Author: harlan

Posted on

Port Mirroring on a Force10 S50v

I wanted to mirror the traffic received and sent on port 0/48 of the Force10 S50v switch to port 0/44 on the same switch. Notice that I do not have to add port 0/44 to any vlan in order to use it for the destination for port mirroring; however, I do have to make sure it has “no ip address” and “no shutdown” configured. Now that all the physical connections are made, I setup port mirroring on the Force10 S50v switch as shown below.

————————————————————————————————————
– enable
– config
– monitor session 0
– source gigabitethernet 0/48 destination gigabitethernet 0/44 direction both

Once I get around to setting up the lagg, I would change the monitor session 0 to

source port-channel 128 destination gigabitethernet 0/44 direction both

Posted on

VMware iSCSI Configs

To install the Equallogic Multi Pathing Module

SCP the zipped vib to a location accessible by your vHost.

dell-eql-mem-esx5-1.2.0.365964.zip to vHost01

Then SSH to the vHost and run the following command, editing for your location

~ # esxcli software vib install –depot /vmfs/volumes/*****/dell-eql-mem-esx5-1.2.0.365964.zip

You’ll see the result similar to below (from an older version installed)

Installation Result
Message: Operation finished successfully.
Reboot Required: false
VIBs Installed: Dell_bootbank_dell-eql-host-connection-mgr_1.1.1-268843, Dell_bootbank_dell-eql-hostprofile_1.1.0-212190, Dell_bootbank_dell-eql-routed-psp_1.1.1-262227

Once you’re running equallogic storage multi pathing module run

esxcli equallogic param list

————— —– —– — ———————————————
TotalSessions 512 1024 64 Max number of sessions per host.
VolumeSessions 12 12 1 Max number of sessions per volume.
MemberSessions 4 4 1 Max number of sessions per member per volume.
MinAdapterSpeed 1000 10000 10 Minimum adapter speed for iSCSI multipathing.
~ # esxcli equallogic param set -n=VolumeSessions -v=12
~ # esxcli equallogic param set -n=MemberSessions -v=4

run those two esxcli statements on ssh.

your member sessions are probably 2 and the volume sessions are probably 4 or 6

then rescan the paths on ths iscsi software adapter, you should triple the paths

MPM

After updating the mpm config on my vhosts

vhost01-iscsi-network

Posted on

Shadow a VMware View Desktop Session

In VMware View there is no central way shadow a desktop session such as for example in Citrix XenApp. It would be nice if in the future it is possible to shadow a desktop from for example the VMware View Connection server. This is a frequently asked question by customers where VMware View is implemented.

The following steps must be taken to shadow a PCoIP session from the vSphere Console by using a GPO:

Use VMware vSphere 5 and VMware View 5 or greater (in vSphere 4 there is a registry hack available)
For Windows 7 be sure to use Hardware Version 8. For Windows XP or Vista you can use any hardware version
Create a new Group Policy Object (GPO)
Add the “pcoip.adm” file to the Computer Configuration. The ADM file can be found on the VMware View Connection server in the “C:\Program Files\VMware\VMware View\Server\extras\GroupPolicyFiles” folder
Enable the “Enable access to PCoIP session from a vSphere console” in the Computer Configuration settings.
pcoip1

Link the GPO to the OU were the VMware View Windows 7 desktop resides
Sync Domain Controllers
Restart the VMware View desktop
After configuring this, it is possible to shadow a PCoIP session from the vSphere Console. The user doesn’t need to approve the shadow session so this could be security and privacy issue. The keyboard and mouse movements are displayed on the two screens synchronously, although, there is a bit of a delay.

Posted on

Locked Out of WordPress due to Google Authenticator

Locked OuI got locked out of my WordPress Site recently due to messing about with Google Authenticator and I needed to disable the plugin.
To do this, open an FTP session to your WordPress and locate the folder below

/wp-content/plugins/google-authenticator

If you rename the ‘google-authenticator’ folder to ‘_google-authenticator’ this will disable the plugin.

Login to your WordPress as normal then open the plugins.

Now from the FTP rename the ‘_google-authenticator’ back to ‘google-authenticator’ and in your web-browser click the plugins tab again the google-authenticator plugin will now be de-activated, you can re-activate it and go into your user account to re-configure.

