Summary:

Eager to try out an 802.11n 5GHz router, I picked up the NetGear WNDR3700 RangeMax Dual Band Wireless-N Gigabit Router.  In short, it doesn't work.  It's fast when it does, but I'm encountering problems with all of my devices, and the internet is full of people reporting similar problems.

Don't buy it.

It also doesn't run Tomato.  Lovely.  Piece of junk.

Features:

• USB port to connect HDD and NAS functionality
• dual 2.4GHz and 5GHz radio, with support for guest network
• traffic monitoring and shaping, site filtering
• 500Mbps+ WAN to LAN routing (very cool)
• Excellent WLAN performance
• 4 gigabit LAN ports, 1 gigabit WAN port

Rant:

For years, I have only bought devices that run Tomato.  dd-wrt is cool, yes, but I found it extremely unstable, and I've never had a dd-wrt router work well enough that I'd actually recommend to someone.  I have few Linksys WRT54GSv2 routers running Tomato, a Linksys WRT54GL running Tomato, and lately, I've been using the ASUS WL-520gU (802.11g, 10/100) and the ASUS RT-N16 (802.11n 2.4GHz, gigabit) routers since they also run Tomato.

But I got frustrated with the 2.4GHz only radio, and I got frustrated/greedy since I was only getting 5-9MB/s wireless.  My Intel 6200 and 6300 cards were only getting 1T1R on the router; devices would connect at up to 144Mbps, and I knew they could do better.  This NetGear is supposed to handle up to 300Mbps... and it does!  I transferred files at up 16MB/s over SMB.  Very nice -- faster than 100mbps Ethernet!

The router admin page is on HTTP only (can't find HTTPS option) and it also doesn't load in IE9.  The page just sits there and spins... so I loaded up the interface in Firefox.  I disabled DHCP on the router (after I was done, I found this guide, in case it helps you), turned off the 2.4GHz radio (I decided to keep my WRG54GSv2 running Tomato on 2.4GHz until I had tested this thing a bit more...) and connected my ThinkPad to the 5GHz network and went to bed.  When I woke up, my laptop had no internet.

I reconnected to the WRT54GS 2.4GHz network, and tried to get back on the router page.  Oops.  The page doesn't load in IE9... Right.  Everything looks good.  Router didn't crash... checking the log, I see:

[WLAN access rejected: incorrect security] from MAC address 00:23:15:XX:XX:XX

And this of course, leads me to the forum where other users are complaining: http://forum1.netgear.com/showthread.php?t=46515&page=5 .  I opened a support case at NetGear.  I suspect they'll tell me to format all my computers, or buy a NetGear NIC.  Change the wireless channel, reset to factory defaults on the router... none of which will help. There's a v2 of the hardware released (and of course, I *just* bought mine, and Dell very lovingly sent me the outdated v1 model.) with a new firmware... no idea if that fixes it.  Anyone have the v2 hardware?

This device also doesn't run Tomato, which is unfortunate.  So I'm stuck with it -- until someone releases some working firmware for it.

I recently replaced my aging T60p notebook.  Two weeks in, I thought I'd comment on the experience so far.  (i.e. here is my review of the ThinkPad T410s).

My configuration:

• ThinkPad 2901CTO with Intel Core i5-520M
• Intel HD graphics + nVidia NVS3100M switchable graphics
• 14" LCD with LED backlight (1440x900)
• 4GB RAM (2x2GB)
• Intel 160GB X18-M G2 SSD
• DVDRW optical drive, swappable Ultrabay adapter for an additional 2.5" SATA disk
• Intel 6250 + WiMax + Gobi 2000 with GPS + Bluetooth module
• Fingerprint reader, SD card reader

Windows Experience Index:

• Processor: 6.7 (i5-520M)
• Memory: 5.9 (2x2GB DDR3)
• Graphics: 4.9
• Gaming graphics: 5.9 (nVidia NVS3100M 512MB)
• Primary hard disk: 7.2 (Intel X18-M G2 160GB)

What's good:

