VLAN trunking / grouping in distributed virtual switch

In vSphere, there's a new networking feature which can be configured on the distributed virtual switch (or DVS). In VI3 it is only possible to add one VLAN to a specific port group in the vSwitch. in the DVS, you can add a range of VLANs to a single port group. The feature is called VLAN trunking and it can be configured when you add a new port group. There you have the option to define a VLAN type, which can be one of the following: None, VLAN, VLAN trunking, and Private VLAN. But this can only be done on the DVS, not on a regular vSwitch. See screendumps below (both from vSphere environment)

vCenter Converter Standalone 4 - ports used

We're doing quite a few P2V conversions at the moment, and that means that we see all kinds of weird errors, conversion failures, and connection issues. P2V is definitely not an exact science.

One thing that is recommended to have in order is that proper network ports are opened.

VMware has written a good KB article that explains which ports are used.

If you have server with Converter Standalone installed on it, and you have trouble connecting to the source physical computer, then first make sure that Windows Firewall is disabled. If that doesn't work, then install the Converter application directly on the source computer. Then you will need outbound 443 TCP connection to vCenter (former Virtual Center) (it's assumed that port 443 TCP is open inbound on the vCenter server, of course).

To test if ports are open, open a CMD prompt and run following command:

telnet 'vCenter ip' 443

(without the ' ') If the DOS prompt goes black, then the connection is good. Othervise you will get a 'can't connect' or something similar)

If you P2V directly to an ESX server, then ports 902, 903, and 443 TCP are used.

If you, for some reason, can't get port 443 opened, then a workaround is as follows:

• Install the Converter directly on the source system
• If you have an existing test VM in the same IP range, then create a new disk and attach that to the test VM.
• Make a Windows share on the new disk
• From the Converter choose to export to standalone virtual machine in Workstation format and then coose to place files on the share just created
• After export, change the VLAN to an IP range that doesn't have any firewalls blocking
• Import the VM from within vCenter

How to Back Up the Registry & Restore the Registry

Back Up the Registry

Before you edit the registry, export the keys in the registry that you plan to edit, or back up the whole registry. If a problem occurs, you can then follow the steps how-to restore the registry to its previous state.

How to Export Registry Keys
Click Start, and then click Run.
In the Open box, type regedit, and then click OK.
On the File menu, click Export.
In the Save in box, select the boxs at the bottom the bottom according to weather you want to export all or only selected branches of the registry.
Next select a location in which to save the backup .reg file. In the File name box, type a file name, and then click Save.

Restore the Registry

To restore registry keys that you exported, double-click the .reg file that you saved.

P2V of domain controller

Summary: Cold clone P2V of domain controllers works just fine.


We had to migrate two root domain controllers the other day at work. I knew that domain controllers in particular can give you trouble when being converted / migrated, so I researched it a bit and found a useful article on yellow-bricks.com which linked to a very good VMware KB article . This KB recommends that in stead of migrating, then deploy a fresh VM and do a 'dcpromo' and then shut down the physical server after. I like this way as it moves the responsibility away from the VMware team and over to the application responsible.

However, we did not have enough time to do the recommended solution, so we whent for P2V. We did cold clone because hot migration is likely to go wrong and it is not supported by Microsoft.


There were FSMO roles on the DC's, so before we began, we had the AD guy move all the roles over to one of the servers. Then we took the other one down and P2V'ed it. We resized the disks to save SAN space which was not a problem. When it came back up, the AD guy tested and then moved FSMO roles over to the migrated DC. And then we migrated the other one. After both had been migrated, the AD guy tested again.


If your responisbility area does not cover the application layer, which it does not for me in this case, then arrange for an application responisble to test the app before it is released into production. It may sound banal, but it is sometimes overlooked when the pace is fast and only basic OS testing is done.


Time synchronization


There are several ways of setting up time synchronization. One important point is that there should be only one source for synchronization for all the DC's. There's a feature in VMware tools, where you can synchronize the VM against the ESX - this we did not use. We let Windows take care of the synchronisation. If you have a mixed environment of DCs (bare metal and virtual), then you can let a bare metal DC sync to an external source, and then let all the other DC's sync to the bare metal DC.


