Layer 2 Switching

Question 1

MST is defined by IEEE _________.

Answer 1

MST is defined by IEEE 802.1s.

Question 2

What are 5 enhancements that VTP Version3 had over versions 1 and 2?

Answer 2

• hidden authentication (does not appear in plain text in the configuration file)
• Extended VLAN support. Versions 1 and 2 only support VLANs 1 - 1000 only.
• Support for private VLANs
• Support for MST
• primary and secondary servers

Question 3

In VTP Version 3, you issue the command vtp primary server in ________ mode.

Answer 3

Exec mode. This is a weird one as you would think it would be issued in configuration mode.

Question 4

By default, VTP summary advertisements are sent every ______ minutes.

Answer 4

5 minutes.

Question 5

With VTP, after a summary advertisement is sent, what type of advertisement follows?

Answer 5

A subset advertisement which actually contains the list of VLANs.

Question 6

Under what 3 circumstances will a switch send a VTP advertisement request?

Answer 6

1. the switch has been reset
2. the VTP domain name has been changed on the switch
3. the switch has received a VTP summary advertisement with a higher configuration than its own

Question 7

For Layer 2 Etherchannels, how does the Etherchannel obtain its MAC address?

Answer 7

It adopts the MAC address from the first port in the bundle that comes up.

Question 8

What command enables you to configure Etherchannel load balancing?

Answer 8

port-channel load-balance

Question 9

What is the default Etherchannel load balancing method?

Answer 9

src-mac

Question 10

What is the official name for EtherChannel LACP?

Answer 10

IEEE802.3ad Link Aggregation

Question 11

LACP supports up to ____ ports of the same type.

Answer 11

LACP supports 16 ports of the same type, with up to 8 ports active and 8 ports in standby.

Question 12

In MST, the CIST Regional Root is a _________ switch elected for every region based on the shortest external path cost to reach the CIST root.

Answer 12

In MST, the CIST Regional Root is a boundary switch elected for every region based on the shortest external path cost to reach the CIST root.

The CIST Regional Root becomes the root of the IST for the given region as well - the region changes its IST election process to make the CIST regional root the IST root.

Question 13

With ____, a switch sends Hellos and if it receives those Hellos echoed back it knows the link is an active two way link.

Answer 13

With UDLD a switch sends Hellos and if it receives those Hellos echoed back it knows the link is an active two way link.

Question 14

UDLD operates at the physical level, while Spanning-Tree LoopGuard works at the _____ level.

Answer 14

UDLD operates at the physical level, while Spanning-Tree LoopGuard works at the logical level. (Think Etherchannel)

Question 15

udld enable aggressive differs from udld enable in what way?

Answer 15

udld enable aggressive disables the port upon UDLD neighbor failure.

You could also enable auto recovery of the interface if desired:

SW1(config)# errdisable recovery cause udld

SW1(config)# errdisable recovery interval 30

Question 16

CDP announcements are sent out every _____ seconds by default.

Answer 16

CDP announcem,ents are sent out every 60 seconds by default.

Question 17

Rapid Spanning Tree is defined by IEEE ____.

Answer 17

Rapid Spanning Tree is defined by IEEE 802.1w.

Question 18

For RSPAN, what is the additional step that has to be done compared to SPAN?

Answer 18

With RSPAN, the destination VLAN of the SPAN has to be defined.

SW2(config)# vlan 199

SW2(config-vlan)# remote span

Question 19

With SPAN, if you want to leave the original encapsulation of the frames intact, use the _______ ________ option on the monitor session destination command.

Answer 19

With SPAN, if you want to leave the original encapsulation of the frames intact, use the encapsulation replicate option on the monitor session destination command.

Question 20

What is the global configuration command to add timestamps to debug output?

Answer 20

service timestamps debug datetime msec

Question 21

The default Spanning Tree Hello Time is __ seconds.

Answer 21

2.

It can be adjusted between 1 and 10 seconds. Remeber non-root bridges will never generate BPDUs, but only relay the BPDUs they receive on their Root Port.

Question 22

Spannining Tree Forward Delay is ___ seconds by default.

Answer 22

15

It can be adjusted between 4 and 30 seconds. It is the time spent in both the listening and learning phases.

Question 23

Spanning Tree Max Age is ___ seconds by default.

Answer 23

20

This is the amount of time before a bridge port saves its configuration BPDU. It can be adjusted between 6 and 40 seconds.

Question 24

The Designated Port is the port on the segment that has the lowest _______ to reach the root bridge.

Answer 24

The Designated Port is the port on the segment that has the lowest path-cost to reach the root bridge.

Question 25

What are the 4 tiebreakers for Spanning Tree decisions?

Answer 25

1. Lowest root bridge ID
2. Lowest path cost to root brige
3. Lowest sender bridge ID
4. Lowest sender port ID

Question 26

What are the two command lines to enable autorecovery of a port that has been disabled due to bpduguard after 120 seconds?

Answer 26

errdisable recovery cause bpduguard

errdisable recovery interval 120

Question 27

Describe the difference in inbound BPDU processing when BPDU Filter is enabled per interface or globally.

Answer 27

When BPDU Filter is enabled at the interface level, it silently discards inbound BPDUs. But if enabled globally, BPDU Filter will only apply to PortFast enabled ports - the switchport will lose its PortFast status and process the BPDU normally if it receives an inbound BPDU. So a global configuration is much safer.

