gomez’s blog

utorak, 30.10.2012.
20.30 /BKC/: TAKSIM TRIO (Turska)
22.30 /Monument/: LATE NITE STAGE

srijeda, 31.10.2012.
18.00 /Pozorište mladih/: YURI HONING WIRED PARADISE (Nizozemska, Njemačka) 20.00 /BKC/: THE BAD PLUS (Sjedinjene Američke Države)
22.00 /BKC/: BADI ASSAD (Brazil)
23.30 /Monument/: LATE NITE STAGE

četvrtak, 1.11.2012.
19.00 /Pozorište mladih/: ARKUL ORCHESTRA (Bosna i Hercegovina)
21.00 /BKC/: MILES SMILES (Sjedinjene Američke Države)
23.30 /Monument/: LATE NITE STAGE

petak, 02.11.2012.
19.30 /BKC/: BOJAN Z (Francuska)
21.30 /BKC/: RICHARD GALLIANO: LA STRADA QUINTET (Francuska, Italija)
23.30 /Monument/: LATE NITE STAGE

subota, 03.11.2012.
18.00 /Pozorište mladih/: ERIKA STUCKY: SUICIDAL YODELS (Švicarska)
20.00 /Pozorište mladih/: ZVRN (Norveška, Francuska, Bosna i Hercegovina)
22.00 /BKC/: DHAFER YOUSSEF: ABU NAWAS RHAPSODY (Tunis/Austrija, Nizozemska, Estonija, Kanada)
23.30 /Monument/: LATE NITE STAGE

nedjelja, 04.11.2012.
12.00 /BKC/: Koncert za djecu
13.00 /foaje BKC-a/: Radionica: Upoznaj instrumente!

1. Jazzfest Sarajevo

Couple of days ago, I had really interesting discussion about using BGP communities to influent inbound traffic by modifying ISP’s LOCAL_PREF on advertised prefixes in multi homed environments. There are many Internet Service Providers that support this, including, for example, Level3 (as visible on this link).

Taking in consideration that BGP communities are basically prefix tags, one can ask how can this be done. I was wondering about it as well, so I have found out that this particular behavior is described in RFC 1998, and it needs to be supported by your ISP. Here is the example:

AS 100 is under our administrative control, and AS 200 is our ISP. Addressing is as follows:

R1:
FastEthernet0/0     10.10.10.1/24 (100Mbps)
FastEthernet0/1     20.20.20.1/24 (10Mbps)
Loopback77             1.1.1.1/24
Loopback10 150.0.10.1/24
Loopback20 150.0.20.1/24
Loopback30 150.0.30.1/24
R2:
FastEthernet0/0     10.10.10.2/24 (100 Mbps)
FastEthernet0/1     192.168.1.1/24 (100 Mbps)
Loopback77             2.2.2.2/24
R3
FastEthernet0/0     20.20.20.2/24 (10Mbps)
FastEthernet0/1     192.168.1.2/24 (100 Mbps)
Loopback77             3.3.3.3/24

Please note that in this particular example, I am using static routing to ensure network reachability between above listed loopbacks (loopbacks that are used for update-source, in this particular example loopback77).

Once we have network reachability working as expected, we need to configure our eBGP peers. In order to configure eBGP peers on R1 with R2 and R3, we need to execute following:

R1(config)# router bgp 100
R1(config-router)#neighbor 2.2.2.2 remote-as 200
R1(config-router)#neighbor 2.2.2.2 update-source loopback77
R1(config-router)#neighbor 2.2.2.2 ebgp-multihop
R1(config-router)#neighbor 3.3.3.3 remote-as 200
R1(config-router)#neighbor 3.3.3.3 update-source loopback77
R1(config-router)#neighbor 3.3.3.3 ebgp-multihop

Taking in consideration that we are going to use BGP communities new-format, we need to configure following:

R1(config)#ip bgp-community new-format
R1(config)#router bgp 100
R1(config-router)#neighbor 2.2.2.2 send-community
R1(config-router)#neighbor 3.3.3.3 send-community

On provider side, in order to establish eBGP session from R2 to R1 we need to execute following:

R2(config)#router bgp 200
R2(config-router)#neighbor 1.1.1.1 remote-as 100
R2(config-router)#neighbor 1.1.1.1 update-source loopback77
R2(config-router)#neighbor 1.1.1.1 ebgp-multihop

Additionally, R2 is connected to R3 using their Fa0/1 interfaces within the same AS 200, therefore, ISP needs to configure iBGP, as follows:

R2(config-router)#neighbor 192.168.1.2 remote-as 200
R2(config-router)#neighbor 192.168.1.2 next-hop-self

Additionally, we will be using BGP Communities new-format, so we need to configure following:

R2(config)#ip bgp-community new-format
R2(config)#router bgp 200
R2(config-router)#neighbor 1.1.1.1 send-community
R2(config-router)#neighbor 192.168.1.2 send-community

On provider side, there is R3 that needs to be configured. In order to configure eBGP peering with R1, we need to do following:

R3(config)#router bgp 200
R3(config-router)#neighbor 1.1.1.1 remote-as 100
R3(config-router)#neighbor 1.1.1.1 update-source loopback77
R3(config-router)#neighbor 1.1.1.1 ebgp-multihop

Also, R3 FastEthernet 0/1 is connected to R2 FastEthernet 0/1 so we need to configure iBGP as follows:

R3(config-router)#neighbor 192.168.1.1 remote-as 200
R3(config-router)#neighbor 192.168.1.1 next-hop-self

and we need to apply BGP communities new-format related configuration:

R3(config)#ip bgp-community new-format
R3(config)#router bgp 200
R3(config-router)#neighbor 1.1.1.1 send-community
R3(config-router)#neighbor 192.168.1.1 send-community

Last step that we need to preform is to verify that our peers are up and running as expected:

  R1#show ip bgp summary | begin Neig
  Neighbor   V    AS MsgRcvd MsgSent TblVer  InQ OutQ Up/Down State/PfxRcd
  2.2.2.2    4   200     156     158      4    0    0 00:41:15      0
  3.3.3.3    4   200     143     144      4    0    0 00:41:15      0
  R1#

  R2#show ip bgp summary | begin Neig
  Neighbor     V    AS MsgRcvd MsgSent TblVer  InQ OutQ Up/Down State/PfxRcd
  1.1.1.1      4   100     158     156     20    0    0 00:41:23      0
  192.168.1.2  4   200     128     127     20    0    0 01:57:31      0
  R2#

  R3#show ip bgp summary | begin Neig
  Neighbor    V    AS MsgRcvd MsgSent TblVer  InQ OutQ Up/Down State/PfxRcd
  1.1.1.1     4   100     144     143     23    0    0 00:41:26      0
  192.168.1.1 4   200     127     128     23    0    0 01:57:35      0
  R3#

As visible above, everything seems to be working fine. We have peering between R1 that is under our administrative control and ISP routers R2 and R3. ISP routers have iBGP peering over their FastEthernet 0/1 interfaces.

Now that we have everything working as expected, we will advertise directly connected networks from R1 (in our particular example lo10, lo20 and lo30) by using redistribute connected BGP command.

We will create prefix-list first, and route-map that matches that prefix-list in order to control what are we advertising:

R1(config)#ip prefix-list REDIST permit 150.0.10.0/24
R1(config)#ip prefix-list REDIST permit 150.0.20.0/24
R1(config)#ip prefix-list REDIST permit 150.0.30.0/24
R1(config)#route-map BGP-REDIST permit 10
1(config-route-map)#match ip address prefix-list REDIST

and then we need to redistribute it as follows:

R1(config-router)#redistribute connected route-map BGP-REDIST

We can verify results by checking R2/R3 BGP table:

  R2#show ip bgp | begin Net
     Network          Next Hop            Metric LocPrf Weight Path
  * i150.0.10.0/24    192.168.1.2              0    100      0 100 ?
  *>                  1.1.1.1                  0             0 100 ?
  * i150.0.20.0/24    192.168.1.2              0    100      0 100 ?
  *>                  1.1.1.1                  0             0 100 ?
  * i150.0.30.0/24    192.168.1.2              0    100      0 100 ?
  *>                  1.1.1.1                  0             0 100 ?
  R2#

  R3#show ip bgp | begin Net
     Network          Next Hop            Metric LocPrf Weight Path
  * i150.0.10.0/24    192.168.1.1              0    100      0 100 ?
  *>                  1.1.1.1                  0             0 100 ?
  * i150.0.20.0/24    192.168.1.1              0    100      0 100 ?
  *>                  1.1.1.1                  0             0 100 ?
  * i150.0.30.0/24    192.168.1.1              0    100      0 100 ?
  *>                  1.1.1.1                  0             0 100 ?
  R3#

So, we have expected BGP results. Now, taking in consideration that our link between R1 FastEthernet 0/0 and R2 FastEthernet 0/0 is 100bps we would like to prefer that link for inbound routing, as it is better than the other available R1 FastEthernet 0/1 R3 FastEthernet 0/0 link which is 10 mbps.

Usual way to achieve this would be to use MED or AS Prepanding, but if supported by your ISP you could possibly use BGP communities.

