This is a reminder to myself first and foremost!!!
In this so-called modern era of cultural, political, scientific and educational renovations, we have many renewed and reformed ways invented these days to dishonor, disgrace and disrespect our own brothers through some polite, diplomatic and very modest manners.
The creator of mankind communicated this matter to make us cautious about these etiquettes.
And tell My servants to say that which is best. Indeed, Satan induces [dissension] among them. Indeed Satan is ever, to mankind, a clear enemy (The Noble Qur’an 17:53).
In order to spread affinity, affection and the Islamic spirit of brotherhood, and to remove the reasons of abandonment, severance and enmity, a brother should always be kind, compassionate and a best source of happiness and pleasure to his brother.
May Allah give us the right guidance and the required wisdom to understand this subject to the best of our abilities, so we may keep ourselves always be reminded that Satan at all times wanted to put dissention among us in order to disperse us in different pieces.
If we love to see and fashion this Ummah in a true Islamic vision of brotherhood, we must learn to respect our brothers as no matter who and what they are in their personal styles, appearances and endeavors. If we do not benefit our brother, we should not harm him. If we do not please him, we should not depress him, and if we do not praise him, we should never dispraise him ever.
We (all) being as children of Adam (AS) carries various weaknesses, flaws, and we do commit sins during our stay on this earth. These are the very well-known realities about us and our creator who fashioned us in this manner; He is fully acquainted about these well-known facts of humans.
Therefore, after making us cautious about the very essential etiquette that is ‘always to say to your brother that which is best’, The Al-Alim (All knowing) and The Dhul Jalal Wal Ikram(Possessor of Majesty and Honor) continues making us aware and attentive concerning His acquaintance about us(humans) in the very next verse 54 of chapter 17 in the Noble Qur’an.
Your Lord is most knowing of you. If He wills, He will have mercy upon you; or if He wills, He will punish you. And We have not sent you, [O Muhammad], over them as a manager. (The Noble Qur’an 17:54).
Indeed, we have numerous Hadiths of our beloved Prophet (SAWS) for our reference and reminder on this subject.
The Prophet (SAWS) said: “Part of a person’s being a good Muslim is his leaving alone that which does not concern him. (Narrated by al-Tirmidhi, 2317, classed as saheeh by Ibn al-Qayyim in al-Jawaab al-Kaafi, p. 112)
There follow the comments of the scholars on the interpretation of this hadeeth.
Shaykh al-Islam Ibn Taymiyah (may Allah have mercy on him) said:
The Muslim is commanded either to speak good or to keep silent. If he turns away from the silence that is enjoined upon him and speaks in an unnecessary manner that is not good, then this is counted against him. Hence the Prophet (SAWS) said: “Part of a person’s being a good Muslim is his leaving alone that which does not concern him.” If a person indulges in something that does not concern him, that detracts from his being a good Muslim.
Majmoo’ al-Fataawa, 7/49, 50
Ibn al-Qayyim (may Allah have mercy on him) said:
The Prophet (SAWS) summed up all of piety in one sentence, when he said: “Part of a person’s being a good Muslim is his leaving alone that which does not concern him.” This includes not speaking about, looking at, listening to, striking a blow, walking towards or thinking about anything for no purpose, and keeping away from all outward and inward actions that have to do with things that do not concern you. This sentence is sufficient concerning piety.
In another Hadith, our beloved prophet (SAWS) taught us a really very important quality of a Mu’min.
Abu Musa Al-Ash’ari (May Allah be pleased with him) reported: I asked the Messenger of Allah (SWAS): “Who is the most excellent among the Muslims?” He said, “One from whose tongue and hands the other Muslims are secure.” [Al-Bukhari and Muslim reported this Hadith].
