Boson Notes #2

Question 1

OSPF Maximum equal cost paths

Answer 1

OSPF can insert a maximum of FOUR equal-cost paths into the routing table by default.

By using maximum-paths 8 command you can override this.

Question 2

Lightweight AP in bridged mode

Answer 2

Lightweight AP in bridged mode acts as a dedicated connection between two networks.

Needs a WLC to operate.

Question 3

FlexConnect ACLs

Answer 3

FlexConnect ACLs are supported on the native VLAN, it is configured on wireless AP VLAN interfaces if it is operating in FlexConnect mode.

FlexConnect ACLs are applied per AP per VLAN.

FlexConnect mode enables a failsafe for lightweight AP if it’s connected to the WLC if CAPWAP tunnels goes down.

Question 4

Types of Fram Size

Answer 4

Giant Frame exceeds 1518 bytes,

baby giant is up to 1600 bytes,

jumbo frame is up to 9216 bytes

runt frame that is fewer than 64 bytes

Question 5

Collison

Answer 5

Collison occurs when a packet must be reset because of an interruption that occurs before the 64th byte or 512th bit.

When two devices transmit data at the same time a collision occurs.

Collisions can be caused by duplex mismatch, malfunctioning devices, or too many nodes on a network segment.

Question 6

CSMA/CD

Answer 6

CSMA/CD – both devices will wait a random amount before resending

Question 7

Autonomous AP

Answer 7

Autonomous AP contains interfaces for both wireless and wired networks.

Question 8

Cisco hierarchical network model

Answer 8

Cisco hierarchical network model

Three layers: Core, Distribution (aka aggregation layer), and access layer.

Core – low latency high reliability, network backbone, fast convergence, fastest switching path.

Distribution - router filtering and inter-VLAN routing, security policies, QoS, routing, summarization, net hop redundancy.

Access – media termination points for end devices. Provides access to the network, user authentication.

Question 9

Puppet

Answer 9

Puppet – TCP 8140, uses HTTP, client/server architecture.

Question 10

Chef

Answer 10

Chef – client/server architecture or stand-alone client.

Chef communicates on TCP 443, configs stores in cookbook.

Question 11

Ansible

Answer 11

Ansible -uses SSH,

configs stored in playbooks that is written in YAML.

Question 12

Salt

Answer 12

Salt – client/server architecture, requires TCP 4505 4506

uses Python.

Question 13

802.1w

Answer 13

802.1w – RSTP includes PortFast, UpLinkFast, BackboneFast.

PortFast enables ports for immediate access to the network.

UpLinkFast increases convergence speed for access layer SW

BackboneFast increases convergence speed for SW that detects a failure on links that are not directly connected to the Sw.

Question 14

802.1D

Answer 14

802.1D – traditional STP.

Question 15

802.1s

Answer 15

802.1s – Multiple Spanning Tree (MST) – creates multiple spanning-tree instances on a network.

Question 16

802.3ad

Answer 16

LACP

Question 17

Cisco lightweight AP

Answer 17

Cisco lightweight AP – operating in local mode and provides BSS.

BSS is a closed group of wireless devices that are dependent on a fixed device.

BSS is also the default that requires WLC.

The connection between a Lightweight AP and a WLC uses CAPWAP.

Question 18

Lightweight AP in bridge mode

Answer 18

Lightweight AP in bridge mode – Bridge mode enables LWAP to act as a dedicated connection between two networks.

Will form a mesh network of lightweight AP

Question 19

MAC Multicast

Answer 19

01-00-5E-0F-0F-0F to

01-00-5E-7F-FF-FF

Question 20

Feasible Distance

Answer 20

Feasible Distance – EIGRP term for best metric along a path to a destination.

Question 21

Successor

Answer 21

Successor – best path to a destination network.

Question 22

Feasible Successor

Answer 22

Feasible Successor – backup path that is guaranteed loop-free and be used of successor route goes down.

Question 23

Advertised Distance (AD) – (aka Reported Distance RD)

Answer 23

Advertised Distance (AD) – (aka Reported Distance RD)

Metric that has been calculated by the next-hop router.

Question 24

VPBX (Virtual Private Branch Exchange)

Answer 24

VPBX (Virtual Private Branch Exchange) used to route telephone calls

Question 25

Encapsulation

Answer 25

Encapsulation: adding a VPN header and IP header to the packet.

Question 26

IP SEC encryption process in site to site:

Answer 26

1. sending device combines session key (encryption key/shared key)
2. sending device encapsulates the encrypted data and session key into a packet with a VPN header and a new Ip header.
3. sending deice sends the completed packet to the destination device.
4. Destination/receiving device uses the same session key to decrypt.

Question 27

Cisco IP phone COS Priority

Answer 27

Cisco IP phone COS Priority

0 lowest
7 highest

0 default

Question 28

Beacons

Answer 28

Beacons are management frames that contain the SSID of a wireless network.

Question 29

SNMPv3 Engine ID

Answer 29

SNMPv3 Engine ID - identifies SNMP server, it is used as a calculation process for authentication/hashes.

Engine ID must be created before you create a remote user on the SNMPv3 agent, this ID must match on both devices.

Question 30

ATM (PPPoA)

Answer 30

ATM (PPPoA) – used to initiate a session with a DSL service provider

PPP frames are not encrypted.

Question 31

RADIUS

Answer 31

RADIUS – only encrypts the password in access request packets; it does not encrypt the entire contents of the packet.

It combines AAA into a single function.

Port - 1812, 1813 TCP

Question 32

TACACS+

Answer 32

TACACS+ - encrypts the entire content of the packets, provides more control for admins as it separates AAA.

Port 49 TCP

Cisco Proprietary

Question 33

switchport port-security (xxxxxxxxxx)

Answer 33

switchport port-security violation – configs a SW port to discard traffic and increment violation counter

switchport port-security protect – configs a SW port to discard traffic that it receives from unauthorized hosts. Violation counter is not incremented.

switchport port-security shutdown – SW port will enter error-disabled state when the port received traffic from unauthorized hosts.

Question 34

Southbound APIs

Answer 34

Used to communicate with the data plane

OnePK - Cisco Proprietary API

OpenFlow - uses an imperative SDN model

OpFlex - uses a declarative SDN model

NETCONF - uses XML and RPCs to configure network devices

Question 35

Northbound APIs

Answer 35

Communicates with the application plane

REST - uses either XML or JSON format

OSGI (Open Service Gateway Initiative)

Question 36

EIGRP Routing table

Answer 36

EIGRP Routing table contains only successors, which are the best next-hop routes to a destination.

EIGRP routers maintain a routing table, topology table, neighbor table.

The topology table contains successors and feasible successors.

The router table/topology table does not list successor or feasible successors, they are listed in the neighbor table.

Question 37

Default-information originate

Answer 37

Default-information originate

configures OSPF to inject a router’s default external route into OSPF, as well as router becoming an ASBR (autonomous system boundary router)

Question 38

WFB CBWFQ LLQ

Answer 38

WFB CBWFQ LLQ

mitigates BW starvation.

LLQ does strict priority queues that can be used for delay-sensitive traffic.

Question 39

802.1X + CCKM

Answer 39

802.1X + CCKM – enables 802.1X clients to use Cisco Centralized Key Management (CCKM) to roam between AP without performing the 802.1x authentication process again.

Removed the need to re-authenticate with the RADIUS server.

Question 40

CCKM (Cisco Centralized Key Management)

Answer 40

CCKM (Cisco Centralized Key Management)

a fast rekeying method that enables a wireless client to roam from one AP to another without the intervention of a WLC.

It is used to reduce delay when wireless clients transition between AP, so delay-sensitive services like VoIP operate smoothly

Question 41

DAI

Answer 41

DAI – By default when DAI is configured, the ports will be configured as untrusted unless “TRUST” command is in place.

Question 42

Default Routes

Answer 42

Default Routes – used to send packets that are destined for a location that is not listed elsewhere in the routing table.

Most specific routes will be used if multiple static routes are known.

Question 43

CiscoWorks Wireless LAN Solution Edge (WLSE)

Answer 43

CiscoWorks Wireless LAN Solution Edge (WLSE) simplifies the management and deployment of WAPs in a Cisco Autonomous WLAN.

It can be installed to help automate the management and deployment of APs.

Question 44

WLC

Answer 44

WLC – Provides wireless network management service in a wireless network.

Question 45

WDS (Wireless Domain Services)

Answer 45

WDS (Wireless Domain Services) – Cisco IOS feature that can be installed on APs and used to enable those APs to interact with CiscoWorks WLSE.

Question 46

Cisco Wireless Service Module (WiSM)

Answer 46

Cisco Wireless Service Module (WiSM) – WLC module that can be installed in a Catalyst 6500 SW or Cisco 7600 router.

Question 47

WLC can have up to four static interfaces;

the management interface
the AP-manager interface
the virtual interface
the service port interface

Answer 47

AP-Manager interface on a WLC controls all L3 communications between a WLC and LWAP.

WLC Management interface – used for in-band management information. Used for all L2 LWAPP communications between the controller and the LWAP. Also used to communicate with other WLC on the network.

WLC Service port interface – used for maintenance purposes on a WLC. Used to recover WLC in the event of failure.

WLC Virtual Interface – provides specific IP that is the same across multiple controllers when wireless clients roam among the controllers.

Question 48

metric

Answer 48

A metric is a measurable value that is assigned by the routing protocol to different routes based on the usefulness of that route.

In situations where there are multiple paths to the same remote network, the routing metrics are used to determine the overall “cost” of a path from source to destination

Question 49

SW Forwarding Decisions

Answer 49

SW will use the destination MAC address to make forwarding decisions.

1. searches Content Addressable Memory (CAM) table for a match, CAM aka Switching table.
2. If MAC address is not found, the SW forwards the frame to all its ports except the port that it was received.
3. If MAC address is found in the table, the SW forwards the frame to the appropriate port. The Source MAc address is also recorded if it did not exist in CAM table.

Question 50

Spine + Leaf

Answer 50

Spine + Leaf :

Create a scalable network fabric for east-west data transfer.

Spine and leaf nodes do not interconnect with other spine and leaf nodes.

APICS are connected to one or more leaf nodes, as well as end point groups (EPG).

Question 51

Neighbor Adjacencies (IPv6 Link-Local + OSPFv2)

Answer 51

IPv6 Link local (FE8) address used to form neighbor adjacencies,

OSPFv2 uses a multicast address to form neighbor adjacencies.

Question 52

Anycast address

Answer 52

Anycast address

used to send packets to the closest device that is configured with the anycast address, ideal for load balancing as it uses the same address for multiple devices in a group.