If you watch this video from beginning to end on Google Authenticator it does step you through setting-up another admin account while you test everything in case this happens so you do not lock yourself out. You then delete the second (non Google Authenticator active) admin account once you have everything verified working okay.

See the video guide here :- http://www.mocialsedia.com/installation-essentials-for-wordpress/ it is the last one on the page video 3 on Google Authenticator.

Posted on

Disable OTP Sophos UTM 9.2 via Shell

Dang it! I also locked myself out of the webadmin on Sophos UTM 9.2 while trying out their OTP function with Google Authenticator.

Here’s how I fixed this problem:

Login to the Firewall Console Interface as root
at the / type
cc
then auth and press enter,
it will list out:
ad_sso
auto_add_to_facility@
auto_add_users$
block
cache_lifetime$
edir_sso
otp
servers@

Type otp and press enter,
it will list out:
auto_create_token$
default_timestep$
facilities@
require_all_users$
required_users@
status$

Type facilities@ and press enter,
finally listing:
0 webadmin
1 portal
2 ipsec
3 openvpn

Type -0 and press enter, where it will redisplay (in this case)
0 portal
1 ipsec
3 openvpn

Login as admin to your firewall via the webadmin!!!

Posted on

How to Change Port RDP Listens On

To change the port that Remote Desktop listens on, follow these steps.
1. Start Registry Editor.
2. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
3. On the Edit menu, click Modify, and then click Decimal.
4. Type the new port number, and then click OK.
5. Quit Registry Editor.
6. Restart the computer.

Note When you try to connect to this computer by using the Remote Desktop connection, you must type the new port. Maybe you have to set the firewall to allow the new port number before you connect to this computer by using the Remote Desktop connection.

Posted on

Bootable USB Sticks, the Easy Way.

I can’t stand remembering how to do certain tasks, I mean to say, I want things to work right, automatically… can’t stand it when you have to fuss about clicking here, there, etc.
That’s when I found Rufus. Rufus is an awesome utility found here:
http://rufus.akeo.ie/

You can download that utility, and use it to transform your USB Memory stick to do something useful other than just host files. Give it a shot!

Posted on

Multiple-NIC vMotion in vSphere 5

To set up Multi-NIC vMotion in vSphere 5.x on a Standard vSwitch:
  1. Log into the vSphere Client and select the host from the inventory panel.
  2. Click the Configuration tab and select Networking.
  3. Click Add Networking and choose VMkernel as the Connection Type.
  4. Click Next.
  5. Add two or more NICs to the required standard switch. You can create a new vSphere standard switch or use an existing vSwitch.Note: Ensure that all adapters are on the same network when connected to a physical Ethernet environment. If the adapters are split across switches, then all adapters must be able to communicate across those switches.
  6. Name the VMkernel portgroup (for example, vMotion-01), and assign a VLAN ID as required.
  7. Click Use this port group for vMotion, then click Next vMotion NICs
  8. Configure the IP address and subnet mask, then click Next..
  9. Click the Properties tab of the vSwitch, select the vMotion-01 portgroup, and click Edit.
  10. Click the NIC Teaming tab.
  11. Under Failover Order, select Override switch failover order.
  12. Configure the first adapter (for example, vmnic1) as active and move the second adapter (for example, vmnic3) to Unused Adapters.
  13. Click OK.
  14. Under the vSwitch Properties, click Add to create a second VMkernel portgroup.
  15. Name the VMkernel portgroup (for example, vMotion-02), and assign a VLAN ID as required.Note: Ensure that both VMkernel interfaces participating in the vMotion have the IP address from the same IP subnet.
  16. Click Use this port group for vMotion, then click Next.
  17. Configure the IP address and subnet mask, then click Next.
  18. Click the Properties tab of the vSwitch, select the vMotion-02 portgroup, and click Edit.
  19. Click the NIC Teaming tab.
  20. Under Failover Order, select Override switch failover order.
  21. Configure the second adapter (for example, vmnic3) as active and move the first adapter (for example, vmnic1) to Unused Adapters.
  22. On the Properties tab of the vSwitch, select each vMotion portgroup in turn and confirm that the active and standby adapters are the reverse of each other.
  23. I repeated the tasks above two more times because I have four nics for iSCSI traffic. Each nic went to its own physical network card, which was further bound to the Software iSCSI HBA.

