Sunday, October 22, 2006


Koh Samui Trip 16-21 Oct 2006 Day 1

Arrive in Samui Airport.........

We are riding on Bangkok Airways.

Such a small Customs Office........

Wednesday, October 11, 2006


How to sync NetScreen Global Config from Master unit?

In backup unit,

1. exec nsrp sync global-config save
2. exec nsrp sync global-config run
3. save

Wireless Notebook Performance Test.

1. Turn off power save mode in wireless network card config
2. Enable extended channels

Friday, August 25, 2006


How to avoid NetScreen firewall high CPU utilization?

1. In case of high multicast / broadcast traffic affecting NetScreen firewall CPU utilization,

Uncheck "Log Packets Terminated to Self" in "Configuration"=>"Report Settings"=>"Log Settings".

2. In case of source routing enabled, NetScreen firewall management IP can still be pinged by the command "set flow mac-cache mgt".

Tuesday, July 18, 2006


青 藏 鐵 路 網

機 票 ﹕ 深 圳 往 西 寧 , 單 程 機 票 約$2010( 查 詢 ﹕2851 1180)

Monday, July 17, 2006


2823 A50 中國指數基金

Hold it over 3 years ........
1st lot < HK$50, 2nd lot < HK$40




Thursday, July 13, 2006


Huawei Training - Day 4

How to set up ftp server in Huawei switch?

local-user test
pass cipher test
service-type ftp

ftp server enable

How to update firmware?

delete /u old-firmware.bin
ftp new-bootrom.btm and new-firmware.bin to flash:
boot bootrom new-bootrom
boot boot-loader new-firmware.bin
disp boot-loader (to confirm the new bin file name)

How to enable SSH?

local-user huawei
password simple huawei
service-type ssh
level 3

ssh user huawei authentication-type password
ssh user huawei service-type stelnet

user-interface vty 0 4
authentication-mode scheme

rsa ...... (generate the rsa local key pair)


When config OSPF, reset ospf all or reboot router.

When config VRRP, vrrp ping-enable.

Unique features of 3900/5600: Voice VLAN and IRF

Wednesday, July 12, 2006



What is ROE?

Return on Equity = (Annual Net Income / Average Shareholders' Equity) x 100%

What is ROA?

Return on Assets = (Annual Net Income / Total Assets) x 100%

The Major Difference

Total Assets = Liabilities + Shareholders' equity

See for details.


Huawei Training - Day 3

How to set ACL?

[system view]
acl number 3000
rule deny ip
rule permit icmp source (source address must be set, bug fixed in new version)
rule permit destination-port eq 23

int e1/0/1
packet-filter inbound ip-group 3000

disp acl all

3000, ACL applies to whole switch instead of port level or vlan level.
Currently, only 8500 supports ACL in vlan level.
number of rules to number of mask in the ratio of 8:1
6500 reboots with ACL runs before QoS
3900 and 5600 support "eq" only, without "gt" and "lt" in rule setting

Cisco vs Huawei
default deny = default permit
rules checked from first to last = rules checked from last to first 後發先至

How to set STP?

stp enable
stp priority 4096/8192 (for root and backup root switch, default 32768, bridge id = stp priority.mac address)

disp stp [brief]

BPDU root bridge selection order:
Root Bridge ID, Path Cost, Native Bridge ID, Port ID
1, 2, own bridge id, 3

TCN BPDU - Topology Change

Cisco vs Huawei
spanning-tree portfast = stp edged-port enable

Blocking = Discarding
Listening = Discarding
Learning = Learning
Forwarding = Forwarding

Alternate Port and Backup Port added in RSTP

How to set Link Aggregation?

int g1/1/3
lacp enable
port link-type trunk
port trunk permit vlan all
int g1/1/4
lacp enable
port link-type trunk
port trunk permit vlan all

How to set password and enable password for console and telnet?

user-int aux 0 7 (line con 0)
set authentication pass cipher
authentication-mode password
user privilege level 0

user-int vty 0 4 (line vty 0 4)
set authentication pass cipher
authentication-mode password

super pass cipher

Today's lunch at Foodrepublic,, Curry Chicken Rice with an Indian Naan at HK$35

This page is powered by Blogger. Isn't yours?