• Perfect weight/size of screen/performance ratio.  I can walk around with everything I need in a < 4lb package.  My T40 was 4.5lbs, and my T60p was around 6lbs after all accessories (power supply, etc.).
• Improved speakers
• Solid keyboard
• Excellent build quality.  If you think a MBP has good build, then you haven't picked this thing up.  There's no screen distorion at all and absolutely ZERO case flex when pressure is applied.  This is NOT machined from 1 piece of aluminium alloy - it's much, much better.  I don't pamper my technology.  So I really appreciate the quality materials in the chassis and case finish - I can just throw this thing in a bag and go, and know that it'll make it in 1 piece.  This thing feels more droppable than ever, especially now that I don't have a spinning drive inside.
• Docking port provides two DP ports that can be used simultaneously.  Very cool, given the thinness of this machine.
• Powered USB port can charge junk while the laptop is powered down.
• eSATA port.  Need I say more?  I'm not sure I'd need USB 3.0 (at least, when it shows up mainstream, I won't be that jealous) because I have this eSATA port.  I do most of my stuff over the network anyway... but I'm sure it'll be great to move data off fast USB 3.0 storage keys...
• There's VGA + DisplayPort.  Perfect.  No stupid dongles, and eventually I'll be able to plug in high resolution displays direct.

What's not:

• Battery life is around 2 hours if I'm actually using it.  Understandable given the weight/dimension compromises but this still seems low to me.  Maybe the Core i7 would have performed better; the lower clocked graphics wouldn't have been an issue anyway since I'd switch to the nVidia if I really needed good performance.  Too late now...
• I wish the LCD were of nicer quality - better viewing angles would have been appreciated.  This is a relatively minor complaint.

Miscellaneous comments:

• Storage: I replaced the SSD with an Intel G2 160GB X18-M.  My system came with a Toshiba 128GB SSD.  With the Ultrabay adapter as well, I can have a secondary 2.5" spindle with 320GB or more of space.  A very nice advantage of the T series over the X series.
• Build quality:  Integrating the new roll cage in my previous T60p had the unfortunate effect of making the system chunkier (when compared to the T40).  The internals of the T60p were clearly better protected - there was far less flex and for the most part, the weaknesses in the chassis (around the T40 Ultrabay) were eliminated.  Moving to this T410s, I find the chassis far better than before - perhaps due to the decrease in system weight - but the attention to how the external casing is bonded to the rest of the laptop is phenomenal.  While there was no flex with my T60p when I picked it up from the corner, the palmrest plastic did strain under the weight.  When I pick up this T410s, the entire base of the machine feels rock solid.  I'm very happy.
• Stickers:  There are fewer now.  The vast majority of the junk on the bottom of the machine is now hidden under the battery - which is a great little detail.  I always remove the 3 stickers on the palmrest as soon as I get the machine.
• RAM is super easy to access, when compared to the T60p and certainly compared to the T40.  I love the simplicity.
• Keyboard:  Two weeks in, I don't like the key changes.  The ESC and Delete key are too big, and I keep hitting F3 instead of F4 and F1 instead of ESC.  The tactile feedback and rigidity of the keyboard are amazing though, as always.  The new volume buttons are more useful than I would have expected.  I also don't really like the Caps Lock indicator on the key itself; I can't see it at a glance anymore and have to move my hand to check.  They should stash the 3 LEDs (Caps, Scroll, Num) somewhere else in my opinion instead of resorting to soft indicators or key indicators.
• Connectivity:  The Gobi 2000 3G+GPS card is an amazing feature.  I now have data everywhere I go.  Very cool.  The integrated wireless card + Bluetooth options are, as usual, excellent.
• Webcam:  A nice addition.  Not the best quality, but given the tight space, I'm not going to complain.  It's great for video conferencing.
• Noise:  The fan is definitely noticeable if you're like me and enjoy working in a completely silent environment.  Switching to the integrated graphics reduces heat substantially and the fan virtually never runs under normal workloads.  That's an amazing improvement over the T60p, especially when you consider how much faster this system is.
• Video:  I can play games.  I can also watch 1080p video with hardware acceleration; Windows Media Player shows 2% load while playing a fullscreen 1080p video.  This is with the Intel as well as the nVidia card.  Again, a phenomenal improvement over my T60p which had the FireGL V5250.
• Switchable graphics:  Wow.  It actually works.  I had spent some time with a T400 with the ATI switchable graphics which delivered a relatively poor experience.  The switch was slow, and often failed without explanation.  nVidia's Optimus UI is much better - informing you exactly which processes are interfering with the switch (if applicable) and helps you terminate them.
• Boot times: Phenomenal.  I'm not using the factory OEM image, but even my T60p with the Intel SSD didn't start up this fast.  I'm using the latest drivers from the Lenovo support page.
• More importantly, resume times:  Wow.  Basically instant on.  It's not just Windows 7 - the Lenovo-provided drivers are where the magic is.  A great experience.  I open the lid and it's ready to go, and it's definitely faster than my coworkers new Core i5/i7 Mac notebooks.
• Aspect ratio: I don't hate the 16x10 as much as I thought I would.  Again, the weight difference between this and my T60p means I'm willing to give up some screen space.  16x9 is a different story though... time will tell.
• Microphones:  There are two now, located on the display bezel.  A nice touch as the keyboard noises + fan noises are reduced.
• Modem: It's gone.  Since I have my Gobi card, I probably won't notice.  Sometimes I sent faxes using my modem, but I'm sure I can workaround this.

Recommendations:

I'd pick between this T410s and the X201.  The Core i7 processors actually save MORE power over the Core i5, so I'd consider those as well.

I use an X200 at work - and I think this T410s is essentially a less portable version of the X200.  If you need more graphics performance (or if you're like me and THINK you need more graphics performance) and battery life is less of a concern (I noticed that I'm usually plugged in anyway) then the T410s allows you to walk around with EVERYTHING you need, optical drive and all.  I also have an Ultrabay adapter so I can swap out the DVD drive and pop in a secondary 320GB 7200RPM disk for additional storage.  With power plugs being available virtually everywhere (via the travel adapter on planes, trains, and cars) the T410s battery tradeoffs become justifiable.

This machine is very snappy and packs a tremendous amount of processing power and everyday speed (when using the included 128GB SSD or the Intel 160GB SSD) in a package that is the same weight as most netbooks.  It also delivers decent graphics performance, excellent connectivity options, and is very well designed.  The typing and navigation experience is fantastic.  Additionally, Lenovo provides excellent driver support.

Yes, you obviously get what you pay for: this machine will definitely last you 3-4 years of aggressive usage, or longer if you're not demanding.  Did I mention I love the build quality?

Summary:

I started receiving unwanted SMS spam from 265080.  These messages can be stopped by blocking yourself on the AOL SMS servers.

Details:

Go to http://aolmobile.aol.com/portal/blockim2sms.do and register your phone number.  They'll send you a quick confirmation text message - which should hopefully stop unwanted SMS messages through their gateway.

Seems quite silly to have that enabled by default on all numbers - a bad default policy I think.

Summary:

SSDs are really fast.  You should get one.

Details:

I finally caved and got an Intel 160GB G2 SSD for my laptop.  Photoshop opens within 4-5 seconds (I don't actually USE Photoshop, but I installed it just to see how fast it was.)  Outlook opens within 1s.  Virtually everything else opens instantly.  Makes my computer a pleasure to use again.

Select a time source:

Stratum 2: https://support.ntp.org/bin/view/Servers/StratumTwoTimeServers
Pool: https://support.ntp.org/bin/view/Servers/NTPPoolServers
I've used pool.ntp.org and an NRC server in Canada below.

Standalone machine:

w32tm /config /syncfromflags:manual /manualpeerlist:"pool.ntp.org time.nrc.ca"
w32tm /config /update
net stop w32time
net start w32time

Note the lack of space between manualpeerlist, the : and the ".

Domain configuration:

1. Configure PDC emulator to sync to external time source [1]:
   
   w32tm /config /manualpeerlist:"pool.ntp.org time.nrc.ca" /reliable:yes /update
    
2. If you move the role of the PDC emulator to a new domain controller, Change the Windows Time service configuration on the previous PDC emulator [2].
   
   w32tm /config /syncfromflags:domhier /reliable:no /update
net stop w32time
net start w32time
 
3. Configure a client computer for automatic domain time synchronization [3]:
   
   w32tm /config /syncfromflags:domhier /update
net stop w32time
net start w32time

Further reading:
Windows Time Service Tools and Settings
http://technet.microsoft.com/en-us/library/cc773263(WS.10).aspx

Good overview - explains domain hierarchy and time architecture
http://blogs.msdn.com/w32time/archive/2007/09/04/keeping-the-domain-on-time.aspx

Configuring a time source for the forest
http://technet.microsoft.com/en-us/library/cc784800(WS.10).aspx

How to synchronize the time with the Windows Time service in Windows XP
http://support.microsoft.com/kb/307897

Sources:

