CCNP Route Practice 2 Flashcards

1
Q

Which of the following statements is NOT true about BGP peers?

A. eBGP peers use TCP to communicate

B. eBGP ppers use port 179 by default

C. eBGP peers do not update the AS_Path attribute before sending updates to another eBGP peer

D. iBGP peers do not update the AS_Path attribute before sending updates to an iBGP peer.

A

Answer: C Explanation:

External BGP (eBGP) peers do update the AS_Path attribute before sending updates to another eBGP peer. This helps to maintain the path back to the source of the update.

eBGP peers use TCP to communicate, and they do so on port 179 by default.

Internal BGP (BGP) peers are routers that reside in the same AS. iBGP peers do not update the AS_Path attribute before sending updates to an iBGP peer. That is only done when an update is sent from an eBGP peer to another eBGP peer.

Objective:

Layer 3 Technologies

Sub-Objective:

Explain BGP attributes and best-path selection

References:

Home > About Cisco > Publications and Merchandise > The Internet Protocol Journal > Back issues > Volume 9,Number 1, March 2006 > Autonomous System Numbers > Exploring Autonomous System Numbers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following IPv4 migrations techniques does not separate DNS and the translations process

A. NAT-PT

B. stateless NAT64

C. stateful NAT64

D. MAP-T

A

Answer: A

Explanation:

Network Address Translation-Protocol Translation (NAT-PT) and DNS are inseparable, which is one of the reasons why NAT-PT has been deprecated. Network Address Translation IPv6 to IPv4, or NAT64, is superior to the NAT-PT technique because this solution has complete separation of the functions of NAT64 and DNS64.

Stateless NAT64 is a version of NAT64 that does not maintain a binding or session state when it performs Address Family Translation (AFT). As such, it cannot be used in some of the implementations in which stateful NAT 64 can. However, in this method, DNS and the translation process are independent.

Stateful NAT64 creates or modifies bindings or session state while performing translation. For this reason, it can be used to translate from an IPv4 network to an IPv6 network if static mappings are created, which stateless NAT64 cannot.

Mapping of Address and Ports using Translation (MAP-T) is a method of creating mappings to provide connectivity for IPv4 hosts across an IPv6 domain. Its operation is not connected to DNS.

Objective:

Infrastructure Services Sub-Objective:

Describe IPv6 NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Router R2 has been configured with the following OSPF router command: area 1 range 130.31.96.0 255.255.224.0

Which address listed will be summarized by R2 into area 0? (chose all that apply)

A. 130.31.128.0/23

B. 130.31.112.0/20

C. 130.31.130.0/24

D. 130.31.160.0/22

E. 130.31.104.0/21

A

Answer: B, E

Explanation:

The command area 1 range130.31.96.0 255.255.224.0 is used to summarize the IP network addresses from 130.31.96.0/24 to 130.31.127.0/24 in area 1. Addresses 130.31.112.0/20 and 130.31.104.0/21 are both in that range of network addresses.

To determine if an address is a part of a summary, put the summary address and summary mask in binary format. Do the same with the address and the summary mask you are examining, as shown below:

  1. 31.96.0 10000010.00001111.01100000.00000000
  2. 31.112.0 10000010.00001111.01110000.00000000
  3. 255.224.0 11111111.11111111.11100000.00000000

If the address you are testing and the summary address agree to the point where the mask stops, then the test address is part of the summary. In this case, they agree through the 27th bit, so this address is a part of the summary. The same is true for the 130.31.104.0 address.

In OSPF, you can only configure summarization on the border routers. The summaries need to be of routes within a single area. You summarize the routes of an area so that routers in another area do not see the individual networks, just the summary. The correct command is:

area area id range ip-address mask

The area id parameter is the number of the area whose networks are being summarized. For example, in the network shown in the exhibit, to summarize the networks within area 1 to 130.31.96.0/19 you would configure router R2 with the command area 1 range 130.31.96.0 255.255.224.0. This would not affect the routing tables of the routers within area 1, but instead make the routing tables of areas 0 and 2 smaller. These other routers would only have the summary route listed instead of the individual networks. Router 3 would only see the summary route 130.31.96.0/19.

Objective:

Layer 3 Technologies

Sub-Objective:

Configure and verify manual and autosummarization with any routing protocol

References:

Cisco > Home > Support > Technology Support > IP Routing > Technology Information > Technology White Paper > OSPF Design Guide > OSPF and Route Summarization > Inter-Area Route Summarization

Cisco IOS Master Command List, Release 12.4 > a through b > area range

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You are implementing IP SLA and would like to use it to measure hop-by-hop response time between a Cisco rotuer and any IP device on the network.

Which of the following IP SLA operations would you use for this?

A. ICMP path echo operation

B. Internet Control Message Protocol Echo Operation

C. UDP Jitter Operation for VoIP

D. UDP Jitter Operation

A

Answer: A

Explanation:

The ICMP path echo operation discovers the path using the traceroute command, and then measures response time between the source router and each intermittent hop in the path. IP SLAs allow users to monitor network performance between Cisco routers or from either a Cisco router to a remote IP device.

The Internet Control Message Protocol (ICMP) Echo Operation measures end-to-end response time between a Cisco router and any IP-enabled device. Response time is computed by measuring the time taken between sending an ICMP echo request message to the destination and receiving an ICMP echo reply. It does not measure hop-by-hop response time.

The UDP Jitter Operation for VoIP is an extension to the current jitter operations with specific enhancements for VoIP. The enhancements allow this operation to calculate voice quality scores and simulate the codec’s directly in CLI and the MIB. It does not measure hop-by-hop response time.

The UDP Jitter Operation is designed to measure the delay, delay variance, and packet loss in IP networks by generating active UDP traffic. It does not measure hop-by-hop response time.

Objective:

Infrastructure Services

Sub-Objective:

Describe SLA architecture

References:

Home > Support > Technology support > IP > IP application services > Technology information > Technology white paper > Cisco IOS IP Service Level Agreements User Guide

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which command is the proper command for allowing RIP routing updates to be received on an interface while not allowing them to be sent out of the same interface.

A. Router(config)#passive-interface e0/0

B. Router(config)#passive-interface

C. Router(config-if)#interface passive

D. Router(config-router)#passive-interface e0/0

E. Router(config-router)#interface passive e0/0

A

Answer: D

Explanation:
The correct answer is as follows:
Router(config-router)# passive-interface e010

The effect of the passive-interface command is dependent on the routing protocol running on the interface. For EIGRP, the router will not only stop sending routing updates, but also hellos, which means that it will not form a neighbor relationship with another EIGRP router on that interface. This is also the case with OSPF and IS-IS. With RIP, however, the router will continue to send hellos even as it stops sending routing updates, and it will still receive routing updates.

The passive-interface command issued at the router configuration mode will prevent routing updates from being sent out on a specific interface while still allowing the interface to receive updates. This command can be used in any situation where you want the router to receive routing updates on a particular interface but not send any updates. This is helpful for security purposes, for preventing routing loops, or to control routing update traffic.
The other options either use improper syntax or are executed at an incorrect prompt.

Objective: Layer 3 Technologies Sub-Objective: Configure and verify loop prevention mechanisms
References: Cisco > Home > Support > Technology Support > IP > IP Routing > Design > Design Technotes > How Does the Passive Interface Feature Work in EIGRP? Cisco > Cisco IOS IP Routing: Protocol-Independent Command Reference > passive-interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following commands should you use to determine both the feasible successors and the non-feasible successors to a given destination network?
destination network?

A show ip route eigrp

B show ip eigrp topology

C show ip eigrp topology all-links

D show ip eigrp topology zero-successors

A

Answer: C Explanation:

The show ip eigrp topology all-links command displays both feasible successors and non-feasible successors to a given destination network. This command displays the contents of the topology table and shows all the routes available for a given destination network.

An example of partial output of the command is below:

R2# show ip eigrp topology- all-links IP-EIGRP Topology Table for process 666

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

    • Reply status
  1. 172.17.1.0/24, 1 successors, FD is 2169856 via Connected, Serial()
  2. 172.16.1.0/24, 1 successors, FD is 2195456 via 172.17.1.1 (2195456/281600), Serial()
  3. 172.19.1.0/24, 1 successors, FD is 2297856, tag is 1 via 172.17.1.1 (2297856/128256), Serial()
  4. 172.20.2.0/24, 1 successor, FD is 2469831
  • Via 172.17.3.1 (2469831/2413698), Serial1
  • Via 172.17.1.1 (2475369/2443698), Serial0
  1. 172.25.1.0/24, 1 successor, FD is 2496831
  • Via 172.17.3.1 (2496831/2413468), Serial1
  • Via 172.17.1.1 (2596481/2501649), Serial0

The 172.20.2.0/24 network has a feasible successor. This can be determined by looking at the values in the parenthesis next to each route. The second value after the / is the advertised distance from the successor. This value must be less than the value of the feasible distance for a route to be considered a feasible successor. There are two routes for 1722020/24. The first route listed, via 172.17.3.1, is the successor route. Its cost is 246983122, which matches the feasible distance (FD). The second route, via 172.17.1.1, has an advertised distance of 2443698 (the second value in the parentheses after the /). Because this value is less than the FD (2413698), it qualifies as a feasible successor.

The 172.25.1.0/24 network does not have a feasible successor. The second route listed via 172.17.1.1 has an advertised distance of 2501649, which is greater than the value of the FD, (2416381). Therefore, it is not a feasible successor.

You should not use the show ip route eigrp command. This command displays only the best metric routes (successors) to a given destination network. A route has the best metric if it has the least feasible distance, which refers to the sum of the metric from a given neighbor to a destination network and the metric to reach that neighbor.

You should not use the show ip eigrp topology command without the all-links parameter. This command displays only the feasible successors to a given destination network.

You should not use the show ip eigrp topology zero-successors command because this command lists those routes that do not have a valid successor.

Objective:

Layer 3 Technologies

Sub-Objective:

Configure and verify policy-based routing

References:

Cisco IOS IP Routing: EIGRP Command Reference > show ip eigrp topology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which EIGRP packet type is sent as a mufticast when a new route is discovered, and sent as a unicast to synchronize topology tables when
neighbors initialize?

A ACK

B Hello

C Update

D Replies

E Queries

A

Answer: C

Explanation:

EIGRP update packets are sent as a mutticast when a new route is discovered, and sent as a unicast to synchronize topology tables when a neighboring router initializes.

Whenever EIGRP only needs to communicate with a single neighbor, it sends a unicast to that neighbor instead of the standard mutticast. In this case, it unicasts a packet to update a new EIGRP router on the network with the information that all other routers on that network already know.

Hellos for neighbor discovery and maintenance are always mutticasts. ACKs are hellos without data, and are always unicast.

Queries are always mutticast.

Replies to queries are always unicast.

Objective:

Layer 3 Technologies

Sub-Objective:

Describe EIGRP packet types

References:

Internetworking Technology Handbook > Enhanced Interior Gateway Routing Protocol (EIGRP) > EIGRP Packet Types

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following actions will make area 1 a totally stubby area? (Choose all that apply. Each correct answer is part of the solution.)

A execute the area 1 stub no-summary command on RouterA
B execute the area 1 stub no-summary command on RouterB
C execute the area 1 stub command on RouterB
D execute the area 1 stub command on RouterA
E execute the area 0 stub-no summary command on RouterA
F execute the area 0 stub no-summary command on RouterB
G execute the area 0 stub command on RouterB
H execute the area 0 stub command on RouterA

A

Answer: A, C

Explanation:

You should execute the area 1 stub no-summary command on RouterA and the area 1 stub command on RouterB. A totally stubby area is one that only keeps local area routes in the link-state database (LSDB), plus a default route that leads out of the area. To make an area totally stubby, the area border router (ABR) should be configured with the area 1 stub no-summary command and all other area routers should be configured with the area 1 stub command. The diagram in the scenario indicates that RouterA is the border router.

You should not run any of the commands that refer to area 0. This would affect a different area than the requirement stated in the scenario. None of the other combinations of actions will create a totally stubby area.

If you run the area 1 stub command on both RouterA and RouterB, it will create a stub area. A stub area differs from a totally stubby area in that a stub area will allow updates about areas in the same OSPF domain.

Objective:

Layer 3 Technologies

Sub-Objective:

Configure and verify network types, area types, and router types

References:

Cisco > Home > Support > Technology Support > IP > IP Routing > Design > Design Technotes > What Are OSPF Areas and Virtual Links? > Define a Totally Stub Area

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the next-hop address when rtrB advertises the 2001:5050:D402:B333:164 IPv6 subnet to rtrC?

A. FE80::3030:3030:3030/64
B. FE80::3230:3030:3030/64
C. FE80::3030:30FF:FE30:3030164
D. FE80::3230:30FF:FE30:3030/64

A

Answer: D

Explanation:

The next-hop address when rtrB advertises the 2001:5050:D402:B333:164 IPv6 subnet to rtrC is FE80::3230:30FF:FE30:3030/64. In routers with EIGRP for IPv6 enabled on them, the next-hop address is the IP address of the interface that advertises routes. The next-hop addresses should be link-local addresses. Link-local addresses are IPv6 unicast addresses that are automatically assigned to the router interfaces. These addresses have the FE80:110 prefix and the EUI-64 standard interface address.

EUI-64 is an IEEE standard that allows the determination of an IPv6 address from the MAC address of an interface. The 64 most significant bits should be specified in the ipv6 address command. The 64 least significant bits are determined by using the EUI-64 standard. The steps to determine the 64 least significant bits are as follows:

  • Divide the 48-bit MAC address into two 24-bit parts.
  • Embed FFFE (16 bits) between the two parts resulting in a 64-bit address.
  • If required, toggle the seventh bit of the first octet in the address. In EUI-64 format, if the seventh bit is 0, then the address is local. If the seventh bit is 1, the address is global.

In this case, when rtrB advertises any route to rtrC, it advertises the interface with the MAC address 3030.3030.3030 as the next-hop. When the given steps are performed on the MAC address, it result in the EUI-64 standard address 3230.30FF.FE30:3030. This address is then appended to the FE80:110 prefix. The resultant IPv6 link-local address of the interface is FE80::3230.30FF.FE30:3030/10.

The remaining three options are incorrect as their interface address is not in the EUI-64 standard.

Objective:

Layer 3 Technologies

Sub-Objective:

Identify IPv6 addressing and subnetting

References:

Cisco IPv6 Configuration Guide, Release 15.2 > IPv6 Neighbor Redirect Message

Cisco IPv6 Configuration Guide, Release 15.2 > IPv6 Unicast Routing > Aggregatable Global Address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You have enabled RIPng on one of the interfaces of a router with the basic configuration. You have assigned an address to that interface
using the ipv6 address command.

Which of the following statements should appear in the output of the show running-config command executed on the router? (Choose all that
apply.)

A ipv6 unicast-routing

B ipv6 enable

C ipv6 rip enable

D ipv6 router rip

E ipv6 unnumbered

F ipv6 prefix-list

A

Answer: A, C

Explanation:

The ipv6 unicast-routing and ipv6 rip enable statements should appear in the output of the show running-config command.

The ipv6 unicast-routing command is one of the basic IPv6 commands that needs to be executed on any router for IPv6 processing. This command is executed in the global configuration mode to allow IPv6 packet forwarding on the router. When it has been executed the ipv6 unicast-routing statement will appear in the output of the show run command.

The ipv6 rip enable command allows you to enable RIPng on a router interface. You should execute this command to create a RIPng routing process.

When it has been executed the ipv6 rip enable statement will appear in the output of the show run command.

The ipv6 router rip command allows you to work with RIPng routing process by entering the router configuration mode for RIPng. It will only appear if modifications have been made to the RIPng routing process, which is not mentioned in this case.

The commands to configure a router with RIPng is as follows:

rtrA(config)# ipv6 unicast-routing
rtrA(config)# interface Fa0/1
rtrA(config-if)# ipv6 rip rip process enable rtrA(config-if)# ipv6 address 2001:1:1:1::1/64

Important note: in the command set above, the command that enables the RIP process on interface Fa0/1 is executed before the command assigning the IPv6 address. The order of execution of those two commands does not matter. However, if a configuration file is copied and pasted into a router, then the order in which the statements appear does matter.

