Search
Feeds
Technorati
Recent Entries
Recent Comments
Categories
- Amateur Radio
Blogging RSS
Business Continuity
CAMRA
Cars
Development
Ecology
elastictime
Events
eXtremeReengineering RSS
Family
Football
Getting Things Done
Grumpy Old Man RSS
LCS
Lincoln Burnett
Lotus
Lotus Foundations
Lotus Notes/Domino RSS
Lotus Quickr
Lotusphere
Mac
Microsoft
Microsoft Groove
Microsoft SharePoint
Miscellaneous
News
Out and About
People
podcast
Ruby on Rails
Scouts
Show’nTell RSS
Social Networking RSS
Society RSS
SPAM
Sport
Systems
TechEd 2006 RSS
Technology
This Site
Travel
Walking and Climbing
West Ham RSS
Wheeliebag
World Cup 2006 RSS
Archives
- July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
October 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
There have been many stories about how people use Twitter: this is an example of how it can be used for positive benefit.
I have been away on hols for a couple of weeks and spent most of last Friday morning in the departtures lounge at Corfu's airport waiting for a delayed Easyjet flight back to Gatwick. Being a twitterer (garethhowell), I tweeted that what was going on via the Twittelator app on my iPhone.
Within 5 minutes I had a reply from easyJetCare explaining the reason for the delay.
That's a good way to use Twitter to improve customer relations.
Gareth Howell July 2 2009 18:16:00
No, neither had I until this morning. Apparently its a tactic for reducing the probability of transmitting H1N1 SwineFlu.
According to The Institute for Business & Home Safety, one measure businesses can adopt as part of their SwineFlu response plan is to practice Social Distancing: keep 6ft apart and don't get up close and personal.
IBHS recommends that businesses try a "Social Distancing Day" during which "..employees do not shake each other's hands, or come closer than 6 feet to each other"
[Source http://www.southcoasttoday.com]
Gareth Howell July 2 2009 10:55:39
There are several supported configurations for LFS. Usually you would have it connected directly to the Internet via cable or DSL so that it acts as the firewall. However you can connect it just to the internal LAN and connect to the Internet through a router. Option one requires two network cards whereas option two requires only one.
There is an unfortunate consequence of adopting option two: you get no mail screening. The reasons are as follows:
When you have two network adapters you can elect to have only one "trusted". Generally this is the internal network. Opting not to trust an interface enables the firewall on that interface. It also cause all traffic arriving on port 25 (SMTP) to go through the anti-spam and RBL (Real Time Block) engine.
In a single network environment, you have to trust that single interface. This means no firewall and no RBL!
This is a great shame as there is no need for a dependence between the firewall and the RBL engine. It should be possible to have one without the other.
The solution, if you are indirectly connected but can have two interfaces, is to trust eth0 and not trust eth1 and then tell the firewall to route traffic on port 25 to the untrusted interface. LFS will complain because it has two interfaces on the same LAN segment, but it seems to work OK.
Gareth Howell June 9 2009 13:55:36
OK, so I moved Astrium, my Lotus Foundations Server, to my new house and got it working again indirectly behind a firewall. Now I needed to do two things:
1. Move it on to new hardware so I could take advantage of the VMware addon, and
2. Move it to being the gateway/firewall to my ADSL circuit.
Moving to new hardware.
My original hardware was an old test box that had lots of hard drives in caddies; so I could run different operating systems etc. This was in the days before VMware. My objective was to ditch this box in favour of running VMware VMs on an upgraded Astrium.
The new hardware is a re-purposed Acer M8 workstation class machine with dual core AMD Athlon 64 X2 processor, 4GB RAM and 2 x 1TB SATA disks. To this I added the IDB drive and caddie from the old server and the additional Ethernet card from the old server (the Acer had only one Ethernet port).
