Help with DHCP relay

Similar Questions

• 6.1.4 NSX upgrade to 6.2.0: DLR fails to upgrade with DHCP relay message

  Hey all, in the middle of an upgrade of non-prod to a greenfield 6.1.4 6.2. Did the Manager NSX, and follow-up of all controllers. Then after the VMware recommended upgrade sequence, I did the GSS. Then began the DLR. When you try to upgrade the DLR, I received an error message

  The "Upgrade Version" operation failed for the entity with the following error message.

  [DHCP] To enable DHCP Relay, DR instance must be created with a single connected LIF.

  

  Also, the router now displays status in the NSX edges pane: "failed to create/update edgeAssist interface for edge edge-3.» 404 not found. »

  

  So I tried erase the configuration of DHCP on the DLR with the button relay remove, no dice. Tried to redeploy, fail with the same message. Tried to force synchronization, changes in status to "impossible to force synchronization. NSX Edge edge-3 is in poor condition. Try the operation again. The DHCP configuration disappears, but the change seems never commit, because when I browse the bracing or routing section and browse to the DHCP relay page, the original configuration is still there. It is a simple DLR with no configured HA. I have attached the newspapers of DLR tech support in case there is any support curious people out there. Note, vCenter 6.0.0 2741530, ESXi 5.5 Patch 5 reissue 2718055.

  He was just going to remove the DLR and re-create it since it's a lab, but if it wasn't a lab I just want to know why it's a failure.

  After reading more carefully, I apparently missed a step in the upgrade (hosts). I suggest that whoever does the upgrade follows the upgrade guide in pubs located here: 6.2 NSX VMware vSphere Documentation Center

  • Manager of NSX upgrade to 6.2
  • Upgrade of the Cluster controller NSX to 6.2, check the status of cluster control
  • Upgrade the cluster hosts for NSX 6.2
  • 6.2 the NSX border upgrade
  • Guest Introspection to NSX 6.2 update
  • Remove the NSX data security and redeploy

  So I tried a lot of things to work myself back from that. I tried to upgrade the hosts but that didn't fly, esx-vxlan has been blocked to version 5.5.0 - 0.0.2691051. To return to a viable State in the end I had to nuke basically the GSS, logical switches, DLR, TZ, manually uninstall the NSX vibs and unsubscribe manager the NSX to vCenter in the cluster take-off of the State of "uninstall." From there, re - install the 5.5.0 - esx-vxlan 0.0.2983935 (6.2) vibs on the cluster worked OK, and I rebuilt the gateway routing and dashboard. So read before making anywhere near prod. : )

• 2911 w/security - VPN with DHCP Relay to Win2K8, routing fail

  Hello

  I have a 2911 router and tries to terminate a VPN inside.

  I want to do this is before the DHCP request to a Server 2008 inside.

  I actually received this part to work.  But it seems to be, 2911 router is not set the VPN clients on a VLAN internal associated with the range of network, the DHCP server is to give.  Or all least, does not have a flow of information between the IP address of the VPN Client and the router itself.

  (washed config below)

  Example: VPN Client obtains the IP address of 10.101.55.10.  The router has a loop (or subinterface in my last iteration of the config) address of 10.101.55.1.

  And yet, when my VPN client connects, I am not able to ping to an IP that my router has.  I can ping myself (10.101.55.10), but I only ping the router in any way which.

  Does anyone have any ideas?

