NSX Set 4 Flashcards
How many subinterfaces can be configured on an NSX Edge?
a. 1
b. 10
c. 200
d. 1,000
c. 200
How many concurrent Layer 2 VPN tunnels does a distributed logical router support?
a. 0
b. 1
c. 10
d. 16
a. 0
What is the default port number used by NSX for Layer 2 VPN?
a. TCP 22
b. TCP 443
c. UDP 500
d. TCP 1723
b. TCP 443
Which two encryption algorithms are not supported in Layer 2 VPN? (Choose two.)
a. DES-CBC3
b. AES-128
c. 3DES
d. AES-192
c. 3DES
d. AES-192
Two NSX Edges form a Layer 2 VPN. Which encryption algorithm is used?
a. The encryption algorithm set on the first NSX Edge device that is configured
b. The encryption algorithm set on the Layer 2 VPN Server
c. The strongest encryption algorithm configured between the two NSX Edges as determined during tunnel negotiation
d. The weakest encryption algorithm configured between the two NSX Edges as determined during tunnel negotiation
b. The encryption algorithm set on the Layer 2 VPN Server
How many interfaces are needed on an NSX Edge to configure a Layer 2 VPN?
a. One Uplink interface
b. Two Uplink interfaces
c. One Uplink interface and one Internal interface
d. One Internal interface
c. One Uplink interface and one Internal interface
An NSX administrator has two available IPs, 10.154.17.10 and 10.154.17.11. The IPs are for use with the interfaces connecting to segments that will be extended via two NSX Edges using a Layer 2 VPN.
How must the IP addresses be configured on the interface of each NSX Edge?
a. The Layer 2 VPN Server must have the first IP in the range, 10.154.17.10.
b. Both NSX Edges must use the same IP.
c. Each NSX Edge can use either IP, but not the same IP.
d. The Layer 2 VPN Server is given both IPs and assigns them to the NSX Edges during tunnel negotiation.
c. Each NSX Edge can use either IP, but not the same IP.
Layer 2 Bridging supports which types of Ethernet extensions?
a. VXLAN-VXLAN
b. Layer 2 VPN
c. VLAN-VLAN
d. VLAN-VXLAN
d. VLAN-VXLAN
What is the role of the Bridge Instance?
a. To coordinate the bridging among all the logical switches in the trans-
port zone
b. To bridge between a logical switch and a VLAN
c. To provide a logical connection between two clusters in different trans- port zones
d. To back up the Layer 2 NSX Controller
b. To bridge between a logical switch and a VLAN
Which of the following is not a requirement to configure Layer 2 Bridging?
a. A distributed logical router
b. An NSX Edge
c. A logical switch linked to the Control VM
d. A VLAN portgroup
b. An NSX Edge
In NSX 6.2, which NSX entity communicates with the hardware VTEP?
a. NSX Manager
b. NSX Controller
c. NSX Edge
d. Logical Router Control VM
b. NSX Controller
Which two interfaces can be found on a DLR? (Choose two.)
a. VXLAN LIF
b. Logical switch interface
c. VLAN logical interface
d. VMNIC interface
a. VXLAN LIF
c. VLAN logical interface
Two vSphere clusters each have their own vDS assigned. Which NSX feature can’t be configured or deployed in this scenario?
a. Logical switches
b. Distributed logical routers
c. VXLAN
d. VLAN LIF
d. VLAN LIF
Which statement is true regarding physical MAC addresses (pMACs) in an NSX deployment?
a. Each ESXi host running an instance of the logical router has the same pMAC.
b. Each ESXi host running an instance of the logical router has a unique pMAC.
c. The MAC address of an NSX Edge’s Uplink interface is a pMAC.
d. The Top of Rack switch for the ESXi hosts has a pMAC in its MAC table for every ESXi host vMAC.
b. Each ESXi host running an instance of the logical router has a unique pMAC.
