Tier i support_day7_4

OpenTable Tier 1 Support Training Manual

1 Day 7 – OpenTable Networking and Troubleshooting

Plan for the day

Topic Overview OpenTable Networking and TroubleshootingAspects Covered Introduction to Network 1 hour

VNC Hopping 30 minsSource IP Filtering 45 minsERB Connectivity 45 minsBack Soons (Review PNG Back Soon Flowchart) 45 minsFlapping, FRN – False Reserve Nows (NATs) 1 hourFirewall 15 minsHow to run a reservation report 30 mins

Outcome The trainee should be familiar with all OpenTable Networking and troubleshooting

Core Knowledge – What is a Network?

Networking is the practice of linking two or more computing devices together for the purpose of sharing data. Networks are built with a mix of computer hardware and computer software.

Some Terms / vocabulary

IP Address - A device’s identity on a network. The format is standard as ***.***.***.*** . Example would be 192.168.1.1. Compare this to a street address in a community. Each address can only exist once, but it identifies the address of the unit to everyone else.

LAN - Local area network - a network of up to 254 devices able to communicate to one another locally. Compare this to a small, gated home community with a solid wall around the perimeter.

Router – A router acts as a traffic director for all network traffic within a LAN, and also manages any traffic entering or leaving the LAN. Going back to our LAN analogy of a small, gated community, the router would be the equivalent of a gatehouse / community manager managing all traffic within the community, as well as traffic in and out of the community. No traffic can go in or out of the

Page | 1

Tier 1 Support Training

OpenTable Tier 1 Support Training Manual

community without going through the gatehouse. A router carries two IP addresses; one that those devices within the LAN refer to the router, and one that devices outside the LAN refer to it.

WAN - A network broader than a LAN. Going back to our gated community analogy, this is everything outside the walls of the LAN. A router would then have two identities; one being the LAN identity (what devices within the LAN refer to the router), and one WAN identity that identifies the router to devices outside the LAN.

Default Gateway - IP Address of the LAN side of the router. This is what all devices within that router’s LAN refer to that router as. Default Gateway is what all LAN devices must use to access anything outside the LAN. Remember our gated community analogy. To get out of the gated community, you must go through the gatehouse also known as the router or default gateway.

Public IP Address - the WAN network identity directly facing the web. Typically, one restaurant building equates to one public IP address (this isn’t always the case, but 99% of the time is).

Port Forwarding - This is programmed into the router to direct inbound traffic to a specific LAN IP address within that router’s LAN. Going back to the gated community analogy; A package needs to be delivered to a unit within the gated community, but gets stopped at the gatehouse (because it manages all traffic in and out). The delivery only knows the outside address of the gatehouse (WAN IP address), but from there, the gatehouse is responsible for delivering the package to the unit within the LAN. The router is programmed with a rule that says “if you receive a package from this source, send it to this particular address within the LAN (LAN IP Address)”.

Dynamic LAN IP address - a temporarily issued IP address given to a device by the router. The function in the router which issues these temporary IP addresses is called a DHCP server. This DHCP server manages “leases” on the temporary IP addresses and ensures no other device carries the same IP address.

Static LAN IP Address - a permanent LAN IP address assignment managed by the individual device, not by the router’s DHCP server.

Assignment

At this point, it’s a good idea to get some hands on experience with identifying a device’s network properties.

Identify the IP address and default gateway on your computer by running start/run cmd. This will bring up a command prompt where you can type the command ipconfig. This will give you the IP address and gateway.

Page | 2

OpenTable Tier 1 Support Training Manual

Ping the default gateway to establish that the configured network settings are functional.

Start/run >> cmd. At the prompt, type ping [space] default gateway address, enter. Replies show communication with the default gateway.Example: ping 192.168.1.1 [enter]

Show how to manually configure a network address in the network protocol properties. Also show how to change from using a static IP address to using a dynamic IP address.

Now is a good time to start to set up a network from scratch to see all of the pieces come together, and repeat the steps above to identify network identity.

Page | 3

OpenTable Tier 1 Support Training Manual

Core Knowledge – VNC Hopping

VNC (Virtual Network Computing) software makes it possible to view and fully-interact with one computer from any other computer or mobile device anywhere on the Internet. VNC software is cross-platform, allowing remote control between different types of computers. The type of remote connection software we use could change in the near future due to PCI compliance and security issues.

