To create the database required for ASP.NET roles and membership run the following:-
Windows Firewall and non-secure FTP traffic
Windows firewall can be configured from command line using netsh command. 2 simple steps are required to setup Windows Firewall to allow non-secure FTP traffic
1) Open port 21 on the firewall
netsh advfirewall firewall add rule name=”FTP (no SSL)” action=allow protocol=TCP dir=in localport=21
2) Activate firewall application filter for FTP (aka Stateful FTP) that will dynamically open ports for data connections
netsh advfirewall set global StatefulFtp enable
Warning: Active FTP connections are not necessarily covered by these rules. Outbound connection from port 20 would need to be enabled on server and client machine will have to have exceptions setup for inbound traffic.
Warning: FTPS (FTP over SSL) will not be covered by these rules. SSL negotiation will (most likely) get stuck because firewall filter for FTP will not be able to parse encrypted data. Some firewall filters recognize the beginning of SSL negotiation (AUTH SSL or AUTH TLS commands) and return error to prevent SSL negotiation from starting.
The entire article can be found here : http://blogs.iis.net/jaroslad/archive/2007/09/29/windows-firewall-setup-for-microsoft-ftp-publishing-service-for-iis-7-0.aspx
To configure Jumbo Frames in ESX to use iSCSI I had to do the following:-
1. Enable Jumbo Frames on Linksys Switch (This does NOT affect existing 1500 mtu clients).
2. Enable Jumbo frames on Storage Server’s NIC (9000)
3. From ESX run the following commands (some are informational only):
esxcfg-vswitch -m 9000 vSwitch3
esxcfg-vswitch -A iSCSI-Jumbo vSwitch3 (to create empty port group for iSCSI use – preexisting must be deleted)
esxcfg-vmknic -a -i <ipaddressofesxiscsi> -n 255.255.255.0 -m 9000 iSCSI-Jumbo
vmkping <ipaddressofiscsitarget> -s 9000
Recovery Points in DPM are generated as follows:-
Recovery Points created for each Express Full Backup under Application Recovery Points schedule.
Recovery Points available for each synchronisation.
- If SQL Recovery Model = FULL then All sync times are available as recovery points
- If SQL Recovery model = SIMPLE then Only express full backup times are available as recovery points
Only the latest synchronisation before each recovery point is available in DPM.
Sync every 4 hrs (00:00, 04:00, 08:00, 12:00, 16:00, 20:00)
File recovery points = 07:30, 18:00
Available recovery points are :
Last sync before 7.30AM = 4.00AM
Last sync before 6.00PM = 4.00PM
Replica Volume – Holds near current copy of data (last synchronised)
Recovery Point Volume – Holds changes that have occurred on the replica
There were a few obsticles I had to overcome to get this working:
1. Had to disable Windows Firewall on iSCSI NIC on windows server to allow the iSCSI traffic to pass.
2. Had to ensure there was an outgoing iSCSI rule on the ESX firewall allowing the ESX host to connect to the iSCSI target (windows server).
3. Had to add a 2nd Service Console on the vSwitch used for iSCSI so the service console could communicate on the iSCSI network.
I have setup an FTP job to copy the vmksummary.html file to my webserver so it can be served from the web. To set this up I had to:-
- Enable ftpClient on ESX firewall
- Enable Passive Port range in IIS and on ESX firewall (See other Blog post)
- Create a FTP script in /vmimages on ESX server
- Run chmod a+x ftpscript.sh
- Run crontab -e
- Enter 0 5 * * * /vmimages/ftpscript.sh line to execute script at 5am every day. More detail can be found at http://www.adminschoice.com/docs/crontab.htm.
FTP script contains:-
ftp -p -n <webserveripaddress> <<END_SCRIPT
quote USER <username>
quote PASS <password>