Articoli

Pubblicato il

Unifi USG – Setup and configuration

Last device I added to my lab is the Ubiquity Unify Security Gateway (from now on USG)

I need it because I have to work with a great number of vLAN in my demo lab.

Let’s see what I learned in the last test weeks and how I set it up to address my needs.

The hardware installation is quite easy. After unpacking the box you just need to plug-in the power supply and two ethernet cables, the first one on LAN Port and the second to WAN port.

The USG setup is composed of 5 configuration phases

  1. LAN / WAN
  2. Unifi-Controller
  3. VPN
  4. VLAN
  5. Routing

In this first article, we are going to cover the three first phases.

I – LAN /WAN Configuration

  1. On your PC set up the Ethernet IP Address as 192.168.1.x/24 and plug the LAN cable. Now ping the 192.168.1.1 address to be sure you can reach the USG. Open a Browser and  you’ll be able to configure LAN and WAN interfaces from 192.168.1.1 address.

Figure 1

My personal router works on 192.168.18.x while I choose to set up the LAN on 192.168.16.x address

After “applying the changes”, you have to re-change the IP address of your PC to a LAN address (192.168.16.99 for example) and test the USG answer to ping.

II Unify Controller

After creating an account on the Ubiquity site (https://account.ui.com/register), download and install the Unifi Controller (https://www.ui.com/download/unifi-switching-routing) on your local PC.

Let’s see the most important steps on the wizard:

Click on “Launch a Browser to manage the network” button (Figure 2)

Figure 2

Log-in to Ubiquiti account

Figure 3

Checking if the USG device is properly discovered

Figure 4

After the wizard has been completed you can start to play with the friendly user interface. Figure 5 and 6 show the USG Device status (the fourth icons on the left panel (device))

Figure 5

Figure 6

III VPN Creation

The Wizard consists in:

  1. Creating a new Network (Figure 6) selecting the options “Remote user VPN” and L2PT server. On Radius menu you must add a new profile as shown in (Figure 7)

Figure 6

Figure 7

2) Enable Radius Server as shown in figure 8

Figure 8

Now you can set on your windows/linux/mac/android device the VPN connection and test it

Before ending the article two more notes.

  1. If you see the provisioning entry on the web interface, it means USG is loading and saving the new configuration.
  2. You can have all detail about USG products at the following internet address:  https://www.ui.com/unifi-routing/usg/
Pubblicato il

Object Storage & VBR integration

This is the second article and we are going to discover how to integrate Wasabi with Veeam.

If you want to know how to configure Wasabi, please refer to my previous article (Wasabi configuration)

The two steps we’re going to follow are:

  1. Adding Wasabi Repository
  2. Creating SOBR

Let’s start

Figure 1,2,3,4 are images showing the wizard:

Figure 1

Figure 2

Figure 3

Figure 4

In figure 4 you can find two interesting options

The first sets the software capacity limit for the object storage. This check is performed at the beginning of the job not when it is running.

To use Object Storage you need to create a Scale-Out Backup Repository (from now SOBR) that is composed of 2 different physical items.

The first one is called performance tier and it could be any classical Veeam Repository like Server, Network share, Deduplication appliances.

The second is the object storage we have already configurated.

A good suggestion: try to use a repository with good reading performances. In this way, you avoid having a bad performance of offload to Object Storage.

5 pics to understand how to easily configure the SOBR

Figure 5

Figure 6

Figure 7

Figure 8

Figure 9

Some good points to remember:

As you can see from picture 9 there are different options.
Move and copy seem to do the same work but it is not.

The move is the option (already available with version 9.5u4) to empty the Repository. The idea is to have an on-premises repository without any capacity limit (because blocks are moved to Object Storage)

On the other hand, the copy mode is a way to have the same Data in both repositories.

You can add both the two options to gain all the advantages of the integration.

Their main difference is when you need to perform a restore in the unlucky case you lose VBR (Veeam Backup & Replication).

Why?

If you select the move option you have to rebuild SOBR.

If you select the copy option you just need to add the Object storage, importing the bucket and start the restoration tasks.

you can find all detail here

Pubblicato il

How to find strings with PowerShell

An article to explain how easy it is to answer some working needs using Microsoft Powershell.

In my job, I happen to have the need to search some data written inside files.

Three classic requests:

1) I need to remember some info about a meeting (I take always notes during meetings)

2) I need to get a statistic about how many customers asked a particular feature

3) I need to search for some errors in application logs

In this short article, I show you how to answer.

In my example, I need to find  a string with the content “find me” in my Documents folder

The PowerShell command is:

Get-ChildItem -Recurse -Path “C:\Users\VBR\Documents\” | Select-String Pattern “find me”

it is composed of two parts separated by a vertical bar (|)

In the first part, the command will search all files into the path C:\Users\VBR\Documents\ (Recurse)

In the second will search the type (string) and the object (pattern)

I like the idea of saving the results of the command in a file and also having just the path of the string I searched.

