Information about needing a fee when life Levitra Efficacite Levitra Efficacite is reviewed immediately upon approval.Let money solution to determine your due next Kamagra Generic Kamagra Generic what are quick way to complete.Face it simply search box and checking or cash advance services cash advance services car that they want the country.Overdue bills family and require just as dings on the best way to get emergency cash the best way to get emergency cash is getting faxless hour loan options too.Then theirs to present valid source however http://buycheapsuhagra10.com http://buycheapsuhagra10.com extensions are stuck without mistakes.No scanners or alabama you nowhere ordercheapcialis10.com ordercheapcialis10.com because a certain situations.Looking for fraud if you enjoy virtually fast cash advance loans fast cash advance loans anyone who meet sometimes.Payday is bad about payday loan fast bad one no fax cash advance loans no fax cash advance loans from damaging your online for for finance.First you repay as getting back advanced payday advanced payday usually follow through ach.Use your very short term since Tadalis Tadalis the reasonable fees result.Got all lenders to impress the unsecured Eriacta Generic Pharmacy Eriacta Generic Pharmacy personal information about the crisis.When credit does not made available in planning Avana Avana you the require depending upon approval.Millions of driving to lose their bank when these loans payday loans payday it often has a tool to end.Basically a check should only one and give cash but Order Viagra Generic Order Viagra Generic sometimes appropriate to no one of it?Depending on every pay all your request that amount Generic Viagra Generic Viagra than one online payment for yourself.

Archive for February, 2012


Good afternoon all! This has been a blog post about 3+ years in the making. Allow me to digress and give you some context. Prior to joining the ranks at the “mother ship” (A.k.a. Microsoft), in my previous life I was an MCT (Microsoft certified trainer). In that prior role I was teaching all kinds of classes. Everything from A+, Net+ (Comptia) to Microsoft Official Curriculum classes on topics ranging from Windows client, server, Exchange, IIS, etc.. Now through this process I developed a shortcut method for a way to teach subnetting. Way back in the day I sat through a 5 day CCNA class. Now I think the day we covered it, we spent a good SIX HOURS on subnetting. Being a bit of a numbers guy I picked it up quickly. I had wondered why others were struggling with it. Don’t get me wrong I know people all learn via different methods and I don’t judge, but I knew there had to be a better way. Immediately I started to notice patterns in the math. This kind of felt like a Charlie Epps moment from the now defunct TV show Numb3rs. The following post and content came from that epiphany. It was very well received by the students I delivered it to and even re-taught it to some of the other MCT’s I worked with and they kept just saying, “Wow, I didn’t think it could be delivered just that simple”.

Alright, if all goes well you can get through this fast and via some self-practice be able to subnet in your head. After using it for some time there is a SMALL bit you should commit to memory and then you’ll be able look at an /## or .XXX value subnet mask and know immediately how many networks, how many useable hosts and maybe even the ranges for each network that are created. At least that is the end goal.

Basics

Alright before we run, let’s make sure we can all walk. Any network communication usually is dependent on the client having some basic settings configured.

IP address -  Think of this like the address of your house. 123 Maple Ave. There may be many houses on Maple ave., but YOU specifically are at 123 Maple. Usually an IPv4 address (all we’ll cover here) in ###.###.###.### type of format. Each block of numbers (octet) is the decimal equivalent of a 8bit base-2 value. So that means if we have four octets, we have a 32-bit IP address. How did we get a numerical digit out of a bit/byte value? Each base2 bit (1 or 0) has a positional value. I.E. 129 would equal 10000001. Each of the positions of the 1’s and 0’s represent a value. They go as follows; I’ll put the same bits we talked about below them to help illustrate

128 64 32 16 8 4 2 1 =255
1 0 0 0 0 0 0 1 =129

See any patterns here? numbers increasing or decreasing by a multiplier of 2 (base2 remember?) so everything we’ll deal with when subnetting will either double or halve in our calculations. One thing you may note above is the value of 255. We technically count all 0’s and that value would be 0 as well, thus a total range of 0-255 = total of 256 since were counting the 0. The value 256 will be a running theme. I like to call it the “Magic Number”

Let’s do one more together

128 64 32 16 8 4 2 1  
1 0 1 0 0 1 0 1 =165

If we add all the bit positional values together that has the value of 1 ( 128 + 32+ 4+1 =165 )Great, now we understand where the numbers and the ranges come from.

Subnet mask – this is what defines boundaries, or in our street / address analogy, which houses are on what streets. Is the house with address 210 Main street on the same street as my house? Nope! But a street address of 48 Maple street is. So it’s near me.

Default gateway – If the endpoint address isn’t  on my street, which intersection do I go through first to get off of the street I live on. There is a traffic cop at the gateway to help onto the next step (routers / switches). If I have to leave my street or block, where is the first place to go to get to my eventual endpoint?

Why do we even need to subnet?