One of the things to be noted here in this Hadith is the perfection of language used to teach this subject to the Ummah. Our Prophet mentioned the tongue (speech) before the hand (actions) because it is very easy to harm someone with the tongue to create a great misunderstanding, discomfort and distress in the hearts as compared to going physical in actions. Moreover, defending oneself against harms caused by the tongue is much more difficult than defense against direct physical abuse. Indeed, it is quite possible that there is a potential of reaction or retaliation when an act is physical, whereas in case of gossip or slander, the response often remains unchallenged because it looks obscure in general for humans to do that, and it is for this reason that our beloved Prophet Muhammad (SAWS) mentioned speech before physical actions. Indeed, Allah knows the best.
There are many Hadiths of our beloved prophet (SAWS) stressing this matter. We need to remind ourselves always about what guarantees our entry in Jannah?
Sahl bin Sa’d (May Allah be pleased with him) reported: The Messenger of Allah (SAWS) said, “Whosoever gives me a guarantee to safeguard what is between his jaws and what is between his legs, I shall guarantee him Jannah.” [Al-Bukhari].
The Al-Hakim (The Wise) described this subject further in detail to make us understand what should be one of the required conditions of our faith and what makes us disobedient to Him.
O you who have believed, let not a people ridicule [another] people; perhaps they may be better than them; nor let women ridicule [other] women; perhaps they may be better than them. And do not insult one another and do not call each other by [offensive] nicknames. Wretched is the name of disobedience after [one’s] faith. And whoever does not repent – then it is those who are the wrongdoers. (The Noble Qur’an 49:11)
Finally, this is a reminder to myself first and foremost as how The Al Hayy, Al Qayyum(The Ever-living and The Self-Existing by Whom all subsist) illuminated the right concept and the true understanding of “a good” and “a bad” word by giving an exceptional example here.
Have you not considered how Allah presents an example, [making] a good word like a good tree, whose root is firmly fixed and its branches [high] in the sky? It produces its fruit all the time, by permission of its Lord. And Allah presents examples for the people that perhaps they will be reminded. And the example of a bad word is like a bad tree, uprooted from the surface of the earth, not having any stability. Allah keeps firm those who believe, with the firm word, in worldly life and in the Hereafter. And Allah sends astray the wrongdoers. And Allah does what He wills. (The Nobel Qur’an 14:24-27).
May Allah give us enough strength and steadfastness to take heed of His noble guidance to the utmost of our abilities. Aameen! InSha’Allah
Quicker “traceroute”
Posted on: March 11, 2012
The “traceroute command” traces the network hops that a packet takes as it is forwarded from source to destination network address.
“traceroute” is one of the most popular network diagnostic tools. This tool gives great assistance while troubleshooting on network issues.
However, sometimes the tool takes a real long time to trace the intermediate hops to reach to the destination. This is due to the domain name resolution.
To make it quicker, we can simply disable the domain name resolution for all intermediate hops. Please refer the following guidelines to do this in three different OS platforms.
With MS Windows
The example is
tracert –d 10.10.10.10
The “-d” option prevents tracert from resolving IP addressess to Hostnames.
With Cisco IOS
Example is as below
traceroute 10.10.10.10 -> numeric
The use of numeric ip address value in the above command syntax will prevent traceroute from resolving IP addresses to hostnames.
With LINUX and UNIX
Example is
traceroute -n 10.10.10.10
The “-n” option prevents traceroute from resolving IP addresses to hostnames.
Note: – When it is observed that “traceroute” doesn’t work on any OS then please make sure that the “traceroute utility” might require on that Operating System to support the OS for “traceroute” command. With some OS like UNIX when the traceroute command is not found it might be present but not in your shell’s search path.
VTP has three versions, version 1, 2 and 3. There are some interesting facts to learn about them to decide on selection of correct version requirement for any VTP capable network.
It is known that all switches in a VTP domain must have same VTP domain name. However, they do not need to run the same VTP version. Therefore, we must remember the following points as our guidelines in selection of correct VTP version for our network switches.
