Will be traffic?

Similar Questions

• HP Envy DV - 7 7292nr: HP Envy DV - 7 7292nr mPCI-e

  Hello
  I searched for a way to improve my laptop graphics card, but then I discovered that I can't do anything with it. (nVidia GTX 650 M).
  Recently, I found a device that lets you use a graphics card of regular size on laptops (BPLUS PEA4H) office. It uses the mPCI-E port of the laptop to connect to an external graphics card. (For this I had to remove my laptops Wi - Fi adapter).
  The problem is when windows loads it does not detect this device.

  PS. I do not get errors while the BIOS control. I don't think that my version of BIOS has whitelist wi - fi adapter.

  Any suggestions on how I can remedy this.

  Thank you!

  You can not. And shouldn't. This is not a good idea. Think about it for just a second. On a desktop computer, video card uses a pci-e slot x 8 or x 16 for video and this adapter external Bay is a Bay card video pci - e x 8 or x 16. On a laptop, the wireless card uses the equivalent of an x 1 pci-e slot. Now how a road will provide traffic to complete a highway way 8 or 16-way? It can not. The slot wireless would get if hot doing it, it will melt the motherboard. Fortunately on your laptop this pci-e slot is a slot only goal. It is wired such that it can only accommodate a wi - fi card. It is not connected to a means of the screen is why you can't detect it.

  If you read the documentation on this unit carefully he says basically the same thing I said above.

  I'm sure that's not the answer you wanted to hear but in order to get this out there on the internet and perhaps others keep going to the same dead end, you might want to hit 'accept as a Solution. I gave this answer probably 3 or 4 times before and I get angry feedback or never hear from them again. If someone else had hit "Accept as Solution" there is a chance that you would have come across it. What cost this camera just out of curiosity?

• two questions of routing VLAN fast

  Let's say that I have spend a routing 4 L3 VLAN

  VLAN 1 192.168.10.0/24, virtual interface of the switch is 192.168.10.254 inside this vlan
  VLAN 2 is 192.168.20.0/24, the virtual interface of the switch is 192.168.20.254 inside this vlan
  VLAN 3 is 192.168.30.0/24, the virtual interface of the switch is 192.168.30.254 inside this vlan
  VLAN 4 192.168.40.0/24, virtual interface of the switch is 192.168.40.254 inside this vlan

  There is that a single router out of this switch at the net, and lets say that it is in VLAN 1 and its address is 192.168.10.1

  first question - inside the L3 switch I need to add a default route 0.0.0.0 0.0.0.0 192.168.10.1

  to ensure that all traffic not matching only a 192.168.x.x address not know where to go to the net, correct?

  Second - when this router, is there a difference if I use the following static route:

  192.168.20.0 255.255.255.0 192.168.10.254

  Instead of

  192.168.20.0 255.255.255.0 192.168.20.254

  ?

  Whatever happens, the package comes to switch L3, but in one case, what happened to it through the interface VLAN 1 VLAN and in the other case, he gets there through the interface VLAN VLAN for which traffic is intended anyway. is what im trying to figure out, this will make a difference at all? especially with regard to broadcast packets?

  If it makes no difference, then it is safe to say that the following static route would be optimal?

  192.168.0.0 255.255.0.0 192.168.10.254

  Re "of all". Fix. The L3 switch will route traffic based on its routing table. By default, he knows all IP subnets, it is directly connected to, i.e. all subnets VLAN. If you must add a route by default manually or not depends on the exact implementation. It would be nice if the L3 switch will use the no default for routing gateway that you use for the switch IP parameters itself (if there is an option in the web interface to set a default gateway). If you cannot define a default gateway on the L3 switch, you might have to manually add a static route. The easiest way would be to check the current routing table and see if there is a default or not gateway.

  Re "then." A router can only transfer the packets to the next hop router. The next hop router must be connected to this router. The route "192.168.20.0 255.255.255.0 192.168.10.254" is correct for a router with IP address 192.168.10.1 and 255.255.255.0 as 192.168.10.254 subnet mask is connected to the router. "192.168.20.0 255.255.255.0 192.168.20.254" is not correct. The router cannot learn the path to a subnet specific 192.168.20.0/255.255.255.0 using a gateway on that subnet. It is not correct to use this kind of a route and do not use it even if it might work even (because the router is a simple query ARP to find the MAC address of the 192.168.20.254 and your L3 switch will respond to the ARP request, even if it's on the internet of 192.168.10.254). At the same time that another router between 10 and 20 subnets it would work no more...

