Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
186 Cards in this Set
- Front
- Back
BGP is what kind of protocol?
|
Path Vector
|
|
OSPF is what kind of protocol?
|
Link State
|
|
RIP is what kind of protocol?
|
Distance Vector
|
|
EIGRP is what kind of protocol?
|
Hybrid
|
|
What is the AD of directly connected routes?
|
0
|
|
What is the AD of static routes?
|
1
|
|
What is the AD of EIGRP summary routes?
|
5
|
|
What is the AD of external BGP routes?
|
20
|
|
What is the AD of internal EIGRP routes?
|
90
|
|
What is the AD of IGRP routes?
|
100
|
|
What is the AD of OSPF routes?
|
110
|
|
What is the AD of IS-IS routes?
|
115
|
|
What is the AD of RIP routes?
|
120
|
|
What is the AD of ODR routes?
|
160
|
|
What is the AD of external EIGRP routes?
|
180
|
|
What is the AD of internal BGP routes?
|
200
|
|
What is the AD of unknown routes?
|
255
|
|
What is the RIB and what command do you use to view it?
|
routing information base, viewed with the show ip route command
|
|
What is the FIB and what command do you use to view it?
|
forwarding information base, stored in memory/hardware viewed with the show ip cef command
|
|
What is the STP convergence process?
|
1. Elect the root bridge
2. Each non-root device selects a root port(best path to root bridge - best path is lowest cost; (cost based on bandwidth) 3. For every link, one designated port is selected; again, decision based on cost(bandwidth). Remember, every port on the root bridge is a designated port. 4. All other ports set to blocking - Remember, this is for each VLAN under per VLAN STP (PVST) |
|
What determines the winner of the root bridge election?
|
lowest bridge ID wins, bridge ID consists of 2 byte priority field, plus a 6 byte mac address, and the VLAN ID
|
|
The default STP priority is ______ and can be changed in increments of _______
|
32768, 4096
|
|
The STP tiebreaker process consists of ______, ________, and __________.
|
lowest cost path to the root device(bandwidth)
lowest sender bridge ID lowest port ID |
|
Explain the command spanning-tree vlan 7 root primary or secondary
|
causes switch to look at other devices in topology and sets it either higher if primary and lower than primary but higher than anything else if secondary
|
|
What are the STP port states, and what timer is used at each state and for how long?
|
Blocking - 20 Sec max age
Listening -15 Sec forward delay(processing BPDUs) Learning - 15 Sec forward delay(placing MAC entries in the MAC table) Forwarding - forwarding frames |
|
Where and why would you use portfast?
|
when connected to servers or workstations to bypass STP convergence
|
|
Where and why would you use uplinkfast?
|
used to speed up convergance at an access layer switch when a redundant connection is lost to the distribution layer
|
|
When and why would you use backbonefast?
|
can save on the Max Age timer when there is an indirect link failure(enabled on every switch in the topology)
|
|
What are the 802.1w STP port states?
|
Discarding
Learning Forwarding |
|
What are the RSTP port roles?
|
Root port - same as 802.1D
Designated port - same as 802.1D Alternate port - alternate port for the root port(just think alternate path to the root bridge) Backup port - backup to the designated port Note: These new roles help replace the need for UplinkFast and BackboneFast |
|
Key differences of 802.1D and 802.W are now BPDUs in RSTP are used for ______, and topology changes can be sent from __________
|
keepalives
all switches |
|
802.1s runs on top of ______
|
802.1w
|
|
802.1s allows you to create a unique topology per ________
|
instance
|
|
802.1s have switches that all share ______, _____, and ______
|
region name, revision number, and VLAN mappings to instances
spanning-tree mode mst spanning-tree mst configuration name MY_REGION_NAME revision 1 instance 1 vlan 10-20 instance 2 vlan 21-30 |
|
Loopguard is implemented for
|
The STP loop guard feature provides additional protection against Layer 2 forwarding loops (STP loops). An STP loop is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state. This usually happens because one of the ports of a physically redundant topology (not necessarily the STP blocking port) no longer receives STP BPDUs. In its operation, STP relies on continuous reception or transmission of BPDUs based on the port role. The designated port transmits BPDUs, and the non-designated port receives BPDUs.
%SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port FastEthernet0/24 on VLAN0050. |
|
UDLD is implemented for
|
often enabled by default for fibre optic interfaces
Occurs when traffic sent by a local device is received by its neighbor, but traffic from the neighbor is not received by the local device * Fiber strands in a fiber-optic interface are misconnected * One of the interfaces cannot send or receive traffic * One of the interface is down and the other is up * One of the fiber strands in cable is disconnected |
|
BPDUGuard is implemented for
|
enforces the STP domain borders and keeps the active topology predictable
PortFast ports could experience a temporary Layer 2 loop if a switch replaces the server or workstation BPDUGuard immediately error disables the port when a BPDU is detected |
|
Root guard is implemented for ...
|
enforces the Layer 2 STP topology, if a port receives a superior BPDU it moves the port to the root-inconsistent STP state. An ISP could use this to guard against a customer switch inadvertently becoming the root device
|
|
BPDUFilter is implemented for ...
|
Prevents BPDUs from being sent on a port;also causes the switch to ignore BPDUs received(DANGEROUS)
Can be used globally in conjunction with PortFast - when the PortFast port receives a BPDU, it will lose its PortFast status |
|
Storm Control does the following
|
designed to protect the network against a broadcast storm
* Monitors traffic by traffic type in 1 second intervals * If traffic of a certain type(broadcast, unicast, multicast) hits the threshold, all incoming traffic is stopped on the port * Some hardware platforms support a broadcast suppression feature in hardware |
|
What are the different trunking modes and what are the properties of each?
|
* on(switchport mode trunk) - forces the interface to trunk, and sends DTP frames
* off(swithport mode access) - forces the interface to access mode (non-trunk) * desirable(switchport mode dynamic desirable) - willing to trunk and sends DTP frames * auto(switchport mode dynamic auto) - willing to trunk but does not send DTP frames * nonegotiate(switchport nonegotiate) - used with the ON mode - stops DTP (no frames sent) |
|
In half-duplex mode these errors are normal.
|
FCS
Alignment Runts Collisions 1% ration of errors to total traffic is acceptable |
|
What Cisco proprietary protocol and what RFC provides layer 3 redundancy?
|
HSRP
|
|
True or False
HSRP provides a Virtual MAC address and IP address to clients |
True
|
|
True or False
HSRP uses multiple concurrent routers for forwarding |
False
|
|
The Default HSRP priority is
|
100
|
|
True or False
In HSRP priority the the higher priority wins |
True
|
|
What HSRP technology allows you to take over as active forwarder?
|
standby preempt
|
|
HSRP exchanges hellos over what address/port
|
224.0.0.2/1985
|
|
Give an example of when you would use HSRP groups
|
A device can be active for one group and standby for another
|
|
Since HSRP hellos are sent over LAN interfaces, how does HSRP konw to failover in the event of a WAN interface dropping?
|
Decrement the priority if there is a failure, requires HSRP preempt.
|
|
If the HSRP standby address is reported as a duplicate, what is this a possible problem with?
|
STP, EtherChannel, or duplicate frame issue.
|
|
HSRP state flapping is caused by
|
HSRP not receiving hellos, or a physical layer problem
|
|
What could cause HSRP to fail to recognize its peer?
|
Physical layer problem, or VTP issue
|
|
What could cause an HSRP state change with error?
|
If Virtual MAC/HSRP issue, if not STP or physical layer, or two active routers.
|
|
HSRP state changes on multicast stub
|
common cause deals with the non-Reverse Path Forwarding traffic that the non-designated router(DR) sees, an access-list on the non-DR is needed
|
|
HSRP asymemetric routing
|
can result in excessive MAC flooding, adjust MAC aging timer, or ARP timeout, or both
|
|
HSRP Virtual IP reported as different
|
interVLAN leakage because of bridging loops in the switch
|
|
HSRP causes MAC violation with port security
|
force the device to use the burned in MAC instead of virtual
|
|
HSRP - Interface hardware cannot support multiple groups
|
force the device to use the burned in MAC instad of the virtual
|
|
What L3 redundancy standard has round robin load balancing built in?
|
GLBP
|
|
True or False
GLBP is an open standard |
False
|
|
What standard uses an active virtual gateway for responding with MAC addresses pointing to other available default gateways?
|
GPBP
|
|
GLBP uses what adrdress/port for hellos? What frequency?
|
224.0.0.102/UDP 3222
3 seconds |
|
True or False
VRPP is a Cisco proprietary method to provide L3 redundancy |
False - RFC 3768
|
|
In VRPP a group of devices is called a _______
|
Virtual Router Group
|
|
The IP of _________ is used in VRPP instead of a seperate router address like HSRP.
