Professional Documents
Culture Documents
Following figure illustrates the architecture of a router with distributed forwarding capabilities.
In this architecture, each interface processor (or line card) has independent ability of forwarding packet.
A route processor is running one kind of routing protocol to build RIB which is shared by all interface processors.
On the other hand, following is another router architecture which is called centralized.
In this condition, the interface processors have no ability of forwarding packet. Instead, they forward the packet to the
centralized packet processor which forward the packet based on the RIB.
18. How trunking will work. Does trunk allows all vlans.
Note: The allowed VLAN list on both the ends of the trunk link should be the same.
By default a trunk link carries all the VLANs that exist on the switch. This is because all VLANs are active on a trunk link; and
as long as the VLAN is in the switch's local database, traffic for that VLAN is carried across the trunks. You can elect to
selectively remove and add VLANs from a trunk link
19. How native vlan works.
The terminology of trunk ports and native VLANs is non-standard. Annex D to the 1998 802.1Q standard uses the concept of
trunk links, but the current standard does not use the terms trunk or native.
Some vendors (most notably Cisco) use the concepts of a) trunk ports and b) native VLAN. The proprietary term native VLAN
is similar to the 802.1Q PVID (port VLAN identifier), which is used "to associate a VID with untagged and priority-tagged
received frames." A trunk port can refer a port that sends and receives tagged frames on all VLANs, except the native VLAN,
if one is configured. The term trunk may also be used to refer to a connection using link aggregation.
Frames belonging to the native VLAN do not carry VLAN tags when sent over the trunk. Conversely, if an untagged frame is
received on a trunk port, the frame is associated with the native VLAN configured on that port.
For example, if an 802.1Q port has VLANs 2, 3 and 4 assigned to it, with VLAN 2 being the native VLAN, frames on VLAN 2
that are sent from the aforementioned port are not given an 802.1Q header (i.e. they are plain Ethernet frames). Frames that
are received on that port and have no 802.1Q header are assigned to VLAN 2. Tagging of frames sent to or received from
VLANs 3 and 4 is the same as if no native VLAN had been configured all frames on those VLANs must carry tags to identify
their VLAN membership.
Note that unexpected results may occur if the native VLAN configuration is not the same on all sending and receiving ports
on a link. Continuing the above example, if VLAN 2 is not configured as the native VLAN on some other 802.1Q port, that port
will send tagged frames on VLAN 2. When the local port, on which VLAN 2 is configured as the native VLAN, receives these
unexpectedly tagged frames, it will still assign them to VLAN 2, but it will send only untagged frames for VLAN 2. On receipt,
the distant port will either associate the untagged frames with a different VLAN ID (the one locally configured as the native
VLAN) or it will discard the untagged frames if it has no native VLAN configured. (Symmetrically, this remote port will send
only untagged frames on its configured native VLAN, which will be associated with a different VLAN ID by the local port.)
20. If we configure access between two switches. Will it work ?
Yes, you can connect two switches with access ports, and you just need to say "switchport mode access" and "switchport
access vlan ID" on the ports that you would connect between the switches.
21. If one side of a switch has vlan 10 and other side is configured with vlan 20. Then how things will work?
We need to use inter vlan routing ie router on a stick concept.
22. What is advantage of having double tag
Segregate vlans of customer from each other.
23. What is advantage of having lacp
LACP is used to control the link in case of ether channel. LACP is dynamic.
24. What is Gratuitous ARP.
To detect duplicate ip address in a network, gratuitous arp is used.
Gratuitous ARP is a sort of "advance notification", it updates the ARP cache of other systems before they ask for it (no ARP
request) or to update outdated information.
When talking about gratuitous ARP, the packets are actually special ARP request packets, not ARP reply packets as one would
perhaps expect. Some reasons for this are explained in RFC 5227.
The gratuitous ARP packet has the following characteristics:
Both source and destination IP in the packet are the IP of the host issuing the gratuitous ARP
The destination MAC address is the broadcast MAC address (ff:ff:ff:ff:ff:ff)
This means the packet will be flooded to all ports on a switch
No reply is expected
Gratuitous ARP is used for some reasons:
Update ARP tables after a MAC address for an IP changes (failover, new NIC, etc.)
Update MAC address tables on L2 devices (switches) that a MAC address is now on a different port
Send gratuitous ARP when interface goes up to notify other hosts about new MAC/IP bindings in advance so that they don't
have to use ARP requests to find out
When a reply to a gratuitous ARP request is received you know that you have an IP address conflict in your network
25. Why MTU should be same in OSPF.
Otherwise neighbor relationship will stuck at exstart state.
26. Why show ip ospf neighbour shows 2way/DROTHER?
DR and BDR will only have full relation with other routers in segment but rest of the routers among themselves will have 2way relationship.
27. Is OSPF distance vector as well?
Inter area routing in ospf work exactly as distance vector
When multiple ABRs connect the NSSA to area 0, the ABR with the highest router-id is elected as the Type-7 to 5 translator,
and is responsible for re-originating the Type-5 LSA into area 0. This election process is an optimization of the OSPF database,
and relates to how the Type-7 NSSA External route uses the forward address field to ensure optimal routing.
44. Why does the show ip ospf neighbor Command Reveal Neighbors in the Init State?
The most likely reason that a local router is not listed in a neighbor's hello packets is that the neighbor has not received hello
packets from the local router. Possible reasons for this are:
Use the ping and traceroute commands to verify that links between routers are operational. If a ping between routers is not
successful, the link is not functioning properly and you need to be troubleshoot it. Refer to troubleshooting pages related to
Layer 2 technology you are using, such as ISDN, Ethernet, ATM, etc.
If there are any access lists defined on the neighbor's interface, the destination IP of 224.0.0.5 must be permitted in the input
access list.
OSPF hello packets have a destination address of 224.0.0.5 (the all ospf routers multicast address).
There might be a second layer or configuration problem affecting multicast packets from reaching the neighboring router. You
can test this with the ping command on the multicast address 224.0.0.5 and confirm that responses are received from the
neighboring router(s). In non-broadcast media such as Frame Relay, X.25, and ISDN, mapping is required between layer 2 and
the IP address. In case of static mapping (for example, the interface level frame-relay map ip 1.1.1.1 100 broadcast or dialer
map ip 1.1.1.1 broadcast name router1 55346 commands), you must configure the keyword broadcast to avoid encapsulation
failure every time OSPF tries to send the multicast hello packet. The debug ip packet detail command used with the access
list shows if there are any encapsulation failures.
Authentication is not enabled on both sides. The router on which authentication is not enabled still processes hello packets
from the neighbor and sees the neighbor in the init state. In order to correct this problem, enable authentication on both
sides.
45. Why Are Some OSPF Routes in the Database but Not in the Routing Table?
Reason 1: Network Type Mismatch
Reason 2: Wrong Address Assignment in Dual Serial Link Setup
Reason 3: One Side of Point-to-Point Link Included in Wrong Majornet or Subnet
Reason 4: One Side Is Unnumbered and the Other Side Is Numbered
Reason 5: Broken PVC in Fully Meshed Frame Relay Environment
Reason 6: Forwarding Address Known via an External Route
Reason 7: Distribute List Is Blocking the Routes
46. Why Are OSPF Neighbors Stuck in Exstart/Exchange State?
The problem occurs most frequently when attempting to run OSPF between a Cisco router and another vendor's router. The
problem occurs when the maximum transmission unit (MTU) settings for neighboring router interfaces don't match. If the
router with the higher MTU sends a packet larger that the MTU set on the neighboring router, the neighboring router ignores
the packet.
47. Why need of virtual-link ?
If there are multiples areas, it is not possible to connect each area to area0. Hence virtual link is used to connect every nonzero area to area 0
48. Why does OSPF require all traffic between non-backbone areas to pass through a backbone area (area 0)?
Comparing three fundamental concepts of link state protocols, concepts that even most OSPF beginners understand, easily
derives the answer to the question.
The first concept is this:
Every link state router floods information about itself, its links, and its neighbors to every other router. From this flooded
information each router builds an identical link state database. Each router then independently runs a shortest-path-first
calculation on its database a local calculation using distributed information to derive a shortest-path tree. This tree is a
sort of map of the shortest path to every other router.
One of the advantages of link state protocols is that the link state database provides a view of the entire network,
preventing most routing loops. This is in contrast to distance vector protocols, in which route information is passed hop-byhop through the network and a calculation is performed at each hop a distributed calculation using local information. Each
router along a route is dependent on the router before it to perform its calculations correctly and then correctly pass along
the results. When a router advertises the prefixes it learns to its neighbors its basically saying, I know how to reach these
destinations. And because each distance vector router knows only what its neighbors tell it, and has no view of the
network beyond the neighbors, the protocol is vulnerable to loops.
The second concept is this:
When link state domains grow large, the flooding and the resulting size of the link state database becomes a scaling problem.
The problem is remedied by breaking the routing domain into areas: That first concept is modified so that flooding occurs
only within the boundaries of an area, and the resulting link state database contains only information from the routers in the
area. This, in turn, means that each routers calculated shortest-path tree only describes the path to other routers within the
area.
The third concept is this:
OSPF areas are connected by one or more Area Border Routers (the other main link state protocol, IS-IS, connects areas
somewhat differently) which maintain a separate link state database and calculate a separate shortest-path tree for each of
their connected areas. So an ABR by definition is a member of two or more areas. It advertises the prefixes it learns in one
area to its other areas by flooding Type 3 LSAs into the areas that basically say, I know how to reach these destinations.
Wait a minute what that last concept described is not link state, its distance vector. The routers in an area cannot see
past the ABR, and rely on the ABR to correctly tell them what prefixes it can reach. The SPF calculation within an area derives
a shortest-path tree that depicts all prefixes beyond the ABR as leaf subnets connected to the ABR at some specified cost.
And that leads us to the answer to the question:
Because inter-area OSPF is distance vector, it is vulnerable to routing loops. It avoids loops by mandating a loop-free interarea topology, in which traffic from one area can only reach another area through area 0.
49. Passive interface behaviour in OSPF?
In OSPF the passive-interface has a similar behavior to EIGRP. The command suppresses hello packets and hence neighbor
relationships.
50. Difference between SPF and CSPF
Just as the names sound, SPF is an algorithm that calculates the shortest path through a network for destinations in the
network. CSPF does the same thing but it also considers constraints which the admin specifies e.g available bandwidth on the
interface. So, while SPF may take for example path R1-R2-R3-R4 to get to R4, CSPF can choose R1-R2-R7-R8-R9-R4 to get to
R4. This all depends on the constraints specified and its used in conjunction with RSVP for MPLS TE.
51. What are the BGP path selection criteria?
weight, local pref, self origin, AS path, origin, mED, external
52. What is the difference between always-compare-med and deterministic-med?
There are two BGP configuration commands that can influence the MED-based path selection, the bgp deterministic-med and
the bgp always-compare-med commands.
Enabling the bgp deterministic-med command ensures the comparison of the MED variable when choosing routes advertised
by different peers in the same autonomous system. Enabling the bgp always-compare-med command ensures the
comparison of the MED for paths from neighbors in different autonomous systems. The bgp always-compare-med command
is useful when multiple service providers or enterprises agree on a uniform policy for setting MED. Thus, for network X, if
Internet Service Provider A (ISP A) sets the MED to 10, and ISP B sets the MED to 20, both ISPs agree that ISP A has the better
performing path to X.
Note: The bgp deterministic-med and bgp always-compare-med commands are not enabled by default. Also, the two
commands are separate; enabling one does not automatically enable the other.
53. Does the route reflector change the next hop attribute of a reflected prefix?
By default, the next hop attribute is not changed when a prefix is reflected by route reflector. However, you can issue the
neighbor next-hop-self command in order to change the attribute of the next hop for prefixes reflected from an eBGP peer to
any route reflector client.
54. Why IGP in BGP?
Keep in mind these rules when using BGP with other IGP protocols:
BGP will not put routes that it cannot verify reachability for in the main IP routing table.
For routers to successfully use BGP routes, they must always have a route to the next-hop IP address in the main IP routing
table.
Unless otherwise configured, BGP stores only the best path to a destination network in the main IP routing table. However,
you can use the BGP maximum-paths command to configure more than one path.
BGP advertises only the best path to a destination network. You can control BGP path selection using BGP attributes, and you
can control the best path selection process using certain Cisco IOS Software BGP configuration commands.
BGP follows its own best path decision process to find the most efficient path; this path is stored in the main routing table.
BGP forms peer relationships only with explicitly configured peers, and only advertises networks that it was explicitly
configured to advertise.
BGP does not redistribute its routes into IGPs unless explicitly configured to do so.
BGP is an extremely customizable protocol; it can be as dynamic or static as it is configured to be. You can advertise and
control route policies in a number of different ways.
55. Difference between BGP synchronization and split-horizon rule.
BGP Split horizon:
This is for ibgp only and when you have more than 2 routers in ibgp you have to think about this, If only two routers you are
ok.
If a routes is learned by an ibgp neighbor that route will not be advertised to another ibgp neighbors
The solution is full mesh-- number of bgp =n(n-1)/2 where n is number of routers
But this leads to lots of configs so solution is either Route Reflector or confederation(sub AS within main AS)
Synchronization:
BGP routers try to synchronize between IGP table(show ip route bgp) and bgp table(show ip bgp)
In order for bgp route to be used and advertised, it must be learned by an IGP(another routing protocol rip/eigrp/ospf) etc
But if you run only bgp and if same routes are not advertised by IGP, you may want to turn off this automatic synchronization
between IGP table of BGP(show ip route bgp) and BGP table(show ip bgp) with (config-router)#no sync
Now in new IOS "no sync" is default.
56. What does r RIB-Failure mean in the show ip bgp command output
R1> show ip bgp
BGP table version is 5, local router ID is 200.200.200.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
Next Hop
Metric LocPrf Weight Path
r> 6.6.6.0/24
10.10.13.3
0 130
0 30 i
*> 7.7.7.0/24
10.10.13.3
0 125
0 30 i
A. When BGP tries to install the bestpath prefix into Routing Information Base (RIB) (for example, the IP Routing table), RIB
might reject the BGP route due to any of these reasons:
Route with better administrative distance already present in IGP. For example, if a static route already exists in IP Routing
table.
Memory failure.
The number of routes in VPN routing/forwarding (VRF) exceeds the route-limit configured under the VRF instance.
57. RIP rules for sending and receiving updates
Rules for sending update
- Check major network of outgoing interface Is it same?
No summarize and send update. 137.99.88.0/24 will get summarize
IP Unnumbered Exception : Router will send this network with subnet bit information in RIP update packet.
Yes - Check subnetmask is it same?
Yes Send the update. 131.108.5.0/24 will go now
- No Is it the host route with /32 mask?
- Yes Send it as host route with host bit set in update. 131.108.1.1/32 will be sent as update.
- No Drop the network 131.108.11.0/27 will be dropped here.
Rules for Receiving update
- Check Major Network is it the same as on source interface?
- Yes Is it the host route with /32 mask and host bit set on update packet?
- Yes Apply /32 mask and keep advertise the route to whole world. 131.108.1.1/32 will be installed in routing table
- No Apply the mask of incoming interface and install in routing table. 131.108.5.0/24 will be in routing table.
No is any subnet of recieved major network in any interface other than source interface.
- Yes Drop the route
- No Accept the route and apply the default mask. 137.99.0.0/16 route will be installed in the routing table.
IP Unnumbered Exception : RIP update packet should have the subnet bit information and link between the routers is
unnumbered.
58. why RIP does not support discontiguous network and VLSM
With discontiguous networks, you must use static routes to establish connectivity between the discontiguous subnetworks
59. Difference in RIPv1 and v2
Routing Information Protocol Version 1 (RIPv1)
RIPv1 is a Distance-Vector Routing protocol.
RIPv1 is a Classful routing protocol. Classful routing protocols support only the networks which are not subnetted. Classful
routing protocols do not send subnet mask information with their routing updates. In other words, if you have a subnetted
network in your RIPv1 routing domain, RIPv1 will announce that network to other as unsubnetted network.
RIPv1 does not support VLSM (Variable Length Subnet Masking).
RIPv1 support maximum metric (hop count) value of 15. Any router farther than 15 hops away is considered as unreachable.
RIPv1 send routing updates periodically every 30 seconds as broadcasts using destination IP address as limited broadcast IP
adddress 255.255.255.255. Since the updates are sent using the destination IP address of limited broadcast IP adddress
255.255.255.255, every router need to process the routing update messages (whether they are running RIPv1 or not).
RIPv1 does not support authentication of update messages (plain-text or MD5).
Routing Information Protocol Version 2 (RIPv2)
RIPv2 is a Hybrid Routing Protocol. A Hybrid Routing Protocol is basically a Distance-Vector protocol which some
characteristics of Link State routing protocols.
RIPv2 is classless routing, which allows us to use subnetted networks also. RIPv2 has the option for sending network mask in
the update to allow classless routing.
RIPv2 support VLSM (Variable Length Subnet Masking).
RIPv2 support maximum metric (hop count) value of 15. Any router farther than 15 hops away is considered as unreachable.
RIPv2 supports triggered updates.
RIPv2 routing updates are sent as Multicast traffic at destination multicast address of 224.0.0.9. Multicast updates reduce the
network traffic. The Multicast routing updates also helps in reducing routing update message processing overhead in routers
which are not running RIPv2. Only the routers running RIPv2 join to the multicast group 224.0.0.9. Other routers which are not
running RIPv2 can simply filter the routing update packet at Layer 2.
RIPv2 support authentication of RIPv2 update messages (plain-text or MD5). Authentication helps in confirming that the
updates are coming from authorized sources.
60. Why was the metric chosen as 16? Why not 17&18? in RIP
sum of all timers is equal is 15. update+ invalid + flush timer = 30:180:240
61. How checksum is calculated in IP Header?
Take the following truncated excerpt of an IPv4 packet. The header is shown in bold and the checksum is underlined.
4500 0073 0000 4000 4011 b861(cksum) c0a8 0001
c0a8 00c7 0035 e97c 005f 279f 1e4b 8180
To calculate the checksum, we can first calculate the sum of each 16 bit value within the header, skipping only the checksum
field itself. Note that the values are in hexadecimal notation.
4500 + 0073 + 0000 + 4000 + 4011 + c0a8 + 0001 + c0a8 + 00c7 = 2479C (equivalent to 149,404 in decimal)
Next, we convert the value 2479C to binary:
0010 0100 0111 1001 1100
The first 4 bits are the carry and will be added to the rest of the value:
0010 + 0100 0111 1001 1100 = 0100 0111 1001 1110
Next, we flip every bit in that value, to obtain the checksum:
0100 0111 1001 1110 becomes:
1011 1000 0110 0001
This is equal to B861 in hexadecimal, as shown underlined in the original IP packet header.
62. Content of TCP and IP header?
The fields in the IP header and their descriptions are:
Version - A 4-bit field that identifies the IP version being used. The current version is 4, and this version is referred to as IPv4.
HLengthA 4-bit field containing the length of the IP header in 32-bit increments. The minimum length of an IP header is 20
bytes, or five 32-bit increments. The maximum length of an IP header is 24 bytes, or six 32-bit increments. Therefore, the
header length field should contain either 5 or 6.
Differentiated Services Code Point (DSCP)A 6-bit field used to identify the level of service a packet receives in the network.
DSCP is a 3-bit expansion of IP precedence with the elimination of the ToS bits.
Total LengthSpecifies the length of the IP packet that includes the IP header and the user data. The length field is 2 bytes,
so the maximum size of an IP packet is 2^16 1 or 65,535 bytes.
Identifier, Flags, and Fragment OffsetAs an IP packet moves through the Internet, it might need to cross a route that cannot
handle the size of the packet. The packet will be divided, or fragmented, into smaller packets and reassembled later. These
fields are used to fragment and reassemble packets.
Time to Live (TTL)It is possible for an IP packet to roam aimlessly around the Internet. If there is a routing problem or a
routing loop, then you don't want packets to be forwarded forever. A routing loop is when a packet is continually routed
through the same routers over and over. The TTL field is initially set to a number and decremented by every router that is
passed through. When TTL reaches 0 the packet is discarded.
ProtocolIn the layered protocol model, the layer that determines which application the data is from or which application the
data is for is indicated using the Protocol field. This field does not identify the application, but identifies a protocol that sits
above the IP layer that is used for application identification.
Header ChecksumA value calculated based on the contents of the IP header. Used to determine if any errors have been
introduced during transmission.
Source IP Address32-bit IP address of the sender.
Destination IP Address32-bit IP address of the intended recipient.
Options and PaddingA field that varies in length from 0 to a multiple of 32-bits. If the option values are not a multiple of 32bits, 0s are added or padded to ensure this field contains a multiple of 32 bits.
TCP Header Format
Source port (16 bits)
identifies the sending port
Destination port (16 bits)
identifies the receiving port
Sequence number (32 bits)
has a dual role:
If the SYN flag is set (1), then this is the initial sequence number. The sequence number of the actual first data byte and the
acknowledged number in the corresponding ACK are then this sequence number plus 1.
If the SYN flag is clear (0), then this is the accumulated sequence number of the first data byte of this segment for the current
session.
Acknowledgment number (32 bits)
if the ACK flag is set then the value of this field is the next sequence number that the receiver is expecting. This
acknowledges receipt of all prior bytes (if any). The first ACK sent by each end acknowledges the other end's initial sequence
number itself, but no data.
Data offset (4 bits)
specifies the size of the TCP header in 32-bit words. The minimum size header is 5 words and the maximum is 15 words thus
giving the minimum size of 20 bytes and maximum of 60 bytes, allowing for up to 40 bytes of options in the header. This field
gets its name from the fact that it is also the offset from the start of the TCP segment to the actual data.
Reserved (3 bits)
for future use and should be set to zero
Flags (9 bits) (aka Control bits)
contains 9 1-bit flags
NS (1 bit) ECN-nonce concealment protection (added to header by RFC 3540).
CWR (1 bit) Congestion Window Reduced (CWR) flag is set by the sending host to indicate that it received a TCP segment
with the ECE flag set and had responded in congestion control mechanism (added to header by RFC 3168).
ECE (1 bit) ECN-Echo has a dual role, depending on the value of the SYN flag. It indicates:
If the SYN flag is set (1), that the TCP peer is ECN capable.
If the SYN flag is clear (0), that a packet with Congestion Experienced flag in IP header set is received during normal
transmission (added to header by RFC 3168).
URG (1 bit) indicates that the Urgent pointer field is significant
ACK (1 bit) indicates that the Acknowledgment field is significant. All packets after the initial SYN packet sent by the client
should have this flag set.
PSH (1 bit) Push function. Asks to push the buffered data to the receiving application.
RST (1 bit) Reset the connection
SYN (1 bit) Synchronize sequence numbers. Only the first packet sent from each end should have this flag set. Some other
flags and fields change meaning based on this flag, and some are only valid for when it is set, and others when it is clear.
FIN (1 bit) No more data from sender
Window size (16 bits)
the size of the receive window, which specifies the number of window size units (by default, bytes) (beyond the sequence
number in the acknowledgment field) that the sender of this segment is currently willing to receive (see Flow control and
Window Scaling)
Checksum (16 bits)
The 16-bit checksum field is used for error-checking of the header and data
Urgent pointer (16 bits)
if the URG flag is set, then this 16-bit field is an offset from the sequence number indicating the last urgent data byte
Options (Variable 0320 bits, divisible by 32)
63. How tcp 3 way handshake works and TCP connection termination as well?
Connection establishment:
To establish a connection, TCP uses a three-way handshake. Before a client attempts to connect with a server, the server
must first bind to and listen at a port to open it up for connections: this is called a passive open. Once the passive open is
established, a client may initiate an active open. To establish a connection, the three-way (or 3-step) handshake occurs:
SYN: The active open is performed by the client sending a SYN to the server. The client sets the segment's sequence number
to a random value A.
SYN-ACK: In response, the server replies with a SYN-ACK. The acknowledgment number is set to one more than the received
sequence number i.e. A+1, and the sequence number that the server chooses for the packet is another random number, B.
ACK: Finally, the client sends an ACK back to the server. The sequence number is set to the received acknowledgement value
i.e. A+1, and the acknowledgement number is set to one more than the received sequence number i.e. B+1.
At this point, both the client and server have received an acknowledgment of the connection. The steps 1, 2 establish the
connection parameter (sequence number) for one direction and it is acknowledged. The steps 2, 3 establish the connection
parameter (sequence number) for the other direction and it is acknowledged. With these, a full-duplex communication is
established.
Connection termination:
The connection termination phase uses a four-way handshake, with each side of the connection terminating independently.
When an endpoint wishes to stop its half of the connection, it transmits a FIN packet, which the other end acknowledges with
an ACK. Therefore, a typical tear-down requires a pair of FIN and ACK segments from each TCP endpoint. After both FIN/ACK
exchanges are concluded, the side that sent the first FIN before receiving one waits for a timeout before finally closing the
connection, during which time the local port is unavailable for new connections; this prevents confusion due to delayed
packets being delivered during subsequent connections.
A connection can be "half-open", in which case one side has terminated its end, but the other has not. The side that has
terminated can no longer send any data into the connection, but the other side can. The terminating side should continue
reading the data until the other side terminates as well.
It is also possible to terminate the connection by a 3-way handshake, when host A sends a FIN and host B replies with a FIN &
ACK (merely combines 2 steps into one) and host A replies with an ACK.[13] This is perhaps the most common method.
It is possible for both hosts to send FINs simultaneously then both just have to ACK. This could possibly be considered a 2-way
handshake since the FIN/ACK sequence is done in parallel for both directions.
Some host TCP stacks may implement a half-duplex close sequence, as Linux or HP-UX do. If such a host actively closes a
connection but still has not read all the incoming data the stack already received from the link, this host sends a RST instead
of a FIN (Section 4.2.2.13 in RFC 1122). This allows a TCP application to be sure the remote application has read all the data
the former sentwaiting the FIN from the remote side, when it actively closes the connection. But the remote TCP stack
cannot distinguish between a Connection Aborting RST and Data Loss RST. Both cause the remote stack to lose all the data
received.
64. Which device does reassembly and why
Always end device will do reassembly. Reason is buffer issue and all fragments packets should pass through same router.
65. What is gratuitous ARP.
http://wiki.wireshark.org/Gratuitous_ARP
Gratuitous ARP
Gratuitous ARP could mean both gratuitous ARP request or gratuitous ARP reply. Gratuitous in this case means a request/reply
that is not normally needed according to the ARP specification (RFC 826) but could be used in some cases. A gratuitous ARP
request is an AddressResolutionProtocol request packet where the source and destination IP are both set to the IP of the
machine issuing the packet and the destination MAC is the broadcast address ff:ff:ff:ff:ff:ff. Ordinarily, no reply packet will
occur. A gratuitous ARP reply is a reply to which no request has been made.
Gratuitous ARPs are useful for four reasons:
They can help detect IP conflicts. When a machine receives an ARP request containing a source IP that matches its own, then
it knows there is an IP conflict.
They assist in the updating of other machines' ARP tables. Clustering solutions utilize this when they move an IP from one NIC
to another, or from one machine to another. Other machines maintain an ARP table that contains the MAC associated with an
IP. When the cluster needs to move the IP to a different NIC, be it on the same machine or a different one, it reconfigures the
NICs appropriately then broadcasts a gratuitous ARP reply to inform the neighboring machines about the change in MAC for
the IP. Machines receiving the ARP packet then update their ARP tables with the new MAC.
They inform switches of the MAC address of the machine on a given switch port, so that the switch knows that it should
transmit packets sent to that MAC address on that switch port.