In the below picture, you can see an inbound migration at the beginning of the graph, and later after the configuration you can see the same machines migrated outbound post configuration on both vHosts.

Posted on

Frickin vRanger

I’ve updated our system to 7.0.0.37394 of vRanger Backup and Replication and found a really confounding bug – or problem with it.
We were rolling along just fine with 6.1.0.35402 backups worked, Everyone was happy. Then disaster happened: we lost a drive in the SAN and the database that held our logs was gone. I’m the kind of guy that likes to make things better, so with a chance to upgrade our software, since our backup logs were lost, I thought what better time to do so than now. YAY. Well when you go to make a new repository in vRanger, you’ve got to pay attention to the CaPiTaLiZaTiOn of your path, such that \\backupdevice\dir\backupfolder is not by chance \\backupdevice\dir\BackupFolder as was my case using either NFS or CIFS. Backups were failing with the message: “Backup failed: Error: 2258 – FATAL cifs_cant_mkdir CIFS can’t create the directory cifs:localhost;admin@backupdevice/public/backup/* (No such file or directory) [at cifs_mkdir:615″ where I should have had “backupdevice/public/Backup”
Oh the maddness ensues because when I went back through the installation, vRanger validates the path as correct!!! This happens on the vRanger Virtual Appliance (vRanger-VA). SO, if you get that message on a fresh install, check your path statement. – OR just use all lower case letters.

Posted on

Soft lockup messages from Linux kernel running in an SMP-enabled virtual machine

Soft lockup messages from Linux kernel running in an SMP-enabled virtual machine

Details:

When running a Linux kernel in a symmetric multiprocessing (SMP) enabled virtual machine, messages similar to BUG: soft lockup detected on CPU#1! are written to the message log file. The exact format of these messages vary from kernel to kernel, and might be accompanied by a kernel stack backtrace.
Many Linux kernels have a soft lockup watchdog thread, and report soft lockup messages if that watchdog thread does not get scheduled for more than 10 seconds. On a physical host, a soft lockup message generally indicates a kernel bug or hardware bug. When running in a virtual machine, this might instead indicate high levels of overcommitment (especially memory overcommitment) or other virtualization overheads.

Solution:

The soft lockup messages are not kernel panics, and can be safely ignored.Some kernels allow you to adjust the soft lockup threshold by running the command:echo time > /proc/sys/kernel/softlockup_thresh

Where time is the number of seconds after which a soft lockup is reported. The default is generally 10 seconds.

What the Error Looks Like:

abrt_version:   2.0.8

cgroup:

cmdline:        /usr/bin/ksh ./update_archive.ksh RMUAT

executable:     /bin/ksh93

kernel:         2.6.39-400.212.1.el6uek.x86_64

last_occurrence: 1403155682

pid:            25607

pwd:            /oracle/scripts/update_archive

time:           Thu 19 Jun 2014 12:28:02 AM CDT

uid:            502

username:       oracle

 

sosreport.tar.xz: Binary file, 3959288 bytes

 

environ:

:SHELL=/bin/sh

:OLDPWD=/home/oracle

:USER=oracle

:LD_LIBRARY_PATH=/lib:/usr/lib:/oracle/product/11.2.0/dbhome_1/lib

:PATH=/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin

:PWD=/oracle/scripts/update_archive

:JAVA_HOME=/usr/java

:LANG=en_US.UTF-8

:HOME=/home/oracle

:SHLVL=2

:LOGNAME=oracle

:’NLS_DATE_FORMAT=MM-DD-YYYY HH24:MI:SS’

:_=./update_archive.ksh

 

limits:

