1. How router advertise control and data packet.

Flow of Routing Information

Routing information is the information about routes learned by the routing protocols from a routers neighbors. This
information is stored in routing tables. The routing protocols advertise active routes only from the routing tables. An active
route is a route that is chosen from all routes in the routing table to reach a destination.
To control which routes the routing protocols place in the routing tables and which routes the routing protocols advertise from
the routing tables, you can configure routing policies, which are sets of rules that the policy framework uses to preempt
default routing policies.
The Routing Engine, which runs the router's control plane software, handles the flow of routing information between the
routing protocols and the routing tables and between the routing tables and the forwarding table. The Routing Engine runs
the Junos OS and routing policies and stores the active router configuration, the master routing table, and the master
forwarding table,
Flow of Data Packets
Data packets are chunks of data that transit the router as they are being forwarded from a source to a destination. When a
router receives a data packet on an interface, it determines where to forward the packet by looking in the forwarding table for
the best route to a destination. The router then forwards the data packet toward its destination through the appropriate
interface.
The Packet Forwarding Engine, which is the central processing element of the routers forwarding plane, handles the flow of
data packets in and out of the routers physical interfaces. Although the Packet Forwarding Engine contains Layer 3 and Layer
4 header information, it does not contain the packet data itself (the packet's payload).
2. What is difference between L3 Switch and Router.
- L3 Switch do switching at layer 3 by preserving the source and destination mac and preserving the TTL value of the IP
header of the 1st routed packet,
so the first packet is routed using normal routing lookup, but after that all packet are switched.
- router do normal routing lookup, but by introducing fast switching and CEF, packets are also now switched on a router.
- Switches doesnt support some QoS features.
- Switches doesnt support NAT.
- The forwarding on switches is done on ASIC (Application Specific Integrated Circuits) which is done in hardware rather than
a software.
- Forwarding on routers are done in a software.
- router supports different WAN technologies (modules) unlike switches.
3. How does forwarding happens in router.
4. Distributed vs Centralized architecture

Following figure illustrates the architecture of a router with distributed forwarding capabilities.
In this architecture, each interface processor (or line card) has independent ability of forwarding packet.
A route processor is running one kind of routing protocol to build RIB which is shared by all interface processors.

On the other hand, following is another router architecture which is called centralized.
In this condition, the interface processors have no ability of forwarding packet. Instead, they forward the packet to the
centralized packet processor which forward the packet based on the RIB.

5. Where does queuing happens in router.

http://wiki.nil.com/Queuing_Principles_in_Cisco_IOS
A router has two types of queues: a hardware queue and a software queue. The hardware queue, which is sometimes referred
to as the transmit queue (TxQ), always uses FIFO queuing, and only when the hardware queue is full does the software queue
handle packets. Therefore, your queuing configuration only takes effect during periods of interface congestion, when the
hardware queue has overflowed.
6. Why mac address is needed.
Since actual data communication happens in L2 so mac address is needed.
7. Why BDR is elected first.
http://www.rfc-base.org/txt/rfc-2328.txt
For graceful reset and reduce the convergence time.
The reason behind the election algorithm's complexity is the desire for an orderly transition from Backup Designated Router
to Designated Router, when the current Designated Router fails. This orderly transition is ensured through the introduction of
hysteresis: no new Backup Designated Router can be chosen until the old Backup accepts its new Designated Router
responsibilities.
Note
Also that if Router X is the only attached router that is eligible to become Designated Router, it will select itself as Designated
Router and there will be no Backup Designated Router for the network.
8. Does serial interface have mac address ?
A serial line has only two ends, so it is fairly obvious where to send the packets. That is why a serial line doesn't have a MAC
address.
9. Fast switching vs packet switching
In telecommunications, fast packet switching is a variant of packet switching that increases the throughput by eliminating
overhead associated with flow control and error correction functions, which are either offloaded to upper layer networking
protocols or removed altogether. ATM and Frame Relay are two major implementations of fast packet switching.
10. Cut-through, Store and forwarding and fragment free concept
Cut-through : forwarding based on destination mac address
Store and forwarding : forwarding based on once complete frame is received.
Fragment free : Once first 64 bytes of data is received.
11. Why we need STP in L2.
To avoid loops in layer 2 and provide redundancy
12. Why can't we replace HSRP with STP
HSRP works at L3, basically at the edge of network for gateway redundancy but stp works at L2 for avoid loops and to provide
redundancy.
13. Contents of BPDU
Type, Bridge ID, Root path cost, hello timer, forward delay , flags , max age timer.
14. Which switch is responsible for advertising BPDU in STP
Root Bridge
15. In case of multiple vlan if i run default STP, what will be the consequences.
Legacy STP is based on per vlan instance hence we need to use MST.
16. Why we need root bridge.
Root bridge act as a reference point in topology to forward the packets.
17. Does link connected to PC run STP?
No link connected to PC is set as edge or portfast to reduce convergence time.

18. How trunking will work. Does trunk allows all vlans.
Note: The allowed VLAN list on both the ends of the trunk link should be the same.
By default a trunk link carries all the VLANs that exist on the switch. This is because all VLANs are active on a trunk link; and
as long as the VLAN is in the switch's local database, traffic for that VLAN is carried across the trunks. You can elect to
selectively remove and add VLANs from a trunk link
19. How native vlan works.
The terminology of trunk ports and native VLANs is non-standard. Annex D to the 1998 802.1Q standard uses the concept of
trunk links, but the current standard does not use the terms trunk or native.
Some vendors (most notably Cisco) use the concepts of a) trunk ports and b) native VLAN. The proprietary term native VLAN
is similar to the 802.1Q PVID (port VLAN identifier), which is used "to associate a VID with untagged and priority-tagged
received frames." A trunk port can refer a port that sends and receives tagged frames on all VLANs, except the native VLAN,
if one is configured. The term trunk may also be used to refer to a connection using link aggregation.
Frames belonging to the native VLAN do not carry VLAN tags when sent over the trunk. Conversely, if an untagged frame is
received on a trunk port, the frame is associated with the native VLAN configured on that port.
For example, if an 802.1Q port has VLANs 2, 3 and 4 assigned to it, with VLAN 2 being the native VLAN, frames on VLAN 2
that are sent from the aforementioned port are not given an 802.1Q header (i.e. they are plain Ethernet frames). Frames that
are received on that port and have no 802.1Q header are assigned to VLAN 2. Tagging of frames sent to or received from
VLANs 3 and 4 is the same as if no native VLAN had been configured all frames on those VLANs must carry tags to identify
their VLAN membership.
Note that unexpected results may occur if the native VLAN configuration is not the same on all sending and receiving ports
on a link. Continuing the above example, if VLAN 2 is not configured as the native VLAN on some other 802.1Q port, that port
will send tagged frames on VLAN 2. When the local port, on which VLAN 2 is configured as the native VLAN, receives these
unexpectedly tagged frames, it will still assign them to VLAN 2, but it will send only untagged frames for VLAN 2. On receipt,
the distant port will either associate the untagged frames with a different VLAN ID (the one locally configured as the native
VLAN) or it will discard the untagged frames if it has no native VLAN configured. (Symmetrically, this remote port will send
only untagged frames on its configured native VLAN, which will be associated with a different VLAN ID by the local port.)
20. If we configure access between two switches. Will it work ?
Yes, you can connect two switches with access ports, and you just need to say "switchport mode access" and "switchport
access vlan ID" on the ports that you would connect between the switches.
21. If one side of a switch has vlan 10 and other side is configured with vlan 20. Then how things will work?
We need to use inter vlan routing ie router on a stick concept.
22. What is advantage of having double tag
Segregate vlans of customer from each other.
23. What is advantage of having lacp
LACP is used to control the link in case of ether channel. LACP is dynamic.
24. What is Gratuitous ARP.
To detect duplicate ip address in a network, gratuitous arp is used.
Gratuitous ARP is a sort of "advance notification", it updates the ARP cache of other systems before they ask for it (no ARP
request) or to update outdated information.
When talking about gratuitous ARP, the packets are actually special ARP request packets, not ARP reply packets as one would
perhaps expect. Some reasons for this are explained in RFC 5227.
The gratuitous ARP packet has the following characteristics:
Both source and destination IP in the packet are the IP of the host issuing the gratuitous ARP
The destination MAC address is the broadcast MAC address (ff:ff:ff:ff:ff:ff)
This means the packet will be flooded to all ports on a switch
No reply is expected
Gratuitous ARP is used for some reasons:
Update ARP tables after a MAC address for an IP changes (failover, new NIC, etc.)
Update MAC address tables on L2 devices (switches) that a MAC address is now on a different port
Send gratuitous ARP when interface goes up to notify other hosts about new MAC/IP bindings in advance so that they don't
have to use ARP requests to find out
When a reply to a gratuitous ARP request is received you know that you have an IP address conflict in your network
25. Why MTU should be same in OSPF.
Otherwise neighbor relationship will stuck at exstart state.
26. Why show ip ospf neighbour shows 2way/DROTHER?
DR and BDR will only have full relation with other routers in segment but rest of the routers among themselves will have 2way relationship.
27. Is OSPF distance vector as well?
Inter area routing in ospf work exactly as distance vector

28. What is the need for master/slave in ospf?

The master controls the synchronization process and ensures that only one DD packet is outstanding at a time.
29. How internal routers in OSPF identify ABR
Type 3 LSA (Summary LSA) is advertised by the ABR of originating area to advertise network from other areas so we should
check the ABRs first
30. Will ABR summarize type 3 LSAs?
Yes.
31. Why type 4 LSA, when you have type 5 that tells about ASBR router?
Type 4 - ASBR-Summary LSA - this is needed because Type 5 External LSAs are flooded to all areas except stub and the
detailed next-hop information may not be available in those other areas. This is solved by an Area Border Router flooding the
information for the router (i.e. the Autonomous System Boundary Router) where the type 5 originated. The link-state ID is the
router ID of the described ASBR for type 4 LSAs.
32. What is the link-state retransmit interval?
OSPF must send acknowledgment of each newly received link-state advertisement (LSA). It does this by sending LSA packets.
LSAs are retransmitted until they are acknowledged. The link-state retransmit interval defines the time between
retransmissions. You can use the command ip ospf retransmit-interval to set the retransmit interval. The default value is 5
seconds.
33. Can an OSPF default be originated into the system based on external information on a router that does not
itself have a default?
OSPF generates a default only if it is configured using the command default-information originate and if there is a default
network in the box from a different process. The default route in OSPF is 0.0.0.0. If you want an OSPF-enabled router to
generate a default route even if it does not have a default route itself, use the command default-information originate always.
34. How can I give preference to OSPF inter-area routes over intra-area routes?
This rule of preference cannot be changed. However, it applies only within a single OSPF process. If a router is running more
than one OSPF process, route comparison occurs. With route comparison, the metrics and administrative distances (if they
have been changed) of the OSPF processes are compared. Route types are disregarded when routes supplied by two different
OSPF processes are compared.
35. When a route is redistributed between OSPF processes, are all SPF metrics preserved, or is the default
metric value used?
The SPF metrics are preserved. The redistribution between them is like redistribution between any two IP routing processes.
36. Can I have one numbered side and leave the other side unnumbered in OSPF?
No, OSPF does not work if you have one side numbered and the other side unnumbered. This creates a discrepancy in the
OSPF database that prevents routes from being installed in the routing table.
37. Can I control the P-bit when importing external routes into a not-so-stubby area (NSSA)?
When external routing information is imported into an NSSA in a type 7 link-state advertisement (LSA), the type 7 LSA has
only area flooding scope. To further distribute the external information, type 7 LSAs are translated into type 5 LSAs at the
NSSA border. The P-bit in the type 7 LSA Options field indicates whether the type 7 LSA should be translated. Only those LSAs
with the P-bit set are translated. When you redistribute information into the NSSA, the P-bit is automatically set. A possible
workaround applies when the Autonomous System Boundary Router (ASBR) is also an Area Border Router (ABR). The NSSA
ASBR can then summarize with the not-advertise keyword, which results in not advertising the translated type 7 LSAs.
38. Does OSPF form adjacencies with neighbors that are not on the same subnet?
The only time that OSPF forms adjacencies between neighbors that are not on the same subnet is when the neighbors are
connected through point-to-point links. This may be desired when using the ip unnumbered command, but in all other cases,
the neighbors must be on the same subnet.
39. How often does OSPF send out link-state advertisements (LSAs)?
OSPF sends out its self-originated LSAs when the LSA age reaches the link-state refresh time, which is 1800 seconds ie 30
mins.
40. When I have two type 5 link-state advertisements (LSAs) for the same external network in the OSPF
database, which path should be installed in the IP routing table?
When you have two type 5 LSAs for the same external network in the OSPF database, prefer the external LSA that has the
shortest path to the Autonomous System Boundary Router (ASBR) and install that into the IP routing table. Use the show ip
ospf border-routers command to check the cost to the ASBR.
41. Is there a way to manipulate and prefer the Type 3 LSAs to originate from two different areas sent to the
non-backbone area?
Type 3 LSA is originated by the Area Border Router (ABR) as a summary route. Manipulating the summary route is not
possible in an ABR router.
42. Why does the show ip ospf neighbor Command Reveal Neighbors Stuck in Two-Way State?
Hello not received from neighbor.
43. OSPF NSSA type-7 to Type-5 translator election

When multiple ABRs connect the NSSA to area 0, the ABR with the highest router-id is elected as the Type-7 to 5 translator,
and is responsible for re-originating the Type-5 LSA into area 0. This election process is an optimization of the OSPF database,
and relates to how the Type-7 NSSA External route uses the forward address field to ensure optimal routing.
44. Why does the show ip ospf neighbor Command Reveal Neighbors in the Init State?
The most likely reason that a local router is not listed in a neighbor's hello packets is that the neighbor has not received hello
packets from the local router. Possible reasons for this are:
Use the ping and traceroute commands to verify that links between routers are operational. If a ping between routers is not
successful, the link is not functioning properly and you need to be troubleshoot it. Refer to troubleshooting pages related to
Layer 2 technology you are using, such as ISDN, Ethernet, ATM, etc.
If there are any access lists defined on the neighbor's interface, the destination IP of 224.0.0.5 must be permitted in the input
access list.
OSPF hello packets have a destination address of 224.0.0.5 (the all ospf routers multicast address).
There might be a second layer or configuration problem affecting multicast packets from reaching the neighboring router. You
can test this with the ping command on the multicast address 224.0.0.5 and confirm that responses are received from the
neighboring router(s). In non-broadcast media such as Frame Relay, X.25, and ISDN, mapping is required between layer 2 and
the IP address. In case of static mapping (for example, the interface level frame-relay map ip 1.1.1.1 100 broadcast or dialer
map ip 1.1.1.1 broadcast name router1 55346 commands), you must configure the keyword broadcast to avoid encapsulation
failure every time OSPF tries to send the multicast hello packet. The debug ip packet detail command used with the access
list shows if there are any encapsulation failures.
Authentication is not enabled on both sides. The router on which authentication is not enabled still processes hello packets
from the neighbor and sees the neighbor in the init state. In order to correct this problem, enable authentication on both
sides.
45. Why Are Some OSPF Routes in the Database but Not in the Routing Table?
Reason 1: Network Type Mismatch
Reason 2: Wrong Address Assignment in Dual Serial Link Setup
Reason 3: One Side of Point-to-Point Link Included in Wrong Majornet or Subnet
Reason 4: One Side Is Unnumbered and the Other Side Is Numbered
Reason 5: Broken PVC in Fully Meshed Frame Relay Environment
Reason 6: Forwarding Address Known via an External Route
Reason 7: Distribute List Is Blocking the Routes
46. Why Are OSPF Neighbors Stuck in Exstart/Exchange State?
The problem occurs most frequently when attempting to run OSPF between a Cisco router and another vendor's router. The
problem occurs when the maximum transmission unit (MTU) settings for neighboring router interfaces don't match. If the
router with the higher MTU sends a packet larger that the MTU set on the neighboring router, the neighboring router ignores
the packet.
47. Why need of virtual-link ?
If there are multiples areas, it is not possible to connect each area to area0. Hence virtual link is used to connect every nonzero area to area 0
48. Why does OSPF require all traffic between non-backbone areas to pass through a backbone area (area 0)?
Comparing three fundamental concepts of link state protocols, concepts that even most OSPF beginners understand, easily
derives the answer to the question.
The first concept is this:
Every link state router floods information about itself, its links, and its neighbors to every other router. From this flooded
information each router builds an identical link state database. Each router then independently runs a shortest-path-first
calculation on its database a local calculation using distributed information to derive a shortest-path tree. This tree is a
sort of map of the shortest path to every other router.
One of the advantages of link state protocols is that the link state database provides a view of the entire network,
preventing most routing loops. This is in contrast to distance vector protocols, in which route information is passed hop-byhop through the network and a calculation is performed at each hop a distributed calculation using local information. Each
router along a route is dependent on the router before it to perform its calculations correctly and then correctly pass along
the results. When a router advertises the prefixes it learns to its neighbors its basically saying, I know how to reach these
destinations. And because each distance vector router knows only what its neighbors tell it, and has no view of the
network beyond the neighbors, the protocol is vulnerable to loops.
The second concept is this:
When link state domains grow large, the flooding and the resulting size of the link state database becomes a scaling problem.
The problem is remedied by breaking the routing domain into areas: That first concept is modified so that flooding occurs
only within the boundaries of an area, and the resulting link state database contains only information from the routers in the
area. This, in turn, means that each routers calculated shortest-path tree only describes the path to other routers within the
area.
The third concept is this:
OSPF areas are connected by one or more Area Border Routers (the other main link state protocol, IS-IS, connects areas
somewhat differently) which maintain a separate link state database and calculate a separate shortest-path tree for each of
their connected areas. So an ABR by definition is a member of two or more areas. It advertises the prefixes it learns in one
area to its other areas by flooding Type 3 LSAs into the areas that basically say, I know how to reach these destinations.
Wait a minute what that last concept described is not link state, its distance vector. The routers in an area cannot see
past the ABR, and rely on the ABR to correctly tell them what prefixes it can reach. The SPF calculation within an area derives
a shortest-path tree that depicts all prefixes beyond the ABR as leaf subnets connected to the ABR at some specified cost.
And that leads us to the answer to the question:

Because inter-area OSPF is distance vector, it is vulnerable to routing loops. It avoids loops by mandating a loop-free interarea topology, in which traffic from one area can only reach another area through area 0.
49. Passive interface behaviour in OSPF?
In OSPF the passive-interface has a similar behavior to EIGRP. The command suppresses hello packets and hence neighbor
relationships.
50. Difference between SPF and CSPF
Just as the names sound, SPF is an algorithm that calculates the shortest path through a network for destinations in the
network. CSPF does the same thing but it also considers constraints which the admin specifies e.g available bandwidth on the
interface. So, while SPF may take for example path R1-R2-R3-R4 to get to R4, CSPF can choose R1-R2-R7-R8-R9-R4 to get to
R4. This all depends on the constraints specified and its used in conjunction with RSVP for MPLS TE.
51. What are the BGP path selection criteria?
weight, local pref, self origin, AS path, origin, mED, external
52. What is the difference between always-compare-med and deterministic-med?
There are two BGP configuration commands that can influence the MED-based path selection, the bgp deterministic-med and
the bgp always-compare-med commands.
Enabling the bgp deterministic-med command ensures the comparison of the MED variable when choosing routes advertised
by different peers in the same autonomous system. Enabling the bgp always-compare-med command ensures the
comparison of the MED for paths from neighbors in different autonomous systems. The bgp always-compare-med command
is useful when multiple service providers or enterprises agree on a uniform policy for setting MED. Thus, for network X, if
Internet Service Provider A (ISP A) sets the MED to 10, and ISP B sets the MED to 20, both ISPs agree that ISP A has the better
performing path to X.
Note: The bgp deterministic-med and bgp always-compare-med commands are not enabled by default. Also, the two
commands are separate; enabling one does not automatically enable the other.
53. Does the route reflector change the next hop attribute of a reflected prefix?
By default, the next hop attribute is not changed when a prefix is reflected by route reflector. However, you can issue the
neighbor next-hop-self command in order to change the attribute of the next hop for prefixes reflected from an eBGP peer to
any route reflector client.
54. Why IGP in BGP?
Keep in mind these rules when using BGP with other IGP protocols:
BGP will not put routes that it cannot verify reachability for in the main IP routing table.
For routers to successfully use BGP routes, they must always have a route to the next-hop IP address in the main IP routing
table.
Unless otherwise configured, BGP stores only the best path to a destination network in the main IP routing table. However,
you can use the BGP maximum-paths command to configure more than one path.
BGP advertises only the best path to a destination network. You can control BGP path selection using BGP attributes, and you
can control the best path selection process using certain Cisco IOS Software BGP configuration commands.
BGP follows its own best path decision process to find the most efficient path; this path is stored in the main routing table.
BGP forms peer relationships only with explicitly configured peers, and only advertises networks that it was explicitly
configured to advertise.
BGP does not redistribute its routes into IGPs unless explicitly configured to do so.
BGP is an extremely customizable protocol; it can be as dynamic or static as it is configured to be. You can advertise and
control route policies in a number of different ways.
55. Difference between BGP synchronization and split-horizon rule.
BGP Split horizon:
This is for ibgp only and when you have more than 2 routers in ibgp you have to think about this, If only two routers you are
ok.
If a routes is learned by an ibgp neighbor that route will not be advertised to another ibgp neighbors
The solution is full mesh-- number of bgp =n(n-1)/2 where n is number of routers
But this leads to lots of configs so solution is either Route Reflector or confederation(sub AS within main AS)
Synchronization:
BGP routers try to synchronize between IGP table(show ip route bgp) and bgp table(show ip bgp)
In order for bgp route to be used and advertised, it must be learned by an IGP(another routing protocol rip/eigrp/ospf) etc
But if you run only bgp and if same routes are not advertised by IGP, you may want to turn off this automatic synchronization
between IGP table of BGP(show ip route bgp) and BGP table(show ip bgp) with (config-router)#no sync
Now in new IOS "no sync" is default.
56. What does r RIB-Failure mean in the show ip bgp command output
R1> show ip bgp
BGP table version is 5, local router ID is 200.200.200.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
Next Hop
Metric LocPrf Weight Path
r> 6.6.6.0/24
10.10.13.3
0 130
0 30 i
*> 7.7.7.0/24
10.10.13.3
0 125
0 30 i
A. When BGP tries to install the bestpath prefix into Routing Information Base (RIB) (for example, the IP Routing table), RIB
might reject the BGP route due to any of these reasons:

Route with better administrative distance already present in IGP. For example, if a static route already exists in IP Routing
table.
Memory failure.
The number of routes in VPN routing/forwarding (VRF) exceeds the route-limit configured under the VRF instance.
57. RIP rules for sending and receiving updates
Rules for sending update
- Check major network of outgoing interface Is it same?
No summarize and send update. 137.99.88.0/24 will get summarize
IP Unnumbered Exception : Router will send this network with subnet bit information in RIP update packet.
Yes - Check subnetmask is it same?
Yes Send the update. 131.108.5.0/24 will go now
- No Is it the host route with /32 mask?
- Yes Send it as host route with host bit set in update. 131.108.1.1/32 will be sent as update.
- No Drop the network 131.108.11.0/27 will be dropped here.
Rules for Receiving update
- Check Major Network is it the same as on source interface?
- Yes Is it the host route with /32 mask and host bit set on update packet?
- Yes Apply /32 mask and keep advertise the route to whole world. 131.108.1.1/32 will be installed in routing table
- No Apply the mask of incoming interface and install in routing table. 131.108.5.0/24 will be in routing table.
No is any subnet of recieved major network in any interface other than source interface.
- Yes Drop the route
- No Accept the route and apply the default mask. 137.99.0.0/16 route will be installed in the routing table.
IP Unnumbered Exception : RIP update packet should have the subnet bit information and link between the routers is
unnumbered.
58. why RIP does not support discontiguous network and VLSM
With discontiguous networks, you must use static routes to establish connectivity between the discontiguous subnetworks
59. Difference in RIPv1 and v2
Routing Information Protocol Version 1 (RIPv1)
RIPv1 is a Distance-Vector Routing protocol.
RIPv1 is a Classful routing protocol. Classful routing protocols support only the networks which are not subnetted. Classful
routing protocols do not send subnet mask information with their routing updates. In other words, if you have a subnetted
network in your RIPv1 routing domain, RIPv1 will announce that network to other as unsubnetted network.
RIPv1 does not support VLSM (Variable Length Subnet Masking).
RIPv1 support maximum metric (hop count) value of 15. Any router farther than 15 hops away is considered as unreachable.
RIPv1 send routing updates periodically every 30 seconds as broadcasts using destination IP address as limited broadcast IP
adddress 255.255.255.255. Since the updates are sent using the destination IP address of limited broadcast IP adddress
255.255.255.255, every router need to process the routing update messages (whether they are running RIPv1 or not).
RIPv1 does not support authentication of update messages (plain-text or MD5).
Routing Information Protocol Version 2 (RIPv2)
RIPv2 is a Hybrid Routing Protocol. A Hybrid Routing Protocol is basically a Distance-Vector protocol which some
characteristics of Link State routing protocols.
RIPv2 is classless routing, which allows us to use subnetted networks also. RIPv2 has the option for sending network mask in
the update to allow classless routing.
RIPv2 support VLSM (Variable Length Subnet Masking).
RIPv2 support maximum metric (hop count) value of 15. Any router farther than 15 hops away is considered as unreachable.
RIPv2 supports triggered updates.
RIPv2 routing updates are sent as Multicast traffic at destination multicast address of 224.0.0.9. Multicast updates reduce the
network traffic. The Multicast routing updates also helps in reducing routing update message processing overhead in routers
which are not running RIPv2. Only the routers running RIPv2 join to the multicast group 224.0.0.9. Other routers which are not
running RIPv2 can simply filter the routing update packet at Layer 2.
RIPv2 support authentication of RIPv2 update messages (plain-text or MD5). Authentication helps in confirming that the
updates are coming from authorized sources.
60. Why was the metric chosen as 16? Why not 17&18? in RIP
sum of all timers is equal is 15. update+ invalid + flush timer = 30:180:240
61. How checksum is calculated in IP Header?
Take the following truncated excerpt of an IPv4 packet. The header is shown in bold and the checksum is underlined.
4500 0073 0000 4000 4011 b861(cksum) c0a8 0001
c0a8 00c7 0035 e97c 005f 279f 1e4b 8180
To calculate the checksum, we can first calculate the sum of each 16 bit value within the header, skipping only the checksum
field itself. Note that the values are in hexadecimal notation.
4500 + 0073 + 0000 + 4000 + 4011 + c0a8 + 0001 + c0a8 + 00c7 = 2479C (equivalent to 149,404 in decimal)
Next, we convert the value 2479C to binary:
0010 0100 0111 1001 1100
The first 4 bits are the carry and will be added to the rest of the value:
0010 + 0100 0111 1001 1100 = 0100 0111 1001 1110
Next, we flip every bit in that value, to obtain the checksum:
0100 0111 1001 1110 becomes:
1011 1000 0110 0001
This is equal to B861 in hexadecimal, as shown underlined in the original IP packet header.
62. Content of TCP and IP header?
The fields in the IP header and their descriptions are:

Version - A 4-bit field that identifies the IP version being used. The current version is 4, and this version is referred to as IPv4.
HLengthA 4-bit field containing the length of the IP header in 32-bit increments. The minimum length of an IP header is 20
bytes, or five 32-bit increments. The maximum length of an IP header is 24 bytes, or six 32-bit increments. Therefore, the
header length field should contain either 5 or 6.
Differentiated Services Code Point (DSCP)A 6-bit field used to identify the level of service a packet receives in the network.
DSCP is a 3-bit expansion of IP precedence with the elimination of the ToS bits.
Total LengthSpecifies the length of the IP packet that includes the IP header and the user data. The length field is 2 bytes,
so the maximum size of an IP packet is 2^16 1 or 65,535 bytes.
Identifier, Flags, and Fragment OffsetAs an IP packet moves through the Internet, it might need to cross a route that cannot
handle the size of the packet. The packet will be divided, or fragmented, into smaller packets and reassembled later. These
fields are used to fragment and reassemble packets.
Time to Live (TTL)It is possible for an IP packet to roam aimlessly around the Internet. If there is a routing problem or a
routing loop, then you don't want packets to be forwarded forever. A routing loop is when a packet is continually routed
through the same routers over and over. The TTL field is initially set to a number and decremented by every router that is
passed through. When TTL reaches 0 the packet is discarded.
ProtocolIn the layered protocol model, the layer that determines which application the data is from or which application the
data is for is indicated using the Protocol field. This field does not identify the application, but identifies a protocol that sits
above the IP layer that is used for application identification.
Header ChecksumA value calculated based on the contents of the IP header. Used to determine if any errors have been
introduced during transmission.
Source IP Address32-bit IP address of the sender.
Destination IP Address32-bit IP address of the intended recipient.
Options and PaddingA field that varies in length from 0 to a multiple of 32-bits. If the option values are not a multiple of 32bits, 0s are added or padded to ensure this field contains a multiple of 32 bits.
TCP Header Format
Source port (16 bits)
identifies the sending port
Destination port (16 bits)
identifies the receiving port
Sequence number (32 bits)
has a dual role:
If the SYN flag is set (1), then this is the initial sequence number. The sequence number of the actual first data byte and the
acknowledged number in the corresponding ACK are then this sequence number plus 1.
If the SYN flag is clear (0), then this is the accumulated sequence number of the first data byte of this segment for the current
session.
Acknowledgment number (32 bits)
if the ACK flag is set then the value of this field is the next sequence number that the receiver is expecting. This
acknowledges receipt of all prior bytes (if any). The first ACK sent by each end acknowledges the other end's initial sequence
number itself, but no data.
Data offset (4 bits)
specifies the size of the TCP header in 32-bit words. The minimum size header is 5 words and the maximum is 15 words thus
giving the minimum size of 20 bytes and maximum of 60 bytes, allowing for up to 40 bytes of options in the header. This field
gets its name from the fact that it is also the offset from the start of the TCP segment to the actual data.
Reserved (3 bits)
for future use and should be set to zero
Flags (9 bits) (aka Control bits)
contains 9 1-bit flags
NS (1 bit) ECN-nonce concealment protection (added to header by RFC 3540).
CWR (1 bit) Congestion Window Reduced (CWR) flag is set by the sending host to indicate that it received a TCP segment
with the ECE flag set and had responded in congestion control mechanism (added to header by RFC 3168).
ECE (1 bit) ECN-Echo has a dual role, depending on the value of the SYN flag. It indicates:
If the SYN flag is set (1), that the TCP peer is ECN capable.
If the SYN flag is clear (0), that a packet with Congestion Experienced flag in IP header set is received during normal
transmission (added to header by RFC 3168).
URG (1 bit) indicates that the Urgent pointer field is significant
ACK (1 bit) indicates that the Acknowledgment field is significant. All packets after the initial SYN packet sent by the client
should have this flag set.
PSH (1 bit) Push function. Asks to push the buffered data to the receiving application.
RST (1 bit) Reset the connection
SYN (1 bit) Synchronize sequence numbers. Only the first packet sent from each end should have this flag set. Some other
flags and fields change meaning based on this flag, and some are only valid for when it is set, and others when it is clear.
FIN (1 bit) No more data from sender
Window size (16 bits)

the size of the receive window, which specifies the number of window size units (by default, bytes) (beyond the sequence
number in the acknowledgment field) that the sender of this segment is currently willing to receive (see Flow control and
Window Scaling)
Checksum (16 bits)
The 16-bit checksum field is used for error-checking of the header and data
Urgent pointer (16 bits)
if the URG flag is set, then this 16-bit field is an offset from the sequence number indicating the last urgent data byte
Options (Variable 0320 bits, divisible by 32)
63. How tcp 3 way handshake works and TCP connection termination as well?
Connection establishment:
To establish a connection, TCP uses a three-way handshake. Before a client attempts to connect with a server, the server
must first bind to and listen at a port to open it up for connections: this is called a passive open. Once the passive open is
established, a client may initiate an active open. To establish a connection, the three-way (or 3-step) handshake occurs:
SYN: The active open is performed by the client sending a SYN to the server. The client sets the segment's sequence number
to a random value A.
SYN-ACK: In response, the server replies with a SYN-ACK. The acknowledgment number is set to one more than the received
sequence number i.e. A+1, and the sequence number that the server chooses for the packet is another random number, B.
ACK: Finally, the client sends an ACK back to the server. The sequence number is set to the received acknowledgement value
i.e. A+1, and the acknowledgement number is set to one more than the received sequence number i.e. B+1.
At this point, both the client and server have received an acknowledgment of the connection. The steps 1, 2 establish the
connection parameter (sequence number) for one direction and it is acknowledged. The steps 2, 3 establish the connection
parameter (sequence number) for the other direction and it is acknowledged. With these, a full-duplex communication is
established.
Connection termination:
The connection termination phase uses a four-way handshake, with each side of the connection terminating independently.
When an endpoint wishes to stop its half of the connection, it transmits a FIN packet, which the other end acknowledges with
an ACK. Therefore, a typical tear-down requires a pair of FIN and ACK segments from each TCP endpoint. After both FIN/ACK
exchanges are concluded, the side that sent the first FIN before receiving one waits for a timeout before finally closing the
connection, during which time the local port is unavailable for new connections; this prevents confusion due to delayed
packets being delivered during subsequent connections.
A connection can be "half-open", in which case one side has terminated its end, but the other has not. The side that has
terminated can no longer send any data into the connection, but the other side can. The terminating side should continue
reading the data until the other side terminates as well.
It is also possible to terminate the connection by a 3-way handshake, when host A sends a FIN and host B replies with a FIN &
ACK (merely combines 2 steps into one) and host A replies with an ACK.[13] This is perhaps the most common method.
It is possible for both hosts to send FINs simultaneously then both just have to ACK. This could possibly be considered a 2-way
handshake since the FIN/ACK sequence is done in parallel for both directions.
Some host TCP stacks may implement a half-duplex close sequence, as Linux or HP-UX do. If such a host actively closes a
connection but still has not read all the incoming data the stack already received from the link, this host sends a RST instead
of a FIN (Section 4.2.2.13 in RFC 1122). This allows a TCP application to be sure the remote application has read all the data
the former sentwaiting the FIN from the remote side, when it actively closes the connection. But the remote TCP stack
cannot distinguish between a Connection Aborting RST and Data Loss RST. Both cause the remote stack to lose all the data
received.
64. Which device does reassembly and why
Always end device will do reassembly. Reason is buffer issue and all fragments packets should pass through same router.
65. What is gratuitous ARP.
http://wiki.wireshark.org/Gratuitous_ARP
Gratuitous ARP
Gratuitous ARP could mean both gratuitous ARP request or gratuitous ARP reply. Gratuitous in this case means a request/reply
that is not normally needed according to the ARP specification (RFC 826) but could be used in some cases. A gratuitous ARP
request is an AddressResolutionProtocol request packet where the source and destination IP are both set to the IP of the
machine issuing the packet and the destination MAC is the broadcast address ff:ff:ff:ff:ff:ff. Ordinarily, no reply packet will
occur. A gratuitous ARP reply is a reply to which no request has been made.
Gratuitous ARPs are useful for four reasons:
They can help detect IP conflicts. When a machine receives an ARP request containing a source IP that matches its own, then
it knows there is an IP conflict.
They assist in the updating of other machines' ARP tables. Clustering solutions utilize this when they move an IP from one NIC
to another, or from one machine to another. Other machines maintain an ARP table that contains the MAC associated with an
IP. When the cluster needs to move the IP to a different NIC, be it on the same machine or a different one, it reconfigures the
NICs appropriately then broadcasts a gratuitous ARP reply to inform the neighboring machines about the change in MAC for
the IP. Machines receiving the ARP packet then update their ARP tables with the new MAC.
They inform switches of the MAC address of the machine on a given switch port, so that the switch knows that it should
transmit packets sent to that MAC address on that switch port.
Every time an IP interface or link goes up, the driver for that interface will typically send a gratuitous ARP to preload the ARP
tables of all other local hosts. Thus, a gratuitous ARP will tell us that that host just has had a link up event, such as a link
bounce, a machine just being rebooted or the user/sysadmin on that host just configuring the interface up. If we see multiple
gratuitous ARPs from the same host frequently, it can be an indication of bad Ethernet hardware/cabling resulting in frequent
link bounces.

66. Difference between VLSM, CIDR and super-netting

Classless Inter-Domain Routing. is also called supernetting. The main purpose of CIDR is aggregate route it is also known as
supernetting or summarization.
CIDR addresses reduce the size of routing tables.
Variable-Length Subnet Masking (VLSM) or Subnetting is used to better utilize address space. Subnets divide a single network
into smaller pieces.
Subnetting is dividing a network into several smaller parts (subnets), each having its own sub-network address.
Supernetting is combining several small networks (e.g. of class C) into a big one to create a large range of addresses.
VLSM is used to to increase usability of Subnets
67. Vtp modes of operation?
VTP Modes of Operation.
VTP has three different modes of operation within a domain: Server, Client and Transparent.
VTP Server
Every catalyst switch is a server by default. Every network or domain requires a server to propagate VLAN information
throughout the network or domain.
As a server switch, it will be able to create, add and delete VLANs in the domain.
VTP server controls any change thats to be made in the entire domain. When a change is made in the server, it will be
advertised throughout the entire VTP domain. VTP server configurations are saved in the NVRAM.
VTP Client
Switches in a client mode receive information from VTP servers.
VTP client switches also sends and receives updates, but one difference between clients and server is that; VTP client
switches cant create, change and delete VLANs. In other words, none of the ports on the client switch can be added to a
new VLAN without the authorisation or notification from the server switch.
Switches in client mode processes and forwards VLAN information. VLAN information on client switches is not saved in
NVRAM.
VTP Transparent
Switches in this mode dont take part in VTP domain or database. They behave more or less like servers in that they create,
modify and delete VLANs because they have and keep their own databases, which is only locally important.
VTP switches in transparent modes only purpose in a VTP domain is to forward VTP advertisements through any configured
trunk links.
68. Forwarding decision in the routing table and route selection criteria
The main considerations while building the routing table are:
Administrative distance - This is the measure of trustworthiness of the source of the route. If a router learns about a
destination from more than one routing protocol, administrative distance is compared and the preference is given to the
routes with lower administrative distance. In other words, it is the believability of the source of the route.
Metrics - This is a measure used by the routing protocol to calculate the best path to a given destination, if it learns multiple
paths to the same destination. Each routing protocol uses a different metric.
Prefix length
To understand this better, let's look at an example. Assume a router has four routing processes running: EIGRP, OSPF, RIP,
and IGRP. Now, all four of these processes have learned of various routes to the 192.168.24.0/24 network, and each has
chosen its best path to that network through its internal metrics and processes.
Each of these four processes attempts to install their route toward 192.168.24.0/24 into the routing table. The routing
processes are each assigned an administrative distance, which is used to decide which route to install.
Default Administrative Distances
Connected 0
Static 1
eBGP 20
EIGRP (internal)
90
IGRP 100
OSPF 110
IS-IS 115
RIP
120
EIGRP (external)
170
iBGP 200
EIGRP summary route
5
Since the internal EIGRP route has the best administrative distance (the smaller the administrative distance, the higher the
preference), it's installed in the routing table.
How Metrics Determine the Route Selection Process
Routes are chosen and built in the routing table based on the routing protocol's administrative distance. The routes learned
from the routing protocol with the lowest administrative distance are installed in the routing table. If there are multiple paths
to the same destination from a single routing protocol, then the multiple paths would have the same administrative distance
and the best path is selected based on the metrics. Metrics are values associated with specific routes, ranking them from
most preferred to least preferred. The parameters used to determine the metrics differ for different routing protocols. The
path with the lowest metric is selected as the optimal path and installed in the routing table. If there are multiple paths to the
same destination with equal metrics, load balancing is done on these equal cost paths
Making Forwarding Decisions
Let's look at the three routes we just installed in the routing table, and see how they look on the router.
router# show ip route
....

D 192.168.32.0/26 [90/25789217] via 10.1.1.1

R 192.168.32.0/24 [120/4] via 10.1.1.2
O 192.168.32.0/19 [110/229840] via 10.1.1.3
....
If a packet arrives on a router interface destined for 192.168.32.1, which route would the router choose? It depends on the
prefix length, or the number of bits set in the subnet mask. Longer prefixes are always preferred over shorter ones when
forwarding a packet.
In this case, a packet destined to 192.168.32.1 is directed toward 10.1.1.1, because 192.168.32.1 falls within the
192.168.32.0/26 network (192.168.32.0 to 192.168.32.63). It also falls within the other two routes available, but the
192.168.32.0/26 has the longest prefix within the routing table (26 bits verses 24 or 19 bits).
Likewise, if a packet destined for 192.168.32.100 arrives on one of the router's interfaces, it's forwarded to 10.1.1.2, because
192.168.32.100 doesn't fall within 192.168.32.0/26 (192.168.32.0 through 192.168.32.63), but it does fall within the
192.168.32.0/24 destination (192.168.32.0 through 192.168.32.255). Again, it also falls into the range covered by
192.168.32.0/19, but 192.168.32.0/24 has a longer prefix length.
69. How iBGP works?
###Routes learnt from One IBGP Peer cannot be advertised to another IBGP Peer. ### split horizon rule
When two IBGP neighbors send update messages to each other they do not add the ASN in AS_Path attribute in the update
because both of them are in the same AS and the AS_Path will not change. Since BGP uses the ASN in the AS_Path attribute
to avoid loops, and IBGP will not add the ASN to AS_Path when sending updates in the same AS, this can cause a potential
routing loop. To avoid such loops IBGP has to follow a rule which says that when a route is learnt from an IBGP neighbor, that
route cannot be advertised to another IBGP Peer.
Consider the example below.
RTR-A is advertising 1.1.1.0/24 to RTR-B. RTR-B learns the route but will not advertise that route to RTR-C. Similarly RTR-B will
also learn the route 2.2.2.0/24 From RTR-C but will not advertise this route to RTR-A. Since all the three routers are in the
same AS and in same AS BGP does not advertise routes that have been learned from an IBGP peer to another IBGP peer.
This is a partially meshed IBGP network hence RTR-A and RTR-C are not exchanging the NLRI.
This can be resolved by creating a logical connection between RTR-A and RTR-C. A BGP Session can be established between
RTR-A and RTR-C to allow both of them to exchange their BGP learnt Routes. The TCP Session that RTR-A and RTR-C use to
establish the BGP passes through RTR-B, so it is important that the data link addresses interconnecting RTR-A and RTR-C are
known to them.

In iBGP, the routes learnt from one iBGP neighbor are not advertised to another iBGP neighbor due to the BGP Split Horizon
Rule. To overcome the issues generated by this rule, one option is to have a full mesh of iBGP routers, where each iBGP router
is peering directly with all other iBGP routers in the AS. The solution is feasible if you have a small number of iBGP routers,
but it will not scale if you need a large number of iBGP speaking routers in the AS.
The number of iBGP Sessions needed in an AS for Full mesh IBGP are calculated with the formula N(N-1)/2.
So assuming you have 10 iBGP routers then the number of iBGP peering sessions would be 10(10-1)/2 = 45 iBGP Sessions to
manage within the AS. Thats a lot of configuration and a lot of room for errors and may become difficult to troubleshoot.
There are 2 alternatives to creating a Full Mesh iBGP Routing, which are
1. Route Reflectors
2. Confederations
## Rule of Synchronization:
For A Route to be learnt from an IBGP neighbor, it must first be known via an IGP. Any route learnt from IBGP is entered into
the routing table only if that route is first learnt by an IGP
Note: In some case Synchronization is not practical and this rule can be turned off by command: No Synchronization.

Synchronization requires that before a route is learnt from an IBGP neighbor and entered into Routing table and advertised to
other BGP peers, the route must first be learnt via IGP.
In this example, RTR-A and RTR-C have formed a BGP Peering, and the TCP session passes through RTR-B. There is no physical
connectivity between RTR-A and RTR-C but a logical connection exists. If Synchronization is turned on, then it is important to
note that the routes advertised by RTR-A will appear in the RTR-Cs Routing table only if these routes exist in the IGP. The
same applies for RTR-A, the routes advertised by RTR-C will not appear in the RTR-As Routing table if these routes are not
being learnt by the IGP first.
RTR-B is directly connected to Both RTR-A and RTR-C and is learning the routes from both of them. RTR-B still cannot
advertise the routes learnt from RTR-A to RTR-C and the routes learnt from RTR-C to RTR-A because there is either no IGP
running or these routes are not in IGP, and since both RTR-A and RTR-C are not directly connected they have to cross through
RTR-B. Since there is no entry in IGP for these routes RTR-B cannot advertise these routes -as per the rule of synchronization.
If the routes advertised by RTR-A and RTR-C are being learnt by an IGP then both RTR-A and RTR-C will learn each others BGP
routes in their BGP and routing tables.
There are two workarounds for these situations.
1. Not all routes can be redistributed into IGP (Since the Internet Routing table is very large and IGP cannot scale to it) then
have all the IBGP routers fully meshed and then turn off the Synchronization rule with no synchronization command.
2. Redistribute all external routes into IGP. Not a feasible solution as IGP will not scale to hold all the internet routes.
70. How link between etherchannel works? What happens when one of the link goes down?
Described in another question.
71. switch --- Router --- switch
Is communication between two switches happens ? Is this a valid scenario?
This is not a valid scenario. Since both switches are in different broadcast domains.
72. Can we have multiple area os in a network.
No we cant have multiple area 0s. Always we have one area 0 ie backbone area. This is used to avoid looping in ospf while
interacting between areas.
73. Why netconf is used instead of SNMP?
SNMP is too limited to be useful for exchanging configuration data. SNMP is stateless. Therefore cannot handle multi-stage
data transactions. Not able to backup/restore elements one SNMP sets a variable there is no recovery action. Therefore,
setting multiple SNMP variable is risky and difficult. Because of this, very few applications perform SNMP writes.
74. How SNMP operates. How data transfer between manager and agent happens?
Understanding the Management Information Base (MIB)
When an SNMP manager requests information from an SNMP agent, the SNMP agent retrieves the current value of the
requested information from the Management Information Base (MIB). The MIB defines the managed objects that an SNMP
manager monitors (or sometimes configures) on an SNMP agent.
Each system in a network (workstation, server, router, bridge, and so forth) maintains a MIB that reflects the status of the
managed resources on that system, such as the version of the software running on the device, the IP address assigned to a
port or interface, the amount of free hard drive space, or the number of open files. The MIB does not contain static data, but
is instead an object-oriented, dynamic database that provides a logical collection of managed object definitions. The MIB
defines the data type of each managed object and describes the object.
http://technet.microsoft.com/en-us/library/cc783142(v=ws.10).aspx
75. How switch operates? Concept on port based, mac address and normal mac address? How unicast and broad
cast happens in these cases?
An Ethernet switch is mainly used to forward packets at the data link layer, that is, transmit the packets to the corresponding
ports according to the destination MAC address of the packets. To forward packets quickly, a switch maintains a MAC address
table, which is a Layer 2 address table recording the MAC address-to-forwarding port association. Each entry in a MAC
address table contains the following fields:
Destination MAC address

ID of the VLAN which a port belongs to

Forwarding egress port numbers on the local switch
When forwarding a packet, an Ethernet switch adopts one of the two forwarding methods based upon the MAC address table
entries.
Unicast forwarding: If the destination MAC address carried in the packet is included in a MAC address table entry, the switch
forwards the packet through the forwarding egress port in the entry.
Broadcast forwarding: If the destination MAC address carried in the packet is not included in the MAC address table, the
switch broadcasts the packet to all ports except the one receiving the packet.
Each hardware device that you connect to your Ethernet network has a unique MAC address assigned to it by the devices
manufacturer. For example, every network interface card (NIC) that you use to connect your computers to your network has a
MAC address assigned to it by the adapters manufacturer.
The switch contains a MAC address table with a storage capacity of up to 16,000 entries. The switch uses the table to store
the MAC addresses of the network nodes connected to its ports, along with the port number on which each address was
learned.
The switch learns the MAC addresses of the end nodes by examining the source address of each packet received on a port. It
adds the address and port on which the packet was received to the MAC table if the address has not already been entered in
the table. The result is a table that contains all the MAC addresses of the devices that are connected to the switchs ports,
and the port number where each address was learned.
When the switch receives a packet, it also examines the destination address and, by referring to its MAC address table,
determines the port where the destination node is connected. It then forwards the packet to the appropriate port and on to
the end node. This increases network bandwidth by limiting each frame to the appropriate port when the intended end node
is located, freeing the other switch ports for receiving and transmitting data.
If the switch receives a packet with a destination address that is not in the MAC address table, it floods the packet to all the
ports on the switch. If the ports have been grouped into virtual LANs, the switch floods the packet only to those ports which
belong to the same VLAN as the port on which the packet was received. This prevents packets from being forwarded onto
inappropriate LAN segments and increases network security. When the destination node responds, the switch adds its MAC
address and port number to the table.
If the switch receives a packet with a destination address that is on the same port on which the packet was received, it
discards the packet without forwarding it on to any port. Because both the source node and the destination node for the
packet are located on the same port on the switch, there is no reason for the switch to forward the packet. This too increases
network performance by preventing frames from being forwarded unnecessarily to other network devices.
The type of MAC address described above is referred to as a dynamic MAC address. Dynamic MAC addresses are addresses
that the switch learns by examining the source MAC addresses of the frames received on the ports.
Dynamic MAC addresses are not stored indefinitely in the MAC address table. The switch deletes a dynamic MAC address from
the table if it does not receive any frames from the node after a specified period of time. The switch assumes that the node
with that MAC address is no longer active and that its MAC address can be purged from the table. This prevents the MAC
address table from becoming filled with addresses of nodes that are no longer active.
The period of time that the switch waits before purging an inactive dynamic MAC address is called the age-out time. The
default value is 300 seconds (5 minutes) and the range is 15 to 3000 seconds. For instructions on changing the aging timer,
refer to Setting the Age-Out Time.
76. If switch is connected to four ports. Then how many mac address will be there in switch ?
For every port, there will be one mac address. Apart from this switch has one default mac address ie for vlan 1 used for
management purpose(used in case of managed switch).
77. What happens when hub is connected in between of two switches . what will happen when one of the links
connected to hub goes down . how stp work?
Hub wont have any effect in topology since hub is L1 device.
78. When three routers are connected back to back in ospf topology. Will loop occur?
No loop will not occur. If cost is same for both links load balancing will happen otherwise best route is choosen based on ##
sequence number.
In a link-state routing protocol, such as OSPF or IS-IS, a routing loop disappears as soon as the new network topology is
flooded to all the routers within the routing area.
Link State Advertisements
LSAs contain a sequence number and a Router ID. Sequence numbers are 32 bits, starting with 080000001. The sequence
number increases if:
a route is added or deleted
a LSA ages out
The largest sequence number is always the most current. The default time that LSAs are aged out is 30 minutes. When an
LSA enters a router, it checks it against its internal Link State Database (LSDB).
If it is new, it is added to the LSDB and the SPF algorithm is re-run.
If it contains a Router ID (RID) that is already in the database, entries with an older sequence number are discarded.
If it receives an older version (according to its sequence number), it discards the LSA and sends back the newer version to
the original sender.

All OSPF routers synchronize their link state databases (LSDB) and then run the shortest path first (SPF) algorithm (all the
routers have the very same topology information but set themself as root of the tree), so the calculations result in loop-free
shortest paths to the destinations. This is a key property of link-state routing protocols.
OSPF is link state protocol, Router exchange routing information through LSA in OSPF domain.
When any change occures in network, LSA exchange happens.LSA have sequence number starting with 0x80000001 and
it increament by one.
Whenever network changes happen routers update LSA to other routers and router checks the sequence number if it is older
one it ignore the LSA.
If it is new one it sent to LSDB.
79. What is default route?
Also known as the gateway of last resort, a default route is a special type of static route with an all-zeros network and
network mask. The default route is used to route any packets to a network that a router does not directly know about to a
next-hop router. By default, if a router receives a packet to a destination network that is not in its routing table, it drops the
packet. When a default route is specified, the router does not drop the packet. Instead, it forwards the packet to the IP
address specified in the default route.
80. What is the major difference between BGP and IGP route summarization?
When a summary address is created with an IGP (EIGRP, OSPF, and IS-IS), the specific routes of the summary are not
advertised. BGP advertises the summary, and all the specific routes of the summary unless they are specifically suppressed.
81. Why does IBGP require a full mesh?
BGP uses the AS _PATH attribute for loop detection. If a router sees its own AS number in a BGP advertisement, the
advertisement is dropped. IBGP routers have the same AS number so the AS number cannot be used for loop detection. IBGP
neighbors will not advertise prefixes learned from one IBGP neighbor to another IBGP neighbor; therefore, a full mesh is
required.
82. How many OSPF databases are on an OSPF router?
The number of OSPF databases on a router is equal to the number of OSPF areas configured on the router.
83. How does OSPF determine an inter area shortest path?
First, calculate the shortest path to an ABR.
Second, calculate the shortest path across area 0 to an ABR that is attached to the destination area.
Third, calculate the shortest path across the destination area from the ABR to the destination network.
84. Why are intra-area summary routes not allowed?
OSPF databases on routers in the same area must be identical. If route summarization was allowed within an area, some
routers would have specific routes and some routers would have summary routes for routers in the area. If this were allowed,
the databases for the area would never agree.
85. Can I run two BGP process on single router?
No, You cannot run two BGP process on a Single Router. But this is possible in case of ospf . In ospf we can enable two
processes on two separate interfaces. Doing so we can segregate the routes between two interfaces and we will have two
separate databases and separate ospf processes dont share betweem themselves unless redistribution is used.
86. Default BGP timers?
There are two primary timers in BGP. The first is the Hold Down timer, the other is the Keepalive Interval.
The Hold Down Timer indicates how long a router will wait between hearing messages from it's neighbor. The Hold Down
Timer defaults to 180 seconds on a Cisco router, but can be reconfigured.
cisco default setting: 60 seconds
To be certain that a BGP session stays up and functional, Keepalive messages are exchanged. The Keepalive Interval counts
down to zero and then sends out another Keepalive. There is no timer for route updates, as updates happen dynamically on
an incremental basis.
87. What is recursive lookup in BGP and how it works?
The router looks up the BGP route and the BGP next hop to reach a destination in the remote AS. Then the router looks up the
route to reach the BGP next hop using the IGP.
88. What is an IP Helper address feature and why is it required in a DHCP environment
DHCP Discover packets are broadcast packets. This means that a DHCP Discover packet which is sent from the client would
not reach the DHCP Server , if the server resides on a different network. This is because, routers are required for
communication between different networks and routers do not forward broadcast packets. The IP Helper address feature is
configured on the router. The feature informs the router the DHCP Servers IP address for the network. So, when the router
receives the DHCP Discover packet, it would convert it from broadcast to unicast packet and then send it to the DHCP Server.
89. What is a DHCP Scope and why is it required
A scope includes information like IP address ranges, Subnet Masks, gateway address, DNS Server etc. This required so that
clients would require the necessary information from the server.
90. How would you troubleshoot DHCP server related issues.
Check the IP connectivity with the DHCP server from a system configured on the network. Test if the DHCP client and server
service is started on the DHCP server and the client. Test if the DHCP server service is reachable using nmap.
91. What is difference in L2 and L3 Switch
L2 switch is mac address based whereas L3 switch is based on logical address.

Creating vlans in L2 switch and communicating between vlans is not possible. Communication between vlans is possible in L3
Switch.
With L3 switch we can connect to WAN link but it is not possible with L2 switch.
92. Changing the reference bandwidth for the cost on OSPF interfaces
Each interface on which OSPF is enabled has a cost associated with it. The device advertises its interfaces and their costs to
OSPF neighbors. For example, if an interface has an OSPF cost of ten, the device advertises the interface with a cost of ten to
other OSPF routers.
By default, an interfaces OSPF cost is based on the port speed of the interface. The cost is calculated by dividing the
reference bandwidth by the port speed. The default reference bandwidth is 100 Mbps, which results in the following default
costs:
10 Mbps port - 10
All other port speeds - 1
You can change the reference bandwidth, to change the costs calculated by the software.
The software uses the following formula to calculate the cost:
Cost = reference-bandwidth/interface-speed
If the resulting cost is less than 1, the software rounds the cost up to 1. The default reference bandwidth results in the
following costs:
10 Mbps ports cost = 100/10 = 10
100 Mbps ports cost = 100/100 = 1
1000 Mbps ports cost = 100/1000 = 0.10, which is rounded up to 1
10 Gbps ports cost = 100/10000 = 0.01, which is rounded up to 1
The bandwidth for interfaces that consist of more than one physical port is calculated as follows:
LAG group - The combined bandwidth of all the ports.
Virtual interface - The combined bandwidth of all the ports in the port-based VLAN that contains the virtual interface.
The default reference bandwidth is 100 Mbps. You can change the reference bandwidth to a value from 1 - 4294967.
If a change to the reference bandwidth results in a cost change to an interface, the device sends a link-state update to
update the costs of interfaces advertised by the device.
NOTE: If you specify the cost for an individual interface, the cost you specify overrides the cost calculated by the software.
93. Why the forwarding address is set to 0.0.0.0 instead of 110.100.1.1?
The forwarding address is set to 0.0.0.0 if the ASBR redistributes routes and OSPF is not enabled on the next hop interface for
those routes.
These conditions set the forwarding address field to a non-zero address:
OSPF is enabled on the ASBRs next hop interface AND
ASBRs next hop interface is non-passive under OSPF AND
ASBRs next hop interface is not point-to-point AND
ASBRs next hop interface is not point-to-multipoint AND
ASBRs next hop interface address falls under the network range specified in the router ospf command.
94. Which two options are advantages of NetFlow version 9 over NetFlow version 5?
NetFlow version 9 adds support for IPv6 headers.
NetFlow version 9 adds support for MPLS labels.
94. what is Etherchannel?
EtherChannel is a term used to describe bundling or aggregating 2-8 parallel links. EtherChannel provides a level of link
redundancy. If one link in the bundle fails, traffic sent through that link is automatically moved to an adjacent link in the
bundle.
Normally multiple links between switches creates the potential for bridging loops, but because an EtherChannel bundle is
treated as a single logical link by both switches, it avoids the problem.
Spanning Tree sees the bundle as a single link so individual ports will not be placed in a blocked STP state, allowing greater
bandwidth utilization. If there are two redundant EtherChannel bundles, one entire EtherChannel will be blocked by STP to
prevent a loop.
Any changes made to an interface after the EtherChannel has been created will be automatically make the same change to
all other ports in that bundle. Also bundles cannot form if any of the assigned ports are SPAN ports.
EtherChannel links can be either access or trunk links, but if they are trunked (usually the case), they require the following be
the same on all connected interfaces:
VLANs
Trunking Mode
Native VLAN
Speed
Duplex
95. What are the Etherchannel link negotiation protocols?
EtherChannel link negotiation protocols
PAgP (Port Aggregation Protocol)
Cisco proprietary
Forms EtherChannel only if ports are configured for identical static VLANs or trunking
Will automatically modify interface parameters on all ports of the bundle if the EtherChannel interface is changed
STP sends packets over only one physical link in a PAgP bundle. Because STPs algorithm uses the lowest port priority (priority
+ port ID), if defaults are set, STP will always use the lowest number port for BPDUs.
LACP (Link Aggregation Control Protocol)
An open standard to PAgP
IEEE 802.3ad

Uses priority system for end switches

Switch with the lowest system priority (2 byte value followed by MAC lowest wins)
determines which ports are active in the EtherChannel at any given time
Uses port priority to determine which ports to place in standby mode if hardware
limitations do not allow all ports to participate in the EtherChannel
Most implementations leave the system and port priority to defaults
96. How load balancing happens in Ether Channel?
Etherchannel Load Balancing
The bundles use an algorithm to determine each links load, so they will never be able to operate at 100% capacity of the
sum of the links. That means the load will not be balanced equally amongst the individual links. A hash algorithm is used to
determine which individual interface each frame is forwarded through.
The algorithm can use source IP, destination IP, a combination of the two, source and destination MAC, or TCP/UDP port
numbers. If only one address or port number is used for the hash, the switch uses one or more low-order bits of the hash
results as an index into the bundled links. If two or more addresses and or TCP ports are hashed, the hash performs an XOR
on the low-order bits of the addresses or ports as the index.
To configure the EtherChannel load balancing type globally on the switch:
Switch(config)# port-channel load-balance method
Methods:
src-ip source IP
dst-ip destination IP
src-dst-ip source and destination IP (XOR) **DEFAULT METHOD**
src-mac source MAC
dst-mac destination MAC
src-dst-mac source and destination MAC (XOR)
src-port source port
dst-port destination port
src-dst-port source and destination port (XOR)
97. What are trunking modes of a switch port?
There are 5 possible trunking modes for a switch port:
Auto: this is the default mode. In this mode, a port will become a trunk port if the device the port is connected to is set to the
on or desirable mode.
Desirable: allows the port to become a trunk port if the device the port is connected to is set to the on, desirable, or auto
mode
On: sets the port to permanent trunking mode.
Nonegotiate: sets the port to permanent trunking mode without sending Dynamic Trunking Protocol (DTP) frames
Off: sets the port to permanent non-trunking mode
98. what is difference between LAG and LACP?
LAG : Link aggregation group(LAG) combination of multiple links between two devices to form a single(larger ) link

LAG is a process of inter-connecting two switches with two or more links between them (or between a switch and a server), so
that multiple links are combined into one bigger virtual link that can carry a higher (combined) bandwidth. All these multiple
links participating in a Link Aggregation Group act like a single large (virtual) link.
LAG is also used for increasing link reliability. Since multiple links connect two devices, even if one fails the other links keep
carrying the information and the traffic on the failed link is also transferred to them. That way, loss of a single link between
two switches doesnt stop the communication between them. Multiple links participating in a LAG can also load-balance the
traffic between them so that traffic is evenly distributed.
The number of links that can combine to form a larger link between two devices is generally restricted by the hardware
vendor. LAG is a static protocol and needs to be configured individually for each pair of physical ports. LAG is a standard.
LACP Link Aggregation Control Protocol

LACP is similar to LAG, where multiple ports/links between two switches combine to provide higher bandwidth links between
them. Additionally, ports that are LACP enabled can automatically configure themselves into trunk groups, without any
manual configuration/intervention.
The main purpose of LACP is to automatically add/delete individual links to the aggregate bundle, while adding new links and
also after recovering from link failures. LACP can monitor to verify if all the links are connected to the right group. Basically,
LACP helps automate the configuration and maintenance of LAGs.
LACP is a dynamic protocol. It is sufficient if multiple ports on various devices are LACP enabled, once. LACP is a standard and
hence LACP can be implemented between multi-vendor switches. LACP should be enabled on the trunk ports initially in order
for both the participating switches/devices that support the standard, to use it. If there are more links (between two devices)
than what is supported by the vendor for LACP, the additional links are placed in stand-by mode and activated automatically
when a link fails.
LACP, otherwise known as IEEE 802.1ax Link Aggregation Control Protocol, is simply a way to dynamically build an
EtherChannel. Essentially, the active end of the LACP group sends out special frames advertising the ability and desire to
form an EtherChannel. Its possible, and quite common, that both ends are set to an active state (versus a passive state).
Additionally, LACP only supports full duplex links (which isnt a concern for gigabit or faster links). Once these frames are
exchanged, and if the ports on both side agree that they support the requirements, LACP will form an EtherChannel.
http://www.thomas-krenn.com/en/wiki/Link_Aggregation_and_LACP_basics
99. What are limitations of SNMP?
While SNMP provides good network management at the macro level, it does not provide many network details required to
solve many network issues. Since it needs to manage multiple devices manufactured by different vendors, the parameters
that SNMP can manage are quite limited, based on the standards defined. But network devices are always very different from
each other. Some are really complex. So, customization for management of particular elements cannot be defined by the
user.
100. What happens when one computer (C1) wants to communicate with another computer (C2) in a LAN
segment?
When it comes to the Layer 2 communications between networked systems, IP address is not used. So, within a LAN segment
computers identify each other and communicate with each other using the MAC Address. So, when Computer (C1) gets the
target IP address of the Computer (C2) it wants to communicate with,
It first looks at its own ARP cache (which is a table that contains the IP addresses and their corresponding MAC addresses for
computers/ systems within a network) to see if it already has the MAC address for the computer (C2), it wants to
communicate with.
If the MAC address of C2 is present in its ARP cache table, it can then append the message with the corresponding MAC
address and send it over the network (cable, switch).
If the MAC address of C2 is not present in its ARP cache table, C1 will broadcast an ARP request message to all the computers
/ systems in the network indicating that it wants the MAC address for the IP address in its possession.
This ARP request is received by all the systems in the network, but only the computer with the target IP address (C2)
responds to C1 with an ARP reply message, indicating its MAC address.
Now since C1 has both IP address and MAC address of C2, it will communicate with C2 using this information. In the process,
both C1 and C2 update their ARP cache tables with the newly acquired information so that the next time the ARP broadcast
message can be avoided.
What is ARP (Address Resolution Protocol)?
As you see in the above example, an ARP Address Resolution Protocol is used to translate an IP address into MAC address.
There are two type of ARP messages ARP request that is broadcast to all the systems in a LAN segment and the ARP reply
that is unicast to the requesting station alone. ARP messages contain source and destination IP addresses & MAC addresses
(if available), among other information.
The Address Resolution Protocol is used within a single LAN segment and cannot be routed across a different network. A
Gratuitous ARP message is broadcast to all the systems of a LAN segment when a system is just starting up or when the IP
address/ MAC address of system has changed. This enables the computers in a LAN to update their ARP cache tables
appropriately. This message does not solicit a response.
In IPv6, there is a protocol called Neighbor Discovery Protocol (NDP) that does the same function as the ARP in IPv4.
101. What is an ARP Cache / Cache Table?
Since computers cannot send broadcast messages every time they need to connect with another network device, they store
the IP addresses and the corresponding MAC addresses of systems they frequently communicate with, in a table called ARP
Cache table. All the systems in the LAN maintain this table. The entries in the ARP cache table are generally short lived and
are updated every 15-20 minutes.
Since a LAN segment consists of a number of computing devices, some individual ARP table entries are removed if the
system doesnt communicate with certain devices for considerable amount of time. This is done mainly to limit the size of
ARP cache.
102. What is ARP Poisoning?
The Address Resolution Protocol itself doesnt come with any authentication / protection mechanism. So, ARP requests or/and
replies can be forged by malicious systems under the control of hackers. If a forged ARP request/ reply is used to update the
ARP cache of another system, the process is called ARP poisoning. This is mainly done to redirect network traffic for malicious
purposes.
103. What is ARP broadcast storm?
The ARP traffic on a network can be around 10% of the network traffic during normal times and up to 85% of the network
traffic during abnormal network conditions caused by ARP broadcast storm. Basically, ARP requests are broadcast multiple

times or to multiple systems (sometimes more than thousand requests within a second) during an ARP broadcast storm
thereby taking up a lot of network bandwidth and thereby making normal network communications difficult.
This can happen due to a lot of reasons and some of them are given below:
ARP request for a non existent host triggers a series of ARP messages within a short interval of time. Its only eventually that
ARP gives up.
Virus/ malware in a system can generate a lot of ARP broadcast messages in order to create a DOS type of network attack.
If there are loops within the network that are not prevented by using protocols like STP/ RSTP, ARP requests would be looped
back and fourth between switches creating an ARP broadcast storm.
Incorrect router configuration, Network Interface Card/ Network Switch malfunction can also create ARP broadcast storms.
A large unsegmented network is especially susceptible to excessive ARP broadcasts/ broadcast storms and hence it is always
a good practice to sub-divide a large network into various segments (using VLANs etc) and enable Inter-VLAN routing using
Layer-3 switches. This limits the broadcast domain to a limited number of systems.
So, next time when there is a congestion in the network, you can monitor for ARP broadcast storms as well. You can use
network monitoring tools like Wireshark to monitor for abnormal ARP activity.
104. How many mac address does a switch have ?
It is based on a number of ports on switch + 1 default base mac address (for vlan 1)
105. What is double tagging?
With the IEEE standard 802.1ad, double-tagging can be useful for Internet service providers, allowing them to use VLANs
internally while mixing traffic from clients that are already VLAN-tagged. The outer (next to source MAC and representing ISP
VLAN) S-TAG (service tag) comes first, followed by the inner C-TAG (customer tag). In such cases, 802.1ad specifies a TPID of
0x88a8 for service-provider outer S-TAG.

106. which packet contains MTU parameter in case of OSPF?

Interface MTU is present in the Database description packet of OSPF.
107. If MTU size mismatch happens in router in BGP .Will sessions be up ?
Sessions will not come up .
Configuring MTU Discovery for BGP Sessions
TCP path maximum transmission unit (MTU) discovery enables BGP to discover the best TCP path MTU for each BGP session
automatically. In Junos OS, TCP path MTU discovery is disabled by default for all BGP neighbor sessions.
When MTU discovery is not enabled, TCP sessions that are not directly connected transmit packets of 512-byte maximum
segment size (MSS). These small packets minimize the chances of packet fragmentation at a device along the path to the
destination. However, when you consider that most links use an MTU of at least 1500 bytes, 512-byte packets do not result in
the most efficient use of link bandwidth. For directly connected EBGP sessions, MTU mismatches prevent the BGP session
from being established. As a workaround, enable path MTU discovery within the EBGP group.
Path MTU discovery dynamically determines the MTU size on the network path between the source and the destination, with
the goal of avoiding IP fragmentation. Path MTU discovery works by setting the Dont Fragment (DF) bit in the IP headers of
outgoing packets. When a device along the path has an MTU that is smaller than the packet, the device drops the packet. The
device also sends back an ICMP Fragmentation Needed (Type 3, Code 4) message that contains the device MTU, thus allowing
the source to reduce its path MTU appropriately. The process repeats until the MTU is small enough to traverse the entire path
without fragmentation.
To enable MTU discovery, include the mtu-discovery statement:
BGP Path MTU Discovery
When a host generates Data, the packetization layer (TCP/UDP) will decide the packet size based on the MTU size of the
outgoing interface. When the packet traverses along the path to ultimate destination, it may get fragmented if the MTU of
outgoing interface on any router is less than the packet size. Packet fragmentation on intermittent router is always
considered inefficient as it may result in below:
1. One fragment lost will result in entire packet sent from the source.
2. Introduce CPU/buffer burden.
Path MTU Discovery is introduced to reduce the chances of IP packet getting fragmented along the path. The ultimate source
will use this feature to identify the lowest MTU along the path to destination and will decide the packet size.
108. How does PMTUD works?
When the host generates the packet, it decides the size as MTU size of the outgoing interface and set the DF bit.
Any receiving intermittent device who has MTU less than the packet size on outgoing interface have two choices:
1. Fragment and send if the DF bit is not set

2. Drop the packet and send an ICMP error message with Type=3 (Destination Unreachable); Code=4 (Fragmentation needed
and DF bit set)
ICMP error message will have the MTU details of the outgoing interface in Next-Hop MTU field.
Source on receiving the error message will now send the packet with mentioned MTU. This continues till it reaches the
ultimate destination.
BGP support for Path MTU Discovery
Introducing Path MTU Discovery on BGP session allows the BGP router to discover the best MTU size along the path to
neighbor resulting in efficient way of exchanging BGP packets.
Consider the below scenario for further reading,

Initial TCP negotiation between R1 and R5 will have MSS value equal to (IP MTU 40 bytes of IP header) with DF set. In our
case, IP MTU is 1500 which results in 1460 as MSS. As the initial negotiation packets are very small, it mostly moves the BGP
to Established state with MSS as same value.
R1#sh ip bgp nei | inc Data
Datagrams (max data segment is 1460 bytes):
After TCP negotiation, when the BGP update packets are sent, DF bit will be set wich will result in ICMP error message from R3
with 300 as Next-Hop MTU. Now the MSS is reduced to 260 (300 40 bytes of IP header).
R1#sh ip bgp nei | inc Data
Datagrams (max data segment is 260 bytes)
R1#
Now, with the same topology, when some intermittent device is not able to forward ICMP (some Firewall in between), end to
end Path MTU discovery will not be successful. This may result in BGP session flap.
We have configured ACL on R2 to block ICMP message towards R1. So ICMP error message from R3 will not reach R1.
As soon we have BGP configured between R1 and R5, TCP negotiation will be successful and BGP will move to Established
state. Now when the BGP Update is sent to R5, it will send the same with DF bit set. When a BGP router send BGP Update to
any neighbor, it will not send keepalive. R3 on receiving it, will send an ICMP error message to R1 which is getting blocked in
R2.
R5 after BGP session is up will except either BGP update or keepalive from R1 to reset the hold down timer. After 180
seconds, it will neither receive Update nor keepalive resulting in sending BGP Notification to R1 with error message as Hold
time expired.
R1#sh ip bgp nei | inc Data
Datagrams (max data segment is 1460 bytes):
R1#
*Mar 22 15:16:23.033: %BGP-3-NOTIFICATION: received from neighbor 150.1.5.5 4/0 (hold time expired) 0 bytes
R1#
*Mar 22 15:16:23.033: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Down BGP Notification received
R1#
*Mar 22 15:16:55.621: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Up
R1#
*Mar 22 15:19:56.409: %BGP-3-NOTIFICATION: received from neighbor 150.1.5.5 4/0 (hold time expired) 0 bytes
R1#
*Mar 22 15:19:56.409: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Down BGP Notification received
R1#
*Mar 22 15:20:13.361: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Up
109.How does a router knows whether it has to fragment a packet or not?
IP Fragmentation
An IP packet that is larger than the Maximum Transmission Unit (MTU) of an interface, is too large for transmission over that
interface. The packet must either be fragmented, or discarded (and an ICMP error message returned to the sender). In either
case, the original data will be fragmented into smaller packets (less than the smallest MTU) in order to allow it to be received
by the final destination system.
There are two approaches to doing this fragmentation:
IP Router Segmentation - performing the fragmentation in the routers
IP Path MTU Discovery - forcing the sender to perform the fragmentation
IP Fragmentation processing at a Router
The simplest approach from the end-system point of view is not to worry about the MTU size. In this simple approach, the
sender simply has to ensure that each packet is less than the MTU of the link on which it is sent. (The router always knows
this from the link interface configuration information).
Large IP packets that exceed the MTU of the link between R1 and R2 are fragmented by R1 in to two or more IP packets each
smaller than the MTU size.
The network layer then has to arrange to cut packets up into smaller fragments whenever a router encounters a link with an
MTU smaller than the received IP packet size. All the fragments of an IP packet carry the same ID in the IP packet header
(allowing the final receiver to reassemble the fragmented parts into the original PDU). This is called "IP fragmentation" or "IP
segmentation". The problem is, this offloads a lot of work on to routers, and in the worst case, can also result in packets being
segmented by several IP routers one after another, resulting in very peculiar fragmentation.
Fragmentation Method
To fragment/segment a long internet packet, a router (R1 in the figure below) creates a new IP packet and copies the contents
of the IP header fields from the long packet into the new IP header. The data of the long packet is then divided into two
portions on a 8 byte (64 bit) boundary, so that the first packet is less than the MTU of the out-going interface. The more-

fragments flag (MF) in the first packet is set to one (to indicate that more fragments of this packet follow). The More Flag may
already be set in this packet if it has already been fragmented by another system. This packet is forwarded.
The second created new packet is then processed. The packet header field is identical to that of the original packet (including
the same value of the packet ID, the total length field, the more-fragments flag (MF) and the fragment offset field in the
original packet). The packet header field is updated with a new offset field, by adding the number of payload bytes sent in the
first fragment. If this new packet is larger than the allowed link MTU, the packet is again fragmented.

