Certification Tests Articles: June 2008

Monday, June 30, 2008

Cisco CCNA Exam Tutorial: Why Do We Use RFC 1918 Private Address Ranges?

When you're studying to pass the CCNA, you're introduced to "private addresses", the address ranges formally referred to as RFC 1918 Private Addresses. (RFC stands for Request For Comment; to see a typical RFC, just put that term in your favorite search engine.)

There are three ranges of 1918 Private Addresses, one in each major network class.

Class A: 10.0.0.0 /8

Class B: 172.16.0.0 /12

Class C: 192.168.0.0 /16

Be careful - these masks are not the classful network masks you're familiar with!

The need for private address ranges arose when we started running out of IP addresses! (A lot of us never thought that would happen, but a lot of us used to think weรขโ�ฌโ�ขd never need storage units bigger than floppy disks, too.) You can imagine that as networks began to be installed in offices and schools worldwide, the finite number of IP addresses became a restrictive factor.

Many devices that were using these precious IP addresses did not need to communicate with any device outside its own local area network (LAN). Therefore, these devices could be assigned an IP address that could be used on another device in another LAN - but these devices would not be able to communicate across the Internet.

It was decided to create network address ranges that would be used exclusively for such devices. That's why when you go from one local area network to another, you'll usually see hosts with IP addresses from the above three ranges.

Of course, as time went on, more and more of these devices did need to reach hosts across the Internet. That's where NAT - Network Address Translation - comes into play. But that is a subject for another tutorial!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNA and CCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

For a FREE copy of his latest e-books, "How To Pass The CCNA" and "How To Pass The CCNP", visit the website and download your free copies. You can also get FREE CCNA and CCNP exam questions every day! Get your CCNA study guide with The Bryant Advantage!

Sunday, June 29, 2008

Cisco CCNP / BSCI Tutorial: The BGP Attribute Next Hop

When you're studying for the BSCI exam on the way to earning your CCNP certification, you've got to master the use of BGP attributes. These attributes allow you to manipulate the path or paths that BGP will use to reach a given destination when multiple paths to that destination exist.

In this free BGP tutorial, we're going to take a look at the NEXT_HOP attribute. You may be thinking "hey, how complicated can this attribute be?" It's not very complicated at all, but this being Cisco, there's got to be at least one unusual detail about it, right?

The NEXT_HOP attribute is simple enough - this attribute indicates the next-hop IP address that should be taken to reach a destination. In the following example, R1 is a hub router and R2 and R3 are spokes. All three routers are in BGP AS 100, with R1 having a peer relationship with both R2 and R3. There is no BGP peering between R2 and R3.

R3 is advertising the network 33.3.0.0 /24 via BGP, and the value of the next-hop attribute on R1 is the IP address on R3 that is used in the peer relationship, 172.12.123.3.

The issue with the next-hop attribute comes in when the route is advertised to BGP peers. If R3 were in a separate AS from R1 and R2, R1 would then advertise the route to R2 with the next-hop attribute set to 172.12.123.3. When a BGP speaker advertises a route to iBGP peers that was originally learned from an eBGP peer, the next-hop value is retained.

Here, all three routers are in AS 100. What will the next-hop attribute be set to when R1 advertises the route to its iBGP neighbor R2?

R2#show ip bgp

< no output >

There will be no next-hop attribute for the route on R2, because the route will not appear on R2. By default, a BGP speaker will not advertise a route to iBGP neighbors if the route was first learned from another iBGP neighbor.

Luckily for us, there are several ways around this rule. The most common is the use of route reflectors, and we'll look at RRs in a future free BGP tutorial.

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNA and CCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages. For a FREE copy of his latest e-books, "How To Pass The CCNA" and "How To Pass The CCNP", visit the website and download your free copies. You can also get FREE CCNA and CCNP exam questions every day! Pass the CCNA exam with The Bryant Advantage!

Saturday, June 28, 2008

How To Become A Cisco VPN Specialist

There's quite an emphasis on security in today's networks, and that's reflected in Cisco's certification tracks. Cisco offers a CCIE Security track and the Cisco Certified Security Professional (CCSP) intermediate-level certification, but there is no real equivalent to the CCNA on the security side. Instead, Cisco offers several different Security Associate certifications.

The good news is that youรขโ�ฌโ�ขve got a lot of security specializations from which to choose; the bad news is that youรขโ�ฌโ�ขve got a lot of choices! In choosing a specialization, take some time to choose a certification that will be of practical use to you in your current position or in your "dream job".

One of the more popular Security Associate certifications is the Cisco VPN Specialist certification. This two-exam track consists of a Securing Cisco Network Devices (SND, 642-551) exam and a Cisco Secure Virtual Private Networks (CSVPN, 642-511) exam. To earn the Cisco VPN Specialist exam, you must hold a valid CCNA certification.

What should you expect on these exams? On the SND exam, expect to be grilled on basic security features on both switches and routers, as well as VPN 3000 concentrators, PIXes, and IDS/IPS Sensors. You'll need to be ready to configure and troubleshoot basic AAA configurations, access-lists, syslog, AutoSecure, and much more. You should also be solid with IPSec.

IPSec will also be part of your CSVPN exam. As you'd expect, you'll also be expected to be quite good with the VPN 3000 Concentrator series, including browser configuration, creating users and group, the Windows VPN Software Client, and more.

This is a demanding certification that is an excellent addition to your resume and your skill set. For the latest on this and other Cisco certifications, you should regularly visit the Learning & Events section of Cisco's website. As a Cisco certification candidate, it's your responsibility to stay current of any additions and changes to Cisco's certification paths - and it's good for your career!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNP and CCNA tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages. For a FREE copy of his latest e-books, "How To Pass The CCNA" and "How To Pass The CCNP", just visit the website! You can also get FREE CCNA and CCNP exam questions every day! Pass the CCNP exam with The Bryant Advantage!

Thursday, June 26, 2008

CCNA Certification Exam Training: Passwords, Cisco Routers, And Network Security

CCNA certification is important, and so is securing our network's Cisco routers! To reflect the importance of network security, your CCNA certification exam is likely going to contain quite a few questions about the various passwords you can set on a Cisco router. Let's take a look at some of those passwords and when to apply them.

If the previous user has logged out of the router properly, you will see a prompt like this when you sit down at the router console:

R1 con0 is now available

Press RETURN to get started.

R1>

To get into enable mode, by default all I have to do is type "enable".

R1>enable

R1#

See how the prompt changed? By default, I can now run all the show and debug commands I want, not to mention entering global configuration mode and doing pretty much what I want. It just might be a good idea to password protect this mode! We do so with either the enable password command or the enable secret command. Let's use the enable password command first.

R1(config)#enable password dolphins

Now when I log out and then go back to enable mode - or try to - I should be prompted for the password "dolphins". Let's see what happens.

R1>enable

Password:

R1#

I was indeed prompted for a password. Cisco routers will not show asterisks or any other character when you enter a password; in fact, the cursor doesn't even move.

The problem with the enable password command is that the password will show in the configuration in clear text, making it easy for someone to look over your shoulder and note the password for future use, as shown below:

hostname R1

enable password dolphins

We could use the "service password-encryption" command to encrypt the enable password, but that will also encrypt all the other passwords in the Cisco router config. That's not necessarily a bad thing! Here's the effect of this command on the enable password we set earlier.

enable password 7 110D1609071A020217

Pretty effective encryption! However, if we want to have the enable password automatically encrypted, we can use the enable secret command. I'll use that command here to set this password to "saints", and note that I'm not removing the previous enable password.

R1(config)#enable secret saints

After removing the "service password-encryption" command, we're left with two enable mode passwords, and they appear in the Cisco router config like this:

enable password dolphins

enable secret 5 $1$kJB6$fPuVebg7uMnoj5KV4GUKI/

If we have two enable passwords, which one should we use to log into the router? Let's try the first password, "dolphins", first:

R1>enable

Password:

When you're prompted for the password a second time, you know you got it wrong the first time! Let's try "saints":

R1>enable

Password:

R1#

When both the enable secret and enable password commands are in use on a Cisco router, the enable secret password always takes precedence. "dolphins" didn't get us in, but "saints" did. That's valuable information for both the CCNA certification exam and real-world networks, because there's no worse feeling than typing a password at a Cisco router prompt and then getting another password prompt!

This is just one way to perform basic Cisco router security with passwords. We'll take a look at other methods in a future CCNA certification exam training tutorial!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of over 100 free certification exam tutorials, including Cisco CCNA certification test prep articles. His exclusive Cisco CCNA study guide and Cisco CCNA training is also available!

Visit his blog and sign up for Cisco Certification Central, a daily newsletter packed with CCNA, Network+, Security+, A+, and CCNP certification exam practice questions! A free 7-part course, "How To Pass The CCNA", is also available, and you can attend an in-person or online CCNA boot camp with The Bryant Advantage!

Wednesday, June 25, 2008

Valuing Network Certifications - Is The Time, Money And Effort Worth The Bother?