For example, if the partial configuration below were pasted into a router, the IPv6 RIP process 56 would not be enabled on Fa0/0:
ip unicast routing

interface Fa0/0

ipv6 rip 56 enable
ipv6 address 2001:1:1:1::1164

The system would reject the ipv6 rip 56 enable command because an IPv6 address is not yet present. If the commands were reversed in the file, the system would accept the ipv6 rip 56 enable command.

In the scenario, the ipv6 enable command does not appear in the show running-config output. This command enables IPv6 routing on a router interface that has not been assigned an IPv6 address. In this case, an IPv6 address is explicitly assigned to the router interface by using the ipv6 address command. Therefore, the ipv6 enable command is not required.

The ipv6 unnumbered interface type command does not appear in the show running-config output. This command will allow you to enable IPv6 without assigning an IPv6 address to a router interface.

Objective:

Layer 3 Technologies Sub-Objective:

Describe RIPng

References:

Cisco IPv6 Implementation Guide, Release 15.2M&T > Implementing RIP for IPv6 > How to Implement RIP for IPv6 > Enabling the IPv6 RIP Process

Cisco IPv6 Implementation Guide, Release 15.2M&T > Implementing RIP for IPv6 > Configuration Examples for IPv6 RIP > Examples: IPv6 RIP

Configuration Cisco IOS IPv6 Command Reference > ipv6 ospf dead-interval through ipv6 split-horizon eigrp > ipv6 rip enable

Cisco IOS IPv6 Command Reference > ipv6 ospf dead-interval through ipv6 split-horizon eigrp > ipv6 router rip

Cisco > Cisco IOS IPv6 Command Reference > ipv6 prefix-list

Cisco IOS IPv6 Command Reference > ipv6 summary-address through mpls Idp router-id > ipv6 unnumbered

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You can use a variety of commands to verify and troubleshoot the operation of route redistribution on your network.

Which command should you NOT use on routers that are overloaded?

A. trace
B. debug
C. show ip route
D. show ipx route

A

Answer: B

Explanation:

The debug command uses a good deal of router CPU time, so you should not initiate this command on an already overloaded router. It often requires the router to do extensive examination of the packets, requiring heavy use of resources at times.

You could also possibly overload the router just with the debug command. If the router is overloaded to the point that it is no longer responding to your EXEC session, you may need to reload the router to stop the debug output.

These additional steps can help to verify proper route redistribution:

  • On the router not performing the redistribution, use the show ip route command to see if the redistributed routes are displayed.
  • On the router performing the redistribution, use the show ip protocol command to verify the redistribution configuration, and use the show ip route command that to verify the proper routes are there from each routing protocol.

The trace command is used to discover the route that packets take to their destination.

The show ip route command displays the routing table.

The show ip protocols command displays information about each routing protocol running on the router.

Objective:

Layer 3 Technologies Sub-Objective:

Configure and verify manual and autosummarization with any routing protocol References:

Cisco > Home > Support > Technology Support > Dial and Access > ISDN, CAS > Design > Design Technotes > Important Information on Debug Commands > Document ID: 10374

Cisco > Cisco IOS Debug Command Reference > Using Debug Commands

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Examine the following output of the show ip route command and the partial output of the show run command from the router R63:

R63#shcw ip route
10.2.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 10.2.1.0/24 is directly connected, Serial0/0
L 10.2.1.1/32 is directly connected, Serial0/0
10.0. 0.0/24 is 3ubnetted, 1 subnets
S 10.10.10.0 is directly connected, TunnelO
10.11.0. 0/24 is 3ubnetted, 1 subnets
S 10.11.11.0 is directly connected, Ethernet0/0
S 0.0.0.0/0 [1/0] via 172.21.114.65, EthernetO/1

R63#show run

<output></output>

interface Serial0/0
ip address 10.2.1.1 255.255.255.0
ip verify unicast source reachable via rx

What will the router do with a packet with a source address of 192.168.5.5/24 and a destination address of 10.11.11.20/ 24 that arrives on the Serial0/0 interface?

A. forward it out the Ethernet0/0 interface
B. forward it out the TunnelO interface
C. drop the packet
D. forward it out the Ethernet0/1 interface

A

Answer: C

Explanation:

It will drop the packet. The partial output of the show run command shows that the ip verify unicast source reachable via rx command has been executed on the Serial 0/0 interface. This enables the Unicast Reverse Path Forwarding (Unicast RPF) feature. This feature prevents IP spoofing by verifying from the routing table that there is a valid return path to the source IP address. If there is not valid return path, you can assume the IP address has been spoofed. When the command ends in the keyword rx, it means that there must be a return path through the interface where the command was executed. This is called strict mode.

The packet arrived on the SerialO/O interface. The routing table shows that there is no routing entry for the 192.168.5.0/24 network that leads back through the entry interface of SerialO/O. In fact, in this instance there is no routing table entry for that network leading to any interface. When this occurs, the router will drop the packet.

The router will not send the packet to either the Ethernet0/0 or the TunnelO interfaces because the destination network, 10.11.11.0/24, is not a reachable destination on those interfaces. Even if it were reachable, the Unicast Reverse Path Forwarding (Unicast RPF) feature will drop the packet because it has been spoofed.

It will not send the packet to the Ethernet0/1 interface. The Unicast Reverse Path Forwarding (Unicast RPF) feature will drop the packet because it has been spoofed. If the packet were not spoofed, it would be sent to the Ethernet0/1 interface because that is the interface used by the default route. Because there is no route in the table to the 10.11.11.0/24 network, it would be sent to the default route.

Objective:

Infrastructure Security Sub-Objective:

Configure and verify router security features References:

Cisco IOS Security Configuration Guide, Release 12.2 > Configuring Unicast Reverse Path Forwarding Cisco > Configuring Unicast Reverse Path Forwarding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which commands will display the feasible successors, the feasible distance, and the advertised distance for networks learned by a router?

A. show ip eigrp topology

B. show ip route

C. show bgp neighbors

D. show ip eigrp traffic

E. show ip route eigrp

A

Answer: A

Explanation:

To view the feasible successors, the feasible distance, and the advertised distance, you would use the show ip eigrp topology command. A sample output of this command is below.

Router2# show ip eigrp topology IF-EIGRF Topology Table for process 100

Codes: F - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status

F 10.10.0.0/16, 1 successors, FD is 2169S56 via Connected, SerialO

SIA 10.0.0.0/8, 1 successors, FD is 2169856 via Summary (2169856/0), NullO F 10.20.0.0/16, 1 successors, FD is 2169856 via Connected, Seriall

F 65.0.0.0/8, 1 successors, FD is 2297856

via 10.20.0.1 (2297856/128256), Seriall

via 10.20.1.6 (2589799/2672569), FastEthernetO

F 192.163.10.0/24, 1 successors, FD is 2297856

via 10.10.0.1 (2297856/123256), SerialO

F 130.10.0.0/16, 1 successors, FD is 2297856

via 10.20.0.1 (2297856/123256), Seriall

F 150.10.0.0/16, 1 successors, FD is 2297856

via 10.10.0.1 (2297856/123256), SerialO

via 10.20.0.1 (2594536/2443152), FastEthernetl

F 200.10.10.0/24, 1 successors, FD is inaccessible, Q

2 replies, active never, query-origin, Successor Origin

via 10.1.1.3 (395212452/390742563), r, Serial 0

Remaining replies:

via 10.1.1.2, r, Serial 0

The table lists all routes to networks and their advertised distance and feasible distance. This information is used to select the successor and feasible successor for each network. Before a route can be considered as a feasible successor or backup, the feasible distance of the route must be a larger value than the advertised distance.

The following information can be extracted from this output:

  • The route 15.10.0.0/16 has a feasible successor. If you examine the feasible and advertised distances in the brackets next to the two potential feasible successor routes [feasible distance/advertised distance], you will see that for the route 15.10.0.0/16 via 10.10.5.1, the feasible distance of the route is greater (2594586) than the advertised distance (2448152), which qualifies it as a feasible successor.
  • The route 65.0.0.0/8 does not have a feasible successor. The route 65.0.0.0/8 via 10.20.1.6 has a feasible distance (2589779) that is less than the advertised distance (2672569), so it does not qualify.

The router at 10.20.0.1 is directly connected to the networks 65.0.0.0/8 and 150.10.0.0/16. This can be deduced by the fact that the address 10.20.0.1 is the source of the successor routes for those networks.

The route to 200.10.10.0/24 is undergoing recomputation, as evidenced by the line FD is Inaccessible. It also tells you that Router2 sent a query to 10.1.1.2 and is waiting for a reply, as evidenced by the line Remaining replies: via 10.1.1.2, r, Serial 0.

The route to the 10.0.0.0/8 network is showing a convergence problem, as evidenced by the code SIA to the left of its entry. This stands for Stuck In Active. An active state is present when the local router has queried for a new route to the network. Stuck in Active occurs when no response has been received, and the local router marks it SIA. The show ip route and the show ip route eigrp commands simply display the routing table, which does not display the advertised distance. Below is an example of the show ip route command executed on a router running EIGRP:

RouterA# show ip route Coutput omitted>

D 192.163.0.0/24 [90/21954636] via 172.16.10.44, 00:01:12, SerialO 172.16.0.0/16 is variably subr.etted, 7 subnets, 2 m.ask-3 D 172.16.10.96/29 [90/22794545] via 172.16.10.36, 00:05:09, Serial3 D 172.16.10.30/29 [90/21946536] via 172.16.10.74 00:05:12, Seriall D 172.16.10.38/29 [90/22746464] via 172.16.10.41, 00:13:50, Serial2 C 172.16.10.68/30 is directly connected, Seriall C 172.16.10.64/30 is directly connected, SerialO C 172.16.10.76/30 is directly connected, Serial3 C 172.16.10.72/30 is directly connected, Serial2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

View the sample output of the debug ip eigrp command.

IP-EIGRP: Processing incoming REPLY packet

IP-EIGRP: Int 10.20.0.0/16 V. 4294967295 - 1657856 4294967295 SK 4294967295 - 1657856 4294967295 IP-EIGRP: Int 65.0.0.0/8 M 4294967295 - 1657856 4294967295 SK 4294967295 - 1657856 4294967295 IP-EIGRP: Int 130.10.0.0/16 H 4294967295 - 1657856 4294967295 SK 4294967295 - 1657856 4294967295

What is the significance of the number 4294967295 as shown in the output?

A. it represents the unreachable metric for EIGRP.

B. it represents the administrative distance for EIGRP.

C. it represents a reachable metric for the given network.

D. it represents one of the link characteristics that EIGRP uses to calculate the metric.

A

Answer: A

Explanation:

The value 4294967295 in the debug ip eigrp output represents the unreachable metric for EIGRP. This means that the network has become unavailable and cannot be reached. In this output, the M represents the local metric, and the SM represents the metric that was reported by the neighbor that advertised the network to the local router.

The administrative distance (AD) for internal EIGRP is 90.

The link characteristics that are used in the EIGRP calculation are shown following the dash after the M and SM values (1657856 4294967295). By default, EIGRP only uses bandwidth and delay in its calculation. Objective:

Layer 3 Technologies Sub-Objective:

Describe and optimize EIGRP metrics References:

Cisco > Cisco IOS Debug Command Reference > debug h225 asn1 through debug ip ftp > debug ip eigrp

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You have been asked to troubleshoot the NTP configuration of a router named R70. After executing the show run command, you receive the following partial output of the command that shows the configuration relevant to
NTP:

clock timezone PST -8
clock summer-time PDT recurring
ntp update-calendar
ntp server 192.168.13.57
ntp server 192.168.11.58
interface Ethernet 0/0
ntp broadcast

Based on this output, which of the following statements is true?

A. the time zone is set to 8 hours less than Pacific Standard time

B. the router will listen for NTP broadcasts on interface E0/0

C. the router will send NTP broadcasts on interface E0/0

D. the router will periodically update its software clock

A

Answer: C

Explanation:

The router will send NTP broadcast on its E010 interface. The command ntp broadcast, when executed under an interface, instructs the router to send NTP broadcast packets on the interface. Any devices on the network that are set with the ntp broadcast client command on any interface will be listening for these NTP broadcasts. While the clients will not respond in any way, they will use the information in the NTP broadcast packets to synchronize their clocks with the information.

The time zone is not set to 8 hours less than Pacific Standard Time. The value -8 in the command clock timezone PST -8 is the amount of hours offset from UTC time, not from the time zone stated in the command.

The router will not listen for NTP broadcasts on the interface E0/0. The ntp broadcast command, when executed under an interface, instructs the router to send NTP broadcast packets on the interface. To set the interface to listen and use NTP broadcasts, you would execute the ntp broadcast client command on the interface.

The router will not periodically update its software clock. The command ntp update-calendar configures the system to update its hardware clock from the software clock at periodic intervals.

Objective:

Infrastructure Services

Sub-Objective:

Configure and verify Network Time Protocol (NTP)

References:

Basic System Management > Setting Time and Calendar Services > Configuring NTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You instructed your associate to configure Router R2 to reject a redistribution of the 20.0.0.0/8 network,while still receiving routes from other networks connected to Router R1.The diagram below displays the network in place:

When he is finished,youfind that the 20.0.0.0/8 network still being advertised and traffic from the 20.0.0.0/8 network is not reaching Router2.You execute the show running-configuration command and see the following output:

Hostname Router 2

interface Seriall
ip address 10.0.0.2 255.0.0.0
ip access-group 101 in no ip redirects

router bgp 9688
network 10.0.0.0 mask 255.0.0.0.0

access-list 101 deny ip 20.0.0.0 0.255.255.255
access-list 101 permit ip any any

What is the problem?

A The access list was applied to the wrong interface.
B The access list should have beenconfigured as a distribute list.
C The access list has an incorrect wildcard mask.
D The access list is applied inthe wrong direction.

A

Answer: B

Explanation:

The access list should have been created as a distribute list to control route redistribution from the other area. This configuration would prevent the redistribution of the 20.0.0.0/8 network by applying the list as a distribute list under the Border Gateway Protocol (BGP). The proper commands would be:

Router2(config)# router bgp 94688

Router2(config-router)# distribute-list 101 in

To correct the problem with traffic not arriving from the 20.0.0.0/8 network, you must remove the application of the list under interface SO as well. This would be done by executing the following command set:

Router2(config)# interface Serial!

Router2(config-int)# no ip access-group 101 in

The access list was not applied to the wrong interface. It should not have been applied directly to any interface. When applied directly as an access list to an interface, it will prevent traffic, but not the redistribution of routes. The access list does not have an incorrect wildcard mask. To prevent the redistribution of a Class C network, the correct wildcard mask is 0.0.0.255.

The access list was not applied in the wrong direction. It should be applied incoming, but should be applied as an incoming distribute list, and it should be applied under the BGP protocol.

Objective:

Layer 3 Technologies

Sub-Objective:

Configure and verify littering with any protocol

References:

Cisco IOS Master Command List, Release 12.4T > d > distribute-list in (IP)

Cisco > Home > Support > Technology Support > IP > IP Routing > Design > Design Technotes > Filtering Routing Updates on Distance Vector IP Routing Protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

You have two routers connected to each other that are both running the EIGRP protocol. The routers have built a neighbor relationship and are exchanging routing information. You execute the following command on the EIGRP process on Router 1:

routerl (config)# router eigrp 100

routerl (config-router)# passive-interface

What will be the effect of this command?

A. Only routing advertisements from Router 1 to Router 2 will be prevented.

B. Only router advertisements to and from Router 1 will be prevented.

C. All hellos and routing updates will be prevented, and the neighbor relationship between Router 1 and Router 2 will be broken

D. Hellos will be prevented, but routing updates will continue to be sent out.

A

Answer: C

Explanation:

The effect of the passive-interface command is dependent on the routing protocol. With RIP, the command prevents the sending of route updates, but does not prevent the reception of route updates. With EIGRP, the passive-interface command prevents both the sending and receiving of route updates, and also the sending of hellos. Without hello packets, the routers are unable to maintain the neighbor relationship, upon which all communications including route updates depend.

