Quick question, we have a Windows AD domain "company.com" Computers are joined to this Windows domain "company.com" and we also have a web server at "www.company.com". A request has come in that the higher ups also want our website to respond to "company.com" (without the www). Since this is our AD Domain name, is there some sort of trick where I can point only port 80 traffic on "company.com" to a web-server, or would I have to run IIS/redirect on all the AD servers?
We are setting up a mirror/span/rspan/erspan to get traffic (DC's live as VMs in ESX Cluster) to our Microsoft ATA server. The problem that we are running into is that a traditional RSPAN is not working because all unicast messages are getting blocked in the Fabric Interconnects of the UCS Chassis (where VMware lives). Some searching indicates that there is really no way to run an L2 RSPAN thorough a Fabric interconnect, only local mirror sessions to/from the FIs.
So enter ERSPAN, basically encapsulating the packets in GRE and sending them to a layer 3 destination. This works fantastically with wireshark as the destination, because it is smart enough to strip off the GRE and present the packet. Microsoft ATA however 'does not currently support ERSPAN' and requires the GRE be decapsulated by a switch/router.
What we are now trying to do is setup the ERSPAN destination on a Nexus 7k, then monitor the session to a physical interface and hand that off to ATA as raw packets. Has anyone worked with this sort of configuration before? I found an example configuration from Cisco, but I am not sure what to put for the eRSPAN session-id, or if it has to match anything.
Short of setting up a linux host to terminate GRE then mirror, does anyone have any ideas?
(Rough physical network, clustered FI's, Clustered 4500x, 1 Nexus 7k, 2 linecards).
DC---VMware---VDS(ERSPAN Source)---- Fabric Interconnect ----- Cisco 4500X ----- Nexus 7k(ERSPAN Destination)--- Microsoft ATA
Looking for any ideas, we discovered that our group policies (default policy) was no longer applying our account policies (password age/complexity/history etc). Our DCs still had the local policy locally defined so AD users were still held to the policies, but we can't come up with an explanation for why the settings disappeared.
Any thoughts or suggestions on where to check would be appreciated. We recreated the policies and confirmed they are being distributed across the domain.
I have a client that I am configuring a NetApp system for, but they played around with the system before I got there and have already assigned all of the disks to the aggr0 which is a 32-bit traditional volume.
In light of future upgrade/space concerns/maximization I want to migrate to a 64-bit aggr0 (with vol0 on it) but all of the disks have been assigned (with one free in the pool).
I am not on site so I don't want to do a maintenance restore if at all possible, so my question is since the aggr0 is RAID-DP can I use 'disk fail' to remove two drives and put the aggr0 into a double degraded state, then use the 3 free drives to make my new aggr00/vol00, ndmp copy, change the boot vol and carry on with a normal migration.
If anyone has experience failing disks intentionally to remove them from an aggr so they can be reallocated, please let me know.