There are many ways to get any of the large number of network certifications now available. There's not only software certification like those offered from Oracle, Java, Microsoft, etc. but there's also direct network hardware certifications from strong companies like Cisco and then there's the server administration, hardware repair, security and several sub category type certifications. All are available but the question is if these have any real value in the marketplace.

The answer, unfortunately is not simple. This is because while many companies demand a certain certification, they will also bend the requirement and allow you to get certified once you have the job. There's also people in the marketplace who are strong proponents of certification or another. The reason for this is usually because they have that certification and by requiring it, they somehow believe it validates their decision to obtain the training and pass the tests.

The reality is that like a good resume and education pedigree, certifications help get you in the door. Think about it for a moment. If you were hiring a network administrator, you would probably ask for the usually experience and basic education and some type of networking certification. If 100 people claiming the same skills and experiences levels all apply and all have at least the single required certification while 10 have not only the network cert but also maybe several MS and a security certificate, which candidates applying would probably get scheduled for interviews? Right! It would be the ones with the better paper qualifications.

So the value of a certification can be measured by it's recognition as important by employers, and the relative value they place on such training. If you're applying in network shops that value certifications, then they will naturally place a premium on the fact that your have that training and will probably reflect that in an increased earnings range.

The real key however is to recognize that employers are NOT employing you because you have a certification. You must have the skills necessary to do the job and meet the requirements of the position. No amount of certifications can make up for a strong work ethic and solid experience. With today's study materials, almost anyone can learn enough to pass the required tests and become certified. This however does not make anyone competent to work on a network anymore than walking into a garage makes one a mechanic. It's skills, talent and knowledge that are truly desired.

Microsoft Certifications are one of the most widely pursued and acclaimed professional certifications in the IT industry. Preparing MS certification tests, however, is a significant undertaking whether you're just out of college or have been in IT field for years. IT professionals are continuously demanded to acquire new knowledge in order to perform well on their jobs as new technology in the IT industry emerged at a pace that has never been seen before. Regardless what certifications (Microsoft Certified Professional or MCP, Microsoft Certified System Administrator or MCSA, Microsoft Certified System Engineer or MCSE ) you are pursuing, a thorough planning will increase the chance of success.

The importance of hands-on Experience, no matter if it's your own little network at home or at your job, experience matters! Being able to apply the knowledge gained by the study necessary to obtain your certification is just as important as the exam itself.

When preparing for any certification test, have a network available to physically learn the principles being taught. You network might only be a couple of old PC's and a switch but it's enough to understand the principles and basic information. You gain valuable skills that cannot be obtained any other way except through hands on work.

Finally, consider using CBT's or computer based training as part of your test preparation. These tools are a great way to take your level of understanding to a new level. This is also true of practice exams.

If you develop the skills necessary to support the certifications, all your training, costs and effort will pay off handsomely. With your knowledge and training, you can expect to be have an easier time getting considered for positions, moving up in a company, and enjoying a solid work career.

Abigail Franks writes on many subjects having to do with home, and Business. For more information on Network Certification go to http://www.vitalsource.org

Tuesday, June 24, 2008

Be Certifiable! The Basics of MCSE and MCP

It is not always who you know, but what you know. That is why obtaining Microsoft certification can be a valuable asset to your career. Of course, it does depend on what career path you want to take as to whether you want to get either MCSE training or MCP training or anything else for that matter. So what do those abbreviations MCSE and MCP stand for anyway?

MCP stands for Microsoft Certified Professional and MCSE is an abbreviation for Microsoft Certified Systems Engineer. What exactly does having a Microsoft certification mean anyway? We know that it looks good on a resume and opens new doors in your career. Did you know that being certifiable - in Microsoft anyway - sometimes will also boost your pay? Experience counts for a lot, but having a Microsoft certification or two does not hurt either!

So what does it take to be and MCP or MCSE? Lots of studying! The MCP courses and MCP exams are geared toward a more rounded technical professional. Candidates for MCP must pass one current certification test from Microsoft. Passing one of the exams demonstrates that the candidate has a consistent level of technical expertise.

With the Microsoft Certified Systems Engineer path, there are MCSE boot camps that help prepare candidates for the MCSE exams. These MCSE boot camps are intense classes often packed into a full two week period instead of the traditional weekly MCSE training classes in preparation for the MCSE exams. This path is more involved. MCSE certification is standard in the IT field and prepares you for anything from the design of a system's infrastructure to analyzing the company's needs before implementing a design.

Unlike those individuals who take the MCP training to prepare for MCP exams, students of MCSE have a course of study that is more intense. Instead of one test to prepare for, they have seven tests that they are required to pass to get their Microsoft certification. Yikes! Seven! They have five main exams to take as well as two electives. The five required MCSE exams are broken down into four operating system exams and one design exam. The two electives typically deal with other issues in design and implementation not covered in the five core tests.

After learning a few basics, it is easy to see that the MCP or Microsoft Certified Professional is really just a stepping stone to bigger and greater things in the world of Microsoft certification. The individuals who go for the MCP have a leg up on those peers who have no technical experience. They will have a better grasp on technical issues and usually stay a step ahead of trends. The MCSE is more specialized and appeals to the techno geek with a penchant for design and implementation. They like knowing how stuff works. So market yourself and become certifiable!

James Croydon, Microsoft Certified Professional and MCSE Certification Online advisor - focusing on MCSE Courses Online and Boot Camp MCSE

Monday, June 23, 2008

Cisco CCNA / CCNP Certification Exam Tutorial: Troubleshooting EIGRP

Part of earning your CCNA and CCNP - especially passing the difficult CIT exam - is becoming a master network troubleshooter. Today, we'll take a look at troubleshooting EIGRP and spotting common errors.

Most adjacency issues are easily resolved - mistyped IP address, bad wildcard mask in the neighbor statement, mistyped EIGRP AS number, and so forth. You know the AS number has to match, but always double-check that. Next, check the wildcard mask to make sure the correct interfaces are EIGRP-enabled. In the following example, we've configured three loopbacks on R2 and want to advertise all three loopbacks via EIGRP, but R4 only sees one.

R2(config)#int loopback1

R2(config-if)#ip address 10.1.1.1 255.255.255.0

R2(config-if)#int loopback2

R2(config-if)#ip address 10.1.2.1 255.255.255.0

R2(config-if)#int loopback3

R2(config-if)#ip address 10.1.3.1 255.255.255.0

R2(config-if)#router eigrp 100

R2(config-router)#no auto

R2(config-router)#network 10.1.1.0 0.0.0.255

R2(config-router)#network 172.12.23.0 0.0.0.255

R4#show ip route eigrp

10.0.0.0/24 is subnetted, 1 subnets

D 10.1.1.0 [90/409600] via 172.12.23.2, 00:00:25, Ethernet0

We know it's not an adjacency issue, because R4 has to have an adjacency to get the route. Perhaps the config on R2 is the problem.

R2(config-if)#router eigrp 100

R2(config-router)#no auto

R2(config-router)#network 10.1.1.0 0.0.0.255

R2(config-router)#network 172.12.23.0 0.0.0.255

The only one of the three networks that matches that network statement is 10.1.1.0 /24. As a result, the networks 10.1.2.0 /24 and 10.1.3.0 /24 will not be advertised.

We could use a network statement with 10.1.0.0 0.0.255.255 to successfully advertise the loopbacks, but by breaking the three networks down into binary, we can see that the three networks have the first 22 bits in common. Therefore, a better wildcard mask to use is 0.0.3.255.

R2(config-router)#no network 10.1.1.0 0.0.0.255

R2(config-router)#network 10.1.0.0 0.0.3.255

R4#show ip route eigrp

10.0.0.0/24 is subnetted, 3 subnets

D 10.1.3.0 [90/409600] via 172.12.23.2, 00:00:36, Ethernet0

D 10.1.2.0 [90/409600] via 172.12.23.2, 00:00:36, Ethernet0

D 10.1.1.0 [90/409600] via 172.12.23.2, 00:00:36, Ethernet0

Another factor that must match between potential EIGRP neighbors is the K-metrics, or metric weights. Let's change the EIGRP metric weights on R2 and watch the effect on its adjacency with R4.

R2(config)#router eigrp 100

R2(config-router)#metric weights 0 1 2 3 4 5 ?

03:33:18: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.23.4 (Ethernet0) is down: metric changed

03:33:20: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.23.4 (Ethernet0) is down: K-value mismatch

The adjacency goes down, and the router's kind enough to tell you that it's the result of the metrics changing. We'll also see that message on R4, but just in case you don't see it, debug eigrp packet will indicate the K-value mismatch as well.

R4#debug eigrp packet

EIGRP Packets debugging is on

(UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK)

3w2d: EIGRP: Received HELLO on Ethernet0 nbr 172.12.23.2

3w2d: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0

3w2d: K-value mismatch

3w2d: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.23.2 (Ethernet0) is down:K-value mismatch

The changed K-values will also appear in the running configuration. This is one time when you don't have to depend on debugs to know what the problem is - the router's going to scream at you until you fix it!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNA and CCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

You can also join his RSS feed and visit his blog, which is updated several times daily with new Cisco certification articles, free tutorials, and daily CCNA / CCNP exam questions! Details are on the website.

