I have an Exchange 2013 server which works just fine (almost) with all the basic functions and it uses a SAN certificate from GoDaddy. I will have to add a new name to the cert so I will have to re-key it and re-apply the cert to the mail server. I would like to know if there is any risk I should be aware of before doing this change. For example, do you think there will be any issues with clients using outlook anywhere? Or mobile clients (mostly IOS/Android)? Would they notice the change in the cert and start complaining? Thanks,

How do I configure Windows AD to use an external DNS server? We have a tool for managing DNS. We're attempting to use Windows AD for authentication. In order to get a server to join the domain, we must point it to the AD server as DNS. However, in so doing, the server that is pointed to the AD server for DNS can no longer resolve hostnames in our environment. We're using example.com for our login domain across the environment. All of our servers are servername.subdomain.example.com. When I join servername1.subdomain.example.com to the domain it can no longer resolve servername2.subdomain.example.com, unless I manually add the DNS entry for servername2.subdomain.example.com do the DNS on the AD server. We don't want to have to create two DNS entries for everything so we need the AD server to look at the external DNS server for DNS. I attempted to create a Forward Lookup Stub zone for subdomain.example.com but when I get to the "Specify the DNS servers from which yo

I'm having a very odd issue with a single ESXI host. I have 2 identical hosts, core i3, 6 nics, 16g ram. 4 of the nics are used for Management, vmotion, vm network, all on different vlans. They all go to a HP Procurve 24 port gig switch in a static trunk. The other two nics are iSCSI. There are 2 VSS's, the one with 4nics, and the second with just the 2 and iSCSI traffic. Configuration on both hosts is identical, hardware is identical. Both hosts are running at about 30% utilization both cpu and memory. They are running ESXI v. 5.1. What is happening is that all of the sudden host 2 will drop out of vCenter. ( vCenter is hosted on a physical machine ). No error, it just loses connection. If I try to ping the host from vCenter I cannot. If I try to ping from my workstation I can most of the time and I can SSH into it. If I "test management network" from the DCUI it can ping the gateway and the dns servers. If I restart the management network I still cannot ge

I am looking for a way to view CPU usage for multiple VMs on the same graph in Azure (new portal)? So far I was only able to produce a graph showing metrics for 1 VM. I would like to achieve this for multiple VMs. Any help is greatly appreciated. Update What I'm trying to recreate is the below: Regards,J

I've read this topic: How exactly does a SAS SFF-8087 breakout cable work? + RAID/connection questions Which basically explains that you can go from sata to SAS, but not vice versa. However, from the store page of the Fantec SRC-2080x7 chassis I've seen a few reviews where people seem to use a breakout cable to connect the sata ports from the motherboard to the Mini SAS port (SFF-8087) on the backplane (where sata HDD's are connected). Is there an exception to this backplane regarding this cable? Because the SFF-8087 breakout cable doesn't seem to be working for me. Which would be consistent with the topic I linked above, though I'd be suprised if the people in the reviews haven't tested it before posting their review. Note: The store page is in german and I've been translating everything to english by using Google Translate This is the page of the chassis by the manufacturer , but also in german (even the english language at the top-right doesn't help)

Our production mysql server just crashed and won't come back up. It's giving a segfault error. I tried a reboot, and just don't know what else to try. Here is the stacktrace: 140502 14:13:05 [Note] Plugin 'FEDERATED' is disabled. InnoDB: Log scan progressed past the checkpoint lsn 108 1057948207 140502 14:13:06 InnoDB: Database was not shut down normally! InnoDB: Starting crash recovery. InnoDB: Reading tablespace information from the .ibd files... InnoDB: Restoring possible half-written data pages from the doublewrite InnoDB: buffer... InnoDB: Doing recovery: scanned up to log sequence number 108 1058059648 InnoDB: 1 transaction(s) which must be rolled back or cleaned up InnoDB: in total 15 row operations to undo InnoDB: Trx id counter is 0 562485504 140502 14:13:06 InnoDB: Starting an apply batch of log records to the database... InnoDB: Progress in percents: 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40

