Is there a VPS provider that will sell me a VM , and put it up somewhere, and can make me another VM in the future, on the same VLAN as the original VM ?
For example, pretend VM #1 has a NIC at 10.0.0.100
in the future, I want another VM with a nic at 10.0.0.101
I was looking at Go-Grid , but I'm not sure how their pricing works.
I need a basic L3 switch for maybe 25 mbps that will do hopefully up to 50 VLANs and which will not require me to hire someone to configure it.
As much as I like Cisco, that rules them out.
The reason I'd like a Layer 3 switch is so that I can run my backups and inter-server transfers without adding to my bandwidth bill. Also, VLANS are a critical requirement as i have a lot of customers with root on their managed servers.
So i am looking at HP [gasp] switches. How "easy" is the web-based configuration widget? [I'm an advanced unix admin but networking is a mystery to me.]
This is a starter switch and once i have a full cab of servers I'll be able to spend $7K on a pair of 3560s and hire someone to configure them for me ... but until then what can i get to meet my requirements?
I'm trying to implement VLANs on my network and can't get connectivity to host servers. Here's how the network is configured. Pardon the bad ascii diagram.
In this example my upstream is providing two subnets:
111.111.111.16/28 (I'm using an IP from this subnet to manage the 3550)
222.222.222.16/29
I am attempting subdivide the /29 into two /30's in order to place a server into it's own /30 subnet & VLAN ............
I'm not sure exactly how to phrase the question. But, I'm researching how to PXE boot a server without having a DHCP/PXE server in each vlan.
Scenario: Datacenter with dozens of servers. 1 VLAN per server. Cisco switches and routers. Each server has a serial console available for remote management (OS and BIOS are configured for serial console). If an admin wants to re-install OS, they should be able to reboot the server and tell the BIOS to initiate a PXE boot request. A central install server is available to provide the DHCP and PXE boot images.
Has anyone tried this? I have been reading about the 'ip helper-address' for Cisco to relay DHCP requests. Interested in hearing about real-world setups. Or is there a better way to accomplish remote OS installs?
I have two servers both in a same vlan. Both may access Internet and be acceessed from Internet I setup db server and web server internal IP each as follows:
I used ifconfig to check both status, both of them are up. both of them may ping google, but when I try to ping their each other through internal IP, nothing returns.
I used command tracert to follow, found all packages were sent to Internet rather than an internal IP.
My host tells me to do it by making NAT, I have no idea on it. Anyone may help me out on how to do with NAT?
I'm looking for a solution that I can place a firewall between 2 vlans on a BigIron router with L3 enabled.
For this moment there is one big vlan2 with a ip-route 0.0.0.0 0.0.0.0 123.123.123.123 and a router-interface ve2 with the IP of the router, the address I use as gateway on the machines behind it.
The WAN port has the IP address to communicate with to the GW of the carrier-router (123.123.123.122)
Because I want to let the BigIron the routing I was thinking of 2 vlans, one for the lan-vlan and one for the wan-vlan, but this will be a problem because I only have one IP-block what I can use.
So the sitiuation must be as follow on the BigIron:
WAN => vlan2 => firewall => vlan3(lan)
Because of the fact that the firewall will be transparent, this should be no problem to place it between the vlans. The actual problem is how to manage this. In simple words, I should be able to replace the firewall with a cross-cable and it should still work.
Cisco for an example has a SVI solution for this, but I can't find such thing for a Foundry router.
Having a slight problem working with one of our Extreme Summit 48 (ugh) switches - I've figured out most of the basics, but I can't seem to find any way to add a secondary IP address to a VLAN! This, I would have thought, would be a pretty basic feature to have. Typing "config vlan [vlanname] ipaddress 1.2.3.4/24" works for setting the primary IP, but I can't figure out how to add any more - and doing the command again just overwrites the first one.
So... does anyone have any tricks up their sleeve, or is this something that Extreme neglected to add to this model switch?
We offer colocation & dedicated servers as well as shared & reseller hosting services.
Our colocation customers and dedicated server customers are definitely on their own VLANs for obvious reasons.
Up until now, we have been using separate VLANS and ip allocations for each of the servers in our shared & reseller server fleet. I'm starting to question this policy for many reasons:
1) We directly manage all of the servers and it is very rare that any servers are compromised to the point where they can steal an IP address.
2) We are wasting IP addresses - network, broadcast and gateway addresses are required for each vlan. Additionally, if a server needs 1 more IP address, we need to add a whole new block.
If all of the servers are under our direct management, does it make sense for us to use any vlans at all? It seems that it only serves to complicate things, waste ips and add management overhead.
I've read that all ethernet switches in a MST Region need the same Name, Revision number, and list of member vlans for each Instance. So what happens when you need to change the range of VLANs in a MSTI ? Let's say that you need to add a range of vlans to an instance that spans 20 switches? How would you do that?
Can you make a recommendation for a switch-based L3 router which can
- hold a moderate number of routes (interface routes, a few hundred statics + default) - OSPF and BGP - MST - 1024 layer-3 dot1q subinterfaces (or maybe VLAN interfaces) with + traffic policing in and out per subinterface/vlan + VRRP/HSRP/NSRP - IPv4 & IPv6 native - 2x GigE ports - Not tip-over under 1gbps DDoS towards a VLAN interface.
I've been using 3560Gs, but they seem to lack the output traffic policing. I'd prefer to have subinterfaces which don't run spanning-tree, versus Vlan Interfaces to a trunk interface which runs spanning-tree. These switches sit at the L3 boundary between two L2 networks.
Cost is a big factor; but I also must carry vendor licenses & support contract, if the vendor asserts that not doing so is illegal in US.