For a FREE copy of his latest e-books, "How To Pass The CCNA" and "How To Pass The CCNP", visit the website and download your free copies. You can also get FREE CCNA and CCNP exam questions every day! And coming in 2007 -- Network+ and A+ Certification from The Bryant Advantage!

Sunday, June 22, 2008

Cisco CCNP / BSCI Exam Tutorial: RIP Update Packet Authentication

When you earned your CCNA, you thought you learned everything there is to know about RIP. Close, but not quite! There are some additional details you need to know to pass the BSCI exam and get one step closer to the CCNP exam, and one of those involves RIP update packet authentication.

You're familiar with some advantages of using RIPv2 over RIPv1, support for VLSM chief among them. But one advantage that you're not introduced to in your CCNA studies is the ability to configure routing update packet authentication.

You have two options, clear text and MD5. Clear text is just that - a clear text password that is visible by anyone who can pick a packet off the wire. If you're going to go to the trouble of configuring update authentication, you should use MD5. The MD stands for "Message Digest", and this is the algorithm that produces the hash value for the password that will be contained in the update packets.

Not only must the routers agree on the password, they must agree on the authentication method. If one router sends an MD5-hashed password to another router that is configured for clear-text authentication, the update will not be accepted. debug ip rip is a great command for troubleshooting authenticated updates.

R1, R2, and R3 are running RIP over a frame relay cloud. Here is how RIP authentication would be configured on these three routers.

R1#conf t

R1(config)#key chain RIP

< The key chain can have any name. >

R1(config-keychain)#key 1

< Key chains can have multiple keys. Number them carefully when using multiples. >

R1(config-keychain-key)#key-string CISCO

< This is the text string the key will use for authentication. >

R1(config)#int s0

R1(config-if)#ip rip authentication mode text

< The interface will use clear-text mode. >

R1(config-if)#ip rip authentication key-chain RIP

< The interface is using key chain RIP, configured earlier. >

R2#conf t

R2(config)#key chain RIP

R2(config-keychain)#key 1

R2(config-keychain-key)#key-string CISCO

R2(config)#int s0.123

R2(config-subif)#ip rip authentication mode text

R2(config-subif)#ip rip authentication key-chain RIP

R3#conf t

R3(config)#key chain RIP

R3(config-keychain)#key 1

R3(config-keychain-key)#key-string CISCO

R3(config)#int s0.31

R3(config-subif)#ip rip authentication mode text

R3(config-subif)#ip rip authentication key-chain RIP

To use MD5 authentication rather than clear-text, simply replace the word "text" in the ip rip authentication mode command with md5.

Here's what a successfully authentication RIPv2 packet looks like, courtesy of debug ip rip. Clear-text authentication is in effect and the password is "cisco".

3d04h: RIP: received packet with text authentication cisco

3d04h: RIP: received v2 update from 150.1.1.3 on Ethernet0

3d04h: 100.0.0.0/8 via 0.0.0.0 in 1 hops

3d04h: 150.1.2.0/24 via 0.0.0.0 in 1 hops

Here's what it looks like when the remote device is set for MD5 authentication and the local router is set for clear-text. You'll also see this message if the password itself is incorrect.

3d04h: RIP: ignored v2 packet from 150.1.1.3 (invalid authentication)

"Debug ip rip" may be a simple command as compared to the debugs for other protocols. but it's also a very powerful debug. Start using debugs as early as possible in your Cisco studies to learn how router commands really work!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNP and CCNA tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

For a FREE copy of his latest e-books, "How To Pass The CCNA" and "How To Pass The CCNP", just visit the website! You can also get FREE CCNA and CCNP exam questions every day! Pass the CCNP exam with The Bryant Advantage!

Friday, June 20, 2008

Cisco CCNP / BCMSN Exam Tutorial: Multicasting And The RPF Check

Multicasting is a vital topic on your BCMSN, CCNP, and CCIE exams, and it can also be very confusing when you first start studying it. Multicasting uses concepts that are unlike anything you've run into in your routing protocol studies, and that can throw you at first. I speak from experience that multicasting is like any other Cisco technology - learn the basics, master the fundamentals, and then build your skills on that foundation.

One such fundamental is the RPF Check, or Reverse Path Forwarding Check.

A fundamental difference between unicasting and multicasting is that a unicast is routed by sending it toward the destination, while a multicast is routed by sending it away from its source.

"toward the destination" and "away from its source" sound like the same thing, but they're not. A unicast is going to follow a single path from source to destination. The only factor the routers care about is the destination IP address - the source IP address isn't a factor.

With multicast routing, the destination is a multicast IP group address. It's the multicast router's job to decide which paths will lead back to the source (upstream) and which paths are downstream from the source. Reverse Path Forwarding refers to the router's behavior of sending multicast packets away from the source rather than toward a specific destination.

The RPF Check is run against any incoming multicast packet. The multicast router examines the interface that the packet arrived on. If the packet comes in on an upstream interface - that is, an interface found on the reverse path that leads back to the source - the packet passes the check and will be forwarded. If the packet comes in on any other interface, the packet is dropped.

The RPF Check serves to verify the integrity of your multicasting network, and also serves as a reminder that the basic operation of multicasting is a lot different than unicasting!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNP and CCNA tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

Thursday, June 19, 2008

Why Get a Microsoft MCSE Certification?

In the years of the dot com boom and bust, the Microsoft MCSE Certification has gotten its eye blackened over an over. Paper Microsoft MCSE's who were excellent at finding brain dumps and passing exams gave the Microsoft MCSE Certification a bad name. What used to be a guarantee of a nice salary is now ridiculed in some ignorant circles. After working in the Information Technology field for twelve years I still believe the Microsoft MCSE Certification is worth every dollar you spend and every hour spent in study and practice. I'll share my history with the Microsoft MCSE Certification and why I still believe itรขโ�ฌโ�ขs a valuable certification credential.

My History: Pre Microsoft MCSE

When I started out as a PC LAN Analyst I wanted to someday run my own shop. The best way I felt to get there was to study for the much sought after Novell CNE and Microsoft MCSE Certification. Because I worked in a Novell environment and had no opportunity to work with Windows NT I started on my Novell CNE Certification. I went book by book purchasing them on eBay and reading while I worked a second job. The CNE was also an easier certification to get as the answers to the exam came direct from the books. Microsoft's MCSE Certification exams tend to generalize on the concepts from the books rather than the text verbatim. Once complete with the CNE I had a full understanding of Novell's File Server and their weak attempt at a firewall/web server. I understood archaic technologies like IPX and Token Ring as well as networking technologies used today such as Ethernet, and TCP/IP I at least had enough knowledge to perform well at my job and work as an IT Consultant where I formed my own business Gall Consulting which runs today as a successful income.

After getting my CNE Certification I finally got a job running my own show. I had one Novell 3.12 server which ran the entire company. Within a year we began to work with Microsoft Windows NT 3.51 and NT 4.0 was just on the scene. I began the lengthy study of the seven Microsoft MCSE exams. When I had completed the Microsoft MCSE certification a year later I was like Yoda around the job. I had a complete set of knowledge about Windows Networking and Windows Applications. Because I completed the entire set of Microsoft MCSE exams and coursework I knew the technology and the theory behind the technology. This led to high performance as a Senior LAN Administrator. Rather than a swiss cheese education I had a thorough understanding of Microsoft Windows technology and could adapt to new situations easily.

NT 4.0 to Windows 2000 MCSE

When Windows 2000 Server and Active Directory was released we faced a problem. My small Novell to small Microsoft NT Domain, had grown to a world wide enterprise with five domains including various trusts going everywhere. DNS was handled by our UNIX group and we had to find a way to learn a new technology, create a single corporate Active Directory Domain and use Dynamic DNS on our Windows Active Directory domain controllers yet co-exist with our UNIX administrators who were none to happy to have to share DNS. Faced with this challenge I returned to what worked in the past. I studied for the Windows 2000 MCSE Certification

As I did before I started at the beginning and worked my way through each course and exam until I had completed my Windows 2000 MCSE Certification. By now I had a great career as an IT Operations Manager and no one was going to hire or pay me extra just for getting my Microsoft MCSE Certification. This is the true value of the certification. It started as my drive to obtain career credentials and became a vehicle to ensure I had an entire breadth of knowledge that would let me take on monumental tasks. Needless to say, today we have a single corporate Active Directory domain with a few sub domains necessary for DMZ areas.

Our DNS works so well the UNIX group asked us to take over and we're able to build on Active Directory as a source of valuable corporate data. My point in this article is to look at the Microsoft MCSE Certification as a way to ensure you have all the knowledge rather than just what's necessary in the short term. Knowing why something works is much more powerful than knowing just enough to build it in the first place the coursework involved in the Microsoft MCSE Certification provides this. I can say without fail, EVERY Information Technology professional I've worked with that had a Microsoft MCSE Certification performed at a MUCH higher level than those who only had on the job experience or had only studied what they needed to complete their daily tasks.

