Summary:

I started receiving unwanted SMS spam from 265080.  These messages can be stopped by blocking yourself on the AOL SMS servers.

Details:

Go to http://aolmobile.aol.com/portal/blockim2sms.do and register your phone number.  They'll send you a quick confirmation text message - which should hopefully stop unwanted SMS messages through their gateway.

Seems quite silly to have that enabled by default on all numbers - a bad default policy I think.

Summary:

SSDs are really fast.  You should get one.

Details:

I finally caved and got an Intel 160GB G2 SSD for my laptop.  Photoshop opens within 4-5 seconds (I don't actually USE Photoshop, but I installed it just to see how fast it was.)  Outlook opens within 1s.  Virtually everything else opens instantly.  Makes my computer a pleasure to use again.

Select a time source:

Stratum 2: https://support.ntp.org/bin/view/Servers/StratumTwoTimeServers
Pool: https://support.ntp.org/bin/view/Servers/NTPPoolServers
I've used pool.ntp.org and an NRC server in Canada below.

Standalone machine:

w32tm /config /syncfromflags:manual /manualpeerlist:"pool.ntp.org time.nrc.ca"
w32tm /config /update
net stop w32time
net start w32time

Note the lack of space between manualpeerlist, the : and the ".

Domain configuration:

1. Configure PDC emulator to sync to external time source [1]:
   
   w32tm /config /manualpeerlist:"pool.ntp.org time.nrc.ca" /reliable:yes /update
    
2. If you move the role of the PDC emulator to a new domain controller, Change the Windows Time service configuration on the previous PDC emulator [2].
   
   w32tm /config /syncfromflags:domhier /reliable:no /update
net stop w32time
net start w32time
 
3. Configure a client computer for automatic domain time synchronization [3]:
   
   w32tm /config /syncfromflags:domhier /update
net stop w32time
net start w32time

Further reading:
Windows Time Service Tools and Settings
http://technet.microsoft.com/en-us/library/cc773263(WS.10).aspx

Good overview - explains domain hierarchy and time architecture
http://blogs.msdn.com/w32time/archive/2007/09/04/keeping-the-domain-on-time.aspx

Configuring a time source for the forest
http://technet.microsoft.com/en-us/library/cc784800(WS.10).aspx

How to synchronize the time with the Windows Time service in Windows XP
http://support.microsoft.com/kb/307897

Sources:

[1] http://technet.microsoft.com/en-us/library/cc786897(WS.10).aspx via http://go.microsoft.com/fwlink/?LinkId=91969
[2] http://technet.microsoft.com/en-us/library/cc738042(WS.10).aspx  
[3] http://technet.microsoft.com/en-us/library/cc758905(WS.10).aspx via http://go.microsoft.com/fwlink/?LinkId=91376

Summary:

Exchange 2010 has an updated OWA - now renamed Outlook Web App.  There are plenty of new features and improvements, but I've also noticed a dramatic increase in the page loadtimes, particularly on slower client connections.  Page loadtimes can be improved without any server-side code (JS/HTML) changes by ensuring that gzip compression is enabled end-to-end - which is, by default, not the case if OWA is published through Forefront TMG.  I reduced my OWA page loadtime from 27.47s down to 11.22s.

Problem:

Large pages of text can be compressed with gzip which dramatically improves loadtimes for most browsers.  By default, gzip compression may not be enabled in your Exchange 2010 IIS configuration, and may not pass through your Forefront TMG server publishing rule.  My Forefront TMG MBE was NOT configured to gzip .js and .css files, nor was it correctly configured to return compressed content (where appropriate) from published servers.

Solution:

1. Load OWA in Firebug and note the current loadtimes.  In the screenshot below, the JS library loadtime constitutes a significant portion of the overall page loadtime.  If you are not seeing this, then the following steps are unlikely to improve your loadtimes.  Make sure you hit Ctrl+F5 to reload the page without a cache.
   See http://justinho.com/files/uploads/OWA-01.png .  Note the ClientStrings currently is 29.6kb and the uglobal.js file is 799.1kb, resulting in a page loadtime of 27.47s, a near eternity.
    
