Sunday, March 31, 2013

冷眼心水股系列3:2至5元 11股项供选择

在2至5令吉的股项中,我选择的11家,供大家从中选择。
马熔锡可净赚60仙
我首先促大家注意的是马熔锡(MSC,5916,主板工业产品股),乍看之下,相信大部分投资者都不同意我的看法,因为马熔锡目前股价高达3令吉,而该公司去年每股亏蚀61仙。
一家亏蚀到如此严重的公司,股价如此之高实在不合常理。
不过,假如你详读该公司季报的话,你会发现该公司去年其实营业成绩不错,只是因为一个特殊项目的拖累而使该公司大亏。
该公司业务分为三部分:第一个部分是具有百年历史的东方熔锡厂,该厂去年赚了5600万令吉。
第二个部分是在上霹雳的拉曼矿场去年赚2900万令吉。
第三个部分是印尼哥巴岛。由于到今年3月,矿地开采权尚未获更新,该公司决定一股脑儿勾销该项投资,勾销额高达1亿3800万令吉。
如此一来,抵销了熔锡厂和拉曼矿场的盈利还不够,账目中出现了6100万令吉的亏损。懂得看账目的人都知道这次的勾销并未涉及现金,而且是一次过性质。
如果今年熔锡厂和拉曼矿场能保持去年盈利的话,马熔锡今年极可能取得丰厚的盈利。
锡价已回升40%,对该公司有利。所以,侨丰行研究所在2月5日的研究报告中,预测马熔锡今年每股净赚60仙是有理由的。
广宇工业股息高
广宇工业(PIE,7095,主板工业产品股)一向盈利丰厚股息高,手头拥有大量现金,没有负债,是以股息为主的投资者的理想投资对象。
缺点是盈利成长不快,股价波动不大。
去年每股净赚49仙,派息39仙,每股拥有1.54令吉现金。
全利资源续增长
全利资源(QL,7084,主板消费产品股)从未间断成长,管理层极有眼光,管理素质上乘,是最佳成长股之一,可逢跌买进,长期持有。
森德综合业绩佳
森德综合(Scientx,4731,主板工业产品股)主要业务为塑胶产品及房地产,业绩表现良好。
森德综合公司最近收购长城塑胶的业务,
就业坊有前途
在中国,就业坊(Jobst,0058,主板贸服股)叫人才市场,表现标青,正在进军国际市场,有前途。
(待续)
冷眼 

冷眼42心水股系列2:蓝筹作价太高

5令吉以上的股票多数价值已反映在股价上,这可以从本益比看出,这类高价股大部分是蓝筹股。
蓝筹股的特征是根深蒂固,按部就班地增长,在营业量和盈利方面都不会有突破。
二三线股更划算
增长缓慢的公司只宜在本益比低时买进。
目前大部分蓝筹股的本益比在20倍以上,可谓偏高,我认为上升空间不大。
从投资回酬巴仙率计算,买二、三线优质股更划算。
因为买蓝筹股是本大利小;买二、三线优质股是本小利大,孰优孰少,一目了然。
所以,我在5令吉以上的高价股中,只选了两个,一个是郭鹤年的玻璃市种植(PPB,4065,主板消费产品股),另一个是已故骆文秀的东方实业(Orient,4006,主板消费产品股)。
PPB盈利高派息丰
玻璃市种植(PPB,4065,主板消费产品股)是郭鹤年的旗舰公司,盈利高派息丰,股价高企不下,一向是在17、8令吉以上。
近年来由于持有18.3%股权的丰益国际(Wilmar)业绩表现逊色,丰益股价下调使玻璃市种植股价受累,股价下滑至目前的12令吉,是多年来的低点。
巴菲特说,一家优秀公司因为暂时的挫折而使股价大跌,便是买进的良机。
玻璃市种植根基深厚;丰益国际潜能大,相信盈利下挫只属暂时,假以时日,必能复原,股价亦将随着业绩回升。
近来报载玻璃市种植将投资5亿令吉以扩展国内外业务,尤其是面粉业,可见该公司仍在成长中。
从反向思考的策略看,玻璃市股价的下挫,提供了一个以较低成本入股此优秀企业的良机。
东方实业现金最多
东方实业(Orient,4006,主板消费产品股)的股价已上升了一大截,若从盈利的角度看,已是不便宜,但是若从资产的角度看,即使是目前的股价仍属低价。
英国的一个大基金不断的吸购此股自有其理由。
属于第二代的东方实业领导层正逐步将此企业的领导权,移交给第三代,东方实业相信将进入一个新的时代。
东方实业相信是手头拥有最多现金的上市公司之一,在去年杪时,手头现金高达26亿令吉。
冷眼 

