WAN

Question 1

connectionless WAN system

Answer 1

i.e. internets

carries full addressing info in each packet

Question 2

connection oriented WAN system

Answer 2

• predetermines packet’s route

- each packet only carries an identifier such as Data Link Connection Identifiers (DLCIs)

Question 3

metro ethernet

Answer 3

use IP aware ethernet switches in the service provider’s network cloud to offer converged voice, data, and video services at ethernet speeds

Question 4

3 classes of VPN protocols

Answer 4

carrier protocol-protocol over which info travels (frame-relay, ATM, MPLS)

encapsulation protocol-protocol that is wrapped around data (GRE, IPsec, L2F, PPTP, L2TP_

passenger protocol-protocol over which original data was carried (IPX, Appletalk, IPv4/6)

Question 5

HMAC

Answer 5

keyed hashed message authentication code

-data integrity algorithm used by VPNs

Question 6

VPN Authentication methods

Answer 6

PSK (pre-shared key) secret key is shared between 2 parties using secure channel

RSA signature: uses exchange of digital certificates

Question 7

4 IPsec squares administrators must fill

Answer 7

• IPsec protocol
• encryption algorithm
• authentication algorithm
• DH (diffie-hellman) group which handles key exchange

Question 8

CPE

Answer 8

Customer premises equipment, self explanatory

Question 9

Demarcation point

Answer 9

Where service providers responsibility ends and CPE begins

Question 10

Local loop

Answer 10

Connects demarc to central office

Question 11

Digital signal 0(DS0)

Answer 11

64 Kbps

Question 12

T1

Answer 12

DS1, containes 24 DS0 circuits, 1.544 Mbps

Question 13

E1

Answer 13

European equivalent of t1, 2.048 Mbps

Question 14

T3

Answer 14

DS3
28 DS1’s or 672 DS0’s
44.736 Mbps

Question 15

OC-3

Answer 15

Optical carrier 3
Fiber
3 DS3’s
155.52 Mbps

Question 16

OC-12

Answer 16

4 OC-3’s

622.08 Mbps

Question 17

OC-48

Answer 17

4 OC-12’s

2488.32 Mbps

Question 18

Frame relay

Answer 18

Packet switched

Question 19

ISDN

Answer 19

Integrated services digital network
Uses phone lines
Faster than pots

Question 20

HDLC

Answer 20

High-level data-link control

Data link protocol

Question 21

PPP

Answer 21

Point to point protocol
Uses link control protocol(lcp)
To manage data link connections

Network control protocol(ncp) is used to allow multiple upper layer protocols to be used

Question 22

PPPoE

Answer 22

Point to point protocol over ethernet

Question 23

LCP

Answer 23

Link control protocol

Method of establishing, configuring, and maintaining and terminating point to point connections

Question 24

NCP

Answer 24

Network control protocol

Method of establishing and configuring different network layer protocols for transport across the PPP link

Question 25

LCP configuration options

Answer 25

Authentication
Compression
Error detection
Multilink
PPP callback

Question 26

PPP session establishment steps

Answer 26

Link-establishment phase
Authentication phase(if used)
Network layer protocol phase

Question 27

Frame relay access rate

Answer 27

Maximum speed at which frame relay interface can transmit

Question 28

Frame relay CIR

Answer 28

Committed information rate

Max bandwidth of data guaranteed to be delivered

Question 29

Configure frame relay on Cisco router

Answer 29

Use encapsulation frame-relay command on serial interface

Question 30

DLCI

Answer 30

Data link connection identifiers

Identifies the virtual circuit in frame relay circuita

Question 31

Inverse ARP (IARP)

Answer 31

Maps a known DLCI to an IP address

Question 32

Commonly used frame relay show commands

Answer 32

Show frame-relay lmi, PVC, and map

Question 33

PVC status active

Answer 33

Switch is correctly programmed with the DLCI and there is a successful DTE-to-DTE circuit(router to router)

Question 34

PVC status inactive

Answer 34

Router is connected to the switch(DTE to DCE) but there’s not a connection to the far end router (DTE)

Can be a router or switch issue

Question 35

PVC status deleted

Answer 35

The router(DTE) is configured for a DLCI that the switch (DCE) does not recognize or is not configured correctly

