Code Samples

FYI posilam odkaz na novou iniciativu, kde VMware developeri a komunita sdileji priklady svych scriptu, workflows apod. pro ruzne ulohy, muze se hodit..

https://developercenter.vmware.com/samples

List of all "advanced" DRS options

In this blog post you can see various adavanced DRS options ...

VMware’s Online Depot for VMware Image Builder

I am posting this because for some odd reason it seems nearly impossible to find this in any of Vmware’s documentation on ImageBuilder.  It mentions you can add online repo’s but never gives a link to their online repo with all the ESXi builds.

I recently ran across some links and blogs that listed that path.  So, in order to get the online depot imported use this:

Add-EsxSoftwareDepot https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml

esxcli software vib install -d Update-Depot

VMware PowerCLI update

$esxcli = Get-EsxCli -VMhost 192.168.123.123

$esxcli.software.sources.profile.list("/vmfs/volumes/PRG0100-NETAPP02B-ISOARCHIVE01/ISO/VMware/5.5/ESXi550-201505002-build2718055.zip")

#$esxcli.software.profile.update($null, "/vmfs/volumes/PRG0100-NETAPP02B-ISOARCHIVE01/ISO/VMware/5.5/ESXi550-201505002-build2718055.zip", $null, $null, $null, $null, $null, "ESXi-5.5.0-20150504001-standard", $null)

Force10 ECMP & static Routes

Hi,

Just to clarify for group (as I got few email on this)

When a static route is configured it will be loaded in the routing table if the next interface (physical or vlan) is up but they won’t be any arp check on the next-hop (unless you set the PBR rules for that)

So a use case would be :

SW1 : static route to reach Lo(Sw2) / next hop = SW2 IP (in int vlan 2)

SW2 : static route to reach Lo(Sw1) / next hop = SW1 IP (in int vlan 2)

Lo(Sw1) ----- Sw1_Ten 0/1 --- (vlan inter 2)--- Sw2_Ten 0/2 ----- Lo(Sw2)

if the vlan 2 has other ports that are up, even though the link that interconnects sw1 and sw2 goes (physically) down,  the packet to the loopback get black hole (no route re-calculation since the static route is still in the routing table)

Regards,

Stéphane

From: Aich, Stephane
Sent: mardi 1 septembre 2015 22:42
To: Guerrero, Martin; WW Networking Domain
Subject: RE: ECMP & static Routes

Hi,

We’re not checking next hop availability (thought arp) for static routes you need to use PBR rules for that.

All of this being not related to ECMP.

Regards,

Stéphane

From: Guerrero, Martin
Sent: mardi 1 septembre 2015 20:27
To: WW Networking Domain
Subject: ECMP & static Routes

Dell - Internal Use - Confidential

Hi All,

I´m doing test with ECMP and static routes in order to provide route redundancy.

I configured the following:

ip ecmp weighted

ip route 12.1.1.9/32 10.197.107.235 weight 10

ip route 12.1.1.9/32 10.197.107.234 weight 20

It is not working when the first gateways goes down

It is something wrong on my configuration?

Any comment will be very appreciated

Regards.

Martin…

Force10 - Aggregator (Simple MUX) to Full Switch

FTOS>enable
FTOS>force10
FTOS#start shell
Login: root
Password: abracadabra31
SStk-0 # writefru
Pick option 8 "Update Programmed fields"
Change "Board Product Name" to "MXL 10/40GbE"
Skip changing other fields with "." and "Enter" èThis is important! If you do not follow this, it may corrupt the FRU and brick your board!
                                                                            èIf  you make a mistake here, press Ctrl-C to abort and type “writefru” again.

èNOTE: Leave “Software Manageability set to 4

Do you want to program: Y
Password: abracadabra31
This takes ~4 minutes.
After it's done, check the value of the FRU Board Product Name typing "writefru" again and selecting option 1 "Read FRU Contents"
Reboot the board, when FTOS prompt comes back do a "show system brief".
You should see "ReqTyp" and "CurTyp" as "MXL-10/40GbE".