|
VRM - Virtual Router Master
|
|
In NAT Global addresses are
|
outside the network
|
|
In NAT Local addresses are
|
inside the network
|
|
In NAT, an address that is assigned to the host inside the network is called
|
inside local
|
|
In NAT, a non-private address that represents the inside host
|
inside global
|
|
In NAT, an IP address of an outside host as it appears in the inside network
|
outside local
|
|
In NAT, an IP address assigned to a host on the outside network
|
outside global
|
|
In order to receive time from an authoritative time server type this command.
|
ntp server
|
|
In NTP some platforms possess a battery-powered hardware clock, use this command to run it
|
ntp update-calendar
|
|
For a router to PROVIDE the time use this command
|
ntp master [stratum]
The stratum is a measure of how close to the time to the time source, 1 indicates you are the time source, the default is 8 |
|
In NTP if you want to be updates from another device use this command
|
ntp peer(symmetric active mode)
|
|
In NTP if you want everyone on the same L3 network to get the time use this command
|
ntp broadcast
|
|
DHCP configuration requires these three items
|
pool, address space, and exclusions
|
|
To statically assign a DHCP address use one of these two methods
|
ip dhcp pool MANUAL
host 172.16.2.12 hardware-address 02c7.f800.0422 client-name HWTO-CUJO ip dhcp pool MANUAL2 origin file tftp://10.10.10.10/static |
|
WCCP takes client web requests and redirects the request to a
|
Cisco Content Engine
|
|
WCCP defaults to version
|
2
|
|
True or False
WCCP supports IPv4 and IPv6 |
False
|
|
WCCP v1 supports the following ports
|
80
|
|
True or False
WCCP v1 only supports one router per content engine cluster. |
True
|
|
How many content engines and how many routers in a service group?
|
32/32
|
|
WCCP can use multicast for communication as long as the TTL is 16 or less.
|
False, 15 or less.
|
|
WCCP uses what methods to redirect traffic.
|
GRE or L2
For L2, the content engine and the router must be on the same subnet, MAC address reqriting handles the redirect. |
|
To enable WCCP on an interface use this command.
|
ip wccp web-cache
int fa0/0(interface in which web client resides) ip wccp web-cache redirect in |
|
To force syslog messages to the console
|
no logging on
|
|
OSPF Network Type 1
|
Router
Router links and state Flooded in the area of origination |
|
OSPF Network Type 2
|
Network
Generated by the DR Lists all attached routers Flooded in the area of origination |
|
OSPF Network Type 3
|
Network Summary
Generated by ABRs Sent into an area to advertise prefixes in other areas Flooded throughout the AS |
|
OSPF Network Type 4
|
ASBR Summary
Generated by ABR Advertised the ASBR Flooded throughout the AS |
|
OSPF Network Type 5
|
AS External
Generated by the ASBR Advertises external destination Flooded throught the AS |
|
OSPF Network Type 7
|
NSSA External
Generated by the ASBR in a not-so-stubby-area Advertises external destination |
|
What LSA types does the OSPF area type "stub" block?
|
blocks 4,5
|
|
totally stubby
|
blocks 3,4,5
|
|
What is an OSPF not-so-stubby area?
|
A type of stub area in the Open Shortest Path First (OSPF) protocol that can import autonomous system (AS) external routes and send them to the backbone, but cannot receive AS external routes from the backbone or other areas
|
|
totally not so stubby
|
Just like NSSA but it does not allow type 3 or type 4 into area
|
|
In OSPF to summarize from one area to another use this command
|
area range
|
|
In OSPF you can summarize external prefixes using this command
|
summary-address
|
|
True or False
In an OSPF point to point network type there is a DR and BDR |
False
|
|
The OSPF Broadcast network type a DR/BDR is elected based on
|
highest IP address
highest priority, default is 1 |
|
The OSPF network type NBMA require what to form an adjacency
|
manual neighbor configuration
|
|
True or False
The OSPF network type point to multipoint there is not a DR/BDR |
True
|
|
What is needed to form an adjacency in the OSPF network type of point to multipoint non-broadcast.
|
No DR/BDR, manual configuration of neighbors
|
|
What could cause the OSPF neighbor list to be empty?
|
Not properly configured on interfaces
L1 or L2 issue Passive interface Access list blocking Error in L3 interface config Hello or Dead timer mismatch Authentication configuration error Area ID mismatch Stub flag mismatch secondary IP addressing issue incorrect network type configuration |
|
What could cause an OSPF stuck in attempt state?
|
Misconfigured neighbor statement
Unicast non-functional in NBMA environment |
|
What could cause an OSPF stuck in INIT state?
