I love buying things on the internet. For a lot of things, it doesn’t make sense, and for others you have to take a bit of extra time. However, you usually always find a better deal online. Plus there’s the challenge of finding that better deal, and still try to use a somewhat reputable retailer.
Oh internet, I love you so.
Something that is making me very angry with the current project I’m on is the difference between DAS, NAS, and SAN technologies. The worst is that I’m working with these people on a specific thing not related to storage infrastructure, but instead development architecture and the people that are dealing with the storage infrastructure are the people that don’t know what the hell their talking about. In particular, the hosting provider that does all of the storage infrastructure work for us doesn’t know what the differences are. Oh, and don’t get me started on a VMware paper that we had that didn’t know the difference either. It just drives me nuts.
For those of you keeping score, I’m going to outline this out.
DAS = Direct Attached Storage. These are disks that are physically located in your host machine.
NAS = Network Attached Storage. NAS is file based. For example a CIFS or NFS share. This is typically TCP/IP based access. The NAS device “owns” the data on it. That is, the NAS device administers the data. For example, you connect to a NAS device from a windows machine by accessing servernameshare.
SAN = Storage Area Network. SAN is block based. This is when LUNs (logical unit numbers) are involved on a host. The host “owns” the data. The host is in charge of the partition, formating, and access to the LUN. You can access a SAN via two protocols: iSCSI (TCP/IP) and/or Fiber Channel (FC).
I’m so sick of seeing people talk about iSCSI NAS. There’s no such thing because in a NAS scenario you are sending CIFS or NFS protocols over TCP/IP while in a SAN solution you’re sending SCSI protocols over TCP/IP. Huge difference.
And yes, you can have a device that serves both NAS and SAN from one filer. This is called Unified Storage. All NetApp devices can do this.
Are we clear now?!
And they look great! I’d hate to think how much it would’ve cost me to have them “professionally” installed. It took me all of 30 minutes last night. Awesome. Now for the couch which has been scheduled to be delivered on the 14th.
The last two months, traffic on this site has increased by almost 50%. Honestly, I don’t know specifically what it’s related to, but my number one search item is “ISA” followed by #4 which is “2006”. Therefore, I thought I’d post a little bit more, since there are still some issues that I had run into.
First thing is the issue I discussed last time, which was about IPsec not creating the filters it needed to. I think I may have found the solution to that, but I haven’t verified it (which I may do this week while I’m on the bench, in between various training). Now because of the fact that ISA relies on Windows 2003 IPsec, there are some pretty awful problems. The first being “adjacent ranges” in your IPsec rules. Windows IPsec does not allow you to have two adjacent IPSec policies. Instead it believes it should be one continuous policy. When you attempt to create an adjacent policy in ISA 2006 you will recieve the error message below.
As an example, let’s say that you need access to the individual hosts 10.10.10.150 and 10.10.10.151 at the remote site (or two ranges like 10.10.10.0/24 and 10.10.11.0/24). Now, if the remote site happened to have a Cisco Concentrator, they would be able to publish each of those hosts (or subnets) as separate IPsec policies. However, with ISA, they have to be in the same remote networks range.
Many times, there isn’t a problem, especially with a small number of hosts or ranges like this. However, the problem comes into play with subnetting. Typically hosts are designated with a 32 bit mask (255.255.255.255). However, since we’ve now created a range, we may see a different mask (255.255.255.254). It’s when the different, unexpected mask comes into play, that we have issues. If the mask is wrong, Phase II negotiations fail, and you’ll not be able to create a Phase II tunnel. However, if you don’t put the the hosts into the range and ignore the warning that ISA gives, the IPsec policies won’t be created, and you’ll have to manually create them whenever the IPsec service restarts (specifically if/when the machine restarts).
Finally, there’s yet another IPsec issue with Windows 2003, that again manifests itself with ISA. There are multiple ways you may see this. One way is that no matter what you set as your Phase II timeout policy from within ISA, you’re seeing Phase II rekeying happen about every 300 seconds. Another way is that you IPsec Site-to-Site VPN connections drop a lot and in the logs you see the error “0xc0040014 FWX_E_FWE_SPOOFING_PACKET_DROPPED”.
The first thing I tried was to disable IP Spoof Detection. However, that didn’t seem to fix it, plus, since this is an external firewall, I wanted to keep the spoof features on to do application filtering. The part that was really frustrating was that rekeying was happening every 300 seconds, instead of the 3600 I had specified in ISA.
