CCIE SP Written Flashcards

Question 1

Q

ISIS LFA FRR?

Answer

A

Pre-computed Backup route.

Question 2

Q

ISIS LFA FRR when there is a primary path link failure?

Answer

A

The backup routes (repair paths) are precomputed and installed

Question 3

Q

Can ISIS LFA FRR be more than one hop away? For what purpose?

Answer

A

Yes. Commonly used in ring topology.

Question 4

Q

What other protocol needs to be supported in order to run ISIS LFA FRR?

Question 5

Q

ISIS LFA FRR IOS restrictions?

Answer

A

TE tunnel interface not protected
IPv4 multicast supported.
IS-IS LFA calculations restricted to same level or area.
Only physical interfaces and physical port-channel interfaces protected.

Question 6

Q

What is the LFA?

Answer

A

Alternate node other than primary neighbor.

Question 7

Q

What algorithm is used to compute per prefix LFA’s?

Answer

A

The general algorithms found in RFC 5286

Question 8

Q

Why does ISIS examine LFA prefixes after SPF is performed for each neighbor?

Answer

A

IS-IS retains the best repair path .

Question 9

Q

Can a primary path have multiple LFAs?

Answer

A

Yes, but requires routing protocol

Question 10

Q

What are the attributes used for tie-breaking in ISIS LFA FRR?

Answer

A

Downstream
Linecard-disjoint—
Shared Risk Link Group (SRLG)
Load-sharing
Lowest-repair-path-metric
Node protecting
Primary-path
Secondary-path

Question 11

Q

How is ISIS LFA FRR configured in IOS?

Answer

A

isis [area-tag] fast-reroute remote-lfa {level-1 | level-2 } mpls-ldp [maximum-metric metric-value]

Question 12

Q

How is ISIS LFA FRR configured in IOS-XR?

Answer

A

interface Bundle-Ether bundle-id

address-family {ipv4 | ipv6}

fast-reroute per-prefix

Question 13

Q

What are some differences between SONET and SDH?

Answer

A

SONET - USA and Canada, SDH is used everywhere else.

SONET header (IP or Ethernet) may be interleaved into the payload at layer 1. Pattern is repeated until entire packet is sent.

Question 14

Q

What is lais?

Answer

A

Line Alarm Indication Signal (If SLOF or SLOS, set at remote end)

Low level alarm used in SONET/SDH used for failure detection

Question 15

Q

What is pais?

Answer

A

Path Alarm Indication Signal (Defect noticed on peer signal; minor)

Low level alarm used in SONET/SDH used for failure detection -

Question 16

Q

What is prdi?

Answer

A

Path Remote Defect Indication (issue with a node two sites away)

Low level alarm used in SONET/SDH used for failure detection -

Question 17

Q

What is slof?

Answer

A

Section loss of frame (errors in the framing pattern/alignment)

Question 18

Q

What is slos?

Answer

A

Section loss of signal (0->1 or 1->0 bit transitions not seen

Question 19

Q

Can SONET keepalives be mismatched between pairs?

Answer

A

Yes. Timers can be mismatched, one side can have it enabled, the other can have it disabled.

Question 20

Q

POS interface default CRC?

Extra resiliency?

Question 21

Q

What is APS for SONET and what is it used for?

Answer

A

Automatic Protection Switching - Allows for a pair of SONET links to serve as active/standby.

The working (W) link is backed up by the protect (P) link failover time is about 50ms.

Question 22

Q

For SONET APS, can the links be in different APS groups? How do the routers communicate APS information?

Answer

A

No, must be in the same group. The routers use Protect group protocol (PGP) to send APS info.

Question 23

Q

What exists over SONET/SDH for OAM functionality?

Answer

A

A Data Communications Channel (DCC). Can also be used for remote provisioning.

Question 24

Q

List all the SONET OC levels/Frame formats/SDH level and frame formats/and Line Rate

Answer

A

OC-1/STS-1 (810 bytes)/STM-0/51.84Mbps

OC-3/STS-3/STM-1/155.52Mbps

OC-12/STS-12/STM-4/622.08Mbps

OC-24/STS-24/N/A/1.244Gbps

OC-48/STS-48/STM-16/2.488Gbps

OC-192/STS-192/STM-64/9.953.28Gbps

OC-768/STS-768/STM-256/39.813Gbps

Question 25

Q

What is the frame format for an OC? How many are in an OC-3?

Answer

A

STS-1. 3 STS-1s.

Question 26

Q

What is LTE?

Answer

A

Long Term Evolution architecture consists of many various components that make up Mobility

Question 27

Q

Under mobility, what is UE? What is an example?

Answer

A

User Equipment. End-user device like a cellphone.

Question 28

Q

What does each UE contain? What is another name for it? What does it do?

Answer

A

Universal Integrated Circuit Card (UICC).

Under LTE context, known as Subscriber Identity Module (SIM). Identifies a phone’s number, billing plan, and all other network-related information.

Question 29

Q

What is eNodeB?

Answer

A

eNB, are base stations that control the mobile nodes in one or more calls.

Question 30

Q

What is a serving eNB?

Answer

A

A base station that is supporting a specific mobile node.

Question 31

Q

How many base stations can LTE mobile nodes communicate with?

Question 32

Q

What is UMTS?

Answer

A

Universal Mobile Telecommunications System.

3G network that 4G LTE was built on. Was a combination of packet and circuit switched architectures.

Question 33

Q

What is E-UTRAN?

Answer

A

Evolved UMTS Terrestrial RAN.

Encompasses entire LTE architecture.

Question 34

Q

What services does E-UTRAN cover?

Answer

A

Mobility control
Radio admission control
eNB configuration and provisioning
dynamic resource allocation (Scheduling)

Question 35

Q

Is E-UTRAN packet or circuit switched?

Answer

A

Designed to be Packet switched, all IP network.

Question 36

Q

What are the upload and download rates of E-UTRAN?

Answer

A

Download - 299.6 Mbps, Upload - 75.4 Mbps.

Question 37

Q

What are the standardized E-UTRAN cell widths?

Answer

A

1.4 MHz, 3, 5, 10, 15, and 20 MHz

Question 38

Q

What is EPC?

Answer

A

Evolved Packet Core - responsible for forwarding traffic, handover events, filtering, billing and accounting.

Question 39

Q

Within EPC, what is HSS?