Which entity replies to an ARP request received over a VLAN LIF?
a. The Designated Instance
b. The Bridge Instance
c. The ESXi host that first receives the ARP request
d. The Logical Router Control VM
a. The Designated Instance
Which entity determines the ESXi host that will run the Designated Instance?
a. The NSX Controller Master
b. The NSX Controller responsible for the logical router
c. The Logical Router Control VM
d. The NSX Manager
b. The NSX Controller responsible for the logical router
If the Designated Instance is down, which ESXi host takes over?
a. The ESXi host closest to the Designated Instance
b. The ESXi host that has the lowest management IP
c. An ESXi host randomly selected by the NSX Controller
d. The ESXi host configured as the Bridge Instance
c. An ESXi host randomly selected by the NSX Controller
A logical router needs to send an ARP request over a VLAN LIF. Which ESXi host forwards the ARP request?
a. The ESXi host running the logical router instance sending the ARP request
b. The ESXi host that has the VLAN LIF
c. The ESXi host that is the Designated Instance
d. The ESXi host that has a VMkernel port with an IP in same subnet as the VLAN LIF
c. The ESXi host that is the Designated Instance
After a router table lookup, the logical router determines the next hop is out of the VLAN LIF. Which ESXi host sends egress traffic?
a. The ESXi host that runs the Control VM
b. The ESXi host that has the Designated Instance
c. The ESXi host running the DLR instance that made the routing decision
d. The Control VM
c. The ESXi host running the DLR instance that made the routing decision
What is VMware’s recommendation for providing Layer 3 connectivity be- tween virtual and physical networks?
a. Use a logical router with the VLAN LIF
b. Use a logical router with an Uplink LIF
c. Use a Perimeter Edge with an Uplink interface
d. Extend the logical switch to the Top of Rack hardware VTEP
c. Use a Perimeter Edge with an Uplink interface
How many Equal Cost Multipath entries per destination does the NSX Edge support in its routing table?
a. 2
b. 4
c. 8
d. 16
c. 8
Which routing protocol is not supported by a logical router?
a. Static
b. BGP
c. IS-IS
d. OSPFv2
c. IS-IS
Which routing protocol is not supported by an NSX Edge?
a. OSPFv2
b. BGP
c. IS-IS
d. OSPFv3
d. OSPFv3
After configuring a static route, how long would the Control VM retain it be- fore flushing it from the routing table?
a. 10 minutes
b. 24 hours
c. 72 hours
d. Permanently
d. Permanently
Which OSPF authentication mechanism does the logical router not support?
a. MD5
b. SHA
c. Cleartext
d. None
b. SHA
Which OSPF area is not supported by the NSX Edge if configured as an ABR?
a. Backbone area
b. Normal area
c. Stubby area
d. Not So Stubby area
c. Stubby area
An NSX Edge is configured as an ABR. The Edge has a non-backbone inter- face link in the same segment as a logical router. Which Link State Advertise- ment Type is not received by the logical router from the NSX Edge?
a. LSA Type 1
b. LSA Type 2
c. LSA Type 3
d. LSA Type 7
d. LSA Type 7
A Perimeter Edge is being configured to run iBGP with a logical router. What BGP Neighbor IP address should be configured in the Perimeter Edge for the BGP Peers to come up?
a. The IP of the Uplink interface in the Control VM.
b. The forwarding IP configured in the logical router.
c. The protocol IP configured in the Control VM.
d. The management IP of the logical router.
c. The protocol IP configured in the Control VM.
Which of the following commands can be used to check the BGP route table?
a. show ip route bgp
b. show ip bgp
c. show ip bgp route
d. debug ip bgp
b. show ip bgp
How many IS-IS areas can be configured in the NSX Edge?
a. 1
b. 2
c. 3
d. 10
c. 3
What OSPF metric type is assigned to routes redistributed into OSPF by a universal logical router?
a. Intra-Area
b. Inter-Area
c. External Type 1
d. External Type 2
d. External Type 2