I took over support for a Windows 2008 domain that was set up by another system administrator. The DNS name of the domain is admin.example.com and a web site is also using the same DNS name. The sysadmin that set up the domain never put it into the corporate DNS server. Our windows domain clients work fine if they use the AD DNS. We have been getting by for years with no problem. Now I want to set up a trust with the main corporate AD, but I'm worried that it won't work because the corporate AD will be confused since a web server has admin.example.com. Unfortunately, I cannot replace the admin.example.com DNS record for AD. The website owner is not giving it up. Anyone have any suggestions on how to get this to work without doing something too hackish. Obviously, the corporate AD could just add DNS records for admin.example.com to point to my domain, but looking for a more elegant solution. Port forwarding didn't work for the website (forward port 80/443 to website, all oth

I'm working on pulling together a comprehensive performance testing lab. Part of this is the question of the physical lab hardware, so I'm learning about rack and blade servers and the positives and negatives of each. To give a little background, it's a performance testing lab for database applications, so there are going to be around 8-10 machines in each lab rig. This includes things like a monitoring server to collect data during test runs, web servers, database server, and all the pieces needed to actually generate the load. Because of the specifics of the company, we have the opportunity to re-purpose existing blade servers (Dell M610s) to fill some of these roles. Namely, the web servers and data collection machines. What I'm unsure of is if there are any problems for using a mixture of rack servers and blade servers in the same lab (not in the same chassis/rackspace). Due to the requirements of our database servers (mainly the need for local attached stor

Having a bit of a problem with my hosting company rackspace cloud and SFP records. I asked them to updated it on there DNS. This is what they set it as: seonky.com. 300 IN TXT "v=spf1 ip4:ubuntu a include:184.106.171.113 ?all" However when I test it with gmail I get this: Received-SPF: unknown (google.com: domain of noreplay@seonky.com uses a mechanism not recognized by this client. unknown mechanisms: )) client-ip=184.106.171.113; Authentication-Results: mx.google.com; spf=permerror (google.com: domain of noreplay@seonky.com uses a mechanism not recognized by this client. unknown mechanisms: )) smtp.mail=noreplay@seonky.com Received: from MFP2 (localhost [127.0.0.1]) Any idea what I should tell them so that they will fixe it and not ask me to go generate another SFP? Answer You're looking to tell Google that they need to change their SPF checking client to work with your record? I don't want to sound harsh here, but the blame is not with them, and

When attempting to mount Virtual Media on a iDRAC6 IP KVM session I get the following error: I'm using Ubuntu 9.04 and: $ javaws -version Java(TM) Web Start 1.6.0_16 $ uname -a Linux aud22419-linux 2.6.28-15-generic #51-Ubuntu SMP Mon Aug 31 13:39:06 UTC 2009 x86_64 GNU/Linux $ firefox -version Mozilla Firefox 3.0.14, Copyright (c) 1998 - 2009 mozilla.org On Windows + IE it (unsurprisingly) works. I've just gotten off the phone with the Dell tech support and I was told it is known to work on Linux + Firefox, albeit Ubuntu is not supported (by Dell, that is). Has anyone out there managed to mount virtual media in the same scenario?

I'm running Red Hat Enterprise Linux Server release 6.4 (Santiago) on Amazon EC2. I have installed Phusion Passenger via a gem. When I start httpd I have this error message in less /var/log/httpd/error_log [Tue Jan 21 08:07:43 2014] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0 [Tue Jan 21 08:07:43 2014] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Tue Jan 21 08:07:43 2014] [error] *** Passenger could not be initialized because of this error: Unable to start the Phusion Passenger watchdog because it encountered the following error during startup: Cannot change the directory '/tmp/passenger.1.0.2072/generation-0/buffered_uploads' its UID to 48 and GID to 48: Operation not permitted (errno=1) Output of sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: enforcing Mode from config file: enforcing