:Limit                     Soft Limit           Hard Limit           Units

:Max cpu time              unlimited            unlimited            seconds

:Max file size             unlimited            unlimited            bytes

:Max data size             unlimited            unlimited            bytes

:Max stack size            10485760             33554432             bytes

:Max core file size        0                    unlimited            bytes

:Max resident set          unlimited            unlimited            bytes

:Max processes             16384                16384                processes

:Max open files            1024                 65536                files

:Max locked memory         65536                65536                bytes

:Max address space         unlimited            unlimited            bytes

:Max file locks            unlimited            unlimited            locks

:Max pending signals       387052               387052               signals

:Max msgqueue size         819200               819200               bytes

:Max nice priority         0                    0

:Max realtime priority     0                    0

:Max realtime timeout      unlimited            unlimited            us

 

maps:

:00400000-0055b000 r-xp 00000000 fc:00 261718                             /bin/ksh93

:0075a000-0076d000 rw-p 0015a000 fc:00 261718                             /bin/ksh93

:0076d000-00773000 rw-p 00000000 00:00 0

:0096c000-0096e000 rw-p 0016c000 fc:00 261718                             /bin/ksh93

:3e8dc00000-3e8dc20000 r-xp 00000000 fc:00 1177356                        /lib64/ld-2.12.so

:3e8de1f000-3e8de20000 r–p 0001f000 fc:00 1177356                        /lib64/ld-2.12.so

:3e8de20000-3e8de21000 rw-p 00020000 fc:00 1177356                        /lib64/ld-2.12.so

:3e8de21000-3e8de22000 rw-p 00000000 00:00 0

:3e8e000000-3e8e002000 r-xp 00000000 fc:00 1177390                        /lib64/libdl-2.12.so

:3e8e002000-3e8e202000 —p 00002000 fc:00 1177390                        /lib64/libdl-2.12.so

:3e8e202000-3e8e203000 r–p 00002000 fc:00 1177390                        /lib64/libdl-2.12.so

:3e8e203000-3e8e204000 rw-p 00003000 fc:00 1177390                        /lib64/libdl-2.12.so

:3e8e400000-3e8e58b000 r-xp 00000000 fc:00 1177360                        /lib64/libc-2.12.so

:3e8e58b000-3e8e78a000 —p 0018b000 fc:00 1177360                        /lib64/libc-2.12.so

:3e8e78a000-3e8e78e000 r–p 0018a000 fc:00 1177360                        /lib64/libc-2.12.so

:3e8e78e000-3e8e78f000 rw-p 0018e000 fc:00 1177360                        /lib64/libc-2.12.so

:3e8e78f000-3e8e794000 rw-p 00000000 00:00 0

:3e8f000000-3e8f083000 r-xp 00000000 fc:00 1177398                        /lib64/libm-2.12.so

:3e8f083000-3e8f282000 —p 00083000 fc:00 1177398                        /lib64/libm-2.12.so

:3e8f282000-3e8f283000 r–p 00082000 fc:00 1177398                        /lib64/libm-2.12.so

:3e8f283000-3e8f284000 rw-p 00083000 fc:00 1177398                        /lib64/libm-2.12.so

:3e98400000-3e98402000 r-xp 00000000 fc:00 1177423                        /lib64/libutil-2.12.so

:3e98402000-3e98601000 —p 00002000 fc:00 1177423                        /lib64/libutil-2.12.so

:3e98601000-3e98602000 r–p 00001000 fc:00 1177423                        /lib64/libutil-2.12.so

:3e98602000-3e98603000 rw-p 00002000 fc:00 1177423                        /lib64/libutil-2.12.so

:7fea21b5d000-7fea21bcd000 rw-p 00000000 00:00 0

:7fea21bcd000-7fea27a5e000 r–p 00000000 fc:00 1441433                    /usr/lib/locale/locale-archive

:7fea27a5e000-7fea27aaa000 rw-p 00000000 00:00 0

:7fea27ab8000-7fea27ab9000 rw-p 00000000 00:00 0

:7fffdfc56000-7fffdfc77000 rw-p 00000000 00:00 0                          [stack]

:7fffdfde7000-7fffdfde8000 r-xp 00000000 00:00 0                          [vdso]

:ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

 

open_fds:

:0:pipe:[122311558]

:pos: 0

:flags:     00

:1:/oracle/log/RMUAT_update_archive_140619002801.log

:pos: 199

:flags:     0100001

:2:/oracle/log/RMUAT_update_archive_140619002801.log

:pos: 199

:flags:     0100001