Every time an IP interface or link goes up, the driver for that interface will typically send a gratuitous ARP to preload the ARP
tables of all other local hosts. Thus, a gratuitous ARP will tell us that that host just has had a link up event, such as a link
bounce, a machine just being rebooted or the user/sysadmin on that host just configuring the interface up. If we see multiple
gratuitous ARPs from the same host frequently, it can be an indication of bad Ethernet hardware/cabling resulting in frequent
link bounces.
In iBGP, the routes learnt from one iBGP neighbor are not advertised to another iBGP neighbor due to the BGP Split Horizon
Rule. To overcome the issues generated by this rule, one option is to have a full mesh of iBGP routers, where each iBGP router
is peering directly with all other iBGP routers in the AS. The solution is feasible if you have a small number of iBGP routers,
but it will not scale if you need a large number of iBGP speaking routers in the AS.
The number of iBGP Sessions needed in an AS for Full mesh IBGP are calculated with the formula N(N-1)/2.
So assuming you have 10 iBGP routers then the number of iBGP peering sessions would be 10(10-1)/2 = 45 iBGP Sessions to
manage within the AS. Thats a lot of configuration and a lot of room for errors and may become difficult to troubleshoot.
There are 2 alternatives to creating a Full Mesh iBGP Routing, which are
1. Route Reflectors
2. Confederations
## Rule of Synchronization:
For A Route to be learnt from an IBGP neighbor, it must first be known via an IGP. Any route learnt from IBGP is entered into
the routing table only if that route is first learnt by an IGP
Note: In some case Synchronization is not practical and this rule can be turned off by command: No Synchronization.
Synchronization requires that before a route is learnt from an IBGP neighbor and entered into Routing table and advertised to
other BGP peers, the route must first be learnt via IGP.
In this example, RTR-A and RTR-C have formed a BGP Peering, and the TCP session passes through RTR-B. There is no physical
connectivity between RTR-A and RTR-C but a logical connection exists. If Synchronization is turned on, then it is important to
note that the routes advertised by RTR-A will appear in the RTR-Cs Routing table only if these routes exist in the IGP. The
same applies for RTR-A, the routes advertised by RTR-C will not appear in the RTR-As Routing table if these routes are not
being learnt by the IGP first.
RTR-B is directly connected to Both RTR-A and RTR-C and is learning the routes from both of them. RTR-B still cannot
advertise the routes learnt from RTR-A to RTR-C and the routes learnt from RTR-C to RTR-A because there is either no IGP
running or these routes are not in IGP, and since both RTR-A and RTR-C are not directly connected they have to cross through
RTR-B. Since there is no entry in IGP for these routes RTR-B cannot advertise these routes -as per the rule of synchronization.
If the routes advertised by RTR-A and RTR-C are being learnt by an IGP then both RTR-A and RTR-C will learn each others BGP
routes in their BGP and routing tables.
There are two workarounds for these situations.
1. Not all routes can be redistributed into IGP (Since the Internet Routing table is very large and IGP cannot scale to it) then
have all the IBGP routers fully meshed and then turn off the Synchronization rule with no synchronization command.
2. Redistribute all external routes into IGP. Not a feasible solution as IGP will not scale to hold all the internet routes.
70. How link between etherchannel works? What happens when one of the link goes down?
Described in another question.
71. switch --- Router --- switch
Is communication between two switches happens ? Is this a valid scenario?
This is not a valid scenario. Since both switches are in different broadcast domains.
72. Can we have multiple area os in a network.
No we cant have multiple area 0s. Always we have one area 0 ie backbone area. This is used to avoid looping in ospf while
interacting between areas.
73. Why netconf is used instead of SNMP?
SNMP is too limited to be useful for exchanging configuration data. SNMP is stateless. Therefore cannot handle multi-stage
data transactions. Not able to backup/restore elements one SNMP sets a variable there is no recovery action. Therefore,
setting multiple SNMP variable is risky and difficult. Because of this, very few applications perform SNMP writes.
74. How SNMP operates. How data transfer between manager and agent happens?
Understanding the Management Information Base (MIB)
When an SNMP manager requests information from an SNMP agent, the SNMP agent retrieves the current value of the
requested information from the Management Information Base (MIB). The MIB defines the managed objects that an SNMP
manager monitors (or sometimes configures) on an SNMP agent.
Each system in a network (workstation, server, router, bridge, and so forth) maintains a MIB that reflects the status of the
managed resources on that system, such as the version of the software running on the device, the IP address assigned to a
port or interface, the amount of free hard drive space, or the number of open files. The MIB does not contain static data, but
is instead an object-oriented, dynamic database that provides a logical collection of managed object definitions. The MIB
defines the data type of each managed object and describes the object.
http://technet.microsoft.com/en-us/library/cc783142(v=ws.10).aspx
75. How switch operates? Concept on port based, mac address and normal mac address? How unicast and broad
cast happens in these cases?
An Ethernet switch is mainly used to forward packets at the data link layer, that is, transmit the packets to the corresponding
ports according to the destination MAC address of the packets. To forward packets quickly, a switch maintains a MAC address
table, which is a Layer 2 address table recording the MAC address-to-forwarding port association. Each entry in a MAC
address table contains the following fields:
Destination MAC address
All OSPF routers synchronize their link state databases (LSDB) and then run the shortest path first (SPF) algorithm (all the
routers have the very same topology information but set themself as root of the tree), so the calculations result in loop-free
shortest paths to the destinations. This is a key property of link-state routing protocols.
OSPF is link state protocol, Router exchange routing information through LSA in OSPF domain.
When any change occures in network, LSA exchange happens.LSA have sequence number starting with 0x80000001 and
it increament by one.
Whenever network changes happen routers update LSA to other routers and router checks the sequence number if it is older
one it ignore the LSA.
If it is new one it sent to LSDB.
79. What is default route?
Also known as the gateway of last resort, a default route is a special type of static route with an all-zeros network and
network mask. The default route is used to route any packets to a network that a router does not directly know about to a
next-hop router. By default, if a router receives a packet to a destination network that is not in its routing table, it drops the
packet. When a default route is specified, the router does not drop the packet. Instead, it forwards the packet to the IP
address specified in the default route.
80. What is the major difference between BGP and IGP route summarization?
When a summary address is created with an IGP (EIGRP, OSPF, and IS-IS), the specific routes of the summary are not
advertised. BGP advertises the summary, and all the specific routes of the summary unless they are specifically suppressed.
81. Why does IBGP require a full mesh?
BGP uses the AS _PATH attribute for loop detection. If a router sees its own AS number in a BGP advertisement, the
advertisement is dropped. IBGP routers have the same AS number so the AS number cannot be used for loop detection. IBGP
neighbors will not advertise prefixes learned from one IBGP neighbor to another IBGP neighbor; therefore, a full mesh is
required.
82. How many OSPF databases are on an OSPF router?
The number of OSPF databases on a router is equal to the number of OSPF areas configured on the router.
83. How does OSPF determine an inter area shortest path?
First, calculate the shortest path to an ABR.
Second, calculate the shortest path across area 0 to an ABR that is attached to the destination area.
Third, calculate the shortest path across the destination area from the ABR to the destination network.
84. Why are intra-area summary routes not allowed?
OSPF databases on routers in the same area must be identical. If route summarization was allowed within an area, some
routers would have specific routes and some routers would have summary routes for routers in the area. If this were allowed,
the databases for the area would never agree.
85. Can I run two BGP process on single router?
No, You cannot run two BGP process on a Single Router. But this is possible in case of ospf . In ospf we can enable two
processes on two separate interfaces. Doing so we can segregate the routes between two interfaces and we will have two
separate databases and separate ospf processes dont share betweem themselves unless redistribution is used.
86. Default BGP timers?
There are two primary timers in BGP. The first is the Hold Down timer, the other is the Keepalive Interval.
The Hold Down Timer indicates how long a router will wait between hearing messages from it's neighbor. The Hold Down
Timer defaults to 180 seconds on a Cisco router, but can be reconfigured.
cisco default setting: 60 seconds
To be certain that a BGP session stays up and functional, Keepalive messages are exchanged. The Keepalive Interval counts
down to zero and then sends out another Keepalive. There is no timer for route updates, as updates happen dynamically on
an incremental basis.
87. What is recursive lookup in BGP and how it works?
The router looks up the BGP route and the BGP next hop to reach a destination in the remote AS. Then the router looks up the
route to reach the BGP next hop using the IGP.
88. What is an IP Helper address feature and why is it required in a DHCP environment
DHCP Discover packets are broadcast packets. This means that a DHCP Discover packet which is sent from the client would
not reach the DHCP Server , if the server resides on a different network. This is because, routers are required for
communication between different networks and routers do not forward broadcast packets. The IP Helper address feature is
configured on the router. The feature informs the router the DHCP Servers IP address for the network. So, when the router
receives the DHCP Discover packet, it would convert it from broadcast to unicast packet and then send it to the DHCP Server.
89. What is a DHCP Scope and why is it required
A scope includes information like IP address ranges, Subnet Masks, gateway address, DNS Server etc. This required so that
clients would require the necessary information from the server.
90. How would you troubleshoot DHCP server related issues.
Check the IP connectivity with the DHCP server from a system configured on the network. Test if the DHCP client and server
service is started on the DHCP server and the client. Test if the DHCP server service is reachable using nmap.
91. What is difference in L2 and L3 Switch
L2 switch is mac address based whereas L3 switch is based on logical address.
Creating vlans in L2 switch and communicating between vlans is not possible. Communication between vlans is possible in L3
Switch.
With L3 switch we can connect to WAN link but it is not possible with L2 switch.
92. Changing the reference bandwidth for the cost on OSPF interfaces
Each interface on which OSPF is enabled has a cost associated with it. The device advertises its interfaces and their costs to
OSPF neighbors. For example, if an interface has an OSPF cost of ten, the device advertises the interface with a cost of ten to
other OSPF routers.
By default, an interfaces OSPF cost is based on the port speed of the interface. The cost is calculated by dividing the
reference bandwidth by the port speed. The default reference bandwidth is 100 Mbps, which results in the following default
costs:
10 Mbps port - 10
All other port speeds - 1
You can change the reference bandwidth, to change the costs calculated by the software.
The software uses the following formula to calculate the cost:
Cost = reference-bandwidth/interface-speed
If the resulting cost is less than 1, the software rounds the cost up to 1. The default reference bandwidth results in the
following costs:
10 Mbps ports cost = 100/10 = 10
100 Mbps ports cost = 100/100 = 1
1000 Mbps ports cost = 100/1000 = 0.10, which is rounded up to 1
10 Gbps ports cost = 100/10000 = 0.01, which is rounded up to 1
The bandwidth for interfaces that consist of more than one physical port is calculated as follows:
LAG group - The combined bandwidth of all the ports.
Virtual interface - The combined bandwidth of all the ports in the port-based VLAN that contains the virtual interface.
The default reference bandwidth is 100 Mbps. You can change the reference bandwidth to a value from 1 - 4294967.
If a change to the reference bandwidth results in a cost change to an interface, the device sends a link-state update to
update the costs of interfaces advertised by the device.
NOTE: If you specify the cost for an individual interface, the cost you specify overrides the cost calculated by the software.
93. Why the forwarding address is set to 0.0.0.0 instead of 110.100.1.1?
The forwarding address is set to 0.0.0.0 if the ASBR redistributes routes and OSPF is not enabled on the next hop interface for
those routes.
These conditions set the forwarding address field to a non-zero address:
OSPF is enabled on the ASBRs next hop interface AND
ASBRs next hop interface is non-passive under OSPF AND
ASBRs next hop interface is not point-to-point AND
ASBRs next hop interface is not point-to-multipoint AND
ASBRs next hop interface address falls under the network range specified in the router ospf command.
94. Which two options are advantages of NetFlow version 9 over NetFlow version 5?
NetFlow version 9 adds support for IPv6 headers.
NetFlow version 9 adds support for MPLS labels.
94. what is Etherchannel?
EtherChannel is a term used to describe bundling or aggregating 2-8 parallel links. EtherChannel provides a level of link
redundancy. If one link in the bundle fails, traffic sent through that link is automatically moved to an adjacent link in the
bundle.
Normally multiple links between switches creates the potential for bridging loops, but because an EtherChannel bundle is
treated as a single logical link by both switches, it avoids the problem.
Spanning Tree sees the bundle as a single link so individual ports will not be placed in a blocked STP state, allowing greater
bandwidth utilization. If there are two redundant EtherChannel bundles, one entire EtherChannel will be blocked by STP to
prevent a loop.
Any changes made to an interface after the EtherChannel has been created will be automatically make the same change to
all other ports in that bundle. Also bundles cannot form if any of the assigned ports are SPAN ports.
EtherChannel links can be either access or trunk links, but if they are trunked (usually the case), they require the following be
the same on all connected interfaces:
VLANs
Trunking Mode
Native VLAN
Speed
Duplex
95. What are the Etherchannel link negotiation protocols?
EtherChannel link negotiation protocols
PAgP (Port Aggregation Protocol)
Cisco proprietary
Forms EtherChannel only if ports are configured for identical static VLANs or trunking
Will automatically modify interface parameters on all ports of the bundle if the EtherChannel interface is changed
STP sends packets over only one physical link in a PAgP bundle. Because STPs algorithm uses the lowest port priority (priority
+ port ID), if defaults are set, STP will always use the lowest number port for BPDUs.
LACP (Link Aggregation Control Protocol)
An open standard to PAgP
IEEE 802.3ad
LAG is a process of inter-connecting two switches with two or more links between them (or between a switch and a server), so
that multiple links are combined into one bigger virtual link that can carry a higher (combined) bandwidth. All these multiple
links participating in a Link Aggregation Group act like a single large (virtual) link.
LAG is also used for increasing link reliability. Since multiple links connect two devices, even if one fails the other links keep
carrying the information and the traffic on the failed link is also transferred to them. That way, loss of a single link between
two switches doesnt stop the communication between them. Multiple links participating in a LAG can also load-balance the
traffic between them so that traffic is evenly distributed.
The number of links that can combine to form a larger link between two devices is generally restricted by the hardware
vendor. LAG is a static protocol and needs to be configured individually for each pair of physical ports. LAG is a standard.
LACP Link Aggregation Control Protocol
LACP is similar to LAG, where multiple ports/links between two switches combine to provide higher bandwidth links between
them. Additionally, ports that are LACP enabled can automatically configure themselves into trunk groups, without any
manual configuration/intervention.
The main purpose of LACP is to automatically add/delete individual links to the aggregate bundle, while adding new links and
also after recovering from link failures. LACP can monitor to verify if all the links are connected to the right group. Basically,
LACP helps automate the configuration and maintenance of LAGs.
LACP is a dynamic protocol. It is sufficient if multiple ports on various devices are LACP enabled, once. LACP is a standard and
hence LACP can be implemented between multi-vendor switches. LACP should be enabled on the trunk ports initially in order
for both the participating switches/devices that support the standard, to use it. If there are more links (between two devices)
than what is supported by the vendor for LACP, the additional links are placed in stand-by mode and activated automatically
when a link fails.
LACP, otherwise known as IEEE 802.1ax Link Aggregation Control Protocol, is simply a way to dynamically build an
EtherChannel. Essentially, the active end of the LACP group sends out special frames advertising the ability and desire to
form an EtherChannel. Its possible, and quite common, that both ends are set to an active state (versus a passive state).
Additionally, LACP only supports full duplex links (which isnt a concern for gigabit or faster links). Once these frames are
exchanged, and if the ports on both side agree that they support the requirements, LACP will form an EtherChannel.
http://www.thomas-krenn.com/en/wiki/Link_Aggregation_and_LACP_basics
99. What are limitations of SNMP?
While SNMP provides good network management at the macro level, it does not provide many network details required to
solve many network issues. Since it needs to manage multiple devices manufactured by different vendors, the parameters
that SNMP can manage are quite limited, based on the standards defined. But network devices are always very different from
each other. Some are really complex. So, customization for management of particular elements cannot be defined by the
user.
100. What happens when one computer (C1) wants to communicate with another computer (C2) in a LAN
segment?
When it comes to the Layer 2 communications between networked systems, IP address is not used. So, within a LAN segment
computers identify each other and communicate with each other using the MAC Address. So, when Computer (C1) gets the
target IP address of the Computer (C2) it wants to communicate with,
It first looks at its own ARP cache (which is a table that contains the IP addresses and their corresponding MAC addresses for
computers/ systems within a network) to see if it already has the MAC address for the computer (C2), it wants to
communicate with.
If the MAC address of C2 is present in its ARP cache table, it can then append the message with the corresponding MAC
address and send it over the network (cable, switch).
If the MAC address of C2 is not present in its ARP cache table, C1 will broadcast an ARP request message to all the computers
/ systems in the network indicating that it wants the MAC address for the IP address in its possession.
This ARP request is received by all the systems in the network, but only the computer with the target IP address (C2)
responds to C1 with an ARP reply message, indicating its MAC address.
Now since C1 has both IP address and MAC address of C2, it will communicate with C2 using this information. In the process,
both C1 and C2 update their ARP cache tables with the newly acquired information so that the next time the ARP broadcast
message can be avoided.
What is ARP (Address Resolution Protocol)?
As you see in the above example, an ARP Address Resolution Protocol is used to translate an IP address into MAC address.
There are two type of ARP messages ARP request that is broadcast to all the systems in a LAN segment and the ARP reply
that is unicast to the requesting station alone. ARP messages contain source and destination IP addresses & MAC addresses
(if available), among other information.
The Address Resolution Protocol is used within a single LAN segment and cannot be routed across a different network. A
Gratuitous ARP message is broadcast to all the systems of a LAN segment when a system is just starting up or when the IP
address/ MAC address of system has changed. This enables the computers in a LAN to update their ARP cache tables
appropriately. This message does not solicit a response.
In IPv6, there is a protocol called Neighbor Discovery Protocol (NDP) that does the same function as the ARP in IPv4.
101. What is an ARP Cache / Cache Table?
Since computers cannot send broadcast messages every time they need to connect with another network device, they store
the IP addresses and the corresponding MAC addresses of systems they frequently communicate with, in a table called ARP
Cache table. All the systems in the LAN maintain this table. The entries in the ARP cache table are generally short lived and
are updated every 15-20 minutes.
Since a LAN segment consists of a number of computing devices, some individual ARP table entries are removed if the
system doesnt communicate with certain devices for considerable amount of time. This is done mainly to limit the size of
ARP cache.
102. What is ARP Poisoning?
The Address Resolution Protocol itself doesnt come with any authentication / protection mechanism. So, ARP requests or/and
replies can be forged by malicious systems under the control of hackers. If a forged ARP request/ reply is used to update the
ARP cache of another system, the process is called ARP poisoning. This is mainly done to redirect network traffic for malicious
purposes.
103. What is ARP broadcast storm?
The ARP traffic on a network can be around 10% of the network traffic during normal times and up to 85% of the network
traffic during abnormal network conditions caused by ARP broadcast storm. Basically, ARP requests are broadcast multiple
times or to multiple systems (sometimes more than thousand requests within a second) during an ARP broadcast storm
thereby taking up a lot of network bandwidth and thereby making normal network communications difficult.
This can happen due to a lot of reasons and some of them are given below:
ARP request for a non existent host triggers a series of ARP messages within a short interval of time. Its only eventually that
ARP gives up.
Virus/ malware in a system can generate a lot of ARP broadcast messages in order to create a DOS type of network attack.
If there are loops within the network that are not prevented by using protocols like STP/ RSTP, ARP requests would be looped
back and fourth between switches creating an ARP broadcast storm.
Incorrect router configuration, Network Interface Card/ Network Switch malfunction can also create ARP broadcast storms.
A large unsegmented network is especially susceptible to excessive ARP broadcasts/ broadcast storms and hence it is always
a good practice to sub-divide a large network into various segments (using VLANs etc) and enable Inter-VLAN routing using
Layer-3 switches. This limits the broadcast domain to a limited number of systems.
So, next time when there is a congestion in the network, you can monitor for ARP broadcast storms as well. You can use
network monitoring tools like Wireshark to monitor for abnormal ARP activity.
104. How many mac address does a switch have ?
It is based on a number of ports on switch + 1 default base mac address (for vlan 1)
105. What is double tagging?
With the IEEE standard 802.1ad, double-tagging can be useful for Internet service providers, allowing them to use VLANs
internally while mixing traffic from clients that are already VLAN-tagged. The outer (next to source MAC and representing ISP
VLAN) S-TAG (service tag) comes first, followed by the inner C-TAG (customer tag). In such cases, 802.1ad specifies a TPID of
0x88a8 for service-provider outer S-TAG.
2. Drop the packet and send an ICMP error message with Type=3 (Destination Unreachable); Code=4 (Fragmentation needed
and DF bit set)
ICMP error message will have the MTU details of the outgoing interface in Next-Hop MTU field.
Source on receiving the error message will now send the packet with mentioned MTU. This continues till it reaches the
ultimate destination.
BGP support for Path MTU Discovery
Introducing Path MTU Discovery on BGP session allows the BGP router to discover the best MTU size along the path to
neighbor resulting in efficient way of exchanging BGP packets.
Consider the below scenario for further reading,
Initial TCP negotiation between R1 and R5 will have MSS value equal to (IP MTU 40 bytes of IP header) with DF set. In our
case, IP MTU is 1500 which results in 1460 as MSS. As the initial negotiation packets are very small, it mostly moves the BGP
to Established state with MSS as same value.
R1#sh ip bgp nei | inc Data
Datagrams (max data segment is 1460 bytes):
After TCP negotiation, when the BGP update packets are sent, DF bit will be set wich will result in ICMP error message from R3
with 300 as Next-Hop MTU. Now the MSS is reduced to 260 (300 40 bytes of IP header).
R1#sh ip bgp nei | inc Data
Datagrams (max data segment is 260 bytes)
R1#
Now, with the same topology, when some intermittent device is not able to forward ICMP (some Firewall in between), end to
end Path MTU discovery will not be successful. This may result in BGP session flap.
We have configured ACL on R2 to block ICMP message towards R1. So ICMP error message from R3 will not reach R1.
As soon we have BGP configured between R1 and R5, TCP negotiation will be successful and BGP will move to Established
state. Now when the BGP Update is sent to R5, it will send the same with DF bit set. When a BGP router send BGP Update to
any neighbor, it will not send keepalive. R3 on receiving it, will send an ICMP error message to R1 which is getting blocked in
R2.
R5 after BGP session is up will except either BGP update or keepalive from R1 to reset the hold down timer. After 180
seconds, it will neither receive Update nor keepalive resulting in sending BGP Notification to R1 with error message as Hold
time expired.
R1#sh ip bgp nei | inc Data
Datagrams (max data segment is 1460 bytes):
R1#
*Mar 22 15:16:23.033: %BGP-3-NOTIFICATION: received from neighbor 150.1.5.5 4/0 (hold time expired) 0 bytes
R1#
*Mar 22 15:16:23.033: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Down BGP Notification received
R1#
*Mar 22 15:16:55.621: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Up
R1#
*Mar 22 15:19:56.409: %BGP-3-NOTIFICATION: received from neighbor 150.1.5.5 4/0 (hold time expired) 0 bytes
R1#
*Mar 22 15:19:56.409: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Down BGP Notification received
R1#
*Mar 22 15:20:13.361: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Up
109.How does a router knows whether it has to fragment a packet or not?
IP Fragmentation
An IP packet that is larger than the Maximum Transmission Unit (MTU) of an interface, is too large for transmission over that
interface. The packet must either be fragmented, or discarded (and an ICMP error message returned to the sender). In either
case, the original data will be fragmented into smaller packets (less than the smallest MTU) in order to allow it to be received
by the final destination system.
There are two approaches to doing this fragmentation:
IP Router Segmentation - performing the fragmentation in the routers
IP Path MTU Discovery - forcing the sender to perform the fragmentation
IP Fragmentation processing at a Router
The simplest approach from the end-system point of view is not to worry about the MTU size. In this simple approach, the
sender simply has to ensure that each packet is less than the MTU of the link on which it is sent. (The router always knows
this from the link interface configuration information).
Large IP packets that exceed the MTU of the link between R1 and R2 are fragmented by R1 in to two or more IP packets each
smaller than the MTU size.
The network layer then has to arrange to cut packets up into smaller fragments whenever a router encounters a link with an
MTU smaller than the received IP packet size. All the fragments of an IP packet carry the same ID in the IP packet header
(allowing the final receiver to reassemble the fragmented parts into the original PDU). This is called "IP fragmentation" or "IP
segmentation". The problem is, this offloads a lot of work on to routers, and in the worst case, can also result in packets being
segmented by several IP routers one after another, resulting in very peculiar fragmentation.
Fragmentation Method
To fragment/segment a long internet packet, a router (R1 in the figure below) creates a new IP packet and copies the contents
of the IP header fields from the long packet into the new IP header. The data of the long packet is then divided into two
portions on a 8 byte (64 bit) boundary, so that the first packet is less than the MTU of the out-going interface. The more-
fragments flag (MF) in the first packet is set to one (to indicate that more fragments of this packet follow). The More Flag may
already be set in this packet if it has already been fragmented by another system. This packet is forwarded.
The second created new packet is then processed. The packet header field is identical to that of the original packet (including
the same value of the packet ID, the total length field, the more-fragments flag (MF) and the fragment offset field in the
original packet). The packet header field is updated with a new offset field, by adding the number of payload bytes sent in the
first fragment. If this new packet is larger than the allowed link MTU, the packet is again fragmented.
IP Router Fragmentation
Any packet that has a more fragments (MF) flag set, must have an integral multiple of 8 bytes. (The final fragment, which
does not have this flag set, may have an arbitrary number of bytes).
IP Router fragmentation is not recommended in the modern Internet, and this feature was not carried-forward when the next
generation Internet Protocol (IPv6) was specified.
IP Fragmentation processing at a Sender
Path MTU Discovery allows a sender to fragment/segment a long internet packet, rather than relying on routers to perform IPlevel fragmentation. This is more efficient and more scalable. It is therefore the recommended method in the current Internet.
This is also the only method supported in IPv6.
IP Reassembly processing at the Receiving End System
IP fragmentation and reassembly employs updating and using the values in the second 32 bits of the IPv4 packet header. An
end system that accepts an IP packet (with a destination IP address that matches its own IP source address) will also
reassemble any fragmented IP packets before these are passed to the next higher protocol layer.
The system stores all received fragments (i.e., IP packets with a more-fragments flag (MF) set to one, or where the fragment
offset is non-zero), in one of a number of buffers (memory space). Packets with the same 16-bit Identification value are stored
in the same buffer, at the offset specified by the fragment offset field specified in the packet header.
Packets which are incomplete remain stored in the buffer until either all fragments are received, OR a timer expires,
indicating that the receiver does not expect to receive any more fragments. Completed packets are forwarded to the next
higher protocol layer.
110. What are the issues with IP fragmentation?
There are several issues that make IP fragmentation undesirable. There is a small increase in CPU and memory overhead to
fragment an IP datagram. This holds true for the sender as well as for a router in the path between a sender and a receiver.
Creating fragments simply involves creating fragment headers and copying the original datagram into the fragments. This
can be done fairly efficiently because all the information needed to create the fragments is immediately available.
Fragmentation causes more overhead for the receiver when reassembling the fragments because the receiver must allocate
memory for the arriving fragments and coalesce them back into one datagram after all of the fragments are received.
Reassembly on a host is not considered a problem because the host has the time and memory resources to devote to this
task.
But, reassembly is very inefficient on a router whose primary job is to forward packets as quickly as possible. A router is not
designed to hold on to packets for any length of time. Also a router doing reassembly chooses the largest buffer available
(18K) with which to work because it has no way of knowing the size of the original IP packet until the last fragment is
received.