About The Author

John Gall is a full time IT Manager and IT Consultant in Minnesota. He runs several websites as a hobby featuring content similar to that in this article.

http://www.napavalleypictures.com; http://www.gallconsulting.com; http://www.sandalspictures.com; http://www.microsoftclassaction.com

Wednesday, June 18, 2008

Cisco CCNP / BSCI Exam Tutorial: Filtering BGP Updates With Prefix Lists

A major part of your BSCI and CCNP exam success is mastering BGP, and that includes filtering BGP routing updates. In this tutorial, we'll take a look at how to filter BGP updates with prefix lists.

R4 is advertising three networks via BGP. The downstream router R3 sees these routes and places them into its BGP table as shown below. R3 has two downstream BGP peers, R1 and R2, and is advertising itself as the next-hop IP address for all BGP routes sent to those two routers.

R4(config)#router bgp 4

R4(config-router)#network 21.0.0.0 mask 255.0.0.0

R4(config-router)#network 22.0.0.0 mask 255.0.0.0

R4(config-router)#network 23.0.0.0 mask 255.0.0.0

R3#show ip bgp

BGP table version is 4, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i รขโ�ฌโ�� Internal

Origin codes: i - IGP, e - EGP, ? รขโ�ฌโ�� incomplete

Network Next Hop Metric LocPrf Weight Path

*> 21.0.0.0 10.2.2.4 0 0 4 I

*> 22.0.0.0 10.2.2.4 0 0 4 I

*> 23.0.0.0 10.2.2.4 0 0 4 I

R3(config)#router bgp 123

R3(config-router)#neighbor 172.12.123.1 next-hop-self

R3(config-router)#neighbor 172.12.123.2 next-hop-self

In turn, both R1 and R2 have these three routes in their respective BGP tables.

R2#show ip bgp

BGP table version is 4, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i รขโ�ฌโ�� Internal

Origin codes: i - IGP, e - EGP, ? รขโ�ฌโ�� incomplete

Network Next Hop Metric LocPrf Weight Path

*>i21.0.0.0 172.12.123.3 0 100 0 4 I

*>i22.0.0.0 172.12.123.3 0 100 0 4 I

*>i23.0.0.0 172.12.123.3 0 100 0 4 I

R1#show ip bgp

BGP table version is 4, local router ID is 19.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i รขโ�ฌโ�� Internal

Origin codes: i - IGP, e - EGP, ? รขโ�ฌโ�� incomplete

Network Next Hop Metric LocPrf Weight Path

*>i21.0.0.0 172.12.123.3 0 100 0 4 I

*>i22.0.0.0 172.12.123.3 0 100 0 4 I

*>i23.0.0.0 172.12.123.3 0 100 0 4 I

If we wanted R3 to receive all three of these routes from R4 but not advertise all of them to R2 and R1, we've got a couple of options on how to block these routes. Cisco's recommendation is the use of prefix-lists, and once you get used to the syntax (which you should do before taking and passing the BSCI), you'll see they are actually easier to use than access-lists.

In this case, we're going to configure R3 to send only the route to 21.0.0.0 to R1 and 23.0.0.0 to R2. However, we do want these two routers to get any future routes that R4 advertises into BGP.

Since R1 and R2 will learn about these routes from an iBGP neighbor, they will not advertise the routes to each other.

On R3, we'll write a prefix-list that denies 22.0.0.0/8 and 23.0.0.0/8, but permits all other routes. After applying the prefix list as shown, R1 sees only the 21.0.0.0 /8 route.

R3(config)#ip prefix-list FILTER_R1 deny 22.0.0.0/8

R3(config)#ip prefix-list FILTER_R1 deny 23.0.0.0/8

R3(config)#ip prefix-list FILTER_R1 permit 0.0.0.0/0 le 32

R3(config)#router bgp 123

R3(config-router)#neighbor 172.12.123.1 prefix-list FILTER_R1 out

R3#clear ip bgp * soft

R1#show ip bgp

BGP table version is 6, local router ID is 19.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i รขโ�ฌโ�� Internal

Origin codes: i - IGP, e - EGP, ? รขโ�ฌโ�� incomplete

Network Next Hop Metric LocPrf Weight Path

*>i21.0.0.0 172.12.123.3 0 100 0 4 I

The paths to 22.0.0.0/8 and 23.0.0.0/8 have been successfully filtered.

We'll do the same for R2, except the route not being expressly blocked is 23.0.0.0/8. The line "ip prefix-list permit 0.0.0.0/0 le 32" is the prefix list equivalent of a "permit any" statement in an ACL.

R3(config)#ip prefix-list FILTER_R2 deny 21.0.0.0/8

R3(config)#ip prefix-list FILTER_R2 deny 22.0.0.0/8

R3(config)#ip prefix-list FILTER_R2 permit 0.0.0.0/0 le 32

R3(config)#router bgp 123

R3(config-router)#neighbor 172.12.123.2 prefix-list FILTER_R2 out

R3#clear ip bgp * soft

R2#show ip bgp

BGP table version is 6, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i รขโ�ฌโ��

Internal

Origin codes: i - IGP, e - EGP, ? รขโ�ฌโ�� incomplete

Network Next Hop Metric LocPrf Weight Path

*>i23.0.0.0 172.12.123.3 0 100 0 4 I

The paths to 21.0.0.0/8 and 22.0.0.0/8 have been successfully filtered.

To see the prefix lists configured on a route as well as the order of the statements in each list, run show ip prefix-list.

R3#show ip prefix-list

ip prefix-list FILTER_R1: 3 entries

seq 5 deny 22.0.0.0/8

seq 10 deny 23.0.0.0/8

seq 15 permit 0.0.0.0/0 le 32

ip prefix-list FILTER_R2: 3 entries

seq 5 deny 21.0.0.0/8

seq 10 deny 22.0.0.0/8

seq 15 permit 0.0.0.0/0 le 32

Get some hands-on practice with prefix lists and you'll quickly master them. Prefix lists are an important part of working with BGP in the exam room and production networks, so it's vital that you are comfortable working with them.

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNP and CCNA tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

CCNP / BCMSN Exam Tutorial: VLAN Trunking Protocol (VTP)

Passing the BCMSN exam and getting one step closer to the CCNP certification means learning and noticing details that you were not presented with in your CCNA studies. (Yes, I know รขโ�ฌโ�� you had more than enough details then, right?) One protocol youรขโ�ฌโ�ขve got to learn more details about is VTP, which seemed simple enough in your CCNA studies! Part of learning the details is mastering the fundamentals, so in this tutorial weรขโ�ฌโ�ขll review the basics of VTP.

In show vtp status readouts, the "VTP Operating Mode" is set to "Server" by default. The more familiar term for VTP Operating Mode is simply VTP Mode, and Server is the default. It's through the usage of VTP modes that we can place limits on which switches can delete and create VLANs.

In Server mode, a VTP switch can be used to create, modify, and delete VLANs. This means that a VTP deployment has to have at least one switch in Server mode, or VLAN creation will not be possible. Again, this is the default setting for Cisco switches.

Switches running in Client mode cannot be used to create, modify, or delete VLANs. Clients do listen for VTP advertisements and act accordingly when VTP advertisements notify the Client of VLAN changes.

VTP Transparent mode actually means that the switch isn't participating in the VTP domain as Servers and Clients do. (Bear with me here.) Transparent VTP switches don't synchronize their VTP databases with other VTP speakers. They don't even advertise their own VLAN information! Therefore, any VLANs created on a Transparent VTP switch will not be advertised to other VTP speakers in the domain, making them locally significant only. (I know you remember that phrase from your CCNA studies!)

Devices running VTP Transparent mode do have a little something to do with the other switches in the VTP domain, though. When a switch running in Transparent mode receives a VTP advertisement, that switch will forward that advertisement to other switches in that VTP domain.

Configuring switches as VTP Clients is a great way to "tie down" VLAN creation capabilities to switches that are under your physical control. However, this occasionally leads to a situation where only the VTP clients will have ports that belong to a given VLAN, but the VLAN still has to be created on the VTP server. (VLANs can be created and deleted in transparent mode, but those changes aren't advertised to other switches in the VTP domain.)

In the next BCMSN tutorial, weรขโ�ฌโ�ขll take a look at the details of VTP.

Tuesday, June 17, 2008

Cisco CCNA / CCNP Exam Tutorial: EIGRP Dual Queries, SIA, And Stub Routers

EIGRP is a major subject of the CCNA exam, and Cisco goes into even more detail with EIGRP on your CCNP exams. Part of that detail is the purpose and configuration of EIGRP stub routers.

A problem with EIGRP comes in when a successor is lost and there is no feasible successor. DUAL doesn't give up that easily, though. DUAL will mark the route as Active, indicating that the route is being calculated and cannot be used to route data, and will send out a Query message.

A DUAL Query is basically one neighbor asking another, "Hey, do you know how to get to this network I just lost my route to?" If that neighbor has a route, the query will be answered with that route; if the neighbor doesn't have such a route, that neighbor will ask its neighbors. The process continues until a downstream router replies with the desired route, or the EIGRP downstream routers run out of neighbors to ask.