  Re your conclusion: I recommend to keep four static routes to subnets existing on the L3 switch instead of put in a single subnet more great which includes a lot of addresses that are not connected here. Technically, this works if you only use working IP addresses. But you will see some loops if you send something to 192.168.55.50 or similar. The gateway router it will send to the L3 switch that will return to the catwalk. They should understand it's a loop, but still, I would not recommend this type of installation... Add routes for each of the L3 switch subnet...

• Why is the MAC address Clone?

  When I disabled it Clone MAC address I lost access to the internet.

  Does anyone know why MAC address Clone is necessary and what it does?

  Clone MAC address changes the MAC address of the router on the internet port.

  You can use the function of the cloning MAC address to clone the MAC address of a computer if you used before your computer directly to the modem.

  Some ISPS (especially cable ISPS) only the customers to have an active internet connection at any time. To do this, check the MAC address, that is, they remember the MAC address that accessible line via the modem and lock the connection to this MAC address.

  If you test your internet connection directly with your PC first and then connect the router the router can not get an internet connection because the row is locked to the PC's MAC address. Now if clone you the address MAC from the PC on the router the router "pretended" to be PC and the ISP will accept traffic again.

  Usually, simply reset or turn on the modem to reset the lock again. Sometimes, you have to turn off the modem for a couple of hours (for example, through the night) after a few hours of inactivity the ISP removes the lock again. Sometimes call the ISP to remove the lock, but it's not very often.

  So basically, generally useless clone MAC address at all because you could accomplish the same thing by resetting the modem or it turned off for a few minutes. If you connect the router to the modem, ISP learns the MAC address of the router and it gets working internet connection. (Of course remember, that once a computer directly connected to the modem would not get active internet connection unless you change the MAC address of the computer to the MAC address of the router).

  But the function is useful if you do not want to. You simply set the MAC address of the connected device before, and you get a working internet connection.

• Broadband double (802.11n, WMP600N)

  Hello!

  How can I be sure that the adapter (Linksys WMP600N) using dual-bandiwidth(both ~2.4ghz and 5ghz) connection? I have router (asus RT-N56U) witch is supported by the two frequenzes (and have) and I checked in the config-tool(traffic monitor) that there are only 2.4 ghz traffic. I tried to transfer files from my desktop PC to my laptop via a router and at the same time surf the Internet very strongly, but there is still no traffic 5 GHz at all. Any ideas? =)

  -Sebastian-

  WMP600N is a dual band wireless adapter. It will connect to the two bands at the same time. It will connect broadband wireless for 2.4 GHZ or 5 GHz at the same time. If you are connected to wireless 2.4 Ghz band you will get traffic only 2.4 GHz.

• Connect sonicwall tz215 with dell 6248P

  I'm currently setting up the 6248P powerconnect switch switch with sonicwall router tz215. I'm doing the transition as simple as possible. The router will make the WAN and DHCP and the switch will route traffic between subnet PCs and WAN of sonicwall for internet access.

  I have the selector on default and vlan1 as management vlan. should I start to create the vlan 10 for IP subnet, which is the same as sonicwall LAN subnet?

  SonicWALL x 0: WAN (fibre); x 1: WAN (ADSL2 +); x 2 LAN (10.0.0.x)

  Dell 6248P 44 port: connection with sonicwall x 2

  Please recommend any config step by step, thank you very much.

  6200 switches are not able to deliver their own management of VLANS. When you configure routing VLAN you will need to follow this article.

  http://Dell.to/1FiQhu7

  It is common to see only one VLAN dedicated to the connection between the switch and the firewall. So in this example VLAN 10 would give an IP address in the same subnet as the firewall. Then place the port access mode for VLAN 10 44.

  The 6248 you'll also want to place a static route that directs traffic on the firewall. Looks something like this:

  # ip route 0.0.0.0 0.0.0.0 192.168.10.1

  Address of the firewall. The SonicWall also have some static routes in routing traffic to the internal network.

  http://Dell.to/1SdpdUh

  The getting started guide is a good starting point for the configuration at the start of the switch. Then use the user's guide for instructions on configuring additional features.

  http://Dell.to/1EJ4qlK

  If you are in need of more support deepened with the SonicWall, it may be best to contact SonicWall support group.

  http://Dell.to/1VZtZ70

  Let us know if run into snags or have any questions.

• Config port / VLAN on switch MXL

  I'm not a network engineer, but I try to set a port to my MXL switch to a VLAN that will route traffic on virtual machines on a local network of calculation.

  This is the port Te 0/52 on the back of the MXL and I am running ESXi on servers in my m1000e.  In fact, I have two MXLs in the tissue A of the m1000e configured with VLT via the interfaces of the FourtyGig.  This part has been implemented by people of Dell Tech Services, making the installation.

  Here's what looked like the config to start:

  dsa1 #show vlan

  Codes: *-Default VLAN - VLAN, GVRP, R - G remote control Port Mirroring VLAN, P - primary, C - community, I - isolated
  O Openflow
  Q: U - no identified, the T - tag
  x - unidentified Dot1x, X - Dot1x tag
  o - unidentified OpenFlow, O - OpenFlow tag
  G - GVRP tag, M - Vlan-stack, H - VSN tagged
  i unidentified intern, I - labeled internal, untagged, V v - VLT - VLT tag

  Ports Status Description Q NUM
  * 1 U active Po33 (0/33.37 Fo)
  U Po41 (Te 0/41-44)
  Te U 0/1-32
  115 active Mgmt T Po41(Te 0/41-44)
  V Po33 (0/33.37 Fo)
  Te T 0/1-32
  486 active VMGuest T Po41(Te 0/41-44)
  V Po33 (0/33.37 Fo)
  Te T 0/1-32
  Te U 0/49-50

  And I wanted to add VLAN 1000 to calculate, so I did the following:

  dsa1 #conf

  dsa1 (conf) #interface Te 0/52
  dsa1 (conf-if-you-0/52) #show config
  !
  interface TenGigabitEthernet 0/52
  no ip address
  MTU 12000
  hybrid portmode
  switchport
  FlowControl rx tx off
  spanning tree rstp edge port bpduguard stop-on-violation
  no downtime

  dsa1 vlan (conf) #interface 1000
  dsa1 (conf-if-vl-1000) #show config
  !
  interface Vlan 1000
  Description information
  name computer
  no ip address
  Tagged TenGigabitEthernet 0/1-32
  Unmarked TenGigabitEthernet 0/52
  no downtime

  VLAN now looks like:

  dsa1 #show vlan

  Codes: *-Default VLAN - VLAN, GVRP, R - G remote control Port Mirroring VLAN, P - primary, C - community, I - isolated
  O Openflow
  Q: U - no identified, the T - tag
  x - unidentified Dot1x, X - Dot1x tag
  o - unidentified OpenFlow, O - OpenFlow tag
  G - GVRP tag, M - Vlan-stack, H - VSN tagged
  i unidentified intern, I - labeled internal, untagged, V v - VLT - VLT tag

  Ports Status Description Q NUM
  * 1 U active Po33 (0/33.37 Fo)
  U Po41 (Te 0/41-44)
  Te U 0/1-32
  115 active Mgmt T Po41(Te 0/41-44)
  V Po33 (0/33.37 Fo)
  Te T 0/1-32
  486 active VMGuest T Po41(Te 0/41-44)
  V Po33 (0/33.37 Fo)
  Te T 0/1-32
  Te U 0/49-50
  1000 active Compute T Te 0/1-32
  Te U 0/52

  But I wanted to add THAT VLT Po33 tag to the new VLAN because there is in others, not because I really understand what it does.  In my view, it is used for load balancing?  If I label it with the command 'tag Po33' in the config of vlan, out with the status "T" instead of "V".