We had the PDC emulator sync with a dedicated physical NTP server, and then let the second DC sync with the PDC emulator. The ESX servers sync with the physical NTP server - but no synchronization between VM and ESX server. Read this article for further info on time sync.

Update: In a KB article (KB 888794) from Microsoft about considerations when hosting DC's in a virtual environment, there is one important paragraph about forced unit access (FUA) which has resulted in some confusion. The paragraph states:

"If the virtual hosting environment software correctly supports a SCSI emulation mode that supports forced unit access (FUA), unbuffered writes that Active Directory performs in this environment are passed to the host operating system. If forced unit access is not supported, you must disable the write cache on all volumes of the guest operating system that host the Active Directory database, the logs, and the checkpoint file. "

According to VMware, forced unit access (FUA) is supported on VMware. Here's the answer from VMware technical support:

-----Original Message-----
From: VMware Technical Support [mailto:webform@vmware.com]
Sent: 24. februar 2010 11:25
To: (Jakob Fabritius Nørregaard)
Subject: Re: VMware Support Request SR# 1490632591

** Please do not change the subject line of this email if you wish to

respond. **

Hello Jakob,

Forced Unit Access is supported by VMware. A large number of customer's have virtualized Domain Controllers which is evident in the community forums.

Thanks & Best Regards

Derek Collins

Technical Support Engineer

VMware Global Support Services

1-877-486-9273

VMware Technical Support Knowledge Base

http://kb.vmware.com/kb"

Best Windows Freeware/Shareware Download Sites

Outstanding Sites

 

SoftPedia A large commercial site with an excellent collection organized by platform. It features site and user star ratings for products and user comments. The search engine doesn't display any  ratings and this limits its use when selecting. The real selling point for this site is its "100% clean" guarantee.  For many that is a winning feature.

 

SnapFiles / WebAttack  Offers a huge collection, great organization and a refreshingly clean presentation. Products are briefly reviewed and carry site ratings, user rating and user comments. Excellent.

 

FileHippo  A clean site with a wide product selection and fast download rates but offering almost no guidance in selection.  A redeeming feature is they offer a full version history of most products.

 

MajorGeeks This site carries only tech tools and utilities. Guidance is limited to brief reviews and user ratings.  However, if you are looking for  tech tools this is THE place to go. One of my favorites. 

 

FileForum-Betanews  Not the largest download collection, but if you're looking for the very latest products you'll find them here long before other download sites.

 

Recommended Sites

 

ZDNet and CNet Downloads These two sites are just different faces of the same site. That site, however, offers the biggest collection of software on the web. Finding what you want is made easier by the have the best file search engine of all the download sites. There are also user star ratings for most products and site star ratings for some. The user comments are handy but beware, they are sometimes stacked with comments made by the product developers pretending to be mere users.  The downside to these sites is they now require you to install their proprietry downloader. It is not only an unnecessary step it an intrusion into your privacy.

 

Tucows  Huge collection with world-wide mirrors for fast downloading. The Classic "cow ratings" for products are not as realiable as they used to be. I can't help but feel that this once class-leading site has lost its way a little in recent times.

 

ServerFiles.com  This is the old 32bit.com site re-launched as a site specializing in server software for network administrators and IT professionals. Quite a few products have ratings, some with full reviews.  It's a unique offering and well worth visting if you fit the target market.

 

No-Nags  This was once the best freeware-download site on the web but they haven't really kept up with the competition.  There is a free service and a more helpful premium service. The shareware side is slowly being added and is not particularly  impressive.

 

topshareware.com  A good general interest download site that's competent. There are few rating or user reviews but it's nicely organized.

 

Other Sites

5 Star Shareware  This popular UK site claims to feature only the best products in each category. It cerainly started out that way but over time has drifted towards more of a general purpose download site.  The strong commercial orientation does not give me a lot of confidence

Shareware Junkies  Every product here is independently reviewed, though many of the reviews are becoming dated. Can be helpful when you are trying to decide what you need.

 

Allen's WinApps List  A fast and well organized site with a huge selection of software, but the search engine is woeful and there is little in the way of guidance as well.

 

WinPlanet The aging remnant of the once excellent Stroud's CWS Apps site, it's now part of the Internet.com mega-site. It's still a useful site with many product ratings and some reviews. Overall, though, it is but a pale shadow of its former self.