New Streamyx Data Rate -> Dial-Up?

龟速的网速，我们的唯一的DSL网络供应商连
最基本的1Mbps窄频（6Mpbs才勉强算是宽频）都做不好。
又还指望什么推动资讯工艺科技发展呢？

无线上网,危害健康?

槟岛是马来西亚有名的电子城，它也是槟岛人的骄傲，
槟岛距离国都吉隆坡虽有数百公里之遥，
但是，它的发展不输给吉隆坡，
其生活水平甚至与吉隆坡旗鼓相当。

网络覆盖率是资讯工艺科技业发展的重要推力。
(韩国超过60%的宽频覆盖率)
推动资讯工艺科技发展的另一项障碍是，
公众对通讯科技的运用仍普遍存有迷思。



关于槟城要装无线上网， 不是一件坏事。
人民在那里抗议，人民认为电波覆盖整个槟城，
会危害槟城人民的健康。

事实是什么呢？会危害健康吗？没有人知道， 没有人敢保证。

EPF 8% 的真相？

假设 薪水RM4000，

- 选择 EPF 11%也就是RM440，taxable income 是RM3560，
所以tax RM77
- 选择 EPF 8%也就是RM320， taxable income 是RM3680，
所以tax RM109

政府揾我们笨！

Conclusion : If you choose to contribute 8%,
you will end up paying more income tax to the government,
which will make the government richer.

Finance Minister said this measure is meant to boost up
the slow-down market, but from this example wee
see that the money does not go into the market.

Instead the money goes direct into the government's pocket
through the greater amount of income tax that we will have
to pay. Obviously this measure does not help the market
at all.

Do we still want this kind of government that doesn't have
the best interest of the people in mind?

谴责援引落伍野蛮的《内安法令》!

真的没有想到九月的第一帖。。。
强烈谴责巫统政府援引落伍野蛮的《内安法令》!

[分享] 把自己变成年薪50万的人

一个年轻漂亮的美国女孩在美国一家大型网上论坛金融版上
发表了这样一个问题帖︰我怎样才能嫁给有钱人？

"我下面要说的都是心里话。
本人25岁，非常漂亮，是那种让人惊艳的漂亮，
谈吐文雅，有品位，想嫁给年薪50万美元的人。

你也可以说我贪心，但在纽约年薪100万才算是中产，本人的要求其实不高。

这个版上有没有年薪超过50万的人？你们都结婚了吗？
我想请教各位一个问题——怎样才能嫁给你们这样的有钱人？

我约会过的人中，最有钱的年薪25万，这似乎是我的上限。
要住进纽约中心公园以西的高尚住宅区，年薪25万远远不够。

我是来招恼意请教的。有几个具体的问题︰

一、有钱的单身汉一般都在哪里消磨时光？ (请列出酒吧、饭店、健身房的名字和详细地址。)
二、我应该把目标定在哪个年龄段？
三、为什么有些富豪的妻子看起来相貌平平？我见过有些女孩，长相如同白开水，毫无吸引人的地方，但她们却能嫁入豪门。而单身酒吧里那些迷死人的美女却
四、你们怎么决定谁能做妻子，谁只能做女朋友？ (我现在的目标是结婚。)"——波尔斯女士

下面是一个华尔街金融家的回帖︰

"亲爱的波尔斯︰我怀着极大的兴趣看完了贵帖，相信不少女士也有跟你类似的疑问。让我以一个投资专家的身份，对你的处境做一分析。

我年薪超过50万，符合你的择偶标准，所以请相信我并不是在浪费大家的时间。

从生意人的角度来看，跟你结婚是个糟糕的经营决策，道理再明白不过，请听我解释。抛开细枝末节，你所说的其实是一笔简单的"财""貌"交易︰

甲方提供述人的外表，乙万出钱，公平交易，童叟无欺。但是，这里有个致命的问题，你的美貌会消逝，但我的钱却不会无缘无故减少。

事实上，我的收入很可能会逐年涕增．而你不可能一年比一年漂亮。

因此，从经济学的角度讲，我是增值资产，你是贬值资产，不但贬值，而且是加速贬值!你现在25，在未来的五年里，你仍可以保持窈窕的身段，

俏丽的容貌，虽然每年略有退步。但美貌消逝的速度会越来越快，如果它是你仅有的资产，十年以后你的价值甚忧。

用华尔街术语说，每笔交易都有一个仓位，跟你交往属于"交易仓位"(trading position)，一旦价值下跌就要立即抛售，而不宜长期持有——也就是你想要的婚姻。

听起来很残忍，但对一件会加速贬值的物资，明智的选择是租赁，而不是购入。年薪能超过50万的人，当然都不是傻瓜，因此我们只会跟你交往，但不会跟你结婚。所以我劝你不要苦苦寻找嫁给有钱人的秘方。

顺便说一句，你倒可以
想办法把自己变成年薪50万的人，
这比踫到一个有钱的傻瓜的胜算要大。

每天跨州的行程

每天跨州的行程：

两个月前，我想也没有想过工作的每一天都会跨过两个州
雪兰莪州，蕉赖（出发）-联邦直辖区，PJ（经过）-雪兰莪州，沙亚南。

起初，还觉得不习惯。慢慢的就麻痹了。
当然，缴过路费时还是会诅咒前工程部长，
没有车龙的日子还好，塞车就会把交通部长也
加入诅咒名单。

每天路过KESAS.
大盗公司掠了我一大笔...

