Chap 15 - IP Services Flashcards
Name 5 reasons why synchronizing time between devices is important.
- Managing password time change intervals
- Encryption key changes
- Checking certification validation and expiration
- Correlation of security-based events across multiple devices
- Troubleshooting correlating events to identify root cause
What stratum is an NTP client that is attached directly to an authoritative time source?
Stratum 1
What is the highest stratum level there is?
Stratum 15
If a router is configured as NTP Master stratum 1 what will the show cmd say under ‘ref clock’
.LOCL.
If a router configured as an NTP client points to 2 NTP servers which one will it sync to?
The NTP server with the highest stratum.
2 things that describe the most common way organizations design their NTP environment?
- 2 Devices point to 2 different external NTP servers
- Configure the 2 devices to point to each other as NTP peers
What do NTP peers do?
They act as clients and servers to each other, in the sense that they try to blend their time to each other.
What is the NTP peer model for?
For designs where other devices can act as backup devices for each other and use different primary reference sources.
How long does it take NTP peers to synchronize?
Maximum rate of 2 minutes per query.
What are 3 FHRPs?
- Hot Standby Routing Protocol (HSRP)
- Virtual Router Redundancy Protocol (VRRP)
- Gateway Load Balancing Protocol (GLBP)
What is object tracking used for?
It is used so that other devices can act as backup devices for each other and use different primary reference sources.
What is object tracking usually used for?
For tracking the availability of the WAN interface or the existence of a route learned via that next hop.
Upon bootup how does HSRP determine which router will be active and how does it deal with a tie?
- Router with the highest priority wins
- In the event of a tie the highest IP address wins
What is the default priority in HSRP?
100
In a case where there are 3 HSRP routers and the active router fails which router takes over?
The router with the second highest priority.
In HSRPv2 what are the 2 valid poll intervals?
- 1 to 254 seconds
- 15 to 999 msec
Name 2 facts that describe how load balancing is done in HSRP?
- Configure multiple instances on the same interface
- Change the priorities
Name 6 items that can be viewed when using the command ‘show standby brief’?
- local interface’s priority
- whether preemption is enabled
- current state
- active speaker’s address
- standby speaker’s address
- VIP gateway instance for that standby group.
Name 4 items that can be viewed using the command ‘show standby’?
- Group name
- Timers
- Time since the last state change
- Number of state changes for the HSRP instance
In VRRP what is the active router called?
Master Router
In VRRP what are the non-active routers called?
Backup Routers
What is the difference between how HSRP implements preemption vs how VRRP does it?
- HSRP - preemption must be configured
- VRRP - preemption is on by default
Is VRRPv3 backward compatible with VRRPv2?
No
What is the valid priority range for VRRPv3?
0 to 255
What is GLBP
What makes GLBP different from other FHRPs?
What are the 2 roles in GLBP, what does each do, how many of each, and which one can do the job of both and which one is known by a different name?
What are the 3 load balancing algorithms and which is the default?
What does GLBP stand for?
- GLBP load balances
- Active Virtual Gateway (AVG) - when a local PC sends an ARP request for the VIP, the AVG is responsible for issuing a unicast ARP-REPLY with the virtual MAC address of whichever AVF it chooses to handle the traffic. There can be only one AVG. The AVG can also function as an AVF.
- Active Virtual Forwarder (AVF) - The AVF is the actual router that handles the default gateway traffic. There can be up to 4 AVFs. AVFs are also known as Forwarding Instances.
- Round robin (def), weighted, and host-dependent
In GLBP where does the Active Virtual Forwarder (AVF) get its virtual MAC?
From the Active Virtual Gateway (AVG)
In GLBP what happens if the AVG fails?
One of the AVFs take over.
In GLBP what happens if an AVF fails?
Another AVF will take ownership of the failed AVFs virtual MAC address and take over for it.
How does GLBPs Weighted load balancing method work?
Weights assigned to each AVF in the group reflecting the ratio of traffic each AVF should handle.
How does the Host Dependent load balancing method work?
Uses the host MAC address to decide to which virtual forwarder MAC to redirect the packet. This method ensures that the host uses the same virtual MAC address as long as the number of AVFs doesn’t change.
What is GLBPs default priority?
100
In NATing, what is an Inside Local address?