2. Drill into the uglobal.js file in Firebug.  This step is to confirm that gzip compression is not enabled for the .JS file in question.
   See http://justinho.com/files/uploads/OWA-02.png .  Note the lack of the gzip compression in the Response headers.  gzip compression is not enabled when the client receives this JS file, but it is being requested (note the presence of gzip, deflate in the Request headers under Accept-Encoding.)
    
3. Let's fix that.  Ensure the /owa directory has high compression enabled on your OWA/CAS server. (Depending on your exact TMG configuration, this may prove to be moot since TMG may decompress your CAS server's response only to compress it again before sending it over the WAN.  See [2] before proceeding with this step.)
   
   In an Exchange PowerShell on the CAS [3]:
   Set-OwaVirtualDirectory -identity "owa (Default Web Site)" -GzipLevel High
   
   Restart IIS services:
   iisreset /noforce
   (I personally got error messages when I did this, so you can also just run iisreset without the additional parameter, which will interrupt open sessions.  You are doing this change during a maintenance period, right?)
    
4. Ensure Forefront TMG returns compressed HTTP content where possible.
   
   In Forefront TMG management, under Web Access Policy, find Configure HTTP Compression under Related Tasks on the right.  Ensure you Return Compressed Data from Anywhere (or at the very least, add your Exchange CAS servers):
   See http://justinho.com/files/uploads/OWA-06.png
   
   Note which filetypes are compressed as well:
   See http://justinho.com/files/uploads/OWA-07.png
    
5. Ensure .CSS and .JS files are compressed.  By default, TMG compresses HTML Documents, and Text (as we saw in the previous step.)  This is fine since images don't compress well.  However, we want to ensure .css and .js files are also returned compressed.
   
   In Forefront TMG management, under Firewall Policy, click Toolbox on the right, then Content Types, and find HTML Documents.  Double click to edit and add the following types [4]:
   
   application/json
   application/x-javascript
   .css
   .js
   
   Screenshot: http://justinho.com/files/uploads/OWA-09.png.  Yes, I realise these are "applications" - but we really don't want to gzip .EXE and other files through this webserver - I just want to fix this particular JS and CSS slow page loadtime problem right now.
    
6. Load OWA again now and note the reduced loadtimes in Firebug.
   
   See http://justinho.com/files/uploads/OWA-03.png .  The same ClientStrings request is now only 10.4kb, and uglobal.js is down to 202.7kb.  Page loadtime is now 11.22s, which is a dramatic improvement.
   
   Anyway, if we drill into the headers, we also see Content-Encoding shows gzip is now enabled in the server response:
   See http://justinho.com/files/uploads/OWA-04.png 
    
7. Done.  This is still an eternity as far as I'm concerned, so I hope Microsoft gets this cleaned up in a future Service Pack for Exchange.  I suppose using a standard JS library that other people use would be too much to ask.  Perhaps this library can be hosted somewhere by Microsoft on a CDN, or at least the GUI should allow customers to host these JS files elsewhere on a secure CDN?

References:

[1] http://getfirebug.com/ or https://addons.mozilla.org/en-US/firefox/addon/1843

[2] If your TMG is decompressing then recompressing the CAS OWA response, you might as well disable compression on your CAS and let TMG do the work.  Regardless of what compression level you set on OWA on the CAS, the TMG always appears to use low gzip compression.  To find out what the TMG is doing, access your CAS directly on the LAN via https://internalIP/owa then access it when published by the TMG (i.e. https://mail.contoso.com/owa) and note any change in content size.  See step 1 above, ensuring you hit Ctrl+F5 to force a reload of the page.

If I load my OWA directly from the CAS, I see the effects of high gzip compression: http://justinho.com/files/uploads/OWA-05.png
If I load my OWA published through TMG, I see lower gzip compression (and thus larger file sizes): http://justinho.com/files/uploads/OWA-03.png

In this case (TMG publish filesizes > CAS OWA filesizes) gzip compression can likely be disabled on the CAS (or at least left at Low compression) to reduce unnecessary server load.

[3] http://technet.microsoft.com/en-us/library/aa996547.aspx

[4] These filetypes were determined by inspection via Firebug.  Ensure you load the Exchange Control Panel (/ecp) via the Options link, etc. to ensure you hit all file types.

Microsoft Exchange Server Jetstress 2010 Beta (64 bit)
Simulate disk I/O load on a test server running Exchange to verify the performance and stability of your disk subsystem before putting your server into a production environment.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=13267027-8120-48ed-931b-29eb0aa52aa6

Exchange Load Generator 2010 Beta (64 bit)
Exchange Load Generator is a simulation tool to measure the impact of MAPI, OWA, ActiveSync, IMAP, POP and SMTP clients on Exchange servers
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=cf464be7-7e52-48cd-b852-ccfc915b29ef

Microsoft Exchange Server Profile Analyzer (64 bit)
Collect estimated statistical information from a single mailbox store or across an Exchange Server organization.
http://www.microsoft.com/downloads/details.aspx?familyid=C009C049-9F4C-4519-A389-69C281B2ABDA&displaylang=en

You receive various Stop error messages in Windows 7 or in Windows Server 2008 R2 when you try to resume a computer that has a large SATA hard disk

• You have a computer that is running Windows 7 or Windows Server 2008 R2.
• The computer has a large Serial Advanced Technology Attachment (SATA) hard disk. For example, the size of the SATA hard disk is 1 terabyte.
• You put your computer to sleep state or into hibernation.
• You try to resume the computer from sleep or from hibernation.

Error messages:

STOP 0x0000007A
STOP 0x00000077
STOP 0x000000F4

Hotfix: http://support.microsoft.com/kb/977178/
Intel SATA driver update: http://www.intel.com/support/chipsets/imsm/

SuperMicro IPMI Firewall Connection Information

• HTTP: 80 (TCP)
• HTTPS: 443 (TCP)
• IPMI: 623 (UDP)
• Remote console: 5900 (TCP)
• Virtual media: 623 (TCP)
• SMASH: 22 (TCP)
• WS-MAN: 8889 (TCP)

Source: http://www.supermicro.com/manuals/other/Onboard_BMC_IPMI.pdf

Summary:

Some of Tyan's server boards have IPMI and integrated iKVM functionality.  Securing access to these resources requires knowledge of specific TCP/UDP port traffic requirements.

The following ports are necessary:

• Web: TCP 80, TCP 443
• SSH: TCP 22
• IPMI: TCP/UDP 623
• KVM: TCP 7578, TCP 7582
• Virtual Media: TCP 5120, 5123, 5124, 5127

Discussion:

I have an S7012 board with iKVM functionality that I was trying to expose over VPN.  My TMG VPN configuration has port access restricted to the DMZ - so I had to open specific ports to give myself access to the iKVM.  Took a while to find.  Board manual, AST2050 IPMI manual.

Source:

http://www.tyan.com/manuals/S7016_Pilot%202_UG_v100.pdf, page 34

With 802.11n routers and notebooks (and some desktops) appearing everywhere, I wanted to know how much faster an 802.11n 2.4GHz network would be, when it is running alongside other 802.11g networks.  Would I be able to set up an 802.11n network and have it serve just my media centre, for example, for video streaming, while leaving my 802.11g clients undisturbed?

So I did some (non-scientific) speed tests on a Linksys WRT160Nv3 (dd-wrt.v24-13309_NEWD-2_K2.6_mini_wrt160nv3), when it was running alongside a WRT54GS (tomato 1.25) router.  The WRT160Nv3 was configured with 40MHz (upper) channels to maximize speed, with the WRT54GS was on channel 10 to avoid overlap as much as possible.