The default VNC port is 5900 (or 5800 using a web browser). Traditionally OpenTable has used 6320/6220 (RealVNC display number 420, per UNIX) on all computers, as each computer had its own public IP address. Now, the router is mapping the incoming TCP/IP traffic on each port to a specific internal LAN IP. The port number for each computer must match the corresponding IP of each terminal.

Terminal IP Address Port NumberServer 1 192.168.0.2 6320Client 1 192.168.0.3 6321Client 2 192.168.0.4 6321Client 3 192.168.0.5 6322Client 34 192.168.0.6 6322

Local Area Network VNCFor internal LAN VNC access (VNC’ing from server to client or client to server) simply enter in the IP address and port and you will be prompted for the password. This can be done with VNC Viewer using: 632x or a web browser using : 622x.

This is one of the first steps you should complete when troubleshooting VNC issues (after confirming port number and password are set correctly!)

Terminal Using VNC Viewer Using BrowserServer 192.168.0.2:6320 http://192.168.0.2:6220Client 1 192.168.0.3:6321 http://192.168.0.3:6221Client 2 192.168.0.4:6321 http://192.168.0.4:6221

Wide Area Network VNCFor external WAN VNC access, that is, to gain access to the computers when not on site, you have to use the public address rather than the private address for this to work. The public address is provided by the ISP.

Page | 4

OpenTable Tier 1 Support Training Manual

Dynamically assigned IPs will be transferred from the OpenTable terminal to ROMS in the Server IP area. It will sometimes be stored in certain routers and can be accessed via the http:// interface in the “Router Status” area. Note that the public IP can change from time to time for dynamic xDSL or HSIA. Once the dynamic listener is configured, the public IP address will be automatically updated in ROMS every minute.

For static xDSL or HSIA sites, the IP will be assigned by the ISP and can be found in the Internal OpenTable Admin Area or ROMS (once entered by the PC).For external WAN VNC access (VNC’ing from your PC in the office to an OpenTable terminal at a restaurant) simply enter in the Public IP address and port and you will be prompted for the password. This can be done with VNC Viewer using: 632x or a web browser.

Example: Assuming the Public IP is 123.456.78.9

Terminal Using VNC Viewer Using BrowserServer 123.456.78.9:6320 http://123.456.78.9:6220Client 1 123.456.78.9:6321 http://123.456.78.9:6221Client 2 123.456.78.9:6322 http://123.456.78.9:6222

Page | 5

OpenTable Tier 1 Support Training Manual

Core Knowledge – Source IP filtering

While Tier1 agents will not implement source IP restrictions, it’s important to know that some restaurants have implemented this, which can cause irregular port scan results. Restaurants with a common Linksys or Netgear will not have source IP restrictions in place. You will only find this in some larger corporate groups and a handful of single restaurants that use business class routers/firewalls. (Cisco, Juniper, etc.) It will almost always be in Support Notes in Salesforce if a site uses source IP restrictions.

OpenTable Source and Destination IP Addresses and PortsBelow is a list of ports and trusted IP address ranges used by the OpenTable Server to communicate with the OpenTable data center, our corporate office, and disaster recovery site. All said subnets and port numbers are subject to change. It is the responsibility of the restaurant to keep their systems updated if these requirements change.

OpenTable Trusted IP RangesName CIDR Format Subnet Mask RangeOpenTable Data Center(OTDC)

199.16.146.0/24 255.255.255.0 199.16.146.0 – 199.16.146.255

66.151.130.0/24 255.255.255.0 66.151.130.0 — 66.151.130.25566.151.149.224/27 255.255.255.224 66.151.149.224 - 66.151.149.25566.151.149.32/27 255.255.255.224 66.151.149.32 — 66.151.149.63

OpenTable DisasterRecovery (OTDR)

199.16.147.0/24 255.255.255.0 199.16.147.0 – 199.16.147.255

199.16.145.0/24 255.255.255.0 199.16.145.0 – 199.16.145.25567.202.218.0/25 255.255.255.128 67.202.218.0 — 67.202.218.127

OpenTable Headquarters(OTHQ)

199.16.144.0/24 255.255.255.0 199.16.144.0 – 199.16.144.25567.97.93.80/28 255.255.255.240 67.97.93.80 — 67.97.93.96204.16.158.64/26 255.255.255.192 204.16.158.64 — 204.16.158.127

OpenTable DNSName CIDR Format Subnet Mask RangeDNS (OUTBOUND TCP/UDP 53)