It's a good idea to limit the scope of your DUAL queries, otherwise routes may go into Stuck In Active state during this reconfiguration. Route summarization helps to limit queries, as does configuration of EIGRP stub routers.

While EIGRP does not have the stub area options that OSPF does, EIGRP does allow a router to be configured as stub. This is commonly done with a hub-and-spoke configuration where the spoke routers do not have the resources to keep a full routing table. Since the spoke's next hop will always be the hub, all the spoke really needs is a default route. For this reason, the only neighbor an EIGRP stub router can have is the hub router. (Obviously, the hub would never be configured as stub.)

Configuring EIGRP stub routers also combats the SIA problem. EIGRP stub routers are not queried for routes when the hub does not have a feasible successor for a successor route that has gone down.

By default, EIGRP stub routers advertise information about two types of routes back to the hub - directly connected networks and summary routes. To change this default, use the eigrp stub command followed by the types of routes you want the stub to advertise back to the hub. (The eigrp stub command run by itself configures the router as stub.)

R1(config)#router eigrp 100

R1(config-router)#eigrp stub ?

connected Do advertise connected routes

receive-only Set IP-EIGRP as receive only neighbor

static Do advertise static routes

summary Do advertise summary routes

Assume a network where R5 is the hub and R4, R6, and R7 are spokes. As long as the spokes have a neighbor relationship only with the hub, they can be configured as stub routers. They will then advertise their directly connected networks and summary routes back to the hub and will receive only a default route back from the hub. If R5 loses a successor and has no feasible successor, it will not send a query packet to any of the stub routers.

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNA and CCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

Sunday, June 15, 2008

Cisco CCNP / BSCI Exam Tutorial: Using OSPF's "Summary-Address" Command

BSCI exam success, not to mention earning your CCNP, can come down to your OSPF route summarization skills. There are a few different commands and situations you need to be ready for, and one of these vital details is the proper use of the "summary-address" command.

The summary-address command should be used on an ASBR in order to summarize routes that are being injected into the OSPF domain via redistribution. In the following example, four routes are being redistributed into OSPF on R1, making R1 an ASBR.

interface Loopback16
ip address 16.16.16.16 255.0.0.0
!
interface Loopback17
ip address 17.17.17.17 255.0.0.0
!
interface Loopback18
ip address 18.18.18.18 255.0.0.0
!
interface Loopback19
ip address 19.19.19.19 255.0.0.0

R1(config)#router ospf 1
R1(config-router)#redistribute connected subnets

These four routes are seen on the downstream router R2 as External Type-2, the default for routes redistributed into OSPF.

R2#show ip route ospf
O E2 17.0.0.0/8 [110/20] via 172.12.123.1, 00:00:07, Serial0
O E2 16.0.0.0/8 [110/20] via 172.12.123.1, 00:00:07, Serial0
O E2 19.0.0.0/8 [110/20] via 172.12.123.1, 00:00:07, Serial0
O E2 18.0.0.0/8 [110/20] via 172.12.123.1, 00:00:07, Serial0

You can probably do this summarization in your head, but do so before continuing with the lab. : )

R1(config)#router ospf 1 R1(config-router)#summary-address 16.0.0.0 252.0.0.0

Look at the difference in R2's OSPF table.

R2#show ip route ospf
O E2 16.0.0.0/6 [110/20] via 172.12.123.1, 00:00:05, Serial0

The external routes have been successfully summarized, and four routes have been summarized into one single route. Note that the summary route is still marked as an E2 route.

There's an interesting side effect from the summarization present on R1:

R1#show ip route ospf
O 16.0.0.0/6 is a summary, 00:01:51, Null0

When you configure summary routes in OSPF, a route to null0 will be installed into the OSPF routing table. This helps to prevent routing loops. Any packets destined for the routes that have been summarized will have a longer match in the routing table....

R1#show ip route

Gateway of last resort is not set

C 17.0.0.0/8 is directly connected, Loopback17
C 16.0.0.0/8 is directly connected, Loopback16
C 19.0.0.0/8 is directly connected, Loopback19
C 18.0.0.0/8 is directly connected, Loopback18
O 16.0.0.0/6 is a summary, 00:01:51, Null0

.. and packets that do not match one of the summarized routes but do match the summary route will be dropped.

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNP and CCNA tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

Saturday, June 14, 2008

Cisco CCNP / BCMSN Exam Tutorial: The Four (Or Five) STP Port States

As a CCNP candidate and a CCNA, you may be tempted to skip or just browse the many details of Spanning Tree Protocol. After all, you learned all of that in your CCNA studies, right? That's right, but it never hurts to review STP for a switching exam! Besides, many of us think of the four STP port states - but officially, there's a fifth one!

Disabled isn't generally thought of as an STP port state, but Cisco does officially consider this to be an STP state. A disabled port is one that is administratively shut down.

Once the port is opened, the port will go into blocking state. As the name implies, the port can't do much in this state - no frame forwarding, no frame receiving, and therefore no learning of MAC addresses. About the only thing this port can do is accept BPDUs from neighboring switches.

A port will then go from blocking mode into listening mode. The obvious question is "listening for what?" Listening for BPDUs - and this port can now send BPDUs as well. The port still can't forward or receive data frames.

When the port goes from listening mode to learning mode, it's getting ready to send and receive frames. In learning mode, the port begins to learn MAC addresses in preparation for adding them to its MAC address table.

Finally, a port can go into forwarding mode. This allows a port to forward and receive data frames, send and receive BPDUs, and place MAC addresses in its MAC table.

To see the STP mode of a given interface, use the show spanning-tree interface command.

SW1#show spanning-tree interface fast 0/11

Vlan Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- ----------

VLAN0001 Desg FWD 19 128.11 P2p

To see these states in action, shut a port down in your CCNA / CCNP home lab and continually run the show spanning interface command. Once you see this in action on real Cisco equipment, you'll have no problem with BCMSN exam questions. Just don't practice this or any other Cisco command on a production network!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNP and CCNA tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

Friday, June 13, 2008

Passing Your MCSE Exams on the Road to Microsoft Certification

To earn the Microsoft certified systems engineer certification and to prove expertise in designing and implementation of the infrastructure for business solutions based on the Microsoft Windows 2003 platform and Microsoft Windows Server system, MCSE exam is the best medium.

MCSE exam is held to improve the expertise in designing and implementing Windows Server 2003 and other issues related to it. In order to take an MCSE exam one needs to go through a fourteen-day MCSE training boot camp that helps in successfully becoming an MCSE. They use custom developed curriculum that is designed to provide both exam preparation and practical technology skills, ensuring that the examinee shall be ready for the performance based testing Microsoft has introduced in their certification programs. Experience instructors have been arranged who posses many years of experience of working wit Microsoft operating system and technologies both in the field and in the classroom.

Computer labs are designed using genuine PC technology, which provides each student having the ability to access various Microsoft operating systems simultaneously on their desktop. Due to this facility provided for MCSE exam, students can access any time to practice for the exam throughout in order to maintain their progress and determine the areas that require further study of those Microsoft operating systems.

Different kinds of resources are provided to both students and instructors under this boot camp while preparing for MCSE exam. These resources are based on web and also distribute them after and before the classroom session so that both of them can share information. The online forum assists them to analyze different methods of programming. These centers are available for obtaining the certification goals. Pre-class preparation is essential to ensure complete success in an MCSE exam.

In the beginning materials and instructions are handed out which define as to how to prepare for the exam. In addition to this, as earlier mentioned one gets to access online resources, which provide detailed course information, and additional preparation resources. These resources related to the discussion forums and private questions posed to the instructors also help in preparing for the MCSE exam as they help in clearing doubts and difficulties.

The boot camp for MCSE exam is set up to ensure the success rate for the examinees as well to prepare them before beginning of the classes. One testing voucher per MCSE exam is included with the course material. It ensures that the examinee is not misled. The limitation for the MCSE exam is provided during the class. Cost of retaking is borne by the examinee in case if he is unable to appear on the scheduled date. Also, if one feels that he would not be ready to take one or more exam during the boot camp then vouchers are handed out to enable the examinee to take the exam at a later date. This course can be retaken at free of cost but the testing fee and the courseware fee is not included. The validity for retaking the exams stands for six months.

The candidates should have at least one year of experience in using Windows NT, Windows 2000 Server or Windows 2003 server in a networking environment to be eligible to attend the boot camp for the MCSE exam. Along with this there are several other pre-requisites for taking the exam. The candidate should have the knowledge of general networking concepts, IP addressing and sub-netting Active Directory Networking services. This gives the opportunity to brush up on technology skills and fill in any gaps in the knowledge base.

James Croydon, Microsoft Certified Professional and MCSE Courses Online advisor - focusing on MCSE Online Training and MCSE Certification Courses

Four Important Commands For Your CCNA / CCNP Home Lab

More CCNA and CCNP candidates than ever before are putting together their own home practice labs. It's more affordable than it ever has been, and I receive emails daily from new CCNAs and CCNPs who say it's the best thing they could have done to improve their studies.