The process I followed (courtesy of the guys at IBM) was:
1. Disabled the Start Addon
2. Ran a full backup of the LF Start Backup job
3. Disabled the LF Start Backup job
4. Modified the Master Job to add the notes and notesbackup teams ( to get a full backup of the whole server)
5. Ran a full backup of the Master Job
6. Shutdown the old server and moved the IDB drive and Ethernet card to the new server.
7. Booted the new server from DVD, it then found the configuration on the IDB and came up.
8. Configured the two SATA drives as a RAID
9. Did a full restore of the Master Job after LFS had finished formatting the first SATA drive.
10. Removed the DVD and rebooted.
11. Modified the Master Job to remove notes and notesbackup
12. Enabled LF Start
At this point, I started to have problems.
Problem 1 - Domino wouldn't start.
The log messages were confusing. At one point LFS said the Domino service was installed but then changed its mind sometime later during the boot process of the nvs.
I tried disabling LF Start, restoring the notes and notesbackup teams but this made no difference.
In the end I did the following:
1. Disabled and un-installed the LF Start addon
2. Installed the LF Start addon to get a clean Domino server (but without my data)
3. Disabled the LF Start addon
4. Manually copied all the .nsf and .id files from the notesbackup team to the notes team and changed the ownership to notes (I was doing this as root of course)
5. Enabled the LF Start addon. That seemed to do the trick, (though see later for problem 3)
Problem 2 - Unable to connect to the Internet
I now had a functioning LFS running on new hardware but not connected directly to the Internet. Instead it was connected through the ADSL router/firewall. I removed the ADSL Router and connected a Netgear DM111 ADSL+ modem to eth1. Nothing happened. I had previously confirmed that the modem worked and connected correctly, but LFS failed to see it or get an IP address from it or the service provider.
I tried telling LFS that I had a dialup modem (as per the Admin guide) but LFS couldn't detect the modem.
As NETSCAN had solved my earlier network problem, I decided to try this option again. After NETSCANing the server and manually resetting the IP address on eth0 I saw that LFS had now forgotten about the additional Ethernet card and now said it had only eth0.
Nothing I could do in the time I had available could remedy this. So I had to continue with the ADSL Router and have Astrium indirectly connected to the Internet.
I will have to investigate this further when I return from my hols.
Problem 3 - date time issues causing Domino to fail.
When I rebooted after the last NETSCAN, I noticed that LF Start had failed to initialize. Examination of the log files in /home/domino/Files/filesystem/var/log/messages (which is the log file containing all the LF Start addon messages and the Domino server console output) showed that the date on the server was wrong (1st Jan 2006) and of course Domino was complaining.
I guess this probably means that the battery for the RTC is dead, but that can wait. To correct this:
1. I disabled the LF Start addon
2. Went in to the notesdata directory at /home/notes/Files/notesdata and deleted log.nsf
3. Used a Notes client to open names.nsf using the path \\astrium\notes\notesdata\names.nsf and did an edit and save on the server document.
4. enabled the LF Start addon.
That seemed to crack it.
Conclusion:
At the end of this, I seem to have a functioning LFS box with Domino running as before. Apart from the server being indirectly connected to the Internet and thus requiring various holes in the ADSL/Router's firewall. All is just about OK.
I say just about because of one niggle, but I'll blog that separately.
Acknowledgement
I must just acknowledge the assistance of Sean Burgess who saw my tweets of frustration and offered his help. It was useful to have somebody against whom to bounce ideas. Thanks Sean
Gareth Howell June 9 2009 13:11:04
In "Moving office? - With Lotus Foundations it's no problem" I mentioned that I moved my Lotus Foundations Server (called Astrium) to a friend's house temporarily whilst we moved. Yesterday I moved it back. (I also moved it on to new hardware, but that's 09062009131104GHOGAY.htmanother story)
This post covers a gotcha that occurs when one moves LFS from one network to another.
My internal network has the network address 172.29.12.0/24, Geoff's is 192.168.0.0/24. Another change was that whereas on my old cable connected network, Astrium was the gateway and firewall, on Geoff's it wasn't.
As detailed earlier, moving to Geoff's was pretty easy. Moving back was not quite so easy.
