Jul 302016
 

I write today to report of a minor glitch I have identified and confirmed with 2 different HPe MSA 2040 SANs. I’ve identified the issue with multiple firmware versions (even the latest version as of the date of this article being written). The issue stops e-mail notifications from being sent from the MSA 2040 when the SAN is configured with some SMTP relays.

The main concern is that some administrators may configure the notification service believing it is working, when in fact it is not. This could cause problems if the SAN isn’t regularly monitored and if e-mail notifications alone are being used to monitor its health.

 

Configuration:

-MSA 2040 Dual Controller SAN configured with SMTP notifications

-SMTP destination server configured as EXIM mail proxy (in my case a Sophos UTM firewall)

 

Symptoms:

-Test notifications are not received (even though the MSA 2040 confirms OK on transmission)

-Real notifications are not received

-Occasionally if numerous tests are sent in a short period of time (5+ tests within 3 seconds), one of the tests may actually go through.

 

Events and Logs observed:

/var/log/smtp/2016/06/smtp-2016-06-20.log.gz:2016:06:20-20:44:29 SERVERNAME exim-in[16539]: 2016-06-20 20:44:29 SMTP connection from [SAN:CONTROLLER:IP:ADDY]:36977 (TCP/IP connection count = 1)

/var/log/smtp/2016/06/smtp-2016-06-20.log.gz:2016:06:20-20:44:29 SERVERNAME exim-in[18615]: 2016-06-20 20:44:29 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[SAN:CONTEROLLER:IP:ADDY]:36977 input=”NOOP\r\n”

 

Resolution:

To resolve this issue, I tried numerous things however the only fix I could come up with, is configuring the SAN to relay SMTP notifications through a Exchange 2013 Server. To do this, you must create a special connector to allow SMTP relaying of anonymous messages (security must be configured on this connector to stop SPAM), and further modify security permissions on that send connector to allow transmission to external e-mail addresses. After doing this, e-mail notifications (and weekly SMTP reports) from the SAN are being received reliably.

 

Additional Notes:

-While in my case the issue was occurring with EXIM on a Sophos UTM firewall, I believe this issue may occur with other E-mail servers or SMTP relay servers.

-Tried configuring numerous exceptions on the SMTP relay with no effect.

-Rejected e-mail messages do not appear in the mail manager, only the SMTP relay log on the Sophos UTM.

-Always test SMTP notifications on a regular basis.

Jul 272016
 

I’m excited to share with all my readers that today, July 27th 2016, my company Digitally Accurate Inc. celebrates it’s 10th year Anniversary!

Here’s a copy of the corporate statement:

 

Today we are happy to announce we’ve officially been in business for 10 years! It was exactly 10 years ago today that we were incorporated (July 27th, 2006).

It has been 10 years that have passed by very quickly that have included many challenges and obstacles. Throughout the years we have gone from simply providing I.T. Services billed hourly transitioning in to a full Managed Services Provider back in 2011 that designs, sells, implements, manages, and supports I.T. Solutions and Infrastructure.

We’ve come to build expertise and specializations in technologies such as Storage, SANs, Virtualization, Infrastructure, Disaster Recovery, Remote Office Connectivity, and Security just to name a few, and have evolved with these expertise to benefit specific markets such as Homebuilding, Manufacturing, Oil and Gas, Service Providers, and numerous others.

In the past 10 years we’ve provided consulting, services, and advice to over 80 companies, 5 years ago trimming that number down to a select group of companies that required mission critical Infrastructure services and Managed Services.

We’ve partnered with some of the leading companies like HP, HPe, Microsoft, Sophos, IBM, Lenovo, Symantec, and Veritas that have enabled us to provide top notch best practice solutions for our clients, thus enabling them to manage and support these environments in a cost-effective manner, contributing to their business functionality, and providing a solid foundation for them to work on their bottom line.

We cannot say THANK YOU enough to our wonderful clients, and those who have worked with us in the past. We would also like to thank our vendors and the various channel partner support teams we have worked with during solution design, technical pre-sales, and supporting the products after implementation.

Cheers to another 10 years of success, and cheers to expanding to new markets and areas!

 

Stephen Wagner

President

Digitally Accurate Inc.

Jul 182016
 

Last Friday I read online Shaw had released a new offering for their coax (cable) customers. Speeds of 150mbps down and 15mbps up. Checked out their website and found the accompanying business package (Shaw Business Internet 150).

Called up, requested a quote and pulled the trigger. As always Shaw sweetened the deal for me as I’ve been a long time customer and have quite a few additional services (phone, extra cable modem, numerous static IPs, etc…).

Had the install booked for today, just got everything setup. Here’s some initial speed tests I want to share with you:

 

Speedtest.Net test of Business Internet 150

Speedtest.Net test of Business Internet 150

Speedtest.shaw.ca test of Business Internet 150

Speedtest.shaw.ca test of Business Internet 150

 

I have to say I’m quite impressed! I actually had to do some tweaking on my firewalls IPS system to handle the bandwidth.

The residential plan offers 1TB of data per month, whereas I believe the business plan offers unlimited data.

Happy downloading!

 

Update: August 13th, 2016

I just wanted to post an update after running with this service for a while now. It’s been great, no changes in speed, and latency is great!

I have however identified one issue (observed at some client sites): When scheduled or emergency maintenance is performed on Shaw’s side, when the maintenance completes, the cable modem reports as being online, however the internet connection is lost and doesn’t come back up. A restart or power cycle is required on the Hitron modem to bring services back online. I noticed this around a month ago with a client, and found out as of 2 weeks ago it is a confirmed issue, and Shaw is working on resolving this with the Hitron modems.

Also, some users may be noticing issues with VPN connections. When packets go in/out that are larger than 1500 bytes and are fragmented, I noticed on one Hitron modem that the cable modem was dropping these fragmented packets. This is noticeable on VPN connections. Typically a power cycle temporarily resolves this issue, however it occurs again within a couple days. Shaw confirmed this was a firmware related issue and rolled back the cable modem’s firmware for that specific client and it resolved the issue. I have not seen this issue occur on my Hitron modem. To test for this issue, send a ping from the effected site towards the internet to a host using this command, or send a ping from the internet to an IP at the effected site:

ping enterhosthere -l 2000

This command will send a 2000 byte ICMP packet to a host. Typically MTUs on network are 1500, so the packet will be fragmented and should go through. If it drops and you know the destination should accept it, then you are experiencing this issue. You should place a support call, explain the issue and request a firmware downgrade. This may have been resolved by the time I posted this note.