Troubleshooting connectivity issues on a Brocade SAN

Fog

I recently had the “pleasure” to figure out what was wrong with a Brocade based SAN environment. Servers were loosing connectivity on one of the HBAs, but all links were online and further investigation was necessary.

Going through all the error counters on each of the long wave SFPs finally revealed one of the SFPs’ health as marginal (hence it was still online, but very buggy indeed). The webtools GUI showed this particular SFP als orange instead of green. Disabling and re-enabling this SFP didn’t help and I decided to shut this SFP for good. And guess what: all my troubles went away. The trunk this SFP was in went back to a non-redundant, but healthy state and all servers got back to normal operations and got their redundant paths back.

So to summarize the story: look for marginal or even faulted SFPs when vague connectivity issues arise. If links are redundant, shutting the faulty one might help.

How to set the NTP server, time and timezone in a Brocade switch

NTP server

Previously I wrote about setting the NTP, time and timezone settings in a Cisco switch and now it’s time for the same in a Brocade switch.

It’s in fact not that hard to do. Log in to the CLI and use the following commands:

tsclockserver 1.2.3.4

This will set the NTP server address in this switch to ip address 1.2.3.4. Set this only on the principal switch, as this switch will propagate the time to the other switches in the fabric.

To set the timezone use the following command:

tstimezone –interactive

This will ask for the region and country the switch is located in.

Choose 8 for Europe and 34 for the Netherlands and after verifying the setting, choose 1 (yes) to set the TZ.

Use the “date” command to verify the current time and date and TZ region:

Wed May 13 01:08:32 CEST 2015

This makes life a lot easier when troubleshooting!

Adding or replacing a Cisco SAN switch in an IVR topology

Cisco MDS

If you have multiple datacenters or a multi tenant fibre channel environment and you’re using Cisco FC switches, it’s a best practice to use VSANs to separate the configurations of each location / tenant. To allow storage arrays and / or hosts in different VSANs to communicate with each other Inter VSAN Routing needs to be used.

If you need to have 2 EMC VNX storage arrays “talk” to each other for MirrorView for example over 2 or more datacenters (for data replication purposes that is) or hosts in one DC talk to storage in another DC, using transit VSANs (and therefore IVR) will keep your VSANs with equipment indoors and the slightly more vulnerable VSAN outdoors. If some farmer with his tractor rips your single mode fiber, only the outdoor VSAN will be fractured and the indoor VSANs remain unharmed. And of course communication between the remote sites is interrupted, but the indoor VSANs / fabrics remain unchanged.

Read more »

Want to play around with VMware VVOLs? Here’s your chance! The Software Defined VNX is here!

Hard Drive

VMware now has this great new feature to be more in control of where its data blocks actually land on the storage system: VVOLs. But up until now EMC didn’t have a system capable of actually providing the back end for that. Until now I said. Starting with the VNXe 3200 all storage arrays are made VVOL capable and you can play around with that yourself. FOR FREE! But listen up: even though the virtual VNX is available, the version that allows for vvols to be created won’t be available until Q3 2015. But go ahead and start playing with this new virtual VNX already!

The Software Defined VNX is now a reality!

Read more »

Setting Daylight Savings Time on a Cisco MDS switch

Cisco MDS

I recently ran into a log time difference at a customer’s site so I want to repeat my blog from last year (http://wp.me/p3fi7y-jx). It’s slightly different on Cisco LAN / Routing equipment, but on Cisco MDS SAN switches the DST configuration is set by using the following commands:

config t
clock summer-time CEST 5 Sun Mar 02:00 5 Sun Oct 03:00 60
exit
copy run start

  • CEST means Central Europe Summer Time (you can use your timezone name instead if you like)
  • the first 5, followed by “Sun” means that the DST will become active on the LAST (5th, sometimes the 4th) Sunday of the month following the day you just named (March)
  • 02:00 is the time of day when the DST will become active (time will go forward)
  • the second 5, followed by “Sun” means that the DST will become active on the LAST (5th, sometimes the 4th) Sunday of the month following the day you just named (October)
  • 03:00 is the time of day when the DST will end (time will go back to normal, backwards, so from 03:00 in my example the clock will go back to 02:00)

You can check the date, time and timezone by typing “show clock”.