冷眼42心水股系列1:一步步走向财富

《南洋商报》和丰隆投资银行3月16日在《南洋商报》礼堂联办投资讲座,邀请我主讲,我的讲题为“一步步走向财富”。
我选这个题目是因为《南洋商报》是“您的创富伙伴”,我诚心诚意贡献我四十多年的股票投资心得,与《南洋商报》读者同行,共同创富。
最近几个月,我有系统地重新研究上市公司一,深读每一家上市公司的年报和文告,并且给每一家上市公司做笔记,摘录其重要资料已累积一约数百页。
在这读到写到的过程中,发现了一些过去被我忽略了的细节,对于一些过去不大重视的上市公司,有了新的认识。
我觉得我的心得,有如井中之水,读者从中汲取一两桶,水量不会因此而减少,而渴望股票知识的读者或有解渴作用。
既然于我无损;于人或有益,则我何乐而不与读者分享哉!
我从1000家上市公司中,选出42家我认为值得大家投资的公司,在讲座上略加说明,以供大家参考。
讲座会结束后,有不少听众向我反映两点:第一是我提出的42只股票还是太多,他们仍有“不知买那一只好”的感觉,如果能减少至10只8只,问题就简单得多了。
我提出较多的股只,主要是因为听众因年龄、财力等的不同,选股对象因人而异,我希望能满足不同层次听众需要。
第二是有不少听众认为我对每一只股票讲得太少,不够深入,有点“到喉不到肺”的感觉。
对于这一点,我感到抱歉。
要以45分钟讲解42只股票,每只仅有一分钟,当然只能点到为止,那是无可奈何的事。
我对手头大把的资料,没时间讲究,也觉得很可惜。因此信手拈来就这42只股票,作一些补充,希望对《南洋商报》读者有所帮助。
接下来,我将每日比较深入的介绍之前在讲座会上点名的股项。(待续)
冷眼 

How ARP Works

This article is based off of a series of usenet posts (one in particular) on the alt.certification.network-plus news group. I've done some revision in order to make the whole thing flow as a stand-alone document and I've also made some revisions to the example.

What is ARP?

ARP stands for Address Resolution Protocol. It is used to associate a layer 3 (Network layer) address (such as an IP address) with a layer 2 (Data Link layer) address (MAC address).

Layer 2 vs. Layer 3 addressing

I think where a lot of confusion with ARP comes from is in regards to how the IP address and the MAC address work together. The IP address is a layer 3 (network layer) address. The MAC address is a layer 2 (data link) address. The layer 3 address is a logical address. It will pertain to a single protocol (such as IP, IPX, or Appletalk). The layer 2 address is a physical address. It pertains to the actual hardware interface (NIC) in the computer. A computer can have any number of layer 3 addresses but it will only have 1 layer 2 address per LAN interface. At layer 3, the data is addressed to the host that the data is destined for. At layer 2 though, the data is addressed to the next hop. This is handy because you only need to know a host's layer 3 address (which can be found out by using DNS for instance) but you won't need to know the hardware address (and you won't have to bog down the network by sending an ARP request across the internet to find it out). The layer 3 packet (addressed to the destination host) will be encapsulated within a layer 2 frame (addressed to the next hop).

