Access Control List (ACL) odd behavior on Brocade VDX 6740.

Recently I was trying to configure ACLs on several of my VLANs with mixed results. Some would work, some wouldn't. Sometimes they'd work fine from one access layer switch and not work from another. I filed a ticket with Brocade and they suggest I upgrade my firmware to NOS 6.0.2f,  but that didn't help either.

Here's an example of one of my virtual interfaces on the router:

rbridge-id 1
 interface Ve 55
  ip access-group vlan55acl in
  ip dhcp relay address 10.100.110.29
  ip proxy-arp
  ip address 10.100.55.2/24
  vrrp-extended-group 55
   virtual-ip 10.100.55.1
   advertisement-interval 1
   enable
   no preempt-mode
   short-path-forwarding
  !
  no shutdown

After LOTS of banging my head against a wall I finally discovered that the short-path-forwarding command in the vrrp group was to blame. Occasionally traffic would arrive at a VE from an odd direction and would be stopped by the access list. Removing the short-path-forwarding command from the vrrp groups on all rbridges solved my problem

rbridge-id 1
 interface Ve 55
  ip access-group vlan55acl in
  ip dhcp relay address 10.100.110.29
  ip proxy-arp
  ip address 10.100.55.2/24
  vrrp-extended-group 55
   virtual-ip 10.100.55.1
   advertisement-interval 1
   enable
   no preempt-mode
  !
  no shutdown

Easy, User-Accessible Windows Server Disk Usage Reports

In my organization we have an FTP server which is used to transfer files between the corporate network and the secure media network. The server acts as a temporary transfer point and I have file expiration tasks which clear out old media, but depending on usage, occasionally the server may fill up. I'm not a media producer so I can't very well decide what gets deleted and the users of the system can't tell via the FTP interface whether the server is having other issues or if the drive is full. To make it easier for them to monitor I cobbled the following together:

Recipe for Monitoring Files Storage by Users:

• IIS with Browsing Enabled.
• File Resource Manager Role installed.
• A soft quota for monitoring.
• Automated storage reports.
• File expiration tasks

With the above my users can go to http://ServerName and see a list of storage reports for the past 30 days.

Setting it up:

1. Install the File Server Resource Manager role
2. Install the IIS Role with directory browse.
3. In File Server Resource Manager set up a quota for monitoring:
1. Under Quota Management and Quotas right click and choose Create Quota.
2. Create a soft quota with the limit matching the size of the drive you're monitoring.
   
4. Create a Storage Report:
1. Under Storage Reports Management create a new storage report.
2. Under Settings and Report data check the Quota Usage box. Under Report formats choose HTML only.
3. Under the Scope tab choose the drive you want to monitor.
4. Schedule it as appropriate. I run mine once a day in the morning.
5. Send the reports to the IIS root folder.
1. Click on File Server Resource Manager (Local)
2. Go to the Action menu and choose Configure Options
3. Under the report locations and Scheduled reports folder choose the web root folder, in my case C:\inetpub\wwwroot\.
6. Configure IIS for browsing:
1. Select your Default Web Site and double click Configuration Editor.
2. Under Section find system.webServer/directoryBrowse, change enabled to True, and click Apply in the Actions column.
3. Delete the files which are already in your web root folder so you get a directory listing instead of the default IIS start page.

Now when your users go to http://YourServer they will see a list of storage reports so they can look for trends and also see how full the drive is as of that morning.