Cisco MDS NX-OS zoning on the CLI

Cisco MDS

The Cisco Fabric Manager or the newer DCNM can be great for creating a limited number of zones and aliases, but when the number of zones exceeds 10 or 20 or so, creating, cloning and editing these can be a pain in the B@TT.

FC-SWITCH-01# conf t
Enter configuration commands, one per line. End with CNTL/Z.

FC-SWITCH-01(config)#

FC-SWITCH-01(config)# fcalias name VM101-HBA1 vsan 45
FC-SWITCH-01(config)# member pwwn 20:21:22:25:B6:00:00:01

Enhanced zone session has been created. Please ‘commit’ the changes when done.

FC-SWITCH-01(config-fcalias)#

FC-SWITCH-01(config-fcalias)# fcalias name VM101-HBA1 vsan 45
FC-SWITCH-01(config-fcalias)# member pwwn 20:21:22:25:B6:00:00:02
FC-SWITCH-01(config-fcalias)# fcalias name VM102-HBA1 vsan 45
FC-SWITCH-01(config-fcalias)# member pwwn 20:21:22:25:B6:00:00:03

FC-SWITCH-01(config-fcalias)# device-alias commit

FC-SWITCH-01(config-zone)# zone name VM101-HBA1_VNX-5600-08-SPA6 vsan 45
FC-SWITCH-01(config-zone)# member fcalias VNX5600-08-SPA6
FC-SWITCH-01(config-zone)# member fcalias VM101-HBA1
FC-SWITCH-01(config-zone)# zone name VM102-HBA1_VNX-5600-08-SPB7 vsan 45
FC-SWITCH-01(config-zone)# member fcalias VNX5600-08-SPB7
FC-SWITCH-01(config-zone)# member fcalias VM102-HBA1
FC-SWITCH-01(config-zone)# zone commit vsan 45

Commit operation initiated. Check zone status

FC-SWITCH-01(config)#

Maximum distances using fiber cable types OM1/OM2/OM3/OM4/OS1

50mu

What are the maximum distances using different fiber grades?

fiber cable specs graph

The graphs show the direction where OM-specs are going compared to distances.

Read more »

Cisco MDS: Fabric is already locked

Cisco MDS

When you encounter a fabric lock, because you accidentally left the GUI or CLI without committing the changes, you can try the following to clear the lock and retry to apply your changes:

  1. run ‘show cfs lock’ to see who lock`s the fabric
  2. run ‘clear device-alias session’ to clear the lock when you were doing zoning activities

Instead of the “clear device-alias session” in line 2, another common possibility to get the lock cleared is:

  • ‘clear ivr session’ (when you were in the middle of IVR activities)

Other locks can occur, but the device-alias and ivr are probably the most common. At least the ones that I encountered so far.

Cisco zoning: some commonly used – show – commands

Cisco MDS

When you need to look up the current zoning config of a Cisco SAN-switch / VSAN, there’s a number of commands that will help you. Because a “show run” doesn’t always do the trick well, especially if you have a large config. And using the “sh run | i “some text you’re looking for” doesn’t always help as well if you don’t know the exact phrase you’re looking for.

I hope this table helps:

show Command
Description
show zone Displays zone information for all VSANs.
show zone vsan 100 Displays zone information for VSAN 100.
show zoneset vsan 100 Displays information for the zone set in VSAN 100.
show zoneset vsan 2-5 Displays configured zone set information for a range of VSANs (2, 3, 4 and 5 in this case).
show zone name AZone Displays members of zone “AZONE”.
show fcalias vsan 100 Displays fcalias configuration in VSAN 100.
show zone member pwwn 20:00:00:25:b1:34:aa:c2 Displays membership status of a port wwn. Very good if you’re concerned that 1 HBA is used in more than 1 zone!
show zone statistics Displays zone statistics.
show zone statistics read-only-zoning Displays read-only zoning statistics.
show zoneset active Displays the active zone sets.
show zoneset brief Displays brief descriptions of zone sets.
show zone active Displays the active zones.
show zone status Displays zone status.
show zone Displays zone statistics.
show running Displays the interface-based zones.

