Remote Site Connectivity Flashcards
Remote Site Connectivity overview MPLS VPN GRE DMVPN Multipoint GRE NHRP IPSEC
What is a valid design consideration for a hybrid VPN?
You might need to decrease the MTU size for frames on an interface
In a Layer 3 MPLS VPN, with what does a CE router form a relationship?
A PE in the MPLS network
You want to interconnect two remote sites with a VPN tunnel. The tunnel needs to support IP unicast, multicast, and broadcast traffic. Additionally, you need to encrypt traffic being sent over the tunnel. What VPN solution could meed the design requirements?
Use a GRE tunnel inside of an IPSEC tunnel
Identify technologies required for a DMVPN network
NHRP, IPSEC, mGRE
What are characteristics of multipoint GRE?
mGRE supports a wide variety of protocols, and a single mGRE interface can service multiple tunnels
Describe the operation of NHRP
The spoke routers are configured with the IP address of the hub router, the spoke routers then update the hub router with their IP address and query hub router for the physical interface IP address of other spoke routers (using the tunnel IP address for correlation).
Which IPSEC feature primarily performs encryption?
Confidentiality
The design requires that routers at remote sites appear as adjacent to one another, and they are interconnected over an MPLS network.
Use a Layer 2 MPLS VPN.
The design requires customer edge (CE) routers at each enterprise site to communicate over an MPLS network and to form neighborships with provider edge (PE) routers to which they connect.
Use a Layer 3 MPLS VPN.
The design requires that multicast, broadcast, and unicast IP traffic between sites be secured within a VPN.
Encapsulate the multicast, broadcast, and unicast IP traffic inside of a GRE tunnel, and then encapsulate the GRE packets inside of an IPsec tunnel.
The design requires that spokes in a hub-and-spoke VPN topology be able to dynamically form GRE tunnels between themselves.
Use Dynamic Multipoint VPN (DMVPN).
The design requires that a single GRE tunnel interface support multiple GRE tunnels.
Use multipoint GRE (mGRE).
The design requires that spoke routers in a hub- and-spoke VPN design be able to query the hub to determine the IP address of a physical interface corresponding to the far side of a tunnel.
Use NHRP.
The design requires that you provide confidentiality, data integrity, authentication, and antireplay protection for unicast traffic flowing over a VPN.
Use IPsec.
The plan requires that an MPLS VPN technology be used to interconnect remote sites. What broad categories of MPLS VPNs could you choose from? (Choose two.)
Layer 2 MPLS VPNs, Layer 3 MPLS VPNs