If the intent was to preventing routing updates from Router 1 to Router 2 while still allowing updates from Router 2 to Router 1, the routing updates must be filtered out and denied on Router 1 with a distribute list, as shown in the following command set:

router1(config)access-list 101 deny any

router1(config)#router eigrp 100

routerl (config-router)distribute-list 101 out

Objective:

Layer 3 Technologies

Sub-Objective:

Troubleshoot passive interfaces

References:

Cisco IOS Master Command List, Release 12.4T > p through r > passive-interface

Cisco > Home > Support > Technology Support > IP > IP Routing > Design > Design Technotes > Filtering Routing Updates on Distance Vector IP Routing Protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

You configured a device as an IP SLA responder using the following configuration:

ip sla 9

tcp-connect 10.0.0.1 23 control disable

frequency 30 tos 128

timeout 1000 tag FLL-RO

ip sla schedule 9 start-time nsw

Which line indicates that the device is not a Cisco device?

A. frequency 30

B. timeout 1000

C. tcp-connect 10.0.0.1 23 control disable

D. tag FLL-RO

A

Answer: C

Explanation:

The IP SLA TCP connect operation is used to gather statistics on connection-oriented services. The tcp-connect 10.0.0.1 23 control disable command specifies the IP address to which the responder should respond, the port number on which to respond and it disables the control protocol normally used to inform the responder to temporarily enable the port specified by the configuration in the sender.

When the responder is a non-Cisco device, a well-known port number must be chosen and the control protocol should be disabled on the responder. When a Cisco device is the responder, then any port number can be chosen and the control protocol should be left enabled.

The frequency 30 command specifies how often the test should occur in seconds. It is not changed in any way as a result of the responder being a non-Cisco device.

The timeout 1000 command specifies in milliseconds the amount of time an IP SLAs operation waits for a response from its request packet. It is not changed in any way as a result of the responder being a non-Cisco device.

The tag FLL-RO command simply applies a user-specified identifier to the IP SLAs operation and is changed in any way as a result of the responder being a non-Cisco device.

Objective:

Infrastructure Services

Sub-Objective:

Configure and verify IP SLA

References:

IP SLAs Configuration Guide, Cisco IOS Release 15M&T > Configuring IP SLAs TCP Connect Operations Cisco > Cisco IOS IP SLAs Command Reference > tcp-connect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following IPv6 addresses correctly represent the shortened version of the IP address 2031:0000:0000:130F:0000:0000:876A:130B? (Choose two.)

A

2031::130F::876A:130B

B

2031::130F:0:0:876A:130B

C

2031:0:130F::876A:130B

D

2031:0:0:130F 876A:130B

A

Answer: B, D

Explanation:

2031:0000:0000:130F:0000:0000:876A:130B can be shortened to either 2031::130F:0:0:876A:130B or 2031:0:0:130F::876A:130B.

IPv6 addresses are written in 16-bit hexadecimal number fields separated by a colon (:). There are a total of eight 16-bit fields, making each IPv6 address a total of 128 bits. The hexadecimal letters are NOT case sensitive.

You can shorten an IPv6 address by removing the leading zeros in any address field. You can only remove zeros that are the first character in an address field. For example, FFC0:02C0: is the same as FFC0:2C0:. However, FFCO:8020 is not the same as FFC0:802:.

If a 16-bit address field contains all zeros, then it can be represented by a single zero. For example, FF80:0000: is the same as FF80:0:

You can use double colons (::) to represent successive address fields of zeros. An address parser can determine the number of missing fields and then insert the proper number of zeros to complete the address. For example, FF80:0000:0000:0000:0000:0000:0000:0001 is the same as FF80::1, and 0000:0000:0000:0000:0000:0000:0000:0001 could be written as ::1. However, you can only have one set of double colons (::) in an address; therefore, FF80:0000:0000:0CB0:0000:0000:0000:0001 cannot be written as F80::OCB0::1.

Objective:

Layer 3 Technologies

Sub-Objective:

Identify IPv6 addressing and subnetting

References:

Cisco > IPv6 Addressing and Basic Connectivity Configuration Guide > IPv6 Addressing and Basic Connectivity Cisco > IPv6 Addressing at a Glance (PDF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

The exhibit is a frame relay hub-and-spoke topology with router A as the hub.

You want to use the OSPF routing protocol between all three locations. Which interface configuration commands are required on router A? (Choose three.)

A. ip ospf network broadcast

B. ip ospf network point-to-point

C. ip ospf network point-to-multipoint

D. frame-relay map 10.20.10.21 221

E. frame-relay map 10.20.10.22 222

F. frame-relay map ip 10.20.10.21 221 broadcast

G. frame-relay map ip 10.20.10.22 222 broadcast

A

Answer: C, F, G

Explanation:

In OSPF point-to-muftipoint mode, the routers will automatically identify each neighbor. The election of a designated router (DR) and backup designated router (BDR) are not required. This RFC compliant mode of operation is commonly found in partial mesh topologies, such as hub-and-spoke designs. In the diagram shown in the scenario, router A is the hub.

The frame relay serial interface has one DLCI to each spoke location. DLCI 221 is used by router A to communicate with router C and DLCI 222 is used to communicate with router B. On router A’s serial interface, point-to-muftipoint mode is enabled with the ip ospf network configuration command. The following is the syntax of the ip ospf network command:

ip ospf network [{broadcast I nonbroadcast I point-to-multipoint I point-to-multipoint nonbroadcast}]

The command parameters are as follows:

  • broadcast - This mode enables the interface to emulate a LAN. This mode requires a full or partial mesh topology.
  • nonbroadcast - This RFC 2328 compliant mode is also referred to as NBMA mode. The neighbors must be statically configured.
  • point-to-muftipoint - This RFC 2328 compliant mode is used in partial mesh topologies, such as hub-and-spoke. Routers use additional LSAs to discover neighboring routers instead of manually defining DRs and BDRs. The hub router floods link state updates (LSUs) by duplicating the update to be sent to each routers using the respective DLCI.
  • point-to-muftipoint nonbroadcast - This is a Cisco extension to the point-to-muftipoint mode.

This mode is useful when the frame relay virtual circuits do not support broadcast traffic. Neighbors are manually defined.

There is no point-to-point parameter for the ip ospf command. Creating a point-to-point configuration differs in that the point-to-point parameter is executed as a parameter of the command that creates the subinterface that hosts the point-to-point connection as shown below:

Router(config)# interface serial 0.1 point-to-point

When configuring a serial interface without sub-interfaces, OSPF will check the encapsulation to determine the network type. HDLC and PPP default to point-to-point while Frame-Relay encapsulation defaults to nonbroadcast.

The frame-relay map command identifies the mapping between the Layer 3 address (IP address) and the Layer 2 address (DLCI). The frame relay virtual circuits from the hub router are identified as supporting broadcast traffic by using the frame-relay map command with the broadcast keyword.

Objective:

Layer 2 Technologies Sub-Objective:

Explain Frame Relay

References:

Cisco > Home > Support > Support Technology > Support > IP Routing > Configure > Configuration Examples and Technotes > Initial Configurations for OSPF over Frame Relay Subinterfaces Cisco > Cisco IOS Wide-Area Networking Command Reference > frame-relay lapf n201 through fr-atm connect dlci > frame-relay map

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

When configuring a DMVPN solution, which of the following technologies makes it possible for the spoke to use dynamic IP addressing?

A. IPsec

B. mGRE

C. NHRP

D. Dynamic routing protocols

A

Answer: C

Explanation:

Next Hop Resolution Protocol (NHRP) allows the spoke routers to register their IP addresses with the NHRP server, which is the hub router. It also allows the spoke routers to then learn the physical IP addresses of the other spoke routers from the hub router, allowing for GRE links to be built dynamically as needed between the spokes. This eliminates the need for the traffic to go through the hub router.

Dynamic Muttipoint VPN (DMVPN) technology leverages the following associated technologies: IPsec

mGRE

Dynamic routing protocols

NHRP

Cisco Express Forwarding

It makes it possible to build the hub router once, and add spokes later, making no additional changes to the hub. The spokes are able to register with the hub and dynamically build their own connections to other spokes using the IP addresses learned from the hub using NHRP. DMVPN also allows IPsec point-to-point GRE tunnels to be built to new spokes with no IPsec peering configuration. The muttipoint GRE technology (mGRE) allows a single physical interface on the hub to be used for all spoke connections.

Finally, the routing protocols used by DMVPN allow the routers to share routing information, while Cisco Express Forwarding (CEF) is a switching technology that improves performance while reducing the load on the CPUs of the routers.

Objective:

VPN Technologies

Sub-Objective:

Describe DMVPN (single hub)

References:

Cisco > Dynamic Muttipoint VPN (DMVPN) Design Guide (Version 1.1) > DMVPN Design Overview

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A neighboring EIGRP router fails Its advertised distance (AD) to network 10.10.10.0 was 2 and the feasible distance (FD) was 3.
Which route will be used to route packets destined for network 10.10.10.0 if the other routes have the following feasible and advertised distances respectively to the destination network?

A. FD-6 AD-3
B. FD-4 AD-1
C. FD-5 AD-3
D. FD-4 AD-3

A

Answer: B

Explanation:

When EIGRP loses it best route, called the successor route, it will then use a feasible successor route, if available, to route the packets to that destination. To be considered a feasible successor, the advertised distance, which is the neighboring router’s distance, needs to be less than the feasible distance, which is the local router’s own metric.

In this scenario, the feasible distance is 3. The only available feasible successors are the ones that have the advertised distance/feasible distance of 1/4 and 2/4.

Objective:

Layer 3 Technologies

Sub-Objective:

Configure and verify policy-based routing

References:

Cisco > Home > Support > Technology Support > IP Routing > Technology Information > Technology White Paper > Enhanced Interior Gateway Routing Protocol > Feasible Distance, Reported Distance, and Feasible Successor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Based on the diagram and the following partial output from Router R2, which networks will be present in the routing table of Router R1?
R2# show run

!

router eigrp 200

network 192.168.5.0

redistribute eigrp 55

!

router eigrp 55

network 10.0.0.0

!

router ospf 1

redistribute eigrp 200

default-metric 50

network 172.50.0.0

A. 192.168.5.0

B. 10.0.0.0

C. 172.50.0.0

D. 192.168.5.0 and 10.0.0.0

A

Answer: D

Explanation:

The routes that will be present in Router R1 are 192.168.5.0 and 10.0.0.0. According to the output, only the route from EIGRP 55 will be redistributed to EIGRP 200. Therefore, the 10.0.0.0 network will be advertised to Router R1 from Router R2 and the 192.168.5.0 network, which is present in the routing table of Router R2, will be advertised to Router R1.

The 192.168.5.0 network alone would not be correct. The 10.0.0.0 network will be present as well.

The 172.50.0.0 network will not be present because Router 2 is not configured with a redistribution statement for that network. The required statement would be redistribute ospf 1.

Objective:

Layer 3 Technologies

Sub-Objective:

Configure and verify redistribution between any routing protocols or routing sources

References:

Cisco > Home > Support > Technology Support > IP > IP Version 6 > Configure > Configuration Examples and Technotes > Redistributing Routing Protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

RouterA and RouterB are both in OSPF area 2, and RouterA is connected directly to the backbone. Their router IDs are shown below:

RouterA - 165.165.20.15

RouterB - 165.165.10.12

Which commands should be executed on RouterA and RouterB to create a virtual link between the two routers?

A. RouterA(config-router)# area 2 virtual-link 165.165.10.12
RouterB(config-router)# area 2 virtual-link 165.165.20.15

B. RouterA(config-router)# area 2 virtual-link 165.165.10.12
RouterB(config-router)# area 0 virtual-link 165.165.20.15

C. RouterA(config-router)# area 0 virtual-link 165.165.20.15
RouterB(config-router)# area 2 virtual-link 165.165.10.12

D. RouterA(config-router)# area 0 virtual-link 165.165.10.12
RouterB(config-router)# area 0 virtual-link 165.165.20.15

A

Answer: A

Explanation:

The area virtual-link command should specify the area to be traversed and the ID of the router to which the router being configured will connect. Therefore, the correct answer is:

RouterA(config-router)# area 2 virtual-link 165.165.10.12
RouterB(config-router)# area 2 virtual-link 165.165.20.15

A virtual link is used to make a virtual connection of an area border router (ABR) to the backbone. It is used in situations where an area does not physically border the backbone area. The virtual link provides logical connectivity of the area to the backbone. If the virtual link appears not to be functional, which would manifest itself in Router A not having all of Router B’s networks in its routing table, the state of the link can be verified on Router A by executing the show ip ospf virtual-link command. An example is shown below. The state of the link as shown in line 1 of the output should be up.

Router/NU show ip ospf virtual-links

Virtual Link to router 172.16.8.2 is up

Transit area 0.0.0.1, via interface Ethernet0, Cost of using 10 Transmit Delay is 1 sec, State POINT _ TO_ POINT

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 0:00:08

Adjacency State FULL

The configuration below is incorrect because area 0 is referenced in the second line. It should reference area 2, the area being traversed.

RouterA(config-router)# area 2 virtual-link 165.165.10.12
RouterB(config-router)# area 0 virtual-link 165.165.20.15

The configuration below is incorrect because area 0 is referenced in the first line. It should reference area 2, the area being traversed.

RouterA(config-router)# area 0 virtual-link 165.165.20.15
RouterB(config-router)# area 2 virtual-link 165.165.10.12

The configuration below is incorrect because area 0 is referenced in both lines. Both should reference area 2, the area being traversed.

RouterA(config-router)# area 0 virtual-link 165.165.10.12
RouterB(config-router)# area 0 virtual-link 165.165.20.15

If the virtual link is incorrectly configured the following error will be generated:

*Dec 10 00:31.146: %OSPF-4-ERRRCV: Received invalid packet mismatch area ID, from backbone area must be virtual link but not found from 165.165.10.5, Serial 0

Objective:

Layer 3 Technologies

Sub-Objective:

Configure and verify network types, area types, and router types

References:

Cisco > Home > Support > Technology Support > IP Routing > Design > Design Technotes > What Are OSPF Areas and Virtual Links?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

You are troubleshooting a PPPoE connection that is supposed to maintain a connection with the ISP, even if no interesting traffic exists. The configuration of the dialer interface is shown below:

interface dialer 1
ip address negotiated
encapsulation ppp
dialer pool 1
dialer remote-.name remotel
dialer idle-timeout 0 either
dialer string 7135550199
ppp authentication chap
ppp chap hostname DDR
ppp chap password secret

What command should you add to ensure the connection is maintained in the absence of interesting traffic?

A. dialer -group

B. dialer persistent

C. dialer list

D. dialer string

A

Answer: B

Explanation:

  • The dialer persistent command is used to specify that the connection stays up even in the absence of interesting traffic. Interesting traffic is user-defined traffic that triggers a call to the remote end. Were it present in the configuration, the section would appear as follows:

interface dialer 1

ip address negotiated encapsulation ppp

dialer pool 1

dialer remote-name remotel dialer idle-timeout 0 either dialer string 7135550199 dialer persistent

ppp authentication chap ppp chap hostname DDR ppp chap password secret

  • The dialer-group command is assigns the dialer interface to a dialer group. It is an optional setting, and does not appear in this configuration.
  • The dialer-list command is used to specify an access list that defines interesting traffic. It is an optional setting, and would NOT be a part of a configuration that does not maintain the connection based on interesting traffic. If you use dialer persistent, then you don’t need to use dialer-list. The dialer list defines interesting traffic, while dialer persist keep the connection up in the absence of interesting traffic.
  • The dialer string command is used to define the number to call to make the connection. It is present in the configuration in the scenario, and specifies the number 713 555 0199.

Objective:

Layer 2 Technologies Sub-Objective:

Configure and verify PPP

References:

Cisco Dial Configuration Guide, Release 15.05 > Part 5: Dial-on-Demand Routing Configuration > Configuring Peer-to-Peer DDR with Dialer Profiles Cisco Press > Articles > Cisco Network Technology > General Networking > End-to-End DSL Architectures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which show command displays entries in a router’s Border Gateway Protocol (BGP) table?

A. show ip bgp
B. show ip bgp table
C. show ip bgp topology
D. show ip bgp summary

A

Answer: A

Explanation:

The correct command is show ip bgp.

The BGP table lists all the paths that the BGP router has learned. Each destination network listed might have multiple possible paths listed. Given that the criteria are met for each destination network, BGP will choose a path to put in the IP routing table.

The BGP table is in many ways analogous to EIGRP’s topology table in that it lists many known paths, not just the best path. Below is an example partial output of the show ip bgp command:

Router54 show ip bgp

BGP table version is 5, local router ID is 20.0.33.34

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*>

  1. 0.0.0
  2. 0.0.0

0

32768

?