In case that your provider supports that, first thing that we would need to do is to set communities:

R1(config)#route-map SET-BGP-COMMUNITY-200
R1(config-route-map)#set community 200:200
R1(config-route-map)#exit
R1(config)#route-map SET-BGP-COMMUNITY-150
R1(config-route-map)#set community 200:150

As visible from configuration above, we have two different route-maps. First one is SET-BGP-COMMUNITY-200 and it is setting community to 200:200. Notice that 200 is our ISP ASN and it is followed by :200 which should, in our particular example, set our ISP’s LOCAL_PREF to 200 on our advertised routes. By doing that, we are directly influencing our inbound traffic. Following the same logic, route map SET-BGP-COMMUNITY-150 is going to set community to 200:150, and it should influence ISP’s LOCAL_PREF to be 150.

Once we configure those route-maps we need to apply them. We will apply SET-BGP-COMMUNITY-200 to our eBGP peer with R2 as it is 100Mbps link. SET-BGP-COMMUNITY-150 will be applied to our BGP peer with R3:

R1(config)#router bgp 100
R1(config-router)#neighbor 2.2.2.2 route-map SET-BGP-COMMUNITY-200 out
R1(config-router)#neighbor 3.3.3.3 route-map SET-BGP-COMMUNITY-150 out

In order to verify our results we need to check BGP table on our ISP routers, R2 and R3:

  R2#show ip bgp | begin Net
     Network          Next Hop            Metric LocPrf Weight Path
  *> 150.0.10.0/24    1.1.1.1                  0    200      0 100 ?
  *> 150.0.20.0/24    1.1.1.1                  0    200      0 100 ?
  *> 150.0.30.0/24    1.1.1.1                  0    200      0 100 ?
  R2#

As visible from R2 output, LOCAL_PREF is set to 200 and all of the prefixes that are learned from R1 on 100Mbps link. Therefore, this means that our setup is working as expected. Just to make sure, lets verify one of the routes and it’s set community:

  R2#show ip bgp 150.0.10.0
  BGP routing table entry for 150.0.10.0/24, version 33
  Paths: (1 available, best #1, table Default-IP-Routing-Table)
    Advertised to update-groups:
       2
    100
      1.1.1.1 from 1.1.1.1 (150.0.30.1)
        Origin incomplete, metric 0, localpref 200, valid, external, best
        Community: 200:200
  R2#

As visible from the output above, community is set to 200:200. Therefore, our configuration is working as expected.

Far more interesting output should be visible on R3:

  R3#show ip bgp | begin Net
     Network          Next Hop            Metric LocPrf Weight Path
  *>i150.0.10.0/24    192.168.1.1              0    200      0 100 ?
  *                   1.1.1.1                  0    150      0 100 ?
  *>i150.0.20.0/24    192.168.1.1              0    200      0 100 ?
  *                   1.1.1.1                  0    150      0 100 ?
  *>i150.0.30.0/24    192.168.1.1              0    200      0 100 ?
  *                   1.1.1.1                  0    150      0 100 ?
  R3#

As expected, we can see that all of the prefixes have two possible paths, but in order to reach prefixes advertised by R1 traffic will go over R2 (iBGP peer) because LOCAL_PREF is better than from routes learned from R1 (1.1.1.1).

As visible from the above output, we successfully influenced inbound routing.

But what needs to be configured on our ISP routers in order to support this?

On both ISP routers we need to configure community lists that are going to match communities that are sent by R1:

R2(config)#ip community-list 20 permit 200:150
R2(config)#ip community-list 10 permit 200:200

R3(config)#ip community-list 20 permit 200:150
R3(config)#ip community-list 10 permit 200:200

Once that is done, ISP needs to create route-map that is expecting above community lists, and then based on the match it sets required LOCAL_PREF:

R2(config)#route-map BGP-COMMUNITY-LOCAL-PREF permit 10
R2(config-route-map)# match community 10
R2(config-route-map)# set local-preference 200
R2(config-route-map)#route-map BGP-COMMUNITY-LOCAL-PREF permit 20
R2(config-route-map)# match community 20
R2(config-route-map)# set local-preference 150
R2(config-route-map)# route-map BGP-COMMUNITY-LOCAL-PREF permit 30

R3(config)#route-map BGP-COMMUNITY-LOCAL-PREF permit 10
R3(config-route-map)# match community 10
R3(config-route-map)# set local-preference 200
R3(config-route-map)#route-map BGP-COMMUNITY-LOCAL-PREF permit 20
R3(config-route-map)# match community 20
R3(config-route-map)# set local-preference 150
R3(config-route-map)# route-map BGP-COMMUNITY-LOCAL-PREF permit 30

and last step that ISP needs to do is to apply that on all BGP peers, for example:

R2(config)#router bgp 200
R2(config-router)#neighbor 1.1.1.1 route-map BGP-COMMUNITY-LOCAL-PREF in

R3(config)#router bgp 200
R3(config-router)#neighbor 1.1.1.1 route-map BGP-COMMUNITY-LOCAL-PREF in

And that is all. Everything is working as expected.

In case that you have some questions don’t hesitate to leave comments.

1. RFC1998

Wow, it’s been a while.

Although I haven’t really forgot my blog, I have to admit it looks like that. I have received a couple of comments on several blog posts (can you imagine that I have couple of blog posts that people actually read?) but I didn’t have time to respond on those, therefore, my apologies, I will get some time to do so.

I wanted to write about my experience with JNCIS-ENT exam that I have passed couple of months ago (I took exam in Dec last year). Exam is covering wide range of topics, including:

Layer 2 Switching and VLANs
Spanning Tree
Layer 2 Security
Protocol Independent Routing
Open Shortest Path First (OSPF)
Intermediate System to Intermediate System (IS-IS)
Border Gateway Protocol (BGP)
Tunnels
High Availability

Complete list of exam objectives can be found on this link. As you can see, exam is covering wide range of topics, and based on my exam experience you will need to prepare seriously using couple of different learning sources if you have serious intentions to pass this exam. Technologies that are listed on the exam blueprint are something that I am dealing with on the daily basis, and it makes it much easier, but still, there is always something that can surprise you, and in order not to get surprised some study time needs to get dedicated for this exam.

I have used Juniper Network Fast Track program (I have used Fast Track materials for my JNCIA-Junos exam that I took like year or more ago, experience with that exam can be found at this link) as primary material source, and I found it to be quite good. Please note that it is created for people that already have some experience with technologies listed, and I found it to be quite useful from syntax point of view (if you know how, lets say, protocol works, than it is pretty much just syntax difference that you need to get used to). Beside that, I would recommend JNCIA-Junos Study Guide by Joseph M. Soricelli (it cover almost all of the topics on the JNCIS exam), I found that to be quite good and useful book. Currently  I am reading Juniper Networks Enterprise Routing, by Doug Marschke and Harry Reynolds and it seems to be quite good book, and I will try to write some review once I am done with it.

Most of the routing related topics listed above can be configured and worked on using Olive (Olive is your good friend in case that you don’t have your own lab, or at least access to one). In case that you don’t want to spend your time configuring BSD in virtual machines, you can always buy couple of router hours on Junospehere. Marko Milivojevic (twitter handle: icemarkom@) wrote couple of good blog posts describing his experience with Junosphere, and you can find them here. Switching part is problematic, as Junosphere (yet) or Olive doesn’t support Layer 2. Therefore, for switching part of the exam, you are on your own. Proteus Networks are offering rack rentals, so you can try with them when it comes to L2 part of the exam.

There is approximately  60 questions on the exam, and those are single or multiple choice questions. Exam is fair, questions are concise and designed to test your knowledge. Make sure to cover Fast Track materials couple of times. Make sure to know syntax and test your self before exam. You will get questions on all of the topics listed in blueprint. Don’t assume that something from the blueprint will be skipped, it won’t.

Also, big thanks for my exam goes to Juniper Networks – they provided voucher that covered exam cost (make sure to follow them on twitter or their promotions on Fast Track program, I will just say that they are ‘generous’).  In case that some more information is required, let me know (I won’t answer questions that are violating exam NDA).

1. Juniper Networks

For the purpose of testing EIGRP and OSPF over NBMA networks I needed to configure Frame Relay topology that I will be able to use to preform those tests. Although configuration is quite simple – it takes time to configure it (as I rarely work with Frame Relay, especially with Frame Relay switch configuration). This blog post should provide brief configuration overview on how to configure Frame Relay Switch as well as other routers in order to meet test requirements.

Given topology above, we have three routers: HQ, BR1 and BR2 interconnected with Frame Relay. As visible per above picture, we will be dealing with simple hub-and-spoke topology with HQ as hub router. First of all, we need to configure Frame Relay switch – FRS.

First thing that we need to do is to enable Frame Relay switching with following command:

FRS>enable
FRS#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
FRS(config)#frame-relay switching

Once done with that, we can start configuring serial interfaces. As visible from topology above we will use DLCI 102 to communicate from HQ router with DLCI 201 which will be used by BR1 router. Following the same logic, we will use DLCI 103 from HQ router to communicate with DLCI 301 used by BR2.

To accomplish above task we need to configure Serial0/0 interface on FRS as follows:

FRS(config)#interface Serial0/0
FRS(config-if)#encapsulation frame-relay
FRS(config-if)#clock rate 64000
FRS(config-if)#frame-relay intf-type dce
FRS(config-if)#frame-relay route 102 interface Serial0/1 201
FRS(config-if)#frame-relay route 103 interface Serial0/2 301

As visible from the configuration listed above, first thing that we need to do is to move to interface configuration mode with  ‘interface Serial0/0‘ command. Then, we need to set frame relay encapsulation with ‘encapsulation frame-relay‘ for given interface. As this interface is going to work as DCE we need to set clock rate with command ‘clock rate 64000‘ followed by command ‘frame-relay intf-type dce‘ which specifies interface to be handled as frame relay DCE device. Once done with that, we need to configure frame relay routes using ‘frame-relay route‘ command. That command specify incoming DLCI followed with outgoing interface and outgoing DLCI.

Once done with interface Serial0/0 configuration we can continue with interface Serial0/1 as follows:

FRS(config)#interface Serial0/1
FRS(config-if)#encapsulation frame-relay
FRS(config-if)#clock rate 64000
FRS(config-if)#frame-relay intf-type dce
FRS(config-if)#frame-relay route 201 interface Serial0/0 102

Please notice that above configuration is almost identical to configuration from interface Serial0/0 except for ‘frame-relay route‘ command which in this case sets DLCI 201 as incoming DLCI followed with interface Serial0/0 and outgoing DLCI 102 (HQ router is connected to interface Serial0/0).

Last step that we need to take on Frame Relay switch is to configure interface Serial0/2:

FRS(config-if)#interface Serial0/2
FRS(config-if)#encapsulation frame-relay
FRS(config-if)#clock rate 64000
FRS(config-if)#frame-relay intf-type dce
FRS(config-if)#frame-relay route 301 interface Serial0/0 103

Once done with that, issue ‘no shutdown‘ command on interface Serial0/0, Serial0/1 and Serial0/2.

In order to verify given configuration and frame relay routing you can execute following command:

FRS#show frame-relay route
Input Intf     Input Dlci     Output Intf     Output Dlci     Status
Serial0/0       102         Serial0/1       201         active
Serial0/0       103         Serial0/2       301         active
Serial0/1       201         Serial0/0       102         active
Serial0/2       301         Serial0/0       103         active
FRS#

Once we have completed and verified above configuration (we can see matching incominig/outgoing DLCIs as well as corresponding interfaces), we can move to router HQ to configure Frame Relay interface. It is quite simple and straight forward configuration. First thing that we need to do is to set frame relay encapsulation on Serial0/0 interface:

HQ(config)#interface Serial0/0
HQ(config-if)#encapsulation frame-relay

Once done with that, we can configure Serial0/0.1 subinterface as multipoint interface, as follows:

HQ(config)#interface Serial0/0.1 multipoint
HQ(config-if)#ip address 172.16.10.1 255.255.255.0
HQ(config-if)#frame-relay map ip 172.16.10.2 102 broadcast
HQ(config-if)#frame-relay map ip 172.16.10.3 103 broadcast

Once done with above configuration, issue ‘no shutdown‘ on interface Serial0/0. Please notice that we have created Serial0/0.1 multipoint interface, and we have assigned it IP address 172.16.10.1 with /24 subnet mask. Then, by using frame-relay map command we mapped IP protocol IP address 172.16.10.2 (that IP addressed is assigned on BR1 router’s interface Serial0/0.1) with DLCI 102 (which is linked with DLCI 201 on FRS as per listed configuration in section with FRS configurations – refer to output from ‘show frame-relay route‘ command from FRS section configuration).

Once done with that, you can verify your configuration with following command:

HQ#show frame-relay map
Serial0/0.1 (up): ip 172.16.10.2 dlci 102(0×66,0×1860), static,
broadcast,
CISCO, status defined, active
Serial0/0.1 (up): ip 172.16.10.3 dlci 103(0×67,0×1870), static,
broadcast,
CISCO, status defined, active

As we can see, Serial0/0.1 multipoint interface is up, it is statically configured with pseudo broadcast enabled. If it is all active, we can move to BR1 and BR2 router configuration which is similar to HQ except for the ‘frame-relay map‘ commands:

BR1(config)#interface Serial0/0
BR1(config-if)#encapsulation frame-relay
BR1(config-if)#no shutdown
BR1(config-if)#exit
BR1(config)#interface Serial0/0.1 multipoint
BR1(config-if)#ip address 172.16.10.2 255.255.255.0
BR1(config-if)#frame-relay map ip 172.16.10.1 201 broadcast

Once done with BR1 router, verify frame relay map configuration and status with following command:

BR1#show frame-relay map
Serial0/0.1 (up): ip 172.16.10.1 dlci 201(0xC9,0×3090), static,
broadcast,
CISCO, status defined, active

If it active, then we can move to BR2 configuration:

BR2(config)#interface Serial0/0
BR2(config-if)#no shutdown
BR2(config-if)#encapsulation frame-relay
BR2(config-if)#exit
BR2(config)#interface Serial0/0.1 multipoint
BR2(config-if)#ip address 172.16.10.3 255.255.255.0
BR2(config-if)#frame-relay map ip 172.16.10.1 301 broadcast

Once done with configuration, give a check to frame relay map by issuing following command:

BR2#show frame-relay map
Serial0/0.1 (up): ip 172.16.10.1 dlci 301(0x12D,0x48D0), static,
broadcast,
CISCO, status defined, active

If it is active, then we can preform last test from each of the routers, which is in our case end to end connectivity check with ping command, starting with HQ:

HQ#ping 172.16.10.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/61/256 ms
HQ#ping 172.16.10.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.10.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/36/168 ms
HQ#

As we can see from output above, we are able to successfully ping BR1 and BR2 IP addresses. If that is the case, we need to issue ping from BR1:

BR1#ping 172.16.10.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/21/40 ms
BR1#

And last step is to ping HQ from BR2:

BR2#ping 172.16.10.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/18/24 ms
BR2#

If it is all working as per above example, then you established end to end connectivity within this hub and spoke topology as per requirement and you are able to use it to preform some other actions. In my case, that is going to be EIGRP and OSPF test over NBMA. If there are some question, please comment.

What: QSS Enterprise Day 2011 – Ride the Right Cloud!
Where: Hotel Bristol Sarajevo
Date: 14/04/2011

Agenda:

For more information refer to links below:

1. Information about conference
2. Conference registration

Two months ago I have started to work on Juniper Networks JNCIA-Junos certification program in order to get in touch with Junos OS. I didn’t have that much experience with it, so it was research from scratch to me.  I have a friend which spent most of his career working with Juniper Networks gear, and I was listening super positive comments about it for some time, so I got interested into it. The best option for me to start with Juniper Networks was Juniper Networks FastTrack program, and I even wrote about it and about my desire to get in touch with it back in 2009. You can see that blog post on this link.

Documentation that I have used to prepare myself for exam included JNCIA study guide from Joseph M. Soricelli and official FastTrack Program documentation which includes two PDFs. Please note that you can download FastTrack materials for free, by registering yourself on FastTrack site. Also, it is important to mention that Study guide covers lot of topics that will not appear on this exam (like BGP, MPLS or IS-IS) and could be used to find out more on topics that are not covered in FastTrack documentation. I really enjoyed reading that book, and I strongly recommend it.

Please note that JN0-101 exam (that is most recent exam code) is proctored through Prometric. Exam price is 100$ but I got 50% voucher by passing pre-assessment test within FastTrack program. There are 65 questions on this exam and 105 minutes to resolve them. Minimum passing score was set to 66%. Questions are oriented around general networking fundamentals as well as some vendor specific details (syntax, configurations, troubleshooting and else). Exam consists of single and multiple choice questions. Scope of JNCIA-Junos exam can be compared to Cisco CCNA. My advice is to cover Junos OS fundamentals, Policy statements, Firewall and CoS in details as I have noticed that focus is on those topics.

So far, I really like what Junos OS can provide and I am sure that I will explore it more. If you do have some questions about Juniper certification, and you think that I might help, please let me know.

1. Juniper Networks
2. Juniper Networks Fast Track

I have Nokia E72 for eight months already. I wanted to write some review in regards to this phone even earlier, but since I was Nokia E71 user in prior to that I had big expectations, so I wanted to have more experience with this phone. Taking in consideration that Nokia E71 was really good phone and that I bought E72 based on just few online reviews that were available back then I was kind of curies about this phone functionality and satisfaction that it can provide.

In my personal opinion this phone is all that Nokia E71 lacked to be and final prove to me that Nokia actually listen to their customers. For example, E72 is equiped with new ARM11 processor which is now working on 600Mhz which is noticeable in comparison with E71 which is working on 369Mhz. It directly improves customer satisfaction. Beside that, this phone is equipped with 5 megapixel auto-focus camera, standard 3.55 audio port and built in flashlight. New version of software (S60 3rd edition, Feature pack 2) fixes many problems that were present on Nokia E71, and also provides new features such as Nokia Messaging client built in. Also, it is coming with optical navigation key which can be useful for scrolling.

One of the most important features of this phone for me is it’s support for SIP stack, which is there by default. I think that I am using this option more than regular GSM calls, and I have to say that it works like a charm. SIP stack is installed by default but client needs to be installed additionally. By the end of text there are some useful links, and you will be able to see how to set it up. Client is easy to configure but allows you to set up every aspect of your connection like Quality of Service DSCPs both for media and signaling traffic, SIP URI, codecs and many other options intended for Voice over IP professionals. It is enjoyable to have that level of customization. VoIP calls over 3G are not allowed by default so I wrote blog post how to enable it (link is available at the bottom of this text as well). VoIP calls over 3G are working very good, but it is very dependent on 3G network that you are connected to (since 3G is kind of expensive in my country I am using G.729 codec with MOS of 3.7 which is good enough). Also, this phone is equipped with small front camera and I have tested video calls as well, and it is working very good. As I work a lot of with Cisco Unified Communications Manager I wanted to test Skinny Client Control Protocol – SCCP as well, so I installed Nokia  Call Connect for Cisco, which adds SCCP capabilities to this phone, and it is also very cool to have your mobile phone working as the end client in your Cisco Voice network. Link on how to set it up is available as well.

Taking in consideration that this is qwerty phone, it is understandable that screen size is smaller than it could be. Battery life is one of the features that I like the most on this phone – 1500MAh battery guaranties  five to seven days of normal phone use (actually I am charging this phone from Sunday to Sunday). Phone is coming with 2GB flash card which is enough for my use, but in case that you need more phone supports 16GB memory cards. Month ago, I bought Bluetooth Stereo Headset BH 214 and I have started using this phone as music player.

It is small, nice looking device with a battery that can work up to 3 days, and I really think that it is one of the reasons that I will drop my iPod use in the future. I am not saying that it is decent replacement, but it works and I am satisfied with it. Good thing about this small device is that it is equipped with standard 3.55mm audio port, therefore I am able to use much better in ear headphones.

As it is visible, Nokia E72 is very powerful business and personal communication device. It is not toy for sure, first of all that is a phone (unlike what is now popular on the market, phone is first everything else than a phone) with very strong networking capabilities and then device that you can use for other things. So, if you are trying to find something like that, this is for sure good choice.

Recently we witnessed departures of few high positioned people at Nokia including their CEO and it is going to be interesting to follow which development strategy will Nokia choose in the future, but it is very unprofessional to think that world number one phone maker will go out of business as I was able to read on some social media. I think that new people within Nokia will find a way to deal with new competitors such as Apple and other manufactures that provide Android based phones. For sure, they have experience to deal with it.

1. Nokia E72 review on Mobile Review
2. How to install SIP client on Nokia E72
3. Placing VoIP calls over UMTS/3G on Nokia E72
4. Nokia Call Connect for Cisco: Deploying solution with Cisco Unified Communications Manager

02.11.2010. 20:30
BURHAN ÖÇAL & THE TRAKYA ALL STARS
Turkey
Main Stage – Bosanski kulturni centar, Branilaca Sarajeva 24

03.11.2010. 19:00
EDIN BOSNIĆ
Bosnia-Herzegovina
Solo Premiere Dom Oružanih snaga, Zelenih beretki 2

03.11.2010. 21:00
MIKE STERN BAND feat. DIDIER LOCKWOOD
USA, France, Canada
Main Stage – Bosanski kulturni centar, Branilaca Sarajeva 24

04.11.2010. 19:00
TIGRAN HAMASYAN
Armenia
Next Generation – Dom Oružanih snaga, Zelenih beretki 2

04.11.2010. 21:00
DAVE HOLLAND QUINTET
UK, USA
Main Stage – Bosanski kulturni centar, Branilaca Sarajeva 24

05.11.2010. 19:00
JOSEPH TAWADROS
Egypt/Australia
Next Generation – Pozorište mladih, Kulovića 8

05.11.2010. 21:00
JOHN SCOFIELD TRIO
USA
Main Stage – Bosanski kulturni centar, Branilaca Sarajeva 24

06.11.2010. 21:00
GERARDO NÚÑEZ FLAMENCA REUNION
Spain
Main Stage – Bosanski kulturni centar, Branilaca Sarajeva 24

06.11.2010. 23:45
MERCAN DEDE TRIBAL QUARTET
Turkey, Canada
Groove Stage – Dom mladih, Terezije bb

07.11.2010. 12:00
BUZZ – kid s concert
Bosnia-Herzegovina
Radionica Mala sala BKC a, Branilaca Sarajeva 24

07.11.2010. 13:00
WORKSHOP: Meet the instruments!
Bosnia-Herzegovina
Radionica Mala sala BKC a, Branilaca Sarajeva 24

02.- 07.11.2010. 23:00
214 QUOTES
Bosanski kulturni centar, Branilaca Sarajeva 24

For more information please visit:

1. Jazzfest Sarajevo

H.323 is a widely used, long time present peer to peer voice signaling protocol. The H.323 standard addresses call signaling and control, multimedia transport and control, and bandwidth control for point-to-point and multi-point conferences. It is widely implemented by voice and videoconferencing equipment manufacturers, is used within various Internet real-time applications and is widely deployed worldwide by service providers and enterprises for both voice and video services over Internet Protocol (IP) networks.

Actually, it is signaling protocol built with following sub protocols:

• H.225 – Handles call setup and teardown (Q.931 operations)
• H.225 Registration Admission Status RAS – Handles Gatekeeper signaling
• H.245 -  Feature negotiation
• H.261 and H.263 – Used for video conferencing
• H.450 – Supplementary services
• T.120 – Data transfer and application sharing

As you can see, I have listed just partial overview of the H.323 protocol suit. Detailed discussion about all sub-protocols would take like of time and is not subject of this blog post.

There are many reasons to use H.323:

• Supports voice, video and data conferencing
• Fractional PRI support
• Widely supported – interoperable
• NFAS support
• H.225 RAS – Gatekeeper support
• PRI Call Preservation
• Multiple call routing and call manipulation options
• Caller ID support on FXO or T1 CAS

There are many reasons beside those listed above. H.323 is old, very big and reliable protocol suit widely used and there are many very good features that it provides.

It is not easy to describe H.323 call flow, but in simple words first thing that happens is H.225 setup message exchange between Unified Communications Manager and G.323 gateway on TCP port 1720. Once done with first step, there is H.245 feature negotiation (codec negotiation), and once that is done, RTP stream is sent. Of course, this is not that simple, because in case that we are using Gatekeeper there would be H.225 RAS, but I will try to cover that scenario in other blog post in details. We all know that picture is worth 1000 words, so here is the picture of H.323 call flows:

At the end of this blog post, I will try to cover some of H.323 defaults that we are able to find on VoIP and POTS dial-peers. Those values are somehow surprising and it is very important to pay attention before deployments, because you could lose some time trying to find where the issue actually is and it is there by default.

VoIP:

• Voice Activity Detection VAD enabled
• Preference 0
• G.729r8 codec
• Huntstop disabled
• RSVP is set to best effort
• Audio DSCP = EF; Signaling DSCP = AF31
• DTMF Relay is disabled
• Fax Relay is disabled

POTS:

• Preference 0
• Digit stripping enabled
• DID is disabled
• Huntstop is disabled
• Registers with Gatekeeper

In next blog post, I will try to present H.323 configuration options on Cisco gateways and how to tune some parameters. I hope that this blog post is useful for getting a picture of basic H.323 functionality. In case that you have some questions, please leave a comment.

For more information please give a check to following links:

1. H.323
2. H.323 Cisco resources

There are differences between Call Admission Control mechanisms and Quality of Service. In this blog post, I intend to write about one measurement-based Call Admission Control mechanism and that is IP SLA – which you can use to test end to end Quality of Service within your network. Also, it can be used for measurements which you can use for Advanced Busy Out (AVBO) but in this blog post I will just show how it can be implemented to provide end to end statistics which you can use for detailed analysis for your QoS setup or to test SLA that your service provider needs to meet.

First thing that you need to configure is Responder. That is the router that you will send probes to. If that is your provider and you want to test your link, then you will have to communicate with them to enable this for you. So, from global configuration mode you just need to type:

Router(config)#ip sla monitor responder

and you are done with setting up responder.

Now on your side, you need to configure IP SLA. First step is to define tag for IP SLA (in our case that is number 1) and then we need to define what do we really want to test. In this case it is UDP jitter on voice packages, but you can configure multiple SLAs for different types of traffic depending on your requirements.

VoiceGateway(config)#ip sla 1

Please note that we need to define IP address of the Responder (77.239.X.X) followed by the port (6500) and codec (g711ulaw). Also, codec and port values are adjustable as per your needs.

VoiceGateway(config-ip-sla)#udp-jitter 77.239.X.X 65000 codec g711ulaw

Once done with that, you are able to define Quality of Service value for probe that we defined above, and in our case it is TOS value of 5 which is in decimal 160 (10100000).

VoiceGateway(config-ip-sla-jitter)#tos 160
VoiceGateway(config-ip-sla-jitter)#exit

Once done with that, we need to configure when this probe will be sent and for how long it is going to work, as per following example:

VoiceGatewayconfig)#ip sla schedule 1 start-time now life 180
VoiceGateway(config)#exit

Last thing that we need to do is to verify values:

VoiceGateway#show ip sla statistics

Round Trip Time (RTT) for Index 1
Latest RTT: 1 milliseconds
Latest operation start time: 13:40:03.156 zenica Fri Aug 20 2010
Latest operation return code: OK
RTT Values:
Number Of RTT: 1000 RTT Min/Avg/Max: 1/1/5 milliseconds
Latency one-way time:
Number of Latency one-way Samples: 0
Source to Destination Latency one way Min/Avg/Max: 0/0/0 milliseconds
Destination to Source Latency one way Min/Avg/Max: 0/0/0 milliseconds
Jitter Time:
Number of SD Jitter Samples: 999
Number of DS Jitter Samples: 999
Source to Destination Jitter Min/Avg/Max: 0/1/3 milliseconds
Destination to Source Jitter Min/Avg/Max: 0/1/2 milliseconds
Packet Loss Values:
Loss Source to Destination: 0 Loss Destination to Source: 0
Out Of Sequence: 0 Tail Drop: 0
Packet Late Arrival: 0 Packet Skipped: 0
Voice Score Values:
Calculated Planning Impairment Factor (ICPIF): 1
MOS score: 4.34
Number of successes: 2
Number of failures: 0
Operation time to live: 55 sec

Based on the above output, you are able to see how does your service provider meets their SLA. Also, you are able to see based on the above numbers does your Quality of Service setup really works.

Few days ago I needed to check Daylight Saving Time changes that are going to happen, and I was surprised that there are occasions when you need to update DST settings manually. This example will show how to do that for Egypt. Requirement is to change time on Aug 11, at 5.00AM EEST (Eastern European Summer Time) to 4.00AM EET (Eastern European Time). Here is the procedure how to do that depending of your operating system (Solaris or Linux):

1. Login as user root;
2. Download file tzdata<year>l.tar.gz from ftp://elsie.nci.nih.gov/pub/ or some other tzdata provider:

#wget ftp://elsie.nci.nih.gov/pub/tzdata2010k.tar.gz

3. Extract timezone info file “africa” from the tarball using following command:

#tar -zxf tzdata2010k.tar.gz

#cd tzdata2010k

4. Modify file “africa” or some other zone by using your favorite text editor (vi, nano or something else):

#vi africa

(I have changed it to reflect my needs / EEST will change to EET on Aug 11, 5.00 AM)

5. Depending on your operating system, place file in one of the following directories:

/usr/share/lib/zoneinfo/src – Solaris
/usr/share/zoneinfo/src     – Linux

#mv africa /usr/share/lib/zoneinfo/src

#mv africa /usr/share/zoneinfo/src

6. Navigate to “src” directory and compile a new timezone data file using command “zic”

#cd /usr/share/zoneinfo/src

#zic africa

7. Copy newly generated file

 #cd .. && cp Africa/Cairo Egypt

8. Last step would be to test DST settings with following command:

#zdump -v Egypt | grep 2010

You should be able output similar to this, depending on what you have configured:

#zdump -v Egypt | grep 2010
Egypt Wed Aug 11 09:34:23 2010 UTC = Wed Aug 11 11:34:23 2010 EET isdst=0
Egypt Thu Apr 29 21:59:59 2010 UTC = Thu Apr 29 23:59:59 2010 EET isdst=0
Egypt Thu Apr 29 22:00:00 2010 UTC = Fri Apr 30 01:00:00 2010 EEST isdst=1
Egypt Wed Aug 11 01:59:59 2010 UTC = Wed Aug 11 04:59:59 2010 EEST isdst=1
Egypt Wed Aug 11 02:00:00 2010 UTC = Wed Aug 11 04:00:00 2010 EET isdst=0
Egypt Wed Sep 8 21:59:59 2010 UTC = Wed Sep 8 23:59:59 2010 EET isdst=0
Egypt Wed Sep 8 22:00:00 2010 UTC = Thu Sep 9 01:00:00 2010 EEST isdst=1
Egypt Thu Sep 30 20:59:59 2010 UTC = Thu Sep 30 23:59:59 2010 EEST isdst=1
Egypt Thu Sep 30 21:00:00 2010 UTC = Thu Sep 30 23:00:00 2010 EET isdst=0

That it is it! As you can se from above output time will automatically change on 5.00AM EEST and it will go one hour back to 4.00AM EET. I hope that this blog post clarify this procedure.

1. zic
2. zdump

My previous blog post covers some MGCP foundations and with this blog post I intend to show some other features like MGCP Fallback, PRI Backhaul configuration and DTMF Relay. Occasionally I will post some signaling protocols configurations that I find interesting. Please notice that I will not always post complete solution configuration, it would take additional time and resources but I will point to missing parts. So, lets start with “MGCP Part 2″.

MGCP Fallback

Let’s assume that you have configured your Cisco Unified Communications Manager to control your Cisco Voice gateway as described in my previous blog post. In that case, you will have your gateway fully controlled by MGCP and it is going to work… until there is a WAN failure or some other communication issue as shown on following picture.

As shown on above picture, in case of WAN failure we need some kind of fall-back to assure that we have our business ongoing. Telephony is definitely one of the mission critical services which needs different solutions in order to achieve normal business continuity and one of those solutions is MGCP Fallback. Basically, as shown on above picture we need to make gateway to fallback to some other signaling protocol than MGCP in case of WAN failure or some other failure that could cause problems with connection between gateway and Unified Communications Manager. By default, fallback protocol of choice in this case is H.323. So basically, to achieve that, we need to preform following configuration:

Router(config)#application
Router(config-app)#global
Router(config-app-global)#service alternate Default

Once we are done with configuring MGCP Fallback, we would need to configure complete dial plan for H.323 by creating dial peers for each destination/type of call (for example: national or international) in order to be able to establish a call. It is not my intention to cover that part, since I assume that you already configured it.

To verify, we would need to execute following commands:

Router#show ccm-manager
Router#show ccm-manager fallback-mgcp

PRI/BRI Backhaul Configuration

MGCP PRI/BRI Backhaul is mostly used when we are bridging Unified Communications Manager with some third party PBX using QSIG. While talking with networking (not telco) guys I would describe it this way: L2 signaling is maintained by voice gateway and L3 signaling is passed to Cisco Unified Communications Manager by voice gateway.

MGCP PRI backhaul is a method for transporting complete IP telephony signaling information from an ISDN PRI interface in an MGCP gateway to Cisco Unified Communications Manager using a highly reliable TCP connection. The gateway uses a single TCP connection to backhaul all ISDN D channels to Cisco Unified Communications Manager. MGCP PRI backhaul terminates all ISDN PRI Layer 2 (Q.921) signaling functions on the MGCP gateway while, at the same time, packaging all the ISDN PRI Layer 3 (Q.931) signaling information into packets for transmission to Cisco Unified Communications Manager through an IP tunnel over a TCP connection.

So, to configure PRI/BRI Backhaul I will assume that your E1/T1 controller is already configured with base configuration (line code, clocking, framing).

Router(config)#isdn switch-type primary-net5
Router(config)#controller E1 1/0
Router(config-controller)#pri-group timeslots 1-32 service MGCP
Router(config-controller)#exit
Router(config)#interface serial 1/0:16
Router(config-if)#isdn bind-l3 ccm-manager

So basically, we defined our isdn-switch type globally (we could do that on controller level as well) and after that we started configuring our controller. We created pri-group which is basically controlled by MGCP. Once we applied that, we need to switch to serial interface created by execution of previous command and we need to instruct gateway to transfer all Q.931 signaling to Unified Communications Manager.

Last thing that we need to do is to verify above configuration and we can do that by executing following commands:

Router#show isdn status
Router#show ccm-manager backhaul

DTMF Relay Configuration

If you have some services within your organization that require DTMF functions (good example would be some IVR implementation for support where customer is typing incident number in order to be connected to engineer that is working on incident) and you are facing some difficulties with that (not all digits are received and so on) solution would be to extract that signaling from codec bandwidth and process it out-of-band.

To achieve that, we would need following configuration:

Router#conf t
Router(config)#mgcp dtmf-relay voip codec all mode out-of-band

Once done with that, don’t forget to save your configuration.

For more information, refer to following links:

1. MGCP Fallback
2. DTMF Relay
3. PRI/BRI Backhaul

In following blog posts I will write about different Cisco based VoIP solutions and I will try to cover some foundation topics like voice signaling protocols and so on. My aim is to present different solutions and possibilities and I hope that you will find it interesting and helpful.

About MGCP and reasons to use it

Media Gateway Control Protocol is client server voice signaling protocol. Call control is handled by call agent (Cisco Unified Communications Manager) and media translation is performed by voice gateway. It is important to mention that it is only client – server model based voice signaling protocol on the market. Also, it is well know for its simple configuration (it is just matter of configuring call agent and remembering several gateway commands), centralized management and one of the main benefits is it’s use for MGCP back-haul QSIG configurations (in short: Layer 2 signalization is handled by voice gateway which is under control of call agent, and layer 3 signalization is forwarded to call agent – Cisco Unified Communications Manager – CallManager). Please note that MGCP is often called Megaco by telco people.

MGCP Messages

1. Create connection – CRCX
2. Notification request – RQNT
3. Notify – NTFY
4. Modify connection – MDCX
5. Delete connection – DLCX
6. Audit endpoint – AUEP
7. Endpoint configuration – EPCF
8. Restart in progress – RSIP

MGCP Call flow

MGCP configuration basics

This part of text will cover MGCP configuration – just foundations. Please note that it won’t include all specific configurations, it will just cover base configuration, but in several new posts I will try to cover different configuration scenarios and solutions.

So, let assume that MGCP call agent, in our case Cisco Unified Communications Manager – CallManager is working on IP address 192.168.1.95. Also, assume that redundant CallManager is working on IP address 192.168.1.100.  This text does not show CallManager side of configuration of a gateway and I assume that that part is already successfully configured (I will eventually edit this blog post to include that configuration, afterwards)

Configurations is as follows:

1. From global configuration mode start MGCP proces:

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#mgcp
Router(config)#

2. Next thing we need to do is to configure call agent, redundant call agent and we need to inform voice gateway that call agent is under control of MGCP. We can do that as follows:

Router(config)#mgcp call-agent 192.168.1.95
Router(config)#ccm-manager redundant-host 192.168.1.100
Router(config)#ccm-manager mgcp

3. Once done with that, we can configure out Cisco Unified Communications Manager gateway options. So to do that, navigate to your CallManager and in Cisco Unified CM Administration configuration menu select Device > Gateway > Add new. Select your voice gateway model from the drop down list and click Next. For Protocol select MGCP and click Next. Once there, configure Domain name (please note that this field needs to be in following format: gatewayhostname.domainname, for example CCIEVoiceLab.localnetwork.lab) and other required options (add cards and preform complete gateway configuration). Once you are done with voice gateway configuration you are required to configure dial plan which will include this gateway into configuration. That goes beyond the scope of this blog post and I will write about it in some of following blog posts.

4. Once done with CallManager configuration we need to instruct voice gateway about the TFTP address where CallManager stores configuration, and that is typically IP address of the CallManager it self:

Router(config)#ccm-manager config server 192.168.1.95
Router(config)#

5. Once we are done with that we can instruct our gateway to download and apply configuration by issuing following command:

Router(config)#ccm-manager config
Router(config)#

Wait several seconds and you can verify your downloaded and applied configuration with following command:

Router#show running-config
Router(config)#

At that point your voice gateway will be controlled by call agent, in this case CallManager. To verify your configuration please give a check to Troubleshooting commands.

MGCP Troubleshooting

Once you are done with MGCP gateway configuration, you can verify your configuration by issuing following commands:

Router#show mgcp
MGCP Admin State ACTIVE, Oper State ACTIVE – Cause Code NONE
MGCP call-agent: 192.168.1.95 Initial protocol service is MGCP 0.1
MGCP validate call-agent source-ipaddr DISABLED
MGCP validate domain name DISABLED
MGCP block-newcalls DISABLED
MGCP send SGCP RSIP: forced/restart/graceful/disconnected DISABLED
…

This command will show all MGCP settings, timers and so on.

Router#show ccm-manager
MGCP Domain Name: Router
Priority        Status                   Host
======================================
Primary         Registering with CM      192.168.1.95
First Backup    Down                     192.168.1.100
Second Backup   None

Current active Call Manager:    None
Backhaul/Redundant link port:   2428
…

This command will show registration status and other statistics.

Beside above commands, we can use:

Router#show mgcp endpoint
Router#show voice port summary

That would be all for this post. I hope that this blog post is helpful and if you do have some questions in regards to MGCP please let me know and we can try to find solution. In next several posts I will write about MGCP fallback, backhaul and DTMF configurations.

1. Media Gateway Control Protocol
2. MGCP messages

Two years ago I have decided to start working on Cisco Voice Professional certification track. It was logical step to make for me since I was working for several years in voice industry with different solutions, so when I started with Cisco solutions there was no doubt what to choose and why. In prior to further discussion about certification I would like to point that I am full time employed with lot of different responsibilities which can and does impact preparations for certification.  So, for some people that might take this certification track this might be resolved faster, but all depends on attitude, basic knowledge and many other factors. I took a newer track based and created around Cisco Unified Communications Manager 6.0. When I started preparing myself for CCVP, there was active certification based on Cisco Unified Communications Manager 4.1, and main difference beside versions of Cisco Unified Communications Manager  is that old certification path included Gateway and Gatekeeper exam. I took all of the exams as Cisco is recommending on their web site for CCVP certification. So, that is as follows:

Cisco Certified Network Associate Voice – CCNA V

For all English language readers of this blog, this is blog post in Bosnian language about opening of a new Pearson VUE testing centar in Zenica, Bosnia and Herzegovina at REZ agency.

Cisco certifikati su jedni od najcjenjenijih referensi koji su dostupni stručnjacima u oblasti informacione tehnologije. Stoga je, kao logičan završetak obuke za polaznike Cisco Akademije, REZ Agencija u svom prostoru uspostavila testni centar najpoznatijeg testing provajdera Pearson Virtual Universities Enterprises (Pearson VUE), prema veoma strogim tehničkim sigurnosnim kriterijima.

Usluge Pearson VUE testnog centra koriste mnoge poznate kompanije i organzacije kao što su Cisco, Linux Professional Insitute, CompTIA i drugi. Za ispite u Pearson VUE testnom centru u REZ Agenciji se možete prijaviti direktno preko weba http://www.vue.com/, putem telefona 032 441 231 ili dolaskom u našu Agenciju kod PVTC Administratora Testnog centra.

Plaćanje za Vaše ispite možete vršiti direktno putem stranice http://www.vue.com ili se obratiti administratoru u našem testnom centru (gđa Mediha Zukić).

1. REZ Agencija
2. Pearson VUE

Few days ago I moved my Ubuntu on laptop to version 10.04 and so far I am very satisfied with how does it work. That was a clear sign to refresh some software installs that I have and that fact included VMware server. Basically, I found VMware to suit my needs when it comes to personal virtualization. I am using virtualized CallManager (it is only supported with VMware) and also my appliance Linux environment is virtualized as well. There are other virtualisation solutions that I like but I will leave that for some other blog post.

So, I installed VMware Server 2.0.2 and it is working really nice. There are plenty of instruction manuals on VMware installation on Linux and Ubuntu, but I found this one to work like a charm. Under Ubuntu, I am using current version of Firefox, which is 3.6.3 and it seems to have a problem with VMware Remote Console Plug-in. It is not working at all. There is lot of discussion about this but I didn’t find that much solutions. Some are saying that some Firefox add-on for flash blocking is causing this to happen, but using Firefox without .mozilla didn’t help.

So, here is solution that actually works: Open Terminal and navigate to directory:

root@gomez-laptop:/# cd /usr/lib/vmware/webAccess/tomcat/apache-tomcat-6.0.16/webapps/ui/plugin/

once there, execute list command and you should be able to see vmware-vmrc-linux-x86.xpi file which is required:

root@gomez-laptop:/usr/lib/vmware/webAccess/tomcat/apache-tomcat-6.0.16/webapps/ui/plugin# ls
build_doNotErase.txt  vmware-vmrc-linux-x64.xpi  vmware-vmrc-linux-x86.xpi vmware-vmrc-win32-x86.exe  vmware-vmrc-win32-x86.xpi

Once, there, we need to unzip that file by issuing following command:

root@gomez-laptop:# unzip vmware-vmrc-linux-x86.xpi

and then, navigate to plugins directory and list the content:

root@gomez-laptop:/usr/lib/vmware/webAccess/tomcat/apache-tomcat-6.0.16/webapps/ui/plugin# cd plugins/
root@gomez-laptop:/usr/lib/vmware/webAccess/tomcat/apache-tomcat-6.0.16/webapps/ui/plugin/plugins# ls
bin  libconf                         open_source_licenses.txt  vmware-desktop-entry-creator  vmware-vmrc-daemon  xkeymap
lib  np-vmware-vmrc-2.5.0-122581.so  share                     vmware-vmrc vmware-vmrc-legacy
root@gomez-laptop:/usr/lib/vmware/webAccess/tomcat/apache-tomcat-6.0.16/webapps/ui/plugin/plugins#

And one last step is to start vmware-vmrc with following command:

root@gomez-laptop:/usr/lib/vmware/webAccess/tomcat/apache-tomcat-6.0.16/webapps/ui/plugin/plugins# ./vmware-vmrc -h localhost:8333

Please note that you can replace localhost with IP address of your working VMware server. Once above command is executed you need to authenticate and you should be able to select virtualized hosts. Please give a check to following screenshots:

As shown on above screenshot, we need to authenticate and one last step is to select one of the virtualized machines that we want to work with:

If there are some questions, please let me know. I hope that this workaround will save some time for you and that you will have working solution.

1. VMware server
2. VMware server installation on Ubuntu

Richard M. Stallman is an American software freedom activist and computer programmer. In September 1983, he launched the GNU Project to create a free Unix-like operating system, and has been the project’s lead architect and organizer. With the launch of the GNU Project, he initiated the free software movement and, in October 1985, set up the Free Software Foundation.

Stallman pioneered the concept of copyleft and he is the main author of several copyleft licenses including the GNU General Public License, the most widely used free software license. Since the mid-1990s, Stallman has spent most of his time advocating for free software, as well as campaigning against both software patents and what he sees as excessive extension of copyright laws. Stallman has also developed a number of pieces of widely-used software, including the original Emacs, the GNU Compiler Collection, and the GNU Debugger. He co-founded the League for Programming Freedom in 1989.

Richard M. Stallman will have following speeches in Bosnia and Hercegovina in May, 2010:

What: Copyright vs. Community
When: May 19, 2010 from 11:00 AM to 01:30 PM
Where: IBU conference hall, main building, third floor, Francuske revolucije bb; Sarajevo, Bosnia and Herzegovina

What: Free Software Movement and the GNU/Linux Operating System
When: May 20, 2010 from 02:00 PM to 04:30 PM
Where: IBU conference hall, main building, third floor, Francuske revolucije bb; Sarajevo, Bosnia and Herzegovina

What: Free Software Movement and the GNU/Linux Operating System
When: May 22, 2010 from 14:00 PM to 16:00 PM
Where: Fakultet Informacijskih Tehnologija, Univerzitet Dzemal Bijedic; Mostar, Bosnia and Herzegovina

We hope that you will come to listen speeches from Stallman and that you will enjoy those events. It is good opportunity to visit those events since we do not know when we will have Stallman in Bosnia and Hercegovina again. If there is additional information needed, please let me know.

1. Richard M. Stallman
2. Free Software Foundation

Few months ago I passed Implementing Cisco Quality of Service (QoS). It was one of those “real life” exams with lot of simulations and drag and drop questions. Passing score was set to around ~80% and there was around 50 questions or so. Since Quality of Service is one of the huge areas there is lot of viable documentation. I would recommend Cisco QOS Exam Certification Guide (IP Telephony Self-Study), 2nd Edition from Cisco Press, but there are plenty of other books focused on this area as well. One of the best organized online learn sessions that I have found to be focused on this area was written by Paul Stryer from Global Knowledge. Please find links below text pointing to that online learn session. I need to mention that it is best practice to give a try to all of the solutions that you can find in this texts on real equipment, deploy Quality of Service in your organization and you will gain required understanding and experience to pass this exam. Beside that, you will have your network working much better than it was in prior to implementing QoS within your organization. Since I am following Cisco CCVP track this was only exam that is not directly related to voice (I mean it is not organized around voice strictly) and it was very nice experience. Personally I really enjoyed learning and preparing this stuff, and most of the solutions that I have learned are something that needs and can be implemented in networks that I was working with.

Quality of Service, Part 1 – Introduction
Quality of Service, Part 2 – Introduction
Quality of Service, Part 3 – Introduction
Quality of Service, Part 4 – QoS Mechanisms
Quality of Service, Part 5 – Classification
Quality of Service, Part 6 – Marking
Quality of Service, Part 7 – Service Policy
Quality of Service, Part 8 – Congestion Management
Quality of Service, Part 9 – FIFO Queuing
Quality of Service, Part 10 – Weighted Fair Queuing
Quality of Service, Part 11 – CBWFQ
Quality of Service, Part 12 – Low Latency Queuing
Quality of Service, Part 13 – MQC Pop Quiz
Quality of Service, Part 14 – MQC Pop Quiz Answer

I hope that you will enjoy reading above texts and that you will enjoy implementing Cisco Quality of Service. If you would need some additional information please leave a comment.

Few days ago I had interesting request to tweak Linux on Samsung LCD TV. At first, I was kind of surprised that Linux is supported on TV, but it is normal. Linux is very strong competitor on the appliance based market and it was just about time to face those kind of installations. The main goal was to enable telnet on firmware in order to be able to connect to TV, and after that to load Common Internet File System to be able to use network mounts. Since I didn’t know anything about Samsung TV series and belonging firmware versions I needed to read something about that. Basically, there are differences in versions based on producing years and processors that are supported. This text is about to cover Samsung LCD TV LE40A756 and A856 with firmware T-RBYDEU. I need to mention that it is kind of easier to work with other models of Samsung LCD TVs since they seam to open more possibilities (this is just my opinion) for firmware hacking but this version was very interesting to play with as well. Since this firmware (as much as all other appliance based firmware versions) is using squash file system, to be able to add something on filesystem we would need to unsquash file system (unsquash is viable thru squashfs-tools) and then perform necessary changes. Since I am using Ubuntu which is providing newer version of squashfs-tools package than it is required (Ubuntu is providing squashfs-tools version 3.1 and it is required to have version 2.0) I didn’t follow that procedure. However, for those that would like to give it a try you can follow this procedure. We will follow other procedure.

Downloads

Navigate to Samsung web site > Support > Downloads > TV Audio Video > Choose a product type>: Television > Choose a product subtype: LCD TV > Select your TV model and then click on Select. You will be provided with the link to download your firmware version. In our case firmware is called T-RBYDEU.exe.

Firmware work

Using some of the decompression tools like 7zip, WinRAR or some other program that you use on the daily basis, we need to extract .exe file that we have downloaded. I will describe procedure under Linux operating system using 7zip:

7z x T-RBYDEU.exe

Once done, you will be able to see extracted files in directory T-RBYDEU. Please note that you will be able to see those files:

gomez@gomez-laptop:/media/Data_/T-RBYDEU$ ls -la
total 40
drwx—— 1 gomez gomez     0 2009-05-11 23:38 .
drwx—— 1 gomez gomez  4096 2010-04-01 16:22 ..
-rwxrwxrwx 1 gomez gomez 18929 2009-04-17 16:16 crc
drwx—— 1 gomez gomez  4096 2009-05-11 23:38 image
-rwxrwxrwx 2 gomez gomez  8676 2009-04-17 16:16 MicomCtrl
gomez@gomez-laptop:/media/Data_/T-RBYDEU$ cd image/
gomez@gomez-laptop:/media/Data_/T-RBYDEU/image$ ls -la
total 58166
drwx—— 1 gomez gomez     4096 2009-05-11 23:38 .
drwx—— 1 gomez gomez        0 2009-05-11 23:38 ..
-rwxrwxrwx 1 gomez gomez  8155136 2009-04-17 16:16 appdata.img
-rwxrwxrwx 1 gomez gomez   602112 2009-04-17 16:16 boot.img
-rwxrwxrwx 1 gomez gomez 37646336 2009-04-17 16:16 exe.img
-rwxrwxrwx 1 gomez gomez   177920 2009-04-17 16:16 fnw.bin
-rwxrwxrwx 1 gomez gomez       17 2009-04-17 16:16 info.txt
-rwxrwxrwx 1 gomez gomez    99680 2009-04-17 16:16 oneboot.bin
-rwxrwxrwx 1 gomez gomez  3424256 2009-04-17 16:16 rootfs.img
-rwxrwxrwx 2 gomez gomez  3172612 2009-04-17 16:16 T-RBYDAUM
-rwxrwxrwx 2 gomez gomez  3172612 2009-04-17 16:16 T-RBYDEUM
-rwxrwxrwx 1 gomez gomez   228296 2009-04-17 16:16 u-boot.bin
-rwxrwxrwx 2 gomez gomez       47 2009-04-17 16:16 validinfo.txt
-rwxrwxrwx 2 gomez gomez       43 2009-04-17 16:16 version_info.txt
-rwxrwxrwx 1 gomez gomez  2864533 2009-04-17 16:16 vmlinux.ub
gomez@gomez-laptop:/media/Data_/T-RBYDEU/image$

As per above output, please note that we have directory called image, and from the interesting files we have exe.img and validinfo.txt which will be used in following text.

Firmware tweaks

Next thing that we need to do is to prepare exe.img for additional changes in order to be able to telnet to TV and use some networking services like CIFS. Now, navigate to image directory and create directory temp:

gomez@gomez-laptop:/media/Data_/T-RBYDEU$ cd image/
gomez@gomez-laptop:/media/Data_/T-RBYDEU/image$ mkdir temp
gomez@gomez-laptop:/media/Data_/T-RBYDEU/image$

Once done, we will mount exe.img with the type of vfat to newly created temp directory:

gomez@gomez-laptop:/media/Data_/T-RBYDEU/image$ sudo mount -t vfat -o loop exe.img temp/

With above command, we have mounted exe.img to temp directory. Please note that we have following files inside temp directory:

gomez@gomez-laptop:/media/Data_/T-RBYDEU/image$ cd temp/
gomez@gomez-laptop:/media/Data_/T-RBYDEU/image/temp$ ls -la
total 28980
drwxr-xr-x 3 root root 16384 1970-01-01 01:00 .
drwx—— 1 gomez gomez 4096 2010-04-04 19:06 ..
-rwxr-xr-x 1 root root 29487160 2009-04-17 16:16 exeDSP
drwxr-xr-x 3 root root 8192 2009-04-17 16:16 modules
-r-xr-xr-x 1 root root 131072 2009-04-17 16:16 $rfs_log.lo$
-r-xr-xr-x 1 root root 8192 2009-04-17 16:16 rfs_pool.sy$
-rwxr-xr-x 1 root root 4374 2009-04-17 16:16 run
-rwxr-xr-x 1 root root 4525 2009-04-17 16:16 start.sh
gomez@gomez-laptop:/media/Data_/T-RBYDEU/image/temp$

Please note that we have start.sh file which we will use in following text.

Scripts

Using your favourite text editor, replace current start.sh file with following:

#!/bin/sh

if [ -e /mtd_chmap/start.sh ]
then
echo “user start.sh found!”
/mtd_chmap/start.sh
else

export PATH=/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/bin:/usr/local/sbin
#export LD_LIBRARY_PATH=/usr/local/lib:/usr/lib:/lib
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/mtd_cmmlib:/usr/local/lib:/usr/lib:/lib
export HOME=/tmp/root
export TERM=linux
export LOGNAME=”root”
cd /dtv/usb
PU=`cat log | grep Mount`
PU=`echo ${PU##MountDir : }`
echo $PU
$PU/usb.sh &

mount

## mount -n -t usbfs none /proc/bus/usb

ulimit -s 2048

export PS1=’\h:\w\$ ‘

## STAPI Root Device Name?## ———————-
ST_DEV_ROOT_NAME=stapi
export ST_DEV_ROOT_NAME

## STAVMEM Device Name
## ——————-
STAVMEM_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stavmem_ioctl
export STAVMEM_IOCTL_DEV_PATH

## STAUDLX Device Name
## ——————-
STAUDLX_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/staudlx_ioctl
export STAUDLX_IOCTL_DEV_PATH

## STBLAST Device Name
## ——————-
STBLAST_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stblast_ioctl
export STBLAST_IOCTL_DEV_PATH

## STBLIT Device Name
## ——————
STBLIT_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stblit_ioctl
export STBLIT_IOCTL_DEV_PATH

## STCC Device Name
## —————-
STCC_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stcc_ioctl
export STCC_IOCTL_DEV_PATH

## STCLKRV Device Name
## ——————-
STCLKRV_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stclkrv_ioctl
export STCLKRV_IOCTL_DEV_PATH

## STDENC Device Name
## ——————
STDENC_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stdenc_ioctl
export STDENC_IOCTL_DEV_PATH

## STEVT Device Name
## —————–
STEVT_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stevt_ioctl
export STEVT_IOCTL_DEV_PATH

## STFASTFILTER Device Name
## ————————
STFASTFILTER_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stfastfilter_ioctl
export STFASTFILTER_IOCTL_DEV_PATH

## STFDMA Device Name
## ——————
STFDMA_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stfdma_ioctl
export STFDMA_IOCTL_DEV_PATH

## STGFB Device Name
## —————–
STGFB_CORE_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stgfb_core
export STGFB_CORE_DEV_PATH
STGFB_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stgfb_ioctl
export STGFB_IOCTL_DEV_PATH

## STHDMI Device Name
## ——————
STHDMI_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/sthdmi_ioctl
export STHDMI_IOCTL_DEV_PATH

## STI2C Device Name
## —————–
STI2C_IOCTL_DEV_PATH=”/dev/${ST_DEV_ROOT_NAME}/sti2c_ioctl”
export STI2C_IOCTL_DEV_PATH

## STLAYER Device Name
## ——————-
STLAYER_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stlayer_ioctl
export STLAYER_IOCTL_DEV_PATH

## STMERGE Device Name
## ——————-
STMERGE_IOCTL_DEV_PATH=”/dev/${ST_DEV_ROOT_NAME}/stmerge_ioctl”
export STMERGE_IOCTL_DEV_PATH

## STPIO Device Name
## —————–
STPIO_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stpio_ioctl
export STPIO_IOCTL_DEV_PATH

## STPTI4 Device Name
## ——————
STPTI4_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stpti4_ioctl
export STPTI4_IOCTL_DEV_PATH

## STSMART Device Name
## ——————-
STSMART_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stsmart_ioctl
export STSMART_IOCTL_DEV_PATH

## STSYS Device Name
## —————–
STSYS_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stsys_ioctl
export STSYS_IOCTL_DEV_PATH

## STTTX Device Name
## —————–
STTTX_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stttx_ioctl
export STTTX_IOCTL_DEV_PATH

## STTUNER Device Name
## ——————-
STTUNER_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/sttuner_ioctl
export STTUNER_DEV_PATH

## STVBI Device Name
## —————–
STVBI_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stvbi_ioctl
export STVBI_IOCTL_DEV_PATH

## STVID Device Name
## —————–
STVID_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stvid_ioctl
export STVID_IOCTL_DEV_PATH

## STVIN Device Name
## —————–
STVIN_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stvin_ioctl
export STVIN_IOCTL_DEV_PATH

## STVMIX Device Name
## ——————
STVMIX_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stvmix_ioctl
export STVMIX_IOCTL_DEV_PATH

## STVOUT Device Name
## ——————
STVOUT_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stvout_ioctl
export STVOUT_IOCTL_DEV_PATH

## STVTG Device Name
## —————–
STVTG_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/stvtg_ioctl
export STVTG_IOCTL_DEV_PATH

STTKDMA_IOCTL_DEV_PATH=/dev/${ST_DEV_ROOT_NAME}/sttkdma_ioctl
export STTKDMA_IOCTL_DEV_PATH

RUN=1
/exe/exeDSP

Please note bold lines. Basically, it is the same file except that we are instructing our Linux firmware to load usb.sh script which needs to be located on USB root directory. usb.sh script will instruct Linux firmware to start busybox instance of telnet deamon so that we are able to telnet to our TV, and additionally it will load cifs.ko kernel module which will enable Common Internet File System so that we are able to mount some network devices on our Linux firmware. usb.sh script looks like:

#! /bin/sh

echo “!!!!!!!!!!!!!! USB START !!!!!!!!!!!!!!”

/bin/stty -F /dev/ttyAS0 ospeed 57600 ispeed 57600
#line before enables console for speed 57600. Put ‘debug’ to console and you see menu, put ’12′ and ENTER
echo “!!!!!!!!!!!!!! start console on 57600 !!!!!!!!!!!!!!”

#sleep 25 sec is need for wait ethernet start
sleep 25

cd /dtv/usb
PU=`cat log | grep Mount`
PU=`echo ${PU##MountDir : }`

echo “!!!!!!!!!!!!!! start telnet !!!!!!!!!!!!!!”
$PU/busybox telnetd -l /bin/sh

echo “!!!!!!!!!!!!!! start cifs.ko !!!!!!!!!!!!!!”
cd $PU
insmod cifs.ko

sleep 4

echo “!!!!!!!!!!!!!! clear old contents USB on TV !!!!!!!!!!!!!!”
rm /mtd_contents/V* -R
rm /mtd_contents/database -R

echo “!!!!!!!!!!!!!! start mount !!!!!!!!!!!!!!”
mount -t cifs //192.168.0.1/photo $PU/photo -o user=user_xp -o pass=password_xp
mount -t cifs //192.168.0.1/mp3 $PU/mp3 -o user=user_xp -o pass=password_xp
mount -t cifs //192.168.0.1/video $PU/video -o user=user_xp -o pass=password_xp

mount

echo “!!!!!!!!!!!!!! USB END !!!!!!!!!!!!!!”

Please note bold lines. Basically, we are starting telnet daemon and loading cifs.ko kernel module. After that, we are mounting some Windows XP shares from our personal computer which is working on 192.168.0.1 IP address. Once this file is loaded, and those mount locations are created you will be able to use files within above directories on your TV from the TV menus.

Please note that usb.sh, cifs.ko, busybox files and mp3, video, and photo directories needs to be located on USB root location.

Once done with that, we are ready to preform final changes to our firmware. First thing that we need to do is to umount temp directory:

gomez@gomez-laptop:/media/Data_/T-RBYDEU$ sudo umount /home/gomez/Desktop/T-RBYDEU/temp

Then, we need to delete temp directory:

gomez@gomez-laptop:/media/Data_/T-RBYDEU/image$ sudo rm -rf temp/

Once done with that, we need to change CRC information, because we have changed exe.img file. We can do that as follows:

gomez@gomez-laptop:/media/Data_/T-RBYDEU/image$ crc32 exe.img
cdc8080c

Once we have CRC information, we need to enter new value to validinfo.txt file:

gomez@gomez-laptop:/media/Data_/T-RBYDEU/image$ cat validinfo.txt
*007_exe.img_663430d9*011_appdata.img_a485b538

Please note value 663430d9. We need to change that value with cdc8080c that we have got as output from crc32 command. You can do that by using your favourite text editor. Once done with that, we are done with tweaking our Linux firmware. Your USB pen content should look like this:

gomez@gomez-laptop:~/Desktop/USB$ ls -la
total 3644
drwxr-xr-x 6 gomez gomez    4096 2010-04-05 08:59 .
drwx—— 8 gomez gomez    4096 2010-04-05 09:03 ..
-rwxrwxrwx 1 gomez gomez  992084 2009-11-18 23:13 busybox
-rwxrwxrwx 1 gomez gomez 2707316 2009-11-17 20:08 cifs.ko
drwx—— 2 gomez gomez    4096 2009-12-28 09:12 mp3
drwx—— 2 gomez gomez    4096 2009-12-28 09:12 photo
drwx—— 3 gomez gomez    4096 2010-04-05 08:59 T-RBYDEU
-rwxrwxrwx 1 gomez gomez    1026 2009-12-28 09:14 usb.sh
drwx—— 2 gomez gomez    4096 2009-12-28 09:12 video

If that is the case, you can put this USB to your TV, turn it on and you will be prompted to upgrade firmware with firmware version listed on your USB pen. Once you perform this upgrade, you will be able to telnet to your TV. Check your TV IP address from TV menus, and then using Linux shell, or if you are Windows user using Putty, telnet to your TV and enjoy power of your Linux shell. Also, using TV menus and Common Internet File System – CIFS, you can play some music, video or photos on your TV (as described above).

If you are lazy to give a check to this procedure, you can download fully operational USB image on this link. You are doing that on your own risk and author of this blog post is not responsible for any damage that you might cause by some operation.

Enjoy power of Linux shell on your Samsung TV!

For more information please visit following links:

1. SamyGo wiki pages
2. How to enable Telnet on Samsung TV’s
3. Hacking T-RBYDEUC Firmware – LE40A756 and A856