8.8.8.8/32 255.255.255.255

8.8.8.8 – 8.8.8.8 8.8.4.4/32 8.8.4.4 – 8.8.4.4 208.67.222.222/32 208.67.222.222 – 208.67.222.222

208.67.220.220/32 208.67.220.220 – 208.67.220.220

OpenTable PORTSINBOUND OUTBOUND†

Port Source Ports DestinationTCP 2368, 6319* OTDC, OTDR TCP 20, 21, 22, 53, 80, 443, 621, 2369, 6319* & UDP 53 OTDC, OTDRTCP 6320** OTHQ, OTDR TCP 53, 80, 443, 52311 & UDP 53 OTHQ, OTDR

Page | 6

OpenTable Tier 1 Support Training Manual

OpenTable Remote Client Licenses (optional)The OpenTable Server utilizes inbound ports TCP 61002 and TCP 61031 for the OpenTable Anywhere (OTAnywhere) remote client application.Since OTAnywhere may be accessed from any remote network, there are no OpenTable static source subnets that can be assigned to these ports. However, you may restrict port traffic to the remote clients that are restaurant-owned to those system’s locations.

OpenTable iPad Manager and Remote Manager (optional)The OpenTable Server utilizes inbound port TCP 6319 for our iPad Manager & browser-based Remote Manager Product. The iPad Manager andRemote Manager Product is sourced from the OpenTable Data Center (OTDC) and OpenTable Disaster Recovery (OTDR) and can be restricted to those IP ranges (see “OpenTable Ports” section, above).

OpenTable Text Messaging (optional)Text messaging can be activated within the OpenTable software to send SMS messages to parties on the reservation or waitlist during the shift. This is a free service provided with the OpenTable software.

OpenTable SMTP EmailSMTP e-mail can be sent from any OpenTable system to your SMTP gateway on your preferred port number.

OpenTable PCI Compliant Credit Card StorageThe OpenTable system provides a PCI Compliant means of storing Credit Card information with reservations. In order to connect to the secure credit card vault, outbound traffic on TCP 80 & 443 must be allowed to 204.109.13.0/24 & 216.33.89.52 from the OpenTable Server and any other systems running an OpenTable Client License. This is an opt-in service offered by OpenTable, for more details on our approach to PCI please visit, h t t p :/ / o t r e s t aura n t . c o m / c r e di t c a rd f a q . a s px

Fishbowl Marketing ExtractThe OpenTable server can export marketing information to a 3rd Party service, named Fishbowl, on an Opt-In basis. Information is exported via SFTP on outbound TCP 22 to 74.209.250.55/32. To access Fishbowl marketing tools, outbound TCP 80 and 443 must be allowed to74.209.250.0/24, 64.79.155.0/24, 173.194.74.0/24, and 74.209.250.0/24.

Page | 7

OpenTable Tier 1 Support Training Manual

Core Knowledge – Checking ERB Connectivity

There are a several different statuses available to help us diagnose the health of a customer’s ERB system. You can find the status of a particular system by looking it up in CHARM:

Status DefinitionsActive - Restaurant is ready to take online reservations and is on the OpenTable website. Just because a restaurant is active doesn't mean they are Reserve Now. They could be back soon because of internet connectivity problems.Awaiting Install - This is a new customer, the process of implementation has begunInactive - Restaurant is no longer a customer with OpenTable - could be because they have closed, they quit OpenTable, etc.Closed Temporarily - Site is closed for a short period of time for reasons like renovations - they will not appear on the website. A site may sometimes be in hibernation during this period.Seasonal - Depending on the location of the restaurant, they may only be open during the high tourist season - open only for winter months (Ski season in Denver, Colorado) or only open during summer months. A restaurant is also to be considered to be in Hibernation

