switchport Security

70-648, NAP, DHCP, IPNG, IPv4, IPV6, DNS, Global Names, WDS, Server Core, WAS, Server Manager, OCSP, WBAdmin, Group Policy, BitLocker, Active Directory, switch module, route module, firewall module, auto secure, network, router ospf, authentication, drupal.org

Sunday, May 18, 2008

What to do on a weekend?

Think about next week's activites and prepare?

Yeah, right.

But honestly, that's what I'm doing right now. I'm here in the office setting up virtualized SQL and Exchange servers for a client. Aside from that, I already finished some infrastructure VM images since Friday.

For the weeks to come, it'll be like all out war.

It's time.

This is the power of the network. NOW.

Saturday, May 17, 2008

Being a Network Engineer: Joining Verizon

I got asked questions coming from all angles - HSRP, VRRP, GLBP, MLPPP, at what layer is IPSec, OSPF, BGP, IOS configuration, IOS basics, cabling, MPLS, etc.

One of them told me that they won't ask me question regarding BGP and MPLS because it would be unfair. Well, they're nice but it seems the people I'd be working with won't be so forgiving.

Most of the questions were focused on router basics and was I in for an incovenience - my last hands on work on a router was 2003!

I've been putting time to do Microsoft because it's funding me with respect to my Cisco dream. I feel like I'm sleeping with the devil. ^_^

I got to the place around 10PM and I left the vicinity at around 1AM. There were 4 panelists each each one was asking questions or adding questions to the other panelists questions. Most likely, all of them were CCNPs.

The funniest part of the interview process must have been when they asked me what do I do in my spare time. One of the panelist commented, "Don't tell me you read books."


Plus since I bought my own routers, it kind of rocked during the interview.

During the last minutes I heard the most scariest statements made during the entire interview process - "How soon can you start?" and "HR will contact you."


Up to now, I don't know why I'm having butterflies. It seems I'd be dealing with the same type of clients I had when I was at Trend Micro. Maybe that's one of them. Maybe because I'm starting to chicken out. Or maybe it's because I'm already setting expectations for myself that I might not able to achieve.

Sunday, January 27, 2008

Just passed 70-648!!!

Um, the exam was easy.


Monday, January 14, 2008


I woke up late because of studying till 4 AM... i just missed the beta exam opportunity!


71-647 MCITP: Enterprise Administrator

I'm sitting the beta exam in a few hours. And I'm still stuck with IPv6 studies as of now.

I guess I'm over-doing my studies with Cisco Press materials. Well, I have a bad feeling about 71-646 exam. I should have read Cisco Press and I would have had better chances of passing the exam.

I've just downloaded vids on Vista and one on Russinovich taking about my pet peeve, Hyper-V.

hahahah! I won't tell you why.

Anyway, let me go crazy as of the moment...


Sunday, January 13, 2008

IPv6 Subnet Prefixes: What to use?

Exactly the point. Given that it can vary, what to use so that you won't get confused?


Use a /64 prefix as max for your network, especially for site-local addresses [fec0::/10 and fed0::/10], which work ala RFC 1918.

But that isn't a fast, hard rule. It's just some guideline you can follow. Bottom line is that you can use any prefix as long as the number of hosts you need to assign an IPv6 address and subnet affiliation are properly designed via the prefix you use. Heck, you can even use a /128 prefix if all you want is just one host.

Addendum regarding IPv6 Subnetting Sample 4

One thing I forgot (because I was too busy converting from binary and decimal both to Hex) is that IPv6 does not have restrictions with respect to network and broadcast addresses.

So, we can generalize subnetting into the following

SN calculation: 2^sn >= req
H calculation: 2^h >= req

Applying the generalizations above, the answers for Sample 4 are shown below as follows:

Net # Alloc IP
LAN 3 33 2310:1234:0003::/122
LAN 4 21 2310:1234:0003::40/123
LAN 1 14 2310:1234:0003::60/124
LAN 2 04 2310:1234:0003::70/125
SL 01 02 2310:1234:0003::78/127
SL 02 02 2310:1234:0003::7a/127
SL 03 02 2310:1234:0003::7c/127

IPv6 subnetting resembling the process of how IPv4 VLSM is perfomed.