There are some commands you can configure on your lab routers that won't necessarily be on your CCNA or CCNP exams, but they will make life a lot easier for you. Let's take a look at just a few of these.

The command "no exec" is short, yet powerful. Occasionally you'll have what is referred to as a "rogue EXEC" process tie up a line, and you end up having to continually clear lines, which disrupts your practice. If you have an access server, I highly recommend you configure this command on your lines, as shown here:

ACCESS_SERVER(con)#line 1 8

ACCESS_SERVER(con)#no exec

From your CCNA studies, you know that the command "no ip domain-lookup" prevents a Cisco router from sending a broadcast to find a DNS server anytime you enter something that is not an IOS command - and that includes mistyped commands, which happens to all of us sooner or later. Make sure to run that command in global configuration mode on all your practice routers.

There are two commands I like to configure on the console line on all my practice routers and switches. The first is "exec-timeout 0 0", which prevents you from being kicked out of enable mode and back into user exec after a few minutes of inactivity. (This doesn't sound like much, but you'll get pretty tired of typing "enable" after a while.) The first zero refers to minutes, the second zero to seconds. Setting them both to zero disables the exec-timeout function.

The second command prevents the router from interrupting the command you're typing with a console message. If you've ever been in the middle of typing a router command and suddenly you're interrupted with a logging message, you know that can be pretty annoying. We don't want the router to not display the message, but we do want the router to wait until we're done entering data. The command to perform this is "logging synchronous".

R1(config)#line console 0

R1(config-line)#exec-timeout 0 0

R1(config-line)#logging synchronous

You won't see many of these commands on your exams, but after you configure them on your home lab devices, you'll wonder how you did without them!

Thursday, June 12, 2008

Network+ Exam Tutorial: Network Interface Cards (NICs)

Part of the challenge of passing the Network+ exam is learning about all the different types of hardware a network requires. Today weรขโ�ฌโ�ขll take a look at a vital part of network connectivity, the Network Interface Card (NIC, pronounced "nick").

The NIC is the device, or card, that gives the host a physical connection to the network. The NIC is generally an internal device, but one that can be removed and replaced with a different NIC. NICs are considered Physical layer devices and work at Layer 1 of the OSI model.

Most issues involving NICs occur before the device is even added to the network - because the purchaser didn't do their research. All NICs are not created equal. Some are for Ethernet networks, some for Token Ring, and speed capabilities vary as well. Don't assume a given vendor's NIC is going to fit your device and give you the results you want. A quick visit to the vendor's website and a few minutes looking up NIC specifications can save you a lot of trouble later on.

One more NIC warning - take your time when you're installing a new NIC. Make sure the device is off, and make sure you're properly grounded by connecting the grounding strap to your wrist. Otherwise, you can send static electricity into places on the host where it's only going to cause damage.

Your new NIC should also come with directions on how to download the drivers for that NIC. Drivers sound like something physical, but they're not. Drivers are simply software files that are needed on the host in order for the NIC to work correctly. Vendors used to include drivers on CDs with their NICs, but the trend now is to include instructions on where to download the drivers from the vendor website.

That does lend itself to an occasional Catch-22: "If I don't have this device on the Net yet, how can I download the drivers?" If the host has no network connectivity, you may need to download the drivers to a host that does, copy the files to CD, and then install the drivers from CD.

You'll see two different lights on a typical NIC, one green and one amber. Depending on whether the host has network connectivity or not, the lights will be solid, flashing, or out. Sometimes flashing is good, sometimes it's not! Here's a guide to the colors you'll see on a NIC:

A solid green light indicates connectivity is present. This link light is generally either green or off. Green is good, off is not! That light should stay a solid green. If you see it flashing green, that's a sign of intermittent connectivity, which is a fancy way of saying "one minute the PC is on the network, the next minute it's not". Most likely, either the NIC or the cable connected to the NIC is going bad. With the green light, flashing is not desirable.

Flashing amber lights indicate collisions. You'll see this flash occasionally even on a healthy network, but you don't want to see it flash so often that it looks like a solid amber light!

If you have an Internet connection at home, you can see these lights in action for yourself. The green and amber lights will be right next to where the cable from your modem connects to your PC.

On occasion, you'll have a PC that loses connectivity to the network. I advise you to always start network troubleshooting at the Physical layer of the OSI model, and that means checking both the NIC and the cable connected to it. I personally would swap the cable out first, since they seem to go bad more often than NICs, but that's up to you. If you swap NICs and you still can't get the PC on the network, try putting a new cable in.

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of over 100 free certification exam tutorials, including Security+, Network +, CCNA, and CCNP topics.

You can also join his RSS feed and visit his blog, which is updated several times daily with new Cisco certification articles, free tutorials, and daily CCNA, Network+, Security+, A+, and CCNP certification exam practice questions!

For a FREE copy of his latest e-books, "How To Pass The CCNA" and "How To Pass The CCNP", visit the website and download your free copies. You can also get FREE CCNA and CCNP exam questions every day! And now, you can earn your A + certification from The Bryant Advantage!

Tuesday, June 10, 2008

Cisco CCNA / CCNP Certification Exam: Creating A Study Plan

Whether you're just starting to think about passing the CCNA or CCNP exams, or you've been on the certification track for a while, you've got to have a plan for success. If you wanted to drive your car from Florida to California, you'd create a plan to get there. You'd get a map and decide how far you wanted to drive per day, and maybe even make some hotel reservations in advance. You certainly wouldn't get in your car, just drive it randomly down the nearest highway, and hope you ended up in California, would you?

Certainly not. Earning your CCNA certification is the same way. It's not enough to just study a few minutes "when you feel like it", or tell yourself that you'll start studying for the exams "when I get such-and-such done". The perfect time to start on the road to Cisco certification is not tomorrow, and it's not next week. It's today.

You're much better off with one hour of solid study than three hours of interrupted, unfocused study. Here are a few ways to go about getting the kind of quality study time that will get you to the CCNA or CCNP (or any Cisco certification, for that matter!).

Schedule your study time, and regard this study time as you would an appointment with a client. If you were to meet a customer at 10:00 to discuss a network install, would you just decide not to show up and watch television instead? Not if you wanted the job. The same goes for your study time. That's an appointment with the most important customer of all - YOU.

Turn your cell, iPod, TV, instant messenger, and all other electronic collars off for the duration of your study time. I know those of us in information technology don't like to say this, but we can actually exist without being in touch with the world for a little while. You may even get to like it! Having uninterrupted study time is key to CCNA and CCNP exam success.

Finally, schedule your exam before you start studying. Contrary to what many people think, "deadline" is not a dirty word. We do our best work when we have a deadline and a schedule to keep. Make out your study schedule, schedule your exam, and get to work just as you would a network project for a customer. The project you're working on is your career and your life, and by following these simple steps you can make it a highly successful project - by passing your CCNA and CCNP exam!

Cisco CCNA Certification Exam Tutorial: Configuring And Troubleshooting VTP

Not only is your CCNA exam going to have questions on VLAN trunking protocol, almost any network that has more than one VLAN is going to have VTP running. Whether you're planning on passing the CCNA exam or just brushing up on your networking skills, this VTP tutorial will help you learn the basics of this important protocol.

VTP allows switches to advertise VLAN information between other members of the same VTP domain. VTP allows a consistent view of the switched network across all switches. When a VLAN is created on one switch in a VTP server, all other VTP devices in the domain are notified of that VLANรขโ�ฌโ�ขs existence. VTP servers will know about every VLAN, even VLANs that have no members on that switch.

Switches run VTP in one of three modes. In server mode, VLANs can be created, modified, and deleted on a VTP server. When these actions are taken, the changes are advertised to all switches in the VTP domain. VTP Servers keep VLAN configuration information upon reboot.

In client mode, the switch cannot modify, create, or delete VLANs. VTP clients cannot retain VLAN configuration information upon reboot; they have to obtain this information from a VTP server.

In real-world networks, this is generally done to centralize the creation and deletion of VLANs. An interesting side effect of the server/client methodology is that if a VLAN is only to have ports on the VTP client switch, the VLAN must still first be created on the VTP server. The VTP client will learn about the VLAN from the VTP server, and ports can then be placed into that VLAN.

The third VTP mode is transparent mode. VTP switches in this mode ignore VTP messages. They do forward the VTP advertisements received from other switches. VLANs can be created, deleted, and modified on a transparent server, but those changes are not advertised to the other switches in the VTP domain.

For switches running VTP to successfully exchange VLAN information, three things have to happen. I've listed them for you in the order that you'll see them in the real world.

The VTP domain name must match. This is case-sensitive. "CISCO" and "cisco" are two different domains.

To distribute information about a newly-created VLAN, the switch upon which that VLAN is created must be in Server mode.