1) The first straight limitation is “A switch running VTP version 3 cannot move to VTP version 1 or 2 if it has extended VLANs configured.
2) Secondly, two VTP version 3 regions can only communicate in transparent mode over a VTP version 1 or VTP version 2 regions.
3) Do not unable VTP version 2 on a switch in the network unless it is identified that all switches in the same VTP domain are VTP version 2 capable. When we enable version 2 on any version 2 capable switch in the VTP domain then all the switches in that domain enables the VTP version 2 automatically. In this case, if there is a switch capable to support VTP version 1 only then it does not exchange VTP information to other version 2 capable switches.
4) Switches, those have only VTP version 1 capabilities cannot interoperate with VTP version 3 switches also.
5) Moreover, VTP version 3 switches are not designed to receive the configuration information from VTP version 1 or VTP version 2 switches.
6) By default, VTP version 2 is disabled on VTP version 2 capable switches. Therefore, by default VTP version 2 switches operates in the VTP domain as the switches running VTP version 1 but the switches having capabilities to run VTP version 2.
7) When the switches running VTP version 1 and VTP version 3 are getting interconnected, the VTP version 1 switch moves to VTP version 2 and the VTP version 3 switch started sending scaled-down version of VTP packets in order to update the database of interconnected VTP version 2 switch.
8) When a switch running the default VTP version 1 but having the capabilities to run the VTP version 2 receives the VTP version 3 advertisements then it automatically moves itself to VTP version 2 in order to receive the advertised packets from a VTP version 3 switch.
9) As the VTP version 1 and version 2 switches do not forward VTP version 3 updates. Therefore, it is recommended to place them at the edge of the network.
10) VTP version 3 only supports extended range VLANs. VTP version 1 or VTP version 2 does not propagate extended VLANs (VLAN IDs 1006 to 4096). Extended VLANs needs to be configured manually on version 1 or version 2 VTP capable devices.
Please follow the below link to know some Cisco’s rules on your CCIE number association. A must read for all CCIEs!
Improved Cisco’s UniverCD link
Posted on: February 9, 2012
It is done about few years back but it is still worth to mention here that Cisco’s “UniverCD” link is changed now. The earlier link was
http://www.cisco.com/univercd/home/home.htm
The above link is no more available now. However, Cisco has introduced a new and improved version of “Doc CD” This link is as mentioned below.
http://www.cisco.com/cisco/web/psa/default.html?mode=prod
Please follow the link below for a quick reference to refresh our knowledge on the presence of different LSA types in all types of OSPF area.
https://techlanguageblog.files.wordpress.com/2012/02/ospf-lsas-and-area-types.jpg
In any local area or campus area network, it is always a need to manage a VLAN subnet block with sets of static and dynamic IP address allocations.
Every user VLAN has users having dynamically assigned IP addresses whereas printers, plotters, network scanners are the devices normally mapped into the same user VLAN subnet but having static IP addresses.
The general practice seen in networking world is to exclude few IP addresses from defined DHCP scope for users. These excluded IP addresses are actually reserved for and are assigned statically to printers, plotters and network scanners.
The definition and management of static and dynamic IP address blocks in a VLAN subnet does require an extra administrative work. Sometime, it also leads to IP address conflicts in big local area or campus area networks where the communication is not properly done between network administrators and printer support team who has given the responsibility to allocate static IP addresses to printers, plotters etc.
I personally think of having allocation of two IP subnets to every VLAN. These subnets should be defined with a systematic approach to avoid any wastage in IP addresses. The primary subnet should be allocated to user VLAN whereas the secondary subnet can be used for static IP assignment to printers, plotters and network scanners.
The primary subnet should be given to DHCP administration team to define the DHCP pool whereas the secondary subnet is managed for static IP address allocations.
We always have dynamic user IP block bigger than the static IP address requirement for printers, plotters etc.