Expounding, we have

LAN 3 33 2310:1234:0003::/122
IP Ranges for 2310:1234:0003::/122
Starting IP: 2310:1234:0003::/122
Ending IP: 2310:1234:0003::3F/122

LAN 4 21 2310:1234:0003::40/123
IP Ranges for 2310:1234:0003::40/123

Starting IP: 2310:1234:0003::40/123
Ending IP: 2310:1234:0003::5F/123

LAN 1 14 2310:1234:0003::60/124
IP Ranges for 2310:1234:0003::60/124
Starting IP: 2310:1234:0003::60/124

Ending IP: 2310:1234:0003::6F/124

LAN 2 04 2310:1234:0003::70/125
IP Ranges for 2310:1234:0003::70/125
Starting IP: 2310:1234:0003::70/125

Ending IP: 2310:1234:0003::77/125

SL 01 02 2310:1234:0003::78/127
IP Ranges for 2310:1234:0003::78/127
Starting IP: 2310:1234:0003::78/127

Ending IP: 2310:1234:0003::79/127

SL 02 02 2310:1234:0003::7a/127
IP Ranges for 2310:1234:0003::7a/127
Starting IP: 2310:1234:0003::7a/127

Ending IP: 2310:1234:0003::7b/127

SL 03 02 2310:1234:0003::7c/127
IP Ranges for 2310:1234:0003::7c/127
Starting IP: 2310:1234:0003::7c/127
Ending IP: 2310:1234:0003::7d/127

Note: It seems very possible to do this but you'd have to understand that we won't normally do it this way as we are bound to around 3 ways of assigning IP addresses - 1. EUI-64 via Stateless autoconfiguration, 2. Stateful configuation through DHCPv6, and 3. Address randomization, just like with Windows Vista and Server 2008, but taking note that the last 64-bits is to be generated by the system unlike what I presented above.

I got to read Wendell Odom's book on Cisco certification and he said we can use any prefix as long as we can have bits to represent the hosts in that segment, which I've done in my example.


I did it just for fun. ^__^

Saturday, January 12, 2008

IPv5: From Cisco Press

The Internet community uses IPv4 and has used IPv6 for a couple of years. IANA is the organization that has the worldwide responsibility of assigning numbers to everything related to the Internet, which includes versions of the IP protocol. IANA assigned version 6 to the IPng protocol in 1995 following a request by the IPng working group.

What about "IP version 5"? IPv5 is an experimental resource reservation protocol intended to provide quality
of service (QoS), defined as the Internet Stream Protocol (ST). It can provide real-time transport of multimedia such as voice, video, and real-time data traffic across the Internet. This protocol is based on previous work of Jim Forgie in 1979, as documented in IETF Internet Experiment Note 199. It consists of two protocols—ST for the data transport and Stream Control Message Protocol (SCMP). IPv5, also called ST2, is documented in RFC 1819 and RFC 1190.

Internet Streaming Protocol version 2 (ST2) is not a replacement for IPv4. It is designed to run and coexist with IPv4. The number 5 was assigned by IANA because this protocol works at the same link-layer framing as IPv4. A typical distributed multimedia application can use both protocols: IP for the transfer of traditional data and control information such as TCP/UDP packets, and ST2 for real-time data carriers. ST2 uses the same addressing schemes as IPv4 to identify hosts. Resource reservation over IP is now done using other protocols such as Resource Reservation Protocol (RSVP).

Sunday, January 6, 2008

IPv6 Address Assignment and Subnetting!!! (Part 2)

I have two more examples to dish out. See below:

Sample 3
This example shows the 48-bit network ID being extended through the subnet ID by borrowing 64 more bits.

Net # Alloc IP
LAN 3 33 2310:1234:0003::/112
LAN 4 21 2310:1234:0003::1:0000/112
LAN 1 14 2310:1234:0003::2:0000/112
LAN 2 04 2310:1234:0003::3:0000/112
SL 01 02 2310:1234:0003::4:0000/112
SL 02 02 2310:1234:0003::5:0000/112
SL 03 02 2310:1234:0003::6:0000/112

Sample 4
This example is conservative of the address alloocation and very much resembles the process of how IPv4 VLSM is perfomed.

Net # Alloc IP
LAN 3 33 2310:1234:0003::/122
LAN 4 21 2310:1234:0003::40/123
LAN 1 14 2310:1234:0003::60/124
LAN 2 04 2310:1234:0003::70/125
SL 01 02 2310:1234:0003::78/126
SL 02 02 2310:1234:0003::7c/126
SL 03 02 2310:1234:0003::80/126