  Here are the details of the VLT:

  dsa1 #show vlt detail
  Local LAG Id counterpart LAG Id status Local Peer status Active VLAN
  ------------  -----------  ------------  -----------  -------------
  41 41 UP UP 1, 115, 486
  dsa1 #show brief vlt
  VLT area in brief
  ------------------
  Domain ID: 100
  Role: secondary
  Primary role: 4096
  ICL Link Status: to the top
  Status of heart rate: upward
  VLT Peer status: to the top
  The local unit ID: 0
  Version: 6 (4)
  Local system MAC address: f8:b1:56:09:70:b1
  MAC address of the remote system: f8:b1:56:09:70:fd
  Configured the system MAC address: 00:01:00:01:00:01
  Version of the remote system: 6 (4)
  Restore delay timer: 90 seconds
  Delay-restore Abort threshold: 60 seconds
  Routing peer: disabled
  By the peer-routing-Timeout timer: 0 seconds
  Multicast peer-routing timeout: 150 seconds

  So my questions are, I'm on the right track?  It will do what I want it to do is send traffic on port 0/52 Te which is labeled in ESXi with 1000 VLAN?  Should I worry the VLT marking stuff and if yes, how should I do the VLT marking rather than normal marking?

  The connection only 1 port of MXL 1 to a device, this device is considered a switch/host an orphan. A VLT connection will have 1 port each MXL placed in a port channel and connected to a device.

  Here is a good article that covers the VLT in use with different Topologies.

  http://Dell.to/1wfDl3n

  And the User Guide is a good source to have as well.

  http://Dell.to/1Hy70bb

• Helps the FS7610 PS Series SAN, 10Gb network design

  Hi, we have currently a square of infrastructure EqualLogic SAN and NAS (2 x PS6510E, FS7500), a stack of two PC8024F 10 GB switches, 2 envelopes chassis m1000e blade with the A1 being a set of switches 1 GB m6220 fabric (fabric A2 a battery of the same thing), the tissue being a pile of m8024k B1 10 GB passes, (fabric B2 a battery of the same thing) and a stack of PC6224 two 1 GB (top of the grid GigE) switches.

  We all have this connected to the 10 GB being its own private network 10.1.0.x SAN network and vlan, nice and isolated from all the rest.  The blades can access the iSCSI shares via their network cards of 10 GB which is all on this network 10.1.0.x.  The NIC 1 GB on the blades are on a public network, and the FS7500 of the customer ports are on this network too via the 6224, so NFS connections are established via the public network to 1 GB.

  We intend to invest in an additional PS Series array to the host to a backup site, for replication.  At the same time, we plan to buy a FS7610 to our main site to take advantage of our 10 GB infrastructure and move the FS7500 existing to our backup site, so we can replicate iSCSI and NAS container volumes.

  That's where we could use some help, because now many things have changed.  Now, the SAN must be on the public network for replication to succeed, AND to take advantage of the connectivity of 10 GB and sharing NFS mount of the FS7610 through 10 Gbit, we need to use network cards 10 Gbit and switches in the network of the client NAS, that are already used for iSCSI traffic (and will in the future be used for connections to SAN vmware hypervisor).  In the FS7610 install and set up the guide, it says

  • Use the switches for network client and for the internal network and the SAN.
  • Use separate subnets for network client and for the internal network and the SAN.

  We can move the SAN and it is a dedicated subnet network and VLAN that is on the public network without problem, but my main concern is to be able to satisfy the recommendations/network configurations required for the FS7610 and avoid the local SAN/NAS traffic through a router to ensure connections of 10 GB.  Advice or tips are appreciated!

  It is the same thing that you are dealing with Linux, but TCP/IP standard routing.   You cannot route private subnets directly on the internet.  We need to create a "Wan".   Do not directly routed on the internet.

  Your WAN will create a private network and a tunnel over the Internet.   OpenVPN is a possible solution.

  A very widespread scenario might be:

  Once you have put WAN in place, on the internet of these routers would be a true internet address (e.g., 62.x.x.x.x) so the two WAN devices can communicate with each other.   They create a VPN tunnel with a new subnet, say 10.3.0.x.

  The WAN router primary side would have a leg on the subnet 10.1.0.x, say with 10.1.0.10 IP address as your default route on the side of EQL SAN 10.1.0.10.