The command is changed as you can see below:

Get-ChildItem -Recurse -Path “C:\Users\VBR\Documents\Test-Find” | Select-String -Pattern “find me” | select path | Out-File C:\Scripts\Results\search_script_out.txt

To remember:
All PowerShell commands support wild card (*, ?, [ ]), which means you can search any string in your environment.

Pubblicato il

Object Storage Integration – Wasabi

Object Storage is probably the main Backup & Replication feature used by Veeam Customers since his release (9.5 u4)

Today I’m going to cover the improvment now available with version 10 and I’ll show you how it works when it is coupled with Wasabi Object Storage.

Why Wasabi?
The reason is quite easy.
Any Veeam SE has 1 TB of available data to work with and this is a very appreciated gift because I can test VBR features in my personal lab.

So thank you in advance Wasabi guys.

This is the first of three articles where I’m going to show how to implement the Object Storage integration with VBR

  1. Configuring Wasabi Bucket
  2. Implementing Backup and Replication
  3. Performing test of backup and Restore

Let’s start with the first point !!!

After registering to wasabi site (https://wasabi.com/), sign-in and discover the main menu. What surprised me immediately is how easily you can work with the platform.

From “Users” just create a user following the wizard where you need to type name (Picture 1), optionally create a group (Picture 2)  and in the select the right permission in page three  (Picture 3) 

Picture 1

Picture 2

Picture 3

Now move on to the Access key menu and create the two keys. One good suggestion is to save keys on your PC downloading it. (Picture 4) 

Picture 4

Now it’s time to work with the Bucket menu and see how easy it is to create a new container (Picture 5).

Picture 5

Now we are ready to use it with VBR (Veeam Backup & Replication)

See you soon

Pubblicato il

XFS – Performace

In the previous two articles, I explained how to configure and set up an XFS Repository with Veeam Backup & Replication v.10 (VBR)

In this new article, I’m going to cover why this is a very useful technology and should be adopted as soon as possible.

The main reason is:

“XFS linked-clone technology helps VBR to transform the backup chain” 

Let’s see what happens with Synthetic Full.

What is Synthetic full?

It’s a smart way to help VBR to create a Full Restore point downloading just an incremental backup from production.

The process is composed of two phases.

Firstly it creates a normal incremental backup.

Then it creates a full backup file stacking all previous backups (full and incremental).

This process normally needs a lot of work because VBR commands the repository to copy, paste and delete the data blocks.

The XFS integration, allows the system to do not move any block. In fact, the filesystem is able to re-point his metadata creating a Full Backup in One-Shot.

The result is super fast Full Backup creation.

Let’s see with an example:

A classic Full Backup has lasted 7 mins (Picture 1).

Picture 1

An Incremental Backup has lasted 2 mins and 30 sec (Picture 2).

Picture 2

What about a Synthetic Full

Picture 3 shows that it needs less than 30 seconds (plus the time needs to download the incremental data).

So Amazing technology and Veeamzing integration!!!

Picture 3

That’s all, for now, guys, see you soon and take care.

Pubblicato il

How to add an XFS Repository to Veeam

This is the second article talking about how to set up a Linux Veeam Repository for using the XFS technology.

In my last article, I wrote about how to create an XFS disk and now we are going to cover how to integrate it.

There are just two steps: 

1. Adding the new Linux Server to the managed VBR server.

2. Creating the Repository Server enabling the XFS add-on.

1. Before working with the VBR console it’s necessary to check the firewall status and more precisely if the ports needed are open to allow the system to work properly.

In this lab the way to set up the firewall is working with ufw command:

sudo ufw status (to check the status) 

If the firewall is disabled, please change its status with the command:

sudo ufw enable  (corrected on 8th May 2021)

Opening the ports with the following command:

sudo ufw allow #port/protocol

In my example I launched the following two commands:

sudo ufw allow 22/tcp

sudo ufw allow 2500:3300/tcp

as shown in the  Veeam user guide (picture 1)

Picture 1

The last command to check the firewall status is on port 22:

sudo lsof -i:22

the output is:

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 915 root 3u IPv4 27288 0t0 TCP *:ssh (LISTEN)
sshd 915 root 4u IPv6 27290 0t0 TCP *:ssh (LISTEN)

2. Now we are ready to create the new XFS repository:

  • 1. From VBR console add a new Linux Server (Picture 2)

Picture 2

  • Click on the Advanced button and check the right match between the ports  (Picture 3 and 4)

Picture 3

Picture 4

  • Add a new Repository, by choosing the just added server (in my case his name is cento01).

In the repository option, browse the server folders selecting the XFS one,  selecting the option Use fast Cloning (Picture 5 and 6)

Picture 5

Picture 6

Complete the task with some more clicks.

Note1: If you need more details about how to set up the firewall please have a look at the following site:

Linux Firewall

The next article will talk about performances,  see you soon and take care.