ARP operation for a local host

Your computer will have data that it needs to send (I'm assuming that we're using TCP/IP from here on). When the data gets to the Network layer it will put on the destination IP address. All of this info (the network layer datagram, aka packet) is passed down to the data link layer where it is taken and placed within a data link frame. Based on the IP address (and the subnet mask), your computer should be able to figure out if the destination IP is a local IP or not. If the IP is local, your computer will look in it's ARP table (a table where the responses to previous ARP requests are cached) to find the MAC address. If it's not there, then your computer will broadcast an ARP request to find out the MAC address for the destination IP. Since this request is broadcast, all machines on the LAN will receive it and examine the contents. If the IP address in the request is their own, they'll reply. On receiving this information, your computer will update it's ARP table to include the new information and will then send out the frame (addressed with the destination host's MAC address).

ARP operation for a remote host

If the IP is not local then the gateway (router) will see this (remember, the ARP request is broadcast so all hosts on the LAN will see the request). The router will look in it's routing table and if it has a route to the destination network, then it will reply with it's own MAC address.
This is only the case if your own computer doesn't know anything about the network topology. In most cases, your computer knows the subnet mask and has a default gateway set. Because of this, your own computer can figure out for itself that the packet is not destined for the local network. Instead, your computer will use the MAC address of the default gateway (which it will either have in it's ARP table or have to send out an ARP request for as outlined above). When the default gateway (router) receives the frame it will see that the MAC address matches it's own, so the frame must be for it. The router will un-encapsulate the data link frame and pass the data part up to the network layer. At the network layer, the router will see that the destination IP address (contained in the header of the IP packet) does not match it's own (remember, the IP address has not been touched at all in this process since your computer created the IP packet). The router will realise that this is a packet that is supposed to be routed. The router will look in it's routing table for the closest match to the destination IP in order to figure out which interface to send the packet out on. When a match is found, the router will create a new data link frame addressed to the next hop (and if the router doesn't know the hardware address for the next hop it will request it using the appropriate means for the technology in question). The data portion of this frame will contain the complete IP packet (where the destination IP address remains unchanged) and is sent out the appropriate interface. This process will continue at each router along the way until the information reaches a router connected to the destination network. It will see that the packet is addressed to a host that's on a directly connected network (the closest match you can get for an address, short of the packet being addressed to you). It will send out an ARP request for MAC address of the destination IP (assuming it doesn't already have it in it's table) and then address it to the destination's MAC address.
Now then, I did slightly gloss over 1 part in the above explanation and that's the part about the router finding out the hardware address for the next hop. I just didn't want to disturb the flow with entering into that there. How the router does this will depend on what type of connection (and in some cases, what protocol and/or encapsulation is used on the connection). In some cases, this will be a hard set value (like a frame relay pvc) within the configuration of the router. In some cases, you don't even need a hardware address (like any point to point connection, there's only 1 possible host you could send it to), in those cases the router will just create a data link frame appropriate for the connection and it won't even need to be addressed. This is why the OSI model is good. It's layered so that any layer can change and as long as it takes in information in a standard way (the way the layer above wants to send it) and spits out information in a standard way (the way the layer below wants to receive it), then it's all good. When Frame Relay came along nothing changed with the way you had to address IP packets, all of the changes took place at the data link and physical layers. If some new type of connection comes along in the future, only the data link and physical layers will likely change. When we go to IPv6, only the network layer should change (it probably won't but that's more to do with how the layers tend to blur, but if it were truly layered that would be the case).