  On the side of the DR this router would have a leg on the 10.2.0.x subnet, say 10.2.0.10.  The default GW on the side DR would be 10.2.0.10.   The router knows how to move packets between networks using the standard range.

  Looks like all you're missing is the "WAN" VPN tunnel between sites.  You want something that will encrypt traffic between the sites anyway.

  Who help me?

  Kind regards

• DMZ FOR LAN

  IF I HAVE APPLAIANCE ON DMZ LETS SAY OF E-MAIL SECURITY... DO I NEED TO ACL OR NAT BETWEEN THE DMZ TO LAN POLICY?

  OR SIMPLY POLITICAL NAT AND ACLS OF THE WAN TO DMZ... AND DMZ TO LAN WILL SPEAK WITHOUT INTERRUPTION

  You don't need a policy of NAT, DMZ - LAN, only ACLs, which will allow traffic from the local network to your device in the DMZ.

  You must configure the NAT policy and an ACL while providing access outside your network form. That is to say, WAN - LAN or WAN - DMZ.

• VLAN Public IP assignment

  Hello everyone;

  Overview:

  My ISP I provided more than IP address public block i.e. (192.158.13.1/24, 192.158.14.1/24) that I would attribute to my (Citrix XenServer) hypervisor via vLAN isolation & make available to my VMs to directly acquire public IP addresses.  (it's actually a requirement of the network I want to put in place).

  I would like to know if this scenario is possible to implement via Dell 6224 L3 Switch.

  

  Network configuration:

  -My ISP gave me a link power to my cart I use (I can assign any intellectual property of these two different blocks) which gave me.

  -Currently the ISP link will my Dell Power Connect 6224 L3 Switch port 24 then will my port of XenServer 15 box

  -J' got number of VLAN configuration of the switch which are represented on the XenServer port 15 so is trunk port.

  What I try to do

  Since all virtual machines requires public IPs.

  1. the Dell switch creating VLAN 10 & 20 2

  2 assign the public ip address to each vlan

  3. create rule of road on the foreword traffic crossing to the ISP router

  4. Add the vLAN 10 & 20-port 15 so my XenServer hypervisor can see incoming traffic.

  My current status

  I am unable to do this work in that order, can anyone advice if the idea is correct the task or I have to design a different solution to work.

  S1l if I go ahead and configure the general mode on port 1/g24 (I created VLAN local tag v10 & v20 instead of the ISP provided vlan ID). (correct?)

  I would change your VLAN ID to match that those who use the access provider. If you set the general mode and tag VLAN 10 and 20, the port will send packets containing the tag according to the VLAN they came. But if the Cisco device does not know these VLANs, when it receives VLAN tagged packets, he used to know what to do with them.

  So if said PSI on the cisco 192.158.13.1 device belong to VLAN 110, then on the 6224 change VLAN 10 to 110 of VLAN. so now that the port sends the packets marked to the Cisco, Cisco sees a package labeled for VLAN 110, Cisco has a VLAN 110 and he continues to pass the package on this VLAN.

  T2 the command ip route 192.158.13.0 255.255.255.0 192.158.13.1 will forward traffic to vlan 10 outside via the 24 port because there vlan 10 tag. (correct?)

  Because we use a general/trunk connection, the static route cannot even necessary on the 6224. The static route is used to help guide traffic to the next network hop. I set up without the static route first and see if you have connectivity. If this isn't the case, then look at the network settings on clients that connect to the switch.

  Devices in VLAN 10

  192.158.13.x = IP address

  Default gateway = 192.158.13.1

  Devices in VLAN 20

  192.158.14.x = IP address

  Default gateway = 192.158.14.1

  Then, if still no try connection adding static routes.

  Part of getting this work may come down to trial and error. It's always a little unusual that there is no other device between the 6224 and your ISP. PSI enjoys these cisco devices located in the building in which your material resides

• 7048 config as default gateway. Next internet and Juniper at the break.

  Hi, we have a stack of 2 x 7048 s who are (is?) configured as a default gateway for a number of VLAN from some Dell blade chassis. I won't go into too much detail because it's more of a conceptual thing I need to know

  8 x VLANS, which are all x.x.x.254 255.255.255.0. Large. All the internal stuff works a treat.

