Public Profile


Securing East-West Communication in Clustered Multi-SDN Controller Network


It is required to implement a robust reliable flow securing approach in a Multi-SDN controller environment with the available SDN controller application.
IPSec protocol has used to implement the security between forwarding devices and the South bound of controller with OpenFlow. Therefore, similar type of approach to secure East – West communication in between controllers will open many research avenues in the future. This research paper has challenged to implement such security using the most suitable protocol.

Duplicate Router ID in EIGRP

'Redistribute Connected' in EIGRP

EIGRP - Bandwidth

Change the 'Bandwidth' parameter is not recommend to manipulate EIGRP Distance [Metric = Bandwidth + Delay)*256] because that may cause to QoS and other routing protocol instance (if any) such as OSPF.

But under a frame relay environment there is an exception for the above rule.

By default maximum bandwidth consumption for EIGRP update will be the half of the (50%) physical interface bandwidth value. Most of the time Frame relay CIR (Committed Information Rate) will be lower than the physical interface max. bandwidth. (Ex. in a serial interface you will fine 1.544 Mbps physical bandwidth but you may get frame relay 512 Kbps CIR)

So, If the 50% of the bandwidth consumption take from the physical bandwidth, you will be in a big trouble when EIGRP requested the maximum bandwidth (according to the example, it is more than 512 Kbps which is the maximum bandwidth you will get).

In that case you have to use the bandwidth command to change the bandwidth according to you CIR.

Also, you can change the maximum % of the EIGRP updates to save bandwidth in low speed connections.

if multiple DLCIs are in one physical interface the sum of the CIR will be divided by number of DLCIs and then get the 50% bandwidth rate for EIGRP.

Instructor Training with More Effectiveness

We know that instructors should be fluently train within the training schedule rather putting them to a very embarrassing situation while they are teaching their first batch.


I hope you will agree with me that 10 days training program for ITE, 2 modules of the CCNA R&S, CCNA Security and one module of CCNP R&S is not enough to get the complete idea of what they learn.


Some of the new academies are not having relevant HR capacity but due to the reputation and the knowledge we get through the Cisco Networking Academy, they will appoint teachers who should be trained by the Instructor Trainer within limited time period. At the end we conduct PPTs to give at least every technology we discuss in the program but very few practical sessions because they have to complete online assessments as well.


Due to the budget constrains we cannot extend the Instructor Training program because then the training cost will increase and none of the prospectors will reach to ITC. After we start the instructor training it should be finished successfully so most of the times trainers have to certify them as instructors.


So, I am having few recommendations to make this process in more standard way;


  1. - Set the CCNA R&S is a mandatory requirement to become an instructor or selection exam to make sure the eligibility to become an Instructor.
  3. - If they are not in the expected standard, ITC or Cisco has to setup a preparation course for prospective instructor (Webex or CCNA student class)
  5. - Annual  Instructor evaluation process

Cisco Career Certificate Vs Networking Academy

I do agree with everyone that ‘career certificate’ or industry certificate is most valuable thing. But then I point the figure to myself why do I waste my student’s time by delivering boring theories and very heavy practical sessions in the academy program rather direct them to grab the career certificate in a shortcut?


Again this is case that most of the students go to ‘road side’ training institutes to find that shortcut. It is a cycle. Unless we find a method to get the value to our academy program, students use the shortcut and the industry will fill with so-called ‘Cisco Career certificate holders’ with no knowledge.


After sometime Cisco may lose the market then what will happen to the academy program?


So, my point is we need to find a way to make our program valuable to everyone.


I suggest to Cisco;


  1. Verify the new comers are getting their certificates through certified academy or learning partner. (we know self studying CCNA in any format is not a realistic and there should be proper instructions)
  3. When Cisco gives the Sales partner status give some extra points to students who get their certificates with the training from a learning partner or academy. 

University of Moratuwa Cisco Networking Center

University of Moratuwa (UoM), Sri Lanka's leading technological university has a long history in networking being a pioneer in connecting Sri Lanka to the global Internet. For decades, UOM has been producing graduates who have made a name in the area of Networking. To further cement its leadership role in networking, UoM has partnered with the global giant in Networking - Cisco Systems through their world renowned Cisco Network Academy to establish "Cisco Networking Center (CNC)" at the University of Moratuwa.

With the full cooperation of Cisco Network Academy, CNC aims to produce world class networking professionals through highly qualified and experienced instructors.


Network Address Translation (NAT) & Port Address Translation (PAT)

(This blog entry I am publishing to check whether the ‘Sinhala’ language is supporting on the Netspace.)

පරිගණක ජාලයක් හරහා අන්තර්ජාලය භාවිතා කිරීමට අවශ්‍ය නම්, ඒ සඳහා Public IP Address එකක් හෝ කිහිපයක උපකාරය ලබා ගත යුතුය.(IP Address එකක් යනු පරිගණකය , පරිගණක ජාලයත් සමග තොරතුරු සහ සම්පත් හුවමාරු කිරීමේදී අනන්‍යතාවය තහවුරු කරගැනීමට යොදා ගන්නා ලිපිනයකි.මෙහිදී සඳහන් කල Public IP Address යනු අන්තර්ජාලයේ පවතින විවිධ පරිගණක සහ ජාලගත උපාංග සඳහා යොදාගන්නා ජාලගත අනන්‍යතාවය නිවැරදිව හඳුනාගැනීමට යොදා ගන්න IP Address ලෙස හඳුන්වා දිය හැක.)

IP Address වර්ගීකිරීමේදී හඳුනාගත් Class A,B,C යන පංති වලට අදාල Private IP Address බොහෝ විට, අපගේ Local Area Network (LAN) තුල භාවිතා කරයි. (උදා: -, - සහ - )

මෙම LAN IP Address මගින් අන්තර්ජාල පහසු කම සෘජුවම ලබා ගැනීමට නොහැකි වන අතර ඒ සඳහා මෙම LAN/Private IP සියල්ල WAN/Public IP එකක් හෝ කිහිපයක සහය ලබා ගත යුතුය.

එම ක්‍රියාවලිය සැකසීමේ දී  Public IP Address එකක් අන්තර්ජාලය ලබා ගත යුතු සෑම LAN PC එකකටම එක බැගින් වෙන් වෙන් ලෙස යොදා ගන්නේ නම් එම ක්‍රමවේදය  NAT හෙවත් Network Address Translation ලෙස හඳුන්වයි. එසේම තනි Public/WAN IP Address එකක් LAN PC සියල්ලටම භාවිතා කරයි නම් එය PAT හෙවත් Port Address Translation ලෙස හඳුන්වයි.


What is education ?

Education is a one driving factor which influences to the economic and social behaviours of the society. In early days education was considered for people who supposed to be idlers. Society believed education was fit to be a politician or philosopher.


In the time of Greek empires, education aimed at making students for citizenship and teach vocational training. Physical fitness was a main criterion for the success of the education. Education has become a major branch or sub system in the society with the evolution of the human life.


Now today different societies have their own education system to train younger generation to sustain within their society and carry traditions, rituals, norms and other practices. Not only that, education is the main driving factor for political and economic sub systems in the society.


Education itself is a system while it represents as a sub system in the society. The changes of the education will effect to other sub systems in the society either in good way or bad way.