The beta was frustrating to say the lest form both a technical and support standpoint..[:)] Now I have installed the latest GR release. first up memory usage testing...
ah i'm not having ram problems as i am running in my long reccomended configuration..4 gigs..[[[:)]]] Right now with 4 gigs ram dedicated to the vm i am running 2 snorts w/2vcpu and 4 gigs ram. Ram usage: 48% and here's the big number...ZERO swap..not one kilobyte. I am also running the ram based http proxy db. I also have a pretty aggressive logging setup here are my retention settings: accounting 6 months 3 levels of url executive reports: 30 daily 52 weekly 12 monthly
I also got the airave to play nice by making a sprint ipsec group that contains the following two network objects: 68.24.0.0/13 68.28.116.0/24 i am then natting ipsec only those CIDR ranges to the femto's interface. I then have guaranteed 256 kilobits upload on the external interface for the sprint ipsec group on the external interface. After some hours of troubleshooting it turns out this time the biggest problem was my isp. i originally ahd 16/2 from Comcast. i disabled tv. Things got weird after that. I did the usual..checked dns, ips logs, https logs, firewall logs, kernel logs...all normal. I then turned off qos entirely..including network visibility..i then ran a 600 meg file transfer to a server i control on a 100 meg connection. Imagine my surprise when i am now hauling butt at 50/10! That's sustained..no power boost. i reconfigured my QOS to match and now the airave is nice and happy....[[[:)]]]
BTW i have my airave on it's own nic because i don't want it messing with my internal network. I also take advantage of it's internal switch...one port goes to my sick computer bench..the other goes to my BD player..[[[:)]]]
I also got the airave to play nice by making a sprint ipsec group that contains the following two network objects:
68.24.0.0/13
68.28.116.0/24
i am then natting ipsec only those CIDR ranges to the femto's interface.
Hi, thanks for that tip! You're using Astaro's built-in 'IPSEC' Service Group Definition for the DNAT, right?
BTW i have my airave on it's own nic because i don't want it messing with my internal network. I also take advantage of it's internal switch...one port goes to my sick computer bench..the other goes to my BD player..[:)]
My AirRave has an EXT/WAN port, and 2 LAN ports.
I assumed it would be doing NAT between LAN and WAN; is there a way to bridge them?
I also got the airave to play nice by making a sprint ipsec group that contains the following two network objects:
68.24.0.0/13
68.28.116.0/24
i am then natting ipsec only those CIDR ranges to the femto's interface.
Hi, thanks for that tip! You're using Astaro's built-in 'IPSEC' Service Group Definition for the DNAT, right?
BTW i have my airave on it's own nic because i don't want it messing with my internal network. I also take advantage of it's internal switch...one port goes to my sick computer bench..the other goes to my BD player..[:)]
My AirRave has an EXT/WAN port, and 2 LAN ports.
I assumed it would be doing NAT between LAN and WAN; is there a way to bridge them?
