Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
723 Cards in this Set
- Front
- Back
Layer 2 switching uses what value to forward data?
|
MAC address
|
|
Multilayer switching (MLS) forwards packets based on what OSI layers?
|
Layers 2,3 and 4
|
|
What does the 20/80 rule of networking state?
|
Twenty percent of the traffic on a network segment stays local, while 80 percent of it
travels across the network. |
|
Where does a collision domain exist in a switched network?
|
On a single switch port
|
|
Where does a broadcast domain exist in a switched network?
|
On a single VLAN
|
|
What is a VLAN primarily used for?
|
To segment a broadcast domain
|
|
In which OSI layer should devices in the distribution layer typically operate?
|
Layer 3
|
|
How many layers are recommended in the hierarchical campus network design model?
|
3
|
|
A hierarchical network’s distribution layer aggregates which of the following?
|
Access layer switches
|
|
What might make a Catalyst 2950 a good choice for use in a wiring closet?
|
high density of 10/100 ports
|
|
In Multilayer switching, what hardware/software provides the Layer 3 routing function?
|
Cisco Express Forwarding (CEF)
|
|
Traffic destined for a specific set or group of users, regardless of their location on the campus network
is called what? |
Multicast traffic
|
|
The new model of campus traffic has become known as what?
|
The 20/80 rule
|
|
Which Hierarchical Network Design layer includes devices with low cost per switch port,
high port density, scalable uplinks to higher layers, user access functions such as VLAN membership, traffic and protocol filtering? |
Access layer
|
|
Which Hierarchical Network Design layer includes High Layer 3 throughput for packet handling, Security and policy-based connectivity functions through access lists or packet filters, QoS features,
and Scalable and resilient high-speed links to the core and access layers? |
Distribution Layer
|
|
Which Hierarchical Network Design layer includes Very high throughput at Layer 2 or Layer 3, No costly or unnecessary packet manipulations (access lists, packet filtering), Redundancy and resilience for high availability and Advanced QoS functions?
|
core layer
|
|
What is the purpose of breaking a campus network down into a hierarchical design?
|
To make the network predictable and scalable
|
|
What are the components of a typical switch block?
|
access layer and distribution layer switches
|
|
What are two types of core, or backbone, designs?
|
Dual core and collapsed core
|
|
In a properly designed hierarchical network, a broadcast from one PC will be confined to what?
|
One switch block
|
|
What is the maximum number of access layer switches that can connect into a single
distribution layer switch? |
Limited only by the number of ports on the distribution switch
|
|
A switch block should be sized according to what two details?
|
A study of the traffic patterns and flows and the number of access layer users
|
|
How many distribution switches should be built into each switch block?
|
2
|
|
You can divide enterprise campus networks into what two basic elements?
|
Switch block and Core block
|
|
A group of access layer switches together with their distribution switches is called what?
|
A switch block
|
|
A group of enterprise servers along with their access and distribution (layer) switches is called what?
|
Server Farm block
|
|
A group of network management resources along with their access and distribution switches is called what?
|
Management block
|
|
A collection of services related to external network access, along with their access and distribution switches is called what?
|
Enterprise Edge block
|
|
The external network services contracted or used by the
enterprise network; these are the services with which the enterprise edge block interfaces. What is this called? |
Service Provider Edge block
|
|
What type of core block is one where the hierarchy’s core layer is combined into the distribution layer?
|
Collapsed core block
|
|
In what type of core block are the distribution and core layers separate?
|
Dual core block
|
|
What device performs transparent bridging?
|
Layer 2 switch
|
|
When a PC is connected to a Layer 2 switch port, how far does the collision domain spread?
|
1 switch port
|
|
What information is used to forward frames in a Layer 2 switch?
|
destination MAC address
|
|
What does a switch do if a MAC address can’t be found in the CAM table?
|
The switch floods the frame out all ports (except the receiving port).
|
|
In the Catalyst 6500, frames can be filtered with access lists for security and QoS purposes. This filtering occurs at the same time as what?
|
Simultaneously with a CAM table lookup
|
|
In a switch, access list contents are compiled and merged into what?
|
The TCAM table
|
|
Multilayer switches using CEF are based on what switching technique?
|
Topology-based switching
|
|
In a switch, frames are placed in which buffer after forwarding decisions are made?
|
Egress queue
|
|
What size are the mask and pattern fields in a TCAM entry?
|
134 bits
|
|
Access list rules are compiled as TCAM entries. When a packet is matched against an access list, in what order are the TCAM entries evaluated?
|
All entries are evaluated in parallel.
|
|
Which Catalyst 3550 command can you use to display the addresses in the CAM table?
|
show mac address-table
|
|
CEF builds Layer 3 destination information from routing tables and Layer 2 data. Where is this information stored?
|
This information is stored in hardware as a Forwarding Information Base (FIB) table.
|
|
Multilayer switches can make many policy decisions in parallel using what?
|
The Ternary Content
Addressable Memory (TCAM) contents. |
|
In a CEF switch, access lists for security (traditional router ACLs and VLAN ACLs) and QoS ACLs are compiled or merged into what?
|
TCAM entries. These access lists can then be processed on each packet that passes through the switch, as a single table lookup.
|
|
As a packet exits a multilayer switch, it must be rewritten so that its header and checksum values are valid. The fields in the original packet that the switch updates are what?
|
— Source MAC address becomes the Layer 3 switch MAC address.
— Destination MAC address becomes the next-hop MAC address. — IP TTL value is decremented by one. — IP checksum is recomputed. — Ethernet frame checksum is recomputed. |
|
What command is used to set the CAM table aging time?
|
mac address-table aging-time [seconds]
|
|
What command is used to configure a static CAM entry?
|
mac address-table static [mac-address] vlan [vlan-id] interface [type mod/num]
|
|
What command is used to clear a CAM table entry.
|
clear mac address-table dynamic
|
|
What command is used to set privileged level password to level 15?
|
enable password level 15 [password]
|
|
What command is used to view the CAM table?
|
show mac address-table dynamic
|
|
What command is used to view the CAM table size?
|
show mac address-table count
|
|
What command is used to view TCAM resource information?
|
show tcam counts
|
|
By default, how long are CAM table entries kept before they are aged out?
|
300 seconds
|
|
A TCAM lookup involves which 3 values?
|
mask, value and result
|
|
How many table lookups are required to find a MAC address in the CAM table?
|
1
|
|
How many table lookups are required to match a packet against an access list that has been compiled into 10 TCAM entries?
|
1
|
|
How many value patterns can a TCAM store for each mask?
|
8
|
|
Can all packets be switched in hardware by a multilayer switch?
|
No; some must be flagged for process switching by the switch CPU.
|
|
Multilayer switches must rewrite which 3 portions of an Ethernet frame?
|
Source and destination MAC addresses
IP time-to-live Checksums |
|
If a station only receives Ethernet frames and doesn’t transmit anything, how will a switch learn of its location?
|
You must configure a static CAM entry with the station’s MAC address and the switch port
where it is located. Otherwise, the switch must flood each and every frame destined for that host out every switch port in an effort to find it. |
|
What is a TCAM’s main purpose?
|
To process access lists as a single table lookup
|
|
Why do the TCAM mask and pattern fields consist of so many bits?
|
So that a combination of several address fields in a frame can be inspected at once
|
|
In a multilayer switch with a TCAM, a longer access list (more ACEs or statements) takes longer to process for each frame. True or false?
|
False
|
|
A multilayer switch receives a packet with a certain destination IP address. Suppose the switch
has that IP address in its Layer 3 forwarding table, but no corresponding Layer 2 address. What vhappens to the packet next? |
The switch CPU sends an ARP request.
|
|
If a multilayer switch can’t support a protocol with CEF, it relies on fallback bridging. Can the switch still route that traffic?
|
No. That traffic is transparently bridged. An external multilayer switch or router is required to take the bridged packets and route them.
|
|
To configure a static CAM table entry, the mac address-table static mac-address command is used. Which two other parameters must also be given?
|
vlan [vlan-id]
interface [type mod/num] |
|
What portion of the TCAM is used to evaluate port number comparisons in an access list?
|
LOU
|
|
Someone has asked you where the host with MAC address 00-10-20-30-40-50 is located.
Assuming you already know the switch it is connected to, what command can you use to find it? |
show mac address-table dynamic address 0010.2030.4050
|
|
What protocol is used to advertise CAM table entries among neighboring switches?
|
None; the entries are not advertised.
|
|
When a frame arrives at a switch port where is it placed?
|
In the ingress queue
|
|
In a switch, the Layer 2 forwarding table is called what?
|
CAM table
|
|
Catalyst switches support what two basic generations or types of MLS?
|
route caching and topology based
|
|
Where does Cisco Express Forwarding (CEF) download the current routing table database?
|
into the Forwarding
Information Base (FIB) |
|
What is the L3 Forwarding Table in a switch called?
|
The FIB table
|
|
All Catalyst switch models use what table for Layer 2 switching?
|
a Content Addressable Memory (CAM)
|
|
By default, idle CAM table entries are kept for 300 seconds before they are deleted. You can change the default setting using what command?
|
mac address-table aging-time [seconds]
|
|
After an access list has been created or configured, what software compiles, or merges, the ACEs into entries in the TCAM table?
|
Feature Manager software
|
|
What software configures or tunes the TCAM partitions,
if needed? |
The SDM software
|
|
TCAM entries are composed of what combinations?
|
Value, Mask, and Result (VMR)
|
|
What is the name for the operating system available on Cisco Catalyst 3550, 4500, and
6500 family switches? |
Cisco IOS
|
|
Which user interface mode allows the greatest authority for making configuration changes?
|
Privileged EXEC (enable) mode
|
|
To configure a password for Telnet access to a switch, what must the password be applied to?
|
line vty 0 15
|
|
Which protocol is used to exchange information between connected Cisco neighbors?
|
CDP
|
|
Cisco Discovery Protocol is sent over which OSI layer?
|
Layer 2
|
|
Which Catalyst file system contains the running IOS software image?
|
Flash
|
|
Which command saves newly made configuration changes so they will be automatically used after the next switch reload?
|
copy running-config startup-config
|
|
What command can you use to view information received from a neighboring Cisco switch, including its version of IOS?
|
show cdp neighbors detail
|
|
What command is used to set the privileged level password?
|
enable secret [password]
|
|
What command is used to copy a file between Flash and a TFTP server?
|
copy flash:[filename] tftp:
|
|
What command is used to clear Flash contents?
|
erase flash:
-OR- format flash: |
|
What command is used to save the running configuration?
|
copy running-config startup-config
|
|
What command is used to display the current running environment and IOS version?
|
show version
|
|
What command is used to display the running configuration?
|
show running-config
|
|
What command is used to display the permanent configuration?
|
show startup-config
-OR- show config |
|
What command is used to display all technical support information?
|
show tech-support
|
|
How often are CDP announcements sent?
|
Every 60 seconds
|
|
What command can you use to verify CDP configuration on switch port GigabitEthernet 3/1?
