Friday 5 September 2014
updating NIC drivers on VMware ESX host
Print out lost of info on the host, you can grep for the NIC you are looking for
esxcfg-info -n | less
List all the NIC info
esxcfg-nics -l
Show the driver and firmware version for vmnic0
ethtool -i vmnic0
Show the VMware version on the host
vmware -l
Check vmware compatibility guide
http://www.vmware.com/resources/compatibility/detail.php?deviceCategory=io&productid=21553&deviceCategory=io&details=1&partner=146&releases=260&deviceTypes=6&vioSolutions=Standard%20-%20IO%20Devices&page=1&display_interval=10&sortColumn=Partner&sortOrder=Asc
Check the compat guide for the latest driver for your NIC and your version of VMware update X.
Download the driver file and extract it. You want the .VIB file
You will need to enable ssh and esxcli on your host
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2004746
SCP the vib file to the host
Migrate all VMs off the host
Put the host into maintenance mode
Turn on logging in your putty session in case anything goes wrong you have some output for support.
Update the driver with the new VIB file
esxcli software vib update -v {VIBFILE}
Note: Depending on the certificate used to sign the VIB, you may need to change the host acceptance level. To do this, use the following command:
esxcli software acceptance set --level=<level>
Reboot the host and test connectivity
Don't forget to turn off esxcli and ssh when you are done
Wednesday 27 August 2014
Monday 18 August 2014
troubleshooting vmware issues
check the resource usage on the VM
Check the resources on the VM host
check for snapshots
esxtop (top of esx)
check latency
less vmkernel | grep -i module (or what ever you are looking for)
ping between VMs on the same host, ping between VMs on different hosts and compare can highlight a network issue
Check the resources on the VM host
check for snapshots
esxtop (top of esx)
check latency
less vmkernel | grep -i module (or what ever you are looking for)
ping between VMs on the same host, ping between VMs on different hosts and compare can highlight a network issue
Wednesday 13 August 2014
How to troubleshoot BGP issues
http://www.techrepublic.com/article/how-to-use-ip-and-bgp-to-troubleshoot-internet-connectivity/
http://www.analogx.com/contents/download/network/htrace/freeware.htm
http://www.visualware.com/demo/index.html
http://www.traceroute.org/
Nslookup on the website gives us the IP 108.162.200.103
Traceroute shows us that we go to next gen -> equinx
-> web server (notice that number 13335 in the equnix datacentre)
AAPT have a looking glass here http://looking-glass.connect.com.au/lg
show ip bgp 108.162.200.103
It gives the results below
look for the route with "best" this is the one that is used
The second path in red is used. The AS numbers go from
source to destination so we went from
1221 (Telstra Australia) -> 10026 (pacnet Hong Kong)
-> 13335 (Cloudflare US)
If we didn’t see any route or a route to the wrong AS number
we could see a problem. It’s also a good idea to check with another looking
glass (this one is in Canada)
852 (telus Canada) -> 13335 (Cloudflare US) -> 13335
-> 13335
Get the public IP of the site you have an issue with.
Use network tools and route views to see if its working
On your router
sh ip bgp sum
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 55555 2206452 12134255 72040489 0 0 18w4d 4
2.2.2.2 4 4444 103782 47 72040260 0 0 00:38:24 600792
3.3.3.249 4 1234 17399 31813 72040260 0 0 00:56:51 91673
3.3.3.250 4 1234 20209 172 72040260 0 0 02:29:59 91672
We want to see a number there. If its switching between Active/Idle its bad. Try ping the neighbor contact the other end.
sh ip bgp nei 3.3.3.250 advertised-routes
We should see the same networks that are in the BGP config for that neighbor. If we see 0 prefixes we have an issue.
You can also do a debug ip icmp on the router and ping the public IP to see if traffic is hitting the router.
You should have a neighbor with the other router or via a failover cable but not both.
Filter lists are for controlling routes advertised
Look for "filter-list" and "ip as-path"
Prepends are for controlling paths in
BOGONS are usually a list for blocking IP ranges commonly used for IP spoofing
Get the public IP of the site you have an issue with.
