web analytics

How to find the proper MTU size for my network

Helpful hint: One way to verify whether if it is an MTU problem is to try and access the application or website via dial up access. Since dial up uses a default MTU of 576 bytes you will not have the same problems as broadband. If you have problems with both broadband and dial up access then the problem is probably something else.

Summary One of the easy and most accurate ways to test for optimum MTU is to do a simple DOS Ping test. You will simply send out ping requests and progressively lower your packet size until the packet no longer needs to be fragmented. Although this simple test is accurate for testing end points, users may find that a lower MTU may be better for their particular circumstances. Important Note: MTU must be 1492 (or lower) when using PPPoE connectivity. More detailed information about the effects of MTU can be found here.


Important Notes: •Due to additional complications, VPNs require a different type of MTU test. Please refer to the end of this article. •If you have a network with multiple PCs every computer should be set up with the same MTU. Additionally, some PCs may use several Network Adapters or a VPN client adapter on one PC so you must verify you are changing the Network Adapter associated with your broadband service or VPN client.
• The built in PPPoE client for Windows XP uses an MTU that is set to 1480. For more information please reference this XP MTU article. This only applies if you are running the built in XP PPPoE client!


Finding the Correct MTU To find the correct MTU for your configuration you must run a simple DOS Ping test. You will simply send out ping requests and progressively lower your packet size until the packet no longer needs to be fragmented. Please reference the following steps: 


The command for this ping test is ping www.eulinx.com -f -l xxxx.

•You can use any well known, pingable domain like ping www.google.com -f -l xxxx in place of www.tp-link.com for the test. •There is a single space between each command.

•"-l" is a lower case letter L, not the number one.

•The last four numbers are the test packet size.


Step 1 Open a DOS prompt screen by clicking on Start>Programs>MSDOS-PROMPT. You can also use the Run Command by clicking on Start>Run then type in "cmd" for Windows 2000/XP/Vista or "command" for Windows 95/98/ME.

 

Step 2 At the DOS Prompt type in ping www.tp-link.com -f -l 1472 and hit Enter. Notice that the packet needs to be fragmented. (Figure 1)

200892595152212

Step 3 Drop the test packet size down (10 or 12 bytes) and test again. Notice that the packet still needs to be fragmented. (Figure 2)

mtu2

Step 4 Drop the test packet size down more and test again until your reach a packet size that does not fragment. (Figure 3)

mtu3

Step 5 Once you have a test packet that is not fragmented increase your packet size in small increments and retest until you find the largest possible packet that doesn´t fragment.
Step 6 Take the maximum packet size from the ping test and add 28. You add 28 bytes because 20 bytes are reserved for the IP header and 8 bytes must be allocated for the ICMP Echo Request header. Remember: You must add 28 to your results from the ping test!
An example: 1440 Max packet size from Ping Test + 28 IP and ICMP headers 1468 is your optimum MTU Setting

Problems connecting to my VPN or my applications stall and time out.

There are usually two common problems associated with VPN connectivity.
You can´t connect to the VPN server at all. -If you can not connect to your VPN server at all and have a router the VPN application may require you to either open certain ports, assign an IP to a specific computer, or use a separate PPPoE client directly on the computer.

You can connect and authenticate to the VPN server but nothing else happens and applications stall, time out, or fail to load. -If you can connect and authenticate but applications stall, time out, or fail to load your MTU (Maximum Transfer Unit) may be incorrect.

Spam block lists for exchange 2010 and 2007

Spam block lists for exchange 2010 and 2007

Fed up with spam.. Why not enable a block list in exhchange.

Adding the IP Block List provider to Exchange is very simple, just open up the Exchange Management Shell and run the command below:


Add-IPBlockListProvider -Name SORBIS -LookupDomain dnsbl.sorbs.net -AnyMatch $True -Enabled $True -RejectionResponse “Your IP is on the SORBS block list“
Add-IPBlockListProvider -Name SpamCop -LookupDomain bl.spamcop.net -AnyMatch $True -Enabled $True -RejectionResponse “Your IP is on the SpamCop block list“
Add-IPBlockListProvider -Name SpamHaus -LookupDomain zen.spamhaus.org -AnyMatch $True -Enabled $True -RejectionResponse “Your IP is on the spamhaus.org block list“


After you add a IP block list provider you can run get-ipblocklistprovider to list all installed. If you want to delete a provider run Remove-IPBlockListProvider -identity <name> and hit enter.

Blank page (auth.owa Http 500) when logging into Outlook Web Access running on Exchange 2010

OK.. after a few updates have noticed that the OWA was not working .  Nothing new there..    No one  could access their e-mails via the web.

  Checking the IIS logs, I found that the error was 500 which indicated some kind of authentication error.

A little power-shell cmdlet you can run is Test-OWAConnectivity. So I ran the cmdlet and recieved WARNING: An unknown failure occurred during logon. So I checked IIS and ensured that all of the authentication was set correctly and indeed it was.  So after some poking around on the web I found out Exchange 2010 palms off the Forms Based Authentication to a separate Service called  Microsoft ExchangeForms-Based Authentication Service. Starting this service fixed the blank page issue and allowed clients to authenticate correctly. So simple cure to a blank problem.. make sure that  Microsoft ExchangeForms-Based Authentication Service is running...

change you key in office 2010 onwards..

