Error code 0×80070570 while installing Windows 8 64-bit

Leave a reply

I was trying to install Windows 8 (64-bit) on a computer and I ran into the error message:
“Windows cannot install required files. The file may be corrupt or missing. Make sure all files required for installation are available, and restart the installation. Error code: 0×80070570″

My fist guess was that this had to do with the fact I ordered a windows version which stated “Pre-existing OS License and Product Key Required”. So I tried a clear install of Windows 7 (64-bit) and I got the same error message. I searched the internet and most posts were releated to failed burned copies. Since I had a legal DVD this was not the problem. I even tried two different ones.

The I found a post which mentioned this could be related to memory problem as well. So I started to remove DIMM’s one by one. When I removed the first DIMM, I even got a blue-screen and the PC halted. I put back this first one and I removed the second DIMM. The installation was really quick and no problems occur any more. So the 0×80070570 error code was in my case a faulty memory module.

So problem solved :)

Little Planet Photography

Leave a reply

A while ago I saw a video on Picture Correct and I had to try this myself. I really loved the good tutorial by Gavin Hoey as he explains everything very well!

The equipment I used for the Photo below is:

The lens has a nice wide angle which helps a lot for this picture. If you don’t have a very wide angle you just have to take some more pictures.

The disadvantage of the Tripod I have, is that it has a ball head which rotates in all directions. It’s not possible to lock the camera vertically and only move it horizontally. It helped me for this picture to keep the horizon in the finder window on exactly the same position. Small errors are luckily fixed by Photoshop, so you don’t need to buy a new tripod(head).

The result:

Little Planet

Little Planet by Tavenier

Time Capsule update 7.6.3 breaks IPv6

Leave a reply

The latest version for the Time Capsule is at the moment is 7.6.3.
I installed this update and after the installation I experienced issues with my IPv6 connectivity. I googled around and found many discussions and blogs where people are explaining they have issues with IPv6 tunnels (6in4) after the update.

When I started my AirPort Utility I noticed that my native IPv6 configuration options are still the same. But the weird thing is that Apple somehow changed the IPv6 WAN address to address from the 6to4 prefix (described in RFC 3056). This prefix starts with 2002: then followed by the IP Address converted to hexadecimal numbers, which together makes the /48 6to4 prefix.

So if my IPv4 address was 123.234.123.234 my 6to4 address would be: 2002:7BEA:7BEA::/48. You need to do the calculation from decimal to hexadecimal (123 = 0x7B and 234 = 0xEA).

The weird thing is that in the configuration you can see my address was still manually configured to a IPv6 unicast prefix, but somehow Apple changed the active IPv6 on the WAN interface to the 6to4 prefix. You can see this in the picture below:
IPv6 configuration Time Capsule

The only solution to get IPv6 to work again is to downgrade the Time Capsule. You need to click on your Time Capsule. When you hover over you version number and use the ‘option’ button when you click you get the option to select your previous version number. See the screenshot below:
Downgrade Time Capsule

After the downgrade to 7.6.1 I see that the configured IPv6 WAN address is the same as the active IPv6 address. A visit to test-ipv6.com shows that IPv6 is working again :).

Links
- RIPE IPv6 reference card (very useful as a quick reference for the different IPv6 prefixes)

27″ iMac Intel processors

2 Replies

I was looking for the type of Intel processors Apple is using for the new 27″ iMac. There is no list from Apple where a exact types are mentioned. When I started to search on the Intel website which CPU’s exactly match the descriptions Apple give on their website.

There are three types of processors, according Apple’s descriptions:

  • 2.9GHz quad-core Intel Core i5 processor (Turbo Boost up to 3.6GHz) with 6MB L3 cache
  • 3.2GHz quad-core Intel Core i5 processor (Turbo Boost up to 3.6GHz) with 6MB L3 cache
  • 3.4GHz quad-core Intel Core i7 processor (Turbo Boost up to 3.9GHz)

A quick search on the Intel website brings me to the following Intel processors:

The only difference between the two 2.9GHz i5 processors the Graphics Models; the i5-3470S uses an Intel® HD Graphics 2500 and the i5-3475S a Intel® HD Graphics 4000. I’m not sure which model Apple puts in there new iMac’s.

The difference biggest between the i5-3470 and i7-3770, next to the difference in clock speeds, is that the i7 supports Intel® Hyper-Threading Technology. which allows the i7 up to 8 simultaneous threads (2 on each core) and therefor use the processor more efficiently.

See the details and comparison on the Intel website.

Cisco StackPower for 3750-X series

Leave a reply

Today I got two new Cisco Catalyst 3750-X Series switches for a customer to configure. Next to the defaults contents, there was also one StackPower cable in each box. Since I didn’t see this cable before I did some research on the cisco webpage. And I found a nice white paper about the Cisco StackPower.