Another fragmentation issue involves handling dropped fragments. If one fragment of an IP datagram is dropped, then the
entire original IP datagram must be resent, and it will also be fragmented. You see an example of this with Network File
System (NFS). NFS, by default, has a read and write block size of 8192, so a NFS IP/UDP datagram will be approximately 8500
bytes (including NFS, UDP, and IP headers).
A sending station connected to an Ethernet (MTU 1500) will have to fragment the 8500 byte datagram into six pieces; five
1500 byte fragments and one 1100 byte fragment. If any of the six fragments is dropped because of a congested link, the
complete original datagram will have to be retransmitted, which means that six more fragments will have to be created. If
this link drops one in six packets, then the odds are low that any NFS data can be transferred over this link, since at least one
IP fragment would be dropped from each NFS 8500 byte original IP datagram.
Firewalls that filter or manipulate packets based on Layer 4 (L4) through Layer 7 (L7) information in the packet may have
trouble processing IP fragments correctly. If the IP fragments are out of order, a firewall may block the non-initial fragments
because they do not carry the information that would match the packet filter. This would mean that the original IP datagram
could not be reassembled by the receiving host. If the firewall is configured to allow non-initial fragments with insufficient
information to properly match the filter, then a non-initial fragment attack through the firewall could occur. Also, some
network devices (such as Content Switch Engines) direct packets based on L4 through L7 information, and if a packet spans
multiple fragments, then the device may have trouble enforcing its policies.
111. What TCP MSS Does and How It Works?
The TCP Maximum Segment Size (MSS) defines the maximum amount of data that a host is willing to accept in a single TCP/IP
datagram. This TCP/IP datagram may be fragmented at the IP layer. The MSS value is sent as a TCP header option only in TCP
SYN segments. Each side of a TCP connection reports its MSS value to the other side. Contrary to popular belief, the MSS
value is not negotiated between hosts. The sending host is required to limit the size of data in a single TCP segment to a
value less than or equal to the MSS reported by the receiving host.
Originally, MSS meant how big a buffer (greater than or equal to 65496K) was allocated on a receiving station to be able to
store the TCP data contained within a single IP datagram. MSS was the maximum segment (chunk) of data that the TCP
receiver was willing to accept. This TCP segment could be as large as 64K (the maximum IP datagram size) and it could be
fragmented at the IP layer in order to be transmitted across the network to the receiving host. The receiving host would
reassemble the IP datagram before it handed the complete TCP segment to the TCP layer.
Below are a couple of scenarios showing how MSS values are set and used to limit TCP segment sizes, and therefore, IP
datagram sizes.
Scenario 1 illustrates the way MSS was first implemented. Host A has a buffer of 16K and Host B a buffer of 8K. They send
and receive their MSS values and adjust their send MSS for sending data to each other. Notice that Host A and Host B will
have to fragment the IP datagrams that are larger than the interface MTU but still less than the send MSS because the TCP
stack could pass 16K or 8K bytes of data down the stack to IP. In Host B's case, packets could be fragmented twice, once to
get onto the Token Ring LAN and again to get onto the Ethernet LAN.
Scenario 1
Host
Host
Host
Host
Host
Host
A
B
B
B
A
A
In order to assist in avoiding IP fragmentation at the endpoints of the TCP connection, the selection of the MSS value was
changed to the minimum buffer size and the MTU of the outgoing interface (- 40). MSS numbers are 40 bytes smaller than
MTU numbers because MSS is just the TCP data size, which does not include the 20 byte IP header and the 20 byte TCP
header. MSS is based on default header sizes; the sender stack must subtract the appropriate values for the IP header and
the TCP header depending on what TCP or IP options are being used.
The way MSS now works is that each host will first compare its outgoing interface MTU with its own buffer and choose the
lowest value as the MSS to send. The hosts will then compare the MSS size received against their own interface MTU and
again choose the lower of the two values.
Scenario 2 illustrates this additional step taken by the sender to avoid fragmentation on the local and remote wires. Notice
how the MTU of the outgoing interface is taken into account by each host (before the hosts send each other their MSS values)
and how this helps to avoid fragmentation.
Scenario 2
Host
Host
Host
Host
A compares its MSS buffer (16K) and its MTU (1500 - 40 = 1460) and uses the lower value as the MSS (1460) to send to
B.
B receives Host A's send MSS (1460) and compares it to the value of its outbound interface MTU - 40 (4422).
B sets the lower value (1460) as the MSS for sending IP datagrams to Host A.
Host B compares its MSS buffer (8K) and its MTU (4462-40 = 4422) and uses 4422 as the MSS to send to Host A.
Host A receives Host B's send MSS (4422) and compares it to the value of its outbound interface MTU -40 (1460).
Host A sets the lower value (1460) as the MSS for sending IP datagrams to Host B.
1460 is the value chosen by both hosts as the send MSS for each other. Often the send MSS value will be the same on each
end of a TCP connection.
In Scenario 2, fragmentation does not occur at the endpoints of a TCP connection because both outgoing interface MTUs are
taken into account by the hosts. Packets can still become fragmented in the network between Router A and Router B if they
encounter a link with a lower MTU than that of either hosts' outbound interface.
http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html#topic2
112. Explain ping packet(ICMP echo request/reply) format?
An Echo is simply what we networking engineers call a 'ping'. The Echo Reply is, as most would guess, the 'ping reply'. ICMP
Echos are used mostly for troubleshooting. When there are 2 hosts which have communication problems, a few simple ICMP
Echo requests will show if the 2 hosts have their TCP/IP stacks configured correctly and if there are any problems with the
routes packets are taking in order to get to the other side.
The 'ping' command is very well known, but the results of it are very often misunderstood and for that reason I have chosen
to explain all those other parameters next to the ping reply, but we will have a look at that later on.
Let's have a look at what an ICMP-Echo or Echo Reply packet looks like:
If the above packet was an ICMP Echo (ping), then the Type field takes a value of 8. If it's an ICMP Echo Reply (ping reply) then
it would take a value of 0.
The picture below is a screen shot I took when doing a simple ping from my workstation:
Okay, now looking at the screen shot above, you can see I 'pinged' www.firewall.cx. The first thing my workstation did was to
resolve that URL to an IP address. This was done using DNS. Once the DNS server returned the IP address of www.firewall.cx,
the workstation generated an ICMP packet with the Type field set to 8.
Here is the proof:
The picture above is a screenshot from my packet sniffer the same time this experiment was taking place. The packet
displayed is one of the 4 packets which were sent from my workstation to the webserver of firewall.cx
Notice the ICMP type=8 Echo field right under the ICMP Header section. This clearly shows that this packet is being sent from
the workstation and not received. If it was received, it would have been an 'Echo Reply' and have a value of 0.
The next weird thing, if anyone noticed, is the data field. Look at the screen shot from command prompt above and notice the
value there and the value the packet sniffer is showing on the left. One says 32 Bytes, and the other 40 Bytes !
The reason for this is that the packet sniffer is taking into account the ICMP header files (ICMP type, code, checksum and
identifier), and I'll prove it to you right now.
Look at the top of this page where we analysed the ICMP headers , you will notice that the lengths (in Bits) of the various
fields are as follows: 8, 8, 16, 16, 16. These add up to a total of 64 Bits. Now 8 Bits = 1 Byte, therefore 64 Bits = 8 Bytes. Take
the 32 Bytes of data the workstation's command prompt is showing and add 8 Bytes .... and you have 40 Bytes in total.
113. Two routers A and B are connected back to back with hub in between. Router A ip is 2.2.2.2 and Router B
ip 3.3.3.3. Will ping happens? Will ARP happens?
Ping will fail so do arp.
Router#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Here routing table and ARP table do not show any entry of router B
Router#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
116. What is primary difference between IBGP and EBGP in case of BGP?
The primary difference between E-BGP and I-BGP is a difference in TCP endpoint conventions. The endpoints of TCP
connections for EBGP sessions are the addresses of the physical interfaces over which the E-BGP session runs. The endpoints of TCP
connections for
I-BGP sessions correspond to a virtual (loopback) TCP connection over which the I-BGP session runs, and reflect a fully
meshed
network configuration
117. Why area 0 is required in case of Ospf?
Backbone Area 0 (level 2) is a central (transition) area to which all other areas are connected, which distributes routing
information between areas, and has the same properties as other areas. Backbone routers use the same procedures and
algorithms as Internal Routers.
118. Describe ospf adjacency process?
OSPF Routers go through various states exchanging messages as they proceed form Down to Full Adjacency. They initiate the
Hello process and decide on initialization parameters, for the adjacency they decide on a master/slave relationship, and then
they exchange/load each others databases using Database Description and LSA packets. When the databases are
synchronized the routers are considered to be in full adjacency.
119. Does ospf provide fragmentation?
Ospf does not provide any explicit fragmentation/reassembly support. When fragmentation is necessary, IP
fragmentation/reassembly is used.
120. What is ospf Interface MTU?
Interface MTU The size in bytes of the largest IP datagram that can be sent out the associated interface, without
fragmentation. Interface MTU should be set to 0 in Database Description packets sent over virtual links.
121. Why do you require a limit on the minimum size of Ethernet frame?
Ans. To detect collision, it is essential that a sender continue sending a frame and at the same time receives another frame
sent by another station. Considering maximum delay with five Ethernet segments in cascade, the size of frame has been
found to be 64 bytes such that the above condition is satisfied.
122. What is difference in Control plane, Data plane and Forwarding Plane?
http://networkstatic.net/the-control-plane-data-plane-and-forwarding-plane-in-networks/
123. Is there any L2 redundancy protocol other than STP ?
Etherchannels can be used for redundancy at L2. Other than this we have VRRP and HSRP but these are used for gateway
redundancy at L3.
124. What are the troubleshooting points for Etherchannels?
Troubleshooting EtherChannels
EtherChannel issues usually fall into one of three categories:
1. Every port participating in an EtherChannel must have identical speed, duplex, access or trunk settings. If an EtherChannel
isnt forming, check each port configuration.
2. Both sides of the EtherChannel must be configured as a bundle directly or by using a link aggregation protocol (LACP or
PAgP). If one side is configured as an EtherChannel and the other side is not, look for error-disabled EtherChannel ports on the
EtherChannel-enabled switch.
3. If traffic is only flowing over a single link in a bundle, it is likely that the hash algorithm should be adjusted to use different
seed values. Also note that link bundles should be used in even numbered pairs like 2, 4, 8, etc.
125. What are different BGP databases?
BGP Databases
Like most modern routing protocols, BGP has two separate databases a neighbor database and a BGP-specific database.
Neighbor Database
Lists all of the configured BGP neighbors
Router# show ip bgp summary
BGP Database
Lists all networks known by BGP along with their attributes.
Router# show ip bgp
126. What are benefits of routing?
Broadcast control
Multicast control
Optimal path determination
Traffic management
Logical addressing
Layer 3 security
127. Benefits of L3 Switching?
Hardware-based packet forwarding
High-performance
packet switching
High-speed
scalability
Low latency
Lower per-port cost
Flow accounting
Security
QoS
Layer 3 switching is hardware-based routing. A full Layer 3 switch does everything to a packet that a traditional router does.
Layer 3 switching is a combination of Layer 2 switching and Layer 3 routing to that provides integrated switching and routing.
While a router is like a mailroom with a single chute, a switch provides multiple chutes to direct data. Traditionally,
applications at Layer 2 are responsible for the validity and integrity of transmission from node to node. However, the advent
of the Internet has meant that most network traffic is now on a backbone system. Smart switches are now able to do most of
the functions of a router.
Layer 3 switches can be used to prioritize traffic and can control larger networks than Layer 2 switches, reducing the need to
create subnets isolated by routers.
The primary difference between the packet-switching operation of a router and a Layer 3 switch is the physical
implementation. In general-purpose routers, microprocessor-based engines typically perform packet switching. A Layer 3
switch performs packet switching with hardware.
Layer 3 devices can interrogate packets to determine priorities to allocate bandwidth, and this is where Quality of Service
(QoS) features are usually implemented.
When performing Layer 3 functions, a switch reads the TCP and User Datagram Protocol (UDP) fields to determine what type
of information the packet is carrying. The network manager can then program the switch to prioritize traffic by application.
When being used for QoS purposes, this means that a videoconferencing application might be granted more bandwidth than
an e-mail message.
If the network is only at 50 percent capacity on the backbone, each user or application on the network is already getting the
same QoS without Layer 4 switching.
128. What is multilayer Switch?
Combines functionality of:
Layer 2 switching
Layer 3 switching
Layer 4 switching
High-speed scalability
Low latency
Multilayer Switching is the combination of traditional Layer 2 switching with Layer 3 protocol routing in a single box, usually
through a fast hardware implementation.
Multilayer switches are not called routers because multilayer switches are much faster and generally less expensive than a
router with the same Layer 3 throughput.
The Catalyst family of switches does the following:
As a Layer 3 switch, caches flows based on the IP or IPX addresses.
As a Layer 4 switch, caches flows based on the source address, destination address, source port, and destination port.
Multilayer Switching products with high-speed hardware IP routing offer significant improvements in scalability and
performance over simple Layer 2 switches or traditional routers.
129. What is auto-negotiation?
The Auto-Negotiation function is an optional part of the Ethernet standard that makes it possible for devices to exchange
information about their abilities over a link segment. This, in turn, allows the devices to perform automatic configuration to
achieve the best possible mode of operation over a link.
At a minimum, Auto-Negotiation can provide automatic speed matching for multi-speed devices at each end of a link Multispeed Ethernet interfaces can then take advantage of the highest speed offered by a multi-speed hub port.
Stress: Auto-negotiation is not a fully implemented standard and, therefore, the behavior of the link cannot be guaranteed
when using this feature.
Cisco strongly recommends that each end of the link be manually configured for the desired duplex and speed.
130. What is ping used for?
The ping command sends a specified number of ICMP echo requests and measures the time the destination device takes to
respond to each request
To test connectivity to remote hosts.
Switch (enable) ping destination ip address
The ping command will return one of the following responses:
Success rate is 100 percent or ip address is alive. This response occurs in 1 to 10 seconds, depending on network traffic and
the number of ICMP packets sent.
Destination does not respond. No answer message is returned if the host does not respond.
Unknown host. This response occurs if the targeted host does not exist.
Destination unreachable. This response occurs if the default gateway cannot reach the specified network
Network or host unreachable. This response occurs if there is no entry in the route table for the host or network.
131. What is access link ?
An access link is a link that is a member of only one VLAN
Also emphasize the use of the native VLAN. An access link has a native VLAN that is the only VLAN that it supports. The
device on the end of the access is generally unaware that a VLAN ID even exists. The switch must deploy some mechanism
of identification so that a frame being received in an access link is marked with the correct VLAN information. This can be
done with either frame filtering (maintaining a table of VLAN-port assignments) or frame tagging (marking the frame as it
leaves the port to cross the backplane).
131. What is a trunk link?
A trunk link is capable of carrying multiple VLANs
Trunk links are typically used on switch-to-switch connections or switch to router connections. They can be used to connect
end devices such as servers; however, this is not as common. Trunk links carry multiple VLANs. A trunk link may have a
native VLAN which is the VLAN that it reverts to if the trunk fails, or in the case of 802.1Q, the VLAN identifier that is used if a
frame comes in from a non-trunk device. This allows 802.1Q to support trunk links and access links on the same port,
creating a hybrid link.
132. What are two different vlan tagging options?
The two different tagging options, as follows:
ISL (Cisco proprietary)
IEEE 802.1Q (industry standard)
Blocked is the initial state of the port. A port will also be placed in a blocked state if there is a redundant path to the Root
Bridge and the port does not have the best cost. Blocked means that the port can send and receive BPDUs but cannot send
or receive data.
139. Identify at least one network problem caused by Spanning-Tree Protocol.
Following are three network problems caused by Spanning Tree
Convergence time after a network failure.
The time that it takes a port to move into forwarding mode will cause many workstations to time out while attempting to
attach to a service.
Paths can be sub-optimal if network is not designed correctly
140. Explain the solutions developed to improve STP convergence time.
Spanning-Tree Protocol operation.
The following solutions improve spanning tree
PortFast enables a port to bypass Spanning Tree operations
UplinkFast creates an UplinkFast group of ports that can be used to perform a rapid failover in the case of a direct link
failure.
BackboneFast expires the Max Age timer when it stops hearing the superior BPDU but continues hearing the inferior BPDU
EtherChannel bundles parallel ports together which allows Spanning Tree to treat them as one port
Root Bridge correct placement of the Root Bridge and modification of the diameter will improve path selection and
convergence time.
Port Priority and Port Cost Used to influence the path selections made by Spanning Tree
141. Discuss the purpose of an inferior BPDU.
The loss of a superior BPDU and the receipt of an inferior BPDU trigger the BackboneFast process.
BackboneFast is initiated when a Root port or blocked port on a switch receives inferior BPDUs from its designated bridge. An
inferior BPDU identifies one switch as both the Root Bridge and the designated bridge.
When a switch receives an inferior BPDU, it indicates that a link to which the switch is not directly connected (an indirect link)
has failed (that is, the designated bridge has lost its connection to the Root Bridge). Under normal spanning-tree rules, the
switch ignores inferior BPDUs for the configured maximum aging time.
142. Explain how the routing and switching functions of a Cisco MLS switch work together to enable multilayer
switching.
Multilayer switching (MLS) is a technique used to increase IP routing performance by handling the packet switching and
rewrite function in ASICs.
In MLS, the frame forwarding and rewrite process functions previously handled by a router have now been moved into switch
hardware.
The Cisco implementation of MLS is comprised of three components:
Multilayer Switching-Switching Engine (MLS-SE). The multilayer switching switch engine is the switching entity that handles
the function of moving and rewriting the packets. The MLS-SE is a NetFlow Feature card residing on a Supervisor III card in a
Catalyst switch.
Multilayer Switching-Route Processor (MLS-RP). This component is an Route Switch Module (RSM) or an externally connected
Cisco 7500, 7200, 4500, 4700, or 8500 series router with software that supports multilayer switching. The MLS-RP sends MLS
configuration information and updates, such as the router MAC address and Vlan number, flow mask, and routing and access
list changes.
Multilayer Switching Protocol (MLSP). This protocol operates between the MLS-Switch Engine and MLS-Route Processor to
enable multilayer switching. , The MLSP is the method in which the RSM or router advertises routing changes and the Vlans or
MAC addresses of the interfaces that are participating in MLS.
An MLS cache entry is created for the initial packet of each flow. This is packet is called the Candidate packet. The switch
forwards the frame to the MLS-RP.
If the MLS-RP finds an entry for the destination address in the routing table, the MLSP-RP rewrites the packet and returns the
frame to the switch.
The MLS-SE compares the XTAGs for both the candidate entry in the MLS cache and the returned frame. If the two XTAGs
match, the frame came from the same router for the same flow. This second frame becomes the enable entry in MLS cache
and the partial entry for that flow is completed.
143. Describe the three flow mask modes and the impact ACLs have on those modes.
The three flow mask types supported by the MLS-SE are:
destination-ip mode. This mode represents the least-specific flow mask. The MLS-SE maintains one MLS entry for each
destination IP address. All flows to a given destination IP address use this MLS entry. This mode is used if there are no access
lists configured on any of the MLS router interfaces.
source-destination-ip mode. The MLS-SE maintains one MLS entry for each source and destination IP address pair. All flows
between a given source and destination use this MLS entry regardless of the IP protocol ports. This mode is used if there is a
standard access list on any of the MLS interfaces.
ip-flow mode. This mode represents the most-specific flow mask. The MLS-SE creates and maintains a separate MLS cache
entry for every IP flow. An ip-flow entry includes the source IP address, destination IP address, protocol, and protocol ports.
This mode is used if there is an extended access switching.
144. Discuss how various router/switch configuration can effect multilayer switching
There is a dependency between the router and the switch at the distribution layer.
How these devices are placed in relationship to each other is critical to multilayer switching.
As long as the MLS-SE can detect both the candidate and enable packets, multilayer switching will take place. However, if
the configuration is designed in such as way as the enabling packet is never returned to the MLS-SE, the candidate packet will
age out of the MLS cache and all packets in that flow are routed.
Changes to the routing table may affect the behavior of MLS. Whenever a route change takes place, the MLS cache is flushed
for any flow entries effected by the route change.
As long as the MSL-SE detects both the candidate and enable packets for the new route, a flow entry will be entered into the
MLS cache .
145. Can I bundle two different type of interface ex. a fastethernet with gigabitethernet?
No, it is not possible
146. How many number of routes carried by RIP packet?
Each RIP router advertises all RIP routes periodically via RIP updates. Each update can contain a maximum of 25 route
advertisements. This limit is imposed by RIP specifications. RIP can sometimes be configured to send as many as 255 routes
per update.
147. How many network types available in OSPF?
There are 5 types of OSPF network types
Point to point
Broadcast
Non broadcast
NBMA
Point to multipoint
149. What is the requirement of doing summarization?
To reduce the size of the ospf LSDB
151. If any of the OSPF area is not stabilized, does it impact another area?
If the area 0 is not stable then the SPF will be calculated with in the area0 for LSA1 and LSA 2 these LSAs are summary LSAs
for the other areas, so other area routers will calculate the SPF for summary LSA, when ever wrong happens in area 0.
now the point is other area routers will not calculate the spf for their own area but for area0.
152. What is the use of forwarding address in LSA 5 and LSA 7?
Covered in another question.
153. Can we run multiple OSPF process in single router and what is the advantage of using it?
We can have multiple process but it can have one process per interface.
155. After configuring new router-id, automatically it will be used or do we need to use some type of command
to get it operational.
We need to clear the ospf process to get is reflected.
157. If DR is down and no BDR is configured what will happen?
The DR must be elected in a Multi access network.
If DR goes down and there is no other BDR, either a new election will occur to find the new DR. or if no other router are
eligible to become DR because their Priority was set to 0, then all the Routers will not form adjacency to each other.T here
has to be DR atleast. This happens when you explicitly defines a certain router to be a DR and other routers not to become
DR or BDR ever. a common practice found in HUB and SPOKE style NBMA networks.in which HUB is always a DR and there is
no need for a Spoke router to participate in DR./BDR election process
If the Old DR comes back after a new DR is elected or BDR is promoted to become DR. it cannot dominate OSPF running
topology until the current Designated router goes offline.
OSPF DR/BDR election process is pretty much similar to Spanning-Tree Protocol Root election process.
158. What is the difference between a neighbor and adjacent neighbor?
Neighbors are routers who are in the same area who exchange hello packets, but not LSA information. Such as, between two
DROther routers. Adjacent routers are routers who have fully exchanged their LSA information and are stable.
Lets take a broadcast access medium topology like a LAN for example, to illustrate the differences.
As you know, in a LAN environment you have a DR election. After this election, the DR and BDR are elected, and all other
routers( DROthers) form adjacencies with the DR/BDR. Meaning, they pass the 2WAY state into ex-start and start exchanging
LSA headers to begin the route exchange.
However, between two DROther routers, you will never pass beyond 2WAY. That is to say, they will exchange hello packets,
but will never enter exstart, never exchange LSA headers, never converge into adjaceny neighbors.
159. What is C and R in OSPF debug?
Ans: C stands for local router and R stands for remote router.
160. Define various tools which participates in OSPF fast convergence
OSPF have various tool and techniques for fast convergence as below mentioned: Event Detection
Event Propagation
Event Processing
RIB Update
161. In layer 2 domain do we need ip address for communication?
No we dont. L2 works on mac address
163. How to perform inter vlan routing without layer 3 device?
Yes this is possible by configuring link between the two switches as access ports.
http://www.mplsvpn.info/2010/07/inter-vlan-routing-without-layer-3.html
164. what is the importance of PMTU in bgp?
TCP MTU path discovery allows BGP to use the largest packets possible
Without PMTU discovery, we can support 100 peers with 120,000 routes each
With PMTU discover, we can support 175 peers with 120,000 routes each
If an interface is fast switched, per destination load sharing is performed. If an interface is process switched, per packet load
sharing is performed.
183. What is a recursive table lookup?
A recursive routing table lookup occurs when a router cannot acquire all the information it needs to forward a packet with a
single routing table lookup. For example, the router may perform one lookup to find the route to a destination and then
perform another lookup to find a route to the nexthop router of the first route.
184. What is load balancing? Name four different types of load balancing.
Load balancing is the process of sending packets over multiple paths to the same destination. Four
types of load balancing are:
Equal cost, per packet
Equal cost, per destination
Unequal cost, per packet
Unequal cost, per destination
185. Why are sequence numbers important in link state protocols?
Sequence numbers help a router differentiate between multiple copies of the same link state advertisement and also prevent
flooded link state advertisements from circulating endlessly throughout the internetwork.
186. Explain how an SPF algorithm works.
A router builds a shortest path tree by first adding itself as the root. Using the information in the topological database, the
router creates a list of all of its directly connected neighbors. The lowestcost link to a neighbor becomes a branch of the tree,
and that router's neighbors are added to the list. The list is checked for duplicate paths, and if they exist, the higher-cost
paths are removed from the list. The lowest-cost router on the list is added to the tree, that router's neighbors are added to
the list, and the list is again checked for duplicate paths. This process continues until no routers remain on the list.
187. How do areas benefit a link state internetwork?
Within a routing domain, areas are subdomains. They make link state routing more efficient by limiting the size of the link
state database of each router in the area.
188. How many updates must be missed before a route entry will be marked as unreachable in RIP?
A route entry is marked as unreachable if six updates are missed.
189. What is the purpose of the garbage collection timer?
The garbage collection timer, or flush timer, is set when a route is declared unreachable. When the timer expires, the route is
flushed from the route table. This process allows an unreachable route to remain in the routing table long enough for
neighbors to be notified of its status.
190. Why is a random timer associated with triggered updates? What is the range of this timer?
The random timer, whose range is 1 to 5 seconds, prevents a "storm" of triggered updates during a topology change.
191. What is the difference between a RIP Request message and a RIP Response message?
A Request message asks a router for an update. A Response message is an update.
192. Which two types of Request messages does RIP use?
Request message may either ask for a full update or in some special cases it may ask for specific routes.
193. Under what circumstances will a RIP response be sent?
A Response is sent when the update timer expires, or upon reception of a Request message.
194. Why does RIP hide subnets at major network boundaries?
RIP updates do not include the subnet mask of the destination address, so a RIP router depends on the subnet masks of its
own interfaces to determine how an attached major network address is subnetted. If a router does not have an attachment to
a particular major network address, it has no
way to know how that major network is subnetted. Therefore, no subnets of a major network address can be advertised into
another major network.
195. Which three fields are new to the RIPv2 message format?
The Route Tag field, the Subnet Mask field, and the Next Hop field are RIPv2 extensions that do not exist in RIPv1 messages.
The basic format of the RIP message remains unchanged between the two versions; version 2 merely uses fields that are
unused in version 1.
196. What is the purpose of the Route Tag field in the RIPv2 message?
When another routing protocol uses the RIPv2 domain as a transit domain, the protocol external to RIPv2 can use the Route
Tag field to communicate information to its peers on the other side of the RIPv2 domain.
197. Which one feature must a routing protocol have to be a classless routing protocol?
A classless routing protocol does not consider the major network address in its route lookups, but just looks for the longest
match.
198. What is an OSPF neighbor?
From the perspective of an OSPF router, a neighbor is another OSPF router that is attached to one of the first router's directly
connected links.
199. What is an OSPF adjacency?
An OSPF adjacency is a conceptual link to a neighbor over which LSAs can be sent.
219. How do I connect two different ISPs and route different traffic to different ISPs?
Policy based routing (PBR) is the feature that allows you to route the traffic to different ISPs based on the source address.
220. What is the difference between the two methods to create static routes?
There are two methods to create static routes:
The ip route 10.1.1.1 255.255.255.0 eth 0/0 command generates an ARP broadcast that looks for the nexthop IP address.
