Category: Network & Server (網絡及服務器)

Veeam vs vRanger, The Battle is On, Round 1, KO!

By admin, April 5, 2012 4:15 pm

Round 1, KO!

I saw Anton from Veeam KOed vRanger last year in VMTN, although it’s not professional, but I like to see the pros and cons of both products and consumers have the rights to know the truth of negative side of each products.

Today I came across several articles posted by vRanger citing Veeam’s drawbacks and pitfalls and calling Veeam “a small company from Russia” (that’s a bit over and mean really). Well, I would say they are pretty true,  and I am not sure if those has been taking care  of in B&R v6 as I am still using v5. Anton if you saw this, please let me know if v6 has addressed the followings.

Btw, I know you act really quick in Veeam’s post around the web. I am really not sure how did you find all of them so quickly, is it by magic? :)

Critics about Veeam from vRanger can be also found here and there.

Don’t worry Anton, I have confident in Veeam and I am sure you don’t mind this can be discussed in public.

How a Poorly-Designed Architecture for Data Backup will Undermine a Virtual Environment — A Close Look at Veeam by Jason Mattox
Posted by kellyp on Jun 1, 2010 1:00:00 AM

At Vizioncore, we do not often cite our competitors by name in public. Our philosophy is that it is our job to provide expertise on virtual management requirements and the capabilities offered by Vizioncore for addressing those requirements.

However, members of our team also do have occassion to look in depth at competitive products. When the result is a fact-based assessment of how a competitor’s approach contrasts with Vizioncore, it seems to serve the larger community to put the information in public. The purpose of this is to help members of the community to better understand the real differences in approach and to better appreciate the value built into the Vizioncore product portfolio.

In this case, the competitor that we looked at is a small company called Veeam. Veeam offers an all-in-one product for backup, replication and recovery of VM images. They are privately held, based in Russia, and report having about 6K customers as of now. This compares to Vizioncore’s 20K+ customer level as announced in March 2010, with Vizioncore operating as a wholly-owned subsidiary of Quest Software. Quest is a public company, obligated to provide audited reporting of company financials.

The comparison and contrast between Veeam’s implementation of image-based backup and restore and vRanger Pro 4.5 appears below. This analysis is written by Jason Mattox, one of the co-inventors of the original vRanger Pro product. Jason continues to provide guidance and direction to new versions of Vizioncore technology products, including vRanger Pro 4.5.

We hope that you find Jason’s comments and insights educational. In a part 2 of this posting, we will offer more details on how vRanger Pro 4.5 and the Data Protection Platform (DPP) foundation on which it is built, contrasts with Veeam’s approach.

**************************************************

I have had the opportunity to take a deep, first-hand look at the Veeam 4.1.1 product over the last few weeks. My personal opinion – admittedly biased – is that they have a product built on a poor foundation. The problems with their architecture – and the potential result of the data protection not operating well and actually undermining an organization’s virtual environment – include the following:

Psuedo service-based architecture:  You install the product, it installs itself as a service, and you think, “okay good it’s a service based architecture.”  But it’s not:  Here is a simple test you can do on your own to prove the product is not a full service-based architecture.  Start a restore job.  Then log off Windows; the product will ask you: “Are you sure?” This is because if you log off Windows, it will cancel your running restores since it’s not running though the service. Another test you can try, is to attempt backup and restore at the same time; you cannot.  If the product was a true service based architecture, your backup and restore jobs would just be submitted to the service and the product wouldn’t care about the two functions running at the same time.

Lack of data integrity in the backup archive: Create a job in their product that contains, for example, 20 VMs. When you back up all the VMDKs, then Veeam puts all of the backup data into a single file.  Also, when you run incremental backups, they update this single large file directly.

When you have a single large file that needs to be updated the chance of corruption is high. Database manufacturers know this; products like SQL and Exchange write all their changes to log files first and then on a controlled event they post the changes to the single large file, the DB. Veeam does not implement this best practice, but rather updates a single 30, 40 or even 500 GB file directly instead of staging the data next to the file, then posting the data to the file once successful.