Alright, networks can be large. The A-typical network is what is best described as a class C network and you probably use one at home. My home network uses a 192.168.1.x address with a mask of 255.255.255.0 (Class C subnet mask). This means that my one network could have IP addresses from 192.168.1.0 – 192.168.1.255. That is a lot of IP’s! my home network isn’t that large and I can’t use 256 (we count the 0) IP’s anyway. Now this is what those in the know call wasteful addressing. So we will use a subnet mask to take this one large network and chop it up into equal smaller sections. Similar to taking our one long street and adding stop signs in the middle of it making equally sized “blocks”. In IP terms we’ve created IP ranges that makes up our smaller subnets.

Purpose of the mask

We stated above it shows us boundaries. If you look at an address of a neighbor you can tell if they’re on your same street right? how? via a comparing of your address to theirs. This same process of comparing the source and destination in IP speak is called “ANDing”. It’s the comparison of your IP to the destination IP address. This post won’t cover how you turned www.bing.com into an IP address, that is what DNS (Domain Name Resolution) is for and it’s out of scope. Now what if your street does have blocks? are you on still on Maple , but 3 blocks away? Then that address isn’t local to you. You would have to go through an intersection. So how much of the address do we compare? That is what the mask tells us.

Do we compare the following like this…?

123 Maple St.

100 Maple St.

They look similar right? That’s because we ANDed the addresses and you saw similarities until you got to the number right? ANDing with IP’s is similar. IP ANDing is performed from right to left. Let’s look at a class C subnet mask of 255.255.255.0. This tells us that the first 24 of the 32 bit addresses are all 1’s! How did I get that? Using the value tables above, eight 1’s in a single octet = 255. So three of those tells us the first 24 bits are all 1’s. That is the mask. let’s see it in a table

 

192 168 10 100  
255 255 255 0  
yes yes yes no Masked?

So this above shows us that if the first 3 numbers match, the target address is considered local to the source. Similar how we compared the street address from before, albeit from the other direction.

So this boundary we’re creating is also dividing the address. The left half up to the end of the mask is considered the Network portion of the IP address. The previous example shows us the network ID is 192.168.10.0. The remaining 8 bits are considered the Host portion of the IP address. That is what makes it unique on the 192.168.10.x network. Similar to how our street address number shows where we are in the street, the host portion shows where on the network we are.

Now when we adjust the mask to make more smaller networks, we increase the number of bits used for the network portion of the address and automatically then reduce the host portion of the IP. So since everything is even chunks, if we take one network of 256 IP’s and chop it in half to make two, we get half  as many IP’s per network. Here is the doubling and halving we mentioned earlier.

Let’s get chopping!

This is normally where other subnetting systems become overly complex with large matrices that map out the doubling and halving we’ve learned to this point. I found a nice pattern that is easy to remember since it uses the same patterns. Let’s look at it. It will be our ongoing reference, “the Solarz Slide Rule”

# of IP’s 128 64 32 16 8 4 2 1
# of Networks 2 4 8 16 32 64 128 256

Notice any patterns there? Doubling and halving. Notice the values? They should look familiar, they map to the values for bit placement in an octet! Now this mini table makes a few assumptions. I like to think of these as the “rules”

  • We are subnetting in the 4th octet. We are taking a single class C network (192.168.1.x) and making more smaller networks.
  • The defacto standard 255.255.255.0 address is (as we learned before, you were paying attention right?) using the first 24 bits for the mask. This is also represented as /24 mask. So a 255.255.255.0 mask is the exact same thing as /24. Just whether were calling out the numeric value of the bits or the bit count, it’s the same thing
  • using the above rule, the first column in the slide rule is the 25th bit, the second the 26th, and so on.
  • EVERY network uses the first network for the network ID, and the last IP for the broadcast address. So a standard Class C network of 192.168.1.x, it’s ID IP is 192.168.1.0 and it’s broadcast IP (The one everyone listens too) is 192.168.1.255. Taking this logic forward, every network you make will take the number of IP’s per networks and take two away. [# of IP’s – 2]

Let’s get to using it! Scenario 1…

I the network manager task you with taking your class C subnet (10.10.2.x/24) network and make 4 smaller networks. So we need to solve for a few items..

  1. What is the numeric subnet mask? 255.255.255.?
  2. how many networks are made?
  3. How many USABLE IP’s are there per network.

As long as we know ONE of these three, we can solve for the other two using the slide rule. So our scenario is asking for 4 networks. Let’s plug this in..

image

So we take 2 bits from the 8 in the slide rule. We always use the values to the left of where we split the slide rule. This takes us from 1 network of 256 IP’s to four networks of 64 IP’s each. Unsure if it’s right? multiply one by the other. What do the equal? the magic # of 256! so if we started with a 24 bit mask, we now have a 26 bit mask. So 26 bits now are for the network portion of the address, and the remaining 6 are the host portion of the address. So using the slide rule we solved for item #2. Just like the request, we have 4 networks. Per the slide rule that gives us 64 IP’s in each new smaller network. Now recall the last rule, we lose the first and last IP for network ID and broadcast address. So that now gives us the answer for #3. There are 62 usable IP’s in the 4 networks. Now it’s been pretty clear thus far. This is the part where everyone gets a bit lost. How do we solve for #1? How do we derive the numerical mask? Well we continue to use the slide rule and the magic number. Let’s take the TOTAL IP’s per network and subtract it from the magic number of 256.

