Friday, October 26, 2012

How to read windows dump file

Install .net framework 4.5
http://msdn.microsoft.com/en-us/library/5a4x27ek.aspx

Install Windows Software Development Kit (SDK) for Windows 8
http://msdn.microsoft.com/en-US/windows/hardware/hh852363


Details:

http://support.microsoft.com/kb/315263/en-us?wa=wsignin1.0

symbol search path > http://msdl.microsoft.com/download/symbols

image source path > z:

my z: is the windows folder of a windows 2003 server installation because my dump is from windows 2003 server.


PlaceholderExplanation
SymbolPathEither the local path where the symbol files have been downloaded or the symbol server path, including a cache folder. Because a small memory dump file contains limited information, the actual binary files must be loaded together with the symbols for the dump file to be correctly read.
ImagePathThe path of these files. The files are contained in the I386 folder on the Windows XP CD-ROM. For example, the path may be C:\Windows\I386.
DumpFilePathThe path and file name for the dump file that you are examining.




Using command-line

  • Go to C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x86 directory (in 32bits machine)

Example

  • C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x86> kd -y srv*c:\symbols*http://msdl.microsoft.com/download/symbols -i z:\ -z E:\my_dump_files\MEMORY.DMP

After the first info you can go deep writing:

  • !analyze -v

To exit

  • q



Using win app:

Start > all programs > windows kits > debugging tools for windows > windbg

File > symbol search path > http://msdl.microsoft.com/download/symbols
File  > image source path > z:

click !analyze -v for deep analysis
Posted by at No comments:
Labels: , , , ,

Linux change the speed and duplex settings of an Ethernet card

Task: Get speed and other information for eth0


# ethtool eth0


Output:
Settings for eth0:    
Supported ports: [ TP MII ]   
Supported link modes:   10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full    
Supports auto-negotiation: Yes      
Advertised link modes:  10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full     
Advertised auto-negotiation: Yes      
Speed: 100Mb/s      
Duplex: Full      
Port: MII      
PHYAD: 32      
Transceiver: internal      
Auto-negotiation: on      
Supports Wake-on: pumbg      
Wake-on: d      
Current message level: 0x00000007 (7)      
Link detected: yes  
Task: Change the speed and duplex settings
Setup eth0 negotiated speed with ethtool# ethtool -s eth0 speed 100 duplex full
# ethtool -s eth0 speed 10 duplex halfTo make these settings permanent you need to create a shell script and call from /etc/rc.local(Red Hat) or if you are using Debian create a script into the directory /etc/init.d/ directory and run update-rc.d command to update the script.


Posted by at No comments:
Labels:

Monday, October 15, 2012

RAID 10 Vs RAID 01 (RAID 1+0 Vs RAID 0+1)




RAID 10 is not the same as RAID 01.

This article explains the difference between the two with a simple diagram.
I’m going to keep this explanation very simple for you to understand the basic concepts well. In the following diagrams A, B, C, D, E and F represents blocks.

RAID 10

  • RAID 10 is also called as RAID 1+0
  • It is also called as “stripe of mirrors”
  • It requires minimum of 4 disks
  • To understand this better, group the disks in pair of two (for mirror). For example, if you have a total of 6 disks in RAID 10, there will be three groups–Group 1, Group 2, Group 3 as shown in the above diagram.
  • Within the group, the data is mirrored. In the above example, Disk 1 and Disk 2 belongs to Group 1. The data on Disk 1 will be exactly same as the data on Disk 2. So, block A written on Disk 1 will be mirroed on Disk 2. Block B written on Disk 3 will be mirrored on Disk 4.
  • Across the group, the data is striped. i.e Block A is written to Group 1, Block B is written to Group 2, Block C is written to Group 3.
  • This is why it is called “stripe of mirrors”. i.e the disks within the group are mirrored. But, the groups themselves are striped.

RAID 01
  • RAID 01 is also called as RAID 0+1
  • It is also called as “mirror of stripes”
  • It requires minimum of 3 disks. But in most cases this will be implemented as minimum of 4 disks.
  • To understand this better, create two groups. For example, if you have total of 6 disks, create two groups with 3 disks each as shown below. In the above example, Group 1 has 3 disks and Group 2 has 3 disks.
  • Within the group, the data is striped. i.e In the Group 1 which contains three disks, the 1st block will be written to 1st disk, 2nd block to 2nd disk, and the 3rd block to 3rd disk. So, block A is written to Disk 1, block B to Disk 2, block C to Disk 3.
  • Across the group, the data is mirrored. i.e The Group 1 and Group 2 will look exactly the same. i.e Disk 1 is mirrored to Disk 4, Disk 2 to Disk 5, Disk 3 to Disk 6.
  • This is why it is called “mirror of stripes”. i.e the disks within the groups are striped. But, the groups are mirrored.

Main difference between RAID 10 vs RAID 01

  • Performance on both RAID 10 and RAID 01 will be the same.
  • The storage capacity on these will be the same.
  • The main difference is the fault tolerance level. On most implememntations of RAID controllers, RAID 01 fault tolerance is less. On RAID 01, since we have only two groups of RAID 0, if two drives (one in each group) fails, the entire RAID 01 will fail. In the above RAID 01 diagram, if Disk 1 and Disk 4 fails, both the groups will be down. So, the whole RAID 01 will fail.
  • RAID 10 fault tolerance is more. On RAID 10, since there are many groups (as the individual group is only two disks), even if three disks fails (one in each group), the RAID 10 is still functional. In the above RAID 10 example, even if Disk 1, Disk 3, Disk 5 fails, the RAID 10 will still be functional.
  • So, given a choice between RAID 10 and RAID 01, always choose RAID 10.

Notes:
- ‘f’ is the failure probability of one single disk.
- Gx is the name of the groups
- Dx is the name of the disks
RAID 10 :
For loosing your file, you need to loose G1 OR G2 OR G3. To loose G1, you need to loose D1 AND D2, to loose G2 you need to loose D3 AND D4 and to loose G3 you need to loose D5 AND D6.
=> probability of loosing your file : (f*f)+(f*f)+(f*f) = f²+f²+f² = 3f²
RAID 01 :
For loosing your file, you need to loose G1 AND G2. To loose G1 you need to loose D1 OR D2 OR D3, and to loose G2 you need to loose D4 OR D5 OR D6.
=> probability of loosing your file : (f+f+f)*(f+f+f)=3f*3f=9f²
In this particular case (6 blocks, 6 disks), you have 3 times more chances to loose your file on RAID01 than on RAID10.
More basically, you can think like that :
- on RAID 10, if one disk fails, when the second failure appears, I have 1 possibility between 5 that this makes my entire system fail (the other disk in the group)
- on RAID 01, if one disk fails, when the second failure appears, I have 3 possibilities between 5 that this makes my entire system fail (any disk in the other group)


Example for 2 drives failure:
Drive R 0+1 R 1+0
1,2 Up Down
1,3 Up Up
1,4 Down Up
1,5 Down Up
1,6 Down Up
2,3 Up Up
2,4 Down Up
2,5 Down Up
2,6 Down Up
3,4 Down Down
3,5 Down Up
3,6 Down Up
4,5 Up Up
4,6 Up Up
5,6 Up Down


Some performance tests:
http://www.zdnet.com/blog/ou/comprehensive-raid-performance-report/484
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)