This is their Synthetic Full implementation – the entire basis for their product – and why we object to it so strenuously in terms of the risk that it introduces into customer environments.

Their argument in favor of Synthetic Full appears to have been that it enables backups to be faster. We believe that there are other, better methods available for speeding backup which do not risk the integrity of the backup repository. Methods including Active Block Mapping (ABM), now shipping in vRanger Pro 4.5. In beta test environments, our testers have reported that vRanger Pro backup is far faster than Veeam. However, your mileage will vary and we welcome more test reports from organizations testing both products.

Another argument in favor of Synthetic Full which has been offered by Veeam, is that it helps speed restore. Again, we agree with the goal but not with the method used to get there.

In vRanger Pro, we offer a Synthetic Restore process which has been in the product for some time. Our restore has been faster than Veeam’s for as long as we’ve been aware of Veeam. Our performance on restore was also improved in the 4.5 release, to be even faster than before.

Problems with updating a single file in the backup repository: Those of you familiar with database implementations – and the very good reasons for staging updates rather than writing them directly – will understand some of these problems immediately. This approach is especially problematic for image-based backup, and I’d like to offer some reasons as to why:

Tape space requirements – Because the original file is updated with every backup pass, the entire file must be written to tape every time. There is no method offered for moving just the new data to tape. This makes the ’sweep-to-tape’ process lengthy, and increases the number of tape cartridges required significantly. Tape management is, likewise, more difficult. The process of locating tapes, scanning to find data, and performing restore is, likewise, more difficult and lengthy.

Problems working with Data Domain de-duplication storage and similar storage appliances – Because the original file is amended with every backup pass, the appliance cannot be efficient in de-duplicating and replicating the backup data.

Finding and restoring individual VMs from the backup job – Because the backup file includes more than one VM, it is not named intuitively to enable easy browse and restore of the VMs required by the admin.

Overhead in the process of creating and managing simultaneous backup and recovery jobs – it’s just harder to do:  In their product, if you create a single backup job of let’s say 30 VMs they will backup one VM at a time. To perform more backup jobs at one time, you must create more jobs.  For each job, you must step through the entire backup wizard, which is time-consuming. The same holds true for restore jobs: for each VM, you must step through the entire restore wizard to create and submit a job to restore a VM. This isn’t that bad most of the time, but for disaster recovery scenarios or in situations in which entire ESX servers must be rebuilt, this simply isn’t that practical.

Feature called de-dupe is really something else: De-dupe in their product is not true de-dupe, but is perhaps better described as a template-based backup. Here’s what they do: they define a base VM – this being a set of typical files or blocks typically found in a VMDK – and they use this as the comparison for their full backup of the VM. For example, if you have two Windows guests then they do not have to backup up the Windows configuration because it is already in the base VM template.

However, there are some important limitations of their approach which include:

Their de-dupe is only good within the backup job. The more jobs you create, the less beneficial the de-dupe is because blocks are duplicated between and among backup jobs. If you need to create more backup jobs to gain better backup performance across multiple VMs, then the de-duplication benefit goes down.

Their de-dupe is defined with a base VM – and does not change with the configuration of the guests. If you have two Exchange servers being protected in the same job, then all of the blocks for the Exchange configuration will be included twice – even if they are identical.

Our own implementation of de-duplication is pending delivery later this year. We have developed true global, inline deduplication designed to offer maximum de-duplication benefits. It’s in test now. Our architecture, which includes keeping backup files intact and untouched once written into the repository, has been a key in enabling our de-duplication to function with true de-dupe capabilities.

Lack of platform scalability:  To scale out their product in virtual application mode, LAN free mode, ESXi network or ESXi replication, they have to install their product many times. To make it possible to manage all of the deployments, they offer an API layer and provide a ASP.net web page so that customers can go to check job status for their many installs.  This console does not allow you do create or edit jobs, but is a monitor. They call this their Enterprise console.