7pm-1.45am@below RM30

8点10分

单轨火车-KL Monorail的收费第一流，
服务素质却是不入流。
国内贸易与消费人事务部长拿督沙里尔
应该在繁忙时段时亲自坐一趟单轨火车。

今天早上几乎是站站停十五分钟，
车厢里满满的沙汀鱼就无奈的挤压，
大家还没有开始上班就累得好像打了海战，

车厢广播器只会不停的重复的一遍又一遍的道歉启示。
短短的几公里路程就花了50分钟,花钱买难受啊。

单轨火车公司真的是有必要好好检讨一下，
今时今天这种服务真的是不要的。

Wanted (2008) @ MBO GALAXY AMPANG

昨天下午心血来潮，突然间想去看戏，
附近的几间戏院豆爆满了，在拥挤的Saturday
就只有它有票咯。。。RM9 only
MBO GALAXY AMPANG
10 Halls
MBO Galaxy Ampang
3A-2, Galaxy Shopping Centre
Jalan Dagang 5,Taman Dagang
68000 Ampang, Selangor
Tel: 03 - 4270 1938
GPS @
3° 8'49.00"N
101°45'20.57"E

Wanted (2008)
导演：提莫·贝克曼贝托夫 Timur Bekmambetov
主演：
安吉丽娜·朱莉 Angelina Jolie
摩根·弗里曼 Morgan Freeman
詹姆斯·麦卡沃伊 James McAvoy

　　 主角韦斯利刚刚步入25岁的黄金年龄，然而对于一个生来就喜欢逃避现实的人来说，他的生命却已经到了混吃等死的最后阶段。不过在性格与偶然性铸就的人生当中， 很多现状，都是他自己一点一滴亲手促成的……简而言之，韦斯利非常讨厌自己正在面对的境地，因为这样的生活让他充满了失败感：在单位，韦斯利的大块头老板 几乎每小时都会辱骂他一番，已经把折磨他当成了人生的一大乐事；回到家中，韦斯利那堪比性感尤物的女友，却又把他当成虚无的空气一样视而不见。每一个人都 相信，像韦斯利这种闲散的懒鬼，最终的结局只会是一事无成，最最糟糕的是，就连韦斯利本人也这么认为，在他看来，生命的意义就是消磨时间，等待死亡——直 到他遇到了一个名叫福克丝的女人，所有的一切都改变了。

　　韦斯利一直以为自己的亲生父亲早在他出生那会儿就已经去世了，然而事态全然不若 他想得那般简单，福克丝为他带来了真相：他的父亲于昨天被人谋杀，而她奉命带韦斯利回去，完成他父亲未竟的事业……福克丝身上所散发出来的致命吸引力，让 韦斯利毫不犹豫地跟随她加入了“互助会”，一个存在了几个世纪的秘密社团组织，并在那里接受训练，释放隐藏起来的能量，为父亲的死复仇——原来，杀戮的本 性在他的血脉当中早已经如此根深蒂固了。就在福克丝教会韦斯利如何开发像闪电般快速的反应能力和成果显著的敏捷性时，他也发现这个组织一直秉承着一个古老 且牢不可破的信念：贯彻执行由命运赋予的死亡命令，杀一人，救千人。

　　在一群技艺高超、才华横溢的导师的指点下——包括“互助会”中像谜 一般高深莫测的领袖斯隆，韦斯利开始深深着迷于自身被开发出来的强大潜能，但渐渐的，他也意识到这些危险的“同伴”背后隐藏着的是肉眼看不到的秘密，尤其 是执行刺杀任务的时候，当初的高贵与纯粹也荡然无存。纠结在被新进开发的英雄主义和复仇的愤怒当中，韦斯利将会学会一件任何人都没办法教会他的事实：命运 是掌握在自己手中的。

转载：
http://ku6.mtime.com/movie/51393/plots.html

On Job Training

This week is my first week On Job Training for WiMAX.
Currently, i am base at Wisma Denmark, near LRT Dang Wangi.

Actually i have to start from scratch
to learn everything about RF, RF, and RF.

From last few days, i've been observed site survey and drive test.
Then, more will be coming for the following weeks.

+Oil...

7点05分

7点05分从Cheras Perdana出发到Damansara Phileo 1。
第一天到公司上班，就亲身经历白闻不如意见的联邦大道，
短短十五分钟的路程，就用了50分钟。

5点45分从公司出发改道路经Jalan Gasing回家，
结果7.30分才到家门口。

在汽油价格居高不下的这个年代，
塞车不只是浪费非常有限的金钱，也浪费十分宝贵的时间。

马来西亚的政治家做戏一流，交通规划完全不入流。

TMnut streamyx is up

Finally it is up.
After i launch 6 report and dial 100 for 100 times...

It is so frustrated that every time the operator keep telling me is my DSL modem fault...
After the 5th report, then they finally send a technician to check the
my line installation to last point.

The technician conclusion is, installation to last point is good,
thats mean it is not my DSL modem fault nor my phone line installation faulty.
The problem is at TMnut exchange/POTs.

This problems drag for 3 weeks...
and it is done within 1 hours after the technician visit
My conclusion is...why dont they just send a technician after my 1st report?
TMnut service is so so bad...

The Streamyx

The line transition took time from 9 MAY to 22 MAY.
Well, yet still not up yet...

Poor TM, poor me for using this ISP.

ICND2, 5th Day

IPv6 -> 16 Octet

::1: <- Localhost Address
FF01::1 <- Private Address

1. conf t
2. ipv6 unicast-routing
3. ipv6 address [ipv6prefix/prefix length] [eui-64] Hostname

1. conf t
2. ipv6 host R1 [ipv6:1] RIPng

1. conf t
2. ipv6 router rip [Tag]
3. ipv6 unicast-routing
4. router rip RT0
5. exi

1. conf t
2. int f0/0
3. ipv6 router rip RT0 enable
4. exi
5. show ipv6 route rip

Rapid Spanning Tree Protocol (*Cisco Only)
1. conf t
2. spanning-tree mode ?
3. show spanning-tree

VLAN Trunking Protocol
Must be the same domian name
Run on trunking

1. conf t
1.1 vtp mode server
2. vtp domian UPMicnd
3. vtp version 2
4. exi
5. show vtp status

6. show vtp password

* If VTP not working check VTP password.
*The revision number will be reset when VTP domain changed.