Learning VTP isn't just a good idea for passing your CCNA exams, it's a skill you must have to be effective in configuring and troubleshooting VLANs. I wish you the best in both of these pursuits!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNA and CCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

Sunday, June 8, 2008

Cisco CCNA / CCNP Certification Exam Tutorial: Configuring PPP Callback

You may run into situations where a router in a remote location needs to dial in to a central router, but the toll charges are much higher if the remote router makes the call. This scenario is perfect for PPP Callback, where the callback client places a call to a callback server, authentication takes place, and the server then hangs up on the client! This ensures that the client isn't charged for the call. The server then calls the client back.

In the following example, R2 has been configured as the client and R1 is the callback server. Let's look at both configurations and the unique commands PPP Callback requires.

Client:

username R1 password CCIE

interface BRI0

ip address 172.12.12.2 255.255.255.0

encapsulation ppp

dialer map ip 172.12.12.1 name R1 broadcast 5557777

dialer-group 1

isdn switch-type basic-ni

ppp callback request

ppp authentication chap

Most of that configuration will look familiar to you, but the ppp callback request command might not. This command enables the BRI interface to request the callback.

Simple enough, right? The PPP Callback Server config requires more configuration and an additional map-class as well.

Server:

username R2 password CCIE interface BRI0

ip address 172.12.12.1 255.255.255.0

encapsulation ppp

dialer callback-secure

dialer map ip 172.12.12.2 name R2 class CALL_R2_BACK broadcast 5558888

dialer-group 1

isdn switch-type basic-ni

ppp callback accept

ppp authentication chap

map-class dialer CALL_R2_BACK

dialer callback-server username

Examining the PPP Callback Server command from the top down...

dialer callback-secure enables security on the callback. If the remote router cannot be authenticated for callback, the incoming call will be disconnected.

The dialer map statement now calls the class CALL_R2_BACK, shown at the bottom of the config excerpt.

ppp callback accept enables PPP callback on this router.

dialer callback-server username tells the callback server that the device referenced in the dialer map statement is a callback client.

The only way to find out if the config works is to test it, so let's send a ping from R2 to R1 and see if the callback takes place.

R2#ping 172.12.12.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.12.12.1, timeout is 2 seconds:

02:45:42: BR0 DDR: Dialing cause ip (s=172.12.12.2, d=172.12.12.1)

02:45:42: BR0 DDR: Attempting to dial 5557777

02:45:42: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up

02:45:42: BR0:1 DDR: Callback negotiated - Disconnecting now

02:45:42: BR0:1 DDR: disconnecting call

02:45:42: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 5557777 R1

02:45:42: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down

02:45:42: DDR: Callback client for R1 5557777 created

02:45:42: BR0:1 DDR: disconnecting call.....

Success rate is 0 percent (0/5)

R2#

02:45:57: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up

R2#

02:45:57: BR0:1 DDR: Callback received from R1 5557777

02:45:57: DDR: Freeing callback to R1 5557777

02:45:57: BR0:1 DDR: dialer protocol up

02:45:58: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state to up

The callback was successfully negotiated, and the call then disconnected. R1 then called R2 back, and show dialer on R1 confirms the purpose of the call.

R1#show dialer

BRI0 - dialer type = ISDN

Dial String Successes Failures Last DNIS Last status

5558888 2 4 00:00:20 successful

0 incoming call(s) have been screened.

0 incoming call(s) rejected for callback.

BRI0:1 - dialer type = ISDN

Idle timer (120 secs), Fast idle timer (20 secs)

Wait for carrier (30 secs), Re-enable (15 secs)

Dialer state is data link layer up

Dial reason: Callback return call

Time until disconnect 99 secs

Connected to 5558888 (R2)

Pretty cool! PPP Callback isnรขโ�ฌโ�ขt just important for passing your CCNA and CCNP exams รขโ�ฌโ�� in circumstances such as shown in this example, it can save your organization quite a bit of money!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNA and CCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

Saturday, June 7, 2008

Get the Boot - A Birds-Eye Look into MCSE Boot Camps

MCSE boot camps have its supporters and its detractors. Some people do not understand why you should have to spend money on boot camp when you can get the MCSE study materials yourself at a fraction of the camp price. However, who has the willpower to actually sit through a self-imposed MCSE training? Not too many people! That is what the MCSE boot camps are for.

These boot camps are typically an intense two-week long MCSE training course that prepares you for the MCSE exams. Some companies that conduct boot camps offering Microsoft certification, especially the MCSE, guarantee that you will pass your MCSE exams. If you happen to fail, they will usually issue a voucher to try it again. For many people who attend these MCSE boot camps, it is preferable to have an intense two weeks with little to distract you rather than drawing out the classes for weeks with outside influences like work and family interfering with study time. Sure, being gone for two weeks is a temporary hassle, but you will have your certification in a fraction of the time.

Did you catch the being gone for two weeks bit? You can probably find a boot camp near your home, but most likely you will end up attending an MCSE boot camp away from your home, far enough away where it is not worth it to commute. Two weeks away from home? That doesn't sound like a picnic! But just think of the rewards you will reap after trudging through all that MCSE training and taking the MCSE exams.

If you are lucky, your company will pick up the tab on your Microsoft certification. Paying on your own is a major investment, usually a few thousand dollars depending on where the location is and if hotel and meals are included in the price. For your money, you will get a tough instructor, an MCSE drill sergeant for lack of a better description. That instructor's reputation is on the line, so he or she will be motivated to ensure your success. That is why the success rate for these MCSE boot camps is high, in some places as high as 95%!

For your investment, you will have numerous MCSE training sessions in Networking Basics as well as learning about the infrastructure of a network. You will study security design, directories and how to manage Windows network environments. Hands-on training in learning labs with after-hours access for extra practice is the norm. Practice MCSE exams are also given out as a study tool and to also help prepare you for your own test time.

Microsoft certifications are here to stay and the MCSE is a popular avenue to travel. If you have got the time and can swing the cost, MCSE boot camps will definitely give you a boost into a new career.

James Croydon, Microsoft Certified Professional and MCSE Online advisor - focusing on MCSE Online Certification and MCSE Courses Online

Cisco CCNA Exam Tutorial: Cisco Discovery Protocol (CDP)

The Cisco Discovery Protocol (CDP) sure looks simple enough, but there are quite a few details to know for success on the CCNA exam. In your CCNP studies, you'll be introduced to additional uses for CDP, but for now it's enough to know that CDP is designed to give you information regarding directly connected Cisco routers and switches.

CDP runs by default between all directly connected Cisco devices. CDP is also a Cisco-proprietary protocol - if the directly connected device is not a Cisco device, you won't see the information you wanted.

The basic CDP command to display information about the directly connected neighbor is "show cdp neighbor".

R2#show cdp neighbor

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

S - Switch, H - Host, I - IGMP, r รขโ�ฌโ�� Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID

R1 BRI0 167 R 2521 Dialer1

This command is particularly helpful when troubleshooting Cisco switches. Thereรขโ�ฌโ�ขs no need to trace wiring in a rack of Cisco devices to see what routers are connected to a Cisco switch when show cdp neighbor can be used. In the above output, you can see the remote device's hostname, what interface on the remote device is connected to the local device, the capability of the remote device, the remote deviceรขโ�ฌโ�ขs hardware platform, and the local interface that is connected to the remote device.

CDP can be disabled at both the global and interface level. To disable CDP at the interface level, run no cdp enable on the interface, and cdp enable to turn it back on.

cdp timer defines how often CDP packets are transmitted, and cdp holdtime defines how long a device will hold a received packet.

To turn CDP off for the entire router, run no cdp run. To view the current global status of CDP, run show cdp.

R2#show cdp

Global CDP information:

Sending CDP packets every 60 seconds

Sending a holdtime value of 180 seconds

CDP is running by default.

R2#conf t

R2(config)#cdp timer 45

R2(config)#cdp holdtime 100

The CDP timers are changed.

R2#show cdp

Global CDP information:

Sending CDP packets every 45 seconds

Sending a holdtime value of 100 seconds

The CDP values have been successfully changed. "show cdp interface" will give the timer information for each interface on the router.

R2#conf t

R2(config)#interface bri0

R2(config-if)#no cdp enable

CDP is disabled on the BRI interface. This does NOT have to be done to keep the line from dialing.

R2#conf t

R2(config)#no cdp run

CDP is disabled globally.

R2#show cdp

% CDP is not enabled

CDP has been successfully disabled.

Show cdp neighbor gives you a great deal of information, but what if you need the neighborรขโ�ฌโ�ขs IP address? Just run show cdp neighbor detail. You will get even more information about that directly connected neighbor, including its IP address.

SW2#show cdp neighbor detail

-------------------------

Device ID: R4

Entry address(es):

IP address: 172.12.23.4

Platform: cisco 2520, Capabilities: Router

Interface: FastEthernet0/4, Port ID (outgoing port): Ethernet0

Holdtime : 158 sec

The details of CDP are important to you on the job and in the CCNA exam room. When you find yourself negotiating a badly documented network, you can use CDP to "walk" through the network and create a network map for your client as well. Sometimes the simplest protocols are the most helpful!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNA and CCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

Friday, June 6, 2008

Cisco CCNP / BCSI Exam Tutorial: Configuring EIGRP Packet Authentication

Configuring RIPv2 and EIGRP authentication with key chains can be tricky at first, and the syntax isn't exactly easy to remember. But for BSCI and CCNP exam success, we've got to be able to perform this task.