Force10 - Full Switch to Aggregator (Simple MUX)

FTOS>enable
FTOS>force10
FTOS#start shell
Login: root
Password: abracadabra31
SStk-0 # writefru
Pick option 8 "Update Programmed fields"
Change "Board Product Name" to "PowerEdge M I/O Aggregator"
Skip changing other fields with "." and "Enter" until you reach “Software Manageability”
èThis is important! If you do not follow this, it may corrupt the FRU and brick your board!  If  you make a mistake here, press Ctrl-C to abort and type “writefru” again.
Change "Software Manageability" to ”4”
Skip changing other fields with "." and "Enter" èThis is important! If you do not follow this, it may corrupt the FRU and brick your board!  If  you make a mistake here, press Ctrl-C to abort and type “writefru” again.
Do you want to program: Y
Password: abracadabra31
This takes ~4 minutes.
After it's done, check the value of the FRU Board Product Name typing "writefru" again and selecting option 1 "Read FRU Contents"
Reboot the board, when FTOS prompt comes back do a "show system brief".

You should see "ReqTyp" and "CurTyp" as "I/O Aggregator". 

How to display DCB settings on ESXi

May be it is possible with vsish undocumented tool.

vsish -e get /config/Net/intOpts/DCBEnable
vsish -e get /config/Net/intOpts/NetUplinkDCBPollIntrvl

vsish configurations

Other potential possibility is to change some setting to increase log verbosity:

vsish -e set /system/modules/vmklinux_9/loglevels/LinCNA 4
vsish -e set /system/modules/libfc_92/loglevels/libfc 31
vsish -e set /system/modules/libfcoe_92/loglevels/libfcoe 255;

Force10 VLT Proxy Gateway - how to find remote MAC addresses

Dell# show cam mac stack-unit 0 port-set 0

VlanId     Mac Address      Region    Interface

4094   ff:ff:ff:ff:ff:ff   STATIC      00001

0      ff:ff:ff:ff:ff:ff   STATIC      00001

0      00:10:18:ff:ff:ff   STATIC      Invalid

0      5c:f9:dd:ef:1b:02   LOCAL_DA    00001

4094   5c:f9:dd:ef:1b:02   LOCAL_DA    00001

QLogic / Broadcom CNA valid naming

Let’s be clear…QL did NOT buy Broadcom.  They bought Broadcom’s CNA product technology.  Broadcom still exists and still sells Ethernet NICs…NOT CNA…basic NICs (5719/20, etc.) that do not have HW offload functionality.

QL also bought all of BROCADE’s FC adapter technology (Brocade 8xx series).

Both have been rebranded.

We can continue to use the Broadcom name or at least “BRCM” as in “Qlogic BRCM578xx Family” .

Alternatively, as long as you are providing clear product name identification to differentiate between QL legacy and QL-BRCM families, we should be OK…but everyone needs to be more specific moving forward.

Valid naming could include:

Broadcom 57xxx based products:

·         QL 578xx,

·         QL 57810/57840,

·         Broadcom 578xx or 57810

·         BRCM 578xx or 57810

·         QL BRCM 578xx, etc.

·         Etc.

QLogic Legacy Products:

·         QL 82xx or QL8262

·         QL QMe82xx etc.

·         Etc.

BROCADE based products:

·         QL 815/825

·         Brocade 815/825

·         QL Brocade 815/825

·         Etc.

IT Operations definition

IT Operations is responsible for the smooth functioning of the infrastructure and operational environments that support application deployment to internal and external customers, including the network infrastructure; server and device management; computer operations; IT infrastructure library (ITIL) management; and help desk services for an organization. 

Full article here.

vSphere VSAN: Notes From The Field and VMware Support

VMware vSAN 5.5 (and now 6.0) is a software-defined storage solution developed by VMware and integrated into the kernel of its premier virtualization platform, allowing for the creation and management of shared object-based storage using the local solid-state and spinning media in the physical host servers themselves.

Note that vSAN is not the same animal as VMware’s vSphere Storage Appliance (vSA), though the underlying value proposition is the same. The two are implemented and managed very differently. vSA is now end-of-life/availability, though still supported through 2018. vSAN has been integrated directly into the kernel, so it is there whether you use it or not, and no longer requires the deployment of controller appliances. Storage appears as a single unified ‘datastore’ across all hosts in the cluster and is managed entirely through vCenter’s web client.

vSAN is licensed separately from vSphere but in the same familiar fashion, on a per socket basis. When you enable vSAN on the cluster you are initially allowed a 60-day evaluation period but must assign a proper license to the cluster before this evaluation period expires.