PPPoE, PPPoA-> Can do Authentication as compare to HDLC
PAP(One-way Plain Text pwd) and CHAP(Three-way Encryption pwd)
1. conf t
2. int s0/0/0
3. encapsulation ppp

Set Authentication on interface
1. conf t
2. username R2 password CISCO
3. int s0/0/0
4. ppp authentication chap

Why Serial Line Up\Down?
1. Clock Rate not set
2. Encapsulations mismatch
3. Keep-alive mismatch

Frame Relay
Point-to-Point
Multi Point

R1, R3, TS as Client
R2 as ISP FR

Frame Relay Router
1. conf t
2. int s1/0
3. encap frame
4. frame int dce
5. frame route 123 in s 1/1 321
6. frame route 139 in s 1/2 931
and also set the other interface.

Client Router
1. conf t
2. int s0/0
3. encap frame-relay
4. exi
5. int s0/0.123 point-to-point
6. ip address [] []
7. frame relay interface-dlci 123

8. show frame lmi
9. show frame map
10. show frame pvc

ICND2, 4th Day

Routing Protocol on Cat3560 Switch
1. conf t
2. router ospf 9118
3. net [ ] [ ] area 0

Access Control List (ACL) -> Packet Control List
Doing on Layer 3 device

Types:

Standard ACL-> Check SRC IP
Extended ACL-> Check SRC IP, DEST IP, PORT, PROTOCOL

1. conf t
2. access-list ?
3. access-list 10 deny [SRC IP] [0.0.0.0<-Wildcard for one host] [log] 4. exi 5. show access-list

Apply the access list to the closet interface to the destination
1. conf t
2. int fa0/0
3. ip access-group ?
4. ip access-group [acl no] ?
5. ip access-group [acl no] [in/out]

Since The ACL is implicit deny, solution :
1. conf t
2. access-list 10 allow any

**Type all the access list on notepad, one line removed...all gone!!!

Example for Extended ACL:
Apply closet to the source. It is diff with Standard ACL.
This deny telnet from 20.0.0.1-7 to 172.19.90.22 telnet

1. access-list 110 deny tcp 20.0.0.0 0.0.0.7 172.19.90.22 0.0.0.0 eq 23
2. access-list permit any any

Go to the SRC int
1. conf t
2. int fa0/0
3. ip access-list 110 in

Insert new line into existing ACL
1. conf t
2. ip access-list extended 110
3. [5] permit ip 20.0.0.7 0.0.0.0 172.19.90.22 0.0.0.0

Name Access-List
1. conf t
2. ip access-list standard DenyWAN
3. deny host 172.19.90.24
4. permit any

Deny all 20 network to lin vty TS (ACL)
1. enable
2. conf t
3. access-list 20 deny 20.0.0.0 0.0.0.255
4. access-list 20 permit any

5. exi
6. conf t
7. lin vty 0 30
8. access-class 20 in

** permit tcp any any [must specific port number here]

Reflexive ACL
Time-Based ACLs

Network Address Translation
1. Static (1->1)
2. Dynamic (M->M) FCFS
3. Port Address Translation (M->1) Overload

Inside? Outside?
1. conf t
2. ip nat inside source static 20.0.0.88 172.18.70.248
3. ip nat pool ABC 172.18.70.235 172.18.70.239 netmask 255.255.255.0

show ip nat translation
clear ip nat translation *

Port NAT
1. conf t
2. ip nat inside source list 60 int fa0/0 overload
3. int fa0/0
4. ip nat outside
5. ip route 0.0.0.0 0.0.0.0 172.18.70.254

ICND2, 3rd Day

VLAN Operation
1. show vlan bri
2. conf t
3. vlan 20
4. name MGMT
5. conf t
6. int fa0/19
7. switchport access vlan 20
8. conf t
9. int range fa0/3 - 5
10. switchport access vlan 12

VLAN Trunk Protocol
1. VLAN add/delete
2. Change propagated
3. Sync to latest change

Modes
-Server
-Client
-Transparent
*Pruning
http://en.wikipedia.org/wiki/VTP#VTP_Modes

VTP Operation
1. VTP advertisement are send as multicast frame.
2. Servers and client sync to the latest Revision Number.
3. VTP advertisement are sent every 5 min.
4. All the previous VTP info will be flush before receive.

VTP Syntax
1. show vtp status
2. conf t
3. vtp domain UPMicnd
4. vtp mode server/client/transparent
5. vtp password
6. vtp pruning

7. conf t
8. int fa0/0
9. switchport access trunk encap dot1q

Spanning Tree Protocol
-Avoid Switch Redundant Loops,
-Broadcast Storm, MAC Table Unstable, Multiple Frames Copy

-Elect Root Bridge (Per Broadcast Domain)
-Bridge ID->Priority, MAC address
-Elect Root Port (Per non-Root Bridge)
-Elect Designated Port (Per Segment)
-Remaining Port will be blocked

Spanning-Tree Port States
1. Blocking 20sec <-Topology Change (BPDU Packet Loss) 2. Listening 15sec <- Link comes up 3. Learning 15sec 4. Forwarding

PortFast <- By pass the listening and learning state
1. conf t
2. int fa0/0 (should be only access port/NOT for TRUNK port)
3. spanning-tree portfast