*

  1. 0.0.0
  2. 0.33.40

10

0

35

?

*>

0.0.0.0

0

32768

?

*>

  1. 0.0.0
  2. 0.33.40

10

0

35

?

1r>

0.0.0.0

0

32768

?

*>

  1. 168.0.0/16
  2. 0.33.40

10

0

35

?

The following facts can be determined from this output:

• All of the routes were redistributed into BGP from an IGP. In the status column (located to the left of the Network column and to right of the column where some lines have a > symbol) is a column that is either blank or has an i symbol. In this case, all of the columns are blank. If the status column is blank, then BGP learned the route from an external peer. If it has an i symbol, an iBGP neighbor advertised this path to the router. It was learned from an Interior Gateway Protocol (IGP) and was advertised as a result of executing a network statement on the neighbor under the router bgp context as shown below adding the 30.0.0.0 network under BGP 100.

R4(config)#router bgp 100 R4(config-router)#network 30.0.0.0

  • Four routes will be installed in the routing table. These routes have both an *symbol and a > symbol.
  • I in the status column. The *symbol indicates that the next hop is valid and the > symbol indicates that this is the best route.

The output is slightly different if you specify the network that you are interested in, as shown below in the show ip bgp 214.5.98.0 command output:

Router 411 show ip bgp 214.5.98.0

BGP routing table entry for 241.5.98.0/24, version 48

Paths: (2 available, best 11, table Default-IP-Routing-Iable) Not advertised to any peer

5760

192.168.1.1 (metric 886) from 192.168.1.1 (192.168.1.1) Origin IGP, metric 1652, localpref 100, valid, internal, best

This output focuses solely on the route to the network 214.5.98.0 and provides the following pieces of information:

  • The neighbor that sent this route is at 192.168.11
  • The AS of the network where 214.5.98.0 is located is 5760
  • The IGP metric to reach the neighbor that sent this route is 886, as shown by the text 192.168.11 (metric 886)
  • The complete metric to 214.5.98.0 is 1652, as shown in the last line by Origin IGP, metric 1652

The commands show ip bgp table and show ip bgp topology are not valid Cisco commands. The show ip bgp summary command displays the status of BGP connections.

Objective:

Layer 3 Technologies

Sub-Objective:

Explain BGP attributes and best-path selection

References:

Cisco IOS Master Command List, Release 12A > I through q > Cisco IOS IP Routing: BGP Command Reference > show ip bgp

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Which of the following statements is NOT true of NPTv6?

A. is transport agnostic
B. translates the entire IPv6 address to another IPv6 address
C. is check sum neutral
D. translates only the IPv6 prefix

A

Answer: B
Explanation:

Network Prefix Translation (NPTv6) is a stateless method of translating the prefix of a received IPv6 address to another prefix without changing the host portion of the IPv6 address. Some of its characteristics are:
• It supports both transports that perform checksums on the IP header and those that do not.
• It provides a 1 to 1 relationship between the inside and outside prefixes.
• It translates only the prefix, and not the entire address.

Objective:
Infrastructure Services
Sub-Objective:
Describe IPv6 NAT

References:
Cisco > Publications and Merchandise > The Internet Protocol Journal > Issues > Volume 14, Number 2, June 2011 > IPv6 Site Muttihoming
Howfunky…a place with useless technical content!>IPv6 to IPv6 Network Prefix Translation or NPTv6

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

You are planning the configuration of Easy Virtual Networking (EVN).

Which of the following statements is true of an interface that will be an EVN trunk?
A. It must support 802.1q encapsulation
B. The interface can also be configured for VRF-Lite
C. The interface will support OSPFv3
D. The interface can support RIP

A

Answer: A

Explanation:

The interface must be able to support 802.1 q encapsulation. The EVN trunk carries the traffic of multiple virtual routing and forwarding (VRF) instances, with the traffic of each instance tagged with an ID called the virtual network tag. Since the VLAN ID field of an 802.1 q encapsulated packet is used for this ID, the link must be one that supports 802.1 q.

Easy Virtual networking is a technology that allows for the creation of separate networks with separate routing tables and routing instances using the same physical topology. The IP addressing for the networks can even overlap with no problem. The networks are kept separate using the network ID tags in a similar fashion to the way switches keep VLANs separate by using VLAN tags.

An EVN trunk interface cannot also be configured for VRF-Lite. VRF-Lite is an earlier technology that accomplishes the same goal, but lacks the simplicity of EVN. Neither RIP nor OSPFv3 is supported in Easy Virtual Networking EVN at all.

Objective:

VPN Technologies

Sub-Objective:

Describe Easy Virtual Networking (EVN)

References:

Cisco > Easy Virtual Network Configuration Guide, Cisco IOS XE Release 3S > Overview of Easy Virtual Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

You have been alerted that TCP traffic leaving an interface has been reduced to near zero, while UDP traffic is steadily increasing at the same time.
What is this behavior called and what causes it?

A. jitter, caused by lack of QoS
B. latency, caused by the MTU
C. starvation, caused improper configuration of QoS queues
D. windowing, caused by network congestion

A

Answer: C
Explanation:

This behavior is called starvation and is caused by improper configuration of QoS queues. When TCP and UDP flows are assigned to the same QoS queue, they compete with one another. This is not a fair competition because the TCP packets will react to packet drops by throttling back TCP traffic, while UDP packets are oblivious to drops and will take up the slack created by the diminishing TCP traffic. The results from mixing UDP and TCP traffic in the same queue are:
• Starvation
• Latency
• Lower throughput

While it is true that jitter can be caused by a lack of QoS, jitter is not what is being described in the scenario. Jitter is the variation in latency as measured in the variability over time of the packet latency across a network. This phenomenon seriously impacts time-sensitive traffic, such as VoIP, and can be prevented by placing this traffic in a high-priority QoS queue.

While latency can be caused by the maximum transmission unit (MTU) in the network, this is not a case of latency, although latency may be one of the perceived effects of starvation. Latency is the delay in reception of packets. The MTU is the largest packet size allowed to be transmitted, and an MTU that is set too large can result in latency.

While windowing can be caused by network congestion, this is not a case of windowing. This is a technique used to adjust the number of packets that can acknowledged at once by a receiving computer in a transmission. In times of congestion the window, or number of packets that can be acknowledged at a time, will be small. Later, when congestion goes down, the window size can be increased.

Objective:
Network Principles
Sub-Objective:
Describe UDP operations

References:
Design Guide > Service Provider Quality of Service > CE Guidelines for Collapsing Enterprise Classes > Mixing TCP with UDP

30
Q

Which dialer interface command sets the maximum size of IP packets to 1492? A router(config-if)# mtu 1492

A. router(config-if)# mtu 1492
B. router(config-if)# ip ppp 1492
C. router(config-if# ip 1492
D. router(config-if)# ip mtu 1492

A

Answer: D
Explanation:

The correct interface command to set the maximum size of IP packets (maximum transmission unit or MTU size) to 1492 is router(config-if)# ip mtu 1492. This command is required because RFC 2516 states the maximum receive unit (MRU) must not be negotiated larger than 1492 bytes.
maximum receive unit (MRU) must not be negotiated larger than 1492 bytes.

All other answers are invalid commands due to incorrect syntax.

Objective:
Network Principles
Sub-Objective:
Explain TCP operations

References:
Cisco > Cisco IOS IP Application Services Command Reference > idle (firewall farm datagram protocol) through ip slb natpool > ip mtu

31
Q

Which command can you use to verify that interfaces have been configured in the correct areas and to show timer intervals and neighbor adjacencies for OSPF?

A. show ip ospf
B. show ip route
C. show ip protocol
D. show ip ospf database
E. show ip ospf interface

A

Answer: E

Explanation:

The correct answer is show ip ospf interface. This command displays all of the important OSPF parameters that relate to each of the interfaces. Information can be displayed on a per-interface basis if an interface is specified. If none is specified, all interfaces running OSPF will be displayed.

Router4 show ip ospf interface ethernet 1
Ethernet 1 is up, line protocol is up
Internet Address 192.168.4.202, Mask 255.255.255.0, Area 0.0.0.0
AS 50, Router ID 192.168.4.1, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State OTHER, Priority 1
Designated Router id 192.168.4.10, Interface address 192.168.4.10
Backup Designated router id 192.168.4.28, Interface addr 192.168.4.28
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 0:00:05
Neighbor Count is 8, Adjacent neighbor count is 2
Adjacent with neighbor 192.168.4.28 (Backup Designated Router)
Adjacent with neighbor 192.168.4.10 (Designated Router)

The following commands can be used to monitor and verify OSPF operation:
• show ip ospf - displays the number of times the SPF algorithm has run and the default LSU interval, but does not show neighbor adjacencies.
• show ip route - displays known routes and how they were discovered, but not timers and neighbor adjacencies.
• show ip protocol - displays information about timers, lifters, metric, etc. for the entire router, but not OSPF neighbor adjacencies.
• show ip ospf database - displays the router ID, the OSPF process ID, and the contents of the topological database, but not adjacencies information or timer values.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify OSPF neighbor relationship and authentication

References:
Cisco > Cisco 105 IP Routing: OSPF Command Reference > show ip ospf interface

32
Q

The addresses of their respective interfaces have already been configured as follows:
• R1: EO 192.168.4.5/30
• R2: EO 192.168.4.6/30
• R2: El 192.168.72.6/30

You have been assigned to complete the following as a part of implementing OSPF area 5:
• The EO interface on R1 should be in area 5.
• The EO interface on R2 should be in area 5.
• The mask used with the OSPF configuration should only include the addresses for R1 and R2.
• Area 5 should not allow any external or inter-area routes (except for the default route).

Which commands are required to accomplish this set of requirements? (Choose all that apply.)

A
R1# configure terminal
R1(config)# router OSPF 1
R1(config-router)# network 192.168.4.4 0.0.0.3 area 5
R1(config-router)# area 5 stub
R1(config-router)# end
R1# copy running-config startup-config

B
R1# configure terminal
R1(config)# router OSPF 1
R1(config-router)# network 192.168.4.4 0.0.0.3 area 5
R1(config-router)# area 5 stub no-summary
R1(config-router)# end
R1licopy running-config startup-config

C
R1# configure terminal
R1(config)# router OSPF 1
R1(config-router)# network 192.168.4.4 0.0.0.4 area 5
R1(confi g-router)# area 5 stub
R1(config-router)# end
R1# copy running-config startup-config

D
R2# configure terminal
R2(config)# router OSPF 1
R2(config-router)# network 192.168.4.4 0.0.0.3 area 5
R2(config-router)# area 5 stub no-summary
R2(config-router)# end
R2# copy running-config startup-config

E
R2# configure terminal
R2(config)# router OSPF 1
R2(config-router)# network 192.168.4.4 0.0.0.3 area 0
R2(config-router)# area 0 stub no-summary
R2(config-router)# end
R2# copy running-config startup-config

F
R2# configure terminal
R2(config)# router OSPF 1
R2(config-router)# network 192.168.4.4 0.0.0.3 area 5
R2(config-router)# area 5 stub
R2(config-router)# end
R2# copy running-config startup-config

A

Answer: A, D

Explanation:

The following set of commands will configure R1 properly and satisfy the requirements:

R1# configure terminal
R1(config)# router OSPF 1
R1(config-router)# network 192.168.4.4 0.0.0.3 area 5
R1(config-router)# area 5 stub
R1(config-router)# end
R1# copy running-config startup-config

The configure terminal command enters global configuration mode, from which the router ospf 1 command can be executed to enable OSPF process 1. The network command allows the192.168.4.4/30 network to join OSPF area 5 and uses a wildcard mask (0.0.0.3) that only includes the E0 interfaces on R1 and R2.

The area 5 stub command configures R1 as an internal router in a totally stubby area, which is necessary because no external or inter-area routes are allowed. The final two commands exit OSPF configuration mode and save the configuration.

The following set of commands will configure R2 properly and satisfy the requirements:

R2# configure terminal
R2(config)# router OSPF 1
R2(config-router)# network 192.168.4.4 0.0.0.3 area 5
R2(config-router)# area 5 stub no-summary
R2(config-router)# end
R2# copy running-config startup-config

The configure terminal command enters global configuration mode, from which the router ospf 1 command can be executed to enable OSPF process 1. The network command allows the192.168.4.4/30 network to join OSPF area 5, and uses a wildcard mask (0.0.0.3) that only includes the E0 interfaces on R1 and R2.

The area 5 stub no-summary command configures R2 as an area border router (ABR) in a totally stubby area, which is necessary because no external or inter-area routes are allowed. The final two commands exit OSPF configuration mode and save the configuration.

The wildcard mask on both network statements, 0.0.0.3, is the wildcard equivalent of a 255.255.255.252 mask (/30). When used with the network address 192.168.4.4, this mask will only allow two addresses in the area, 192.168.4.5 and 192.168.4.6, as per the scenario requirements.

The command set that executes the area 5 stub no-summary command on router R1 is incorrect because R1 is an internal router and does not require the no-summary keyword. The no-summary keyword is only required on the ABR when configuring a totally stubby area.

The command set that executes the network 192.168.4.4 0.0.0.4 area 5 command on router R1 has the wrong wildcard mask.

The command set that executes the network 192.168.4.4 0.0.0.3 area 0 command on router R2 is incorrect because the area should be area 5, not area 0.

The command set that executes the area 5 stub command on router R2 is incorrect becauseR2 is an ABR router and requires the no-summary keyword when configuring a totally stubby area.

33
Q

You have two autonomous systems connected by more than one ASBR.

Which strategy does Cisco recommend in this situation?

A. Use two-way redistribution.
B. Use a default route in both directions.
C. Allow routes to be exchanged in one direction, and use a default route in the other direction.
D. Manually configure routes in all ASBRs, and update the configuration each time there is a change in either AS.

A

Answer: C
Explanation:

If there is a single autonomous system border router (ASBR) connecting two autonomous systems (AS), Cisco generally recommends full two-way route redistribution. But when there are multiple ASBRs, as in this scenario, two-way route redistribution may result in routing loops. One solution is to use a default route in one direction and allow routes to be exchanged in the other direction.

Default routes in both directions will almost certainly cause routing loops.

Manual configuration of static routes would work, but the administrative maintenance necessary when there are changes would be considerable.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify redistribution between any routing protocols or routing sources

References:
Cisco > Home > Support > Technology Support > IP Routing > Technology Information > Technology White Paper > OSPF Design Guide > OSPF Design Tips

34
Q

In the Active Discovery phase of PPPoE, which of the following is NOT verified by the Broadband Network gateway (BNG) to prevent spoofing?

A. source MAC address
B. arriving access interface
C. PPPoE session ID
D. destination MAC address

A

Answer: D

Explanation:

The destination MAC address is the address of the BNG, so there is no need for it to be verified. If the traffic arrived on the BNG interface, it is correct.

PPPoE is composed of two main phases, the Active Discovery Phase and the PPP Session Phase. The Active Discovery phase consists of the following communications between the PPPoE client and the BNG:

  • The client sends a PPPoE Active Discovery Initiation (PADI) broadcast signal to the remote device (BNG).
  • The remote device sends back a PPPoE Active Discovery Offer (PADO) that contains the MAC address of the BNG and destination MAC address of the subscriber (client).
  • The subscriber (client) send a PPPoE Active Discovery Request (PADR) continuing the destination MAC address of the BNG to which it wishes to establish a session.
  • The BNG responds with a PPPoE Active Discovery Session-Confirmation (PADS) containing the PPPoE session ID.

Once this process is complete, the session moves on to the PPP Session Phase in which Link Control Protocol (LCP) parameters such as maximum transmission unit (MTU) are agreed to, authentication is performed, and Network Control Protocols (NCP) for any Layer 3 protocol that will traverse the link are started.

Objective:
Layer 2 Technologies
Sub-Objective:
Configure and verify PPP

References:
Cisco Support Community > ASR9000 BNG debugging PPPoE sessions
Cisco > Cisco Security Appliance Command Line Configuration Guide, Version 8.0 > Configuring the PPPoE Client > PPPoE Client Overview

35
Q

Examine the following FIB table:

Prefix Next Hop Interface
0.0.0.0/0 drop Null° (default route handler entry)

  1. 0.0.0/8 drop
  2. 0.0.0/32 receive
  3. 0.0.0/8 drop
  4. 0.0.0/4 drop
  5. 0.0.0/24 receive
  6. 0.0.0/4 drop
  7. 255.255.255/32 receive

Which of the following statements is NOT true?

A. These are the default entries in an FIB table
B. No IP addresses have been configured on this router
C. Multicast routing is enabled
D. The gateway of last resort has not been set

A

Answer: C

Explanation:

The Forwarding Information Base (FIB) table is created when Cisco Express Forwarding (CEF) is enabled on the router. FIB is a mapping of destination networks and IP addresses to next-hop IP addresses and exit
interfaces.

In the scenario, mutticast routing has NOT enabled in the router. If it were enabled, the next hop for the 224.0.0.0/4 network would not be listed as drop. A drop means any packets sent to mutticast IP addresses will be dropped. If mutticast routing were enabled, the entry for 224.0.0.0 would appear as follows:

Prefix Next Hop Interface
224.0.0.0/4 0.0.0.0

The next hop of 0.0.0.0 means that this traffic will be process switched, and CEF cannot forward the packets.

The table displayed in the scenario contains the default entries in the FIB. These entries will change based on further configuration of the router interfaces and the addition of routes to the routing table through either static routing or through routing protocols.

No IP addresses have been configured on the router. Had they been configured, the addresses of the networks to which they were connected would be in the table. For example, if the IP address of the FastEthernet 0/1 interface were set to 192.168.1.1/24, three entries would have been added to the table as follows:

Prefix Next Hop Interface

  1. 168.1.0/24 attached FastEthernet0/1
  2. 168.1.0/32 receive
  3. 168.1.1/32 receive
  4. 168.1.255/32 receive

While the first IP address represents the directly attached network of which the interface is a member, the second IP address represents the network ID of the network, the third IP address represents the specific IP address assigned to the interface, and the last IP address represents the broadcast address of the network.

The gateway of last resort has not been set on the router. If it were set, it would be listed along with an IP address for the next hop and the exit interface. An entry for a gateway of last resort (or default route) would resemble the following:

Prefix Next Hop Interface
0.0.0.0/0 192.168.5.5 FastEthernet 0/0

Objective:
Network Principles
Sub-Objective:
Identify Cisco Express Forwarding concepts

References:
Cisco IOS Switching Services Configuration Guide, Release 12.2 > Cisco Express Forwarding Overview
Cisco > Home > Support > Product Support > Routers > Cisco 12000 Series Routers > Troubleshoot and Alerts > Troubleshooting Technotes > Understanding Cisco Express Forwarding (CEF)

36
Q

Router10 is an area system border router (ASBR). The interfaces on Router 10 are configured as below:

S 010 10.0.0.0/8
SO/1 172.16.0.0/8
Fa010 192.168.5.0/24
Fa0/1 192.168.6.0/24

You would like Router 10 to advertise the 192.168.5.0124 and the 192.168.6.0124 networks over OSPF in its Type 5 link-state advertisements (LSAs).

What command set would instruct the router to do this?

A. RTA10(config)# router ospf 1
RTA10(config-router)# redistribute static

B. RTA10(config)# router ospf 1
RTA10(config-router)# redistribute connected

C. RTA10(config)# router ospf 1
RTA10(config)# redistribute connected

D. RTA10(config)# router ospf 1
RTA10(config-router)# network 192.168.5.0 0.0.0.0 area 1
RTA10(config-router)# network 192.168.6.0 0.0.0.0 area 1

A

Answer: B

Explanation:

By default, Type 5 link-state advertisements (LSAs) do not include directly connected networks. To after this behavior, you must execute the redistribute connected command in OSPF configuration mode. This command instructs the router to include these local interfaces in its advertisements, as follows:

RTA10(config)# router ospf 1
RTA10(config-router)# redistribute connected

You should not execute the command set that includes the redistribute static command. This instructs the router to advertise any statically defined routes that have been configured, instead of those that are local to the router.

You should not execute the command set that includes RTA10(config)# redistribute connected. The redistribute connected command is shown being executed at the wrong command prompt, and will generate an error message. It must be executed in the OSPF configuration mode and not global configuration mode.

You should not execute the following command set:

RTA10(config)# router ospf 1
RTA10(config-router)# network 192.168.5.0 0.0.0.0 area 1
RTA10(config-router)# network 192.168.6.0 0.0.0.0 area 1

The network commands will cause the networks to receive updates from the router, but do not allow them to be advertised in Type 5 LSAs.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify redistribution between any routing protocols or routing sources

References:
Cisco > Home > Support > Technology Support > IP > IP Routing > Design > Design Technotes > Redistributing Connected Networks into OSPF

37
Q

Company A recently acquired Company B and the network infrastructures are being merged. Both organizations used non-overlapping globally unique network addressing but different Interior Gateway Protocols (IGPs).

Initially, multiple WAN links will conned the two organizations. Company A will maintain its core routing protocol, and Company B’s routing protocol will be the edge routing protocol. Two-way redistribution will be used to
ensure full network routing capability.

What additional routing configuration should be performed to prevent routing loops and suboptimal routing?

A. Manually configure static routes.
B. Manually configure default routes.
C. Manually adjust the administrative distances.
D. Manually adjust the local preference attribute.

A

Answer: C

Explanation:

When routes are being redistributed from the core into the edge and from the edge into the core, the administrative distance (AD) associated with external routes should be modified. This lessens the possibility of sub-optimal routing when multiple routing protocols advertise different paths to the same network. The AD associated with the externally advertised routes should be higher than the internal IGP’s AD. To change the AD for an entire routing protocol, use the distance command. An example and the command syntax are shown below:

router(config)#router rip
router(config-router)#distance 125

The complete syntax of the distance command is:

distance weight [address mask [access-list-number I name]

The weight parameter is the AD, which can be a number from 10 to 255. Note that distances 0 through 9 are reserved for system use.

To change only the AD for selected networks, use an access list with the distance command as shown below:

router(config)# access-list 5 permit 10.0.0.0 255.0.0.0
router(config)# access-list 5 permit 11.0.0.0 255.0.0.0
router(config)# access-list 5 permit 12.0.0.0 255.0.0.0
router(config)# router rip
router(config-router)# distance 220 0.0.0.0 255.255.255.255 5

The 0.0.0.0 255.255.255.255 portion included with the distance command could hold an address/mask combination for a single address, but it is more common to use an access list.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify redistribution between any routing protocols or routing sources

References:
Cisco > Cisco IOS IP Routing: Protocol-Independent Command Reference > distance (ip)
Cisco > Support > Technology Support > IP > IP Routing > Design > Design Technotes > What Is Administrative Distance? > Document ID: 26634

38
Q

Your assistant is interested in gathering statistics about connection-oriented operations.

Which of the following should be done to enhance the accuracy of the information gathered?

A. configure an IP SLA responder on the destination device
B. configure an IP SLA responder on the source device
C. schedule the operation on the destination device
D. add the verify-data command to the configuration of the operation

A

Answer: A

Explanation:

Any IP SLA operations accuracy can be enhanced by configure an IP SLA responder on the destination device. It is important to note that only Cisco devices support the configuration as a responder.

You do not configure an IP SLA responder on the source device. You schedule the operation on the source device and the destination device is the one that is configured as a responder.

You do not schedule the operation on the destination device. You schedule the operation on the source device and the destination device is the one that is configured as a responder.

Adding the verify-data command to the configuration of the operation will not enhance the accuracy of the information gathered. When data verification is enabled, each operation response is checked for corruption. Use the verify-data command with caution during normal operations because it generates unnecessary overhead.

Objective:
Infrastructure Services
Sub-Objective:
Configure and verify IP SLA

References:
IP SLAs Configuration Guide, Cisco IOS Release 15M > Configuring IP SLAs TCP Connect Operations

39
Q

You are configuring a 6to4 tunnel. You want to translate the IPv4 address 192.168.50.4 to the IPv6 address for the tunnel.

What would be the correct translation?

A 2002:c0a8:3204:116
B. 2002:c0a8:9901:148
C. 2002:c0a8:3204:148
D. c0a8:3204:2002:116

A

Answer: C

Explanation:

When implementing an automatic 6to4 tunnel, each IPv6 site receives a /48-bit prefix. The hexadecimal equivalent of the IPv4 address of the edge router is appended to 0x2002 and followed with the prefix to identify each end of the tunnel. In this case, if the edge router’s IPv4 address were 192.168.50.4, the hexadecimal equivalent of the address (c0a8:3204) would be inserted between 0X2002 and the /48 prefix, resulting in 2002:c0a8:3204:148 to arrive at the tunnel endpoint address.

The correct address would not be 2002:c0a8:3204::/16. The prefix is 48, not 16.

The correct address would not be 2002:c0a8:9901:148. The hexadecimal equivalent of the address 192.168.50.4 is c0a8:3204, not c0a8:9901.

The correct address would not be c0a8:3204:2002:116. It has an incorrect prefix (116) and the values in the other sections are out of order.

Objective:
Network Principles
Sub-Objective:
Recognize proposed changes to the network

References:
Cisco IPv6 Implementation Guide, Release 15.2M&T > Implementing Tunneling for IPv6 > Implementing Tunneling for IPv6 > Configuration Examples for Implementing Tunneling for IPv6

40
Q

The router labeled “B” has been configured by using the following configuration commands:

RouterB(config)# router eigrp 100
RouterB(config-router)# network 10.0.0.0
RouterB(config-router)# distribute-list 10 in bri 0
RouterB(config)# access-list 10 deny 11.11.0.0 0.0.255.255
RouterB(config)# access-list 10 permit any

Which statement best describes the effects of this configuration?

A. Only network 11.11.0.0 will be advertised to routers A and C.
B. Advertisements received by router A will include router D networks.
C. Advertisements to router C will not include the router D and E networks.
D. Traffic from network 11.11.0.0 hosts will be discarded because of ACL 10.

A

Answer: B

Explanation:

The router will scan the access list specified by a distribute list. If a match to a permit statement is found, the route entry is permitted; if a match is found to a deny statement, the route is discarded. In this question, the permit statement in ACL 10 provides a permit match to all routes advertised from router D except for network 11.11.0.0.

Distribute lists are used to filter inbound, outbound, or redistributed routing updates. Instead of using the passive-interface command, distribute lists enable you to selectively control which routes are processed.

If a distribute list is associated with an interface, the routing update is compared to the access list that was specified in the distribute list. If a match is found to a permit statement, then the packet is forwarded. If a match is found to a deny statement, the packet is discarded. If no match is found, the implicit deny statement at the end of the access list will drop the packet. For example, if the access list in the above example were missing the line access-list 10 permit any, all updates would be denied, not just the one specified by the deny statement.

If no distribute list is associated with the interface, the routing update packets are processed as normal.

Distribute lists can reference multiple access lists if required to obtain the desired result. For example, examine the following configuration from a partial output of show run:

router eigrp
distribute-list 2 out ethernet 0
distribute-list 1 out
!
access-list 1 permit 10.0.0.0 0.255.255.255
access-list 2 permit 10.0.1.0 0.0.0.255

By using two access lists and two distribute lists, you accomplish the following:

  • Only routes matching 10.0.0.0/8 will be advertised out interfaces other than E0
  • Only routes matching 10.0.1.0/24 will be advertised out E0

Network 11.11.0.0 will not be the only network advertised to routers A and C. In this question, the permit statement in ACL 10 provides a permit match to all routes advertised from router D except for network 11.11.0.0.

The option advertisements to Router C will not include the router D and E networks is incorrect because although the 11.11.0.0/16 network will be denied, any other networks attached to either Router C or Router D will be permitted.

Traffic from network 11.11.0.0 hosts will NOT be discarded because of ACL 10. If the access list were applied to the interface with the access-group command instead of the distribute-list command, this would be the case, but a distribute list blocks routing updates, not normal traffic.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify filtering with any protocol

References:
Cisco > Home > Support > Technology Support > IP > IP Routing > Design > Design Technotes > Filtering Routing Updates on Distance Vector IP Routing Protocols

41
Q

Consider the following commands:

RouterA(config)# router ospf 10
RouterA(config-router)# redistribute eigrp 20 metric 30

What does the value of 30 represent?

A. It identifies the seed metric associated with OSPF routes that are redistributed into EIGRP.
B. It identifies the seed metric associated with EIGRP routes that are redistributed into OSPF.
C. It identifies the amount that the existing EIGRP metric will increment as it is redistributed into OSPF.
D. It specifies that routes that contain metrics of less than 30 will be redistributed from OSPF into EIGRP.

A

Answer: B

Explanation:

The value 30 represents the seed metric for routes that are redistributed from EIGRP into OSPF.

When configuring the OSPF process, the redistribute command is used to identify the source protocol, its AS or process ID, and several other optional parameters, such as metric. The default seed metric for all routing protocols except BGP is 20. When redistributing BGP, the default seed metric is 1.

It does not identify the seed metric associated with OSPF routes that are redistributed into EIGRP. The command is redistributing EIGRP into OSPF, not OSPF into EIGRP.

It does not identify the amount that the existing EIGRP metric will increment as it is redistributed into OSPF. A seed metric value is an absolute value not incremental.

It does not specify that routes that contain metrics of less than 30 will be redistributed from OSPF into EIGRP. It not used to fitter routes.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify redistribution between any routing protocols or routing sources

References:
Cisco > Cisco IOS IP Routing: Protocol-Independent Command Reference > redistribute (ip)

42
Q

The network team is reviewing its options with regard to network address translation. Now that the network has been completely changed over to IPv6, you need a mechanism to translate from the private IPv6 addresses inside your network to public IPv6 addresses. You would like for these mappings to be one-to-one.

Which of the following performs this function?

A. stateful NAT64
B. NPT6
C. NAT44
D. stateless NAT 64

A

Answer: B

Explanation:

NPT6 is a version of NAT that translates private IPv6 addresses to public or global IPv6 addresses. It is a stateless mechanism and requires a one-to-one mapping of private to global IPv6 addresses.

Neither version of NAT64 translates from private IPv6 addresses to public or global IPv6 addresses. Both stateful and stateless NAT64 translate from IPv4 to IPv6.

NAT44 does translate private IPv6 addresses to public or global IPv6 addresses, but it is stateful in operation. It does not perform one-to-one mappings.

Objective:
Infrastructure Services
Sub-Objective:
Describe IPv6 NAT

References:
Home > Products & services > Cisco IOS and NX-OS software > Cisco IOS technologies > Enterprise ipv6 solution > Data sheets and literature > White papers > NAT64 Technology: Connecting IPv6 and IPv4 Networks > Technologies Facilitating IPv6/IPv4 Translation

43
Q

Which show command displays detailed information about a router’s BGP connections to neighboring routers?

A. show ip bgp
B. show ip bgp summary
C. show ip bgp neighbors
D. show ip bgp connections

A

Answer: C

Explanation:

The show ip bgp neighbors command will show you detailed information about all of the router’s neighbors or peers. A sample of the show ip bgp neighbors output is shown below. The sample utilizes the ip address parameter, which is optional, but can used to limit the output to display information about only one neighbor:

Router153 show ip bgp neighbors 10.5.1.6

BGP neighbor is 10.5.1.6, remote AS 11, internal link
BGP version 4, remote router ID 10.1.5.6
BGP state = Active, table version 0
Last read 00:00:12, hold time is 180, keepalive interval is 60 seconds
Minimum time between advertisement runs is 30 seconds
Received 19 messages, 0 notifications, 0 in queue
Sent 17 messages, 0 notifications, 0 in queue
Inbound path policy configured
Route map for incoming advertisements is testing
Connections established 2; dropped 1
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Local host: 10.5.1.7, Local port: 11002
Foreign host: 10.5.1.6, Foreign port: 179

<output></output>

In the above example, router15 has sent out a BGP open packet to the peer at 10.5.1.6 and is listening for a connection request from the peer. This can be determined by the line that says BGP state = Active. It can also be determined that router has established a TCP connection two times, as evidenced by the line Connections established 2.

The show ip bgp command displays the contents of the BGP routing table. It will not display detailed information about a router’s BGP connections to neighboring routers.

The show ip bgp summary command displays a summary of the status of BGP connections. It will not display detailed information about a router’s BGP connections to neighboring routers.

There is no show ip bgp connections command.

Objective:
Layer 3 Technologies
Sub-Objective:
Describe, configure, and verify BGP peer relationships and authentication

References:
Cisco 105 Master Command List, Release 12.4 > a through b > BGP Commands: show ip through T > show ip bgp neighbors

44
Q

You have configured BGP on both rtrA in AS 1 and rtrB in AS 2. There are two routes created using the network command between the two routers. One route traverses through AS 5 and AS 6 from rtrA to rtrB, while the other route traverses AS 7, AS 8, and AS 9 from rtrA to rtrB. Both routes use default values for the Weight and LOCAL_PREF attributes.

Which of the following attributes determines the BEST route between rtrA and rtrB routers?

A. Weight
B. LOCAL_PREF
C. Origin type
D. AS_PATH

A

Answer: D

Explanation:

The AS_PATH attribute is used to determine the best path between the two routes. To select the best path from rtrA to rtrB, BGP analyzes attributes that are set for the two available routes during the configuration of the
network. The key BGP attributes and the order in which they are checked are as follows:
• Weight - highest weight is selected
• LOCAL_PREF - highest LOCAL_PREF is selected
• Locally originated routes - local routes are selected
• AS_PATH - shortest AS_PATH is selected
• Origin type - lowest origin type is selected
• Multi-exit Discriminator (MED) - lowest MED is selected

The weight attribute is the first attribute to be checked while selecting the best BGP route. This attribute is relevant only to the local router on which it is set. The value of this attribute can be any number from 0 to 65535. The default values are 32768 for locally originated routes and 0 for other types of routes. Both routes in this case are originated locally and have the default weight values. Therefore, in this case, the weight attribute is not used to determine the best route.

BGP then checks the value of the LOCAL_PREF attribute, which refers to local preference. Local preference is a value indicates the route that is preferred to exit the AS to reach a given network. Routes with higher local preference are selected by BGP. You can set the local preference for a route to any value; however, if you do not, the route uses the default value of 100. Because both routes have the default LOCAL_PREF value, this attribute is not used to determine the best route.

Next BGP checks whether any of the routes are locally originated using the network, redistribute, or aggregate commands. As stated, both routes originated using the network command on the routers. Consequently, BGP analyzes the value of the AS_PATH attribute, which is a list of the AS numbers traversed by a particular route. The route with the shortest AS_PATH is selected as the best path. In this case, the route that consists of AS 5 and 6 is considered the best path because the AS_PATH value for this route is shorter than that for the route traversing AS 7, 8, and 9. The AS_PATH value for the route traversing AS 5 and 6 is [6 5 1], while the AS_PATH for the route traversing AS 7, 8, and 9 is [9 8 7 1].

The other options are incorrect because the corresponding attributes are same for both the routes; hence, those attributes are not considered while BGP determines the best path.

Objective:
Layer 3 Technologies
Sub-Objective:
Explain BGP attributes and best-path selection

References:
Internetworking Technology Handbook > BGP > BGP attributes

45
Q

You have recently joined a company as the network administrator. You have been asked to complete the configuration on the border routers for an automatic 6-to-4 tunnel between several IPv6 network domains. The commands that are currently configured on the routers are as follows:

ipv6 route tunnel
interface tunnel
ipv6 address
tunnel source

Which of the following additional commands is required to complete the configuration of automatic 6-to-4 tunnel on the border routers?

A. tunnel mode ipv6ip
B. tunnel mode ipv6ip 6to4
C. tunnel mode ipv6ip auto-tunnel
D. tunnel mode ipv6ip isatap

A

Answer: B

Explanation:

The correct answer is to use the tunnel mode ipv6ip 6to4 command to complete the configuration of an automatic 6-to-4 tunnel. This command requires the use of IPv6 unicast addresses that have the 2002:116 prefix.

The types of tunneling mechanisms supported by IPv6 are:
• Automatic 6-to-4 tunnel
• ISATAP tunnel
• Manually configured tunnel
• GRE tunnel

Apart from using a tunneling mechanism, interoperability between IPv4 and IPv6 can be provided by using a dual-stack infrastructure or Network Address Translation-Protocol Translation (NAT-PT). A dual-stack infrastructure allows you to use both IPv4 and IPv6 addresses on the same router/host. NAT-PT is used to translate IPv4 addresses to IPv6 and vice versa.

The tunnel mode ipv6ip command should not be used to complete the configuration because this command specifies IPv6 as the passenger protocol and creates a manually configured tunnel.

The tunnel mode ipv6ip auto-tunnel command is not required to enable automatic 6-to-4 tunneling on the border routers. This command creates an automatic IPv4-compatible IPv6 tunnel between the routers.

The tunnel mode ipv6ip isatap command should not be used because this command creates an ISATAP tunnel.

Objective:
Network Principles
Sub-Objective:
Recognize proposed changes to the network

References:
Cisco IOS IPv6 Configuration Guide; Implementing Tunneling for IPv6 > Configuring Manual IPv6 Tunnels
Cisco > Cisco IOS IPv6 Command Reference > tunnel mode ipv6ip

46
Q

Refer to the following table:

Parameters nValues | Path 1 | Path2 | Path3
—————————————————————————————-
Weight | 500 | 500 | 500
—————————————————————————————-
LOCAL PREF | 150 | 150 | 150
——————————————————————————————-
Local Originate Source| Redistribute | Redistribute | Network
Command
———————————————————————————-
AS_PATH | 50 20 40 | 20 30 40 | 10 20 ?
———————————————————————————–
Origin Type | IGP | IGP | IGP
———————————————————————————
MED | 300 | 250 | 200
———————————————————————————
Protocol type | iBGP | iBGP | iBGP

Path1 , Path2, and Path3 are the available routes between routers A and B. The bgp always-compare med command is executed for all three routes.

What should be the value for the missing ASN (represented by a question mark in the table) so that Path3 becomes the best path between routers A and B based on their MED values?

A. 10
B. 20
C. 30
D. 40

A

Answer: D

Explanation:

The missing autonomous system number (ASN) in the AS_PATH parameter of Path3 should be 40 so that Path3 becomes the best path from A to B. BGP selects the best path by first selecting the first valid path between two routers. If other paths are available between the two routers, BGP compares values of various attributes to select the best available path. In this case, Path 2 is the current best path between routers A and B.

The values of various parameters (listed in the table) are compared with Pathl and Path2.

While comparing Pathl and Path2, the weight, LOCAL_PREF, local originate source command, length of AS_PATH, and origin type are same. Therefore, these parameters are not useful in determining the best path.

However, the MED value of Path2 is lower than that of Pathl . As a result, Path2 is selected as the best path because BGP prefers the route with the lesser MED value.

BGP now compares the parameter values of Path 2 (the current best path) and Path3. The weight and LOCAL_PREF parameters are same for both routes. Path 2 and Path3 are both local routes originated by using the redistribute and the network commands, respectively. BGP prefers local routes learned by the network or redistribute commands over those that are learned by the aggregate-address command.

The AS_PATH parameter specifies the list of AS numbers that comprise the route. The best path should have the shortest value for the AS_PATH parameter. In this case, both Path2 and Path3 consist of three AS numbers and are originated by an IGP. Therefore, the AS_PATH and the origin type parameters are not helpful in determining the best path.

Finally, BGP compares the MED values of Path2 and Path3. The MED values are compared only when the first AS number in the AS_PATH is the same for both routes; that is, when both routes begin in the same AS.

The first ASN in the AS_PATH parameter of Path2 is 40; therefore, the missing ASN for Path3 should be 40. This allows the comparison of MED values and the selection of Path3 as the best route as it has lower MED value.

All the other options are incorrect because a value other than 40 disables the comparison of the MED values between Path2 and Path3. If the MED value is not considered, then BGP determines whether Path3 is an iBGP or eBGP router. BGP selects an iBGP route instead of an eBGP route.

Objective:
Layer 3 Technologies
Sub-Objective:
Explain BGP attributes and best-path selection

References:
Internetworking Technology Handbook > BGP > BGP attributes

47
Q

You manage the EIGRP subnet in your organization. You have enabled EIGRP for IPv6 on all the routers in the EIGRP AS 355 using the following commands on all the routers:
• The ipv6 unicast-routing command in global configuration mode
• The interface command in global configuration mode
• The ipv6 enable command in interface configuration mode
• The ipv6 eigrp command in interface configuration mode
• The ipv6 router eigrp command in global configuration mode
• The eigrp router-id command in global configuration mode

During verification, you discover that EIGRP for IPv6 is not running on the routers.

Which of the following should be done to fix the issue?

A. The ipv6 address command should be executed in interface configuration mode.
B. The ipv6 address command should be executed in router configuration mode.
C. The eigrp router-id command should be executed in interface configuration mode.
D. The eigrp router-id command should be executed in router configuration mode.

A

Answer: D

Explanation:

The eigrp router-id command should be executed in router configuration mode to fix the issue. This command specifies a fixed router IPv4 address to the router. If this command is missing or incorrectly configured on the router, EIGRP for IPv6 will not run properly.

Another command that you should perform so that EIGRP for IPv6 runs on the routers is the no shutdown command. You should execute this command in interface configuration mode. The no shutdown command is necessary because all the interfaces with EIGRP for IPv6 enabled on them are in a shutdown state by default.

A sample configuration to implement EIGRP for IPv6 on a router is as follows:

rtrA(config)# ipv6 unicast-routing
rtrA(config)# interface Fa0/1
rtrA(config-if) # ipv6 enable
rtrA(config-if) # ipv6 eigrp 355
rtrA(config-if)# no shutdown
rtrA(config-if)# exit
rtrA(config)# ipv6 router eigrp 355
rtrA(config-rtr)# eigrp router-id 1.1.1.1

The two options stating that the ipv6 address command should be executed on the routers are incorrect. EIGRP for IPv6 can be configured on router interfaces without explicitly specifying a global unicast IPv6 address. If you specify the ipv6 enable command, as in this scenario, then the ipv6 address command is not required.

The option stating that the eigrp router-id command should be executed in interface configuration mode is incorrect. This command should be executed in router configuration mode instead of interface or global configuration modes.

Objective:
Layer 3 Technologies
Sub-Objective:
Identify IPv6 addressing and subnetting

References:
Cisco IPv6 Implementation Guide, Release 15.2M&T > Implementing EIGRP for IPv6 > How to Implement EIGRP for IPv6 > Enabling EIGRP for IPv6 on an Interface

48
Q

After configuring a PPPoE client on and Ethernet interface. you discover the connection is not working. You execute the show run command to view the PPPoE configuration. part of which is shown in the following output:

vpdn-group 1
request-dialin
protocol pppoe
!
interface ethernetl/1
pppoe-client dial-pool-number 1
pppoe-client dial-pool-number 2
!
interface dialer 1
ip address negotiated
dialer pool 1
dialer-group 1
!
interface dialer 2
ip address negotiated
dialer pool 2
dialer-group 2

What command is missing?

A. vpdn-group
B. request dialin
C. protocol pppoe
D. vpdn enable

A

Answer: D

Explanation:

The command vpdn enable is required to enable virtual private dialup networking. If this command has not been executed, the other commands will not take effect. While some commands are optional, the following tasks are required to set up the PPP over Ethernet client feature:
• Enable PPPoE in a VPDN Group
• Configure a PPPoE Client
• Configure the Dialer Interface

The first step includes these three sub-tasks:
• Enable virtual private dialup networking using the vpdn enable command.
• Associate a VPDN group with a customer or VPDN profile using the vpdn-group name command.
• Create a request-dialin VPDN subgroup using the request-dialin command.
• Enable the VPDN subgroup to establish PPPoE sessions using the protocol pppoe command.

In the output in the scenario, we can see that all tasks were taken care of in the first section except for enabling virtual private dialup networking. Had that been done, the first section would correctly appear as:

vpdn enable
vpdn-group 1
request-dialin
protocol pppoe

The rest of the configuration is correct. The following section configures the PPPoE client and specifies the dialer interface to use for cloning:

interface ethernet1 /1
pppoe-client dial-pool-number 1
pppoe-client dial-pool-number 2

The following sections configure two dialer interfaces. They specify that the IP addresses for the interfaces are obtained via PPPlIPCP (IP Control Protocol) address negotiation and that the dialing pools to use to connect to a specific destination subnetwork. Finally, they configure the interfaces to belong to a specific dialing group.

interface dialer 1
ip address negotiated
dialer pool 1
dialer-group 1

interface dialer 2
ip address negotiated
dialer pool 2
dialer-group 2

Objective:
Layer 2 Technologies
Sub-Objective:
Configure and verify PPP

References:
Cisco Press > Articles > Cisco Network Technology > General Networking > End-to-End DSL Architectures
PPP over Ethernet Client

49
Q

You have a Frame Relay topology that is currently a hub and spoke using a single physical serial interface on the hub router with the default network type. OSPF is also running on the interface.

You execute the following command:

ip ospf network point-to-point

What would be the effect of executing this command on the serial interface of the hub router?

A. The hello interval for OSPF will change to 30 seconds
B. The dead interval for OSPF will change to 40 seconds
C. There will now be a DR election
D. The hub router must now be configured with a router ID

A

Answer: B

Explanation:

The dead interval for OSPF will change to 40 seconds. By default, a Frame Relay connection that uses a physical interface is designated a non-broadcast network for purposes of determining the OSPF hello and dead intervals. There are four possible network types for Frame Relay, and they use different values for the OSPF hello and dead intervals. The values are shown below:

Network Type Hello Dead
Point-to-Point 10 40
Point-to-Multipoint 30 120
Broadcast 10 40
Non-Broadcast 30 120

When the ip ospf network point-to-point command is executed, it will change the network type from the default of non-broadcast to point-to-point. This alteration will change the hello and dead intervals to 10 and 40 seconds, respectively.

The hello interval for OSPF will not change to 30 seconds. That is the value for non-broadcast and point-to-muttipoint networks.

There will not be a designated router (DR) election. DRs are not elected on a point-to-point network.

The hub router does not need to be configured with a router ID. In OSPF for IPv4, the router can create its own by using one of the IP addresses of its interfaces.

Objective:
Layer 2 Technologies
Sub-Objective:
Explain Frame Relay

References:
Home > Support > Technology support > Initial Configurations for OSPF over Frame Relay Subinterfaces

50
Q

You have configured OSPF on your network and enabled route summarization on an area border router (ABR) with the following command:

Router(config-router)# area 3 range 165.164.8.0 255.255.248.0

What does the 3 specify in this command?

A. The ID of the OSPF backbone
B. The number of networks summarized in the area
C. The ID of the area about which routes will be summarized
D. The ID of the area to which the summary route information will be sent

A

Answer: C

Explanation:

The 3 in the area range command specifies the area that contains the routes that are to be summarized. In OSPF, you can only configure summarization on the border routers. The summaries need to be of routes within a single area.

You summarize the routes of an area so that routers in another area do not see the individual networks, just the summary. The correct command syntax is shown below:

area number range ip-address mask

The number parameter is the number of the area whose networks are being summarized. For example, in the network shown in the graphic below, to summarize the networks within area 2 to 10.1.0.0116, you would configure router A with the command area 2 range 10.1.0.0 255.255.0.0.

This would not affect the routing tables of the routers within area 2, but instead make the routing tables of areas 0 and 1 smaller.

These other routers would only have the summary route listed instead of the individual networks. Router C would only see the summary route 10.1.0.0/16.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify manual and autosummarization with any routing protocol

References:
Cisco IOS Master Command Reference > a through b > area range

51
Q

Which of the following statements represent characteristics of an automatic 6to4 tunnel through an IPv4 network? (Choose all that apply.)

A. There is a NAT-PT router on either end of the tunnel.
B. There is a dual stack router on either end of the tunnel.
C. Each 6to4 site will have a /48 prefix.
D. Each 6to4 site will have a /16 prefix.
E. The IPv4 addresses of the edge routers are part of the site prefix.
F. The IPv6 addresses of the sending and receiving IPv6 hosts are part of the site prefix.

A

Answer: B, C, E

Explanation:

When implementing an automatic 6to4 tunnel, each IPv6 site receives a 48-bit prefix. The hexadecimal equivalent of the IPv4 address of the edge router is appended to 0x2002 and followed with the prefix to identify each end of the tunnel.

Each end of the tunnel must be a dual stack router, which is one that can route both IPv4 and IPv6 traffic. For example, if the edge router’s IPv4 address were 192.168.99.1, the hexadecimal equivalent of the address (c0a8:6301) would be inserted between 0X2002 and the /48 prefix, resulting in a packet with the IPv6 address 2002:c0a8:6301:148 to arrive at the tunnel endpoint address.