I've installed Windows Server 2008R2 Enterprise Edition with SP1 on two computers: 1) My primary domain controller. 2) A dedicated DNS server. My DNS server is not a domain controller, but it has been joined to the domain successfully. However, the main forward lookup zone does not replicate to the DNS server (presumably because it is not a domain controller). When I open the DNS Manager on my domain controller, and open the replication settings for this zone, I see this: There are no options available to replicate to all DNS servers, regardless whether they are domain controllers. 1) Why can't the zone be replicated to all DNS servers? 2) What can I do to make this zone replicate to my dedicated DNS server? 3) Can I safely resolve this by creating this forward lookup zone on my dedicated DNS server, and configuring this new zone to replicate back to my domain controller? Thanks in advance! Answer AD-integrated DNS zones (the kind that replicate via AD) can on

I'm wondering if anybody has ever used Dell storage products like the MD3220 array in a JBOD configuration. From what I can tell only perc h810 will work for external JBOD but that is not terribly specific, and for some reason I couldn't find many examples on the web of people configuring dell storage products as JBOD. My question is: Is it possible to connect to am MD3220 array, or other Dell arrays using a PERC h810 controller and use it as JBOD, and if so do I have to configure every disk in the array as a RAID 0 volume? I want to construct a cluster for Hadoop, but I have to use big servers, so I'm trying to to find a way to add a lot of storage to them. The type of servers I have to use is R820 from Dell, and they only have 16 disks in them, and I want to have the possibility to add storage as I grow so arrays seem the logical way to go in this situation. As an underlying file system I think XFS or ext4 will be my pick because from what I read on the Hadoop implementat

We have a RHEL5 Linux Server with few Windows XP client boxes. Using Samba server for share files between systems. My server working well in all systems but one Windows XP machine didn't connect to server. Here i give some screen shots for clear idea, For Check network connection i use ping, It working well. I use above way for connect to server. For all other systems it working well. I am getting error message like this. ** I am using squid for proxy in Linux, For me internet also working well in that Windows XP system. ** I Deleted stored user name and password for samba in windows XP. Help me to solve this problem. Answer I cleared this problem. Problem in network adopter drivers. After reinstalling driver , samba server working well.

I've been reading about this everywhere all day, and from what I've gathered, TIME_WAIT is a relatively harmless state. It's supposed to be harmless even when there's too many. But if they're jumping to the numbers I've been seeing for the past 24 hours, something is really wrong! [root@1 ~]# netstat -nat | awk '{print $6}' | sort | uniq -c | sort -n 1 established) 1 Foreign 12 CLOSE_WAIT 15 LISTEN 64 LAST_ACK 201 FIN_WAIT2 334 CLOSING 605 ESTABLISHED 816 SYN_RECV 981 FIN_WAIT1 26830 TIME_WAIT That number fluctuates from 20,000 to 30,000+ (so far, the maximum I've seen it go is 32,000). What worries me is that they're all different IP addresses from all sorts of random locations. Now this is supposed to be (or was supposed to be) a DDoS attack. I know this for a fact, but I won't go into the boring details. It started out as a DDoS and it did impact my server's performance for a couple minutes. After that, everything was back to no

I have a machine that had some trouble with some bad RAM. After I diagnosed it and removed the offending stick of RAM, The ZFS pool in the machine was trying to access drives by using incorrect device names. I simply exported the pool and re-imported it to correct this. However I am now getting this error. The pool Storage no longer automatically mounts sqeaky@sqeaky-media-server:/$ sudo zpool status no pools available A regular import says its corrupt sqeaky@sqeaky-media-server:/$ sudo zpool import pool: Storage id: 13247750448079582452 state: UNAVAIL status: The pool is formatted using an older on-disk version. action: The pool cannot be imported due to damaged devices or data. config: Storage UNAVAIL insufficient replicas raidz1 UNAVAIL corrupted data 805066522130738790 ONLINE sdd3 ONLINE sda3 ONLINE sdc ONLINE A specific import says the vdev configuration