It can be done via the command line.  Open up a Command Prompt (Press the Windows Button and type CMD or navigate to All Programs -> Accessories -> Command Prompt).  Then you just need to use the command below that matches your OS.   For 32 bit Windows: cscript "C:\Program Files\Microsoft Office\Office15\OSPP.VBS" /inpkey:yourkeygoeshere   For 64 bit Windows (assuming you are using 32 bit Office): cscript "C:\Program Files (x86)\Microsoft Office\Office15\OSPP.VBS" /inpkey:yourkeygoeshere   Obviously, you need to replace yourkeygoeshere with your product key.   Note:  If you are installing a 64 bit version of Office on 64 bit Windows, the command for 32 bit Windows should be used (or just delete the (x86) part since it won't be installing to the C:\Program Files (x86)\ directory).

Using the Group policy object (GPO) to set a default wallpaper policy

You can configure a Group Policy Object (GPO) that gets applied to the desired user accounts to do this.   In Group Policy Editor (GPE), navigate to User Configuration\Windows Settings\Administrative Templates\Desktop\ Active Desktop and enable Active Desktop Wallpaper. In the Properties dialog box of this policy, you specify the full pathname of a .jpg, .bmp, or .html file and select whether to centre, stretch, or tile the image. gpowallpaper For this policy to work, you must also Enable Active Desktop, which you'll find in the same policy folder.

SQL Joins..

Assume we have the following two tables.
 Table A is on the left, and Table B is on the right.
 We'll populate them with four records each.
A             B
id name       id  name
-- ----       --  ----
1  Pirate     1   Rutabaga
2  Monkey     2   Pirate
3  Ninja      3   Darth Vader
4  Spaghetti  4   Ninja
Let's join these tables by the name field in a few different ways and see if we can get a conceptual match to those nifty Venn diagrams.  
SELECT * FROM TableA
INNER JOIN TableB
ON TableA.name = TableB.name

id  name       id   name
--  ----       --   ----
1   Pirate     2    Pirate
3   Ninja      4    Ninja
Inner join produces only the set of records that match in both Table A and Table B.    
Venn diagram of SQL inner join
SELECT * FROM TableA
FULL OUTER JOIN TableB
ON TableA.name = TableB.name

id    name       id    name
--    ----       --    ----
1     Pirate     2     Pirate
2     Monkey     null  null
3     Ninja      4     Ninja
4     Spaghetti  null  null
null  null       1     Rutabaga       
null  null       3     Darth Vader
Full outer join produces the set of all records in Table A and Table B, with matching records from both sides where available. If there is no match, the missing side will contain null.
Venn diagram of SQL cartesian join
 
SELECT * FROM TableA
LEFT OUTER JOIN TableB
ON TableA.name = TableB.name

id  name       id    name
--  ----       --    ----
1   Pirate     2     Pirate
2   Monkey     null  null
3   Ninja      4     Ninja
4   Spaghetti  null  null
Left outer join produces a complete set of records from Table A, with the matching records (where available) in Table B. If there is no match, the right side will contain null.  
Venn diagram of SQL left join
SELECT * FROM TableA
LEFT OUTER JOIN TableB
ON TableA.name = TableB.name
WHERE TableB.id IS null

id  name       id     name
--  ----       --     ----
2   Monkey     null   null
4   Spaghetti  null   null
To produce the set of records only in Table A, but not in Table B, we perform the same left outer join, thenexclude the records we don't want from the right side via a where clause.
join-left-outer.png
SELECT * FROM TableA
FULL OUTER JOIN TableB
ON TableA.name = TableB.name
WHERE TableA.id IS null 
OR TableB.id IS null

id    name       id    name
--    ----       --    ----
2     Monkey     null  null
4     Spaghetti  null  null
null  null       1     Rutabaga
null  null       3     Darth Vader
To produce the set of records unique to Table A and Table B, we perform the same full outer join, then exclude the records we don't want from both sides via a where clause.
join-outer.png
There's also a Cartesian product or cross join, which as far as I can tell, can't be expressed as a Venn diagram:
SELECT * FROM TableA
CROSS JOIN TableB
This joins "everything to everything", resulting in 4 x 4 = 16 rows, far more than we had in the original sets. If you do the math, you can see why this is a very dangerous join to run against large tables.   Many thanks to the original source of this..  and I hope it helps others..

What ports for VPN

  • For PPTP:
    • IP Protocol=TCP, TCP Port number=1723   <- Used by PPTP control path
    • IP Protocol=GRE (value 47)   <- Used by PPTP data path
  • For L2TP:For SSTP:
    • IP Protocol Type=UDP, UDP Port Number=500    <- Used by IKEv1 (IPSec control path)
    • IP Protocol Type=UDP, UDP Port Number=4500   <- Used by IKEv1 (IPSec control path)
    • IP Protocol Type=ESP (value 50)   <- Used by IPSec data path
    • IP Protocol=TCP, TCP Port number=443   <- Used by SSTP control and data path
  • For IKEv2:
    • IP Protocol Type=UDP, UDP Port Number=500    <- Used by IKEv2 (IPSec control path)
    • IP Protocol Type=UDP, UDP Port Number=4500   <- Used by IKEv2 (IPSec control path)
    • IP Protocol Type=ESP (value 50)   <- Used by IPSec data path

What ports do I need to open to permit VPN traffic ?

 
For PPTP VPN connections, you need to open TCP port 1723 (for PPTP tunnel maintenance traffic).
PPTP also uses IP port 47 for tunneling data. Port 47 is designed for "General Routing Encapsulation" or GRE packets.
For L2TP VPN connections, you need to open UDP port 500 for Internet Key Exchange (IKE) traffic and UDP port 1701 for L2TP traffic.