ESXi replication is network-exhaustive:   In their implementation for ESXi, their product reads from the vStorage API over the network uncompressed to their console, then it writes the resulting data over to the other target ESXi host over the vStorage API uncompressed.

What’s wrong with this? In the first place, the vStorage API was not designed for the WAN link; it was designed for backups which were meant for the LAN. The other issue is that the traffic is uncompressed; WAN links are not cheap so compression is a key feature that’s needed. Also, if you look at the resources needed for this, just a single replication job can consume 50-80% CPU of a 2 CPU VM. So if you think about how you would scale this out from a bandwidth and installation point of view, this doesn’t seem practical.

Use of unpublished VMware API calls:  If you have ever used the Datastore browser from the vCenter client, this process uses an internal API that’s not exposed to 3rd parties called the NFC. Here is what they have done: they are impersonating the vCenter client and using the internal NFC API to work with VMs.

So, here’s the risk:  VMware may trace a reported problem with a VM back to a 3rd party product that is using an unpublished vCenter API by impersonating the vCenter client. Will VMware be okay with this? Might VMware get a little strange with you and their ability to support you and your environment?

If you want to verify this for yourself just look in the logs of their product for ”NFC”, look at the target datastore for files that are not VMware related. Ask them how do they transfer and modified files in the datastore that are not your normal VMware files?

Why the stakes are high in virtual environments: Virtual environments are some of the fastest-growing and most dynamic environments in the world. As virtual servers continue to gain momentum in terms of their adoption rate, administrators are presented with the big challenge of keeping ever-expanding virtual resources monitored and under efficient management. At Vizioncore, we want to enable this momentum to continue by offering data protection and management capabilities which are purpose-built for images, with foundational capabilities designed to ensure that protection methods are — and remain — affordable, resource-efficient, and easy to use and operate. No matter how large your virtual environment grows.

Update April 7, 2012

Got a reply from Veeam’s support, their suggest is to use Full Backup instead of Synthetic Backup method, kind of avoid answer my question directly, well, this part does suck anyway. After all. nobody want to copy that hundred GB of vbk everyday after the backup session over a 100Mbps or eve 1Gbps link. Another problem is Full Backup tends to keep a lot more retention copies than Synthetic, this uses more space as well.

During the first run of a forward incremental backup (or simply incremental backup), Veeam Backup & Replication creates a full backup file (.vbk). At subsequent backups, it only gets changes that have taken place since the last performed backup (whether full or incremental) and saves them as incremental backup files (.vib) next to the full backup.

Incremental backup is the best choice if company regulation and policies require you to regularly move a created backup file to tape or a remote site. With incremental backup, you move only incremental changes, not the full backup file, which takes less time and requires less tape. You can initiate writing backups to tape or a remote site in Veeam Backup & Replication itself, by configuring post-backup activities.

Strange High Latency (Read) After Equallogic Firmware Upgrade (Solved!)

By admin, April 3, 2012 2:30 pm

I have performed the firmware upgrade today on one of the PS6000XVs to latest v5.2.2.

Everything worked as it should be, VMs stayed as solid as steel (no ping lost), the contoller failover took about 10 seconds (ie, ping to group ip had a 10 seconds black out) and the whole upgrade took about 10 minutes to complete as expected.

Caution: Controller failed over in member myeql-eql01

Caution: Firmware upgrade on member myeql-eql01 Secondary controller.
Controller Secondary in member myeql-eql01 was upgraded from firmware version Storage Array Firmware V5.0.2 (R138185)

Caution: Firmware upgrade on member myeql-eql01 Primary controller.
Controller Primary in member myeql-eql01 was upgraded from firmware version to version V5.2.2 (R229536)

However there are various problem started to occur after the upgrade, mainly high TCP Retransmit, high disk latency (read) and a fan of active controller module failed. Besides, EQL battery temperature also went up by 5 degrees comparing to its original state. (something is going on on background contributes to this raise for sure)

1. High TCP Retransmit (SOLVED)

The IOMeter benchmark dropped by almost 90% and high TCP Retransmit starts to occur, re-installed MEM on ESX Hosts, reboot, still the same.