EDIT: For future reference I am running Ubuntu 14.10 with a LEMP stack using PHP 5.5.12. I have a number of legacy WordPress sites that require PHP 5.3.3 alongside some WP sites that use a fairly recent version of PHP, all running on nginx on my local machine . My hands are tied in respect to virtual machines and sandboxes, all I can play with is nginx, hence this question. I understand peoples security concerns but I need these sites to run locally so I can test for broken features as I update them to the latest PHP / WP versions. I want to have nginx run the correct version of PHP (using php-fpm) depending on the WordPress site. According to another SF question, one way to achieve this is to have the different PHP versions running on separate ports / sockets and configure the nginx server blocks to use the respective port / socket. I have compiled PHP 5.3.3 manually to include php-fpm but that is the furthest I have got. Effectively, I want someone to explain in a little more detai

I am just starting to get into server hardware, so please bear with me. I bought a HP ProLiant DL380 Generation 7 with a LFF drive cage and I do not know which SAS drives are actually compatible. Does every SAS drive work? In particular i found this cheap IBM drive on eBay ( IBM 45W7765 45W7766 with 3TB and 7200rpm) and would like to know if it will work with the DL380, or are there any limitations? I checked the quick specs guide but it only mentions some HP drives. Thanks in advance! Answer HPE HDDs will have custom firmware so "ordinary" HDDs even from OE HDD vendor will work just fine (and you'll even keep your warranty, please see my link below) but you won't have special features like health monitoring / LED indication working. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-lpn11980 Question : Will adding third-party memory or disk drives void the warranty? Answer: Adding third-party memory or disk drives does not void the warranty

If I get the fully qualified computer name on a Windows server (2K3 or 2K8) using the GetComputerNameEx() API call, can I rely on that name to be unique on that particular domain? That is, can I assume that only a single active physical or virtual machine will have that fully qualified name at a given time? As a second question: is it guaranteed that all Windows machines will have such a fully-qualified name? Answer A properly functioning Windows Active Directory domain will not allow two computers with the same FQDN to exist within it. All Windows computer joined to a domain will have a FQDN that includes the Active Directory domain(s) that make up its location in the forest. It might be possible to change the FQDN of a domain member by changing the primary DNS suffix using netdom computername /Add: and netdom computername /MakePrimary: It may also be possible to change HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Paramaters\Domain manually. This will require furthe

I have a multi-tenant app on Heroku where each tenant has a portal (micro-site) that lives in a sub-directory (e.g. http://www.example.com/portals/foo-bar ). My domain is hosted by GoDaddy and I want each tenant to be able to create a subdomain on their site for their portal to live in. I'm trying to create my own subdomain to test the process, but I can't figure out how to link a subdomain to a subdirectory on GoDaddy. I would presume that the process is pretty similar across domain registrars, but I'm not sure. If I try creating an A record or a CNAME, it will only accept an IP address. I could create a simple redirect, but I want my user to stay on the subdomain as they interact with the portal, rather than simply be redirected from http://portal.foo-bar.com to http://www.example.com/portals/foo-bar . Is this possible, and if so, how? Answer I think you would need to create subdomain in GoDaddy control panel for each domain and specify subdirectory for thi

Summary I have been getting these cryptic messages in syslog since I installed some new hardware and I can't figure out what the problem is, if it's serious, or what to do about it. They're from the new SATA HBA and they follow a pattern. I will get several of the first message followed by several of the second message 5-30 seconds later. They come in blobs that are all logged in the same second and the exact amount of each varies between about 2 and 35. It can be minutes or hours between appearances of the entries. Example of the two messages: Jul 13 06:06:23 durandal kernel: [366918.435596] mpt2sas0: log_info(0x31120303): originator(PL), code(0x12), sub_code(0x0303) Jul 13 06:06:28 durandal kernel: [366923.145524] mpt2sas0: log_info(0x31110d01): originator(PL), code(0x11), sub_code(0x0d01) It is always always 0x31120303 followed by 0x31110d01. mpt2sas is the driver for the SATA host bus adapter I'm using but the error content is overly cryptic. It doesn't tell me

What do I need to write in crontab to execute a script at 3pm every day? Answer You are looking for something like this (via crontab -e): 0 15 * * * your.command.goes.here 15 is the hour and 0 is the minute that the script is run. Day of month, month, and day of week get wildcards so that the script gets run daily.