Page | 8

OpenTable Tier 1 Support Training Manual

Temporarily Inactive - Listener password does not match between the server ERB and the website. When this occurs, you will need to verify the password on the ERB and what is in CHARM (only visible to tier 2). This status can also occur if two (or more) restaurants are sharing the same public IP. In this case you will need to get the restaurants on unique IP addresses.Initiating Uninstall - Site is in the process of terminating their OpenTable service - they are not on the website. Also, if a customer is Locked Out due to a billing issue.Client Grace Period - Restaurant has been installed, they SHOULD have connectivity, but they are not ready to go live on OpenTable.com site. At time of install, this status should only be in place for up to two weeks and after that they need to be set to Active/Reserve Now or Waiting for Connectivity. You can confirm connectivity is in place by checking the "Last Contact" field on the ROMS -> Hardware page.Decline Online w/ Conn. - Restaurant has OpenTable, but they do not want to take online reservation. They only use OpenTable to manage their phone / internal reservations. The restaurant is charged a monthly Non-Connectivity Surcharge (USD $75) for not accepting reservations online.Waiting for Connectivity - Restaurant did not have connectivity at the time they were installed - restaurant usually is actively looking to get connectivityUpdating Book - When the restaurant is making configuration changes in their ERB, this will cause them to temporarily go into this state. They will return to their previous status once they are done with their configuration changesNo Connectivity Available - Site does not have connectivity - they have more than likely exhausted all options for getting connectivity for the OpenTable ERBDecline Online w/o Conn. - Site has exhausted all options on finding connectivity for the ERB OR simply chooses to not be connected. The restaurant is charged two monthly fees for this:

Non-Connectivity Surcharge (USD $75) for not accepting reservations onlineNon-connectivity Support Fee (USD $25) as it is typically more complex / time consuming to support these customers.

False Reserve Now (FRN) - ERB has connectivity to the internet, but port forwarding is not set correctly.

Restaurant Status HistoryThe Restaurant Status History keeps track of any connectivity changes a restaurant may experience. You can find this information for a specific restaurant under Profile -> Connectivity Settings in CHARM.

Page | 9

OpenTable Tier 1 Support Training Manual

Status History DefinitionsReserve Now - This has the same meaning for both Website and Cache Server. It means that that the Webserver or a Cache Server has received recent contact (a reply to a request, a heartbeat message, or some other message), within the past 10 minutes, indicating that they system is online and is accepting online reservations. The origin of the name "Reserve Now" comes from early versions of the OpenTable.com website - a diner would click on a "Reserve Now" button next to the restaurant name to search for reservation availability.Back Soon - No recent contact has been received from the restaurant, most likely because of network issues. The origin of the "Back Soon" label comes from older versions of the OpenTable.com website - when a restaurant was offline, the website would show an icon saying that the restaurant would be back soon for online reservations.Updating Book - The restaurant is currently editing some aspect of their system (modifying shift times/dates, modifying slot allocations, etc.). Once the editing is complete and the new schedule information has been uploaded to the Cache Server, the restaurant should normally transition back into the "Reserve Now" state.

Page | 10

OpenTable Tier 1 Support Training Manual

False Reserve Now (FRN) - The ERB is telling the web servers that it has connectivity, but when the web servers ask it a question, there is no reply back. This might be caused by networking misconfigurations (i.e. port forward not set correctly). The restaurant is falsely proclaiming that it is "Reserve Now" - this is a "False Reserve Now" because it will not accept reservation requests even though it may be sending us heartbeats.

Page | 11

OpenTable Tier 1 Support Training Manual

Core Knowledge – Troubleshooting Back Soons

A Back Soon status occurs when our website cannot communicate to an ERB, and the ERB cannot call out at all. This means that the restaurant’s system is offline and cannot accept reservations, nor can it be backed up to the OpenTable servers.

In an effort to resurrect “Reserve Now” status on our Website, proceed with the below steps. This guide is designed to be worked through from start to finish in a stepwise fashion.

Note that if you find yourself at an escalation point, you want to have ready the most thorough information possible. As you move through the below steps, place a check mark next to what you’ve done. That way, when passing on the information, you can repeat the exact steps that were taken.

If you find yourself at a point in this guide where a call to the restaurant is needed have ready a standard response. For example, “I noticed that you are listed as Offline on our Website. Do you have some time to troubleshoot with me - I need your help to check a few items on your end.” If Back Soon status is non-urgent to the restaurant, avoid troubleshooting calls to a restaurant during meal hours. Be aware of the restaurant’s needs and priorities.

Step 1 - Check the RouterTo check the router, follow these steps:

Ping the gateway address (Server IP minus 1). If you receive a solid string of replies, the router is connected to the DSL line. Move on to check the Listener.If you receive a response that is ~50% timed out with variable replies, the router may have a faulty circuit. [Internal escalation - possible trouble ticket needed] If your request is solidly timed out, proceed with point 2 - calling the restaurantCall the restaurant. Ask the customer to check for power to the router; are there lights on? What color are the lights? If red lights are on, check the connection of the router to the DSL line in the wall. Make sure the DSL cabling is firmly “clicked” into router as well as snug in the wall jack. If the cabling is secure but red lights persist, possible regional DSL outage. Check the status of other establishments in the area on the website. If other establishments are not offline, it’s possible that the restaurant is experiencing a site specific outage. [Internal escalation - trouble ticket needed]If green lights are on and the cable connection to the DSL line looks secure but Back Soon status persists, have the restaurant “power cycle” the router by turning it on and off and unplugging it for a few seconds.