Putting it all together

Anyways, since I feel like doing an example here's one showing the whole process. In the original post, I had used IP addresses from the 10.x.x.x range (which is a reserved range for private networks) with a subnet mask of 255.255.255.0. This seemed to cause some confusion (both because of the misconception that the 10.x.x.x range is non-routable and because I was using a class C subnet mask for a class A network) both of these are valid and would work but I've decided to change this so that I'm using non-reserved (ie, real) IPs from class C networks. I figure that this will help reduce the confusion in this example, and I can clear up the rest in another article or 2. Needless to say then, if you want to try this on your own network, don't connect it to the internet! IP conflicts are just plain evil and can screw up lots of stuff. If you want to try this in a home lab that is connected to the internet then put the whole network behind some kind of a firewall and use the reserved IPs. Or, if you're lucky enough to have a block of real IPs, use them. The bottom line is don't use IPs that haven't been assigned to you on the internet.
Your computer has an address of 200.0.1.2, it's connected to the 200.0.1.0 network (I'm assuming a subnet mask of 255.255.255.0, we'll call this network 1) which is an ethernet network. Your default gateway is a router (router a) which has an address of 200.0.1.1. That router is connected to the 200.0.1.0 network and the 200.0.2.0 (network 2) network (the interface connected to the 200.0.2.0 network will have an address of 200.0.2.1). The network 2 is also an ethernet network. Also connected to network 2 is another router (router b) which has the address (for the interface connected to network 2 at least) of 200.0.2.2. Router b is also connected to network 3 (200.0.3.0). Router b's interface on network 3 has the address of 200.0.3.1. Here's a (probably bad) ASCII diagram to illustrate:
         Router        Router
           a             b
-----------O-------------O------------
Network 1    Network 2       Network 3
(200.0.1.0)   (200.0.2.0)      (200.0.3.0)
Now then, your computer (on network 1 with an address of 200.0.1.2) wants to send some data to a computer on network 3 (with an address of 200.0.3.2). We'll assume that none of the info in already cached in an ARP table on any of the machines or routers (a big assumption but it's mine to make!). Your computer will create an IP packet addressed to 200.0.3.2. That packet will be sent to the data link layer where it needs a MAC address. Based on the subnet mask, your computer will know that the destination computer isn't on the same local network. So, your computer will send out an ARP request for the default gateway's MAC address (ie, what's the MAC for 200.0.1.1?). On receiving the MAC address, your computer will send out the IP packet (still addressed to 200.0.3.2) encapsulated within a data link frame that is addressed to the MAC address of router a's interface on network 1 (because routers have more than 1 interface they can have more than 1 MAC address, in this case each router has 2 ethernet interface each with it's own unique MAC address). Router a will receive this frame and send the data portion up to the network layer (layer 3). At the network layer, router a will see that the packet (which is addressed to 200.0.3.2) is not addressed to router a. Router a will look in it's routing table to find out where to send the packet. The routing table will show that network 3 (the closest match to 200.0.3.2) is reachable via network 2. The routing table will also show the IP address for the next hop is 200.0.2.2. Router a will send out an ARP request onto network 2 asking for router b's MAC address (well at least for the interface connected to network 2). On receiving this, router a will send the IP packet (still addressed to 200.0.3.2, nothing's changed here) encapsulated in a data link frame addressed to router b's MAC address. When router b receives this frame it will do the same thing that router a did, it will send the IP packet up to the network layer and see that the packet is not addressed to router b (the packet is still addressed to 200.0.3.2). Router b will then look up in it's routing table for the closest match and see that it is directly connected to network 3, so there isn't a next hop router to send it to. Router b will send out an ARP request to learn the MAC address for 200.0.3.2. When this is received, router b will send out the IP packet (again, this is still addressed to 200.0.3.2) encapsulated within a data link frame that is addressed to the MAC address of the destination computer. The destination computer will see that the data link frame is addressed to it and will pass the IP packet to the network layer. At the network layer, the IP address will also match that of the computer and the data from the IP packet will be passed up to the transport layer. Each layer will examine the header and determine where to pass it up to until eventually, the data reaches the application running on the destination computer that has been waiting for the data.
What you'll notice through this whole process is that the IP address never changes. The IP packet is always addressed to 200.0.3.2. However, at the data link layer, the address used changes at each hop (it's always addressed to the next hop). As you go up through the layers, you get more and more specific about where the data is supposed to be going. At the data link layer this is very vague, it's basically just, "here's who to pass it on to, they should know what to do with it". At the network layer you get more specific (this is the exact computer I want to send this to). Above that you get more specific (is it TCP or UDP?, what port?, etc)