1. show spanning-tree

Per VLAN spanning-tree Plus (PVST+)
Encapsulation->dot1q
Add in SystemID->VLAN

1. conf t
2. spanning-tree mode rapid-pvst
3. exi
4. show spanning-tree

Set Root Bridge
1. config t
2. spanning-tree vlan [1] root primary

Routing between VLAN (Inter VLAN routing)
-Sub interfaces on router

On the switch
1. conf t
2. int [fa0/7]
3. switchport mode trunk
4. switchport trunk encapsulation dot1q

5. conf t
6. int vlan 10
7. ip add [IP] [255.255.255.0]

5. conf t
6. int vlan 20
7. ip add []
8. ip routing


OR
On the router



*LINK
1. http://testinside.blogspot.com/2007/04/ccna-acl-sim.html

ICND2, 2nd Day

Terminal Server
Reverse Telnet
1. Set Loopback Address
2. Telnet loopback to port 2000 and above

EIGRP Metric
1. Bandwidth *Can be set in the interface
2. Delay *
3. Reliability ** Always Change
4. Load **
5. MTU

Load Balancing for Unequal Cost Path
1.
2.
Feasible Distance of Successor * Variance = Max Cost Path
Latest IOS have more MAX path=16

EIGRP MD5 Authentication
Send livetime
Accept lifetime

Enter global configuration mode.
Dallas#configure terminal

Create the key chain. MYCHAIN is used in this example.
Dallas(config)#key chain MYCHAIN

Specify the key number. 1 is used in this example.
Note: It is recommended that the key number be the same on all routers involved in the configuration.

Dallas(config-keychain)#key 1
Specify the key-string for the key. securetraffic is used in this example.
Dallas(config-keychain-key)#key-string securetraffic
Dallas(config-keychain-key)#accept-lifetime 09:00:00 13 MAY 2008 17:00:00 13 MAY 2008
Dallas(config-keychain-key)#send-lifetime 09:00:00 13 MAY 2008 duration 28800
End the configuration.
Dallas(config-keychain-key)#end
Dallas#
**Overlap lifetime of two key to have no downtime.

Enter global configuration mode.
Dallas#configure terminal

From global configuration mode, specify the interface that you want to configure EIGRP message authentication on. In this example the first interface is Serial 0/0.1.
Dallas(config)#interface serial 0/0.1

Enable EIGRP message authentication.
The 10 used here is the autonomous system number of the network.
md5 indicates that the md5 hash is to be used for authentication.
Dallas(config-subif)#ip authentication mode eigrp 10 md5

Specify the keychain that should be used for authentication. 10 is the autonomous system number. MYCHAIN is the keychain that was created in the Create a Keychain section.
Dallas(config-subif)#ip authentication key-chain eigrp 10 MYCHAIN
Dallas(config-subif)#end

Complete the same configuration on interface Serial 0/0.2.

Dallas#configure terminal
Dallas(config)#interface serial 0/0.2
Dallas(config-subif)#ip authentication mode eigrp 10 md5
Dallas(config-subif)#ip authentication key-chain eigrp 10 MYCHAIN
Dallas(config-subif)#end
Dallas#

Debug EIGRP
Dallas#debug eigrp packets
Dallas#show key chain

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00807f5a63.shtml

Clock Set
Router# clock set 22:55:05 June 19 2006
Router# show clock detail

Access Control List (ACL)
Assign Into interface, Packet Filtering

OSPF
Shows all the possible path to Destination.
Area 0 <- Root Route Summarized within the Area Border Router. HELLO PACKET->Router ID,
Not more than 50 router in single Area.

Cost = Reference Bandwidth/ Interface Bandwidth

1. enable
2. conf t
3. router ospf [119]
4. network 8.0.1.2 0.0.0.0 area 0
5. network 8.0.1.5 0.0.0.0 area 0
6. network 172.19.90.252 [0.0.0.0] area 0

Line 4 & 5 can be replace by
network 8.0.1.0 0.0.0.7 area 0

Unadvertised Loopback Address
Router ID->Router Name for OSPF-> Ethernet IP address

Link-State Advertisement (LSA) Types:
1. Within the same Area
Got 5 types.

DR's exist for the purpose of reducing network traffic by providing a source for routing updates, the DR maintains a complete topology table of the network and sends the updates to the other routers via multicast

Select :
1. Destinate Router (DR)
2. Backup Destinate Router (BDR)
3. DR Other

*Highest Router ID->DR
*2nd Highest Router ID->BDR
Loop back have Higher Priority than Ethernet

RESET DR
1. enable
2. clear ip ospf process

Set OSPF Priority
1. conf t
2. [interface]
3. ip ospf priority [3]

Debug OSPF
1. debug ospf packets

Load Balance with OSPF?
Tricky...
Set OSPF Cost
1. conf t
2. interface
3. ip ospf cost ?

Manually set all the path cost for every path to be same,
so the router will load balance all the path.

OSPF Authentication (MD5/Plain Text)
1. conf t
2. interface
3. ip ospf authentication-key [password]
4. ip ospf authentication [message-digest/null]

HELLO PACKET
* Router ID
* Hello & Date intervals **
* Neighbors
* Area ID **
* ROuter Priority
* DR IP address
* BDR IP address
* Authentication PW **
* Stub Area Flag **
**

Implementing VLANs and Trunks
Logical Network
Segmentation, Flexibility, Security
Trunks Link (Carried Encapsulated VLAN infomation)
-Bridge betweens Swicthes
-Must be Fast Ethernet

Encapsulation types:
1. Inter Switch Link, *Cisco Only
2. IEEE 802.1Q, Native VLAN1(Untagged)

Syntax
1. en
2. vlan 10
3. name HR
4. int [fa0/0]
5. switchport mode access
6. switchport access vlan10

