Network Assurance

Question 1

What is SNMP?

Answer 1

Simple Network Management Protocol

Question 2

What are the key differences of SNMPv3 over v1 and v2?

Answer 2

• User authentication
• Username hashing (MD5 and SHA)
• Encryption

Question 3

What are the key elements that need to be configured on a Cisco device to send SNMP data to a client?

Answer 3

• SNMP host/client
• Access Lists to restrict SNMP
• Read Only Community String
• Read Write Community String
• SNMP location
• SNMP contact

Question 4

What is the command to send SNMP to a client or host?

Answer 4

R1(config)# snmp-server community {string} {ro | rw} {access-list-id}

Question 5

What is an SNMP trap?

Answer 5

An alert that can be sent via SNMP in response to a network event

Question 6

What is the command to enable SNMP traps on a Cisco device?

Answer 6

R1(config)# snmp-server enable traps [type]

There are a lot of SNMP trap types that can be enables. Not specifying a trap type will enable all SNMP traps which may not be desirable.

Question 7

What are the 8 levels of Syslog Severity Messages?

Answer 7

7 - Debug
6 - Informational
5 -Notifications
4 - Warning
3 - Errors
2 - Critical
1 - Alerts
0 -Emergency

Question 8

What command is used to send log messages to the local device’s buffer?

Answer 8

R1(config)# logging buffer {buffer-size-in-bytes} {severity-level}

NOTE: The severity level can be numbered or the word. Log events up to the configured level will be logged.

Question 9

What command is used to verify logging on a Cisco device?

Answer 9

R1# show logging

Question 10

What port is used by Syslog to send logging information to a remote Syslog collector?

Answer 10

UDP 514

Question 11

What command is used on a Cisco device to send Syslog to a remote host?

Answer 11

R1(config)# logging host {ip-address}

Question 12

What is the port used by the Netflow protocol?

Answer 12

Netflow is UDP but it does NOT have an assigned port number. Each flow sensor will use a unique port number as designated by an admin.

Question 13

What are the three pieces you need to configure to create flexible netflow on a router?

Answer 13

Flow Record
Flow Export
Flow Monitor

Question 14

What two things do you need to do to configure a flow record?

Answer 14

1.) Use the “match” command to define the flow criteria

2.) Use the “collect” command to define what data you want to gather from the flow

Question 15

What two things do you need to do to configure a flow exporter?

Answer 15

1.) The destination collector server, using the destination command

2.) The port number for the flow sensor using the transport udp {port} command

Question 16

What two things do you need to configure a flow monitor?

Answer 16

1.) the flow record to be used with the record NAME command

2.) the flow exporter to be used with the exporter NAME command

Question 17

What are the commands to enable basic netflow for interface Gi0/0 on a router for the destination of 10.1.0.111 using the port 9998?

Answer 17

R1(config)# int gi0/0
R1(config-if)# ip flow ingress
R1(config-if)# ip flow egress
R1(config)# ip flow-top-talkers
R1(config-flow-top-talkers)# top 5
R1(config-flow-top-talkers)# sort-by bytes
R1(config)# ip flow-export version 9
R1(config)# ip flow-export destination 10.1.0.111 9998

Question 18

Using IOS commands, configure a flexible netflow that uses source ipv4 address to collect ipv4 source, destination, and protocol information and apply it to interface gi0/0

Answer 18

R1(config)# flow record FLOW_REC_1
R1(config-flow-record)# description basic netflow information
R1(config-flow-record)# match ipv4 source address
R1(config-flow-record)# collect ipv4 source address
R1(config-flow-record)# collect ipv4 protocol
R1(config-flow-record)# collect ipv4 destination address
R1(config)# flow exporter FLOW_EXP_1
R1(config-flow-exporter)# description flows exported to my PRTG server A
R1(config-flow-exporter)# destination <flow>
R1(config-flow-exporter)# transport udp <flow>
R1(config)# flow monitor FLOW_MON_1
R1(config-flow-monitor)# exporter FLOW_EXP_1
R1(config-flow-monitor)# record FLOW_REC_1
R1(config)# int gi0/0
R1(config-if) ip flow monitor FLOW_MON_1 input</flow></flow>

Question 19

What show commands would you use to verify flexible netflow on a Cisco device?

Answer 19

show flow recorder

show flow exporter

show flow monitor

Question 20

When using the show commands to verify netflow, how are the source and destination port numbers displayed?

Answer 20

In hexadecimal format (instead of decimal)

Question 21

What command(s) could you use to verify the netflow is working?

Answer 21

show ip cache flow

show ip flow top-talkers

NOTE: Netflow data on a router expires quickly so these commands are really only good to troubleshoot if netflow is working.

Question 22

What are the basic commands to configure IP SLA with an icmp probe that runs every 10 seconds (4 commands)?

Answer 22

Router(config)# ip sla {probe-id}
Router(config-ip-sla)# icmp-echo {dest-ip-address} source-interface {interface-id}
Router(config-ip-sla-echo)# frequency 10
Router(config)# ip sla {probe-id} life forever start-time now

Question 23

What are the basic commands to configure IP SLA with an http probe that runs every 1 minute (4 commands)?

Answer 23

Router(config)# ip sla {probe-id}
Router(config-ip-sla)# http get {URL}
Router(config-ip-sla-echo)# frequency 60
Router(config)# ip sla {probe-id} life forever start-time now

Question 24

What commands would you use to create an IP SLA track object and use it to influence a static route?

Answer 24

Router(config)# track {id} ip sla {probe-id}
Router(config)# ip route {ip-address} {subnet-mask} {next-hop} track {track-id}

Question 25

What does SPAN mean?

Answer 25

Switchport Analyzer - this is basically just mirroring a switchport

Question 26

What are the three types of SPANs and what is the difference between each one?

Answer 26

SPAN - capture on a local switch

RSPAN - capture on a remote switch

ERSPAN - capture on a remote network

Question 27

What commands would you use to configure a Cisco switch to mirror port fa0/1 and send the traffic to fa0/24?

Answer 27

SW1(config)# monitor session {session-id} source interface fa0/1
SW1(config)# monitor session 1 destination interface fastEthernet 0/24

Question 28

What is the key configuration element you need to configure to perform RSPAN?

Answer 28

A dedicated VLAN must be established on the source and destination switches and permitted across the trunk.

Question 29

What commands would you need to configure RSPAN from the source ports of Switch2 on fa0/1 to the destination port of fa0/24 on Switch1?

Answer 29

SW2(config)# vlan 99
SW2(config-vlan)# remote-span
SW2(config)# monitor session 1 source interface fa0/1
SW2(config)# monitor session 1 destination remote vlan 99
SW1(config)# vlan 99
SW1(config-vlan)# remote-span
SW1(config)# monitor session 1 source remote vlan 99
SW1(config)# monitor session 1 destination fa 0/24

Question 30

What commands are needed to configure ERSPAN on a remote switch?

Answer 30

RemoteSW1(config)# monitor session 1 type erspan-source
RemoteSW1(config-mon-erspan-src)# source interface gi0/10 both
RemoteSW1(config-mon-erspan-src)# no shut
RemoteSW1(config-mon-erspan-src)# destination
RemoteSW1(config-mon-erspan-src-dst)# ip address <ip>
RemoteSW1(config-mon-erspan-src-dst)# erspan-id 2
RemoteSW1(config-mon-erspan-src-dst)# origin ip <ip></ip></ip>

Question 31

What commands are needed to configure ERSPAN on the local switch?

Answer 31

LocalSW1(config)# monitor session 1 type erspan-destination
LocalSW1(config-mon-erspan-dst)# no shut
LocalSW1(config-mon-erspan-dst)# destination interface gigabitEthernet 0/2
LocalSW1(config-mon-erspan-dst)# source
LocalSW1(config-mon-erspan-dst-src)# erspan-id 2
LocalSW1(config-mon-erspan-dst-src)# ip address <ip>
LocalSW1(config-mon-erspan-dst-src)# origin ip address <ip></ip></ip>

Question 32

What show command(s) can you use to verify a SPAN session is running?

Answer 32

show monitor session all

show monitor session <session></session>

Question 33

What is IP SLA?

Answer 33

A Cisco IOS tool that can perform continuous monitoring about certain aspects of network performance.

Question 34

What are some of the most common types of IP SLA probes that can be configured on a Cisco device?

Answer 34

• icmp
• http
• dhcp
• dns
• voip
• icmp or udp jitter

Question 35

What network quality metrics does IP SLA set out to measure?

Answer 35

• Delay
• Jitter
• Packet Loss
• Connectivity
• VoIP quality
• Server Download time
• Network Path

Question 36

When configuring IP SLA on a Cisco device, what are the two essential elements that must be configured?

Answer 36

1.) Probe
2.) Schedule

Question 37

What is the command to create an IP SLA probe?

Answer 37

R1(config)# ip sla {id-number}

Question 38

What are the commands to set up an IP SLA ICMP probe that repeats every 60 seconds? (3 commands)

Answer 38

R1(config)# ip sla {id-number}
R1(config-ip-sla)# icmp-echo {target-address} source-interface {int-id}
R1(config-ip-sla-echo)# frequency 60

Question 39

What are the commands to set up an HTTP GET probe that repeats every 5 minutes? (3 commands)

Answer 39

R1(config)# ip sla {id-number}
R1(config-ip-sla)# http get {url}
R1(config-ip-sla-echo)# frequency 300

Question 40

What is the command to create a schedule to start an IP SLA probe(s)?

Answer 40

R1(config)# ip sla schedule {id-number} life {forever | value-in-secs} start-time {now | hh:mm:ss}

Question 41

If you wanted to use an IP SLA as a routing metric, what command would you use?

Answer 41

R1(config)# track {id-number} ip sla {sla-id}