Question 36

Troubleshooting frame relay

Answer 36

Check encapsulation type (Cisco or ietf) matches

Check frame relay mappings

Check to see if broadcasts need to be allowed (they aren’t on by default) for routing updates

Question 37

Layer 2 forwarding(L2F)

Answer 37

Cisco proprietary tunneling protocol

Old

Question 38

Point-to-point tunneling protocol(PPTP)

Answer 38

Created by Microsoft to allow secure transfer of data from remote networks to the corporate network

Question 39

Layer 2 tunneling protocol(L2TP)

Answer 39

Creates by Cisco and Microsoft to replace L2F and PPTP. Merged the capabilities of both L2F and PPTP into one protocol

Question 40

generic routing encapsulation(GRE)

Answer 40

Cisco proprietary tunneling protocol. Forms virtual point-to-point links, allowing a variety of protocols to be encapsulated in IP tunnels

Question 41

2 primary IPSec security protocols

Answer 41

Authentication header(ah)
Encapsulating security payload(ESP)

Question 42

4 services of ESP encapsulating security payload

Answer 42

Confidentiality
Data origin authentication and connection less integrity
Anti-replay service
Traffic flow

Question 43

Which interface provides clocking, DTE or DCE?

Answer 43

DCE

Question 44

command used to view physical information about serial interface, such as the type of cable connected

Answer 44

show controller interface #

Question 45

command to set serial encapsulation to HDLC

Answer 45

in interface configuration mode

encapsulation HDLC

Question 46

What are the 3 basic components of PPP

Answer 46

A method for encapsulating multiprotocol datagrams
An LCP for establishing, configuring, and testing the data-link connection
A family of NCP for establishing and configuring different network layer protocols

Question 47

command to set serial interface in PPP mode

Answer 47

encapsulation ppp

Question 48

What is PAP?

Answer 48

password authentication protocol

username and password sent in cleartext

Question 49

2 types of devices connected frame relay network

Answer 49

DTE - customer side

DCE - service providor side, provides clocking

Question 50

What does local access rate mean in Frame Relay parlance?

Answer 50

The connection speed from the local loop to the frame relay cloud

Question 51

What is a PVC?

Answer 51

permanent virtual circuit, for frame-relay

Question 52

What is an SVC?

Answer 52

switched virtual circuit, for frame-relay but most commonly used in X.25 circuits.

Question 53

What is a DLCI?

Answer 53

The DLCI contains a 10-bit number in the address field of the Frame Relay frame header that identifies the VC. DLCIs have only local significance because the identifier references the point between the local router and the local Frame Relay switch to which the DLCI is connected

Question 54

What is the frame relay CIR?

Answer 54

committed information rate

specifies the maximum average data rate that the network undertakes to deliver under normal conditions.

Question 55

What is inverse ARP?

Answer 55

used in frame relay to discover the network address of the remote DTE from the DLCI. maps DLCI to IP

Question 56

what is LMI in frame relay?

Answer 56

Local Management Interface. Set of enhancements to the basic Frame Relay specification. LMI includes support for a keepalive mechanism, which verifies that data is flowing; a multicast mechanism, which provides the network server with its local DLCI and the multicast DLCI; global addressing, which gives DLCIs global rather than local significance in Frame Relay networks; and a status mechanism, which provides an on-going status report on the DLCIs known to the switch. Known as LMT in ANSI terminology.

Question 57

formula to calculate the number of PVCs needed for a full mesh frame relay topology

Answer 57

The formula n x (n - 1) / 2 describes how to calculate the total number of links that are required to achieve a full-mesh topology, where n is the number of nodes. In a small network of 4 nodes, only 6 PVCs are required: 4 x (4 - 1) / 2 = 6.

Question 58

How to prevent spoke routers from becoming OSPF BDR over frame relay

Answer 58

configure the interface facing the hub with a priority of 0

Question 59

How to configure hub router interface to avoid split horizon issues?

Answer 59

use multiple point to point subinterfaces

Question 60

what number assignments are possible for DLCIs?

Answer 60

DLCI numbers 0 (zero) and 1023 are reserved for management.
DLCI numbers 1 to 15 and 1008 to 1022 are reserved for future use.
DLCI numbers 992 to 1007 are reserved for Layer 2 management of Frame Relay bearer service.
DLCI numbers 16 to 991 are assigned to customer endpoints in a Frame Relay network.

Question 61

what are the 3 LMI types?

Answer 61

Cisco
ANSI
Q.933A

Question 62

what are the 3 possible frame-relay VC statuses?

Answer 62

Active: Indicates that the VC connection is active and that routers can exchange data over the Frame Relay network
Inactive: Indicates that the local connection to the Frame Relay switch is working, but the remote router connection to the remote Frame Relay switch is not working
Deleted: Indicates that either no LMI is being received from the Frame Relay switch, or there is no service between the router and the local Frame Relay switch

Question 63

In what situations to you need to configure static frame-relay mappings

Answer 63

A Frame Relay peer does not support Inverse ARP.
You want to control broadcast traffic across a PVC.
You need to support different Frame Relay encapsulations across PVCs.

Question 64

how to configure point to point frame relay subinterfaces

Answer 64

To configure point-to-point Frame Relay subinterfaces, first enable Frame Relay encapsulation on the physical interface. Then create a point-to-point subinterface and assign an IP address, bandwidth, and DLCI to the subinterface

Question 65

command to bind DLCI to frame relay subinterface

Answer 65

frame-relay interface-dlci dlci#

Question 66

BR1(router)# interface Serial0/0/0
BR1(router-if)# no ip address
BR1(router-if)# encapsulation frame-relay
BR1(router-if)# no shutdown
BR1(router-if)# interface Serial0/0/0.210 point-to-point
BR1(router-subif)# ip address 10.1.1.2 255.255.255.252
BR1(router-subif)# bandwidth 256
BR1(router-subif)# frame-relay interface-dlci 210

Answer 66

BR1(router)# interface Serial0/0/0
BR1(router-if)# no ip address
BR1(router-if)# encapsulation frame-relay
BR1(router-if)# no shutdown
BR1(router-if)# interface Serial0/0/0.210 point-to-point
BR1(router-subif)# ip address 10.1.1.2 255.255.255.252
BR1(router-subif)# bandwidth 256
BR1(router-subif)# frame-relay interface-dlci 210

Question 67

process to configure multipoint frame relay subinterfaces

Answer 67

When configuring Frame Relay multipoint subinterfaces, first enable Frame Relay encapsulation on the physical interface. Then create a multipoint subinterface and assign an IP address and bandwidth. Create static mappings between IP addresses and DLCIs using the frame-relay map command.

Question 68

What is IPSEC?

Answer 68

a framework of open standards that can provide security for a VPN. The IPsec framework is algorithm-independent and is not bound to any specific encryption, authentication, security algorithms, or keying technology

Question 69

What are the 4 critical functions IPSEC provides?

Answer 69

confidentiality
data integrity
authentication
antireplay protection

Question 70

what protocol does IPSEC use to authenticate peers?

Answer 70

IKE (internet key exchange)

Question 71

What are the headers a tunnel interface supports?

Answer 71

A passenger protocol or encapsulated protocol such as IPv4 or IPv6. This protocol is the one that is being encapsulated.
A carrier or encapsulation protocol (GRE, in this case).
A transport delivery protocol, such as IP, which is the protocol that carries the encapsulated protocol.

Question 72

What is GRE?

Answer 72

Generic Routing Encapsulation. Tunneling protocol that was developed by Cisco and that can encapsulate a variety of protocol packet types inside IP tunnels. This process creates a virtual point-to-point link to Cisco routers at remote points over an IP network.

Question 73

steps necessary to configure a GRE tunnel

Answer 73

Branch(config)#interface Tunnel 0
Branch(config-if)#tunnel mode gre ip
Branch(config-if)#ip address 192.168.2.1 255.255.255.0
Branch(config-if)#tunnel source 209.165.201.1
Branch(config-if)#tunnel destination 209.165.202.130

Question 74

When adding a GRE tunnel to an OSPF routing process, what additional step is required?

Answer 74

set the bandwidth to ensure proper routing metrics

Question 75

Command to verify a GRE tunnel state

Answer 75

show interface tunnel tunnel#