Inter VLAN routing
Router on State
Create two sub interface on single physical interface
HR VLAN-> 10.10.0.0
SALES VLAN->10.20.0.0
Different network

Dynamic VLAN membership Modes
VMPS very expensive

EDS<-Networking Company

ICND2, 1st Day

Routing
1. Routing Protocol
2. Destination Network ID
3. Exit Interface

Distance Vector
-RIP (120AD), 30s
Hop Count, Exchange Routing Table Periodic Update
-IGRP, 90s
**Rounting Loop (15 Hops MAX)
1. Split Horizon
2. Route Poisoning
3. Poison Reverse
4. Hold Down Timer
5. Triggered Updates

Link State
-OSPF (110AD)
Link State Advertisement (HELO Packet), Triggered Update
Topology Table, Forwarding Table, Adjacency Table
Details Route, Summarize Route
Summarization based on Area 0,1,2, and DEFAULT Subnet Mask
Localized Changes and Minimize Routing Update Traffic
Robust, Fast Convergence, Routers know the Topology
STRICT Network Design
**NOT PERIODIC UPDATE


Advance Distance Vector (Hybrid) *Cisco Only
-EIGRP (90AD), Triggered Update
Bandwidth(*), Delay(*), Loading(Change), Reliability(Change), MTU
Neighbor Table, Topology Table, Routing Table
Primary Route(Successor), Backup Route(Feasible Successor)
Unequal Path Cost Load Balancing * Only in EIGRP
Feasible Distance->My Path
Advertise Distance->Neighbor Path
Advertise Distance(Feasible Successor)Belief the low AD

AD(FS) <> enable
Router# config terminal
Router(config)# router eigrp 1
Router(config-router)# network 10.201.96.0 ?
A.B.C.D EIGRP wild card bits
Router(config-router)# network 10.201.96.0 0.0.15.255
Router(config-router)# no auto-summary
Router(config-router)# end
Router#show ip eigrp ?

No Auto Summary
Discontiguous Network
A discontiguous network is comprised of a major network separated by another major network.

8.0.1.1<-R1 8.0.1.6<-R2 No affected whether it is auto summarized->8.0.0.0
Because it is from same network.

10.1.2.1<-R1 10.1.1.1<-R3 Above are from 2 different network and being summarized->10.0.0.0

Router(config-router)# no auto-summary

Bandwidth and Delay can be set in the serial interface to
balance with Ethernet to show 2 successor. (Equal Path Cost)

1. conf t
2. router eigrp 88
3. variance [1-128]

Autonomous System
1. Interior Gateway (RIP, OSPF, EIGRP)
2. Exterior Gateway Protocol (BGP)
* The AS Number have to be same

FLSM (Fixed Length Subnet Mask)
- Classful Network
- Waste IPs
* RIPv1, IGRP Supported

VLSM (Variable Length Subnet Mask)
- Classless Network
- Save IP Address
- Based on the number of IPs Host
- Further Break Subnet
* Only EIGRP, OSPF, RIPv2 Supported

Bandwidth, Delay
1. conf t
2. bandwidth ?
3. delay ?

Router Summarization
192.168.5.33/32 Host
192.168.5.32/27 Subnet
192.168.5.0/24 Network
192.168.0.0/16 Block of Network
0.0.0.0/0 Default

Load Balancing Unequal Path Cost
EIGRP maximum metric variance = 1
defaults is ratio 1 to 1

ICND1, 5th Day

CDP (only Cisco) Layer 2
1. show cdp nei
2. show cdp nei det
3. config t
4. cdp timer [60]
5. cdp holdtime [60]
6. no cdp run
7. int s0/0
8. no cdp enable

Show Memory
1. show run
2. show start
3. show flash

Erase StartUp Config
1. write erase

TFTP Configuration Backup
Download
1. copy running-config tftp:
Upload
2. copy tftp run

IOS Backup
Download
1. show flash (get filename)
2. copy flash tftp
Upload
1. copy tftp flash

Domian lookup
1. no ip domain-lookup
2. conf t
3. ip host [domain] [IP]

Debug Command
1. debug ip [rip]
2. conf t
3. service timestamps debug dattime msec (add timestamp inti debug info)

Cisco Security Device Manager (S1800, S2800)
1. Enable
2. conf t
3. ip http server (port 80 listen)

Password Recovery
Must go thru the console cable
2600 Router
1. Power CYcle
2.
3. confreg 0x2142
4. reset

2500 Router
1. Power CYcle
2.
3. 0/r 0x2142

**Change the register back to 0x2102
1. enable
2. confi t
3. enable secret cisco
4. write
5. conf t
6. config-reg 0x2102

* Privilege Level 1 most restrict - Level 15 admin

Format Router
1. write erase
2. reload

Catalyst
VLAN
1. vlan 50
2. name 3P
3. conf t
4. int fa0/0
5. switchport access vlan 50
6. show vlan brie
7. show flash (stored vlan info)

* delete vlan.dat (Clean VLAN info)

RESET Switches Password
1. Hyper Terminal
2. Power Cycle
3. Hold Mode Button and Power On,
Release after the STAT LED goes out
4. Flash Init
5. load_helper
6. dir flash:
7. rename flash:config.text flash:config.old
8. boot
9. n
10. en
11. rename flash:config.old flash:config.text
12. copy flash:config.text system:running-config
13. config t
14. enable secret cisco
15. exi
16. dis en

Configure EIGRP
1. conf t
2. router [eigrp] [autonomous number]
3. network [2.0.2.0] [0.0.0.3, REVERSE MASK]

Redistribution for Routing Protocol
1. router eigrp [500]
2. redistribute rip metric 100000 1000 255 1 1500