Step 2 - Check the ListenerIf you’ve received a solid string of replies from the gateway address, your next step is to check the Listener.

Page | 12

OpenTable Tier 1 Support Training Manual

If you can connect using a virtual network connection (VNC), check the Listener on the server node (the Listener should be disabled on every client). On the server, start the Listener if it is stopped or try stopping and re-starting it. If you are unable to connect using a VNC, move on to Step 3 - Check the ERB.

Step 3 - Check the ERBFollow these steps to check the ERB:

Ping the server ERB (IP address)If your request is timed out, place a call to the restaurant to determine if the server ERB is turned off. It will take a few minutes for the restaurant to be removed from Back Soon status once the ERB is restarted.

If the ERB was not turned off, but your request was timed out move on to Step 4 - Check the Hardware Connections from Router to ERB.

Step 4 - Check the Hardware Connections from the Router to the ERBFollow these steps to check the hardware connections from the router to the ERB:

Call the restaurant**Ask the customer to trace the thinnest gray/ blue/ white/ black cable from the server. For restaurants with drilled host stands, they may have to tilt the base to see and check the cable and, in turn, open a host-stand cabinet to follow the cable to the modem or router. The thin cable should feel secure from the base of the server ERB. Check the cabling from the server to the hub (if applicable) and to the router. Check for a secure, “clicked” connection from the server to the hub and from the hub to the router, noting if the light is on.If Back Soon still persists, power cycle the router and/or the hub by turning them on and off and unplugging for a few seconds.

Escalating Back Soons to Tier IIIf you need to escalate a Back Soon case to Tier II, ensure that the following information is included for the support rep.Port Test Results:IPConfig:IP:SM:DG:Ping OT.com IP:Ping OT.com:

The above MUST be included with EVERY Back Soon call!1. Run a PORT TEST IN RAT!

Page | 13

OpenTable Tier 1 Support Training Manual

If your port scan FAILS FOR ALL PORTS, MOVE ON TO STEP 2.If your port scan PASSES FOR ALL PORTS, then check the rogue status of the ERB. This is listed under the hardware process and there is a wiki page with complete instructions on how to correct a rogue.If you receive mixed results with your port scans, then flapping is a possibility. See if you are able to VNC in and investigate the ERB’s connectivity.If your port scan indicates ONLY LISTENER FAILING, then try restarting OTL service or SQL. Often times if this isn’t resolved by the service restart, then there is a possible issue with SQL. You can confirm a SQL issue, if the software fails to open completely.

2. Have the customer pull up the command prompt and run and IPCONFIG. The results of the IPCONFIG determine the next course of action.

If returned with Media State Media Disconnected, have customer check cables between the ERB and first device and ensure that the first device is powered on properly.If returned with relevant IP information, move on to step 3.

3. Ping the DGIf the ping to the DG times out, then P/C the DG. If this still does not resolve the issue, then try setting the ERB to DHCP, to see if a new DG will be pulled automatically.If you successfully get replies from the DG, then move on to step 4.

4. Ping 66.151.130.32If this ping fails, then the site is unable to reach out to the internet. Have them check the cabling for the modem and ask if other devices at the restaurant are experiencing issues, as this will tell you if we need to get the ISP involved.If you get replies from 66.151.130.32 when pinging, then move on to step 5.

5. Ping Opentable.comIf this fails, but you were able to ping 66.151.130.32 in the previous step, this often indicates a DNS issue. Check the ERB’s DNS settings and if need be, run an “nslookup” to see if the DNS servers are being resolved. If this passes, then you have internet connection and move on the FRN troubleshooting.

Page | 14

OpenTable Tier 1 Support Training Manual

Page | 15

OpenTable Tier 1 Support Training Manual

Core Knowledge – Flapping

A "flapping" restaurant is a site that changes from Reserve Now to a different status at least 3 changes per day for more than 2 days in a row.

Core Knowledge – Troubleshooting False Reserve Nows (FRNs)

False Reserve Now (FRN) occurs when an ERB can send data to our website, but the website cannot send data back to the ERB.