The purpose of this email is to provide notes from both field deployments and from working with VMware support.

General notes:

1.       All hosts should be configured to report to a syslog server

2.       All hosts should be configured to synchronize their time to the same valid time source

3.       The minimum number of hosts supported in a vSAN cluster is three

4.       The maximum number of hosts supported in a vSAN cluster is thirty-two (in 5.5)

5.       The maximum number of VMs per host is currently limited to 100 (in 5.5)

6.       The maximum number of VMS per datastore to be protected by HA is 2048.*

7.       The sweet-spot for cluster sizing is up-to sixteen hosts.

*This is important since vSAN storage appears as a single ‘datastore’.

On the host side:

1.       vSAN hosts must be comprised of certified controllers and disks

Note: Make sure and verify that the controller and disks in-use in the design appear on the VMware HCL! This is key to the supportability of the solution and must be followed. Note that the controller must support pass-through or pseudo-pass-through disk access modes, furthermore the controller must have sufficient queue depth. A minimum depth of 256 is required for vSAN (5.5), though a higher queue depth (>512) is recommended.

2.       You can have multiple disk groups per host

3.       A disk group is made up of at-least one SSD and at-least one HDD

4.       A disk group can contain up-to one SSD and up-to seven HDD each

5.       There is a maximum of five disk groups per host

6.       Utilize 10GbE interfaces for the best performance

7.       Dedicate 10GbE interfaces if you can, especially if using Broadcom adapters (see note on Network I/O Control below)

8.       If you do not have 10GbE interfaces, consider physically dedicated 1GbE interfaces for vSAN

9.       SSDs are used for caching – do not count them towards your capacity

10.   When sizing your vSAN cluster, ensure that you take into account the resiliency level (replicas) you intend to support and ensure that your SSD to HDD ratio is at-least 1:10 respectively. SSD capacity should be sized to at-least 10% of the capacity of HDDs in the disk group. An example would be if you are building a disk group of four 1.2TB 10K SAS disks, giving you’re a disk group capacity of 4.8TB, your SSD selection should be at-least 480GB.

11.   Keep in mind that by default 70% of the SSD capacity per disk group will be used as a read cache and 30% will be used as a write buffer. Using SSDs with the right bias (Read or Write Intensive) or a non-bias (Mixed Use) will make a significant difference in performance based on your intended workload so take this into account. For general purpose virtualization, the recommendation would be to use Mixed Use SSDs because of their non/even-bias.

12.   Also note that when sizing your host memory, keep in mind the ideal workload and consolidation ratios you hope to achieve. Given storage is more finite with vSAN clusters, large amounts of physical memory (>256GB) are certainly supported but may be underutilized in many environments. Keep in mind that IF you are sizing a host with 512GB or more of physical memory, the embedded SD cards are not supported and ESXi must be installed on physical media.

On the virtualization side:

1.       Both the standard and distributed virtual switches are supported.

2.       Use of the web client is required. You cannot configure vSAN using the thick client.

3.       Use of vCenter is also required. This will need to be taken into consideration on green field deployments. You will need to format one of the HDD disks on the first host and create a local datastore, install vCenter and configure it, configure vSAN and then use storage vMotion to move the VM to the new vSAN storage. Once storage vMotion is complete, you can then remove the ‘legacy’ datastore and move the disk into the vSAN disk group.

4.       vSAN storage is presented as a single common ‘datastore’ but the utilization and expression of the objects (VMs) on that store are controlled through storage policies. vSAN storage policies must be defined as they control the resiliency level (FTT, number of replicas) and other tuning parameters.

5.       When configuring HA for use with vSAN, choose ‘Power Off’ as your isolation response.

6.       When configuring HA for use with vSAN, ensure that your ‘host failures to tolerate’ setting aligns with your vSAN availability strategy and settings.

7.       vSAN does NOT (in 5.5) support FT, DPM, Storage DRS or Storage I/O Control.