The ip route 10.1.1.1 255.255.255.0 172.16.1.1 command does not generate an ARP request. It keeps Layer 2 out of the
routing process.
221. Can you configure different MTU for sub-interfaces under the same main interface?
You can configure different IP MTU with the ip mtu command on different sub-interfaces. When you change the MTU on a subinterface, the router checks the MTU from the main interface. If the main interface MTU is set to a lower value than the one
configured on the sub-interface, the router changes the MTU on the main interface to match with the sub-interface. Thus, the
physical MTU configured with the mtu command on the main interface needs to be higher than the IP MTU configured on the
sub interfaces
222. What are a different types of communities in BGP?
223. What is difference between distance vector and link state protocols?
A service provider has infrastructure connecting two sites at layer two, and desires to provide its customers transparent layer
two connectivity. A less-than-ideal solution would be to assign each customer a range of VLANs it may use. However, this is
very limiting, both in that it removes the customers' flexibility to choose their own VLAN numbers, and there may not be
enough VLAN numbers (we can only use a maximum of 4,094 or so) available on large networks.
802.1Q tunneling solves both of these issues by assigning each customer a single VLAN number, chosen by the service
provider. Within each customer VLAN exists a secondary 802.1Q trunk, which is controlled by the customer. Each customer
packet traversing the service provider network is tagged twice: the inner-most 802.1Q header contains the customer-chosen
VLAN ID, and the outer-most header contains the VLAN ID assigned to the customer by the service provider.
Next, we'll configure our backbone trunk to carry the top-level VLANs for customers A and B, which have been assigned
VLANs 118 and 209, respectively. We configure a normal 802.1Q trunk on both ISP switches. The last configuration line below
restricts the trunk to carrying only VLANs 118 and 209; this is an optional step.
S1(config)# interface f0/13
S1(config-if)# switchport trunk encapsulation dot1q
S1(config-if)# switchport mode trunk
S1(config-if)# switchport trunk allowed vlan 118,209
S2(config)# interface f0/13
S2(config-if)# switchport trunk encapsulation dot1q
S2(config-if)# switchport mode trunk
S2(config-if)# switchport trunk allowed vlan 118,209
Now for the interesting bit: the customer-facing interfaces. We assign each interface to the appropriate upper-level (service
provider) VLAN, and its operational mode to dot1q-tunnel. We'll also enable Layer two protocol tunneling to transparently
carry CDP and other layer two protocols between the CPE devices.
S1(config)# interface f0/1
S1(config-if)# switchport access vlan 118
S1(config-if)# switchport mode dot1q-tunnel
S1(config-if)# l2protocol-tunnel
S1(config-if)# interface f0/3
S1(config-if)# switchport access vlan 209
S1(config-if)# switchport mode dot1q-tunnel
S1(config-if)# l2protocol-tunnel
S2(config)# interface f0/2
S2(config-if)# switchport access vlan 118
S2(config-if)# switchport mode dot1q-tunnel
S2(config-if)# l2protocol-tunnel
S2(config-if)# interface f0/4
S2(config-if)# switchport access vlan 209
S2(config-if)# switchport mode dot1q-tunnel
S2(config-if)# l2protocol-tunnel
We can use the command show dot1q-tunnel on the ISP switches to get a list of all interfaces configured as 802.1Q tunnels:
S1# show dot1q-tunnel
dot1q-tunnel mode LAN Port(s)
----------------------------Fa0/1
Fa0/3
Now that our tunnel configurations have been completed, each customer VLAN has transparent end-to-end connectivity
between sites. This packet capture shows how customer traffic is double-encapsulated inside two 802.1Q headers along the
ISP backbone. Any traffic left untagged by the customer (i.e., traffic in the native VLAN 1) is tagged only once, by the service
provider.
225. Explain Etherchannel?
http://packetlife.net/blog/2010/jan/18/etherchannel-considerations/
EtherChannel is Cisco's term for bundling two or more physical Ethernet links for the purposes of aggregating available
bandwidth and, to a lesser extent, providing a measure of physical redundancy. Under normal conditions, all but one
redundant physical link between two switches will be disabled by STP at one end.
With EtherChannel configured, multiple links are grouped into a port-channel, which is assigned its own configurable virtual
interface. The bundle is treated as a single link.
EtherChannel Negotiation
An EtherChannel can be established using one of three mechanisms:
PAgP - Cisco's proprietary negotiation protocol
LACP (IEEE 802.3ad) - Standards-based negotiation protocol
Static Persistence ("On") - No negotiation protocol is used
Any of these three mechanisms will suffice for most scenarios, however the choice does deserve some consideration. PAgP,
while perfectly able, should probably be disqualified as a legacy proprietary protocol unless you have a specific need for it
(such as ancient hardware). That leaves LACP and "on", both of which have a specific benefit.
LACP helps protect against switching loops caused by misconfiguration; when enabled, an EtherChannel will only be formed
after successful negotiation between its two ends. However, this negotiation introduces an overhead and delay in
initialization. Statically configuring an EtherChannel ("on") imposes no delay yet can cause serious problems if not properly
configured at both ends.
To configure an EtherChannel using LACP negotiation, each side must be set to either active or passive; only interfaces
configured in active mode will attempt to negotiate an EtherChannel. Passive interfaces merely respond to LACP requests.
PAgP behaves the same, but its two modes are refered to as desirable and auto.
1
Po1(SU)
LACP
Fa0/13(P) Fa0/14(P) Fa0/15(P)
Note the S indicating layer two operation; on multilayer platforms, EtherChannel interfaces can be configured for routed
operation as well.
For comparison, let's reconfigure the EtherChannel to function without a negtiation protocol ("on" mode):
S1(config)# no interface po1
S1(config)# interface range f0/13 -15
S1(config-if-range)# channel-group 1 mode on
Creating a port-channel interface Port-channel 1
S1(config-if-range)# no shutdown
This time we observe that the port-channel interface is enabled as soon as its first member port comes up, as there is no
delay imposed by negotiation:
*Mar 1 00:56:12.271: %LINK-3-UPDOWN: Interface FastEthernet0/13, changed state to up
*Mar 1 00:56:12.287: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up
*Mar 1 00:56:12.291: %LINK-3-UPDOWN: Interface FastEthernet0/14, changed state to up
*Mar 1 00:56:12.307: %LINK-3-UPDOWN: Interface FastEthernet0/15, changed state to up
In the Campus Network High Availability Design Guide, Cisco recommend forgoing the use of a negotiation protocol and
configuring EtherChannels for static "on/on" operation; however they also caution that this approach offers no protection
against the effect of misconfigurations.
EtherChannel Load-Balancing
Another consideration to make when implementing EtherChannels is the type of load-balancing in effect. EtherChannel
provides load-balancing only per frame, not per bit. A switch decides which member link a frame will traverse by the outcome
of a hash function performed against one or more fields of each frame. Which fields are considered is dependent on the
switch platform and configuration. For example, a Catalyst 3550 can match only against a frame's destination or source MAC
address:
S1(config)# port-channel load-balance ?
dst-mac Dst Mac Addr
src-mac Src Mac Addr
The show etherchannel load-balance command reveals that source MAC address load-balancing is default on the Catalyst
3550:
S1# show etherchannel load-balance
EtherChannel Load-Balancing Configuration:
src-mac
EtherChannel Load-Balancing Addresses Used Per-Protocol:
Non-IP: Source MAC address
IPv4: Source MAC address
More powerful platforms can match against IP address(es) or layer four port(s). Generally speaking, higher layer fields are
more favorable as they tend to be more dynamic, resulting in a more granular distribution of traffic across member links.
Direction of flow is also an important detail. For example, consider the following topology:
Routed packets entering the subnet from S1 are always sourced from the MAC address of the VLAN interface. If source MAC
load-balancing is in use, these frames will be forwarded down only one member link, because the outcome of the hash
function will always be the same. Configuring destination MAC load-balancing on S1 is recommended to achieve a more
varied distribution of frames and make better use of the available bandwidth.
The opposite is true on S2: Since all frames entering the EtherChannel from LAN hosts are destined for the MAC address of
the gateway (VLAN interface), source MAC address load-balancing works better here.
EtherChannel Bandwidth and Costs
Finally, remember that the perceived bandwidth of a port-channel interface is equal to the sum of its active member links. For
example, an EtherChannel with three active 100 Mbps members will show a bandwidth of 300 Mbps. Because members can
still fail individually, the bandwidth of a port-channel interface can fluctuate without going down.
226. Are Vlan locally significant?
http://packetlife.net/blog/2008/apr/11/vlans-are-locally-significant/
One common misconception regarding VLANs is that they are significant beyond a single switch. Of course, VLAN numbers
have to match for trunking to work, and VTP can be used to automatically propagate VLAN information. However, a VLAN,
being essentially little more than a number, is significant only within a device. Consider the following scenario:
All of the ports on switch A are set to access mode in VLAN 10, and all of the ports on switch B are set to access mode in
VLAN 20. Note that the connection between the two switches is not a trunk; each end is configured as an access port in the
respective VLAN. Our two hosts A and B are similarly connected to different VLANs, but still reside in the same IP subnet. Can
hosts A and B communicate?
The answer is yes. Follow the path of a frame leaving host A destined for host B. Switch A receives this frame on a port in
VLAN 10, so it can only egress out another port in VLAN 10 or a trunk port. It performs the usual MAC lookup to determine the
appropriate outbound port is its link to switch B. Now, here's the key: the frame is forwarded to switch B without a VLAN tag,
because this is an access port. Switch B receives the frame on an interface it considers VLAN 20 and performs the same
switching decision to forward the frame to host B.
So, does it work? Yep! Is it a good idea? Probably not. In an instance where VLANs are used, you're probably using more than
one. For this reason and others, it's recommended to always trunk between switches using IEEE 802.1q or (less favorably)
Cisco ISL.
229. Why BGP Uses TCP and IGPs Don't?
http://packetlife.net/blog/2010/jun/24/why-bgp-uses-tcp-and-igps-dont/
Convenience
Arguably the most obvious motivation to design BGP to run over TCP is simple convenience. Remember that BGP is
essentially just another application layer protocol to the TCP/IP stack; at the time of BGP's creation TCP was already out there
and working, so why not take advantage of it? From RFC 4271:
BGP uses TCP as its transport protocol. This eliminates the need to implement explicit update fragmentation, retransmission,
acknowledgement, and sequencing.
Security
Unlike other IPv4 routing protocols, BGP does not provide its own security mechanism. Sure, you can secure neighbor
adjacencies using MD5 digests, but these aren't actually carried within the BGP header. Rather, security is facilitated by a TCP
option defined in RFC 2385, the TCP Authentication Option (kind 19).
This TCP option was originally created specifically to secure BGP adjacencies (which typically have quite long lifetimes), and
for a decade or so has worked quite well. However, as MD5 is beginning to show its age, a new RFC (5925) was published just
this month to provide a more resilient alternative.
No Need for Neighbor Discovery
Unlike interior routing protocols, BGP has no requirement for dynamic neighbor discovery. As BGP adjacencies are (or more
accurately, should be) very carefully weighed design considerations, BGP neighbors must be configured statically at both
ends. This is in contrast to a protocol like OSPF, which uses hello packets to automatically discover and form adjacencies with
neighbors.
Adjacency Traffic is Always Point-to-Point
A corollary of our last point, we know that BGP unicasts advertisements to each of its adjacent neighbors separately. This is in
contrast to interior routing protocols, which typically employ multicast transmissions to more efficiently communicate with
one or more other neighbors on a multiaccess segment.
231. Explain Path Mtu discovery?
When a host needs to transmit data out an interface, it references the interface's Maximum Transmission Unit (MTU) to
determine how much data it can put into each packet. Ethernet interfaces, for example, have a default MTU of 1500 bytes,
not including the Ethernet header or trailer. This means a host needing to send a TCP data stream would typically use the first
20 of these 1500 bytes for the IP header, the next 20 for the TCP header, and as much of the remaining 1460 bytes as
necessary for the data payload. Encapsulating data in maximum-size packets like this allows for the least possible
consumption of bandwidth by protocol overhead.
Unfortunately, not all links which compose the Internet have the same MTU. The MTU offered by a link may vary depending
on the physical media type or configured encapsulation (such as GRE tunneling or IPsec encryption). When a router decides
to forward an IPv4 packet out an interface, but determines that the packet size exceeds the interface's MTU, the router must
fragment the packet to transmit it as two (or more) individual pieces, each within the link MTU. Fragmentation is expensive
both in router resources and in bandwidth utilization; new headers must be generated and attached to each fragment. (In
fact, the IPv6 specification removes transit packet fragmentation from router operation entirely, but this discussion will be left
for another time.)
To utilize a path in the most efficient manner possible, hosts must find the path MTU; this is the smallest MTU of any link in
the path to the distant end. For example, for two hosts communicating across three routed links with independent MTUs of
1500, 800, and 1200 bytes, the smallest (800 bytes) must be assumed by each end host to avoid fragmentation.
Of course, it's impossible to know the MTU of each link through which a packet might travel. RFC 1191 defines path MTU
discovery, a simple process through which a host can detect a path MTU smaller than its interface MTU. Two components are
key to this process: the Don't Fragment (DF) bit of the IP header, and a subcode of the ICMP Destination Unreachable
message, Fragmentation Needed.
Setting the DF bit in an IP packet prevents a router from performing fragmentation when it encounters an MTU less than the
packet size. Instead, the packet is discarded and an ICMP Fragmentation Needed message is sent to the originating host.
Essentially, the router is indicating that it needs to fragment the packet but the DF flag won't allow for it. Conveniently, RFC
1191 expands the Fragmentation Needed message to include the MTU of the link necessitating fragmentation. A
Fragmentation Needed message can be seen in packet #6 of this packet capture.
Now that the actual path MTU has been learned, the host can cache this value and packetize future data for the destination to
the appropriate size. Note that path MTU discovery is an ongoing process; the host continues to set the DF flag so that it can
detect further decreases in MTU should dynamic routing influence a new path to the destination. RFC 1191 also allows for
periodic testing for an increased path MTU, by occasionally attempting to pass a packet larger than the learned MTU. If the
packet succeeds, the path MTU will be raised to this higher value.
You can test path MTU discovery across a live network with a tool like tracepath (part of the Linux IPutils package) or
mturoute (Windows only). Here's a sample of tracepath output from the lab pictured above, with the MTU of F0/1 reduced to
1400 bytes using the ip mtu command:
Host$ tracepath -n 192.168.1.2
1: 192.168.0.2
0.097ms pmtu 1500
1: 192.168.0.1
0.535ms
1: 192.168.0.1
0.355ms
2: 192.168.0.1
0.430ms pmtu 1400
2: 192.168.1.2
0.763ms reached
Resume: pmtu 1400 hops 2 back 254
233. You are the network administrator for a small network that has two routers (R1 and R2, as shown in the
figure below) that are connected via serial interfaces. You have used the command Ip route 13.0.0.0 255.0.0.0
12.0.0.2 on R1 to finalize configuration. What happens if the serial interface on R2 shuts down?
What two results would occur if the hub were to be replaced with a switch that is configured with one Ethernet VLAN? (Choose
two)
A. The number of collision domains would remain the same.
B. The number of collision domains would decrease.
C. The number of collision domains would increase.
D. The number of broadcast domains would remain the same.
E. The number of broadcast domains would decrease.
F. The number of broadcast domains would increase.
Answer: C D
238. The network administrator normally establishes a Telnet session with the switch from host A. The
administrators attempt to establish a connect via Telnet to the switch from host B fails, but pings from host B
to other two hosts are successful. What is the issue for this problem?
A technician is troubleshooting host connectivity issues on the switches. The hosts in VLANs 10 and 15 on Sw11 are unable to
communicate with hosts in the same VLANs on Sw12. Hosts in the Admin VLAN are able to communicate. The port-to-VLAN
assignments are identical on the two switches. What could be the problem?
A. The Fa0/1 port is not operational on one of the switches.
B. The Link connecting the switches has not been configured as a trunk.
C. At lease one port needs to be configured in VLAN 1 for VLANs 10 and 15 to be able to communicate.
D. Port FastEthernet 0/1 needs to be configured as an access link on both switches.
E. A router is required for hosts on Sw11 in VLANs 10 and 15 to communicate with hosts in the same VLAN on Sw12.
Answer: B
Explanation
The show vlan command only displays access ports, the trunk ports are not shown in this command (we can use the show
interface trunk command to see trunked ports). In the output we can see the ports Fa0/1 connecting between two switches
in VLAN 20 -> they are access ports and only VLAN 20 can communicate. To make all VLANs can communicate (with the
same VLAN at the other switch), the link between two switches must be set as trunk -> B is correct.
240. Refer to the exhibit:
What commands must be configured on the 2950 switch and the router to allow communication between host 1 and host 2?
(Choose two)
Router(config)#interface fastethernet 0/0
Router(config-if)#no shutdown
Router(config)#interface fastethernet 0/0.1
Router(config-subif)#encapsulation dot1q 10
Router(config-subif)#ip address 192.168.10.1 255.255.255.0
Router(config-subif)#interface fastethernet 0/0.2
Router(config-subif)#encapsulation dot1q 20
Router(config-subif)#ip address 192.168.20.1 255.255.255.0
Switch1(config) # interface fastEthernet 0/1
Switch1(config-if)# switchport mode trunk
241. Refer to the topology shown in the exhibit. Which ports will be STP designated ports if all the links are
operating at the same bandwidth? (Choose three)
A. Switch A Fa0/0
B. Switch A Fa0/1
C. Switch B Fa0/0
D. Switch B Fa0/1
E. Switch C Fa0/0
F. Switch C Fa0/1
Answer: B C D
Explanation
First by comparing their MAC addresses we learn that switch B will be root bridge as it has lowest MAC. Therefore all of its
ports are designated ports -> C & D are correct.
On the link between switch A & switch C there must have one designated port and one non-designated (blocked) port. We can
figure out which port is designated port by comparing their MAC address again. A has lower MAC so Fa0/1 of switch A will be
designated port while Fa0/1 of switch C will be blocked -> B is correct.
242. Refer to the exhibit. Each of these four switches has been configured with a hostname, as well as being
configured to run RSTP. No other configuration changes have been made. Which three of these show the
correct RSTP port roles for the indicated switches and interfaces? (Choose three)
switch always advertises its cost to the root bridge in its BPDU. The receiving switch will add its local port cost value to the
cost in the BPDU.
One more thing to notice is that a root bridge always advertises the cost to the root bridge (itself) with an initial value of 0.
Now lets have a look at the topology again
SwitchC advertises its cost to the root bridge with a value of 0. Switch D adds 4 (the cost value of 1Gbps link) and advertises
this value (4) to SwitchB. SwitchB adds another 4 and learns that it can reach SwitchC via Gi0/1 port with a total cost of 8.
The same process happens for SwitchA and SwitchB learns that it can reach SwitchC via Gi0/2 with a total cost of 23 ->
Switch B chooses Gi0/1 as its root port -> D is not correct.
Now our last task is to identify the port roles of the ports between SwitchA & SwitchB. It is rather easy as the MAC address of
SwitchA is lower than that of SwitchB so Fa0/2 of SwitchA will be designated port while Gi0/2 of SwitchB will be alternative
port -> A is correct but C is not correct.
Below summaries all the port roles of these switches:
A. a router with subinterfaces configured on the physical interface that is connected to the switch
B. a router with an IP address on the physical interface connected to the switch
C. a switch with an access link that is configured between the switches
D. a switch with a trunk link that is configured between the switches
Answer: A
244. A frame from VLAN1 of switch S1 is sent to switch S2 where the frame received on VLAN2. What causes this behavior?
Interface Fa0/0 on Router1 replies for the ping packets from Host1 so it is up -> E is not correct. If the interface Fa0/0 on
Router is shutdown then we will receive a message of Request timed out, not Destination host unreachable.
Answer C is correct because we can get a reply from the interface Fa0/0 of Router1 so the link between Host1 and Router1
should be fine -> the problem lies at the other side of Router1. But if the link between Router2 and Host2 is down then we will
receive a reply from interface S0/1 of Router2 that the destination host unreachable. Therefore the problem can just be the
link between Router1 and Router2.
246. Refer to the exhibit. The network administrator requires easy configuration options and minimal routing
protocol traffic. Which two options provide adequate routing table information for traffic that passes between
the two routers and satisfy the requests of the network administrator? (choose two)
After HostA pings HostB, which entry will be in the ARP cache of HostA to support this transmission?
Host A knows host B is in another network so it will send the pings to its default gateway 192.168.6.1. Host A sends a
broadcast frame asking the MAC address of 192.168.6.1. These information (IP and MAC address of the default gateway) is
saved in its ARP cache for later use.
248. Refer to the exhibit. The following commands are executed on interface fa0/1 of 2950Switch.
2950Switch(config-if)#switchport port-security
2950Switch(config-if)#switchport port-security mac-address sticky
2950Switch(config-if)#switchport port-security maximum 1
The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur when this frame is received by
2950Switch? (Choose two)
A. The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.
B. Only host A will be allowed to transmit frames on fa0/1.
C. This frame will be discarded when it is received by 2950Switch.
D. All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out fa0/1.
E. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be forwarded out fa0/1.
F. Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be forwarded out fa0/1.
Answer: B D
249. Host 1 is trying to communicate with Host 2. The e0 interface on Router C is down. Which of the following
are true? (Choose two)
A. Router C will use ICMP to inform Host 1 that Host 2 cannot be reached.
B. Router C will use ICMP to inform Router B that Host 2 cannot be reached.
C. Router C will use ICMP to inform Host 1, Router A, and Router B that Host 2 cannot be reached.
D. Router C will send a Destination Unreachable message type.
E. Router C will send a Router Selection message type.
F. Router C will send a Source Quench message type.
Answer: A D
Explanation
The last known good router will try to inform you that the destination cannot be reached (with a Destination Unreachable
message type) so from that information you can learn how far your packets can travel to and where the problem is.
250. Refer to the exhibit.
All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP
link metrics. Which two ports are in blocking state after STP converges? (Choose two)
All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP
link metrics. Which two ports are forwarding traffic after STP converges? (Choose two)
A. The port connecting switch SWD with switch SWE
B. The port connecting switch SWG with switch SWF
C. The port connecting switch SWC with switch SWE
D. The port connecting switch SWB with switch SWC
Answer: C D
Answer: D
Explanation
When external routing information is imported into an NSSA, LSA Type 7 is generated by the ASBR and it is flooded within that
area only. To further distribute the external information, type 7 LSA is translated into type 5 LSA at the NSSA border. The P-bit
in LSA Type 7 field indicates whether the type 7 LSA should be translated. This P-bit is automatically set by the NSSA ABR
(also the Forwarding Address (FA) is copied from Type 7 LSA). The P-bit is not set only when the NSSA ASBR and NSSA ABR are
the same router for the area . If bit P = 0, then the NSSA ABR must not translate this LSA into Type 5.
The nssa-only keyword instructs the device to instigate Type-7 LSA with cleared P-bit, thereby, preventing LSA translation to
Type 5 on NSSA ABR device.
Note: If a router is attached to another AS and is also an NSSA ABR, it may originate a both a type-5 and a type-7 LSA for the
same network. The type-5 LSA will be flooded to the backbone and the type-7 will be flooded into the NSSA. If this is the case,
the P-bit must be reset (P=0) in the type-7 LSA so the type-7 LSA isnt again translated into a type-5 LSA by another NSSA
ABR.
253. Which statement about a type 4 LSA in OSPF is true?
A. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ASBR.
B. It is an LSA that is originated by an ASBR, that is flooded throughout the AS, and that describes a route to the ASBR.
C. It is an LSA that is originated by an ASBR, that is flooded throughout the area, and that describes a route to the ASBR.
D. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ABR.
E. It is an LSA that is originated by an ABR, that is flooded throughout the area, and that describes a route to the ASBR.
Answer: E
Explanation
LSA Type 4 (called Summary ASBR LSA) is generated by the ABR to describe an ASBR to routers in other areas so that routers
in other areas know how to get to external routes through that ASBR.
AS#1 and AS#2 have multiple EBGP connections with each other. AS#1 wants all return traffic that is destined to the prefix
10.10.10.1/32 to enter through the router R1 from AS#2. In order to achieve this routing policy, the AS 1 advertises a lower
MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this
measure guarantee that the routing policy is always in effect?
AS #1 and AS #2 have multiple EBGP connections with each other. AS #1 wants all return traffic that is destined to the prefix
10.10.10.1/32 to enter through the router R1 from AS #2. In order to achieve this routing policy, the AS#1 advertises a lower
MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this
measure guarantee that the routing policy is always in effect?
A. Yes, because MED plays a deterministic role in return traffic engineering in BGP.
B. Yes, because a lower MED forces BGP best-path route selection in AS #2 to choose R1 as the best path for 10.10.10.0/24.
C. Yes, because a lower MED in AS #2 is the highest BGP attribute in BGP best-path route selection.
D. No, AS #2 can choose to alter the weight attribute in R2 for BGP neighbor R1, and this weight value is cascaded across AS
#2 for BGP best-path route selection.
E. No, AS #2 can choose to alter the local preference attribute to overwrite the best-path route selection over the lower MED
advertisement from AS #1. This local preference attribute is cascaded across AS #2 for the BGP best-path route selection.
Answer: E
256. Refer to the exhibit. All iBGP routes should have the iBGP peer as the next hop address. Why is this not
the case for BGP routes learned between R1 and R2?
A RTA will take the place of DR immediately upon establishing its adjacencie
B RTA will take the place of DR only if RTB fails
C RTA will take the place of DR only if both RTB and RTC fail
D A new election will take place establishing an all new DR and BDR based on configured priority levels and MAC addresses
Answer: C
258. Refer to the exhibit. During the process of configuring a virtual link to connect area 2 with the backbone
area, the network administrator received this console message on R3:
*Mar 1 00:25:01.084: %OSPF-4-ERRRCV: Received invalid packet: mismatch area ID, from backbone area must be virtual link
but not found from 20.20.20.1, Serial 0
How should the virtual link be configured on the OSPF routers to establish full connectivity between the areas?
A The neighbor command should be configured under the OSPF routing process on all routers
B The ip ospf network broadcast command should be configured on each Frame Relay interface
C The ip ospf network non-broadcast command should be configured on each Frame Relay interface
D The ip ospf priority value on the spoke routers should be set to 0
Answer: D
Explanation
In an NBMA network topology, neighbors are not discovered automatically. OSPF tries to elect a DR and a BDR due to the
multi-access nature of the network, but the election fails since neighbors are not discovered because NBMA environment
doesnt forward broadcast and multicast packets. Neighbors must be configured manually to overcome these problems.
Also, additional configuration is necessary in a hub and spoke topology to make sure that the hub routers, which have
connectivity with every other spoke router, are elected as the DR and BDR. You must set the spoke interfaces to an OSPF
priority of zero, this ensures that the spokes will not become the DR or BDR.
260. Refer to the exhibit. OSPF is configured on all routers in the network. On the basis of the show ip ospf
neighbor output, what prevents R1 from establishing a full adjacency with R2?
A. Router R1 will only establish full adjacency with the DR and BDR on broadcast multiaccess networks.
B. Router R2 has been elected as a DR for the broadcast multiaccess network in OSPF area
C. Routers R1 and R2 are configured as stub routers for OSPF area 1 and OSPF area 2.
D. Router R1 and R2 are configured for a virtual link between OSPF area 1 and OSPF area 2.
E. The Hello parameters on routers R1 and R2 do not match.
Answer: A
Explanation
From the output, we learn that R4 is the DR and R3 is the BDR so other routers will only establish full adjacency with these
routers. All other routers have the two-way adjacency established -> A is correct.