Use network tools and route views to see if its working
On your router
sh ip bgp sum
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 55555 2206452 12134255 72040489 0 0 18w4d 4
2.2.2.2 4 4444 103782 47 72040260 0 0 00:38:24 600792
3.3.3.249 4 1234 17399 31813 72040260 0 0 00:56:51 91673
3.3.3.250 4 1234 20209 172 72040260 0 0 02:29:59 91672
We want to see a number there. If its switching between Active/Idle its bad. Try ping the neighbor contact the other end.
sh ip bgp nei 3.3.3.250 advertised-routes
We should see the same networks that are in the BGP config for that neighbor. If we see 0 prefixes we have an issue.
You can also do a debug ip icmp on the router and ping the public IP to see if traffic is hitting the router.
You should have a neighbor with the other router or via a failover cable but not both.
Filter lists are for controlling routes advertised
Look for "filter-list" and "ip as-path"
Prepends are for controlling paths in
BOGONS are usually a list for blocking IP ranges commonly used for IP spoofing
Tuesday 12 August 2014
searching message tracking logs in exchange
Searching message tracking logs
Get-MessageTrackingLog -Recipients clowe@davies.com.au -Start 08/12/2014 | ft MessageSubject,MessageID
Get-MessageTrackingLog -MessageID XXXXXXX.domain.com | fl
Get-MessageTrackingLog -Recipients clowe@davies.com.au -Start 08/12/2014 | ft MessageSubject,MessageID
Get-MessageTrackingLog -MessageID XXXXXXX.domain.com | fl
Tuesday 5 August 2014
change font sizes in outlook 2010
Changing font size in 2010
The folders
Right click on Mail -> Navigation Pane Options ->
Click the font button
The email list
View tab -> View Settings -> Other settings
Other settings button
The text in emails inside the reading pane
You have some options
You can use the zoom in the bottom right
Change DPI settings in windows
Make all emails plain text and select the font
Monday 4 August 2014
issues with winRM and windows remote assist
Having some issues with it just storing some information here
Remote assist uses DCOM it must be enabled
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
EnableDCOM = Y
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
AllowTSConnections = 1
If you enable this policy you should also enable firewall exceptions to allow Remote Assistance communications. The firewall exceptions required for Offer (Unsolicited) Remote Assistance depend on the version of Windows you are running
Windows vista and later
Enable the Remote Assistance exception for the domain profile. The exception must contain:
Port 135:TCP
%WINDIR%\System32\msra.exe
%WINDIR%\System32\raserver.exe
Windows XP with Service Pack 2 (SP2) and Windows XP Professional x64 Edition with Service Pack 1 (SP1)
Port 135:TCP
%WINDIR%\PCHealth\HelpCtr\Binaries\Helpsvc.exe
%WINDIR%\PCHealth\HelpCtr\Binaries\Helpctr.exe
%WINDIR%\System32\Sessmgr.exe
For computers running Windows Server 2003 with Service Pack 1 (SP1)
Port 135:TCP
%WINDIR%\PCHealth\HelpCtr\Binaries\Helpsvc.exe
%WINDIR%\PCHealth\HelpCtr\Binaries\Helpctr.exe
Allow Remote Desktop Exception
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
fAllowUnsolicited = 1
fAllowUnsolicitedFullControl = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\RAUnsolicit
davies\domain admins = davies\domain admins
WinRM
Remote assist uses DCOM it must be enabled
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
EnableDCOM = Y
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
AllowTSConnections = 1
If you enable this policy you should also enable firewall exceptions to allow Remote Assistance communications. The firewall exceptions required for Offer (Unsolicited) Remote Assistance depend on the version of Windows you are running
Windows vista and later
Enable the Remote Assistance exception for the domain profile. The exception must contain:
Port 135:TCP
%WINDIR%\System32\msra.exe
%WINDIR%\System32\raserver.exe
Windows XP with Service Pack 2 (SP2) and Windows XP Professional x64 Edition with Service Pack 1 (SP1)
Port 135:TCP
%WINDIR%\PCHealth\HelpCtr\Binaries\Helpsvc.exe
%WINDIR%\PCHealth\HelpCtr\Binaries\Helpctr.exe
%WINDIR%\System32\Sessmgr.exe
For computers running Windows Server 2003 with Service Pack 1 (SP1)
Port 135:TCP
%WINDIR%\PCHealth\HelpCtr\Binaries\Helpsvc.exe
%WINDIR%\PCHealth\HelpCtr\Binaries\Helpctr.exe
Allow Remote Desktop Exception
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
fAllowUnsolicited = 1
fAllowUnsolicitedFullControl = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\RAUnsolicit
davies\domain admins = davies\domain admins
WinRM
Configuring WinRM using Microsoft Group Policy
If running winrm quickconfig on every XenApp server is not efficient for your site, you can configure WinRM using Microsoft Group Policy.