Answer

A

Home subscriber service - A central database that contains info about all the subscribers within a given network

Question 40

Q

What is PDN?

Answer

A

Packet Data Network - Any external network outside of LTE, like the internet.

Question 41

Q

What is P-GW?

Answer

A

PDN gateway -

Question 42

Q

What is MAM?

Answer

A

Maximum Allocation Model - support enforcement of Bandwidth Constraints

Question 43

Q

Describe traffic types in Diffserv-TE

Answer

A

regular traffic
constraint-based routing of “guaranteed” traffic

which satisfies a more restrictive bandwidth constraint than that satisfied by CBR

Question 44

Q

What is the regular regular TE tunnel bandwidth called?

Answer

A

Regular traffic or Bc0

Question 45

Q

What is the more restrictive or “guaranteed” traffic pool called?

Answer

A

The more restrictive bandwidth is termed a sub-pool or Bc1

Question 46

Q

Why is the sub-pool important?

Answer

A

more restrictive bandwidth constraint
higher Quality of Service performance in terms of delay, jitter, or loss for the guaranteed traffic.

Question 47

Q

What are the two models of allocating constrained bandwidth? What do they achieve?

Answer

A

MAM and RDM. Bandwidth efficiency, isolation across Class Types, and Protects against QoS degradation.

Question 48

Q

When would you use MAM?

Answer

A

When there is a need to ensure isolation across all Class Types without having to use pre-emption

can afford to risk some QoS degradation of Class Types other than the Premium Class.

Question 49

Q

When would you use RDM?

Answer

A

Prevent QoS degradation of all Class Types and can impose pre-emption.

Question 50

Q

What are the benefits of DiffServ-aware Traffic Engineering?

Answer

A

Separate admission control and separate route computation for discrete subsets of traffic (for example, voice and data traffic).
Develop QoS services for end customers based on signaled rather than provisioned QoS
Build the higher-revenue generating “strict-commitment” QoS services, without over-provisioning
Offer virtual IP leased-line, Layer 2 service emulation, and point-to-point guaranteed bandwidth services including voice-trunking
Enjoy the scalability properties offered by MPLS.

Question 51

Q

What is DS-Lite?

Answer

A

The Dual Stack Lite (DS-Lite) feature enables legacy IPv4 hosts and server communication over both IPv4 and IPv6 networks.

Also, IPv4 hosts may need to access IPv4 internet over an IPv6 access network. The IPv4 hosts will have private addresses which need to have network address translation (NAT) completed before reaching the IPv4 internet.

Question 52

Q

What are two components of the Dual Stack Lite application?

Answer

A

Basic Bridging BroadBand Element (B4):
Address Family Transition Router(AFTR):

Question 53

Q

How does the DS-Lite feature help?

Answer

A

Tunnelling IPv4 packets from CE devices over IPv6 tunnels to the ISM blade.
Decapsulating the IPv4 packet and sending the decapsulated content to the IPv4 internet after completing network address translation.

Question 54

Q

What is GPON?

Answer

A

Ethernet or passive optical network (PON) technologies

GPON is a point-to-multi point access mechanism.

Question 55

Q

What are the primary features and benefits of GPON?

Answer

A

● Single fiber transceiver with single-mode SC receptacle

● Complies with ITU-T G.984.2 class B+ and C+

● Digital Optical Monitoring (DOM) support

● Complies with RoHS6 directive

● Point-to-multipoint

● Broadcast protocol uses TDMA

● High port density OLT at headend

● Low-cost ONT/ONU at home

● Primary market: FTTH for voice/data/video

● Low-cost passive optical splitter enables sharing of fiber, headend equipment

Question 56

Q

What protocol does RSVP-TE ride over?

Answer

A

IP Protocol 46

Question 57

Q

What label distribution method does RSVP use?

Answer

A

Downstream on demand

Question 58

Q

What is downstream on demand?

Answer

A

Downstream device doesn’t provide Label mapping until requested by an Upstream device

Question 59

Q

What is downstream unsolicited?

Answer

A

In this mode an LSR does not wait for a request from an upstream device before signaling FEC-to-label bindings. As soon as the LSR learns a route, it sends a binding for that route to all peer LSRs, both upstream and downstream. One disadvantage of this is that it doesn’t help in conserving labels as LSR receives label mappings from neighbors that may not be the next hop for the destination. This mode is used by BGP-LU and LDP.

Question 60

Q

What label control mode does RSVP use?

Answer

A

ordered control

Question 61

Q

What is ordered control?

Answer

A

n this approach, an LSR doesn’t advertise a FEC unless it’s the egress LSR for that FEC or until it has received a label for the FEC from its downstream peer. For each FEC for which the LSR is not the egress and no mapping exists, the LSR MUST wait until a label from a downstream LSR is received before mapping the FEC and passing corresponding labels to upstream LSRs. This is used by RSVP, LDP (JunOS) and BGP-LU.

Question 62

Q

What is Independent control?

Answer

A

This means that the LSR sending the label acts independently of its downstream peer. It does not wait for a label from the downstream LSR before it sends a label to its peers. This mode has the potential of blackholing the traffic. For instance, when operating in independent Downstream on Demand mode, an LSR may answer requests for label mappings immediately, without waiting for a label mapping from the next hop. This mode is used by LDP (IOS/IOS-XR)

Question 63

Q

What label retention mode does RSVP use?

Answer

A

Conservative Retention Mode

Question 64

Q

What is conservative retention mode?

Answer

A

In this mode LSR store only labels from a neighbor who is currently next hop for a FEC. The advantage is that it requires less memory

Answer 62

A

In this mode LSR store all the labels received by the neighbors. One dis-advantage of this mode is that it requires more memory to store all the labels but provides faster convergence.

Answer 63

A

Bidirectional Forwarding Detection (BFD) is a lightweight keepalive protocol design to reduce dead peer detection time across layer 2 networks. It is used primarily on networks that do not rely on line-protocol for interface status (like Ethernet).

Answer 64

A

UDP, BFD uses echo messages to test reachability between neighbors and control messages for signaling.

Answer 65

A

Yes, EIGRP, OSPFv2/3, IS-IS, BGP, RSVP-TE, PIM, and xconnect

Answer 66

A

NO. BFD does not perform neighbor detection; it relies on the registered protocol to do that, then runs probes based on those discovered IPv4/v6 neighbor addresses.