261. Refer to the exhibit. On the basis of the configuration provided, how are the Hello packets sent by R2
handled by R5 in OSPF area 5?
A. The Hello packets will be exchanged and adjacency will be established between routers R2 and R5.
B. The Hello packets will be exchanged but the routers R2 and R5 will become neighbors only.
C. The Hello packets will be dropped and no adjacency will be established between routers R2 and R5.
D. The Hello packets will be dropped but the routers R2 and R5 will become neighbors.
Answer: C
Explanation
Recall that in OSPF, two routers will become neighbors when they agree on the following: Area-id, Authentication, Hello and
Dead Intervals, Stub area flag.
We must specify Area 5 as a stub area on the ABR (R2) and all the routers in that area (R5 in this case). But from the output,
we learn that only R2 has been configured as a stub for Area 5. This will drop down the neighbor relationship between R2 and
R5 because the stub flag is not matched in the Hello packets of these routers.
262. Refer to the exhibit. Two routers are connected by Frame Relay and are running OSPF between them. Each
router has been configured with the appropriate network statements under router ospf 1, but the routers are
not forming an adjacency. Which of the following three commands could be configured on each router to
correct this problem? (Choose three)
A.
RouterC(config-if )#ip ospf network broadcast
RouterD(config-if )#ip ospf network broadcast
B.
RouterC(config-if)#ip ospf network point-to-point
RouterD(config-if)#ip ospf network point-to-point
C.
RouterC(config-router)#neighbor 10.100.100.4
RouterD(config-router)#neighbor 10.100.100.3
D.
RouterC(config-router)#neighbor 10.255.255.254
RouterD(config-router)#neighbor 10.255.255.253
Answer: A B D
Explanation
By default, Frame Relay is classified as a non-broadcast network, meaning it doesnt send any broadcasts/multicasts like RIP,
OSPF or EIGRP updates across the network (hello packets of OSPF are multicast to 224.0.0.5). Hence, in NBMA network, the
neighbors are not discovered automatically; they must be configured manually. There are two ways to simulate a broadcast
model on an NBMA network:
+ Define the network type as broadcast with the ip ospf network broadcast interface sub-command
+ Configure the neighbor statements under router ospf mode (though configuring the neighbor statement on one end is
sufficient to form adjacency, it is a good practice to have it configured on both the ends)
Besides these two ways, another way for making OSPF work with Frame Relay is configuring the network as a Point-to-Point
network (or Point-to-Multipoint, notice that OSPF treats Point-to-Multipoint network as a collective of point-to-point links).
Some information about Point-to-Multipoint (or Point-to-Point) network:
Note: Point-to-Multipoint networks do not maintain a DR/BDR relationship.
263. What are two different types of bgp sessions?
There are two different types of BGP sessions: internal and external. The internal one is established between routers inside
the same AS and the external session is established between routers in different AS.
264. Refer to the exhibit. What is the effect of the OSPF configuration on router B?
266. Refer to the exhibit. What additional commands should be used to configure OSPF area 5 as a Totally
Stubby area?
A. 2WAY/DROTHER
B. 2WAY/BDR
C. 2WAY/DR
D. FULL/DROTHER
E. FULL/BDR
F. FULL/DR
Answer: E
Explanation
All the routers are allowed to take part in the DR/BDR election because all the Pris (Priority) are 1 and they are equal so with
default parameters, the router with highest IP address will become DR (RTD in this case) and the router with second highest
IP address (RTC) will become BDR.
269. Refer to the diagram. Which OSPF configuration command is required to configure Area 3 as a totally
stubby area?
A. On the ABR
router ospf 10
area 3 nssa
B. On the ABR
router ospf 10
area 3 stub
C. On all Area 3 routers
router ospf 10
area 3 stub no-summary
D. On all Area 3 routers
router ospf 10
area 3 stub
E. On the ABR
router ospf 10
area 3 stub no-summary
Answer: E
Explanation
To make an area totally stubby we must apply the area area-id stub no-summary command on the ABR (the middle router
in this case) and area area-id stub commands to all other routers in that area.
270. Refer to the exhibit. OSPF has been configured on all routers in the network. However, router R1 does not
receive a default route to router R2 as intended. Which configuration change would ensure that R1 would
receive a default route from R2?
A. Redistributed RIP and IGRP routes will appear in Area 1. They will be advertised via type 5 LSAs.
B. Only redistributed RIP routes will appear in Area 1. They will be advertised via type 7 LSAs.
C. Only redistributed IGRP routes will appear in Area 1. They will be advertised via type 7 LSAs.
D. No redistributed routes can appear in Area 1, only summary routes.
Answer: C
Explanation
Same explanation of Question 6. Please notice that the IGRP routes are redistributed to NSSA area 1 via LSA Type 7. The
NSSA ABR of area 1 will convert it into a LSA Type 5 before flooding to area 0 & area 2.
274. Refer to the exhibit. OSPF is running throughout the network. You want to minimize the propagation of
LSAs into and out of Area 1.
Which OSPF feature would best achieve this goal?
A. stub
B. totally stubby
C. NSSA
D. totally NSSA
Answer: D
Explanation
We need to redistribute RIP from R1 to Area 1 so Area 1 cannot be a stub or totally stubby area. To minimize the propagation
of LSAs into and out of Area 1 we should configure it as a totally NSSA. Notice that a NSSA allows LSA Type 3 & 7 while a
Totally NSSA only allows LSA Type 7.
Note:
Both Totally Stubby Area & Totally Stubby NSSA do not accept external AS routes or inter-area routes (LSA Types 3, 4 and 5).
They recognize only intra-area routes and the default route 0.0.0.0. The main difference between them is Totally Stubby NSSA
accepts routes from other AS while Totally Stubby Area does not.
Below summarizes the LSA Types allowed and not allowed in area types:
Area Type
Type 1
Standard & backbone
Stub
Yes
Totally stubby
NSSA
Yes
Totally (stubby) NSSA
Type
Yes
No
No
No
No
4Type
Yes
No
No
Yes
No
5Type 7
No
No
Yes
275. Refer to the exhibit. A company would prefer all Internet-bound OSPF routed traffic to use ISP ABC with
ISP DEF as a backup. As the network consultant, what three configuration changes might you make? (Choose
three)
D. If the metric value for ISP ABC is set at the default, the ISP DEF metric value should be set to 25.
E. The metric type value should be set to type 1.
F. The metric type value should be set to type 2.
Answer: B D F
Explanation
Routers B2 & B3 need to advertise a default route to the Internet for inside OSPF routers so we should use the defaultinformation originate command with a default route (something like ip route 0.0.0.0 0.0.0.0) pointing to the ISP router -> B
is correct.
If no metric is specified, OSPF puts a default value of 20 when redistributing routes from all protocols except BGP routes (BGP
routes get a metric of 1). We use ISP DEF as a backup so its metric value should be set to a higher value than 20 -> D is
correct.
There are two types of external routes: external type 1 and external type 2. The difference between the two is in the way the
cost (metric) of the route is being calculated:
+ The cost of a type 2 route is always the external cost, irrespective of the interior cost to reach that route.
+ Type 1 cost is the addition of the external cost and the internal cost used to reach that route.
-> We should configure the type 2 external route to make sure the ISP ABC is always referred over ISP DEF because internal
routing does not determine the path.
Note: E2 is the default external metric, but E1 is preferred over E2 if two equal-cost paths exist.
276. Refer to the exhibit. A network administrator wants to reduce the number of OSPF routes advertised from
Area 1 into Area 2. As the router configuration specialist, what two things would you do to accomplish this
goal? (Choose two)
A. default-router
B. ip default-network
C. default-information originate always
D. ip default-gateway
Answer: C
Explanation
The default-information originate command advertises a default route to other routers, telling something like please send
me your unknown traffic. With the always parameter, the default route is advertised even if there is no default route in the
routers routing table. In this case we dont see any default route in the configuration of R1 (like ip route 0.0.0.0 0.0.0.0 .)
so it must include the keyword always so that the default route is advertised.
278. Given the above OSPF network, which command will RTB use to summarize routes for the 192.168.16.0/22
supernet before injecting them into Area 0?
A. RTA will redistribute the RIP routers into the NSSA as type 7 LSAs. RTB will translate the type 7 LSAs into type 5 LSAs and
flood them throughout the OSPF backbone.
B. RTA will redistribute the RIP routers into the NSSA as type 7 LSAs. RTB will flood the type 7 LSAs throughout the backbone.
C. RTA will redistribute the RIP routers into the NSSA as type 5 LSAs. RTB will flood the type 5 LSAs throughout the backbone.
D. RTA will redistribute the RIP routers into the NSSA as type 5 LSAs. RTB will translate the type of 5 LSAs into type 7 LSAs
and flood them throughout the OSPF backbone.
E. RTA will not redistribute the RIP routers into the NSSA.
Ans: A
280. Refer to the network topology diagram shown in the exhibit. The routing table of R3 contains all the
proper OSPF routes except the 10.4.4.0/24 OSPF route. Which show command on R3 will be the most useful to
determine the cause of this problem and why?
A. Perform show ip ospf virtual-link to examine if the virtual link between R3 and R4 is configured and in the up state.
A RTR has a BGP password set but neighbor 10.0.0.1 does not
B RTR has a BGP password set but neighbor 10.0.0.5 does not
C RTR has a BGP password set but neighbor 10.0.0.1 has an incorrect password set
D RTR has a BGP password set but neighbor 10.0.0.5 has an incorrect password set
E Neighbor 10.0.0.1 has a BGP password set but RTR does not
F Neighbor 10.0.0.5 has a BGP password set but RTR does not
Answer: A D
Explanation:
You can configure MD5 authentication between two BGP peers, MD5 authentication must be configured with the same
password on both BGP peers; otherwise, the connection between them will not be made. If a router has a password
configured for a peer, but the other peer does not, a message No MD5 digest from will appear on the console while the
routers attempt to establish a Multicast Source Discovery Protocol (MSDP) session between them. Therefore A is correct
because RT1 (with an ip address of 10.0.0.1) is not configured with a password.
Similarly, if the two routers have different passwords configured, a message Invalid MD5 digest from will appear on the
screen.
284. Refer to the exhibit diagram and configuration. RTB is summarizing its networks from AS 64100 with the
aggregate-address command. However, the show ip route command on RTA reveals the RTB individual networks
as well as its summary route. Which option would ensure that only the summary route would appear in the
routing table of RTA?
A Delete the four network statements and leave only the aggregate-address statement in the BGP configuration
B Add the keyword summary-only to the aggregate-address command
C Add a static route with a prefix of 192.168.24.0 255.255.252.0 pointing to the null interface
D Create a route map permitting only the summary address
Answer: B
Explanation
When the aggregate-address command is used within BGP routing, the aggregated address is advertised, along with the more
specific routes. The exception to this rule is through the use of the summary-only command. The summary-only keyword
suppresses the more specific routes and announces only the summarized route.
285. Refer to the exhibit The neighbor 10.1.1.1 weight 200 BGP configuration command has been configured on
router A. What will be the result of this configuration?
A Router A will prefer the path through router B for network 172.20.0.0
B Router A will prefer the path through router C for network 172.20.0.0
C Packets from router D will prefer the path through router B for networks advertised by router A
D Packets from router D will prefer the path through router C for networks advertised by router A
Answer: A
Explanation
The weight attribute is a special Cisco attribute that is used in the path selection process when there is more than one route
to the same destination. The higher the weight value, the better the path. The default weight is 0. Therefore, by configuring
weight 200 to the neighbor 10.1.1.1, router A will prefer the path through router B for network 172.20.0.0 then the path
through router C.
The weight attribute is local to the router and not propagated to other routers. In this case the weight is local to router A so it
has no effect on the decision of transferring packets from router D.
286. What technique should be used on BGP edge routers to prevent a multi-homed autonomous system from
becoming a transit system?
A. Advertise with a high MED value all networks that are discovered via external BGP.
B. Remove the AS-Path information on all routes in the BGP table prior to advertising externally.
C. Only advertise networks externally if they have been discovered via internal BGP.
D. Use an outgoing distribution list to filter all networks not originating from inside the autonomous system.
E. Set the no-export community attribute on all networks that are advertised externally.
F. Set the origin code to incomplete for all networks that are discovered via external BGP.
Answer: D
Explanation
A transit AS is an AS that routes traffic from one external AS to another external AS. Lets see an example below:
Suppose your company has 2 internet links to 2 different ISPs. If one connection to the ISP goes down, your traffic can be sent
through the other ISP. It is a good way to make sure your company can access the internet any time. But if your routers are
not configured carefully, your company AS may become a transit AS. For example, AS 65002 learned the route 10.10.10.0/24
from ISP1. If R2 advertises that route to ISP2 then ISP2 may use it to send traffic to that network -> your company becomes a
transit AS.
There are two popular ways to prevent a multi-homed autonomous system from becoming a transit system:
+ Use a distribute-list or filter-list to filter all networks not originating from inside the autonomous system.
+ Use the no-export community attribute on all networks not originating from inside the autonomous system.
Answer E seems to be correct but in fact it is not because all networks that are advertised externally include networks
originating from inside and outside our AS. We should only filter networks originating from outside our AS. In some cases, the
routers in our company may advertise some internal networks (for remote access, for example).
287. Refer to the exhibit. By default, when RTB passes BGP advertisements from RTA about network
192.168.2.0 to RTC, what address will be listed as the next-hop address?
A. 10.1.1.1
B. 10.1.1.2
C. 192.168.1.49
D. 192.168.1.50
Answer: D
Explanation
This is a rule for BGP advertisement:
For EBGP, the next hop is always the IP address of the neighbor specified in the neighbor command. For IBGP, the protocol
states that the next hop advertised by EBGP should be carried into IBGP.
In this case, when RTA (in AS 65000, which is an EBGP for RTB) advertises a route to RTB, it specifies its interface
(192.168.1.50) as the next-hop. But when RTB passes this advertisement to RTC, it specifies RTA interface (also 192.168.1.50)
as the next-hop (IBGP). This can cause some routing failures because if RTC does not know a way to reach RTA interface via
IGP (OSPF, EIGRP), it will drop that packet. To fix this problem, add the neighbor 10.1.1.2 next-hop-self command under
BGP mode in RTB.
288. Refer to the exhibit. It is desired to set up a BGP neighbor relationship between routers R1 and R4. BGP
packets between them could travel through R2 or R3. What is the simplest configuration that will allow for
failover?
289. Refer to the exhibit. Network 10.0.0.0/8 is being advertised to autonomous system 65550 via both external
links. Which statement about the preferred path to the 10.0.0.0/8 network is true?
A. Router R1 will be preferred because its neighbor has the higher autonomous system number.
B. Router R1 will be preferred because it has the lower neighbor IP address.
C. Router R1 will be preferred because it has a lower local preference.
D. Router R2 will be preferred because its neighbor has a lower autonomous system number.
E. Router R2 will be preferred because it has the higher neighbor IP address.
F. Router R2 will be preferred because it has a higher local preference.
Answer: F
Explanation
Local preference is an indication to the AS about which path has preference to exit the AS in order to reach a certain network.
A path with a higher local preference is preferred more. The default value for local preference is 100.
Unlike the weight attribute, which is only relevant to the local router, local preference is an attribute that routers exchange in
the same AS. The local preference is set with the bgp default local-preference value command.
In this case, both R1 & R2 learn about the network 10.0.0.0/8 but R2 has higher local-preference so R2 will be chosen as the
preferred exit point from AS 65550.
290. Refer to the exhibit. Router RT-1 and router RT-2 both advertise network 131.25.0.0/16 to router RT-3 via
internal BGP. What is the reason that router RT-3 chose router RT-1 as its best path to network 131.25.0.0/16.
A. In making its decision about the best path, RT-1 gives precedence to the origin code.
B. In making its decision about the best path, RT-1 gives precedence to the BGP MED values.
C. IP address 128.107.2.2 is lower than 128.107.255.2.
D. In making its decision about the best path, RT-1 prefers the IGP metrics.
E. RT-1 prefers internal BGP routes.
F. IP address 128.107.254.2 is lower than 128.107.255.2.
Answer: A
Explanation
As explained above, the IGP is preferred over incomplete.
292. The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. Refer to the exhibit.
Routers A and B are running BGP but the session is active. What command needs to be added to establish the
BGP session?
hostname A
!
interface loopback 0
ip address 10.10.10.2 255.255.255.255
!
A. IBGP session must be established between routers R1 and R3, and the synchronization must be turned on.
B. IBGP session must be established between routers R1 and R3, and the synchronization must be turned off.
C. IBGP session must be established between routers R1 R2 and R2 R3. and the synchronization must be turned on.
D. IBGP session must be established between routers R1 R2 and R2 R3, and the synchronization must be turned off.
E. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned on.
F. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned off.
Answer: F
Explanation
The synchronization rule states that if an AS provides transit service to another AS, BGP should not advertise a route until all
of the routers within the AS have learned about the route via an IGP. To understand why this rule exists, lets take an example
if this rule is not there.
Suppose Rt-A wants RT-B to access its local LAN 1.1.1.0, so it advertises this network through R1. R1 and R3 are running IBGP
so R1 sends this update to R3 through R2 (using the next-hop-self to use its own interfaces IP address). In turn, R3
announces to RT-B that it can reach 1.1.1.0 via R3.
Now Rt-B really wants to send traffic to 1.1.1.0 so it will send to R3. R3 does a look up and sees that the network can be
reachable via R1. It then does a lookup for R1s IP address and sees that it is reachable via R2 -> so it forwards packets to R2.
But R2, running IGP (like OSPF), does not find an entry for 1.1.1.0 so R2 drops all the packets for that network a black-hole is
created!
That is why the BGP synchronization rule is born. With this rule, when R3 receives an advertisement for 1.1.1.0 from R1, it
adds that route to its BGP table and before sending advertisement to RT-B, it first checks its IGP routing table to see whether
an entry exists for that route. In this example, R3s IGP routing table does not know how to reach 1.1.1.0 so R3 will not
advertise this network to RT-B. This route is only advertised to RT-B when IGP makes an entry in the routing table for 1.1.1.0.
Well, now you understand the importance of BGP Synchronization rule but now I wish to explain why this rule causes trouble
in fully-meshed IBGP!
Synchronization prevents fully-meshed IBGP from working properly. Because no IGP is running so R3 cannot advertise any
route to RT-B even if no black-hole exists in this topology.
Note: A fully-meshed can be a physical fully-meshed topology or a topology where all routers in the same AS established
IBGP connections with each other (although they do not need to be directly connected). So in the topology above, the
connection between R1 & R3 is represented by a dashed line, which means it can be physically connected or not (but an IBGP
connection must be established on both routers).
Therefore if all routers in AS 100 is fully-meshed, the synchronization rule must be turned off -> F is correct.
294. Which BGP option is required when load sharing over multiple equal-bandwidth parallel links from a single
CE router to a single ISP router over eBGP?
A. eBGP Multipath
B. eBGP Multihop
C. BGP Synchronization
D. Public AS numbers
Answer: B
Explanation
The eBGP multihop allows a neighbor connection between two external peers that do not have direct connection. The
multihop is only for eBGP and not for iBGP. For example, in the topology below router A wants to establish neighbor
relationship with the loopback0 of router B (to allow load balancing), which does not have direct connection so it must use
ebgp-multihop
For your reference, the full configurations of both router A & B are shown below:
A# int loopback 0
ip address 10.10.10.2 255.255.255.255
router bgp 1
neighbor 10.10.10.1 remote-as 2
neighbor 10.10.10.1 ebgp-multihop
neighbor 10.10.10.1 update-source loopback 0
network 10.10.10.2 mask 255.255.255.255
ip route 10.10.10.1 255.255.255.255 172.16.10.1
ip route 10.10.10.1 255.255.255.255 172.16.10.6
B# int loopback 0
ip address 10.10.10.1 255.255.255.255
router bgp 2
neighbor 10.10.10.2 remote-as 1
neighbor 10.10.10.2 ebgp-multihop
neighbor 10.10.10.2 update-source loopback 0
network 10.10.10.1 mask 255.255.255.255
ip route 10.10.10.2 255.255.255.255 172.16.10.2
ip route 10.10.10.2 255.255.255.255 172.16.10.5
Note: If router B wants to establish neighbor relationship with the directly connected interface of router A, it only needs these
commands:
B#
router bgp 2
neighbor 172.16.10.2 remote-as 1
But notice the traffic from router B would be sent to 172.16.10.2 interface only and load balancing would not take place.
295. Refer to the exhibit. On the basis of the configuration that is provided, how would the BGP updates that
come from router R1 be replicated inside autonomous system 65200?
A. All BGP updates that are received on router R2 will be sent to routers R3 and R4. Routers R3 and R4 will then forward those
BGP updates to router R5.
B. All BGP updates that are received on router R2 will not be sent to routers R3 and R4.
C. All BGP updates that are received on router R2 will be sent directly to router R5.
D. None of the BGP updates that are received on router R2 will ever be received by router R5.
Answer: D
Explanation
All BGP updates that are received on router R2 will be sent to routers R3 and R4 but R3 & R4 will not forward those BGP
updates to R5. This is called the BGP split-horizon rule (which states that a route learned from one IBGP neighbor will not be
advertised to another IBGP neighbor) -> A is not correct.
The BGP updates received on router R2 will be sent to R3 and R4 without violating the BGP split-horizon rule because R2
receives updates from an EBGP (R1), not IBGP -> B is not correct.
From the configuration of R2, we learn that R2 did not establish neighbor relationship with R5 so they are not neighbors -> no
BGP updates will be sent from R2 to R5 -> C is not correct.
The BGP split-horizon rule prevents updates received on R2 from being sent to R5 -> D is correct.
296. Why should iBGP sessions be fully meshed within a Transit AS?
A. BGP requires redundant TCP sessions between iBGP peers.
B. A full mesh allows for optimal routing within the Transit AS.
C. Routes learned via iBGP are never propagated to other eBGP peers.
D. Routes learned via iBGP are never propagated to other iBGP peers.
E. Routes learned via eBGP are never propagated to other iBGP peers.
Answer: D
Explanation
BGP split-horizon rule states that a route learned from one IBGP neighbor will not be advertised to another IBGP neighbor so
IBGP sessions should be fully meshed. For example in the topology below, routes learned from R1 about AS 200 will be
advertised to R2. For R2, the route learned from R1 is a route learned from one IBGP neighbor so R2 will not advertise this
route to R3 and AS 100 can never be a transit AS -> IBGP sessions should be fully meshed within a transit AS -> D is correct.
297. Observe the diagram. RTC is the hub router and RTA and RTB are the spokes. There are no virtual circuits
between the spoke locations. What is needed to successfully route traffic to the 11.11.11.0/24 network from
RTA?
298. Refer to the exhibit. Currently the two eBGP links between AS100 and AS200 have an average inbound
load of 65% and 20% respectively. After further investigation, traffic to 10.10.1.16/28 accounts for 45%, and
traffic to 10.10.1.32/28 and to 10.10.1.48/28 each account for 20% of the inbound load. The BGP attributes are
currently set at their default values in both autonomous systems.
If you want to influence how AS200 sends traffic to AS100, which eBGP configurations would you configure in
AS100 to influence AS200 to use the eBGP links more evenly? (Choose two.)
A. It will be dropped because network 192.168.25.0 is not in the RTA routing table.
B. It will be dropped because network 192.168.25.0 is not in the RTB routing table.
C. It will be forwarded to the null 0 interface of RTB and dropped.
D. It will be forwarded to the RTB 192.168.25.0 network.
Answer: D
Explanation
First I want to make it clear that the above configuration belongs to RTB (with AS 64100).
The network statement in other routing protocols (EIGRP, OSPF, RIP) is used to enable routing protocol on the interfaces
within that network statement. But in BGP, the function of a network statement is to tell the router to search the IP routing
table for a particular network, and if that network is found, originate it into the BGP database. But notice that you must have
an exact match in the IP routing table to appear the network in the BGP routing table (in this case we dont see the autosummary command so we suppose it is disabled in this case). For example:
+ network 10.10.10.0/8 will appear in BGP if network 10.10.10/8 appears in the IP routing table.
+ network 10.10.10.0/24 will appear in BGP if network 10.10.10.0/24 appears in the IP routing table.
Therefore, in this question the static route ip route 192.168.24.0 255.255.252.0 null0 was used to put a route to
192.168.24.0/22 into the routing table (although it points to Null0 but this command really makes that route appears in the
routing table). Notice this network 192.168.24.0/22 also coverts network 192.168.25.0 -> RTB will forward that packet to
192.168.25.0 network.
301. Refer to the exhibit. All routers are configured for BGP. EBGP routes received on router R2 show up in the
BGP table on routers R1 and R3 but not in their IP routing table. What would cause this? (Choose two)
A. RA is a DR
B. RA is a BDR
C. RA is a DROTHER
D. RB is a DR
E. RB is a BDR
F. RC is a DROTHER
Answer: C D(?)
Explanation
This question is missing some information. We dont know before RA failed, who the BDR was. Suppose RB was the BDR
before RA failed then RB would be the DR even when RA comes back. When RA comes back, its segment has both DR and
BDR elected so RA will take the DROTHER role -> C is correct but D is missing information.
303. Refer to the exhibit. VLAN 1 and VLAN 2 are configured on the trunked links between Switch A and Switch
B. Port Fa 0/2 on Switch B is currently in a blocking state for both VLANs. What should be done to load balance
VLAN traffic between Switch A and Switch B?
A. Lower the port priority for VLAN 1 on port 0/1 for Switch A.
B. Lower the port priority for VLAN 1 on port 0/2 for Switch A.
C. Make the bridge ID of Switch B lower than the ID of Switch A.
D. Enable HSRP on the access ports.
Answer: B
Explanation
Please read the explanation of Question 3 in http://www.certprepare.com/vlan-questions-4.
In general, lower the port priority for VLAN 1 will lower the Root Bridge ID for port Fa0/2 on Switch A -> traffic for VLAN 1 will
flow via Fa0/2 link.
304. Refer to the exhibit and the show interfaces fastethernet0/1 switchport outputs. Users in VLAN 5 on switch
SW_A complain that they do not have connectivity to the users in VLAN 5 on switch SW_B. What should be done
to fix the problem?
To change the default decision of selecting root port, we can change the port priority of each interface. The above picture is
true for VLAN 1-5 because port Fa0/10 has a lower port-priority so the peer port will be chosen as the root port. For VLAN 610, port Fa0/12 has higher priority ID (lower port priority value) so SB will block its upper port.
For answer A VLANs 1-5 will be blocked if fa0/10 goes down is not correct because if Fa0/10 goes down, SB will unblock
its lower port therefore VLANs 1-5 will still operate.
For answer B VLANs 6-10 have a port priority of 128 on fa0/10 is not always correct because VLAN 6-10 can have a
different port priority (of 32) according to the Ciscos link below.
Answer C is correct because VLAN 6-10 uses Fa0/12 link as it main path. Fa0/10 is the backup path and is only opened when
port Fa0/12 fails.
Answer D is correct because this configuration provide load-balance traffic based on VLAN basis. VLANs 1-5 use Fa0/10 and
VLANs 6-10 use Fa0/12 as their main paths.
Note: We can not assure the answer B is always correct so we should choose C and D if the question asks us to give only 2
choices).
306. You administer the network shown above. You issue the show interfaces trunk command on SwitchA and
receive the following output:
The link between switch SW1 and switch SW2 is configured as a trunk, but the trunk failed to establish connectivity between
the switches. Based on the configurations and the error messages received on the console of SW1, what is the cause of the
problem?
