Skip to Content


27 Inch Monitor

So, I recently upgraded my display setup in the office. Previously I was in single monitor land, sporting a rock-solid 22" Dell UltraSharp which I am quite pleased with. However, I wanted something bigger to take the role as the main display. Enter the ViewSonic VA2702W 27-Inch Full HD 1080p Widescreen LCD Monitor

CCDE Certification Exams Revised to Version 2.0

If you are studying for the CCDE, that's the design expert certification, then you most likely are aware that you have about a week left before the first version of the written and practical exams are retired. Version 2 of the CCDE written and practical exams will be the only available version beginning October 22, 2011.

If you are interested in more information regarding this announce, here's the official announcement.

For more information about the CCDE certification, here are some helpful links:

CCDE Certification Page

CCDE Data Sheet (PDF)

Apple iOS 5 Update Today

If you are a mobile Apple product user and you happen to live under a rock, you might be pleasantly surprised to learn that Apple is releasing the latest version of their iOS software today. New features include:

Re-enable http:// protocol in URL bar for Firefox 7

Mozilla is at it again with their rapid fire release of Firefox 7. If you have automatic updates enabled, it most likely restarted your browser and installed version 7 without you even really noticing. This release likely has some whizzbang feature they believe justifies a major revision, however I doubt most people would agree it's major revision worthy.

The topic of today's post is regarding one of the lesser advertised features slipped into this version which lends to the "stupidization" of web surfers. The protocol handle is now gone at the leading edge of the URL. So, previously you would see "", it now reads "". Probably not a show stopper for your average sheepish websurfer, but if you are security-minded and want to know whether you're accessing something via http or https, it's handy to see it listed.

Thankfully, there is a work around. Whoever thought this was a great idea at least recognized that some people wouldn't think it was great, so they added a configuration setting to undo the damage. Here's how to get it fixed:

VMware Player 4.0

The latest version of VMware Player has been released and is available for download. Setup is a snap, though I had to reboot Twice after uninstalling the previous version and then again after installing the new version (thanks Windows). 

New features in this version include:

  • Display technology improvements
  • Up to 64GB of memory in VMs
  • HD Audio is available for Windows Vista, Windows 7, Windows 2008, and Windows 2008 R2 guests
  • USB 3.0 support is available for Linux guests running kernel version 2.6.35 or later
  • Bluetooth devices on the host can now be shared with Windows guests

Other than that, the application looks just like the 3.x version and seems to work the same. I've included links at the end of this post to download the documentation as well as the application itself.

VMware site login might be required for the following links:

Let the IPv6 Vulnerabilities Begin

Cisco last week released a slew of security advisories. One that specifically caught my eye is a Denial of Service vulnerability due to "improper processing of malformed IP version 6 (IPv6) packets by Cisco IOS Software."

I've been wondering how long it would take for the exploits to start to trickle in with IPv6. One can only imagine how many vulnerabilities Windows will have with IPv6 enabled by default. Expect to see more of these in the future as IPv6 becomes more prevalent.

The alert details are available here.

The vulnerability details are available here.

How to configure Rate Limit to stop bandwidth hogs

Have you ever had a low speed serial link get overrun by a single user hogging all the bandwidth? Well, there is a quick and easy way to prevent any type of traffic from using up an entire link - rate-limit.

To implement this feature, you simply type in rate-limit under an interface and specify a few parameters such as the allowable bits per second and the burst rate. However, if you do that it will rate-limit all traffic traversing the link which honestly the link will do on its own when traffic exceeds the available bandwidth. A more useful configuration is to include the access-group keyword in the command and point it to an access list that defines the traffic you want to rate-limit.

To demonstrate, I've configured two routers connected with a low speed serial link clocked at 128k. Without the rate limit configured, you can ping between them with no problems:

15 Open Source Tools for Windows Admins

Network World put together a pretty good list of free tools for Windows Admins. The tools range from Wireshark to VirtualBox. Check it out if you are looking for some free tool goodness.