I humbly ask for your assistance with the problem I can't resolve myself. I have a native IPv6 link with 2001:db8:14::/48 assigned. I'm running Slackware on 3.2.50-grsec kernel. My ISP's side (my default gw for ::/0) is 2001:db8:14::1. I have assigned 2001:db8:14::2 to my WAN interface (eth0) and it's working - I can ping and access various services in the Internet via IPv6. I would like this machine to act as a router for machines in LAN (eth1). I deployed radvd and all computers (various Win XP, Win 7 and Linux systems) successfully acquired IPv6 addresses from 2001:db8:14:a::/64 subnet. I assigned 2001:db8:14:a::1 to the eth1 LAN interface. Now... I can ping6 between all machines inside LAN. I can ping6 2001:db8:14:a::1 from any machine in the LAN. I can't ping6 2001:db8:14::2 (eth0) from any machine the LAN ("Destination unreachable: Address unreachable"). I can ping 2001:db8:14::2 from the Internet. I can't ping 2001:db8:14:a::1 from the Internet.

I have a 50 Mbps WAN link and I use Asus RT-N16 with tomato firmware for NAT. My users view multiple streaming videos. At any given time there would be about 20 streaming videos which are being watched. But always if the number of videos that are being watched goes above 7 or 8, then there will a lag or delay in the videos even if bandwidth usage has not gone higher that 15 Mbps. After testing almost every possible setup, I have come to the conclusion that the lag or delay is caused because Asus RT-N16 is a home router, and its hardware is not suitable for a heavy bandwidth connection. Now my plan is to use a powerful desktop pc (sandybridge processor and 4+ GB RAM) with multiple NIC's as a router. I will be running Ubuntu server on it and will be using packet forwarding and NAT maquarading options. So is this a good choice? Does Linux provide any good functionality to maximize video streaming routing throughput? Answer So is this a good choice? Yes. Any modern comp

I have a URL coming into apache 2.4: http://localhost/index.html?q=asdf&b=a|c|e&c=4&d=dsjklkjhd I need mod_rewrite to URLencode the | so that I get: http://localhost/index.html?q=asdf&b=a%7Cc%7Ce&c=4&d=dsjklkjh I cannot figure out how to do it, looked here: https://stackoverflow.com/questions/15938598/rewrite-to-append-to-query-string#15938642 Here https://httpd.apache.org/docs/current/mod/mod_rewrite.html I'm stumped, tried all kinds of stuff. How to do this? Edit If I try this: RewriteCond %{QUERY_STRING} \| RewriteRule ^index\.html$ /processing/%{QUERY_STRING} [QSD] RewriteRule ^processing/(.+) /index.html?$1 [R=302,L] I get this in the logs: access.log "-" 172.17.0.1 - - [16/Mar/2019:08:37:00 -0400] "GET /index.html?q=asdf&b=a|c|e&c=4&d=dsjklkjhd HTTP/1.1" 200 520 error.log [Sat Mar 16 08:37:00.723831 2019] [rewrite:trace3] [pid 13] mod_rewrite.c(470): [client 172.17.0.1:45194] 172.17.0.1 - - [localhost/sid#558a781fd

Wanting to make sure I've done everything I can to prevent our legitimate email from being incorrectly marked as spam by other companies: Exchange 2010 with SP1, no major changes in 6 months. I've run email for this particular 30-user business for nearly a decade, but the last few months their emails are starting to be caught by their customers/partners spam tools. These are human to human emails outgoing from my Exchange servers to other companies. When one or two starting saying company X or Y isn't receiving my emails I think it's a fluke, but now it seems to be up to 5 people internally having issues with 1/2 a dozen of their customers/partners on every email, sometimes just new emails, sometimes replies. I have a proper PTR record matching hostname My email domain matches MX domain name and the EHLO response On no blacklists according to mxtoolbox.com senderscore.org is all good and shows score of 100 SPF/Sender ID setup correctly Exchange 2010 doesn't support