|
shop cdp interface gi 3/1
|
|
What mode are you in with the following command line prompt:
Switch# |
Privileged EXEC or enable mode
|
|
What mode are you in with the following command line prompt:
Switch(config)# |
Global configuration mode
|
|
What mode are you in with the following command line prompt:
Switch(config-if)# |
Interface configuraion mode
|
|
What mode are you in with the following command line prompt:
Switch> |
Normal user EXEC mode
|
|
To change the host or system name, you enter what command in configuration mode?
|
Switch(config)# hostname [hostname]
|
|
By default, a switch allows user access only via what?
|
the console port
|
|
CDP frames are sent as multicasts, using a
destination MAC address of what? |
01:00:0c:cc:cc:cc
|
|
To manually enable CDP on an
interface, you use what interface configuration command? |
Switch(config-if)# [no] cdp enable
|
|
What is the nonvolatile memory present in the switch? Files stored here remain intact even after a power cycle.
|
Flash
|
|
Nonvolatile memory that contains the switch configuration used during bootup is called what?
|
NVRAM
|
|
What does the IEEE 802.3 standard define?
|
Ethernet
|
|
At what layer are traditional 10 Mbps Ethernet, Fast Ethernet, and Gigabit Ethernet the same?
|
Layer 2
|
|
At what layer are traditional 10 Mbps Ethernet, Fast Ethernet, and Gigabit Ethernet different?
|
Layer 1
|
|
What is the maximum cable distance for a Category 5 100BASE-TX connection?
|
100 meters
|
|
Where is Cisco Long Reach Ethernet typically used?
|
In a multitenant building
|
|
What is the maximum length of a Cisco LRE connection?
|
5000 feet
|
|
Ethernet autonegotiation determines which of the following?
|
duplex mode
|
|
What cannot be determined by an ethernet port if the far end of a connection doesn’t support autonegotiation?
|
duplex
|
|
What type of cable should you use to connect two switches back-to-back using their
FastEthernet 10/100 ports? |
Crossover cable
|
|
If a switch port is in the “errdisable” state, what is the first thing you should do?
|
Determine the cause of the problem.
|
|
What is the IEEE name for fast ethernet?
|
802.3u
|
|
What is the IEEE name for gigabit ethernet on fiber?
|
802.3z
|
|
What is the IEEE name for gigabit ethernet on copper?
|
802.3ab
|
|
What is the IEEE name for 10 gigabit ethernet?
|
802.3ae
|
|
What command is used to select multiple switch ports for configuration?
|
interface
range [type module/first-number – last-number] |
|
What command is used to give a name to a port?
|
description [description-string]
|
|
What command is used to set port speed?
|
speed [10 | 100 | 1000 | auto]
|
|
What command is used to set port mode?
|
duplex [auto | full | half]
|
|
When a 10/100 Ethernet link is autonegotiating, which will be chosen if both stations can
support the same capabilities—10BASE-T full duplex, 100BASE-TX half duplex, or 100BASE-TX full duplex? |
100BASE-TX full duplex will be chosen because it has the highest autonegotiation priority and is common to both end stations.
|
|
How many pairs of copper wires does a 1000BASET connection need?
|
4 pairs
|
|
Which GBIC would you use for a connection over multimode fiber (MMF)?
|
You could use either a 1000BASE-SX or a 1000BASE-LX/LH.
|
|
A Category 5 cable having only pins 1,2 and 3,6 has been installed and used for a Fast Ethernet
link. Can this same cable be used for a migration to Gigabit Ethernet using 1000BASE-T GBICs, assuming the length is less than 100 meters? |
No. 1000BASE-T requires all four pairs of wires to be present.
|
|
What types of Ethernet are commonly used to connect geographically separate locations?
|
Metro Ethernet, transported over facilities contracted from a service provider
|
|
What form of Metro Ethernet allows several enterprise VLANs to be transported between locations—TLS or DVS?
|
Directed VLAN Service (DVS)
|
|
What one switch command will select Fast Ethernet interfaces 4/1 through 48 for a common configuration?
|
interface range fastethernet 4/1 - 48 (Don’t forget spaces around the dash.)
|
|
What command can you use to make sure that no switch ports are automatically shut down in an errdisable state for any reason?
|
no errdisable detect cause all
|
|
In which Metro Ethernet deployment are all of a customer’s connected sites appear as a single common VLAN (broadcast domain)?
|
Transparent LAN Service (TLS)
|
|
In which Metro Ethernet deployment can a customer’s VLANs be connected wherever they exist, rather than everywhere. This allows one VLAN to be connected between two sites while another VLAN connects to two other sites, and so on. A customer is allowed to have multiple
VLANs transported by the service provider network. |
Directed VLAN Service (DVS)
|
|
In what technology does A single fiber connection transports many different Gigabit Ethernet datastreams by placing each within a
different wavelength (represented by the Greek letter lambda λ) of light? |
Dense Wave Division Multiplexing (DWDM)
|
|
In what technology does A single fiber connection transports up to 8 different Gigabit Ethernet datastreams by placing each within a
different wavelength (represented by the Greek letter lambda λ) of light? |
Coarse Wave Division Multiplexing (CWDM)
|
|
Catalyst switch families use what to make the console connection between a PC (or terminal or modem) and the console port.
|
an RJ-45-to-RJ-45 rollover cable
|
|
What GBIC provides short wavelength connectivity using SC fiber connectors and MMF
for distances up to 550 meters (1804 feet)? |
1000BASE-SX GBIC
|
|
What GBIC provides long wavelength/long haul connectivity using SC fiber connectors and either MMF or single-mode fiber (SMF)?
|
1000BASE-LX/LH GBIC
|
|
What GBIC provides GBIC—extended distance connectivity using SC fiber connectors and SMF; works for distances up to 70 km, and even to 100 km when used with premium grade SMF?
|
1000BASE-ZX GBIC
|
|
What GBIC uses a proprietary connector with a high-data-rate copper cable with
enhanced signal integrity and electromagnetic interference (EMI) performance to provides a GBIC-to-GBIC connection between stacking Catalyst switches or between any two Gigabit switch ports over a short distance? |
GigaStack GBIC
|
|
What GBIC provides an RJ-45 connector for 4-pair UTP cabling; works for distances
up to 100 m (328 feet? |
1000BASE-T GBIC
|
|
A 10-Mbps Ethernet link (fixed speed) defaults to what duplex?
|
half duplex
|
|
A 100-Mbps Fast Ethernet (dual speed 10/100) link defaults to what duplex?
|
full duplex
|
|
What Cisco switch feature detects when a Spanning Tree bridge protocol data unit (BPDU) is received on
a port configured for STP portfast? |
bpduguard
|
|
What command is used to enable and use a switch port?
|
no shutdown
|
|
A VLAN is what kind of domain?
|
A broadcast domain
|
|
Switches provide VLAN connectivity at which layer of the OSI model?
|
Layer 2
|
|
What is needed to pass data between two PCs, each connected to a different VLAN?
|
A Layer 3 process on a switch or router
|
|
Which switch command is used to assign a port to a VLAN?
|
switchport access vlan [vlan-id]
|
|
What is the Cisco proprietary method for trunk encapsulation?
|
ISL
|
|
Which protocol dynamically negotiates trunking parameters?
|
DTP - Dynamic Trunking Protocol
|
|
How many different VLANs can an 802.1Q trunk support?
|
4,096
|
|
If two switches each support all types of trunk encapsulation on a link between them, which
one will be negotiated? |
ISL
|
|
What is the purpose of an 802.1Q tunnel?
|
To transport an 802.1Q trunk across a service provider network
|
|
Which VLAN trunk encapsulation method adds a 26-byte header, a 4-byte trailer to each frame, and includes a 10-bit VLAN ID?
|
ISL
|
|
Which VLAN trunk encapsulation method adds a 4-byte tag; includes a 12-bit VLAN ID
|
802.1Q
|
|
What two commands create a VLAN and name it?
|
vlan [vlan-num]
name [vlan-name] |
|
What three commands assign a port to a VLAN?
|
interface [type module/number]
switchport mode access switchport access vlan [vlan-num] |
|
What command is used to verify VLAN configuration?
|
show vlan id [vlan-id]
|
|
What command is used to verify active trunk parameters?
|
show interface [type mod/num]trunk
|
|
What command is used to verify DTP operation?
|
show dtp [interface type mod/num]
|
|
Name two types of VLANs in terms of spanning areas of the campus network.
|
Local VLAN
End-to-end VLAN |
|
What three switch commands would configure Fast Ethernet port 4/11 for VLAN 2?
|
interface fastethernet 4/11
switchport mode access switchport access vlan 2 |
|
What is the default VLAN on all ports of a Catalyst switch?
|
VLAN 1
|
|
What methods of Ethernet VLAN frame identification can be used on a Catalyst switch trunk?
|
802.1Q
ISL |
|
What is the difference between the two VLAN trunking methods? How many bytes are added to trunked frames for VLAN identification in each method?
|
ISL uses encapsulation and adds a 26-byte header and a 4-byte trailer. 802.1Q adds a
4-byte tag field within existing frames, without encapsulation. |
|
What is the purpose of Dynamic Trunking Protocol (DTP)?
|
DTP allows negotiation of a common trunking method between endpoints of a trunk link.
|
|
What commands are needed to configure a Catalyst switch trunk port Gigabit 3/1 to transport only VLANs 100, 200 through 205, and 300 using IEEE 802.1Q?
|
switchport trunk allowed vlan 100, 200-205, 300
|
|
Two neighboring switch trunk ports are set to the auto mode with ISL trunking encapsulation mode. What will the resulting trunk mode become?
|
Trunking will not be established at all. Both switches are in the passive auto state and are waiting to be asked to start the trunking mode. The link will remain an access link on both switches.
|
|
What is the command to configure the switch port to use DTP to actively ask the other end to become a trunk?
|
switchport mode dynamic desirable
|
|
Which command can set the native VLAN of a trunk port to VLAN 100 after the interface has been selected?
|
switchport trunk native vlan 100
|
|
What command can configure a trunk port to stop sending and receiving DTP packets
completely? |
switchport nonegotiate
|
|
What command can be used on a Catalyst switch to verify exactly what VLANs will be
transported over trunk link gigabitethernet 4/4? |
show interface gigabitethernet 4/4 switchport
-OR- show interface gigabitethernet 4/4 trunk |
|
What type of switch port must a customer present to a service provider if an IEEE 802.1Q tunnel is desired?
|
802.1Q trunk
|
|
A full Layer 2-only switched network is referred to as what?
|
a flat network topology.
|
|
What are the two VLAN membership methods exist on Cisco Catalyst switches?
|
static and dynamic
|
|
Which VLAN membership methods is port based?
|
static VLAN membership
|
|
What is the name of the VLAN database where VLAN information is automatically stored on a switch?
|
vlan.dat
|
|
What 3 commands are used to assign switc ports to VLANs?
|
Switch(config)# interface [type module/number]
Switch(config-if)# switchport mode access Switch(config-if)# switchport access vlan [vlan-num] |
|
What command outputs a list of all VLANs defined in the switch?
|
show vlan
|
|
What type of VLAN spans the entire switch fabric of a network?
