Chapter 7 - Advanced Enterprise Campus Design

Question 1

What is true in the Layer 3 access layer design?

1. There is no need for an FHRP.
2. There is no need for VLANs in the access layer.
3. VLANs can span access switches.
4. The SVIs are defined in the distribution layer.

Answer 1

A. In the Layer 3 access layer, there is no need for an FHRP.

Question 2

Which of the following methods provide workstation-to-router redundancy in the access layer? (Choose two.)

1. AppleTalk Address Resolution Protocol (AARP)
2. Hot Standby Router Protocol (HSRP)
3. Virtual Router Redundancy Protocol (VRRP)
4. Dynamic Host Configuration Protocol (DHCP)

Answer 2

B and C. HSRP and VRRP provide default gateway redundancy.

Question 3

What is the 20/80 rule?

1. 80% of the traffic is local, 20% is external
2. 20% of the traffic is local, 80% is external
3. 20% of the traffic is reserved for VoIP, 80% for data
4. 20% of the traffic is peer-to-peer, 80% is client/server

Answer 3

B. 20% of traffic is local and 80% is external to the local LAN.

Question 4

The summarization of routes is a best practice at which layer?

1. Access layer
2. Distribution layer
3. Core layer
4. WAN layer

Answer 4

B. Routes are summarized at the distribution layer.

Question 5

A design uses two Layer 2 circuits interconnecting two data centers. Spanning Tree Protocol causes the second circuit to be in blocking state. What technology can you implement to use both circuits?

1. Fast IP
2. MST
3. STP
4. Toolkit EtherChannel

Answer 5

D. Use EtherChannel to merge the two physical units into one.

Question 6

Two workstations are located on separate VLANs. They exchange data directly. What type of application is this?

1. Client/server
2. Client/peer
3. Peer-to-peer
4. Client/enterprise

Answer 6

C. This is a peer-to-peer application.

Question 7

Which protocol is an IETF standard?

1. VSS
2. HSRP
3. VRRP
4. GLBP

Answer 7

C. Virtual Router Redundancy Protocol (VRRP) is an IETF standard.

Question 8

Which solution allows you to expand the user capacity in the access layer without having to replace the existing switch?

1. VSS
2. EtherChannel
3. MEC
4. Stacking technology

Answer 8

D. Stacking switch technology allows you to increase the number of ports in the access layer while still using the same uplinks and ports in the distribution layer.

Question 9

Which of the following is an example of a peer-to-peer application?

1. IP phone call
2. Client accessing a file server
3. Web access
4. Using a local server on the same segment

Answer 9

A. IP phone–to–IP phone communication is an example of peer-to-peer communication.

Question 10

An enterprise network has grown to span multiple buildings supporting multiple departments. Clients access servers that are in local and other buildings. The company security assessment has identified policies that need to be applied. What do you recommend?

1. Move all departments to a single building to prevent unauthorized access.
2. Move all servers to one of the LAN client segments.
3. Move all servers to a data center server segment that is separate from client LANs.
4. Move all servers to the building distribution switches.

Answer 10

C. Create a data center server segment that enables the enforcement of security policies.

Question 11

Link redundancy and infrastructure services are design considerations for which layer?

1. Core layer
2. Distribution layer
3. Access layer
4. Application layer

Answer 11

B. These are design considerations for the distribution layer.

Question 12

Which of the following are server connectivity methods in the data center?

1. Single NIC
2. EtherChannel
3. Content switch
4. All of the above

Answer 12

D. All these are server connectivity options.

Question 13

A campus network of four buildings is experiencing performance problems. Each building contains 400 to 600 devices, all in one IP subnet. The buildings are connected in a hub-and-spoke configuration back to Building 1 using Gigabit Ethernet with multimode fiber. All servers are located in Building 1. What do you recommend to improve performance?

1. Connect all buildings in a ring topology.
2. Implement multiple VLANs in each building.
3. Move servers to the buildings.
4. Use single-mode fiber to make the Gigabit Ethernet links faster.

Answer 13

B. The building subnets are too large and should be further segmented to reduce the broadcast domain.

Question 14

Match each application type with its description.

1. Peer-to-peer
2. Client/local server
3. Client/server farm
4. Client/enterprise edge
5. Server on the same segment
6. IM
7. Web access
8. Client accesses database server

Answer 14

i = B

ii = A

iii = D

iv = C

Question 15

Match each campus design model with its description.

1. Routed access layer
2. Traditional Layer 2 access layer
3. Layer 2 access with VSS
4. Hybrid access layer
5. Legacy design
6. Access layer using Layer 3 capabilities
7. Improves Layer 2 design
8. Not recommended.

Answer 15

i = B

ii = A

iii = C

iv = D

Question 16

Which network application type is most stringent in terms of the network resources?

1. Peer-to-peer
2. Client/local server
3. Client/data center server farm
4. Client/enterprise edge

Answer 16

C.

Question 17

Company departments are located across several buildings. These departments use several common servers. Network policy and security are important. Where should servers be placed?

1. Within all department buildings, and they should duplicate the common servers in each building
2. Connecting the common servers to the campus core
3. The data center
4. Connecting the servers to the distribution layer

Answer 17

C.

Question 18

A large company has a campus core. What is the best practice for the core campus network?

1. Use triangles.
2. Use squares.
3. Use rectangles.
4. Use point-to-point mesh.

Answer 18

A. Use redundant triangle topology between the distribution and core layers.

Question 19

A company has five floors. It has Layer 2 switches on each floor with servers. It plans to move servers to a new computer room and create a server farm. What should it do?

1. Replace all Layer 2 switches with Layer 3 switches.
2. Connect the Layer 2 switches to a Layer 3 switch in the computer room.
3. Connect the Layer 2 switches to a new Layer 2 switch in the computer room.
4. Connect the Layer 2 switches to each other.

Answer 19

B.

Question 20

A link is running at 80% utilization. Business-critical applications are used. What can be done to minimize packet delay and loss?

1. Implement QoS with classification and policing in the distribution layer.
2. Add additional VLANs so that the business applications are used on PCs on that VLAN.
3. Perform packet bit rewrites in the distribution switches.
4. Classify users in the access layer with different priority bits.

Answer 20

A.

Question 21

Which are four best practices for the access layer? (Choose four.)

1. Disable trunking in host ports.
2. Limit VLANs to one closet.
3. Use PVST+ with multilayer switches.
4. Enable trunking on host ports.
5. Use VLAN spanning to speed convergence of Spanning Tree Protocol.
6. Use VTP Server mode in hierarchical networks.
7. Use VTP Transparent mode in hierarchical networks.
8. Use RPVST+ with multilayer switches.

Answer 21

A, B, G, and H.

Question 22

Which are three best practices for the distribution layer? (Choose three.)

1. Use HSRP, VRRP, or GLBP.
2. Provide fast transport.
3. Use Layer 3 routing protocols to the core.
4. Use Layer 2 routing protocols to the core.
5. Summarize routes to the core layer.
6. Summarize routes to the access layer.

Answer 22

A, C, and E.

Question 23

Which are four best practices for the distribution layer? (Choose four.)

1. Disable trunking in host ports.
2. Limit VLANs to one closet.
3. Use HSRP. Use GLBP.
4. Use VLAN spanning to speed convergence of Spanning Tree Protocol.
5. Use Layer 3 routing to the core.
6. Summarize routes.
7. Use RPVST+ with multilayer switches.

Answer 23

C, D, F, and G.

Question 24

Which are three best practices for the core layer? (Choose three.)

1. Use routing with no Layer 2 loops.
2. Limit VLANs to one closet. Use HSRP.
3. Use GLBP.
4. Use Layer 3 switches with fast forwarding.
5. Use Layer 3 routing to the core.
6. Use two equal-cost paths to every destination network.
7. Use RPVST+ with multilayer switches.

Answer 24

A, E, and G.

Question 25

What is a major requirement if you use a Layer 3 access layer design?

