Tag Archives: Infrastructure

Using the Iomega IX4-200D as a Storage Target for vSphere (ESX and ESXi) Lessons Learned

StorCenter_ix4_200d_hi_328x188

I’ve been using an Iomega IX4-200D as a storage target for vSphere and have to say that for the most part it works well.  I’ve used it both as an iSCSI target and as NFS storage.

You can and should expect it to suffer typical storage performance issues.  It runs on 4 hard drives, mine in a RAID 5 array which is not the most performant, but best in case of disk failure and who wants to lose VMs.  It’s still a limited set of spindles to work with and keeping that in mind will save you troubles down the road.

At one point, I had 17 VMs running on a single IX4-200D.

Still interested?  Keep reading…

Continue reading Using the Iomega IX4-200D as a Storage Target for vSphere (ESX and ESXi) Lessons Learned

Vyatta Blocking Email Download of Attachments

I check my site logs pretty often to find out how people are arriving at this blog and have seen an increase in traffic that points to an exchange I had with a visitor about Vyatta blocking email attachment downloads.  I wanted to post this quick entry so that people looking for a quick fix could get to this without running through the complete conversation on the other post: http://d3planet.com/rtfb/2009/11/02/vyatta-firewall-basics-and-configuration/

Here’s the quick and dirty solution:

Problem:  Vyatta is blocking download of email attachments.  This solution only applies if your implementation is using the web proxy and squidguard URL filtering.

Solution:  Use the following command to get Vyatta to allow IP addresses to be called directly.

set service webproxy url-filtering squidguard allow-ipaddr-url

or

set service webproxy url-filtering squidguard rule XX allow-ipaddr-url

Keep reading for more info on the issue…

Continue reading Vyatta Blocking Email Download of Attachments

Create a Router with Front Firewall using Vyatta on VMware Workstation

Vyatta is a powerful enterprise class software router that has some really incredible features.  It has a CLI (command line interface) as well as a web interface.  I’ve gotten a few requests about configuring it as a front system but until now have only really worked with Vyatta as a pure routing appliance internal to my network.  It has been my traffic cop between my lab subnet, user subnet, and server subnet but now I’ll try to configure it as a front end based on an exchange I had on another thread.

This should be able to give you some examples with getting started using Vyatta as a front firewall.

If you don’t have the software, you can download a free version, called Vyatta Core, from Vyatta’s website.  You have to register, but don’t worry, they won’t spam you and they have extensive documentation on the product that you can pull down after registering.  It’s an excellent resource to learn and practice your routing skills, especially since you can stand up the product on random hardware or in a virtual machine.  Vyatta even has downloads specific to VMware implementations.  Check it out and come back if you’re interested in seeing this post through.  http://www.vyatta.com.

And now for the good part.

Continue reading Create a Router with Front Firewall using Vyatta on VMware Workstation

Enable Jumbo Frame Support in vSphere Using PowerCLI in 30 Seconds. :)

This applies to virtual switches that have already been created.

I was trying to do this earlier this evening and found a few articles that talked about various methods to enable jumbo frame support on a vSwitch.  After reading some of the ‘hacks’ that are being used, I decided to dig into PowerCLI.  Amazingly enough, the solution is so simple that maybe it’ll get some of the people working with vSphere to move into PowerCLI further.  Here’s the 30 second or less solution to the issue.  As I wrote above, this applies for a vSwitch that’s already been created, but you can create a vSwitch with all the specifications you need from PowerCLI as well just the New-VirtualSwitch commandlet.

> $vs = Get-VirtualSwitch –name vSwitchX
> Set-VirtualSwitch –VirtualSwitch $vs –mtu 9000

> Get-VirtualSwitch –name vSwitchX

If you’re not familiar with PowerShell, get familiar with it. 🙂 It’s an excellent product and is expandable so many IT products are moving toward a PowerShell interface for its ease of use.

Continue reading Enable Jumbo Frame Support in vSphere Using PowerCLI in 30 Seconds. 🙂

SSL Sniffing – How Safe Is Your Information?

Some firewalls now have a new feature (or not so new), unbeknownst to most web users:  The little lock in your browser that shows that you are using a secure connection is not what it used to be.

When you make a secure connection to a web site, your bank for example, and you see the little lock appear, that is an indicator that your browser is connecting to and exchanging information with a server through a secure, certificate based channel.  Behind the scenes, some encryption keys are exchanged and the information that you are transmitting and that is being transmitted back to you is encrypted and not easily readable by others.  That perception of safety is the basis of all financial, as well as other, transactions on the Internet and you as the consumer believe when you see that lock, your information is safe.

There’s a lot that happens and can happen in between you and the server that you’re communicating with.  To illustrate what I’m talking about, here is a simplified diagram of a typical network configuration.  Using the example of a bank:

sslsniffing001

You can click the image above to enlarge it.  Your computer connects to your bank through firewalls.  The close firewall protects your network and the firewall on the bank’s end protects their network.  The is typically a certificate installed on the bank’s firewall and server that allow you to establish a secure connection to that server.