IP Router Fragmentation
Any packet that has a more fragments (MF) flag set, must have an integral multiple of 8 bytes. (The final fragment, which
does not have this flag set, may have an arbitrary number of bytes).
IP Router fragmentation is not recommended in the modern Internet, and this feature was not carried-forward when the next
generation Internet Protocol (IPv6) was specified.
IP Fragmentation processing at a Sender
Path MTU Discovery allows a sender to fragment/segment a long internet packet, rather than relying on routers to perform IPlevel fragmentation. This is more efficient and more scalable. It is therefore the recommended method in the current Internet.
This is also the only method supported in IPv6.
IP Reassembly processing at the Receiving End System
IP fragmentation and reassembly employs updating and using the values in the second 32 bits of the IPv4 packet header. An
end system that accepts an IP packet (with a destination IP address that matches its own IP source address) will also
reassemble any fragmented IP packets before these are passed to the next higher protocol layer.
The system stores all received fragments (i.e., IP packets with a more-fragments flag (MF) set to one, or where the fragment
offset is non-zero), in one of a number of buffers (memory space). Packets with the same 16-bit Identification value are stored
in the same buffer, at the offset specified by the fragment offset field specified in the packet header.
Packets which are incomplete remain stored in the buffer until either all fragments are received, OR a timer expires,
indicating that the receiver does not expect to receive any more fragments. Completed packets are forwarded to the next
higher protocol layer.
110. What are the issues with IP fragmentation?
There are several issues that make IP fragmentation undesirable. There is a small increase in CPU and memory overhead to
fragment an IP datagram. This holds true for the sender as well as for a router in the path between a sender and a receiver.
Creating fragments simply involves creating fragment headers and copying the original datagram into the fragments. This
can be done fairly efficiently because all the information needed to create the fragments is immediately available.
Fragmentation causes more overhead for the receiver when reassembling the fragments because the receiver must allocate
memory for the arriving fragments and coalesce them back into one datagram after all of the fragments are received.
Reassembly on a host is not considered a problem because the host has the time and memory resources to devote to this
task.
But, reassembly is very inefficient on a router whose primary job is to forward packets as quickly as possible. A router is not
designed to hold on to packets for any length of time. Also a router doing reassembly chooses the largest buffer available
(18K) with which to work because it has no way of knowing the size of the original IP packet until the last fragment is
received.
Another fragmentation issue involves handling dropped fragments. If one fragment of an IP datagram is dropped, then the
entire original IP datagram must be resent, and it will also be fragmented. You see an example of this with Network File
System (NFS). NFS, by default, has a read and write block size of 8192, so a NFS IP/UDP datagram will be approximately 8500
bytes (including NFS, UDP, and IP headers).
A sending station connected to an Ethernet (MTU 1500) will have to fragment the 8500 byte datagram into six pieces; five
1500 byte fragments and one 1100 byte fragment. If any of the six fragments is dropped because of a congested link, the
complete original datagram will have to be retransmitted, which means that six more fragments will have to be created. If
this link drops one in six packets, then the odds are low that any NFS data can be transferred over this link, since at least one
IP fragment would be dropped from each NFS 8500 byte original IP datagram.
Firewalls that filter or manipulate packets based on Layer 4 (L4) through Layer 7 (L7) information in the packet may have
trouble processing IP fragments correctly. If the IP fragments are out of order, a firewall may block the non-initial fragments
because they do not carry the information that would match the packet filter. This would mean that the original IP datagram
could not be reassembled by the receiving host. If the firewall is configured to allow non-initial fragments with insufficient
information to properly match the filter, then a non-initial fragment attack through the firewall could occur. Also, some
network devices (such as Content Switch Engines) direct packets based on L4 through L7 information, and if a packet spans
multiple fragments, then the device may have trouble enforcing its policies.
111. What TCP MSS Does and How It Works?
The TCP Maximum Segment Size (MSS) defines the maximum amount of data that a host is willing to accept in a single TCP/IP
datagram. This TCP/IP datagram may be fragmented at the IP layer. The MSS value is sent as a TCP header option only in TCP
SYN segments. Each side of a TCP connection reports its MSS value to the other side. Contrary to popular belief, the MSS

value is not negotiated between hosts. The sending host is required to limit the size of data in a single TCP segment to a
value less than or equal to the MSS reported by the receiving host.
Originally, MSS meant how big a buffer (greater than or equal to 65496K) was allocated on a receiving station to be able to
store the TCP data contained within a single IP datagram. MSS was the maximum segment (chunk) of data that the TCP
receiver was willing to accept. This TCP segment could be as large as 64K (the maximum IP datagram size) and it could be
fragmented at the IP layer in order to be transmitted across the network to the receiving host. The receiving host would
reassemble the IP datagram before it handed the complete TCP segment to the TCP layer.
Below are a couple of scenarios showing how MSS values are set and used to limit TCP segment sizes, and therefore, IP
datagram sizes.
Scenario 1 illustrates the way MSS was first implemented. Host A has a buffer of 16K and Host B a buffer of 8K. They send
and receive their MSS values and adjust their send MSS for sending data to each other. Notice that Host A and Host B will
have to fragment the IP datagrams that are larger than the interface MTU but still less than the send MSS because the TCP
stack could pass 16K or 8K bytes of data down the stack to IP. In Host B's case, packets could be fragmented twice, once to
get onto the Token Ring LAN and again to get onto the Ethernet LAN.
Scenario 1

Host
Host
Host
Host
Host
Host

A
B
B
B
A
A

sends its MSS value of 16K to Host B.

receives the 16K MSS value from Host A.
sets its send MSS value to 16K.
sends its MSS value of 8K to Host A.
receives the 8K MSS value from Host B.
sets its send MSS value to 8K.

In order to assist in avoiding IP fragmentation at the endpoints of the TCP connection, the selection of the MSS value was
changed to the minimum buffer size and the MTU of the outgoing interface (- 40). MSS numbers are 40 bytes smaller than
MTU numbers because MSS is just the TCP data size, which does not include the 20 byte IP header and the 20 byte TCP
header. MSS is based on default header sizes; the sender stack must subtract the appropriate values for the IP header and
the TCP header depending on what TCP or IP options are being used.
The way MSS now works is that each host will first compare its outgoing interface MTU with its own buffer and choose the
lowest value as the MSS to send. The hosts will then compare the MSS size received against their own interface MTU and
again choose the lower of the two values.
Scenario 2 illustrates this additional step taken by the sender to avoid fragmentation on the local and remote wires. Notice
how the MTU of the outgoing interface is taken into account by each host (before the hosts send each other their MSS values)
and how this helps to avoid fragmentation.
Scenario 2

Host
Host
Host
Host

A compares its MSS buffer (16K) and its MTU (1500 - 40 = 1460) and uses the lower value as the MSS (1460) to send to
B.
B receives Host A's send MSS (1460) and compares it to the value of its outbound interface MTU - 40 (4422).
B sets the lower value (1460) as the MSS for sending IP datagrams to Host A.

Host B compares its MSS buffer (8K) and its MTU (4462-40 = 4422) and uses 4422 as the MSS to send to Host A.
Host A receives Host B's send MSS (4422) and compares it to the value of its outbound interface MTU -40 (1460).
Host A sets the lower value (1460) as the MSS for sending IP datagrams to Host B.
1460 is the value chosen by both hosts as the send MSS for each other. Often the send MSS value will be the same on each
end of a TCP connection.
In Scenario 2, fragmentation does not occur at the endpoints of a TCP connection because both outgoing interface MTUs are
taken into account by the hosts. Packets can still become fragmented in the network between Router A and Router B if they
encounter a link with a lower MTU than that of either hosts' outbound interface.
http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html#topic2
112. Explain ping packet(ICMP echo request/reply) format?
An Echo is simply what we networking engineers call a 'ping'. The Echo Reply is, as most would guess, the 'ping reply'. ICMP
Echos are used mostly for troubleshooting. When there are 2 hosts which have communication problems, a few simple ICMP
Echo requests will show if the 2 hosts have their TCP/IP stacks configured correctly and if there are any problems with the
routes packets are taking in order to get to the other side.
The 'ping' command is very well known, but the results of it are very often misunderstood and for that reason I have chosen
to explain all those other parameters next to the ping reply, but we will have a look at that later on.
Let's have a look at what an ICMP-Echo or Echo Reply packet looks like:

If the above packet was an ICMP Echo (ping), then the Type field takes a value of 8. If it's an ICMP Echo Reply (ping reply) then
it would take a value of 0.
The picture below is a screen shot I took when doing a simple ping from my workstation:

Okay, now looking at the screen shot above, you can see I 'pinged' www.firewall.cx. The first thing my workstation did was to
resolve that URL to an IP address. This was done using DNS. Once the DNS server returned the IP address of www.firewall.cx,
the workstation generated an ICMP packet with the Type field set to 8.
Here is the proof:

The picture above is a screenshot from my packet sniffer the same time this experiment was taking place. The packet
displayed is one of the 4 packets which were sent from my workstation to the webserver of firewall.cx
Notice the ICMP type=8 Echo field right under the ICMP Header section. This clearly shows that this packet is being sent from
the workstation and not received. If it was received, it would have been an 'Echo Reply' and have a value of 0.
The next weird thing, if anyone noticed, is the data field. Look at the screen shot from command prompt above and notice the
value there and the value the packet sniffer is showing on the left. One says 32 Bytes, and the other 40 Bytes !
The reason for this is that the packet sniffer is taking into account the ICMP header files (ICMP type, code, checksum and
identifier), and I'll prove it to you right now.
Look at the top of this page where we analysed the ICMP headers , you will notice that the lengths (in Bits) of the various
fields are as follows: 8, 8, 16, 16, 16. These add up to a total of 64 Bits. Now 8 Bits = 1 Byte, therefore 64 Bits = 8 Bytes. Take
the 32 Bytes of data the workstation's command prompt is showing and add 8 Bytes .... and you have 40 Bytes in total.
113. Two routers A and B are connected back to back with hub in between. Router A ip is 2.2.2.2 and Router B
ip 3.3.3.3. Will ping happens? Will ARP happens?
Ping will fail so do arp.
Router#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Here routing table and ARP table do not show any entry of router B
Router#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets
C
2.2.2.0 is directly connected, FastEthernet0/0
Router#
Router#
Router#show arp
Protocol Address
Age (min) Hardware Addr Type Interface
Internet 2.2.2.2
- 0007.EC3B.29C5 ARPA FastEthernet0/0
Routers b2k interfaces need to be in same subnet.
Now I configured router B interface as 2.2.2.1
Router#ping 2.2.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 0/0/0 ms
Router#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
2.0.0.0/24 is subnetted, 1 subnets
C
2.2.2.0 is directly connected, FastEthernet0/0
Router#
Router#show arp
Protocol Address
Age (min) Hardware Addr Type Interface
Internet 2.2.2.1
0 0060.7039.799A ARPA FastEthernet0/0
Internet 2.2.2.2
- 0007.EC3B.29C5 ARPA FastEthernet0/0
114. ospf hello packets are multicast or unicast or broadcast?
Ospf hello packets are multicast and sent to all ospf routers address ie 224.0.0.5
115. Explain ospf packet overview?

116. What is primary difference between IBGP and EBGP in case of BGP?
The primary difference between E-BGP and I-BGP is a difference in TCP endpoint conventions. The endpoints of TCP
connections for EBGP sessions are the addresses of the physical interfaces over which the E-BGP session runs. The endpoints of TCP
connections for
I-BGP sessions correspond to a virtual (loopback) TCP connection over which the I-BGP session runs, and reflect a fully
meshed
network configuration
117. Why area 0 is required in case of Ospf?

Backbone Area 0 (level 2) is a central (transition) area to which all other areas are connected, which distributes routing
information between areas, and has the same properties as other areas. Backbone routers use the same procedures and
algorithms as Internal Routers.
118. Describe ospf adjacency process?
OSPF Routers go through various states exchanging messages as they proceed form Down to Full Adjacency. They initiate the
Hello process and decide on initialization parameters, for the adjacency they decide on a master/slave relationship, and then
they exchange/load each others databases using Database Description and LSA packets. When the databases are
synchronized the routers are considered to be in full adjacency.
119. Does ospf provide fragmentation?
Ospf does not provide any explicit fragmentation/reassembly support. When fragmentation is necessary, IP
fragmentation/reassembly is used.
120. What is ospf Interface MTU?
Interface MTU The size in bytes of the largest IP datagram that can be sent out the associated interface, without
fragmentation. Interface MTU should be set to 0 in Database Description packets sent over virtual links.
121. Why do you require a limit on the minimum size of Ethernet frame?
Ans. To detect collision, it is essential that a sender continue sending a frame and at the same time receives another frame
sent by another station. Considering maximum delay with five Ethernet segments in cascade, the size of frame has been
found to be 64 bytes such that the above condition is satisfied.
122. What is difference in Control plane, Data plane and Forwarding Plane?
http://networkstatic.net/the-control-plane-data-plane-and-forwarding-plane-in-networks/
123. Is there any L2 redundancy protocol other than STP ?
Etherchannels can be used for redundancy at L2. Other than this we have VRRP and HSRP but these are used for gateway
redundancy at L3.
124. What are the troubleshooting points for Etherchannels?
Troubleshooting EtherChannels
EtherChannel issues usually fall into one of three categories:
1. Every port participating in an EtherChannel must have identical speed, duplex, access or trunk settings. If an EtherChannel
isnt forming, check each port configuration.
2. Both sides of the EtherChannel must be configured as a bundle directly or by using a link aggregation protocol (LACP or
PAgP). If one side is configured as an EtherChannel and the other side is not, look for error-disabled EtherChannel ports on the
EtherChannel-enabled switch.
3. If traffic is only flowing over a single link in a bundle, it is likely that the hash algorithm should be adjusted to use different
seed values. Also note that link bundles should be used in even numbered pairs like 2, 4, 8, etc.
125. What are different BGP databases?
BGP Databases
Like most modern routing protocols, BGP has two separate databases a neighbor database and a BGP-specific database.
Neighbor Database
Lists all of the configured BGP neighbors
Router# show ip bgp summary
BGP Database
Lists all networks known by BGP along with their attributes.
Router# show ip bgp
126. What are benefits of routing?
Broadcast control
Multicast control
Optimal path determination
Traffic management
Logical addressing
Layer 3 security
127. Benefits of L3 Switching?
Hardware-based packet forwarding
High-performance
packet switching
High-speed
scalability
Low latency
Lower per-port cost
Flow accounting
Security
QoS
Layer 3 switching is hardware-based routing. A full Layer 3 switch does everything to a packet that a traditional router does.
Layer 3 switching is a combination of Layer 2 switching and Layer 3 routing to that provides integrated switching and routing.
While a router is like a mailroom with a single chute, a switch provides multiple chutes to direct data. Traditionally,
applications at Layer 2 are responsible for the validity and integrity of transmission from node to node. However, the advent

of the Internet has meant that most network traffic is now on a backbone system. Smart switches are now able to do most of
the functions of a router.
Layer 3 switches can be used to prioritize traffic and can control larger networks than Layer 2 switches, reducing the need to
create subnets isolated by routers.
The primary difference between the packet-switching operation of a router and a Layer 3 switch is the physical
implementation. In general-purpose routers, microprocessor-based engines typically perform packet switching. A Layer 3
switch performs packet switching with hardware.
Layer 3 devices can interrogate packets to determine priorities to allocate bandwidth, and this is where Quality of Service
(QoS) features are usually implemented.
When performing Layer 3 functions, a switch reads the TCP and User Datagram Protocol (UDP) fields to determine what type
of information the packet is carrying. The network manager can then program the switch to prioritize traffic by application.
When being used for QoS purposes, this means that a videoconferencing application might be granted more bandwidth than
an e-mail message.
If the network is only at 50 percent capacity on the backbone, each user or application on the network is already getting the
same QoS without Layer 4 switching.
128. What is multilayer Switch?
Combines functionality of:
Layer 2 switching
Layer 3 switching
Layer 4 switching
High-speed scalability
Low latency
Multilayer Switching is the combination of traditional Layer 2 switching with Layer 3 protocol routing in a single box, usually
through a fast hardware implementation.
Multilayer switches are not called routers because multilayer switches are much faster and generally less expensive than a
router with the same Layer 3 throughput.
The Catalyst family of switches does the following:
As a Layer 3 switch, caches flows based on the IP or IPX addresses.
As a Layer 4 switch, caches flows based on the source address, destination address, source port, and destination port.
Multilayer Switching products with high-speed hardware IP routing offer significant improvements in scalability and
performance over simple Layer 2 switches or traditional routers.
129. What is auto-negotiation?
The Auto-Negotiation function is an optional part of the Ethernet standard that makes it possible for devices to exchange
information about their abilities over a link segment. This, in turn, allows the devices to perform automatic configuration to
achieve the best possible mode of operation over a link.
At a minimum, Auto-Negotiation can provide automatic speed matching for multi-speed devices at each end of a link Multispeed Ethernet interfaces can then take advantage of the highest speed offered by a multi-speed hub port.
Stress: Auto-negotiation is not a fully implemented standard and, therefore, the behavior of the link cannot be guaranteed
when using this feature.
Cisco strongly recommends that each end of the link be manually configured for the desired duplex and speed.
130. What is ping used for?
The ping command sends a specified number of ICMP echo requests and measures the time the destination device takes to
respond to each request
To test connectivity to remote hosts.
Switch (enable) ping destination ip address
The ping command will return one of the following responses:
Success rate is 100 percent or ip address is alive. This response occurs in 1 to 10 seconds, depending on network traffic and
the number of ICMP packets sent.
Destination does not respond. No answer message is returned if the host does not respond.
Unknown host. This response occurs if the targeted host does not exist.
Destination unreachable. This response occurs if the default gateway cannot reach the specified network
Network or host unreachable. This response occurs if there is no entry in the route table for the host or network.
131. What is access link ?
An access link is a link that is a member of only one VLAN
Also emphasize the use of the native VLAN. An access link has a native VLAN that is the only VLAN that it supports. The
device on the end of the access is generally unaware that a VLAN ID even exists. The switch must deploy some mechanism
of identification so that a frame being received in an access link is marked with the correct VLAN information. This can be
done with either frame filtering (maintaining a table of VLAN-port assignments) or frame tagging (marking the frame as it
leaves the port to cross the backplane).
131. What is a trunk link?
A trunk link is capable of carrying multiple VLANs
Trunk links are typically used on switch-to-switch connections or switch to router connections. They can be used to connect
end devices such as servers; however, this is not as common. Trunk links carry multiple VLANs. A trunk link may have a
native VLAN which is the VLAN that it reverts to if the trunk fails, or in the case of 802.1Q, the VLAN identifier that is used if a
frame comes in from a non-trunk device. This allows 802.1Q to support trunk links and access links on the same port,
creating a hybrid link.
132. What are two different vlan tagging options?
The two different tagging options, as follows:
ISL (Cisco proprietary)
IEEE 802.1Q (industry standard)

133. How trunk negotiation happens?

Dynamic Trunk Protocol (DTP) handles the negotiation of trunk links
The Dynamic Trunk Protocol (DTP) makes trunking configuration easier. DTP negotiates port capability and configuration with
its neighboring peer ports for a proper trunk type: an ISL trunk, an 802.1Q trunk, or an access link. Also, a variety of hardware
may exist with different capabilitiessome capable of ISL only, some capable of 802.1Q only, or some capable of both ISL
and 802.1Q. DTP negotiation also takes into account these variations of hardware capabilities before it configures the port to
be a particular type of trunk.
During DTP negotiation, the ports will not participate in the Spanning-Tree Protocol. Only after the port type is configured to
be one of the three types (access, ISL trunk, or 802.1Q trunk), the port will be added to spanning tree. The basic requirement
for running DTP is that the port must be able to operate as an access port. Whenever a port fails to negotiate to become a
trunk port, it will stay an access port. If the negotiating ports allow, DTP prefers ISL to 802.1Q.
134. Explain how VTP enables propagation of VLAN data across the network.
VTP enables VLAN propagation across the network by advertising the VLANs that exist in a VTP domain to all other switches
in that domain on trunk links. This ensures that all switches in a VTP domain have a consistent view of the VLANs that exist
in their network.
135. Discuss how frame identification enables VLAN membership association.
There are two different methods of frame identification. These methods are IEEE 802.1Q and Cisco ISL. Each of these
techniques enables VLAN membership association by identifying the VLAN in the frame. IEEE 802.1Q does this by tagging, or
inserting, 4 bytes of VLAN information into the frame. Cisco ISL identifies the VLAN by encapsulating the frame with an
additional 30 bytes of information. These two methods allow the switch to identify the VLAN membership of the frame.
136. Define the three VTP modes of operation and describe how they work.
The three different VTP modes are server, client, and transparent.
Server mode allows VLANs to be created, deleted, and modified on the switch. In addition it saves the VLAN information to
NVRAM so that the VLANs are known the next time the switch is reset. Server mode VLANs are called global VLANs
because they will be copied by all other switches in the VTP domain.
Client mode does not allow VLANs to be created, deleted, or modified. A client switch must receive all VLAN information from
another switch in order to know that a VLAN exists. Once the client knows that the VLAN exists it can have its ports assigned
to that VLAN. A client does not save its VLAN information to NVRAM.
Transparent mode means that the switch does not participate in the VTP domain. VLANs can be created, deleted, and
renamed on the switch however they will not be advertised to any other switch. VLANs are called local VLANs as they will
not be copied to other switches. The VTP domain information must be given to the transparent switch, however, as it will
pass VTP advertisements for other server and client switches.
137. Describe the use of VTP pruning. Explore the same solution without VTP pruning
By default all broadcasts and multicasts must be sent to every switch in a VTP domain if the trunk link supports the VLAN.
This is done even if the switch has no ports other than the trunk link in the VLAN. VTP Pruning is a process that prevents
broadcasts from being sent to switches that do not have ports in a VLAN. Another way of eliminating the broadcast traffic is
to clear the trunk link of the VLAN. If there are no ports assigned to the VLAN on the switch there may be no reason for the
VLAN to be carried on the trunk link.
138. List the five Spanning-Tree Protocol port states and describe their function.
The five Spanning Tree states are Blocked, Listen, Learn, Forward, and Disabled.

Blocked is the initial state of the port. A port will also be placed in a blocked state if there is a redundant path to the Root
Bridge and the port does not have the best cost. Blocked means that the port can send and receive BPDUs but cannot send
or receive data.
139. Identify at least one network problem caused by Spanning-Tree Protocol.
Following are three network problems caused by Spanning Tree
Convergence time after a network failure.
The time that it takes a port to move into forwarding mode will cause many workstations to time out while attempting to
attach to a service.
Paths can be sub-optimal if network is not designed correctly
140. Explain the solutions developed to improve STP convergence time.
Spanning-Tree Protocol operation.
The following solutions improve spanning tree
PortFast enables a port to bypass Spanning Tree operations
UplinkFast creates an UplinkFast group of ports that can be used to perform a rapid failover in the case of a direct link
failure.
BackboneFast expires the Max Age timer when it stops hearing the superior BPDU but continues hearing the inferior BPDU
EtherChannel bundles parallel ports together which allows Spanning Tree to treat them as one port
Root Bridge correct placement of the Root Bridge and modification of the diameter will improve path selection and
convergence time.
Port Priority and Port Cost Used to influence the path selections made by Spanning Tree
141. Discuss the purpose of an inferior BPDU.
The loss of a superior BPDU and the receipt of an inferior BPDU trigger the BackboneFast process.
BackboneFast is initiated when a Root port or blocked port on a switch receives inferior BPDUs from its designated bridge. An
inferior BPDU identifies one switch as both the Root Bridge and the designated bridge.
When a switch receives an inferior BPDU, it indicates that a link to which the switch is not directly connected (an indirect link)
has failed (that is, the designated bridge has lost its connection to the Root Bridge). Under normal spanning-tree rules, the
switch ignores inferior BPDUs for the configured maximum aging time.
142. Explain how the routing and switching functions of a Cisco MLS switch work together to enable multilayer
switching.
Multilayer switching (MLS) is a technique used to increase IP routing performance by handling the packet switching and
rewrite function in ASICs.
In MLS, the frame forwarding and rewrite process functions previously handled by a router have now been moved into switch
hardware.
The Cisco implementation of MLS is comprised of three components:
Multilayer Switching-Switching Engine (MLS-SE). The multilayer switching switch engine is the switching entity that handles
the function of moving and rewriting the packets. The MLS-SE is a NetFlow Feature card residing on a Supervisor III card in a
Catalyst switch.
Multilayer Switching-Route Processor (MLS-RP). This component is an Route Switch Module (RSM) or an externally connected
Cisco 7500, 7200, 4500, 4700, or 8500 series router with software that supports multilayer switching. The MLS-RP sends MLS
configuration information and updates, such as the router MAC address and Vlan number, flow mask, and routing and access
list changes.
Multilayer Switching Protocol (MLSP). This protocol operates between the MLS-Switch Engine and MLS-Route Processor to
enable multilayer switching. , The MLSP is the method in which the RSM or router advertises routing changes and the Vlans or
MAC addresses of the interfaces that are participating in MLS.
An MLS cache entry is created for the initial packet of each flow. This is packet is called the Candidate packet. The switch
forwards the frame to the MLS-RP.
If the MLS-RP finds an entry for the destination address in the routing table, the MLSP-RP rewrites the packet and returns the
frame to the switch.
The MLS-SE compares the XTAGs for both the candidate entry in the MLS cache and the returned frame. If the two XTAGs
match, the frame came from the same router for the same flow. This second frame becomes the enable entry in MLS cache
and the partial entry for that flow is completed.
143. Describe the three flow mask modes and the impact ACLs have on those modes.
The three flow mask types supported by the MLS-SE are:
destination-ip mode. This mode represents the least-specific flow mask. The MLS-SE maintains one MLS entry for each
destination IP address. All flows to a given destination IP address use this MLS entry. This mode is used if there are no access
lists configured on any of the MLS router interfaces.
source-destination-ip mode. The MLS-SE maintains one MLS entry for each source and destination IP address pair. All flows
between a given source and destination use this MLS entry regardless of the IP protocol ports. This mode is used if there is a
standard access list on any of the MLS interfaces.
ip-flow mode. This mode represents the most-specific flow mask. The MLS-SE creates and maintains a separate MLS cache
entry for every IP flow. An ip-flow entry includes the source IP address, destination IP address, protocol, and protocol ports.
This mode is used if there is an extended access switching.
144. Discuss how various router/switch configuration can effect multilayer switching
There is a dependency between the router and the switch at the distribution layer.
How these devices are placed in relationship to each other is critical to multilayer switching.
As long as the MLS-SE can detect both the candidate and enable packets, multilayer switching will take place. However, if
the configuration is designed in such as way as the enabling packet is never returned to the MLS-SE, the candidate packet will
age out of the MLS cache and all packets in that flow are routed.
Changes to the routing table may affect the behavior of MLS. Whenever a route change takes place, the MLS cache is flushed
for any flow entries effected by the route change.

As long as the MSL-SE detects both the candidate and enable packets for the new route, a flow entry will be entered into the
MLS cache .
145. Can I bundle two different type of interface ex. a fastethernet with gigabitethernet?
No, it is not possible
146. How many number of routes carried by RIP packet?
Each RIP router advertises all RIP routes periodically via RIP updates. Each update can contain a maximum of 25 route
advertisements. This limit is imposed by RIP specifications. RIP can sometimes be configured to send as many as 255 routes
per update.
147. How many network types available in OSPF?
There are 5 types of OSPF network types
Point to point
Broadcast
Non broadcast
NBMA
Point to multipoint
149. What is the requirement of doing summarization?
To reduce the size of the ospf LSDB
151. If any of the OSPF area is not stabilized, does it impact another area?
If the area 0 is not stable then the SPF will be calculated with in the area0 for LSA1 and LSA 2 these LSAs are summary LSAs
for the other areas, so other area routers will calculate the SPF for summary LSA, when ever wrong happens in area 0.
now the point is other area routers will not calculate the spf for their own area but for area0.
152. What is the use of forwarding address in LSA 5 and LSA 7?
Covered in another question.
153. Can we run multiple OSPF process in single router and what is the advantage of using it?
We can have multiple process but it can have one process per interface.
155. After configuring new router-id, automatically it will be used or do we need to use some type of command
to get it operational.
We need to clear the ospf process to get is reflected.
157. If DR is down and no BDR is configured what will happen?
The DR must be elected in a Multi access network.
If DR goes down and there is no other BDR, either a new election will occur to find the new DR. or if no other router are
eligible to become DR because their Priority was set to 0, then all the Routers will not form adjacency to each other.T here
has to be DR atleast. This happens when you explicitly defines a certain router to be a DR and other routers not to become
DR or BDR ever. a common practice found in HUB and SPOKE style NBMA networks.in which HUB is always a DR and there is
no need for a Spoke router to participate in DR./BDR election process
If the Old DR comes back after a new DR is elected or BDR is promoted to become DR. it cannot dominate OSPF running
topology until the current Designated router goes offline.
OSPF DR/BDR election process is pretty much similar to Spanning-Tree Protocol Root election process.
158. What is the difference between a neighbor and adjacent neighbor?
Neighbors are routers who are in the same area who exchange hello packets, but not LSA information. Such as, between two
DROther routers. Adjacent routers are routers who have fully exchanged their LSA information and are stable.
Lets take a broadcast access medium topology like a LAN for example, to illustrate the differences.
As you know, in a LAN environment you have a DR election. After this election, the DR and BDR are elected, and all other
routers( DROthers) form adjacencies with the DR/BDR. Meaning, they pass the 2WAY state into ex-start and start exchanging
LSA headers to begin the route exchange.
However, between two DROther routers, you will never pass beyond 2WAY. That is to say, they will exchange hello packets,
but will never enter exstart, never exchange LSA headers, never converge into adjaceny neighbors.
159. What is C and R in OSPF debug?
Ans: C stands for local router and R stands for remote router.
160. Define various tools which participates in OSPF fast convergence
OSPF have various tool and techniques for fast convergence as below mentioned: Event Detection
Event Propagation
Event Processing
RIB Update
161. In layer 2 domain do we need ip address for communication?
No we dont. L2 works on mac address
163. How to perform inter vlan routing without layer 3 device?
Yes this is possible by configuring link between the two switches as access ports.
http://www.mplsvpn.info/2010/07/inter-vlan-routing-without-layer-3.html
164. what is the importance of PMTU in bgp?
TCP MTU path discovery allows BGP to use the largest packets possible
Without PMTU discovery, we can support 100 peers with 120,000 routes each
With PMTU discover, we can support 175 peers with 120,000 routes each

165. How to avoid route reflector loops?

Never peer through a route reflector client to reach a route reflector
166. Larger the IP datagram less the overhead, is it true or false?
Yes, true
167. In RIP why do we have hop count of 15?
Ratio of Summation of all the timers yield to 15
168. when is a BGP route invalid?
The next-hop must be accessible and reachable for a path to a BGP network to be valid.
169. What excatly is a control plane ?
Other control plane protocols (BGP, OSPF, LDP, LACP, BFD ...) are more clear-cut they run between individual network
devices (usually adjacent, but theres also targeted LDP and multihop BGP) and could be (at least in theory) made to run
across a separate control plane network (or VRF).
Control plane protocols usually run over data plane interfaces to ensure shared fate if the packet forwarding fails, the
control plane protocol fails as well but there are scenarios (example: optical gear) where the data plane interfaces cannot
process packets, forcing you to run control plane protocols across a separate set of interfaces.
Typical control plane protocols arent data-driven: BGP, LACP or BFD packet is never sent as a direct response to a data plane
packet.
ICMP is different: some ICMP packets are sent as replies to other ICMP packets, others are triggered by data plane packets
(ICMP unreachables and ICMPv6 neighbor discovery).
Trying to classify protocols based on where theyre run is also misleading. Its true that the networking device CPU almost
always generates ICMP requests and responses (it doesnt make sense to spend silicon real estate to generate ICMP
responses). In some cases, ICMP packets might be generated in the slow path, but thats just how a particular network
operating system works. Lets ignore those dirty details for the moment; just because a devices CPU touches a packet
doesnt make that packet a control plane packet.
Vendor terminology doesnt help us either. Most vendors talk about Control Plane Policing or Protection, equating control
plane with the device CPU these mechanisms usually apply to control plane protocols as well as data plane packets punted
from ASICs to the CPU.
Even IETF terminology isnt exactly helpful while C in ICMP does stand for Control, it doesnt necessarily imply control plane
involvement. ICMP is simply a protocol that passes control messages (as opposed to user data) between IP devices.
170. In a single switch if port1 is connected to vlan 10 with pc ip 10.1.1.2 and port 2 is connected with vlan 20
with pc ip 10.1.1.3. Will ping works?
No, here ping will not work since both ports are in different vlans. Vlan10 packet in port 1 will not be broadcast to port 2
having vlan 20
171. Same scenario if we have two switches and link between the switches are configured as access ports. Will
ping happen?
Yes, ping will work here , Since outgoing access ports are not tagged with vlans. And raw traffic will flow.
172. In same scenario, if links between switches is configured as trunk . Will ping happen?
No, ping will not happen. Since trunk link is tagged with the vlans. Packet from Vlan 10 will not broadcast to vlan 20.
173. How STP behaves if port is loopbacked in a single switch ?
174. Describe ospf packet format structure?

175. What is the use of forwarding address in LSA 5?

Forwarding Address is used in OSPF to avoid extra hop count when traffic is routed to an external ASBR. The value of
forwarding address in LSA 5 can either be zero or non-zero. The forwarding address sets to 0.0.0.0 when the ASBR
redistributes the external routes and OSPF is not enabled on next hop interface. The forwarding address sets to non-zero
when any of the following condition occurs:1.OSPF is enabled on the ASBRs next hop interface.
2.ASBRs next hop interface is not point to point and point to multipoint.
3.ASBRs next hop interface falls under the network range specified in the router OSPF.
176. What is the use of bidirectional detection forwarding?
Business critical application demands convergence very fast but on shared IP infrastructure, its difficult to meet the
requirement. Even with redundant network, in case of failure of device or link how fast the convergence can happen? May be
in seconds or minutes. BFD(Bi Directional Forwarding Detection) is a protocol which is used to achieve the convergence of
links in sub seconds. The fastest convergence could be achieved by IGP also which is almost equal to one minute not less
than that but by using BFD it could be in sub seconds like we get in SDH/SONET. BFD is a protocol which uses hello packets to
exchange the information of neighbor with irrespective of the protocol used (It can work with OSPF, EIGRP, BGP, LDP, ISIS.
PWE3 etc.). The Internet Draft for BFD does not specify a specific encapsulation type for BFD control packets; rather, it
recommends the use of an encapsulation appropriate to the medium and the network. BFD payload control packets will be
encapsulated in UDP packets, using destination port 3784 and a source port in the range of 49152 to 65535.
The primary mode is known as Asynchronous mode. In this mode, the systems periodically send BFD Control packets to one
another, and if a number of those packets in a row are not received by the other system, the session is declared to be down.
177. What is Inter Packet Gap or Inter Frame Gap?
Let's assume if a Gigi port which could transfer raw data up to 125,000,000 bytes per second with minimum frame size of 64
bytes. Device must need some time to process one packet after another. The difference of time to process from one packet to
another is known as inter-frame or inter-packet gap. The minimum inter frame gap period is 96 bits or 12 bytes which
amounts to 96 nano seconds + 7 byte of preamble and 1 byte of delimiter consequence 84 bytes
178. Why is a MAC address not a true address?
An address specifies a location. A MAC address is not a true address because it is permanently associated with the interface
of a specific device and moves whenever the device moves. A MAC identifies the device, not the location of the device.
179. What is the purpose of the TTL field in the IP header? How does the TTL process work?
The Time to Live (TTL) field prevents "lost" packets from being passed endlessly through the IP internetwork. The field
contains an 8-bit integer that is set by the originator of the packet. Each router through which the packet passes will
decrement the integer by one. If a router decrements the TTL to zero, it will discard the packet and send an ICMP "time
exceeded" error message to the packet's source address.
180. What is proxy ARP?
Proxy ARP (Address Resolution Protocol) is a technique by which a device on a given network answers the ARP queries for a
network address that is not on that network. The ARP Proxy is aware of the location of the traffic's destination, and offers its
own MAC address in reply, effectively saying, "send it to me, and I'll get it to where it needs to go." Serving as an ARP Proxy
for another host effectively directs LAN traffic to the Proxy. The "captured" traffic is then typically routed by the Proxy to the
intended destination via another interface or via a tunnel.
181. What is a floating static route?
A floating static route is an alternative route to a destination. The administrative distance is set high enough that the floating
static route is used only if a more-preferred route becomes unavailable.
182. How does the switching mode at an interface affect load sharing?

If an interface is fast switched, per destination load sharing is performed. If an interface is process switched, per packet load
sharing is performed.
183. What is a recursive table lookup?
A recursive routing table lookup occurs when a router cannot acquire all the information it needs to forward a packet with a
single routing table lookup. For example, the router may perform one lookup to find the route to a destination and then
perform another lookup to find a route to the nexthop router of the first route.
184. What is load balancing? Name four different types of load balancing.
Load balancing is the process of sending packets over multiple paths to the same destination. Four
types of load balancing are:
Equal cost, per packet
Equal cost, per destination
Unequal cost, per packet
Unequal cost, per destination
185. Why are sequence numbers important in link state protocols?
Sequence numbers help a router differentiate between multiple copies of the same link state advertisement and also prevent
flooded link state advertisements from circulating endlessly throughout the internetwork.
186. Explain how an SPF algorithm works.
A router builds a shortest path tree by first adding itself as the root. Using the information in the topological database, the
router creates a list of all of its directly connected neighbors. The lowestcost link to a neighbor becomes a branch of the tree,
and that router's neighbors are added to the list. The list is checked for duplicate paths, and if they exist, the higher-cost
paths are removed from the list. The lowest-cost router on the list is added to the tree, that router's neighbors are added to
the list, and the list is again checked for duplicate paths. This process continues until no routers remain on the list.
187. How do areas benefit a link state internetwork?
Within a routing domain, areas are subdomains. They make link state routing more efficient by limiting the size of the link
state database of each router in the area.
188. How many updates must be missed before a route entry will be marked as unreachable in RIP?
A route entry is marked as unreachable if six updates are missed.
189. What is the purpose of the garbage collection timer?
The garbage collection timer, or flush timer, is set when a route is declared unreachable. When the timer expires, the route is
flushed from the route table. This process allows an unreachable route to remain in the routing table long enough for
neighbors to be notified of its status.
190. Why is a random timer associated with triggered updates? What is the range of this timer?
The random timer, whose range is 1 to 5 seconds, prevents a "storm" of triggered updates during a topology change.
191. What is the difference between a RIP Request message and a RIP Response message?
A Request message asks a router for an update. A Response message is an update.
192. Which two types of Request messages does RIP use?
Request message may either ask for a full update or in some special cases it may ask for specific routes.
193. Under what circumstances will a RIP response be sent?
A Response is sent when the update timer expires, or upon reception of a Request message.
194. Why does RIP hide subnets at major network boundaries?
RIP updates do not include the subnet mask of the destination address, so a RIP router depends on the subnet masks of its
own interfaces to determine how an attached major network address is subnetted. If a router does not have an attachment to
a particular major network address, it has no
way to know how that major network is subnetted. Therefore, no subnets of a major network address can be advertised into
another major network.
195. Which three fields are new to the RIPv2 message format?
The Route Tag field, the Subnet Mask field, and the Next Hop field are RIPv2 extensions that do not exist in RIPv1 messages.
The basic format of the RIP message remains unchanged between the two versions; version 2 merely uses fields that are
unused in version 1.
196. What is the purpose of the Route Tag field in the RIPv2 message?
When another routing protocol uses the RIPv2 domain as a transit domain, the protocol external to RIPv2 can use the Route
Tag field to communicate information to its peers on the other side of the RIPv2 domain.
197. Which one feature must a routing protocol have to be a classless routing protocol?
A classless routing protocol does not consider the major network address in its route lookups, but just looks for the longest
match.
198. What is an OSPF neighbor?
From the perspective of an OSPF router, a neighbor is another OSPF router that is attached to one of the first router's directly
connected links.
199. What is an OSPF adjacency?
An OSPF adjacency is a conceptual link to a neighbor over which LSAs can be sent.