1. Check the Public IP AddressThe first step with any FRN should be to check the PFIP. Often times this switches up rendering sites FRN. If our auto-update feature is enabled in CHARM “Connection Settings”, then the site should theoretically go back Reserve Now after several minutes, but many sites have this feature disabled and need to update this information with us manually.

2. Check the Port ForwardingMore often than not, the cause of a FRN will be port forwarding related. We will need to pull and ipconfig, access the DG and attempt to setup port forwarding. In some cases the ports will still not pass after setting up the first device and you will need to check for a possible double, or sometimes even triple NAT. Most routers and modems have a page that is likely titled “Status” or a close variant. If you see the PFIP being displayed on this page, then you are currently in the last device, however if an additional DG and IP address is displayed, you will need to drop Host Intrusion and attempt to access to next device.

3. Static vs DHCP95% of the time, our ERB’s are required to be set to a static IP. The only exception being some 2wire devices that route to either the MAC address or NetBIOS of the machine, rather than the IP. If an ERB gets left in DHCP and reboot, we run the risk of it pulling a different IP address, resulting in an FRN.

4. Check Windows FirewallIn rare cases, Windows Firewall will be enabled on the ERB and will cause an FRN. Where this is rather rare, A LOT of reps do not think to check this before escalating, leaving T2 shaking their heads…A MUST CHECK before escalating.

Page | 16

OpenTable Tier 1 Support Training Manual

Single NATs (NAT = Network Address Translation)Most of our restaurants have a normal setup link we see in a normal family home.

Double NATsQuick way to see if it is a double NAT1. Once connected into 1st device (router), if you see a public facing IP it is NOT a Double Nat. You can find the public facing IP on the router’s status page.2. If you connect to 1st device (router) and see a different IP address and default gateway, it IS a double NAT. Connect to the 2nd device using the default gateway that is shown on the router.

Note: to get to the 2nd device you will need to log into the server machine under the admin account and drop into the firewall. McAfee HipScore & McAfee Host Intrusion. You will not be able to get to the 2nd device without dropping firewall)Once you see the public facing IP address you are done. Hit “search” again in RAT and test the ports. They should pass. Then, restart the firewall and log back into the server as the user’s account.

Page | 17

OpenTable Tier 1 Support Training Manual

Triple NATsIf it is a double/ triple NAT, you need to drop the firewall in order to get into the 2nd and 3rd device. McAfee HipScore & McAfee Host Intrusion. You must be logged in as an admin on the server.

Once you see the public facing IP address (www.opentable.com/ip) you are done.

Hit “search” in RAT and check the ports. They should now pass. If so, re-enable the firewall and log back into the server as the user.

FRN ChecklistThis checklist must be included for every FRN Call.

Item StatusChecked the PFIP?Checked the port forwarding settings?Ensured that the ERB was left in static and NOT DHCP?Ensured that Windows Firewall is disabled in services?

Check the Public IP AddressThe first step with any FRN should be to check the PFIP. Often times this switches up rendering sites FRN. If our auto-update feature is enabled in CHARM “Connection Settings”, then the site should theoretically go back Reserve Now after several minutes, but many sites have this feature disabled and need to update this information with us manually.

Check the Port ForwardingMore often than not, the cause of a FRN will be port forwarding related. We will need to pull and ipconfig, access the DG and attempt to setup port forwarding. In some cases the ports will still not pass after setting up the first device and you will need to check for a possible double, or sometimes even triple NAT. Most routers and modems have a page that is likely titled “Status” or a close variant. If you see the PFIP being displayed on this page, then you are currently in the last device, however if an additional DG and IP address is displayed, you will need to drop Host Intrusion and attempt to access to next device.

Static vs DHCP-95% of the time, our ERB’s are required to be set to a static IP. The only exception being some 2wire devices that route to either the MAC address or netbios of the machine, rather than the IP. If an ERB gets left in DHCP and reboot, we run the risk of it pulling a different IP address, resulting in an FRN.

Check Windows Firewall

Page | 18

OpenTable Tier 1 Support Training Manual

In rare cases, Windows Firewall will be enabled on the ERB and will cause an FRN. Where this is rather rare, A LOT of reps do not think to check this before escalating, leaving T2 shaking their heads…A MUST CHECK before escalating.