This white paper explain how to use this StackPower cable and all the different setups and possibilities. The cable basically is capable of connecting multiple switches and share their power source. In my case I’m going to use the described ring topology to connect the switches together in the same way as the switches are connected together with a ‘normal’ stack cable. There is also a star topology which can be configured by using a Cisco eXpandable Power System.

For the ring topology there are two modes of operation;

  • Power-Sharing mode
  • Redundant mode

Both modes could be used in strict or non-strict (loose) mode. The default is loose Power-Sharing mode. Which means that all power supplies of the switches in the power stack are added to a big power pool and the power can be allocated to switches in the power stack. As long as all the available power together in the pool is more then all the required power together (allocated power), you have, as Cisco it calls, a balanced power budget (Available power > Allocated power). which means we have Negative budget if the following equation is true: Available power < Allocated power.

For example you have four 3750-X switches with each one power supply of 715W. One switch in the stack requires 1000W and the other 3 requires only 250W. This gives us a balanced budget:

  • Power budget = 4x715W = 2860W
  • Allocated power = 1000W+3x250W = 1750W
  • Available unallocated power = 1110W

This even means that is one power supply fails there is still enough power available (a balanced budget). If the strict mode is enable you cannot have a negative power budget, if in case of an power supply failure the budget becomes negative the power stack begins shedding power until you have a balanced power budget. This will be done by preset (configured or defaults) priority levels. The higher the priority level number the earlier the power is shed. The default priority levels are divided in three categories:

  • Switches = 1-9
  • High Priority Ports = 10-18
  • Low Priority Ports = 19-27

In this case the low Priority ports are power shed as first. Then the High priority ports and last the switches.

The Redundant mode reserves in the power pool the amount of power (cannot be allocated) of the power supply with the most capacity. In this case you are sure you never have a negative power budget in case a random power supply fails.

For some nice pictures and best practices see the Cisco white paper.

Source: Cisco StackPower white paper (pdf)

Temporary disable failover on Cisco ASA

Leave a reply

If you have a planned maintenance and you know you will hit your Failover LAN between two ASA’s in an Active/Standby configuration. If is very useful to temporary disable the Failover mechanism so the Standby firewall stays Standby and you don’t end up in a situation where you have two Active firewalls.

Below is an example output of the show failover output of an ASA 5520: (only relevant information is shown in this output)

firewall/act# show failover
Failover On
Failover unit Primary
Failover LAN Interface: failover GigabitEthernet0/1 (up)
...
        This host: Primary - Active
...
        Other host: Secondary - Standby Ready
...

Now login to the Standby firewall and disable failover very easily via the no failover command in configuration mode: 

 
firewall/act# conf t
firewall/stby(config)# no failover
INFO: This unit is currently in standby state. By disabling failover, this unit will remain in standby state.
firewall/stbyNoFailover(config)#

You can see on the output it adds NoFailover to the CLI prompt.

We’re back on the Active unit and you can see the Secondary in Disabled where it was previously Standby Ready: 

firewall/act# show failover
Failover On
Failover unit Primary
Failover LAN Interface: failover GigabitEthernet0/1 (up)
...
        This host: Primary - Active
...
        Other host: Secondary - Disabled
...

If your maintenance is finished, you should enable the failover mechanism again on the Standby node: 

firewall/stbyNoFailover(config)# failover
firewall/stby(config)# 

        Detected an Active mate
Beginning configuration replication from mate.
End configuration replication from mate.

firewall/stby(config)# end
firewall/stby#

Now you’re done, check you Active/Standby status again, this should be the same as the first show failover command in this post.

LPI Linux Essentials

4 Replies

Yes, I got my LPI Linux Essentials certification!

As a network engineer I’m on Linux systems on a daily basis and therefor I think it is important to have basic skills of Linux as well.

On the the InfoSecurity.nl event I got the chance to subscribe for an paper basis exam for any of the LPI certifications. Since this certification track was new for me I started with the very basics, LPI Linux Essentials, also known as LPI-010.

If you subscribe for paper basis Linux exams via the LPI events, you can save some money as well. The LPI event exams are about 50% cheaper then the normal exams which are computer based at Pearson VUE Test centers. The only disadvantage of the paper basis exams is that you don’t have an immediate result. It normally takes about 3-4 weeks, in my case this was only 17 days.

Here you can find a nice Free Linux Essentials Training Manual I used for my exam preparations.

Splunk as monitoring tool

Leave a reply

Last week I attended the Splunk Live! event in Amsterdam. This is an event which is organised by Splunk itself and is about learning the Splunk community about their product. Some speakers of the event Splunk CIO Doug Harr, Splunk Sales Engineer Marco Paniagua, but maybe even more interesting Splunk users Wiam Vos for Kadaster and Karl Lovink for Belastingdienst.