I tested 3 different cases:

Configuration 1: Intel 5300 copying files over WRT160Nv3 (40 MHz upper)
Configuration 2: Intel 3945ABG copying files over WRT54GS (ch10, mixed bg mode)
Configuration 3: Intel 5300 copying files over WRT160Nv3 (40 MHz upper) while Intel 3945ABG copies files over WRT54GS (ch10, mixed bg mode)

That is to say, I wanted to collect some data on how this 802.11n network might co-exist with an 802.11g network in the 2.4GHz spectrum, and what the impact would be on performance.

Configuration 1: Intel 5300 copying files over WRT160Nv3 (40 MHz upper)
Elapsed time     1 min 22.0 sec
                                             Incoming         Outgoing
------------------------------------ ---------------- ----------------
Total of data transferred                    363.1 MB           7.4 MB
Maximum transfer rate                        6.1 MB/s       127.7 KB/s
Average transfer rate                        4.4 MB/s        92.0 KB/s

Configuration 2: Intel 3945ABG copying files over WRT54GS (ch10, mixed bg mode)
Elapsed time     1 min 22.2 sec
                                             Incoming         Outgoing
------------------------------------ ---------------- ----------------
Total of data transferred                    191.0 MB           3.8 MB
Maximum transfer rate                        2.6 MB/s        52.8 KB/s
Average transfer rate                        2.3 MB/s        47.7 KB/s

Configuration 3: Intel 5300 copying files over WRT160Nv3 (40 MHz upper) while Intel 3945ABG copies files over WRT54GS (ch10, mixed bg mode)

Intel 5300 / WRT160Nv3 simultaneous (ch5-2.432 40MHz upper)
Elapsed time     1 min 58.1 sec
                                             Incoming         Outgoing
------------------------------------ ---------------- ----------------
Total of data transferred                    532.8 MB          11.1 MB
Maximum transfer rate                        6.7 MB/s       142.2 KB/s
Average transfer rate                        4.5 MB/s        96.2 KB/s
 
Intel 3945ABG / WRT54GS CGN1 simultaneous (ch10-2.457 mixed bg)
Elapsed time     1 min 55.9 sec
                                             Incoming         Outgoing
------------------------------------ ---------------- ----------------
Total of data transferred                     49.6 MB           1.2 MB
Maximum transfer rate                        1.4 MB/s        33.7 KB/s
Average transfer rate                      438.4 KB/s        10.3 KB/s

Conclusion:

Even on 2.4GHz, 802.11n with 40MHz channel width is roughly double the speed of an 802.11g network.  But when an N network is put next to a G network in the 2.4GHz space, the G clients lose 75% or more of the performance on the average case, while N clients are virtually unaffected; your N clients will run at full speed, and G clients can barely surf the web.

Anecdotally: I'm seeing similar performance degradation when an 802.11g client is connected to an 802.11n 2.4GHz AP.  The 802.11n clients run fast when it's a pure 802.11n network.  But as soon as some 802.11g clients show up, compatibility mode kicks in, and the 802.11g clients only get around 500-700kb/s, which is still at least a 50% performance hit, and the 802.11n clients lose around 20% of the speed.  (Yes, this paragraph is completely unsubstantiated.  That's why it starts with "anecdotally"...)

Recommendation:

Based on my (extremely) unscientific tests, I'd say that if you really want a faster wireless connection, keep your 802.11bg clients on your G access point, and get a 5GHz 802.11n access point for your faster N clients.  Mixing clients on an AP seems to ruin things for everyone involved.  Even putting a separate 802.11n 2.4GHz AP next to your 802.11g network doesn't help the 802.11g clients.

Or, just replace all your clients with 802.11n cards, and run a 2.4GHz 802.11n network for a nice doubling of network throughput.

Symptoms:
Xerox 6180MFP refuses to accept inbound faxes - giving error code 033-762.