How to get started setting up ESRS on the latest OE for Block and MCx codes

It’s just another short post on a single command again. This time I was looking for an easy way to get started on ESRS on the latest OE for Block code or the newer MCx code (33.071 or newer).

First of all you need to set up DNS in your VNX machine. In Unisphere, go to settings and click on “configure DNS”.

After this you can use the following command on the CLI:

naviseccli -h [SPx ip#] esrsconfig -agentProvision -user [Online Support logon name] –password [Online Support super secret password]

Repeat this for the other SP as well.

Read more »

EMC World 2015: my plans for the week (thinking out loud)

Las_Vages

It’s that time of the year again: EMC World in Las Vegas, which takes place from May 4 to May 7. And this year I’m not going unprepared again. So I made a list of do’s and don’ts, so I can more easily pick the best way to spend my precious time. Are YOU going too?

So what’s my week about?

When I arrive in Vegas after having 2 layovers in London and Dallas, I’m probably half asleep. Because of the 9 hour time difference I’m sure I will sleep at very odd hours and be awake at even worse hours. I just hope I’m not sleepwalking through the casino, since I don’t even like gambling. Although it would be funny to wake up, finding out that I’ve won a few grand, right? My stay in Sin City will start with a packed two days filled with meetings. Yes: working on the Saturday and Sunday: it’s all part of the game! And that day I already have a meeting conflict, but the week will have plenty of opportunity to catch up with old friends, so I’m not worried there.

Read more »

Checking VNX mirrorview replication progress from the CLI

It’s a very short post, but in case you’re looking for the command:

naviseccli -h [SPx ip#] mirror -sync -listsyncprogress -name [LUN name]

 

It’s that simple!

Oh, I’m assuming you already have the logon credentials in a security file, if not, you need to add these to the command:

naviseccli -h [SPx ip#] -user [username] -password [super secret password] -scope [0-1-2] mirror -sync -listsyncprogress -name [LUN name]

EMC World 2015 discount codes available!

EMC World 2015

Limited amount of EMC World discount codes available

Just like in previous years the EMC Elect have a limited number of discount codes available for anyone who still needs to register for EMC World. The value of each code is $150! The amount of codes is limited and they expire on april 6, so if you need to register: follow up on this post and I’ll mail you your personal discount code.

  • The code can only be used for new registrations, if you already registered, the code won’t work.
  • Only 1 code per registration can be applied.
  • Codes only work for non-EMC people.
  • The code is worth $150.
  • If you know somebody who wants their own code: direct them to me and I’ll give them a code.

Hurry up! The codes stop working on April 6!!

Solar eclipses are not that uncommon

Total eclipse

In Europe it’s happening RIGHT NOW, but if you’re missing it, here’s a list of sites where you can see where and when the next eclipse will take place:

Don’t forget to protect your eyes! You only have one pair.

Tracking the FREAK Attack

Now what? Yet another vulnerability exposed?

On Tuesday, March 3, 2015, researchers announced a new SSL/TLS vulnerability called the FREAK attack. It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data. This site is dedicated to tracking the impact of the attack and helping users test whether they’re vulnerable.

At the moment it seems that only Firefox is safe to use! And needlessly to say that you should ALWAYS be aware of unsafe content. Try not to click anywhere unless you really trust the website!!!

The FREAK attack was discovered by Karthikeyan Bhargavan at INRIA in Paris and the miTLS team. Further disclosure was coordinated by Matthew Green. This report is maintained by computer scientists at the University of Michigan, including Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J. Alex Halderman. The team can be contacted at freakattack@umich.edu.

For additional details about the attack and its implications, see this post by Matt Green, this site by the discoverers, this Washington Post article, and this post by Ed Felten.

Please visit this website to find out more about the vulnerability of your browser or website: https://freakattack.com/

 

Source: https://freakattack.com/

Enhance your WiFi by using beer!

Beer can WiFi booster

Bad WiFi reception

Bad WiFi reception is one of the most common annoyances these days. Especially in residential areas where every house has at least 1 access point and each family is working hard to fill the ether with their own signals. A quick fix can solve this problem relatively easy by using an empty beer can (a soda can also works).