200. What is MaxAge?

MaxAge, 1 hour, is the age at which an LSA is considered to be obsolete.
201. What is the difference between OSPF network entries and OSPF router entries?
OSPF network entries are entries in the route table, describing IP destinations. OSPF router entries are entries in a separate
route table that record only routes to ABRs and ASBRs.
202. Which three fields in the LSA header distinguish different LSAs? Which three fields in the LSA header
distinguish different instances of the same LSA?
The three fields in the LSA header that distinguish different LSAs are the Type, Advertising Router, and the Link State ID fields.
The three fields in the LSA header that distinguish different instances of the same LSA are the Sequence Number, Age, and
Checksum fields.
203.From what sources can a route be redistributed?
Routes that are learned from another routing protocol, static routes, or a direct connection to the destination network can be
redistributed into a routing domain.
204. How can administrative distances cause problems when redistributing?
route to a destination within a routing domain with a higher administrative distance can be redistributed into a routing
domain with a lower administrative distance. If that route is redistributed back into the higher-distance domain, packets
might be misrouted into the lower-distance domain.
205. What is the purpose of the subnets keyword when redistributing OSPF?
Without the subnets keyword, only major network addresses that are not directly connected to the router will be
redistributed.
206. How is the null interface useful when summarizing routes?
A router that originates a summary route should use the null interface as the next hop of the summary route. Any packets
that match the summary route, but for which there is no more-specific route to the packet's destination address, will be
dropped. This prevents the router from forwarding "lost" packets.
207. How are route maps similar to access lists? How are they different?
Route maps are similar to access lists in that they define match criteria and an action to take in the event of a match. Route
maps are different from access lists in that they not only specify match criteria but also specify set criteria. The set action can
modify a route or route a packet according to the parameters of the packet.
208. What are policy routes?
Policy routes are static routes that use route maps to determine which packets should be routed and where the packets
should be routed.
209. What are route tags?
Route tags are fields within routing information packets that allow external information to be carried through the routing
domain.
210. In what way do route tags affect routing protocols?
Route tags have no effect on the routing protocols that carry them
211. Does static routing support load balancing?
Yes . Both routes will get installed in the routing table( provided these are for the same prefix) but it will be the switching
process that will do the load-sharing and default is CEF which load-shares per session( src-dst IP pair).
http://freelabworkbook.blogspot.in/2010/09/static-route-load-balancing.html
212. Can we use OSPF without backbone area?
OSPF uses a central area, area 0, to exchange routes between other areas. This is part of the reason area 0 exists to stop
routing loops.
if you have multiple areas without an area 0 they are in fact treated as separate OSPF processes and would not exchange
routes anyway.
214. Does route reflector come in actual path during traffic forwarding?
RR is deployed as a control plane to reduce the requirements for a full iBGP mesh. Thus, it is not in the forwarding path, but
forms iBGP peering
215. Can we use local preference outside the autonomous system?
local preference is NOT communicated outside an autonomous system, that is to say it is not sent over EBGP connections.
Only IBGP neighbors receive this information
216. How many links can be assigned for load balancing or sharing in BGP
load sharing can be achieved when there are multiple (up to a maximum of six), equal-cost links.
217. What is the difference between the ip defaultgateway, ip defaultnetwork, and ip route 0.0.0.0/0
commands?
The ip defaultgateway command is used when IP routing is disabled on the router. However, ip defaultnetwork and ip
route 0.0.0.0/0 are effective when IP routing is enabled on the router and they are used to route any packets which do not
have an exact route match in the routing table
218. What are the maximum number of secondary IP address that can be configured on a router interface?
There are no limits on configuring secondary IP addresses on a router interface.

219. How do I connect two different ISPs and route different traffic to different ISPs?
Policy based routing (PBR) is the feature that allows you to route the traffic to different ISPs based on the source address.
220. What is the difference between the two methods to create static routes?
There are two methods to create static routes:
The ip route 10.1.1.1 255.255.255.0 eth 0/0 command generates an ARP broadcast that looks for the nexthop IP address.
The ip route 10.1.1.1 255.255.255.0 172.16.1.1 command does not generate an ARP request. It keeps Layer 2 out of the
routing process.
221. Can you configure different MTU for sub-interfaces under the same main interface?
You can configure different IP MTU with the ip mtu command on different sub-interfaces. When you change the MTU on a subinterface, the router checks the MTU from the main interface. If the main interface MTU is set to a lower value than the one
configured on the sub-interface, the router changes the MTU on the main interface to match with the sub-interface. Thus, the
physical MTU configured with the mtu command on the main interface needs to be higher than the IP MTU configured on the
sub interfaces
222. What are a different types of communities in BGP?
223. What is difference between distance vector and link state protocols?

224. Explain 802.1Q tunneling?

http://packetlife.net/blog/2010/jul/12/ieee-802-1q-tunneling/
IEEE 802.1Q tunneling can be used to achieve simple layer two VPN connectivity between sites by encapsulating one 802.1Q
trunk inside another. The topology below illustrates a common scenario where 802.1Q (or "QinQ") tunneling can be very
useful.

A service provider has infrastructure connecting two sites at layer two, and desires to provide its customers transparent layer
two connectivity. A less-than-ideal solution would be to assign each customer a range of VLANs it may use. However, this is
very limiting, both in that it removes the customers' flexibility to choose their own VLAN numbers, and there may not be
enough VLAN numbers (we can only use a maximum of 4,094 or so) available on large networks.
802.1Q tunneling solves both of these issues by assigning each customer a single VLAN number, chosen by the service
provider. Within each customer VLAN exists a secondary 802.1Q trunk, which is controlled by the customer. Each customer
packet traversing the service provider network is tagged twice: the inner-most 802.1Q header contains the customer-chosen
VLAN ID, and the outer-most header contains the VLAN ID assigned to the customer by the service provider.

802.1Q Tunnel Configuration

Before we get started with the configuration, we must verify that all of our switches support the necessary maximum
transmission unit (MTU), 1504 bytes. We can use the command show system mtu to check this, and the global configuration
command system mtu to modify the device MTU if necessary (note that a reload will be required for the new MTU to take
effect).
S1# show system mtu
System MTU size is 1500 bytes
S1# configure terminal
S1(config)# system mtu 1504
Changes to the System MTU will not take effect until the next reload is done.

Next, we'll configure our backbone trunk to carry the top-level VLANs for customers A and B, which have been assigned
VLANs 118 and 209, respectively. We configure a normal 802.1Q trunk on both ISP switches. The last configuration line below
restricts the trunk to carrying only VLANs 118 and 209; this is an optional step.
S1(config)# interface f0/13
S1(config-if)# switchport trunk encapsulation dot1q
S1(config-if)# switchport mode trunk
S1(config-if)# switchport trunk allowed vlan 118,209
S2(config)# interface f0/13
S2(config-if)# switchport trunk encapsulation dot1q
S2(config-if)# switchport mode trunk
S2(config-if)# switchport trunk allowed vlan 118,209
Now for the interesting bit: the customer-facing interfaces. We assign each interface to the appropriate upper-level (service
provider) VLAN, and its operational mode to dot1q-tunnel. We'll also enable Layer two protocol tunneling to transparently
carry CDP and other layer two protocols between the CPE devices.
S1(config)# interface f0/1
S1(config-if)# switchport access vlan 118
S1(config-if)# switchport mode dot1q-tunnel
S1(config-if)# l2protocol-tunnel
S1(config-if)# interface f0/3
S1(config-if)# switchport access vlan 209
S1(config-if)# switchport mode dot1q-tunnel
S1(config-if)# l2protocol-tunnel
S2(config)# interface f0/2
S2(config-if)# switchport access vlan 118
S2(config-if)# switchport mode dot1q-tunnel
S2(config-if)# l2protocol-tunnel
S2(config-if)# interface f0/4
S2(config-if)# switchport access vlan 209
S2(config-if)# switchport mode dot1q-tunnel
S2(config-if)# l2protocol-tunnel
We can use the command show dot1q-tunnel on the ISP switches to get a list of all interfaces configured as 802.1Q tunnels:
S1# show dot1q-tunnel
dot1q-tunnel mode LAN Port(s)
----------------------------Fa0/1
Fa0/3
Now that our tunnel configurations have been completed, each customer VLAN has transparent end-to-end connectivity
between sites. This packet capture shows how customer traffic is double-encapsulated inside two 802.1Q headers along the
ISP backbone. Any traffic left untagged by the customer (i.e., traffic in the native VLAN 1) is tagged only once, by the service
provider.
225. Explain Etherchannel?
http://packetlife.net/blog/2010/jan/18/etherchannel-considerations/
EtherChannel is Cisco's term for bundling two or more physical Ethernet links for the purposes of aggregating available
bandwidth and, to a lesser extent, providing a measure of physical redundancy. Under normal conditions, all but one
redundant physical link between two switches will be disabled by STP at one end.

With EtherChannel configured, multiple links are grouped into a port-channel, which is assigned its own configurable virtual
interface. The bundle is treated as a single link.

EtherChannel Negotiation
An EtherChannel can be established using one of three mechanisms:
PAgP - Cisco's proprietary negotiation protocol
LACP (IEEE 802.3ad) - Standards-based negotiation protocol
Static Persistence ("On") - No negotiation protocol is used
Any of these three mechanisms will suffice for most scenarios, however the choice does deserve some consideration. PAgP,
while perfectly able, should probably be disqualified as a legacy proprietary protocol unless you have a specific need for it
(such as ancient hardware). That leaves LACP and "on", both of which have a specific benefit.
LACP helps protect against switching loops caused by misconfiguration; when enabled, an EtherChannel will only be formed
after successful negotiation between its two ends. However, this negotiation introduces an overhead and delay in
initialization. Statically configuring an EtherChannel ("on") imposes no delay yet can cause serious problems if not properly
configured at both ends.

To configure an EtherChannel using LACP negotiation, each side must be set to either active or passive; only interfaces
configured in active mode will attempt to negotiate an EtherChannel. Passive interfaces merely respond to LACP requests.
PAgP behaves the same, but its two modes are refered to as desirable and auto.

Only a single line is needed to configure a group of ports as an EtherChannel:

S1(config)# interface range f0/13 -15
S1(config-if-range)# channel-group 1 mode ?
active
Enable LACP unconditionally
auto
Enable PAgP only if a PAgP device is detected
desirable Enable PAgP unconditionally
on
Enable Etherchannel only
passive Enable LACP only if a LACP device is detected
S1(config-if-range)# channel-group 1 mode active
Creating a port-channel interface Port-channel 1
As noted, a virtual port-channel interface Port-channel1 has been created to represent the logical link. Switchport
configurations applied to this interface are replicated to the physical member interfaces. We can inspect the health of the
EtherChannel with the show etherchannel summary command:
S1# show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 1
Number of aggregators:
1
Group Port-channel Protocol Ports
------+-------------+-----------+----------------------------------------------1
Po1(SD)
LACP
Fa0/13(D) Fa0/14(D) Fa0/15(D)
The opposite side of the LACP EtherChannel will typically be configured as passive, however it can be active as well.
S2(config-if-range)# channel-group 1 mode passive
Creating a port-channel interface Port-channel 1
When the member ports on both sides of the EtherChannel are enabled, the port-channel interface also transitions to the up
state. However, note the timing of the system messages:
*Mar 1 00:45:50.647: %LINK-3-UPDOWN: Interface FastEthernet0/14, changed state to up
*Mar 1 00:45:50.683: %LINK-3-UPDOWN: Interface FastEthernet0/13, changed state to up
*Mar 1 00:45:50.691: %LINK-3-UPDOWN: Interface FastEthernet0/15, changed state to up
*Mar 1 00:45:53.487: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up
Almost a full three seconds elapsed between the member ports transitioning to the up state and the port-channel interface
coming up. Once it did, we can see the state of the EtherChannel has changed to "in use":
S1# show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 1
Number of aggregators:
1
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------

1
Po1(SU)
LACP
Fa0/13(P) Fa0/14(P) Fa0/15(P)
Note the S indicating layer two operation; on multilayer platforms, EtherChannel interfaces can be configured for routed
operation as well.
For comparison, let's reconfigure the EtherChannel to function without a negtiation protocol ("on" mode):
S1(config)# no interface po1
S1(config)# interface range f0/13 -15
S1(config-if-range)# channel-group 1 mode on
Creating a port-channel interface Port-channel 1
S1(config-if-range)# no shutdown
This time we observe that the port-channel interface is enabled as soon as its first member port comes up, as there is no
delay imposed by negotiation:
*Mar 1 00:56:12.271: %LINK-3-UPDOWN: Interface FastEthernet0/13, changed state to up
*Mar 1 00:56:12.287: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up
*Mar 1 00:56:12.291: %LINK-3-UPDOWN: Interface FastEthernet0/14, changed state to up
*Mar 1 00:56:12.307: %LINK-3-UPDOWN: Interface FastEthernet0/15, changed state to up
In the Campus Network High Availability Design Guide, Cisco recommend forgoing the use of a negotiation protocol and
configuring EtherChannels for static "on/on" operation; however they also caution that this approach offers no protection
against the effect of misconfigurations.
EtherChannel Load-Balancing
Another consideration to make when implementing EtherChannels is the type of load-balancing in effect. EtherChannel
provides load-balancing only per frame, not per bit. A switch decides which member link a frame will traverse by the outcome
of a hash function performed against one or more fields of each frame. Which fields are considered is dependent on the
switch platform and configuration. For example, a Catalyst 3550 can match only against a frame's destination or source MAC
address:
S1(config)# port-channel load-balance ?
dst-mac Dst Mac Addr
src-mac Src Mac Addr
The show etherchannel load-balance command reveals that source MAC address load-balancing is default on the Catalyst
3550:
S1# show etherchannel load-balance
EtherChannel Load-Balancing Configuration:
src-mac
EtherChannel Load-Balancing Addresses Used Per-Protocol:
Non-IP: Source MAC address
IPv4: Source MAC address
More powerful platforms can match against IP address(es) or layer four port(s). Generally speaking, higher layer fields are
more favorable as they tend to be more dynamic, resulting in a more granular distribution of traffic across member links.
Direction of flow is also an important detail. For example, consider the following topology:

Routed packets entering the subnet from S1 are always sourced from the MAC address of the VLAN interface. If source MAC
load-balancing is in use, these frames will be forwarded down only one member link, because the outcome of the hash
function will always be the same. Configuring destination MAC load-balancing on S1 is recommended to achieve a more
varied distribution of frames and make better use of the available bandwidth.

The opposite is true on S2: Since all frames entering the EtherChannel from LAN hosts are destined for the MAC address of
the gateway (VLAN interface), source MAC address load-balancing works better here.
EtherChannel Bandwidth and Costs
Finally, remember that the perceived bandwidth of a port-channel interface is equal to the sum of its active member links. For
example, an EtherChannel with three active 100 Mbps members will show a bandwidth of 300 Mbps. Because members can
still fail individually, the bandwidth of a port-channel interface can fluctuate without going down.
226. Are Vlan locally significant?
http://packetlife.net/blog/2008/apr/11/vlans-are-locally-significant/
One common misconception regarding VLANs is that they are significant beyond a single switch. Of course, VLAN numbers
have to match for trunking to work, and VTP can be used to automatically propagate VLAN information. However, a VLAN,
being essentially little more than a number, is significant only within a device. Consider the following scenario:

All of the ports on switch A are set to access mode in VLAN 10, and all of the ports on switch B are set to access mode in
VLAN 20. Note that the connection between the two switches is not a trunk; each end is configured as an access port in the
respective VLAN. Our two hosts A and B are similarly connected to different VLANs, but still reside in the same IP subnet. Can
hosts A and B communicate?
The answer is yes. Follow the path of a frame leaving host A destined for host B. Switch A receives this frame on a port in
VLAN 10, so it can only egress out another port in VLAN 10 or a trunk port. It performs the usual MAC lookup to determine the
appropriate outbound port is its link to switch B. Now, here's the key: the frame is forwarded to switch B without a VLAN tag,
because this is an access port. Switch B receives the frame on an interface it considers VLAN 20 and performs the same
switching decision to forward the frame to host B.
So, does it work? Yep! Is it a good idea? Probably not. In an instance where VLANs are used, you're probably using more than
one. For this reason and others, it's recommended to always trunk between switches using IEEE 802.1q or (less favorably)
Cisco ISL.
229. Why BGP Uses TCP and IGPs Don't?
http://packetlife.net/blog/2010/jun/24/why-bgp-uses-tcp-and-igps-dont/
Convenience
Arguably the most obvious motivation to design BGP to run over TCP is simple convenience. Remember that BGP is
essentially just another application layer protocol to the TCP/IP stack; at the time of BGP's creation TCP was already out there
and working, so why not take advantage of it? From RFC 4271:
BGP uses TCP as its transport protocol. This eliminates the need to implement explicit update fragmentation, retransmission,
acknowledgement, and sequencing.
Security
Unlike other IPv4 routing protocols, BGP does not provide its own security mechanism. Sure, you can secure neighbor
adjacencies using MD5 digests, but these aren't actually carried within the BGP header. Rather, security is facilitated by a TCP
option defined in RFC 2385, the TCP Authentication Option (kind 19).
This TCP option was originally created specifically to secure BGP adjacencies (which typically have quite long lifetimes), and
for a decade or so has worked quite well. However, as MD5 is beginning to show its age, a new RFC (5925) was published just
this month to provide a more resilient alternative.
No Need for Neighbor Discovery
Unlike interior routing protocols, BGP has no requirement for dynamic neighbor discovery. As BGP adjacencies are (or more
accurately, should be) very carefully weighed design considerations, BGP neighbors must be configured statically at both
ends. This is in contrast to a protocol like OSPF, which uses hello packets to automatically discover and form adjacencies with
neighbors.
Adjacency Traffic is Always Point-to-Point
A corollary of our last point, we know that BGP unicasts advertisements to each of its adjacent neighbors separately. This is in
contrast to interior routing protocols, which typically employ multicast transmissions to more efficiently communicate with
one or more other neighbors on a multiaccess segment.
231. Explain Path Mtu discovery?

When a host needs to transmit data out an interface, it references the interface's Maximum Transmission Unit (MTU) to
determine how much data it can put into each packet. Ethernet interfaces, for example, have a default MTU of 1500 bytes,
not including the Ethernet header or trailer. This means a host needing to send a TCP data stream would typically use the first
20 of these 1500 bytes for the IP header, the next 20 for the TCP header, and as much of the remaining 1460 bytes as
necessary for the data payload. Encapsulating data in maximum-size packets like this allows for the least possible
consumption of bandwidth by protocol overhead.
Unfortunately, not all links which compose the Internet have the same MTU. The MTU offered by a link may vary depending
on the physical media type or configured encapsulation (such as GRE tunneling or IPsec encryption). When a router decides
to forward an IPv4 packet out an interface, but determines that the packet size exceeds the interface's MTU, the router must
fragment the packet to transmit it as two (or more) individual pieces, each within the link MTU. Fragmentation is expensive
both in router resources and in bandwidth utilization; new headers must be generated and attached to each fragment. (In
fact, the IPv6 specification removes transit packet fragmentation from router operation entirely, but this discussion will be left
for another time.)

To utilize a path in the most efficient manner possible, hosts must find the path MTU; this is the smallest MTU of any link in
the path to the distant end. For example, for two hosts communicating across three routed links with independent MTUs of
1500, 800, and 1200 bytes, the smallest (800 bytes) must be assumed by each end host to avoid fragmentation.

Of course, it's impossible to know the MTU of each link through which a packet might travel. RFC 1191 defines path MTU
discovery, a simple process through which a host can detect a path MTU smaller than its interface MTU. Two components are
key to this process: the Don't Fragment (DF) bit of the IP header, and a subcode of the ICMP Destination Unreachable
message, Fragmentation Needed.

Setting the DF bit in an IP packet prevents a router from performing fragmentation when it encounters an MTU less than the
packet size. Instead, the packet is discarded and an ICMP Fragmentation Needed message is sent to the originating host.
Essentially, the router is indicating that it needs to fragment the packet but the DF flag won't allow for it. Conveniently, RFC
1191 expands the Fragmentation Needed message to include the MTU of the link necessitating fragmentation. A
Fragmentation Needed message can be seen in packet #6 of this packet capture.

Now that the actual path MTU has been learned, the host can cache this value and packetize future data for the destination to
the appropriate size. Note that path MTU discovery is an ongoing process; the host continues to set the DF flag so that it can
detect further decreases in MTU should dynamic routing influence a new path to the destination. RFC 1191 also allows for
periodic testing for an increased path MTU, by occasionally attempting to pass a packet larger than the learned MTU. If the
packet succeeds, the path MTU will be raised to this higher value.
You can test path MTU discovery across a live network with a tool like tracepath (part of the Linux IPutils package) or
mturoute (Windows only). Here's a sample of tracepath output from the lab pictured above, with the MTU of F0/1 reduced to
1400 bytes using the ip mtu command:
Host$ tracepath -n 192.168.1.2
1: 192.168.0.2
0.097ms pmtu 1500
1: 192.168.0.1
0.535ms
1: 192.168.0.1
0.355ms
2: 192.168.0.1
0.430ms pmtu 1400
2: 192.168.1.2
0.763ms reached
Resume: pmtu 1400 hops 2 back 254
233. You are the network administrator for a small network that has two routers (R1 and R2, as shown in the
figure below) that are connected via serial interfaces. You have used the command Ip route 13.0.0.0 255.0.0.0
12.0.0.2 on R1 to finalize configuration. What happens if the serial interface on R2 shuts down?

The route of 13.0.0.0 remains on router R1.

Because you are using static routing, there is no way for router R1 to know that the interface is down on router R2. This
means that the route is still valid on router R1 as far as router R1 is concerned.
234. You have typed the following command on switch SW1. Using the figure below, what effect will the
commands have on the network?
Interface f0/24
Switchport mode access

(A) All systems in VLAN 10 can communicate with one another.

(B) Systems will not be able to communicate between the two switches.
(C) All systems in VLAN 20 can communicate with one another.
(D) Systems can communicate between the two switches.
B. Systems will not be able to communicate between the two switches. In order for systems to communicate across switches
to other systems in the same
VLAN, you need to configure port F0/24 as a trunk port instead of an access port. Configuring F0/24 as a trunk port will allow
it to carry VLAN traffic between the two switches.
235. Using the figure below, which of the following statements are true of router R1?

(A) There are too many sub-interfaces on f0/0.

(B) Interface f0/0 should be configured as an access port.
(C) Interface f0/0 should be configured as a trunk port.
(D) Interface F0/1 should be configured as a trunk port.
C. Interface f0/0 should be configured as a trunk port.
When creating a router on a stick scenario, you will need to create the sub-interfaces on the port connected to the switch, but
you also need to enable the port on both the router and the switch as a trunk port so that it can carry VLAN traffic. In this
case, the router is only asking what you should do with router R1.
236. Which OSPF command turn OSPF on all interfaces of a router?
Answer: network 0.0.0.0 255.255.255.255
237. Refer the exhibit

What two results would occur if the hub were to be replaced with a switch that is configured with one Ethernet VLAN? (Choose
two)
A. The number of collision domains would remain the same.
B. The number of collision domains would decrease.
C. The number of collision domains would increase.
D. The number of broadcast domains would remain the same.
E. The number of broadcast domains would decrease.
F. The number of broadcast domains would increase.
Answer: C D

238. The network administrator normally establishes a Telnet session with the switch from host A. The
administrators attempt to establish a connect via Telnet to the switch from host B fails, but pings from host B
to other two hosts are successful. What is the issue for this problem?

A. Host B and the switch need to be in the same subnet.

B. The switch needs an appropriate default gateway assigned.
C. The switch interface connected to the router is down.
D. Host B need to be assigned an IP address in vlan 1.
Answer: B
Explanation
Host A (172.19.1.1) and the management IP address of the Switch (172.19.1.250) are in the same subnet so telnet from host
A to the switch can be successful even if a default gateway is not set on host A.
But host B (172.19.32.2) and the management IP address of the Switch (172.19.1.250) are not in the same subnet so host B
needs a default gateway to telnet to the switch. The default gateway on host B should be 172.19.32.254.
239. Refer to the topology and router output shown in the exhibit:

A technician is troubleshooting host connectivity issues on the switches. The hosts in VLANs 10 and 15 on Sw11 are unable to
communicate with hosts in the same VLANs on Sw12. Hosts in the Admin VLAN are able to communicate. The port-to-VLAN
assignments are identical on the two switches. What could be the problem?
A. The Fa0/1 port is not operational on one of the switches.
B. The Link connecting the switches has not been configured as a trunk.
C. At lease one port needs to be configured in VLAN 1 for VLANs 10 and 15 to be able to communicate.
D. Port FastEthernet 0/1 needs to be configured as an access link on both switches.
E. A router is required for hosts on Sw11 in VLANs 10 and 15 to communicate with hosts in the same VLAN on Sw12.
Answer: B
Explanation
The show vlan command only displays access ports, the trunk ports are not shown in this command (we can use the show
interface trunk command to see trunked ports). In the output we can see the ports Fa0/1 connecting between two switches
in VLAN 20 -> they are access ports and only VLAN 20 can communicate. To make all VLANs can communicate (with the
same VLAN at the other switch), the link between two switches must be set as trunk -> B is correct.
240. Refer to the exhibit:

What commands must be configured on the 2950 switch and the router to allow communication between host 1 and host 2?
(Choose two)
Router(config)#interface fastethernet 0/0
Router(config-if)#no shutdown
Router(config)#interface fastethernet 0/0.1
Router(config-subif)#encapsulation dot1q 10
Router(config-subif)#ip address 192.168.10.1 255.255.255.0
Router(config-subif)#interface fastethernet 0/0.2
Router(config-subif)#encapsulation dot1q 20
Router(config-subif)#ip address 192.168.20.1 255.255.255.0
Switch1(config) # interface fastEthernet 0/1
Switch1(config-if)# switchport mode trunk
241. Refer to the topology shown in the exhibit. Which ports will be STP designated ports if all the links are
operating at the same bandwidth? (Choose three)

A. Switch A Fa0/0
B. Switch A Fa0/1
C. Switch B Fa0/0
D. Switch B Fa0/1
E. Switch C Fa0/0
F. Switch C Fa0/1
Answer: B C D
Explanation
First by comparing their MAC addresses we learn that switch B will be root bridge as it has lowest MAC. Therefore all of its
ports are designated ports -> C & D are correct.
On the link between switch A & switch C there must have one designated port and one non-designated (blocked) port. We can
figure out which port is designated port by comparing their MAC address again. A has lower MAC so Fa0/1 of switch A will be
designated port while Fa0/1 of switch C will be blocked -> B is correct.
242. Refer to the exhibit. Each of these four switches has been configured with a hostname, as well as being
configured to run RSTP. No other configuration changes have been made. Which three of these show the
correct RSTP port roles for the indicated switches and interfaces? (Choose three)

A. SwitchA, Fa0/2, designated

B. SwitchA, Fa0/1, root
C. SwitchB, Gi0/2, root
D. SwitchB, Gi0/1, designated
E. SwitchC, Fa0/2, root
F. SwitchD, Gi0/2, root
Answer: A B F
Explanation
The question says no other configuration changes have been made so we can understand these switches have the same
bridge priority. Switch C has lowest MAC address so it will become root bridge and 2 of its ports (Fa0/1 & Fa0/2) will be
designated ports -> E is incorrect.
Because SwitchC is the root bridge so the 2 ports nearest SwitchC on SwitchA (Fa0/1) and SwitchD (Gi0/2) will be root ports
-> B and F are correct.
Now we come to the most difficult part of this question: SwitchB must have a root port so which port will it choose? To answer
this question we need to know about STP cost and port cost.
In general, cost is calculated based on bandwidth of the link. The higher the bandwidth on a link, the lower the value of its
cost. Below are the cost values you should memorize:
Link speed Cost
10Mbps
100
100Mbps
19
1 Gbps
4
SwitchB will choose the interface with lower cost to the root bridge as the root port so we must calculate the cost on interface
Gi0/1 & Gi0/2 of SwitchB to the root bridge. This can be calculated from the cost to the root bridge of each switch because a

switch always advertises its cost to the root bridge in its BPDU. The receiving switch will add its local port cost value to the
cost in the BPDU.
One more thing to notice is that a root bridge always advertises the cost to the root bridge (itself) with an initial value of 0.
Now lets have a look at the topology again

SwitchC advertises its cost to the root bridge with a value of 0. Switch D adds 4 (the cost value of 1Gbps link) and advertises
this value (4) to SwitchB. SwitchB adds another 4 and learns that it can reach SwitchC via Gi0/1 port with a total cost of 8.
The same process happens for SwitchA and SwitchB learns that it can reach SwitchC via Gi0/2 with a total cost of 23 ->
Switch B chooses Gi0/1 as its root port -> D is not correct.
Now our last task is to identify the port roles of the ports between SwitchA & SwitchB. It is rather easy as the MAC address of
SwitchA is lower than that of SwitchB so Fa0/2 of SwitchA will be designated port while Gi0/2 of SwitchB will be alternative
port -> A is correct but C is not correct.
Below summaries all the port roles of these switches:

+ DP: Designated Port (forwarding state)

+ RP: Root Port (forwarding state)
+ AP: Alternative Port (blocking state)
243. On corporate network, hosts on the same VLAN can communicate with each other, but they are unable to
communicate with hosts on different VLANs. What is needed to allow communication between the VLANs?

A. a router with subinterfaces configured on the physical interface that is connected to the switch
B. a router with an IP address on the physical interface connected to the switch
C. a switch with an access link that is configured between the switches
D. a switch with a trunk link that is configured between the switches
Answer: A

244. A frame from VLAN1 of switch S1 is sent to switch S2 where the frame received on VLAN2. What causes this behavior?

A. trunk mode mismatches

B. vlans that do not correspond to a unique IP subnet
C. native vlan mismatches
D. allowing only vlan 2 on the destination.
Answer: C
Explanation
For 802.1q encapsulation, the native VLAN must matched at both side; otherwise the link will not work. In this case the native
VLAN of S1 is 1 while the native VLAN of S2 is 2.
245. Refer to the exhibit. A network administrator attempts to ping Host2 from Host1 and receives the results
that are shown. What is a possible problem?

A. The link between Host1 and Switch1 is down.

B. TCP/IP is not functioning on Host1
C. The link between Router1 and Router2 is down.
D. The default gateway on Host1 is incorrect.
E. Interface Fa0/0 on Router1 is shutdown.
F. The link between Switch1 and Router1 is down.
Answer: C
Explanation
In this question, Host1 wants to ping Host2 but it receives a reply from the interface Fa0/0 of Router1 (10.1.1.1/24) that the
destination host unreachable.
If the link between Host1 and Switch1 is down or the link between Switch1 and Router1 is down then Host1 cannot receive
this reply -> A and F are not correct.
Host1 can receive a reply from 10.1.1.1 -> the TCP/IP is working properly -> B is not correct.
For answer D, if the default gateway was not configured correctly on Host1 (in this case the default gateway should be
10.1.1.1/24) then 10.1.1.1 cannot receive the ping packets from Host1 and cannot reply for Host1 that the destination is
unreachable -> D is not correct.

Interface Fa0/0 on Router1 replies for the ping packets from Host1 so it is up -> E is not correct. If the interface Fa0/0 on
Router is shutdown then we will receive a message of Request timed out, not Destination host unreachable.
Answer C is correct because we can get a reply from the interface Fa0/0 of Router1 so the link between Host1 and Router1
should be fine -> the problem lies at the other side of Router1. But if the link between Router2 and Host2 is down then we will
receive a reply from interface S0/1 of Router2 that the destination host unreachable. Therefore the problem can just be the
link between Router1 and Router2.
246. Refer to the exhibit. The network administrator requires easy configuration options and minimal routing
protocol traffic. Which two options provide adequate routing table information for traffic that passes between
the two routers and satisfy the requests of the network administrator? (choose two)

A. a dynamic routing protocol on InternetRouter to advertise summarized routers to CentralRouter.

B. a dynamic routing protocol on CentralRouter to advertise summarized routers to InternetRouter.
C. a static route on InternetRouter to direct traffic that is destined for 172.16.0.0/16 to CentralRouter.
D. a dynamic routing protocol on InternetRouter to advertise all routes to CentralRouter.
E. a dynamic routing protocol on CentralRouer to advertise all routes to InternetRouter
F. a static, default route on CentralRouter that directs traffic to InternetRouter.
Answer: C F
247. Refer to the exhibit:

After HostA pings HostB, which entry will be in the ARP cache of HostA to support this transmission?
Host A knows host B is in another network so it will send the pings to its default gateway 192.168.6.1. Host A sends a
broadcast frame asking the MAC address of 192.168.6.1. These information (IP and MAC address of the default gateway) is
saved in its ARP cache for later use.

248. Refer to the exhibit. The following commands are executed on interface fa0/1 of 2950Switch.
2950Switch(config-if)#switchport port-security
2950Switch(config-if)#switchport port-security mac-address sticky
2950Switch(config-if)#switchport port-security maximum 1
The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur when this frame is received by
2950Switch? (Choose two)

A. The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.
B. Only host A will be allowed to transmit frames on fa0/1.
C. This frame will be discarded when it is received by 2950Switch.
D. All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out fa0/1.
E. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be forwarded out fa0/1.
F. Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be forwarded out fa0/1.
Answer: B D
249. Host 1 is trying to communicate with Host 2. The e0 interface on Router C is down. Which of the following
are true? (Choose two)

A. Router C will use ICMP to inform Host 1 that Host 2 cannot be reached.
B. Router C will use ICMP to inform Router B that Host 2 cannot be reached.
C. Router C will use ICMP to inform Host 1, Router A, and Router B that Host 2 cannot be reached.
D. Router C will send a Destination Unreachable message type.
E. Router C will send a Router Selection message type.
F. Router C will send a Source Quench message type.
Answer: A D
Explanation
The last known good router will try to inform you that the destination cannot be reached (with a Destination Unreachable
message type) so from that information you can learn how far your packets can travel to and where the problem is.
250. Refer to the exhibit.

All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP
link metrics. Which two ports are in blocking state after STP converges? (Choose two)

A. the port on switch SWD that connects to switch SWE

B. the port on switch SWF that connects to switch SWG
C. the port on switch SWD that connects to switch SWC
D. the port on switch SWB that connects to switch SWD
Answer: C D
251. Refer to the exhibit.

All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP
link metrics. Which two ports are forwarding traffic after STP converges? (Choose two)
A. The port connecting switch SWD with switch SWE
B. The port connecting switch SWG with switch SWF
C. The port connecting switch SWC with switch SWE
D. The port connecting switch SWB with switch SWC
Answer: C D

252. Refer to the exhibit.

router ospf 100
router-id 4.4.4.4
area 110 nssa
summary-address 192.168.0.0 255.255.0.0 nssa-only
redistribute static metric-type 1 subnets tag 704
network 110.110.0.0 0.0.255.255 area 110
This is the configuration of the ASBR of area 110. Which option explains why the remote ABR should not translate the type 7
LSA for the prefix 192.168.0.0/16 into a type 5 LSA?
A. The remote ABR translates all type 7 LSA into type 5 LSA, regardless of any option configured in the ASBR.
B. The ASBR sets the forwarding address to 0.0.0.0 which instructs the ABR not to translate the LSA into a type 5 LSA.
C. The ASBR originates a type 7 LSA with age equal to MAXAGE 3600.
D. The ABR clears the P bit in the header of the type 7 LSA for 192.168.0.0/16.

Answer: D
Explanation
When external routing information is imported into an NSSA, LSA Type 7 is generated by the ASBR and it is flooded within that
area only. To further distribute the external information, type 7 LSA is translated into type 5 LSA at the NSSA border. The P-bit
in LSA Type 7 field indicates whether the type 7 LSA should be translated. This P-bit is automatically set by the NSSA ABR
(also the Forwarding Address (FA) is copied from Type 7 LSA). The P-bit is not set only when the NSSA ASBR and NSSA ABR are
the same router for the area . If bit P = 0, then the NSSA ABR must not translate this LSA into Type 5.

The nssa-only keyword instructs the device to instigate Type-7 LSA with cleared P-bit, thereby, preventing LSA translation to
Type 5 on NSSA ABR device.
Note: If a router is attached to another AS and is also an NSSA ABR, it may originate a both a type-5 and a type-7 LSA for the
same network. The type-5 LSA will be flooded to the backbone and the type-7 will be flooded into the NSSA. If this is the case,
the P-bit must be reset (P=0) in the type-7 LSA so the type-7 LSA isnt again translated into a type-5 LSA by another NSSA
ABR.
253. Which statement about a type 4 LSA in OSPF is true?
A. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ASBR.
B. It is an LSA that is originated by an ASBR, that is flooded throughout the AS, and that describes a route to the ASBR.
C. It is an LSA that is originated by an ASBR, that is flooded throughout the area, and that describes a route to the ASBR.
D. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ABR.
E. It is an LSA that is originated by an ABR, that is flooded throughout the area, and that describes a route to the ASBR.
Answer: E
Explanation
LSA Type 4 (called Summary ASBR LSA) is generated by the ABR to describe an ASBR to routers in other areas so that routers
in other areas know how to get to external routes through that ASBR.

254. Refer to the exhibit.

R3 prefers the path through R1 to reach host 10.1.1.1.

Which option describes the reason for this behavior?
A. The OSPF reference bandwidth is too small to account for the higher speed links through R2.
B. The default OSPF cost through R1 is less than the cost through R2.
C. The default OSPF cost through R1 is more than the cost through R2.
D. The link between R2 and R1 is congested.
Answer: A
Explanation
The default formula to calculate OSPF bandwidth is BW = Bandwidth Reference / interface bandwidth [bps] = 10^8 / /
interface bandwidth [bps]
BW of the R1-R3 link = 10^8 / 100Mbps = 10^8 / 10^8 = 1
BW of the R2-R3 link = 10^8 / 1Gbps = 10^8 / 10^9 = 1 (round up)
Therefore OSPF considers the two above links have the same Bandwidth -> R3 will go to 10.1.1.1 via the R1-R3 link. The
solution here is to increase the Bandwidth Reference to a higher value using the auto-cost reference-bandwidth command
under OSPF router mode. For example:
Router(config)#router ospf 1
Router(config-router)#auto-cost reference-bandwidth 10000
This will increase the reference bandwidth to 10000 Mbps which increases the BW of the R2-R3 link to 10^10 / 10^8 = 100.
255. Refer to the exhibit.

AS#1 and AS#2 have multiple EBGP connections with each other. AS#1 wants all return traffic that is destined to the prefix
10.10.10.1/32 to enter through the router R1 from AS#2. In order to achieve this routing policy, the AS 1 advertises a lower
MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this
measure guarantee that the routing policy is always in effect?
AS #1 and AS #2 have multiple EBGP connections with each other. AS #1 wants all return traffic that is destined to the prefix
10.10.10.1/32 to enter through the router R1 from AS #2. In order to achieve this routing policy, the AS#1 advertises a lower
MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this
measure guarantee that the routing policy is always in effect?
A. Yes, because MED plays a deterministic role in return traffic engineering in BGP.
B. Yes, because a lower MED forces BGP best-path route selection in AS #2 to choose R1 as the best path for 10.10.10.0/24.
C. Yes, because a lower MED in AS #2 is the highest BGP attribute in BGP best-path route selection.
D. No, AS #2 can choose to alter the weight attribute in R2 for BGP neighbor R1, and this weight value is cascaded across AS
#2 for BGP best-path route selection.
E. No, AS #2 can choose to alter the local preference attribute to overwrite the best-path route selection over the lower MED
advertisement from AS #1. This local preference attribute is cascaded across AS #2 for the BGP best-path route selection.
Answer: E
256. Refer to the exhibit. All iBGP routes should have the iBGP peer as the next hop address. Why is this not
the case for BGP routes learned between R1 and R2?