1. The distribution switches need to be configured as a VSS pair.
2. The core switches need to support EIGRP.
3. The access layer switch needs to be able to route.
4. HSRP needs to be configured on the distribution switches.

Answer 25

C.

Question 26

What is an advantage of using the updated Layer 2 access layer design over the traditional model?

1. There is an increase in uplink bandwidth.
2. The updated model adds routing between distribution and access layers.
3. The access layer switch can route.
4. Layer 3 load balancing is enabled.

Answer 26

A.

Question 27

Which Cisco IOS feature simplifies spanning-tree topology?

1. Rapid PVST+
2. MST
3. MISTP
4. 802.1W
5. VSS

Answer 27

D.

Question 28

You implement the updated Layer 2 access layer design. What advantage have you obtained?

1. Additional uplink bandwidth by using both uplinks
2. No need for FHRP
3. Mix of Layer 2 and Layer 3 in the access layer
4. Spanning Tree Protocol blocking uplink ports

Answer 28

A.

Question 29

You implement the Layer 3 access layer design. What advantage have you obtained?

1. Additional uplink bandwidth by using both uplinks
2. No need for FHRP
3. Mix of Layer 2 and Layer 3 in the access layer
4. Spanning Tree Protocol blocking uplink ports

Answer 29

B.

Question 30

Which VTP version is enabled by default?

1. VTPv1
2. VTPv2
3. VTPv3
4. None of the above; VTP version has to be explicitly configured

Answer 30

B. VTPv2 is the default version.

Question 31

You want to configure subsecond failover for HSRP. What settings do you configure?

1. Hello timer = 3 seconds, dead timer = 10 seconds
2. Hello timer = 3 ms, dead timer = 10 ms
3. Hello timer = 200 ms, dead timer = 750 ms
4. Hello timer = 200 seconds, dead timer = 750 seconds

Answer 31

C. You can achieve subsecond failover with HSRP by setting the hello timer to 200 milliseconds and the dead timer to 750 milliseconds.

Question 32

What are the default timers for VRRP?

1. Hello timer = 3 seconds, dead timer = 10 seconds
2. Hello timer = 1 second, dead timer = 3 seconds
3. Hello timer = 200 ms, dead timer = 750 ms
4. Hello timer = 1 ms, dead timer = 10 ms

Answer 32

B. The default VRRP hello timer is 1 second, and the dead timer is 3 seconds.

Question 33

What are the default timers for HRSP?

1. Hello timer = 3 seconds, dead timer = 10 seconds
2. Hello timer = 1 second, dead timer = 3 seconds
3. Hello timer = 200 ms, dead timer = 750 ms
4. Hello timer = 1 ms, dead timer = 10 ms

Answer 33

A. The default HSRP timers are 3 seconds for hello and 10 seconds for the dead timer.

Question 34

Which protocol allows for load sharing among a group of routers?

1. HSRP
2. VRRP
3. FHRP
4. GLBP

Answer 34

D. GLBP is a Cisco-proprietary FHRP that allows packet load sharing among a group of routers.

Question 35

What is the recommended oversubscription ratio for distribution links to core links?

1. 4 to 1
2. 10 to 1
3. 15 to 1
4. 20 to 1

Answer 35

A. For distribution-to-core, the oversubscription recommendation is 4 to 1.

Question 36

What is the recommended oversubscription ratio for access links to distribution links?

1. 4 to 1
2. 10 to 1
3. 15 to 1
4. 20 to 1

Answer 36

D. When implementing data oversubscription, the recommended practice is 20 to 1 oversubscription for access-to-distribution links.

Question 37

What is the maximum number of links that can be bundled in an EtherChannel?

1. 2
2. 4
3. 8
4. 16

Answer 37

C.

Question 38

You need to connect sites that are 8 kilometers apart by using fiber. Which media do you recommend?

1. 10GBASE-T
2. 10GBASE-ER
3. 10GBASE-LR
4. 10GBASE-SR

Answer 38

C. 10GBASE-LR is long-range single-mode fiber with a maximum distance of 10 kilometers.

Question 39

You need to connect access switches to the distribution switch pair within a building. Which media do you recommend?

