosing the right egress method I suggest to open a TAC case.
    hope that helps!

  • WAAS REPORTS - Other Traffic

    Hi all
    I am facing an issue with waas reporting, in the charts i have OTHER TRAFFIC with a high percentage (50% and sometimes more)
    What can i do to know which traffic is being categorized as OTHER TRAFFIC so i could create new policy for it

    Click on manage device and go to connections.
    There you will see connections and level of optimization being applied. It will display ip source and destination as well as tcp port number. Once you have the port create a new application and classifier policy

  • Slow tcp traffic over ge0 interface

    I have a server that while using ge0 for UDP traffic, it uses full bandwidth, but for tcp is slow as hell.... ttcp is showing how slow it is, into the kbps rather than mbps. I want to know if there is a specific patch to fix this.

    I've been double checking everything this morning and I feel we were not attacked. All the MAC addresses in my capture are valid system addresses. ISE does not show any authorized machines attempting to connect to the switch. We have DHCP snooping enabled throughout the organization. That was a great article to learn from though.
    I've included a visio of the setup and a snippet of the wire capture and arp/mac tables as were captured during the incident. Traffic from the fileserver intended for employee 2 was flooding the port employee 1 was connected on. The destination MAC address of the packets were not meant for employee 1. 
    Default config for both ports:
     switchport access vlan 101
     switchport mode access
     ip access-group ACL_DEFAULT in
     authentication event fail action next-method
     authentication host-mode multi-auth
     authentication open
     authentication order dot1x mab
     authentication priority dot1x mab
     authentication port-control auto
     authentication violation restrict
     mab
     snmp trap mac-notification change added
     snmp trap mac-notification change removed
     dot1x pae authenticator
     dot1x timeout tx-period 10
     spanning-tree portfast
     spanning-tree bpduguard enable
    Am I missing something? Was this an attack? Was it a fluke? 

  • WAAS and Netflow, traffic reports are inflated unpredictably

    Not sure if anybody has any luck getting Netflow to report correctly when WAAS is in a picture.  We have about 30 sites deployed with WAAS in out of line configuration and every single one of them incorrectly report Netflow traffic to our NetQoS Reporter Analyzer product.  Typically the traffic throughput seems to be inflated several times higher.  We tried every which way to alter the netflow configuration in the router including Egress Netflow but the traffic is still showing higher than actual traffic coming out of a port.  In one site, even the "show interface" command on the router shows 5-minute rate of 16Mbps on a 6Mbps Mulitlink circuit. 

    Hello Thang Lu,
    We have run into this issue with a few customers and here are a some things to consider:
    - If you have 'Flexible' NetFlow enabled: Beware, Flexible NetFlow does not export the flow direction by default you must configure the direction bit to be set for egress flows.  Traditional NetFlow v9 does this automatically.
    - Are you excluding certain protocols in NetQoS?  If you don't do this, some tunnels and VPN connections will be exported twice!
    These are the protocols we exclude by default in Scrutinizer NetFlow Analyzer:
    I hope these suggestions help you.
    Jake

  • WAAS and "Other traffic"

    Hi there,
    Recently I have deployed WAAS for just one site, and I am a bit concerned as majority of the traffic falls into "Other Traffic" category. I've discovered this is just a file transfer between XP desktops and a W2003 server.
    Why it's categorized as Other?
    Thanks

    Correct - that would be SMB traffic. Prior to 4.0.7, it should be classified as part of the File-System application. From 4.0.7 on, it is classified as part of the WAFS application.
    Can you please confirm that you have classifiers that cover ports 139 and 445. If so, which application is the classifier associated with?
    Zach

  • 3750X - Dropped multicat traffic flooding on all switchport vlan interfaces

    Hello forum, 
    I have a problem on source  multicast blocking. I have a switch with a vlan interface (Ex. vlan 20 )and on that vlan interface an extended ACL is present. That ACL block specific multicast groups. Furtehrmore I have many switchport access interfaces on vlan 20 with different sources connected. 
    If one source start streaming with multicast destination IP blocked  by ACL, dropped traffic is flooaded on all switchports on source's vlan
    IGMP snooping on this vlan is enabled but seems that dropped  traffic stay on L2 vlan without it.
    Device used: C3750X
    IOS:  15.0(2)SE5
    Thank you for help

    Hi Michal,
    thanks for your reply!
    Yes, probably i've captured all lines of access-list... but I've to change my approach because my access-list is a extended "named" access-list and, on other post, I've read that "named" access-list cannot be debugged...
    Now i've deleted all access-lists entries that refer to vlan2 and I've created new one "numerical":
    #ip access-list extended 100
    #10 ip permit 172.16.2.0 0.0.0.15 any log
    In this mode the debug shows only access-list 100 traffic + bcast + mcast.
    But, the strange thing is another one now...
    I've bought a multifunction printer, that send scanned document to a email account, the printer haven't internal smtp, it makes a connection to hp servers that forward scans to real destination address...
    I was curious to find out how this connection works because, my private/confidential documents are send on internet and, i would hope that hp use a secure connection from my printer to its server...
    Well, if I add "log" switch command at the end of access-list, or I enable access-list debug, the printer stop to comunicate to hp services/server... if I turn off debug or rewrite access-list without "log" feature, incredibly the printer re-start to comunicate with hp...
    Have you any idea that explain that? I'm going crazy...

Maybe you are looking for

  • Ping shoots up every hour

    Hi Guys, I really only notice this whilst playing games (I use a Logitech Gamepad, which monitors my ping) but I have noticed that at 5 to the hour, every hour, without exception, for approximately 1-2 minutes my ping will shoot up from between 20-50

  • Bogus actuals

    This is a follow on question to this one: Phantom Actuals. We are on PS 2010.  Work resources enter timesheets in SEM.  Task Tracking Method is set to Hours of Work done per period ... always has been. A PM has managed to get a bunch of bogus actuals

  • Standard Report VA05 Adds up Returns Value and Qty :(

    Hi Gurus, We have an issue the standard Report VA05 Adds up Qty and Value of Returns Orders/ Credit or Debit Request which gives up a wrong value when you look at the Total. I checked up with IDES and it is just the same. Any Help how to overcome the

  • Can't connect to SQL Plus after installation...

    Windows XP (Admin account) installed 10g XE I have no other ORACLE_HOME or TNS files. All services are started here is the listener STATUS of the LISTENER Alias LISTENER Version TNSLSNR for 32-bit Windows: Version 10.2.0.1.0 - Beta Start Date 17-NOV-

  • Apps purchased on iphone not transferring

    Please bear with me on this one as it's not quite as simple as the subject title suggests... My wife and I share one computer (a Macbook running 10.5.8) using 2 separate user accounts. We have different iTunes accounts but share a library. The iTunes