  -----

  Paste config

  -----

  !
  ! Last configuration change at 04:48:18 UTC Friday 25 March 2011 by x
  !
  version 15.0
  horodateurs service debug datetime msec
  Log service timestamps datetime msec
  encryption password service
  !
  host name x
  !
  boot-start-marker
  boot-end-marker
  !
  logging buffered 51200 warnings
  enable secret 5 x
  !
  AAA new-model
  !
  !
  AAA authentication login default local radius group
  AAA authentication login userauthen local
  AAA authorization groupauthor LAN
  !
  !
  !
  !
  !
  AAA - the id of the joint session
  !
  !
  !
  !
  No ipv6 cef
  IP source-route
  IP cef
  !
  !
  !
  !
  property intellectual name x
  !
  Authenticated MultiLink bundle-name Panel
  !
  !
  !
  Crypto pki trustpoint TP-self-signed-3088527431
  enrollment selfsigned
  name of the object cn = IOS - Self - signed - certificate - 3088527431
  revocation checking no
  rsakeypair TP-self-signed-3088527431
  !
  !
  TP-self-signed-3088527431 crypto pki certificate chain
  certificate self-signed 01
  3082024B 308201B 4 A0030201 02020101 300 D 0609 2A 864886 F70D0101 04050030
  2 060355 04031326 494F532D 53656 C 66 2 AND 536967 6E65642D 43657274 31312F30
  69666963 33303838 35323734 6174652D 3331301E 31393532 OF 30323236 170 3131
  31375A 17 0D 323030 31303130 30303030 305A 3031 06035504 03132649 312F302D
  4F532D53 5369676E 656C662D 43 65727469 66696361 74652 33 30383835 65642D
  32373433 3130819F 300 D 0609 2A 864886 01050003, 818, 0030, 81890281 F70D0101
  8100BB8B DCF74C9C 5068AF8B 17458225 C2C3702C 416CE391 6EA8991B D3CFFA1A
  62FCA661 566A30C5 2ADE1CBF 558335F9 E9811663 819FA2E9 BEEC77CD 768A 5829
  437E90FA 17F50DDE 94B52B67 96E1E8FC E4E7A12C 07E67582 342774 5 DF956CC8
  FAB6BA34 AB2D79B0 771D8D88 40FDDC34 9F5A0145 4A18B252 037DCDE1 8A114B84
  010001A 3 73307130 1 130101 FF040530 030101FF 301E0603 0F060355 0F190203
  551 1104 17301582 1341434 C 50475231 74657374 2E636F6D 301F0603 2E61636C
  551 2304 18301680 14929613 69D7A350 EA595EC1 C1520246 C00CAB37 A2301D06
  04160414 92961369 D7A350EA 595EC1C1 520246C 03551D0E 0 0CAB37A2 300 D 0609
  2A 864886 04050003 81810077 CBE5CA04 9D75B036 CF639BEC EFD03A3C F70D0101
  FB1390E6 5DC1DBF9 7311123D 9A 018140 2509EADC 9F03747E 3D12F993 BB69D424
  AEA4E0A6 75AF5209 4BD15BE0 92BDA0F1 C74245AF C41DB154 E443F8AD 3605EBE3
  F293D601 10 C 07520 FCB38B3E 6AC9AE74 AE9CB2A2 A80CED34 1FE185CF 24B1A689
  A9E1CF15 F3041A8E CE12C914 C53EEA
  quit smoking
  udi pid CISCO2911/K9 sn x license
  !
  !
  VTP version 2
  user name x
  !
  redundancy
  !
  !
  property intellectual ssh time 60
  property intellectual ssh version 2
  !
  !
  crypto ISAKMP policy 3
  BA 3des
  preshared authentication
  Group 2
  !
  crypto ISAKMP policy 5
  preshared authentication
  Group 2
  ISAKMP crypto key address 0.0.0.0 dmvpnkey 0.0.0.0
  ISAKMP crypto nat keepalive 20
  !
  the group x crypto isakmp client configuration
  x key
  DNS 10.0.0.6 10.0.0.3
  area x
  10.3.0.3 DHCP server
  GIADDR DHCP 10.101.55.1
  netmask 255.255.255.0
  !
  !
  Crypto ipsec transform-set esp-3des esp-sha-hmac VPNSET
  Crypto ipsec transform-set esp-3des esp-sha-hmac dmvpnset
  !
  Crypto ipsec profile dmvpnprof
  Set transform-set dmvpnset
  !
  !
  dynamic-map crypto vpn-dynmap 10
  game of transformation-VPNSET
  !
  !
  customer vpnclientmap of authentication crypto map list vpnusers
  card crypto isakmp authorization list groupauthor vpnclientmap
  client configuration address card crypto vpnclientmap answer
  vpnclientmap 10 card crypto-isakmp ipsec vpn Dynamics-dynmap
  !
  !
  !
  !
  !