1. router rip
2. redistribute eigrp 500 metric 2

Prepare for ICND2:
1. Frame Relay
2. VLAN trunking protocol, spanning tree protocol
3. RP-> OSPF
4. Wildcard Mask
5. IPV6-> OSPFv3, RIPng

ICND1, 4th Day

LoopBack
1. config t
2. int loopback 0
3. ip add [IP] [Netmask]

Static Route (Two Way)
1. config t
2. ip route [DEST Network ID] [DEST Network Netmask] [Gateway IP]
3. exit
4. show ip route

Set Hostname
1. config t
2. ip host [DEST hostname] [DEST host ip]


Show Telnet
1. show seesion
2. show line

Show SSH
1. show ssh

Set Banner
1. conf t
2. banner motd *

Data-Link Protocol
-HDLC (High Level Data-Link Control)
-PPP (Point to Point)
-Multi Protocol Layer Switching (Take Over Frame Relay)
-Frame Relay (Take Over ATM) Using Virtual Circuit
-ATM

Packet Switching->Frame Relay
1. Share BandWidth

Network Address Translation, Firewall
- An IP address is either local / global
- Local IP address are seen in the inside network(LAN)
-Global IP address are seen in the outside network(WAN)
-Assignment can be static or dynamic
-Overloading an Inside Global Address

Static NAT
-Define Inside/Outside Interface
-Inside source address translation
1. config t
2. int s1/1
3. ip nat inside
4. int s1/0
5. ip nat outside

6. ip nat inside [SRC IP] [DEST IP]
7. show ip nat trans
Go to inside router
8. ip route 0.0.0.0 0.0.0.0 2.0.2.1

Change Encapsulation (Device Dependent)
-HDLC (default)
-PPP (support authentication)
1. encapsulation hdlc/ppp

Frame Relay
-Digital Link Connection Identifier,DLCI

Autonomous System (ISP)
-Border Gateway Protocol used among different AS.
-IGRP, EIGRP, RIP used inside same AS.

Classful RP
-RIPv1 (Send the whole Routing Table every 30s)
Only advertise own network.
-IGRP

Classless RP
-RIPv2
-OSPF
-EIGRP (Trigger Update)
-IS-IS

1. config t
2. router rip
3. version [2]
4. network [NetworkID]
5. exit
6. show ip protocols / show ip route
7. debug ip rip
8. un all

TIPS:
Router initial setup, Configuration
1. setup
Exit from continue ping
2.Ctrl -Shift-6 x

ICND1, 3rd Day

Boson Netsim
1. Set up Serial Connection

Security->Console
1. config terminal
2. line console 0
3. password [cisco]
4. password secret [ccna]

Security->Enable
1. config terminal
2. enable password [cisco]
3. enable password secret [ccna]

Security->Encryption
1. service password-encryption

Security->SSH
1. line vty 0 15
2. transport input ssh

Security->Port Security
1. interface fa0/5
2. switchport mode access
3. switchport-security
4. switchport-security maximum 1
5. switchport-security mac-address sticky (learn SRC MAC of 1st Frame)
OR
switchport-security mac-address 0016.2233.4455
6. switchport-security violation shutdown
Protect - Stop Frame
Restrict - Keep Track wrong MAC
Shutdown - Close the port until admin reopen
7. show port-security interface fastEthernet 0/1
8. show port-security address

* Trunk port is carry all vlan info
* Access port is only carry one vlan info

Setting Duplex and Speed
1. duplex full
2. speed 100

Loops
1. Broadcast Storm
2. MAC Database Instability
3. Multiple Frame Copies

Spanning Tree Protocol
->Block
->Listening
->Learning
->Forwarding

Cat Switches
-Micro segmentation
-VLAN

Routing Protocol
Router learn indirectly connected network with RP.

-Routing Information Protocol, Distance Vector Routing
RIP (Hop Count MAX 15)
Periodic Update Routing Table, 30s
-IGRP , 90s

-Open Shortest Path First, Link State Advertisement
OSPF (Path Cost, MAX hop 255), Fast RP
3 Tables (Neigbours, Topology, Routing)
-Interior Gateway Routing Protocol, Balance Hybrid

-EIGRP
(Only Update when path change), Fast RP
Primary Route, Keep Backup Route
(K Value->Bandwidth,Delay,Loading,MaxTransferUnit,Reliability)

*Prior the lowest Administrative Distance (AD) of Routing Protocol
EIGRP-90AD
RIP-120AD
OSPF-110AD

IP Route (Static/Dynamic)
-show ip route

Save configuration
1. copy running-config startup-config
2. write memory

TIPS:
Add prefix {no} onto snytax command to remove settings.

ICND1, 2nd Day

Straight Cables
-Connect different devices, Host to Switch, Router to Switch,
Crossover Cables
-Connect same devices
-Router to Host, Host to Host, Switch to Switch(Trunk Link), Hub to Hub, Hub to Switch
Serial Cables
-DCE(ISP), DTE

Core Layer
Distribution Layer (QoS, Packet Filtering)
Access Layer (10BT/100BT)
ROM(Bootstrap)->Flash(InterNetworkingOS)->NV(StartUpConfig)->V(RunningConfig)
IOS->v12.4

Register
0x2102->Normal
0x2142->RESET password

Cisco Routers Basic Configuration Using Telnet

ADMINISTRATIVE CONFIG
enable/disable (enable secret [password])
'>' USER
'#' ADMINISTRATOR

SET HOSTNAME
configure terminal (config t)
hostname [routername]

SET TELNET CONN AND SET PASSWORD
lin vty 0 30 (Allow 31 user telnet)
password [cisco] (Set Telnet Password)
no login (Do not prompt for password)

GET CONSOLE MESSSAGE
terminal monitor
configure terminal (config t)
lin console 0 (Console User 1)
password [cisco] (Set Console Password)
login (Prompt Console User for Password)