Splunk is an tool which collects data (any data!) of any amount, any location and any source. Since there is no upfront schema defined for Splunk you can really import any data you like. This is as Splunk tries to tell us the strength of their product. Splunk indexes all the data in receives on so called indexers and via a search-head you are able to search or view the data via a Dashboard. This can be done via basis search strings or via advanced graphs and/or apps.

Splunk can be downloaded and installed very easily. Once you installed it you can add sources an play around. Splunk indexes all the information you feed it and you can search an graph all that data in a way you like it. What is even greater is that you can use the Splunkbase to install apps. This can save you a lot of work since good apps are already developed by other people and you can use them to display specific needs. Some examples of apps to view application specific data are:

  • WMware
  • UCS
  • Netflow
  • Exchange

The default license is Free which gives you the ability to index 500MB per day. If you exceed this amount of data you need a Enterprise license. The price depends on the amount of data you index with Splunk per day. You also get some extra features like Access Control and Index Replication.

You could run Splunk in a virtual environment, but it is important to keep in mind that Splunk needs a lot of disk IO. therefor it might be better to use dedicated hardware for Splunk. To be sure the Splunk performs well on a virtualized environment you could give several Splunk virtual machines a dedicated amount CPU/memory/disk space.

For good performance it might also be wise to use separate machines for indexing and for searching. for example you could use a loadbalancer to load balance traffic between two locations, where on each side one search-head and one indexer is running. You could send data form all reporting devices to both indexers. In this way you geographical separate your data (for disaster recovery purposes) and balance the load of the servers as well, which enrich the user experience when using this tool.

In the short future I hope to do some tests with real network traffic and post some results here as well.

Installing Nortel VPNC on Ubuntu

Leave a reply

I’m running Ubuntu 12.04.1 wheezy/sid and I needed a way to connect to the office Nortel VPN server. On a Windows machine you normally use Nortel Contivity Client. But this is not available for Linux. There is a nortel branch available of vpnc which you can find here.

The first step is to install svn-buildpackage, use the command below for this. There some extra packages coming with this install, but this is OK.

apt-get install svn-buildpackage

Now you can do a check-out on the SVN repository:

svn co -r517 http://svn.unix-ag.uni-kl.de/vpnc/branches/vpnc-nortel

This downloads the files in a new directory (vpnc-nortel) in the location you are at this moment.

Now it is time to install the vpnc client. go to the vpnc-nortel directory you just downloaded and perform the command:

make

This should make the compile the files for your OS, but the first time this failed form me with the error message:

root@ubuntu:~/vpnc-nortel# make
Package gnutls was not found in the pkg-config search path.
Perhaps you should add the directory containing `gnutls.pc'
to the PKG_CONFIG_PATH environment variable
No package 'gnutls' found
...

To solve this issue you should first install libgnutls-dev:

apt-get install libgnutls-dev

Then you can try again:

make
make install

The make install should give an output like this:

root@ubuntu:~/vpnc-nortel# make install
install -d /etc/vpnc /usr/local/bin /usr/local/sbin /usr/local/share/man/man1 /usr/local/share/man/man8 /usr/local/share/doc/vpnc
if [ "`uname -s | cut -c-6`" = "CYGWIN" ]; then \
		install vpnc-script-win /etc/vpnc/vpnc-script; \
		install vpnc-script-win.js /etc/vpnc; \
	else \
		install vpnc-script /etc/vpnc; \
	fi
install -m600 vpnc.conf /etc/vpnc/default.conf
install -m755 vpnc-disconnect /usr/local/sbin
install -m755 pcf2vpnc /usr/local/bin
install -m644 vpnc.8 /usr/local/share/man/man8
install -m644 pcf2vpnc.1 /usr/local/share/man/man1
install -m644 cisco-decrypt.1 /usr/local/share/man/man1
install -m644 COPYING /usr/local/share/doc/vpnc
install -m755 vpnc /usr/local/sbin
install -m755 cisco-decrypt /usr/local/bin

The last thing to do is to edit the configuration file to the settings of your company. In my case this configuration file (/etc/vpnc/default.conf) looks like:

IPSec gateway 
IPSec ID 
IPSec secret 
Xauth username 
Vendor nortel
IKE Authmode gpassword
Enable Single DES
IKE DH Group dh1

Now your ready!
To start vpnc perfrom:

vpnc

en to stop vpnc:

vpnc-disconnect

IFA on IOS6

Leave a reply

I found this link, which describes an interesting new feature on IOS6. This new option to enable IFA which stands for “identifier for advertisers”, helps advertisers with giving them an unique ID so they can ad targeting that user.
If you don’t like this you can disable IFA via:
Setting -> General -> About -> Advertising; in this menu you can put Limit Ad Tracking to ON.
See also screenshots below: