Remote Site Connectivity Flashcards

Remote Site Connectivity overview MPLS VPN GRE DMVPN Multipoint GRE NHRP IPSEC

1
Q

What is a valid design consideration for a hybrid VPN?

A

You might need to decrease the MTU size for frames on an interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In a Layer 3 MPLS VPN, with what does a CE router form a relationship?

A

A PE in the MPLS network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You want to interconnect two remote sites with a VPN tunnel. The tunnel needs to support IP unicast, multicast, and broadcast traffic. Additionally, you need to encrypt traffic being sent over the tunnel. What VPN solution could meed the design requirements?

A

Use a GRE tunnel inside of an IPSEC tunnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Identify technologies required for a DMVPN network

A

NHRP, IPSEC, mGRE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are characteristics of multipoint GRE?

A

mGRE supports a wide variety of protocols, and a single mGRE interface can service multiple tunnels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe the operation of NHRP

A

The spoke routers are configured with the IP address of the hub router, the spoke routers then update the hub router with their IP address and query hub router for the physical interface IP address of other spoke routers (using the tunnel IP address for correlation).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which IPSEC feature primarily performs encryption?

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The design requires that routers at remote sites appear as adjacent to one another, and they are interconnected over an MPLS network.

A

Use a Layer 2 MPLS VPN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The design requires customer edge (CE) routers at each enterprise site to communicate over an MPLS network and to form neighborships with provider edge (PE) routers to which they connect.

A

Use a Layer 3 MPLS VPN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The design requires that multicast, broadcast, and unicast IP traffic between sites be secured within a VPN.

A

Encapsulate the multicast, broadcast, and unicast IP traffic inside of a GRE tunnel, and then encapsulate the GRE packets inside of an IPsec tunnel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The design requires that spokes in a hub-and-spoke VPN topology be able to dynamically form GRE tunnels between themselves.

A

Use Dynamic Multipoint VPN (DMVPN).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The design requires that a single GRE tunnel interface support multiple GRE tunnels.

A

Use multipoint GRE (mGRE).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The design requires that spoke routers in a hub- and-spoke VPN design be able to query the hub to determine the IP address of a physical interface corresponding to the far side of a tunnel.

A

Use NHRP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The design requires that you provide confidentiality, data integrity, authentication, and antireplay protection for unicast traffic flowing over a VPN.

A

Use IPsec.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The plan requires that an MPLS VPN technology be used to interconnect remote sites. What broad categories of MPLS VPNs could you choose from? (Choose two.)

A

Layer 2 MPLS VPNs, Layer 3 MPLS VPNs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The plan mandates the use of a Layer 3 MPLS VPN. What routing protocol will the service provider probably use to propagate route information from a customer edge (CE) router at one site to a CE router at another site?

A

Multiprotocol BGP (MP-BGP)

17
Q

The plan calls for the use of a GRE tunnel. What protocols can you send over a GRE tunnel?

A

A GRE tunnel supports any Layer 3 protocol (including IP unicast, broadcast, and multicast traffic).

18
Q

The plan calls for the use of a Dynamic Multipoint VPN (DMVPN). What VPN technologies are required to support a DMVPN? (Choose three.)

A

Multipoint GRE (mGRE), Next Hop Resolution Protocol (NHRP), IPsec

19
Q

The plan requires a hub router in a hub-and-spoke topology to have four GRE tunnels out to remote sites. If you use mGRE, how many tunnel interfaces need to be configured on the hub router to support the four GRE tunnels?

A

One

20
Q

The plan calls for the use of NHRP in a hub-and- spoke VPN topology. What router, or routers, in the topology will hold the NHRP database?

A

The hub router

21
Q

The plan requires the use of IPsec. What are IPsec’s modes of operation? (Choose two.)

A

Transport Mode, Tunnel Mode

22
Q

Create a GRE virtual tunnel interface (in global configuration mode).

A

interface tunnel {id}

23
Q

Assign an IP address to a GRE tunnel (in interface configuration mode).

A

ip address {ip_address subnet_mask}

24
Q

Specify the source of a GRE tunnel (in interface configuration mode).

A

tunnel source {interface_id | ip_address}

25
Q

Specify the destination of a GRE tunnel (in interface configuration mode).

A

tunnel destination {ip_address}

26
Q

Verify the interface status and encapsulation of a GRE tunnel.

A

show interface tunnel {id}

27
Q

Verify that a router sees the far side of a GRE tunnel as a single hop away, even though multiple routers might need to be transited to reach the far side of the tunnel.

A

trace route {ip_address_of_far_side_of_

tunnel}