number of matches found: 31
Network Kernel Parameters
These Parameters have been suggested by TIBCO to bring the performance of a LINUX machine to the maximum regarding the network.
We have used these tuning parameters successfully to reduce retransmissions on heavy loaded machines. You will find similar tuning tips, when searching for web-server optimization.

Parameter Red Hat Enterprise Linux Server 5.6 (Tikanga) VALUES proposal
net.core.rmem_max 131071 16777216
net.core.rmem_default 129024
net.core.wmem_max 131071 16777216
net.core.wmem_default 12902?
net.ipv4.tcp_rmem (3) 4096 4096
87380 87380
4194304 16777216
net.ipv4.tcp_wmem (3) 4096 4096
16384 65536
4194304 16777216
txqueuelen 1000 7000
net.core.netdev_max_backlog 1000 30000



Performance daten: missed/pkts und retrans/pkts are good quality parameters
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\profiles\<Profil>


3. Änder den Wert "Category" entsprechend deinen Wünschen ab.

Öffentlich = 0
Privat = 1
Arbeitsplatz = 2
http://dev.mysql.com/doc/refman/5.0/en/resetting-permissions.html#resetting-permissions-unix
1. Stop mysqld and restart it with the --skip-grant-tables option. This enables anyone to connect without a password and with all privileges. Because this is insecure, you might want to use --skip-grant-tables in conjunction with --skip-networking to prevent remote clients from connecting.
2. Connect to the mysqld server with this command: mysql
3. mysql> UPDATE mysql.user SET Password=PASSWORD('MyNewPass') WHERE User='root';
4. mysql> FLUSH PRIVILEGES;
IBM 8239
useful Commands:
display tr_surrogate ...
display rmon log_data All //out errors ...
display stack //model, version
display network_map all_stations //welche MAC gibts?
display port all
display management_interface all //eigene MAC adresse ...
display trap_log
unwrap data_io //DI oder RO Verbindung ins Netz einfügen
display wrap_points //Status der Datenschnittstelle
save //save configuration

<strg>+<r> repeat last command
<strg>+<f> go forward in command protocol
<strg>+<b> go backward in command protocol
Beacon-Betrieb wird typischerweise aufgrund einer fehlerhaften DAtenstations-NIC oder eines
fehlerhaften Anschlusskables verursacht. Hilfe bringt Befehl DISPLAY PORT.

RI/RO Status: wenn LED nicht an -> etwas falsch mit ferner Einheit!
http://kbase.redhat.com/faq/FAQ_79_2561.shtm

Resolution:The new way to add static routes on Red Hat Enterprise Linux systems is to create a file
/etc/sysconfig/network-scripts/route-ethX where X corresponds to the network interface you wish to use
the alternate route(s). This file deals with three fields: GATEWAY, NETMASK, and ADDRESS. Each field
should have a number appended to it indicating what route it relates to. The example below shows two
static routes configured for the eth0 network interface.

/etc/sysconfig/network-scripts/route-eth0
GATEWAY0=10.10.0.1
NETMASK0=255.0.0.0
ADDRESS0=10.0.0.0

GATEWAY1=10.2.0.1
NETMASK1=255.255.0.0
ADDRESS1=192.168.0.0
#######################
#using netcat
#######################
#see open ports on target ..
echo QUIT | nc -v -w 5 target 20-250 500-600 5990-7000

Netcat can be used as a simple data transfer agent, and it doesn't really
matter which end is the listener and which end is the client -- input at one
side arrives at the other side as output. It is helpful to start the listener
at the receiving side with no timeout specified, and then give the sending side
a small timeout. That way the listener stays listening until you contact it,
and after data stops flowing the client will time out, shut down, and take the
listener with it. Unless the intervening network is fraught with problems,
this should be completely reliable, and you can always increase the timeout. A
typical example of something "rsh" is often used for: on one side,

