Search This Blog

Using nmap to Test DNS Server Recursion

  1. Download nmap binaries. For Windows OS, download the command-line zipfile is sufficient.
  2. Unzip the zip file, and install Winpcap and Visual C++ Redistributable Package installer included in the zip file
  3. Open command prompt
  4. Run “nmap –sU –p53 –script=dns-recursion <DNS_Server_IP>
  5. If the server allows resursion, it shows “Recursion appears to be enabled”

To prevent the DNS server from being used for DNS amplification attacks, disable DNS recursion on the public facing DNS server. The DNS recursion should be enabled on the DNS server serving the internal client.

On a Windows DNS server, this can be done under the DNS server properties, Advanced tab, Server options, check the checkbox “Disable recursion (also disable forwarders)”

WinDNS.Disable.Recursion

Use Get-FolderItem.ps1 to Fix PathTooLongException

When using Get-ChildItem to list all files in a folder and its subfolders, it returns the “PathTooLongException” error. This happens when the file path is more than 260 characters.

There are several ways to work around this issue. See this Technet Wiki.

Personally, I found the Get-FolderItem.ps1 script is the easiest one.

  1. Download the script from Microsoft Script Center Repository
  2. Right-click on the script and select Properties, then click Unblock
  3. Launch a PowerShell session
  4. Load the Get-FolderItem function into the session by entering “. <path>\Get-FolderItem.ps1”. (make sure there is a space between the “.” and the script)
  5. Enter “Get-FolderItem –Path <path>” to list all files in the folder and its subfolders
  6. Another use case “Get-FolderItem –Path <path> | Where {$_.LastWriteTime –gt “MM/DD/YYYY” } | Select FullName | Ft –autosize | Out-File c:\temp\modified.file.log.txt –width 4096

For more information about the Get-FolderItem.ps1 script, see this.

Prevent PowerShell Out-File Truncating Output

When trying to list the full path of all files in a folder and its subfolders, the Out-File cmdlet truncats the path for files with the long path.

It turns out that Out-File outputs the data with the same width of the PowerShell console (see Using the Out-File Cmdlet).

To work around the issue, include the –width parameter and specify a different line width(e.g. –width 4096). This outputs every line with 4096 characters long (pedding with spaces).

To output line width to match the longest output, add Ft –autosize before Out-File. For example:

Get-ChildItem -File -Recurse -Path Z:\ | where {$_.LastWriteTime -gt "MM/DD/YYYY"} | select FullName | Ft -autosize | Out-File c:\temp\modified.file.txt -Width 4096

vSphere Memory Ballooning

I know nothing about memory ballooning until I read this post – “How does memory ballooing work”.

Here is my understanding of this topic:

What is memory ballooning?

The ballooning driver (part of VMware Tools) frees up the VM guest memory (active memory + free memory) and makes it available to the Hypervisor (so avoid hypervisor swapping).

How does it work? and how does it impact performance?

The ballooning driver will balloon all ram down to the minimum recommended memory for each operating system + Mem.AppBalloonMaxSlack (16 MB by default, it’s adjustabe from 1 MB – 256 MB). The minimum recommended memory value is set by the operating sytem vendor and hard coded by VMware. It cannot be changed.

For example, RHEL 7’s minimum recommended memory is 512 MB. The ballooning driver will balloon all ram down to 528 MB (512 + 16). If an application in the OS requests more than 528 MB memory, it causes the guest operating system to swap/page. This is better than hypervisor swapping, but still a really bad impact for performance.

 How to avoid Ballooning?

  • Avoid over provisiooning server memory (the best option)
  • Make a reservation for server memory (bad idea in most respects)
  • Do not install VMware Tools (bad idea in every respects)

VMware vRealize Production Test Tool

VMware KB2134520 documents the steps to use vRealize Production Test Tool to validate and test the vRealize Automation configuration and identify potential configuration failures, password expiration, certificate errors and more.

VSAN Storage Controller Cache

In “VSAN 6.0 Design and Sizing Guide” v.1.0.5, April 2015, under Storage controller cache considerations section, “VMware’s recommendation is to disable the cache on controller if possible. Virtual SAN is already caching data at the storage layer – there is no need to do this again at the controller layer. If this cannot be done due to restrictions on the staorge controller, the recommendation is to set the cache to 100% read.”.

However in “VSAN Ready Nodes”“VSAN Ready Nodes”, the storage controller in some configuration includes the cache. For example, the storage controller in the Dell PowerEdge R630.

VSAN.Dell.PER630.Controller

Why includes the controller cache when VMware recommends disabing it?

It turns out the controller cache allows the larger queue depth – see this.

In “VSAN 6.0 Design and Sizing Guide”, VMware recommends the minimum queue depth is 256, and choose a controller with a much larger queue depth when possible.

For more information about the queue depth, see the following

Simple Way to Convert Time to Hours in Excel

Here is a simple way to convert the time to hours in Excel.

Hours (in decimal) = Time (in hh: mm: ss) * 24
24 is the number of hours in one day

It’s handy to caculate the file transfer rate in Excel. In the screenshot below, format column E in Number, the formula in colume E3 is C3 * 24.

2015-12-30_13-12-21

Follow the simular concept, convert time to minutes in Excel

Minutes (in decimal) = Time (in hh: mm: ss) * 1440
1440 is the number of minutes in one day

Convert time to seconds in Excel

Seconds (in decimal) = Time (in hh: mm: ss) * 86400
86400 is the number of seconds in one day

Use WinSCP to Transfer Files in vCSA 6.7

This is a quick update on my previous post “ Use WinSCP to Transfer Files in vCSA 6.5 ”. When I try the same SFTP server setting in vCSA 6.7...