iPhone 4 Wallpapers

My iPhone 4 just turned 3 years old, and it’s still working fine. The battery still can hold for a week, with normal usage. The only problem is the new iOS7, it’s nice and everything, but a little bit slow, and you cant downgrade it anymore…

Anyways, here are some wallpapers for iPhone 4, 4S (640×960) what I’ve collected in the years. Enjoy


(more…)

CCNP ROUTE Passed

Finaly, after 4 months of learning and practicing, I’ve did it, I’ve passed the CCNP ROUTE exam with 1000/906 points.
My learning materials can be found here.

Now, I’m starting to prepare to the last exam, to CCNP TSHOOT.

My resources:

  • CiscoPress CCNP TSHOOT 642-832 Offical Certification Guide Book
  • INE.com – 642-832 TSHOOT Outline
  • CBTNuggets – Cisco CCNP TSHOOT 642-832

OpenWRT on TP-Link TL-WR842ND

I have bought a TP-LINK WR842ND a couple of months ago.

842

TP-LINK TL WR842ND

First I was happy with its performance, and it had some nice features. The wireless range and throughput  was also okay. For a half a year I used it without any problems.

But when I updated the firmware to the newest because of security reasons, it started to become unstable, and really slow. Sometimes you wasn’t able to reach the web interface, only if you restart it. A lot of times there was this random traffic drops, when everything died, and a couple of seconds later it worked again.

First I’ve tried to implement my c851 Project.

IP-Address table and DHCP settings

IP-Address table and DHCP settings

Network plan

Network plan

I’ve managed to set it up successfully, everything was working fine (DHCP, NAT, CBAC, NTP, PPPoE etc.)

The internet access was working, I’ve connected my PC, and I’ve got IP via DHCP, it was running perfectly. But when I checked the speed test I got disappointed… I couldn’t get more than 10Mb/s even if I turned off the CBAC.

After some searching, I’ve soon found out, that the ASIC of this Cisco 851 Router was only able to handle around 10Mb/s of traffic. It was a shame, because I have a 60Mb/s connection…

I went back to the TL842ND and decided to change the factory firmware to an open source. I chose OpenWRT by vargalex.

I’m using it for 10 days now, and I’m very pleased with it. It’s stable, far more tunable and you get a lot more information about whats going on.

The factory TP-LINK web interface was just disgusting, bugged a lot of times and it doesn’t used the true potential of the router.

Here are some example shoot about the difference between the factory and the OpenWRT’s LUCI web interface. (The TP-LINK shoots are from a TL WR1043ND, it basically the same)

Start screen

Start screen

WiFi settings

WiFi settings

WiFi Statistics

WiFi Statistics

This is just lame, if you ask me…

Now, lets see the OpenWRT

Start screen

Start screen

Processes

Processes

Realtime Graphs

Realtime Graphs

With OpenWRT you have a lot more options to do whatever you want and with the packet system you can tune the sh*t out of your router. You can have Bittorrent, WebServer, Print server, FileServer, FTP Server, Media Server, WebCamera Server, basically anything. You get a bash prompt, which you can access from the Internet. You get a lot more statistics, Realtime counters, graphs, logs.

Realtime Traffic

Realtime Traffic

The only caveat I could find is the user management. You have only one user, the root and you are using this account even if you have SSH or Web access enabled via the Internet. This is a huge security risk, with brute force or with Dictionary attack is easily crackable even if you have a secure password. By default there is no fail login attempt blocker, so they can try as many as they want.

Interfaces

Interfaces

To avoid being hacked you can block the incoming SSH and Web access, and allow only yourself, but for that you need to know the source IP (which must be static) in order to write the policy correctly. There is a pretty good Firewall Traffic Rule system, so I’ve add entries to deny SSH and Web traffic from the WAN interface.

If you want a tunable, stable firmware on your router, well, you can start from here. Enjoy :)

BGP LAB

This my BGP LAB in GNS3. My main goal with this, is to practice BGP.

topology

Details:

  • There are 4 AS’:
    • AS 80
    • AS 100 – ISP1
    • AS 120
    • AS 500 – IPS2
  • I’m using the Loopback 0 as the update source. To make this work, I had to use ip routes for eBGP neighbors. For iBGP in AS80 I’m using OSPF, in AS500 and AS100 there are ip routes.
  • The WAN interfaces are GigabitEthernet interfaces, the LAN is FastEthernet.
  • In BGP the router-id is the Loopback0 address (1.1.1.1 ; 2.2.2.2 … and so on)
  • The WAN addresses are from the 10.0.0.0 pool, the LAN addresses are based on the AS number (50.0.0.0 ; 80.0.0.0 ; 100.0.0.0, 120.0.0.0) There are 2 Loopback 1 interface on R2 and on R9 with the range of 192.168.1.0 /24 and 192.168.2.0 /24 for testing
  • On R5 and on R8 I’ve made a route-map what prevents R5 to use AS 80 if it’s wants to reach AS 100 and R8 to reach AS 500 through AS 80. So the ISP-s are not allowed to use the AS 80 as a transit AS. Configs:
    R5#
    ip access-list extended NO-TRANSIT
     permit ip 100.0.0.0 0.0.0.3 any
     permit ip host 8.8.8.8 any
     permit ip host 9.9.9.9 any
     permit ip host 10.10.10.10 any
     permit ip 120.0.0.0 0.0.0.255 any
     permit ip 192.168.2.0 0.0.0.255 any
     permit ip host 10.0.0.34 any
     permit ip host 10.0.0.26 any
     permit ip host 10.0.0.46 any
     permit ip host 10.0.0.53 any
     permit ip host 10.0.0.54 any
    
    route-map TRANSIT permit 10
     match ip address NO-TRANSIT
     set ip next-hop 7.7.7.7
    
    router bgp 500
    neighbor 1.1.1.1 route-map TRANSIT in
    
    R8#
    ip access-list extended TRANSIT
     permit ip 50.0.0.0 0.0.0.7 any
     permit ip host 10.0.0.30 any
     permit ip host 10.0.0.22 any
     permit ip host 5.5.5.5 any
     permit ip host 6.6.6.6 any
    
    route-map TRANSIT permit 10
     match ip address TRANSIT
     set ip next-hop 7.7.7.7
    
    router bgp 100
    neighbor 3.3.3.3 route-map TRANSIT in
  • On AS 500, there is a BGP Confederation configured:
    • R5 – AS 50
    • R6 – AS 60
    • R7 – AS 70
  • On R8 there is BGP password and Peer group configured
  • On R3 and R4 there is an aggregation configured for the address 80.0.0.0/24

(more…)

Preparing to CCNP ROUTE

Right after I’ve passed the CCNA Wireless, I’ve started the preparation to the CCNP ROUTE exam.

My book list:

  • CCNP ROUTE 642-902 Official Certification Guide
  • Implementing Cisco IP Routing (ROUTE) Foundation Learning Guide (Optional)
  • CCIE Routing and Switching Exam Certification Guide (Well, yeah, it’s might be a little bit of overkill, but just to be sure, I will read it)
  • Complete CCNP Routing Guide by Aaron Balchunas

My watch list:

To practice what I’ve learn, I’m making GNS3 labs based on what I’ve saw on the videos.
It’s a lot to learn, and the exam will be hard, thats for sure.