1. 10GBASE-T
2. 10GBASE-ER
3. 10GBASE-LR
4. 10GBASE-SR

Answer 39

D. 10GBASE-SR uses multimode fiber with a range of 400 meters.

Question 40

You need to connect switches in the data center racks. Which media do you recommend?

1. 10GBASE-T
2. 10GBASE-ER
3. 10GBASE-LR
4. 10GBASE-SR

Answer 40

A. 10BASE-T uses UTP with a range of 100 meters.

Question 41

See attached diagram for the traditional Layer 2 access layer model. Answer these questions.

1. Where are the VLANs defined?
2. Where is HSRP configured?
3. What layer is the STP root at?
4. What layer are the access switches operating in?
5. Is there Load Balancing? Why or why not?
6. What is acting as the gateway?
7. Where are the layer 3 links?

Answer 41

Figure 7-1 shows the traditional Layer 2 access layer. This is the de facto model that has been used for years, where:

1. VLANs are defined in the distribution switches
2. HSRP gateways are configured for the VLANs with active and standby in the Distribution layer
3. Spanning Tree Protocol root bridge is configured in the Distribution layer
4. The access switch is configured as a Layer 2 switch that forwards traffic via trunk ports to the distribution switches.
5. There is no load balancing because Spanning Tree Protocol blocks one of the uplink trunks, so only one uplink is active for each VLAN.
6. Distribution layer switches act as default gateways.
7. Layer 3 links are used between the core and distribution switches with a routing protocol.

Question 42

Updated Layer 2 Access Layer (Using VSS)

See attached diagram and answer the following questions.

1. Where is the demarc between L2 and L3?
2. With VSS the pair of distribution switches is merged into a ________________________.
3. What platforms support VSS? (three series of switches)
4. What is a MEC?
5. With 10G uplinks from the access switches what is the bandwidth available to uplink each access switch?

Answer 42

Updated Layer 2 Access Layer (Using VSS)

Figure 7-2 shows the updated Layer 2 access layer.

1. In this model, the distribution switches are still the demarcation between the Layer 2 and Layer 3 boundaries.
2. The difference now is that Virtual Switching System (VSS) is configured in the distribution layer. With VSS, the physical distribution switch pair is merged into a virtual switch.
3. VSS is supported on Cisco 4500, 6500, and 6800 Series switches.
4. With VSS, both access switch uplinks are used, doubling the bandwidth from access switches to the distribution pair. The bundled pair is called a Multichassis EtherChannel (MEC), and it creates a loop-free topology.
5. With Gigabit Ethernet uplinks, you have 2 Gbps of uplink bandwidth, and with 10 Gigabit Ethernet uplinks, you have 20 Gbps of uplink bandwidth.
   6.

Question 43

Layer 3 Access Layer:

Figure 7-3 shows the Layer 3 access layer. Answer these questions:

1. Where is the L3 demarc?
2. Where are the VLANs defined? where are the gateways?
3. Are VLANs able to span access switches?
4. What layer are the links from the Access to Dist layers?
5. Is HSRP needed? Why or why not?

Answer 43

1. With this design model, the Layer 3 demarcation is pushed to the access layer.
2. The access layer switches have VLANs defined and act as the default gateways.
3. Notice that VLANs are not able to span access switches.
4. L3 links are now used from the Access layer to the distribution switches to the core.
5. The use of HSRP is not necessary. In this solution, the access layer switches act as default gateways and participate in routing, and there is no need for an FHRP.

Question 44

T/F: When VSS is used, there is no need for a first-hop routing protocol (FHRP) such as HSRP.

Answer 44

True.

When VSS is used, there is no need for a first-hop routing protocol (FHRP) such as HSRP.

Question 45

T/F:

Pushing layer 3 to the access layer provides higher uplink bandwidth but slower convergance than the traditional Layer 2 access design.

Answer 45

False.