|
end to end VLAN
|
|
Cisco supports trunking on what type of switch links?
|
Cisco supports trunking on both Fast Ethernet and Gigabit Ethernet switch links
|
|
VLAN identification can be performed using what two methods?
|
Inter-Switch Link (ISL) protocol and IEEE 802.1Q protocol
|
|
Which VLAN trunking method imbeds information into the frame?
|
802.1Q
|
|
How does ISL modify a frame?
|
ISL adds a 26-byte header and
a 4-byte trailer to the frame. |
|
How many bytes does ISL add to each frame?
|
ISL adds a total of 30 bytes to each frame
|
|
How many bytes does 802.1Q add to each frame?
|
802.1Q adds 4 bytes
|
|
Can a router participate in the DTP negotiation protocol?
|
No
|
|
Are switch ports enabled for trunking by default?
|
No, by default, all switch ports are non-trunking
|
|
What 5 commands are needed to set up a port as a trunk link?
|
interface [type mod/port]
switchport trunk encapsulation [isl | dot1q | negotiate] switchport trunk native vlan [vlan-id] switchport trunk allowed vlan [vlan-list | all | add | except | remove] vlan-list switchport mode [trunk | dynamic {desirable | auto}} |
|
Which command defines which VLANs can be trunked over the
link? |
switchport trunk allowed vlan
|
|
Which VLAN is the Cisco default, which carries control protocols such as CDP, VTP, and STP
|
VLAN 1
|
|
Which setting places a port in permanent trunking mode?
|
switchport mode trunk -
The port at the other end of the trunk should be similarly configured because negotiation is not allowed. You should also manually configure the encapsulation mode. |
|
Which switchport mode is the default for trunking?
|
dynamic desirable
|
|
In which switchport mode does the port actively attempts to convert the link into trunking
mode? |
dynamic desirable -
If the far-end switch port is configured to trunk, dynamic desirable, or dynamic auto mode, trunking is successfully negotiated. |
|
In which switchport mode does the port convert the link into trunking mode?
|
switchport mode dynamic auto - If the far-end switch port is
configured to trunk or dynamic desirable, trunking is negotiated. Because of the passive negotiation behavior, the link never becomes a trunk if both ends of the link are left to the dynamic auto default. |
|
How often are DTP frames rent out?
|
DTP frames are sent out every 30 seconds
|
|
What command disables DTP completely so that DTP frames are not exchanged?
|
switchport nonegotiate
|
|
what technique allows trunk tunneling to be accomplished across a service provider’s core network without 802.1Q
trunks? |
Ethernet over MPLS (EoMPLS)
|
|
What command puts a switch port into the tunnel mode?
|
switchport mode dot1qtunnel
|
|
What command is used o verify a VLAN’s configuration on a switch?
|
show vlan id [vlan]
|
|
Which VTP modes does not allow any manual VLAN configuration changes?
|
client mode
|
|
How many VTP management domains can a Catalyst switch participate in?
|
only 1
|
|
Which command configures a Catalyst 3550 for VTP client mode?
|
vtp mode client
|
|
What is the purpose of VTP pruning?
|
to limit the extent of broadcast traffic
|
|
Which VLAN number is never eligible for VTP pruning?
|
VLAN 1
|
|
If a VTP server is configured for VTP version 2, what else must happen for successful VTP
communication in a domain? |
All other switches in the domain must be version 2 capable.
|
|
What VTP modes can a Catalyst switch be configured for?
|
Server, client, and transparent modes.
|
|
Are VLANs advertised in VTP transparent mode?
|
No
|
|
Can VLANs be created in VTP transparent mode?
|
Yes
|
|
Can VLANs be created in VTP client mode?
|
No
|
|
How many VTP management domains can a Catalyst switch participate in?
|
A switch can be a member of only one VTP management domain.
|
|
On a VTP server switch, identify what you can do to reset the VTP configuration revision number to 0.
|
Set the VTP domain name to a bogus value and change it back OR Configure the switch for VTP transparent mode and then configure the switch back to server mode.
|
|
How can you clear the configuration revision number on a VTP client?
|
You can’t. The VTP client bases all VLAN and VTP information on advertisements from a VTP
server. Therefore, the configuration revision number on the client comes directly from the same number on the server. |
|
What command would be used to make all VLANs other than 30 and 100 eligible for pruning on a trunk interface?
|
switchport trunk pruning vlan except 30,100
|
|
Which VLAN numbers are never eligible for VTP pruning?
|
VLAN 1 and VLANs 1001 to 1005.
|
|
What does the acronym VTP stand for?
|
VLAN Trunking Protocol
|
|
What VTP domain name is defined on a new switch with no configuration?
|
A NULL or empty string. The switch defaults to server mode and will learn a VTP domain
name from the first VTP server heard on a trunk link. Otherwise, you must manually configure the domain name. |
|
What command will show information about the VTP configuration on a Catalyst 3550?
|
show vtp status
|
|
The VLAN Trunking Protocol (VTP)operates at what layer o the OSI model?
|
Layer 2
|
|
In how many VTP domains can a switch belong to?
|
A switch can belong to only one VTP domain
|
|
When a VLAN is added to a switch in a management
domain, other switches are notified of the new VLAN through what? |
a VTP advertisement
|
|
By default, a switch is in what VTP mode?
|
VTP server mode
|
|
VTP advertisements are sent as what type of frame?
|
multicast frames
|
|
The VTP advertisement process starts with what configuration revision number?
|
zero (0)
|
|
Can a VTP revision number be
altered by a power cycle of the switch? |
No, it is stored in NVRAM and is not altered by a power cycle of the switch
|
|
What are the three forms of VTP advertisements?
|
Summary advertisements
Subset advertisements Advertisement requests from clients |
|
When do VTP domain servers send summary advertisements?
|
every 300 seconds and every time a VLAN database change occurs.
|
|
For VLAN configuration changes, summary advertisements are followed
by what? |
one or more subset advertisements with more specific VLAN configuration data.
|
|
When do VTP domain servers send subset advertisements?
|
after a VLAN configuration change occurs.
|
|
What global configuration command is used to assign a switch to a VTP management
domain? |
Switch(config)# vtp domain [domain-name]
|
|
What command configures the VTP mode on a switch?
|
Switch(config)# vtp mode [server | client | transparent]
|
|
What is the default VTP protocol on a switch?
|
VTP version 1 is the default protocol on a switch.
|
|
The current VTP parameters for a management domain can be displayed with what command?
|
show vtp status
|
|
VTP message and error counters can be displayed with what command?
|
show vtp counters
|
|
VTP pruning makes more efficient use of trunk bandwidth by doing what?
|
by reducing unnecessary flooded traffic (broadcasts and unknown unicasts)
|
|
By default, is VTP pruning disabled or enabled on IOS-based switches?
|
disabled
|
|
To enable VTP pruning, use what global configuration command?
|
Switch(config)# vtp pruning
|
|
Does the the VTP password on one switch have to match others in the VTP domain?
|
Yes
|
|
If Fast Ethernet ports are bundled into an EtherChannel, what is the maximum throughput
supported on a Catalyst switch? |
1600 Mbps
|
|
What type of interface represents an EtherChannel as a whole?
|
Port-channel
|
|
The EtherChannel load-balancing method can be set how?
|
globally per switch
|
|
What logical operation is performed to calculate EtherChannel load balancing as a function of two addresses?
|
XOR
|
|
When would PagP’s “desirable silent” mode be useful?
|
When the switch should not expect to receive PAgP frames
|
|
Which EtherChannel mode does not send or receive any negotiation frames?
|
channel-group 1 mode on
|
|
Which command can be used to see the status of an EtherChannel’s links?
|
show etherchannel summary
|
|
How many links can be aggregated into an EtherChannel?
|
2-8
|
|
What are the two main benefits of an EtherChannel?
|
Increased bandwidth
Link redundancy |
|
Traffic between two hosts will be distributed across all links in an EtherChannel. True or false?
|
False
|
|
Which three methods can you use to distribute traffic in an EtherChannel?
|
MAC address
IP address Layer 4 port |
|
What protocols can negotiate an EtherChannel between two switches?
|
PAgP
LACP |
|
Suppose a switch at one end of an EtherChannel is configured to use source MAC addresses for load balancing. The switch on the other end is configured to use both source and destination IP addresses. What will happen?
|
The EtherChannel will successfully transport traffic between the two switches. However, the
traffic load will not be distributed evenly or symmetrically across the links in the channel. |
|
What does the acronym PAgP stand for?
|
Port Aggregation Protocol
|
|
Two switches should be configured to negotiate an EtherChannel. If one switch is using PAgP “auto” mode, what should the other switch use?
|
PAgP “desirable” mode
|
|
What interface configuration command is needed to select LACP as the EtherChannel
negotiation protocol? |
channel-protocol lacp
|
|
What command could you use to see the status of every port in an EtherChannel?
|
show etherchannel summary
|
|
What command could you use to verify the hashing algorithm used for EtherChannel load
balancing? |
show etherchannel load-balance
|
|
What five attributes of a set of switch ports must match to form an EtherChannel?
|
Port speed
Port duplex Trunking mode Trunking encapsulation Access or native VLAN |
|
What command would be used to select an EtherChannel load-balancing method for a switch?
|
port-channel load-balance [method]
|
|
What two commands would be used use a PAgP mode on an interface and set up an EtherChannel?
|
channel-protocol pagp
channel-group [number] mode [on | auto | desirable] |
|
What command is used to configure frame distribution
for all EtherChannel switch links? |
Switch(config)# port-channel load-balance [method]
|
|
What commandis used to verify how effective a configured load-balancing method for EtherChannel is performing?
|
The show etherchannel port-channel command. Each link in the channel will be displayed,
along with a “Load” value. |
|
What does LACP stand for?
|
Link Aggregation Control Protocol (LACP), it is a standards-based method of creating an EtherChannel
|
|
What EtherChannel mode does not send or receive PAgP or LACP packets?
|
on mode
|
|
What EtherChannel mode attempts to ask the far end to bring up a channel?
|
EtherChannel desirable (PAgP) or active (LACP) mode attempts to ask the far end to bring up a channel. Therefore, the other end must be set to either desirable or auto mode.
|
|
What EtherChannel mode mode participates in the channel protocol, but only if the far end asks for participation?
|
EtherChannel auto (PAgP) or passive (LACP) mode participates in the channel protocol, but only if the far end asks for participation. Two switches in the auto or passive mode will not form an EtherChannel.
|
|
What command is used to verify the EtherChannel state?
|
show etherchannel summary
|
|
What command is used to verify the EtherChannel channel negotiation mode?
|
show etherchannel port
|
|
What command is used to show detailed status about each EtherChannel component?
|
show etherchannel detail
|
|
How is a bridging loop best described?
|
A loop formed between switches where frames circulate endlessly
|
|
Configuration BPDUs are originated by what?
|
Only the Root Bridge switch
|
|
What is the single most important design decision to be made in a network running STP?
|
Root Bridge placement
|
|
What happens to a port that is neither a Root Port nor a Designated Port?
|
It is put into the Blocking state.
