The Acumen IT Support blog provides you with helpful articles about Networking troubleshooting.

Several web sites provide good overviews.

Computer Networking Overview

Computer Networking Wikipedia

Business Network Support

Barracuda Link Balancer

Barracuda Load Balancer

Cisco Routers

Failover Clustering

HP BTO OpenView

System Center

Microsoft Windows Servers

Paessler Network Monitoring Software

WireShark Packet Analyzer

Zabbix Monitoring Consulting

The Effect of Solid State Disks on Processor Usage

I am now encountering servers and client computers that have solid state disks (SSDs). My experience is showing that this sometimes causes improper analysis of performance measures through Performance Monitor (perfmon.exe) and Resource Monitor (accessible through the Resource Monitor button on the Performance table of Task Manager).

In the past, poor interactive response time of a system, or complete “locking up” of a system was not necessarily accompanied by high processor usage, but high processor usage was usually indicated that a system was slow to respond or locked up. Disk IO is usually the primary performance bottleneck in a system because disks are the component that includes mechanical limitations of physical disk access. Response time can be viewed in the Disk Activity panel of the Disk tab of Resource Monitor, or measured by Avg. Disk sec/Read and Avg. Disk sec/Write in Performance Monitor. Be sure to get the “seconds” in the numerator when you select counters—there are several counters that are very similar.

When we use SSDs, this changes. The biggest bottleneck is reduced or removed, and the computer can process much more information per second, and therefore processor usage goes up—often to 100%. I have seen systems that were either running at 0% or 100% with no in between. After eliminating all other problems, I began to realize that once all other potential problems were eliminated, that this high processor usage was good rather than bad, and was seldom accompanied by the “locking up” of a system—other activities could run or continue to run and receive a reasonable share of “time slices” of a system.

The takeaway is that if you have a system with SSDs and there is 100% processor usage but things seem to be working fine, everything is probably OK and is likely to be a desirable status.

Windows Remote Host Licensing Mode

Official Windows Logo

Windows Problem

Server 2012’s Terminal Server services are proving to be much different than prior versions of windows. The initial remote desktop based roles wizard is easier to use, but making changes after they are installed can be a hassle.

A lot of the configuration is done in Server Manager -> Remote Desktop Services -> Deployment Overview -> Tasks -> Edit Deployment Properties.

Solution

The setting that I missed was one under RD Licensing -> Select the Remote Desktop licensing mode: Per Device or Per User.

After activating our licensing for Enterprise Agreement for Windows 8 VDI Per Device CAL’s, I assumed that the licensing mode would default to Per Device. It did not, and remote desktop did not work to VM’s on the terminal server.

Be aware that if you have the licensing server installed and activated that these items do not default to the CAL’s you purchased and configured. This applies to RD virtualization host and session host roles.

See our Technology Service Page for more ways we can help you!

Virtual Machine Fails to Respond to Network Traffic

The following issue pertains to an environment running a Windows 2012 Server Failover Cluster. This cluster had 3 nodes, each node running 4 VMs, running stably for months.

Suddenly one afternoon the virtual machines on one of the nodes failed to respond to network traffic. Looking at the VMs in the Failover Cluster Manager, they showed a status of “Running – locked”. Then VMs on that node began shutting down. They did not fail over to another node. The Clustered Shared Volume could not be browsed in Windows Explorer from the affected node. The iSCSI connector showed that the server’s connection to the SAN was up, however.

The Failover Cluster Manager showed the following critical errors: “Cluster Shared Volume ‘Volume1’ (‘name’) is no longer available on this node because of ‘STATUS_IO_TIMEOUT(c00000b5)’. All I/O will temporarily be queued until a path to the volume is reestablished.”

Earlier that afternoon, I had created a new virtual machine on that node. After creating it, I decided to back up the new VM using Microsoft DPM 2012. While I was doing so, that’s when the failure occurred. I discovered after a few minutes of research that it was this action—backing up a clustered virtual machine—that caused the problem. I stopped the DPM backup (which was hung anyway), deleted the job, and restarted the affected Cluster Node server. The VMs ran normally after that.

According to Microsoft, here are the conditions:

Consider the following scenario:

  • You enable the Cluster Shared Volumes (CSV) feature on a Windows Server 2012-based failover cluster.
  • Create a virtual machine on a CSV volume on a cluster node.
  • Start the virtual machine.
  • Try to create a backup of the virtual machine on the CSV volume by using Microsoft System Center Data Protection Manager (DPM).

In this scenario, one of the following issues occurs:

  • The backup is created, and the virtual machine enters a paused state.
  • The CSV volume goes offline. Therefore, the virtual machine goes offline, and the backup is not created.

Errors: Software snapshot creation on Cluster Shared Volume(s) (‘volume location’) with snapshot set id ‘snapshot id’ failed with error ‘HrError(0x80042308)(2147754760)’. Please check the state of the CSV resources and the system events of the resource owner nodes.

Log Name: System
Source: Microsoft-Windows-FailoverClustering
Date: Date and time
Event ID: 5120
Task Category: Cluster Shared Volume
Level: Error
Keywords:
User: SYSTEM
Computer: Computer name

Description: Cluster Shared Volume ‘Volume1’ (‘name’) is no longer available on this node because of ‘STATUS_IO_TIMEOUT(c00000b5)’. All I/O will temporarily be queued until a path to the volume is reestablished.

Cause: The virtual machine enters a paused state because the Ntfs.sys driver incorrectly reports the available space on the CSV volume when the backup software tries to create a snapshot of the CSV volume. Additionally, the CSV volume goes offline because it does not resume from a paused state after an I/O delay issue or error occurs.

Resolution: install the hotfix described here Please read through the hotfix information carefully, and consult Microsoft Support if you have any issues or questions

For other IT Support and IT Service issues take a look at our IT Support Page.

No DNS/DHCP After Virus Removal

,

Recently, after removing a virus from a customer’s PC I encountered a problem while trying to get the PC back on the network. I tested the drop with another computer and it worked fine. The PC would not pull a DHCP address. I then gave the PC a static IP/DNS settings and the PC was able to ping 8.8.8.8 (which means it had access to the internet) but could not resolve google.com with multiple DNS settings.

I finally found my answer here This solution works perfectly but I’ll condense it below if you don’t want to follow the link.

The user ILS mentions that these symptoms are caused by a corrupted afd.sys file which is located at c:windowssystem32drivers. Either it is missing or infected.

A tool called Farbar System Scanner can be run on your Internet Services to verify the problem although you do not need to do this to try the fix.

Scan your system for another version of afd.sys and simply copy it over to the one in your driver folder

Next you need to modify the registry. Instructions are detailed in a post written by Broni here.

The easiest solution is to copy the Registry Entry from another PC that is working

If you get a permission problem when merging the Legacy_AFD, make sure you read Broni’s instructions on how to allow your user to change the permissions. For Windows 7, I used the following Broni written instructions:

  1. Start=>Run (alternatively use Windows key+R), type regedit and click OK.
  2. Navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetEnumRoot
  3. Right-Click Root and select Permissions…
  4. Click Advanced.
  5. Under Owner tab select the entry starting with you user name, example: Farbar(Farbar-PCFarbar)
  6. Put a check mark next to Replace owner on subcontainers and objects and click Apply and OK.
  7. Under Security type while Everyone is selected put a check mark in the box under Allow next to Full Control.
  8. Click Apply and OK.

As stated by the author of the post, after doing the above you will be able to merge Legacy_AFD.

Even though that post is old, it works like a charm, we were able to fix 5 computers today, all of them were Windows 7.

Following those instructions I was able to get the computer back on the network and the user back to work.

If you need help with your computer or your network give us a call at 314.333.3330 and take a look at our IT Support page for more information.

Wake on LAN across local subnets/VLANs

Recently we had a client trying to Wake on LAN (WOL) across local subnets/VLANs. All of the routers and switches were cisco equipment. The WOL would only work on the local VLAN but not to other VLANs (or subnets) that were trunked out in other areas. The solution was a simple fix of a few commands on the local and remote subnet routing/switching devices.

Wake on LAN Solution:

  1. An IP Helper needed to be configured on the WOL packet sending network pointing to the receiving network.
    1. L1(config-if)#interface vlan 2 ? Interface of network you are sending packet from
    2. L1(config-if)#ip helper-address 172.16.3.2 ? Gateway of receiving network
  2. The IP protocol needed to be forwarded (in the case UDP port 7)
    1. L1(config)#ip forward-protocol udp 7
  3. An ACL needed to be configured as to only allow the WOL ports required
    1. L2(config)#access-list 101 permit udp any any eq 7 ? you can also specify host and/or destination instead using any any
  4. An IP Directed-Broadcast needed to be assigned on the receiving network
    1. L2(config-if)#ip directed-broadcast 101 ? 101 references the ACL that allows/restricts the broadcasts going through. This rule enables translation of directed broadcasts to physical broadcasts on the network where the WOL target is located.

Repeat this process as needed for each network that needs to send/receive WOL packets.

See our Network Support Page and our System Monitoring Page for more ways we can help you.

Call today at 314.333.3330 and talk to a technician immediately!

For more information about how Acumen can help you with your business IT needs, visit our Technology Services Page.

SOLVED: Windows Activation Error 0x800723B

,

Windows Activation Error 

After installing Windows 8 Enterprise or Upgrading to Windows 10 Enterprise and attempting to activate, you may receive an error message stating:

“Windows can’t activate right now. Try activating Windows later. If this issue persists, contact your system administrator or technical support department for assistance”

The error details shows: 0x8007232B – (DNS Name Does Not Exist)

Details:

After researching the error, it became obvious that this has been around for a while, and it is most often caused by the product key being invalid. Windows 8 and Windows 10 Enterprise do not request the product key during installation, and therefore the activation error occurs. On Windows 8. there is no obvious way to change the product key, and it really just is as simple as entering a valid product key.

Many of the recommended solutions I found require command line interaction from an elevated (run as administrator) command prompt. There is a simpler way to enter a new product key.

Windows Activation Error Solution:

1. From the Windows 8 Metro Screen or Windows 10 Start Menu, type: SLUI 3 (note the space) to automatically search for the product key utility.

3. Opening this will bring up the product activation window with a field for entering a new product key.

4. Enter the new product key and activate Windows 8 or Windows 10 Enterprise (Note that on Windows 10 Enterprise, you could just go to Settings>search for “Activation”, open “Change Your Product Key”, click “Change Product Key” and enter the new key.)

Closing:

This issue has also been reported on various Windows 7, 8, and 10 releases, including the Gold Partner releases and MSDN releases. Although I haven’t tested it personally on all of these, this solution should still apply.

If you are still experiencing activation errors, confirm that you are not attempting to install a KMS (Key Management Service)
copy. The activation of a KMS volume licensing version of the OS requires a KMS licensing server to be running on the local network (not the most common approach for many businesses) and attempting to install this version without the KMS server can also produce this error.

Acumen Consulting provides computer and network support services to enterprise, small and medium sized businesses. If you require further assistance, please contact us and we will be happy to help you resolve error 0x8007232B -DNS Name Does Not Exist during Windows 8 or Windows 10 Enterprise activation.

For more information on Windows, click on the link below:

https://www.microsoft.com/en-us/windows

 

 

SonicWall access LAN via SonicPoint wireless Access point

SonicWall doesn’t want you to access your LAN via a SonicPoint wireless access point, but they don’t tell you that. You might be expecting to be able to access your LAN after you’ve connected and set up your SonicPoint. Even though you can reach the Internet, you’ll discover that LAN access is elusive. Configuring access rules and Zones and Guest Services doesn’t help. Apparently the way SonicWalls are designed to operate is to allow Internet Access, but to deny LAN access. Anyone who wants LAN access via internal wireless will have to use a VPN. This can be a real pain, but is definately more secure.

Here are quick and dirty instructions on how to get your Sonicpoint WLAN network to communicate with your LAN. Be aware that this weakens the security for this connection. This assumes that you already have the SonicPoint connected and set up, and can access the internet through it.

    1. Login to your Sonicwall via browser, then change the address from https://192.168.1.1/main.html to https://192.168.1.1/diag.html (caution! Diagnostic Mode)
    2. Choose “Internal Settings” on the left side of the page.
    3. Three quarters of the way down you will see the “Wireless Settings” section. Under that check the setting ”Enable Local Wireless Zone Traffic To Bypass Gateway Firewalling”, and then click “Accept”
    4. Go back to “main.html”.
    5. Under Network section, go to “Zones”
      1. In the WLAN Zone, under the General tab, make sure that “Allow Interface Trust” is checked
      2. Under the Wireless Tab, uncheck “Only allow traffic generated by a Sonicpoint/SonicpointN” and check “Enforce local wireless zone traffice to bypass gateway firewalling”, and then click OK.
    6. Under the Network section, go to Interfaces, and Configure the interface for the Sonicpoint.
      1. Change the Zone to “WLAN”, if it is not already
      2. Change the IP Assignment to “Layer 2 Bridged Mode”
      3. Change “Bridged To” to “X0” or whatever your LAN is.

This will cause the Sonicpoint to reboot. Once you connect to it again, you should be able to access your local LAN resources.