[Newsletter] Movie in Setup Assistant, VPN Protocol Network Ports, Snow and Ice

Paul Suh paul.suh at ps-enable.com
Wed Feb 14 15:17:00 EST 2007 

Folks,

I sent part of this week's newsletter out last week, so this one is a  
little bit light.

Cut Out the Movie in Setup Assistant

One of the more annoying things in setting up Mac OS X is the  
QuickTime movie that plays when the Setup Assistant runs. The first  
time, it's kinda neat, but by the tenth time it's getting old and by  
the twentieth time you're thinking, "enough, already!" You can't do  
anything with the default install DVD, but if you are building a  
custom install image then you can cut these out or replace them by  
changing two files on your image:

/System/Library/CoreServices/Setup Assistant.app/Contents/Resources/ 
TransitionSection.bundle/Contents/Resources/intro.mov
/System/Library/CoreServices/Setup Assistant.app/Contents/Resources/ 
TransitionSection.bundle/Contents/Resources/intro-sound.mp3

The first is the movie that plays, the second is the sound track. I  
haven't tried deleting them entirely, but it's easy enough to cut  
them down to a second or so using QuickTime Player Pro.  
Alternatively, you can replace them with a movie and sound that is  
customized for your organization.

VPN Protocol Network Ports

I was investigating a VPN problem for another consultant, and thought  
that some of the information I used as a part of the investigation  
might be of interest to folks. Mac OS X Server has two VPN protocols,  
PPTP (Point-to-Point Tunneling Protocol) and L2TP (Layer 2 Tunneling  
Protocol, technically, L2TP over IPSec).

PPTP uses port 1723 TCP and the GRE protocol as well. GRE is IP  
protocol 47 -- this is at a network layer similar to TCP or UDP. By  
way of comparison, TCP is IP protocol 6 and UDP is IP protocol 17.  
See <http://www.iana.org/assignments/protocol-numbers> for a list of  
all of the various protocols. The router must be set to pass *both*  
TCP port 1723 and GRE to the VPN server, or the VPN will fail.

L2TP uses ports 500, 1701, and 4500 UDP, and the ESP protocol (IP  
protocol 50). 4500 is not strictly necessary as it is only used if  
the VPN traverses a NAT layer, but it doesn't hurt anything to turn  
it on at the router. Again, the router must be set to pass both the  
UDP ports *and* the ESP protocol to the server.

Snow and Ice

I just finished shoveling the sidewalk and driveway in front of our  
house. We got about three inches of snow plus freezing rain, which  
made for very heavy, wet, hard-to-shovel stuff. We didn't lose power  
this time, but I think this is a good reminder for all of us to think  
through what is acceptable in terms of unplanned outages for our  
organizations. What do the various levels of reliability translate to?

99% uptime = 3 days 16 hours unplanned downtime per year
99.9% uptime = 8 hours 45 minutes unplanned downtime per year
99.99% uptime = 53 minutes unplanned downtime per year
99.999% uptime = 5 minutes unplanned downtime per year

Each time you add a 9, figure on increasing your costs by an order of  
magnitude. How critical are computers to your operations? What  
systems need the full five nines treatment and what systems can get  
by with lesser uptime needs? Another way to look at it was written  
about by the software company FWB back in the early nineties. (Some  
of you may remember them for their disk and backup utilities, which  
were excellent for their time.) They called it the rule of twos, with  
respect to downtime:

2 seconds - Full clustered environment with automatic failover
2 minutes - Spare equipment ready to go - just turn it on
2 hours - Spare equipment is set up but not plugged in - take it out  
of the closet, plug it in, turn it on
2 days - Spare equipment is on-site but not set up - take it out of  
the box, set it up, plug it in, turn it on
2 weeks - No spares on-site, need to order equipment and wait for it  
to arrive

Here, decreasing the recovery time increases costs by an order of  
magnitude at each step.

A monkey wrench in all such calculations are systems that change in  
priority depending on the time of day or time of year. A computer in  
a classroom used for a games and drills may be a 2 week machine most  
of the time, but what if you need it for No Child Left Behind testing  
this week? Is your Point-of-Sale computer system a 2 hour system most  
of the time, but a 2 minute system the day after Thanksgiving? Just  
some food for thought.


--Paul


Paul Suh                                                          
http://www.ps-enable.com/
paul.suh at ps-enable.com                           (240) 672-4212



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2508 bytes
Desc: not available
Url : http://mail.goodeast.com/pipermail/newsletter/attachments/20070214/49d0305d/smime.bin

More information about the Newsletter mailing list