Then I reboot the PowerConnect 5448 switches one by one, this solved the problem completely, but why Equallogic Firmware Upgrade requires the switch gears to be rebooted? Was something cached in the switch, ARP, MAC? I don’t know really, may be this is the time we say “Wow, It Worked~ It’s Magic!”

2. High Disk Read Latency (Remain UNSOLVED)

This PS6000XV used to have below 6ms Latency, it’s now 25-30ms on average, and the funny thing is whenever the IOPS is extreme high in 9,000 range (I use IOMeter to push my array to its max), the latency becomes really low in 5ms range.

Vice versa, whenever the OPS is extreme low in 5 to 70 where I stopped the IOMeter, the latency jumps sky high in 130-120ms range.

All these were performed using the latest SAN HQ v2.2 Live View tool, I really liked it much!

All individual volumes latency added together is still 5-6ms, so where does the extra 20 something HIDDEN latency coming from?

Contacted US EQL support as local support has no clue what so ever as usual, he told me it could be due to meta data remapping process going on background after the firmware upgrade, and I need to wait a few to 24 hours for it back to normal. To be honest, I’ve near heard such thing nor I can googled about this (ie, disk meta data needs to be remapped after firmware upgrade)

Ok, things are still the same after almost 48 hours, so I doult this is the problem, ps aux shows no process is going on at the array.

Remember my controller temperature also went up by almost 25% indicating somthing is working heavily on the storage processor, so could this be an additional good indicator show that my PS6000XV is still doing some kind of background meta data integrity checking whenever it senses IOPS is low, so it boost the meta data integrity checking process, so we see that high latency?

Anyway, this problem remains as mystery, I don’t have any performance issue and this can be ignored for the time being, and I think only time can tell the truth when the background disk I/O thing completes its job and latency hopefully will back to normal.

In fact, I hate to say this, but I strongly suspect it’s a bug in Equallogic firmware v5.2.2, if you do have any idea, please drop me a line, thanks.

3. Fan of Active Controller Module Failed (SOLVED)

When active controller failover, Module 0 Fan1 went bad, it turns out to be FALSE ALARM, the fan returns to normal after the 2nd manual failover again.

Oh…the ONLY Good thing out of the whole firmware upgrade is TCP Retransmit is now 0% 99.9999% of the time and I do sense IOPS is 10% higher than before as well.

I saw a single spike of 0.13% only once in the past 24 hours, um… IT’S JUST TOO GOOD TO BE TRUE, SOUNDS TOO SUSPICIOUS to me as the TCP Retransmit used to be in 0.2% range all the time.

Update May 1, 2012

The mystery has been SOLVED finally after almost 1 complete month!

I disabled Delayed Ack on all my ESX hosts for the cluster, after reboot the hosts one by one, I witness High Latency issue has gone forever! It’s back to 3.5-5.0ms normal range. (after 12:30pm)

fixed

The high read latency problem was indeed due to Delayed Ack which was enabled on ESX 4.1 (by default). As it was also stated by Don Williams (EQL’s VMware specialist), Delayed Ack adds artificial (or Fake) high (or Extra) latency to your Equallogic SAN, that’s why we saw those false positive on SANHQ.

In other words, SANHQ was deceived by the fake latency number induced by Delayed Ack, which leads to the strangeness of this problem.

It’s nothing to do with our switch setting, but still this doesn’t explain why EQL firmware v5.0.2 or before doesn’t have this problem, so it might still related to a firmware bug in v5.1.x or v5.2.x that triggered the high latency issues in those ESX/ESXi hosts with Delayed Ack enabled (by default).