A. R2 is missing the next-hop-self option under the neighbor command for R1

B. ISP-A is missing the next-hop-self option under the neighbor command for R1
C. ISP-B is missing the next-hop-self option under the neighbor command for R1
D. R2, ISP-A, and ISP-B are missing the next-hop-self option under the neighbor command for R1
Answer: A
Explanation
In this case networks 10.0.0.0, 172.17.0.0, 172.18.0.0, 192.168.60.0, 192.168.70.0 are networks learned and advertised from
R2. We see that the next-hop of these networks are 209.165.202.158 while they should be 209.165.202.130. With the nexthop of 209.165.202.158, R1 may not know how to send traffic to above networks and the traffic is dropped. To avoid this
failure we should configure the next-hop-self under the neighbor command for R1 like this:
R2(config-router)#neighbor 209.165.202.129 next-hop-self
257. During a recent OSPF election among three routers. RTA was elected the DR and RTB was elected the BDR,
as seen in the graphic. Assume that RTA fails, and that RTB takes the place of the DR while RTC becomes the
new BDR. What will happen when RTA comes back online?

A RTA will take the place of DR immediately upon establishing its adjacencie
B RTA will take the place of DR only if RTB fails
C RTA will take the place of DR only if both RTB and RTC fail
D A new election will take place establishing an all new DR and BDR based on configured priority levels and MAC addresses
Answer: C
258. Refer to the exhibit. During the process of configuring a virtual link to connect area 2 with the backbone
area, the network administrator received this console message on R3:
*Mar 1 00:25:01.084: %OSPF-4-ERRRCV: Received invalid packet: mismatch area ID, from backbone area must be virtual link
but not found from 20.20.20.1, Serial 0
How should the virtual link be configured on the OSPF routers to establish full connectivity between the areas?

A R1(config-router)# area 1 virtual-link 30.30.30.3

R3(config-router)# area 1 virtual-link 20.20.20.1
B R1(config-router)# area 1 virtual-link 20.20.20.2
R3(config-router)# area 1 virtual-link 30.30.30.2
C R1(config-router)# area 0 virtual-link 1.1.1.1
R3(config-router)# area 2 virtual-link 3.3.3.3
D R1(config-router)# area 1 virtual-link 3.3.3.3
R3(config-router)# area 1 virtual-link 1.1.1.1
E R1(config-router)# area 1 virtual-link 2.2.2.2
R3(config-router)# area 1 virtual-link 2.2.2.2
Answer: D
Explanation
When designing a multi-area OSPF network, all areas should be connected to the backbone area. However, there may be
instances when an area will need to cross another area to reach the backbone area like area 2 in this case. A virtual link has
the following two requirements:
+ It must be established between two routers that share a common area and are both ABRs.
+ One of these two routers must be connected to the backbone.
In this case, two routers that satisfy the above requirements are R1 and R3. The syntax for creating a virtual link across an
area is:

area area-id virtual-link neighbor-router-id

The area-id is the number of the transit area, in this example Area 1 and neighbor-router-id is the IP address of the highest
loopback interface configured or can be manually set on the neighboring router.
259. As shown in the exhibit ,OSPF is configured over a Frame Relay network. All PVCs are active. However,
P4S1 and P4S3 fail to see all OSPF routes in their routing tables. The show ip ospf neighbor command executed
on P4S2 displays the state of the neighbors. In order to fix the problem , what should be done?

A The neighbor command should be configured under the OSPF routing process on all routers
B The ip ospf network broadcast command should be configured on each Frame Relay interface
C The ip ospf network non-broadcast command should be configured on each Frame Relay interface
D The ip ospf priority value on the spoke routers should be set to 0
Answer: D
Explanation
In an NBMA network topology, neighbors are not discovered automatically. OSPF tries to elect a DR and a BDR due to the
multi-access nature of the network, but the election fails since neighbors are not discovered because NBMA environment
doesnt forward broadcast and multicast packets. Neighbors must be configured manually to overcome these problems.
Also, additional configuration is necessary in a hub and spoke topology to make sure that the hub routers, which have
connectivity with every other spoke router, are elected as the DR and BDR. You must set the spoke interfaces to an OSPF
priority of zero, this ensures that the spokes will not become the DR or BDR.
260. Refer to the exhibit. OSPF is configured on all routers in the network. On the basis of the show ip ospf
neighbor output, what prevents R1 from establishing a full adjacency with R2?

A. Router R1 will only establish full adjacency with the DR and BDR on broadcast multiaccess networks.
B. Router R2 has been elected as a DR for the broadcast multiaccess network in OSPF area
C. Routers R1 and R2 are configured as stub routers for OSPF area 1 and OSPF area 2.
D. Router R1 and R2 are configured for a virtual link between OSPF area 1 and OSPF area 2.
E. The Hello parameters on routers R1 and R2 do not match.
Answer: A
Explanation
From the output, we learn that R4 is the DR and R3 is the BDR so other routers will only establish full adjacency with these
routers. All other routers have the two-way adjacency established -> A is correct.

261. Refer to the exhibit. On the basis of the configuration provided, how are the Hello packets sent by R2
handled by R5 in OSPF area 5?

A. The Hello packets will be exchanged and adjacency will be established between routers R2 and R5.
B. The Hello packets will be exchanged but the routers R2 and R5 will become neighbors only.
C. The Hello packets will be dropped and no adjacency will be established between routers R2 and R5.
D. The Hello packets will be dropped but the routers R2 and R5 will become neighbors.
Answer: C
Explanation
Recall that in OSPF, two routers will become neighbors when they agree on the following: Area-id, Authentication, Hello and
Dead Intervals, Stub area flag.
We must specify Area 5 as a stub area on the ABR (R2) and all the routers in that area (R5 in this case). But from the output,
we learn that only R2 has been configured as a stub for Area 5. This will drop down the neighbor relationship between R2 and
R5 because the stub flag is not matched in the Hello packets of these routers.
262. Refer to the exhibit. Two routers are connected by Frame Relay and are running OSPF between them. Each
router has been configured with the appropriate network statements under router ospf 1, but the routers are
not forming an adjacency. Which of the following three commands could be configured on each router to
correct this problem? (Choose three)

A.
RouterC(config-if )#ip ospf network broadcast
RouterD(config-if )#ip ospf network broadcast
B.
RouterC(config-if)#ip ospf network point-to-point
RouterD(config-if)#ip ospf network point-to-point
C.
RouterC(config-router)#neighbor 10.100.100.4
RouterD(config-router)#neighbor 10.100.100.3
D.
RouterC(config-router)#neighbor 10.255.255.254
RouterD(config-router)#neighbor 10.255.255.253
Answer: A B D

Explanation
By default, Frame Relay is classified as a non-broadcast network, meaning it doesnt send any broadcasts/multicasts like RIP,
OSPF or EIGRP updates across the network (hello packets of OSPF are multicast to 224.0.0.5). Hence, in NBMA network, the
neighbors are not discovered automatically; they must be configured manually. There are two ways to simulate a broadcast
model on an NBMA network:
+ Define the network type as broadcast with the ip ospf network broadcast interface sub-command
+ Configure the neighbor statements under router ospf mode (though configuring the neighbor statement on one end is
sufficient to form adjacency, it is a good practice to have it configured on both the ends)
Besides these two ways, another way for making OSPF work with Frame Relay is configuring the network as a Point-to-Point
network (or Point-to-Multipoint, notice that OSPF treats Point-to-Multipoint network as a collective of point-to-point links).
Some information about Point-to-Multipoint (or Point-to-Point) network:
Note: Point-to-Multipoint networks do not maintain a DR/BDR relationship.
263. What are two different types of bgp sessions?
There are two different types of BGP sessions: internal and external. The internal one is established between routers inside
the same AS and the external session is established between routers in different AS.
264. Refer to the exhibit. What is the effect of the OSPF configuration on router B?

A. All interfaces will be in area 0.

B. The router will be an ABR with s1/0 in area 0 and 0/0 and 0/1 in area 1.
C. The router will be an ABR with s1/0 in area 0 and 0/0 and 0/1 in area 2.
D. The router will be an ABR with s1/0 in area 0, f0/0 in area 1, and f0/1 in area 2.
Answer: D
265.

RouterA#debug ip ospf events

OSPF events debugging is on
RouterA#
04:43:16: OSPF: Rev pkt from 10.3.0.2, Ethernet0/1, area 0.0.0.1 mismatch area 0.0.0.2 in the header
04:43:19: OSPF: Rev hello from 10.100.100.3 area 0 from Ethernet0/0 10.1.0.1
04:43:19: OSPF: End of hello processing
Refer to the exhibits. What can be done to fix the problem?
A. Change router B E0/1 interface to area 0.
B. Change router A interface E0/1 to area 0.0.0.2.
C. Configure the E0/1 interfaces of router A and router B to be in area 0.
D. Shut down the E0/1 interfaces in router A and router B as OSPF does not allow back doors between areas.
E. Remove the E0/1 interfaces in router A and router B from the OSPF process. Use static routes to route data directly from
router A to router B to avoid passing data through router C in area 0.
Answer: C

266. Refer to the exhibit. What additional commands should be used to configure OSPF area 5 as a Totally
Stubby area?

A. area 0 stub on routers R4 and R5

B. area 5 stub on routers R4 and R5
C. area 5 stub no-summary on routers R4 and R5
D. area 0 stub no-summary on router R4 and area 5 stub no-summary on router R5
E. area 5 stub no-summary on router R4 and area 5 stub on router R5
Answer: E
Explanation
To define a totally stub area, use the area area-id stub no-summary command on the ABR (in OSPF router configuration) and
the area area-id stub on the totally stub router. The ABR will inject a default route into the area so routers in this type of area
only see routing information local to their area, plus a default route pointing to the ABR, from which they can reach all other
areas and all other networks
267. Refer to the exhibit. Which statement is true about the configuration?

A. RTA will not establish an OSPF adjacency with RTB.

B. RTA will not accept OSPF hello packets from RTB.
C. RTA will send OSPF hello packets, but will not send OSPF updates.
D. RTA will send OSPF updates, but will not establish an adjacency with RTB.
Answer: A
Explanation
Passive-interface command is used to disable sending updates out from a specific interface. For OSPF it prevents Hello
packets from being sent out or received through the interface. This will not allow to create a neighbor adjacency and prevent
a router from learning prefixes from those neighbors.
For RIP, configuring an interface as passive will still allow the interface to listen to incoming routing updates for other RIP
neighbors, but the interface will no longer send them.
Note: The passive-interface command is used in router configuration mode, not interface mode.
268. Refer to the exhibit. All routers have simultaneously been reloaded, and the DR election has concluded as
expected. Which state is RTC in?

A. 2WAY/DROTHER
B. 2WAY/BDR
C. 2WAY/DR
D. FULL/DROTHER
E. FULL/BDR
F. FULL/DR
Answer: E
Explanation
All the routers are allowed to take part in the DR/BDR election because all the Pris (Priority) are 1 and they are equal so with
default parameters, the router with highest IP address will become DR (RTD in this case) and the router with second highest
IP address (RTC) will become BDR.
269. Refer to the diagram. Which OSPF configuration command is required to configure Area 3 as a totally
stubby area?

A. On the ABR
router ospf 10
area 3 nssa
B. On the ABR
router ospf 10
area 3 stub
C. On all Area 3 routers
router ospf 10
area 3 stub no-summary
D. On all Area 3 routers
router ospf 10
area 3 stub
E. On the ABR
router ospf 10
area 3 stub no-summary
Answer: E
Explanation
To make an area totally stubby we must apply the area area-id stub no-summary command on the ABR (the middle router
in this case) and area area-id stub commands to all other routers in that area.
270. Refer to the exhibit. OSPF has been configured on all routers in the network. However, router R1 does not
receive a default route to router R2 as intended. Which configuration change would ensure that R1 would
receive a default route from R2?

A. Add the area 1 stub command on routers R1.

B. Add the always keyword to the default-information originate configuration command on router R2.
C. Remove the default information originate configuration command from router R2 and place it on router R1.
D. Add the ip route 5.0.0.0 255.255.255.0 0.0.0.0 command to router R2.
Answer: B
Explanation
The default-information originate command advertises a default route into a normal area, provided the advertising router
already has a default route. If we want the router to advertise the default route even if it does not have a default route then
we can append the keyword always after the above command.
In this question, notice that R2 does not have a default route (something like this: ip route 0.0.0.0 0.0.0.0 6.0.0.2) so the
default-information originate will not advertise this default route to R1 -> We need to add the keyword always or declare
a default route -> B is correct.
271. Refer to the exhibit. OSPF is configured on all routers in the network. Area 5 is configured as an NSSA
area. The RIPv2 routes are redistributed into the OSPF domain on router R5. What two types of LSAs will be
originated by router R5? (Choose two)

A. type 1 Router LSA

B. type 2 Network LSA
C. type 3 Network Summary LSA
D. type 4 ASBR Summary LSA
E. type 5 AS External LSA
F. type 7 NSSA External LSA
Answer: A F
Explanation
Each router creates Type 1 LSA to describe itself, its interfaces, and neighbors -> A is correct.
Notice that LSA Type 7 is generated by an ASBR inside a Not-so-stubby area (NSSA) to describe routes redistributed into the
NSSA -> F is correct.
For your information, the main difference between LSA Type 7 and Type 5 is Type 7 is generated inside a NSSA while Type 5 is
generated inside a standard area.
272. Refer to the exhibit. Will redistributed RIP routes from OSPF Area 2 be allowed in Area 1?

A. Because Area 1 is an NSSA, redistributed RIP routes will not be allowed.

B. Redistributed RIP routes will be allowed in Area 1 because they will be changed into type 5 LSAs in Area 0 and passed on
into Area 1.
C. Because NSSA will discard type 7 LSAs, redistributed RIP routes will not be allowed in Area 1.
D. Redistributed RIP routes will be allowed in Area 1 because they will be changed into type 7 LSAs in Area 0 and passed on
into Area 1.
E. RIP routes will be allowed in Area 1 only if they are first redistributed into EIGRP.
Answer: A
Explanation
Area 1 is a NSSA so we can inject EIGRP routes into this area with Type 7 LSAs. Notice that Type 7 LSAs can only be existed in
a NSSA. The NSSA ABR of area 1 must converted it into LSA Type 5 before flooding to the whole OSPF domain.
When redistribute RIP into area 2, LSA Type 5 will be created an sent through area 0. But a NSSA is an extension of a stub
area. The stub area characteristics still exist, which includes no type 5 LSAs allowed.
Note: A stub area only allows LSA Type 1, 2 and 3.
273. Refer to the exhibit. OSPF has been configured on all routers in the network and Area 1 has been
configured as a NSSA. Which statement is true about the NSSA Area 1?

A. Redistributed RIP and IGRP routes will appear in Area 1. They will be advertised via type 5 LSAs.
B. Only redistributed RIP routes will appear in Area 1. They will be advertised via type 7 LSAs.
C. Only redistributed IGRP routes will appear in Area 1. They will be advertised via type 7 LSAs.
D. No redistributed routes can appear in Area 1, only summary routes.
Answer: C
Explanation
Same explanation of Question 6. Please notice that the IGRP routes are redistributed to NSSA area 1 via LSA Type 7. The
NSSA ABR of area 1 will convert it into a LSA Type 5 before flooding to area 0 & area 2.
274. Refer to the exhibit. OSPF is running throughout the network. You want to minimize the propagation of
LSAs into and out of Area 1.
Which OSPF feature would best achieve this goal?

A. stub
B. totally stubby
C. NSSA
D. totally NSSA
Answer: D
Explanation
We need to redistribute RIP from R1 to Area 1 so Area 1 cannot be a stub or totally stubby area. To minimize the propagation
of LSAs into and out of Area 1 we should configure it as a totally NSSA. Notice that a NSSA allows LSA Type 3 & 7 while a
Totally NSSA only allows LSA Type 7.
Note:
Both Totally Stubby Area & Totally Stubby NSSA do not accept external AS routes or inter-area routes (LSA Types 3, 4 and 5).
They recognize only intra-area routes and the default route 0.0.0.0. The main difference between them is Totally Stubby NSSA
accepts routes from other AS while Totally Stubby Area does not.
Below summarizes the LSA Types allowed and not allowed in area types:
Area Type
Type 1
Standard & backbone
Stub
Yes
Totally stubby
NSSA
Yes
Totally (stubby) NSSA

& 2 (within area)

Yes
Yes
Yes

Type 3 (from other areas)

Yes
Yes
No
No
Yes
No
No

Type
Yes
No
No
No
No

4Type
Yes
No
No
Yes
No

5Type 7
No
No
Yes

275. Refer to the exhibit. A company would prefer all Internet-bound OSPF routed traffic to use ISP ABC with
ISP DEF as a backup. As the network consultant, what three configuration changes might you make? (Choose
three)

A. The default-information originate command should be configured on router B1 and B4.

B. The default-information originate command should be configured on router B2 and B3.
C. If the metric value for ISP ABC is set at the default, the ISP DEF metric value should be set to 1.

D. If the metric value for ISP ABC is set at the default, the ISP DEF metric value should be set to 25.
E. The metric type value should be set to type 1.
F. The metric type value should be set to type 2.
Answer: B D F
Explanation
Routers B2 & B3 need to advertise a default route to the Internet for inside OSPF routers so we should use the defaultinformation originate command with a default route (something like ip route 0.0.0.0 0.0.0.0) pointing to the ISP router -> B
is correct.
If no metric is specified, OSPF puts a default value of 20 when redistributing routes from all protocols except BGP routes (BGP
routes get a metric of 1). We use ISP DEF as a backup so its metric value should be set to a higher value than 20 -> D is
correct.
There are two types of external routes: external type 1 and external type 2. The difference between the two is in the way the
cost (metric) of the route is being calculated:
+ The cost of a type 2 route is always the external cost, irrespective of the interior cost to reach that route.
+ Type 1 cost is the addition of the external cost and the internal cost used to reach that route.
-> We should configure the type 2 external route to make sure the ISP ABC is always referred over ISP DEF because internal
routing does not determine the path.
Note: E2 is the default external metric, but E1 is preferred over E2 if two equal-cost paths exist.
276. Refer to the exhibit. A network administrator wants to reduce the number of OSPF routes advertised from
Area 1 into Area 2. As the router configuration specialist, what two things would you do to accomplish this
goal? (Choose two)

A. Enter the configuration on router B1.

B. Enter the configuration on router B4.
C. On the same router, enter the Summary-address 10.10.1.0 255.255.255.128 subcommand.
D. On the same router, enter the Area 1 range 10.10.1.0 255.255.255.128 subcommand.
E. On the same router, enter the Area 2 range 10.10.1.0 255.255.255.128 subcommand.
Answer: A D
277. Refer to the exhibit. Given the exhibited router output, which command sequence can be added to R1 to
generate a default route into the OSPF domain?

A. default-router
B. ip default-network
C. default-information originate always
D. ip default-gateway
Answer: C

Explanation
The default-information originate command advertises a default route to other routers, telling something like please send
me your unknown traffic. With the always parameter, the default route is advertised even if there is no default route in the
routers routing table. In this case we dont see any default route in the configuration of R1 (like ip route 0.0.0.0 0.0.0.0 .)
so it must include the keyword always so that the default route is advertised.
278. Given the above OSPF network, which command will RTB use to summarize routes for the 192.168.16.0/22
supernet before injecting them into Area 0?

A. area 10 range 192.168.16.0 255.255.252.0

B. summary-address 192.168.16.0 255.255.252.0
C. ip summary-address ospf 101 192.168.16.0 255.255.252.0
D. area 0 range 192.168.16.0 255.255.252.0
E. ip summary-address area 0 192.168.16.0 255.255.252.0
Answer: A
279. Refer to the exhibit. Which statement is true?

A. RTA will redistribute the RIP routers into the NSSA as type 7 LSAs. RTB will translate the type 7 LSAs into type 5 LSAs and
flood them throughout the OSPF backbone.
B. RTA will redistribute the RIP routers into the NSSA as type 7 LSAs. RTB will flood the type 7 LSAs throughout the backbone.
C. RTA will redistribute the RIP routers into the NSSA as type 5 LSAs. RTB will flood the type 5 LSAs throughout the backbone.
D. RTA will redistribute the RIP routers into the NSSA as type 5 LSAs. RTB will translate the type of 5 LSAs into type 7 LSAs
and flood them throughout the OSPF backbone.
E. RTA will not redistribute the RIP routers into the NSSA.
Ans: A
280. Refer to the network topology diagram shown in the exhibit. The routing table of R3 contains all the
proper OSPF routes except the 10.4.4.0/24 OSPF route. Which show command on R3 will be the most useful to
determine the cause of this problem and why?

A. Perform show ip ospf virtual-link to examine if the virtual link between R3 and R4 is configured and in the up state.

B. Perform show run to examine if area 3 is configured as a stubby area.

C. Perform show run to examine if area 3 is configured as a nssa area.
D. Perform show ip ospf neighbor to examine which router is elected as the DR on the e2 interface.
E. Perform show ip ospf database to examine the OSPF database entries.
Answer: A
281. A network administrator recently redistributed RIP routes into an OSPF domain. However, the
administrator wants to configure the network so that instead of 32 external type-5 LSAs flooding into the OSPF
network, there is only one. What must the administrator do to accomplish this?

A. Configure summarization on R1 with area 1 range 172.16.32.0 255.255.224.0

B. Configure summarization on R1 with summary-address 172.16.32.0 255.255.224.0
C. Configure area 1 as a stub area with area 1 stub
D. Configure area 1 as a NSSA area with area 1 stub nssa
Answer: B
282. Refer to the exhibit. Routers R2, R3, R4, and R5 have OSPF enabled. What should be configured on the
routers in area 1 to ensure that all default summary routes and redistributed EIGRP routes will be forwarded
from R6 to area 1, and only a default route for all other OSPF routes will be forwarded from R5 to area 1.

A. R5(config-router)# area 1 stub

R6(config-router)# area 1 stub
B. R5(config-router)# area 1 stub no-summary
R6(config-router)# area 1 stub
C. R5(config-router)# area 1 nssa
R6(config-router)# area 1 nssa
D. R5(config-router)# area 1 nssa no-summary
R6(config-router)# area 1 nssa
Answer: D
283. Refer to the exhibit. Router RIP is attempting to establish BGP neighbor relationships with routers RT1 and
RT3. On the basis of the information that is presented in the exhibit, which two statements are true? (Choose
two)

A RTR has a BGP password set but neighbor 10.0.0.1 does not
B RTR has a BGP password set but neighbor 10.0.0.5 does not
C RTR has a BGP password set but neighbor 10.0.0.1 has an incorrect password set
D RTR has a BGP password set but neighbor 10.0.0.5 has an incorrect password set
E Neighbor 10.0.0.1 has a BGP password set but RTR does not
F Neighbor 10.0.0.5 has a BGP password set but RTR does not
Answer: A D
Explanation:
You can configure MD5 authentication between two BGP peers, MD5 authentication must be configured with the same
password on both BGP peers; otherwise, the connection between them will not be made. If a router has a password
configured for a peer, but the other peer does not, a message No MD5 digest from will appear on the console while the
routers attempt to establish a Multicast Source Discovery Protocol (MSDP) session between them. Therefore A is correct
because RT1 (with an ip address of 10.0.0.1) is not configured with a password.
Similarly, if the two routers have different passwords configured, a message Invalid MD5 digest from will appear on the
screen.
284. Refer to the exhibit diagram and configuration. RTB is summarizing its networks from AS 64100 with the
aggregate-address command. However, the show ip route command on RTA reveals the RTB individual networks
as well as its summary route. Which option would ensure that only the summary route would appear in the
routing table of RTA?

A Delete the four network statements and leave only the aggregate-address statement in the BGP configuration
B Add the keyword summary-only to the aggregate-address command
C Add a static route with a prefix of 192.168.24.0 255.255.252.0 pointing to the null interface
D Create a route map permitting only the summary address
Answer: B
Explanation
When the aggregate-address command is used within BGP routing, the aggregated address is advertised, along with the more
specific routes. The exception to this rule is through the use of the summary-only command. The summary-only keyword
suppresses the more specific routes and announces only the summarized route.
285. Refer to the exhibit The neighbor 10.1.1.1 weight 200 BGP configuration command has been configured on
router A. What will be the result of this configuration?

A Router A will prefer the path through router B for network 172.20.0.0
B Router A will prefer the path through router C for network 172.20.0.0
C Packets from router D will prefer the path through router B for networks advertised by router A
D Packets from router D will prefer the path through router C for networks advertised by router A
Answer: A
Explanation
The weight attribute is a special Cisco attribute that is used in the path selection process when there is more than one route
to the same destination. The higher the weight value, the better the path. The default weight is 0. Therefore, by configuring
weight 200 to the neighbor 10.1.1.1, router A will prefer the path through router B for network 172.20.0.0 then the path
through router C.
The weight attribute is local to the router and not propagated to other routers. In this case the weight is local to router A so it
has no effect on the decision of transferring packets from router D.
286. What technique should be used on BGP edge routers to prevent a multi-homed autonomous system from
becoming a transit system?
A. Advertise with a high MED value all networks that are discovered via external BGP.
B. Remove the AS-Path information on all routes in the BGP table prior to advertising externally.
C. Only advertise networks externally if they have been discovered via internal BGP.
D. Use an outgoing distribution list to filter all networks not originating from inside the autonomous system.
E. Set the no-export community attribute on all networks that are advertised externally.
F. Set the origin code to incomplete for all networks that are discovered via external BGP.
Answer: D
Explanation
A transit AS is an AS that routes traffic from one external AS to another external AS. Lets see an example below:

Suppose your company has 2 internet links to 2 different ISPs. If one connection to the ISP goes down, your traffic can be sent
through the other ISP. It is a good way to make sure your company can access the internet any time. But if your routers are
not configured carefully, your company AS may become a transit AS. For example, AS 65002 learned the route 10.10.10.0/24
from ISP1. If R2 advertises that route to ISP2 then ISP2 may use it to send traffic to that network -> your company becomes a
transit AS.
There are two popular ways to prevent a multi-homed autonomous system from becoming a transit system:
+ Use a distribute-list or filter-list to filter all networks not originating from inside the autonomous system.
+ Use the no-export community attribute on all networks not originating from inside the autonomous system.
Answer E seems to be correct but in fact it is not because all networks that are advertised externally include networks
originating from inside and outside our AS. We should only filter networks originating from outside our AS. In some cases, the
routers in our company may advertise some internal networks (for remote access, for example).
287. Refer to the exhibit. By default, when RTB passes BGP advertisements from RTA about network
192.168.2.0 to RTC, what address will be listed as the next-hop address?

A. 10.1.1.1
B. 10.1.1.2
C. 192.168.1.49
D. 192.168.1.50
Answer: D
Explanation
This is a rule for BGP advertisement:
For EBGP, the next hop is always the IP address of the neighbor specified in the neighbor command. For IBGP, the protocol
states that the next hop advertised by EBGP should be carried into IBGP.
In this case, when RTA (in AS 65000, which is an EBGP for RTB) advertises a route to RTB, it specifies its interface
(192.168.1.50) as the next-hop. But when RTB passes this advertisement to RTC, it specifies RTA interface (also 192.168.1.50)
as the next-hop (IBGP). This can cause some routing failures because if RTC does not know a way to reach RTA interface via
IGP (OSPF, EIGRP), it will drop that packet. To fix this problem, add the neighbor 10.1.1.2 next-hop-self command under
BGP mode in RTB.
288. Refer to the exhibit. It is desired to set up a BGP neighbor relationship between routers R1 and R4. BGP
packets between them could travel through R2 or R3. What is the simplest configuration that will allow for
failover?

A. Configure BGP neighbor relationships between all interfaces on R1 and R4.

B. Install a direct connection between R1 and R4.
C. Configure loopback interfaces on R1 and R4 to provide the update source address for BGP packets.
D. Configure only one neighbor relationship between R1s 192.168.1.2 interface and R4s 172.16.10.2 interface.
Answer: C
Explanation
Assume R4 only uses this configuration:
R4(config)#router bgp 65000
R4(config-router)#neighbor 192.168.1.2 remote-as 65000
Then if R1 sends BGP packets to R4 via R3, the source IP address of the packets is 192.168.2.2. But R4 does not recognize
this IP address because 192.168.2.2 is not configured in the neighbor command of R4. Therefore the IBGP session between
R1 & R4 is not established -> these packets will be dropped.
The simplest configuration to allow R1 and R4 communicate via both R2 & R3 is to use a loopback interface address rather
than a physical interface address as the source IP address for all BGP packets. To do this, use the command:
R4(config-router)#neighbor 1.1.1.1 update-source loopback0
(In which 1.1.1.1 is the loopback interface of R1). In practical, we should establish neighborship with the loopback interface
rather than the physical interface because if the physical interface goes down, the neighborship would be lost while a
loopback interface never goes down.
Also, when configuring 1.1.1.1 as the neighbor, you must configure on R1 the neighbor 4.4.4.4 update-source loopback0
command so that the source IP address of packets sent from R1 (loopback0 1.1.1.1) will be matched with the neighbor
command configured on R4.

289. Refer to the exhibit. Network 10.0.0.0/8 is being advertised to autonomous system 65550 via both external
links. Which statement about the preferred path to the 10.0.0.0/8 network is true?

A. Router R1 will be preferred because its neighbor has the higher autonomous system number.
B. Router R1 will be preferred because it has the lower neighbor IP address.
C. Router R1 will be preferred because it has a lower local preference.
D. Router R2 will be preferred because its neighbor has a lower autonomous system number.
E. Router R2 will be preferred because it has the higher neighbor IP address.
F. Router R2 will be preferred because it has a higher local preference.
Answer: F
Explanation
Local preference is an indication to the AS about which path has preference to exit the AS in order to reach a certain network.
A path with a higher local preference is preferred more. The default value for local preference is 100.
Unlike the weight attribute, which is only relevant to the local router, local preference is an attribute that routers exchange in
the same AS. The local preference is set with the bgp default local-preference value command.
In this case, both R1 & R2 learn about the network 10.0.0.0/8 but R2 has higher local-preference so R2 will be chosen as the
preferred exit point from AS 65550.
290. Refer to the exhibit. Router RT-1 and router RT-2 both advertise network 131.25.0.0/16 to router RT-3 via
internal BGP. What is the reason that router RT-3 chose router RT-1 as its best path to network 131.25.0.0/16.

A. It advertises the best AS-path.

B. It advertises the best origin code.

C. It advertises the best MED.

D. It advertises the best local preference.
E. It has a better router ID.
F. It advertises a lower autonomous system.
Answer: E
Explanation
Recall the route selection decision process in BGP:
Consider only (synchronized) routes with no AS loops and a valid next hop, and then:
Route selection decision process (from top to bottom)
In this question
Prefer highest weight (local to router) RT-3 is not an exit point
Prefer highest local preference (global within AS)
same local preference of 100
Prefer route originated by the local router (next hop = 0.0.0.0) both routes are from IBGP
Prefer shortest AS path same
Prefer lowest origin code (IGP < EGP ) both are incomplete (EGP > IGP > Incomplete)
Prefer lowest MED (exchanged between autonomous systems) both MEDs are 0
Prefer EBGP path over IBGP pathboth are IBGP
Prefer the path through the closest IGP neighbor (IGP cost)
not used because IBGPs are used
Prefer oldest route for EBGP paths.
not used
Prefer the path with the lowest neighbor BGP router ID.
the router-id 162.105.11.1 is lower than 165.105.3.2
Prefer the path with the lowest neighbor IP address.
291. Refer to the exhibit. Router RT-1 chooses one path to network 198.133.219.0/24. Indicate the reason Router RT-1
chooses this best path.

A. In making its decision about the best path, RT-1 gives precedence to the origin code.
B. In making its decision about the best path, RT-1 gives precedence to the BGP MED values.
C. IP address 128.107.2.2 is lower than 128.107.255.2.
D. In making its decision about the best path, RT-1 prefers the IGP metrics.
E. RT-1 prefers internal BGP routes.
F. IP address 128.107.254.2 is lower than 128.107.255.2.
Answer: A
Explanation
As explained above, the IGP is preferred over incomplete.
292. The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. Refer to the exhibit.
Routers A and B are running BGP but the session is active. What command needs to be added to establish the
BGP session?

hostname A
!
interface loopback 0
ip address 10.10.10.2 255.255.255.255
!

interface serial 0/0

ip address 172.16.10.2 255.255.255.252
!
interface serial 0/1
ip address 172.16.10.5 255.255.255.252
!
router bgp 65444
neighbor 10.10.10.1 remote-as 65111
neighbor 10.10.10.1 update-source loopback 0
neighbor 10.10.10.1 ebgp-multihop
A. ip route 10.10.10.1 255.255.255.255 s0/0
ip route 10.10.10.1 255.255.255.255 s0/ 1
B. no synchronization
C. network 10.10.10.0
D. neighbor 10.10.10.1 next-hop-self
Answer: A
Explanation
In this case we want to achieve load balancing so the loopback interface must be used to establish neighborship.
If we check the routing table of router A, we will see that there is no entry for the remote network 1.1.1.1/32 -> router A does
not know how to reach the loopback interface on router B -> a TCP session cant be established to router B. Therefore we
need to tell router A a way to reach router B.
293. Refer to the exhibit. Autonomous systems 200 and 300 have EBGP sessions established with their directly
connected routers in autonomous system 100. IGP has been configured on all routers in autonomous system
100 and they successfully exchange routing updates. Traffic originated in autonomous system 200 cannot reach
the destination autonomous system 300. What configuration should be done on the routers in autonomous
system 100 in order for the traffic coming from autonomous system 200 to be forwarded to autonomous system
300?

A. IBGP session must be established between routers R1 and R3, and the synchronization must be turned on.
B. IBGP session must be established between routers R1 and R3, and the synchronization must be turned off.
C. IBGP session must be established between routers R1 R2 and R2 R3. and the synchronization must be turned on.
D. IBGP session must be established between routers R1 R2 and R2 R3, and the synchronization must be turned off.
E. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned on.
F. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned off.
Answer: F
Explanation
The synchronization rule states that if an AS provides transit service to another AS, BGP should not advertise a route until all
of the routers within the AS have learned about the route via an IGP. To understand why this rule exists, lets take an example
if this rule is not there.

Suppose Rt-A wants RT-B to access its local LAN 1.1.1.0, so it advertises this network through R1. R1 and R3 are running IBGP
so R1 sends this update to R3 through R2 (using the next-hop-self to use its own interfaces IP address). In turn, R3
announces to RT-B that it can reach 1.1.1.0 via R3.
Now Rt-B really wants to send traffic to 1.1.1.0 so it will send to R3. R3 does a look up and sees that the network can be
reachable via R1. It then does a lookup for R1s IP address and sees that it is reachable via R2 -> so it forwards packets to R2.
But R2, running IGP (like OSPF), does not find an entry for 1.1.1.0 so R2 drops all the packets for that network a black-hole is
created!
That is why the BGP synchronization rule is born. With this rule, when R3 receives an advertisement for 1.1.1.0 from R1, it
adds that route to its BGP table and before sending advertisement to RT-B, it first checks its IGP routing table to see whether
an entry exists for that route. In this example, R3s IGP routing table does not know how to reach 1.1.1.0 so R3 will not
advertise this network to RT-B. This route is only advertised to RT-B when IGP makes an entry in the routing table for 1.1.1.0.
Well, now you understand the importance of BGP Synchronization rule but now I wish to explain why this rule causes trouble
in fully-meshed IBGP!

Synchronization prevents fully-meshed IBGP from working properly. Because no IGP is running so R3 cannot advertise any
route to RT-B even if no black-hole exists in this topology.
Note: A fully-meshed can be a physical fully-meshed topology or a topology where all routers in the same AS established
IBGP connections with each other (although they do not need to be directly connected). So in the topology above, the
connection between R1 & R3 is represented by a dashed line, which means it can be physically connected or not (but an IBGP
connection must be established on both routers).
Therefore if all routers in AS 100 is fully-meshed, the synchronization rule must be turned off -> F is correct.
294. Which BGP option is required when load sharing over multiple equal-bandwidth parallel links from a single
CE router to a single ISP router over eBGP?
A. eBGP Multipath
B. eBGP Multihop
C. BGP Synchronization
D. Public AS numbers
Answer: B
Explanation
The eBGP multihop allows a neighbor connection between two external peers that do not have direct connection. The
multihop is only for eBGP and not for iBGP. For example, in the topology below router A wants to establish neighbor

relationship with the loopback0 of router B (to allow load balancing), which does not have direct connection so it must use
ebgp-multihop

For your reference, the full configurations of both router A & B are shown below:
A# int loopback 0
ip address 10.10.10.2 255.255.255.255
router bgp 1
neighbor 10.10.10.1 remote-as 2
neighbor 10.10.10.1 ebgp-multihop
neighbor 10.10.10.1 update-source loopback 0
network 10.10.10.2 mask 255.255.255.255
ip route 10.10.10.1 255.255.255.255 172.16.10.1
ip route 10.10.10.1 255.255.255.255 172.16.10.6
B# int loopback 0
ip address 10.10.10.1 255.255.255.255
router bgp 2
neighbor 10.10.10.2 remote-as 1
neighbor 10.10.10.2 ebgp-multihop
neighbor 10.10.10.2 update-source loopback 0
network 10.10.10.1 mask 255.255.255.255
ip route 10.10.10.2 255.255.255.255 172.16.10.2
ip route 10.10.10.2 255.255.255.255 172.16.10.5
Note: If router B wants to establish neighbor relationship with the directly connected interface of router A, it only needs these
commands:
B#
router bgp 2
neighbor 172.16.10.2 remote-as 1
But notice the traffic from router B would be sent to 172.16.10.2 interface only and load balancing would not take place.
295. Refer to the exhibit. On the basis of the configuration that is provided, how would the BGP updates that
come from router R1 be replicated inside autonomous system 65200?

A. All BGP updates that are received on router R2 will be sent to routers R3 and R4. Routers R3 and R4 will then forward those
BGP updates to router R5.
B. All BGP updates that are received on router R2 will not be sent to routers R3 and R4.

C. All BGP updates that are received on router R2 will be sent directly to router R5.
D. None of the BGP updates that are received on router R2 will ever be received by router R5.
Answer: D
Explanation
All BGP updates that are received on router R2 will be sent to routers R3 and R4 but R3 & R4 will not forward those BGP
updates to R5. This is called the BGP split-horizon rule (which states that a route learned from one IBGP neighbor will not be
advertised to another IBGP neighbor) -> A is not correct.
The BGP updates received on router R2 will be sent to R3 and R4 without violating the BGP split-horizon rule because R2
receives updates from an EBGP (R1), not IBGP -> B is not correct.
From the configuration of R2, we learn that R2 did not establish neighbor relationship with R5 so they are not neighbors -> no
BGP updates will be sent from R2 to R5 -> C is not correct.
The BGP split-horizon rule prevents updates received on R2 from being sent to R5 -> D is correct.
296. Why should iBGP sessions be fully meshed within a Transit AS?
A. BGP requires redundant TCP sessions between iBGP peers.
B. A full mesh allows for optimal routing within the Transit AS.
C. Routes learned via iBGP are never propagated to other eBGP peers.
D. Routes learned via iBGP are never propagated to other iBGP peers.
E. Routes learned via eBGP are never propagated to other iBGP peers.
Answer: D
Explanation
BGP split-horizon rule states that a route learned from one IBGP neighbor will not be advertised to another IBGP neighbor so
IBGP sessions should be fully meshed. For example in the topology below, routes learned from R1 about AS 200 will be
advertised to R2. For R2, the route learned from R1 is a route learned from one IBGP neighbor so R2 will not advertise this
route to R3 and AS 100 can never be a transit AS -> IBGP sessions should be fully meshed within a transit AS -> D is correct.