  Now, I would like to take 48 port and plug a juniper firewall and have all the internal stuff in access internet. safely.

  I can put in place the Juniper and access the internet separately and everything works fine also. How can I join the two together? How to configure port 48 to be the gateway to the internet for all the VLANS?

  of the outside external internet connection has (internally) is 192.168.1.254. He my Juniper with 192.168.1.92 APS (UnTrust pronounced by the external router DHCP). IP of confidence of Juniper is negotiable, but currently I put like 192.168.2.1 (static) and he would have the port defined as 192.168.2.254

  Therefore, the conceptual bit to get all VLAN.254 see port 48 as the output to the internet, so I'm lokoing. Then, I need to set up DNS etc. internally and on the Gin that is the next challenge.

  Thanks in advance

  The command to enter a lane that will direct traffic to the firewall is.

  console (config) #IP 0.0.0.0 route 0.0.0.0 192.168.2.1

  The IP address 192.168.2.254 should be for VLAN 10 on the 7048. And then no other VLAN must be in the 192.168.2.x broadcast domain.

  Console (config) #interface vlan 10

  Console (config - vlan) #ip address 192.168.2.254 255.255.255.0

  Then, to relay DHCP packets to the DHCP server, you would add the command ip assistance

  Console (config) #ip helper-address 192.168.1.92 dhcp

• Implementation of VPN for INCOMING connections to my server running Windows 7

  I need to set up a private network virtual SERVER on my server on Windows 7 and can't find the information I need to do this. Can someone explain what I need to do. I have a fixed IP address for my cable modem.

  I need to set up a private network virtual SERVER on my server on Windows 7 and can't find the information I need to do this. Can someone explain what I need to do. I have a fixed IP address for my cable modem.

  See this article for help...

  http://Windows.Microsoft.com/en-us/Windows7/set-up-an-incoming-VPN-or-dial-up-connection

  Remember that for a PPTP VPN server you must forward/open the TCP 1723 Port through a firewall or a router to the PC server is behind. You must also make sure that the firewall or the router will pass traffic GRE protocol 47 . This is sometimes called PPTP Pass Through or VPN Pass Through the firewall or the router. Windows Firewall automatically communicates the GRE protocol traffic if you make an Exception for the Port TCP 1723.

  You can test it by running the test detailed in sections PPTP Ping and VPN traffic in this Cable Guy article.

  http://TechNet.Microsoft.com/en-us/library/bb877965.aspx

  You can download the tools, pptpsrv.exe and pptpclnt.exe to Microsoft or if you have an XP SP2 CD. To extract the programs on a PC Windows 7 open the CD and select open folder to view files in the AutoPlay window.

  Extra help...

  http://Windows.Microsoft.com/en-us/Windows7/why-am-I-having-problems-with-my-VPN-connection

  MS - MVP Windows Desktop Experience, "when everything has failed, read the operating instructions.

• ISP or internet access redundancy failover

  Hi Experts,

  There are four figures (A, B, C, D) shown in the attached diagram.

  My goal-side wan failover, means,

  If an ISP or router fails, the other should

  always be accessible.

  Cisco 2960 Switch L2 =

  Cisco 3560 Switch L3 =

  I speak here of only two methods i.e. redundancy

  Floating static route and IP SLA. There are folllowing

  questionnaires on the attached diagram below,

  Please give me answers in options Yes or no, if yes, then

  guide me how to do, give me a short idea with config:

  

  Figure A:

  1. floating static route (Yes or no)

  2 IP SLA (Yes or no)

  Figure b:

  1. floating static route (Yes or no)

  2 IP SLA (Yes or no)

  Figure C:

  1. floating static route (Yes or no)

  2 IP SLA (Yes or no)

  Figure D:

  1. floating static route (Yes or no)

  2 IP SLA (Yes or no)

  Figiure A and B, the two subnet side LAN are same

  Figure C and D, subnet side LAN both are different

  Note: Please do not discuss HSRP or any routing protocol in this post...

  Hi again Kuldeep!

  First of all - I would like to know what hides behind switches. I will assume that there is some host machines, because if there was some other routers, things will become more complex.

  In addition, it is a pity that we cannot use routing protocols here, it would facilitate the Setup as much.

