Using port mirroring in Hyper-V

Today I had an issue at a customer site when setting up DIrectAccess… I could not get Teredo to work. I fired up Wireshark on the server but could not see any Teredo traffic. There is an external firewall between the DA server and Internet but it is transparent so the traffic should reach my server.

At home in my lab everything is running in Hyper-V including my lab router (pfSense) so when I got home I connected the customer laptop I borrowed to an external port on my lab network and then I configured port mirroring on the LAN port of the router. I then installed Wireshark on one of my other virtual machines. This way I can verify traffic coming into the firewall.

image    image

When I was able to verify the traffic going into the firewall I switched and monitored the external interface on the firewall to verify that I also had Teredo on the external side.


Problems starting a VM in Hyper-V

Today in our lab, when we tried to start one of our VMs we got the following error

‘vm-xx’ could not initialize machine remoting system. Error: ‘Element not found.'(0x80070490).

Surprisingly easy fix:

  1. Shut down or save all virtual machines.
  2. Restart the Hyper-V VMMS.
  3. Start the virtual machines.




Check Hyper-V replication status using Powershell

One of my colleges sent me this little snippet today for easily checking replication status on the VMs on our hyper-v host… I modified it for checking multiple hosts:

   1: Get-VMReplication -computername HOST1,HOST2,HOST3 | select-object lastreplicationtime, vmname, computername | Sort-Object -Property LastReplicationTime | ft -AutoSize


Network Time Protocol

Today I would like talk a little about setting up NTP sync in Active Directory… as you might know time is quite important in Active Directory because Kerberos is dependant on it. If the time difference is higher than 5 minutes (default setting) you will not be able to log in

I visited a customer today who had a problem which meant that they could not set up NTP sync…

We used these commands to verify operations on the PDC emulator:

   1: w32tm /query /status

   2: w32tm /query /peers

   3: w32tm /query /configuration

Apparently it used local CMOS clock as a time source, so we set up external NTP peers

   1: w32tm /config /syncfromflags:manual /manualpeerlist:",0×1,0×1" /update /reliable:yes

… which did not help, we then did a reset of the time server settings on the PDC emulator:

   1: net stop w32time

   2: w32tm /unregister

   3: w32tm /register

   4: net start w32time

We the registered the new NTP peers:

   1: w32tm /config /syncfromflags:manual /manualpeerlist:",0×1,0×1" /update /reliable:yes

The server still reported that it synced from the local CMOS clock. After some looking around we found that there was a policy setting in the Default Domain Policy which disabled the NTP Client. You will find this setting in Computer Configuration – Administrative Templates – System – Windows Time Service – Time Providers and it is called Enable Windows NTP Client. So I changed it and refreshed the group policy and that did the trick

To set up the rest of the DCs to use the PDC emulator as a time source you use this command

   1: w32tm /config /syncfromflags:domhier /reliable:no /update

To enable and disable debugging of NTP use:

   1: w32tm /debug /enable /file:C:\Temp\w32tmdebug.log /size:10485760 /entries:0-300

   2: w32tm /debug /disable

To resync the computer with its time source use:

   1: w32tm /resync

To compare your NTP servers time with an external time source

   1: w32tm /stripchart / /samples:5 /dataonly

Finally you also need to verify that your server is able to communicate to the timeserver using UDP port 123


Intel® PRO/1000 GT Desktop Adapter and VLANs

I have my own lab server at home and the other day I finally reinstalled it with Windows Server 2012 RC. One of the NICs in the server is an Intel® PRO/1000 GT Desktop Adapter which is connected to a VLAN trunk in one of my switches to be able to put VMs on different VLANS. To configure the NIC to be a VLAN trunk you historically needed to download drivers from Intel.

Herein lies the problem. Intel does not provide new drivers for Windows 7/2008R2. Instead they refer to Microsoft built-in drivers. This means that there is no way that they will provide drivers for Windows Server 2012 Smile

After some searching I found a solution:

The only way to find and change advanced settings for the Intel NIC is the Registry. Start regedit and browse to HKLM\SYSTEM\CurrentControlSet\Control\Class\{GUID}\XXXX\VlanFiltering registry key (where {GUID} is the GUID containing the network adapter configuration and XXXX is the NIC to be confgured) and change it from 1 to 0. Then you reboot.


Hyper-V som DC

Jag konstaterade igår att det kanske är bra med en DC i mitt labnät…. sagt och gjort, jag körde DC promo på min Hyper-V maskin (ja, jag vet att det inte är supportat Blinkar )

När den kom upp gick jag in i Hyper-V Manager och skulle skapa en ny maskin…  Jag valde vart den skulle ligga och klickade mig vidare… då hänger sig guiden och vägrar gå vidare.

Problemet är by design. Det är inte en supportad konfiguration att köra RemoteFX enablade virtuella maskiner på en domänkontrollant så jag fick vackert avinstallera RemoteFX.


Disk2VHD och integration Services

Härom dagen hos kund stötte vi på ett litet problem. Vi hade kör Disk2VHD på en Windows Server, närmare bestämt en Small Business Server 2003. Vi kopierade in imagen till Hyper-V maskinen och startade den. Eftersom maskinen var en Windows Server 2003 behöver man installera Integration Components för att kunna använda systetiska enheter.

Sagt och gjort, vi installerade Integration Components och startade om för att installationen skall kunna göra en HAL replacement. När maskinen kommer upp säger den att Integration Components inte är installerade och vi försöker igen. Efter ytterligare ett försök börjar man ana oråd…

Det visar sig att Disk2Vhd installerar en ny HAL och ger dig möjligheten att boota på den som default. Boot menyn ser ut så här:

Disk2Vhd Windows Server 2003
Standard Windows Server 2003 Standard

Integration Components byter ut den ordinarie HALen dvs inte den vi bootade från Ler och vi missade det eftersom bootmenyn var inställd att visas i ca 3 millisekunder…

Lösningen är givetvis att konfigurera om bootmenyn till att boota från det ordinarie alternativet per default