  !
  !
  interface GigabitEthernet0/0
  Telus MPLS description
  IP 10.101.2.1 255.255.255.252
  IP virtual-reassembly
  Shutdown
  automatic duplex
  automatic speed
  !
  !
  interface GigabitEthernet0/1
  AllNorth hand VPN description
  DHCP IP address
  NAT outside IP
  IP virtual-reassembly
  automatic duplex
  automatic speed
  vpnclientmap card crypto
  !
  !
  interface GigabitEthernet0/2
  Description main trunk to LAN internal
  no ip address
  automatic duplex
  automatic speed
  !
  !
  interface GigabitEthernet0/2.4
  encapsulation dot1Q 4
  IP 10.101.4.1 255.255.255.0
  IP helper 10.3.0.3
  IP nat inside
  IP virtual-reassembly
  !
  interface GigabitEthernet0/2.10
  encapsulation dot1Q 10
  IP 10.101.10.1 255.255.255.0
  !
  interface GigabitEthernet0/2.50
  encapsulation dot1Q 50
  IP 10.101.50.1 255.255.255.0
  !
  interface GigabitEthernet0/2.55
  encapsulation dot1Q 55
  IP 10.101.55.1 255.255.255.0
  !
  interface GigabitEthernet0/2.99
  encapsulation dot1Q 99
  IP 10.101.99.1 255.255.255.0
  !
  interface FastEthernet0/0/0
  switchport access vlan 4
  !
  !
  interface FastEthernet0/0/1
  !
  !
  interface FastEthernet0/0/2
  switchport access vlan 10
  !
  !
  interface FastEthernet0/0/3
  switchport mode trunk
  !
  !
  interface Vlan1
  no ip address
  !
  !
  !
  Router eigrp 1
  Network 10.250.1.2 0.0.0.0
  !
  router ospf 100
  Log-adjacency-changes
  0.0.0.0 network 10.101.2.2 area 0
  !
  VPN IP local pool 10.151.56.1 10.151.56.20
  IP forward-Protocol ND
  !
  no ip address of the http server
  no ip http secure server
  !
  IP nat inside source nat route map - this interface GigabitEthernet0/1 overload
  IP route 10.3.0.0 255.255.255.0 10.101.4.2
  !
  allowed to access-list 23 x
  access-list 23 allow 10.0.0.0 0.255.255.255
  access-list 100 permit udp any host x eq isakmp
  access-list 100 permit esp any host x
  access-list 100 permit gre any x host
  access-list 100 permit tcp any host x eq telnet
  access-list 104. allow ip 10.101.4.0 0.0.0.255 any
  access-list 104. allow ip 10.101.55.0 0.0.0.255 any
  access-list 130 allow ip 10.0.0.0 0.255.255.255 10.101.55.0 0.0.0.255
  !
  !
  !
  !
  nat permit - this route map 10
  corresponds to the IP 104
  !
  !
  x SNMP-server community
  !
  control plan
  !
  !
  !
  Line con 0
  line to 0
  line vty 0 4
  access-class 23 in
  Synchronous recording
  transport input telnet ssh
  line vty 5 15
  access-class 23 in
  transport input telnet ssh
  !
  Scheduler allocate 20000 1000
  end

  Yes, it looks like you might have as a subnet of more large covered in your routing protocols internal hence set up 'reverse-road '.

  Good to hear it works now. Kindly, please mark this post as responded while others can learn from this post. Thank you.

• Need help with DHCP on Windows 2003 R2 VM in ESXi

  Hello

  I recently downloaded and installed ESXi on a new IBM X 3400.  I have a virtual machine with Windows Server 2003 R2, and I've migrated the role of DHCP server in another box.  When I disable the service on the other box and start the VM I can't deal with the DHCP requests. It's as if I do not have a DHCP server on my network.