Finally, IOmeter IOPS shows 10-20% increase in performance after upgrading to firmware v5.2.2. (actually with or without disabling the Delayed Ack)

Again, I am greatly appreciated for the help from Equallogic’s technical support team, we have done many direct WebEX sessions with them and they have been always patient and knowledgeable, know their stuff, especially Ben who’s the EQL performance engineer, he also gave me an insight lecture in using SANHQ, I’ve learnt many useful little stuff in helping me troubleshooting my environment in the future!

and of course, Joe, who’s responsible for EQL social media, it proved Equallogic is a great company who cares their customer no matter large or small, this really makes me feel warm. :)

Equallogic Arrays is NetBSD based?

By admin, April 3, 2012 1:24 pm

I had  a WebEX session with US Equallogic Support yesterday, I saw the followings when he had direct access to EQL PS6000XV console.

cli-child-3.2# uname -a
NetBSD 1.6.2 NetBSD 1.6.2 (EQL.PSS)

Also during the booting process of PS6000XV, the active controller module shows 4 cores

All slave cpus (16) ack’ed userapp init
count = 4, total =4
All slave cpus (4) ack’ed message ring init

For a list of undocumented Equallogic CLI commands, see this link.

I was also told the CPU of PS4000 series is dual-cores, that’s why it’s slower than PS6000 series in terms of performance.

PCI-e 3.0 is here, 800MB Per Lane!

By admin, April 2, 2012 9:45 pm

I noticed the latest Poweredge R720 is already available on Dell’s page, but after study the specs a bit, I think I will skip the 12th generation for the time being.

Mainly because Xeon E5 is very similar to Xeon 5600, it’s still 32nm, it only has 2 more cores (ie, 8 cores) and a bit more cache. (ie, 2.5MB/core vs 2MB/core) and the performance is not impressive at all, the extra 2 cores only contributes to the additional 40% in VMMark benchmark. Not to mention CPU is never a bottleneck after all, I/O and Memory are!

Yes, it has 24 dimms vs 16 dimms R710, so that’s 64GB more with 8GB DIMM being the main stream now, but ESX 5.0 Enterprise Plus has a 96GB per socket glass ceiling, so no point here to upgrade again.

The only two things can really sell are:

1. A lot more disks can be fitted into the 2U now than before, 12 x 3.5″ or 16 2.5″ drives.

2. PCI-e 3.0 is finally here! 800MB Per Lane with x4 that is 3.2GB/s. The new PERC H810 x8 with 1GB cache is designed exactly for this kind of hugh I/O, finally we can use 2 or more SSD to break that 3GB/s limit!

72844_3_5_l

Upgrade Equallogic MEM to v1.1.0

By admin, March 31, 2012 5:10 pm

The reason I choosed to upgrade MEM first is becuase in the release note of MEM 1.1.0, it is said the minimum EQL FW should be v4.3.7 (which I’m on v5.0.2), but FW v5.2.2 states clearly that it only supports MEM 1.1.0, so I need to upgrade MEM first before I upgrade my EQL firmware to v5.2.2 and add HIT/VE v3.1.1 later.

1. Remember to put your ESX host to Maintenance Mode FIRST!!!

2. Use the MEM installation script as I found this is the most simple method, open vSphere CLI

C:\>setup.pl –install –server=xxx.xxx.xxx.xxx
You must provide the username and password for the server.
Enter username: root
Enter password:

Upgrading from existing Dell EqualLogic Multipathing Extension Module installed:
DELL-eql-mem-1.0.0.130413
Defaulting to offline bundle ‘C:\dell-eql-mem-esx4-1.1.0.222691.zip’
The install operation may take several minutes.  Please do not interrupt it.
Upgrade install was successful.
You must reboot before the new version of the Dell EqualLogic Multipathing Exten
sion Module is active.

3. Remember to Reboot it as well if your host is ESX 4.1

4. Check if the MEM is installed correctly, found out MEM setting has been set to default, so need to change it again to its maximum power to ultilize all 4 paths. (ie, volumesessions=12, membersessions=4)

C:\>setup.pl –query –server=xxx.xxx.xxx.xxx
You must provide the username and password for the server.
Enter username: root
Enter password:

Found Dell EqualLogic Multipathing Extension Module installed: DELL-eql-mem-esx4
-1.1.0.222691
Default PSP for EqualLogic devices is DELL_PSP_EQL_ROUTED.
Active PSP for naa.6090a078e03b90b5b1d654e6e700d0fc is DELL_PSP_EQL_ROUTED.
Active PSP for naa.6090a078c06ba23424c914a0f1889d68 is DELL_PSP_EQL_ROUTED.
Active PSP for naa.6090a078e03bd0aad3cc34ade700500f is DELL_PSP_EQL_ROUTED.
Active PSP for naa.6090a078e03b80201dcbe4a5e70010ee is DELL_PSP_EQL_ROUTED.
Active PSP for naa.6090a078e03b40e895cc74abe70000fd is DELL_PSP_EQL_ROUTED.
Found the following VMkernel ports bound for use by iSCSI multipathing: vmk2 vmk
3 vmk4 vmk5

C:\>setup.pl –listparam –server=xx.xxx.xxx.xxx
You must provide the username and password for the server.
Enter username: root
Enter password:

Parameter Name  Value Max   Min   Description
————–  —– —   —   ———–
TotalSessions   512   1024  64    Max number of sessions per host.
VolumeSessions  6     12    1     Max number of sessions per volume.
MemberSessions  2     4     1     Max number of sessions per member per volume.
MinAdapterSpeed 1000  10000 10    Minimum adapter speed for iSCSI multipathing.

C:\>setup.pl –setparam –name=VolumeSessions –value=12 –server=xxx.xxx.xxx.xxx
C:\>setup.pl –setparam –name=MemberSessions –value=4 –server=xxx.xxx.xxx.xxx

* Make sure you have 4 NICs for iSCSI before setting MemberSessions to 4 or you will see high TCP Retransmit.

5. Double check the storage path in vCenter to make sure MEM is the default PSP and all 4 paths are Active.

OpenManage 6.5 Update on ESX 4.1, Poor Equallogic Local Support!

By admin, March 31, 2012 1:56 pm

Today I’ve finally got time to update some of the major components such as OSMA, EQL MEM, EQL FW, Dell Bios, etc.

The first thing I have done is to upgrade OpenManage to latest version 6.5 on ESX 4.1 hosts.

The whole thing is actually very easy, simply download OM-SrvAdmin-Dell-Web-LX-6.5.0-2247_A01.15.tar (762MB). Yeah, I know Dell site is confusing, but this is the right one to download, then install the package according to the Short Installation Guide on the download page.

The setup script will actually perform an automatic upgrade process. Oh…there are some warnings, saying something is not found such as symbolic links, etc. But don’t worry, just remember to start the OMSA (wsman) service again manually, not even need to reboot the host or put it into maintenance mode, everything was performed live without any problem.

However, there are two minor warnings:
1.”Unsupported browser version. See the User’s Guide for minimum supported browser versions.”
Ok. I am using the latest Firefox v10, it’s not compatible, may be OpenManage 6.5 A2 or OpenManage 7.0 will have this included, I found both versions are available in Document section, but nothing  found in the download page, strange.
2. Dell IT Assistant starts to show Yellow Exclamation Mark and OpenManage starting to complain my H700 firmware is old and not updated, that’s ok, I will do it later.

Next, it’s time for me to upgrade MEM to v1.1.0 first and then EQL FW to v5.2.2, well I’ve waited almost a full year since my last update of EQL components.

Strange enough local Dell EQL technical support told me to shut down all VM before performing the EQL firmware update, luckily I didn’t listen to their advice as I vaguely remember that EQL FW  update can be done in real time without shutting down the host or VM.

Later I confirmed this with Danny, Thanks again! This is where Equallogic local support (HK and China region) starts to worry me a lot recently as Open Case is no longer handled by US EQL staff since the mid of last year, the technical knowledge and quality is just not there at all, worst, at times, they tend to ask their customers to do things ridiculously or suggest their customer to try it (without performed the step themselves). I’ve told them what if I have thousands of VMs and do I need to shut down all of them just to perform the firmware upgrade? The answer is Yes! HUH???? BS!!!

Yes I am complaining about local Equallogic support service is getting poorer and please correct this issue ASAP!

Update: April 6, 2012

OM-SrvAdmin-Dell-Web-LX-7.0.0-4614_A00.tar.gz is out today!

Dell Acquires SonicWall: Oh NO!

By admin, March 16, 2012 2:11 pm

Sometimes it really makes you wonder why big corporation collects rubbishes just to expand their portfolio.

Well I am absolutely speechless when I saw the title today, so it’s time to sell your NASDAQ:DELL. :)

What a Coincidence 網絡世界的緣份

By admin, March 13, 2012 10:02 pm

Yesterday I bought a 2nd hand Fortigate 60B from a famous computer user group in Hong Kong.

During the trade, I found out the seller Danny also uses Equallogic in his company, umm…the way he talked reminded me a lot someone I must have come across before, but I couldn’t figure out who he exactly was at the time.

Later after I came back and opened my blog. Danny…isn’t there also a Danny always comments on my blog before regarding EQL products? Double checked the email on my blog and the one seller provided, Bingo, he’s the same person, what a miracle! Virtual world finally touched reality without knowing it’s actually happening during the trade, so wired and funny!

This reminds me Disney’s most well-known song “It’s a Small Small World”, I think one of these days we (one who is interested in EQL products) should form an informal Hong Kong Equallogic User Group gathering in a coffee shop or something, anyone got any solid idea, please contribute and make it happen.

Danny, thank you very much again for almost giving out this firewall for me to play with. Personally, I really like to play with this kind of toy (network appliances) during my spare time, because I like their intuitive UI and innovative features and find they are fascinating to play with and all these toys makes you to become the god of your own domain is of course exciting.  Btw, I also got some other fun toys on hand like Netscreen, Top Layer, Radware, BlueCoat, Riverbed etc , together with this FTG-60B, they will keep me very busy for a while.

IMG_6488

Display Port (DP) to DVI Problem: Monitor Never Goes Into Power Saving Mode

By admin, March 4, 2012 11:04 pm

Finally I’ve completed the desktop migration to Dell Optiplex 990 SFF after using the antique Asus P2BD for 13 years, and currently I’m enjoying every moment with the new PC.

Today I suddenly realized my Dell Ultrasharp 2007FP (in 1600 x 1200 mode using DP to DVI) isn’t working properly with its Power Saving feature. The LCD Monitor power indicator button should become Amber (Less than 2 W), instead it stays as Green all the time with “No DVI-D Cable” signal floating around the screen. This means the LCD is still drawing full power (about 75W) and burning every pixel even the screen is blank.

Searched many places on the net and ended in vain mostly (in fact many people having problem with Dell’s LCD monitor not able to resume from Power Saving Mode, but this is not my case), Then I tried to connect my screen to a VGA and the power saving function worked perfectly, hum…I know it’s nothing to do with Windows 7 Power feature, definitely not my Ultrasharp 2007FP’s problem, so this leaves only one possibility, it must be the cable!

So I put back the original Dell DP to DVI Adapter with a DVI (male) to DVI (male) cable, guess what? The screen shows Going into “Power Saving Mode” and then the power button went to Amber, ha, now we are on the right track.

I couldn’t wait to solve this problem and I really don’t like the messy combination of Dell DP to DVI Adapter with the extra DVI cable. What I need is a simple DP to DVI cable that works! So I rushed to the computer store and bought me another little bit expensive DP to DVI cable (about USD15 and kind of hard to get only one shop got it) and rushed back, crossed my finger when turned on the monitor power.

