Use Dynamic DNS (DDNS) with Windows 2008/2012/2016 Firewall

Often times system admins encounter the need to access certain systems through dynamic IP addresses. Windows Advanced Firewall does not natively support hostnames in their ruleset. We’ve customized the below PowerShell script to update Windows Firewall using a dynamic hostname (also known as DDNS).

  1. ensure your PowerShell allows the execution of remotesigned scripts by opening a PowerShell prompt and typing:

> set-executionpolicy remotesigned


2.  create a file named firewallddns.ps1  and add the following script:

# obtain IP address of the hostname
$ips = [System.Net.Dns]::GetHostAddresses(““)

# define regex to extract the IP address only
$regex = [regex] “\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b”

# extract the IP address from $ips string
$ip2 = $regex.Matches($ips) | %{ $_.value }

# here you can replace with a static IP address should you wish to add more than one IP. The firewall allow IP will be overwritten with these new IP information. If you don’t wish to use this line, then set $iplist = $ip2
$iplist = “$ip2,

# add the $iplist to the remote IP setting in the firewall rule scope
netsh advfirewall firewall set rule name=”The Name of Firewall Rule” new remoteip= $iplist

You can also download a copy of the script Here

3. Create a Scheduled Task from Administrative Tools -> Task Scheduler  to run the PowerShell Script on regular basis. In the Task Execution type:

powershell -executionpolicy remotesigned -File C:\path-to\firewalldns.ps1 >> c:\path-to\firewall.log


The above script will work with Windows 2008, Windows 2012 and Windows 2016. Further, the script can be used to add multiple IP addresses to the Windows Firewall rule’s scope.

Update on Hydro Ottawa Power Blackout

We are glad to inform our clients that all systems are operational during the extended power outage experienced in Ottawa due to the recent storms. The UPS Generator backup continues to provide power until Hydro Ottawa restores electricity to the power grid.

How to upgrade Amazon EC2 Windows Network Port from 100Mbps to 1Gbps


Old Amazon EC2 instances may be running outdated network drivers on Windows. To check:

  • Open Device Manager -> Network Adapters.
  • If you see the Network Adapter name as RedHat PV , then you are running an outdated version of the network driver and must upgrade to take full advantage of performance enhancements on EC2


  1. Take an Image, Snapshot or Backup of your instance
  2. Install the Latest EC2Config service from:
    (Direct Link:
  3. After upgrading EC2Config, proceed to upgrade the network drivers from: (It is OS Dependent)
  4. Few restarts in between, accept the prompts and you should have an upgraded driver.


Always take backup before performing maintenance on your servers

It is important how to position your computer

It is interesting to observe how electronic devices malfunction when they are not placed in their correct position.

I recall my kids using the Nintendo Wii at one time, they placed the unit upside down. This caused disk read errors with DVD games.

Recently, we encountered a situation with a client of ours where their Dell Alienware X51 computer was suddenly shutting down. Remotely examining logs and diagnostics indicate there is an overheat issue. CPU Temp was around 60 C.

When we went onsite to repair the unit, we found the unit was placed upside down (In other words, the Processor/CPU Heatsink and Fan which helps dissipate heat is now placed upside down). Doing a cleanup and re-positioning the computer to the right side fixed the problem!

How to tell if your computer/PC is positioning properly and well ventilated ? Three ways:

  1. Make sure there is no obstruction on the back or the front end of the unit since the fans will absorb air from the front-end and dispose of it from the rear of the PC
  2. Do not block computer vents, they are important to keep a system running optimally
  3. Look at the back of the computer, the side with many ports and connectors should be placed Down on the surface, or the computer should be standing up. As in the picture below:



The left side in this picture of the rear of the computer should be placed down on the desk.

This will ensure the CPU Heatsink/Fan are pointing up




Picture courtesy of

So check your electronic and electrical devices. Make sure they are pointed in the right direction. Electronic devices often generate heat and use fans or heat-sinks to reduce the effect of heat on electronic components.

CentOS and Windows EFI issues on Supermicro servers


UPDATED 2016-08-14: We found the source of the issue to be a bug in Supermicro BIOS C-State. This discussion explains more: Serverfault BSOD Hyper-V VM. Supermicro as of today hasn’t released a BIOS update even though they’ve confirmed the problem.

To summarize, the solution is in the Advanced Power Management of the BIOS, set the BIOS power management to the following:

Advanced Power Management Configuration


CPU P State Control:

EIST(P-States) – [Enable]
Turbo Mode – [Enable]
P-state Coordination – [HW_ALL]

CPU P State Control

CPU C State Control:

Package C State Limit – [C2 state]
CPU C3 Report – [Disable]
CPU C6 Report – [Disable]
Enhanced Halt State (C1E) – [Disable]

CPU C State Control

Original Post:

We just added new supermicro servers based on the new motherbaord X10DRT-PT and SYS-2028TP Servers , started testing it out, doing what we all techies do, try to make it work!

To our surprise, when we tried to install CentOS 7 or 6.7 x64 on the server, it failed with constant reboot problem when CentOS setup loads.