A. The two ends of the trunk have different duplex settings.
B. The two ends of the trunk have different EtherChannel configurations.
C. The two ends of the trunk have different native VLAN configurations.
D. The two ends of the trunk allow different VLANs on the trunk.
Answer: C
Explanation
As you can see in the configuration of two switches, the native VLAN on SW1 is set to 1 while the native VLAN on SW2 is set
to 2. This will cause a native VLAN mismatch error and it looks like this:
#CDP-4-NATIVE VLAN_MISMATCH: Native VLAN mismatch discovered on Fa0/1
Remember the native VLAN must match on both sides of the trunk link for 802.1Q; otherwise the link will not work. Also,
Spanning Tree Protocol (STP) will place the port in a port VLAN ID (PVID) inconsistent state and will not forward on the link.
308. Given the configurations on SwitchA and SwitchB, which two statements are true? (Choose two)
A. The link is set to auto-negotiate trunking, and it will automatically become a trunk link unless configured otherwise
B. The link is a trunking link and by default all VLANs will be transmitted across this link
C. The link is prevented from generating DTP frames, turning the Negotiation of Trunking off
D. The link is not a trunk link so both interfaces must be on the same VLAN and only that single VLAN is transmitted across
the link
Answer: D
310. Study the diagram below carefully, which three statements are true? (Choose three)
313. Study the exhibit carefully. Both host stations are part of the same subnet but are in different VLANs. On
the basis of the information presented in the exhibit, which statement is true about an attempt to ping from
host to host?
To allow communication between two VLANs, we need to enables Layer 3 routing on the switch with the ip routing
command. Some flatforms are enabled by default but some are not.
315. Based on the network diagram and routing table output in the exhibit, which one of these statements is
true?
A InterVLAN routing has been configured properly, and the workstations have connectivity to each other.
B InterVLAN routing will not occur since no routing protocol has been configured.
C Although interVLAN routing is not enabled, both workstations will have connectivity to each other.
D Although interVLAN routing is enabled, the workstations will not have connectivity to each other.
E None of the above.
Answer: A
Explanation:
In the output we can see both VLAN10 and VLAN20 are shown up (as networks 10.1.1.0 and 10.2.2.0) so the routing has been
configured properly. Notice that the C letter indicates that these networks are directly connected with the router.
316. Study the following exhibit carefully, what is the reason that users from VLAN 100 cant ping users on
VLAN 200?
Host A and Host B are connected to the Cisco Catalyst 3550 switch and have been assigned to their respective VLANs. The
rest of the 3550 configuration is the default configuration. Host A is able to ping its default gateway, 10.10.10.1, but is unable
to ping Host B. Given the output in the exhibit, which statement is true?
A. HSRP must be configured on SW1.
B. A separate router is needed to support inter-VLAN routing.
C. Interface VLAN 10 must be configured on the SW1 switch.
D. The global configuration command ip routing must be configured on the SW1 switch.
E. VLANs 10 and 15 must be created in the VLAN database mode.
F. VTP must be configured to support inter-VLAN routing.
Answer: D
Explanation
To enable routing on a Layer 3 switch first we have to use the ip routing command. From the output of show vlan brief
command above, we learn that ports connected to hosts have been configured as access ports and assigned to VLAN 10 &
15. The missing thing here is only the ip routing command. Below lists the full configuration so that these two hosts can
communicate.
ip routing
!
interface FastEthernet0/10
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/15
switchport access vlan 15
switchport mode access
!
interface Vlan10
ip address 10.10.10.1 255.255.255.0
!
interface Vlan15
ip address 10.15.15.1 255.255.255.0
318. Which two steps are necessary to configure inter-VLAN routing between multilayer switches? (Choose two)
A. Configure a dynamic routing protocol.
B. Configure SVI interfaces with IP addresses and subnet masks.
C. Configure access ports with network addresses.
D Configure switch ports with the autostate exclude command.
E. Document the MAC addresses of the switch ports.
Answer: A B
Explanation
A multilayer switch can use a switched virtual interface (SVI) to provide inter-VLAN routing rather than use an external router.
Below is a simple example of using SVIs to configure inter-VLAN routing on a Layer 3 switch.
ip routing
!
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
interface Vlan10
ip address 192.168.10.1 255.255.255.0
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
(In fact we need to configure two more interfaces so that all hosts can communicate)
Also, the above configuration is only for a single multilayer switch. If we enable interVLAN-routing between two multilayer
switches, a routing protocol needs to be used.
319. Refer to the exhibit
For the configuration shown, which is the recommended method of providing inter VLAN routing?
A. Determine which switch is the root bridge then connect a router on a stick to it
B. Configure SVIs on the core switches
C. Configure SVIs on the distribution switches
D. Configure SVIs on the access layer switches
Answer: C
Explanation
We can configure SVIs on Multilayer switches to use as the default gateways or Layer 3 routing for the devices connected to
SA1 & SA2.
320. Refer to the exhibit. Initially, LinkA is connected and forwarding traffic. A new LinkB is then attached
between SwitchA and HubA. Which two statements are true about the possible result of attaching the second
link? (Choose two)
B. One of the two switch ports attached to the hub will go into blocking mode when a BPDU is received.
C. Both switch ports attached to the hub will transition to the blocking state.
D. A heavy traffic load could cause BPDU transmissions to be blocked and leave a switching loop.
E. The switch port attached to LinkA will immediately transition to the blocking state.
Answer: B D
Explanation
we know that there will have only one Designated port for each segment (notice that the two ports of SwitchA are on the
same segment as they are connected to a hub). The other port will be in Blocking state. But how does SwitchA select its
Designated and Blocking port? The decision process involves the following parameters inside the BPDU:
* Lowest path cost to the Root
* Lowest Sender Bridge ID (BID)
* Lowest Port ID
In this case, both interfaces of SwitchA have the same path cost to the root and sender bridge ID so the third parameter
lowest port ID will be used. Suppose two interfaces of SwitchA are fa0/1 & fa0/2 then SwitchA will select fa0/1 as its
Designated port (because fa0/1 is inferior to fa0/2) -> B is correct.
Suppose the port on LinkA (named portA) is in forwarding state and the port on LinkB (named portB) is in blocking state. In
blocking state, port B still listens to the BPDUs. If the traffic passing through LinkA is too heavy and the BPDUs can not reach
portB, portB will move to listening state (after 20 seconds for STP) then learning state (after 15 seconds) and forwarding state
(after 15 seconds). At this time, both portA & portB are in forwarding state so a switching loop will occur -> D is correct.
321. Refer to the exhibit. Switch S1 is running mst IEEE 802.1s. Switch S2 contains the default configuration
running IEEE 802.1D. Switch S3 has had the command spanning-tree mode rapid-pvst running IEEE 802.1w.
What will be the result?
A. IEEE 802.1D and IEEE 802.1w are incompatible. All three switches must use the same standard or no traffic will pass
between any of the switches.
B. Switches S1, S2, and S3 will be able to pass traffic between themselves.
C. Switches S1, S2, and S3 will be able to pass traffic between themselves. However, if there is a topology change, Switch S2
will not receive notification of the change.
D. Switches S1 and S3 will be able to exchange traffic but neither will be able to exchange traffic with Switch S2
Answer: B
Explanation
A switch running both MSTP and RSTP supports a built-in protocol migration mechanism that enables it to interoperate with
legacy 802.1D switches. If this switch receives a legacy 802.1D configuration BPDU (a BPDU with the protocol version set to
0), it sends only 802.1D BPDUs on that port. An MST switch can also detect that a port is at the boundary of a region when it
receives a legacy BPDU, an MST BPDU (version 3) associated with a different region, or an RST BPDU (version 2).
However, the switch does not automatically revert to the MSTP mode if it no longer receives 802.1D BPDUs because it cannot
determine whether the legacy switch has been removed from the link unless the legacy switch is the designated switch
322. Refer to the exhibit. Switch 15 is configured as the root switch for VLAN 10 but not for VLAN 20. If the STP
configuration is correct, what will be true about Switch 15?
D. All ports in VLAN 10 will be in forwarding mode and all ports in VLAN 20 will be in standby mode.
Answer: B
Explanation
All ports on root bridge are designated ports, which are in forwarding state but notice in this case Switch 15 is the root switch
for VLAN 10 -> all ports in VLAN 10 will be in forwarding state. We can not say anything about the modes of ports of Switch
15 in other VLANs.
323. Refer to the exhibit. STP has been implemented in the network. Switch SW_A is the root switch for the
default VLAN. To reduce the broadcast domain, the network administrator decides to split users on the network
into VLAN 2 and VLAN 10. The administrator issues the command spanning-tree vlan 2 root primary on switch
SW_A. What will happen as a result of this change?
A. All ports of the root switch SW_A will remain in forwarding mode throughout the reconvergence of the spanning tree
domain.
B. Switch SW_A will change its spanning tree priority to become root for VLAN 2 only.
C. Switch SW_A will remain root for the default VLAN and will become root for VLAN 2.
D. No other switch in the network will be able to become root as long as switch SW_A is up and running.
Answer: C
Explanation
This command sets the switch to become root for a given VLAN. It works by lowering the priority of the switch until it
becomes root. Once the switch is root, it will not prevent any other switch from becoming root. In particular, if the current
root bridge is greater than 24576 then our switch will drop to 24576. If the current root bridge is less than 24576, our new
bridge priority will be (Priority value of the current root bridge 4096).
This command does not affect other VLAN so SW_A will remain root for the default VLAN -> C is correct.
Note: This command is not shown in a Catalyst switch configuration because the command is actually a macro executing
other switch commands.
324. Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on both
switch S2 and S5. The global configuration command spanning-tree uplinkfast has been configured on both
switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able to reach Host B?
A. Fifty percent of the traffic will successfully reach Host B, and fifty percent will dead-end at switch S3 because of a partial
spanning-tree loop.
B. No. Traffic will pass from switch S6 to S2 and dead-end at S2.
C. No. Traffic will loop back and forth between switch S6 and Host A.
D. No. Traffic will loop back and forth between switches S2 and S3.
E. Yes. Traffic will pass from switch S6 to S2 to S1.
Answer: E
Explanation
First we should understand about UpLinkFast.
Suppose S1 is the root bridge in the topology above. S3 is connected to S1 via two paths: one direct path and another goes
through S2. Suppose the port directly connected to S1 is root port -> port connected to S2 will be in Blocking state. If the
primary link goes down, the blocked port will need about 50 seconds to move from Blocking -> Listening -> Learning ->
Forwarding to be used.
To shorten the downtime, a feature called Uplink Fast can be used. When the primary (root) link fails, another blocked link can
be brought up immediately for use. When UplinkFast is enabled, it is enabled for the entire switch and all VLANs. It cannot be
enabled for individual VLANs.
In this question, the Root Guard feature has been enabled on Gi0/0 of S2 & S5 so these two Gi0/0 ports cannot be root ports
and cannot forward traffic -> the link between S2 & S6 must be used.
Note: The idea of Uplink Fast is based on blocked ports which are possible to become a root port. Therefore the Uplink Fast
feature is not allowed on the root bridge -> S2 & S5 cannot be root bridges in this case.
325. Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on both
switch S2 and S5. The global configuration command spanning-tree uplinkfast has been configured on both
switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able to reach Host B?
A. Yes. Traffic can pass either from switch S6 to S3 to S2 to S1, or, from switch S6 to S5 to S2 to S1.
B. No. Traffic will pass from switch S6 to S5 and dead-end at interface Gi0/0.
C. No. Traffic will loop back and forth between switch S5 and S2.
D. Yes. Traffic will pass from switch S6 to S3 to S2 to S1.
E. No. Traffic will either pass from switch S6 to S5 and dead-end, or traffic will pass from switch S6 to S3 to S2 and dead-end.
Answer: D
Explanation
Same explanation as Question 6. When the link between S4 S5 goes down, Gi0/0 on S5 cannot become root port because of
Root Guard feature on it. But maybe Host A cant reach host B in the first 15 seconds after the link between S4 & S5 fails by
default. It is the time for S5 to clear the MAC address table (please read the explanation of Question 5 for more detail).
326. Given the diagram and assuming that STP is enabled on all switch devices, which two statements are true?
(Choose two)
327. Refer to the exhibit. The service provider wants to ensure that switch S1 is the root switch for its own
network and the network of the customer. On which interfaces should root guard be configured to ensure that
this happens?
A. interfaces 1 and 2
B. interfaces 1,2,3, and 4
C. interfaces 1, 3, 5, and 6
D. interfaces 5 and 6
E. interfaces 5, 6, 7, and 8
F. interfaces 11 and 12
Answer: D
Explanation
Lets see what will happen if we set port 5 & 6 as root guard ports:
First, notice that the root guard command cannot be used on root switch (because this command is based on blocked port
while a root switch cant have a blocked port -> two middle switches cannot become root bridges.
Moreover, the neighbor switch which has its port connected with this root guard port cant be the root bridge. For example
if we configure port 6 as root guard port, the left-bottom switch (the switch with ports 3, 4) cant be root bridge because
that will make port 6 root port. Therefore by configuring port 5 & 6 as root guard ports, two switches in the Customer
network cannot become root bridge.
328. A port in a redundant topology is currently in the blocking state and is not receiving BPDUs. To ensure that
this port does not erroneously transition to the forwarding state, which command should be configured to
satisfy the requirement?
A. Switch(config)#spanning-tree loopguard default
B. Switch(config-if)#spanning-tree bpdufilter
C. Switch(config)#udld aggressive
D. Switch(config-if)#spanning-tree bpduguard
Answer: A
Explanation
Loop guard prevents alternate or root ports from becoming the designated port due to a failure that could lead to a
unidirectional link. An example is shown below:
Suppose S1 is the root bridge. S3s port connected with S2 is currently blocked. Because of unidirectional link failure on the
link
between S2 and S3, S3 is not receiving BPDUs from S2.
Without loop guard, the blocking port on S3 will transition to listening (upon max age timer expiration) -> learning ->
forwarding state which create a loop.n
With loop guard enabled, the blocking port on S3 will transition into the STP loop-inconsistent state upon expiration of the
max age timer. Because a port in the STP loop-inconsistent state will not pass user traffic, no loop is created. The loopinconsistent state is effectively equal to the blocking state.
To enable loop guard globally use the command spanning-tree loopguard default.
329.
All links in this network are layer 2, fast Ethernet 100 Mb/s and operating as trunks. After a failure, the link
between ASW-1 and DSW-1 has incorrectly come back up at 10 Mb/s although it is connected.
Which one of the following will occur as a result of this failure?
A. There will be no change to the forwarding path to traffic from ASW-1
B. ASW1 will block Fa0/24 in order to maintain the shortest path to the root bridge DSW-1
C. ASW-1 will block Fa0/23 in order to maintain the shortest path to the root bridge DSW-1
D. ASW-1 will elect DSW-2 as the root primary since it is close than DSW-1
Answer: C
Explanation
The picture below shows the port roles of all ports when the topology is converged after the failure.
A.
Switch2# configure terminal
Switch2(config)# interface range gigabitethernet3/1 -2
Switch2(config-if)# channel-group 5 mode auto
B.
Switch2# configure terminal
Switch2(config)# interface range gigabitethemet3/1 -2
Switch2(config-if)# channel-group 5 mode passive
C.
Switch2# configure terminal
Switch2(config)# interface range gigabitethernet3/1 -2
Switch2(config-if)# channel-group 5 mode desirable
D.
Switch2# configure terminal
Switch2(config)# interface range gigabitethernet3/1 -2
Switch2(config-if)# channel-group 5 mode on
Answer: B
Explanation
LACP trunking supports four modes of operation, as follows:
* On: The link aggregation is forced to be formed without any LACP negotiation. In other words, the switch will neither send
the LACP packet nor process any incoming LACP packet. This is similar to the on state for PAgP.
* Off: The link aggregation will not be formed. We do not send or understand the LACP packet. This is similar to the off state
for PAgP.
* Passive: The switch does not initiate the channel, but does understand incoming LACP packets. The peer (in active state)
initiates negotiation (by sending out an LACP packet) which we receive and reply to, eventually forming the aggregation
channel with the peer. This is similar to the auto mode in PAgP.
* Active: We are willing to form an aggregate link, and initiate the negotiation. The link aggregate will be formed if the other
end is running in LACP active or passive mode. This is similar to the desirable mode of PAgP.
LACP does not have auto & desirable modes so A & C are not correct.
Also there are only three valid combinations to run the LACP link aggregate, as follows:
Switch
Switch
Description
active active Recommended
active passive
Link aggregation occurs if negotiation is successful.
on
on
Link aggregation occurs without LACP. Although this works, it is not recommended.
Therefore if Switch1 is set active mode, we cannot set on mode on Switch2 -> D is not correct.
Only answer B is suitable in this case.
(Reference: http://www.cisco.com/en/US/tech/tk389/tk213/technologies_configuration_example09186a0080094470.shtml)
An example of configuring Layer 2 EtherChannel using LACP (applied these commands to both switches):
SW(config)#interface range f0/1 2
SW(config-if-range)#channel-group 1 mode active
333. Refer to the exhibit. The command switchport mode access is issued on interface FastEthernet0/13 on
switch CAT1. What will be the result?
Explanation
The syntax of configuring load balancing on a Cisco switch is:
Switch(config)# port-channel load-balance method
Many methods can be used here. By default, the src-dst-ip (source and destination IP address) method is used for Layer 3
switching. Lets take an example to understand more about this method.
In the topology above, Switch1 uses the src-dst-ip method to load balancing traffic to Switch2. With this method, only one
link is used for a specific pair of source & destination IP address and the switch uses the XOR function to generate the hash
that is used to determine which interface to use. Suppose the packets have the source IP of 1.1.1.1 & destination IP of
1.1.1.2. Write them in binary we get:
1.1.1.1 = 0000 0001.0000 0001.0000 0001.0000 0001
1.1.1.2 = 0000 0001.0000 0001.0000 0001.0000 0010
In this case we have only 2 interfaces in this channel group so the XOR function only gets the last bit, which means 1 XOR 0 =
1. Each interface is assigned an index that starts from 0 so Fa0/2 will be indexed 1 -> traffic will be sent over Fa0/2.
If we have 4 interfaces in a channel group then XOR function gets last 2 bits. If we have 8 interfaces, it gets 3 bits and so on.
For example, with 8 interfaces the result will be 3 (because 001 XOR 010 = 011) -> Fa0/4 will be used.
Note: If the two address values have the same bit value, the XOR result is always 0. If the two address bits differ, the XOR
result is always 1. For example, 0 XOR 0 = 0; 0 XOR 1 = 1; 1 XOR 0 = 1; 1 XOR 1 = 0.
In conclusion, the port-channel load-balance src-dst-ip command uses a pair of source & destination IP address to select the
port to send traffic to -> B is correct.
335. Which statement is true regarding the Port Aggregation Protocol?
A. Configuration changes made on the port-channel interface apply to all physical ports assigned to the portchannel interface.
B. Configuration changes made on a physical port that is a member of a port-channel interface apply to the port-channel
interface.
C. Configuration changes are not permitted with Port Aggregation Protocol; instead, the standardized Link Aggregation
Control Protocol should be used if configuration changes are required.
D. The physical port must first be disassociated from the port-channel interface before any configuration changes can be
made.
Answer: A
Explanation
The port-channel interface represents for the whole bundle and all the configurations on this interface are applied to all
physical ports that are assigned to this logical interface.
Note: We must manually create port-channel logical interface when configuring Layer 3 EtherChannels. The port-channel
logical interface is automatically created when configuring Layer 2 EtherChannels (you cant put Layer 2 ports into a
manually created port channel interface).
An example of configuring Layer 3 EtherChannels with port-channel interfaces:
A: A native VLAN is an untagged VLAN on an 802.1q trunked switch port. If a switch receives untagged frames on a trunk
port, they are assumed to be part of the VLAN that are designated on the same switch port as the native VLAN. Frames that
pass through a switch port on the native VLAN are not tagged.
337. What is EtherChannel and is it possible to achieve load balancing using EtherChannels?
A: EtherChannel is a LAN port aggregation technology which allows grouping of several physical Ethernet links to create one
logical Ethernet link for the purpose of providing fault-tolerance and high-speed links between switches, routers and servers.
Yes, EtherChannel supports load balancing on the basis of predefined hash algorithms but you cannot control the port that a
particular flow uses.
The hash algorithm cannot be configured or changed to load balance the traffic among the ports in an EtherChannel.
Main hash algorithms are src_ip_addr | dest_ip_addr | src_mac_addr | dest_mac_addr | src_port | dest_port} [dest_ip_addr |
dest_mac_addr | dest_port.
338. What does non transitive attribute in BGP means?
Weight is not a transitive attribute which means that it cant influence the routing decision of the other routers. Same is the
case for Local preference.
339. Use of access-list and route-map in BGP?
The access-list will classify what prefix we want to manipulate and the route-map will tell what actions we want to do with
that prefix.
340. Use of MED
MED (multi-exit Discriminator) is a BGP attribute that is used to influence the other AS on how to reach the prefixes inside
your own AS. The lower the MED, the higher the preference
341. Explain BGP attributes.
A quick copy-and-paste summary on BGP attribute categorization.
WELL-KNOWN, MANDATORY
AS-path: A list of the Autonomous Systems (AS) numbers that a route passes through to reach the destination. As the update
passes through an AS the AS number is inserted at the beginning of the list. The AS-path attribute has a reverse-order list of
AS passed through to get to the destination.
Next-hop: The next-hop address that is used to reach the destination.
Origin: Indicates how BGP learned a particular route. There are three possible types -- IGP (route is internal to the AS), EGP
(learned via EBGP), or Incomplete (origin unknown or learned in a different way).
WELL-KNOWN, DISCRETIONARY
Local Preference: Defines the preferred exit point from the local AS for a specific route.
Atomic Aggregate: Set if a router advertises an aggregate causes path attribute information to be lost.
OPTIONAL, TRANSITIVE
Aggregator: Specifies the router ID and AS of the router that originated an aggregate prefix. Used in conjunction with the
atomic aggregate attribute.
Community: Used to group routes that share common properties so that policies can be applied at the group level.
OPTIONAL, NON-TRANSITIVE
Multi-exit-discriminator (MED): Indicates the preferred path into an AS to external neighbors when multiple paths exist.
A list of path attributes is contained in BGP update messages. The attribute is variable length and consists of three fields:
Attribute type consisting of a 1-byte attribute flags field and a 1-byte attribute code field, Attribute length field that is 1 or 2
bytes, and a variable length attribute value field. The attribute type codes used by Cisco are: 1-origin, 2-AS-path, 3-Next-hop,
4-MED, 5-Local preference, 6-Atomic aggregate, 7-aggregator, 8-community, 9-originator-ID, and 10-cluster list.
342. What is the command to compare start-up and running config in router.
There is a easy way though to compare the configs and the command is "show archive config differences" for the router to
compare the start-up and the running-config.
343. How many BGP processes can you run in a Cisco router?
You can run multiple bgp processes in single router based on router performance.
344. Into which of the BGP neighbor states must a neighbor stabilize before BGP Update messages may be
sent?
Established state
345. what is best way to remember BGP best path selection.
W
L
O
AS
O
M
P
R
All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP
link metrics. Which two ports are in blocking state after STP converges? (Choose two)
A. the port on switch SWD that connects to switch SWE
B. the port on switch SWF that connects to switch SWG
C. the port on switch SWD that connects to switch SWC
D. the port on switch SWB that connects to switch SWD
Answer: C D
347. Refer the exhibit
All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers
shown are STP link metrics. Which two ports are forwarding traffic after STP converges? (Choose two)
A. The port connecting switch SWD with switch SWE
B. The port connecting switch SWG with switch SWF
C. The port connecting switch SWC with switch SWE
D. The port connecting switch SWB with switch SWC
Answer: C D
348. Refer to the exhibit.
router ospf 100
router-id 4.4.4.4
area 110 nssa
summary-address 192.168.0.0 255.255.0.0 nssa-only
redistribute static metric-type 1 subnets tag 704
The nssa-only keyword instructs the device to instigate Type-7 LSA with cleared P-bit, thereby, preventing LSA translation to
Type 5 on NSSA ABR device.
Note: If a router is attached to another AS and is also an NSSA ABR, it may originate a both a type-5 and a type-7 LSA for the
same network. The type-5 LSA will be flooded to the backbone and the type-7 will be flooded into the NSSA. If this is the case,
the P-bit must be reset (P=0) in the type-7 LSA so the type-7 LSA isnt again translated into a type-5 LSA by another NSSA
ABR.
349. Which statement about a type 4 LSA in OSPF is true?
A. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ASBR.
B. It is an LSA that is originated by an ASBR, that is flooded throughout the AS, and that describes a route to the ASBR.
C. It is an LSA that is originated by an ASBR, that is flooded throughout the area, and that describes a route to the ASBR.
D. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ABR.
E. It is an LSA that is originated by an ABR, that is flooded throughout the area, and that describes a route to the ASBR.
Answer: E
Explanation
LSA Type 4 (called Summary ASBR LSA) is generated by the ABR to describe an ASBR to routers in other areas so that routers
in other areas know how to get to external routes through that ASBR.
AS#1 and AS#2 have multiple EBGP connections with each other. AS#1 wants all return traffic that is destined to the prefix
10.10.10.1/32 to enter through the router R1 from AS#2. In order to achieve this routing policy, the AS 1 advertises a lower
MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this
measure guarantee that the routing policy is always in effect?
AS #1 and AS #2 have multiple EBGP connections with each other. AS #1 wants all return traffic that is destined to the prefix
10.10.10.1/32 to enter through the router R1 from AS #2. In order to achieve this routing policy, the AS#1 advertises a lower
MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this
measure guarantee that the routing policy is always in effect?
A. Yes, because MED plays a deterministic role in return traffic engineering in BGP.
B. Yes, because a lower MED forces BGP best-path route selection in AS #2 to choose R1 as the best path for 10.10.10.0/24.
C. Yes, because a lower MED in AS #2 is the highest BGP attribute in BGP best-path route selection.
D. No, AS #2 can choose to alter the weight attribute in R2 for BGP neighbor R1, and this weight value is cascaded across AS
#2 for BGP best-path route selection.
E. No, AS #2 can choose to alter the local preference attribute to overwrite the best-path route selection over the lower MED
advertisement from AS #1. This local preference attribute is cascaded across AS #2 for the BGP best-path route selection.
Answer: E
353. Refer to the exhibit. All iBGP routes should have the iBGP peer as the next hop address. Why is this not the case for BGP
routes learned between R1 and R2?
Also note that if the remote peer is not supporting BGP Capabilities Advertisement (RFC 2842), some extra time will be
needed for session establishment. The establishment will fail at the first time in this case, because of unknown options in BGP
OPEN message. It should succeed at second attempt (i.e. after about a minute) and in any further attempts, because
RouterOS will remember the offending options for that peer and not include them in BGP OPEN messages anymore.
370. Difference in BOOTP and RARP.
RARP and BOOTP require a static reservation of an IP address for each specific MAC address. Because BOOTP encapsulates its
messages inside an IP packet, the packets can be routed to a BOOTP server; RARP does not use an IP header, so its messages
cannot be routed. Also, RARP only supports the assignment of the IP address, whereas BOOTP allows the assignment of other
settings, such as the mask and default gateway.
371. what is GRE tunnel?
GRE is Generic routing protocol. It is used to simulate point to point connection between the end routers. Tunnel interface is
created in both end routers which is a logical interface and can be loopback interface. Tunnel interfaces on both the routers
should be in same subnet. Already some L3 IGP should be there before configuring tunnel. To verify tunnel, we can traceroute
form one end to the router present at other end on tunnel interface and we can see that it is one hop away.
372. What are BGP attributes.
Well-known mandatory : AS-path , next-hop, origin
Well-known discretionary : local preference, atomic aggregate
Optional non-transitivie : MED == does not travel from router to router
Optional transitive : aggregator, community.
373. Will the actual route propagate through route reflector?
RR will forward both data plane and control plane traffic.
374. Why we need NSSA?
http://networklessons.com/ospf/introduction-to-ospf-stub-areas/
Within an NSSA you allow the Type 7s which are created on an ASBR within an NSSA area. These type 7s are then translated
at the ABRs at the internal edge of the NSSA area.
If you permitted Type 5s within the NSSA area - then you would permit ALL type 5s whether they originated within the NSSA
area or not. By doing type restrictions it is a clean way to prune the database.
375. Does DBD contain LSAs?
Yes DBD contain lsa header.
01234567890123456789012345678901
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version # |
2
|
Packet length
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Router ID
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Area ID
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Checksum
|
AuType
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Authentication
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Authentication
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
0
|
0
| Options |0|0|0|0|0|I|M|MS
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
DD sequence number
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
+-+
|
A
|
+Link State Advertisement
-+
|
Header
|
+-+
|
|
+-+
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
376. What is SVI?
Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual Interface
377. Is it possible to have DR/BDR election in case of LAN? Or point to point connection?
378.How ASBR knows it has to transfer packet to backbone area?
The NSSA External LSA has a flag in its header known as the P-bit. The NSSA ASBR has the option of setting or clearing the Pbit. If the NSSA*s ABR receives a type 7 LSA with the P-bit set to one, it will translate the type 7 LSA into a type 5 LSA and
flood it throughout the backbone area, It the P-bit is set to zero, no translation will take place and the destination in the type
7 LSA will not be advertised outside of the NSSA. This option allows you to design an NSSA in which the external destinations
learned in that area are known onlyin that area.
379. How to set P bit?
For example, you have a RIP learned route 1.1.1.0/24 that is injected into the OSPF NSSA Area. You do not want this route to
be leaked into the rest of the OSPF areas. Use
the below configuration on the NSSA ASBR in order to accomplish this:
router ospf 1
summary-address 1.1.1.0 255.255.255.0 not-advertise
This configuration generates a type 7 LSA that is not translated into type 5 by the NSSA ABR.
380. Why do we use route reflector?
A route reflector (RR) is a network routing component. It offers an alternative to the logical full-mesh requirement of internal
border gateway protocol (IBGP). A RR acts as a focal point[clarify] for IBGP sessions. The purpose of the RR is concentration.
Multiple BGP routers can peer with a central point, the RR - acting as a route reflector server - rather than peer with every
other router in a full mesh. All the other IBGP routers become route reflector clients.
381. Explain booting process in router?
http://computernetworkingnotes.com/cisco-devices-administration-and-configuration/router-booting-process.html
Router is powered on.
Power on self test (POST) is performed to check hardware components including memory and interfaces.
Bootstrap program is loaded and executed.
Bootstrap reads configuration register value to determine how the router will boot up.
Depending on the value of configuration register, bootstrap program finds and loads the IOS image.
If bootstrap fails to load IOS from all possible locations it will drop boot sequence in ROMMON mode for troubleshooting.
If IOS is loaded, the IOS will try to find and load the configuration.
If configuration is not presented, system configuration dialog would be launched.
If configuration is loaded, you would be presented in CLI interface.
382.What line-card you used?
10-Port 1-Gigabit Ethernet Line Card for Cisco 12000 Series Internet Routers
8-Port OC-3 STM-1 ATM Line Card for Cisco 12000 Series Internet Routers
4-Port Gigabit Ethernet ISE Line Card for Cisco 12000 Series Internet Router
383. Is looping happens in case of route re-distribution?
http://blog.ine.com/tag/redistribution/
Note: The redistribution of internal Border Gateway Protocol (iBGP) routes into an Interior Gateway Protocol can cause routing
loops within the Autonomous System (AS). This is not recommended. Route filters need to be set in order to control the
information, which is imported into the IGP.
http://routingnull0.com/2014/10/06/hour-560-solving-redistribution-loops/
384. Why hello of ospf cannot travel more than one hop?
Certain OSPF packets take the form of IP multicast datagrams. Support for receiving and sending IP multicast datagrams,
along with the appropriate lower-level protocol support, is required. The IP multicast datagrams used by OSPF never travel
more than one hop. For this reason, the ability to forward IP multicast datagrams is not required. For information on IP
multicast, see [RFC 1112].
or
OSPF uses multicast addressing for route flooding on a broadcast domain. For non-broadcast networks special provisions for
configuration facilitate neighbor discovery. OSPF multicast IP packets never traverse IP routers (never traverse Broadcast
Domains), they never travel more than one hop. OSPF reserves the multicast addresses 224.0.0.5 for IPv4 or FF02::5 for IPv6
(all SPF/link state routers, also known as AllSPFRouters) and 224.0.0.6 for IPv4 or FF02::6 for IPv6 (all Designated Routers,
AllDRouters), as specified in RFC 2328 and RFC 5340.
385. Which layer protocol is BGP? = it is application layer protocol
It rides over our existing TCP/IP structure, Hence BGP is a Application layer Protocol. And both BGP and RIP are application
layer protocols using TCP 179 and UDP 520 respectively for communication. OSPF and EIGRP are network layer protocols
using protocol number 89 and 88 respectively for communication.
386. Cisco IOS image format?
c7200-jk9o3s-mz.122-16.bin
387. What is PIM , IGMP.
388. What is *,G and s,G?
389. In MPLS what is penultimate hop?
390. After the initial exchange of DBD packets after neighbourship formation, how often does the DBD
exchange happens? if any new network is say added to the DROTHER router for example, how does it initiate
the further advertisements?
DBDs are used between the master and slave devices to start building the topology table. Each DBD packet has a sequence
number (but only the master can increment it). The sequence number increments when a link in OSPF changes.
Once the weve got past the exchange state, the device will then compare the its database with its neighbors to see if there
is any newer info. If any info is missing, the router (or whatever device it is) sends a LSR to request the missing info. The LSU
packet is the packet that actually exchanges the routing information between devices. Each device generates an LSA, or
multiple LSAs (there are eleven different types), that stipulate the routing information the device currently knows. Each type
of LSA is then encapsulated into a LSU and transmitted between devices. Upon receiving the LSU the LSA is stripped out and
inserted into the LSDB. The LSAck packets are used as a receipt in order to acknowledge receiving the LSU.
So to answer your question, the once the DBD's are sent, the only thing what happens is LSRs, LSUs, and LSAcks maintain the
topology. If there is ever a problem with this device, then we may need to go through the process of establishing an OSPF
adjancency:
exstart
exchange
loading
full
391. Purpose of DBD sequence number?
Each DBD packet has a sequence number which can be incremented only by master which is explicitly acknowledged by
slave.
I believe DBD sequence number is used to compare 2 consecutive DBD updates and find which one is the latest one.
On a P-2-P link, how is it decided who will first send the Database Description (DBD) packet. I understand that on a broadcast
network they use a master/slave configuration that is determined by the priority.
392. Does the same apply for P-2-P links?
Yes, it is same in case of point to point as well. One will act as Master and other will act as slave.
393. Can you configure a SVI on layer 2 switch? If yes then what is the benefit to configure SVI on L2 switch?
yes we can
A switch virtual interface (SVI) is a logical interface that ties Layer 3 functionality, such as IP information, to a VLAN. The SVI,
in turn, can be used for inter-VLAN routing, to fallback-bridge nonroutable protocols between VLANs, and to represent the
VLAN to a routing domain. By default, an SVI is created for VLAN 1 for management. If you are familiar with the Cisco
2900XL/3500XL series switches from CCIE PSV1, an SVI is very much like the "interface VLAN 1" used for management. Unlike
the previous switches, you can configure multiple SVIs and a routing protocol to provide connectivity between the VLANs. To
configure an SVI, aside from the single default, you must have the EMI software image installed on the switch.
393. How long would a switch retain a mac-address in its mac-address table
300 sec
Alternately, the static routes can be entered in the /etc/sysconfig/static-routes file in this format:
eth1 net 192.168.1.20 netmask 255.255.255.255 gw 10.1.1.20
where eth1 is the gateway's internal interface.
The /etc/sysconfig/static-routes file will be parsed by Linux kernel at startup.
To verify that route was added successfully, check the routing table by running netstat rn
404. What is the maximum TTL value?
255
405. How traceroute works?
406. How routing works?
Prefix
Ad
metric
407. packet format in case of wireshark?
Arp request arp response
Source mac dest mac
Source ip dest ip
Tcp session
408. host1 (1.1.2.2/24) ====== host2 (1.1.3.2/24)
Will communication happens
Communication will not happen since both host are in different network ie different broadcast domains.
Apr request will be sent if both host are in same network. So here arp request will not be send.
409. TCP and UDP protocol number.
TCP 6 and UDP 17
410. What is STP ? explain by scenario
Create triangle topology and explain
411. What is etherchannel and usecases.
Link aggregation technology
412. host ---switch (vlan1) vlan access vlan101 ---------------switch2 (switch pot trunk , switchport allowed trunk
vlan 101)---host2
Will communication happens ?
No both ports should be assigned as trunk.
413. What is VTP and how it works.
412. What should be your trouble shooting approach when two routers are not forming neighborship in case of
ospf.
Start from L2 and go up in OSI model
413. How dhcp works. What are the steps involved in case of dhcp?
Explain the process
412. what is NAT and how it works?
413. what happens if one of the link goes down incase of etherchannel?
414. What are AD for all routing protocols?
415. What is GRE and why is it required?
Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route other protocols over IP
networks.
GRE enables a wrapper to be placed around a packet during transmission of the data. A receiving GRE removes the wrapper,
enabling the original packet to be processed by the receiving stack.
Advantages of GRE tunnels include the following:
* GRE tunnels connect discontinuous sub-networks.
* GRE tunnels allow VPNs across wide area networks (WANs).
* GRE tunnels encase multiple protocols over a single-protocol backbone.
* GRE tunnels provide workarounds for networks with limited hops.
-n, --lines=N
output the last N lines, instead of the last 10
--max-unchanged-stats=N
with --follow=name, reopen a FILE which has not changed size after N (default 5) iterations to see if it has been
unlinked or renamed (this is the usual case of rotated log files)
--pid=PID
with -f, terminate after process ID, PID dies
-q, --quiet, --silent
never output headers giving file names
-s, --sleep-interval=S
with -f, sleep for approximately S seconds (default 1.0) between iterations.
-v, --verbose
always output headers giving file names
--help display this help and exit
--version
output version information and exit
If the first character of N (the number of bytes or lines) is a +, print beginning with the Nth item from the start
of each file, otherwise, print the last N items in the file. N may have a
multiplier suffix: b 512, k 1024, m 1024*1024.
With --follow (-f), tail defaults to following the file descriptor, which means that even if a tailed file is renamed, tail
will continue to track its end. This default behavior is not desirable when you really want to track the actual name of the file, not the file descriptor (e.g., log rotation). Use
--follow=name in that case. That causes tail to track the named file by reopening it periodically to see if it has been removed and recreated by some other program.
417. what are different ls command. Explain
NAME
ls - list directory contents
SYNOPSIS
ls [OPTION]... [FILE]...
DESCRIPTION
List information about the FILEs (the current directory by default). Sort entries alphabetically if none of -cftuvSUX nor
--sort.
Mandatory arguments to long options are mandatory for short options too.
-a, --all
do not ignore entries starting with .
-A, --almost-all
do not list implied . and ..
--author
with -l, print the author of each file
-b, --escape
print octal escapes for nongraphic characters
--block-size=SIZE
use SIZE-byte blocks
-B, --ignore-backups
do not list implied entries ending with ~
-c
with -lt: sort by, and show, ctime (time of last modification of file status information) with -l: show ctime and sort by
name otherwise: sort by ctime
-C
--color[=WHEN]
control whether color is used to distinguish file types. WHEN may be never, always, or auto
-d, --directory
list directory entries instead of contents, and do not dereference symbolic links
-D, --dired
generate output designed for Emacs dired mode
418. check for scale topology
419. How you verify customer scenario in Spirent .
420. How to analyze captured network data in wireshark.
http://www.unixarena.com/2013/06/wireshark-how-to-analyse-captured.html
http://tcpipguru.com/wireshark-interview-questions/
421. what all testcases you can think on TTL
422. DR and ospf router ip in ospf
423. collision and broadcast domain difference
A switch has 4 ports. Now 2ports are assigned to vlan 1 and next 2 ports are assigned to vlan2 . How many collision domains
will be there?
Collision domain should remain same.
424. How many lines of code you can write in a day
50 lines of code per day on average
425. what are 5 fundamental knobs in network security.
426. How to create sub interfaces in Linux or host?
Create sub interfaces on CentOS and Redhat
Sub interfaces or virtual interfaces are used for a number of reasons. Normally for VLANs, but also if you want your machine
to have multiple IP addresses.
This is relatively straight forward to do.
It can be done from the command line like this:
# ifconfig eth0:1 192.168.111.1
The above command has just created a virtual / sub interface on eth0 called eth0:1 and assigned it the IP 192.168.111.1
This however is not a permanent solution because when you reboot, this interface will be lost. To make it permanent we need
to create a file in /etc/sysconfig/network-scripts/ called ifcfg-eth0:1
DEVICE=eth0:1
BOOTPROTO=none
HWADDR=00:16:17:90:a5:15
ONPARENT=yes
IPADDR=192.168.111.1
NETMASK=255.255.255.0
TYPE=Ethernet
Very similar to ifcfg-eth0 but note there is no default gateway set. Always remove the gateway line from the cfg file you will
inevitably copy to create this.
The MAC or Hardware address must also match the parent interface.
If you need more than one virtual / sub interface, simply create more config files.
To bring an interface up after creating the config file use:
# ifup eth0:1
427. BGP is unicast or multicast.
It is possible to configure BGP peers that exchange both unicast and multicast network layer reachability information (NLRI),
but you cannot connect multiprotocol BGP clouds with a BGP cloud. That is, you cannot redistribute multiprotocol BGP routes
into BGP.
428. Is one to one mapping happens between DNs name and ip address.
A name server is used to keep track of information associated with domain names. A name server can maintain a database of
hostname-to-address mappings. Each name can map to one or more IP addresses. In order to use this service to map domain
names to IP addresses, you must specify a name server.
The name lookup system can be statically configured using the commands described in this task. Some other functions in
Cisco IOS software, such as DHCP, can dynamically modify the state of the name lookup system. Use the show hosts
command to display the cached hostnames and the DNS configuration.
429. Can we assign ipv4 and ipv6 address to same client.
Yes we can. If we see our windows we can see link local ipv6 address as well as ipv4 address. Dual stack it is possible.
But dhcpv6 server and dhcpv4 server will be different.
430. R1 (1500)----------------------------------(1000)r2
How R1 will know it has to do fragmentation?
Mtu size exchange will happen between the neighbors in L1
431. pc ---switch ------R1 -------R2-----switch---PC2
Expalin Arp, ping and traceroute
432. pc1 -----R1---------R2-------pc2
Static route is configured on R1 to reach pc2. Will ping happens?
Ping will not be successful since pc1 knows to reach the pc1 and pc2 doesnt know how to reach pc1.
433. What are different flags in Ip header other than MF and DF.
Reserved , DF and MF
434. Area concept in ospf?
We can have area 1 and area 2 without area 0. Check what all route will be there in this scenario.
This debug message shows router R1, as in the network diagram, sending an ICMP redirect message to Host H (172.16.1.1).
R1#
debug ip icmp
ICMP packet debugging is on
*Mar 18 06:28:54: ICMP:redirect sent to 172.16.1.1 for dest 10.1.1.1, use gw 172.16.1.200
R1#
Router R1 (172.16.1.100) sends a redirect to Host H (172.16.1.1) to use router R2 (172.16.1.200) as the gateway to reach the
destination 10.1.1.1.
When Are ICMP Redirects Sent?
Cisco routers send ICMP redirects when all of these conditions are met:
The interface on which the packet comes into the router is the same interface on which the packet gets routed out.
The subnet or network of the source IP address is on the same subnet or network of the next-hop IP address of the routed
packet.
The datagram is not source-routed.
The kernel is configured to send redirects. (By default, Cisco routers send ICMP redirects. The interface subcommand no ip
redirects can be used to disable ICMP redirects.)
Note: ICMP redirects are disabled by default if Hot Standby Router Protocol (HSRP) is configured on the interface. In Cisco IOS
Software Release 12.1(3)T and later, ICMP Redirect is allowed to be enabled on interfaces configured with HSRP. For more
information, refer to HSRP Support for ICMP Redirects section of Hot Standby Router Protocol Features and Functionality.
For example, if a router has two IP addresses on one of its interfaces:
interface ethernet 0
ip address 171.68.179.1 255.255.255.0
ip address 171.68.254.1 255.255.255.0 secondary
If the router receives a packet that is sourced from a host in the subnet 171.68.179.0 and destined to a host in the subnet
171.68.254.0, the router does not send an ICMP redirect because only the first condition is met, not the second.
The original packet for which the router sends a redirect still gets routed to the correct destination.
447. looping in different layer?
448. what is inter frame gap and which layer it belongs to? Why frame payload size is in range of 46-1500.
Interpacket gap is idle time between packets. After a packet has been sent, transmitters are required to transmit a minimum
of 96 bits (12 octets) of idle line state before transmitting the next packet.
There is an obvious reason why the frame payload size was chosen to be 1500 bytes. A frame size of 1500 bytes, offers,
maximum efficiency or throughput.
As you know, ethernet frame has 8 byte preamble, 6 byte source and 6 byte destination mac address, mac type of 2 bytes,
and 4 bytes CRC. Assuming the MTU payload to be 1500 the total number of bytes comes to 1500 + 8 + 6 + 6 + 2 + 4 =
1526 bytes. Now between each frame there is a inter frame gap of 12 bytes which constitues 9.6micro seconds gap between
each frame. This is essential so that frames dont mix up. So the total size of each frame going out of a host is 1538 bytes.
So at 10 Mbps rate, the frame rate is 10 Mbps / 1538 bytes = 812.74 frames / second.
Now we can find the throughput or efficiency of link, to transmit 1500 bytes of payload. by multiplying the frame rate with the
number of bytes of the payload.
So efficiency = 812.74 * 1500 * 8 = 9752925.xxxxx bps which is 97.5 percent efficient ( comparing with 10 MBps)
I guess I have gone too much with mathematics of Ethernet, but the interesting thing to notice is that, as the number of bytes
in the payload increases, the frame rate is decreasing. See that for an MTU of 1500 bytes on payload, the frame rate has
reduced to 812 frames per second. If you increase it above 1500, frame rate would become less than 812.
Also there is a minimum limit for the MTU which is actually 46 bytes. If you calculate the size of the frame for a 46 byte
payload it would come to 12+8+6+6+2+46+4 = 84 bytes. Now calculating the frame rate we get it as =
10mbps/ (84 * 8 bytes) = 14880 frames per second. We could have gone to a frame size even lesser than this, which could
increase the frame rate even more, but I guess during those times, when IEEE made the standards, the routers didnt have
that much frame forwarding capability.
So I think due to above reasons, and considering maximum efficiency, IEEE would have fixed the min and max size of payload
as 46 bytes and 1500 bytes.
449. Difference in performance and scalability testing?
Performance testing is the process of determining the speed or effectiveness of a computer, network, software program or
device. This process can involve quantitative tests done in a lab, such as measuring the response time or the number of MIPS
(millions of instructions per second) at which a system functions.
scalability testing is performed as a series of load tests with different hardware (or software) settings while keeping other
testing environment conditions unchanged. When you perform scalability testing, you can vary the CPU speed, the number
and type of servers, the amount of available RAM, and so on.
440. How to check performance of the router?
Performance Testing is performed to determine response time of the some components of the system perform under a
particular workload. It is generally measured in terms of response time for the user activity. It is designed to test the overall
performance of the system at high load and stress condition It identifies the drawback of the architectural design which helps
to tune the application. It includes the following:
Increasing number of users interacting with the system.
Determine the Response time.
Repeating the load consistently.
Monitoring the system components under controlled load.
Providing robust analysis and reporting engines.
Latency the delay between the sender and the receiver decoding it, this is mainly a function of the signals travel time, and
processing time at any nodes the information traverses
Jitter variation in the time of arrival at the receiver of the information
Error rate the number of corrupted bits expressed as a percentage or fraction of the total sent
442. Name 2.5 layer protocol.
MPLS
443. defect logged by you in GSR.
CSCtq21722
Symptom: A Cisco switch may reload when configured for SNMP.
Conditions: This symptom is observed when SNMP is configured.
Workaround: There is no workaround.
444. blackhole in networking?
In networking, black holes refer to places in the network where incoming or outgoing traffic is silently discarded (or
"dropped"), without informing the source that the data did not reach its intended recipient.
When examining the topology of the network, the black holes themselves are invisible, and can only be detected by
monitoring the lost traffic; hence the name.
Dead addresses[edit]
The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address
to which no host has been assigned.
Even though TCP/IP provides means of communicating the delivery failure back to the sender via ICMP, traffic destined for
such addresses is often just dropped.
Note that a dead address will be undetectable only to protocols that are both connectionless and unreliable (e.g., UDP).
Connection-oriented or reliable protocols (TCP, RUDP) will either fail to connect to a dead address or will fail to receive
expected acknowledgements.
Firewalls and "stealth" ports[edit]
Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports, resulting in small or large
"black holes" in the network. Personal firewalls that do not respond to ICMP echo requests ("ping") have been designated by
some vendors[1] as being in "stealth mode". Despite this, in most networks the IP addresses of hosts with firewalls configured
in this way are easily distinguished from invalid or otherwise unreachable IP addresses: On encountering the latter, a router
will generally respond with an ICMP network rsp. host unreachable error. NAT, as used in home and office routers, is generally
a more effective way of obscuring the layout of an internal network.
445. fields of 802.1q ?
Tcpid + priority + CFI+ vlan id
446. what are all BGP mandatory attributes?
As path and next hop
447. what is proxy arp?
448. How priority is set in layer 3 ?
With dscp
449. check different mtu size scenario in STC?
450. HL and TL calculation in IP?
451. ARP table entries?
Ip to mac address mapping. Only directly connected interfaces information will be present in arp cache.
452. What you want to be ?
I want to see myself as a network specialist.
453. What is socket?
A network socket is an endpoint of an inter-process communication flow across a computer network. Today, most
communication between computers is based on the Internet Protocol; therefore most network sockets are Internet sockets.
A socket address is the combination of an IP address and a port number, much like one end of a telephone connection is the
combination of a phone number and a particular extension. Based on this address, internet sockets deliver incoming data
packets to the appropriate application process or thread.
454. do you have any experience in customer actual deployment network?
No
455. Difference in local pref and MED?
Local pref is used within AS between IBGP and MED is used between peers in different AS.
456. How confederation works in BGP?
However, since these messages have invalid return addresses, the connections can never be established. The resulting
volume of unresolved open connections eventually overwhelms the server and can cause it to deny service to valid requests.
TCP Intercept is capable of operating in two different modes - intercept mode and monitor mode. When used in intercept
mode (the default setting), it checks for incoming TCP connection requests and will proxy-answer on behalf of the destination
server to ensure that the request is valid before connecting to the server. In monitor mode, TCP Intercept passively watches
the connection requests flowing through, and, if a connection fails to get established in a configurable interval, it will
intervene and terminate the connection attempt.
463. What is a firewall? Why do I want one?
Firewalls are used to build trusted perimeters around information and services.
Your Internet security solution must be able to allow employees to access Internet resources, while keeping out unauthorized
traffic. The most common way of protecting the internal network is by using a firewall between the intranet and the Internet.
464. What is Ipsec?
IPSec provides IP network-layer encryption.
IPSec is a standards-based technology that governs security management in IP environments. Originally conceived to solve
scalable security issues in the Internet, IPSec establishes a standard that lets hardware and software products from many
vendors interoperate more smoothly to create end-to-end security. IPSec provides a standard way to exchange public
cryptography keys, specify an encryption method (e.g., data encryption standard (DES) or RC4), and specify which parts of
packet headers are encrypted.
465. In Ethernet network in ospf . Does DR and BDR election happens?
If two routers are connected by Ethernet and point to point network is not defined , DR election will happen.
466. What happens in all 7 layers of OSI model if I type www.google.com or any other link? What do these layers do?
467. Data Encryption Standard (DES) weakness and strength.
The Data Encryption Standard (DES) is a symmetric key block cipher which takes 64-bit plaintext and 56-bit key as an input
and produces 64-bit cipher text as output. The DES function is made up of P and S-boxes. P-boxes transpose bits and S-boxes
substitute bits to generate a cipher.
Strength- The strength of DES lies on two facts:
The use of 56-bit keys: 56-bit key is used in encryption, there are 256 possible keys. A brute force attack on such number of
keys is impractical.
The nature of algorithm: Cryptanalyst can perform cryptanalysis by exploiting the characteristic of DES algorithm but no one
has succeeded in finding out the weakness.
Weakness- Weakness has been found in the design of the cipher:
Two chosen input to an S-box can create the same output.
The purpose of initial and final permutation is not clear.
468. If you are a victim of Denial of Service (Dos) then what you do?
The function of a denial of service attack is to flood its target machine with too much traffic and prevents it from being
accessible to any other requests or providing services.
To prevent DoS attacks firewall can be configured as a relay; in this approach the firewall responds on behalf of the internal
host. During the attack, the firewall responds to the SYN sent by the attacker; since the ACK never arrives, the firewall
terminates the connection.
By Keeping protocols and Antivirus software up-to-date, we can prevent to be a victim of DoS. A regular scanning of the
machine is also necessary in order to detect any anomalous behavior.
469. What are the main qualities of an effective and efficient network?
a. Performance
b. Reliability
c. Security
470. Name the factors that tell us about the security of the network.
a. Virus attacks on the system.
b. Unauthorized access to the system.
471. Define Bandwidth and Latency?
- Bandwidth/ Throughput It means the number of bits which can be transmitted over the network in a specified time.
- Latency It is the time taken by a message to travel from one side to another.
Bandwidth and latency describe the performance of a network.
472. If two connected routers are configured with RIP routing. What will be the result when a router receives a routing update
that contains a higher-cost path to network already in its routing table?
When a routing update is received by a router, the router first checks the administrative distance (AD) value and always
choose the route with the lowest administrative distance value. However, if two routes are received and they both have same
administrative distance value, then the router will choose the one route with the lowest metrics, or in RIPs case, hop count.
RIP allows a maximum hop-count of 15, so anything that requires 16 hops is consider as unreachable. Hence if a router
receives a routing update that contains a higher-cost path but have lower hops than the packet will be transferred through
that path
473. How do you use RSA for both authentication and secrecy?
RSA is a public key encryption algorithm. The RSA algorithms are based on the mathematical part that it is easy to find and
multiply large prime numbers together, but it is extremely difficult to factor their product.
For authentication: One can encrypt the hash (MD4/SHA) of the data with a private key. This is known as digital signature.
For Secrecy: Secrecy/confidentiality is achieved by encrypting the data with public key and decrypting with private key.
474. Can you differentiate among encoding, encryption and hashing?
Encoding: Basically encoding is used to protect the integrity of data as it crosses through communication network to keep its
original message upon arriving. It is primarily an insecure function because it is easily reversible.
Encryption: Encryption is basically designed for confidentiality and data integrity and reversible only if you have the
appropriate key.
Hashing: With hashing the operation is one-way i.e. non-reversible. It takes an input (or message) and returns a fixed-size
string, which is called the hash value.
475. What is Authentication Header and how it provides the protection to IP header?
Basically Authentication Header protects IP header and provides the complete authenticity to the IP packets.
AH may work in two ways: transport mode and tunnel mode.