Continue reading SSL Sniffing – How Safe Is Your Information?

Team Foundation Server 2010 Installation Experiences and Lessons Learned

Do it right the first time! 🙂

There’s quite a few posts on Team Foundation Server 2010 (TFS) and how to install and configure it, as well as a really good CHM file from Microsoft on the same topics, so I won’t go through duplicating what everyone else has done and will link to one at the bottom of this post.  I’m writing this just to relay the experience I had with getting the product configured just the way I wanted it, or some facsimile thereof and some lessons learned.

 tfs001

After viewing some videos on YouTube of TFS, reading some of the Microsoft marketing material, and some of the posts on it, I decided to stand up TFS in my environment to see how well it works and to explore changes since the last version.  Right now, the team I lead isn’t really using any ‘set’ collaborative product.  We tend to work in small teams on projects so the need isn’t really there, though I’m sure the organization wouldn’t hurt.  We’re currently using Subversion as our source repository and occasionally use MOSS or WSS to collaborate.  Otherwise it’s phone calls and emails since we also tend to bounce around the country.  Enough background, on to TFS installation…

After reading through a few blog posts and Microsoft’s documentation on how to install and configure TFS, I stood up a Windows Server 2008 R2 VM and installed SQL Server 2008.  I was going with a single server install.  I followed the documentation to the letter for a single server install, and everything worked out just fine.  WONDERFUL!  GREAT!  So far…

Continue reading Team Foundation Server 2010 Installation Experiences and Lessons Learned

Creating and Managing a DNS Zone Using Windows Server + Quick DNS Primer

This is a quick post, or maybe not so quick, just to illustrate how to create and add records to a DNS zone on your own Windows Server with the DNS role configured.  This server can be a domain controller with DNS installed or just a DNS server, it doesn’t make any difference.

A quick primer on DNS.  DNS, or domain name servers (services), provides the ability for servers to access systems by name instead of IP address.  Without DNS servers, we would all have to navigate the Internet by typing in IP addresses, like http://74.125.19.99.  From reading this link, you’d have no idea where you were navigating to, but it just so happens that this is one of Google’s many public IP addresses.  Try it.

dns 001

Continue reading Creating and Managing a DNS Zone Using Windows Server + Quick DNS Primer

SQL Server 2008 Installer Fails on Windows 7 and Windows Server 2008 R2

Have you tried rebooting?

I ran across an issue on Windows Server 2008 R2 but also found the issue to happen on Windows 7 installations.

Apparently this will be fixed in the R2 releases of SQL but since those aren’t available yet for the enterprise and similar versions, there’s a pretty simple fix.  I found an article that references a few fixes that I’ll link to here in case the fix that I have doesn’t work.

The error states that “Invoke or BeginInvoke cannot be called on a control until the window handle has been created.”

Continue reading SQL Server 2008 Installer Fails on Windows 7 and Windows Server 2008 R2

Vyatta Firewall Basics and Configuration

For a post that is a little more advanced, try this one: Create a Router With Front Firewall Using Vyatta on VMware Workstation.

Otherwise… read on. 🙂

A few weeks ago, I installed Vyatta Open Source as a router internal to my network to see how it handled traffic between multiple subnets.  To put it plainly, it worked like a champ!  I put the router in place, assigned IP addresses to the NICs (network interface cards), and let the system do its thing.  It now connects traffic between my physical network, my production virtual network, and my virtual lab running on ESX 3.5.  I can easily manage most firewalls and routers that have a GUI but Vyatta presented a new challenge to me.  In the case of this system, for some tasks it’s a lot easier to use the command line interface (CLI).

So without further ado, here’s the basics of Vyatta’s firewall.

console001

Keep reading…

Continue reading Vyatta Firewall Basics and Configuration

Vyatta Community Edition, Open Source Router

I’ve been running multiple subnets in my lab, and been dealing with the pain of having to VPN into each separate subnet when needing to make a change, test something, or deploy something.  It’s been a learning experience and I’ve configured both OpenVPN and ISA Server 2006 VPN’s and successfully bounced around the various networks as necessary, but it’s been a real pain to have to VPN into one network, grab files, and then VPN into a different network to test and deploy those files, as an example.  So I began a hunt for an open source router that would give me more control than Untangle, which is an excellent open source routing and firewall tool.  Simply put, I wanted finer grained control than Untangle is designed to supply. As an example, I wanted to be able to filter network traffic based on mac addresses instead of IP addresses.

In my search, I came across Vyatta, which is an open source networking package that likes to compare itself to Cisco in functionality and control.  I decided to check out their site and found that they offer a free ‘Community Edition’.  I looked at the features of the community edition, then checked the VMware Appliances site and found that Vyatta has a pre-built VMware appliance.  NICE!  I filled out a short registration form, downloaded the appliance and all the documentation, which is thick to say the least, and fired up the appliance in VMware Workstation.

console001

Continue reading Vyatta Community Edition, Open Source Router