|
Hellos being blocked in one direction
Multicast nonfunctional on one side Authentication only on one side Broadcast keyword missing from map command |
|
What would cause an OSPF stuck in TWO-WAY state?
|
Priority of 0 on all routers
Neighbor stuck in EXSTART Mismatched MTU Duplicate Router IDs Broken unicast connectivity |
|
What would cause an OSPF stuck in LOADING state?
|
Mismatched MTU
Corrupted link-state request |
|
BGP uses what TCP port for its transport
|
179
|
|
eBGP is assumed to be directly connected, if not, use the following command
|
ebgp-multihop
|
|
EIGRP uses the following metrics
|
Bandwidth
Delay Reliability Load MTU |
|
Feasible Distance is
|
The cost between the local router and the destination prefix. Consists of the cost of the next hop, added to the cost that the next hop is advertising to the local router.
|
|
In EIGRP the successor is
|
the best(lowest cost) route to the destination
|
|
In EIGRP the feasible successor is
|
the 2nd best route, but the next hop must have an AD less than the current FD of the successor
|
|
When you use EIGRP stubs
|
remote devices will not query stubs
|
|
The three steps of setting up PBR
|
PBR
Identify the Route Map used for policy routing int fa/0 ip policy route-map MAP_NAME Build the route map Match the traffic based on: Access List - protocol or application Access List - particular source and/or destination Layer 3 packet length Set the behavior Next Hop Output interface Default next hop or interface |
|
The three steps of setting up MQC
|
1. Identify traffic "buckets"
class map 2. Dictate policy - what happens to the traffic? policy-map 3. Assign the configuration service-policy class-map CM_WEB match protocol http policy-map PM_CBWFQ class CM_WEB bandwidth percent 10 int fa0/0 service-policy output PM_CBWFQ |
|
NBAR has two jobs
|
Protocol analysis
Traffic classification for QoS |
|
To enable NBAR
|
ip nbar protocol-discovery
class-map CM_NBAR match protocol http |
|
CoS 7
|
Reserved(Network)
|
|
CoS 6
|
Reserved(internet)
|
|
CoS 5
|
Voice Bearer(Critical)
|
|
CoS 4
|
Video(Flash-Override)
|
|
CoS 3
|
Call Signalling(flash)
|
|
CoS 2
|
High Priority Data(Immediate)
|
|
CoS 1
|
Medium Priority Data(immediate)
|
|
CoS 0
|
Best Effort(routine)
|
|
In the ToS byte how many bits were originally used for IP Precendence
|
3
|
|
In The ToS byte how many bits are used for DSCP
|
6
|
|
In the ToS byte how what are the last two bits used for
|
Flow Control
|
|
The DSCP PHB class selector is used for
|
Backwards Compabtibility
Last three bits are set to 000 |
|
The default DSCP PHB is used for
|
Best effort service
000000 |
|
The Assured Forwarding PHB is used for
|
guaranteed bandwidth services
001, 010, 011, or 100 initial bit settings |
|
The expedited forwarding PHB is used for
|
voice
First three bits are 101 |
|
QoS policy propagation through BGP can classify packets based on these three things
|
access lists
BGP community lists BGP AS paths |
|
What queuing method can lead to queue starvation?
|
Priority Queuing
|
|
What queuing method can lead to latency for voice?
|
Custom queuing
|
|
What queuing method does not accommodate for for bandwidth reservations?
|
WFQ
|
|
What queuing method adds a priority queue to CBWFQ?
|
LLQ
|
|
What queuing method guarantees prioritized BW and it is policed?
|
LLQ
|
|
What queuing method resolves issues caused by sliding windows and tail drop?(global synchronization)
|
RED
|
|
What queuing method uses min threshold(start random drops) and max threshold(tail drops start here)?
|
WRED
|
|
Policing and shaping use these three similar methods to control traffic.
|
995
|
|
Policing and shaping main four differences are
|
shaping buffers excess traffic
policing drops it policing can also re-mark excess traffic and send it shaping is outbound only, policing is outbound and inbound |
|
Police or Shape
Rate limit when physical media is higher than the bandwidth service paid for |
Police
|
|
Police or Shape
Limiting certain applications in the network |
Police
|
|
Police or Shape
Remarking excess traffic before sending |
Police
|
|
Bc is
|
normal burst size - amount of packets forwarded each timing interval Tc
|
|
To calculate CIR use the following formula
|
Bc/Tc
8000 Bits (Bc) with 250 millisecond (Tc) - the CIR is 8000/.25 = 32 Kbps |
|
To prevent and manage congestion in ATM or Frame-Relay networks use this technology.
