VMDirectPath owns the local SCSI Controller

Yesterday I was witness of an exciting feature of VMware’s VMDirectPath Feature on ESXi. For those who don’t know: DirectPath allows you to directly attach PCI Devices to a VM.

In our case we installed a secondary SCSI Adapter to attach a tape drive to a VM. In ESX Host that is configured by using VMDirectPath. Unfortunately, fast hands have choosen the wrong adapter. In this case, where you only have two adapters, it’s the SCSI adapter of the disks where ESX ist installed on 😛 it isn’t possible to write down any configuration changes to disk now, because esx has no longer access to the SCSI Controller.

ESX boots up normally. After OS is up, the SCSI Adapter is passed trough to the DirectPath module. From this time on, you see error messages in the logs (ALT+F12 on console).

So, how to get back?

  • Boot another Linux Live CD and change the configuration? Didn’t work in our case, why ever.
  • Reinstall ESX: no.
  • Change the configuration during ESX operation. But how if filesystem is read only?

Here’s my How-To

Run the following on ESX Console (dcui) to get a list of who owns which hba:


Now let’s assign vmhba1 back to vmkernel:


Now kernel owns the hba, but before changes can be written to disk, a rescan is required.


Now let’s modify the esx.conf to permanentely assign vmhba1 to vmkernel.


To search a String, use “/” in vi; just type “/vmhba1” and hit enter, vi will show up the right line where you can see vmhba1 is assigned to passtrough instead of vmkernel. Some other vi hints for editing:

  • delete text using the DEL key
  • before typing, enter insert mode by pressing key “i”
  • after typing exit insert mode using ESC key
  • to save and exit: “:wq” and ENTER

Now do a reboot to test the new setting. After all now we’re able to assign the next/right hba to the passtrough 😉


Windows Update error 800B0001

I’ve done some quick research with Google and found the following.


If you receive Windows Update error 800b0001, it means that Windows Update or Microsoft Update cannot determine the cryptographic service provider, or a file Windows Update requires (named catalog store) is corrupted. The System Update Readiness Tool can correct some conditions that cause this error.

In Article KB947821 they explain a way in Server 2012 and Win8 to use dism to scan the image health. For “older” Operating Systems, there’s a Tool that can help repair Windows Update.


So in Server 2012 and Win8, just run the following commands as elevated admin:

DISM.exe /Online /Cleanup-image /Scanhealth
DISM.exe /Online /Cleanup-image /Restorehealth

Run Windows Update again, Error hopefully solved.


Windows temporary profile

If you’re logging in to a computer and get a message telling you “you’ve been logged on with a temporary profile”, you can solve that problem by just rebooting the computer. But sometimes, there’s a bigger fault in background. In this case, a colleague just gave me this hint:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Under the ProfileList subkey, delete the subkey that is named <<SID>>.bak

TCP/UDP Checksum Offload on RealTek NIC

I just wanted to do my cousin a favor and take look at his new computer he bought at a local IT store. He told me it’s kinda slow. Unfortunately, tt wasn’t just taking a look…

Characteristics of the problem

Newly installed, and also installed again using a recovery DVD, the computer had hangs by surfing the internet. Slow speed, some Websites did not load, mostly HTTPS SSL sites. In his case it was the eBanking software that didn’t work.


My first tought was Anti-Virus software, Firewalls: no success. Anti-Virus is not scanning traffinc, Windows Firewall has rules that allow all out- and the right incoming traffic.

Second tought:Computer is slow because he’s downloading over 100 windows updates in background. I took the time and downloaded all updates, installed them. Maybe one of the updates solves the problem. No success.

Third tought: there must be any tool blocking the traffic. I’ve unstalled mostly everything I didn’t know until today, disabled every senseless service. No success.

Fourth tought: Network issues. BANG! Success. Here’s how I analyzed that.

Analyze the unsuccessful network connections

Because Teamviewer didn’t work too, I decided to use that tool to produce the example traffic that will be analyzed. But that will work with an HTTPS site as well, I’m sure.

Network Traffic logging:

  • download Wireshark, install directly on Computer
  • Start Wireshark with no filters, without promisc. mode
  • start Teamviewer and wait until connections is established
  • stop Wireshark logging
  • set and apply a filter “ip.addr == my.computers.ip.address”

Teamviewer normally quickly connects to his servers and gives you a green light on the left bottom pane to tell you it’s ready to get help. On the computer with the issue, Teamviewer started with a red light, went to orange and tried to connect. Some seconds later it went back to red, then orange and finally green.

The analyzed traffic in Wireshark had a lot of black lines from local IP to an Internet IP of Wireshark. If I selected such a packet and opened the TCP part in the middle pane, it looked like this:

Nice from Wireshark, it tells me directly what’s wrong here. But what’s checksum offload?! After a search on Wikipedia:

TCP offload engine or TOE is a technology used in network interface cards (NIC) to offload processing of the entire TCP/IP stack to the network controller. It is primarily used with high-speed network interfaces, such as gigabit Ethernet and 10 Gigabit Ethernet, where processing overhead of the network stack becomes significant.

Source: http://en.wikipedia.org/wiki/TCP_offload_engine

Nice, but my NIC is a default 1GBit/s one connected to my DSL (5MBit/s). Don’t need that stuff here. How does that come, a manufacturer thinks it’s neccessary to implement such Server / Datacenter Features on a normal Workstation? Yes for IT Guys it’s nice to have, but shall that be enabled by default?

Disable TCP Checksum Offload

To disable Offloading, I opened the Network Card’s Advanced Settings

Step 1, open Network Properties:

and then press “configure” (“Konfigurieren” in the German Snapshot).

Step 2, in the next dialog go to advanced (“Erweitert”) and search for TCP offloading. There’s a lot about offloading, but what we need is TCP and UDP checksum offloading on IPv4.

Left side “Eigenschaft” means “Property” and right side “Wert” means “Value”. The value of “TCP Prüfsummenabladung” (means TCP checksum offloading) is set to “Rx & Tx aktiviert” (Rx & Tx activated).

After setting this to disabled for both TCP and UDP, everything went back to normal. Teamviewer works, eBanking works, everything. Wireshark also just logs valid successful connections from now on.

Weird experience.