This solution provides faster convergence and higher uplink bandwidth than the traditional Layer 2 access design.

Question 46

1. What layer design combines L2 and L3 in one?
2. What layer are the links between the access and distribution layers?
3. Why is this design not preferred?
4. What is a use case to implement this design?
5. What is one disavantage of this design?

Answer 46

Hybrid LAN Access Layer

1. The hybrid access layer combines the use of Layer 2 switching with Layer 3 at the access layer. In this design, some VLANs are defined in the access layer and others in the distribution layer.
2. There are Layer 3 and Layer 2 links between the distribution switches and the access switches. With the Layer 2 links, Spanning Tree Protocol is still in the network.
3. This design is not the preferred design because it has the added complexity of mixed Layer 2 and Layer 3 access layers per VLAN, but it is usually implemented for various reasons.
4. One reason to implement these solutions might be sensor or security devices requiring a shared VLAN.
5. The disadvantage is that Spanning Tree Protocol is enabled on these VLANs.

Question 47

Prevents an alternate or root port from becoming designated in the absence of bridge protocol data units (BPDUs).

Answer 47

LoopGuard

Question 48

T/F: VRRPv2 supports both IPv4 and IPv6

Answer 48

VRRPv2 only supports IPv4.

VRRPv3 for both IPv4 and IPv6 networks.

Question 49

In HSRP the ‘primary’ router is called the ________ and the ‘secondary’ router is called the ________.

In VRRP the ‘primary’ router is called the _________ and the ‘secondary’ router is called the __________.

Answer 49

In HSRP the ‘primary’ router is called the active and the ‘secondary’ router is called the secondary.

In VRRP the ‘primary’ router is called the master and the ‘secondary’ router is called the backup.

Question 50

Preemption is enabled by default in which FHRP?

Answer 50

Unlike in HSRP, VRRP preemption is enabled by default.

Question 51

How many gateways does GLBP support load balancing across?

Answer 51

Unlike HSRP, GLBP provides for load balancing between multiple redundant routers—up to four gateways in a GLBP group.

Question 52

GLBP members communicate between each other through hello messages sent every ___ seconds to the multicast address ___________, User Datagram Protocol (UDP) port ______.

Answer 52

GLBP members communicate between each other through hello messages sent every 3 seconds to the multicast address 224.0.0.102, User Datagram Protocol (UDP) port 3222.

Question 53

What type(s) of authentication is supported by GLBP.

Answer 53

Only Plain-text.

Question 54

What is pinhole congestion?

Answer 54

A hop-based routing protocol does load balancing over unequal-bandwidth paths as long as the hop count is equal. After the slower link becomes saturated, packet loss at the saturated link prevents full utilization of the higher-capacity links; this scenario is called pinhole congestion.

You can avoid pinhole congestion by designing and provisioning equal-bandwidth links within one layer of the hierarchy or by using a routing protocol that takes bandwidth into account.

Question 55

T/F: Routing protocols converge in equal amounts of time on networks with equal cost links as those with unequal cost links.

Answer 55

False.

You should keep bandwidth consistent within a given design component to facilitate load balancing. Another reason to keep bandwidth consistent within a layer of a hierarchy is that routing protocols converge much faster on multiple equal-cost paths to a destination network.

Question 56

The preferred location to mark traffic is as close as possible to the __________.

Answer 56

The preferred location to mark traffic is as close as possible to the source.

Question 57

VoIP traffic from the phone is sent with a Layer 2 CoS set to ____. The phone also reclassifies data from the PC to a CoS/ToS of _____.

Answer 57

VoIP traffic from the phone is sent with a Layer 2 CoS set to 5. The phone also reclassifies data from the PC to a CoS/ToS of 0.

Question 58

With Differentiated Services Codepoint (DSCP) at Layer 3, VoIP bearer traffic is set to ______ _______ (EF) (which implies a ToS set to ___).

Answer 58

With Differentiated Services Codepoint (DSCP) at Layer 3, VoIP bearer traffic is set to Expedited Forwarding (EF) (which implies a ToS set to 5).