BASICS CONNECTIVITY:

LAYER 1 & 2 Info
show ip interface brief

CONFIG INTERFACE (LAYER 1)
int serial[0/0]
no shutdown

CAUSE FOR UP/DOWN INTERFACE
1. Clock Rate (DCE)
2. Mismatch Encapsulation (High Level Datalink Control)
3. Keep Alive

SHOW CONTROLLER (Check DCE or DTE)
-show controllers s[1/0]

SET CLOCK RATE (LAYER 2)
1. sh s[1/0]
2. config t
3. int s[1/0]
4. clock rate ?
5. show controllers s[1/0]

SET IP ADDRESS (LAYER 3)
1. config t
2. ip address [IP] [NETMASK]

VERIFY INTERFACE
1. show cdp neighbour (LAYER 2 Cisco Discovery Protocol)
2. ping IP address (LAYER 3 IP NETMASK)
3. show ip int bri (ALL 1,2,3 LAYER)

SHOW MEMORY
1. show running-config
2. show startup-config

SHORTCUT KEY
Refer to the book pg197.

WRITE to Interface

Wiki :
DHCP
-Discover
-Offer
-Request
-Acknowledge

IP
Establish Connection (Three-Way Handshake)

TCP
1. Flow Control
2. TCP Acknowledgement
3. Fixed Windowing/Sliding Windowing
4. Packet Sequence Number

ARP (Address Resolution Protocol)
Use to troubleshoot
arp -a
arp -s 172.19.90.17 00-00-00-00-00-00

LAN Switch Modes
-Cut through
-Fragment Free
-Store & Forward

VLAN Overview
-Logically segmenting the switches.
-Separates broadcast domain.

* Different Clock Rate will be cap down
to the slow setting for 2 different clock rate
for Serial Conn.

ICND1, 1st Day

OSI Model-> 7 Layer
Concentrated On First 4 Layer.

T->UDP/TCP
N->Packet(IP): Routers
D->Frame(MAC): Switches
P->Binary: Cables, Hubs

Cisco Icon-> Hub, Switch, Router
Collision Domain, Broadcast Domain
Hub-> 1CD, 1BD
Switch-> *CD, 1BD
Router-> *CD, *BD

IP -> 5 Classes, Prefix, Network ID, Broadcast ID, Valid IP?
IP Address->NetworkHost
Subnet Mask shows Networks and Hide Hosts

Subnetting based on Networks/Hosts
1. Find Bits
2. Borrow Bits
3. Find New Subnet Mask
4. Find Range

Valid IP address?
1. On the same network
2. Must be valid IP (Excluded NetworkID & BroadcastID)

References:
1. http://www.subnetmask.info/

*Troubleshoot from bottom layer.

Thesis Draft

Finally i get my first approved (signature)
from one of my FYP examiners-> Dr. Adzir

Two more to go.

Well, at the end of this week i hope to get my hard bound ready...

4月份: "灰" （二）

没有你的日子 树也无色
头发白了 说过的话早已随风而散
花也无颜 爱情也褪了色

地点 ：金马仑高原
时间 ：2006年12月5日

4月份: "灰"（一）

人面不知何处去,桃花依旧笑春风。
脑中豁然浮起这首诗。
三年了，往日的一切都变成岁月的痕迹,忆。。。

注：绝对不是使用Photoshop弄的，原生黑白胶片菲林。

地点 ：UPM FEP CAFE
时间 ：2005年4月

My Last Paper-最后的战役

Well, Java is my Last Exam Paper for
My Degree in UPM Eng CC.
And also for the past 17 years of my student life.
Not matter how, i am done with it.

P/S: There will be one more exam on MAY08
That is for CCNA, that is exam without stress...
:)

Dissemble Twinhead F12DT

Coming Soon...

Adding JDK 6 Javadoc to NetBeans IDE 6

I have been working on this for bl**dy ages...
I google and try a tons of useless tips and trick,
Finally i figure out, it is only some simple steps.
Not complicated at all and no JAR involved.

I would like to share a few useful step here.

Download JDK documentation from
http://java.sun.com/javase/downloads/index.jsp#docs
The site is shutdown temporary.
Try google for mirror site.
Unzip the zip file to the JDK directory
In NetBeans IDE

1. Choose Tools > Java Platform Manager from the main window.
2. Select the platform to which you want to add Javadoc in the left panel of the dialog box.
3. In the Javadoc tab, click Add ZIP/Folder and specify the location of the Javadoc files.
4. Click Close.

两位领袖

1. 大声公-熊玉生
2. 豪宅议员-查卡利亚

第一位是重要华教斗士
他只有二年级学历
而又能因为不公事件毅然站出来

今天纵使你壮志未酬 ，撒手人间
你的保校精神和魄力受到各界人士和
工委们的敬佩和肯定，
你是白小运动的象征领袖人物。

另一位是坊间称之为“土霸”的巫统基层领袖
千萬豪宅查宮”、“沙爹屋”、“一門三傑”
及39宗公司法庭案纏身

今天纵使你有千萬豪宅，
现在也只能长埋黄土之下。

第12届全国大选，反風大吹！

在昨天的第12届全国大选，
马来西亚三个在野党为祖国写下了历史，
在近40年来首次打破国阵的三分之二国会多数席优势，
而且还赢得五个州政权。

国阵破天荒失去三分之二大多数优势，
在野党仅差30国席就能实现政权轮替。

在野党应该好好珍惜这个机会，
争气一点点，
不要让人民失望

大选视频 from YouTube

Malaysiakini记者对两位候选人提出的十二道问题。
http://dapceramah.com/2008/03/05/tony-pua-vs-chew-mei-fun/
i have upload the MP4 version here...
http://www.blogger.com/video-play.mp4?contentId=878d211bc9a039a5&type=video%2Fmp4
more clear and smooth...
more from http://dapceramah.com/