nc -l -p 1234 | uncompress -c | tar xvfp -

and then on the other side

tar cfp - /some/dir | compress -c | nc -w 3 othermachine 1234

will transfer the contents of a directory from one machine to another, without
having to worry about .rhosts files, user accounts, or inetd configurations
at either end.
talk 5 / network 0 / LE-services
Action IOS SET
passwords enable password level 1 <pwd> set password <cr>
enable password level 15 <pwd> set enablepass <cr>
hostname hostname <name> set prompt <name>
IP address (config)# ip address <ip> <mask> (ena) set interf so= <ip><mask>
set interf so0 <vlan>
port description (config-if)#description <string> set port name x/x <string>
speed n/a set port speed x/x {10/100/auto}
duplex mode (config-if)#duplex {auto|full| set port duplex x/x {full/half}
full-flow-control|half}
conf. VLANS n/a set vlan <vlan#> x/x
conf. trunk (config-if)#trunk on set trunk x/x [on|off|desirable|auto|nonegotiate]
<vlan-range> [isl|dot1q|dot10|lane|negotiate]

clear VLANS from trunk n/a clear trunk x/x <vlan-range>
choose vtp version n/a set vtp v2 enable
vtp doamin + mode n/a set vtp domain <str> password <str>
set vtp domain <str> mode [clslt]
show vtp show vtp statistics
show vtp domain
vtp pruning set vtp pruneeligible <vlan_range>
clear vtp pruneeligible <vlan_range>
show trunk
enable STP (config)#spantree <vlan_list> set spantree enable x/x
set spantree disable x/x
set spantree enable all
show spantree <vlan>
STP Root Bridge set spantree root <vlans> ..
STP Port Cost (config-if)#spantree cost <xx> set spantree portcost 2/1 <xx>
STP Priority (config-if)#spantree priority <xxx> set spantree portpri x/x <xx>
Multicast (config)#ip multicast-routing
(config-if)#ip pim {dense-mode|
sparse-mode|sparse-dens-mode}
show ip pim interface [<if>][count]
show ip pim neighbour [<if>]
(config)#ip pim rp-address <ip#>
[group-access-list-number]
[override]
(config)#ip pim send rp announce x/x
scope <#> group-list <ad#>
(config)#ip pim send-rp-discovery scope
(config)#ip multicast <xx> threshold <xx>
show ip mroute
debug ip mpacket [detail][add][group]
(config)#ip igmp join-group <gr#>
(config)#ip igmp version {2|1}
show ip igmp interface
(config)#ip cgmp set cgmp enable
set cgmp leave
show cgmp statistics [<vlan>]
show multicast group cgmp [<vlan>]
Channel (config#)port-channel mode [on|off show port capabilities x/x
|des] set port channel x/x {on|off|auto|desirable}
portfast (config#)spantree start-forwarding set spantree portfast x/x enable
uplinkfast (config#)uplink-fast set spantree uplinkfast enable
show uplink-fast show spantree uplink fast
show uplinkfast statistics
backbonefast set spantree backbonefast
ip rout. on route proc. (config)#ip routing router <protocol> n/a
(config-router)#network <#>
VLAN if on external RP Router(config)#int eth 2/1.1 n/a
(config)# encapsulation isl <vlan#>
default gw ip default-gateway <ip addr> set ip route default <ip addr>
MSL (config)#mls rp ip set mls flow [destination|destination-source..
(config-if)#msl rp vlan-id <#> set mls enable
" " mls rp vtp-domain <str> set mls agingtime (#)
" " mls rp ip
show mls rp
show mls rp vtp-domain show mls
(config-if)#mls rp management-intf
show mls rp inteface
(config-if)# mlsrp ip input-ad show mls entry
show mls entry ..
HSRP (config-if)#standby <gr#> ip <ip#>
" " priority <pr#>
" " preempt
" " timers <hello> <hold>
" " track <if> <prio>
debug standby
show standby [<if>|<gr#>|brief]
Network Time protocol: NTP

linux: ntpdate IP-Adress
linux packet: ntp-4.0.99k-15

#ntp time synchronization
30 1 * * * /usr/sbin/ntpdate ntp1.ptb.de

-----------------------------------------------

information from colleage F:
ntp installieren und diese 4 zeilen in /etc/ntp.conf
server xyz
multicastclient
driftfile /var/lib/ntp/drift/ntp.drift # path for drift file
logfile /var/log/ntp # alternate log file


-----------------------------------------------

#check difference
/usr/sbin/ntpq -c peers
AIX - vmstat
-> install:
- It's in the perfagent.tools fileset on your AIX distribution.
- Look for bos.acct on the second installation disk.
-> #vmstat 2 20
> kthr memory page faults cpu
> ----- ----------- ------------------------ ------------ -----------
> r b avm fre re pi po fr sr cy in sy cs us sy id wa
> 0 2 81249 807 0 0 0 0 0 0 431 997 69 0 1 91 8
> 0 2 81249 800 0 1 0 0 0 0 482 2300 148 1 2 41 56
> 0 3 81249 783 0 0 0 0 0 0 507 727 203 0 3 6 91
> 0 2 81249 685 0 0 0 0 0 0 508 2588 102 1 2 68 29
> 0 2 81250 678 0 0 0 0 0 0 447 2393 138 1 1 86 11
> 0 2 81250 677 0 0 0 0 0 0 438 1594 89 0 1 94 4
> 0 2 81299 611 0 0 0 0 0 0 450 2658 129 1 2 88 9
> 0 2 81419 460 0 0 0 0 0 0 467 3099 162 2 3 79 16
>

Hi,
first look response, ( it's a long time I took AIX Perf & Tuning :-)

r = 0 : no jobs running, not so good
b = 2 : 2 jobs waiting I/O, not so good too
avm = 80K : 320 Mb of active Ram for jobs
fre = 800 : free slots ... not many
middle colums = 0 : no paging activity : good: no Ram shortage, no Disk I/O
in,sy,cs : device interrupts, system time, context switch, average load
us = 1 : doing nothing for you
sy = 2 : doing nothing for itself
idle = 90 : wasting CPU cycles
wa = 5-90 : waiting fow slow devices to answer, should be network, since not
paging
comp.dcom.net-analysis
comp.dcom.net-management
comp.dcom.lans.ethernet
comp.dcom.fax
comp.dcom.servers
comp.dcom.sys.cisco
comp.dcom.vpn
comp.doc.management
comp.groupware.lotus-notes.programmer
comp.groupware.lotus-notes.admin
comp.groupware.lotus-notes.misc
comp.groupware.lotus-notes.apps
comp.os.linux.networking
comp.protocols.snmp
comp.unix.aix
comp.unix.shell
comp.lang.perl.tk
8260: redbook gg244370
s.47 Superuser Reset
8260 Multiprotocol Intelligent Switching Hub
MRTG Latency script

> I'm looking for scripts to measure latency in my IP network. Can someone
> help ?

Well, since you didn't specify an operating system, I'll assume
that you're following in my footsteps and doing battle with NT4
as a server. Note that the following requires that you use the
ping.exe supplied with Windoze 95/98 instead of the useless ping
supplies with NT4. See the MRTG stuff somewhere on:
http://www.lns.com
which is from where I stole the script. I also have a somewhat
different version for Linux (RH 7.1) but which I can't get to
as I managed to break SSH and can't grab it.

------------
# MRTGPING.PL
# Plagerized by Jeff Liebermann from original by Tim Pozar.
# 09/14/00 First hack for NT4.

$ipaddr = "NULL";
$ipaddr = $ARGV[0];
$numpings = 3;

if ($ipaddr eq "NULL"){
print "Usage mrtgping.pl [ipaddress]\n";
exit;
}

# Note that "ping95.exe" is the Windoze 95/98 version
# and not the useless ping supplied with NT4.
#
# Windoze ping will return...
# Minimum = 494ms, Maximum = 574ms, Average = 520ms
$result = `ping95 -n $numpings $ipaddr | find /i "average" `;

# Break result apart at the commas.
chop($result);
($Mins,$Maxs,$Avgs) = split(/,/,$result);

# Break each value apart at the = sign.
($Mint,$min) = split(/=/,$Mins);
($Maxt,$max) = split(/=/,$Maxs);
($Avgt,$avg) = split(/=/,$Avgs);

# Remove the "ms" at the end.
$min1 = substr($min,0,-2);
$max1 = substr($max,0,-2);
$avg1 = substr($avg,0,-2);
$min1 =~ s/ //g;
$max1 =~ s/ //g;
$avg1 =~ s/ //g;

# Belch results in 4 lines.
print "$avg1\n";
print "$max1\n";
print "0\n";
print "$ipaddr\n";
------------



If Perl is a bit of a heavy hammer, the following is what
I use on my SCO Unix OSR5 3.2v5.0.5 machines. The use of
the first ping return is intentional as I'm trying to plot
the latency of the Starband satellite flying cache, which
caches everything exept the first packet.

#!/bin/sh
# by Jeff Liebermann 04/15/98
#
# Record ping times.
#
# Results of:
# ping -c 1 -s 1024 bloat
#
# PING bloat (192.168.111.30): 1024 data bytes
# 1032 bytes from bloat (192.168.111.30): icmp_seq=0 ttl=128 time=10 ms
#
# --- bloat ping statistics ---
# 1 packets transmitted, 1 packets received, 0% packet loss
# round-trip min/avg/max = 10/10/10 ms

# Really disgusting way to get rid of extra leading spaces
# by feeding it to a shell variable. Ugly at best.
#
# usage: whatever machine_name_or_ip
# i.e. whatever bloat.comix.santa-cruz.ca.us
#
retch=`ping -c 1 -s 1025 $1 | grep "time"` # extract line with ping time.
set $retch # break apart into fields using IFS seperators
ping=`echo $8 | cut -c 6-` # extract ping time.
echo $ping # ping time=xxx
echo $ping # ping time=xxx
echo "0" # Filler
echo "0" # Filler
#
Crossover cable:

1 <-> 3 short version: TX+ (1) <-> (3) RX+
2 <-> 6 TX- (2) <-> (6) RX-
3 <-> 1 RX+ (3) <-> (1) TX+
4 <-> 4 RX- (6) <-> (2) TX-
5 <-> 5
6 <-> 2
7 <-> 7
8 <-> 8

Regular end:
|1|2|3|4|5|6|7|8|
^ ^ ^ ^

And at the crossover end:
|3|6|1|4|5|2|7|8|
^ ^ ^ ^
I just want masquerading! Help!

This is what most people want. If you have a dynamically allocated IP PPP dialup (if
you don't know, you do have one), you simply want to tell your box that all packets
coming from your internal network should be made to look like they are coming from the
PPP dialup box.

# Load the NAT module (this pulls in all the others).
modprobe iptable_nat

# In the NAT table (-t nat), Append a rule (-A) after routing
# (POSTROUTING) for all packets going out ppp0 (-o ppp0) which says to
# MASQUERADE the connection (-j MASQUERADE).
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

Note that you are not doing any packet filtering here: for that, see the Packet
Filtering HOWTO: `Mixing NAT and Packet Filtering'.


#transparent proxy with squid
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

#anschauen mit: iptables -L -t nat

IP Routing,

Enabling IP Routing

By default, IP routing is disabled. To enable IP routing, you must allow the computer to
forward IP packets it receives. This requires a change to the Windows 2000 system registry.
When you enable the Routing and Remote Access service for IP routing,
this registry entry is made automatically.

To enable IP routing

1 .From the Start menu, click Run.

2.Type regedt32.exe or regedit.exe, and then click OK.

3.In a registry editor, navigate to
HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Services\Tcpip \Parameters

4. Select the "IPEnableRouter" entry.

5. To enable IP routing for all network connections installed and used by this computer, assign a value of 1.
To do this in regedit.exe, right-click the entry, and then click Modify.
In regedt32.exe, click on the wanted entry, click on Edit, and then click on the appropriate menu choice.

6.Close the registry editor.

It is required to reboot Windows 2000 for this change to take effect.

I have used this in a configuration, where the Windows 2000 Professional system works
as a router between an Ethernet network and a USB-network.
/etc/sysconfig/network-scripts
edit ifcfg-eth0 ...
In use since 1995 and on a variety of accounts.
Out of the box type software and works on discovery of network. Easy to setup and configure.
Platform - NT or Unix (Sun or HP). No AIX.
If the network is large with many elements (ports, switches, routers etc), then best use Unix.
They have used in network of between 5K and 8K elements.
Reports can be setup for SM or technical staff.
Has web i/f.
Can perform network (WAN & LAN), server and application performance management.
Has real-time analysis.
Excellent backup support from reseller.
Have used for SLA reports.
Great success with linking tool to Helpdesk and ease of reporting/tracking/communication problems.
VitalAnalysis - response times.
VitalNet - network components.
VitalEvent - Threshold limits etc.
Many features the same as Concord.
GUI very good and has web i/f. Can be setup with many view for SM, technical, CIO.
Has agents on end stations for end-to-end analysis.
No realtime data - minimum of two hours delay. Lucent don't say it's realtime.
Sample times are minimum of one hour, so it's already averaged - slight disadvantage.
Lucent will send data from end station to server, whereas Concord will poll. Therefore, Concord server has more load.
Support not always quick and responsive.
http://nullhaus.com/2013/08/hp-port-troubles-part-1-monitoring/

turn on: fault-finder all action warn sensitivity high

to find port errors and more ..
HP ProCurve Switch Stack Firmware Update

1. save the config. (write memory)
2. save current software to secondary (copy flash flash secondary)
3. upload the new software to primary - it doesn't matter which way:
- via menu
- via web
- via tftp: copy tftp flash <ip-address> <remote-os-file> [<primary | secondary>]
3.1: verify image using "show flash"
4. reboot the stack (boot system flash primary)

Things to know:
- A "reboot" or "reload" (and the corresponding MIB) would cause only the commander to get rebooted.
A "boot system" would boot the entire stack
- uploading software to the commander will cause all members to have that software loaded as well
You can specify the default flash to boot from on the next boot by entering the
boot set-default flash command:
HP Switch(config)# boot set-default flash secondary

Booting from the default flash
Syntax: boot[system[flash | <primary | secondary> ]] [config FILENAME]
- system:Boots the switch. You can specify the flash image to boot from. When using
redundant management, boots both the active and standby management modules.

#reload command
This command boots the switch from the currently active flash image and
startup-config file. Because reload bypasses some subsystem self-tests, the switch
boots faster than if you use a boot command.

#schedule a reload:
- To schedule a reload in 15 minutes: HP Switch# reload after 15
- To schedule a reload in 3 hours: HP Switch# reload after 03:00
- To schedule a reload for the same day at 12:05: HP Switch# reload at 12:05
- To schedule a reload for some future date: HP Switch# reload at 12:05 01/01/2008
in most cases it is better not to use flowcontrol, see also this discussion:

https://community.hpe.com/t5/Switches-Hubs-and-Modems/When-to-use-Flow-Control/td-p/4337588
ls /sys/class/net/
>> shows which nics are there, e.g:
br0 lo p5p1
>> p5p1 .. nothing was shown when running kernel 4.4.0-93

lspci -nnk |grep iA3 net
>> shows the ethernet device and which driver is loaded
>> here was no driver loaded

>> when starting a later kernel, you see the module and the driver is loaded
kernel: 4.4.0-96 contains module modnifo r8169
>> /lib/modules/4.4.0-96-generic/kernel/drivers/net/ethernet/realtek/r8169.ko

>> solution: upgraded just to 4.4.0-97 ;-))
sample

#create port group
mirroring-group 5 local

#select port that you want to be monitored >> for example 1/0/1
mirroring-group 4 mirroring-port GigabitEthernet 1/0/1 both

#define monitor port, where you are plugged in notebook / wireshark, e.g. 1/0/24
mirroring-group 4 monitor-port GigabitEthernet 1/0/24

Transceiver info

display transceiver diagnosis interface Ten-GigabitEthernet 1/0/49
Ten-GigabitEthernet1/0/49 transceiver diagnostic information:
Current diagnostic parameters:
Temp.(°C) Voltage(V) Bias(mA) RX power(dBm) TX power(dBm)
46 3.39 45.34 -0.99 -2.53
Alarm thresholds:
Temp.(°C) Voltage(V) Bias(mA) RX power(dBm) TX power(dBm)
High 73 3.80 88.00 3.50 3.50
Low -3 2.80 1.00 -8.00 -9.50


mibs:

hh3cTransceiver

VendorName
.1.3.6.1.4.1.25506.2.70.1.1.1.4 Name/OID: hh3cTransceiverVendorName.49; Value (OctetString): HPE

Distance
.1.3.6.1.4.1.25506.2.70.1.1.1.7 Name/OID: hh3cTransceiverTransferDistance.49; Value (Integer): 220 >> 220m

Cur TX power (dBm)
.1.3.6.1.4.1.25506.2.70.1.1.1.9 Name/OID: hh3cTransceiverCurTXPower.49; Value (Integer): -252
Indicating the current transmitted power.The unit is in hundredths of dBM. >> -2.52dBm

Cur RX power (dBm)
.1.3.6.1.4.1.25506.2.70.1.1.1.12 Name/OID: hh3cTransceiverCurRXPower.49; Value (Integer): -99
Indicating the current received power. The unit is in hundredths of dBM. >> -0.99dBm

Cur Temp °C
.1.3.6.1.4.1.25506.2.70.1.1.1.15 Name/OID: hh3cTransceiverTemperature.49; Value (Integer): 46
Indicating the current temperature. The unit is Celsius centigrade. >> 45C

Cur Voltage (V)
.1.3.6.1.4.1.25506.2.70.1.1.1.16 Name/OID: hh3cTransceiverVoltage.49; Value (Integer): 339
Indicating the current voltage. The unit is in hundredths of V >> 3.39V

Cur Bias (mA)
.1.3.6.1.4.1.25506.2.70.1.1.1.17 Name/OID: hh3cTransceiverBiasCurrent.49; Value (Integer): 4534
Indicating the current bias electric current. The unit is in hundredths of mA >> 45.34mA

Alarm Temp High
.1.3.6.1.4.1.25506.2.70.1.1.1.18 Name/OID: hh3cTransceiverTempHiAlarm.49; Value (Integer): 73000 >> 73°C
Transceiver temperature high alarm threshold limit in thousandths of degrees Celsius.
As an example:49120 is 49.120 degrees Celsius.

Alarm Temp Low
.1.3.6.1.4.1.25506.2.70.1.1.1.19 Name/OID: hh3cTransceiverTempLoAlarm.49; Value (Integer): -3000 >> -3°C

Alarm Voltage High
.1.3.6.1.4.1.25506.2.70.1.1.1.22 Name/OID: hh3cTransceiverVccHiAlarm.49; Value (Integer): 37952 >> 3.80V
Transceiver VCC high alarm threshold limit in hundreds of microvolts.
As an example:32928 is 3.2928 volts. Returns zero if not supported on the transceiver.

Alarm Voltage Low
.1.3.6.1.4.1.25506.2.70.1.1.1.23 Name/OID: hh3cTransceiverVccLoAlarm.49; Value (Integer): 28048 >> 2.80V

Alarm Bias High
.1.3.6.1.4.1.25506.2.70.1.1.1.26 Name/OID: hh3cTransceiverBiasHiAlarm.49; Value (Integer): 88000 >> 88.00mA
Transceiver bias high alarm threshold limit in microamps

Alarm Bias Low
.1.3.6.1.4.1.25506.2.70.1.1.1.27 Name/OID: hh3cTransceiverBiasLoAlarm.50; Value (Integer): 1000 >> 1.00mA

!!dBm = 10 * log ( Leistung / 1mw)
Alarm TX power dBM high
.1.3.6.1.4.1.25506.2.70.1.1.1.30 Name/OID: hh3cTransceiverPwrOutHiAlarm.49; Value (Integer): 22387
Transceiver transmit power high alarm threshold limit in tenths of microwatts.
As an example:10000 is 1 milliwatt.

Alarm TX power dBM low
.1.3.6.1.4.1.25506.2.70.1.1.1.31 Name/OID: hh3cTransceiverPwrOutLoAlarm.49; Value (Integer): 1122

Alarm RX power dBM high
.1.3.6.1.4.1.25506.2.70.1.1.1.34 Name/OID: hh3cTransceiverRcvPwrHiAlarm.49; Value (Integer): 22387

Alarm RX power dBM low
.1.3.6.1.4.1.25506.2.70.1.1.1.35 Name/OID: hh3cTransceiverRcvPwrLoAlarm.49; Value (Integer): 1585

TransceiverErrors
.1.3.6.1.4.1.25506.2.70.1.1.1.38 OctetString List with Errors
Bitmask indicating transceiver errors.
Transceiver information I/O error(0)
Transceiver information checksum error(1)
Transceiver type and port configuration mismatch(2)
Transceiver type not supported by port hardware(3)
WIS local fault(4)
Receive optical power fault(5)
PMA/PMD receiver local fault(6)
PCS receive local fault(7)
PHY XS receive local fault(8)
Laser bias current fault(9)
Laser temperature fault(10)
Laser output power fault(11)
TX fault(12)
PMA/PMD transmitter local fault(13)
PCS transmit local fault(14)
PHY XS Transmit Local Fault(15)
RX loss of signal(16)
Unused(17-31)
##################################################################
#
# auf IRF xx
#
##################################################################

DHCP Pool ist configuriert / vorbereitet:
dhcp server ip-pool vlan99
network 10.99.99 mask 255.255.255.0
address range 10.99.99.10 10.99.99.11
gateway-list 10.99.99.1

##################################################################
# aktivieren (vorher am besten schauen ob pool adressen frei sind)
##################################################################

interface Vlan-interface33
ip address 10.99.99.1 255.255.255.0

folgenden Befehl absetzten:
dhcp server apply ip-pool vlan99


DHCP Clients anschauen:
disp dhcp server ip-in-use
IP address Client identifier/ Lease expiration Type
Hardware address
10.99.99.10 ...


##################################################################
#deaktivieren
##################################################################
interface Vlan-interface99
undo dhcp server apply ip-pool



esxcfg-vswitch -l #show vswitch config
esxcfg-vmknic -l #list vmkerne interfaces - their ip and mac
esxcfg-nics -l #list physical interfaces
esxcli network nic stats get -n vmnic5 #see interface statistic
https://humdi.net/vnstat/

vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s). It uses the network interface statistics provided by the kernel as information source. This means that vnStat won't actually be sniffing any traffic and also ensures light use of system resources.
#!/bin/bash
# findDoSVisotor
#
# useful if CPU is very high .. find out the visitor, which causes the most
# network activity
#
netstat -lanp |grep ":443" | awk {' print $5'} | cut -d: -f 1 |sort |uniq -c | sort -nk 1


###########################


#!/bin/bash
# blockIPaddress.sh
#
# block IP address to access 443
#
if [ -z "$1" ]
then
echo "usage: blockIPaddress.sh <IP>"
exit
fi

iptables -A INPUT -p tcp --dport 443 -i eth0 -s $1 -j DROP

computer2know :: thank you for your visit :: have a nice day :: © 2018