Does Win2k8 natively handle hot-swapping of a hard drive? I have an existing server with 2 hard drives in it that are currently setup in a hardware RAID-1 configuration; they are each hot-swappable. I would like to switch them from being hardware to software RAID-1. If Windows Server 2008 were to handle the RAID-1 for these 2 drives, would Windows handle the hot-swapping just like the hardware solution does right now? (No rebooting, no fancy scripts, etc.) ADDENDUM : The situation is that I've got a Dell PE 2950 with 6 3.5" SAS drives; there are currently 3 RAID-1 volumes managed by the RAID card. I would like to replace the drives in one of those volumes with SSDs. It appears the consensus is that, even for RAID-1, TRIM isn't supported by most RAID cards. So the next thought was, "what if the OS handled the RAID-1? then it could pass TRIM through". Unfortunately, the next obvious question was whether or not the OS could handle the hot-swapping. And, of course, b

Our asterisk server was compromised. some calls were made to Asia countries last weekend. Thought we have improved our network configuration, we still want to determine how the intrusion was done, we think there are clues in our asterisk log files. but we don't know what to look for, based in a default asterisk: What security considerations you take when installing an asterisk server? Answer This is how I secure my Asterisk server, which has been in production continuously since 2006. Open inbound ports only for necessary services. (You do have to open a wide range for RTP streams, but this generally isn't an issue since nothing normally listens within that port range.) 22/tcp ssh (for management, of course) 4520/udp DUNDi (if you are using DUNDi) 4569/tcp IAX2 (if you are using IAX) 5060/udp SIP registration 10000-20000/udp RTP - media transport Some devices have a much narrower range of ports they use for RTP streams. For instance certain Cisco (formerly Li

If I bought a Dell 2950 or 2650, for example, and it has no drives in it (from say an auction). Will any SAS drive I get work in it? I ask because they vary so much in price. Some drives are $150 some are $500. I know they are faster more space, etc. Just wondering if I can get any of these and they will work. Thanks. Answer I've had some issues replacing Dell drives with generic equivalents but that has generally been on older servers. Recently I've been able to swap them out with no headache. Occasionally finding the right mounting hardware has been a bit of a pain, but ebay is a wonder for that stuff.

I have HP Microserver N54L, until recently i have used integrated software raid without problems. I have 2x WD Black and 2x WD Red (non-pro) disks for my raid array. I also have SSD directly on the motherboard (not that it matters, just to get all facts straight). I purchased HP P410 with 256MB memory back with a Battery Back Write Cache module. I'm using esxi 5.1 and i have one windows virtual machine. In this windows machine i get terrible read speeds (only up to 40-60 MB/s) write speed is kinda OK (around 100MB/s) but still slower than when i used integrated raid. For example this is copying a large file from raid to ssd http://img.hihi.si/Upload/vYbD.png :( This is my raid controller and array info ~ # esxcli hpssacli cmd -q "ctrl all show config detail" Smart Array P410 in Slot 1 Bus Interface: PCI Slot: 1 Serial Number: PACCRCN80ZK1TXH Cache Serial Number: PACCQID11090TB9 RAID 6 (ADG) Status: Disabled Controller Status: OK Hardware Revision: C Firmware Ve

Note: Yes, I realize this problem is easier to solve by just using 1 multi-domain or wildcard certificate. I wish to have an ASP.NET site running on IIS with 2 SSL domains sharing 1 web application but using separate certificates. Assuming I have 2 certificates, this can be solved on IIS7 as follows: Web Application1: Binding 1: http, 80, IP Address *, Host Name * Binding 2: https, 443, IPADDRESS1 , using CERTDOMAIN1 ( DOMAIN1 resolves to IPADDRESS1 ) Binding 3: https, 443, IPADDRESS2 , using CERTDOMAIN2 ( DOMAIN2 resolves to IPADDRESS2 ) That is to say, 2 certificates and 2 ip addresses, but both mapped to the same web application. In IIS6, the closest I have been able to come to this configuration is: Web Application1: Binding 1: http, 80, IPADDRESS1 Binding 2: https, 443, IPADDRESS1 , using CERTDOMAIN1 ( DOMAIN1 resolves to IPADDRESS1 ) Web Application2: Binding 1: http, 80, IPADDRESS2 Binding 2: https, 443, IPADDRESS2 , using CERTDOMAIN2 ( DOMAIN2 resolves to IPADDRESS