297. Observe the diagram. RTC is the hub router and RTA and RTB are the spokes. There are no virtual circuits
between the spoke locations. What is needed to successfully route traffic to the 11.11.11.0/24 network from
RTA?

A. The neighbor 10.10.10.1 next-hop-self command on RTA.

B. The neighbor 10.10.10.1 next-hop-self command on RTB.
C. The neighbor 10.10.10.1 next-hop-self command on RTC.
D. Nothing is required. This is the default behavior on this topology.
Answer: C
Explanation
The next-hop-self command must be used on RTC to specify RTCs IP address as the source address in the packets sent to RTB
(and RTB knows how to reach RTC but it does not know how to reach RTA).

298. Refer to the exhibit. Currently the two eBGP links between AS100 and AS200 have an average inbound
load of 65% and 20% respectively. After further investigation, traffic to 10.10.1.16/28 accounts for 45%, and
traffic to 10.10.1.32/28 and to 10.10.1.48/28 each account for 20% of the inbound load. The BGP attributes are
currently set at their default values in both autonomous systems.
If you want to influence how AS200 sends traffic to AS100, which eBGP configurations would you configure in
AS100 to influence AS200 to use the eBGP links more evenly? (Choose two.)

A. neighbor 192.168.30.2 route-map as_50 out

B. neighbor 192.168.20.2 route-map as_50 out
C. route-map as_50 permit 10
match ip address 50
set metric 150
access-list 50 permit 10.10.1.16 0.0.0.240
D. route-map as_50 permit 10
match ip address 50
set metric 150
access-list 50 permit 10.10.1.32 0.0.0.240
Answer: B D
Explanation
Note: The wildcard masks in the access-list are not correct, they should be 0.0.0.15 instead of 0.0.0.240.
First lets recall about MED. If you want to influence external neighbors about the path it sends traffic then MED, also called
the metric, should be used. A lower MED value is preferred over a higher value. The default MED value is 0.
Also, an important point I wish to notice in this question is: for Policy-based routing, if no match is made, the packets are
forwarded normally via the routing table.
In answer C & B (combined), the MED for prefix 10.10.1.16/28 through router A is set to 150. This would make traffic for this
route (45%) go through router B (because the MED default value is 0, which is lower than 150). Since the access-list will also
NOT match prefixes: 10.10.1.32/28 & 10.10.1.48/28 traffic for these two prefixes will be forwarded just normally (via the
routing table) ->
Traffic for prefix: 10.10.1.32/28 will continue to go via the upper E-A link (now just 20% total load), while traffic for prefixes
10.10.1.16/28 and 10.10.1.48/28 will be going through the lower F-B link (now 65% total load) -> Original unbalanced (65/20)
load is maintained, although it has been reversed between the upper (A-E) and lower (B-F) link -> C is not correct.
For more information about Policy-based routing matches you can read this article:
http://www.ciscopress.com/articles/article.asp?p=426637&seqNum=2
If answer D is applied for router A, the MED for 10.10.1.32 set to 150 would make traffic for this route go through router B
(because the MED default value is 0, which is lower than 150). So router A will be responsible for 45% traffic and router B will
receive 40% traffic -> D is correct.
299. Refer to the exhibit. A client has asked you to consult on an eBGP loading question. Currently the AS 100
eBGP links have an average outbound load of 65% and 20% respectively. On further investigation, traffic from
10.10.24.0 accounts for 45%, and 10.10.25.0 and 10.10.32.0 accounts for 20% each of the outbound load. The
customer wants to spread the load between the two eBGP links more evenly. The BGP attributes are currently
set at their default values.
If you are located at AS 100 and want to influence how AS 100 sends traffic to AS 200, what BGP attribute could you configure
to cause AS 100 outbound traffic to load the eBGP links more evenly?

A. On router A, set the default local-preference to 50.

B. On router B, set the default metric to 150.
C. On router B, configure a route map for 10.10.25.0/24 with a local preference of 150 linked to neighbor 192.168.30.2.
D. On router B, set the default local-preference to 150.
Answer: C
Explanation
To make the eBGP links more evenly we should use the link B-F for network 10.10.25.0/24 so that the total traffic going
through B-F link is about 40%. In this case we should apply a route map on B to set the local preference of 10.10.25.0/24 to a
higher value than 100. But notice that we must use a second clause to permit other traffic if not they will be filtered out.
Note: The default value for local preference is 100. A path with higher local preference is preferred.
300. Refer to the exhibit. What will RTB do with a packet sourced from within AS 64200 with a destination
address of 192.168.25.1?

A. It will be dropped because network 192.168.25.0 is not in the RTA routing table.
B. It will be dropped because network 192.168.25.0 is not in the RTB routing table.
C. It will be forwarded to the null 0 interface of RTB and dropped.
D. It will be forwarded to the RTB 192.168.25.0 network.
Answer: D
Explanation
First I want to make it clear that the above configuration belongs to RTB (with AS 64100).
The network statement in other routing protocols (EIGRP, OSPF, RIP) is used to enable routing protocol on the interfaces
within that network statement. But in BGP, the function of a network statement is to tell the router to search the IP routing
table for a particular network, and if that network is found, originate it into the BGP database. But notice that you must have
an exact match in the IP routing table to appear the network in the BGP routing table (in this case we dont see the autosummary command so we suppose it is disabled in this case). For example:
+ network 10.10.10.0/8 will appear in BGP if network 10.10.10/8 appears in the IP routing table.
+ network 10.10.10.0/24 will appear in BGP if network 10.10.10.0/24 appears in the IP routing table.
Therefore, in this question the static route ip route 192.168.24.0 255.255.252.0 null0 was used to put a route to
192.168.24.0/22 into the routing table (although it points to Null0 but this command really makes that route appears in the
routing table). Notice this network 192.168.24.0/22 also coverts network 192.168.25.0 -> RTB will forward that packet to
192.168.25.0 network.
301. Refer to the exhibit. All routers are configured for BGP. EBGP routes received on router R2 show up in the
BGP table on routers R1 and R3 but not in their IP routing table. What would cause this? (Choose two)

A. Synchronization in autonomous system 100 is turned is on.

B. Synchronization in autonomous system 100 is turned is off.
C. EBGP multihop is not configured on routers R1 and R3.
D. Routers R1 and R3 do not receive the same routes via an IGP.
E. The BGP routers in autonomous system 100 are not logically fully-meshed.
Answer: A D
Explanation
The synchronization rule states BGP should not advertise a route until all of the routers within the AS have learned about the
route via an IGP so in this case if R1 and R3 have not learned that route via IGP, they cannot appear in their routing tables.
302. Refer to exhibit. RA (DR) failed, and after 10 minutes it came back. Which two statements are true?
(Choose two)

A. RA is a DR
B. RA is a BDR
C. RA is a DROTHER
D. RB is a DR
E. RB is a BDR
F. RC is a DROTHER
Answer: C D(?)
Explanation
This question is missing some information. We dont know before RA failed, who the BDR was. Suppose RB was the BDR
before RA failed then RB would be the DR even when RA comes back. When RA comes back, its segment has both DR and
BDR elected so RA will take the DROTHER role -> C is correct but D is missing information.
303. Refer to the exhibit. VLAN 1 and VLAN 2 are configured on the trunked links between Switch A and Switch
B. Port Fa 0/2 on Switch B is currently in a blocking state for both VLANs. What should be done to load balance
VLAN traffic between Switch A and Switch B?

A. Lower the port priority for VLAN 1 on port 0/1 for Switch A.
B. Lower the port priority for VLAN 1 on port 0/2 for Switch A.
C. Make the bridge ID of Switch B lower than the ID of Switch A.
D. Enable HSRP on the access ports.
Answer: B
Explanation
Please read the explanation of Question 3 in http://www.certprepare.com/vlan-questions-4.
In general, lower the port priority for VLAN 1 will lower the Root Bridge ID for port Fa0/2 on Switch A -> traffic for VLAN 1 will
flow via Fa0/2 link.
304. Refer to the exhibit and the show interfaces fastethernet0/1 switchport outputs. Users in VLAN 5 on switch
SW_A complain that they do not have connectivity to the users in VLAN 5 on switch SW_B. What should be done
to fix the problem?

A. Configure the same number of VLANs on both switches.

B. Create switch virtual interfaces (SVI) on both switches to route the traffic.
C. Define VLAN 5 in the allowed list for the trunk port on SW_A.
D. Disable pruning for all VLANs in both switches.
E. Define VLAN 5 in the allowed list for the trunk port on SW_B.
Answer: C
Explanation
SW_A is missing VLAN 5 in the Trunking VLANs Enabled, that means the trunk link currently does not accept traffic from
VLAN 5 to be sent on the link.
305. Two switches SA and SB are connected as shown below. Given the below partial configuration, which two
statements are true about VLAN traffic? (Choose two)

A VLANs 1-5 will be blocked if fa0/10 goes down.

B VLANs 6-10 have a port priority of 128 on fa0/10.
C VLANs 6-10 will use fa0/10 as a backup only.
D VLANs 1-10 are configured to load share between fa0/10 and fa0/12.
Answer: C D
Explanation:
Lets assume that SA is the root bridge for all VLANs, it will make the explanation a bit clearer
First we should understand what will happen if nothing is configured (use default values). Because we assumed that SA is the
root bridge so all of its ports will forward. SB will need to block one of its ports to avoid a bridging loop between the two
switches. But how does SB select its blocked port? Well, the answer is based on the BPDUs it receives from SA. A BPDU is
superior than another if it has:

1. A lower Root Bridge ID

2. A lower path cost to the Root
3. A lower Sending Bridge ID
4. A lower Sending Port ID
These four parameters are examined in order. In this specific case, all the BPDUs sent by SA have the same Root Bridge ID,
the same path cost to the Root and the same Sending Bridge ID. The only parameter left to select the best one is the Sending
Port ID (Port ID = port priority + port index). If using default values, the default port prioritys value is 32 or 128 (128 is much
more popular today but 32 is also a default port prioritys value), so SB will compare port index values, which are unique to
each port on the switch, and because Fa0/12 is inferior to Fa0/10, SB will select the port connected with Fa0/10 (of SA) as its
root port and block the other port.

To change the default decision of selecting root port, we can change the port priority of each interface. The above picture is
true for VLAN 1-5 because port Fa0/10 has a lower port-priority so the peer port will be chosen as the root port. For VLAN 610, port Fa0/12 has higher priority ID (lower port priority value) so SB will block its upper port.
For answer A VLANs 1-5 will be blocked if fa0/10 goes down is not correct because if Fa0/10 goes down, SB will unblock
its lower port therefore VLANs 1-5 will still operate.
For answer B VLANs 6-10 have a port priority of 128 on fa0/10 is not always correct because VLAN 6-10 can have a
different port priority (of 32) according to the Ciscos link below.
Answer C is correct because VLAN 6-10 uses Fa0/12 link as it main path. Fa0/10 is the backup path and is only opened when
port Fa0/12 fails.
Answer D is correct because this configuration provide load-balance traffic based on VLAN basis. VLANs 1-5 use Fa0/10 and
VLANs 6-10 use Fa0/12 as their main paths.
Note: We can not assure the answer B is always correct so we should choose C and D if the question asks us to give only 2
choices).
306. You administer the network shown above. You issue the show interfaces trunk command on SwitchA and
receive the following output:

Which of the following statements is true regarding VLAN 32?

A. VLAN 32 is not allowed on the trunk port.
B. VLAN 32 is not active on the switch.
C. Traffic from VLAN 32 is not being sent over the trunk port.
D. Traffic from VLAN 32 is not restricted to only the trunk ports that require it.
Answer: C
Explanation
In the Vlans in spanning tree forwarding state and not pruned VLAN 32 is not listed so we can conclude it is not in
forwarding state or it is pruned. But with the above topology STP cannot block any port so we can deduce it is pruned.
307. Refer to the exhibit.

The link between switch SW1 and switch SW2 is configured as a trunk, but the trunk failed to establish connectivity between
the switches. Based on the configurations and the error messages received on the console of SW1, what is the cause of the
problem?
A. The two ends of the trunk have different duplex settings.
B. The two ends of the trunk have different EtherChannel configurations.
C. The two ends of the trunk have different native VLAN configurations.
D. The two ends of the trunk allow different VLANs on the trunk.
Answer: C
Explanation
As you can see in the configuration of two switches, the native VLAN on SW1 is set to 1 while the native VLAN on SW2 is set
to 2. This will cause a native VLAN mismatch error and it looks like this:
#CDP-4-NATIVE VLAN_MISMATCH: Native VLAN mismatch discovered on Fa0/1
Remember the native VLAN must match on both sides of the trunk link for 802.1Q; otherwise the link will not work. Also,
Spanning Tree Protocol (STP) will place the port in a port VLAN ID (PVID) inconsistent state and will not forward on the link.
308. Given the configurations on SwitchA and SwitchB, which two statements are true? (Choose two)

A. The trunk is currently using the ISL trunking protocol

B. The trunk is currently using the 802.1q trunking protocol
C. By default, the trunk can only support one VLAN, and only that single VLAN is transmitted across the trunk
D. By default all VLANs will be transmitted across this trunk
E. By default, SwitchA and SwitchBs FastEthernet 0/1 port will not generate DTP messages
Answer: B D
Explanation
The command switchport trunk encapsulation dot1q sets the trunking encapsulation format to IEEE 802.1Q-> B is correct.
By default all VLANs are allowed to transmitted across the trunk -> D is correct.
Note: The switchport mode trunk command enables trunking on the interface.
309. Given the configurations on SwitchA and SwitchB, which statement is true?

A. The link is set to auto-negotiate trunking, and it will automatically become a trunk link unless configured otherwise
B. The link is a trunking link and by default all VLANs will be transmitted across this link
C. The link is prevented from generating DTP frames, turning the Negotiation of Trunking off
D. The link is not a trunk link so both interfaces must be on the same VLAN and only that single VLAN is transmitted across
the link

Answer: D
310. Study the diagram below carefully, which three statements are true? (Choose three)

A DTP packets are sent from Switch SB.

B DTP is not running on Switch SA.
C A trunk link will be formed.
D The native VLAN for Switch SB is VLAN 1.
Answer: A C D
Explanation:
Dynamic Trunking Protocol (DTP) is the Cisco-proprietary that actively attempts to negotiate a trunk link between two
switches. If an interface is set to switchport mode dynamic desirable, it will actively attempt to convert the link into trunking
mode. If the peer port is configured as switchport mode trunk, dynamic desirable, or dynamic auto mode, trunking is
negotiated successfully -> C is correct.
SB is in dynamic desirable mode so it will send DTP packets to SA to negotiate a trunk link -> A is correct.
On an 802.1Q trunk, DTP packets are sent on the native VLAN. By default, it is VLAN 1 (notice that SAs native VLAN is 5) -> D
is correct.
(Note: an 802.1Q trunks native VLAN is the only VLAN that has untagged frames)
Below is the switchport modes for easy reference:
Mode Function
Dynamic Auto
Creates the trunk based on the DTP request from the neighboring switch.
Dynamic Desirable Communicates to the neighboring switch via DTP that the interface would like to become a trunk if the
neighboring switch interface is able to become a trunk.
Trunk Automatically enables trunking regardless of the state of the neighboring switch and regardless of any DTP requests
sent from the neighboring switch.
Access
Trunking is not allowed on this port regardless of the state of the neighboring switch interface and regardless of
any DTP requests sent from the neighboring switch.
Nonegotiate Prevents the interface from generating DTP frames. This command can be used only when the interface
switchport mode is access or trunk. You must manually configure the neighboring interface as a trunk interface to establish a
trunk link.
311. When is a BGP route invalid
The next-hop must be accessible and reachable for a path to a BGP network to be valid.
312. What exactly is a control plane ?
Other control plane protocols (BGP, OSPF, LDP, LACP, BFD ...) are more clear-cut they run between individual network
devices (usually adjacent, but theres also targeted LDP and multihop BGP) and could be (at least in theory) made to run
across a separate control plane network (or VRF).
Control plane protocols usually run over data plane interfaces to ensure shared fate if the packet forwarding fails, the
control plane protocol fails as well but there are scenarios (example: optical gear) where the data plane interfaces cannot
process packets, forcing you to run control plane protocols across a separate set of interfaces.
Typical control plane protocols arent data-driven: BGP, LACP or BFD packet is never sent as a direct response to a data plane
packet.
ICMP is different: some ICMP packets are sent as replies to other ICMP packets, others are triggered by data plane packets
(ICMP unreachables and ICMPv6 neighbor discovery).
Trying to classify protocols based on where theyre run is also misleading. Its true that the networking device CPU almost
always generates ICMP requests and responses (it doesnt make sense to spend silicon real estate to generate ICMP
responses). In some cases, ICMP packets might be generated in the slow path, but thats just how a particular network
operating system works. Lets ignore those dirty details for the moment; just because a devices CPU touches a packet
doesnt make that packet a control plane packet.
Vendor terminology doesnt help us either. Most vendors talk about Control Plane Policing or Protection, equating control
plane with the device CPU these mechanisms usually apply to control plane protocols as well as data plane packets punted
from ASICs to the CPU.
Even IETF terminology isnt exactly helpful while C in ICMP does stand for Control, it doesnt necessarily imply control plane
involvement. ICMP is simply a protocol that passes control messages (as opposed to user data) between IP devices.

313. Study the exhibit carefully. Both host stations are part of the same subnet but are in different VLANs. On
the basis of the information presented in the exhibit, which statement is true about an attempt to ping from
host to host?

A Layer 3 device is needed for the ping command to be successful.

B A trunk port will need to be configured on the link between SA and SB for the ping command to be successful.
C The two different hosts will need to be in the same VLAN in order for the ping command to be successful.
D The ping command will be successful without any further configuration changes.
Answer: D
Explanation:
For two hosts in different VLANs, we must use a layer 3 device to transport packages between them. However, in this case
both switches are set in access mode therefore the VLAN information sent between them will be set as untagged.
Moreover, they are in the same subnet so they can ping each other without a layer 3 device.
314. Based on the following exhibit, which problem is preventing users on VLAN 100 from pinging addresses on
VLAN 200?

A Native VLAN mismatch.

B Subinterfaces should be created on Fa0/7 and Fa0/8 on DLS1.
C Trunking needs to be enabled.
D The ip routing command is missing on DLS1.
Answer: D
Explanation:

To allow communication between two VLANs, we need to enables Layer 3 routing on the switch with the ip routing
command. Some flatforms are enabled by default but some are not.
315. Based on the network diagram and routing table output in the exhibit, which one of these statements is
true?

A InterVLAN routing has been configured properly, and the workstations have connectivity to each other.
B InterVLAN routing will not occur since no routing protocol has been configured.
C Although interVLAN routing is not enabled, both workstations will have connectivity to each other.
D Although interVLAN routing is enabled, the workstations will not have connectivity to each other.
E None of the above.
Answer: A
Explanation:
In the output we can see both VLAN10 and VLAN20 are shown up (as networks 10.1.1.0 and 10.2.2.0) so the routing has been
configured properly. Notice that the C letter indicates that these networks are directly connected with the router.
316. Study the following exhibit carefully, what is the reason that users from VLAN 100 cant ping users on
VLAN 200?

A IP routing needs to be enabled on the switch

B Trunking needs to be enabled on Fa0/1

C VLAN 1 needs the no shutdown command

D The native VLAN is wrong
Answer: B
Explanation:
The Fa0/1 interface on the switch is not configured with trunking mode. It needs to be configured as shown below:
SA(config)#interface Fa0/1
SA(config-if)#switchport mode trunk
SA(config-if)#switchport trunk encapsulation dot1q
317. Refer to the exhibit.

Host A and Host B are connected to the Cisco Catalyst 3550 switch and have been assigned to their respective VLANs. The
rest of the 3550 configuration is the default configuration. Host A is able to ping its default gateway, 10.10.10.1, but is unable
to ping Host B. Given the output in the exhibit, which statement is true?
A. HSRP must be configured on SW1.
B. A separate router is needed to support inter-VLAN routing.
C. Interface VLAN 10 must be configured on the SW1 switch.
D. The global configuration command ip routing must be configured on the SW1 switch.
E. VLANs 10 and 15 must be created in the VLAN database mode.
F. VTP must be configured to support inter-VLAN routing.
Answer: D
Explanation
To enable routing on a Layer 3 switch first we have to use the ip routing command. From the output of show vlan brief
command above, we learn that ports connected to hosts have been configured as access ports and assigned to VLAN 10 &
15. The missing thing here is only the ip routing command. Below lists the full configuration so that these two hosts can
communicate.
ip routing
!
interface FastEthernet0/10
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/15
switchport access vlan 15
switchport mode access
!
interface Vlan10
ip address 10.10.10.1 255.255.255.0
!
interface Vlan15
ip address 10.15.15.1 255.255.255.0
318. Which two steps are necessary to configure inter-VLAN routing between multilayer switches? (Choose two)
A. Configure a dynamic routing protocol.
B. Configure SVI interfaces with IP addresses and subnet masks.
C. Configure access ports with network addresses.
D Configure switch ports with the autostate exclude command.
E. Document the MAC addresses of the switch ports.
Answer: A B

Explanation
A multilayer switch can use a switched virtual interface (SVI) to provide inter-VLAN routing rather than use an external router.
Below is a simple example of using SVIs to configure inter-VLAN routing on a Layer 3 switch.

ip routing
!
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
interface Vlan10
ip address 192.168.10.1 255.255.255.0
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
(In fact we need to configure two more interfaces so that all hosts can communicate)
Also, the above configuration is only for a single multilayer switch. If we enable interVLAN-routing between two multilayer
switches, a routing protocol needs to be used.
319. Refer to the exhibit

For the configuration shown, which is the recommended method of providing inter VLAN routing?
A. Determine which switch is the root bridge then connect a router on a stick to it
B. Configure SVIs on the core switches
C. Configure SVIs on the distribution switches
D. Configure SVIs on the access layer switches
Answer: C
Explanation
We can configure SVIs on Multilayer switches to use as the default gateways or Layer 3 routing for the devices connected to
SA1 & SA2.
320. Refer to the exhibit. Initially, LinkA is connected and forwarding traffic. A new LinkB is then attached
between SwitchA and HubA. Which two statements are true about the possible result of attaching the second
link? (Choose two)

A. The switch port attached to LinkB will not transition to up.

B. One of the two switch ports attached to the hub will go into blocking mode when a BPDU is received.
C. Both switch ports attached to the hub will transition to the blocking state.
D. A heavy traffic load could cause BPDU transmissions to be blocked and leave a switching loop.
E. The switch port attached to LinkA will immediately transition to the blocking state.
Answer: B D
Explanation
we know that there will have only one Designated port for each segment (notice that the two ports of SwitchA are on the
same segment as they are connected to a hub). The other port will be in Blocking state. But how does SwitchA select its
Designated and Blocking port? The decision process involves the following parameters inside the BPDU:
* Lowest path cost to the Root
* Lowest Sender Bridge ID (BID)
* Lowest Port ID
In this case, both interfaces of SwitchA have the same path cost to the root and sender bridge ID so the third parameter
lowest port ID will be used. Suppose two interfaces of SwitchA are fa0/1 & fa0/2 then SwitchA will select fa0/1 as its
Designated port (because fa0/1 is inferior to fa0/2) -> B is correct.
Suppose the port on LinkA (named portA) is in forwarding state and the port on LinkB (named portB) is in blocking state. In
blocking state, port B still listens to the BPDUs. If the traffic passing through LinkA is too heavy and the BPDUs can not reach
portB, portB will move to listening state (after 20 seconds for STP) then learning state (after 15 seconds) and forwarding state
(after 15 seconds). At this time, both portA & portB are in forwarding state so a switching loop will occur -> D is correct.
321. Refer to the exhibit. Switch S1 is running mst IEEE 802.1s. Switch S2 contains the default configuration
running IEEE 802.1D. Switch S3 has had the command spanning-tree mode rapid-pvst running IEEE 802.1w.
What will be the result?

A. IEEE 802.1D and IEEE 802.1w are incompatible. All three switches must use the same standard or no traffic will pass
between any of the switches.
B. Switches S1, S2, and S3 will be able to pass traffic between themselves.
C. Switches S1, S2, and S3 will be able to pass traffic between themselves. However, if there is a topology change, Switch S2
will not receive notification of the change.
D. Switches S1 and S3 will be able to exchange traffic but neither will be able to exchange traffic with Switch S2
Answer: B
Explanation
A switch running both MSTP and RSTP supports a built-in protocol migration mechanism that enables it to interoperate with
legacy 802.1D switches. If this switch receives a legacy 802.1D configuration BPDU (a BPDU with the protocol version set to
0), it sends only 802.1D BPDUs on that port. An MST switch can also detect that a port is at the boundary of a region when it
receives a legacy BPDU, an MST BPDU (version 3) associated with a different region, or an RST BPDU (version 2).
However, the switch does not automatically revert to the MSTP mode if it no longer receives 802.1D BPDUs because it cannot
determine whether the legacy switch has been removed from the link unless the legacy switch is the designated switch
322. Refer to the exhibit. Switch 15 is configured as the root switch for VLAN 10 but not for VLAN 20. If the STP
configuration is correct, what will be true about Switch 15?

A. All ports will be in forwarding mode.

B. All ports in VLAN 10 will be in forwarding mode.
C. All ports in VLAN 10 will be in forwarding mode and all ports in VLAN 20 will be in blocking mode.

D. All ports in VLAN 10 will be in forwarding mode and all ports in VLAN 20 will be in standby mode.
Answer: B
Explanation
All ports on root bridge are designated ports, which are in forwarding state but notice in this case Switch 15 is the root switch
for VLAN 10 -> all ports in VLAN 10 will be in forwarding state. We can not say anything about the modes of ports of Switch
15 in other VLANs.
323. Refer to the exhibit. STP has been implemented in the network. Switch SW_A is the root switch for the
default VLAN. To reduce the broadcast domain, the network administrator decides to split users on the network
into VLAN 2 and VLAN 10. The administrator issues the command spanning-tree vlan 2 root primary on switch
SW_A. What will happen as a result of this change?

A. All ports of the root switch SW_A will remain in forwarding mode throughout the reconvergence of the spanning tree
domain.
B. Switch SW_A will change its spanning tree priority to become root for VLAN 2 only.
C. Switch SW_A will remain root for the default VLAN and will become root for VLAN 2.
D. No other switch in the network will be able to become root as long as switch SW_A is up and running.
Answer: C
Explanation
This command sets the switch to become root for a given VLAN. It works by lowering the priority of the switch until it
becomes root. Once the switch is root, it will not prevent any other switch from becoming root. In particular, if the current
root bridge is greater than 24576 then our switch will drop to 24576. If the current root bridge is less than 24576, our new
bridge priority will be (Priority value of the current root bridge 4096).
This command does not affect other VLAN so SW_A will remain root for the default VLAN -> C is correct.
Note: This command is not shown in a Catalyst switch configuration because the command is actually a macro executing
other switch commands.
324. Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on both
switch S2 and S5. The global configuration command spanning-tree uplinkfast has been configured on both
switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able to reach Host B?

A. Fifty percent of the traffic will successfully reach Host B, and fifty percent will dead-end at switch S3 because of a partial
spanning-tree loop.
B. No. Traffic will pass from switch S6 to S2 and dead-end at S2.
C. No. Traffic will loop back and forth between switch S6 and Host A.
D. No. Traffic will loop back and forth between switches S2 and S3.
E. Yes. Traffic will pass from switch S6 to S2 to S1.
Answer: E
Explanation
First we should understand about UpLinkFast.

Suppose S1 is the root bridge in the topology above. S3 is connected to S1 via two paths: one direct path and another goes
through S2. Suppose the port directly connected to S1 is root port -> port connected to S2 will be in Blocking state. If the
primary link goes down, the blocked port will need about 50 seconds to move from Blocking -> Listening -> Learning ->
Forwarding to be used.
To shorten the downtime, a feature called Uplink Fast can be used. When the primary (root) link fails, another blocked link can
be brought up immediately for use. When UplinkFast is enabled, it is enabled for the entire switch and all VLANs. It cannot be
enabled for individual VLANs.
In this question, the Root Guard feature has been enabled on Gi0/0 of S2 & S5 so these two Gi0/0 ports cannot be root ports
and cannot forward traffic -> the link between S2 & S6 must be used.
Note: The idea of Uplink Fast is based on blocked ports which are possible to become a root port. Therefore the Uplink Fast
feature is not allowed on the root bridge -> S2 & S5 cannot be root bridges in this case.
325. Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on both
switch S2 and S5. The global configuration command spanning-tree uplinkfast has been configured on both
switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able to reach Host B?

A. Yes. Traffic can pass either from switch S6 to S3 to S2 to S1, or, from switch S6 to S5 to S2 to S1.
B. No. Traffic will pass from switch S6 to S5 and dead-end at interface Gi0/0.
C. No. Traffic will loop back and forth between switch S5 and S2.
D. Yes. Traffic will pass from switch S6 to S3 to S2 to S1.
E. No. Traffic will either pass from switch S6 to S5 and dead-end, or traffic will pass from switch S6 to S3 to S2 and dead-end.
Answer: D
Explanation
Same explanation as Question 6. When the link between S4 S5 goes down, Gi0/0 on S5 cannot become root port because of
Root Guard feature on it. But maybe Host A cant reach host B in the first 15 seconds after the link between S4 & S5 fails by
default. It is the time for S5 to clear the MAC address table (please read the explanation of Question 5 for more detail).
326. Given the diagram and assuming that STP is enabled on all switch devices, which two statements are true?
(Choose two)

A. DSW11 will be elected the root bridge.

B. DSW12 will be elected the root bridge.

C. ASW13 will be elected the root bridge.

D. P3/1 will be elected the nondesignated port.
E. P2/2 will be elected the nondesignated port.
F. P3/2 will be elected the nondesignated port.
Answer: A D
Explanation
If all the switches are turned on at the same time, DSW11 will win the election and become Root Bridge because it has lowest
Bridge ID (including Bridge Priority and MAC address) so all of its ports are Designated Port (forwarding state).
Also P2/1, P3/2 and P4/1 become Root Ports because they are closest to the Root Bridge (in terms of path cost) for each
switch.
P3/1 will be Nondesignated (Blocked) Port because P1/2 must be a Designated Port (of course P1/2 advertises better BPDU, in
other words better Bridge ID, than P3/1).

327. Refer to the exhibit. The service provider wants to ensure that switch S1 is the root switch for its own
network and the network of the customer. On which interfaces should root guard be configured to ensure that
this happens?

A. interfaces 1 and 2
B. interfaces 1,2,3, and 4
C. interfaces 1, 3, 5, and 6
D. interfaces 5 and 6
E. interfaces 5, 6, 7, and 8
F. interfaces 11 and 12
Answer: D
Explanation
Lets see what will happen if we set port 5 & 6 as root guard ports:
First, notice that the root guard command cannot be used on root switch (because this command is based on blocked port
while a root switch cant have a blocked port -> two middle switches cannot become root bridges.
Moreover, the neighbor switch which has its port connected with this root guard port cant be the root bridge. For example
if we configure port 6 as root guard port, the left-bottom switch (the switch with ports 3, 4) cant be root bridge because
that will make port 6 root port. Therefore by configuring port 5 & 6 as root guard ports, two switches in the Customer
network cannot become root bridge.
328. A port in a redundant topology is currently in the blocking state and is not receiving BPDUs. To ensure that
this port does not erroneously transition to the forwarding state, which command should be configured to
satisfy the requirement?
A. Switch(config)#spanning-tree loopguard default
B. Switch(config-if)#spanning-tree bpdufilter
C. Switch(config)#udld aggressive
D. Switch(config-if)#spanning-tree bpduguard
Answer: A
Explanation
Loop guard prevents alternate or root ports from becoming the designated port due to a failure that could lead to a
unidirectional link. An example is shown below:

Suppose S1 is the root bridge. S3s port connected with S2 is currently blocked. Because of unidirectional link failure on the
link
between S2 and S3, S3 is not receiving BPDUs from S2.
Without loop guard, the blocking port on S3 will transition to listening (upon max age timer expiration) -> learning ->
forwarding state which create a loop.n
With loop guard enabled, the blocking port on S3 will transition into the STP loop-inconsistent state upon expiration of the
max age timer. Because a port in the STP loop-inconsistent state will not pass user traffic, no loop is created. The loopinconsistent state is effectively equal to the blocking state.
To enable loop guard globally use the command spanning-tree loopguard default.
329.

All links in this network are layer 2, fast Ethernet 100 Mb/s and operating as trunks. After a failure, the link
between ASW-1 and DSW-1 has incorrectly come back up at 10 Mb/s although it is connected.
Which one of the following will occur as a result of this failure?
A. There will be no change to the forwarding path to traffic from ASW-1
B. ASW1 will block Fa0/24 in order to maintain the shortest path to the root bridge DSW-1
C. ASW-1 will block Fa0/23 in order to maintain the shortest path to the root bridge DSW-1
D. ASW-1 will elect DSW-2 as the root primary since it is close than DSW-1
Answer: C
Explanation
The picture below shows the port roles of all ports when the topology is converged after the failure.

RP: Root Port

BP: Blocked Port
DP: Designated Port
330. Regarding the exhibit and the partial configuration of switch SA and SB. STP is configured on all switches
in the network. SB receives this error message on the console port:
00:06:34: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/5 (not half duplex), with SA
FastEthernet0/4 (half duplex), with TBA05071417(Cat6K-B) 0/4 (half duplex).
What would be the possible outcome of the problem?

A The root port on switch SB will fall back to full-duplex mode.

B The interfaces between switches SA and SB will transition to a blocking state.
C The root port on switch SA will automatically transition to full-duplex mode.
D Interface Fa0/6 on switch SB will transit to a forwarding state and create a bridging loop.
Answer: D
Explanation:
From the output, we learned that the interfaces on two switches are operating in different duplex modes: Fa0/4 of SA in halfduplex mode & Fa0/5 of SB in full-duplex mode. In this case, because SB is operating in full duplex mode, it does not check
the carrier sense before sending frames (CSMA/CD is not used in full-duplex mode). Therefore, SB can start to send frames
even if SA is using the link and a collision will occur. The result of this is SA will wait a random time before attempting to
transmit another frame. If B sends enough frames to A to make every frame sent from A (which includes the BPDUs) get
dropped then SB can think it has lost root bridge (B does not receive BPDUs from A anymore). Therefore SB will unblock its
Fa0/6 interface for transmitting and cause a bridging loop.
332. Refer to the exhibit. LACP has been configured on Switch1 as shown. Which is the correct command set to
configure LACP on Switch2?

A.
Switch2# configure terminal
Switch2(config)# interface range gigabitethernet3/1 -2
Switch2(config-if)# channel-group 5 mode auto
B.
Switch2# configure terminal
Switch2(config)# interface range gigabitethemet3/1 -2
Switch2(config-if)# channel-group 5 mode passive
C.
Switch2# configure terminal
Switch2(config)# interface range gigabitethernet3/1 -2
Switch2(config-if)# channel-group 5 mode desirable
D.
Switch2# configure terminal
Switch2(config)# interface range gigabitethernet3/1 -2
Switch2(config-if)# channel-group 5 mode on
Answer: B
Explanation
LACP trunking supports four modes of operation, as follows:
* On: The link aggregation is forced to be formed without any LACP negotiation. In other words, the switch will neither send
the LACP packet nor process any incoming LACP packet. This is similar to the on state for PAgP.

* Off: The link aggregation will not be formed. We do not send or understand the LACP packet. This is similar to the off state
for PAgP.
* Passive: The switch does not initiate the channel, but does understand incoming LACP packets. The peer (in active state)
initiates negotiation (by sending out an LACP packet) which we receive and reply to, eventually forming the aggregation
channel with the peer. This is similar to the auto mode in PAgP.
* Active: We are willing to form an aggregate link, and initiate the negotiation. The link aggregate will be formed if the other
end is running in LACP active or passive mode. This is similar to the desirable mode of PAgP.
LACP does not have auto & desirable modes so A & C are not correct.
Also there are only three valid combinations to run the LACP link aggregate, as follows:
Switch
Switch
Description
active active Recommended
active passive
Link aggregation occurs if negotiation is successful.
on
on
Link aggregation occurs without LACP. Although this works, it is not recommended.
Therefore if Switch1 is set active mode, we cannot set on mode on Switch2 -> D is not correct.
Only answer B is suitable in this case.
(Reference: http://www.cisco.com/en/US/tech/tk389/tk213/technologies_configuration_example09186a0080094470.shtml)
An example of configuring Layer 2 EtherChannel using LACP (applied these commands to both switches):
SW(config)#interface range f0/1 2
SW(config-if-range)#channel-group 1 mode active
333. Refer to the exhibit. The command switchport mode access is issued on interface FastEthernet0/13 on
switch CAT1. What will be the result?

A. The command will be rejected by the switch.

B. Interfaces FastEthernet0/13 and FastEthemet0/14 will no longer be bundled.
C. Dynamic Trunking Protocol will be turned off on interfaces FastEthernet0/13 and FastEthemet0/14.
D. Interfaces FastEthernet0/13 and FastEthernet0/14 will only allow traffic from the native VLAN.
E. Interfaces FastEthernet0/13 and FastEthernet0/14 will continue to pass traffic for VLANs 88,100,360.
Answer: B
Explanation
The default channel protocol in Cisco switches is Port Aggregation Protocol (PAgP). PAgP groups the interfaces with the same
speed, duplex mode, native VLAN, VLAN range, and trunking status and type. After grouping the links into an EtherChannel,
PAgP adds the group to the spanning tree as a single switch port.
An interface in the on mode that is added to a port channel is forced to have the same characteristics as the already existing
on mode interfaces in the channel (applied for both PAgP & LACP). So if we configure switchport mode access on Fa0/13,
this interface will no longer be bundled with Fa0/14.
334. What is the result of entering the command port-channel load-balance src-dst-ip on an EtherChannel
link?
A. Packets are distributed across the ports in the channel based on both the source and destination MAC addresses.
B. Packets are distributed across the ports in the channel based on both the source and destination IP addresses.
C. Packets are balanced across the ports in the channel based first on the source MAC address, then on the destination MAC
address, then on the IP address.
D. Packets are distributed across the access ports in the channel based first on the source IP address and then the destination
IP addresses.
Answer: B

Explanation
The syntax of configuring load balancing on a Cisco switch is:
Switch(config)# port-channel load-balance method
Many methods can be used here. By default, the src-dst-ip (source and destination IP address) method is used for Layer 3
switching. Lets take an example to understand more about this method.