Whilst Astrium was at Geoff's, it learned about the network and populated its routing tables accordingly. I had quite a bit of difficulty getting it to forget these routes when I moved the server back. Despite renumbering eth0 to a 172.29.12 address and telling LFS to auto-populate its routing table, it insisted that the default route was to 192.168.0.1 via eth0.
The solution was to NETSCAN the server and manually reset the address of eth0 from the console. This forced LFS to forget all that it knew about routes etc and relearn from scratch.
Gareth Howell June 9 2009 13:00:44
I am in the process of moving home, and therefore home office. The home is also where I have our Lotus Foundations server (Astrium) located. There will be a hiatus in Internet connectivity during the actual move so I wanted to park Astrium somewhere safe and connected will I sorted out the connectivity in the new house.
A friend of mine kindly donated the use of his home ADSL circuit for a few days, so I moved Astrium this morning. It was a push over.
In normal use, Astrium terminates the broadband circuit, acts as a firewall and hosts email and web servers. In the temporary location, the ADSL circuit is already terminated on Geoff's wireless modem/router, so I changed the network topology used by LFS so that it was a host on the network rather than the router itself. Thus Astrium had only eth0 connected to the internal network, with eth1 left unconnected
I made the following changes:
- Changed the IP address on eth0 to one suited to the new network
- Set the IP address of eth1 to 0.0.0.0 (this disables the interface)
- Disabled the DHCP server on eth0
- Added a manual default route to the new network's ADSL router
- Modified the SMTP Smarthost settings so that outbound SMTP traffic used the new ISP's SMTP MTA
- Modified the firewall on the ADSL router to forward ports 25, 80, 81, 443, 1352, 1723, 4443 and 60080 to Astrium
One last change that was needed was to modify the outbound SMTP configuration on Geoff's BTInternet account so that BT's SMTP server would relay traffic originated by Astrium's users and not treat it as a hi-jacking attempt.
Altogether a pretty easy move. As soon as Astrium booted, it updated the dynamic DNS to reflect the change in public IP address and mail started to flow.
The only minor gripe was the need to manually open the HTTP port on the Domino server (LFS sets it to redirect to HTTPS). I've blogged about this in 06012009140845GHOJLJ.htm View Full Comments Inline (0)
Gareth Howell May 14 2009 17:42:07
It is a fact that small businesses make up 99% of all companies in the UK. Unfortunately, research shows that less than 50% have put in place plans for how they would continue to function if something went wrong.
Whilst terrorist attacks such as the London bombings are (thankfully) very rare, the explosion at the Buncefield Oil Terminal should have acted as a wake-up call for all businesses. How many businesses are located near to other potential Buncefields? And yet, it is far more mundane, and more frequent, incidents that threaten smaller businesses the most.
Incidents such as a localised power failure, sprinkler system activation, winter flu, transportation disruption, fire or computer viruses are far more likely to occur.
Of course, what actually classes as a disaster will be different for different businesses. If a small accountancy company fails to adequately protect its files and has no plans in place for how it would keep that data secure if there were a fire, it may be flouting all sorts of regulations that could lead to serious problems. Similarly, any business that transacts through the Web could suffer significant loss of business through lost orders from existing customers, reduction of trust and failure to win new customers if its web servers were compromised in any way.
CBI research showed that 60% of medium businesses include the Web as part of their supply chain: however it also showed that less than half have the required security controls to prevent an on-line attack and have inadequate backup plans.
Despite the importance of IT to modern business, contingency planning should not focus solely on the technology aspects. Of equal importance are employee related risks such as the loss of key staff: temporarily or permanently. How often have you heard the mantra ".. Joe knows how to do that: we leave it to him." What if Joe wins the Lottery?
Business Continuity Planning should be a key management tool for all businesses. Much in the way that Quality Management has become embedded in the culture of all good businesses, so must Business Continuity Management.
Gareth Howell May 5 2009 18:16:06
A survey last year by SunGard (called the Bouncebackability Index) showed that only one third of small businesses were taking the steps to ensure that their business can continue to operate normally under any circumstances. At the same time, the survey revealed that only 10% of consumers were prepared to wait if a product they were trying to buy was out of stock whilst 80% said they would go to another supplier.