  Any ideas?

  can you confirm that the DHCP server is authorized by using DHCP Manager.

• DHCP Snooping without configured DHCP relay

  Hello

  We use DHCP Snooping with DHCP relay successfully configured... but I was wondering if the DHCP-Snooping function is also working on a (composed by different switches) L2 network where the DHCP server is on the same VLAN as the client?

  I know that server must be in a VLAN dedicated but segmentation VLAN server DHCP - client is scheduled in a second step...

  Thanks for your suggestions!

  Hi Omar,.

  The DHCP server can be on the same VLAN as the customers, no problem with that.

  You must configure the port on the DHCP server as being approved with the following commands:

  conf t

  IP dhcp snooping

  IP dhcp snooping vlan x

  interface fastethernet x / y

  IP dhcp snooping trust

  FastEthernet x / is the port where the DHCP server must be located.

  Cheers:

  István

• 7048 routing/DHCP relay with 5548

  Hello

  I have a problem with the 5548 do not relay the query DHCP for PXE (SCCM), 5548 is connected to 7048 (trunk). We shop Cisco, this is the first time that I am using DELL. Any help is appreciated.

  --------7048--------
  
  !Current Configuration:!System Description "PowerConnect 7048, 4.2.2.3, VxWorks 6.6"!System Software Version 4.2.2.3!System Operational Mode "Normal"!configuregvrp enablevlan databasevlan 2,10-11,21,50-52,156vlan routing 1 1vlan routing 10 2vlan routing 21 3vlan routing 50 4vlan routing 51 5vlan routing 52 6vlan routing 156 7vlan routing 2 8vlan routing 11 9vlan association subnet 10.112.0.0 255.255.252.0 10vlan association subnet 10.112.4.0 255.255.255.0 11vlan association subnet 10.116.4.0 255.255.252.0 21slot 1/0 5    ! PowerConnect 7048slot 1/1 11   ! SFP+ Cardslot 1/2 9    ! CX4 Cardslot 2/0 6    ! PowerConnect 7048Pslot 2/1 11   ! SFP+ Cardslot 2/2 9    ! CX4 Cardstackmember 1 5    ! PCT7048member 2 6    ! PCT7048Pip routingip route 0.0.0.0 0.0.0.0 192.168.1.58ip route 10.0.0.0 255.0.0.0 192.168.1.58interface vlan 1exitinterface vlan 2ip address 192.168.1.57 255.255.255.252ip local-proxy-arpno ip redirectsexitinterface vlan 10ip address 10.112.0.1 255.255.252.0no ip redirectsexitinterface vlan 11ip address 10.112.4.1 255.255.255.0ip helper-address 10.112.1.50ip local-proxy-arpno ip redirectsexitinterface vlan 21ip address 10.116.4.1 255.255.252.0ip helper-address 10.112.1.50ip helper-address 10.112.1.51exitinterface Te1/1/2description 'F2_NTR_4'gvrp enablespanning-tree portfastswitchport mode trunkdot1x port-control force-authorizedexit
  
  ------5548------
  
  vlan databasevlan 10-11,21exit
  
  gvrp enable
  
  ip dhcp relay enable
  
  stack master unit 1!interface vlan 1 ip address dhcp!interface vlan 10 ip address 10.112.0.4 255.255.252.0 ip dhcp relay enable ip proxy-arp
  
  interface gigabitethernet1/0/18 spanning-tree portfast switchport access vlan 21
  
  ip route 0.0.0.0 0.0.0.0 10.112.0.1
  
  interface tengigabitethernet1/0/1 description F2_NTM gvrp enable spanning-tree portfast auto switchport mode trunkSW version 4.1.0.1 (date  05-Apr-2012 time  15:03:04)
  
  Gigabit Ethernet Ports=============================no shutdownspeed 1000duplex fullnegotiationflow-control onmdix autono back-pressurespanning-treespanning-tree mode RSTP
  
  qos basicqos trust coseee enable
  

  SCCM PXE server is fine, tested on Cisco gear.
  

  It's weird, PXE starts working when I hard code the fiber connecting switches to full-duplex, even if they show the full duplex in automatic. Thanks for your help.

• Helps relaxation and relay

  Hey community,.

  I'm quite inexperienced with DASYLab and need help with my patterns. I try to create an if-else condition and do not know what to do next.

  Its my goal to analyze some data entry for their values. If there is a data entry between the value '0' to '4' I want to calculate this entry with formula 1, if there is an entry of data between the value '4' '8', which he calculated with the formula 2 (the two formulas are different).

  I have already created a combination with trigger and relay to assess the value that have input data, but then something is missing. The input data have two channels, but after calculation, I had four channels for each case. But I just want to have a result for each channel. -> the result 1 entry should go to an output channel and the same for the second.

  So I need a module that combines the two strings and provides the result 1 or channel 2 to a result.

  Which module which could be, something like a switch? I found nothing...

  Or is there another solution for this problem?

  Thanks for your help

  Jan

  You can do it in the formula itself.

  Consider a formula module with one input and two outputs

  CH0 - Output 0 ----------------------------------------------

  (In (0)< 5)="" *="" (your="">

  CH1 - output 1 ----------------------------------------------

  (In (0) > 4) * (your formula)

  Now, if the In0 is true it will return a so the output will be your formula.  If the In0 is false, it will return 0 so the output will be 0

  The two outputs can go to a summation module so that you will always have the correct signal

• Help with WRT54GS on FiOS (ethernet, no coaxial cable)

  Hey guys, I'm new here and just try to get help with this insoluble problem that I started having with my Linksys WRT54GS and Verizon FiOS last week.

  To simplify my story complete and real question here, I put it all points to try to make it simpler to understand:

  -In the fall of 2007, I switch from Comcast to Verizon FiOS after getting screwed on waiting for two weeks and never get a new router, that one was fried in a storm

  -Little brother spills the first Actiontec router and it breaks

  Actiontec wireless - replacement of the router is non-existent (MI42WR)

  -After trying fill the Linksys for the Actiontec, it turns out to be a pain much more than a real solution to the lack of wireless

  -Past of the coaxial cable to the full ethernet cat5 last year to use Linksys WRT54GS
  -Fortunately directly connected to ONTARIO to Linksys WRT54GS via ethernet cat5 for a year while the wireless is perfect for other computers

  (last week)

  -Off router Linksys for a night the week last to give him a night's rest
  N ' unable to connect to Verizon with WRT54GS old or new router WRT54GL (which I'm now back)

  -HAVE ethernet light outside still has a green light indicating that it is working
  -Do not fill the Actiontec and Linksys again
  -I don't want to go back to the use of the Actiontec for what anyone, but stuck with it for now
  -A reset the router, computer connection and DHCP has published many times, but nothing helps

  -A updated my WRT54GS firmware before you type this and still nothing

  -No connection to any Linksys router, but the works of Actiontec

  I can't think of a solution except maybe try one of another company, as D-Link... (sad face) I'm already back the new router Monday, since I don't believe that my WRT54GS is broken even if it is not connected. If I don't think that maybe Verizon has done something that is not allowing one of my Linksys routers to connect, because fortunately, they started to charge me an extra $10-12 on FiOS bill without notice. Although at this stage, I have a hard time believing that even switch to another router company and use their products will do everything for me...

  Right now, I am suffering with this router Verizon terrible stock and my parents and aunt are complained about these last two weeks. I hope that someone here knows what may be the real problem that can sound with little assistance.

  Ah, found the solution work for a guy who had exactly the same problem as me, but with a D-Link router.

  "The best solution is to go to the ethernet connections and click Cancel, the green light on the actiontec to go yellow, unplug it in this State." Disconnect the battery power and the BBU. Put the new router in place, reconnect battery and BBU, then taken power for the new router.

  Just releasing and switching router should work but if it is not these steps work. »

  Thank you for at least trying to help me to abandoned.