Answer 67

A

Segment networks without MPLS.

Multiple routing tables that are completely separate from each other.

Answer 68

A

To achieve a full mesh of iBGP peering.

Answer 69

A

Routing information exchange server for all other iBGP routers.

Answer 70

A

OPEN

UPDATE

NOTIFICATION

KEEPALIVE

Answer 71

A

Negotiate session capabilities

Contains:

BGP ver number

ASN of originating router

Hold time

BGP identifier

optional parameters

Answer 72

A

Advertises any feasible routes, withdraws previously advertised routes.

Includes the NLRI that includes the prefix and associated BGP PAs when advertising prefixes.

Withdrawn NLRIs include only the prefix.

An UPDATE message can act as a Keepalive to reduce unnecessary traffic.

Answer 73

A

Sent when an error is detected with the BGP session, such as a hold timer expiring, neighbor capabilities change, or a BGP session reset is requested. This causes the BGP connection to close.

Answer 74

A

Keepalive messages are exchanged every one-third of the Hold Timer agreed upon between the two BGP routers.

Answer 75

A

Kubernetes, or k8s (k, 8 characters, s…get it?), or “kube” if you’re into brevity, is an open source platform that automates Linux container operations.

Answer 76

A

It eliminates many of the manual processes involved in deploying and scaling containerized applications.

Cluster together groups of hosts running Linux containers, and manage with Kubernetes.

Answer 77

A

public, private and hybrid clouds

Answer 78

A

Real production apps span multiple containers. Those containers must be deployed across multiple server hosts. Kube is needed to manage containers.

Answer 79

A

Kubernetes orchestration allows you to build application services that span multiple containers, schedule those containers across a cluster, scale those containers, and manage the health of those containers over time.

Answer 80

A

networking, storage, security, telemetry and other services to provide a comprehensive container infrastructure.

Answer 81

A

By sorting containers together into a ”pod.”

Answer 82

A

Platform to schedule and run containers on clusters of physical or virtual machines.

Answer 83

A

Orchestrate containers across multiple hosts. -Make better use of hardware to maximize resources needed to run your enterprise apps. -Control and automate application deployments and updates. -Mount and add storage to run stateful apps. -Scale containerized applications and their resources on the fly. -Declaratively manage services, which guarantees the deployed applications are always running how you deployed them. -Health-check and self-heal your apps with autoplacement, autorestart, autoreplication, and autoscaling.

Answer 84

A

Registry, through projects like Atomic Registry or Docker Registry. Networking, through projects like OpenvSwitch and intelligent edge routing. Telemetry, through projects such as heapster, kibana, hawkular, and elastic. Security, through projects like LDAP, SELinux, RBAC, and OAUTH with multi-tenancy layers. Automation, with the addition of Ansible playbooks for installation and cluster life-cycle management. Services, through a rich catalog of precreated content of popular app patterns.

Answer 85

A

The machine that controls Kubernetes nodes. This is where all task assignments originate.

Answer 86

A

These machines perform the requested, assigned tasks. The Kubernetes master controls them.

Answer 87

A

A group of one or more containers deployed to a single node.

Answer 88

A

IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.

Answer 89

A

Ansible works by connecting to your nodes and pushing out small programs, called “Ansible modules” to them.

Answer 90

A

YAML, in the form of Ansible Playbooks that allow you to describe your automation jobs in a way that approaches plain English.

Answer 91

A

library of modules can reside on any machine, and there are no servers, daemons, or databases required.

Works with any terminal editor

Answer 92

A

A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings.

Answer 93

A

Container images become containers at runtime and in the case of Docker containers - images become containers when they run on Docker Engine.

Answer 94

A

-Standard: Docker created the industry standard for containers, so they could be portable anywhere

Answer 95

A

OpenStack software controls large pools of compute, storage, and networking resources throughout a datacenter, managed through a dashboard or via the OpenStack API.

Answer 96

A

OpenStack is a cloud operating system that controls large pools of compute, storage, and networking resources throughout a datacenter, all managed through a dashboard that gives administrators control while empowering their users to provision resources through a web interface.

Answer 97

A

PBTS provides a mechanism that lets you direct traffic into specific TE tunnels based on different criteria.

Answer 98

A

preferred (setup) and (hold) priority. Higher bandwidth links should have higher priority and will preempt.

Answer 99

A

Time Division Multiplexing. a collection of 64 kbps channels, called DS0s, which are aggregated into a larger bundle to form T1/T3, E1/E3 specifications.

Answer 100

A

8 bits every 125 us, which is 64 kbps.

Answer 101

A

1.544 Mbps

Answer 102

A

193 bits, 1 frame bit for OAM

Answer 103

A

44.736 Mbps with 28 DS1s + 69 frame bits

Answer 104

A

Dense WDM is an enhancement to the original WDM (coarse WDM) to stuff more wavelengths onto a single medium, which increases the bandwidth.

Answer 105

A

Multiplexer and de-multiplexer to combine and restore the signal

Answer 106

A

Optical Supervisor Channel can also be transmitted over the same optical medium to serve OAM purposes; it is analogous to SONET’s DCC.

Answer 107

A

AM, FM, PSK, QAM, and others.

Answer 108

A

It can expand optical capacity without having to lay more fiber as channel spacing between wavelengths becomes smaller.

Answer 109

A

commercial long-haul systems and often uses C-band frequencies.

Answer 110

A

Digital Subscriber Line - widely deployed “last-mile” access technology passes digital data over telephone lines by using a different set of frequencies than are used to carry phone conversations.

Answer 111

A

A DSL connection is generally comprised of a DSL modem at the customer end and a DSL access multiplexer (DSLAM) at the provider end.

Answer 112

A

The DSLAM aggregates many DSL connections and, using some kind of transport media like ATM or Ethernet, connects to the BRAS

Answer 113

A

Weight
Local Preference
Accumulated IGP (AIGP)
Locally originated
better than BGP learned
AS-path length
Origin
MED Multi exit discriminator
Neighbor type
IGP metric to the next hop
Tie breakers IGP cost-community Multipath For eBGP only, select the oldest route For iBGP or eBGP - Always compare RID For iBGP - select route with lowest cluster-list length Lowest Peer address

Answer 114

A

Optional, local only. Higher is better, and locally originated prefixes are assigned a value of 32,768 by default.

Answer 115

A

Mandatory, non-transitive. Higher is better with a default value of 100. Typically assigned inbound to an eBGP peer to affect traffic flows outbound. This attribute is maintained across confed-external boundaries.

Answer 116

A

Allows BGP to add the IGP metric to the BGP next-hop with the remote ASes metric value. Effectively, it is an end-to-end cost carried inside of BGP.

Answer 117

A

routes locally originated by a router (“sourced”) are preferred over any learned BGP routes.

Answer 118

A

Mandatory, transitive, and well-known. The local AS is appended to an UPDATE message when routes are advertised out of an AS. AS path pre-pending is commonly set outbound to influence traffic flows inbound (opposite utility as local preference).

Answer 119

A

Mandatory, transitive, and well-known. IGP implies the route was derived from IGP (network statement),

Answer 120

A

Optional, non-transitive. Used to carry the IGP metric to remote ASes to “hint” at the best path within the source AS network. Can be set outbound to influence flows inbound.

Answer 121

A

eBGP preferred over iBGP. Confed-external is treated the same as confed- internal, so this would be a tie in that case.

Answer 122

A

Computed locally based on the recursive route lookups. Lower numbers are preferred

Answer 123

A

Optional, non-transitive. If the IGP point of POI (which is the default) is passed in a prefix via extended communities, it is considered as the first “tie breaker”.

Answer 124

A

Multipath rules can be relaxed for iBGP unequal cost (where the IGP metric can be unequal), as well as the AS-path numbers.

Answer 125

A

This appears at the bottom of the route details when using the “show bgp afi safi x.x.x.x” command. The idea is to reduce churn in the eBGP topology by selecting the most stable route.

Answer 126

A

Select the route coming from the lowest BGP RID.

Answer 127

A

The idea is to pick the route that was reflected the fewest number of times.

Answer 128

A

This is the final tie-breaker it is the lowest peer address where the TCP session is established.

Answer 129

A

Next-hop reachability: Mandatory, well-known, and transitive. There must be a route to the BGP next-hop.
iBGP synchronization: Often off by default, this rule states that for an iBGP route to be considered for best-path, there must be a matching IGP route in the routing table.
Pre-bestpath cost-community: Optional, non-transitive.

Answer 130

A

Segment Routing - The idea is that individual nodes and adjacencies have segment IDs (SIDs), and each segment has label bindings.

Answer 131

A

(segment routing global block) s the range of label values reserved for Segment Routing and must not overlap with the global MPLS label range allocation.

Answer 132

A

GMPLS is an extension of the MPLS. Given an all-optical network, traffic is often carried over these fibers in multiple different wavelengths. These different light waves are multiplexed (mux’ed) at the head-end and demultiplexed (demux’ed) at the tail end of the path.

Answer 133

A

Guarantee connectivity. GMPLS seeks to provide a mechanism to set up “light paths” from end to end based on a set of constraints.

Answer 134

A

Yes. If using this feature, the requirements for the LSP are the same in both directions, which reduces latency during setup time.

Answer 135

A

MPLS TP is a mechanism to adjust typical MPLS behavior (technically IP/MPLS) to better emulate TDM networks.

Answer 136

A

PHP: MPLS-TP paths are statically configured and highly explicit,
ECMP: MPLS-TP requires all paths to be congruent (symmetric)
Label merge: When two LSPs reach a common LSR and have a common next-hop, their LSPs can be merged by using a single outgoing-label. This is not allowed in MPLS-TP since every LSP is entirely different, again, like a traditional circuit.

Answer 137

A

No need to configure IP:
Advanced OAM: Rich set of tools to monitor and manage the MPLS-TP and the PWs that run through it. This includes the Generic Alert Label (GAL) and the Generic Associated Channel (G- ACH). In summary, this provides SONET/SDH-like features such as automatic protection switching (APS) and data communications channel (DCC).
Fault reporting:

Answer 138

A

QinQ (dot1q tunneling or provider bridging) is a method of adding additional 802.1q headers to an Ethernet frame to tunnel it across different networks.

Answer 139

A

802.1ad is an amendment to 802.1q which allows them to be stacked in an Ethernet frame’s header.

Answer 140

A

Adding an additional tag squares # of VLANs (2^24 = 16777216)
Tags can be added (pushed), removed (popped), or changed (translated) by network devices as necessary.
Provides the basis for provider bridging and provider backbone bridging (PBB)

Answer 141

A

0x88A8 for the outer tag (service tag, carrier tag, metro tag, tag 1, or S- tag)

0x8100 for the inner tag (customer tag, tag 2, or C-tag).

Answer 142

A

B-MACs are service provider switch MACs that serve as the outer encapsulation for customer traffic. In this way, provider switches don’t need to learn all C-MACs, only B-MACs, of which there is one per PE.

Answer 143

A

REP is a Cisco-proprietary protocol that is used to rapidly converge a layer 2 Ethernet network arrayed in a ring topology.

Answer 144

A

Also known as Ethernet Ring Protection Switching (ERPS). A segment is called a “ring” and an independent link between two ring nodes is called a “ring link”. The ports that run this protocol on ring links are called “ring ports”. The alternate (blocked) port is known as the ring protection link, or RPL. The node that is actually blocking a port is known as the “RPL owner node”.

Answer 145

A

ERPS registers to CFM as a client.

Answer 146

A

QoS link fragmentation and interleaving (LFI) is a common technique for slow WAN links to reduce latency for priority traffic.

Large data packets take longer to serialize over slow WAN links than small voice packets do.

Answer 147

A

Delay (sec) = size (bits) / rate (bits/sec) - As an example, a 1500 byte packet (12000 bits) going over a T1 link (1544000 bps) will take about ~8ms (0.008 seconds) to serialize.

Answer 148

A

768 kbps (half T1) is the cutoff for a slow link.

Answer 149

A

Stateful switchover. RSP/RP to be written to the backup one so that it can immediately take over if the primary one fails.

Answer 150

A

Non-stop forwarding. During an SSO event, NSF ensures that despite a brief loss of the control plane due to an RSP/RP failure, traffic can still be forwarded.

Answer 151

A

Maintains the routing protocol information during an SSO event. BGP sessions can remain intact. NSR is available with OSPFv2/v3, IS-IS, BGP, LDP routing technologies currently. RVSP-TE, EIGRP, and RIP are not included.

