Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Firewall / Network isolation inquiry
Special Forums UNIX and Linux Applications Infrastructure Monitoring Firewall / Network isolation inquiry Post 302300174 by avronius on Monday 23rd of March 2009 11:51:32 AM
Old 03-23-2009
Firewall / Network isolation inquiry
Good morning folks,

A good friend of mine has a network where every host has two paths to the file servers (two NICs & two networks for all hosts).

Normally speaking, one network will be used for regular application traffic - license servers, itunes library, collaboration tools - while the other will be used for infrastructure traffic - AFS cluster, SNMP, etc.

Currently, the application traffic is saturating both networks, resulting in poor AFP and NFS performance. Ideally, he'd like to firewall the traffic on the host - directing applications to use ports on 192.168.2, while allowing the higher bandwidth (mission critical) traffic to use 192.168.3 without being impacted by the collaboration stuff.

Using the two example networks above, can you recommend what he might need to change / implement in order to isolate services in this fashion?

- Avron
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

uniX iNQUIry from a newbie

hi, i would like to study unix but i don't have the software for me to test the scripts that i read from the book and from the internet. I would like to ask anyones help to please tell me link wer i can download for free the unix system. I would be glad to receive your replies. thanks, (2 Replies)
Discussion started by: youdexter
2 Replies

2. Programming

Performance inquiry...guestimate better approach

So, I've been told and heard a million times that malloc and free are expensive calls to be avoided. So many times I avoid malloc by reusing already allocated memory blocks. Store them on free lists somewhere myself and don't call free when I know malloc will be called very shortly thereafter. ... (6 Replies)
Discussion started by: DreamWarrior
6 Replies

3. UNIX for Dummies Questions & Answers

Offline Agents Inquiry.

Hello, I currently use Solaris, and typically I use the svcs -a | grep PROCESS to see if it's online or Offline. My questions is SVCS is in solaris but if I want to find out if a daemon or process is offline what other methods can I use? ps -ef | grep PROCESS "what do I look for" or... (1 Reply)
Discussion started by: NelsonC
1 Replies

4. UNIX and Linux Applications

command to check value of autocommit and isolation level

Hi, Pls let me know command to get following: 1. how to check current value of autocommit 2. how to check current value of isolation level I am using mysql-5.0.26 on unix -Thanks (2 Replies)
Discussion started by: newbielgn
2 Replies

5. UNIX and Linux Applications

how to change isolation level to READ COMMITTED

Hi, I am using perl DBI and mysql-5.0.26 on unix. Could you please let me know or point to source on how to set isolation level to READ COMMITTED . ~Thanks (2 Replies)
Discussion started by: newbielgn
2 Replies

6. UNIX for Dummies Questions & Answers

UNIX Inquiry

Hi Everyone! I'm new with UNIX,so, sorry if this question seems really dumb.:( Anyway, I'd just like if it's possible to automatically inform someone (via mail or pop-up box or something) that a file has been recently uploaded/received to the UNIX box? If it is, any advice on how to get that... (0 Replies)
Discussion started by: jam04
0 Replies

7. UNIX for Dummies Questions & Answers

UNIX inquiry for 'awk'

Hello Everyone, May I ask for your help regarding one of the UNIX command “awk”. So I executed a script and the output looks like this (see below): output.txt CONTRACTNAME ... (3 Replies)
Discussion started by: steven_huskie
3 Replies

LEARN ABOUT DEBIAN

netdiscover

netdiscover(8)							   User Commands						    netdiscover(8)

NAME

       netdiscover - an active/passive arp reconnaissance tool.

SYNOPSIS

       netdiscover [-i device] [-r range | -l file | -p] [-s time] [-n node] [-c count] [-f] [-d] [-S] [-P] [-L]

DESCRIPTION

       netdiscover  is	an  active/passive  arp  reconnaissance  tool, initialy developed to gain information about wireless networks without dhcp
       servers in wardriving scenarios. It can also be used on switched networks. Built on top of libnet and  libpcap,	it  can  passively  detect
       online hosts or search for them by sending arp requests.

       Furthermore, it can be used to inspect your network's arp traffic, or find network addresses using auto scan mode, which will scan for com-
       mon local networks.

OPTIONS

       -i device
	      The network interface to sniff and inject packets. If no interface is specified, first available will be used.

       -r range
	      Scan a given range instead of auto scan. Valid range values area for example: 192.168.0.0/24, 192.168.0.0/16 or 192.168.0.0/8.

       -l file
	      Scan ranges contained on the given file, it must contain one range per line.

       -p     Enable passive mode. In passive mode, netdiscover does not send anything, but does only sniff.

       -s time
	      Sleep given time in milliseconds between each arp request injection. (default 1)

       -c count
	      Number of times to send each arp request. Useful for networks with packet loss, so it will scan given times for each host.

       -n node
	      Last ip octet of the source ip used for scanning. You can change it if the default host is already used. (allowed range: 2  to  253,
	      default 66)

       -S     Enable  sleep time suppression between each request. If set, netdiscover will sleep after having scanned 255 hosts instead of sleep-
	      ing after each one.  This mode was used in netdiscover 0.3 beta4 and before. Avoid this option in networks with packet loss,  or	in
	      wireless networks with low signal level. (also called hardcore mode)

       -f     Enable  fast  mode  scan. This will only scan for .1, .100 and .254 on each network. This mode is usefull while searching for ranges
	      being used.  After you found such range you can make a specific range scan to find online boxes.

       -d     Ignore configuration files at home dir, this will use defaults ranges and ips for autoscan and fast mode. See below for  information
	      about configuration files.

       -P     Produces	output	suitable to be redirected into a file or be parsed by another program, instead of using interactive mode. Enabling
	      this option, netdiscover will stop after scanning given ranges.

       -L     When using -P, continue program execution after the active scan phase to capture ARP packets passively.

USAGE

       If passive mode (-p), scan list (-l) or scan range (-r) options arent enabled, netdiscover will scan for common lan addresses.

       Screen control keys

       h      Show help screen

       j      Scroll down (or down arrow)

       k      Scroll up (or up arrow)

       a      Show arp replys list

       r      Show arp requests list

       q      Close help screen or end application

CONFIG FILES

       There are 2 configuration files that netdiscover will look for, each time it is executed, if file doesnt exist it will use default  values.
       You can use the -d switch to disable reading and loading configuration files.

       ~/.netdiscover/ranges
	      This  file  contains  a list of ranges (one per line) used for auto scan mode instead of default ranges. By default netdiscover will
	      use a list of common ranges used on local networks.

	      Example:
	       192.168.21.0/24
	       172.26.0.0/16
	       10.0.0.0/8

       ~/.netdiscover/fastips
	      List contaning the last octect of the ips to be scanned on each subnet, when using fast mode, by default (1,100,154).

	      Example:
	       1
	       10
	       25
	       254

AUTHOR

       netdiscover was written by Jaime Penalba Estebanez.

       This manual page was originaly written by Nicolas Weyland, for the Debian project. This man page has been merged into netdiscover  project,
       and modified from the original.

netdiscover							   February 2006						    netdiscover(8)
All times are GMT -4. The time now is 12:18 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy