Jump to content
Sadikhov IT Certification forums

Arrgghh

Members
  • Content Count

    7
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Arrgghh

  • Rank
    Newbie
  1. Hum actually it is working fine. What I dont understand is this traffic looping between the router and the firewall.
  2. Dear all, I have created static nat entries on my firewall. The problem is that those ips does not belong to the outside interface subnet. My device is not cisco so i cannot really paste a configuration that makes sense but i think it is more a network principle or feature i am looking for. I have this situation : Internet router --- Firewall -- Lan Let say my firewall outside interface is : interface Ethernet0/2 nameif outside security-level 100 ip address 202.14.18.91 255.255.255.240 And i have this entry : static (inside,outside) 202.14.18.113 192.168.150.233 netmask 255.255.255.255 This public ip does not belong to the outside interface subnet. On the internet router, to make it work, i add a static route : ip route 202.14.18.113 255.255.255.255 202.14.18.91 But when I try to ping 202.14.18.113 form outside, I get TTL expired in transit. Which is actually normal as in my firewall, if i do sh route outside 202.14.18.113, it is pointing me to my internet gateway. So it is looping between the two hops. I have to say, my nat works fine for inside to outside so basically there is no issue here. I am just wondering what is the impact of such a loop as I am seeing a lot of TTL exceeded on the statistics due to this situation and how to fix this. Hope this makes sense....
  3. Arrgghh

    CIR and congestion

    In the case of having the sum of CIR exceeding the overall capacity, what happens ?
  4. Arrgghh

    CIR and congestion

    It is not exactly a cisco topic related but I am unable to find a forum for this brand so I thought CCIE guys should be the best to answer a QOS question :-) I have a wimax network with qos capacities enabling each customer to have a guaranteed and a max bandwitdh (upstream and downstream). This provides two parameters to each customer a CIR and a MIR (which is actually the CIR+ Burst). The sum of CIR exceed my device capacity which is wrong I know, that means the bandwitdh is not really garanteed to each customer. I was just wondering what happens in the case of congestion. How the device is handling all those CIR exceeding his capacity ? And what will be the difference if I decrease my CIR to be lower than the capacity and I am still in this hypothesis of congestion ? Basically, if my device capacity is 2 Mbits : What will be the difference if I have - 4 users with a CIR of 1Mbits - 4 users with a MIR of 1Mbits and they try using all of it ?
  5. I think Netflow cannot go to L7 to capture the urls. The only solution should be to mirror the http traffic and to have a monitoring tool that can extract the urls and provide statistics. Do you know such a product ?
  6. There is no solution without a proxy ? I don't need a policy enforcer as I already manage qos per user and I can change this qos. I just need a over quota alarm.
  7. Dear all, I am looking for a netflow app that provide me the monthly traffic volume consume by my customers (static ips). I would also want to configure alerts on it if the users reach a certain amount of volume. The goal is to be able to provide a monthly bundle to users with a good bandwidth but a volume quotq and to downgrade them when they reach this volume to a lower bandwidth. What application will fit my needs ?
×