Note: Settings configured by Group Policy overrides the configuration changes made by the installer or configuration changes made locally on the desktop.
Note: Settings configured by Group Policy overrides the configuration changes made by the installer or configuration changes made locally on the desktop.
Complete the following procedure to configure WinRM using Group Policy:
- Set the WinRM service to auto start:a. In the Group Policy Editor, navigate to Computer Configuration> Policies > Windows Settings > Security Settings> System Services.
b. Double-click Windows Remote Management (WS-Management) and set it to Automatic. - Create the WinRM listener:a. In the Group Policy Editor, navigate to Computer Configuration >Policies > Administrative Templates > Windows Components > Windows Remote Management (WinRM) > WinRM Service.
b. Double-click Allow automatic configuration of listeners and configure the IPv4 filter to *.
- Create a firewall exception for WinRM:a. In the Group Policy Editor, navigate to Computer Configuration> Policies > Windows Settings > Security Settings> Windows Firewall with Advanced Security.
b. Create an Inbound Rule for WinRM for port 5985. - After configuring the preceding three group policies, restart the server to update the group policies and start the WinRM service.
Tuesday 15 July 2014
built in command line diff on windows
fc file1 file1
for binary file
fc /b file1 file2
fc /? for more info
fc /? for more info
granting send on behalf of permissions in exchange management shell
Set full access permissions
Add-MailboxPermission mymailbox@server.com -User grantmerights@server.com -AccessRights FullAccess -InheritanceType All
Send on behalf of permission (give dlopez send of behalf of for rclark)
Set-Mailbox mymailbox@server.com -GrantSendOnBehalfTo grantmerights@server.com
check settings
Get-MailboxPermission -Identity mymailbox@server.com -User grantmerights@server.com
get-mailbox -Identity mymailbox@server.com | fl *grantsendonbehalfto
Add-MailboxPermission mymailbox@server.com -User grantmerights@server.com -AccessRights FullAccess -InheritanceType All
Send on behalf of permission (give dlopez send of behalf of for rclark)
Set-Mailbox mymailbox@server.com -GrantSendOnBehalfTo grantmerights@server.com
check settings
Get-MailboxPermission -Identity mymailbox@server.com -User grantmerights@server.com
get-mailbox -Identity mymailbox@server.com | fl *grantsendonbehalfto
Sunday 13 July 2014
some settings are managed by your system administrator
I wanted to manually do windows updates on a test server. However after removing the server from group policy and doing a gpupdate /force and a reboot the server still wouldn't let me do windows updates as local or domain admin. After trying a bunch of stuff I finally got it working with these settings.