Well, it turns out it’s a bug with ISA and/or Windows 2003 IPsec. This was actually a bug with ISA 2004, but apparently it wasn’t deemed big enough to fix with 2006, since there’s a workaround that works well. Microsoft KB article 917025 goes over exactly what to do, but the gist of it is, is that you need to edit the SAIdleTime registry key and change it to 3600 (default is 300). The downside is that 3600 is the max (trust me, I’ve tried to set it higher, it doesn’t work at all), so plan your IPsec Site-to-Site VPNs accordingly (let your peer know that the max will be 3600 seconds).
Hopefully those two nuggets will help anyone having other issues. I’m sure I’ll post more things too, as they come up.
I received my $500 check (I thought it was going to be a Home Depot gift card) from Lending Tree last week. That was what I was waiting for before buying blinds, since I can’t go wrong with free money.
A few weeks ago, when I was in “the Depot” getting other things for my place, I stopped by their blinds section to see what they had. I knew I wanted wood blinds. They would just go very well with all the other wood accents in my place. I originally asked if they had samples that I could take home and look at. They don’t. Can someone explain to me how that works? Well, I went through and looked at types/colors. I found I really liked the Bali colors, along with the Hunter Douglas Genuine Wood blinds. Well, I liked the Hunter Douglas ones until I saw the price associated. Needless to say, the genuine wood blinds, as opposed to simply stained basswood ones are significantly more. Think $500 as compared to $150. Since I needed 4 windows treated, and I was getting $500 free, I figured I’d like to buy more than one for that price.
I didn’t really do much past that, since I was still waiting for my gift card to come. Once the check (to my surprise) finally came last week, the search was renewed. I was talking to some people at work, and one of the ladies mentioned she had just purchased her wood blinds from Blinds.com. So, I went and visited the site only to find that I could order free samples! Now, I didn’t know if they were wood samples, or simply a printed paper, but something is better than nothing.
Needless to say, the samples came in yesterday, and they were actually pieces of the blinds. I had ordered quite a spread just to see how everything looked. Well, I ended up getting Bali Northern Heights with the Wheat (1710) color. They should be here in two weeks, probably when I’m on vacation over the fourth.
July will be a good month for the condo: blinds and the couch will arrive! Now I’ll have a place to sit, and some privacy! Woohoo!
Yay! I finally have a proper bed now. Just delivered and setup. Now I just need to wait like 6 more weeks before the couch comes. It’s coming together. Slowly. Next thing is waiting for my Home Depot gift card and then buying wood blinds for the place.
Last night was the first night at the Condo. Man is that place a mess right now. A big thanks to JoelD for helping me move my desk, mattress and the rest of the speakers. I’m so glad I won’t have to move that mattress up or down 4 flights of stairs again.
Alright, I know everyone’s been asking for them, so without further ado, pictures of my new place (sans furniture).
The first area we’ll visit is the living room/kitchen. When you walk in the door, the view that you see is below. You can see the bathroom entrance from this shot and most of the kitchen along with the eating area. Need to get a couple of bar stools for that though.
Looking exactly the opposite way (from the kitchen into the front door) is below. You can see the alarm system, thermostat, utility closet with w/d and the entrance to the bedroom. You can also see some of the awesome wood floor, but they’ll be a better picture of that later.
Below is the view from the corner of the kitchen into the SW corner of the living room. Not a lot there, but I figured I’d give images of everything.
And then this is the view due west from where the utility closet.
I said there was a better image of the wood floor in the living room. Well here it is. A nice cherry wood floor with a maple inlay. The details in this place are really nice.
Next we’ll move onto the kitchen, since, well, it’s right there. From the first image in the entry you basically saw what the kitchen looked like. Well, here’s another shot that is basically looking due north from the living room. It gives a good overall view of the kitchen.
This next image is basically the same shot, only closer.
Showing off the dishwasher and stuff from a lower angle.
And then a couple more that are similar.
Moving along to the bathroom. This is the view from the front door, if the bathroom light is on and the door is open.
The sink and the tub.
Close up of dirty tub.
Shot of toilet and entry way (not much space!).
This lighting fixture needs to go!
Onward to the bedroom. This is if you were in the opposite corner to the doorway.
From the corner just to the west of the one above you can see the closet and the light from the window.
And looking from the closet area back into the room. There’s not really much to see there yet.
Since we’re right next to the closet, I may as well show a few of those as well. Nothing really that special, except for the nice closet system already built in.
Two more of the closet.
A couple of the utility closet that we skipped over.
And a closeup of the molding that goes around the ceiling of the whole condo.
I think that’s about it. I hope that appeases everyone 🙂
The checks were cut and the keys are mine!
Today is the big day to close on my place (less than three weeks after putting in my offer). I have the check in my hand, and now I wait till 1:30 to sign my life away!!