|
Shaping
|
|
To allow customer to regulate traffic locally to the provider use this technology
|
Shaping
|
|
What DLCIs can be assigned to a frame-relay circuit?
|
16-1007
0-15 and 1008-1023 are reserved |
|
The three LMI signaling options are
|
Cisco
Ansi Q.933 - Annex A |
|
What is does the LMI status of active signify?
|
Healthy on each end and data can be transferred
|
|
What does the LMI status inactive signify?
|
The local connection is healthy, but the remote side is not
|
|
What does the LMI status deleted signify?
|
No LMI, or the DLCI was deleted from the switch
|
|
In frame-relay full mesh what formula can you use to determine the number of circuits needed?
|
n(n-1)/2
n is the number of nodes 5 routers 5(5-1)/2=10 |
|
Phase II of DMVPN was create for what reason
|
To permit dynamic creation of spoke to spoke tunnels
|
|
In DMVPN multipoint GRE is used for
|
transporting data and routing information from the hub to multiple potential spokes
|
|
In DMVPN next hop resolution protocol(NHRP) is used
|
to dynamically register addresses from the spokes; a spoke can check in with the hub to connect directly with another spoke
|
|
Four advantages of DMVPN are
|
Hubs to do not require separate GRE interfaces and crypto maps for each spoke
Additional spokes need no hub configuration Spokes can use dynamic, external facing addresses Dynamic routing protocols may be used over the infrastructure |
|
To create an IPSec profile for DMVPN to protect the GRE tunnel use this command
|
crypto ipsec profile
|
|
To configure the two phases of IPSec for use in DMVPN use these commands
|
crypto isakmp policy
crypto ipsec transform |
|
To create the mGRE tunnel for DMVPN use the following command
|
tunnel mode gre multipoint
|
|
The class D range reserved for multicast is
|
224.0.0.0 - 239.255.255.255
|
|
Multicast range reserved for routing protocols and other maintenance functions(local link scope)
|
224.0.0.0 224.0.0.255
local network control block |
|
Reserved for internet applications like NTP
|
224.0.1.0 - 224.0.1.255
internetwork control block |
|
GLOP multicast
|
233.AS_Value.local assignment
|
|
Reserved for use in organizations
|
239.0.0.0 - 239.255.255.255 administratively scoped
The top 256 in each admin scope are reserved for scope relative addresses, for example, 239.255.255.249 reserved for DHCPv4 |
|
What protocol is host to router that allows hosts to request to join to a multicast group?
|
IGMP
|
|
IGMP v2 added these new features
|
Leave group
Router messages - general query, group-specific query membership report - sent when a host wants to join the group or in response to a membership query; the address of the message is the group that is desired |
|
IGMP v3 added these new features
|
Members can express INCLUDE and EXCLUDE filter requests
Groups and source specific query modified to include a request for a specific source |
|
What multicast technology radiates traffic from a source using a distribution tree?
|
PIM
|
|
What notation signifies source-based(shortest path trees SPTs)?
|
(S,G)
|
|
What notation signifies a shared tree in which traffic is sent through an RP?
|
(*,G)
|
|
What PIM mode uses flood and prune, and uses a source based approach(SPT)? (S,G)
|
Dense Mode
|
|
What PIM mode uses an explicit join approach, and supports SPT and Shared trees? (*,G)
|
Sparse Mode
|
|
What PIM mode was created to enable Auto-RP technology?
|
Sparse-Dense
|
|
The designated router in PIM wins the election based on
|
The highest IP address
|
|
Reference to moving traffic away from the source, instead of to a destination
The primary loop prevention mechanism in multicast Use the unicast IP routing table to determine the upstream path to the source If the traffic arrives on an interface that the unicast routing table does not consider upstream, the traffic is dropped |
Bidirectional PIM
|
|
Variation on the PIM-SM mode - addresses issues for groups with large numbers of sources - less overhead due to the large number of sources
Forwarding of traffic is done solely by (*.G) mechanisms Keeps the technology loop free Responsible for forwarding the appropriate mutlicast traffic upstream The DF is elected using the best unicast route to the RP |
Bidirectional PIM
|
|
Reference to moving traffic away from the source, instead of to a destination
The primary loop prevention mechanism in multicast Use the unicast IP routing table to determine the upstream path to the source If the traffic arrives on an interface that the unicast routing table does not consider upstream, the traffic is dropped |
Multicast Reverse Path Forwarding Check
|