Start -> Run -> gpedit.msc
Computer configuration -> Administrative Templates -> Windows Components -> Windows Update
Configure Automatic updates
Choose enabled
Choose option 5 - Allow local admin to choose setting
User configuration -> Administrative Templates -> Windows Components -> Windows Update
Remove access to use all Windows Update features
Choose Disabled
Start -> Run -> gpedit.msc
Computer configuration -> Administrative Templates -> Windows Components -> Windows Update
Configure Automatic updates
Choose enabled
Choose option 5 - Allow local admin to choose setting
User configuration -> Administrative Templates -> Windows Components -> Windows Update
Remove access to use all Windows Update features
Choose Disabled
Wednesday 9 July 2014
testing bandwidth
iperf
https://iperf.fr/
good for testing across WAN links etc
Server
iperf -s
Client (run test for 30 seconds)
iperf -c x.x.x.x -R -t 30
Iperf3 is the latest version (set the bandwidth to get the full speed)
https://iperf.fr/
good for testing across WAN links etc
Server
iperf -s
Client (run test for 30 seconds)
iperf -c x.x.x.x -R -t 30
Iperf3 is the latest version (set the bandwidth to get the full speed)
iperf3.exe -u -c x.x.x.x -b 1000M -t 30
-i creates more streams
-u can give better performance also
-i creates more streams
-u can give better performance also
Window size can give better results too.
iperf3.exe -u -c x.x.x.x -b 1000M -t 60 -w 64MB -i 3
Wednesday 2 July 2014
Sunday 29 June 2014
reboot command on windows
shutdown -r -f -t 0
shutdown /i (brings up the GUI where you can set a messages etc)
shutdown /i (brings up the GUI where you can set a messages etc)
Thursday 26 June 2014
VMware studies
ESX networks
You are probably going to need network connections to the following networks
Production (This is your internet LAN network)
Storage (iSCSI or Fibre/HBA connect your ESX to the storage)
Service console (This is the management network)
vMotion network (If you have enterprise you'll want a dedicated NIC for vMotion)
DMZ (Connection to your DMZ)
For redundancy you have some options:
2 cables for production, 1 to each switch
4 cables for production, 2 to each switch, each pair should be ether channeled.
If we used
2 cables for production, 2 for Storage, 1 for mgmt, 1 for vmotion, 1 for DMZ, that's 8 cables
If we used
4 production
4 for storage
1 for mgmt, 1 for vmotion, 1 for DMZ, that's 11 cables
Wednesday 25 June 2014
microsoft exchange attachment size limit
You'll want to connect to your hub transport server.
Start the Exchange Management Console.
Under Organization Configuration, click Hub Transport.
On the Global Settings tab, click Transport Settings.
Limit is set in kb
Start the Exchange Management Console.
Under Organization Configuration, click Hub Transport.
On the Global Settings tab, click Transport Settings.
Limit is set in kb
Tuesday 17 June 2014
configuring ssh on hp procurve swtiches
Log in via console
conf t
password manager user-name [Insert_username_here]
[type password]
[confirm password]
crypto key generate ssh
Wait 1 min for this to complete (this will be pretty instant unless the switch is CPU busy)
show crypto host-public-key (if you see the keys there its all good to proceed)
ip ssh (turn on ssh)
wr mem
logout
loging via ssh
no telnet-server
conf t
password manager user-name [Insert_username_here]
[type password]
[confirm password]
crypto key generate ssh
Wait 1 min for this to complete (this will be pretty instant unless the switch is CPU busy)
show crypto host-public-key (if you see the keys there its all good to proceed)
ip ssh (turn on ssh)
wr mem
logout
loging via ssh
no telnet-server
Monday 16 June 2014
Visio stencils
Where do people get those cool shapes for visio
VisioCafe is an independent non-profit web site for the gathering together of IT industry Visio collections.
http://www.visiocafe.com/
http://office.microsoft.com/en-au/visio/
VisioCafe is an independent non-profit web site for the gathering together of IT industry Visio collections.
http://www.visiocafe.com/
http://office.microsoft.com/en-au/visio/
Wednesday 11 June 2014
Wednesday 28 May 2014
Mail merge in word 2003
Had to do this but couldn't remember
Get data in an excel file
Tools -> Letters and Mailings -> Mail Merge
Letters -> Use current document -> Browse (select the excel file)
Select the table with the data
Click ok
Click more items and select the fields you want
Get data in an excel file
Tools -> Letters and Mailings -> Mail Merge
Letters -> Use current document -> Browse (select the excel file)
Select the table with the data
Click ok
Click more items and select the fields you want
Wednesday 21 May 2014
taking over a users session in citrix
Go to the citrix web interface
Login as an admin user
Login to the citrix server that the user’s session is on
Start -> run -> tsadmin.msc (or use the tscon commandline)
Right click on the users session and click connect you will
have to enter the users password
vSphere Error - 'The operation is not allowed in the current connection state of the host'
http://www.petenetlive.com/KB/Article/0000848.htm
Needed to restart the VMware Virtual Center Server service. I had to log onto the console of the VM host and use the restart management services option
vmware power CLI
VMware powerCLI can be downloaded from VMware.