• Firmware 1.4.0.88 for SG300-52 seems to break DHCP relay

  My VLAN to end my switches, so I use a DHCP relay with Option82 to distribute addresses for the subnet of the VIRTUAL LAN. After the transition from 1.3.7.18 to 1.4.0.88, DHCP isn't being delivered on my VLAN. Does anyone else have this problem?

  I'm just creating DHCP relay for the first time with my SG 300-28, 1.4.0.88 firmware and noticed that the DHCPDISCOVER promulgated by the relay had the same source and destination (67) port, while the original DHCPDISCOVER used 67 & 68. In addition the 1.3.7.18 firmware is not exchange these autour:

  Excerpts from Wireshark:

  1.4.088-

  Original DHCPDISCOVER to the customer:

  User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

  Relayed SG300 DHCPDISCOVER:

  User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps (67)

  This seems a bit suspect to me

  1.3.7.18

  Original DHCPDISCOVER to the customer:

  User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

  Relayed SG300 DHCPDISCOVER:

  User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)

  I am not sure that this is your problem (it does not solve my problem), but I want to underline the thought

• RV180 DHCP Relay

  Hello

  Apologies if Im posting in the wrong place, but I am after some help.

  What Im trying to do is:

  Internet connection - router homepage (for normal home internet) - RV180

  RV180:

  2 VLAN (1-10) - which provide IP addresses for my lab at home (DC, server ESXi)

  The other addresses DHCP "Relay" between the House 2 router devices (NAS and a PC box)

  VLan 1 is set to DHCP relay

  VLan 10 is defined on the DHCP server, configured to give IP addresses in the range 192.168.10. *.

  The home router is running OpenWRT if that makes a difference

  Is it possible to get DHCP traffic on the WAN port to VLAN 1?

  Thank you

  DMO

  Hello

  "Is it possible to get DHCP traffic on the WAN port to VLAN 1.

  No - since vlan10 and vlan1 are connected directly - and the RfC TCP/IP does not allow this - the router forwards traffic via the directly connected interface.

• SG300 insert option82 in DHCP relay

  Hey guys, anyone having trouble getting a SG300 series pass to insert information from option82? I have Working DHCP relay between two VLANs successfully, however, I want to identify where the client is connected in order to define their preferences for optimal routing.

  switch-20-0#show ip dhcp relay
  DHCP relay is Enabled
  Option 82 is Enabled
  Maximum number of supported VLANs without IP Address is 256
  Number of DHCP Relays enabled on VLANs without IP Address is 1
  DHCP relay is not configured on any port.
  DHCP relay is enabled on Vlans: 20
  Active: 20
  Inactive:
  Servers: 192.168.0.2
  

  I have to you missing something simple. Any help, or even "Hey have you tried' type answers very much appreciated!

  Hi Jonathan,.

  To my knowledge, you have everything configured properly. I would try to set up packet capture on the switch to the position to interface to the DHCP server to see if the information is included in the DHCP Discover message.

  -Good Trent

  * Please note the useful messages! **

• SRW248G4P - dhcp relay?

  Hello

  Does anyone know if SRW248G4P supports the dhcp relay?

  I don't see any option for this with 1.0.2 firmware version

  Thank you

  Hi Ukexport, as much as I know it doesn't have. In addition, it is only a layer 2 device, several vlan dhcp would be routed by a deflector, not locally by the switch.

  -Tom
  Please mark replied messages useful

• WRVS4400Nv2 DHCP Relay on 2nd VLAN

  Hello

  Here's what I'm trying to understand:

  My network is set up such that I have a wireless network in the VLAN 1, which is the main network we use.  The subnet is 10.5.1.x.

  My goal is to set up a wireless network completely isolated comments, but it would work better.  What I'm trying to do now, is that I created a VLAN separated (VLAN 2, ranging 10.5.2.x IP) and activated DHCP on the WRVS4400N.  However, in comments network, he is always picking up a 10.5.1.x IP which will be distributed by the server DHCP (10.5.1.5, Win 2003) and yet all traffic to our private network routing.