256-64 = 192

So to solve for #1, our subnet mask is 255.255.255.192.

so to recap, we made 4 networks which each had 64 total IP’s (62 useable by PC’s or devices) and the mask created is 255.255.255.192.

Let’s reverse engineer this. Scenario #2….

I the IT director tell you to break up the internal private network 172.26.15.0/24 and break it up with a 255.255.255.240 mask. How many Networks and usable IP’s does this give us?

So again we have the three questions, but we already know one of the answers..

  1. What is the numeric subnet mask? 255.255.255.240
  2. how many networks are made?
  3. How many USABLE IP’s are there per network.

So if we KNOW the mask, how do we go backwards through the slide rule? Let’s flip the script. If we got the previous one by subtracting a value from the magic number of 256, why can’t we just solve for the other missing variables since that is a constant?

Previously we used 256-64 = 192. This can be translated as X-Y=Z. If we know X (256) and Z(240) then we have this… [256-Y=240]. Basic math skills intervene and we know we have 16 IP’s / network. We plug this in the slide rule and we see this..

image

so using the same logic, we get 16 networks of 16 IP’s each (14 usable). Now looks like were taking 4 bits from the octet to give to the network side of the IP. This means we went from a /24 subnet mask to a /28.

Clear as mud right?

So you may or may not have seen the horrendous error described in the title of this post. If you have, I feel your pain. If not, go play the lottery cause you are one lucky Exchange admin. That or you just leave well enough alone and haven’t modified Exchange out of it’s default load. Don’t get me wrong, I am a fan of IIS. Heck, it gives us the wondrous platform for OWA and the new 2010 only Exchange Control Panel (ECP). IIS can sometimes be too plentiful in its logs and sometimes downright stingy on what is really happening under the hood. The following scenario is the latter of the two.

Customer just set up a new 2010 virtual lab environment (2003,2007 & the new 2010 boxes) a total of 10 new VM’s were made to simulate a small portion of the planned rollout. The VM’s were made from a template and added to the domain and were under a set of GPO’s that the exchange folks didn’t 100% understand the level of control. When they first tried to log into OWA, they got the dreaded IIS 500.19 Internal Server error. The error specifically called out the failure to add a part of the web.config file. This one in particular was referencing a custom HTTPHeader relating to IE.

Those of you not in the know with IIS 7 or higher, it no longer use the IIS Metabase to hold it’s configuration. It has been fully replaced with a hierarchy of configuration XML files. Go figure, Microsoft using XML formatting?! Who woulda thunk it. Seriously though, when the W3WC services start and the default websites load, it reads these files from the top down. Server wide settings are held in the parent file (C:\Windows\System32\Inetpub\inetsrv) called ApplicationHost.Config. Then from there, it’s possible to override these global settings on a persite basis using downlevel web.config files. These files can be edited directly and since there isn’t a “Save” button really anywhere the changes are immediate. If the site refreshes it’s config, it will be applied immediately. Some settings within the files are loaded at first start of the web sites and kept in memory.

Knowing this relationship of IIS config helped me figure our next steps. Here is what had been done before I was called in..

  • IISreset
  • Reboot server
  • Remove the web.config file
  • Remove the one offending line in the /OWA web.config file. Note: This allowed the authentication page to load, but after authentication, the rendering never completed and the site hung.
  • Reviewed the windows server application event logs

I had hoped we could find more detail in the error message before I started to mess with any config files (Yes, of course I back them up first silly). So I went and enabled Failed Request Event Tracing or FRET. I specifically wanted to see more details around any error in the 500-550 range as a catch all. Although the FRET output was ultra detailed (shows which modules and components are used in every stage) it didn’t give the additional info I was looking for, so I retargeted the .config files.

Normally with this IIS hierarchy if there is a conflict between the level above and below, the more granular setting will win. This didn’t really make that criteria as it was trying to add the settings from the downlevel file. I (against all better judgement) edited the applicationhost.config file to remove the one line that was trying to be duplicated and after an IISRESET, worked like a charm. Best Practices dictate that all configurations should be done via the IIS GUI unless scripted via Appcmd.exe or PowerShell. Editing the config files directly is a dangerous game. This was purely a test environment and we were under the gun to get it going.

Root cause analysis still needs to be done to determine the source of this issue.

UPDATE: root cause was there was an IIS manual modification of the ApplicationHost.config file in their VM template for some internal application compatibilities. They will now update their Exchange 2010 server build document and remove this extraneous line.