Let’s consider that /24 subnet mask is for user vlan subnet and /28 subnet mask is for printers, plotters and network scanners etc.
The configuration of primary and secondary IP subnets to physical or vlan interface is a very simple task in Cisco IOS. The example is as mentioned below.
Switch(config)#int fa0/0 –> (vlan interface can also be configured for secondary IP address)
Switch(config-if)#ip address 10.10.10.1 255.255.255.0 –> Primary subnet configuration.
Switch(config-if)#ip address 10.10.11.1 255.255.255.240 secondary –> Secondary subnet configuration.
We can test the reachability of the configured primary and secondary IP subnets in the network as following.
Switch#ping 10.10.10.1
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
switch#ping 10.10.11.1
Sending 5, 100-byte ICMP Echos to 10.10.11.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
A good and quick reference table on routing protocol’s Administrative Distance can be downloaded from the below link.
https://techlanguageblog.files.wordpress.com/2012/02/admin-distance-a-quick-reference.jpg
Private VLANs
Posted on: February 3, 2012
Private VLAN divides regular VLAN domain into sub domains and can have multiple VLANs for every sub domain.
Private VLAN feature is introduced to overcome following two problems that service providers were used to experience in using regular VLANs.
1) Scalability
2) IP Address Management
1) Scalability:-
The maximum number of VLANS that any 802.1Q compliant network device can support is 4096. Whereas VLAN ID 0 is used to identify priority frames and VLAN ID 4095 is reserved. Therefore, the maximum possible VLAN IDs on any network device are 4,094.
With this VLAN ID limitation on the networking devices, ISP’s used to experience the scalability problems when the 4095th customer will have to sign up as they will have no more VLAN ID left to be assigned to the new customers.
2) IP Address Management
Every VLAN requires a separate IP subnet. Therefore, there can be potential wastage of IP addresses in each subnet if normal VLAN concept is in use. For that reason, Private VLAN concept is originated.
Private VLAN provides layer 2 isolation between ports those are within that same private VLAN. All ports in private VLAN are access ports and are one of the following types.
Promiscuous:-
A promiscuous port belongs to primary VLAN and has ability to communicate with all other ports of private VLAN.
Isolated:-
Isolated port belongs to secondary VLAN. This port is completely isolated from all other private VLAN ports except promiscuous port.
Community:-
Community port communicates with others ports of that same community VLAN and also with promiscuous ports. As isolated ports are completely isolated from other private VLAN ports, therefore, community ports won’t be able to communicate with isolated ports of the private VLAN.
Every private VLAN contains following two types of VLANs.
1) Primary VLAN
2) Secondary VLAN
Primary VLAN
A private VLAN has only one primary VLAN. Primary VLAN is used to carry downstream unidirectional traffic from promiscuous ports to the community and isolated host ports and to the other promiscuous ports.
Secondary VLAN
Secondary VLANs are of two types.
1) Isolated VLAN
A private VLAN has only one isolated VLAN. An isolated VLAN is a secondary VLAN that carries traffic upstream towards promiscuous ports.
2) Community VLAN
A private VLAN has multiple community VLANs. A community VLAN is a secondary VLAN that carries traffic upstream from community ports to other ports of the same community and to promiscuous ports.
Configuration Example:-
Following steps are to be followed for private VLAN configuration.
1) If the switch is running VTP ver1 or 2 than set the VTP mode transparent.
vtp mode transparent
2) Create primary and secondary VLANs.
vlan <vlan-id>
private-vlan primary
exit
vlan <vlan-id>
private-vlan isolated
exit
vlan <vlan-id>
private-vlan community
exit
3) Configure primary and secondary VLAN’s associations.
vlan <vlan-id>
private-vlan association [add|remove] secondary_vlan_list.
Please follow the below link to access the quick reference table for IPV4 addressing.
https://techlanguageblog.files.wordpress.com/2012/02/ipv4-addressing-reference.jpg
techlanguageblog 