Answer 152

A

Yes. IS-IS supports both NSF and NSR. The NSF capability of IS-IS is signaled using the Restart TLV, which is carried in the hello PDUs

Answer 153

A

Yes. NSF requires some extensions to OSPF so that the peer routers remain aware of the restarting router. OSPF uses new “grace LSAs”, which are link-local opaque LSAs containing the grace period time in their payloads.

Answer 154

A

OSPFv3 calls NSF “graceful-restart”.

Answer 155

A

BGP GR’s primary purpose is the same as the other protocols: don’t introduce churn into the protocol while a router switches over, specify a grace period, and continue forwarding as normal. BGP accomplishes this by introducing the End-of-RIB (EoR) marker, as well as a new “Graceful Restart” capability.

Answer 156

A

Marks the end of RIB, it is effectively an explicit signal to the peer that the BGP UPDATE messages have ceased.

Answer 157

A

Yes. Although not a routing protocol, LDP is critical for most MPLS applications. It also has the concept of GR/NSF and NSR for this reason.

Answer 158

A

Just GR is used to maintain state information when a node in the LSP performs an RP switchover.

Answer 159

A

EIGRP supports GR/NSF but not NSR.

Answer 160

A

A timer that runs in software to identify when a link goes down at layer 1. This is normally set to 2 seconds to prevent against very short flaps, which may introduce churn.

Answer 161

A

A BGP prefix is cryptographically signed with the key of its valid originator, and each BGP router receiving the path checks to ensure the prefix originated from the valid owner.

Answer 162

A

Performance management: practice of managing network service response time, consistency, and quality for individual and overall services.

Capacity management: process of determining the network resources required to prevent a performance or availability impact on business-critical applications.

Answer 163

A

Forwarding of ICMP unreachables back into the core network and ultimately into a sinkhole for analysis.

Answer 164

A

This allows a mediation device to communicate to a router over SNMPv3 to setup/teardown wiretap sessions on a network device.

Answer 165

A

Defines additional BGP NLRI to inject traffic manipulation policy information to be dynamically implemented by a receiving router. It can signal specific QoS actions, redirect traffic into a VRF for analysis, or drop the traffic.

Answer 166

A

ACLs, remotely triggered black holes, unicast RPF, backscatter traceback, and BGP Flowspec.

Answer 167

A

Functions that detect, isolate, and correct malfunctions in the network.

Answer 168

A

Performance management: practice of managing network service response time, consistency, and quality for individual and overall services.

process of determining the network resources required to prevent a performance or availability impact on business-critical applications.

Answer 169

A

The larger the queue, the longer data has to wait. Tail drop occurs when the queue is full and admittance is prohibited.

Answer 170

A

a. CPU. Used by both control and data planes on any network device.
b. Backplane of I/O.
c. Memory and buffers.
d. Interface and pipe sizes.
e. Queuing, latency, and jitter.
f. Speed and distance.
g. Application characteristics. Small window sizes, application keepalives, and amount of data sent over the network versus what is required is often the reason for poor application performance.

Answer 171

A

a. Service level management - SLA
b. Network and application what-if analysis.
c. Baselining and trending.
d. Exception management.
e. QoS management.

Answer 172

A

Network Configuration Protocol. It is a standard for configuring, deleting, and modifying configurations on network devices.

YANG is used to model the network configurations and state into tree structures; it is the data model for NETCONF.

Answer 173

A

Test configurations before committing them, being able to configure multiple network devices concurrently, and bulk-get operations that are much faster than SNMP.

NETCONF uses SSH

NETCONF messages are encoded in XML, and individual YANG data models are included as “capabilities” in NETCONF hello packets. .

Answer 174

A

The structure contains several “types”, which include integers, Booleans, enumerations, pointers, and other information types to be processed.

Answer 175

A

If a PE is only importing a subset of RTs, the RR will reflect all VPN routes to a PE where the majority of them are rejected due to the RT-import not being locally configured for any VRF.

Answer 176

A

Control flow of traffic.

Answer 177

A

Carry cost information around BGP networks.

Answer 178

A

Encompass all of the solutions meant to transport multicast traffic from place to place in a VPN environment.

Answer 179

A

Draft-Rosen, used GRE tunnels to connect all of the PE devices in a given MVPN instance

Answer 180

A

Customer and Core, P router just act as transit.

Answer 181

A

PIM-ASM, PIM-SSM, or PIM-Bidir in the core.

Answer 182

A

It does not take advantage of MPLS transport.

Answer 183

A

Yes. P2MP RSVP-TE, a multipoint tunnel can be built from headend to multiple tail ends, which is perfect for transporting one-way multicast.

Answer 184

A

Yes. multicast LDP (mLDP).

Answer 185

A

Provider Multicast Service Interface is a conceptual “overlay” on the P-network that refers to a “service”.

Packets are encapsulated in IP/GRE or MPLS and delivered to the PMSI where they are de-capsulated.

Answer 186

A

Intra-AS Inclusive PMSI (I-PMSI) AD: Originated by each PE inside an AS; used to learn MVPN membership.

Answer 187

A

Inter-AS I-PMSI AD: Originated by each ASBR; used to learn MVPN membership. This is examined in detail when testing inter-AS MVPN.

Answer 188

A

Selective (S-PMSI) AD: Originated by the source (ingress) PE and used for signaling a specific P2MP tree or data MDT.

This is meant to selectively target receivers that want multicast for a given C(S,G).

Answer 189

A

Leaf AD: If the Type-3 requests it, the receiver (Egress) PEs will explicitly show interest in a specific C(S,G).

Answer 190

A

Source Active AD: Originated by the source (ingress) PE when it learns about an active source and assist with SPT switchover.

Answer 191

A

The method by which customers exchange multicast routing has always been PIM.

Answer 192

A

Shared Tree Join: Specifies the RP and group, and is meant to signal C-PIM-ASM interest in a particular group. This replaces the PIM (*,G) signaling.

Answer 193

A

Source Tree Join: Looks identical to a Type-6 except the RP’s IP address is substituted for the source’s address. It can also be sent upon receipt of a Type-5 Source Active AD message. This replaces the PIM (S,G) signaling.

Answer 194

A

mLDP is also capable of carrying the c-mcast signaling in-band.