Solution:
Disable the Junk Fax Filter Feature

Make Sure the Machine is Properly Configured to Receive Faxes

Solutions for Unable to Receive Faxes

Note:
When the Junk Fax Filter feature is enabled, the printer will only print faxes that are received from telephone numbers that have been registered in the printer’s Address Book. If a Fax Communication Error is received with a fault code such as 033-762 and the Junk Fax Filter feature is enabled, make sure the fax being received is sent by a telephone number registered in the printer's Address Book. If the number has not been registered in the Address Book, disable the Junk Fax Filter feature to allow reception of the fax.

Manual Method

From an elevated command prompt:

diskpart

list disk

select disk <x>

clean

create partition primary

select partition 1

active

format fs=ntfs

assign (note the drive letter that is assigned)

exit

From Windows 7 media:

Copy all files into USB key

From Windows 7 media, run:

boot\bootsect.exe /nt60 X: (where X is the drive letter assigned to USB key)

Microsoft Utility

Local mirror

I've recently been using a few SSDs - so I thought I'd put together some resources that I found useful.

I'll try to keep updating this post with more information as I go.

• SSD/Controller Information: http://pcper.com/ssd
• Benchmark tool: AS SSD Benchmark v1.4.3704.27281    http://alex-is.de/PHP/fusion/downloads.php?cat_id=4
• Benchmark tool:  CrystalDiskInfo v3.5.2   http://crystalmark.info/?lang=en
• Benchmark tool:  HD Tune Pro v4.01   http://www.hdtune.com/download.html

 Drive information:

• G.Skill Falcon II 64GB - FM-25S2I-64GBF2
  • Review 1: TweakTown
• <coming soon>

A nice table to compare SSDs - Updated January 2010 by Allyn Malventano - amalventano@pcper.com

Local cache: http://justinho.com/files/uploads/SSD%20Decoder%20Ring.v2.3.pdf

Link: http://pcper.com/ssd
Alternate: http://pcper.com/article.php?aid=736

Affects:
Part SNV125-S2/40GB and SNV125-S2BD/40GB

The Kingston SSDNow V Series SNV125-S2/40GB 2.5" 40GB SATA II MLC Internal Solid State Drive (SSD) is based on the Intel G2 controller.  The older firmware on it does not support TRIM by default; Kingston has since discontinued support for this drive and have therefore not supplied a firmware update to enable TRIM support.

The firmware of this SSD can be upgraded to support TRIM using the Intel tools.

Summary:
1. Flash the drive in IDE (non-AHCI) mode using this modified Intel ISO:
http://justinho.com/files/uploads/ISSDFUT%20UPDATER.rar

2. Restore firmware to defaults.  Boot into HDAT2, go into Device Main Menu, then Device Configuration Overlay (DC0) Menu.  Then select Restore.
HDAT 4.71 ISO with all apps: http://justinho.com/files/uploads/hdat2iso_4_71.rar
HDAT 4.71 ISO with AHCI support only: http://justinho.com/files/uploads/hdat2iso_4_71_ahci.rar

3. Ensure TRIM support is enabled using CrystalDiskInfo (available at http://crystalmark.info/software/CrystalDiskInfo/index-e.html ).

4. Verify Windows 7 TRIM support is active via an elevated command prompt:
fsutil behavior query disabledeletenotify

DisableDeleteNotify = 0 means TRIM is Enabled.

5. Install the Intel SSD Utility Toolbox: http://www.overclock.net/ssd/660723-using-your-kingston-40gb-ssd-intel.html

Full instructions (with additional mirrors of files):
http://www.overclock.net/ssd/656984-how-get-your-kingston-40gb-ssd.html

I recently picked up an ASUS RT-N16 router.  It has a 4 port gigabit switch, 2 USB 2.0 ports and an 802.11n 2.4GHz (only!) radio.  While the radio is not ideal (there is no 5GHz), I think this a nice upgrade to the Linksys WRT54GS v2 I've been using for the past 5-6 years.

This router runs a tomato mod, of course.  So far, things are working great.  I'll update this post if I discover any problems.  Sadly, this tomato mod doesn't contain the MLPPP modification to bypass Bell's DSL throttling in Canada.