  Here's what I put:

  Wireless > security settings > network (SSID 2) comments

  • Wireless Isolation (between w/o SSID VLAN): enabled
  • Insulation (within SSID) wireless: enabled

  Setup > LAN > VLAN 1

  • Router IP 10.5.1.1, CAMERA IP WiFi 10.5.1.3
  • DHCP relay for 10.5.1.5

  Setup > LAN > VLAN 2

  • 10.5.2.1 IP router
  • DHCP enabled for the subnet 10.5.2.x
  • Relay DHCP option is grayed out (don't know why)

  Setup > Advanced Routing

  • Routing inter - VLAN: disabled

  A way to solve this problem would be nice.  I don't want traffic through our internal network.  Ideally, if I get Windows server to distribute addresses of 10.5.2.x, it would be perfect, but I do not know how to configure it for such.

  If anyone has any ideas, that would be great-thanks!

  Matt

  Yes... Here is an answer I got Cisco engineering support:

  The issue you reported is a known problem.
  Engineering and development are aware of this problem and provided the following information:

  DESCRIPTION OF THE PROBLEM:
  If the WRVS4400N is configured with multiple VLANs, and these VLANs are mapped to different SSIDS, the user cannot use an external DHCP server to provide IP scopes for these VLANS.
  Hosts connected to two SSID will get the native DHCP server IP address only.
  The workaround for this is to use the DHCP server integrated for all the VLANS defined on the WRVS4400N.

  Note: This is not a bug but rather a limitation of product. The developer confirmed that the WRVS4400N works as expected.

  A difficulty regarding:
  Because of the wireless switch port and the trunk by using different chipset, it is not possible to provide a fix for this problem.
  In the future, engineering & product Dev teams will try to use the same chip set (same provider).
  This feature has been targeted for the next new product.  No solution will be on the current hardware.

  Note: If this function is vital for your deployment and you want to recover the cost of the WRVS4400N, please send the serial number and a copy of your proof of purchase and we will gladly provide a refund.

  Best regards

  Alex Delano

• DHCP relay for users (ASA) SSL VPN

  I have ASA 5520 vpn endpoint. Before asa, there are firewalls which translates the public ip address to the private sector and to pass SSL traffic to ASA. I have configured DHCP relay to get the IP address for the DHCP in Windows Server users:

  dhcprelay Server 10.100.2.101 on the inside

  dhcprelay activate vpn

  dhcprelay setroute vpn

  and it does not work. with the local pool, it works fine. Should I do something else? When I turn on debugging it has not any activity.

  You try to assign the IP address to the SSL vpn client using the DHCP server?

  If so, you don't need these commands contained in your message.

  Basically, you need to set dhcp server in tunnel-group and dhcp-network-scope in group policy.

  Here is an example of Ipsec client. Setup must be the same.

  http://www.Cisco.com/en/us/partner/products/ps6120/products_configuration_example09186a0080a66bc6.shtml

• Need help with the data storage store, local array and network connections

  Need help with my ESXi 4.1 installation

  My hardware:

  I built a server with an Asus P6T whitebox, i7 920, 12 Gig RAM, NIC, Intel Pro1000 PT Quad, 3ware 9650SE-12ML with 8 1.5 TB SATA green in a raid 6 array gives me about 8 + TB with a spare drive all housed within a NORCO RPC-4220 4U Rackmount Server chassis.  I also have a 500 GB SATA drive which will hold the ESXi and virtual machines.

  The network includes a firewall, Netgear Prosafe FVS336G, GS724Tv of Netgear ProSafe 24 port Gigabit Managed Switch on a dhcp cable modem internet service provider.

  I also have 2 old NetGear SC101T NAS disks (4to) I want to connect to the system how some - at a later date have... data on them and want to transfer to the new storage array. I always looking into the question of whether they will work with ESXi 4.1, or I might have to only access it through Windows XP.

