Home / user-273846

James Shewey's questions

Martin Hope
James Shewey
Asked: 2015-09-19 13:08:21 +0800 CST
  • 1

I have an issue I am trying to track down and I believe the problem is with physical networking hardware. I have read the VMWare documentation on the pktcap-uw command and I know I can use it to dump the traffic to a file which can then be viewed with Wireshark, but the pcaps I am getting are a little weird.

Looking at the documentation, I want to see traffic only between two IP addresses (IP A and IP B) on port 80 and I can use the --ip switch, but if I have --ip A --ip B, is that a boolean AND or a boolean OR.

tcpdump allows you to specify OR or AND and use parenthesis to do a full boolean expression. For pktcap-uw there is also --dstip and --srcip, but if you use the tcpdump equivelant, you would normally get only half the conversation.

What would be the correct syntax?

networking
Martin Hope
James Shewey
Asked: 2015-03-01 18:26:31 +0800 CST
  • 4

In our organization, we have two separate groups which share network address space and a domain. A couple of slices of /24 are allocated to my group, while the rest is allocated to our internal IT team.

We do not wish to be able to manage DNS for their slice of the pie, but we need to be able to manage it for our slice.

The problem is that for political/historical reasons, which preceeded my tenure, we have set up a Linux based DNS server and maintained our own records and pointed all of our servers and equipment at this server. Meanwhile users and developers across the organization are pointed at the IT teams DNS server.

In order to make sure that everything works in all situations, we have to enter DNS records in our server and then put in tickets with our IT team to have records created in the Active Directory environment. This has come out of parity and is a management nightmare.

Furthermore, we have hundreds of servers and applications which use the shared domain.com and having to create a subdomain.domain.com and update hundreds of servers and applications is not preferred.

As such, is there a way to grant trust and permission to update records in domain.com for only a handful of /24s inside of a /16? Third party solutions that bolt onto Active Directory are acceptable.

windows