[1] http://technet.microsoft.com/en-us/library/cc786897(WS.10).aspx via http://go.microsoft.com/fwlink/?LinkId=91969
[2] http://technet.microsoft.com/en-us/library/cc738042(WS.10).aspx  
[3] http://technet.microsoft.com/en-us/library/cc758905(WS.10).aspx via http://go.microsoft.com/fwlink/?LinkId=91376

Summary:

Exchange 2010 has an updated OWA - now renamed Outlook Web App.  There are plenty of new features and improvements, but I've also noticed a dramatic increase in the page loadtimes, particularly on slower client connections.  Page loadtimes can be improved without any server-side code (JS/HTML) changes by ensuring that gzip compression is enabled end-to-end - which is, by default, not the case if OWA is published through Forefront TMG.  I reduced my OWA page loadtime from 27.47s down to 11.22s.

Problem:

Large pages of text can be compressed with gzip which dramatically improves loadtimes for most browsers.  By default, gzip compression may not be enabled in your Exchange 2010 IIS configuration, and may not pass through your Forefront TMG server publishing rule.  My Forefront TMG MBE was NOT configured to gzip .js and .css files, nor was it correctly configured to return compressed content (where appropriate) from published servers.

Solution:

1. Load OWA in Firebug and note the current loadtimes.  In the screenshot below, the JS library loadtime constitutes a significant portion of the overall page loadtime.  If you are not seeing this, then the following steps are unlikely to improve your loadtimes.  Make sure you hit Ctrl+F5 to reload the page without a cache.
   See http://justinho.com/files/uploads/OWA-01.png .  Note the ClientStrings currently is 29.6kb and the uglobal.js file is 799.1kb, resulting in a page loadtime of 27.47s, a near eternity.
    
2. Drill into the uglobal.js file in Firebug.  This step is to confirm that gzip compression is not enabled for the .JS file in question.
   See http://justinho.com/files/uploads/OWA-02.png .  Note the lack of the gzip compression in the Response headers.  gzip compression is not enabled when the client receives this JS file, but it is being requested (note the presence of gzip, deflate in the Request headers under Accept-Encoding.)
    
3. Let's fix that.  Ensure the /owa directory has high compression enabled on your OWA/CAS server. (Depending on your exact TMG configuration, this may prove to be moot since TMG may decompress your CAS server's response only to compress it again before sending it over the WAN.  See [2] before proceeding with this step.)
   
   In an Exchange PowerShell on the CAS [3]:
   Set-OwaVirtualDirectory -identity "owa (Default Web Site)" -GzipLevel High
   
   Restart IIS services:
   iisreset /noforce
   (I personally got error messages when I did this, so you can also just run iisreset without the additional parameter, which will interrupt open sessions.  You are doing this change during a maintenance period, right?)
    
4. Ensure Forefront TMG returns compressed HTTP content where possible.
   
   In Forefront TMG management, under Web Access Policy, find Configure HTTP Compression under Related Tasks on the right.  Ensure you Return Compressed Data from Anywhere (or at the very least, add your Exchange CAS servers):
   See http://justinho.com/files/uploads/OWA-06.png
   
   Note which filetypes are compressed as well:
   See http://justinho.com/files/uploads/OWA-07.png
    
5. Ensure .CSS and .JS files are compressed.  By default, TMG compresses HTML Documents, and Text (as we saw in the previous step.)  This is fine since images don't compress well.  However, we want to ensure .css and .js files are also returned compressed.
   
   In Forefront TMG management, under Firewall Policy, click Toolbox on the right, then Content Types, and find HTML Documents.  Double click to edit and add the following types [4]:
   
   application/json
   application/x-javascript
   .css
   .js
   
   Screenshot: http://justinho.com/files/uploads/OWA-09.png.  Yes, I realise these are "applications" - but we really don't want to gzip .EXE and other files through this webserver - I just want to fix this particular JS and CSS slow page loadtime problem right now.
    
6. Load OWA again now and note the reduced loadtimes in Firebug.
   
   See http://justinho.com/files/uploads/OWA-03.png .  The same ClientStrings request is now only 10.4kb, and uglobal.js is down to 202.7kb.  Page loadtime is now 11.22s, which is a dramatic improvement.
   
