Windows Network Interface Priority

If you have two default gateways it can be tricky to figure out which interface it will take to get out to the internet.

Windows will use the following criteria to choose which path to take:

1. Lowest Metric - Calculated via link speed (The faster the link the lower the metric
2. If the metrics are the same it will use the first detected NIC - configured through adapter settings

What this means is that if you have two similar speed interfaces the primary method of configuring priority is through the following interface:
 

In the above example if the metrics are both the same the interface named "Ethernet" will take priority.

Refereces:
http://technet.microsoft.com/en-us/library/cc779696%28v=ws.10%29.aspx
http://w3facility.org/question/routing-decision-when-there-are-two-default-gateways-on-windows/
http://superuser.com/questions/198544/how-does-windows-7-decide-which-route-to-take-if-2-connections-to-an-internet-so
http://serverfault.com/questions/59442/routing-decision-when-there-are-two-default-gateways-on-windows
http://theregime.wordpress.com/2008/03/04/how-to-setview-the-nic-bind-order-in-windows/
http://techrena.net/view-change-network-adapter-card-priority-binding-order-windows-7/
http://windows.microsoft.com/en-ca/windows/change-network-protocol-bindings-order#1TC=windows-7

Splitting and Combining Files

It's a fairly common scenario that you may have files larger than the existing storage medium you have. So you can buy multiple storage items, but you'll need to split the file out into smaller chunks to be able to store it in multiple locations. How do you do this? In linux it's fairly easy using the split utility. You can even recombine and split in windows fairly easily.

The initial split is done using the split command as follows:

split -b 1024m file file.part-

Where -b is the block size you want to split by. In this example 1GB.
file is the original file you want to split
file_ is the prefix you would like to use.

When running the split command the files it will create will be of the format

file.part-aa
file.part-ab
file.part-ac
etc.

As defined by the prefix above.

To recombine these files you can use cat in linux to concatenate the existing files.

cat file-part-* > file

In windows you can use the copy command

copy /b file.part-aa + file.part-ab + file.part-ac + file.part-ad file

I'm unsure of how to specify regex for the copy command in windows but this is a quick and dirty way to get it done and you could always generate a list of files and manually script it together.

You can also pipe the output of gzip into split to compress the archive but you will probably have additional overhead of decompression, and if you don't care so much about space savings split is probably going to be quicker.

An alternate way of doing this would be to use the dd utility:

Example file

tmp

contents:

cat tmp
a
b
c
d

Sizing details (in bytes):

ls -ls tmp
0 -rw-r--r--  1 bnold  domusers  8 Aug 25 15:20 tmp

wc -c tmp
       8 tmp

Split

dd if=tmp of=tmp.part1 bs=1 count=4 
dd if=tmp of=tmp.part2 bs=1 count=4 skip=4

Restore

dd if=tmp.part1 of=tmp_new bs=1 count=4
dd if=tmp.part2 of=tmp_new bs=1 count=4 seek=4

Contents of restored file:

cat tmp_new
a
b
c
d

Size of restored file:

ls -ls tmp_new
0 -rw-r--r--  1 bnold  domusers  8 Aug 25 15:44 tmp_new

wc -c tmp
       8 tmp

Validating integrity:

md5 tmp
MD5 (tmp) = 47ece2e49e5c0333677fc34e044d8257
md5 tmp_new
MD5 (tmp_new) = 47ece2e49e5c0333677fc34e044d8257

Hashes match, we're good.
References:
http://www.linuxquestions.org/linux/answers/applications_gui_multimedia/splitting_and_merging_files_using_dd
http://en.wikipedia.org/wiki/Split_%28Unix%29
http://stackoverflow.com/questions/1120095/split-files-using-tar-gz-zip-or-bzip2
http://linuxpoison.blogspot.ca/2008/09/split-and-merge-large-files.html
http://serverfault.com/questions/86808/break-up-a-dd-image-into-multiple-files

Testing MTU

MTU (Maximum Transmission Unit) is the maximum effective size of a PDU (Protocol Data Unit) that can be transmitted onwards by a layer.

These configuration maximums may need to differ to accommodate different traffic types. They may need to be increased or decreased depending on whether you have configured VPN and require additional header area to transmit data as your WAN link may be configured for 1500 MTU and your VPN may require an extra 8 bytes of data to package your VPN frames. If this is the case you may need to decrease your MTU to 1492.

An easy way to test to test and validate your MTU sizes is by using a simple ping with the DF (do not fragment bit).

Windows:
The following will send a frame with a size of 1500 bytes (using -l) and will tell windows not to fragment the packet (-f do not fragment)

C:\Users\user>ping $hostname -l 1500 -f

Pinging $hostname [$ip_address] with 1500 bytes of data:
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.