In a previous tutorial, we saw how to configure RIPv2 packet authentication, with both clear-text and MD5 authentication schemes. EIGRP authentication is much the same, and has the text and MD5 authentication options as well. But EIGRP being EIGRP, the command just has to be a little more detailed!

As with RIPv2, the authentication mode must be agreed upon by the EIGRP neighbors. If one router's interface is configured for MD5 authentication and the remote router's interface is configured for text authentication, the adjacency will fail even if the two interfaces in question are configured to use the same password.

We'll now configure link authentication on the adjacency over an Ethernet segment. Below, you'll see how to configure a key chain called EIGRP on both routers, use key number 1, and use the key-string BSCI. Run show key chain on a router to see all key chains.

R2(config)#key chain EIGRP

R2(config-keychain)#key 1

R2(config-keychain-key)#key-string BSCI

R2#show key chain

Key-chain EIGRP:

key 1 -- text "BSCI"

accept lifetime (always valid) - (always valid) [valid now]

send lifetime (always valid) - (always valid) [valid now]

R3(config)#key chain EIGRP

R3(config-keychain)#key 1

R3(config-keychain-key)#key-string BSCI

R3#show key chain

Key-chain EIGRP:

key 1 -- text "BSCI"

accept lifetime (always valid) - (always valid) [valid now]

send lifetime (always valid) - (always valid) [valid now]

The EIGRP command to apply the key chain is a bit of a pain to remember, because the protocol and AS number is identified in the middle of the command, not the beginning. Also note that two commands are needed - one to name the key chain, another to define the authentication mode in use.

R2(config)#interface ethernet0

R2(config-if)#ip authentication key-chain eigrp 100 EIGRP

R2(config-if)#ip authentication mode eigrp 100 md5

5d07h: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.23.3 (Ethernet0) is down: keychain changed

R3(config)#interface ethernet0

R3(config-if)#ip authentication key-chain eigrp 100 EIGRP

R3(config-if)#ip authentication mode eigrp 100 md5

5d07h: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.23.2 (Ethernet0) is up:

As with RIPv2, the existing adjacency was torn down when one side was configured with authentication. If the key chain is correctly defined and applied on both sides, the adjacency will come back up. Always run show ip eigrp neighbor to make sure the adjacency is present. Learn the details of EIGRP key chains by configuring them on your home lab equipment, and you'll be more than ready for BSCI exam success!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNP and CCNA tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

Wednesday, June 4, 2008

Cisco CCNP Certification FAQ

To earn your CCNP, you've got to pass some very rigorous Cisco exams, and you also need to know the rules regarding this important certification. In this article, I'll answer some of the most commonly asked questions regarding the CCNP.

Q: What exams do I need to pass to get my CCNP?

A: You have two options, a three-exam path and a four-exam path. Currently, the four-exam path consists of rigorous exams on advanced routing techniques (BSCI), advanced switching (BCMSN), remote access methods (BCRAN), and advanced troubleshooting techniques (CIT). The three-exam path combines the BCMSN and BSCI exams into a single exam, the Composite exam.

Q: Do I have to take them in any order?

A: No, the order is up to the candidate. Most CCNP candidates take the BSCI exam first and the CIT exam last, but again this is up to the candidate.

Q: What else do I have to do to get the CCNP?

A: You must earn your CCNA before you can be CCNP certified (as well as passing the exams, of course).

Q: Is there a recertification requirement?

A: Cisco CCNP certifications are valid for three years. During that time, you must either pass the Composite exam, the BSCI and BCMSN exams, or pass any CCIE written exam.

Q: What if I don't recertify within the three-year period?

A: You must then meet whatever CCNP requirements there are at that time, from the beginning. It's easier to make sure you recertify!

Becoming CCNP certified is a great boost to your career and your confidence, and as with any Cisco certification, it's up to you to stay current with the CCNA and CCNP requirements. Visit the Career Certification section of Cisco's website regularly to learn about the program's requirements and changes. Itรขโ�ฌโ�ขs not up to them to keep you notified of changes รขโ�ฌโ�� itรขโ�ฌโ�ขs up to you!

Tuesday, June 3, 2008

ISO 9000 Certification and Consulting

The process of becoming ISO 9000 certified can be intimidating. The manuals regarding standards and certification are written in such a way that most of us can barely comprehend what they are saying. Fortunately, several specialists are available to assist in the process. These specialists are experts in providing ISO 9000 consulting.

ISO 9000 consultants can help you to understand and effectively manage new and existing standards. By enlisting the help of a qualified professional, you can be assured that you are correctly implementing the processes. Consultants can also help you to utilize your ISO 9000 software program to document and implement your new program.

Even if you have been ISO 9000 certified for many years, a consultant can help keep you abreast the new issues and standards. An ISO 9000 consultant can help your company to achieve maximum performance and benefits from your quality control standards.

Many ISO 9000 consulting firms offer individual and comprehensive packages. The comprehensive packages include training for the implementation of ISO 9000 standards, training for internal auditors, training for documentation and training for lead auditors. When implementing these standards it is important to know that your management team is on board with the changes and fully understand the importance and implications.

Other ISO 9000 consultants offer training for individual areas. Your company can choose between on-site training or attending an overview class. For those considering taking the ISO 9000 plunge, an overview class on standards, regulations and certifications is an excellent place to start. You can gain a vast amount of knowledge by attending the courses and get a good idea of what the process entails.

When choosing a consulting firm you should begin by identifying your companyรขโ�ฌโ�ขs particular needs. Some firms specialize in creating individual training programs specific to your company. They can get an idea of what you need and develop a comprehensive plan to meet those goals. Other firms only offer generic or pre-packaged training and advice. For some industries, pre-packaged training programs may be suitable and for others it may not. Perhaps a company should begin by asking for references from the consultants and find out exactly what they can do to help your company in the ISO 9000 process.

ISO 9000 Info provides detailed information about ISO 9000 standards, software, consulting, help, and solutions. ISO 9000 Info is affiliated with Business Plans by Growthink.

Sunday, June 1, 2008

Cisco CCNA Certification Exam Tutorial: Port-Based Authentication

To pass your CCNA exam and earn this coveted certification, you must understand the details of port-based authentication. This knowledge has a great deal of value in production networks as well, since this authentication scheme is regularly implemented. Let's take a look at this particular CCNA skill.

Consider a situation where you have a server that will be connected to your switch, and you want the port to shut down if a device with a different MAC address that that of the switch attempts to connect to that port. You could also have a situation where you have someone who has a connection to a switch port in his office, and he wants to make sure that only his laptop can use that port.

Both of these examples are real-world situations, and there are two solutions for each. First, we could create a static MAC entry for that particular switch port. I don't recommend this, mainly because both you and I have better things to do than manage static MAC entries. The better solution is to configure port-based authentication on the switch.

The Cisco switch uses MAC addresses to enforce port security. With port security, only devices with certain MAC addresses can connect to the port successfully. This is another reason source MACs are looked at before the destination MAC is examined. If the source MAC is non-secure and port-based authentication is in effect, the destination does not matter, as the frame will not be forwarded. In essence, the source MAC address serves as the password.

MAC addresses that are allowed to successfully communicate with the switch port are secure MAC addresses. The default number of secure MAC addresses is 1, but a maximum of 132 secure MACs can be configured.

When a non-secure MAC address attempts to communicate with the switch port, one of three actions will occur, depending on the port security mode. In Protect mode, frames with non-secure MAC addresses are dropped. There is no notification that a violation has occurred. The port will continue to switch frames for the secure MAC address.

In Restrict mode, the same action is taken, but a syslog message is logged via SNMP, which is a messaging protocol used by Cisco routers.

In Shutdown mode, the interface goes into error-disabled state, the port LED will go out, and a syslog message is logged. The port has to be manually reopened. Shutdown mode is the default port-security mode.

Port-based authentication is just one of the many switching skills you'll have to demonstrate to earn your CCNA certification. Make sure you know the basics shown here, including the action of each particular mode, and you're on your way to CCNA exam success!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNA and CCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.

Monday, June 30, 2008

Sunday, June 29, 2008

Saturday, June 28, 2008

Thursday, June 26, 2008

Wednesday, June 25, 2008

Tuesday, June 24, 2008

Monday, June 23, 2008

Sunday, June 22, 2008

Friday, June 20, 2008

Thursday, June 19, 2008

Wednesday, June 18, 2008

Tuesday, June 17, 2008

Sunday, June 15, 2008

Saturday, June 14, 2008

Friday, June 13, 2008

Thursday, June 12, 2008

Tuesday, June 10, 2008

Sunday, June 8, 2008

Saturday, June 7, 2008

Friday, June 6, 2008

Wednesday, June 4, 2008

Tuesday, June 3, 2008

Sunday, June 1, 2008

Archives

Recent Posts

Link Partners

Live Traffic Feed