I found something very suspicious. When connecting to www.pulseexpress.com following a Google link, the server redirects you to some very dubious site that sends you a .exe file right away: # host www.pulseexpress.com www.pulseexpress.com has address 173.236.189.124 # netcat 173.236.189.124 80 GET / HTTP/1.1 Host: www.pulseexpress.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.2) Gecko/20100101 Firefox/10.0.2 Iceweasel/10.0.2 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en-gb;q=0.8,en;q=0.6,de-de;q=0.4,de;q=0.2 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CDEQFjAA&url=http%3A%2F%2Fwww.pulseexpress.com%2F&ei=JfhkT_SuGYf40gG85MW_CA&usg=AFQjCNGlomNN7JWxEG7DUzbJyqnVFYkj7w&sig2=i5xsJPgIs1sbD6gpDzJ7OQ HTTP/1.1 302 Moved Temporarily Date: Sat, 17 Mar 2012 20:53:40 GMT Server: Apache Location: http://www.

This is a Canonical Question about CNAMEs at the apices (or roots) of zones It's relatively common knowledge that CNAME records at the apex of a domain are a taboo practice. Example: example.com. IN CNAME ithurts.example.net. In a best case scenario nameserver software might refuse to load the configuration, and in the worst case it might accept this configuration and invalidate the configuration for example.com. Recently I had a webhosting company pass instructions to a business unit that we needed to CNAME the apex of our domain to a new record. Knowing that this would be a suicide config when fed to BIND, I advised them that we would not be able to comply and that this was bunk advice in general. The webhosting company took the stance that it is not outright forbidden by standard defining RFCs and that their software supports it. If we could not CNAME the apex, their advice was to have no apex record at all and they would not provide a redirecting webserver. ...What? Most o

I don't get it. I have a VPS with Nginx and php-fpm and MySQL. Should be very lightweight. No Apache, right? When I reboot, it is very lightweight. ~ 50/481 MB MEM usage. Very acceptable IMO. And after a few days there are ~ 20 mysqld processes running and ~ 7 php-fpm processes and ~ 8 getty processes and 3/4 of 1024 MB swap full and the server is out of memory! I'm not a pro, but I'm pretty sure that's not right... I think the crons have something to do with it. I have 3 jobs scheduled: a simple one (read smtp for new mail) every minute a big one (read RSS from ~ 30 blogs) every night a simple one (mysqldump of 2 small databases) every morning I'm not sure why I think that =) Probably because the simple job (SMTP, every minute) is always in the htop list. (But always with 0% cpu, 0% mem and 0:00:00 time...) The 20 mysqld's are also very strange, but they don't seem to require a lot of memory. The php-fpm's apparently do consume a lot of memory. In the 1

There are two pages in D-Link router to setup access to internal network from outside: Port Forwarding and Virtual Server . Both allows to map external port to internal one, except latter page also allows to change port. I found that if I have service in my internal network and set it up in any of two pages, I can easily access it from outside. But if it try to access my internal service from inside by external IP address, I succeed only if service is setup by Virtual Server page. Why? Is this D-Link bug or that behavior should occur because of Internet protocols? In latter case please provide some explanations. Answer You need NAT loopback, also known as NAT reflection, NAT hairpinning, and possibly a few other names. There is a good explaination on wikipedia of what NAT lookback does and why it's needed in your case. Basically without it, your router isn't expecting requests destined for your public IP to come from the LAN, and the address translation doesn&#