A Network Address Translation - Port Translation (NAT-PT) router performs translation from IPv4 to IPv6. It is not used in a 6to4 tunnel.

Each site does not have a /16 prefix with a 6to4 tunnel. Rather, each site has a /48 prefix.

The IPv6 address of each IPv6 host is not part of the site prefix. These addresses are retained within the IPv6 portion of the header, and will be read after the frame reaches the end of the tunnel for eventual IPv6 routing on the far end.

Objective:
Network Principles
Sub-Objective:
Recognize proposed changes to the network

References:
Cisco > Products > Collateral > Whitepaper > Enterprise IPv6 Transition Strategy > IPv6 Deployment Solution Options

52
Q

Examine the following output.

Router#show adjacency
Protocol Interface Address
IP Serial0 10.10.10.2(2) (incomplete)

<output></output>

What possible reason(s) can cause the state of the first entry in the adjacency table? (Choose all that apply.)

A. the interface is a multipoint interface
B. the clear ip arp command was executed
C. the Layer 3 information is unknown
D. the clear adjacency command was executed

A

Answer: B, D

Explanation:

If either the clear ip arp or the clear adjacency commands were issued, the entry would temporarily be listed as incomplete in the adjacency table. The adjacency table is used by Cisco Express Forwarding (CEF) to maintain Layer 2 information about the next hop to remote networks.

In CEF, an adjacency refers to a control structure that holds Layer 2 information for an IP address on a particular interface. When that information is not available the entry will be listed as incomplete, as shown in the example.

Layer 2 information normally comes from the ARP process. Therefore, if the ARP table is cleared with the clear ip arp command, the Layer 2 information will be temporarily unavailable until the ARP process re-learns it the next time a frame must be sent to that hop. Moreover, if the adjacency table is emptied with the clear adjacency command, the entry must be created again.

This will also result in the entry being marked incomplete for a short period of time until the ARP table can be consulted and the Layer 2 information re-added.

The interface in the scenario is not a multipoint interface. A multipoint interface would include entries for multiple next hops, since a multipoint interface connects to multiple Layer 3 destinations. An example of this is shown below in sample output from a Frame Relay interface:

Protocol Interface Address
IP Serial° 140.108.1.1(25)
0 packets, 0 bytes
18410800
FR-MAP never
Epoch: 1
IP Serial0 140.108.1.2(5)
0 packets, 0 bytes
18510800
FR-MAP never
Epoch: 1

The layer 3 information of the next hop is present in the entry in the scenario example. It is 10.10.10.2.

Objective:
Network Principles
Sub-Objective:
Identify Cisco Express Forwarding concepts

References:
Home > Support > Technology support > IP > IP switching > Troubleshoot and alerts > Troubleshooting Technotes > Troubleshooting Incomplete Adjacencies with CEF

53
Q

If you executed the show ip ospf database command, which keyword would you add to the command to produce the following output?

Router$ show ip ospf database
OSPF Router with id(192.168.55.56) (Process ID 300)
Displaying Summary Net Link States(Area 0.0.0.0)
LS age: 1401
Options: (No TOS-capability)
LS Type: Summary Links(Network)
Link State ID: 10.199.240.0 (summary Network Number)
Advertising Router: 10.199.241.5
LS Seq Number: 80000072
Checksum: Ox84FF
Length: 28
Network Mask: 255.255.255.0 TOS: 0 Metric: 1

A. router
B. summary
C. network
D. external

A

Answer: B

Explanation:

The output was produced with the summary keyword. When the show ip ospf database command is executed, any of several keywords can be used to specify the type of link-state advertisements (LSAs) to display. The output LS Type: Summary Links(Network) indicates that these are summary links. Summary LSAs are generated by an area border router (ABR) and will be displayed when you execute the summary keyword. These are Type 3 LSAs.

The router keyword was not used. If this keyword had been used, the LS Type line would have included Router Links instead of Summary Links. Router LSAs are Type 1 LSAs.

The network keyword was not used. If this keyword had been used the LS Type line would have included Network Links instead of Summary Links. Network LSAs are Type 2 LSAs.

The external keyword was not used. If this keyword had been used the LS Type line would have included AS External Links instead of Summary Links. External LSAs are Type 5 LSAs.

Objective:
Layer 3 Technologies
Sub-Objective:
Describe OSPF packet types

References:
Cisco > Cisco IOS IP Routing: OSPF Command Reference > show ip ospf database

54
Q

As the network administrator, you need to develop a verification plan for an OSPF network. The OSPF network has several area routers, area border routers (ABRs), and autonomous system boundary routers (ASBRs).

Which LSA types should you expect ABRs to generate while verifying the OSPF network? (Choose two.)

A. Type 4
B. Type 3
C. Type 2
D. Types

A

Answer: A, B

Explanation:

ABRs generate Type 3 and Type 4 LSAs in an OSPF network. ABRs are those routers that exist between two OSPF areas, as shown in the following figure:

Type 3 and Type 4 LSAs are generated by ABRs to be flooded into other areas to and from the backbone area (area 0). Type 3 LSAs, or summary link advertisements, contain the list of networks known by one area. ABRs send Type 3 LSAs to the other OSPF areas in a given AS.

OSPF ABRs generates Type 4 LSAs to advertise the list of routes that point to an ASBR. These LSAs advertise the location of the ASBR.

Type 5 LSAs are not generated by an ABR. These LSAs are generated by ASBRs to describe routes redistributed into the area from other autonomous systems.

Type 2 LSAs are not generated by an ABR. A Type 2 LSA is generated only by the designated router (DR) of a segment to be sent to the other routers that belong to the same area as the DR. A DR is a router that has the highest OSPF priority on a segment. These advertisements are used by the DR to represent the routers that are connected to the network.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify network types, area types, and router types

References:
Cisco Learning Home > Groups > CCNP R&S Study Group > Discussions > OSPF Level of Detail
Cisco > Support > Technology Support > IP > IP Routing > Technology Information > Technology White Paper > OSPF Design Guide > Link State Packets

55
Q

Router R2 operates in a broadcast, mufti-access network. Examine the following output of the show ip ospf neighbor command.

R24 show ip ospf neighbor fa0/1

NeighborID PRI State Dead Time Address Interface

  1. 1.1.1 1 2WAY/DROTHER 00:00:13 192.168.5.6 FastEthetnet 0/1
  2. 2.2.2 1 2WAY/DROTHER 00:00:04 192.168.5.10 FastEthetnet 0/1
  3. 3.3.3 1 2WAY/DROTHER 00:00:47 192.168.5.116 FastEthetnet 0/1
  4. 4.4.4 1 FULL/BDR 00:00:36 192.168.5.107 FastEthetnet 0/1
  5. 5.5.5 1 FULL/DR 00:00:49 192.168.5.165 FastEthetnet 0/1

Based on the output, with which routers can R2 establish a full adjacency?

A. the neighbor at 192.168.5.6
B. the neighbor at 192.168.5.10
C. the neighbor at 192.168.5.116
D. the neighbor at 192.168.5.107

A

Answer: D

Explanation:

R2 can establish a full adjacency with the neighbor at 192.168.5.107 and the neighbor at 192.168.5.165. In a broadcast, mufti-access network OSPF network, full adjacencies can only be established with a designated router (DR) or a backup designated router (BDR).

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify OSPF neighbor relationship and authentication

References:
Home.Support > Technology Support > IP > IP Routing > Design > Design Technotes > What does the show ip ospf neighbors command reveal?
Cisco > Cisco IOS IP Routing: OSPF Command Reference > show ip ospf neighbor

56
Q

Which of the following commands will enable the DHCP and relay services on a Cisco router?

A. RouterA(config)# service dhcp
B. RouterA(config)# dhcp enable
C. RouterA(config)# enable dhcp
D. RouterA(config-if)# dhcp enable
E. RouterA(config-if)# service dhcp

A

Answer: A

Explanation:

Using the service dhcp command at global configuration mode will enable the DHCP and relay services on a Cisco router. By default, these services are already enabled on the router, but they can be disabled using the no service dhcp command. Before the DHCP service can actually function, a pool of addresses must be created and any statically defined addresses (such as the router itself) must be excluded. If the router has two interfaces and needs to issue addresses on both interfaces two pools and two exclusion statements must be present.

Below is an example of a complete configuration taken from a partial output of the show run command. This router has two interfaces 10.0.0.1/24 and 192.168.5.1/24, creating the need for two pools and two exclusion statements. It excludes the address ranges 10.0.0.1-10.0.0.5 from the 10.0.0.0/24 pool and excludes 192.168.5.1-192.168.5.5 from the 192.168.5.0/24 pool, and creates a pool for 10.0.0.124 and 192.168.5.0/24.

router53 show run

<output><br></br>ip dhcp excluded-address 10.0.0.1 10.0.5<br></br>ip dhcp excluded-address 192.168.0.1 192.168.0.5</output>

ip dhcp pool main
Network 10.0.0.0 255.255.255.0
ip dhcp pool branch
Network 192.168.5.0 255.255.255.0

The commands RouterA(config)# dhcp enable and RouterA(config)# enable dhcp are incorrect because the syntax is incorrect.

The command RouterA(config-if)# dhcp enable is incorrect because the syntax is incorrect and because it is executed in interface configuration mode. Enabling DHCP is done at the global prompt.

The command RouterA(config-if)# service dhcp is incorrect because it is executed in interface configuration mode. Enabling DHCP is done at the global prompt

Objective:
Layer 3 Technologies
Sub-Objective:
Identify, configure, and verify IPv4 addressing and subnetting

References:
Cisco > IP Addressing’ DHCP Configuration Guide, Release 15M&T > DHCP Overview
Cisco > CiscolOS IP Addressing Services Command Reference > service dhcp

57
Q

Examine the output of the show frame-relay map command:

Rltshow frame-relay map
Seria10/0 (up): ip 10.55.123.2 dici 122(0x7A,0x1CA0), dynamic,
broadcast„ status defined, active
Seria10/0 (up): ip 10.55.123.3 d1ci 123(0x73,0x1C30), dynamic,
broadcast„ status defined, active
R1*

Which of the following statements is true of the configuration of R1?

A. Neither PVC is up
B. A frame-relay map statement was used to manually map the IP address to the DLCI on both PVCs
C. The DLCIs for both PVCs were learned using inverse ARP
D. Broadcast traffic is not allowed on either PVCs

A

Answer: C
Explanation:

The output shows that the Data Link Connection identifiers (DLCI) for both PVCs were learned using inverse ARP. In a Frame Relay topology, Layer 2 addresses are called DLCSI. Each end of a Frame Relay circuit can learn the DLCI of the other end through manual configuration, using the frame-relay map command, or it can be learned dynamically, using a process called inverse ARP.

When the addresses are learned using inverse ARP, the output of the show frame-relay map command will indicate that by designating the circuit as dynamic.

Both PVCs are up, as indicated by the word active in the output for both PVCs.

A frame-relay map statement not was used to manually map the IP addresses to the DLCI on both PVCs. Were that the case, the output would indicate static in the place where it says dynamic.

Broadcast and multicast traffic are both allowed across both PVCs, as indicated by the word broadcast after each entry.

Objective:
Layer 2 Technologies
Sub-Objective:
Explain Frame Relay

References:
Home > Support > Technology Support > Wan > Frame relay > Troubleshoot and alerts > Troubleshooting TechNotes > Comprehensive Guide to Configuring and Troubleshooting Frame Relay

58
Q

An associate of yours configured a PPPoE connection. You have been alerted by a vulnerability tester that by using a sniffer, he was able to learn the connection credentials.

What type of authentication must your associate have configured on the connection?

A. PAP
B. 802.1x
C. CHAP
D. IPsec

A

Answer: A

Explanation:

The method used must have been Password Authentication Protocol (PAP). This method transmits the credentials in clear text, which makes it a poor choice.

There are only two methods available to authenticate a PPP connection, PAP and Challenge-Handshake Authentication Protocol (CHAP). CHAP never sends the password across the link. Rather, the authenticating end of the connection sends random text and other information to the requester. The requester encrypts this data with its password and sends it back. The authenticating end of the connection reverses the encryption using the same password and compares the result with what was originally sent.

If it matches, the authenticating end of the connection is assured that the requesting end knows the reverses the encryption using the same password and compares the result with what was originally sent.

The connection could not have used either 802.1 x or IPsec, as neither method would transmit the credentials in clear text.

The connection could not have used CHAP. If it had, the credentials could not have been captured with a sniffer.

Objective:
Layer 2 Technologies
Sub-Objective:
Configure and verify PPP

References:
Cisco > Authentication, Authorization, and Accounting Configuration Guide, Cisco IOS Release 15M&T > Configuring Authentication > Non-AAA Authentication Methods > Enabling CHAP or PAP Authentication
Cisco > Authentication, Authorization, and Accounting Configuration Guide, Cisco IOS Release 15M&T (PDF)

59
Q

You execute the debug ip packet command and find that you receive no output.

Which of the following is the MOST likely reason?

A. someone executed the no ip route-cache command
B. someone executed the no ip mroute cache command
C. someone attached an extended access list to the debug process
D. someone executed the ip cef command

A

Answer: D

Explanation:

When the ip cef command is executed, it enables Cisco Express Forwarding. When CEF is enabled, packets are no longer switched to the processor, so the output shows nothing. You must disable CEF and fast switching on the interface while you are running the debug ip packet command.

Executing the no ip route-cache command would disable fast switching and would enable the gathering of packets rather than disable the operation.

Executing the no ip-mroute cache command would disable fast switching of mutticast packets and would enable the gathering of mutticast packets.

While it is possible that that an overly restrictive access list could result in NO output, this is only a possibility. On the other hand, it is certain that no output will be produced if the ip cef command was executed.

Access lists SHOULD be used in conjunction with the debug ip packet command to reduce the significant amount of information generated and the system resources required to do so.

Objective:
Infrastructure Services
Sub-Objective:
Configure and verify logging

References:
Home > Support > Technology support > Dial and access > Integrated Services Digital Networks (ISDN) Channel-Associated Signaling (CAS) > Troubleshoot and alerts > Troubleshooting Technotes >
Important Information on Debug Commands
Cisco > Cisco IOS IP Switching Command Reference > ip cache-invalidate-delay through monitor event-trace cef ipv6 global > ip cef

60
Q

You instructed your assistant to configure load balancing on a router. The router currently has two routes to network A. One route has a cost of 15, and the other has a cost of 30.

What command should the assistant execute to instruct the router to treat the two routes as equal without including any other routes in the load balancing?

A. routerA(config)# variance 2
B. routerA(config-router)# variance 2
C. routerA(config)# variance 3
D. routerA(config-router)# variance 3

A

Answer: B

Explanation:

The correct command to instruct the router to treat the two routes as equal is variance 2. It must be entered in EIGRP configuration mode, as evidenced by the routerA(config-router)# prompt. The number that comes after the command is called the muftiplier. A muftiplier of two tells the router that any route that is within twice the metric of the best route will be considered equal to the best route.

The default setting for variance is one, which indicates that the routes must be equal to be considered for load balancing. An additional requirement of load balancing is that the alternate route’s feasible distance must not be higher than the advertised distance of the route, which could indicate a routing loop.

The assistant should not execute the variance 2 command at the routerA(config)# prompt, which is global configuration mode. The variance command must be entered in EIGRP configuration mode at the routerA(config-router)# prompt.

The assistant should not use the variance 3 command in either mode because that would direct the router that any route within three times the cost of the best route (in this scenario, a cost of 45) would be considered equal to the cost of the best route. The scenario requires that two routes be load balanced. Because one route has a cost of 15 and the other has a cost of twice 15 (30), the variance multiplier must be two.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify EIGRP load balancing

References:
Cisco > Home > Support > Technology Support > IP > IP Routing > Design > Design Technotes > How Does Unequal Cost Path Load Balancing (Variance) Work in IGRP and EIGRP?
Cisco > Support > Technology Support > IP > IP Routing > Design > Design Technotes > Route Selection in Cisco Routers > Document ID: 8651

61
Q

What would be a use case for the HSRP configuration below?

interface Loopback0
ip address 171.16.6.25

interface Ethernet0
ip address 171.16.6.6 255.255.255.0

no ip redirects
standby 1 ip 171.16.6.100

standby 1 preempt

standby 1 track Loopback0.

interface Seriall
ip address 171.16.7.6 255.255.255.0

A. used to switch the active role to the other router in the HSRP group during a maintenance window
B. used to prevent this router from ever relinquishing the active role
C. used to prevent this router from ever performing the active role
D. used to allow preemption over multiple peers

A

Answer: A

Explanation:

By tracking the loopback interface and decrementing the priority if it goes down, technicians would have a method of moving the active role to the other router by disabling the loopback interface. This method is less disruptive than disabling any of the physical interfaces. Although no decrement value has been specified, a default decrement of 10 will occur.