  Figure A:

  I hate to say it but Figure A is a typical scenario of HSRP/GLBP - I'll tell you why and and then leave, as you suggested, that we should not use HSRP in this thread.

  You have common LAN IP subnet. Therefore, all hosts that are connected to the switch must have default gateway configuration. But what happens if one of the gateways become unavaible? Or the link to ISP becomes Athens? There is no other way to deal with this problem than the FHRP protocols.

  Let's think about the following scenario: Router 1 will work, but its link to isps1 breaks down. Router 1 will always be the gateway by default for guests, but cannot transfer the Internet traffic. She could have floating static route set to ROUTER2 and ROUTER2 if its connection to ISP2 up - it will pass traffic rather ROUTER1. But as you can see - FHRP would solve the problem better. Now traffic have still must be sent to the Router 1 and then again in LAN Router 2 to send to the ISP.

  Thus,-online 1. Floating static route - might be, but:

  But consider this scenario with ONLY floating static routes defined. ROUTER1 has ROUTER2 to ROUTER1 and ROUTER2 FSR failed link to Internet service providers. But what happens if the two links on isps1-R1 and R2-ISP2 sink? Traffic will be a loop between ROUTER1 and ROUTER2 until TTL expires. That's because ROUTER1 trying to forward all traffic to ROUTER2 due to the static route - ROUTER2 is do exactly the same. It of a rare scenario - but can occur.

  2 IP SLA - Yes, you could improve floating static route combining with IP SLA. You will configure floating but static route on Router 1 to Router 2, Router 1 will monitor router ' s2 ISP link. Then the floating static route will appear only if the IP SLA test is passed. In this case, you prevent loops where the two links to ISPS goes down.

  Very brief example (may include some errors):

  R1(config)# ip sla 11
  R1(config-ip-sla)# icmp-echo 125.36.56.45
  R1(config-ip-sla-echo)# frequency 10
  R1(config-ip-sla-echo)# exit ! 2x
  R1(config)# track 1 ip sla 11 reachability
  R1(config-track)# delay down 10 up 1
  R1(config-track)# exit
  R1(config)# ip sla schedule 11 life forever start-time now
  R1(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.3 253 track 1
  

  And I have a similar setup on ROUTER2.

  Explanation:

  The first step in this configuration defines the probe.
  Probe 11 is defined by the ip sla 11 command.
  The test defined with the icmp-echo 125.36.56.45 command specifies that the ICMP echoes are sent to destination 125.36.56.45 to check connectivity.
  The frequency 10 command schedules the connectivity test to repeat every 10 seconds.
  The ip sla schedule 11 life forever start-time now command defines the start and end time of the connectivity test for probe 11; the start time is now and it will continue forever.
  The second step defines the tracking object, which is linked to the probe from the first step.
  The track 1 ip sla 11 reachability command specifies that object 1 is tracked; it is linked to probe 11 (defined in the first step) so that the reachability of the 125.36.56.45 is tracked.
  The last step defines an action based on the status of the tracking object.
  The ip route 0.0.0.0 0.0.0.0 192.168.1.3 254 track 1 command conditionally configures the default route, via 10.1.1.1, with an administrative distance of 2, if the result of tracking object 1 is true.
  Thus, if 125.36.56.45 is reachable, a static default route via 192.168.1.3with an administrative distance of 253, is installed in the routing table.
  

  Figure b:

  OK I'm not sure if this switch is also active L3, or just capable L3 and it behaves like L2 switch.

  If his behavior is L2 - same as Figure

  If his behavior is L3 and routing - you could configure IP SLA + floating static routes in a similar way as in the Fig. A.

  Switch must have two floating static routes and two probes IP SLA defined.