No DVI-D Cable again and worst, my screen won’t come back even I moved the mouse, Shoot! Am I a victim of the infamous Dell LCD monitor isn’t being able to resume to normal in Power Saving Mode?

Luckily this isn’t the case after I restarted my PC, everything worked just as expected, my Dell Ultrasharp 2007FP worked as designed, Going into Power Saving Mode, then all lights become Amber, yeah!

So a cheap quality cable wasted at least 5-6 hours of my precious time searching for solution. I really hated it while I am searching for the answer, in fact, this is part of my daily job, ie, always involving in PROBLEM SOLVING in all kind of things, and I love it so much after finding the answer, kind of contradicting right? Yeah, dude that’s life unfortunately!

Null Route DDOS attack on Windows Platform

By admin, February 22, 2012 7:30 pm

This little trick only works for entry level hacker, it won’t stand a chance with advanced hacker, not to mention those DDOS with pure bandwidth consumption (I don’t think there is a way to mitigate this at all anyway, if you do, pls drop me a line).

First I tried the following intuitive command on Windows Server 2003 and found out it doesn’t work, somehow, Windows doesn’t allow route to 127.0.0.1.

route add DDOS_IP 255.255.255.255 127.0.0.1

* Assume DDOS_IP is the DDOS source IP Address.

The solution is to create a loopback (ie, fake) NIC by go to Control Panel, then Add Hardware > Network Card > Microsoft Loopback Adapter.

From Properties, Remove everything and leaving only TCP/IP, assign it a fake IP (say 192.168.80.8), disable WINS of course.

Finally, simply route the crap to this fake destination

route add DDOS_IP MASK 255.255.255.255 192.168.80.8

If you want to permanently add this DDOS IP, use route add –p parameter.

To remove it, type “route delete DDOS_IP”.

In additional, if you want to block the whole C-Class (ie, 256 IPs, mask /24) of DDOS source, then use:

route add DDOS_IP MASK 255.255.255.0 192.168.80.8

For example: route add 202.128.110.0 MASK 255.255.255.0 192.168.80.8

Finally, how do you know which IP is DDOS your server? Well, if you find a IP with many LAST_ACK from netstat, then this indicates a very high possibility that the IP is the DDOS attacker.

Examples

To display the entire contents of the IP routing table, type:

route print

To display the routes in the IP routing table that begin with 10., type:

route print 10.*

To add a default route with the default gateway address of 192.168.12.1, type:

route add 0.0.0.0 mask 0.0.0.0 192.168.12.1

To add a route to the destination 10.41.0.0 with the subnet mask of 255.255.0.0 and the next hop address of 10.27.0.1, type:

route add 10.41.0.0 mask 255.255.0.0 10.27.0.1

To add a persistent route to the destination 10.41.0.0 with the subnet mask of 255.255.0.0 and the next hop address of 10.27.0.1, type:

route -p add 10.41.0.0 mask 255.255.0.0 10.27.0.1

To add a route to the destination 10.41.0.0 with the subnet mask of 255.255.0.0, the next hop address of 10.27.0.1, and the cost metric of 7, type:

route add 10.41.0.0 mask 255.255.0.0 10.27.0.1 metric 7

To add a route to the destination 10.41.0.0 with the subnet mask of 255.255.0.0, the next hop address of 10.27.0.1, and using the interface index 0×3, type:

route add 10.41.0.0 mask 255.255.0.0 10.27.0.1 if 0×3

To delete the route to the destination 10.41.0.0 with the subnet mask of 255.255.0.0, type:

route delete 10.41.0.0 mask 255.255.0.0

To delete all routes in the IP routing table that begin with 10., type:

route delete 10.*

To change the next hop address of the route with the destination of 10.41.0.0 and the subnet mask of 255.255.0.0 from 10.27.0.1 to 10.27.0.25, type:

route change 10.41.0.0 mask 255.255.0.0 10.27.0.25

Pages: Prev 1 2 3 4 5 6 7 ...13 14 15 ...26 27 28 Next