8.       vSAN does support Network I/O Control and if you are using Intel adapters and the distributed virtual switch, the recommendation would be to enable and configure it for optimal performance.

Note: DO NOT enable Network IO Control (in 5.5, with or without vSAN) with Broadcom adapters! http://kb.vmware.com/kb/2065183

On the (physical and virtual) networking side:

1.       Layer-2 Multicase IS required for vSAN.

2.       It is a recommended practice to create a separate, segregated, VMkernel for vSAN data

3.       The VMkernel interface created for vSAN can utilize private IP space

4.       At-least one VLAN per vSAN cluster. vSAN clusters should NOT share the same broadcast domain

5.       It is a recommended practice to create two VLANs per vSAN cluster for maximum performance. It is however not supported to have a VMkernel for vSAN active on more than one NIC, therefore the recommendation is to set this up similarly to iSCSI. It is key that each separate VMkernel have its own IP subnet.

a.       VMkernel called vSAN0 attached to VLAN 92 with IP 192.168.92.10 and vmnic1 as active and vmnic3 as standby.*

b.      VMkernel called vSAN1 attached to VLAN 93 with IP 192.168.93.10 and vmnic3 as active and vmnic1 as standby.*

Note: Because of the Active/Standby (as opposed to Active/Unused) and the use of two different subnets, these physical switch ports must be configured as trunks and be tagged for both VLANs.

6.       The current recommended practice from VMware is to avoid the use of Jumbo Frames with vSAN

Jumbo Frames are officially supported however there was an issue discovered with jumbo frames and multicast, which vSAN makes extensive use of, in vSphere 5.5 update 2. Not sure if this has been fixed in update 3 or not but something to be aware of. The consensus from VMware support is that jumbo frames does not make a significant difference in performance with vSAN. You may utilize Jumbo Frames elsewhere in the environment, however the VMkernel(s) for vSAN should be configured for the default 1500.

7.       IP HASH link aggregation is supported by vSAN but keep in mind that since traffic will be flowing to and from the same IPs, it is unlikely that you will drive the link utilization desired using this method.

8.       For our physical switches, the same quick configuration guides for EqualLogic can be used as reference, the cabling recommendations are the same, however do not enable DCB or iSCSI optimization. You may also need to create additional VLANs and provision switch ports as trunks instead of access (tagged instead of untagged) depending on your host and cluster design.

5.5 Reference:

http://kb.vmware.com/kb/2058424

https://www.vmware.com/pdf/vsphere5/r55/vsphere-55-configuration-maximums.pdf

http://www.yellow-bricks.com/2013/09/09/vmware-vsphere-virtual-san-design-considerations/

http://www.yellow-bricks.com/2014/06/09/queue-depth-matters/

http://www.yellow-bricks.com/2014/04/17/disk-controller-features-and-queue-depth/

http://www.vmware.com/files/pdf/products/vsan/VMware-TMD-Virtual-SAN-Hardware-Guidance.pdf

https://partnerweb.vmware.com/programs/vsan/Virtual%20SAN%20Hardware%20Quick%20Start%20Guide.pdf

6.0 Reference:

What’s New in vSAN 6.0?

http://www.vmware.com/files/pdf/products/vsan/VMware_Virtual_SAN_Whats_New.pdf

Configuration Maximums for vSphere 6:

https://www.vmware.com/pdf/vsphere6/r60/vsphere-60-configuration-maximums.pdf

VMware Virtual SAN 6.0 Design and Sizing Guide:

http://www.vmware.com/files/pdf/products/vsan/VSAN_Design_and_Sizing_Guide.pdf

Hope this helps!

ESXi dell-configuration-vib for use with ImageBuilder

As of ESXi 6.0 release, we are now providing an offline bundle.zip containing our custom image.

http://www.dell.com/support/home/us/en/19/Drivers/DriversDetails?driverId=HJFY8

As for ESXi 5.5 and earlier, the only way to do this would be to utilize VMware’s Image Builder and create your own customized offline bundle.