MPLS QOS

Wednesday, March 27, 2013

CoS and DSCP marking and remarking options on Catalyst switches

By default Cisco Catalyst switch does not take into account any bit from the Layer 2 CoS or Layer 3 ToS field. Does it mean that packets will be transmited in the original for and CoS/ToS fiels will be untouched.
Once we enable quality of service (QoS) for the entire switch using:
SW(config)#mls qosQoS will be enabled with the default parameters on all ports in the system. What it means that switch by default will remark CoS and ToS values to default 0 (zero).
Once we enable trusting under interface then system will analyze CoS and ToS fields. We have two options; trusting CoS or ToS (DSCP). If you would learn more about the QoS language take a look onthis post.
Below you can find some examples and clarifications about sepcific options:
Trusting CoS
SW(config-if)#mls qos trust cos
  • Switch gets packet with CoS=5
  • Switch will pass through CoS value untouch, but DSCP will be rewritten based on the map table (by default CoS 5 will set DSCP to 46)
  • Conclustion: DSCP value is set based on the mls qos map cos-dscp
Trusting DSCP
SW(config-if)#mls qos trust dscp
  • Switch gets packet with CoS=4 and DSCP=46
  • Switch will pass through DSCP value untouch but CoS will be rewritten based on the map table (by default DSCP will rewrite CoS to 5 )
  • Conclusion: CoS value is set based on the mls qos map dscp-cos
Assigning CoS to port
SW(config-if)#mls qos cos 5
  • Switch gets packet on CoS untrusted port without QoS field, so it’s kind of untagged frame without 802.1p field(like in case of native VLAN)
  • Switch sets default CoS value that is assigned to the port, in this case CoS 5 (by default is 0). Marked value (CoS 5) later on is used to mark DSCP based on the mls qos map cos-dscp.
  • Conclusion: CoS value is set for all non capable 802.1p tag (layer 2 QoS field) frames
CoS overriding
SW(config-if)#mls qos cos 5
SW(config-if)#mls qos cos override
  • Switch gets tagged frame with CoS value of 4
  • Switch will tag frame with CoS value of 5 then it’s used to mark DSCP base on the mls qos map cos-dscp.
  • Conclusion: switch sets CoS for all frames even if they have CoS value already assigned to (base on the value in mls qos cos x)
Trusting DSCP just from Cisco IP Phone
SW(config-if)#mls qos trust dscp
SW(config-if)#mls qos trust device cisco-phone
  • Switch has Cisco IP Phone connected (phone’s visible over CDP) that sends frames with DSCP=46
  • Switch will pass through DSCP value untouch, CoS will be marked based on the mls qos map dscp-cos
  • Conclusion: trusting DSCP value only when a Cisco Phone is connected and reported via CDP on the respective interface; works in conjunction with the mls qos trust dscp and mls qos trust cos commands
Here you are QoS settings for not connected port (base on the above configuration):
SW#sh mls qos interface gi1/0/1
GigabitEthernet1/0/1
trust state: not trusted
trust mode: trust dscp
trust enabled flag: dis
COS override: dis
default COS: 0
DSCP Mutation Map: Default DSCP Mutation Map
Trust device: cisco-phone
qos mode: port-based
And here you are QoS settings output once we connected Cisco IP Phone to the port:
SW#sh mls qos interface gi1/0/1
GigabitEthernet1/0/1
trust state: trusted
trust mode: trust dscp
trust enabled flag: ena
COS override: dis
default COS: 0
DSCP Mutation Map: Default DSCP Mutation Map
Trust device: cisco-phone
qos mode: port-based