In tunnel mode; AH protects the IP header using two IP header layers inner and outer. Inner IP header is used to contain the
source and destination addresses, and the outer IP header is used to contain the security gateway information
476. What is VPN?
A VPN is a service that offers secure, reliable connectivity over a shared public network infrastructure such as the Internet.
VPNs maintain the same security and management policies as a private network. They are the most cost effective method of
establishing a virtual point-to-point connection between remote users and an enterprise customer's network.
477. What is Trusted and Untrusted Networks?
Trusted networks: Such Networks allow data to be transferred transparently. The machines using a trusted network are
usually administered by an Administrator to ensure that private and secured data is not leaked. Access to this network is
limited. Computers using trusted networks are more secured and confidential because of strong firewalls.
Untrusted networks: Such networks are usually administered by the owners. They can allow improper access to sensitive or
personal data. These machines are usually separate. Such machines could me more prone to attacks.
478. In computer networking and telecommunications, a pseudowire (or pseudo-wire) is an emulation of a point-to-point
connection over a packet-switching network (PSN).
The pseudowire emulates the operation of a "transparent wire" carrying the service, but it is realized that this emulation will
rarely be perfect. The service being carried over the "wire" may be Asynchronous Transfer Mode (ATM), Frame Relay, Ethernet
or time-division multiplexing (TDM) while the packet network may be Multi-protocol Label Switching (MPLS), Internet Protocol
(IPv4 or IPv6), or Layer 2 Tunneling Protocol Version 3 (L2TPv3).
479.
TCL
1. What is the use of upvar?
Upvar : Create link to variable in a different stack frame. upvar simplifies the implementation of call-by-name
procedure calling and also makes it easier to implement Tcl procedures that are new control constructs
2. How to pass an array to a proc ?
You will need to use passing by reference to pass array information to a procedure. Array values cannot be passed as
procedure arguments. Keyed lists should also be passed by reference
It is not possible directly we need to use upvar .
http://stackoverflow.com/questions/3513266/passing-arrays-to-functions-in-tcl-only-upvar
http://www.cab.u-szeged.hu/local/doc/tcl.old/tclFAQ/part2/faq-doc-20.html
http://objectmix.com/tcl/775140-passing-arrays-arguments-procedures.html
proc show_array arrayName {
upvar $arrayName myArray
foreach element [array names myArray] {
puts stdout "${arrayName}($element) = $myArray($element)"
}
}
set arval(0) zero
4. Write a proc which will reverse a array ie value as index and index as value.
Eg a(1) 10 should be a(10) 1
http://pleac.sourceforge.net/pleac_tcl/arrays.html
http://stackoverflow.com/questions/11497726/how-to-reverse-an-array-in-tcl
array set A {1 10 2 20 3 30 4 40 5 50}
set lst [array get A]
puts $lst
set newlst [lreverse $lst]
puts $newlst
array set B $newlst
puts [array get B]
puts [parray B]
5. Input is 40000000000000000000. It can be any number long . Write a regexp which will take block of 2
nos from given number and print the values in separate variables.
set num "125342354832"
regsub -all {(..)} $num {\1 } var
puts $var
or
set str "40awd409999"
set i 1
while {[string length $str] > 1} {
regexp -nocase {[0-9a-z][0-9a-z]} $str match
set str$i $match
regsub $match $str "" str
incr i
}
if {[string length $str] == 1} {
set str$i $str
}
puts "$str1 $str2 $str3 $str4 $str5 $str6"
or
% set data "asdhlakjfsdhfl12312"
asdhlakjfsdhfl12312
% set fivers [regexp -all -inline {.{1,2}} $data]
as dh la kj fs dh fl 12 31 2
set i 0
foreach num $lst {
set var($i) $num
puts $var($i)
incr i
}
http://wiki.tcl.tk/1499
http://inguza.com/document/expect-and-tcl-mini-reference-manual
6. Given is Nawraj Lekhak kumar jagdish . If given input is two values print 1 st and 2nd names. If input
values is 3 or 4 print 1st, 2nd and 3rd name.
set lst [list nawraj kumar lekhak dutt]
set len [llength $lst]
puts $len
if {$len == 4 || $len == 3} {
puts [lrange $lst 0 2]
} elseif {$len == 2} {
puts [lrange $lst 0 1]
} else {
puts "invalid length"
}
http://zetcode.com/lang/tcl/lists/
}
May take up to two arguments:
A command block to execute.
An optional variable to store error messages within.
Returns:
1 if an error has been caught.
0 otherwise.
9. Regexp
http://docs.activestate.com/activetcl/8.5/expect4win/regex.html
10.
How can I create/use association lists or property lists?
Use arrays or Extended Tcl keyed lists.
For example, if you did a:
keylset ttyFields ttyName tty1a
keylset ttyFields baudRate 57600
keylset ttyFields parity strip
And then an echo $ttyFields, you'd get:
{ttyName tty1a} {baudRate 57600} {parity strip}
Or using arrays:
set ttyFields(ttyName) tty1a
set ttyFields(baudRate) 57600
set ttyFields(parity) strip
11.
Write a proc to increment the ip by the given no. of times. The incremented IPs should be a valid
one.
proc generate_ips {start_ip number_of_ips} {
regexp {([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)} $start_ip - oct1 oct2 oct3 oct4
set ip_list ""
while {[llength $ip_list] < $number_of_ips} {
for {} {$oct4 <= 254} {incr oct4} {
lappend ip_list "$oct1.$oct2.$oct3.$oct4"
if {[llength $ip_list] == $number_of_ips} {
break
}
}
if {$oct4 ==
set oct4 0
incr oct3
}
if {$oct3 ==
set oct3 0
incr oct2
}
if {$oct2 ==
set oct2 0
incr oct1
}
if {$oct1 ==
break
}
255} {
256} {
256} {
256} {
}
return $ip_list
}
12.
What are the different ways to initialize a variable. How to differentiate global and local variables,
explain it through a simple tcl program.
13.
Create a list of week days and print the first and last character of each day using foreach command
set lst {sunday monday tuesday wednesday thursday friday saturday}
foreach day $lst {
set out "[string index $day 0][string index $day end] "
append newlst "$out"
}
puts $newlst
14.
Can you write a small program to verify the given input is file or directory. Before checking, just
ensure that the file/dir exists or not in the given path. If the given input is a file, findout the size and
verify that the file has all read ,write and execute permission.
15.
How to increment each element in a list ?
set lst {0 3 2 10}
foreach num $lst {
incr num
append newlst "$num "
}
puts $newlst
16.
Find maximum number in the given 3 numbers using tcl?
set a -3
set b 2
set c 6
if {$a > $b && $a > $c} {
puts "a is the max number"
} elseif {$b > $a && $b > $c} {
puts "b is max"
} else {
puts "c is the max number"
}
17.
Write a script to display how many times each words appearing in a given string
set str "hello nawraj how are you. Hope you are fine"
set out [lsearch -all -inline $str "are"]
puts $out
set len [llength $out]
puts $len
18.Write a script to remove duplicates word in string
set lst "This issues the have is can be the most the"
regsub -all "the" $lst "" out
puts $out
19.
How can I pass an array into a proc?
Use upvar rather than try to use global variables when possible. If the function is event driven, you are forced to use
global variables.
# print elements of an array
proc show_array arrayName {
upvar $arrayName myArray
foreach element [array names myArray] {
puts stdout "${arrayName}($element) = $myArray($element)"
}
}
set arval(0) zero
set arval(1) one
show_array arval
To return an array from a procedures, just take the array name in as an argument, as above. Any changes you make in
the array will be made in the parent's array as well.
Extended Tcl introduces a concept called keyed lists which are arrays made out of lists of key-value pairs and can be
passed by value to routines, over networks, etc.
20.
How can I delete a procedure from within a script?
Rename the procedure to have no name, for example:
rename procedureName ""
21.
22.
The Script
proc int_config {x} {
for {set n 1} {$n<=$x} {incr n 1} {
puts [ ios_config "interface Loopback$n" "ip address 192.168.$n.1 255.255.255.0" ]
}
}
int_config 3
23.
Pass by value
Proc sum {a b} {
Set num [expr $a + $b]
Puts The sum is: $num
}
Sum 2 3
Pass by name
Array set months {1 Jan 2 Feb}
Parray months
Or
Proc increase {initial_apy change} {
Upvar $initial_pay x
Foreach item [array names x] {
Set x($item) [expr $x($item) + $change]
}
}
Array set Pay {Ray Steve 50 Fred 200}
Increase Pay 25
Parray Pay
Defaults
Proc myprocdefault {{}{}{}} {
Puts $a $b $c
}
Myprocdefault
Variable arguments
Proc show {a args} {
Puts $a
foreach val $args {puts $val}
}
Show 1 2 3
24.
What is the use of upvar?
The upvar command links a local variable with another variable (usually global).
Any change made to local variable will also change the global variable.
The upvar command allows you to easily pass arrays and arguments into procedures.
Syntax : upvar level $target_variable link_variable
25.
What is the use of return command?
The return command will return a value from procedure.
Proc sum {a b} {
return [expr $a + $b]
}
Set num [sum 2 3]
Puts The sum is: $num
26.
Different ways of global variable identification
set var 3
proc glob {} {
global var
puts "the value of variable is $var"
}
glob
or
Declaring global variable using double colon (::)
Proc proc01 {} {
Puts The value of var1 is: $::var1
}
27.Example for call a procedure by name and value.
proc Hours {weekly daily} {
upvar $weekly x
foreach item [array names x] {
set x($item) [expr $x($item) + $daily]
}
}
array set Timecard {Tom 20 Sue 24 Mike 18}
puts "This is the array before the procedure:"
parray Timecard
set res [Hours Timecard 8]
puts $res
28.
Create a procedure that will accept one argument and variable arguments
proc variable {a args} {
puts $a
foreach val $args { puts $val }
}
variable 1 2 3 4 5
Output:
1
2
3
4
5
29.
What is exec command used for ?
Exec command is used to execute programs external to TCL.
% cd "C:/Program Files (x86)/Windows Media Player"
% exec wmplayer.exe test.wmv
30.
What are special variables in TCL
Argc : number of command line arguments
Argv0: name of the script
Argv: list of command line arguments
Env : env array is an array of environmental variables.
31.
Use of source command?
Source command loads in a Tcl file and will execute the commands contained within the file.
32.
Use of package command?
Package is similar to libraries except that they require explicit loading.
33.
Use of package require command?
Package require command organizes sets of procedures under a single name, and lets you request packages by name
and revision number.
34.
What are the possible package require problem?
Say package A and package B both define procedure name sum. If these two packages are loaded and each contains
same proc name, then the last package loaded will define the procedure, even it is different from the first procedure.
Solution: namespaces will help alleviate this problem
35.
What is namespace?
A namespace is a encapsulated collection of commands and variables to ensure that they wont interfere with the
commands and variables of other namespaces.
A namespace is similar to a local variable within a proc.
Tcl has always had one such collection, which we refer as the global namespace.
Tcl supports many object-oriented programming constructs, including namespaces. A namespace is
a collection of commands and variables. Namespaces are very useful for avoiding name collisions.
In addition, most Tcl packages create their own namespace to store their procedures and variables.
36.
Name space example.
namespace eval test {
proc sum {a b} {
set num [expr $a + $b]
puts The sum is: $num
}
}
You can easily call a procedure within a namespace from another namespace by using the double colons (::)
test::sum 2 3
namespace eval sample {
proc sum {m n} {
set res [expr $m + $n]
return $res
}
}
puts [sample::sum 2 5]
37.
Use of catch command.
Catch command is use to handle exceptions within a script.
Catch command will gather an error condition and return the results rather than aborting the script.
% catch {unset var} result
1
% puts $result
can't unset "var": no such variable
%
38.
Pass an array to proc
proc a1 {a2} {
upvar $a2 x
foreach index [array names x] {
puts "x($index) = $x($index)"
}
}
array set a {0 10 1 20 2 30}
a1 a
39.
Regexp to match email-id
Regex:
[a-z0-9_-]+(\.[a-z0-9_-]+)*@[a-z0-9_-]+(\.[a-z0-9_-]+)+
Matches:
j_smith@foo.com
j.smith@bc.canada.ca
smith99@foo.co.uk
1234@mydomain.net
Doesn't Match:
@foo.com
.smith@foo.net
smith.@foo.org
www.myemail.com
40.
Match the preceding "e" exactly twice.
Regex:
be{2}t
Matches:
beet
Doesn't Match:
bet
beat
eee
41.
Converting Between Binary and Decimal
proc dec2bin {string} {
binary scan [binary format I $string] B32 str
return [string trimleft $str 0]
}
dec2bin 54
# => 110110
proc bin2dec {string} {
set string [format %032s $string]
binary scan [binary format B32 $string] I str
return $str
}
bin2dec 110110
# => 54
42.
Sort the arrays
% set numsorted [lsort -real [list 38 388.9 1.78 200 1e7]]
1.78 38 200 388.9 1e7
% set descending [lsort -decreasing -real [list 38 388.7 1.56 279 1e6]]
1e6 388.7 279 38 1.56
43.
(hardware )?address matches either hardware address or address
set add "hardware address"
regexp -- {(hardware)?address} $add print
puts $print
This just print address
44.
Write a script that searches the contents of a directory recursively for a pattern
Find all the Tcl files in the current directory:
glob *.tcl
Find all the Tcl files in the user's home directory, irrespective of what the current directory is:
glob -directory ~ *.tcl
Find all subdirectories of the current directory:
glob -type d *
Find all files whose name contains an "a", a "b" or the sequence "cde":
48.
How to parse a list and return the index of the match?
lsearch
49.
tcl script to extract the nos of warning and errors?
input:
xx : Severity: Warning Occurrence: 2
yy :Severity: Error Occurrence: 2
ZZ:Severity: Error Occurrence: 4
at the end I want to have Warnings =2
Error =6
program:
# input file
set fname "tcluser16.txt"
set input_file [open $fname "r"]
# define variables
set nr_warns 0
set nr_errs 0
while { [gets $input_file line] != -1 } {
# try to extract Warning Occurrence
set result [regexp {[Ww]arning\s+.*:\s*([0-9]+)}\
$line match num]
if {$result} {
set nr_warns [expr $nr_warns + $num]
}
# try to extract extract Error Occurrence
set result [regexp {[Ee]rror\s+.*:\s*([0-9]+)}\
$line match num]
if {$result} {
set nr_errs [expr $nr_errs + $num]
}
}
# print results
puts "Number of Warnings: $nr_warns"
puts "Number of Errors : $nr_errs"
# close input file
close $input_file
50.
Find duplicate files from different directories?
set searcrhResults {
dir1/dir2/dir3/file1.tcl dir1/dir3/file1.tcl dir1/dir2/file1.tcl dir1/dir2/dir3/file2.tcl dir1/dir2/dir3/file3.tcl
dir1/dir3/file2.tcl dir1/file3.tcl dir1/file4.tcl }
foreach file $searcrhResults {
if {[catch {incr filenames([file tail $file],cnt)}]} {set filenames([file tail $file],cnt) 1}
lappend filenames([file tail $file],paths) [file dirname $file]
}
51.
regexp to match below pattern?
set mystring "------ some string ---------"
set result [regexp {(-+)\s*([^-]*)\s*(-+)} $mystring match first middle rest]
or
regexp -- {(^[-]+)([a-z]+\s[a-z]+)([-]+$)} $pattern newstring first middle end
puts $newstring
puts $first
puts $middle
puts $en
52.
proc
multicast { } ;
get_mroute_active multicast
puts [array size multicast] ;
parray multicast ;
53.
replace a number at the end of the line by empty string?
set line "number 108, then something other and at end number 108"
puts "\$line='$line'\n"
set result [regexp {\d+$} $line match]
puts "Matching Result=$result"
if {$result} {
puts "This was matched: '$match'"
regsub {\d+$} $line "" line
puts "result after substitution:\n\$line='$line'\n"
}
or
set me [string range $me 0 [string last " " $me]]
or
set line "number 108, then something other and at end number 108"
regsub {[0-9]+$} $line {} newline
puts $newline
54.
how to split string by blank lines?
set a {dfsfhdslkj}
set a [split $a ""]
puts $a
foreach val $a {
puts "$val \n"
}
55.
program to count the repeat numbers in the file
Input:
January 4000 300 200
February 2000 100 0
March 4000 50 10
April 4000 120 300
May 1000 100 0
June 2000 0 0
July 400 1 1
Out:
one: Z: 5
two: Z: 5 A: 5
X: 2 Y: 1
60.
How to check whether a path is relative or absolute
set fullpath "/usr/home/clif/TCL_STUFF/TclTutor/Lsn.17"
set relativepath "CVS/Entries"
set directorypath "/usr/bin/"
set paths [list $fullpath $relativepath $directorypath]
foreach path $paths {
set first [string first "/" $path];
set last [string last "/" $path];
;# Report whether path is absolute or relative
if {$first != 0} {
puts "$path is a relative path"
} else {
puts "$path is an absolute path"
}
}
61.
Some regexp and regsub scenarios
set str2 "abc^def"
regexp "\[^a-f]*def" $str2 match
puts "using \[^a-f] the match is: $match"
regexp "\[a-f^]*def" $str2 match
puts "using \[a-f^] the match is: $match"
regsub {\^} $str2 " is followed by: " str3
puts "$str2 with the ^ substituted is: \"$str3\""
regsub "(\[a-f]+)\\^(\[a-f]+)" $str2 "\\2 follows \\1" str3
puts "$str2 is converted to \"$str3\""
62.
What are the two commadns that provide information about the contents of directories and files?
There are two commands that provide information about the contents of directories and the files within those
directories. These two commands are glob and file.
Glob provides the access to the names of files in a directory. It is similar to the ls shell command.
File provides three sets of functionality in a platform independant manner:
1.access to file status.
2.access to the file system.
3.tools for manipulating filenames.
63.
What are errorInfo and errorCode?
errorInfo
errorInfo is a global variable that contains the error information from commands that have failed.
errorCode
errorCode is a global variable that contains the error code from command that failed.
64.
Regsub example
regsub -all {,} "a,b,c,d,e" ":" res
puts $res
;# prints "a:b:c:d:e"
65.
Example for arrays as parameter
proc print12 {array} {
upvar $array a
puts "$a(1), $a(2)"
}
set array(1) "A"
set array(2) "B"
print12 array
66.
File reading example
## all problems found by 'open' throw exceptions:
if {[catch {set read_fh [open "input.txt" "r"]} errmsg]} {
error "ERROR: $errmsg"
}
## read the file line-by-line:
while {[gets $read_fh this_line] != -1} {
...
}
## or read the entire file into one string:
set file_contents [read $read_fh]
## or read the next N bytes into a string:
set next_block [read $read_fh 1024]
close $read_fh
67.
File writing example
## all problems found by 'open' throw exceptions:
if {[catch {set write_fh [open "output.txt" "w"]} errmsg]} {
error "ERROR: $errmsg"
}
puts $write_fh "blah blah blah"
## need a catch on close, because that's where most errors happen:
if {[catch { close $write_fh } errmsg]} {
error "ERROR: $errmsg"
}
68.
To check whether file is dir or file
file isdirectory
file isdirectory <path>
Returns whether or not the given path is a directory.
if {![file isdirectory "indir"]} {
...
}
file isfile
file isfile <path>
Returns whether or not the given path is a regular file.
if {[file isfile "maybe_a_link.txt"]} {
...
}
69.
What will this script output when it is evaluated
set x 1
while {$x < 10} {
puts "X: $x"
set y [expr $x + 1]
}
A) an infinite number of "X: 1" lines. =
B) lines from "X: 1" to "X: 9"
C) lines from "X: 1" to "X: 10"
70.
The upvar command will
A) Map a variable from the calling scope into the local procedure scope.=
B) Map a variable from the local scope into the calling scope.
C) Copy the value of a variable from the calling scope to the local scope.
upvar [level ] otherVar myVar...
Make local variable myVar become an alias for variable otherVar in the
stack frame indicated by level, where level is either a number indicating
the number of levels up the stack relative to the current level or a number
preceded by #, indicating an absolute level. The default level is 1.
Tcls upvar command is another answer to coding indirect variable refer ences.
Upvar allows one to refer ence a variable or array by some other name. Using a
first argument of 0 allows variables in the current scope to be accessed.
Upvar is also used when passing arrays to procedures, in which the default procedure scope frame (1) is used:
proc calc_pop_density {state_array_name} {
71.
The "global" command
A) maps a variable from the global scope into the procedure scope and gives it a unique name.
B) maps a variable from the global scope into the procedure scope retaining the original name.=
C) makes a global-scope variable automatically map into all procedures.
72.
What will be the value of i after this code is evaluated:
proc inc {nm} {
upvar $nm x
incr x
}
set i 2
inc i
A) 4
B) 3=
C) 2
73.What will be the value of i after this code is evaluated:
proc inc {nm} {
incr nm
}
set i 2
inc $i
A) 3
B) 2=
C) 4
74.
Regexp and glob difference
To match any number of characters
glob *
regexp .*
To match single character
glob ?
regexp .
Find all the Tcl files in the current directory:
glob *.tcl
75.
Which test would assign "choose correctly" to variable c?
set str "better tests choose correctly"
regexp $test $str a b c
set test {(b[^c]*)(c.*)}
76.
If you use a quoted string, instead of a curly-braced string as a test with regexp. What care you
should take?
you must backslash escape square braces
77.
What will be the contents of "path" after this line of code is evaluated.
% set path [file split "C:/Program Files/Tcl/bin/tclsh"]
C:/ {Program Files} Tcl bin tclsh
78.
What will the contents of "folder" be after this script is evaluated
% set folder [file normalize "/tmp/../etc/passwd"]
G:/etc/passwd
79.
Why packages are created
Whenever an application needs a library of related functions.
80.
How many procedure a package can include.
A package can include only one procedure.
81.Use of subst.
It is used to perform multiple passes of substitution before evaluating a command. Example is shown below.
array set french {I Je speak parlez French Francais}
set language french
foreach word {I speak French} {
if {[info exists ${language}($word)]} {
puts -nonewline "[subst $${language}($word)] "
} else {
puts -nonewline "$word "
}
}
Output: Je parlez Francais
or
subst - Perform backslash, command, and variable substitutions
When it performs its substitutions, subst does not give any special treatment to double quotes or curly braces (except
within command substitutions)
set a 44
puts [subst {xyz {$a}}]
85.
Eval example
set a b
set c a
eval puts $$c
86.
87.
Write code fragments to store, retrieve, and display your first, middle, and last name using a single
string variable, a single list variable, a single array variable, and a single keyed list variable
set name "nawraj lekhak"
puts $name
set name [list nawraj lekhak]
puts $name
puts [lindex $name 0]
88.
Write five integers into a file called myfile, then close the file.
89.
Read the contents of myfile from exercise 1. Calculate and display the sum of the integers.
Exercise 1
# open a file for writing
if {[catch {set fd [open myfile w]} errmsg]} {
error "Unable to open file 'myfile' for writing\n$errmsg"
}
# write 5 integers into the file
puts $fd "5 10 15 20 25"
# close the file
close $fd
Exercise 2
#open the file myfile for reading
if {[catch {set fd [open myfile]} errmsg]} {
error "Unable to open file 'myfile' for reading\n$errmsg"
}
# read the contents of the file myfile into a variable called nums
# then calculate and display the total of the integers
while {[gets $fd nums] != -1} {
set sum 0
foreach num $nums {
set sum [expr $num + $sum]
}
}
puts "The sum is $sum
# close the file
close $fd
Exercise 3
#open the file for reading
if {[catch {set fd [open myfile]} errmsg]} {
error "Unable to open file 'myfile' for reading\n$errmsg"
}
# read the contents of the file into a variable called 'nums'
while {[gets $fd nums] != -1} {
set sum 0
foreach num $nums {
puts [format "%20d" $num]
set sum [expr $num + $sum]
}
}
puts [format "\nTotal: %13d" $sum]
90.
} else {
keylset retList status 0
puts fail
keylset retList log $res
}
return $retList
}
set out [sum 1 2]
puts $out
91.
C:\Users\NLekhak>tclsh
puts Enter the number
flush stdout
% set n1 [gets stdin]
% set n2 [gets stdin]
% set n3 [expr $n1 + $n2]
% flush stdout
92. Print below format
*
**
***
****
set out ""
set i 1
set pattern *
while {$i < 5} {
append out "$pattern "
puts $out
incr i
}
Or
set lst {* * * * * * *}
set i 0
foreach val $lst {
puts "[lrepeat [incr i] $val]"
}
93.Write a Program to print half pyramid as using numbers as shown in figure below.
1
1
1
1
1
2
23
234
2345
A
BB
CCC
DDDD
set lst {A B C D E}
set i 0
foreach val $lst {
set out [lrepeat [incr i] $val]
puts "$out "
95. Write a C Program to print inverted half pyramid using * as shown below
*
*
*
*
*
****
***
**
*
set a *
set i 5
for {set i 5} {$i > 0} {incr i -1} {
puts [lrepeat $i $a]
}
95.
Write a C Program to print inverted half pyramid as using numbers as shown below.
1234
123
12
1
set lst {1 2 3 4 5}
set len [llength $lst]
set i 0
while {$len > 0} {
set out [lrange $lst $i [expr $len - 1]]
puts $out
incr len -1
}
97.
98.
http://www.programiz.com/c-programming/examples/pyramid-pattern
99.
str 153
len [string length $str]
num1 [string index $str 0]
num2 [string index $str 1]
num3 [string index $str 2]
str 150
len [string length $str]
num1 [string index $str 0]
num2 [string index $str 1]
num3 [string index $str 2]
57
29
108.set 0 0
puts $0
109. Write a loop that will calculate sum of every third digit beginning with 2
set sum 0
set i 2
while {$i <= 10} {
set sum [expr $sum + $i]
incr i 3
}
puts $sum
110. How can in invoke another program from within a TCL program ?
exec
111. Program to check whether input number is odd or even?
puts -nonewline "Enter a number:"
flush stdout
set str [gets stdin]
puts [expr {$str%2}?("ODD NUMBER"):("EVEN NUMBER")]
112. Difference of local and global variable.
set x 100
proc fun {} {
global x
puts "inside fun $x"
}
proc fun1 {} {
set x 500
puts "inside fun1 $x"
}
fun
fun1
113. To read entire file.
set fd [open "myfile.txt" r]
while {![eof $fd]} {
gets $fd data
puts $data
}
close $fd
114. regexp for date
puts -nonewline "Enter your date (dd/mm/yyyy):"
flush stdout
set date [gets stdin]
regexp {((^[0-2][0-9]|[0-3][0-1])/(0[0-9]|1[0-2])/(20[0-9][0-9]))} $date match
puts $match
115. uplevel example
proc do {varname first last body} {
upvar $varname v
for {set v $first} {$v <= $last} {incr v} {
uplevel $body
}
}
set lst {}
do i 1 5 {
lappend lst [expr {$i*$i}]
}
puts $lst
116. Write a command to create two directories pp1 and pp2 under the current dir
Mkdir p /pp1/pp2
117. Who performs the job of command interpretor?
Shell
set i 0
set out ""
while {$i <= 5} {
append out "$i "
puts $out
incr i
}
set len [llength $out]
while {$len >= 0} {
set out [lrange $out 0 [expr $len -2]]
incr len -1
puts $out
}
126. best regexp to match ip address
set ip "192.168.2.254"
regexp {(^[0-9]+).([0-9]+).([0-9]+).([0-9]+)} $ip match a b c d
puts $match; puts $a; puts $b; puts $c; puts $d
if {$a <= 255 && $b <= 255 && $c <= 255 && $d <= 255} {
puts "Input ip is valid"
} else {
puts "Input ip is not valid address"
}