Question 28

Spanning Tree UplinkFast protects against ______ port failures by pooling all available candidate ports into an “uplink group”.

Answer 28

Spanning Tree UplinkFast protects against root port failures by pooling all available candidate ports into an “uplink group”.

Question 29

When PortFast is enabled on a port, the interface skips ______ and _______ phases of STP convergence and goes straight into the forwarding state.

Answer 29

When PortFast is enabled on a port, the interface skips Listening and Learning phases of STP convergence and goes straight into the forwarding state.

Question 30

Spanning Tree BackboneFast enables fast reconvergence due to _____ link failures.

Answer 30

Spanning Tree BackboneFast enables fast reconvergence due to indirect link failures.

Usually when a switch starts hearing inferior BPDUs, it will wait the length of its Max Age timer before it responds to the bridge sending inferior BPDUs. If you think about it, if it is an inferior BPDU, why can’t it immediately send the switch sending inferior BPDUs the superior BPDU it has received on its root port? Then, the downstream switch who is sending inferior BPDUs because of a root port failure can converge faster.

Question 31

When BackboneFast is enabled, as soon as the switch receives an inferior BPDU it will send _____ ______ ______ messages out all of it’s non-designated ports.

Answer 31

When BackboneFast is enabled, as soon as the switch receives an inferior BPDU it will send Root Link Query (RLQ) messages out all of it’s non-designated ports.

The RLQ asks other switches if the current Root Bridge is accesible via that switch.

Question 32

RootGuard is an STP enhancement that ensures the port on which it is configured remains a _________ port.

Answer 32

RootGuard is an STP enhancement that ensures the port on which it is configured remains a designated port.

RootGuard is placed on designated ports downstream from the Root Bridge. The ports it is enabled on will never become root ports, even if they receive a superior BPDU from a neighbor switch.

Question 33

When BPDU Guard is enabled globally, it works in conjunction with ________.

Answer 33

When BPDU Guard is enabled globally, it works in conjunction with PortFast.

BPDU Gaurd is automatically enabled for any interfaces in the PortFast state.

Question 34

______ _______ are used to define a well-known template of configuration onto multiple interfaces.

Answer 34

Smartport macros are used to define a well-known template of configuration onto multiple interfaces.

Question 35

The first step to creating a smartport macro is to ______ the interface range with a unique name.

Answer 35

The first step to creating a smartport macro is to define the interface range.

SW1(conf)# define interface-range VLAN_146 gig0/1-2

Question 36

The second step when configuring a smartport macro is to go into ________ _______ _______ configuration mode for the interface-range you previously defined.

Answer 36

The second step when configuring a smartport macro is to go into interface range macro configuration mode for the macro you previously defined.

SW1(conf)# interface range macro VLAN146

Question 37

One limitation of protected ports is that they are only _______ significant.

Answer 37

One limitation of protected ports is that they are only locally significant.

Protected ports cannot span multiple switches. This is a big reason why Private VLANs were created.

Question 38

Private VLANs require that VTP is in _________ mode.

Answer 38

Private VLANs require that VTP is in transparent mode. (or off)

Question 39

With Private VLANs, ___________ ports are allowed to talk to all other ports within the primary VLAN.

Answer 39

With Private VLANs, promiscuous ports are allowed to talk to all other ports within the primary VLAN.

Question 40

With Private VLANs, _________ ports are only allowed to talk with promiscuous ports.

Answer 40

With Private VLANs, isolated ports are only allowed to talk with promiscuous ports.

Question 41

With Private VLANs, _________ ports are allowed to talk with other ports in their own community as well as any promiscuous ports, but they are not allowed to talk with ports in other communities.

Answer 41

With Private VLANs, community ports are allowed to talk with other ports in their own community as well as any promiscuous ports, but they are not allowed to talk with ports in other communities.

Question 42

With Private VLANs, under what configuration mode do we use private-vlan association add 501?

Answer 42

We add the association for secondary VLANs under the primary VLAN configuration mode, as below.

SW1(config)# vlan 500

SW1(config-vlan)# private-vlan primary

SW1(config-vlan)# private-vlan association add 501

SW1(config-vlan)# private vlan association add 502

Question 43

With Private VLANs, what interface configuration command sets the port as a secondary VLAN?

Answer 43

switchport mode private-vlan host

SW1(config)# interface range gig0/1-2

SW1(config-if)# switchport mode private-vlan host

SW1(config-if)# switchport private-vlan host-association 500 501

Question 44

If you configure a primary VLAN SVI to operate with seondary private VLANs, what is the command to map the secondary VLANs to the SVI?

Answer 44

SW1(config)# interface Vlan 100

SW1(config-if)# private-vlan mapping 1000,2000

Question 45

Loop Guard is very similar to UDLD, but Loop Guard uses ______ instead of Hellos to determine if there is a loop.

Answer 45

Loop Guard is very similar to UDLD, but Loop Guard uses BPDUs instead of Hellos to determine if there is a loop.

Question 46

To be completely effective, Loop Guard should be enabled on all _________ ports, including root ports and alternate ports.

Answer 46

To be completely effective, Loop Guard should be enabled on all non-designated ports, including root ports and alternate ports.

Question 47

What is the interface configuration command to enable protection on a switchport?

Answer 47

SW1(config-if)# switchport protected

Question 48

A Voice VLAN works like a rudimentary ________.

Answer 48

A Voice VLAN works like a rudimentary trunk.