Chap 24 - Network Assurance

Question 1

What are 2 of the most common reasons for getting a timeout with traceroute?

Answer 1

• Missing route
• Down interface.

Question 2

By default how many hops will traceroute try before completing?

Answer 2

30 times/hops

Question 3

With traceroute how many probes per hop?

Answer 3

3

Question 4

With traceroute what does a !H mean?

Answer 4

An “ICMP destination host unreachable” (likely because there’s no route)

Question 5

For traceroute what is the default timeout when waiting for a reply from a probe?

Answer 5

3 seconds

Question 6

For traceroute what is the default port number?

Answer 6

33434

Question 7

What is one of the most common reasons to use debug?

Answer 7

When routing protocols are having adjacency issues.

Question 8

In OSPF what are 4 of the most common reasons to use debug?

Answer 8

• MTU issues with debug adjacency
• Incorrect interface types with debug hello
• Improperly configured network mask with debug hello
• Mis-matched timers

Question 9

What debug command is useful for troubleshooting an OSPF adjacency issue?

Answer 9

debug ip ospf adjacency

Question 10

In OSPF what debug command is useful for troubleshooting a mismatched timer issue?

Answer 10

debug ip ospf hello

Question 11

In OSPF what debug command will find an incorrect subnet mask?

Answer 11

debug ip ospf hello

Question 12

What are 2 ways of running a Conditional Debug?

Answer 12

• Using an ACL
• Specifying an interface along with an ACL

Question 13

In SNMPv3 what does noAuthNoPriv mean?

Answer 13

• Authentication by username only
• No encryption

Question 14

In SNMPv3 what does AuthNoPriv mean?

Answer 14

• Authentication by MD5 or SHA
• No encryption

Question 15

In SNMPv3 what does AuthPriv mean?

Answer 15

• Authentication by MD5 or SHA
• With encryption

Question 16

In SNMP what is a get-request?

Answer 16

Retrieves a value from a specific variable.

Question 17

In SNMP what is a get-next-request?

Answer 17

Retrieves a value from a variable within a table.

Question 18

In SNMP what is a get-bulk-request?

Answer 18

Retrieves large blocks of data, such as multiple rows in a table, that would otherwise require the transmission of many small blocks of data.

Question 19

In SNMP what is a get-response?

Answer 19

The Reply sent by the router in response to a get request, get next request, or set request sent by an NMS.

Question 20

In SNMP what is a set-request?

Answer 20

Stores a value in a specific variable.

Question 21

In SNMP what is a Trap?

Answer 21

Sends an unsolicited message from an SNMP agent to an SNMP manager when some event has occurred.

Question 22

By default where are all syslog messages sent?

Answer 22

The console.

Question 23

What is the default size of the logging buffer?

Answer 23

4096 bytes

Question 24

In general what 2 components are necessary for Netflow to work?

Answer 24

• Netflow Data Capture
• Netflow Data Export

Question 25

What does Netflow Data Capture do?

Answer 25

Captures the statistics

Question 26

What does Netflow Data Export do?

Answer 26

Send the statistics to a Netflow Collector.

Question 27

What 4 components of Flexible Netflow?

Answer 27

• Flow Records
• Flow Monitors
• Flow Exporters
• Flow Samplers

Question 28

What are Flow Records?

Answer 28

Flow records define what traffic will be analyzed or monitored.

Question 29

What are 3 facts about Flow Monitors?

What does it have?
What are 2 things defined in it?
Where is the flow monitor?

Answer 29

• Has its own cache
• Ties the Flow Record and the Flow Exporter together
• Is applied to the interface

Question 30

What does a Flow Exporter do?

Answer 30

Exports NetFlow data from the Flow Monitor cache to a remote host or NetFlow collector.

Question 31

What are Flow Samplers?

Answer 31

It takes samples of NetFlow data rather than analyzing all NetFlow data.

Question 32

What are the 4 steps in configuring Custom Flow Record?

Answer 32

• Define the flow record name
• Set a description
• Set match criteria for key fields
• Set collect criteria for non-key fields

Question 33

What are the 5 steps in configuring a Flow Exporter?

Answer 33

• Define the Exporter name
• Set a useful description
• Specify the destination IP to export to
• Specify the flow version
• Specify the UDP port

Question 34

What are the 5 steps in configuring a Flow Monitor?

Answer 34

• Define the Flow Monitor name
• Set a useful description
• Assign the Flow Record to be used
• Specify a cache timeout of 60 for active connections
• Assign the Exporter to the Monitor

Question 35

Why do you need to assign a Flow Exporter to a Flow Monitor?

Answer 35

So that the traffic being collected by the Flow Record can be Exported to the NetFlow Collector

Question 36

How do you assign the Flow Monitor to an Interface?

Answer 36

• int gig0/1
  
  • ip flow monitor MyFlowMonitor input

Question 37

What are 3 traditional options for troubleshooting a layer 2 issue?

Answer 37

• Insert a splitter
• Mirror the traffic to an additional port
• Insert a switch between the 2 devices and configure the switch to mirror the transient traffic to an analyzer

Question 38

What are 3 options for Catalyst switches to SPAN traffic?

Answer 38

• Local SPAN
• Remote SPAN (RSPAN)
• Encapsulated Remote SPAN (ERSPAN)

Question 39

In SPAN, when specifying a destination port what 7 packet types are normally not included?

Answer 39

• 802.1q VLAN tags
• STP BPDUs
• CDP
• DTP
• VTP
• PAgP
• LACP

Question 40

What is the command to include all L2 protocols in the SPAN?

Answer 40

sw1(config)# monitor session <session-id> destination interface <interface-id> encapsulation replicate</interface-id></session-id>

Question 41

What is normally not included on the SPAN destination port?

Answer 41

STP

Question 42

What is the difference in these 2 commands:

CMD A - monitor session 1 destination interface gig0/1 ingress dot1q vlan 20

CMD B - monitor session 1 destination interface gig0/1 ingress untagged vlan 20

Answer 42

This is used when the same port specified as the destination port must also send/receive normal traffic.

CMD A requires the normal traffic (ingress) be accepted only if it has an 802.1q tag with VLAN 20

CMD B allows normal traffic be accepted even if it doesn’t have an 802.1q tag but is associated with vlan 20

Question 43

What does RSPAN do?

Answer 43

It allows the source ports to be located on one switch and the destination port on a different switch.

Question 44

For an RSPAN what 2 things are different?

Answer 44

• MAC addresses are not learned on ports associated with the RSPAN VLAN
• Traffic is flooded out all the ports associated to the RSPAN VLAN

Question 45

What is ERSPAN?

Answer 45

ERSPAN provides the ability to monitor traffic in one area of the network and route the SPAN traffic to a traffic analyzer in another area of the network through Layer 3 routing.

Question 46

What are 8 probes that IP SLA can be configured to monitor?

Answer 46

• Delay (one-way and round-trip)
• Jitter (directional)
• Packet loss (directional)
• Packet sequencing
• Path (per hop)
• Connectivity (directional)
• Server or website download time
• Voice Quality Scores

Question 47

What are 9 capabilities offered by Cisco DNA Center?

Answer 47

• Cisco SD-Access config
• Config templates
• Simplified provisioning
• Simplified security policies
• Software Image mgmt
• Wireless network mgmt
• 3rd party integration
• Network Assurance
• Plug and Play

Question 48

In Flexible Netflow when defining a custom flow record what command is used to add a Key Field?

Answer 48

Match

Question 49

In Flexible Netflow when defining a custom flow record what command is used to add a Non-Key Field?

Answer 49

Collect

Question 50

You are currently monitoring a trunk (all vlans) on a switchport with SPAN but you only want to monitor traffic from VLANs 2 and 3. What is the command to do that?

Answer 50

• SW1(config)# monitor session 1 filter vlan 2,3
• The vlans following the ‘filter’ keyword specifies the VLANs you WANT to monitor, not the VLANs you want to filter out.

Question 51

What does the command ‘logging synchronous’ do?

Answer 51

During a console session it prevents unsolicited log messages from interrupting messages that are solicited.

Question 52

What does the keyword ‘level’ do in the command ‘logging synchronous’.

Answer 52

If the keyword level is used in the ‘logging synchronous’ command it will direct the traffic at that level and more severe to be logged asynchronously

Question 53

What are the defaults level and line in the ‘logging synchronous’ command?

Answer 53

• level defaults to 2 to most severe
• line defaults to 20

Question 54

What are the 8 syslog severity codes?

Answer 54

• 0 emergency
• 1 alert
• 2 critical
• 3 error
• 4 warning
• 5 notification
• 6 informational
• 7 debugging