The actual private IP address assigned to a device on the inside network(s).
In NATing, what is an Inside Global address?
The public IP address that represents one or more inside local IP addresses to the outside.
In NATing, what is the Outside Local address?
How is it assigned?
Is it reachable by the outside?
What type of address is it considered to be?
- The IP address of an outside host as it appears to the inside network.
- Doesn’t need to be reachable by the outside but must be reachable by the inside
- Considered a private address
In NATing, what is the Outside Global address?
The public IP address assigned to a host on the outside network. This IP address must be reachable by the outside network.
What is Static NAT?
Provides a static one-to-one mapping of a local IP address to a global IP address.
What is Pooled NAT?
Temporarily assigns a public address from a pool of addresses.
What are the 2 types of static NAT?
- Inside Static NAT
- Outside Static NAT
Static NAT
What is inside static NAT?
What is outside static NAT?
- The mapping of an inside local (private) IP address to an inside global (public) IP address.
- The mapping of an outside global (public) IP address to an outside local (private) IP address.
What is the default timeout period for a dynamic NAT translation?
24 hours
Display the status of a tracked object
show track
Display the status of an HSRP VIP
show standby [brief]
Display the status of a VRRP VIP
show vrrp [brief]
Display the status of a GLBP VIP
show glbp [brief]
Display the translation table on a NAT device
show ip nat translations
What are the 6 possible HSRP states that a router can be in?
- Init
- Learn
- Listen
- Speak
- Standby
- Active
If there are 5 routers in an HSRP group what will the states be?
- One router is Active
- One router is Standby
- Three routers are in Listen state
How is the active HSRP router chosen?
- Highest priority then if there’s a tie,
- The highest IP address
What causes an HSRP router to go into the Speak state and how long will the router be in this state?
- This happens when an active router has been preempted by a router with a higher priority.
- This router will remain in speak state until it has determined its standing in the group (i.e. standby or listen)
What is the command to view the time on the software clock?
show clock
What is the command to view the time of the hardware clock?
show calendar
What is the command to sync up the hardware clock to the software clock?
R1(config)# ntp update-calendar
In NTP what is the show command to display the poll interval?
show ntp associations
What is the command to enable a router to sync with an NTP server using broadcast instead of unicast?
R1(config)# int fa0/1
R1(config-if)#ntp broadcast
What is the command to enable router to use multicast for NTP instead of unicast?
R1(config)# interface fa0/1
R1(config-if)# ntp multicast client 239.1.1.1
What NTP mode are a pair of devices in when they peer with each other?
Symmetric active mode
What is HSRPv1?
Msec Timer Support?
Udp port:
Number of groups:
Virtual mac address:
Multicast address:
Preemption?
- Msec Timer Support: No
- Udp port: 1985
- Number of groups: 256
- Virtual mac address: 0000.0C07.ACxx
- Multicast address: 224.0.0.2
- Preemption: must be configured
What is HSRPv2?
Msec Timer Support?:
Udp port:
Number of groups:
Virtual mac address:
Multicast address:
Backward compatible:
Preemption:
- Msec Timer Support?: yes
- Udp port: 1985
- Number of groups: 4096
- Virtual mac address: 0000.0C9F.Fxxx
- Multicast address: 224.0.0.102
- Backward compatible: No
- Preemption: must be configured
What is HSRP for IPV6?
Msec Timer Support?
Udp port:
Number of groups:
Virtual mac address:
Multicast address:
- Msec Timer Support? Yes
- Udp port: 2029
- Number of groups: 4096
- Virtual mac address: 0005.73A0.0xxx
- Multicast address: FF02::66
What is VRRPv2?
Msec Timer Support?
Port:
Number of groups:
Virtual mac address:
Multicast address:
- Msec Timer Support? Yes
- IP Port: 112
- Number of groups: 256
- Virtual mac address: 0000.5E00.01xx
- Multicast address: 224.0.0.18
What is VRRPv3?
Msec Timer Support?
Port:
Number of groups:
Virtual mac address:
IPv4 Multicast address:
IPv6 Multicast address:
- Msec Timer Support? yes
- Port: IP 112
- Number of groups: 255
- Virtual mac address: 0000.5E00.01xx
- IPv4 Multicast address: 224.0.0.18
- IPv6 Multicast address: FF02::12