How to configure multiple NTP time sources in Windows Server 2008 (R2)


Over the past few weeks, I noticed my computer's time was drifting several minutes behind. This actually caused me to be late to a couple different meetings because I kept working on my computer instead of leaving the house. Well, since it's a Saturday and I had some time to fix the problem once and for all, I wanted to share what I've learned since it took longer than I expected to configure NTP on a Windows Server.

It all began several months back when I setup a Windows 2008 R2 Server and thought "wouldn't it be cool if I set my desktop's clock to update from the server instead of a reliable external source?" So, I unwittingly redirected my desktop from its reliable to my server's ip address with the assumption the server was already getting it's time from a default external source. Hence the source of my lateness months later.

Fast forward to today. I figured it would be a quick 5 minute fix to remote into the server, find some sort of ntp settings tab in a properties window, then add my multiple servers. I should have known better than to assume Microsoft would have added such a logical GUI feature. 

After searching the Internet, reading through several Microsoft technet articles, and testing multiple configurations, here's what I've got...

Cisco Certified Technician (CCT)

The newest addition to Cisco's line of certifications is the CCT, or Cisco Certified Technician. Released in August of this year, the CCT certification has three different areas of focus:

Each certification focuses on the on-site maintenance and support of Cisco equipment in each specific area.

You might be wondering what is the difference between the CCT and the CCENT? Cisco explains that and several more questions in their FAQ, but for those not interested in reading through all of that, here's the basics...

Mobile CCIE Labs

If you are planning on going for the CCIE R&S or Security and you live in a country where the lab is not administered, it can be a challenge to get to the testing center, let alone pass the exam! Cisco has had a program in place to combat this very issue for quite some time called the Mobile CCIE Lab. The program allows you to register to take the lab exam in your city or one closer to you than in a foreign country. The benefits here, of course, are potential savings in travel expenses and missing less work ( even though you might not be missing it).

For a complete schedule of where and when the lab will be available, or if you are interested in learning more about this program, check out the official Mobile CCIE Lab page at Cisco's website.

Automatic 6to4 Tunnels

While reading up on IPv6 tunnel configurations, I came across this way cool video on configuring 6to4 tunnels. Keith Barker definitely knows his stuff on this topic and makes it interesting and easy to follow. Check it out:

How to configure an IPv4 GRE tunnel to carry IPv6 traffic

Continuing the review of the TSHOOT Topology, on the IPv6 network map there is a GRE tunnel that is configured between Router 3 and Router 4. This tunnel is in place to allow IPv6 traffic to traverse the IPv4 network. So, while reviewing the IPv6 tshoot topology, I decided to try out the tunnel configuration.

There are several ways to configure tunnels to allow IPv6 traffic to traverse IPv4 networks (and vice versa). This post will be focusing on a GRE tunnel configuration. If you want to review the other ways to create tunnels, i.e.  Automatic IPv4-Compatible IPv6 Tunnels, IPv6 Rapid Deployment Tunnels, and Automatic 6to4 Tunnels, I've included a link below to a great resource on Cisco's website that shows some great examples of other tunnels.

I threw together the following network diagram to provide a visual of what we are configuring: 


Cisco SG100-16 Unmanaged Switch

Need more Gigabit Ethernet? Don't need it to be a managed switch? This 16 port 10/100/1000 Cisco switch might be a quick and easy solution for you.


The Cisco SR2016T 16-Port Rackmount 10/100/1000 Gigabit Switch (A.K.A. SG100-16) is currently listing for below $200 USD and has several appealing features:

How to configure a Cisco router to be a frame relay switch

If you are studying for the TSHOOT exam, it is a good idea to familiarize yourself with the topology. I've been working on creating a lab that mocks the TSHOOT topology, and it has forced me to recall how to setup a Cisco router to act like a Frame Relay switch. 

Here is the topology that I've built. As you can see, it closely resembles the topology that Cisco has provided on their site. Since their doc doesn't provide specific DLCIs, I've used the most logical numbers I could think of.


The first step in configuring a Cisco router to act like a frame relay switch is to enable frame relay switching:

Syndicate content