Core Knowledge – Firewall

OpenTable “McAfee” firewall We cannot leave the firewall disabled for any reason. We cannot customize the rules in a firewall. We have a few standard rule sets:

No Firewall: ONLY for Grandfathered accounts and some corporate groups. NEVER offer or mention this to a customer that’s not already in this rule set. Default: Allows OpenTable traffic, Email, OTA, FTP backups. Denies viewing any website other than OpenTable sites, denies traffic from any local network not on the same subnet (most restaurants use this). POS: Allows same as default, as well as traffic from the POS system

Disabling the firewall for testing/troubleshooting purposes is OK, but it can NOT be left off.

Occasionally you’ll run into a site with OTD clients running on a separate subnet from the ERB server. By default, the firewall blocks this traffic. If the subnets have the same first two octets but the third is different (192.168.1.x and 192.168.15.x) you can get the clients to connect without disabling the firewall by changing the subnet mask on the server from 255.255.255.0 to 255.255.0.0. This fools the firewall into thinking the two computers are on the same subnet. In the example above, this would allow traffic from any 192.168.X.X subnet. This is a fairly rare case, and shouldn’t be a go-to resolution. Before changing the subnet, you should test that the client can connect with the firewall off. If you can’t connect with the firewall off, the networks are completely separate and this solution will not work.

Page | 19

OpenTable Tier 1 Support Training Manual

Core Knowledge – Running a Reservation Report

How To: Send Reservations to a Restaurant (email and fax)Generally whenever a restaurant's Opentable system is down or otherwise inaccessible, such as in the case of a hardware swap or power outage, it is in everyone's best interest to make sure the restaurant has a reservation report to operate off from, even one which may be a little out of date (e.g. a restored backup).

Versions 8.x and Older: The Automated MethodVersions 8.x and older may be restored and sent out using our automated restoration tool, which takes a lot of effort out of the process. If there are no other requests in the automatic queue, the process will take approximately 15-20 minutes to complete.

On the restaurant's ROMs page, click the Hardware button to access the hardware info:

Next, click Restore FTP Backup:

Now, select the most recent backup from the list that you can (You want one of the *.otz files, not the archive.txt file) and click Decrypt Backup:

Page | 20

OpenTable Tier 1 Support Training Manual

Next open up the Auto Restoration Tool: http://crash/autoreports/index.phpThe utility will prompt you for a login - it is just your normal OpenTable Credentials. The actual utility has only a few easy options:

Select your backup from the list - it will be in the following format so you can tell: RID_FirstInitial_LastInitial_Date_SomeNumbers.otz, so John Doe restoring RID 1234's file would begin with 1234_J_D_...otz Select the Start Date and End Date for the report, which is the days covered in the report. Empty Slots will print empty slots as well, but be warned this makes most Reso reports VERY LONG - warn

Page | 21

OpenTable Tier 1 Support Training Manual

the customer this may tie up their fax machine for some time. You may check either Email, Fax, or both. Just keep in mind email addresses are always formatted in username@servername, and fax numbers must be preceded by a 1. Once you hit Submit, the automated system will kick in (or the computer will queue your request if another is running) and everything will be done automatically.Make sure you log clearly in your SR whom requested the reso report, and the phone number and/or email address you sent them to.

Version 8.x and Later: The Manual MethodUnfortunately our automated tool can have issues from time to time, necessitating us to take the manual approach to the process.

While on the restaurant's ROMs page, click the Hardware button to access the hardware info:

Next, click Restore FTP Backup

Use a sandbox machine to restore the backup and run the report.On the sandbox go to Start -> Run -> ftp.opentable.com (if you are asked for login info, use the otbackup login from your password sheet) In the folder, you will find your backup file - it will be in the following format so you can tell which one is yours: RID_FirstInitial_LastInitial_Date_SomeNumbers.otz, so John Doe restoring RID 1234's file would begin with 1234_J_D_...otz. Copy your backup file to sandbox desktop, or your respective virtual machine.On the desktop there should be an OT server setup program / icon. If not just navigate to c:/program files/opentable/software/ot install files:

Opening up this will start the installer.Page | 22

OpenTable Tier 1 Support Training Manual

Select 'Repair/Verify and load a new Database.Let the program run. It will install the restaurant's database on the sandbox. Once the db is loaded, start up Opentable, and run a reservation report for the days requested - make sure All shifts is selected! In the Output Options, make sure to include Guest Phone Numbers.Export the report to a *.pdf file, to the sandboxes desktop. Save it under a name you can remember.Now there are two possible paths. Either the site wants the report emailed, or they want it faxed.When emailing or faxing resos, you cannot do this from the sandbox machine. What you will need to do is first get the file onto your own personal drive. To do so, go to Start -> Run -> ftp.opentable.com. You may need to click File -> Login As, and log in as otinc. In the otinc login, there is a Temp folder. Open this folder, and copy your Reso report into it.We are done with the Sandbox, so close the connection.Go Back on your machine to complete emailing or faxing (see instructions below)