In the topology above, Switch1 uses the src-dst-ip method to load balancing traffic to Switch2. With this method, only one
link is used for a specific pair of source & destination IP address and the switch uses the XOR function to generate the hash
that is used to determine which interface to use. Suppose the packets have the source IP of 1.1.1.1 & destination IP of
1.1.1.2. Write them in binary we get:
1.1.1.1 = 0000 0001.0000 0001.0000 0001.0000 0001
1.1.1.2 = 0000 0001.0000 0001.0000 0001.0000 0010
In this case we have only 2 interfaces in this channel group so the XOR function only gets the last bit, which means 1 XOR 0 =
1. Each interface is assigned an index that starts from 0 so Fa0/2 will be indexed 1 -> traffic will be sent over Fa0/2.
If we have 4 interfaces in a channel group then XOR function gets last 2 bits. If we have 8 interfaces, it gets 3 bits and so on.
For example, with 8 interfaces the result will be 3 (because 001 XOR 010 = 011) -> Fa0/4 will be used.
Note: If the two address values have the same bit value, the XOR result is always 0. If the two address bits differ, the XOR
result is always 1. For example, 0 XOR 0 = 0; 0 XOR 1 = 1; 1 XOR 0 = 1; 1 XOR 1 = 0.
In conclusion, the port-channel load-balance src-dst-ip command uses a pair of source & destination IP address to select the
port to send traffic to -> B is correct.
335. Which statement is true regarding the Port Aggregation Protocol?
A. Configuration changes made on the port-channel interface apply to all physical ports assigned to the portchannel interface.
B. Configuration changes made on a physical port that is a member of a port-channel interface apply to the port-channel
interface.
C. Configuration changes are not permitted with Port Aggregation Protocol; instead, the standardized Link Aggregation
Control Protocol should be used if configuration changes are required.
D. The physical port must first be disassociated from the port-channel interface before any configuration changes can be
made.
Answer: A
Explanation
The port-channel interface represents for the whole bundle and all the configurations on this interface are applied to all
physical ports that are assigned to this logical interface.
Note: We must manually create port-channel logical interface when configuring Layer 3 EtherChannels. The port-channel
logical interface is automatically created when configuring Layer 2 EtherChannels (you cant put Layer 2 ports into a
manually created port channel interface).
An example of configuring Layer 3 EtherChannels with port-channel interfaces:

Switch1(config)# interface port-channel 1

Switch1(config-if)# no switchport
Switch1(config-if)# ip address 192.168.1.1 255.255.255.0
Switch1(config-if)# exit
Switch1(config)# interface range fastethernet0/1 -2
Switch1(config-if-range)# no switchport
Switch1(config-if-range)# no ip address
Switch1(config-if-range)# channel-group 1 mode desirable
Switch2(config)# interface port-channel 1
Switch2(config-if)# no switchport
Switch2(config-if)# ip address 192.168.1.2 255.255.255.0
Switch2(config-if)# exit
Switch2(config)# interface range fastethernet0/1 -2
Switch2(config-if-range)# no switchport
Switch2(config-if-range)# no ip address
Switch2(config-if-range)# channel-group 1 mode auto
Note: The no switchport command is required to change interface from layer2 to layer3 mode.
336. What is a native VLAN?

A: A native VLAN is an untagged VLAN on an 802.1q trunked switch port. If a switch receives untagged frames on a trunk
port, they are assumed to be part of the VLAN that are designated on the same switch port as the native VLAN. Frames that
pass through a switch port on the native VLAN are not tagged.
337. What is EtherChannel and is it possible to achieve load balancing using EtherChannels?
A: EtherChannel is a LAN port aggregation technology which allows grouping of several physical Ethernet links to create one
logical Ethernet link for the purpose of providing fault-tolerance and high-speed links between switches, routers and servers.
Yes, EtherChannel supports load balancing on the basis of predefined hash algorithms but you cannot control the port that a
particular flow uses.
The hash algorithm cannot be configured or changed to load balance the traffic among the ports in an EtherChannel.
Main hash algorithms are src_ip_addr | dest_ip_addr | src_mac_addr | dest_mac_addr | src_port | dest_port} [dest_ip_addr |
dest_mac_addr | dest_port.
338. What does non transitive attribute in BGP means?
Weight is not a transitive attribute which means that it cant influence the routing decision of the other routers. Same is the
case for Local preference.
339. Use of access-list and route-map in BGP?
The access-list will classify what prefix we want to manipulate and the route-map will tell what actions we want to do with
that prefix.
340. Use of MED
MED (multi-exit Discriminator) is a BGP attribute that is used to influence the other AS on how to reach the prefixes inside
your own AS. The lower the MED, the higher the preference
341. Explain BGP attributes.
A quick copy-and-paste summary on BGP attribute categorization.
WELL-KNOWN, MANDATORY
AS-path: A list of the Autonomous Systems (AS) numbers that a route passes through to reach the destination. As the update
passes through an AS the AS number is inserted at the beginning of the list. The AS-path attribute has a reverse-order list of
AS passed through to get to the destination.
Next-hop: The next-hop address that is used to reach the destination.
Origin: Indicates how BGP learned a particular route. There are three possible types -- IGP (route is internal to the AS), EGP
(learned via EBGP), or Incomplete (origin unknown or learned in a different way).
WELL-KNOWN, DISCRETIONARY
Local Preference: Defines the preferred exit point from the local AS for a specific route.
Atomic Aggregate: Set if a router advertises an aggregate causes path attribute information to be lost.
OPTIONAL, TRANSITIVE
Aggregator: Specifies the router ID and AS of the router that originated an aggregate prefix. Used in conjunction with the
atomic aggregate attribute.
Community: Used to group routes that share common properties so that policies can be applied at the group level.
OPTIONAL, NON-TRANSITIVE
Multi-exit-discriminator (MED): Indicates the preferred path into an AS to external neighbors when multiple paths exist.
A list of path attributes is contained in BGP update messages. The attribute is variable length and consists of three fields:
Attribute type consisting of a 1-byte attribute flags field and a 1-byte attribute code field, Attribute length field that is 1 or 2
bytes, and a variable length attribute value field. The attribute type codes used by Cisco are: 1-origin, 2-AS-path, 3-Next-hop,
4-MED, 5-Local preference, 6-Atomic aggregate, 7-aggregator, 8-community, 9-originator-ID, and 10-cluster list.
342. What is the command to compare start-up and running config in router.
There is a easy way though to compare the configs and the command is "show archive config differences" for the router to
compare the start-up and the running-config.
343. How many BGP processes can you run in a Cisco router?
You can run multiple bgp processes in single router based on router performance.
344. Into which of the BGP neighbor states must a neighbor stabilize before BGP Update messages may be
sent?
Established state
345. what is best way to remember BGP best path selection.

W
L
O
AS
O
M
P
R

We Love Oranges AS Oranges Mean Pure

Refreshment
Weight (Highest)
LOCAL_PREF (Highest)
Originate (local) routes that are advertise
through the "network" command or redistributed
from an IGP.
AS_PATH (shortest)
ORIGIN Code (IGP > EGP > Incomplete)
MED (lowest)
Paths (External > Internal)
RID (lowest)

346. Refer the exhibit

All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP
link metrics. Which two ports are in blocking state after STP converges? (Choose two)
A. the port on switch SWD that connects to switch SWE
B. the port on switch SWF that connects to switch SWG
C. the port on switch SWD that connects to switch SWC
D. the port on switch SWB that connects to switch SWD
Answer: C D
347. Refer the exhibit

All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers
shown are STP link metrics. Which two ports are forwarding traffic after STP converges? (Choose two)
A. The port connecting switch SWD with switch SWE
B. The port connecting switch SWG with switch SWF
C. The port connecting switch SWC with switch SWE
D. The port connecting switch SWB with switch SWC
Answer: C D
348. Refer to the exhibit.
router ospf 100
router-id 4.4.4.4
area 110 nssa
summary-address 192.168.0.0 255.255.0.0 nssa-only
redistribute static metric-type 1 subnets tag 704

network 110.110.0.0 0.0.255.255 area 110

This is the configuration of the ASBR of area 110. Which option explains why the remote ABR should not translate the type 7
LSA for the prefix 192.168.0.0/16 into a type 5 LSA?
A. The remote ABR translates all type 7 LSA into type 5 LSA, regardless of any option configured in the ASBR.
B. The ASBR sets the forwarding address to 0.0.0.0 which instructs the ABR not to translate the LSA into a type 5 LSA.
C. The ASBR originates a type 7 LSA with age equal to MAXAGE 3600.
D. The ABR clears the P bit in the header of the type 7 LSA for 192.168.0.0/16.
Answer: D
Explanation
When external routing information is imported into an NSSA, LSA Type 7 is generated by the ASBR and it is flooded within that
area only. To further distribute the external information, type 7 LSA is translated into type 5 LSA at the NSSA border. The P-bit
in LSA Type 7 field indicates whether the type 7 LSA should be translated. This P-bit is automatically set by the NSSA ABR
(also the Forwarding Address (FA) is copied from Type 7 LSA). The P-bit is not set only when the NSSA ASBR and NSSA ABR are
the same router for the area . If bit P = 0, then the NSSA ABR must not translate this LSA into Type 5.

The nssa-only keyword instructs the device to instigate Type-7 LSA with cleared P-bit, thereby, preventing LSA translation to
Type 5 on NSSA ABR device.
Note: If a router is attached to another AS and is also an NSSA ABR, it may originate a both a type-5 and a type-7 LSA for the
same network. The type-5 LSA will be flooded to the backbone and the type-7 will be flooded into the NSSA. If this is the case,
the P-bit must be reset (P=0) in the type-7 LSA so the type-7 LSA isnt again translated into a type-5 LSA by another NSSA
ABR.
349. Which statement about a type 4 LSA in OSPF is true?
A. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ASBR.
B. It is an LSA that is originated by an ASBR, that is flooded throughout the AS, and that describes a route to the ASBR.
C. It is an LSA that is originated by an ASBR, that is flooded throughout the area, and that describes a route to the ASBR.
D. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ABR.
E. It is an LSA that is originated by an ABR, that is flooded throughout the area, and that describes a route to the ASBR.
Answer: E
Explanation
LSA Type 4 (called Summary ASBR LSA) is generated by the ABR to describe an ASBR to routers in other areas so that routers
in other areas know how to get to external routes through that ASBR.

350. Refer to the exhibit.

Why is R2 unable to ping the loopback interface of R4?

A. The local preference is too high.
B. The weight is too low.
C. The next hop is not reachable from R2.
D. The route originated from within the same AS.
Answer: C
351. Refer to the exhibit.

R2 is mutually redistributing between EIGRP and BGP.

Which configuration is necessary to enable R1 to see routes from R3?
A. The R3 configuration must include ebgp-multihop to the neighbor statement for R2.
B. The R2 BGP configuration must include bgp redistribute-intemal.
C. R1 must be configured with next-hop-self for the neighbor going to R2.
D. The AS numbers configured on R1 and R2 must match.
Answer: B
352. Refer to the exhibit.

AS#1 and AS#2 have multiple EBGP connections with each other. AS#1 wants all return traffic that is destined to the prefix
10.10.10.1/32 to enter through the router R1 from AS#2. In order to achieve this routing policy, the AS 1 advertises a lower
MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this
measure guarantee that the routing policy is always in effect?
AS #1 and AS #2 have multiple EBGP connections with each other. AS #1 wants all return traffic that is destined to the prefix
10.10.10.1/32 to enter through the router R1 from AS #2. In order to achieve this routing policy, the AS#1 advertises a lower
MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this
measure guarantee that the routing policy is always in effect?
A. Yes, because MED plays a deterministic role in return traffic engineering in BGP.
B. Yes, because a lower MED forces BGP best-path route selection in AS #2 to choose R1 as the best path for 10.10.10.0/24.
C. Yes, because a lower MED in AS #2 is the highest BGP attribute in BGP best-path route selection.
D. No, AS #2 can choose to alter the weight attribute in R2 for BGP neighbor R1, and this weight value is cascaded across AS
#2 for BGP best-path route selection.

E. No, AS #2 can choose to alter the local preference attribute to overwrite the best-path route selection over the lower MED
advertisement from AS #1. This local preference attribute is cascaded across AS #2 for the BGP best-path route selection.
Answer: E
353. Refer to the exhibit. All iBGP routes should have the iBGP peer as the next hop address. Why is this not the case for BGP
routes learned between R1 and R2?

A. R2 is missing the next-hop-self option under the neighbor command for R1

B. ISP-A is missing the next-hop-self option under the neighbor command for R1
C. ISP-B is missing the next-hop-self option under the neighbor command for R1
D. R2, ISP-A, and ISP-B are missing the next-hop-self option under the neighbor command for R1
Answer: A
Explanation
In this case networks 10.0.0.0, 172.17.0.0, 172.18.0.0, 192.168.60.0, 192.168.70.0 are networks learned and advertised from
R2. We see that the next-hop of these networks are 209.165.202.158 while they should be 209.165.202.130. With the nexthop of 209.165.202.158, R1 may not know how to send traffic to above networks and the traffic is dropped. To avoid this
failure we should configure the next-hop-self under the neighbor command for R1 like this:
R2(config-router)#neighbor 209.165.202.129 next-hop-self
354 . What is a router? Or define the basic requirements of a router?
Answer: A router is a layer 3 network device used to establish communication between different networks. Basic roles
performed by a router are:
* Inter-network communication
* Best path selection
* Packet forwarding
* Packet filtering
355. What is the use of routing? or Why we use routing?
Answer: By default, a router provides inter-network communication only for directly connected networks. To establish
communication between indirectly connected networks, we require ROUTING. We can use static or dynamic (IGP or EGP)
routing, according to topology requirement.
356. Define the criteria for best path selection of a router?
Answer: A routers routing table contains only best route. To select a route as best, a router considers the following
parameters;
* Longest prefix match
* Minimum AD (administrative distance)
* Lowest metric value
If all listed parameters are the same, then it would perform equal cost load balancing.

357. Define stuck in active.

Answer: If a successor route (best route) fails, then the router sends a query message to its neighbor demanding a feasible
successor (back-up route) and a query received by the router may be forwarded to other neighbors that could lead to a loop,
as well. The wait for the response of query message is called stuck in active (SIA).
358. Can we use OSPF without backbone area?
Answer: Yes, but it will be limited to intra-area (same area) communication. By default, Inter-area communication is not
possible without backbone area.
359. What do you mean by OSPF transit area ?
Answer: A transit area is the area that has a virtual link connecting two or more ABRs attached to this area.
360. What is the difference between an OPPF neighbor and an adjacent neighbor?
Answer: Neighbors are the routers that are in the same area and exchange hello packets, but not LSA information. Adjacent
routers are routers that have fully exchanged their LSA information and are stable.
If OSPF state is in 2WAY/DROTHER, it means a neighbor relationship and, if the state is FULL/DR or FULL/BDR, it means that
the adjacency is formed.
361. BGP neighborship is not coming up. Please define the various steps to troubleshoot it.
Answer: To troubleshoot BGP, first we need to check neighbor state using show ip bgp summary. If the state is Idle, it means
that the peer address or AS is not defined properly; if the state is Active, it means that TCP port 179 is not open, the peer is
not reachable, network congestion, or BGP misconfiguration.
Common neighbor stability problems of BGP
* Misconfigured neighbors IP address and AS number
* Reachability issues when interfaces other than directly connected interfaces are used while peering (update-source issue).
* Authentication must be properly implemented (if configured)
* Router-ID must be unique
362. What is route reflector and why it is required?
Answer: Route reflector is a solution for BGP split horizon. The rule says prefix learned from an iBGP neighbor will not be
advertised to another iBGP neighbor.
To overcome this situation, we have multiple options:
Make your network a full mesh
Route confederation
Confederation
Route reflector is something like a central point acting as a route reflector server: Rather than peering with every iBGP router
in a full mesh, it makes IBGP neighbors as route reflector clients to overcome the split horizon issue.
363. What is the difference between standard and extended ACL?
Answer: Standard ACLs are source-based, whereas extended ACLs are source- and destination-based. Standard ACLs can only
filter layer 3 network traffic, while extended ACLs can be used to filter layer 3 and layer 4, as well.
364. What is the use of distribute-list?
Answer: To filter a routing database, we use distribute-list, which can be applied over most routing protocols. This means that,
If you dont want any specific network in your routing table, then you can use distribute-list.
365. MPLS works on which layer?
Answer: MPLS operates between layer 2 and layer 3, so it is sometimes called layer 2.5.
366. What is penultimate hop popping (PHP) and what is its use?
Answer: PHP is the technique for removing the (POP) MPLS label before the egress router. The MPLS label on a switched
packet is popped by either the egress router or the penultimate router, depending on your configuration. If you decide to use
penultimate hop popping, you essentially terminate the LSP one hop earlier. The MPLS labels are popped by the routers that
connect to the egress router, rather than all of them being popped by the same egress router.
367. What is the difference between layer 2 and layer 3 QoS?
Answer: L2-QoS is at the MAC layer and can be applied by using CoS (class of service) filed in the VLAN header. This will be
used to prioritize traffic. Later, a QOS scheduler can use the COS filed to qualify the traffic into different QOS queues.
L3 QOS is required for IP level classification; it can be achieved through ToS (type of service) priority valuesIPP (3-bit), DSCP
(6-bit), which can be set in the TOS field of the IP header. This TOS will later be used by scheduling process to achieve QOS.
L2 queues are hardware-based, while L3 queues are software-based. Thats why we can modify L3 queues to meet our
requirements.
368. What is traffic black hole?
A traffic black hole is having a next-hop neighbor that doesnt have any routes for a specific prefix but the routing table
points to that device as the next-hop of the route. In distance vector protocols like RIP and EIGRP, this rarely happens
because, in those protocols, anything that is not in the routing table will not be announced to the neighbor. Link-state
protocols like OSPF make use of LSAs, which will still enable the routes to be propagated regardless whether the route is in
the routing table or not.
369. BGP session is not established
BGP uses TCP, so to discover the cause of the problem, you can start with testing TCP connectivity. One way to do that is as
simple as /system telnet <remote-ip> 179 and check if the TCP connection can be established, and BGP port 179 is open and
reachable.
If this is eBGP, make sure you have configured multihop=yes and TTL settings as needed. Use routing bgp peer print status to
see the current state of BGP connection.

Also note that if the remote peer is not supporting BGP Capabilities Advertisement (RFC 2842), some extra time will be
needed for session establishment. The establishment will fail at the first time in this case, because of unknown options in BGP
OPEN message. It should succeed at second attempt (i.e. after about a minute) and in any further attempts, because
RouterOS will remember the offending options for that peer and not include them in BGP OPEN messages anymore.
370. Difference in BOOTP and RARP.
RARP and BOOTP require a static reservation of an IP address for each specific MAC address. Because BOOTP encapsulates its
messages inside an IP packet, the packets can be routed to a BOOTP server; RARP does not use an IP header, so its messages
cannot be routed. Also, RARP only supports the assignment of the IP address, whereas BOOTP allows the assignment of other
settings, such as the mask and default gateway.
371. what is GRE tunnel?
GRE is Generic routing protocol. It is used to simulate point to point connection between the end routers. Tunnel interface is
created in both end routers which is a logical interface and can be loopback interface. Tunnel interfaces on both the routers
should be in same subnet. Already some L3 IGP should be there before configuring tunnel. To verify tunnel, we can traceroute
form one end to the router present at other end on tunnel interface and we can see that it is one hop away.
372. What are BGP attributes.
Well-known mandatory : AS-path , next-hop, origin
Well-known discretionary : local preference, atomic aggregate
Optional non-transitivie : MED == does not travel from router to router
Optional transitive : aggregator, community.
373. Will the actual route propagate through route reflector?
RR will forward both data plane and control plane traffic.
374. Why we need NSSA?
http://networklessons.com/ospf/introduction-to-ospf-stub-areas/
Within an NSSA you allow the Type 7s which are created on an ASBR within an NSSA area. These type 7s are then translated
at the ABRs at the internal edge of the NSSA area.
If you permitted Type 5s within the NSSA area - then you would permit ALL type 5s whether they originated within the NSSA
area or not. By doing type restrictions it is a clean way to prune the database.
375. Does DBD contain LSAs?
Yes DBD contain lsa header.
01234567890123456789012345678901
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version # |
2
|
Packet length
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Router ID
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Area ID
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Checksum
|
AuType
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Authentication
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Authentication
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
0
|
0
| Options |0|0|0|0|0|I|M|MS
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
DD sequence number
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
+-+
|
A
|
+Link State Advertisement
-+
|
Header
|
+-+
|
|
+-+
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
376. What is SVI?
Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual Interface
377. Is it possible to have DR/BDR election in case of LAN? Or point to point connection?
378.How ASBR knows it has to transfer packet to backbone area?
The NSSA External LSA has a flag in its header known as the P-bit. The NSSA ASBR has the option of setting or clearing the Pbit. If the NSSA*s ABR receives a type 7 LSA with the P-bit set to one, it will translate the type 7 LSA into a type 5 LSA and
flood it throughout the backbone area, It the P-bit is set to zero, no translation will take place and the destination in the type
7 LSA will not be advertised outside of the NSSA. This option allows you to design an NSSA in which the external destinations
learned in that area are known onlyin that area.
379. How to set P bit?

For example, you have a RIP learned route 1.1.1.0/24 that is injected into the OSPF NSSA Area. You do not want this route to
be leaked into the rest of the OSPF areas. Use
the below configuration on the NSSA ASBR in order to accomplish this:
router ospf 1
summary-address 1.1.1.0 255.255.255.0 not-advertise
This configuration generates a type 7 LSA that is not translated into type 5 by the NSSA ABR.
380. Why do we use route reflector?
A route reflector (RR) is a network routing component. It offers an alternative to the logical full-mesh requirement of internal
border gateway protocol (IBGP). A RR acts as a focal point[clarify] for IBGP sessions. The purpose of the RR is concentration.
Multiple BGP routers can peer with a central point, the RR - acting as a route reflector server - rather than peer with every
other router in a full mesh. All the other IBGP routers become route reflector clients.
381. Explain booting process in router?

http://computernetworkingnotes.com/cisco-devices-administration-and-configuration/router-booting-process.html
Router is powered on.
Power on self test (POST) is performed to check hardware components including memory and interfaces.
Bootstrap program is loaded and executed.
Bootstrap reads configuration register value to determine how the router will boot up.
Depending on the value of configuration register, bootstrap program finds and loads the IOS image.
If bootstrap fails to load IOS from all possible locations it will drop boot sequence in ROMMON mode for troubleshooting.
If IOS is loaded, the IOS will try to find and load the configuration.
If configuration is not presented, system configuration dialog would be launched.
If configuration is loaded, you would be presented in CLI interface.
382.What line-card you used?
10-Port 1-Gigabit Ethernet Line Card for Cisco 12000 Series Internet Routers
8-Port OC-3 STM-1 ATM Line Card for Cisco 12000 Series Internet Routers
4-Port Gigabit Ethernet ISE Line Card for Cisco 12000 Series Internet Router
383. Is looping happens in case of route re-distribution?
http://blog.ine.com/tag/redistribution/

Note: The redistribution of internal Border Gateway Protocol (iBGP) routes into an Interior Gateway Protocol can cause routing
loops within the Autonomous System (AS). This is not recommended. Route filters need to be set in order to control the
information, which is imported into the IGP.
http://routingnull0.com/2014/10/06/hour-560-solving-redistribution-loops/
384. Why hello of ospf cannot travel more than one hop?
Certain OSPF packets take the form of IP multicast datagrams. Support for receiving and sending IP multicast datagrams,
along with the appropriate lower-level protocol support, is required. The IP multicast datagrams used by OSPF never travel
more than one hop. For this reason, the ability to forward IP multicast datagrams is not required. For information on IP
multicast, see [RFC 1112].
or
OSPF uses multicast addressing for route flooding on a broadcast domain. For non-broadcast networks special provisions for
configuration facilitate neighbor discovery. OSPF multicast IP packets never traverse IP routers (never traverse Broadcast
Domains), they never travel more than one hop. OSPF reserves the multicast addresses 224.0.0.5 for IPv4 or FF02::5 for IPv6
(all SPF/link state routers, also known as AllSPFRouters) and 224.0.0.6 for IPv4 or FF02::6 for IPv6 (all Designated Routers,
AllDRouters), as specified in RFC 2328 and RFC 5340.
385. Which layer protocol is BGP? = it is application layer protocol
It rides over our existing TCP/IP structure, Hence BGP is a Application layer Protocol. And both BGP and RIP are application
layer protocols using TCP 179 and UDP 520 respectively for communication. OSPF and EIGRP are network layer protocols
using protocol number 89 and 88 respectively for communication.
386. Cisco IOS image format?
c7200-jk9o3s-mz.122-16.bin
387. What is PIM , IGMP.
388. What is *,G and s,G?
389. In MPLS what is penultimate hop?
390. After the initial exchange of DBD packets after neighbourship formation, how often does the DBD
exchange happens? if any new network is say added to the DROTHER router for example, how does it initiate
the further advertisements?
DBDs are used between the master and slave devices to start building the topology table. Each DBD packet has a sequence
number (but only the master can increment it). The sequence number increments when a link in OSPF changes.
Once the weve got past the exchange state, the device will then compare the its database with its neighbors to see if there
is any newer info. If any info is missing, the router (or whatever device it is) sends a LSR to request the missing info. The LSU
packet is the packet that actually exchanges the routing information between devices. Each device generates an LSA, or
multiple LSAs (there are eleven different types), that stipulate the routing information the device currently knows. Each type
of LSA is then encapsulated into a LSU and transmitted between devices. Upon receiving the LSU the LSA is stripped out and
inserted into the LSDB. The LSAck packets are used as a receipt in order to acknowledge receiving the LSU.
So to answer your question, the once the DBD's are sent, the only thing what happens is LSRs, LSUs, and LSAcks maintain the
topology. If there is ever a problem with this device, then we may need to go through the process of establishing an OSPF
adjancency:
exstart
exchange
loading
full
391. Purpose of DBD sequence number?
Each DBD packet has a sequence number which can be incremented only by master which is explicitly acknowledged by
slave.
I believe DBD sequence number is used to compare 2 consecutive DBD updates and find which one is the latest one.
On a P-2-P link, how is it decided who will first send the Database Description (DBD) packet. I understand that on a broadcast
network they use a master/slave configuration that is determined by the priority.
392. Does the same apply for P-2-P links?
Yes, it is same in case of point to point as well. One will act as Master and other will act as slave.
393. Can you configure a SVI on layer 2 switch? If yes then what is the benefit to configure SVI on L2 switch?
yes we can
A switch virtual interface (SVI) is a logical interface that ties Layer 3 functionality, such as IP information, to a VLAN. The SVI,
in turn, can be used for inter-VLAN routing, to fallback-bridge nonroutable protocols between VLANs, and to represent the
VLAN to a routing domain. By default, an SVI is created for VLAN 1 for management. If you are familiar with the Cisco
2900XL/3500XL series switches from CCIE PSV1, an SVI is very much like the "interface VLAN 1" used for management. Unlike
the previous switches, you can configure multiple SVIs and a routing protocol to provide connectivity between the VLANs. To
configure an SVI, aside from the single default, you must have the EMI software image installed on the switch.
393. How long would a switch retain a mac-address in its mac-address table
300 sec

394. Can we use port fast on trunk ports?

yes
395. Can we use bpdu-guard on trunk ports?
396. Can we use bpdu-filter on trunk ports?
397. In which address the neighbours reply for the hello packet sent by the source router to form adjacency?
Ans: 224.0.0.6
398. LSAck:
LSAck packet will be send as an Ack only for the following packet types
-> Database Description
-> Link-State Request
-> Link-State Update
399. Router ID:
While sending the "hello packet" the highest configured ip address on an active interface is choosen as a "Router ID" by
default, unless a loopback interface or the router id is configured.
400. Process ID:
An internally used number to identify the OSPF routing process. The process ID does not need to match process IDs on
other routers.
401. If we have 70 to 80 areas then how we can connect all the areas to the backbone area?
If we have more areas in OSPF then it is not possible to connect all the areas to the backbone area.
For that "Virtual link" is used.
We use virtual routes only when we are not able to reach the area-0 directly. usage of virtual routes is a poor design.
so how many ever areas we have should connect to area 0 to reach other areas
402. Why do we need iBGP if we already have iGP?
Scalability1: Imagine that you're receiving 500,000 EBGP routes in more than one location2, and you need to influence the
per route exit point in your AS. BGP can handle many more routes than IGP protocols. Thus, iBGP is required unless you're
willing to redistribute all the routes you've learned via eBGP
Enforce boundaries of trust / control: BGP has many more knobs than IGPs for controlling what you advertise and receive.
Flexible tools: BGP communities, BGP Extended communities, local-pref, etc... these make BGP an attractive way to
implement custom routing policies within your own autonomous system (by using iBGP).
As with everything... the scalability, control, and flexibility you get from iBGP means that it's a slower converging protocol
than IGPs (in general).
iBGP is usually used with in once administrative boundary of large enterprises to get the advantage of the BGP route stability
and policy manipulations through the BGP attributes. That doesn't mean you can't use eBGP with in the administrative
boundary but iBGP is preferred due to some attributes which are only used within the same AS only like Local preference,
ease of management since you are using one AS rather than different AS numbers. And eBGP (even if there is away) require
direct link due to use of TTL 1.
403. How to create host route in Linux?
http://linux-ip.net/html/tools-route.html
To add a static host route on Linux, run:
route add -host <destination IP address> gw <gateway IP address>
or
route add <destination IP address> gw <gateway IP address>
Example:
Security gateway's external IP address is 192.168.1.1
Security gateway's internal IP address is 10.1.1.1
The desired Static NAT IP address is 192.168.1.20
The internal host to be translated is 10.1.1.20
Use the following command:
route add -host 192.168.1.20 gw 10.1.1.20
or
route add 192.168.1.20 gw 10.1.1.20

Alternately, the static routes can be entered in the /etc/sysconfig/static-routes file in this format:
eth1 net 192.168.1.20 netmask 255.255.255.255 gw 10.1.1.20
where eth1 is the gateway's internal interface.
The /etc/sysconfig/static-routes file will be parsed by Linux kernel at startup.
To verify that route was added successfully, check the routing table by running netstat rn
404. What is the maximum TTL value?
255
405. How traceroute works?
406. How routing works?
Prefix
Ad
metric
407. packet format in case of wireshark?
Arp request arp response
Source mac dest mac
Source ip dest ip
Tcp session
408. host1 (1.1.2.2/24) ====== host2 (1.1.3.2/24)
Will communication happens
Communication will not happen since both host are in different network ie different broadcast domains.
Apr request will be sent if both host are in same network. So here arp request will not be send.
409. TCP and UDP protocol number.
TCP 6 and UDP 17
410. What is STP ? explain by scenario
Create triangle topology and explain
411. What is etherchannel and usecases.
Link aggregation technology
412. host ---switch (vlan1) vlan access vlan101 ---------------switch2 (switch pot trunk , switchport allowed trunk
vlan 101)---host2
Will communication happens ?
No both ports should be assigned as trunk.
413. What is VTP and how it works.
412. What should be your trouble shooting approach when two routers are not forming neighborship in case of
ospf.
Start from L2 and go up in OSI model
413. How dhcp works. What are the steps involved in case of dhcp?
Explain the process
412. what is NAT and how it works?
413. what happens if one of the link goes down incase of etherchannel?
414. What are AD for all routing protocols?
415. What is GRE and why is it required?
Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route other protocols over IP
networks.
GRE enables a wrapper to be placed around a packet during transmission of the data. A receiving GRE removes the wrapper,
enabling the original packet to be processed by the receiving stack.
Advantages of GRE tunnels include the following:
* GRE tunnels connect discontinuous sub-networks.
* GRE tunnels allow VPNs across wide area networks (WANs).
* GRE tunnels encase multiple protocols over a single-protocol backbone.
* GRE tunnels provide workarounds for networks with limited hops.

416. use of tail f

NAME
tail - output the last part of files
SYNOPSIS
tail [OPTION]... [FILE]...
DESCRIPTION
Print the last 10 lines of each FILE to standard output. With more than one FILE, precede each with a header giving the
file name. With no FILE, or when FILE is -, read standard input.
Mandatory arguments to long options are mandatory for short options too.
--retry
keep trying to open a file even if it is inaccessible when tail starts or if it becomes inaccessible later; useful when
following by name, i.e., with --follow=name
-c, --bytes=N
output the last N bytes
-f, --follow[={name|descriptor}]
output appended data as the file grows; -f, --follow, and --follow=descriptor are equivalent
-F

same as --follow=name --retry

-n, --lines=N
output the last N lines, instead of the last 10
--max-unchanged-stats=N
with --follow=name, reopen a FILE which has not changed size after N (default 5) iterations to see if it has been
unlinked or renamed (this is the usual case of rotated log files)
--pid=PID
with -f, terminate after process ID, PID dies
-q, --quiet, --silent
never output headers giving file names
-s, --sleep-interval=S
with -f, sleep for approximately S seconds (default 1.0) between iterations.
-v, --verbose
always output headers giving file names
--help display this help and exit
--version
output version information and exit
If the first character of N (the number of bytes or lines) is a +, print beginning with the Nth item from the start
of each file, otherwise, print the last N items in the file. N may have a
multiplier suffix: b 512, k 1024, m 1024*1024.
With --follow (-f), tail defaults to following the file descriptor, which means that even if a tailed file is renamed, tail
will continue to track its end. This default behavior is not desirable when you really want to track the actual name of the file, not the file descriptor (e.g., log rotation). Use
--follow=name in that case. That causes tail to track the named file by reopening it periodically to see if it has been removed and recreated by some other program.
417. what are different ls command. Explain
NAME
ls - list directory contents
SYNOPSIS
ls [OPTION]... [FILE]...
DESCRIPTION
List information about the FILEs (the current directory by default). Sort entries alphabetically if none of -cftuvSUX nor
--sort.
Mandatory arguments to long options are mandatory for short options too.
-a, --all
do not ignore entries starting with .
-A, --almost-all
do not list implied . and ..

--author
with -l, print the author of each file
-b, --escape
print octal escapes for nongraphic characters
--block-size=SIZE
use SIZE-byte blocks
-B, --ignore-backups
do not list implied entries ending with ~
-c
with -lt: sort by, and show, ctime (time of last modification of file status information) with -l: show ctime and sort by
name otherwise: sort by ctime
-C

list entries by columns

--color[=WHEN]
control whether color is used to distinguish file types. WHEN may be never, always, or auto
-d, --directory
list directory entries instead of contents, and do not dereference symbolic links
-D, --dired
generate output designed for Emacs dired mode
418. check for scale topology
419. How you verify customer scenario in Spirent .
420. How to analyze captured network data in wireshark.
http://www.unixarena.com/2013/06/wireshark-how-to-analyse-captured.html
http://tcpipguru.com/wireshark-interview-questions/
421. what all testcases you can think on TTL
422. DR and ospf router ip in ospf
423. collision and broadcast domain difference
A switch has 4 ports. Now 2ports are assigned to vlan 1 and next 2 ports are assigned to vlan2 . How many collision domains
will be there?
Collision domain should remain same.
424. How many lines of code you can write in a day
50 lines of code per day on average
425. what are 5 fundamental knobs in network security.
426. How to create sub interfaces in Linux or host?
Create sub interfaces on CentOS and Redhat
Sub interfaces or virtual interfaces are used for a number of reasons. Normally for VLANs, but also if you want your machine
to have multiple IP addresses.
This is relatively straight forward to do.
It can be done from the command line like this:
# ifconfig eth0:1 192.168.111.1
The above command has just created a virtual / sub interface on eth0 called eth0:1 and assigned it the IP 192.168.111.1
This however is not a permanent solution because when you reboot, this interface will be lost. To make it permanent we need
to create a file in /etc/sysconfig/network-scripts/ called ifcfg-eth0:1
DEVICE=eth0:1
BOOTPROTO=none
HWADDR=00:16:17:90:a5:15
ONPARENT=yes
IPADDR=192.168.111.1
NETMASK=255.255.255.0
TYPE=Ethernet
Very similar to ifcfg-eth0 but note there is no default gateway set. Always remove the gateway line from the cfg file you will
inevitably copy to create this.
The MAC or Hardware address must also match the parent interface.
If you need more than one virtual / sub interface, simply create more config files.
To bring an interface up after creating the config file use:
# ifup eth0:1
427. BGP is unicast or multicast.
It is possible to configure BGP peers that exchange both unicast and multicast network layer reachability information (NLRI),
but you cannot connect multiprotocol BGP clouds with a BGP cloud. That is, you cannot redistribute multiprotocol BGP routes
into BGP.

428. Is one to one mapping happens between DNs name and ip address.
A name server is used to keep track of information associated with domain names. A name server can maintain a database of
hostname-to-address mappings. Each name can map to one or more IP addresses. In order to use this service to map domain
names to IP addresses, you must specify a name server.
The name lookup system can be statically configured using the commands described in this task. Some other functions in
Cisco IOS software, such as DHCP, can dynamically modify the state of the name lookup system. Use the show hosts
command to display the cached hostnames and the DNS configuration.
429. Can we assign ipv4 and ipv6 address to same client.
Yes we can. If we see our windows we can see link local ipv6 address as well as ipv4 address. Dual stack it is possible.
But dhcpv6 server and dhcpv4 server will be different.
430. R1 (1500)----------------------------------(1000)r2
How R1 will know it has to do fragmentation?
Mtu size exchange will happen between the neighbors in L1
431. pc ---switch ------R1 -------R2-----switch---PC2
Expalin Arp, ping and traceroute
432. pc1 -----R1---------R2-------pc2
Static route is configured on R1 to reach pc2. Will ping happens?
Ping will not be successful since pc1 knows to reach the pc1 and pc2 doesnt know how to reach pc1.
433. What are different flags in Ip header other than MF and DF.
Reserved , DF and MF
434. Area concept in ospf?
We can have area 1 and area 2 without area 0. Check what all route will be there in this scenario.

Check what all lsas will be present on each router.

435. where exactly vlan tag is placed in Ethernet header?

436. what is difference in 802.1q and 802.1p

The IEEE 802.1p is a signalling technique for prioritising network traffic at the data-link/MAC sub layer (OSI Reference Model
Layer 2).

Priority 3 bits filed is know as 802.1p and total 4 byte is 802.1q

Quality of Service
QoS is a mechanism that allows for better handling of data that passes over a network. There are two major types of Quality
of Service (QoS) techniques, hard QoS and soft QoS. Hard QoS has a hard-set capacity reserved for certain types of service,
while soft QoS just deals with data prioritization. QoS provides a kind of guarantee to ensure that important data packets
reach their destinations as quickly as possible.
Use of the 802.1p Standard
The IEEE 802.1p standard is a method for assigning priority to packets traversing a network. It works with the MAC (media
access control) header at the data link layer (Layer 2 in the OSI reference model). The MAC header is one of those parts that
are inspected by hubs and switches in a network, which are also responsible for differentiating between network packets on
the basis of their priorities.
The 802.1p sets a 3-bit value in the MAC header to indicate prioritization. This 3-bit value provides priority levels ranging from
0 to 7 (i.e., a total of 8 levels), with level 7 representing the highest priority. This permits packets to cluster and form different
traffic classes. Thus, when network congestion occurs, those packets that have higher priorities will receive preferential
treatment while low priority packets will be kept on hold.
802.1p is not backward compatible and can lead to instability on networks with non-802.1p switches. This is because older
switches will misinterpret the header used by the 802.1p protocol. It is important that the switches, Ethernet cards, and
device drivers are all 802.1p compatible.
437. Will destination and source mac address will change for ospf and bgp?
Yes there will be change in source and destination mac address as mac addresses are different for BGp and ospf.
438. GSR architecture?
439. How ingress to egress communication happens in GSR?
Line cards perform packet forwarding. Each LC uses DCEF tables to look up destination addresses.
440. R1 1500--------------------1000R21500---------------1000R3
How packet will flow here?
R1 will fragement data into 1000 and 500 and both will pass through R2 and reassembly happens at R3.
441. Difference in routing RIB and FIB table.
RIBs maintain the network topologies and routing tables for each protocol. This would include many routes going to the same
destination prefix.
FIBs are the best route from the possibly many protocols in the RIBs pushed down to fast forwarding lookup memory for the
best path(s).