Here’s a whitepaper that goes through the procedure:

http://en.community.dell.com/techcenter/extras/m/white_papers/20135932

Here’s a youtube video that goes through the process:

https://www.youtube.com/watch?v=AfjEyB2FTwc

Cheers,

Jim White
Senior ProSupport Engineer – Virtualization

Certifications: VCP 3 / 4 / 5, LPIC-3 Core, LPIC-3 Virtualization

Dell | Enterprise Solutions
Phone  1-800-945-3355  Option  1  Ext  723-8649

Office Hours | 8:30 am - 5:30 pm (CST) Monday - Friday

Customer feedback | How am I doing?  Please contact my manager: Scott_Stout@dell.com

OS Windows Security Hardening

The best practice is to avoid “manual by document OS hardening” at all cost, especially with the latest Windows 2012 and 2012 R2 OSs. From my experience each company usually creates its own hardening guidance/procedures in accordance with  Microsoft’s Baseline Server Hardening: https://technet.microsoft.com/en-us/library/cc526440.aspx. However, I personally do not recommend  manual Server hardening, because IT could follow to non-standard (and sometimes unsupported) settings which are picked from outdated hardening guides, and it can cause the server to misbehave, result into breakdown of various operating system related components and failure of critical applications. I always advice my customers to use these two tools (urls are below) for ‘hardening’ Windows Server 2012/2012-R2. Any other method to harden the server might result in unforeseen results.

·          Security Compliance Manager (https://technet.microsoft.com/en-in/solutionaccelerators/cc835245.aspx)

·          Security Configuration Wizard (https://technet.microsoft.com/en-us/library/cc754997.aspx )

The SCW tool has server roles templates, but some templates for some server roles would need to be downloaded and configured separately.

Example: By default, the SCW does not include support for the TMG 2010 role nor TMG Enterprise Management Server (EMS) role. To support these roles, download and install TMGRolesForSCW.exe included in the TMG 2010 Tools and Software Development Kit (SDK), available here.

Sincerely,

Andrei Vassiliev

Systems Integration Consultant – “Microsoft Infrastructure Services Team”

Dell | Consulting & Systems Integration
lync +1 512 723-8974

Customer feedback | How am I doing? Please contact my manager Tim_Alvey@Dell.com

MXL -- Can't ping management IP when MXL is installed in Fabric A

Thanks to all of you who responded to this problem I presented on Wednesday.  I’m not sure if anyone provided a solution that is consistent with the resolution we used, but here’s a brief summary that I shared with the customer.  You could very well encounter this problem in the future and you could spend hours working on the MXL when in its actually a problem with the CMC.  After spending several hours trouble-shooting with two different TAC engineers, they escalated to a Master Engineer who was quite confident he knew what the fix would be and sure enough it worked.  Note that we were trying to ping the management IP and the customer was using only a LOM for Fabric A.  No mezz cards were installed.

The problem is a known issue and the Master Engineer said they have not been able to debug the root cause, so the what was provided is really a preventative work around.  BTW, we also did a factory reset on the MXL and configured it from scratch while inserted in Fabric A but this didn’t work.  The only solution that worked was to use the rack rest command on the CMC.  Before executing the rack reset command, TAC collected several logs in an attempt to determine the root cause.

Summary for the Customer:

-------------------------------------

Re: Dell TAC Case 910245438 – Cannot access management IP of MXL when installed in Fabric Slots A1 or B1

The problem as reported to us yesterday has been resolved on the M1000e chassis in question, but I look forward to the customer confirming this at your earliest convenience by moving the MXLs back into Fabric slots A1 and A2.  Please also confirm that the CMC is configured as expected since we did an upgrade and a re-configuration.  I left the MXLs installed in the B1/B2 fabric slots and the B22s installed in the A1/A2 slots since this is how I found them when we started trouble shooting this morning (Thursday, April 23) and wasn’t sure if I would impact any ongoing traffic testing traversing Fabric A1/A2.  Before leaving this evening, I moved the MXLs from Slots C1 /C2 to B1/B2 to A1/A2 and was able to successfully ping the management IP addresses (10.26.17.240/241) with each move.  If there is any problem please contact me immediately.

Resolution:

The problem was resolved by running a rack reset command and then reconfiguring the CMC.  Our Dell support staff advises that this is a one-time event on a M1000e chassis and it can easily be prevented for any subsequent deployments of the M1000e chassis.

Additional notes:

The MXLs were upgraded from firmware Release 9.4 to 9.6.

The CMC was upgraded to 5.01.

These upgrades should have no effect on the capabilities of the CMC or the MXLs in context of the testing being performed by Robert and Tommy, but I recommend moving the MXLs to 9.7 in the not too distant future since OpenFlow 1.3 is supported on 9.7 while OpenFlow 1.0 is supported on 9.6.  Although 9.7 was released earlier this year, we would like to see a few more weeks of field exposure before recommending DirecTV move to this release.

Bill Tozer

Network Systems Engineer

Office: 805-498-2959

Mobile: 805-490-7409

Dell | Enterprise Solutions, Networking

Bill_Tozer@Dell.com

From: Tozer, Bill
Sent: Wednesday, April 22, 2015 4:59 PM
To: Cereijo, Manny; WW Networking Domain; Arrata, William
Subject: RE: MXL -- Can't ping management IP when MXL is installed in Fabric A

Thanks Manny,

I’ll try that when I’m on site tomorrow morning.

Bill

From: Cereijo, Manny
Sent: Wednesday, April 22, 2015 4:57 PM
To: Tozer, Bill; WW Networking Domain; Arrata, William
Subject: RE: MXL -- Can't ping management IP when MXL is installed in Fabric A

Dell - Internal Use - Confidential

Bill,

Is the MXL connecting to the same management network when in Fabric A, B and C?

Can they connect to the MXL via the CMC? Try to SSH or telnet to the CMC, then connect to the MXL with the connect switch-a1 command.

Manny

From: Tozer, Bill
Sent: Wednesday, April 22, 2015 7:48 PM
To: WW Networking Domain; Arrata, William
Subject: MXL -- Can't ping management IP when MXL is installed in Fabric A

Has anyone seen any issues with not being able to ping the management IP (or access via SSH) of an MXL when installed in Fabric A?  My customer has reported that everything works fine when the MXL is installed in Fabric B or C, but when the MXL is moved to Fabric A, they can no longer connect to it.

Midplane Version of the M1000e is 1.1

Release of the MXL is 9.4, but we will be upgrading it to Release 9.7 ASAP and opening a support case.

Bill Tozer

Network Systems Engineer

Office: 805-498-2959

Mobile: 805-490-7409

Dell | Enterprise Solutions, Networking

Bill_Tozer@Dell.com

vSphere 3.5 to 6.0 Upgrade procedure

Basic Assumptions:

The customer does not necessarily need access to historical performance or event data and is willing to sacrifice that.

The customer is willing to accept minimal downtime so long as it is planned.

 

1.       Backup the entire environment, including the VMs and the supporting systems and databases. (!)

2.       Stand-up the new hosts with either 5.5 or 6.0

3.       Stand-up new datastore storage for your new 5.5 or 6.0 cluster.

4.       Designate one of your new hosts to be the transition host or ‘landing zone’

5.       Add an FC HBA to this landing zone host and have it zoned so that it can see the existing VMFS3 datastores.

DO NOT UPGRADE VMFS if prompted or offered!

6.       Select a number of non-essential virtual machines to serve as a proof-of-concept.

7.       Take note of which datastore(s) the identified virtual machines reside.

8.       Systematically schedule the shutdown of the identified virtual machines.

9.       Once the virtual machines are powered-off, right-click and remove from inventory.

DO NOT DELETE. Remove from inventory.

10.   On the landing zone or transition host, browse the datastore where the VM to be migrated resides, open the folder and find the configuration (.vmx) file. Right-click on that file and choose Add to Inventory.

11.   Once the VM shows up in the new cluster, attempt to power it on. Verify that the power-on works and the system is available on the customer’s network. Note that the network port-group labels and such may be different between the old cluster and new, so you might have it edit the VM’s settings to ensure the correct port-group(s) are selected.

DO NOT UPGRADE VIRTUAL HARDWARE OR VMWARE TOOLS AT THIS TIME.

12.   Repeat as necessary until all virtual machines are moved to the new cluster.

13.   Plan an upgrade of the VMware tools (requires a reboot) on each virtual machine.

14.   Plan an upgrade of the VM virtual hardware level (requires a second reboot) on each virtual machine.

15.   Utilize VMware’s Storage vMotion to move all of the VMs to the new datastores.

16.   Remove the legacy VMFS3 datastores.

17.   Shutdown and decommission the old hardware.

 

I have done this before with 5.5 and assume that it would operate the same way with 6.0, but that is another risk that would need to be identified with going right to 6.x. You could upgrade to 5.5 and then, once completed, upgrade to 6.0.

 

Note that if any VM has an RDM, that will need to be handled separately. You can use the same process, but before you are able to decommission the old storage you will need to either migrate the external RDM to a new virtual VMDK (create new VMDK, use guest OS tools to move the data) or another form of storage based on the new array’s capabilities.

Use ATS for Heart Beat on VMFS?

To disable

esxcli system settings advanced set -o /VMFS3/UseATSForHBOnVMFS5 -i 0

To enable

esxcli system settings advanced set -o /VMFS3/UseATSForHBOnVMFS5 -i 1

How To Install the Root Self-Signed Certificate from vCenter 6.0

http://virtualizationreview.com/articles/2015/04/02/install-root-self-signed-certificate-vcenter-6.aspx

http://blogs.vmware.com/vsphere/2015/03/vmware-certificate-authority-overview-using-vmca-root-certificates-browser.html

Tools for network monitoring

Smokeping - jitter monitoring

Observium - on top of NAGIOS

sFlowTrend - sFlow/netFlow monitoring

http://www.inmon.com/products/sFlowTrend.php


FlowMon - netFlow monitoring
https://www.invea.com/en/products/flowmon

sFlow + LogStash
https://github.com/NETWAYS/sflow

NetFlow Monitoring Tools
http://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-netflow/networking_solutions_products_genericcontent0900aecd805ff728.html

N-Series Poe

Did you open a case with tech-support

I’ve seen issues where devices did report as Class2 or 3 devices while they should be 0 or even high-power (POE+) and that it was just slightly over the limit and some ports seemed to be a little bit more stringent then others.

Consider indeed:

·         Setting the (lower) port on interface level as ‘power inline high-power’

·         On global or stack-unit level set ‘power inline management static’

·         Remove ‘legacy’ as dynamic method

·         Or set it indeed as ‘class based’ power

And else: open a case with tech-support to fully investigate and maybe use debug commands to find exact reason why it did go off.

The ‘work-around’ for removing ISDP is only applicable on Cisco devices that refuse to use industry standard methods if it thinks it is connected to a Cisco device – mainly Cisco multi-radio AP’s. Because they do receive ISDP info they do think they should also get POE info over CDP – but that part is ‘closed code’ and not open part of CDP (which is thus ISDP).

You can also work around that in another way then removing/disabling ISDP: you can tell the Cisco device it should accept POE negotiation form a specific device (MAC address of the switch/stack in question).  This last behavior is imho clearly a Cisco problem – it does NOT check if it is talking to a device that supports full CDP including Cisco proprietary POE negotiation over CDP: it just sees ‘something that looks like CDP’ and then refuses to use the industry standard unless specifically told to do so (via command on Cisco box like:  power inline negotiation injector <attached>  which will then be replaced by the switch MAC address in the Cisco startup-config).

Jan

Jan

From: Malone, Jim
Sent: Thursday, April 02, 2015 3:36 PM
To: Meister, Benjamin; WW Networking Domain
Subject: RE: N-Series Poe - Ahhhh . . .

Dell - Internal Use - Confidential

Well, I am out of guesses

The only other option is go to 6.2.0.5.

Nothing specific on Release Notes.

Jim Malone

Network Sales Engineer

Dell | Networking | VA, DC

571-232-0340

Jim_malone@dell.com

From: Meister, Benjamin
Sent: Thursday, April 02, 2015 10:22 AM
To: Malone, Jim; WW Networking Domain
Subject: RE: N-Series Poe - Ahhhh . . .

Dell - Internal Use - Confidential

6.1.2.4

~ Benjamin R. Meister

   Networking & Converged Infrastructure Sales

   Dell | Enterprise Solutions, Networking

   Office    + 1.646.409.1330 

   Mobile   + 1.646.489.2035

From: Malone, Jim
Sent: Thursday, April 02, 2015 10:19 AM
To: Meister, Benjamin; WW Networking Domain
Subject: RE: N-Series Poe - Ahhhh . . .

Dell - Internal Use - Confidential

What version of OS are you running?

Release 6.1.0.6 Summary	User Impact	Resolution	Affected Platforms
Issues powering up POE devices on certain switch port interfaces.	When dot13af and legacy mode is enabled and the first 12/24 switch ports are in error status, the last 12/24 ports are stay off.	Fixed high port powering issue by updating the PoE controller firmware version to 263_75. Please wait for few minutes for PoE controller firmware update to complete on switch boot-up. You will see the below log messages on switch boot-up after switch firmware upgrade. <187> Jun 17 04:51:57 172.25.136.215-1 POE[144021428]: hpc_poe_pwrdsne.c(6733) 582	N2xxxP/N3xxxP

Jim Malone

Network Sales Engineer

Dell | Networking | VA, DC

571-232-0340

Jim_malone@dell.com

From: Meister, Benjamin
Sent: Thursday, April 02, 2015 10:06 AM
To: Malone, Jim; WW Networking Domain
Subject: RE: N-Series Poe - Ahhhh . . .

Dell - Internal Use - Confidential

According to the Show tech:

Power.......................................... On

Total Power.................................... 1800 Watts

Threshold Power................................ 1620 Watts

Consumed Power................................. 82 Watts

Usage Threshold................................ 90%

Power Management Mode.......................... Dynamic

Power Detection Mode........................... dot3af+legacy

Unit  Description    Status     Average     Current          Since

                                 Power       Power         Date/Time

                                (Watts)     (Watts)

----  -----------  -----------  ----------  --------  -------------------

1     System       OK            0.2        39.8

1     PS-1         OK           N/A         N/A       03/14/2015 06:40:57

1     PS-2         OK           N/A         N/A       03/14/2015 06:40:57

~ Benjamin R. Meister

   Networking & Converged Infrastructure Sales

   Dell | Enterprise Solutions, Networking

   Office    + 1.646.409.1330 

   Mobile   + 1.646.489.2035

From: Malone, Jim
Sent: Thursday, April 02, 2015 9:59 AM
To: Meister, Benjamin; WW Networking Domain
Subject: RE: N-Series Poe - Ahhhh . . .

Dell - Internal Use - Confidential

Question: do  you have the default 750watt power supply?

Question: is this the only powered device plugged in?

Something to check and work with.

Power Inline Priority – by default all ports are set the same and here is what that means to you.

Priority is always enabled for all ports. If all ports have equal priority in an

overload condition, the switch will shut down the lowest numbered ports

first.

To test this you could change the priority of a low numbered port and retest the phone.

It may be preferable, if not already done, to use the 1100 watt power supplies.

Hope this helps

Jim Malone

Network Sales Engineer

Dell | Networking | VA, DC

571-232-0340

Jim_malone@dell.com

From: Meister, Benjamin
Sent: Thursday, April 02, 2015 9:23 AM
To: WW Networking Domain
Subject: N-Series Poe - Ahhhh . . .

Dell - Internal Use - Confidential

Ok folks,

N-series 3048p: 

Customer has poe phones, no problems any port. 

Customer plus in a Polycom CP7937G phone [15.4w] into a lowered number port, gets ‘ethernet disconnect’ errors.  But when he switches from say port 1/0/1-14 to port 1/0/47 the phone comes up and stays up no problem.  Same configuration on all ports.

This is unique to 1 or 2 of his switches, the remaining switches work just fine (all stand alones)

Would this be an indication of a bad ASIC?  (which would be really weird since the lower ports also have PoE phones on them)

Point of fact:  we did try ‘no ISDP enable’ trick – no luck.

~ Ben

~ Benjamin R. Meister

   Networking & Converged Infrastructure Sales

   Dell | Enterprise Solutions, Networking

   Office    + 1.646.409.1330 

   Mobile   + 1.646.489.2035