Email ResosTechSupport Email works just like your normal email. Log in using the UN and PSW on your password sheet, and go to New. Put the customer's given email address in the To field, write a short email explaining that you are sending them a Reso report as requested, and click Attach a File. Load the *.pdf from your H: Drive.Click 'Send'. You're done, you can delete the report from your H: drive.

Faxing ResosBring up the CRASH fax tool. Your CRASH login is the same as your OpenTable login (like for CHARMs, ROMs, etc). John Doe's would be m_jdoe. Your password is whatever your ROMs password is. CRASH looks like this:

Upload the file and enter all fax data as needed, and send to the number requested.

Page | 23

OpenTable Tier 1 Support Training Manual

Assignment

1. How will you check ERB connectivity?2. How will you run a RESO report?

Listening to Calls

Listening to calls is one of the best ways to help familiarize yourself with what you will be facing on a day-to-day basis. Listen to the calls below in their entirety. Some calls have screenshots of what you will see to help you follow along.

Call 1 – Troubleshooting BackSoonLink to file – https://drive.google.com/folderview?id=0B8KilV-6jucabkdCVF9pb2JNSVk&usp=sharing&tid=0B8KilV-6jucaeGo2TFZVbVJvSFkFile – EH1109.wav

Call 2 – Troubleshooting False Reserve NowRestaurant was not showing up on OT.com, agent determined that it was a port issue because their IT messed with the networking, the agent didn't really explain what he did to get it working again. Assisted in getting restaurant back online.Link to file –https://drive.google.com/folderview?id=0B8KilV-6jucabkdCVF9pb2JNSVk&usp=sharing&tid=0B8KilV-6jucaeGo2TFZVbVJvSFkFile – ZF1111.wav

Call 3 – VNC Hopping/FirewallNo ports were passing, customer had support stay on the phone to make sure everything was configured correctly. Also had questions regarding firewallLink to file –https://drive.google.com/folderview?id=0B8KilV-6jucaZG5UNWVFaDhmTTA&usp=sharing&tid=0B8KilV-6jucaeGo2TFZVbVJvSFkFile - EH1234.wav

Call 4 – ERB ConnectivityCustomer has faultly ethernet cable and client couldn't connect, unable to determine where failure is as no one could identify where the cables go past the jack in the wallLink to File –

Page | 24

OpenTable Tier 1 Support Training Manual

https://drive.google.com/folderview?id=0B8KilV-6jucaZG5UNWVFaDhmTTA&usp=sharing&tid=0B8KilV-6jucaeGo2TFZVbVJvSFkFile - PK1115.wav

Call 5 – FirewallCustomer was trying to install OTD but couldn't establish connection, support rep suggested attempting to install an OTA to determine if firewall was blocking traffic (if OTA installed successfully, this is the issue)Link to File –https://drive.google.com/folderview?id=0B8KilV-6jucaZG5UNWVFaDhmTTA&usp=sharing&tid=0B8KilV-6jucaeGo2TFZVbVJvSFkFile - RS0839.wav

Call 6 – Troubleshooting Back SoonsOT is offline. Router was unplugged. Resto called in because they were offline. Rep ran through all the trouble-shooting steps and got them back onlineLink to file –https://drive.google.com/folderview?id=0B8KilV-6jucaNmxfT25KRDBKUjA&usp=sharing&tid=0B8KilV-6jucaeGo2TFZVbVJvSFkFile - BD1209.wav

Call 7 – RM/Port ForwardingTrying to access RM - needed to forward Port 6319Link to file – https://drive.google.com/folderview?id=0B8KilV-6jucaNGFCMWhXSDJIT0k&usp=sharing&tid=0B8KilV-6jucaeGo2TFZVbVJvSFkFile - PK0736.wav

Call 8 – Troubleshooting FRNAssisted in getting restaurant back onlineLink to File –https://drive.google.com/folderview?id=0B8KilV-6jucaNGFCMWhXSDJIT0k&usp=sharing&tid=0B8KilV-6jucaeGo2TFZVbVJvSFkFile - BD0819.wav

Page | 25