   Anyway, if we drill into the headers, we also see Content-Encoding shows gzip is now enabled in the server response:
   See http://justinho.com/files/uploads/OWA-04.png 
    
7. Done.  This is still an eternity as far as I'm concerned, so I hope Microsoft gets this cleaned up in a future Service Pack for Exchange.  I suppose using a standard JS library that other people use would be too much to ask.  Perhaps this library can be hosted somewhere by Microsoft on a CDN, or at least the GUI should allow customers to host these JS files elsewhere on a secure CDN?

References:

[1] http://getfirebug.com/ or https://addons.mozilla.org/en-US/firefox/addon/1843

[2] If your TMG is decompressing then recompressing the CAS OWA response, you might as well disable compression on your CAS and let TMG do the work.  Regardless of what compression level you set on OWA on the CAS, the TMG always appears to use low gzip compression.  To find out what the TMG is doing, access your CAS directly on the LAN via https://internalIP/owa then access it when published by the TMG (i.e. https://mail.contoso.com/owa) and note any change in content size.  See step 1 above, ensuring you hit Ctrl+F5 to force a reload of the page.

If I load my OWA directly from the CAS, I see the effects of high gzip compression: http://justinho.com/files/uploads/OWA-05.png
If I load my OWA published through TMG, I see lower gzip compression (and thus larger file sizes): http://justinho.com/files/uploads/OWA-03.png

In this case (TMG publish filesizes > CAS OWA filesizes) gzip compression can likely be disabled on the CAS (or at least left at Low compression) to reduce unnecessary server load.

[3] http://technet.microsoft.com/en-us/library/aa996547.aspx

[4] These filetypes were determined by inspection via Firebug.  Ensure you load the Exchange Control Panel (/ecp) via the Options link, etc. to ensure you hit all file types.

Microsoft Exchange Server Jetstress 2010 Beta (64 bit)
Simulate disk I/O load on a test server running Exchange to verify the performance and stability of your disk subsystem before putting your server into a production environment.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=13267027-8120-48ed-931b-29eb0aa52aa6

Exchange Load Generator 2010 Beta (64 bit)
Exchange Load Generator is a simulation tool to measure the impact of MAPI, OWA, ActiveSync, IMAP, POP and SMTP clients on Exchange servers
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=cf464be7-7e52-48cd-b852-ccfc915b29ef

Microsoft Exchange Server Profile Analyzer (64 bit)
Collect estimated statistical information from a single mailbox store or across an Exchange Server organization.
http://www.microsoft.com/downloads/details.aspx?familyid=C009C049-9F4C-4519-A389-69C281B2ABDA&displaylang=en

You receive various Stop error messages in Windows 7 or in Windows Server 2008 R2 when you try to resume a computer that has a large SATA hard disk

• You have a computer that is running Windows 7 or Windows Server 2008 R2.
• The computer has a large Serial Advanced Technology Attachment (SATA) hard disk. For example, the size of the SATA hard disk is 1 terabyte.
• You put your computer to sleep state or into hibernation.
• You try to resume the computer from sleep or from hibernation.

Error messages:

STOP 0x0000007A
STOP 0x00000077
STOP 0x000000F4

Hotfix: http://support.microsoft.com/kb/977178/
Intel SATA driver update: http://www.intel.com/support/chipsets/imsm/

SuperMicro IPMI Firewall Connection Information

• HTTP: 80 (TCP)
• HTTPS: 443 (TCP)
• IPMI: 623 (UDP)
• Remote console: 5900 (TCP)
• Virtual media: 623 (TCP)
• SMASH: 22 (TCP)
• WS-MAN: 8889 (TCP)

Source: http://www.supermicro.com/manuals/other/Onboard_BMC_IPMI.pdf

Summary:

Some of Tyan's server boards have IPMI and integrated iKVM functionality.  Securing access to these resources requires knowledge of specific TCP/UDP port traffic requirements.

The following ports are necessary:

• Web: TCP 80, TCP 443
• SSH: TCP 22
• IPMI: TCP/UDP 623
• KVM: TCP 7578, TCP 7582
• Virtual Media: TCP 5120, 5123, 5124, 5127

Discussion:

I have an S7012 board with iKVM functionality that I was trying to expose over VPN.  My TMG VPN configuration has port access restricted to the DMZ - so I had to open specific ports to give myself access to the iKVM.  Took a while to find.  Board manual, AST2050 IPMI manual.

Source:

http://www.tyan.com/manuals/S7016_Pilot%202_UG_v100.pdf, page 34