  My Situation:

  I have already installed ESXi 4.1 and vsphere client with no problems and it is connected to a dhcp cable internet service.  I've set up host via a dynamic DNS service name give me a static hostname on the internet.  I installed three machines to virtual OS successfully at the moment and now want to first start by creating a multimedia storage server which will use some of this new 8 TB array, then separate data storage for use with a web server small overhead storage and a backup.  It is a domestic installation.

  Help with the data store and network:

  I was doing some reading, because I'm new to this, and it looks like I'll probably want to set up my table via ESXi as a nfs disk format.  Now, the data store is usually in another physical box from what I understand, but I put my readers and ESXi all in the same box.  I'm not sure that the best way to put in place with grouped network cards, but I want to make this work.

  I understand that in ESXi 4.1 using iSCSi LUN must be less than 2 TB, but nfs - I should be able to add a bigger partition then 2 TB (for my multimedia) in nfs, right? or should I still add it separately as a separate 2 TB drives and then extend them to get the biggest space.

  Any suggestions or direct resources showing examples on how to actually add some parts of the table as data warehouses separate nfs.  I know that to go to the configuration tab, and then select Add to storage, and then select nfs. I have not my picture, but it's here that I don't know what to do because ESXi 4.1 system already has an address, should I put the same thing to the new data store array also (will it work?), and what should I use for the name of the folder and the store of data... just do something to the top.  I thought to later install Openfiler (for a multimedia storage using this table server) as a virtual machine, use the table with esxi so that I can access the same storage space with widows and linux-based systems.

  I also know I have to find a way to better use my quad nic card... put in place of virtual switches, grouping, etc HELP?

  Any direction, assistance, similar facilities to sample, suggestions or resources that would help would be great. I did a lot of hunting, but still a little confused on how to best to put in place.

  You must think of VMDK files of large databases with records of random size guest go read some data (a DLL or an INI file), maybe write some data back, then go read other data. Some files are tiny, but certain DLLs are several megabytes. It's random i/o all and heavy on the search time. IO Opsys is small random operations that are often sequential (go read data, write data, go read other data,...) so that deadlines are critical to the overall performance. That's why people say OPS are / s of reference and forget the MBs flow. The only time where you bulk transfers are when you read media (ISO files).

  Well, now forget all this. Actually the disk activity will depend on the specific applications (database? mail server? machines compiler?), but the above is true for boots, and whenever applications are idle. You should see the profile to know.

  RAID 10 is faster (and often more reliable) than RAID 5 or RAID-6 except in certain specific cases. In General RAID 10 is ideal for many random writes, since the calculation of parity for RAID-5 and - 6 adds to the overall latency between command and response - latency is cumulative if a little slow here and a little slow it adds up to a lot of overall slow synchronous especially with e/s on a network. OTOH RAID-5 and -6 can produce faster readings due to the number of heads, so you can use it for virtual machines that transfer bulk. Test. You may find that you need several different types subdashboards for best results.

  You said 3ware, they have some good grades on their site, but don't believe it. With my 9650 that I found myself with only a couple of their recommendations-, I put the (simple) table for allocation size 256 k, nr_requests at 2 x the queue_depth and use the planner date limit. I had the habit for the Ext4 file system formatted with stride and stripe-width synced to the table and used the options large_files with fewer inodes (do not use the huge_files option unless you plan to have single VMDK files in the terabyte range). Use a cache of great reading in advance.

  Virtual machines use VMDK files in all cases except raw iSCSI LUN that they treat native disks. VMDK is easier to manage - you can make a backup by copying the file, you can move it to a PC and load it into another flavour of VMware, etc. There could be some features iSCSI to your San as a transparent migration but nothing for me. NFS has less chatter of Protocol if latency lower times to complete an operation. NFS is good to read and write a block of data, that's all it boils down to.

  UPS is good, but it won't help if something inside the machine explodes (UPS does nothing if the PC power supply goes down). If the RAID card has an option for a battery backup module, so it can contain some writings in memory and may end up the disk i/o after replacing the power supply. 3ware also limits the types of caching available if help is not installed, and you get just the right numbers with the module.