Managers and owners of SMEs are also consumers, so why do they exhibit different behaviours when they are buying from when they are selling? Is this a case of "Do as I say, not do as I do"? If you yourself wouldn't wait for an out of stock product, why should your customers?
Business Continuity is often seen as an unnecessary expense by small businesses, but actually, the same hazard (say a localised utility power failure or a protective cordon thrown up by the emergency services) is likely to hit a small business harder than it will a larger one. Leaving aside the fact that the larger business may already have in place a Business Continuity Plan, the larger business is more likely to have multiple sites and built-in resilience than the smaller, single site, company. It is also likely to have more diversity in its supply chain and less dependence on a small number of customers.
Small businesses often live life on the edge, but that is no reason to not take reasonable precautions to protect the integrity of the business. Look on it as insurance if you like, but don't dismiss it as an unnecessary expense. It could save your business's life !
Gareth Howell May 5 2009 17:46:39
If you are anything like the typical business, you will have found that you are much more dependent on your Information Systems (e.g. computers) than you were 10 years ago. Even the smallest of companies run critical aspects of the business on computers these days: order processing, customer relationship management (CRM), on-line banking...
Hopefully, you back up the data on these systems, but is that enough? Even if your backups restore correctly (a big IF) you still have to replace or repair the hardware; run the restoration job(s); reconcile disparities caused because different systems were backed up at different times; and re-enter data that was not backed up (plus that which has stacked up in the meantime). And that assumes that whatever caused the failure, didn't take out the computer room of course.
Even if everything goes your way, you can expect to have zero or reduced access to critical business information for at least 24 hours, maybe 72, possibly longer. Have you factored this into your Business Continuity Planning?
If you can't accept this sort of system loss and business interruption, then you need to be looking at techniques such as server virtualisation and real-time data replication. Previously these have been approaches that were only open to large enterprises, but now SMEs can take advantage of these services as well.
Catastrophic events such as fire, flood and theft are rare but the effect is often devastating and can lead to business failure if the correct planning is not done in advance. Of much more frequent occurrence are events such as server failure, data corruption, virus attack, accidental power disconnection and cable damage (think rodents and building contractors). These events may not immediately jeopardise the viability of the business, but they can cause significant problems which, if not planned for, can significantly weaken an otherwise sound business.
Gareth Howell May 5 2009 17:45:45
At the end of yesterday's session on Lotus Live I asked the question
As the Lotus Live data centres(sic) are in the US, under whose jurisdiction is the data stored?
This is a question of great interest to us Europeans and it illustrates what I believe to be quite a major difference in attitude between the US and EU communities.
The answer of course is that the data is subject to US jurisdiction, and is thus subject to legislation such as the USA Patriot Act. It may even be subject to Sarbanes-Oxley, but I'm not sure about that.
Why is this an issue?
I see a fundamentally different attitude to corporations and government between the US and EU. It seems to me that Americans tend to trust business and don't feel particularly protective about their personal data. They seem to be quite sanguine about profit driven corporations holding quite personal data about them with no safeguards on how it can be used (or sold) by those corporations. The view is that a free market will drive out of business those corporations who misuse data. (comment: sounds good, but it is a bit like shutting the stable door after the horse has bolted). Contrast this to the view in Europe, which holds that personal data is private and that government/business has to have a good reason for holding personal data and that mandatory safeguards about how the data can be used must be in place: i.e. a precautionary principle is espoused.
This difference is exemplified by the fact that the US does not have any specific legislation on Data Protection: in fact it would seem that privacy is broadly outlawed by the First Amendment to the US Constitution which guarantees Freedom of Speech.
So, Europeans be absolutely clear: if you choose to move your services "into the cloud" you risk signing away many of the protections that you take for granted. Before you sign up, ask the service provider where the data is stored and under whose jurisdiction. View Full Comments Inline (1)
Gareth Howell May 1 2009 17:51:43