This configuration would not be used to prevent this router from ever relinquishing the active role. That would defeat the purpose of Hot Standby Routing Protocol (HSRP), which is to provide failover by relinquishing the active role to the other router.

This configuration would not be used to prevent this router from ever performing the active role. That would defeat the purpose of HSRP which is to provide failover by this router taking the active role when there is an issue with the other router.

This configuration would not be used to allow preemption over multiple peers. When more than two routers are in an HSRP group, the active router is allowed preemption over multiple peers by default.

Objective:
Infrastructure Services
Sub-Objective:
Configure and verify tracking objects

References:
Home > Support > Technology support > IP > IP application services > Troubleshoot and alerts > Troubleshooting Technotes > How to use the standby preempt and standby track commands

62
Q

You have configured DHCP on a router and configured it to assign IP addresses in the range of 192.168.1.10 through 192.168.1.150. You just discovered that one of your print servers is using the address 192.168.1.100 and you cannot change it.

What command can you use on the router to solve this problem?

A. Router(config)# ip dhcp excluded-address
B. Router(config)# access-list
C. Router(dhcp-config)# ip dhcp excluded-address
D. Router(config)# dhcp exclude-address
E. Router(config)# service dhcp excluded-address

A

Answer: A

Explanation:

The ip dhcp excluded-address command will allow you to specify an address or group of addresses in a pool that the DHCP server will not assign. This is typically used when a host has a permanent address assigned that would conflict with addresses that the DHCP server would hand out. The proper syntax for this command is as follows:

Router(config)# ip dhcp excluded-address low-address [high-address]

The other options use improper syntax or are executed at an incorrect prompt. The ip dhcp excluded-address command should be executed at global configuration mode.

Objective:
Infrastructure Services
Sub-Objective:
Configure and verify IPv4 and IPv6 DHCP

References:
Cisco > Cisco IOS IP Addressing Services Command Reference > ip dhcp excluded-address

63
Q

Click the Exhibit(s) button to view an EIGRP network. The partial output of the show running-config command on the rtrB router is as follows:

rtrB# show running-config
!
ip prefix-list blk A deny 172.161.0.0/16 ge 24 le 30
ip prefix-list blk A permit 0.0.0.0/0 le 32
!
router eigrp 101
network 172.161.247.0 0.0.0.255
network 172.161.64.0 0.0.0.15
distribute-list prefix blk A out
auto-summary
!

Which of the following subnets are blocked through the Fa0/0 interface of rtrB while sending updates to rtrC? (Choose all that apply.)

A 172.161.9.0/24
B 172.161.35.0/18
C 172.161.64.0/28
D 172.161.88.0/22
E 172.161.111.0/25
F 172.161.247.0/30

A

Answer: A, E, F

Explanation:

The 172.161.9.0/24, 172.161.111.0/25 and 172.161.247.0/30 subnets are blocked through the Fa0/0 interface of rtrB while sending updates to rtrC. The following lines in the output create an IP prefix list named blk_A:

ip prefix-list blk_A deny 172.161.0.0/16 ge 24 le 30
ip prefix-list blk_A permit 0.0.0.0/0 le 32

The blk_A list blocks the subnets that exactly match the first 16 most significant bits as 172.161.0.0. The ge keyword indicate that the subnet mask for the 172.161.0.0 subnets must be greater than or equal to 24 bits. Similarly, the le keyword indicates that the mask for the 172.161.0.0 subnets should be less than or equal to 30 bits. Therefore, all subnets of 172.161.0.0 network with masks 24, 25, 26, 27, 28, 29,
and 30 are blocked.

The second line permits all other routes to be passed on. The subnets that match the blk_A prefix list are 172.161.9.0/24, 172.161.111.0/25, 172.161.247.0/30, and 172.161.64.0/28.

The line distribute-list prefix blk_A out indicates that the distribute-list command applies the blk_A prefix list to all the outgoing interfaces. This implies that if rtrB receives an update about the 172.161.9.0/24, 172.161.111.0/25, 172.161.247.0/30 or 172.161.64.0/28 subnets, they are blocked. In this case, the 172.161.64.0/28 is not blocked through the Fa0/0 interface to rtrC because it is directly connected.

The 172.161.35.0/18 and 172.161.88.0/22 subnets are not blocked through the Fa0/0 interface of rtrB to rtrC. This is because both these subnets are outside the range of prefix masks 24 through 30; hence,
these two subnets are allowed through the Fa0/0 interface.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify filtering with any protocol

References:
Cisco > Home > Support > Technology Support > IP > IP Routing > Technology Information > Technology Technotes > Filtering Routing Updates on Distance Vector IP Routing Protocols
Cisco > Cisco IOS IP Routing: Protocol-Independent Command Reference > distribute-list in
Cisco > Cisco IOS IP Routing: BGP Command Reference > ip prefix-list

64
Q

Which show command displays the status of all of a router’s Border Gateway Protocol (BGP) connections in a concise format?

A. show ip bgp
B. show ip bgp summary
C. show ip bgp connections
D. show ip bgp neighbor’s summary

A

Answer: B

Explanation:

The correct answer is show ip bgp summary.

Although show ip bgp neighbors will show you the status of your connections to neighbors, only show ip bgp summary shows it to you in a concise, summarized format, with one neighbor listed per line. It displays both iBGP and eBGP neighbors and the number of prefixes that have been learned from the neighbor. Below is an example of the output of the show ip bgp summary command:

Router6* show ip bgp summary
BGP table version is 10, main routing table version 10

<output><br></br>Neighbor V AS MSGRcvd MSGSent Tv/Ver InQ OutQ Up/Down State/Rcd<br></br>192.168.5.14 600678 79 100 0 05:20:062<br></br>192.168.6.14 600777 80 100 0 00:00:20Active<br></br>192.168.7.14 600881 81 100 0 03:00:00Idle</output>

The following information can be obtained from this output:

  • The BGP session to 192.168.5.1 is established. A number in the State column indicates that the session is established. This number indicates the number of prefixes received from the neighbor.
  • Router6 is attempting to establish a BGP peering session with the 192.168.6.1 neighbor. This is indicated by the keyword Active in the State column.

Several show commands can be used to verify BGP configuration and operation:

  • show ip bgp - displays the contents of the BGP routing table
  • show ip bgp summary - displays the status of BGP connections in a summary format
  • show ip bgp neighbors - displays information about the TCP and BGP connections to neighbors

Objective:
Layer 3 Technologies
Sub-Objective:
Describe, configure, and verify BGP peer relationships and authentication

References:
Cisco 105 Master Command List, Release 12.4 > a through b > BGP > Commands: show ip through T > show ip bgp summary

65
Q

OSPF area border routers (ABRs) advertise a default route to stub and totally stubby areas.

Which command is the BEST command to configure a cost of 25 for the default route advertised to area 1?

A. Router(config-router)# area 1 cost 25
B. Router(config-router)# area 1 default 25
C. Router(config-router)# area 1 default-cost 25
D. Router(config-router)# area 1 default-route-cost 25

A

Answer: C

Explanation:

The correct answer is area 1 default-cost 25. Even though another option (area 1 default 25) is a configurable abbreviation for the command, the more correct answer explicitly specifies the default-cost parameter. The correct syntax for the area default-cost command is shown below:

Router(config-router)# area area-id default-cost cost

If you have multiple border routers between two areas, you might prefer one exit-point router over the other for that area. By configuring one with a lower cost than the other, it will become the preferred exit point. If that router or its links were to fail, then the routers interior to the area would route through the second-best exit point. You could also set the default costs to values that are close to achieve better load balancing.

The default default-cost is 1. Please see the network shown in the graphic.

All traffic will follow the path indicated by the curved arrow to the preferred ABR.

Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify OSPF path preference

References:
Cisco IOS Master Command List, Release 12.4 > a through b > area default-cost

66
Q

You execute the following command.

router(config-if)tiip helper-address 172.20.14.225

Which of the following traffic types will NOT be forwarded to the IP address 172.20.14.225?

A. TFTP
B. SMTP
C. DNS
D. TACACS

A

Answer: B

Explanation:

While the ip helper address command is typically used to forward DHCP broadcasts to a DHCP server located in a remote subnet, it will also forward the following broadcast packets by default as well:
TFTP -UDP port 69
Domain Name System (DNS) UDP port 53
Time service - port 37
NetBIOS Name Server - port137
NetBIOS Datagram Server - port 138
Bootstrap Protocol (BOOTP) - port 67
TACACS UDP port 49

Objective:
Infrastructure Services
Sub-Objective:
Configure and verify IPv4 and IPv6 DHCP

References:
Cisco IOS IP Application Services Command Reference > ip accounting through ip sctp authenticate > ip helper-address

67
Q

Based on the following partial output of the show ip ospf database command, which router roles(s) is Router7 performing? (Choose all that apply.)
Router7# show ip ospf database
OSPF Router with ID(192.168.5.8) (Process ID 1)

Router Link States(Area 0)
Link ID ADV Router Age Seq# Checksum Link count
192.168.5.8 192.168.5.8 1381 Ox8000010D OxEF60 2
192.168.5.11 192.168.5.11 1460 0x800002FE OxEB3D 4
192.168.5.12 192.168.5.12 2027 0x80000090 0x875D 3
192.168.5.27 192.168.5.27 1323 Ox800001D6 Ox12CC 3

Net Link States(Area 0)
Link ID ADV Router Age Seq# Checksum
172.16.9.27 192.168.5.27 1323 0x80000053 OxA8EE
172.17.9.11 192.168.5.11 1461 0x80000053 Ox7AC
<<output omitted>></output>

Router Link States(Area 2)
Link ID ADV Router Age Seq.# Checksum Link count
192.168.5.8 192.168.5.8 1381 Ox8000010D OxEF60 2
192.168.5.13 192.168.5.11 1460 Ox800002FE OxEB3D 4

Net Link States(Area 2)
Link ID ADV Router Age Seq# Checksum
172.16.9.27 192.168.5.8 1323 0x80000053 OxASEE
172.17.9.11 192.168.5.11 1461 0x80000053 Ox7AC
<<output omitted>></output>

A. ABR
B. ASBR
C. BR
D. IR

A

Answer: A, C

Explanation:

Router7 is an area border router (ABR) and a backbone router (BR). The output reveals the link state databases for two areas, area 0 and area 2. Only ABR routers will display multiple databases when you execute this command.

If Router7 is an ABR, then it is also connected to the backbone and will be a backbone router.

Router 7 is not an autonomous system boundary router (ASBR) because it only displays sections in the output for Type 1 and Type 2 link-state advertisements (LSAs). ASBRs will also have a section for Type 4 LSAs, which would have its own heading at the end of the output.

Router7 is not an internal router. A router is either an internal router or an ABR and Router 7 is an ABR.

Objective:

Layer 3 Technologies

Sub-Objective:

Configure and verify OSPF neighbor relationship and authentication

References:

Cisco > Cisco IOS IP Routing: OSPF Command Reference > show ip ospf database

68
Q

Refer to the following set of commands:

rtrA(config)* ipv6 unicast-routing
rtrA(config)* interface Fa0/0
rtrA(config-if)* ipv6 enable
rtrA(config-if)* ipv6 address 2001:0:1:1:D52::F3C/64
rtrA(config-if)# ip address 130.11.6.1 255.255.255.0

Which of the following statements is TRUE about the given set of commands?

A. IPv4 and IPv6 are running simultaneously on rtrA
B. The IPv4 address is translated to an IPv6 address
C. The IPv6 address is an IPv4-compatible address
D. A tunnel is created for the interoperability of the IPv4 and IPv6 addresses

A

Answer: A

Explanation:

The correct answer is that IPv4 and IPv6 are running simultaneously on rtrA. The set of commands enables IPv6 on the rtrA router and assigns an IPv4 address and an IPv6 address to the Fa010 interface. This indicates that the router is a dual-stack router on which both IPv4 and IPv6 are running simultaneously.

The IPv4 address is not translated to the IPv6 address by the given set of commands because NAT-PT is not enabled on the router. To enable NAT-PT on a router, you need to use the ipv6 nat command. In addition, the ipv6 nat prefix command should be used to specify an IPv6 prefix.

The IPv6 address is not an IPv4-compatible address. IPv4-compatible IPv6 addresses are used in automatic IPv4-compatible IPv6 tunnels. These addresses refer to those IPv6 unicast addresses that have zeros in the first 96 bits and an IPv4 address in the last 32 bits. For example, 0:0:0:0:0:0:192.156.10.67 is an IPv4-compatible IPv6 address where 192.156.10.67 is an IPv4 address. The IPv6 address
(2001:0:1:1:D52::F3C164), in this case, is not an IPv4-compatible IPv6 address.

A tunnel is not created for the interoperability of the IPv4 and IPv6 addresses because the given set of commands configures the router as a dual-stack router. There are no commands for configuring a tunnel on the router.
the router.

Objective:
Network Principles
Sub-Objective:
Recognize proposed changes to the network

References:
Cisco 105 IPv6 Configuration Guide, Release 12.4 > Implementing IPv6 Addressing and Basic Connectivity > Configuration Examples for Implementing IPv6 Addressing and Basic Connectivity > Example: Dual
Protocol Stacks Configuration

69
Q

Which of the following IPv6 access list statements would permit SSH traffic from 2001:DB8:0:4::32 when applied to the VTY lines?

A. permit ipv6 2001:DB3:0:5::/48 any eq ssh
B. permit ipv6 2001:DB8:0:4::/64 any eq ssh
C. permit ipv6 host 2001:DB8:0:4::32 any eq 23
D. permit ipv6 2001:DE8:0:4::148 any eq 22

A

Answer: B

Explanation:

The only statement that would allow SSH traffic from 2001:DB8:0:4::32 is permit ipv6 2001:DB8:0:4::/64 any eq ssh. It would match because it specifies the 2001:DB8:0:4:: subnet as a result of the /64 prefix.

With that prefix, traffic must match in the first four hextets. Since the address 2001:DB8:0:5::32 matches in the first four hextets, it is allowed.

The statement permit ipv6 2001:DB3:0:5::/48 any eq ssh will not permit traffic from 2001:DB8:0:4::32 With a /48 subnet mask, the address must match in the first three hextets, and it does not do

Objective:
Infrastructure Security
Sub-Objective:
Configure and verify router security features

References:
Catalyst 3750 Software Configuration Guide, Release 12.2(55)SE > Configuring IPv6 ACLs
Cisco > Cisco IOS IPv6 Command Reference > permit (IPv6)

70
Q

Which of the following commands enables Unicast Reverse Path forwarding in loose mode?

A. ip verify unicast source reachable-via rx
B. ip verify unicast source reachable-via any
C. ip verify unicast source reachable-via rx allow default
D. ip verify unicast source reachable-via allow default

A

Answer: B

Explanation:

The command ip verify unicast source reachable-via any enables Unicast Reverse Path Forwarding (RPF) in loose mode. In loose mode, traffic is allowed if the source address is reachable via any interface on the router as indicted in the routing table. Unicast Reverse Path forwarding uses the source IP address when it validates the packet. Packets are validated when the source address is contained in the routing table and is reachable either via the ingress interface (strict mode) or via any interface (loose mode).

The command ip verify unicast source reachable-via rx enables Unicast RPF in strict mode, not loose mode. The rx keyword indicates the source must be reachable on the interface where the packet arrived.

The command ip verify unicast source reachable-via rx allow default enables Unicast RPF in strict mode. The inclusion of the allow default keyword indicates the source can be reachable via a default route to be accepted.

The command ip verify unicast source reachable-via allow default is syntactically incorrect. The allow default keyword cannot be present by itself. It must follow either the rx or any keywords.

Objective:
Infrastructure Security
Sub-Objective:
Configure and verify router security features

References:
Understanding Unicast Reverse Path Forwarding
Cisco > Cisco IOS Security Command Reference: Commands D to L > ip verify unicast source reachable-via