大选视频1：PJ Utara的潘俭伟 (Tony Pua)

http://chinese.cari.com.my/myforum/viewthread.php?tid=1129584&extra=page%3D1&page=1
http://www.youtube.com/watch?v=6QXAVZF1Zuk

大选视频2：进来看videos和投票吧！

http://chinese4.cari.com.my/myforum/viewthread.php?tid=1126517&extra=page%3D5
http://www.youtube.com/watch?v=inGjsUbeBFI
http://www.youtube.com/watch?v=8NwVLIhxih0

大选视频3：
Parlimen Malaysia - You Tak Suka, You Keluar Dari Malaysia

槟城韩江万人演讲会

http://www.youtube.com/watch?v=lbqlKNNJbzo

陆庭谕先生在古来的教育政治演说（黄家定的选区）
http://www.youtube.com/watch?v=1FoksSxFZ4M
http://www.youtube.com/watch?v=vTUz-ZM0Xhw

黄小二过年

http://www.youtube.com/watch?v=_UgD2y1Tt2Q
http://chinese4.cari.com.my/myforum/viewthread.php?tid=1130959&page=1#pid39217767

I will update this list frequently...
Please do come back everyday.

3月份自拍比赛: "和平" "PEACE"

当我们通过电视看到战火纷飞下的动荡，
由此感到不安的时候，请不妨抬起头，
仰望一下这片全人类共同拥有的蓝天。

和平的种子，其实早已深深地埋藏在我们的心里。



原照：1600X1200px Click上图。

早餐

生活紧张忙碌，
我都以诸多借口作为不吃早餐的理由。

虽然你不擅长做饭,做的饭就像我这人一样。
今天早上真是感动~你的爱心早餐啊~
呵呵,这几天晚上睡的很晚,也一直都没有睡熟~
结果你好早就起来了,谢谢你的早餐。

BN (Barang Naik): The Wave Of Price Hike 加价热潮

How much do Malaysians spend?

[分享]投国阵或反对党其实只是很简单的选择

其实我们很多人都很傻，傻就傻在我们不懂自己国家的民主制度是怎么运作的。
我们白白浪费了很多过更好生活的机会。
民主简单来说不过是： 做得好就选你，做不好就换人！

但是，我们常常会认为：
现在不好，但换了人更不好怎么办呢？
首先，你没试过怎么知道就更不好呢？
再说，就算是反对党更不好，没关系啊！五年过后可以再投回国阵啊！
这就是民主啊！
这样下去，每个党都会担心自己做得不好，从而在执政时做得更好。
最后，得益的，不就是我们吗？

所以，这个时候其实只需要静下心，问问自己： 国阵在这四年做的好吗？
你就会选择了。

还有，我们常常有一些迷思，比如说：

国阵输了不是没有人帮我们做事了吗？反对党没有贡献，只会为反对而反对，不会做事。
其实反对党的功能和贡献就是反对啊。
如果有一天，国阵这么不幸成为了反对党，它们也只能反对不能做事啊。（在马来西亚）
同样的，如果反对党这么不幸成为了执政党，它们也只能做事，不会反对啊！
但是，其实反对的贡献是很大的！有反对才可以反映人民的心声。

反对党的领袖很投机，只为了要进国会而来竞选
这并没有错。国会是讨论政策的地方。
反对党进不了国会，执政党制定不利于人民的政策时，人民就没有反对的余地了。
所以反对党在国会的贡献就是“监视”国阵。
所以越多反对党议员进来，就越多人监视国阵，不利于人民的政策就越少啊。
这不也是对我们好吗？

只有回教党，我甘愿投国阵。
这也不对！
我国先今会有很多不利于人民的政策，就是因为国会里太少反对党。
所以目前要改善人民的生活，就要有更多反对党的议员进入国会，让国阵不能为所欲为！
回教党胜的话，就能增加国会内反对党的议员。所以对最后对人民还是有利的。

[分享]最烂的部长

在哪里你可以看到全世界最烂的工程部长 - 马来西亚
原因：沙美维鲁只有中六的学历，国会大厦经过接近一亿的装修，还是经常漏水。政府
医院发霉，高速公路有裂痕，最要命的是签了那些不知所谓的大道合同，赔死我们。更
要命的是，他到现在还是工程部长！

在哪里可以看到超人般的部长 - 马来西亚
原因：我们的首相阿杜拉 - 回教系毕业，但是可以同时作为财政部长，国家安全部长
及首相，还有时间在南马大水灾发生时去澳洲为自己弟弟的nasi kandar店开幕。

在哪里可以看到不卫生的卫生部长 - 马来西亚
原因：身为医生的卫生部长和卖花女在酒店开房，口交。或许我们的卫生部长的老婆没
有和黄燕燕副部长讨教，如何穿性感的睡衣，绑住卫生部长的心？

在哪里可以看到最成功的教育部长 - 马来西亚
原因：他的孩子都在澳洲读书

在哪里可以看到最会演戏的贸工部长 - 马来西亚
原因：AP 事件没完没了，拉姑流了一把鼻涕一把泪后，没事！

在哪里做议员最爽 - 马来西亚
原因：能够从火车闸看守员，做到巴生议员，再盖了一个千万皇宫，还请埋普罗大众一
起去他的house warming.
老查的钱哪里来？没关系，吃他两支 satay再说！

在哪里可以找到最善忘的人民 - 马来西亚
原因：未详，或许马来西亚的土壤上有着一种神秘物质，会让人民记忆消退，继续投票
给那些没有用的贪官污吏.