Wireless performance

Local WLAN (ThinkPad x61 tablet with Intel 4965 abgn card) to LAN connected machine is roughly 7-9.5MB/s, up from 2.5 MB/s.  Not earth shattering, but a very nice improvement.  There's quite a bit of interference around, and since this is a 2.4GHz only radio, this is to be expected.  If only ASUS had shipped this thing with a 5GHz radio... and I had a new Intel n card =).

Notes on router hardware choices

Ideally, I'd like to find something with USB, gigabit switch, dual radios in 2.4GHz and 5GHz, while running tomato.  As I write this, I don't think there's a tomato firmware that has dual band support - yet.

I would really only consider something that runs tomato.  I've had stability problems with dd-wrt.  The Linksys WRT320N is a 2.4GHz or 5GHz (single radio, operates in either mode but not simultaneously) router, and the Linksys WRT610N has a gigabit switch as well as dual radios operating in 2.4GHz and 5GHz.  Sadly, people only seem to be running dd-wrt on these, which is a deal breaker for me.

So for now, the massive amount of RAM (128MB) and fast CPU in this ASUS router make it my replacement of my Linksys WRT54GSv2/WRT54GL.  All things considered, it's a nice upgrade as not all my machines have radios that support 3 wireless-n streams yet (like the Intel 5300).

Hardware specifications (from http://www.dd-wrt.com/wiki/index.php/Asus_RT-N16)

Stock Power Supply = 12V - 1,25A max
Ethernet Ports = WAN x 1 RJ-45 for 10/100/1000 Base T, LAN x 4 RJ-45 for 10/100/1000 Base T
Antennas = 3 x external detachable antennas
USB ports = USB2.0 x 2
WiFi Operating Frequency = 2.4GHz ~ 2.5GHz
802.11n Draft = up to 300Mbps
802.11g = 6, 9, 12, 18, 24, 36, 48, 54Mbps
802.11b = 1, 2, 5.5, 11Mbps
Unit RAM = 128 MB (2x 64Mb - Samsung K4N511163QZ-HC25)
Unit Flash = 32 Mb (MACRONIX MX29GL256EHTI2I-90Q)
Unit CPU = Broadcom4718A, 533 MHz (Factory clocked to 480MHz)
Unit Switch Chip = Broadcom BCM53115SKFBG
Color of LEDs = Blue

Firmware

I logged into the ASUS firmware, fed it the dd-wrt file below, then once that was done, upgraded to tomato.

• I flashed the latest dd-wrt firmware on the stock ASUS router via the web interface.
  • Download/details: http://www.dd-wrt.com/dd-wrtv2/downloads/others/eko/V24-K26/svn13491-snow/Asus/RT-N16/dd-wrt.v24-13491_NEWD-2_K2.6_mini_RT-N16.trx 
  • Local mirror: coming soon
• Then I flashed/upgraded to a tomato mod via the dd-wrt web interface and did a full reset/defaults of the router. I renamed the .trx to .bin so dd-wrt would accept it.
  
  • Download/details: http://www.linksysinfo.org/forums/showthread.php?t=63587
  • Local mirror: coming soon

You are able to rollback to dd-wrt, then flash the original ASUS firmware back - so there really isn't any danger here.  Give it a try and see if you like it.  For myself, USB support is nice, but stability is king.  Tomato is working well for me.

Custom settings

I made the following settings changes:

• In Basic Wireless
  • select Wireless Mode = Auto (default setting)
  • select Channel Width = 40 MHz
  • select Security = WPA2 Personal
  • select Security = AES
• In Advanced Wireless
  • select Transmission Rate = Auto (default setting)
  • select Country/Region = Japan (default setting to get 14 channels)
  • select WMM = Enable (not a default setting)
  • select 802.11n Preamble = Mixed Mode (default setting)
  • select transmit power = 39 mW (not a default setting, this is the same as 16dB)