Well, a brand new system, what could be wrong? Pulled up MemTest86+ and the RAM checked out OK. Perhaps Disk issue?  Tried different disks and all is ok.

The only thing left is BIOS issue. Sure enough, it turned out that for a strange reason CentOS does not play well with some of the “Energy Efficiency” options in the BIOS CPU Menu.

Once we’ve disabled the energy efficiency options, the system ran like a rabbit in a field! Moral of the story, check the BIOS for ACPI or energy options that may hinder performance or even cause issues.

In fact, often times we do disable power-saving options because we believe they cause more trouble than desired.

Shrinking EBS volume on Amazon AWS for Windows

We thought to write this little how-to guide since there appears to be many ideas on how to shrink AWS EC2 EBS volume for Linux but none discuss the Windows OS.

Scenario: You got an important instance that is using large amount of SSD or IO intensive disk on Amazon EC2 and you’d like to shrink the space used on these disks to save on costs.

Solution: To shrink or even completely change a root volume from SSD/IO based to Magnetic disk in few short steps:

a) In Windows, go to the Disk Management section and shrink the existing volume size (You can only shrink C:\ drive if it is the only volume on the Disk)

b) Create a new EBS volume using your preferred size and type, then attach this volume to the EC2 instance to be replaced. Then go into Windows Disk Management and bring online the new volume, then initialize it as MBR

c) Download/Acquire Macrium Reflect Server Edition , install it on the Windows server that needs to changed.

d) Start Macrium Reflect Server and clone your already shrunk C:\ volume to the new EBS disk you’ve attached (note, the new disk must contain as much  space or more than the C:\ volume TOTAL size) – Pay attention to clone the C:\ volume and the System Partition before it. Do not clone the unused space.

e) Once clone is completed successfully. Shutdown the instance, detach both EBS volumes from the instance. Then re-attach the new smaller volume to the instance as: /dev/sda1

Turn the Windows instance back on and verify connectivity. If all was done properly, your instance will come online with the new smaller sized volume.

Happy Amazoning!

How to setup Big Blue Button Conference System on Hyper-V

So we were tasked with providing a demo for BBB (BigBlueButton) , a free open-source extensively featured conference and training system. However, we are a Hyper-V house, and although we don’t mind working with VMWare or Amazon EC2, we like to work with Hyper-V!

BBB had only VMWare Ubuntu 10.0.4 based image. So we decided to try this on Hyper-V. The following are step by step on how to get your BBB 0.81 running Ubuntu 10.0.4 to work on Hyper-V using Static IP and Public Network:


1. Download the image from:

2. Convert .vmdk to .vhd or .vhd (then later to .vhdx for HV2012 using a free tool from the nice people at Star Wind Software:

3. Create a Hyper-V Machine with standard hard disk and legacy network card attached to your Public Network

4. Attach the .vhd disk to the VM machine, and turn on the VM instance

5. The VM will start slow and go through many errors. At the end it will ask you to login. Use the following login info:

user-id: firstuser

password: default

You’ll be prompted to change your password immediately after first login. To bypass having to enter ‘sudo’ before each line, type: sudo su – , you’ll be prompted for root password which you can change using: sudo passwd root

6. Once logged-in, establish a network connection by modifying your network adapter. To list your network adapter, type the command: sudo ifconfig -a , this should list something like eth0 or eth1 as network adapter.

Next, edit the file that matches your network adapter inside: /etc/network/interfaces/  , you need to use vi as that is the only installed editor  in the bigbluebutton machine.  Edit the file to look similar to this (but change the IPs to match your network public IP addresses):

auto eth1
iface eth1 inet static

Then restart the network stack using the command: 
      sudo restart network-manager  , then run a quick ping test to make sure net is up

7. Now begins the work of upgrading the server to a version that supports Hyper-V Integration tools.
In here we will upgrade to version 12.04, so type the following:

sudo apt-get install update-manager-core

sudo apt-get update && sudo apt-get upgrade & sudo apt-get autoremove

sudo do-release-upgrade

Follow the prompts and continue the upgrade. Restart the server afterwards to complete the upgrade

8. Once logged back into the machine and the upgrade completed, you can verify your Ubuntu version
by typing: cat /etc/*-rel*

9. Begin installing BBB libraries by running these commands:

    sudo apt-get update
    sudo apt-get upgrade
    sudo apt-get install bigbluebutton

10. This should complete the install. Check that all necessary services are running using:

sudo bbb-conf --check
Sometimes the Red5 service fails to start and that is mainly because the $JAVA_HOME variable is not defined
inside /etc/environment. Another thing to check is /etc/init.d/red5 file as the Java Home path might be
hardcoded and therefore you need to make sure your existing Java folder matches the one in red5 file.

OpenSSL Heartbleed Assessment

The vulnerability of OpenSSL is real and serious. Remote attackers, requiring no authentication can retrieve data in the memory of the system. This would include SSL certificates, usernames and other information.

We have exmained our systems and determined we are not running the vulnerable version of OpenSSL. Therefore, your data is secure and no further action is required at this time.

For clients of our management service, we’ve complete our evaluation and udpated you on any action that was taken to correct the problem.

Please feel free to contact our support for any questions or inquiries.