The aluminum of an empty beer can enhance the WiFi-signal significantly. You could buy an expensive repeater, but a beer can is immensely cheaper (and is more fun to get too). Our good friend youtube shows us this instructional video.

Step by step

  1. Go to the supermarket
  2. Buy (at least) 1 can of beer (a premium brand will do better than some random cheap brand)
  3. Empty the can (don’t throw the beer in the sink at all times! Drinking is the preferred method!)
  4. Clean the inside of the can by flushing it with some water
  5. you will need a knife or scissors to open up the can and some material to fix the empty can to your router
  6. Remove the lid, used to open the can
  7. Cut off the bottom of the can
  8. Cut off the top of the can, leaving a small piece near the old drinking opening
  9. Cut the can from top to bottom at the opposite side from the drinking opening
  10. Carefully bend the metal so it (sort of) looks like a satellite dish
  11. Place the brand new dish shaped beer can on your access point, by sticking the antenna through the old drinking opening
  12. Fix the “dish” so it doesn’t fall off

steps

This little trick should enhance the signal strength by a factor 2 or 3. This only works for access points equipped with an external antenna. For antenna-less models you could try creating a somewhat larger dish and placing the whole access point on the bigger dish, but I don’t guarantee this works. You could for example use a keg, but I doubt that you can cut it by using scissors 😉

 

Top Blog websites Survey 2015

top vblog 2015

Vote for you favorite blog website!

Every year vSphere-land has a contest. You can vote for the top 50 VMware- and virtualization-related blogs of 2015. The blogs you can vote on are listed on vLaunchPad. Since about 2 or 3 years my website is listed there as well and so the idea is to vote on my website, so I end up in that top 50. This top 50 gets some extra attention, because these sites end highlighted and probably will attract some extra hits and that’s why we do this, right? –> extra hits!

My blog is listed on vLaunchPad so my site can be voted on! Again. In total about 400 blogs are in this list, so choose wisely, since all sites are probably worth reading.

How do I vote?

Visit the voting site and vote on me! But voting on 9 others is fair too, I guess. Let’s make sure www.50mu.net get in that precious top 50!

Free Royal TS/X NFR license for EMC Elect, MVP, vExpert, Cisco Champions, CTP

Royal ts

Get your own NFR license for Royal TS/X

I usually don’t like to make too much of a fuzz about free giveaways, but we all need RDP, telnet and SSH clients and this one is worth the extra effort. Try it! So far I like it very much.

You can apply for an activation code on .

vExpertsMVPsCisco ChampionsEMC Elect and CTPs can request a free Royal TS/X NFR license! You need to prove in some way that you are one of those community experts, so they can verify and you’ll get an email with your own key!

If you have questions, you can reach out to @royaltsapp on Twitter.

Ga je naar EMC World 2015? Schrijf je ook in voor de Dutch Delegation!

EMC World 2015

EMC World 2015

Voor diegenen die naar EMC World afreizen in mei is er door EMC NL een sociaal programma samengesteld om “de week door te komen”. Net zoals voorgaande jaren is er weer een heel programma in elkaar gezet om het een fantastisch networking evenement te maken. Praat met je landgenoten, onder het genot van een drankje of hapje over wat jou bezig houdt, maar vooral: breid je netwerk uit en kijk waar mogelijkheden liggen.

Ook nu weer organiseert Jibe! Group in opdracht van EMC Nederland een aantal events waar je gewoon bij moet zijn!

Fremont street

Read more »

Going to EMC World 2015? Take a free EMC Proven Professional exam!

EMC Proven Professional

Free exams at EMC World in May 2015

EMC Proven Professional

Are you visiting EMC World 2015 in May in Las Vegas this year?

Always wanted to take a Proven Professional exam? EMC offers a free first attempt on any exam you choose!

Also being offered this year… VCE Certified Professional and VMware certification exams!! So take your shot and get certified!

Space is limited – pre-register for your exam today! Take a look at the official registration page at the Pierson Vue website: http://pearsonvue.com/emc/emcworld/?linkId=12480718

%d bloggers like this: