Chapter 5 - IP Multicast and Network Management Flashcards

1
Q

What does IGMP stand for?

  1. Interior Group Management Protocol
  2. Internet Group Management Protocol
  3. Interior Gateway Routing Protocol
  4. Interior Gateway Media Protocol
A

B. You use IGMP between hosts and local routers to register with multicast groups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How many bits are mapped from the Layer 3 IPv4 multicast address to a Layer 2 MAC address?

  1. 16 bits
  2. 23 bits
  3. 24 bits
  4. 32 bits
A

B. The lower 23 bits of the IP multicast address are mapped to the last 23 bits of the Layer 2 MAC address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which version of SNMP introduces security extensions for authentication and encryption?

  1. SNMPv1
  2. SNMPv2
  3. SNMPv3
  4. SNMPv4
A

C. SNMPv3 introduces authentication and encryption for SNMP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which SNMP component contains an agent?

  1. Managed device
  2. Agent
  3. NMS manager
  4. MIB
A

A. Managed devices contain SNMP agents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is correct regarding an OOB management network?

  1. It can be used as a backup network.
  2. It uses the same infrastructure as the primary network.
  3. It uses a separate physical network.
  4. It provides no segmentation.
A

C. An OOB management network uses separate infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which multicast protocol eliminates the RP and shared trees?

  1. PIM-SM
  2. BIDIR-PIM
  3. SSM
  4. MSDP
A

C. SSM eliminates the RPs and shared trees and only builds a SPT.

The Source Specific Multicast feature is an extension of IP Multicast where datagram traffic is forwarded to receivers from only those multicast sources to which the receivers have explicitly joined.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which SNMP operation obtains full table information from an agent?

  1. Get
  2. GetNext
  3. GetBulk
  4. Inform
A

C. The NMS manager uses the GetBulk operation to retrieve large blocks of data, such as multiple rows in a table.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

RMON1 provides information at what levels of the OSI model?

  1. Data link and physical
  2. Network, data link, and physical
  3. Transport and network
  4. Application to network
A

A. RMON1 is focused on the data link and physical layers of the OSI model.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is not an SNMP operation?

  1. Get
  2. Community
  3. Set
  4. Trap
A

B. Community is not an SNMP operation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which are called shortest-path trees (SPTs)?

  1. Source trees
  2. Shared trees
  3. Spanning trees
  4. Routing trees
A

A. Source trees are also called shortest-path trees (SPTs) because they create paths without having to go through a rendezvous point (RP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

True or false: IGMP snooping and CGMP are methods to reduce the multicast traffic at Layer 2.

A

True.

IGMP snooping is an IP multicast constraining mechanism that runs on a Layer 2 LAN switch. IGMP snooping requires the LAN switch to examine, or “snoop,” some Layer 3 information (IGMP Join/Leave messages) in the IGMP packets sent between the hosts and the router.

When the switch receives the IGMP host report from a host for a particular multicast group, the switch adds the port number of the host to the associated multicast table entry. When the switch hears the IGMP Leave group message from a host, the switch removes the table entry of the host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

True or false: PIM has a hop count limit of 32.

A

False. PIM does not have a hop count limit. DVMRP has a hop count limit of 32.

The Distance Vector Multicast Routing Protocol (DVMRP) is a routing protocol used to share information between routers to facilitate the transportation of IP multicast packets among networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

True or false: PIM-SM routers use the multicast address 224.0.0.13 to request a multicast group from the RP.

A

True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. Match each IP multicast address with its description.
  2. 224.0.0.1
  3. 224.0.0.2
  4. 224.0.0.5
  5. 224.0.0.10
  6. All OSPF routers
  7. All routers
  8. EIGRP routers
  9. All hosts
A

i = D

ii = B

iii = A

iv = C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Match each IPv6 multicast address with its description.
  2. FF02::1
  3. FF02::2
  4. FF02::5
  5. FF02::9
  6. FF02::A
  7. OSPFv3 routers
  8. RIPng routers
  9. All routers
  10. EIGRP routers
  11. All nodes
A
  1. FF02::1 - All nodes
  2. FF02::2 - All routers
  3. FF02::5 - All OSPF routers
  4. FF02::9 - RIPng routers
  5. FF02::A - EIGRP for IPv6 routers

Note: FF02 is the ‘link-local scope’

Remember that FF01 is the ‘interface-local scope’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

PIM-SM is configured on the network. Which protocol prevents media streams from being broadcast on the access switch?

  1. PIM-SM
  2. RD
  3. IGMPv3
  4. Auto-RP
  5. IGMP snooping
A

D.

Multicast PIM sparse mode requires an RP (Rendezvous Point) as a meeting point in the network for all multicast traffic. These RPs must be manually configured the on all routers.

Luyckily, there are two discovery protocols that we can use to automatically find an RP on the network:

  1. Auto-RP
  2. PIMv2 bootstrap router (BSR)

Auto-RP is a Cisco proprietary protocol that uses two different roles:

  1. Candidate RP
  2. Mapping Agent

The candidate RP is a router that announces itself that it wants to be an RP for the network. It does so by sending RP announcement packets to the 224.0.1.39 multicast address.

The mapping agent listens to the RP announcement packets from our RP candidates and makes a list of all possible RPs. It will then elect an RP and informs the rest of the network with RP mapping packets that are sent to multicast address 224.0.1.40.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

CDP runs at what layer of the OSI model?

A

Data link layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the name of syslog level 5 severity?

A

Notice level.

“Ernie Always Cries, Even When Nobody Is Dying.”

Emergency, Alert, Critical, Error, Warning, Notification, Informational, Debug.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

True or false: RMON provides more scalability than NetFlow.

A

False.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

True or false: NetFlow provides detailed information on the number of bytes and packets per conversation.

A

True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What information can be obtained from a neighbor by using CDP?

A

Device ID, IP address, capabilities, OS version, model number, and port ID.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What SNMP message is sent by an agent when an event occurs?

  1. Get
  2. Set
  3. GetResponse
  4. Trap
A

D. A trap message is sent by the agent when a significant event occurs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What SNMP message is sent to an agent to obtain an instance of an object?

  1. Get
  2. Set
  3. GetResponse
  4. Trap
A

A. The NMS manager uses the Get operation to retrieve the value-specific MIB variable from an agent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What SNMP message is used to configure a managed device?

  1. Get
  2. Set
  3. GetResponse
  4. Trap
A

B. The NMS manager uses the Set operation to set values of the object instance within an agent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

About how many facilities are available for syslog in Cisco routers?

  1. 25
  2. 100
  3. 500
  4. 1000
A

C. More than 500 syslog facilities can be configured on Cisco IOS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which SNMPv3 provides authentication with no encryption?

  1. authPriv
  2. authNoPriv
  3. noAuthNoPriv
  4. noauthPriv
A

B. At the authNoPriv level, authentication is provided, but encryption is not.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What encryption standard does SNMPv3 use?

  1. 3DES
  2. CBC-DES
  3. HMAC-MD5
  4. MD5
A

B. CBC-DES is the encryption algorithm used by SNMPv3.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Which of the following are true about CDP? (Choose three.)

  1. It uses UDP.
  2. It is a data link protocol.
  3. It provides information on neighboring routers and switches.
  4. It is media and protocol independent.
  5. It uses syslog and RMON.
A

B, C, and D.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

RMON2 provides information at what levels of the OSI model?

  1. Data link and physical
  2. Network, data link, and physical
  3. Transport and network only
  4. Network to application
A

D. RMON2 provides monitoring information from the network to the application layers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Which SNMPv3 level provides authentication and privacy?

  1. authPriv
  2. authNoPriv
  3. noAuthNoPriv
  4. noauthPriv
A

A. The authPriv level provides authentication and encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Match each RMON group with its description.

  1. Statistics
  2. Matrix
  3. Application Layer Host
  4. protocoldir
  5. Stores statistics for conversations between two hosts
  6. Lists the protocols that the device supports
  7. Contains real-time statistics for interfaces, including packets sent, bytes, CRC errors, and fragments
  8. Contains application layer statistics for traffic sent to or from each host
A

i = C

ii = A

iii = D

iv = B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What is the most critical syslog priority level?

  1. 0
  2. 1
  3. 6
  4. 7
A

A. Syslog level 0 indicates an emergency and that the system is unusable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Which management protocol can help a company concentrate on Layer 4 monitoring and gain information to assist in long-term trending analysis?

  1. SNMPv3
  2. RMON2
  3. NetFlow
  4. CDP
  5. MIB
A

B. RMON2 allows for Layer 4 monitoring. NetFlow is not a long-term trending solution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Which management protocol performs network traffic analysis?

  1. SNMPv3
  2. RMON2
  3. NetFlow
  4. CDP
  5. MIB
A

C. NetFlow does network traffic analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What virtual information store is used by SNMP?

  1. SNMPv3
  2. RMON2
  3. ASN.1
  4. CDP
  5. MIB
A

E. MIB is the database that stores information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q
  1. What standard language is used by SNMP?
  2. SNMPv3
  3. RMON2
  4. ASN.1
  5. CDP
  6. MIB
A

C. ASN.1 is used to define information being stored.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Which SNMPv3 method provides authentication but no encryption?

  1. noAuthNoPriv
  2. authPriv
  3. authNoPriv
  4. noauthPriv
A

C. authNoPriv provides authentication and no encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Which is not an SNMP operation?

  1. GetNext
  2. Trap
  3. Inform
  4. Request
  5. Community
  6. GetBulk
A

D. Community is not an SNMP operation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Which protocol allows for vendor-specific information?

  1. SNMPv3
  2. RMON2
  3. ASN.1
  4. CDP
  5. MIB
A

E. Private MIBs can be used for vendor-specific information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Which protocol allows for ISPs to bill customers for network usage?

  1. SNMPv3
  2. RMON2
  3. NetFlow
  4. CDP
  5. MIB
A

C. NetFlow allows for network planning, traffic engineering, usage-based network billing, accounting, denial-of-service monitoring, and application monitoring. One big benefit is that NetFlow provides the data necessary for billing of network usage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Which solution can be customized in each interface to include data timestamping across a large number of interfaces?

  1. SNMPv3
  2. RMON2
  3. NetFlow
  4. CDP
  5. MIB
A

C. NetFlow can be configured to provide timestamped data on multiple interfaces.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Which of the following are components of Cisco NetFlow? (Choose three.)

  1. NetFlow accounting
  2. FlowCollector
  3. NetFlow billing server
  4. Network data analyzer
  5. NetFlow traffic generator tool
A

A, B, and D. NetFlow consists of three major components: NetFlow accounting, flow collector engines, and network data analyzers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What is multicast RPF information used for?

  1. To enable forwarding loops
  2. To prevent forwarding loops
  3. To reverse forwarding loops
  4. None of the above
A

B. Multicast RPF is used to prevent forwarding loops.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

In PIM-SM, which router knows about all sources in the network?

  1. The IGMP router
  2. The RP source hop router
  3. The RP
  4. The SSM router
A

C. The RP knows of all sources in the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What does (*,G) mean?

  1. From any source to the global group
  2. From source G to any group
  3. From any source to group G
  4. From *.* to group G
A

C. (*,G) means any source to group G.

46
Q

What are two benefits of BIDIR-PIM?

  1. No packets are encapsulated and there are no (S,G) states.
  2. The first packets from the source are not encapsulated and there are no (S,G) states.
  3. All packets are encapsulated and there are no (*,G) states.
  4. The last packets are not encapsulated and there are no (*,G) states.
A

B. With BIDIR-PIM, the first packets from the source are not encapsulated, and there are no (S,G) states. (Video-conferencing is a good use case.)

Bidirectional PIM is a different flavor of multicast than what you are probably used to (sparse, dense and sparse-dense mode). Most multicast networks have a couple of sources and many receivers. Bidirectional PIM has been invented for networks where we have many sources and receivers talking to each other. An example of this is videoconferencing where it’s not just 1 source with many listeners but all the participants are communicating with each other.

The downside of using PIM sparse mode with many active sources and receivers is that we will see many mroute state entries that can take quite some resources. Using PIM sparse mode the RP builds 2 entries:

(*,G)

(S,G)

When we use PIM bidirectional mode the RP will never build a (S,G) entry and we only allow the (*,G) entry for the shared tree. PIM routers will never build the SPT (Shortest Path Tree) towards the source.

Another difference between PIM sparse mode and PIM bidirectional mode is that with sparse mode traffic only flows down the shared tree. Using PIM bidir mode traffic will flow up and down the shared tree! Also PIM bidirectional does not use the PIM register / register-stop mechanism to register sources to the RP. Each source is able to start sending to the source whenever they want.

When the multicast packets arrive at the RP they will be forwarded down the shared tree (if there are receivers) or dropped (when we don’t have receivers). There is however no way for the RP to tell the source to stop sending multicast traffic.

Design-wise you really have to think about where to place the RP in your network as it should be somewhere in the middle between the sources and receivers in the network.

Last but not least…PIM bidirectional has no RPF check. There is a different solution to prevent loops, we will use a DF (Designated Forwarder). This designated forwarder is the only router on the segment that is allowed to send multicast traffic towards the RP. When there is only 1 router per segment that forwards multicast traffic there will be no loops.

47
Q

When is SSM recommended?

  1. For broadcast applications
  2. For well-known sources
  3. For well-known receivers
  4. For nonbroadcast applications
  5. Answers A and B
  6. Answers B and D
A

E. SSM is recommended for broadcast applications and well-known sources.

48
Q

What solution used to interconnect PIM-SM domains is recommended?

  1. BIDIR-PIM
  2. SSM
  3. MSDP
  4. Auto-RP
A

C. MSDP is used to interconnect PIM-SM domains.

MSDP is a mechanism to connect multiple PIM-SM domains. The purpose of MSDP is to discover multicast sources in other PIM domains. The main advantage of MSDP is that it reduces the complexity of interconnecting multiple PIM-SM domains by allowing PIM-SM domains to use an interdomain source tree (rather than a common shared tree). When MSDP is configured in a network, RPs exchange source information with RPs in other domains. An RP can join the interdomain source tree for sources that are sending to groups for which it has receivers. The RP can do that because it is the root of the shared tree within its domain, which has branches to all points in the domain where there are active receivers. When a last-hop router learns of a new source outside the PIM-SM domain (through the arrival of a multicast packet from the source down the shared tree), it then can send a join toward the source and join the interdomain source tree.

49
Q

Which Layer 2 CoS classification should be assigned to network management traffic?

  1. 2
  2. 3
  3. 5
  4. 6
  5. 40
A

A. Network management traffic should be assigned CoS of 2.

50
Q

What solution eliminates the RPs and shared trees and only builds an SPT?

  1. BIDIR-PIM
  2. SSM
  3. MSDP
  4. Auto-RP
A

B. SSM eliminates the RPs and shared trees of sparse mode and only builds an SPT.

51
Q

Multicast addressing uses Class D addresses from the IPv4 protocol. Class D addresses range from ________ to __________.

A

Multicast addressing uses Class D addresses from the IPv4 protocol. Class D addresses range from 224.0.0.0 to 239.255.255.255.

52
Q

What do the following multicast addresses reach?

  1. 0.0.1
  2. 0.0.2
  3. 0.0.5
  4. 0.0.6
  5. 0.0.9
  6. 0.0.10
A

.1 - All hosts or all systems on the subnet

.2 - All multicast routers

.5 - All OSPF routers

.6 - All OSPF DR routers

.9 - RIPv2 routers

.10 - EIGRP routers

53
Q

What does IGMP stand for? What entities use it for communication with respect to multicast?

A

Internet Group Management Protocol (IGMP) is the protocol used in multicast implementations between the end hosts and the local router.

54
Q

IP hosts use IGMP to report their multicast group memberships to _______.

A

IP hosts use IGMP to report their multicast group memberships to routers.

55
Q

T/F: IGMP messages are limited to the local interface and are not routed.

A

True.

56
Q

T/F: You enable IGMP on an interface when you enable a multicast routing protocol, such as PIM. You can configure the interface for IGMPv1, IGMPv2, or IGMPv3.

A

True.

57
Q

T/F: IGMPv3 provides the extensions required to support Source-Specific Multicast (SSM). It is designed to be backward compatible with the two earlier versions of IGMP.

A

True.

58
Q

IGMPv3 has two message types, plus three for backward compatibility. Matchy-matchy time.

  1. Membership query:
  2. Version 3 membership report:
  3. Version 2 membership report:
  4. Version 2 leave group:
  5. Version 1 membership report:
  6. Used for backward compatibility with IGMPv1 hosts.
  7. Sent to the group address with the multicast group members (IP addresses). It is sent by hosts to request and remain in multicast groups on the segment. It is always sent to multicast 224.0.0.22.
  8. Sent by the hosts to indicate that a host will leave a group, to destination 224.0.0.2. The message is sent without having to wait for the IGMPv2 membership report message. This message is used for backward compatibility with IGMPv2 hosts.
  9. Sent to the group address with the multicast group members (IP addresses). It is sent by hosts to request and remain in multicast groups on the segment. It is sent to the multicast group address. This message is used for backward compatibility with IGMPv2 hosts.
  10. Sent by the router to check that a host wants to join a group.
A

IGMPv3 has two message types, plus three for backward compatibility:

Membership query: Sent by the router to check that a host wants to join a group.

Version 3 membership report: Sent to the group address with the multicast group members (IP addresses). It is sent by hosts to request and remain in multicast groups on the segment. It is always sent to multicast 224.0.0.22.

Version 2 membership report: Sent to the group address with the multicast group members (IP addresses). It is sent by hosts to request and remain in multicast groups on the segment. It is sent to the multicast group address. This message is used for backward compatibility with IGMPv2 hosts.

Version 2 leave group: Sent by the hosts to indicate that a host will leave a group, to destination 224.0.0.2. The message is sent without having to wait for the IGMPv2 membership report message. This message is used for backward compatibility with IGMPv2 hosts.

Version 1 membership report: Used for backward compatibility with IGMPv1 hosts.

59
Q

What is IGMP Snooping?

A

IGMP snooping is a standards-based method for switches to control multicast traffic at Layer 2.

60
Q

Fact: IGMP Snooping listens to IGMP messages between the hosts and routers.

If a router or an IGMP querier host sends an IGMP query message, the switch adds the host to the _________ group and permits that port to receive ________ traffic.

The port is removed from ________ traffic if the host sends an IGMP leave message to the router.

A

multicast, multicast, multicast!

61
Q

What is the disadvantage of IGMP snooping?

A

The disadvantage of IGMP snooping is that it has to process every IGMP control message, which can impact the CPU utilization of the switch.

62
Q

Multicast destinations are represented in the following form:

  • (*,G): This means ________________________.
  • (S,G): This means ________________________.
A

IP multicast traffic for a particular (source, destination group) multicast pair is transmitted from the source to the receivers using a spanning tree from the source that connects all the hosts in the group.

Multicast destinations are represented in the following form:

  • (*,G): This means any source is sending to group G.
  • (S,G): This means source S is sending to group G.
63
Q

In an multicast transmission like (S,G), what type of address is S and what type is G?

A

Any multicast transmission has a Class D multicast group address, G.

A multicast group can have more than one source, and each such source will also have a “regular” (Class A, B, or C or CIDR) Internet address, S.

64
Q

T/F: Each destination host registers itself as a member of interesting multicast groups through the use of PIM.

A

False.

Each destination host registers itself as a member of interesting multicast groups through the use of IGMP.

65
Q

What does PIM-DM stand for?

A

Protocol-Independent Multicast–Dense Mode (PIM-DM)

66
Q

T/F: The approach with dense multicast routing protocols is to flood the traffic throughout the network and then, at the request of receiving routers, stop the flow of traffic on branches of the network that have no members of the multicast group.

A

True.

67
Q

T/F: The approach with sparse multicast routing protocols is to not send traffic until it is requested by the receiving routers or hosts.

A

True.

This approach to multicast routing assumes that multicast group members are sparsely distributed throughout the network, that not all devices want to receive multicast traffic, and that bandwidth is not necessarily widely available.

68
Q

What does PIM-SM stand for?

A

Protocol- Independent Multicast–Sparse Mode (PIM-SM)

69
Q

What are the two types of multicast distribution trees?

A

The two types of distribution trees are source and shared.

70
Q

T/F: Source trees are also called shortest path trees (SPTs).

A

True.

Source trees are also called shortest-path trees (SPTs) because they create paths without having to go through a rendezvous point (RP).

With source trees, the tree roots from the source of the multicast group and then expands throughout the network in spanning-tree fashion to the destination hosts.

71
Q

What is the drawback to SPT?

A

The drawback is that all routers through the path must use memory resources to maintain a list of all multicast groups.

72
Q

What type of tree does PIM-DM use?

A

PIM-DM uses a source-based tree.

73
Q

T/F: Shared trees create the distribution tree’s root somewhere between the network’s source and receivers.

A

True.

The root is called the RP, the Rendezvous Point.

74
Q

In a shared tree, from what point is the tree created?

A

The tree is created from the RP in spanning-tree fashion with no loops.

Sources initially send their multicast packets to the RP, which, in turn, forwards data to the member of the group in the shared tree.

75
Q

What is the advantage of shared trees?

A

The advantage of shared trees is that they reduce the memory requirements of routers in the multicast network.

76
Q

T/F: PIM-SM uses an RP

A

True.

77
Q

________ uses shared trees and RPs to reach widely dispersed group members with reasonable protocol bandwidth efficiency.

________ uses source trees and reverse path forwarding (RPF) to reach relatively close group members with reasonable processor and memory efficiency in the network devices of the distribution trees.

A

PIM-SM uses shared trees and RPs to reach widely dispersed group members with reasonable protocol bandwidth efficiency.

PIM-DM uses source trees and reverse path forwarding (RPF) to reach relatively close group members with reasonable processor and memory efficiency in the network devices of the distribution trees.

78
Q

T/F: With RPF, received multicast packets are forwarded out all other interfaces, allowing the data stream to reach all segments.

A

True.

With RPF, Reverse Path Forwarding, received multicast packets are forwarded out all other interfaces, allowing the data stream to reach all segments.

If no hosts are members of a multicast group on any of the router’s attached or downstream subnets, the router sends a prune message up the distribution tree (the reverse path) to tell the upstream router not to send packets for the multicast group.

So, the analogy for PIM-DM is the push method for sending junk mail, and the intermediate router must tell upstream devices to stop sending it.

79
Q

______ assumes that no hosts want to receive multicast traffic unless it is specifically requested.

A

PIM-SM assumes that no hosts want to receive multicast traffic unless it is specifically requested.

80
Q

With ______, the ____ gathers the information from senders and makes the information available to receivers.

A

With PIM-SM, the RP gathers the information from senders and makes the information available to receivers.

81
Q

T/F: Routers with receivers have to register with the RP.

A

True.

The end-host receivers request multicast group membership using IGMP with their local last-hop routers. The routers serving the end systems then register as traffic receivers with the RPs for the specified group in the multicast network. Senders register with the RP via the first-hop router.

82
Q

T/F: Different multicast groups must use the same RPs within a PIM domain.

A

False. Different multicast groups can use separate RPs within a PIM domain.

83
Q

What is a PIM-DR and what does it do? How is it selected?

A

A designated router is selected in multiaccess segments running PIM.

The PIM DR is responsible for sending join, prune, and register messages to the RP.

The PIM router with the highest IP address is selected as the DR.

84
Q

When a client requests to join a multicast group and that group is not in the multicast table, the router adds the interface to the multicast table and sends a join message to the RP with multicast address ________(all PIM routers) requesting the multicast group.

A

When a client requests to join a multicast group and that group is not in the multicast table, the router adds the interface to the multicast table and sends a join message to the RP with multicast address 224.0.0.13 (all PIM routers) requesting the multicast group.

85
Q

When a PIM-SM does not have any more multicast receiving hosts or receiving routers out any of its interfaces, it sends a ________ message to the RP.

A

When a PIM-SM does not have any more multicast receiving hosts or receiving routers out any of its interfaces, it sends a prune message to the RP.

The prune message includes the group to be pruned or removed.

86
Q

T/F: Another way to configure the RP for a network is to have the RP announce its services to the PIM network.

A

True.

This process is called auto-RP.

87
Q

In Auto-RP, the Candidate RPs send their announcements to RP mapping agents with multicast address ___________.

The __________ address used in auto-RP discovery is the destination address for messages from the RP mapping agent to discover candidates.

A

Candidate RPs send their announcements to RP mapping agents with multicast address 224.0.1.39

The 224.0.1.40 address used in auto-RP discovery is the destination address for messages from the RP mapping agent to discover candidates.

88
Q

What is SSM?

A

Source-Specific Multicast (SSM) is a variant of PIM-SM that builds trees that are rooted in just one source. SSM, defined in RFC 3569, eliminates the RPs and shared trees of sparse mode and only builds an SPT. SSM trees are built directly based on the receipt of group membership reports that request a given source. SSM is suitable for when well-known sources exist within the local PIM domain and for broadcast applications.

89
Q

What is BIDIR-PIM?

A

Bidirectional PIM (BIDIR-PIM) is a variant of PIM-SM that builds bidirectional shared trees connecting multicast sources and receivers. It never builds a shortest path tree, so it scales well because it does not need a source-specific state.

BIDIR-PIM eliminates the need for a first-hop route to encapsulate data packets being sent to the RP. BIDIR-PIM dispenses with both encapsulation and source state by allowing packets to be natively forwarded from a source to the RP using shared tree state.

90
Q

What is MSDP?

A

Multicast Source Discovery Protocol (MSDP) is used to interconnect multiple PIM-SM domains. MSDP reduces the complexity of interconnecting multiple PIM-SM domains by allowing the PIM-SM domains to use an interdomain source tree.

With MSDP, the RPs exchange source information with RPs in other domains.

91
Q

What multicast groups are these multicast addresses used for?

FF01::1

FF02::1

FF01::2

FF02::2

FF02::5

FF02::6

FF02::9

FF02::A

FF02::B

FF02::C

FF02::D

A

FF01::1 All nodes (node-local)

FF02::1 All nodes (link-local)

FF01::2 All routers (node-local)

FF02::2 All routers (link-local)

FF02::5 OSPFv3 routers

FF02::6 OSPFv3 DRs

FF02::9 Routing Information Protocol (RIPng)

FF02::A EIGRP routers

FF02::B Mobile agents

FF02::C DHCP servers/relay agents

FF02::D All PIM routers

92
Q

T/F: An in-band solution is not segmented from the primary traffic and address bandwidth usage.

A

True.

An in-band solution is not segmented from the primary traffic and address bandwidth usage.

For in-band network management, the IP subnet used is part of the internal routing domain and is trunked like any other VLAN in the network.

One common solution is to use a loopback address for network management, separate from the loopback address used for routing.

93
Q

What is a MIB?

A

A Management Information Base (MIB) is a collection of information that is stored on the local agent of a managed device.

MIBs are organized hierarchically and are accessed by the NMS. MIBs are databases of objects organized in a tree-like structure, with each branch containing similar objects.

94
Q

Each object has an ______ ______ (number) that uniquely identifies the managed object of the MIB hierarchy. ____ ___________ ________ are used to control access to MIB information.

A

Each object has an object identifier (number) that uniquely identifies the managed object of the MIB hierarchy. Read and write community strings are used to control access to MIB information.

95
Q

Standard MIBs are defined by ________.

A

Standard MIBs are defined by RFCs.

Vendors define private branches that include managed objects for their products

96
Q

Each manageable feature in the MIB is called an MIB ________.

A

Each manageable feature in the MIB is called an MIB variable.

97
Q

The NMS manager uses the _____ operation to retrieve the value-specific MIB variable from an agent. The _______ operation is used to retrieve the next object instance in a table or list within an agent. The __________ contains the value of the requested variable.

A

The NMS manager uses the Get operation to retrieve the value-specific MIB variable from an agent. The GetNext operation is used to retrieve the next object instance in a table or list within an agent. The GetResponse contains the value of the requested variable.

98
Q

The NMS manager uses the _______ operation to set values of the object instance within an agent.

Agents use the ______ operation to inform the NMS manager of a significant alarm event.

A

The NMS manager uses the Set operation to set values of the object instance within an agent. For example, the Set operation can be used to set an IP address on an interface or to bring an interface up or down.

Agents use the Trap operation to inform the NMS manager of a significant alarm event. For example, a trap is generated when a WAN circuit goes down.

99
Q

SNMPv2 defines two new protocol operations. What do these operations do?

  1. GetBulk:
  2. Inform Request:
A
  1. GetBulk: Reduces repetitive requests for MIB variables.The NMS manager uses the GetBulk operation to retrieve large blocks of data, such as multiple rows in a table. This is more efficient than repeating GetNext commands.
  2. Inform Request: Alerts an SNMP manager about specific conditions with confirmation. The Inform operation allows one NMS manager to send trap information to other NMS managers and to receive information. The difference between Inform Request and Trap is that Inform Request requires an acknowledgement.
100
Q

Matchy-matchy time.

  1. Get Request
  2. Get Response
  3. Set Request
  4. Trap
  5. GetBulk
  6. GetNext Request
  7. Inform Request
  8. Retrieves the next issuance of the MIB variable.
  9. Retrieves the value of a specific MIB variable.
  10. Modifies the value of a MIB variable.
  11. Alerts an SNMP manager about specific conditions with a confirmation.
  12. Transmits an unsolicited alarm condition.
  13. Contains the values of the requested variable.
  14. Reduces repetitive requests for MIB variables.
A

Get Request - Retrieves the value of a specific MIB variable.

Get Response - Contains the values of the requested variable.

Set Request - Modifies the value of a MIB variable

Trap - Transmits an unsolicited alarm condition.

GetBulk - Reduces repetitive requests for MIB variables

GetNext Request - Retrieves the next issuance of the MIB variable.

Inform Request - Alerts an SNMP manager about specific conditions with a confirmation.

.

101
Q

T/F: SNMPv3 provides authentication and privacy via usernames and access control through key management.

A

True.

102
Q

T/F: SNMPv3 also verifies each message to ensure that it has not been modified during transmission but still uses community-based authentication strings sent in plaintext over the network.

A

False.

SNMPv3 also verifies each message to ensure that it has not been modified during transmission. SNMPv3 removes the use of community-based authentication strings sent in plaintext over the network.

103
Q

T/F: It is recommended that SNMPv1 and SNMPv2 be used only for read-only access and that SNMPv3 be used with read/write access.

A

True.

104
Q

SNMPv3 introduces three levels of security. What are these providing?

  1. noAuthNoPriv:
  2. authNoPriv:
  3. authPriv:
A

SNMPv3 introduces three levels of security:

  1. noAuthNoPriv: No authentication and no encryption
  2. authNoPriv: Authentication and no encryption
  3. authPriv: Authentication and encryption
105
Q

Authentication for SNMPv3 is based on the ________ and ______ algorithms.

The ________ standard is used for encryption.

A

Authentication for SNMPv3 is based on the Hash-Based Message Authentication Code–Message Digest 5 (HMAC-MD5) and HMAC–Secure Hash (HMAC-SHA) algorithms.

The Cipher Block Chaining–Data Encryption Standard (CBC-DES) standard is used for encryption.

106
Q

What layers of the OSI model do RMON1 and RMON2 operate at?

A

See attached diagram.

107
Q

Remote Monitoring (RMON) is a standard monitoring specification that enables network monitoring devices and console systems to exchange network monitoring data. RMON looks at _______ data and provides aggregate information on the statistics and LAN traffic.

A

Remote Monitoring (RMON) is a standard monitoring specification that enables network monitoring devices and console systems to exchange network monitoring data.

RMON looks at MAC-layer data and provides aggregate information on the statistics and LAN traffic.

RMON provides more information than SNMP, but it also requires more sophisticated data collection devices (network probes).

108
Q

T/F: CDP is media and protocol independent, so it works over Ethernet, Frame Relay, ATM, and other media.

A

True.

Cisco Discovery Protocol (CDP) is a Cisco-proprietary protocol that can be used to discover only Cisco network devices. CDP is media and protocol independent, so it works over Ethernet, Frame Relay, ATM, and other media.

109
Q

For security internet facing devices should have CDP disabled.

A

True.

Disable CDP on interfaces for which you do not want devices to be discovered, such as Internet connections.

110
Q

What is LLDP?

A

Link Layer Discovery Protocol (LLDP), defined in the IEEE 802.1AB (LLDP) specification, is an option for discovering network devices in multivendor networks.

LLDP performs functions similar to those of CDP. With LLDP, devices send information at a fixed interval from each of their interfaces in the form of an Ethernet frame with Ethertype 0x88CC

111
Q

These are the syslog levels 0-7. Put them in order..

  • Debug
  • Error
  • Emergency
  • Informational
  • CriticalWarning
  • Notice
  • Alert
A

Ernie Always Cries Even When Nobody Is Dying.

0 Emergency

1 Alert

2 Critical

3 Error

4 Warning

5 Notice

6 Informational

7 Debug

112
Q

T/F: Syslog messages can use considerable network bandwidth. It is important to enable only syslog facilities and levels that are of particular importance.

A

True.