I heard the other day from a very reliable source that this is a fact and they expect it to happen sooner rather than later. Since they seem to set the bar anyway seems it was only a matter of time. Anyone else aware of this or am I the only one? Searched the forum before I posted and nothing came up. Seems like a significant development to me...
Im planning on using WAMPserver2 on our web server to host our website. Now, as far as I can tell, WAMPserver2 was mostly created to allow you to do work locally. Is there any known problem with using this software on a web server publically?
You are hosting your web site on a local server and you have the DNS pointing to the LOCAL (read: not public) IP on your LAN which means only you and those on your LOCAL network can access the site.
I'm on a reseller cPanel WHM account with shell access, and this public FTP for uploading maps for a game.
How do I ban FTP users by their IP? (.htaccess wouldn't do the trick)
How do I regulate priviledges/permissions of FTP users?
How do I control (like configuring how the indexing is displayed, for example) /public_html/somedirectory/ through /public_html/.htaccess?
How do I disallow certain filetypes from existing in /public_html/somedirectory/* or to be uploaded?
How do I disallow apache from rendering any html, php, cgi, java, perl, etc files in /public_html/somedirectory/*?
So, if you had a public FTP (not the "anonymous FTP" cPanel can create, but a regular and single user account shared by everyone), how would you protect your free map hosting service from abuse? What protections would you setup? Etc.
we have this Juniper SSG5 firewall, our very first Juniper and wanted to use it.
While I am able to use it in NAT mode, I have been unsuccessful to use it in route mode.
We have Public IPs from the same segment and I wanted to use it with the firewall but it appears that I can't assign IPs for each port if the IP is from the same segment.
Does it mean that we can't use it other than in NAT mode?
What we want to accomplish is to have one of IPs to act as gateway and filter or route in/out traffic to/from our other IPs.
Due to an emergency with our colo space, we are missing a switch.
As a very temporary measure, would it be possible to put both our public traffic and private traffic (10.0.0.0/8) on the same switch without a VLAN?
Essentially we'd be connecting both the trusted and external side of our (natting) firewall to the same switch, along with our servers (which have private IP's).
I regret to bring this to a public forum but having seen that solarvps has a presence here I am hoping that a resolve to this issue can be found, and any public opinions are welcomed.
Having been a customer with solarvps since 2006 without any cause for concerns it does not make me happy with some recent issues I have had with them. So I have had a vps server hosted with them since 2006. Sometime in February when attempting to login to my VPS I got an error, I left it as this happens sometimes, it happened for 4 days in a row so I thought this is a little strange logged in to my control panel, to see no VPS server was listed under the account. There was no invoice generated either. Ok this is strange but I just assumed it had been terminated, no invoice came through and that particular server was a backup server so I sought hosting elsewhere.
4 months pass I get an email from solarvps stating my account is overdue with charges applied. I contact them back straight away asking what they are billing me for I have explained the situation time and again to them, I have asked the questions why the server disappeared from my account, why I wasn’t able to access the vps remotely and why no invoices got generated at the time to which I have had no response, I have asked more than 5 times now. The only response I keep getting form them is threats if I do not pay to hand over to a collection agency and the possibility of legal action. To which I have replied each time that I will contest any such action and seek legal advice myself.
Granted I should probably have contacted them at the time but really they are at fault more than I am for not asking them what has happened, I truly believe I am not in the wrong here but nobody within solarvps is prepared is looking at the facts of what has happened here.
Well anyway I hope bringing this to a public forum will bring a resolve and maybe some answers. I am getting no response from anybody within solarvps and would be happy to take this away from the public if they are willing.
I am not unfair nor does it make sense that a customer for so long would just decide not to pay you one month and kick up a fuss over such a small amount of money but the fact that I am not in the wrong with this matter, I am not prepared to pay them no matter how much bullying tactics they wish to adopt in trying to make me.
Currently we are running a very successful site for extreme sports. We have just spent 6 months on development of our new site which we will launch in a fortnight. This will free up some of my time to look at other areas and avenues to attract members.
Personally I would love to run a hotmail style service on our website, and believe this would help with the growth of our online community.
Just interested in advice from others on areas to be aware and alert when running a service like this?
I am also trying to make the decision between SocketMail or Atmail. If anyone has opinions on these, or an alternative solution i'm all for that advice too.
Basically at this point I am wanting to get as much advice together as possible, then look to making an informed decision to go ahead or not.
Currently we operate off a dedicated server and i realise this may have to become two servers in the near future with such a service. It is fully managed by myself, and a 3rd party individual I hire to maintain the server on a monthly basis.
How do you guys deny run of perl/bash scripts from /tmp, /var/tmp, /dev/shm? I've tried to build simple shell wrapper, but that's not a compromise if you run for example spamassassin on the same server (it needs direct io to/from perl binary). I'm looking intro some kind of binary wrapper or patch that will deny running perl scripts from public folders (also the same for shell scripts will be great). Any ideas or solutions?
If anyone interested in primitive shell wrapper code:
Code: #!/bin/sh ARGS=`echo $@ | grep -v "/tmp/"` if [ "$ARGS" != "" ]; then /usr/bin/perl.orig $ARGS; fi
I often need to access my sites from public places, which are behind firewalls, don't have access to hard disk and any Windows tool (just plain internet access).
Problem: firewall, closed ports: 8082 (cPanel), 2078 (SSL; I don't know, if I'll need this), 2077 and maybe others.
Which hosting features I need? to be able to
1. access cpanel, when port 8082 is closed (I was using cpanelproxy.net until now with success). 2. for uploading files from other websites directly to my website (without prior downloading on a PC hard disc) - I've herad SSH should work, but what exact SSH I need - any experience someone? Any other solution? I was trying WEb Disc feature in cPanel11 but it needs port 2078 or 2077 open...