You can use it to run powershell scripts against your VM's
Tuesday 20 May 2014
sflow and netflow
Most monitoring systems can tell you you that a port is being maxed out. You have to trace that traffic back to the switch its coming from and view all the ports connected there to see what is using the traffic. It can be time consuming and half way through the traffic can stop.
Netflow and sFlow can help with this.
Netflow is a feature that was introduced on Cisco routers that give the ability to collect IP network traffic as it enters or exits an interface. By analyzing the data that is provided by Netflow a network administrator can determine things such as the source and destination of the traffic, class of service, and the cause of congestion. Netflow consists of three components: flow caching, Flow Collector, and Data Analyzer.
sFlow uses sampling to achieve scalability and is, for this reason, applicable to high speed networks (gigabit per second speeds and higher). sFlow is supported by multiple network device manufacturers and network management software vendors.
An sFlow system consists of multiple devices performing two types of sampling: random sampling of packets or application layer operations, and time-based sampling of counters. The sampled packet/operation and counter information, referred to as flow samples and counter samples respectively, are sent as sFlow datagrams to a central server running software that analyzes and reports on network traffic; the sFlow collector.
You should try to use sFlow instead of netflow because of the performance hit. Netflow is more like port mirroring. Your device needs to support it and you need some software to analyze the data. There are lots of free and paid tools to do it. First step is contacting your vendor and asking them how you can configure it. You may be limited to netflow / port mirroring. In those cases you need to plug a laptop into the port on the device that's mirroring with the software running.
http://sflow.org/products/collectors.php
Free tool for netflow
http://www.solarwinds.com/products/freetools/netflow-analyzer.aspx
Solarwinds also offter a paid product.
Netflow and sFlow can help with this.
Netflow is a feature that was introduced on Cisco routers that give the ability to collect IP network traffic as it enters or exits an interface. By analyzing the data that is provided by Netflow a network administrator can determine things such as the source and destination of the traffic, class of service, and the cause of congestion. Netflow consists of three components: flow caching, Flow Collector, and Data Analyzer.
sFlow uses sampling to achieve scalability and is, for this reason, applicable to high speed networks (gigabit per second speeds and higher). sFlow is supported by multiple network device manufacturers and network management software vendors.
An sFlow system consists of multiple devices performing two types of sampling: random sampling of packets or application layer operations, and time-based sampling of counters. The sampled packet/operation and counter information, referred to as flow samples and counter samples respectively, are sent as sFlow datagrams to a central server running software that analyzes and reports on network traffic; the sFlow collector.
You should try to use sFlow instead of netflow because of the performance hit. Netflow is more like port mirroring. Your device needs to support it and you need some software to analyze the data. There are lots of free and paid tools to do it. First step is contacting your vendor and asking them how you can configure it. You may be limited to netflow / port mirroring. In those cases you need to plug a laptop into the port on the device that's mirroring with the software running.
http://sflow.org/products/collectors.php
Free tool for netflow
http://www.solarwinds.com/products/freetools/netflow-analyzer.aspx
Solarwinds also offter a paid product.
Tuesday 15 April 2014
script to ping a subnet and look for a mac address on windows
Quick and dirty way to find which IP a mac address is associated with
for /l %i in (1,1,254) do ping -n 1 -w 1 192.168.1.%i
arp -a | find "aa-bb-cc-dd-ee-ff"
This assumes you network is 192.168.1.0 /24
for /l %i in (1,1,254) do ping -n 1 -w 1 192.168.1.%i
arp -a | find "aa-bb-cc-dd-ee-ff"
This assumes you network is 192.168.1.0 /24
Sunday 16 February 2014
Subscribe to:
Posts (Atom)