  Figure b:

  1. floating static route - not alone

  2 IP SLA - Yes, with a floating static route

  Example:

  
  Switch(config)# ip sla 11
  Switch(config-ip-sla)# icmp-echo 78.22.33.3
  Switch(config-ip-sla-echo)# frequency 10
  Switch(config-ip-sla-echo)# exit ! 2x
  Switch(config)# ip sla 22
  Switch(config-ip-sla)# icmp-echo 125.36.56.45
  Switch(config-ip-sla-echo)# frequency 10
  Switch(config-ip-sla-echo)# exit ! 2x
  Switch(config)# track 1 ip sla 11 reachability
  Switch(config-track)# delay down 10 up 1
  Switch(config-track)# exit
  Switch(config)# track 2 ip sla 22 reachability
  Switch(config-track)# delay down 10 up 1
  Switch(config-track)# exit
  Switch(config)# ip sla schedule 11 life forever start-time now
  Switch(config)# ip sla schedule 22 life forever start-time now
  Switch(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.2 2 track 1
  Switch(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.3 3 track 2
  

  Figure C:

  This one is a little tricky. Because you said that there are several different LANs. So there must be some VLAN. If the connection between routers and Switch is set as the trunk, you have routing Inter VLAN past, known as router-On-A-Stick. If this is the case - it would be similar to Figure A.

  If you do not have Inter VLAN routing in this scenario I can't think of any possible solution here. It is simply because the ROUTER1 would not be able to send anything to ROUTER2 (if it was in different VLAN).

  Figure D:

  Similar to Figure B.

  There might be some errors in the configuration of the example, if so - don't hesitate to correct me. Please do not take that 100% accurate, ready for use in the direct network. Hope that helps.

  Best regards

  Jan

• NFS and VLAN native

  Hi all

  I have two channels of different port by interconnection fabric. On a single port channel I have several VLAN assigned to the traffic of the virtual machine so that 1 VLAN by default not identified in a vNIC. Unfortunately, in our factory environment VLAN is used for certain traffic of virtual machine. Now, on the second channel of port it is connected to nexus 5 k switches but only allowed for a NFS VLAN.

  The problem I am facing is that if I enable NFS port channel, some of my traffic to the machine virtual stops as it seems that they arrive via public port channel but are trying to wind up with the NFS who filed the application.

  I want to use the Group feature VLAN to apply a VLAN for the Port Channel Mapping. I am able to associate a rule for NFS fine, but I'm not able to select the default VLAN in my public group to create a mapping rule.

  If I just create a group for NFS, be it re - automatically send everything through the other channel of port? (This is essentially what I want) Or if I create a group and not the second, it will only help the NFS one but leaves the audience in the same situation that bounce between several channels of port?

  Thank you for your help and assistance

  Contact me directly if necessary

  an a v v a l i t o r o n t o c a.

  Hello

  Altogether, you created 10 vlan, including the vlan by default and you are able to add only 9 vlan in this group...

  You mean that you want to add the vLAN by default Id in the particular group which was created by you...?

  You cannot add the vlan by default Id in groups of VLANs, but an option is there you can change the default vlan ID 1 to another number, you can create a new id vlan 1 and you'll be able to add to the group.

  Before making changes to ensure that if id vlan by default 1 used by some other servers or not because if you have changed this means it will disrupt traffic.

• Configuration and installation of SourceFire ASA

  Hello team,

  Recently, we have installed the SourceFire ASA-based software but its not in production, but now we intend to get SourceFire ASA production for the management of traffic and URL filtering. Right now, we have the FireSight of installation management system and uploaded image of SFR to ASA. Now ASA will exercise traffic of internet entry/exit point to our network. I have some doubts as follows:

  (1) ASA I see sfr module is in place, but what happens if I console module sfr this will affect my normal Internet traffic while I'm in the console of sfr.

  (2) are there models of basic configuration for the url filtering to make the job easier.

  (3) what are the control list to cross check before get sfr inline module in production.

  Thanks in advance for your help.

  Thank you - Jadesh

  Redirect us traffic to the fire power module using the modular policy framework for something like this:

   policy-map global_policy class class-default sfr fail-open service-policy global_policy global

  Generally, what you do on the console of sfr module do not affect the parent ASA. Until you have the policy to redirect traffic nothing will pass or affect by the module of sfr. As long as you have the 'rescue' the sfr descending module or the reset does not affect production ASA traffic.

  Of course once you run traffic through it and start applying policy, you have the option to block or otherwise affect this traffic.

  Beyond the user and Admin guides, you can take a glance series Lab Minutes that was done recently. They do a good job of walking your through basic tasks.