Ping statistics for $ip_address:
    Packets: Sent = 3, Received = 0, Lost = 3 (100% loss),
Control-C
^C

Linux:
This will do the same as the windows command (-M do will tell Linux to not fragment) it only does one attempt to prevent spam (-c 1) and will send with a size of 1500 bytes (-s 1500)

# ping -s 1500 -M do $hostname -c 1
PING $hostname ($ip_address) 1500(1528) bytes of data.
From TPC-F3-05.phaedrus.sandvine.com ($ip_address) icmp_seq=1 Frag needed and DF set (mtu = 1500

--- $hostname ping statistics ---
0 packets transmitted, 0 received, +1 errors

FreeBSD:
FreeBSD ping with no fragment (-D) and a size of 1500 bytes (-s 1500)

sudo ping -D -s 1500 $hostname
PING $hosntmae ($ip_address): 1500 data bytes
ping: sendto: Message too long
ping: sendto: Message too long
ping: sendto: Message too long

Here's some commonly known and referenced MTU sizes

1500 The biggest-sized IP packet that can normally traverse the Internet without getting fragmented. Typical MTU for non-PPPoE, non-VPN connections. 
1492 The maximum MTU recommended for Internet PPPoE implementations. 
1472 The maximum ping data payload before fragmentation errors are received on non-PPPoE, non-VPN connections. 
1460 TCP Data size (MSS) when MTU is 1500 and not using PPPoE. 
 
1464 The maximum ping data payload before fragmentation errors are received when using a PPPoE-connected machine. 
1452 TCP Data size (MSS) when MTU is 1492 and using PPPoE. 
576 Typically recommended as the MTU for dial-up type applications, leaving 536 bytes of TCP data. 
48 The sum of IP, TCP and PPPoE headers. 
40 The sum of IP and TCP headers. 
28 The sum of IP and ICMP headers. 

http://en.wikipedia.org/wiki/Maximum_transmission_unit
http://www.dslreports.com/faq/695

Tunneling vSphere Client in Windows

Using tunneling over SSH you can forward the multiple ports needed to access the vSphere client used to administrate ESX or ESXi hosts.

Requirements:

• SSH jumpbox (from this jumpbox you should have access to the ESX/ESXi machine)
• PuTTY or Cygwin

So basically we are binding the following ports: 443, 902, and 903 to our localhost using PuTTy in this tutorial.

Steps:

1. Open up PuTTy and configure the settings to look as follows where destIP=your destination IP address of the ESX box

Go back to the session tab and type the hostname/IP address of your SSH jumpbox. Alternatively you could open up cygwin and type the following: ssh -L 443:destIP:443 -L 902:destIP:902 -L 903:destIP:903 user@jumpboxIP
2. Edit the hosts file in windows C:\Windows\system32\drivers\etc\hosts (this is required as esxi relies on dns name and uses local resolution).
   
   Add the entry:
   127.0.0.1    ESXiHostname
   
3. Open up vSphere client and login with the hostname of the remote ESX box

Common Errors:
Unable to connect to the MKS: Failed to connect to server :902

Occurs if you are not properly forwarding port 902 903

Customizing an VMware ESXi5 installation disc for unattended install

This explains the workflow of creating a customized ESXi5 installation disc using a Windows PC. VMware has documentation on this workflow using a linux machine here.

1) Download the ESXi iso.

2) Extract the iso using your favourite iso extractor to c:\esxi. I used 7zip.

3) Create a KS.CFG file in c:\esxi with your Kickstart config. Documentation of ESXi5 kickstart commands is here.

4) Modify c:\esxi\ISOLINUX.CFG. Append "ks=cdrom:/KS.CFG" to APPEND. Your LABEL install should look like this:

LABEL install

KERNEL mboot.c32

APPEND -c boot.cfg ks=cdrom:/KS.CFG

MENU LABEL ESXi-5.0.0-20111104001-custom ^Installer

You can also add multiple LABEL install blocks to specify different KS.CFG files or no kickstart at all.

**When ESXi mounts the CD during setup, all files are capitalized. So even if your kickstart cfg file is ks.cfg you have to put KS.CFG.

Now you have to burn your customized setup onto a disc.

1) Download and extract cdrtools for windows from here.

2) Run this command to create the iso (case senstive):

mkisofs.exe -relaxed-filenames -J -R -o custom_esxi.iso -b ISOLINUX.BIN -c c:\esxi\boot.cfg -no-emul-boot -boot-load-size 4 -boot-info-table c:\esxi

3) Burn custom_esxi.iso to disc with any utility. I used the Windows 7 built-in iso burner.

Common Errors:

Not specifying boot.cfg in mkisofs

kernel= must be set in /boot.cfg

Fatal error: 32 (Syntax)

Using imgburn

“No DEFAULT or UI configuration directive found”

OR

ata-pata.v00 not found

ks.cfg was not capitalized in isolinux.cfg

cannot find kickstart file on cd-rom with path -- /ks.cfg

Right Click to Open a Folder in Command Prompt

If you need to open a command prompt to a folder, you can add a right click option explorer. This lets you quickly open a a command prompt in the folder you choose, having to avoid typing CD and the path to the folder.

1. Start > Run > regedit
2. Navigate to "HKEY_LOCAL_MACHINE/Software/Classes/Folder/Shell"
3. Create new KEY called "Command Prompt"
4. Change the default string to "Open in cmd"
5. Create a new KEY called "command"
6. Change the default string to "cmd.exe /k pushd %1"

You can change "Open in CMD" to anything you want to show up on the right click menu.

Now, when you right click on (not in) a folder in Explorer, a new option will be available to open the folder in command prompt.

Runas Privilages

If you need run a program or explorer under another account (ie local Administrator or another Domain account), you can use the following command:

runas /u:[account] "[program]"

for example:

runas /u:Administrator "notepad.exe"

runas /u:\\Domain\myacount "notepad.exe"

Will allow you to open notepad instance with another set of credentials.

Note: for Windows XP, you can use runas /u:Administrator "explorer.exe /separate" to open another instance of explorer under another account, however this has been removed in Vista and Windows 7.