as you can notice enabled flag field has changed to ena (enabled) and trust state changed to trusted state, so port is ready to trust DSCP.
No DSCP/IPP to CoS rewriting (3550 only)
SW(config-if)#mls qos trust dscp pass-through cos
  • Switch gets packet with DSCP=46 and CoS=0
  • Switch will pass through DSCP and CoS value untouch, so DSCP=46 and CoS=0
  • Conclustion: switch does not remark CoS value
No CoS to DSCP rewrite (2960, 3560, 3750 only)
SW(config)#no mls qos rewrite ip dscp
SW#show mls qos
QoS is enabled
QoS ip packet dscp rewrite is disabled
  • Switch gets packet with DSCP=46
  • Switch will pass through DSCP value untouch
  • Conclustion: CoS will be trusted, DSCP will be preserved, switch does not modify DSCP value, leave it default as it is in the outgoing packet
Matching traffic with specific DSCP value in ACL (VLAN-Based)SW(config)#interface FastEthernet 1/1
SW(config-if)#switchport access vlan 100
SW(config-if)#switchport voice vlan 110
SW(config-if)#spanning-tree portfast
SW(config-if)#mls qos vlan-based
SW(config-if)#srr-queue bandwidth shape 10 0 0 0
SW(config-if)#srr-queue bandwidth share 10 30 40 20
SW(config-if)#queue-set 1
SW(config-if)#priority-queue out
SW(config-if)#ip access-list extended RTP
SW(config-ext-nacl)#permit udp any any range 16384 32767 dscp 46
SW(config-ext-nacl)#class-map match-any VOICE
SW(config-cmap)#match access-group name RTP
SW(config-cmap)#policy-map POLICY-VOICE
SW(config-cmap)#class VOICE
SW(config-pmap-c)#set dscp af31
SW(config-pmap-c)#interface vlan 110
SW(config-if)#service-policy input POLICY-VOICE
  • Switch gets packet with DSCP=46 and CoS=0
  • Switch will set DSCP to 26 and CoS value based the mls qos map dscp-cos map table
  • Conclustion: mls qos vlan-based overrides QoS interfaces level trusting seetings, port will not clear the CoS/DSCP field even that we don’t have trusting under policy, CoS/DSCP will be preserve and can be match by class-map
  • If you have more or better example please share with us under comments. Enjoy!

    IP Precedence DSCP and CoS relationships

    As part of studying the 642-642 QoS exam course is seems quite important to understand the relationship between the various ways of marking traffic. Below are some notes I’ve made so far about these relationships. This is note a post about the inner working of the various PHBs or their use.
    DSCP – Differentiated Services Code Point. This is a field that uses 6bits of the TOS field in an IP packet header.
    The four assured forwarding classes each include three drop probability classes. In general the higher the first number the better QoS treatment of the packet and the higher the second number the higher the probability the packet will be dropped during a period of congestion. A simple formula to remember the decimal value is AF(8*A)+(2*B). E.g. AF31 = (8*3)+(2*1 )= 26
    IP Precedence – This was used prior to the DSCP. It also uses bit from the TOS field found in IP Packet headers although only 3bits rather than the 6bits of DSCP.  These three Precedence bits overlap with the most significant bits of the DSCP.
    CoS – Class of service. A 3bit field defined under the 802.1p spec and only found in 802.1q tagged Ethernet frames (cisco ISL also supports CoS). Different from Precedence and DSCP as its a layer 2 marking and some networking equipment can only act on layer 2 CoS markings.
    A Table showing the relationship between IP Precedence and DSCP:
    Per Hop BehaviourDSCPDSCP (binary value)DSCP (decimal value)IP PrecedenceIP Precedence (binary)
    Default (no qos)BE00000000000

    AF1100101010
    AF12001100121001
    AF1300111014
    AF2101001018
    AF22010100202010
    AF2301011022
    Assured Forwarding
    AF3101101026
    AF32011100283011
    AF3301111030
    AF4110001034
    AF42100100364100
    AF4310011038
    Expedited ForwardingEF101110465101

    To enhance the backward compatibility with IP precedence DSCP has seven Class Selector PHBs. These all have zeros in the three least significant bits of the DSCP field. E.g. xxx000. The ideam being along the line that if a IP precedence marking router send a marked packet to a DSCP marking router it will have a measure of understanding.
    PHBDSCP (binary value)CoS
    Default (BE)0000000
    Class Selector 1 (CS1)0010001
    Class Selector 2 (CS2)0100002
    Class Selector 3 (CS3)0110003
    Class Selector 4 (CS4)1000004
    Class Selector 5 (CS5)1010005
    Class Selector 6 (CS6)1100006
    Class Selector 7 (CS7)1110007

    On Cisco kit these mapping can of course be customised and changed through the cli.
    Related Posts Plugin for WordPress, Blogger...