Answer 195

A

It needs to look at the I-PMSI or S-PMSI to determine the tunnel type. Each transport method has a different tunnel type.

Answer 196

A

Inside the PMSI attributes within BGP AD routes

Answer 197

A

Type 0: No tunnel specified Type 1: RSVP-TE P2MP Type 2: mLDP P2MP Type 3: PIM-SSM Type 4: PIM-ASM Type 5: PIM-Bidir Type 6: Ingress Replication (IR) Type 7: mLDP MP2MP

No.

Answer 198

A

BGP-LS is designed to capture link state IGP and TE information and transport it across the network.

Answer 199

A

Default MDT − MLDP MP2MP − PIM C−mcast Signaling (Basic mLDP) The MP2MP tree is a bidirectional tree that represents and emulated LAN. When used with C- PIM signaling, it forms a full-mesh of all VPN participants, which is determined by the VRF’s VPN-ID.

Answer 200

A

Default MDT − GRE − BGP−AD − PIM C−mcast Signaling

Answer 201

A

VRF MLDP − In−band Signaling

Answer 202

A

Global MLDP In−band Signaling

Answer 203

A

Global Static − P2MP−TE P2MP

Answer 204

A

Default MDT − MLDP − MP2MP − BGP−AD − PIM C−mcast Signaling

Answer 205

A

VRF Static – P2MP TE - BGP−AD

Answer 206

A

Default MDT − GRE − BGP−AD − BGP C−mcast Signaling

Answer 207

A

Default MDT − MLDP − P2MP − BGP−AD − BGP C−mcast Signaling

Answer 208

A

Default MDT − MLDP − MP2MP − BGP−AD − BGP C−mcast Signaling

Answer 209

A

Partitioned MDT – MLDP P2MP – BGP-AD – BGP C-mcast signaling

Answer 210

A

Default MDT – MLDP P2MP – BGP-AD – PIM C-mcast signaling

Answer 211

A

MoFRR is a feature used to ensure high availability for multicast traffic.

Answer 212

A

Networks that have been extended outside of an intranet to provide reachability to external organizations. an MVPN extranet exists when sources are in one VPN and receivers are in another VPN.

Answer 213

A

If a link or node within the path of a TE tunnel fails, a pre-signaled backup path is available and traffic can be routed into the backup tunnel as soon as the failure is detected.

Answer 214

A

The point of local repair is the head-end of the backup path. When a failure is detected, it routes packets into the backup tunnel.

Answer 215

A

The merge point is the tail-end of the backup path. When traffic arrives at the MP, it is routed along the normal TE path again, merging the traffic back on the original path.

Answer 216

A

Pre-signals a backup path from head to tail on a per path-option basis to be used in case of a failure anywhere along the path.

Answer 217

A

Next-hop protection (link protection) protects the path to the next-hop by routing around failed links.

Answer 218

A

Next-next-hop protection (node protection) protects the path to the hop after the next-hop by routing around failed nodes.

Answer 219

A

N:1 or many-to-one or facility backup. The PLR pushes a new FRR label (wraps the existing MPLS packet) as part of a new TE tunnel.
1:1 or one-to-one or detour backup. The PLR swaps the top label rather than pushes a new one.

Answer 220

A

Class and Policy Based Tunnel Selection (CBTS/PBTS) are mechanisms of mapping EXP values to different tunnels in XE and XR, respectively.

Answer 221

A

Pad small packets:
Carry control bits for certain layer 2 protocols
Preserve the sequence of frames
Facilitate load sharing
Facilitate fragmentation/reassembly: Using Beginning and Ending (B and E) bits, AToM frames can be fragmented and reassembled for transit over MPLS. P routers cannot fragment AToM packets.

Answer 222

A

a way to terminate PWs on a common node and have that router bridge the two PWs together. In this way, the PW is “stitched” to provide layer-2 transport end to end.

Answer 223

A

Sets the Hold Timer in seconds for each BGP neighbor. Upon receipt of an UPDATE or KEEPALIVE, the Hold Timer resets to the initial value.

Answer 224

A

Smaller, 3 seconds or 0

Answer 225

A

32-bit unique number that identifies the BGP router in the advertised prefixes as the BGP Identifier. The RID can be used as a loop prevention mechanism for routers

Answer 226

A

Pods add a layer of abstraction to grouped containers, which helps you schedule workloads and provide necessary services like networking and storage to those containers.

Answer 227

A

Other parts of Kubernetes help you load balance across these pods and ensure you have the right number of containers running to support your workloads.

Answer 228

A

Containers isolate software from its environment and ensure that it works uniformly despite differences for instance between development and staging.

Answer 229

A

Yes, regardless of infrastructure, available for windows and linux

Answer 230

A

PBTS works by selecting tunnels based on the classification criteria of the incoming packets, which are based on the IP precedence, experimental (EXP) , or type of service (ToS) field in the packet.

Answer 231

A

PBTS will benefit Internet service providers (ISPs) who carry voice and data traffic through their MPLS and MPLS/VPN networks, who want to route this traffic to provide optimized voice service.

Answer 232

A

Wavelength division multiplexing (WDM) is a method of transmitting many different wavelengths of light onto a single fiber media.

Answer 233

A

single-mode fiber, which is built for long-haul transmissions at higher data rates and has a diameter of 9 um.

Answer 234

A

Within a confederation, the values are placed into a parenthesized list and treated as a single AS.

Answer 235

A

Backbone component: Contains a destination address (B-DA), source address (B-SA), the ethertype 0x88A8 as defined in 802.1ad for QinQ tunneling, and a B-tag to represents the backbone VLAN.
Service component: Contains ethertype 0x88E7 (defined for PBB) and an I-SID (24-bit service ID).
Original frame: This could be an IP packet inside of an Ethernet frame (0x0800), an Ethernet frame inside of dot1q with a single C-tag (0x8100), or part of a hierarchical bridging architecture with two tags already on it (0x88A8).

Answer 236

A

ring automatic protection switching (R-APS) series of messages.

Answer 237

A

A failure along the ring triggers an R-APG signal failure (R-APS SF) failure, and when the RPL owner receives this message, the port is immediately unblocked.

Answer 238

A

Switches participating in ERPS must be part of the same CFM domain as a prerequisite to ERPS working.

Answer 239

A

No, but it is recommended to configure CFM MEPs; although this is not required, it allows for additional CFM monitoring

Answer 240

A

combines ACLs, remotely triggered blackholes (sometimes), sinkholes, and ICMP unreachables to determine the ASBR ingress routers from which an attack has entered the network.

Answer 241

A

it also assists with stuck-in-active (SIA) events where a route has unanswered queries from at least one peer regarding its reachability status.

Answer 242

A

the restart bit (RS-bit) is set in the hello packets towards all peers. Those who receive and understand this message immediately send their EIGRP topology tables to the restarting router. When complete, an end-of-table (EoT) message is sent to signal the end of the topology transfer.

Answer 243

A

Data plane, even though the rules are written into the NLRI

Answer 244

A

Remotely triggered black holes - blackholes traffic to/from certain prefixes during a DDoS attack.

Answer 245

A

latency refers to any of several kinds of delays typically incurred in processing of network data.

Answer 246

A

variation in the latency on a packet flow between two systems, when some packets take longer to travel from one system to the other.

Answer 247

A

Like a normal TE tunnel, each sub-tunnel (also called sub- LSP) can request FRR treatment, make bandwidth reservations, and do any other kind of TE CSPF parameter tuning.

Answer 248

A

This works like LDP where labels are exchanged on a hop-by-hop basis.

Answer 249

A

mLDP can support P2MP trees, It can also support MP2MP trees, which are similar to PIM-Bidir where traffic can flow in either direction towards the root, which is the main junction point.

Answer 250

A

upstream and downstream labels are exchanged.

Answer 251

A

P2MP - like PIM SSM

Answer 252

A

MP2MP - like PIM BSR

Answer 253

A

PEs would form PIM neighbors inside the VRF and the tunnel-mesh would look like an emulated LAN.

Answer 254

A

Same as draft-rosen.

Answer 255

A

To achieve better scalability

Answer 256

A

IPv4/v6 MVPN SAFI, PIM equivalent of (*,G) join and an (S,G) join.

Answer 257

A

Receiving a PIM (*,G) or (S,G) join from the CE will trigger the creation of a BGP Type-6 or Type-7 route, respectively.

Answer 258

A

Inclusive-PMSI - The I-PMSI tunnel connects to all PEs on the MVPN and sends multicast data to these PEs regardless of whether these PEs have receivers.

Answer 259

A

Selective-PMSI - S-PMSI tunnels solve the I-PMSI problem by sending multicast data only to PEs interested in the data.

Answer 260

A

adjusts how RPF works with traditional PIM. When the PIM last hop router (LHR) receives an IGMP join, whether ASM or SSM, it will originate some kind of PIM join.

MoFRR allows a router to send multiple PIM joins towards the root of the tree for diversity.

Answer 261

A

Reduce CAPEX (Fewer Chassis)- Reduce OPEX (deploy fewer chassis, simplify topologies)- Reduce environmental impact

Answer 262

A

A Hardware-Isolated Virtual Router (HVR) has hardware-based resource isolation between routing entities.- A Software-Isolated Virtual Router (SVR) comprises software-based resource isolation between routing entities.

Answer 263

A

Multiple guest operating systems to overlay on a host operating system.2. Integrate the virtualization into the kernel itself.3. Virtualization is in the individual applications.

Answer 264

A

Doesn’t scale well because it introduces significant contention of resources and users tend to over provision resources on all SVRs wasting resources.

Answer 265

A

This model may improve processing performance but suffers from resource contention and increased complexity and instability in the kernel.

Answer 266

A

Scales better because of lower overhead but complicates a number of issues because the application must some level of virtualization.

Answer 267

A

Yes. All SVR models share resources in the data plane, requiring vigilant resource monitoring.

Answer 268

A

No. It dedicates both control and data plane resources on a per-module boundary to individual virtual entities so there is no sharing of resources, other than a lightweight shim layer that provides low-level communication between HVRs.

Answer 269

A

Secure Domain Routers (SDRs)

Answer 270

A

An HVR technology that provides full isolation between virtual routing instances through the use of Distributed Route Processors (DRPs) for extra control plane resources.

Answer 271

A

With entire Route Processors (RPs) and Modular Services Cards (MSCs) dedicated to an SDR.

Answer 272

A

Satellite switches act as extensions to the ASR9k, they are under the complete control and configuration management of the host router.

Answer 273

A

Port Density - A single 24-port Ten Gigabit Ethernet line card on the Cisco ASR 9000 Series Router could integrate up to 24 satellite switches each with 44 GigE ports; this results in an effective port density of 1056 Gigabit Ethernet ports for each Cisco ASR 9000 Series Router line card slot.

Answer 274

A

Hub and Spoke network topologyDual Home network topologySimple Ring topologyLayer 2 Fabric network topology

Answer 275

A

No, they can be in geographically distinct locations

Answer 276

A

Network Function Virtualization - decouples network functions from hardware and puts them in software. Example: vFirewalls, vRouters, load balancer, etc.

Answer 277

A

User equipment like a cellphone. Each UE carries a Universal integrated circuit card (UICC) In LTE the cellphone carries a Subscriber Identity module (SIM) which identifies a phones number, billing plan, etc.

Answer 278

A

These are base stations that control the mobile nodes in one or more calls. A base station that is supporting a specific mobile node is reference as the mobile node’s “serving eNB”. LTE mobile nodes can only communicate with one base station at a time.

Answer 279

A

Send/receive radio transmissions and to control low-level signaling such as handover commands.

Answer 280

A

To support mobility events for packet forwarding and handover using the X2 interface.

Answer 281

A

S1 interface.

Answer 282

A

Via the LTE-Uu interface.

Answer 283

A

(Radio Access Network) This is a way of providing backhaul from access networks to the provider’s core network.

Answer 284

A

Universal Mobile Telecommunications System - This was the third generation 3G network upon which 4G LTE was built. This was a combination of circuit and packet switched architectures which was more hierarchical.

Answer 285

A

Evolved UMTS Terrestrial RAN. This encompasses the entire LTE access network, which consists of eNB radios.

Answer 286

A

Base transceiver station - eNB, is the element in E-UTRA of LTE that is the evolution of the element Node B in UTRA of UMTS. It is the hardware that is connected to the mobile phone network that communicates directly wirelessly with mobile handsets (UEs), like a base transceiver station (BTS) in GSM networks.

Answer 287

A

Uniform is a QoS model whereby changes in the SP network are propagated to the customers.

Answer 288

A

QoS Policy Progagation through BGP - BGP NLRI carries the QoS markings for specific routes

Answer 289

A

Under the AC interface add the command ‘preferred-path interface Tunnel85’

Answer 290

A

PW and VFI are bridged. Bridge domain acts like l2 switch, PW intefaces and VFI act like connections to a switch.

Answer 291

A

Through the flood and learn approach

Answer 292

A

The route-target.

Answer 293

A

General communications channel - defined by G.709 is an in-band side channel used to carry transmission management and signaling information within optical transport network elements.

Four bytes (each of two bytes) within ODUk overhead. These bytes are used for client end-to-end information and shouldn’t be touched by the OTN equipment.

Answer 294

A

MPLS Traffic Engineering AutoTunnel Mesh Groups (referred to as mesh groups) allow a network administrator to configure traffic engineering (TE) label-switched paths (LSPs) by using a few command line interface (CLI) commands.

Answer 295

A

you must configure each existing TE LSR to be a member of the mesh by using a minimal set of configuration commands.

Answer 296

A

Minimize the initial configuration of the network. You configure one template interface per mesh that propagates to all mesh tunnel interfaces, as needed.
Minimize future configurations resulting from network growth. Eliminates the need to reconfigure each existing TE LSR in order to establish a full mesh of TE LSPs whenever a new PE router is added to the network.
Existing routers set up TE LSPs to new PE routers.
Automatically construct a mesh of TE LSPs among the PE routers.

Answer 297

A

Enable autotunnel mesh groups globally. See the “Enable AutoTunnel Mesh Groups Globally” section.
Create an access-list.
Create one or more template interfaces.

Answer 298

A

The access-list determines the destination addresses for the mesh tunnel interfaces.

Answer 299

A

The template interface allows you to enter commands once per mesh group. These commands specify how mesh tunnel interfaces will be created. Each time a new router is added to the network, a new mesh tunnel interface is created and that configuration is duplicated from the template. Each mesh tunnel interface has the same path constraints and other parameters configured on the template interface. Only the tunnel destination address is different.

Answer 300

A

mpls traffic-eng auto-tunnel mesh tunnel-num min 1000 max 2000

Answer 301

A

Embedded Packet Capture is used in Cisco IOS on the router and captures the packets sent and received. The packets are stored within a buffer in DRAM and are thus not persistent through a reload. Once the data is captured, it can be examined in a summary or detailed view on the router.

Answer 302

A

exported into PCAP (Wireshark), or on the router.

Answer 303

A

Basic EPC Configuration

Define the location where the capture will occur:

Associate a filter. The filter may be specified inline, or an ACL or class-map can be referenced:

Start the capture:

The capture is now active. Allow it to collect the necessary data.

Stop the capture:

Examine the capture in a summary view:

Examine the capture in a detailed view:

In addition, export the capture in PCAP format for further analysis:

Once the necessary data has been collected, remove the capture:

Answer 304

A

The capture can be performed on physical interfaces, sub-interfaces, and tunnel interfaces.

Answer 305

A

1 - IPv4

2- IPv6

Answer 306

A

sub-address family idenitifiers

SAFI/Meaning

1 Unicast

2 Multicast

3 Unicast and multicast

4 MPLS Label

128 MPLS-labeled VPN

Answer 307

A

There are two operating modes to BFD, asynchronous mode and demand mode.

Answer 308

A

The asynchronous mode is similar to the hello and holddown timers, BFD will keep sending hello packets (called BFD control packets) and when you don’t receive some of them, the session is teared down.

Answer 309

A

once BFD has found a neighbor it won’t continuously send control packets but only uses a polling mechanism. Another method has to be used to check reachability, for example it could check the receive and transmit statistics of the interface.

Answer 310

A

Both modes also support something called echo mode. When a device sends BFD echo packets then the receiver will return them without processing them. When the sender doesn’t get the echo packets back, it knows something is wrong and will tear down the session.

Answer 311

A

MPLS over DMVPN - DMVPN provides two key advantages for extending MPLS VPNs to the branches, bulk encryption and, more importantly, a scalable overlay model.

Answer 312

A

WAN edge router (Hub) is a P router that can label switch packets between branches.

Branches act as PE routers use LDP and IGP for signalling L3VPN

Answer 313

A

Loop Prevention

Answer 314

A

In the type 3, 5, 7 LSA and the domain-tag for type 5 and 7

Answer 315

A

When an OSPF LSA type 1 route is advertised to the PE2, then redistributed into VPNv4 and advertised to another PE2, then redistributed back into an OSPF area as a type 3 LSA with redundant uplinks. Route doesn’t get re-advertised back to BGP as locally originated route.

Answer 316

A

The IPv4 packets entering B4 are encapsulated using a IPv6 tunnel and sent to the Address Family Transition Router (AFTR).

Answer 317

A

This is the router that terminates the tunnel from the B4. It decapsulates the tunneled IPv4 packet, translates the network address and routes to the IPv4 network.

Answer 318

A

Reverse network address translated and the resultant IPv4 packets are sent the B4 using a IPv6 tunnel.

Answer 319

A

Its main characteristic is the use of passive splitters in the fibre distribution network.

Answer 320

A

They enable one single feeding fibre from the provider’s central office to serve multiple homes and small businesses.

Answer 321

A

Headend router sends a PATH request first to the tail-end and then the Tail end router replies back with RESV which includes the FEC-to-Label mapping towards the head end.

Answer 322

A

IP address, IPC, hostname, and other resources

Answer 323

A

Network and storage which simplifies moving containers around cluster

Answer 324

A

Written to be resource models of the desired state of the system - how all systems inter-relate.

Ansible then executes these modules (over SSH by default), and removes them when finished

Answer 325

A

functions like ARP, BFD, ACL, and QoS, because the LC has a FIB and can forward.

Answer 326

A

Extended IS neighbor TLV #22

Extended IS reachability TLV#135

Router ID TLV #134

Answer 327

A

Bi-directional

Answer 328

A

Explicit Joins

Answer 329

A

Installs additional routes in RIB and CEF to same prefix destination.

Answer 330

A

Can limit hot potato routing, limit MED oscillations, help with mx, next-hop failures.

Brainscape's Knowledge GenomeTM

CCIE SP Written Flashcards

Brainscape's Knowledge Genome^TM