|
|
What is the maximum number of Root Ports that a Catalyst switch can have?
|
1
|
|
What mechanism is used to set STP timer values for all switches in a network?
|
Configuring the timers on the Root Bridge switch.
|
|
If a switch port is in this STP state, MAC addresses can be placed into the CAM table, but no data can be sent or received?
|
Learning
|
|
What is the default “hello” time for IEEE 802.1D?
|
2 seconds
|
|
If a switch has 10 VLANs defined and active, how many instances of STP will run using PVST+ versus CST?
|
10 for PVST+, 1 for CST
|
|
What are the five STP states?
|
disabled, blocking, listening, learning, forwarding
|
|
In what STP port state can a port receive BPDUs but cannot send or receive data or learn MAC addresses?
|
blocking
|
|
In what STP port state can a port send and receive BPDUs but cannot send or receive data or learn MAC addresses?
|
Listening
|
|
In what STP port state can a port send and receive BPDUs
and learn MAC addresses but cannot send or receive data? |
Learning
|
|
In what STP port state can a port send and receive BPDUs,
learn MAC addresses, and send and receive data? |
Forwarding
|
|
In spanning tree, which bridge becomes the root bridge?
|
Bridge with Lowest Bridge ID
|
|
In spanning tree, which port becomes the root port?(one per switch)
|
Port with the lowest Root Path Cost
|
|
What is the STP port path cost for 4 Mbps?
|
250
|
|
What is the STP port path cost for 10 Mbps?
|
100
|
|
What is the STP port path cost for 16 Mbps?
|
62
|
|
What is the STP port path cost for 45 Mbps?
|
39
|
|
What is the STP port path cost for 100 Mbps?
|
19
|
|
What is the STP port path cost for 1 Gbps?
|
4
|
|
What is the STP port path cost for 10 Gbps?
|
2
|
|
What is the default value for STP forward delay?
|
15 seconds
|
|
What is the default value for STP max age?
|
20 seconds
|
|
What is the time spent in Listening and Learning states before transitioning
toward Forwarding state in STP called? |
forward delay (15 seconds)
|
|
What is the maximum length of time a BPDU can be stored without receiving an update called?
|
max age (20 seconds)
|
|
What type of spanning tree has one instance of STP, over the native VLAN; 802.1Q-based?
|
CST (common spanning tree)
|
|
What type of spanning tree has one instance of STP per VLAN; Cisco ISL-based?
|
PVST
|
|
What type of spanning tree provides interoperability between CST and PVST; operates over both 802.1Q and ISL?
|
PVST+
|
|
What are two types of STP messages used to communicate between bridges?
|
Configuration BPDU
ACK BPDU |
|
In STP, what criteria are used to select the Root Bridge?
|
Lowest Bridge ID (Bridge priority, MAC address)
|
|
In STP, what criteria are used to select the Root Port?
|
Lowest Root Path Cost
|
|
In STP, what criteria are used to select the Designated Port?
|
Lowest Root Path Cost on a shared segment
|
|
A Root Bridge has been elected in a switched network. Suppose a new switch is installed with a lower Bridge ID than the existing Root Bridge. What will happen?
|
The new switch will begin life by advertising itself as the Root Bridge, thinking it is the only bridge on the network. Because it has a lower Bridge ID than the current Root, it will win the
election after the BPDUs converge and all switches have a knowledge of the new, better choice. |
|
Suppose a switch receives Configuration BPDUs on two of its ports. Both ports are assigned to the same VLAN. Each of the BPDUs announces Catalyst A as the Root Bridge. Can the switch use both of these ports as Root Ports? Why?
|
The STP doesn’t allow more than one Root Port per switch (bridge). Because of this, both ports cannot become Root Ports. Only the port with the lowest Root Path Cost (or one of the successive STP tie-breaker decisions) will become the Root Port.
|
|
What parameters can be tuned to influence the selection of a port as a Root or Designated Port?
|
Port Cost
|
|
Using the default STP timers, how long does it take for a port to move from the Blocking state to the Forwarding state?
|
30 seconds
|
|
Over what VLAN(s) does the CST form of STP run?
|
The native VLAN
|
|
What is the major difference between PVST and PVST+?
|
PVST+ interoperates with CST and PVST.
|
|
STP data messages are exchanged in the form of what?
|
BPDUs (bridge protocol data units)
|
|
BPDU frames have a destination address of what well-known STP multicast
address? |
01-80-c2-00-00-00
|
|
What two types of BPDUs exist?
|
Configuration BPDU, used for Spanning Tree computation and Topology Change Notification (TCN) BPDU, used to announce changes in the network
topology |
|
The Bridge ID is an 8-byte value consisting of
what fields? |
Bridge priority (2 bytes) and MAC address (8 bytes)
|
|
On a switch running STP, the one port that has the best path to the Root Bridge is called what?
|
The root port
|
|
The time interval that a switch stores a BPDU before discarding it is called what?
|
Max Age (20 seconds)
|
|
Default STP timer values are based on what network diameter?
|
7 switches
|
|
In STP, to announce a change in the active network topology, switches send out what?
|
TCN BPDUs (Topology Change Notification BPDUs)
|
|
Where should the Root Bridge be placed on a network?
|
Closest to the center of the network
|
|
What can happen as a result of a poorly placed Root Bridge in a network?
|
STP topology can take unexpected paths.
|
|
What should you change to make a switch become a Root Bridge?
|
Bridge Priority
|
|
What is the default STP Bridge Priority on a Catalyst switch?
|
32,768
|
|
What command can make a switch become the Root Bridge for VLAN 5, assuming that all switches have the default STP parameters?
|
spanning-tree vlan 5 priority 100
(something less than 32,768) |
|
What is the default Path Cost of a Gigabit Ethernet switch port?
|
4
|
|
What command can change the Path Cost of interface Gigabit Ethernet 3/1 to a value of 8?
|
spanning-tree cost 8
|
|
What happens if the Root Bridge switch and another switch are configured with different STP hello timer values?
|
The other switch changes its hello timer to match the Root Bridge.
|
|
What network diameter value is the basis for the default STP timer calculations?
|
7
|
|
Where should the STP PortFast feature be used?
|
An access layer switch port connected to a PC
|
|
Where should the STP UplinkFast feature be enabled?
|
An access layer switch
|
|
If used, the STP BackboneFast feature should be enabled where?
|
all switches in the network
|
|
What command is used to enable STP?
|
spanning-tree [vlan-id]
|
|
What command is used to set bridge priority for STP?
|
spanning-tree vlan [vlan-id]priority [bridge-priority]
|
|
What command is used to set port cost for STP?
|
spanning-tree [vlan vlan-id] cost [cost]
|
|
What commands are used to set the three STP timers?
|
spanning-tree [vlan vlan-id] hello-time [seconds]
spanning-tree [vlan vlan-id] forward-time [seconds] spanning-tree [vlan vlan-id] max-age [seconds] |
|
What command is used to set PortFast on an interface?
|
spanning-tree portfast
|
|
What command is used to set UplinkFast on a switch?
|
spanning-tree uplinkfast
|
|
What command is used to set BackboneFast on a switch?
|
spanning-tree backbonefast
|
|
What STP timer values can be automatically modified by setting the network diameter?
|
Hello timer
Forward Delay timer Max age timer |
|
Which STP timer determines how long a port stays in the Listening state? What is its default value?
|
The Forward Delay timer; default 15 seconds
|
|
What is the purpose of the Max Age timer?
|
It sets the length of time received BPDUs are held if a neighboring switch is not heard from on a nondesignated port. After the Max Age timer expires, the BPDU for the neighbor is flushed
and that port enters the Listening state, eventually becoming the new Designated Port on the segment. |
|
What command can enable the STP PortFast feature on a switch? What configuration mode
must you enter first? |
spanning-tree portfast, in the interface configuration mode
|
|
To prevent STP surprises you should always do what two things?
|
(1) Configure one switch as a Root Bridge in a determined fashion and (2) Configure another switch as a secondary Root Bridge in case of primary Root Bridge failure.
|
|
What command is used to change the STP bridge priority for an switch?
|
Switch (config)# spanning-tree vlan [vlan-id] priority [bridge-priority]
|
|
What command is used to let a switch become an STP Root by automatically choosing a Bridge Priority value?
|
Switch(config)# spanning-tree vlan [vlan-id] root {primary | secondary}
|
|
Which STP feature enables fast connectivity to be established on access layer switch ports to workstations that are booting up?
|
PortFast
|
|
Which STP feature enables fast uplink failover on an access layer switch when dual uplinks are connected into the distribution layer?
|
UplinkFast
|
|
Which STP feature enables fast convergence in the network backbone (core) after a Spanning Tree topology change occurs?
|
BackboneFast
|
|
PortFast shortens what two STP states?
|
15 seconds Listening to Learning and 15 seconds Learning to Fowarding
|
|
What command is used to view all possible STP parameters for all VLANs and ports?
|
show spanning-tree
|
|
Why is it important to protect the placement of the Root Bridge?
|
To keep the STP topology stable
|
|
Which feature protects a switch port from accepting superior BPDUs?
|
STP root guard
|
|
Which command can you use to enable STP root guard on a switch port?
|
spanning-tree guard root
|
|
Where should the STP root guard feature be enabled on a switch?
|
Only ports where the Root Bridge should never appear
|
|
Whiich feature protects a switch port from accepting BPDUs when PortFast is
enabled? |
STP BPDU guard
|
|
Which feature can you use to identify when BPDUs are delayed as they pass through the topology?
|
BPDU skew detection
|
|
To maintain a loop-free STP topology, what should a switch uplink be protected against?
|
A sudden loss of BPDUs
|
|
What command can enable STP loop guard on a switch port?
|
spanning-tree guard loop
|
|
STP loop guard detects which condition?
|
The sudden lack of BPDUs
|
|
Which STP feature can actively test for the loss of the receive side of a link
between switches? |
UDLD
|
|
UDLD must detect a unidirectional link before what can happen?
|
STP moves the link to the forwarding state
|
|
What must a switch do when it receives a UDLD message on a link?
|
Echo the message back across the link.
|
|
What command is used to enable root guard on an interface?
|
spanning-tree guard root
|
|
What command is used to enable BPDU guard on an interface?
|
spanning-tree bpduguard enable
|
|
What command is used to enable loop guard on an interface?
|
spanning-tree guard loop
|
|
What command is used to globally enable UDLD?
|
udld [aggressive | enable | message time]
|
|
What command is used to look for ports that have been put in an inconsistent STP state?
|
show spanning-tree inconsistentports
|
|
What command is used to show UDLD status?
|
show udld [type mod/num]
|
|
What command is used to re-enable all ports that UDLD has
errdisabled? |
udld reset
|
|
Where should you apply root guard?
|
Apply to ports where root is never expected.
|
|
What condition must be met to keep a switch port in the blocking state?
|
A constant flow of BPDUs. Without them, the switch thinks there is no need to block the port any longer.
|
|
If a switch port is shown to be in the root-inconsistent state, what has happened on it?
|
Root guard has detected someone advertising a BPDU that is superior to the current Root Bridge.
|
|
When root guard has been triggered on a switch port, what must be done to enable the port for use again?
|
Root guard will automatically allow the port to be moved through the STP states as soon as the superior BPDUs are no longer received.
|
|
When BPDU guard is enabled on a switch port, what state will the port be put in if a BPDU is received on it?
|
errdisable
|
|
When BPDU guard has been triggered on a switch port, what must be done to enable the port for use again?
|
If the errdisable timeout feature has been enabled, the switch will automatically put the switch port back into service after a set amount of time. Otherwise, the port will remain disabled until
you manually enable it again. |
|
What can happen if BPDUs are delayed or “skewed” as they pass along from switch to switch?
|
A blocking link can be moved to forwarding, creating a bridging loop, if BPDUs are delayed or dropped.
|
|
What action does BPDU skew detection take when late BPDUs are detected?
|
None, other than generating a syslog message to alert someone of the skewed condition.
|
|
When loop guard is enabled on a switch port, what state will the port be put in if BPDUs are noted to be missing?
|
loop-inconsistent
|
|
Can STP loop guard be enabled on all switch ports?
|
Yes; only the non-designated ports will be affected by loop guard.
|
|
When UDLD is enabled on a switch port, what else must be done to detect a unidirectional link on the port?
|
Enable UDLD on the far-end switch on the same link.
|
|
What is the difference between the UDLD normal and aggressive modes?
|
Normal mode detects a unidirectional link condition and reports it. Aggressive mode detects the
condition, reports it, and moves the port to the errdisable state so that it can’t be used. |
|
What command enables UDLD aggressive mode on a switch interface?
|
udld aggressive
|
|
If two switches enable UDLD on the ports that have a common link, do their UDLD message times have to agree?
|
No. The UDLD messages are just echoed back, so the message times are only locally
significant. |
|
UDLD should be used on switch ports with what type of media?
|
Fiber-optic media
|
|
Can UDLD be used on all switch ports without causing problems?
|
Yes, although it is needed only on all fiber-based ports. The device on the far end of the port
connection must also support UDLD so that UDLD messages can be echoed back to the switch. |
|
What command would be used to display all ports that are disabled due to STP protection
features? |
show spanning-tree inconsistentports
|
|
In STP, which switch port is the one port on a switch that is closest (lowest Root Path Cost) to the Root Bridge?
|
root port
|
|
In STP, which switch port is the port on a LAN segment that is closest to the Root; this port relays, or
transmits, BPDUs on down the tree? |
designated port
|
|
In STP, which switch ports are ports that are neither Root nor Designated Ports?
|
blocking ports
|
|
In STP, which switch ports are candidate Root Ports (they are also close to the Root Bridge) but are in the blocking state; these ports are identified for quick use by the STP UplinkFast
feature? |
alternate ports
|
|
In STP, which switch portds have no STP activity; these are ports with normal end user connections?
|
forwarding ports
|
|
The one central source of BPDUs in an STP domain is what?
|
The root bridge
|
|
BPDUs are regularly sent out when?
|
Every two seconds
|
|
Upon which standard is RSTP based?
|
802.1w
|
|
When a switch running RSTP receives an 802.1D BPDU, what happens?
|
The switch begins to use 802.1D rules on that port.
|
|
When does an RSTP switch consider a neighbor to be down?
|
After three BPDUs are missed
|
|
Which process is used during RSTP convergence?
|
Synchronization
|
|
What causes RSTP to view a port as a point-to-point port?
|
Port duplex
|
|
What event triggers a topology change with RSTP on a nonedge port?
|
A port moves to the forwarding state.
|
|
What standard defines the MST protocol?
|
802.1s
|
|
How many instances of STP are supported in the Cisco implementation of MST?
|
16
|
|
What switch command can be used to change from PVST+ to MST?
|
spanning-tree mode mst
|
|
What are the four RSTP port roles?
|
Root Port
Designated Port Alternate Port Backup Port |
|
What are the three RSTP port states?
|
Discarding
Learning Forwarding |
|
Which STP instance involved with MST is used to maintain a single loop-free topology for the entire network?
|
CST (common spanning tree)
|
|
Which STP instance involved with MST is used like CST to maintain a single, loop-free topology inside an MST region?
|
Internal Spanning Tree (IST)
|
|
Which STP instance involved with MST is used inside an MST region to maintain loop-free topologies for sets of mapped VLANs?
|
MST Instances (MSTIs)
|
|
What command is used to enable MST on a switch?
|
spanning-tree mode mst
|
|
What command is used to enter MST configuration mode?
|
spanning-tree mst configuration
|
|
What command is used to name the MST region?
|
name [name]
|
|
What command is used to map VLANs to an MST instance?
|
instance [instance-id] vlan [vlan-list]
|
|
What command is used to confirm new MST configuration changes?
|
show pending
|
|
In RSTP, can a switch port be a Designated Port and be in the Discarding state?
|
Yes; RSTP removes the linkage between a port’s role and its state. In 802.1D, a Designated Port must be forwarding, but RSTP doesn’t make the same requirement.
|
|
What two messages must be exchanged during RSTP synchronization?
|
Proposal and Agreement
|
|
In RSTP, after an agreement message is received from a neighboring switch, how much time elapses
before the port can begin forwarding? (Consider any timers that must expire or other conditions that must be met.) |
The port will be moved to the Forwarding state immediately after the agreement message is
received. With RSTP, no other conditions are necessary because two switches have completed a quick handshake by exchanging proposal and agreement messages. |
|
In RSTP, after a switch receives news of a topology change, how long does it wait to flush entries out of
its CAM table? |
The switch flushes entries immediately, rather than employing the timer reduction that 802.1D uses.
|
|
What command configures a port as an RSTP edge port?
|
spanning-tree portfast
|
|
Suppose interface FastEthernet 0/1 is in half-duplex mode, but you want it to be considered a
point-to-point link for RSTP. What command will accomplish this? |
spanning-tree link-type point-to-point
|
|
What three parameters must be configured to uniquely define an MST region?
|
The region name, configuration revision number, and the instance-to-VLAN mappings
|
|
What parameter does a switch examine to see if its neighbors have the same VLAN to MST instance mappings? How is that information passed among switches?
|
The VLAN-to-instance mapping is kept in a table of 4096 entries. This information is passed along in the MST BPDUs. Rather than passing the entire table, switches include only a digest
of their current table contents |
|
Which MST instance in a region corresponds to the CST of 802.1Q?
|
The Internal Spanning Tree (IST) instance
|
|
Which MST instance is the IST?
|
IST is Instance 0. Instances 1 through 15 are available for other use.
|
|
When an MST region meets a PVST+ domain, how is each MST instance propagated into
PVST+? |
The BPDUs from each instance are replicated and sent into all the appropriate VLANs in the PVST+ switch.
|
|
Is it wise to assign VLANs to MST Instance 0? Why or why not?
|
No. By default, all VLANs are mapped to Instance 0, the IST. You should select the number of instances needed and map all active VLANs to them. Otherwise, you can’t have full control over the topologies independent of IST and CST.
|
|
A switch can interact with both 802.1D and RSTP. Can it run both PVST+ and MST
simultaneously? |
No. A switch can run either PVST+ or MST. If a switch is running MST, it can interact and interoperate with PVST+, 802.1D, and RSTP.
|
|
In what RSTP port state are incoming frames simply dropped; no MAC addresses are learned?
|
discarding
|
|
In what RSTP port state are incoming frames dropped, but MAC addresses are learned?
|
learning
|
|
In what RSTP port state are incoming frames forwarded according to MAC addresses that have been (and are being) learned?
|
forwarding
|
|
What are the three RSTP port states?
|
discarding
learning forwarding |
|
In RSTP, how long does it take a switch can detect a neighbor failure?
|
In three Hello intervals (default 6 seconds)
|
|
What are the three RSTP port types?
|
Edge, root and point to point
|
|
MST is built on the concept of what?
|
MST is built on the concept of mapping one or more VLANs to a single STP instance. Multiple instances of STP can be used (hence the name MST), with each instance supporting a different group of VLANs.
|
|
How many interfaces are needed in a “router on a stick” implementation for InterVLAN routing among four VLANs?
|
1
|
|
Which command configures a switch port for Layer 2 operation?
|
switchport
|
|
Which command configures a switch port for Layer 3 operation?
|
no switchport
|
|
What information must be learned before CEF can forward packets?
|
The contents of the routing table
|
|
Assume CEF is active on a switch. What happens to a packet that arrives needing
fragmentation? |
The packet is sent to the Layer 3 engine.
|
|
Suppose a host sends a packet to a destination IP address, and the CEF-based switch does not yet have a valid MAC address for the destination. How is the ARP entry (MAC address) of the next-hop destination in the FIB obtained?
|
CEF must wait until the Layer 3 engine sends an ARP request for it.
|
|
During a packet rewrite, what happens to the source MAC address?
|
It is changed to the MAC address of the outbound Layer 3 switch interface.
|
|
What Spanning Tree Protocol is used for fallback bridging?
|
VLAN-bridge
|
|
What command can you use to view the CEF FIB table contents?
|
show ip cef
|
|
What command is used to define an SVI?
|
interface vlan [vlan-id]
|
|
What command puts a port into Layer 2 mode?
|
switchport
|
|
What command puts a port into Layer 3 mode?
|
no switchport
|
|
What component of CEF contains routing and next-hop information; lookups
are performed according to longest match IP prefix? |
Forwarding Information Base (FIB)
|
|
What component of CEF contains Layer 2 address information for next-hop FIB entries that are one
hop away? |
Adjacency table
|
|
What command is used to show a Layer 2 port status?
|
show interface [type mod/num] switchport
|
|
What command is used to show a Layer 3 port status?
|
show interface [type mod/num]
|
|
What command is used to show an SVI status?
|
show interface vlan [vlan-id]
|
|
What command is used to view the FIB contents?
|
show ip cef [type mod/num]
|
|
What command is used to show fallback bridge group status?
|
show bridge group
|
|
To configure an SVI, what commands are needed?
|
(First, make sure the VLAN is defined on the switch.)
interface vlan [vlan-id] ip address [ip-address mask] no shutdown |
|
What is the source of FIB information?
|
The routing table, as computed by the Layer 3 engine portion of a swi
|
|
How often is the FIB updated?
|
As needed; it is downloaded or updated dynamically by the Layer 3 engine whenever the
routing topology changes or an ARP entry changes. |
|
What is meant by the term “CEF punt?”
|
A packet can’t be forwarded or switched by CEF directly because it needs further processing.
The packet is “punted” to the Layer 3 engine, effectively bypassing CEF for a more involved resolution. |
|
What happens to the FIB when distributed CEF (dCEF) is used?
|
It is simply replicated to each of the independent CEF engines. The FIB itself remains intact, so that each engine receives a duplicate copy.
|
|
What happens during a “CEF glean” process?
|
The MAC address (ARP reply) for a next-hop FIB entry is not yet known. The Layer 3 engine must generate an ARP request and wait for a reply before CEF forwarding can continue to that destination.
|
|
What does a multilayer switch do to the IP TTL value just before a packet is forwarded?
|
The TTL is decremented by one, as if a router had forwarded the packet.
|
|
What is fallback bridging?
|
On switch platforms that cannot multilayer switch (route) all routable protocols, those protocols
can be transparently bridged between VLANs instead. 13. |
|
What does SVI stand for?
|
Switched Virtual Interface.
|
|
What do multilayer switches share when running HSRP?
|
an IP address
|
|
What HSRP group uses the MAC address 0000.0c07.ac11?
|
Group 17 (hex)
|
|
How many routers are in the Standby state in an HSRP group?
|
1
|
|
What VRRP group uses the virtual MAC address 0000.5e00.01ff?
|
group 255
|
|
What is the best protocol for load balancing redundant gateways?
|
GLBP
|
|
What GLBP function answers ARP requests?
|
AVG
|
|
By default, which virtual MAC address will be sent to the next client that looks
for the virtual gateway? |
The next virtual MAC address in the sequence
|
|
In SLB, with what must a virtual server be linked?
|
A server farm
|
|
In SLB, what command specifies the IP address of a server in a server farm?
|
real [ip address]
|
|
What are the two router roles in HSRP?
|
Active router, standby
router |
|
What are the two router roles in VRRP?
|
Master router, backup
router |
|
What are the two router roles in GLBP?
|
AVG, AVF
|
|
What is the Virtual router MAC
address for VRRP? |
0000.5e00.01xx
|
|
What is the Virtual router MAC
address for HSRP? |
0000.0c07.acxx
|
|
What HSRP command is used to set the HSRP priority?
|
standby [group] priority [priority]
|
|
What HSRP command is used to
allow router preemption? |
standby [group] preempt [delay seconds]
|
|
What HSRP command is used to
adjust priority by tracking an interface? |
standby [group] track [type mod/num decrementvalue]
|
|
What HSRP command is used to
assign the virtual router address? |
standby group ip [ip-address] [secondary]
|
|
What VRRP command is used to
assign a VRRP router priority (default 100)? |
vrrp [group] priority [level]
|
|
What VRRP command is used to
learn the advertisement interval from the master router? |
vrrp [group] timers learn
|
|
What VRRP command is used to
disable preempting (default is to preempt)? |
no vrrp group preempt
|
|
What VRRP command is used to
assign a virtual IP address? |
vrrp [group] ip [ip-address] [secondary]
|
|
What GLBP command is used to assign a GLBP priority?
|
glbp group priority level
|
|
What GLBP command is used to choose the load-balancing
method? |
glbp [group] load-balancing [round-robin | weighted | host-dependent]
|
|
What SLB command is used to name a server farm?
|
ip slb serverfarm [serverfarm-name]
|
|
What SLB command is used to choose a load-balancing method?
|
predictor {roundrobin | leastconns}
|
|
What SLB command is used to identify a real server?
|
real [ip-address]
|
|
What SLB command is used to
name the virtual server? |
ip slb vserver [virtual-server-name]
|
|
What SLB command is used to link the virtual server to a server farm?
|
serverfarm [serverfarm-name]
|
|
What SLB command is used to enable the virtual server for use?
|
inservice
|
|
A multilayer switch has been configured with the command standby 5 priority 120. What
router redundancy protocol is being used? |
HSRP
|
|
What feature can you use to prevent other routers from accidentally participating in an HSRP group?
|
HSRP authentication
|
|
What command can configure an HSRP group to use a virtual router address of
192.168.222.100? |
standby 1 ip 192.168.222.100
|
|
How many HSRP groups are needed to load balance traffic over two routers?
|
2
|
|
What load-balancing methods can GLBP use?
|
Round robin, weighted, host dependent
|
|
What command can you use to see the status of the active and standby routers on the VLAN 171 interface?
|
show standby vlan 171
|
|
How many GLBP groups are needed to load balance traffic over four routers?
|
1
|
|
When should you use SLB?
|
When load balancing is needed for clients to access a server farm.
|
|
What does GLBP stand for?
|
Gateway Load Balancing Protocol (GLBP)
|
|
What does VRRP stand for?
|
Virtual Router Redundancy Protocol (VRRP)
|
|
To what multicast address does HSRP send its hello messages?
|
HSRP sends its hello messages to the multicast destination 224.0.0.2
|
|
Which router becomes the active router for an HSRP group?
|
The router with the highest priority value (255 is highest) becomes the active router for the group.
|
|
If all HSRP router priorities are equal or set to the default value, which router on the becomes the active router?
|
the router with the highest IP address on the HSRP interface becomes the active router.
|
|
What is the HSRP state sequence?
|
Disabled, Init, Listen, Speak, Standby, and, finally,
Active. |
|
By default, how often are HSRP hellos sent?
|
By default, hellos are sent every 3 seconds.
|
|
Was is the default holdtime for HSRP before the standby router goes active?
|
10 seconds
|
|
How often are VRRP advertisements sent?
|
VRRP advertisements are sent at 1-second intervals.
|
|
In GLBP, what is an AVG?
|
The active virtual
gateway (AVG). This router has the highest priority value, or the highest IP address in the group, if there is no highest priority. The AVG answers all ARP requests for the virtual router address. Which MAC address it returns depends upon which load-balancing algorithm it is configured to use. In any event, the virtual MAC address supported by one of the routers in the group is returned. |
|
In GLBP, what is an AVF?
|
The active virtual forwarder (AVF), forwarding traffic received on its virtual MAC
address. Other routers in the group serve as backup or secondary virtual forwarders, in case the AVF fails. The AVG also assigns secondary roles. |
|
How does GLBP do Load Balancing?
|
By handing out virtual router MAC addresses to clients in a
deterministic fashion. |
|
What are the three load-balancing methods that can be used in a GLBP group?
|
Round robin
Weighted Host-dependent |
|
SLB load balancing can be
configured as what two methods? |
Weighted round-robin
Weighted least connections |
|
How many sources are typically present in a multicast group?
|
1
|
|
How many unique multicast IP addresses can correspond to one multicast MAC address?
|
32
|
|
What test is performed before a multicast packet can be forwarded?
|
Reverse Path Forwarding
|
|
Which protocol registers hosts for multicast group membership?
|
IGMP
|
|
A host sends Internet Group Management Protocol (IGMP) packets to what device?
|
a router
|
|
If a multicast group has recipients on every subnet, which of the PIM modes should be used?
|
dense mode
|
|
Which type of tree structure is built for sparse mode multicast routing?
|
a shared tree
|
|
What router maintains the RP-to-group correlation for Auto-RP in PIMv1?
|
Mapping agent
|
|
What router advertises candidate RP routers in PIMv2?
|
Bootstrap router
|
|
In what kind of "cast" are packets sent from one source host address to a single destination host address?
|
unicast
|
|
In what kind of "cast" are packets sent from one source host address to a special group-based destination address?
|
multicast
|
|
In what kind of "cast" are packets sent from one source host address to a broadcast destination address?
|
broadcast
|
|
What command is used to enable multicast routing?
|
ip multicast-routing
|
|
What command is used to use PIM Dense Mode on an
interface? |
ip pim dense-mode
|
|
What command is used to use PIM Sparse Mode on an
interface? |
ip pim sparse-mode
|
|
What command is used to use PIM Sparse-Dense Mode on an
interface? |
ip pim sparse-dense-mode
|
|
What command is used to define a PIMv1 RP?
|
ip pim rp-address [ip-address]
|
|
What technology allows a switch to intercept IGMP messages to learn of group members and their port locations?
|
IGMP snooping
|
|
What technology allows a router to relay IGMP join and leave requests to Layer 2 switches. The switches
then learn of group members and their port locations? |
CGMP
|
|
What command defines a PIMv2 border router?
|
ip pim border
|
|
By default, what does a router or Layer 3 switch do with multicast packets?
|
It drops them because multicast routing is not enabled by default.
|
|
By default, what does a Layer 2 switch do with a multicast packet?
|
It floods the packet out all ports on the source VLAN, as if it were a broadcast packet.
|
|
What high-order bit combination signals that an IP address is used for multicast?
|
1110
|
|
What IP multicast address range is set aside for use only on the local network segment?
|
224.0.0.0 – 224.0.0.255
|
|
For the RPF check, the source IP address is looked up in the unicast routing table. To forward the packet, what should the result of the test be?
|
The unicast route to the source must be out the interface where the packet arrived.
|
|
What important difference exists between IGMPv1 and IGMPv2?
|
Hosts can request to leave a multicast group immediately with IGMPv2. IGMPv1 doesn’t have any mechanism for leaving a group, other than an aging-out process.
|
|
To join a multicast group, what type of message is sent? Where is this message sent?
|
An IGMP Membership Report is sent. The IGMP message is with a destination address of the multicast group itself so that the nearest multicast router will receive it.
|
|
What is the purpose of the IGMP Querier?
|
It is a router that periodically asks all hosts if any of them want to join the multicast group.
Interested hosts must respond with a Membership Report. |
|
For PIM Dense Mode, how is the multicast tree built?
|
The source is the root of the tree, and all Dense Mode routers are included by default. After all of these have joined the group, a pruning phase occurs so that routers with no member hosts are pruned off the tree.
|
|
Where is the root of the PIM Sparse Mode tree located?
|
At a Rendezvous Point (RP) router
|
|
With PIM Sparse-Dense Mode, is the PIM mode determined per interface or per group?
|
Per group. If the group has an RP, Sparse Mode is used; otherwise, Dense Mode is used.
|
|
What routing table is used for PIM?
|
The unicast routing table is used. PIM does not build or maintain its own multicast routing table.
|
|
What command is used to configure an interface for the hybrid PIM mode?
|
ip pim sparse-dense-mode
|
|
When a switch performs IGMP snooping, what is it snooping for?
|
It listens to all IGMP membership reports so that it can learn the location of hosts joining and
leaving multicast groups. |
|
What else does a Layer 2 switch need when it is configured for CGMP?
|
A multicast router. The router relays group join and leave requests as CGMP packets that the switch can use.
|
|
When should IGMP snooping and CGMP be used together on a switch?
|
Never; they are mutually exclusive features.
|
|
Multicast MAC addresses always begin with what?
|
0100.5e
|
|
What is the complete multicast IP space?
|
224.0.0.0 through 239.255.255.255
|
|
What is the multicast link-local IP space address?
|
Link-local addresses (224.0.0.0 through 224.0.0.255)—Used by network protocols only on the local network segment. Routers do not forward these packets.
This space includes the all-hosts address 224.0.0.1, all-routers 224.0.0.2, OSPF-routers 224.0.0.5, and so on. These are also known as fixed-group addresses because they are wellknown and predefined. |
|
What command enables multicast routing?
|
Switch(config)# ip multicast-routing
|
|
What does IGMP stand for?
|
Internet Group Management Protocol (IGMP)
|
|
How does a host join a multicast group?
|
A host can join a multicast group by sending a request to its local router.
|
|
What is a routing protocol that can be used for forwarding multicast traffic?
|
Protocol Independent Multicast (PIM)
|
|
What are the three modes of PIM?
|
PIM Dense Mode
PIM Sparse Mode PIM Sparse-Dense Mode |
|
What does PIM stand for?
|
Protocol Independent Multicast (PIM)
|
|
Which PIM version uses BSRs (bootstrap routers)?
|
PIM Version 2
|
|
What technology allows a router to become a multicast “hearing aid” for a switch that is IGMP snooping “hearing impaired"?
|
CGMP - Cisco Group Management Protocol
|
|
What QoS model reserves bandwidth end-to-end?
|
IntServ
|
|
Where is QoS implemented in the DiffServ model?
|
On each network device (per-hop)
|
|
At what layer of the OSI model is class of service (CoS) used to pass QoS information?
|
Layer 2
|
|
What does the DSCP name “EF” mean?
|
Expedited Forwarding
|
|
In the DSCP codepoint name “AF31,” what does the “3” digit represent?
|
Class Selector
|
|
What element of DiffServ QoS identifies traffic?
|
Classification
|
|
When a switch is configured at a trust boundary, what can be trusted?
|
CoS values
|
|
When would you use the QoS scheduling process in a switch?
|
To determine the order that packets are forwarded
|
|
What methods unconditionally drops packets when a queue is full?
|
tail drop
|
|
How does WRED detect and avoid congestion?
|
It randomly drops packets.
|
|
A switch port has two standard queues, two WRED thresholds, and one strict priority queue. How can its queue type be written?
|
1p2q2t (remember pqt)
|
|
What are some of the problems that QoS can help relieve?
|
Packet delay, packet loss, jitter
|
|
Which protocol is used to reserve network resources in the IntServ QoS model?
|
RSVP
|
|
What protocol is used to maintain the DiffServ QoS model?
|
None; DiffServ is defined as a per-hop behavior, so no communication is needed between networking devices.
|
|
What range of values can the CoS field contain?
|
0 through 7 because CoS is three bits in length.
|
|
How is the CoS information passed from LAN switch to LAN switch?
|
Only across trunking links, where the CoS is contained in the trunk encapsulation.
|
|
How is the IP Precedence field related to the DSCP field?
|
They are both located in the same byte of the IP header. The three IP Precedence bits are actually the same as the first 3 bits of the DSCP (the Class Selector). However, the DSCP contains three additional bits for greater flexibility.
|
|
If a packet contains the DSCP codepoint name “AF31,” what would the IP Precedence value be?
|
3; the Class Selector bits (“3” in the codepoint name) are the same as the IP Precedence bits.
|
|
If a switch port is configured as “untrusted,” what is the resulting CoS value of incoming packets?
|
Each packet’s CoS is overwritten with the default CoS value of the switch port itself. In the default case, the port’s CoS is zero.
|
|
What method is used for scheduling in Catalyst switches?
|
Weighted Round Robin (WRR)
|
|
Name two methods that are used for congestion avoidance.
|
Tail drop or Weighted Random Early Detection (WRED)
|
|
When are packets dropped from the strict priority queue on an interface?
|
Packets are never dropped from the priority queue by WRED. The only condition that causes packets to be dropped is when the priority queue is full. In that case, packets are dropped by the tail drop method.
|
|
What is the disadvantage of using the tail drop method to avoid congestion?
|
Tail drop waits until the queue is full before dropping the latest arriving packets. This tends to avoid congestion after congestion occurs. The main disadvantage is with TCP connections,
which begin to back off and enter the slow-start state once tail drop begins. All active TCP connections will do this simultaneously, synchronized with each other. This causes a widespread throughput issue and makes the overall network utilization oscillate |
|
A switch port has a queue type 1p1q4t. What does this mean?
|
The port has one strict-priority queue (1p), one standard queue (1q), and four WRED thresholds
per standard queue (4t). |
|
If a switch port has a queue type 1p2q2t, what is the strict priority queue’s queue number?
|
The strict-priority queue is queue 3. (The low-priority standard queue is 1, the high-priority standard queue is 2.)
|
|
Variation in delay is called what?
|
jitter
|
|
The total delay from start to finish is called what?
|
latency
|
|
What are the three basic types of QoS that can be used in a network?
|
Best-effort delivery
Integrated Services model Differentiated Services model |
|
How is CoS marked in a IEEE 802.1Q trunk?
|
Each frame is tagged with a 12-bit VLAN ID and a User field. The User field
contains three 802.1p priority bits that indicate the frame CoS, a unitless value ranging from 0 (lowest-priority delivery) to 7 (highest-priority delivery). Frames from the native VLAN are not tagged at all (no VLAN ID or User field), so they receive a default CoS that is configured on the receiving switch. |
|
How is CoS marked in an ISL trunk?
|
Each frame is tagged with a 15-bit VLAN ID. In addition, next to the frame Type field is a 4-bit User field. The lower three bits of the User field are used as a CoS
value. Although ISL is not standards-based, Catalyst switches make CoS seamless by copying the 802.1p CoS bits from an 802.1Q trunk into the User CoS bits of an ISL trunk. This allows CoS information to propagate along trunks of differing encapsulations. |
|
The Differentiated Service Code Point (DSCP)has how many bits?
|
6 bits
|
|
DiffServ QoS examines what to make decisions?
|
The Differentiated Service Code Point (DSCP), which has 6 bits
|
|
Are the ToS and DS bytes the same?
|
Yes
|
|
The DSCP value is broken up into what?
|
A 3-bit Class Selector and a 3-bit Drop Precendence value.
|
|
What is the decimal equivalent of codepoint EF?
|
46
|
|
What is the decimal equivalent of codepoint AF41?
|
34
|
|
What is the decimal equivalent of codepoint AF31?
|
26
|
|
What is the decimal equivalent of codepoint AF21?
|
18
|
|
What is the decimal equivalent of codepoint AF11?
|
10
|
|
Most switches have what two types of ingress queues?
|
a strict priority queue
and a standard queue |
|
What are the two types of QoS Policers?
|
microflow and aggregate)
|
|
By default, how are packets with CoS markings placed in the various queues.
|
By default, packets with CoS 0 through 3 are assigned to the first standard queue, while CoS 4 through 7 go in the second standard queue.
CoS 5 goes to the strict priority queue |
|
The overall effect of tail dropping is that all active TCP connections go into congestion back-off and
then slow-start. What is this called? |
global synchronization.
|
|
What does WRED attempt to do to alleviate congestion?
|
WRED attempts to randomly drop packets that are already in the queue so that the queue cannot become full.
|
|
The lowest-priority standard queue is what?
|
The lowest-priority standard queue is always Queue 1
|
|
The number of strict priority queues is notated how?
|
p
|
|
The number of configurable WRED thresholds per standard queue is notated how?
|
t
|
|
The number of standard queues is notated how?
|
q
|
|
Does the priority queue ever have threshold?
|
The priority queue never has a threshold because no packets are ever proactively dropped
|
|
By default, how does a switch port treat incoming QoS information?
|
It is not trusted.
|
|
What command can configure an interface to trust only the inbound DSCP information?
|
mls qos trust dscp
|
|
Which command defines what traffic will be identified for a QoS policy?
|
class-map
|
|
What QoS classification method can match traffic flows that use dynamic UDP or TCP port
numbers? |
NBAR
|
|
Which QoS configuration command can contain actions to take on classified traffic?
|
policy-map
|
|
What command can apply a QoS policy to an interface?
|
service-policy [policy-name]
|
|
How many QoS policy maps can be applied to an interface?
|
Two; one in each inbound or outbound direction.
|
|
What command would enable WRED on interface queue 2?
|
wrr-queue random-detect 2
|
|
A switch port has a minimum WRED threshold configured at 25 percent. If the queue stays
below 25 percent, what can happen to the queued packets? |
They can never be dropped.
|
|
What two ways can QoS trust be configured on a switch?
|
Per-interface and per-policy
|
|
If all QoS trust decisions will be applied as part of a QoS policy, what command should you use on an interface?
|
no mls qos trust; All trust must be disabled on the interface because the policy will enable any specific trust conditions that are configured.
|
|
When a QoS class map is configured, what types of commands must also be used?
|
match commands, to match specific types of traffic
|
|
Name two methods that you can use to identify or classify traffic.
|
Matching can be based on traffic that is permitted by an access list and on protocols identified by NBAR.
|
|
What command can classify traffic with an extended IP access list?
|
match access-group name [access-list]
|
|
What command can classify traffic with NBAR?
|
match protocol [protocol-name]
|
|
What does a QoS policy map contain?
|
It contains references to class maps that identify types of traffic and actions to take as a result of each class map.
|
|
When a policy map is applied to an interface, does it control both inbound and outbound traffic?
|
The policy map must be applied in one direction only, each time it is configured on the interface.
It can control only inbound or outbound traffic, unless it is applied twice to the interface—once in each direction. |
|
What is the first command keyword used to configure WRED congestion avoidance?
|
wrr-queue; This seems surprising because wrr-queue is also used to configure scheduling. However, Catalyst switches use the same components to schedule and perform WRED because both involve egress queue operations.
|
|
What QoS information is used to map packets into the egress queues of a switch port?
|
CoS, through the use of a CoS-to-queue mapping function
|
|
What command can display the QoS and queue information about a switch port?
|
show queueing interface
|
|
To enable QoS on a switch, use what global configuration command?
|
mls qos
|
|
On each interface where consistent QoS trust is to be defined, what is the interface
configuration command? |
Switch(config-if)# mls qos trust {cos | dscp | ip-precedence}
|
|
If you choose to not trust any QoS information (the default condition), you use what interface
configuration command? |
Switch(config-if)# no mls qos trust
|
|
CoS 5 maps to what DSCP value?
|
EF
|
|
What 3 steps define QoS policy?
|
1. QoS classes are defined to classify (identify) specific traffic.
2.One or more QoS policies are defined to reference or group multiple QoS classes as a single entity. 3.Each egress interface can be assigned one QoS policy in each direction. |
|
What 3 steps define QoS policy?
|
1. QoS classes are defined to classify (identify) specific traffic.
2.One or more QoS policies are defined to reference or group multiple QoS classes as a single entity. 3.Each egress interface can be assigned one QoS policy in each direction. |
|
What 3 steps define QoS policy?
|
1. QoS classes are defined to classify (identify) specific traffic.
2.One or more QoS policies are defined to reference or group multiple QoS classes as a single entity. 3.Each egress interface can be assigned one QoS policy in each direction. |
|
What command defines a QoS class to classify Traffic?
|
Switch(config)# class-map [class-name] [match-all | match-any]
|
|
What command is used to classifying traffic with an Access List?
|
Switch(config-cmap)# match access-group name [access-list]
|
|
To match a traffic flow with NBAR, use what class map configuration command?
|
Switch(config-cmap)# match protocol [protocol-name]
|
|
What QoS feature can recognize traffic from several
applications, whether the UDP or TCP ports are statically or dynamically assigned? |
NBAR
|
|
What does NBAR stand for?
|
Network-Based Application
Recognition |
|
What command is used to define a QoS policy?
|
Switch(config)# policy-map [policy-name]
|
|
What interface configuration command is used to begin using a QoS policy?
|
Switch(config-if)# service-policy [input | output] [policy-name]
|
|
Catalyst switches support what scheduling algorithm?
|
Weighted Round Robin (WRR)
|
|
By default, interfaces with two standard queues are assigned what weights?
|
4 and 255. The second queue receives about 64 times the amount of data transmitted on its turn for every one unit of data from the first queue.
|
|
After the switch determines which egress port each packet will use when exiting, what values are mapped into CoS values?
|
internal DSCP values
|
|
What interface configuration command enables the strict-priority queue?
|
priority-queue out
|
|
If an interface is configured to consider all inbound QoS information as untrusted, what are the inbound CoS and DSCP values set to?
|
both are set to 0
|
|
What interface command would be used so that inbound DSCP information will be used as the trusted quantity?
|
mls qos trust dscp
|
|
In a switch, what always used to decide how packets are queued and scheduled for transmission in the egress queues?
|
CoS values
|
|
For a Catalyst switch to offer inline power to a device, what must occur?
|
The switch must detect that the device needs inline power.
|
|
What command can enable inline power to a switch interface?
|
power inline auto
|
|
What does a Cisco IP Phone contain to allow it to pass both voice and data packets?
|
An internal three-port switch
|
|
How can voice traffic be kept separate from any other data traffic through an IP Phone?
|
A special-case 802.1Q trunk is used to the switch.
|
|
What command configures an IP Phone to use VLAN 9 for voice traffic?
|
switchport voice vlan 9
|
|
What is the default voice VLAN condition for a switch port?
|
switchport voice vlan none
|
|
If the switchport voice vlan 50 command has been used, what VLAN numbers will the voice and PC data be carried over, respectively?
|
VLAN 50, native VLAN
|
|
When a PC is connected to the PC switch port on an IP Phone, how is QoS trust handled?
|
The Catalyst switch instructs the IP Phone how to trust the PC QoS information.
|
|
An IP Phone should mark all incoming traffic from an attached PC to have CoS 1. What command is used for this?
|
switchport priority extend cos 1
|
|
Which switch port queue should voice bearer packets be placed in?
|
Strict-priority queue
|
|
What command can verify the inline power status of each switch port?
|
show power inline
|
|
What command can verify the voice VLAN used by a Cisco IP Phone?
|
show interface switchport
|
|
How does a Catalyst switch detect that a connected device is capable of using inline power?
|
The device must first loop the Ethernet connection’s transmit and receive pairs. The switch can then hear its own test tone, confirming that the device does indeed need inline power. After the
power is enabled on the port, the switch and the device can exchange CDP messages so that the amount of power can be adjusted. |
|
What type of trunk can be used between a Catalyst switch port and a Cisco IP Phone?
|
A special-case 802.1Q trunk with only two VLANs
|
|
When a trunk is used on an IP Phone, on which VLAN is the data from an attached PC carried?
|
PC data is always carried over the native (untagged) VLAN in the trunk. Voice packets can be carried over the native VLAN, too, or over a unique voice VLAN.
|
|
What is the difference between the VVID and the PVID?
|
VVID refers to the Voice VLAN ID, whereas PVID refers to the Port VLAN ID.
|
|
What is the advantage of using the switchport voice vlan dot1p command?
|
Voice traffic is carried over VLAN 0 on the IP Phone trunk, so a unique voice VLAN is not
necessary. This can be an advantage when a new VLAN can’t be added to a network or switch. CoS information is still carried over the trunk in the 802.1p field. |
|
By default, does a Cisco IP Phone trust QoS information from an attached PC?
|
No. The phone will overwrite all QoS information (both CoS and DSCP) to 0, considering the PC an untrusted source.
|
|
The command switchport priority extend cos 5 is entered for a switch port. Is this a good decision? Why or why not?
|
Probably not. After that is done, all packets from an attached PC will be marked with CoS 5— the same value the phone gives to its voice bearer packets. Any upstream switches will be unable to distinguish the two types of traffic just by examining the CoS value.
|
|
How can a switch classify VoIP voice bearer packets that are carried by RTP?
|
RTP uses negotiated UDP port numbers, so access lists can’t be used. Instead, NBAR is able to classify the traffic by a stateful inspection. The match protocol rtp command can be used for this
|
|
What command can verify the QoS trust relationship between an IP Phone and its attached PC?
|
show mls qos interface
|
|
Inline power is provided over what pairs?
|
pairs 2 and 3, RJ-45 pins 1,2 and 3,6
|
|
If the username command is used in a switch configuration, what method of authentication is implied?
|
local
|
|
What command should be used to configure a vty line to use the “myservers” authentication method list?
|
login authentication myservers
|
|
If a user needs to be in the privileged EXEC or enable mode, which part of AAA must succeed?
|
Authorization
|
|
Which switch feature can grant access through a port only if the host with MAC address 0005.0004.0003 is connected?
|
Port security
|
|
Port security is being used to control access to a switch port. Which command will put the port into the errdisable state if an unauthorized station connects?
|
switchport port-security violation shutdown
|
|
If port security is left to its default configuration, how many different MAC addresses can be learned at one time on a switch port?
|
1
|
|
What protocol is used for port-based authentication?
|
802.1x
|
|
When 802.1x is used for a switch port, where must it be configured?
|
Switch port and client PC
|
|
When port-based authentication is globally enabled, what is the default behavior for all switch
ports? |
Allow all connections without authentication.
|
|
After port-based authentication is enabled, what method is available for a user to authenticate?
|
802.1x client
|
|
What does the acronym “AAA” stand for?
|
Authentication, authorization, and accounting
|
|
What external methods of authentication does a Catalyst switch support?
|
RADIUS and TACACS+
|
|
A RADIUS server is located at IP address 192.168.199.10. What command can be used to
configure a Catalyst switch to find the server? |
radius-server host 192.168.199.10
|
|
A Catalyst switch should be configured to authenticate users against RADIUS servers first, followed by TACACS+ servers. What command can define the authentication methods? Make sure users can still authenticate if none of the servers are available.
|
aaa authentication login default radius tacacs+ local
|
|
When the 802.1x force-authorized keyword is used, how does the switch react to users attempting to connect?
|
The switch always authorizes any connecting user, without any authentication.
|
|
Can more than one host be authenticated on a single switch port with port-based authentication?
|
Yes, if the dot1x multi-hosts command is configured on the switch port interface.
|
|
What command is used to enable AAA on the switch.
|
Switch(config)# aaa new-model
|
|
To configure port security on an access layer switch port, begin by enabling it with what
interface configuration command? |
Switch(config-if)# switchport port-security
|
|
With port security, what command would statically define one or more MAC addresses on an interface?
|
Switch(config-if)# switchport port-security mac-address [mac-addr]
|
|
What three options do you have if a port security violation occurs?
|
shutdown, restrict, protect
|
|
You must configure each switch port that will use 802.1x. What interface configuration command is used to set the authentication state?
|
Switch(config-if)# dot1x port-control {force-authorized | force-unauthorized | auto}
|
|
What command enables port security on an interface?
|
switchport port-security
|
|
What command globally enables 802.1x?
|
dot1x system-auth-control
|
|
What can be used on a switch to filter packets even if they are not routed to another Layer 3
interface? |
VLAN access lists
|
|
In what part of a Catalyst switch are VLAN ACLs implemented?
|
TCAM
|
|
What command can implement a VLAN ACL called “test?”
|
vlan access-map test
|
|
After a VACL is configured, where is it applied?
|
Globally on a VLAN
|
|
What type of private VLAN is the most restrictive?
|
Isolated VLAN
|
|
The vlan 100 command has just been entered. What is the next command needed to configure VLAN 100 as a secondary isolated VLAN?
|
private-vlan isolated
|
|
What type of port configuration should you use for private VLAN interfaces on a router?
|
Promiscuous
|
|
What technology allows a port to be mirrored to another port on the same switch?
|
SPAN
|
|
What must be used to connect switches used for RSPAN?
|
An RSPAN VLAN over a trunk
|
|
What is the most important difference between an RSPAN VLAN and a regular VLAN?
|
The RSPAN VLAN disables MAC address learning
|
|
To configure an RSPAN session’s source switch, what is used for the session destination?
|
The RSPAN VLAN
|
|
What command is used to define a VACL?
|
vlan access-map [map-name] [sequence-number]
|
|
What command is used to apply the VACL to VLANs.
|
vlan filter [map-name] vlan-list [vlan-list]
|
|
When a VACL is implemented on a switch, how is the switching speed affected?
|
It isn’t; VACLs are implemented in hardware, so packets can be inspected as they are being switched with no performance penalty.
|
|
What actions can be taken on packets matching a VACL?
|
Packets can be forwarded, dropped, marked for capture, or redirected to a different Layer 2 switch port.
|
|
A secondary community VLAN is associated with a primary VLAN on a switch. Can hosts
assigned to the community VLAN communicate with each other? |
Yes, they can. However, they can’t communicate with any other community or isolated VLAN.
|
|
A secondary isolated VLAN is associated with a primary VLAN on a switch. Can hosts
assigned to the isolated VLAN communicate with each other? |
No, hosts on an isolated VLAN can’t even communicate among themselves. They can reach
only the promiscuous host on the primary VLAN. |
|
A router is identifed as the central gateway for a private VLAN. What command is needed to configure the switch port where a router is connected?
|
switchport mode private-vlan promiscuous
|
|
How many actual VLANs must be configured to implement a common router with two
community VLANs? |
Three VLANs must be used: one for the primary VLAN where the router is connected and two more for the secondary community VLANs. The primary VLAN will be logically associated with the two community VLANs, but all three must be configured.
|
|
How is switching performance affected when several SPAN sessions are enabled?
|
Switching performance is not affected. Packets are simply marked and copied into another
switch port’s queue during a SPAN session. The original traffic is still forwarded without being modified or affected. |
|
What command can specify the source of a SPAN session as VLAN 100?
|
monitor session 1 source vlan 100
|
|
When a SPAN session is enabled, what direction of traffic flow (relative to the source port) is mirrored for analysis?
|
By default, traffic in both directions is mirrored.
|
|
What must be configured on all switches connecting an RSPAN source and destination? What commands can be used?
|
The special-purpose RSPAN VLAN must be configured. Define the VLAN number and then use the remote-span command.
|
|
To configure a private VLAN, begin by defining any secondary VLANs that are needed for isolation using what two configuration commands?
|
Switch(config)# vlan [vlan-id]
Switch(config-vlan)# private-vlan {isolated | community} |
|
You can define the primary VLAN that will provide the underlying private VLAN connectivity using what three configuration commands?
|
vlan [vlan-id]
private-vlan primary private-vlan association |
|
What two commands are used to associate ports with Private VLANs?
|
switchport mode private-vlan {host | promiscuous}
switchport private-vlan host-association [primary-vlan-id secondaryvlan-id] |
|
To configure a SPAN session, start by defining the source of the SPAN session data, using what global configuration command?
|
monitor session
|
|
What two commands would define an RSPAN VLAN for
transport (all switches from sourcecto destination)? |
vlan [vlan-id]
remote-span |