442. What is Non stop forwarding ?

Already covered.
443. How about vpn and firewall concepts?
444. What is tcp sync attack?
A sender transmits a volume of connections that cannot be completed. This causes the connection queues to fill up, thereby
denying service to legitimate TCP users. A TCP SYN attack (also called SYN attack) is a common type of Denial of Service
attack.
445. What is TCP windowing?
TCP windowing concept is primarily used to avoid congestion in the traffic. It controls the amount of unacknowledged data a
sender can send before it gets an acknowledgement back from the receiver that it has received it.
446.How ICMP Redirect Messages Work?
ICMP redirect messages are used by routers to notify the hosts on the data link that a better route is available for a particular
destination.
For example, the two routers R1 and R2 are connected to the same Ethernet segment as Host H. The default gateway for
Host H is configured to use router R1. Host H sends a packet to router R1 to reach the destination on Remote Branch office
Host 10.1.1.1. Router R1, after it consults its routing table, finds that the next-hop to reach Host 10.1.1.1 is router R2. Now
router R1 must forward the packet out the same Ethernet interface on which it was received. Router R1 forwards the packet
to router R2 and also sends an ICMP redirect message to Host H. This informs the host that the best route to reach Host
10.1.1.1 is by way of router R2. Host H then forwards all the subsequent packets destined for Host 10.1.1.1 to router R2.

This debug message shows router R1, as in the network diagram, sending an ICMP redirect message to Host H (172.16.1.1).
R1#
debug ip icmp
ICMP packet debugging is on
*Mar 18 06:28:54: ICMP:redirect sent to 172.16.1.1 for dest 10.1.1.1, use gw 172.16.1.200
R1#
Router R1 (172.16.1.100) sends a redirect to Host H (172.16.1.1) to use router R2 (172.16.1.200) as the gateway to reach the
destination 10.1.1.1.
When Are ICMP Redirects Sent?
Cisco routers send ICMP redirects when all of these conditions are met:
The interface on which the packet comes into the router is the same interface on which the packet gets routed out.
The subnet or network of the source IP address is on the same subnet or network of the next-hop IP address of the routed
packet.
The datagram is not source-routed.
The kernel is configured to send redirects. (By default, Cisco routers send ICMP redirects. The interface subcommand no ip
redirects can be used to disable ICMP redirects.)

Note: ICMP redirects are disabled by default if Hot Standby Router Protocol (HSRP) is configured on the interface. In Cisco IOS
Software Release 12.1(3)T and later, ICMP Redirect is allowed to be enabled on interfaces configured with HSRP. For more
information, refer to HSRP Support for ICMP Redirects section of Hot Standby Router Protocol Features and Functionality.
For example, if a router has two IP addresses on one of its interfaces:
interface ethernet 0
ip address 171.68.179.1 255.255.255.0
ip address 171.68.254.1 255.255.255.0 secondary
If the router receives a packet that is sourced from a host in the subnet 171.68.179.0 and destined to a host in the subnet
171.68.254.0, the router does not send an ICMP redirect because only the first condition is met, not the second.
The original packet for which the router sends a redirect still gets routed to the correct destination.
447. looping in different layer?
448. what is inter frame gap and which layer it belongs to? Why frame payload size is in range of 46-1500.
Interpacket gap is idle time between packets. After a packet has been sent, transmitters are required to transmit a minimum
of 96 bits (12 octets) of idle line state before transmitting the next packet.
There is an obvious reason why the frame payload size was chosen to be 1500 bytes. A frame size of 1500 bytes, offers,
maximum efficiency or throughput.
As you know, ethernet frame has 8 byte preamble, 6 byte source and 6 byte destination mac address, mac type of 2 bytes,
and 4 bytes CRC. Assuming the MTU payload to be 1500 the total number of bytes comes to 1500 + 8 + 6 + 6 + 2 + 4 =
1526 bytes. Now between each frame there is a inter frame gap of 12 bytes which constitues 9.6micro seconds gap between
each frame. This is essential so that frames dont mix up. So the total size of each frame going out of a host is 1538 bytes.
So at 10 Mbps rate, the frame rate is 10 Mbps / 1538 bytes = 812.74 frames / second.
Now we can find the throughput or efficiency of link, to transmit 1500 bytes of payload. by multiplying the frame rate with the
number of bytes of the payload.
So efficiency = 812.74 * 1500 * 8 = 9752925.xxxxx bps which is 97.5 percent efficient ( comparing with 10 MBps)
I guess I have gone too much with mathematics of Ethernet, but the interesting thing to notice is that, as the number of bytes
in the payload increases, the frame rate is decreasing. See that for an MTU of 1500 bytes on payload, the frame rate has
reduced to 812 frames per second. If you increase it above 1500, frame rate would become less than 812.
Also there is a minimum limit for the MTU which is actually 46 bytes. If you calculate the size of the frame for a 46 byte
payload it would come to 12+8+6+6+2+46+4 = 84 bytes. Now calculating the frame rate we get it as =
10mbps/ (84 * 8 bytes) = 14880 frames per second. We could have gone to a frame size even lesser than this, which could
increase the frame rate even more, but I guess during those times, when IEEE made the standards, the routers didnt have
that much frame forwarding capability.
So I think due to above reasons, and considering maximum efficiency, IEEE would have fixed the min and max size of payload
as 46 bytes and 1500 bytes.
449. Difference in performance and scalability testing?
Performance testing is the process of determining the speed or effectiveness of a computer, network, software program or
device. This process can involve quantitative tests done in a lab, such as measuring the response time or the number of MIPS
(millions of instructions per second) at which a system functions.
scalability testing is performed as a series of load tests with different hardware (or software) settings while keeping other
testing environment conditions unchanged. When you perform scalability testing, you can vary the CPU speed, the number
and type of servers, the amount of available RAM, and so on.
440. How to check performance of the router?
Performance Testing is performed to determine response time of the some components of the system perform under a
particular workload. It is generally measured in terms of response time for the user activity. It is designed to test the overall
performance of the system at high load and stress condition It identifies the drawback of the architectural design which helps
to tune the application. It includes the following:
Increasing number of users interacting with the system.
Determine the Response time.
Repeating the load consistently.
Monitoring the system components under controlled load.
Providing robust analysis and reporting engines.

441. what is throughput and latency ?

Bandwidth commonly measured in bits/second is the maximum rate that information can be transferred
Throughput is the actual rate that information is transferred

Latency the delay between the sender and the receiver decoding it, this is mainly a function of the signals travel time, and
processing time at any nodes the information traverses
Jitter variation in the time of arrival at the receiver of the information
Error rate the number of corrupted bits expressed as a percentage or fraction of the total sent
442. Name 2.5 layer protocol.
MPLS
443. defect logged by you in GSR.
CSCtq21722
Symptom: A Cisco switch may reload when configured for SNMP.
Conditions: This symptom is observed when SNMP is configured.
Workaround: There is no workaround.
444. blackhole in networking?
In networking, black holes refer to places in the network where incoming or outgoing traffic is silently discarded (or
"dropped"), without informing the source that the data did not reach its intended recipient.
When examining the topology of the network, the black holes themselves are invisible, and can only be detected by
monitoring the lost traffic; hence the name.
Dead addresses[edit]
The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address
to which no host has been assigned.
Even though TCP/IP provides means of communicating the delivery failure back to the sender via ICMP, traffic destined for
such addresses is often just dropped.
Note that a dead address will be undetectable only to protocols that are both connectionless and unreliable (e.g., UDP).
Connection-oriented or reliable protocols (TCP, RUDP) will either fail to connect to a dead address or will fail to receive
expected acknowledgements.
Firewalls and "stealth" ports[edit]
Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports, resulting in small or large
"black holes" in the network. Personal firewalls that do not respond to ICMP echo requests ("ping") have been designated by
some vendors[1] as being in "stealth mode". Despite this, in most networks the IP addresses of hosts with firewalls configured
in this way are easily distinguished from invalid or otherwise unreachable IP addresses: On encountering the latter, a router
will generally respond with an ICMP network rsp. host unreachable error. NAT, as used in home and office routers, is generally
a more effective way of obscuring the layout of an internal network.
445. fields of 802.1q ?
Tcpid + priority + CFI+ vlan id
446. what are all BGP mandatory attributes?
As path and next hop
447. what is proxy arp?
448. How priority is set in layer 3 ?
With dscp
449. check different mtu size scenario in STC?
450. HL and TL calculation in IP?
451. ARP table entries?
Ip to mac address mapping. Only directly connected interfaces information will be present in arp cache.
452. What you want to be ?
I want to see myself as a network specialist.
453. What is socket?
A network socket is an endpoint of an inter-process communication flow across a computer network. Today, most
communication between computers is based on the Internet Protocol; therefore most network sockets are Internet sockets.
A socket address is the combination of an IP address and a port number, much like one end of a telephone connection is the
combination of a phone number and a particular extension. Based on this address, internet sockets deliver incoming data
packets to the appropriate application process or thread.
454. do you have any experience in customer actual deployment network?
No
455. Difference in local pref and MED?
Local pref is used within AS between IBGP and MED is used between peers in different AS.
456. How confederation works in BGP?

457. How blackhole is avoided in IGP?

In networking, black holes refer to places in the network where incoming or outgoing traffic is silently discarded (or
"dropped"), without informing the source that the data did not reach its intended recipient.
When examining the topology of the network, the black holes themselves are invisible, and can only be detected by
monitoring the lost traffic; hence the name.
Dead addresses[edit]
The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address
to which no host has been assigned.
Even though TCP/IP provides means of communicating the delivery failure back to the sender via ICMP, traffic destined for
such addresses is often just dropped.
Note that a dead address will be undetectable only to protocols that are both connectionless and unreliable (e.g., UDP).
Connection-oriented or reliable protocols (TCP, RUDP) will either fail to connect to a dead address or will fail to receive
expected acknowledgements.
Firewalls and "stealth" ports[edit]
Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports, resulting in small or large
"black holes" in the network. Personal firewalls that do not respond to ICMP echo requests ("ping") have been designated by
some vendors[1] as being in "stealth mode". Despite this, in most networks the IP addresses of hosts with firewalls configured
in this way are easily distinguished from invalid or otherwise unreachable IP addresses: On encountering the latter, a router
will generally respond with an ICMP network rsp. host unreachable error. NAT, as used in home and office routers, is generally
a more effective way of obscuring the layout of an internal network.
Black hole filtering[edit]
Black hole filtering refers specifically to dropping packets at the routing level, usually using a routing protocol to implement
the filtering on several routers at once, often dynamically to respond quickly to distributed denial-of-service attacks.

458. ping is which layer protocol?

Ping is L3 protocol.
459. what is performance testing?
How much time the application is taking to perform a task.
Types of performance testing.
-Load testing
-Stress testing
-Volume testing
-Security testing(authentication, access control. encryption)
460. find expression
find . name *.tcl print
find . size 1000c
find . size + 1000c
find . size -1000c
461. what are different types of software testing methodologies?
Unit test
Functional test
Integration test
Smoke test
Acceptance test
System test
Regression test

462. Explain tcp sync flooding.

TCP Intercept is designed to prevent a SYN flooding Denial of Service attack by tracking, optionally intercepting and validating
TCP connection requests. A SYN flooding attack involves flooding a server with a barrage of requests for connection.

However, since these messages have invalid return addresses, the connections can never be established. The resulting
volume of unresolved open connections eventually overwhelms the server and can cause it to deny service to valid requests.
TCP Intercept is capable of operating in two different modes - intercept mode and monitor mode. When used in intercept
mode (the default setting), it checks for incoming TCP connection requests and will proxy-answer on behalf of the destination
server to ensure that the request is valid before connecting to the server. In monitor mode, TCP Intercept passively watches
the connection requests flowing through, and, if a connection fails to get established in a configurable interval, it will
intervene and terminate the connection attempt.
463. What is a firewall? Why do I want one?
Firewalls are used to build trusted perimeters around information and services.
Your Internet security solution must be able to allow employees to access Internet resources, while keeping out unauthorized
traffic. The most common way of protecting the internal network is by using a firewall between the intranet and the Internet.
464. What is Ipsec?
IPSec provides IP network-layer encryption.
IPSec is a standards-based technology that governs security management in IP environments. Originally conceived to solve
scalable security issues in the Internet, IPSec establishes a standard that lets hardware and software products from many
vendors interoperate more smoothly to create end-to-end security. IPSec provides a standard way to exchange public
cryptography keys, specify an encryption method (e.g., data encryption standard (DES) or RC4), and specify which parts of
packet headers are encrypted.
465. In Ethernet network in ospf . Does DR and BDR election happens?
If two routers are connected by Ethernet and point to point network is not defined , DR election will happen.
466. What happens in all 7 layers of OSI model if I type www.google.com or any other link? What do these layers do?
467. Data Encryption Standard (DES) weakness and strength.
The Data Encryption Standard (DES) is a symmetric key block cipher which takes 64-bit plaintext and 56-bit key as an input
and produces 64-bit cipher text as output. The DES function is made up of P and S-boxes. P-boxes transpose bits and S-boxes
substitute bits to generate a cipher.
Strength- The strength of DES lies on two facts:
The use of 56-bit keys: 56-bit key is used in encryption, there are 256 possible keys. A brute force attack on such number of
keys is impractical.
The nature of algorithm: Cryptanalyst can perform cryptanalysis by exploiting the characteristic of DES algorithm but no one
has succeeded in finding out the weakness.
Weakness- Weakness has been found in the design of the cipher:
Two chosen input to an S-box can create the same output.
The purpose of initial and final permutation is not clear.
468. If you are a victim of Denial of Service (Dos) then what you do?
The function of a denial of service attack is to flood its target machine with too much traffic and prevents it from being
accessible to any other requests or providing services.
To prevent DoS attacks firewall can be configured as a relay; in this approach the firewall responds on behalf of the internal
host. During the attack, the firewall responds to the SYN sent by the attacker; since the ACK never arrives, the firewall
terminates the connection.
By Keeping protocols and Antivirus software up-to-date, we can prevent to be a victim of DoS. A regular scanning of the
machine is also necessary in order to detect any anomalous behavior.
469. What are the main qualities of an effective and efficient network?
a. Performance
b. Reliability
c. Security
470. Name the factors that tell us about the security of the network.
a. Virus attacks on the system.
b. Unauthorized access to the system.
471. Define Bandwidth and Latency?
- Bandwidth/ Throughput It means the number of bits which can be transmitted over the network in a specified time.
- Latency It is the time taken by a message to travel from one side to another.
Bandwidth and latency describe the performance of a network.
472. If two connected routers are configured with RIP routing. What will be the result when a router receives a routing update
that contains a higher-cost path to network already in its routing table?
When a routing update is received by a router, the router first checks the administrative distance (AD) value and always
choose the route with the lowest administrative distance value. However, if two routes are received and they both have same
administrative distance value, then the router will choose the one route with the lowest metrics, or in RIPs case, hop count.
RIP allows a maximum hop-count of 15, so anything that requires 16 hops is consider as unreachable. Hence if a router
receives a routing update that contains a higher-cost path but have lower hops than the packet will be transferred through
that path

473. How do you use RSA for both authentication and secrecy?
RSA is a public key encryption algorithm. The RSA algorithms are based on the mathematical part that it is easy to find and
multiply large prime numbers together, but it is extremely difficult to factor their product.
For authentication: One can encrypt the hash (MD4/SHA) of the data with a private key. This is known as digital signature.
For Secrecy: Secrecy/confidentiality is achieved by encrypting the data with public key and decrypting with private key.
474. Can you differentiate among encoding, encryption and hashing?
Encoding: Basically encoding is used to protect the integrity of data as it crosses through communication network to keep its
original message upon arriving. It is primarily an insecure function because it is easily reversible.
Encryption: Encryption is basically designed for confidentiality and data integrity and reversible only if you have the
appropriate key.
Hashing: With hashing the operation is one-way i.e. non-reversible. It takes an input (or message) and returns a fixed-size
string, which is called the hash value.
475. What is Authentication Header and how it provides the protection to IP header?
Basically Authentication Header protects IP header and provides the complete authenticity to the IP packets.
AH may work in two ways: transport mode and tunnel mode.
In tunnel mode; AH protects the IP header using two IP header layers inner and outer. Inner IP header is used to contain the
source and destination addresses, and the outer IP header is used to contain the security gateway information
476. What is VPN?
A VPN is a service that offers secure, reliable connectivity over a shared public network infrastructure such as the Internet.
VPNs maintain the same security and management policies as a private network. They are the most cost effective method of
establishing a virtual point-to-point connection between remote users and an enterprise customer's network.
477. What is Trusted and Untrusted Networks?
Trusted networks: Such Networks allow data to be transferred transparently. The machines using a trusted network are
usually administered by an Administrator to ensure that private and secured data is not leaked. Access to this network is
limited. Computers using trusted networks are more secured and confidential because of strong firewalls.
Untrusted networks: Such networks are usually administered by the owners. They can allow improper access to sensitive or
personal data. These machines are usually separate. Such machines could me more prone to attacks.
478. In computer networking and telecommunications, a pseudowire (or pseudo-wire) is an emulation of a point-to-point
connection over a packet-switching network (PSN).
The pseudowire emulates the operation of a "transparent wire" carrying the service, but it is realized that this emulation will
rarely be perfect. The service being carried over the "wire" may be Asynchronous Transfer Mode (ATM), Frame Relay, Ethernet
or time-division multiplexing (TDM) while the packet network may be Multi-protocol Label Switching (MPLS), Internet Protocol
(IPv4 or IPv6), or Layer 2 Tunneling Protocol Version 3 (L2TPv3).
479.
TCL
1. What is the use of upvar?
Upvar : Create link to variable in a different stack frame. upvar simplifies the implementation of call-by-name
procedure calling and also makes it easier to implement Tcl procedures that are new control constructs
2. How to pass an array to a proc ?
You will need to use passing by reference to pass array information to a procedure. Array values cannot be passed as
procedure arguments. Keyed lists should also be passed by reference
It is not possible directly we need to use upvar .
http://stackoverflow.com/questions/3513266/passing-arrays-to-functions-in-tcl-only-upvar
http://www.cab.u-szeged.hu/local/doc/tcl.old/tclFAQ/part2/faq-doc-20.html
http://objectmix.com/tcl/775140-passing-arrays-arguments-procedures.html
proc show_array arrayName {
upvar $arrayName myArray
foreach element [array names myArray] {
puts stdout "${arrayName}($element) = $myArray($element)"
}
}
set arval(0) zero

set arval(1) one

show_array arval
or
proc arr arr1 {
upvar $arr1 arr2
set namelst [array names arr2]
foreach val $namelst {
puts "${arr1}($val) = $arr2($val)"
}
}
array set arr3 {0 hello 1 hi}
arr arr3
3. Write a program which verify two strings are anagram of each other . ie ball and lbal
http://www.invece.org/tclwise/lists_and_strings.html
set str1 ball
set str2 labl
set lst1 [split $str1 ""]
puts $lst1
set lst2 [split $str2 ""]
puts $lst2
set newstr1 [lsort $lst1]
puts $newstr1
set newstr2 [lsort $lst2]
puts $newstr2
set newstr1 [join $newstr1 ""]
puts $newstr1
set newstr2 [join $newstr2 ""]
puts $newstr2
set res [string equal "$newstr1" "$newstr2"]
puts $res
or if {[string equal $newstr1 $newstr2] == 1} {
puts yes
} else {
Puts no
}

4. Write a proc which will reverse a array ie value as index and index as value.
Eg a(1) 10 should be a(10) 1
http://pleac.sourceforge.net/pleac_tcl/arrays.html
http://stackoverflow.com/questions/11497726/how-to-reverse-an-array-in-tcl
array set A {1 10 2 20 3 30 4 40 5 50}
set lst [array get A]
puts $lst
set newlst [lreverse $lst]
puts $newlst
array set B $newlst
puts [array get B]
puts [parray B]

5. Input is 40000000000000000000. It can be any number long . Write a regexp which will take block of 2
nos from given number and print the values in separate variables.
set num "125342354832"
regsub -all {(..)} $num {\1 } var
puts $var
or
set str "40awd409999"
set i 1
while {[string length $str] > 1} {
regexp -nocase {[0-9a-z][0-9a-z]} $str match
set str$i $match
regsub $match $str "" str
incr i
}
if {[string length $str] == 1} {
set str$i $str
}
puts "$str1 $str2 $str3 $str4 $str5 $str6"

or
% set data "asdhlakjfsdhfl12312"
asdhlakjfsdhfl12312
% set fivers [regexp -all -inline {.{1,2}} $data]
as dh la kj fs dh fl 12 31 2
set i 0
foreach num $lst {
set var($i) $num
puts $var($i)
incr i
}
http://wiki.tcl.tk/1499
http://inguza.com/document/expect-and-tcl-mini-reference-manual

6. Given is Nawraj Lekhak kumar jagdish . If given input is two values print 1 st and 2nd names. If input
values is 3 or 4 print 1st, 2nd and 3rd name.
set lst [list nawraj kumar lekhak dutt]
set len [llength $lst]
puts $len
if {$len == 4 || $len == 3} {
puts [lrange $lst 0 2]
} elseif {$len == 2} {
puts [lrange $lst 0 1]
} else {
puts "invalid length"
}
http://zetcode.com/lang/tcl/lists/

7. Write a regexp which will match all valid ip addresses in a file.

set ip "1.0.0.0"
regexp {([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][09]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-4])} $ip var
puts $var
if {[string equal $ip $var] == 1} {
puts "$var is valid ip"
} else {
puts "$var is not valid ip"
}
or
set ip "19.0.0.1"
regexp {([0-9]|1[0-9]|[2-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.([0-9]|1[0-9]|[2-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[05])\.([0-9]|1[0-9]|[2-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.([1-9]|1[0-9]|[2-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-4])} $ip
var
puts $var
if {[string equal $ip $var] == 1} {
puts "$var is valid ip"
} else {
puts "$var is not valid ip"
}
8. Use of catch command . (just want to know what happen if we use variable m or without using it)
catch {puts $b} err
puts $err
or
Puts hello
Catch {puts $a} m
Puts name
Ouput will be :
Hello
1 and variable is not defined.
Name.
Or
catch is used to change the actions produced by errors
Example:
if {[catch {set foobar} errmsg]} {
puts the message output: $errmsg

}
May take up to two arguments:
A command block to execute.
An optional variable to store error messages within.
Returns:
1 if an error has been caught.
0 otherwise.
9. Regexp
http://docs.activestate.com/activetcl/8.5/expect4win/regex.html
10.
How can I create/use association lists or property lists?
Use arrays or Extended Tcl keyed lists.
For example, if you did a:
keylset ttyFields ttyName tty1a
keylset ttyFields baudRate 57600
keylset ttyFields parity strip
And then an echo $ttyFields, you'd get:
{ttyName tty1a} {baudRate 57600} {parity strip}
Or using arrays:
set ttyFields(ttyName) tty1a
set ttyFields(baudRate) 57600
set ttyFields(parity) strip
11.
Write a proc to increment the ip by the given no. of times. The incremented IPs should be a valid
one.
proc generate_ips {start_ip number_of_ips} {
regexp {([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)} $start_ip - oct1 oct2 oct3 oct4
set ip_list ""
while {[llength $ip_list] < $number_of_ips} {
for {} {$oct4 <= 254} {incr oct4} {
lappend ip_list "$oct1.$oct2.$oct3.$oct4"
if {[llength $ip_list] == $number_of_ips} {
break
}
}
if {$oct4 ==
set oct4 0
incr oct3
}
if {$oct3 ==
set oct3 0
incr oct2
}
if {$oct2 ==
set oct2 0
incr oct1
}
if {$oct1 ==
break
}

255} {

256} {

256} {

256} {

}
return $ip_list
}
12.
What are the different ways to initialize a variable. How to differentiate global and local variables,
explain it through a simple tcl program.
13.
Create a list of week days and print the first and last character of each day using foreach command
set lst {sunday monday tuesday wednesday thursday friday saturday}
foreach day $lst {
set out "[string index $day 0][string index $day end] "
append newlst "$out"
}
puts $newlst
14.
Can you write a small program to verify the given input is file or directory. Before checking, just
ensure that the file/dir exists or not in the given path. If the given input is a file, findout the size and
verify that the file has all read ,write and execute permission.

15.
How to increment each element in a list ?
set lst {0 3 2 10}
foreach num $lst {

incr num
append newlst "$num "
}
puts $newlst

16.
Find maximum number in the given 3 numbers using tcl?
set a -3
set b 2
set c 6
if {$a > $b && $a > $c} {
puts "a is the max number"
} elseif {$b > $a && $b > $c} {
puts "b is max"
} else {
puts "c is the max number"
}
17.
Write a script to display how many times each words appearing in a given string
set str "hello nawraj how are you. Hope you are fine"
set out [lsearch -all -inline $str "are"]
puts $out
set len [llength $out]
puts $len
18.Write a script to remove duplicates word in string
set lst "This issues the have is can be the most the"
regsub -all "the" $lst "" out
puts $out

19.
How can I pass an array into a proc?
Use upvar rather than try to use global variables when possible. If the function is event driven, you are forced to use
global variables.
# print elements of an array
proc show_array arrayName {
upvar $arrayName myArray
foreach element [array names myArray] {
puts stdout "${arrayName}($element) = $myArray($element)"
}
}
set arval(0) zero
set arval(1) one
show_array arval
To return an array from a procedures, just take the array name in as an argument, as above. Any changes you make in
the array will be made in the parent's array as well.
Extended Tcl introduces a concept called keyed lists which are arrays made out of lists of key-value pairs and can be
passed by value to routines, over networks, etc.
20.
How can I delete a procedure from within a script?
Rename the procedure to have no name, for example:
rename procedureName ""
21.

How can I use variables to hold array names?

% set foo "bar baz"
bar baz
% foreach aap $foo {
set $aap(1) "something"
}
can't read "aap(1)": variable isn't array
This means Tcl tries to substitute the array element aap(1) which doesn't exist. To fix this use:
% foreach aap $foo {
set [set aap](1) "something"
}
In this case two arrays bar and baz are created.
An alternative format is:
% foreach aap $foo {
set ${aap}(1) "something"
}

22.

script that can create loopback interfaces for you.

The Script
proc int_config {x} {
for {set n 1} {$n<=$x} {incr n 1} {
puts [ ios_config "interface Loopback$n" "ip address 192.168.$n.1 255.255.255.0" ]
}
}
int_config 3
23.

4 ways to pass an arguments to procedure.

Pass by value
Proc sum {a b} {
Set num [expr $a + $b]
Puts The sum is: $num
}
Sum 2 3
Pass by name
Array set months {1 Jan 2 Feb}
Parray months
Or
Proc increase {initial_apy change} {
Upvar $initial_pay x
Foreach item [array names x] {
Set x($item) [expr $x($item) + $change]
}
}
Array set Pay {Ray Steve 50 Fred 200}
Increase Pay 25
Parray Pay
Defaults
Proc myprocdefault {{}{}{}} {
Puts $a $b $c
}
Myprocdefault
Variable arguments
Proc show {a args} {
Puts $a
foreach val $args {puts $val}
}
Show 1 2 3
24.
What is the use of upvar?
The upvar command links a local variable with another variable (usually global).
Any change made to local variable will also change the global variable.
The upvar command allows you to easily pass arrays and arguments into procedures.
Syntax : upvar level $target_variable link_variable
25.
What is the use of return command?
The return command will return a value from procedure.
Proc sum {a b} {
return [expr $a + $b]
}
Set num [sum 2 3]
Puts The sum is: $num
26.
Different ways of global variable identification
set var 3
proc glob {} {
global var
puts "the value of variable is $var"
}
glob
or
Declaring global variable using double colon (::)
Proc proc01 {} {
Puts The value of var1 is: $::var1
}
27.Example for call a procedure by name and value.
proc Hours {weekly daily} {
upvar $weekly x
foreach item [array names x] {
set x($item) [expr $x($item) + $daily]
}

}
array set Timecard {Tom 20 Sue 24 Mike 18}
puts "This is the array before the procedure:"
parray Timecard
set res [Hours Timecard 8]
puts $res

28.
Create a procedure that will accept one argument and variable arguments
proc variable {a args} {
puts $a
foreach val $args { puts $val }
}
variable 1 2 3 4 5
Output:
1
2
3
4
5
29.
What is exec command used for ?
Exec command is used to execute programs external to TCL.
% cd "C:/Program Files (x86)/Windows Media Player"
% exec wmplayer.exe test.wmv
30.
What are special variables in TCL
Argc : number of command line arguments
Argv0: name of the script
Argv: list of command line arguments
Env : env array is an array of environmental variables.
31.
Use of source command?
Source command loads in a Tcl file and will execute the commands contained within the file.
32.
Use of package command?
Package is similar to libraries except that they require explicit loading.
33.
Use of package require command?
Package require command organizes sets of procedures under a single name, and lets you request packages by name
and revision number.
34.
What are the possible package require problem?
Say package A and package B both define procedure name sum. If these two packages are loaded and each contains
same proc name, then the last package loaded will define the procedure, even it is different from the first procedure.
Solution: namespaces will help alleviate this problem
35.
What is namespace?
A namespace is a encapsulated collection of commands and variables to ensure that they wont interfere with the
commands and variables of other namespaces.
A namespace is similar to a local variable within a proc.
Tcl has always had one such collection, which we refer as the global namespace.
Tcl supports many object-oriented programming constructs, including namespaces. A namespace is
a collection of commands and variables. Namespaces are very useful for avoiding name collisions.
In addition, most Tcl packages create their own namespace to store their procedures and variables.
36.
Name space example.
namespace eval test {
proc sum {a b} {
set num [expr $a + $b]
puts The sum is: $num
}
}
You can easily call a procedure within a namespace from another namespace by using the double colons (::)
test::sum 2 3
namespace eval sample {
proc sum {m n} {
set res [expr $m + $n]
return $res
}
}
puts [sample::sum 2 5]

37.
Use of catch command.
Catch command is use to handle exceptions within a script.
Catch command will gather an error condition and return the results rather than aborting the script.
% catch {unset var} result
1
% puts $result
can't unset "var": no such variable
%
38.
Pass an array to proc
proc a1 {a2} {
upvar $a2 x
foreach index [array names x] {
puts "x($index) = $x($index)"
}
}
array set a {0 10 1 20 2 30}
a1 a
39.
Regexp to match email-id
Regex:
[a-z0-9_-]+(\.[a-z0-9_-]+)*@[a-z0-9_-]+(\.[a-z0-9_-]+)+
Matches:
j_smith@foo.com
j.smith@bc.canada.ca
smith99@foo.co.uk
1234@mydomain.net
Doesn't Match:
@foo.com
.smith@foo.net
smith.@foo.org
www.myemail.com
40.
Match the preceding "e" exactly twice.
Regex:
be{2}t
Matches:
beet
Doesn't Match:
bet
beat
eee
41.
Converting Between Binary and Decimal
proc dec2bin {string} {
binary scan [binary format I $string] B32 str
return [string trimleft $str 0]
}
dec2bin 54
# => 110110
proc bin2dec {string} {
set string [format %032s $string]
binary scan [binary format B32 $string] I str
return $str
}
bin2dec 110110
# => 54
42.
Sort the arrays
% set numsorted [lsort -real [list 38 388.9 1.78 200 1e7]]
1.78 38 200 388.9 1e7
% set descending [lsort -decreasing -real [list 38 388.7 1.56 279 1e6]]
1e6 388.7 279 38 1.56
43.
(hardware )?address matches either hardware address or address
set add "hardware address"
regexp -- {(hardware)?address} $add print
puts $print
This just print address
44.
Write a script that searches the contents of a directory recursively for a pattern
Find all the Tcl files in the current directory:
glob *.tcl
Find all the Tcl files in the user's home directory, irrespective of what the current directory is:
glob -directory ~ *.tcl
Find all subdirectories of the current directory:
glob -type d *
Find all files whose name contains an "a", a "b" or the sequence "cde":

glob -type f *{a,b,cde}*

45.How unset command works.
Unset a variable, array element or entire array.
unset a
unset array(elf)
unset array
46.
How global, upvar and uplevel behaves in TCL?
Variables are local to the procedure unless "global" or "upvar" command is used, see below.
If the last argument is named args all the remaining arguments are stored in this list. This way a procedure can have
variable number of arguments.
global
global variablename variablename2 ...
Indicate that the variable with name variablename is in the global scope.
upvar
upvar $name1 a $name2 b ...
Indicate the that procedure can change data in the callers scope for argument name1 using the name a and name2
using name b, etc. Use with care!
upvar $name a
set a 1
uplevel
Similar to the upvar command but used to evaluate commands in the scope of the calling procedure. Use
with care!
uplevel incr x
Increments the variable x in the calling procedure.
Uplevel : Execute a script in a differ ent stack frame.
uple vel
uplevel [level ] arg...
Concatenate arguments and evaluate them in the stack frame context indicated
by level, wher e level is either a number indicating the number of
levels up the stack relative to the current level or a number preceded by #,
indicating an absolute level. The default level is 1.
47.
List

What will be the format of output of split command in TCL?

48.
How to parse a list and return the index of the match?
lsearch
49.
tcl script to extract the nos of warning and errors?
input:
xx : Severity: Warning Occurrence: 2
yy :Severity: Error Occurrence: 2
ZZ:Severity: Error Occurrence: 4
at the end I want to have Warnings =2
Error =6
program:
# input file
set fname "tcluser16.txt"
set input_file [open $fname "r"]
# define variables
set nr_warns 0
set nr_errs 0
while { [gets $input_file line] != -1 } {
# try to extract Warning Occurrence
set result [regexp {[Ww]arning\s+.*:\s*([0-9]+)}\
$line match num]
if {$result} {
set nr_warns [expr $nr_warns + $num]
}
# try to extract extract Error Occurrence
set result [regexp {[Ee]rror\s+.*:\s*([0-9]+)}\
$line match num]
if {$result} {
set nr_errs [expr $nr_errs + $num]
}
}
# print results
puts "Number of Warnings: $nr_warns"
puts "Number of Errors : $nr_errs"
# close input file
close $input_file

50.
Find duplicate files from different directories?
set searcrhResults {
dir1/dir2/dir3/file1.tcl dir1/dir3/file1.tcl dir1/dir2/file1.tcl dir1/dir2/dir3/file2.tcl dir1/dir2/dir3/file3.tcl
dir1/dir3/file2.tcl dir1/file3.tcl dir1/file4.tcl }
foreach file $searcrhResults {
if {[catch {incr filenames([file tail $file],cnt)}]} {set filenames([file tail $file],cnt) 1}
lappend filenames([file tail $file],paths) [file dirname $file]
}
51.
regexp to match below pattern?
set mystring "------ some string ---------"
set result [regexp {(-+)\s*([^-]*)\s*(-+)} $mystring match first middle rest]
or
regexp -- {(^[-]+)([a-z]+\s[a-z]+)([-]+$)} $pattern newstring first middle end
puts $newstring
puts $first
puts $middle
puts $en
52.
proc

how to return an array ?

get_mroute_active { &multicast } {
upvar ${&multicast} MULTICAST ;
set group -1 ;
set src -1 ;
set
mcast_group_source_id -1 ;
set
MULTICAST($mcast_group_source_id,id) $mcast_group_source_id ;
set
MULTICAST($mcast_group_source_id,mcast_group) $group ;
set
MULTICAST($mcast_group_source_id,mcast_source) $src ;

puts [array size MULTICAST] ;

parray MULTICAST ;
}
array set

multicast { } ;

get_mroute_active multicast
puts [array size multicast] ;
parray multicast ;
53.
replace a number at the end of the line by empty string?
set line "number 108, then something other and at end number 108"
puts "\$line='$line'\n"
set result [regexp {\d+$} $line match]
puts "Matching Result=$result"
if {$result} {
puts "This was matched: '$match'"
regsub {\d+$} $line "" line
puts "result after substitution:\n\$line='$line'\n"
}
or
set me [string range $me 0 [string last " " $me]]
or
set line "number 108, then something other and at end number 108"
regsub {[0-9]+$} $line {} newline
puts $newline
54.
how to split string by blank lines?
set a {dfsfhdslkj}
set a [split $a ""]
puts $a
foreach val $a {
puts "$val \n"
}
55.
program to count the repeat numbers in the file
Input:
January 4000 300 200
February 2000 100 0
March 4000 50 10
April 4000 120 300
May 1000 100 0
June 2000 0 0
July 400 1 1

August 4000 200 100

September 2000 100 200
October 0 0 0
Then the program will write to an output file with content
January 4000 300 200 1
February 2000 100 0 1
March 4000 50 10 2
April 4000 120 300 3
May 1000 100 0 0
June 2000 0 0 2
July 400 1 1 0
August 4000 200 100 4
September 2000 100 200 3
October 0 0 0 0
Program:
set fil [open "tpham1002002.txt"]
while {! [eof $fil]} {
set line [gets $fil]
set col2 [lindex $line 1]
if {$col2!=""} {
if {[array get count $col2]==""} { set count($col2) 0 }
incr count($col2)
lappend line $count($col2)
}
puts $line
}
close $fil
56.
Obtaining computer name using TCL?
# list all evironment variables
foreach key [lsort [array names env]] {
puts "$key = $env($key)"
}
puts "***********************"
# on Windows there is variable COMPUTERNAME
set computer_name $env(COMPUTERNAME)
puts "computername = '$computer_name'"
# check if variable exists then print it
set var_name {COMPUTERNAME}
if {[info exists env($var_name)]} {
set var_value $env($var_name)
puts "variable $var_name found: '$var_value'"
} else {
puts "variable $var_name was not found !"
}
57.
TCL numeric two list comparision?
set a [list 2 1 3]
set b [list 3 1 2]
set a1 [lsort $a]
puts $a1
set b1 [lsort $b]
puts $b1
if {[string equal -nocase [llength $a1] [llength $b1]] == 1} {
puts "list are of equal length"
if {$a1 == $b1} {
puts "list are equal"
}
} else {
puts "list are unequal"
}
58.
Find the biggest element from the list?
% set numberlist {15 30 22 75 50 0x30A 150 110}
15 30 22 75 50 0x30A 150 110
% set numberlist [lsort -integer $numberlist]
15 22 30 50 75 110 150 0x30A
% puts [lindex $numberlist end]
0x30A
%
59.
Different levels of procs in tcl
Set x 5; set y 5

;# A second level proc - This will be called by one

proc two {y} {
upvar 1 $y z
;# tie the calling value to variable z
upvar 2 x a
;# Tie variable x two levels up to a
puts "two: Z: $z A: $a" ;# Output the values, just to confirm
set z 1;
;# Set z, the passed variable to 1;
set a 2;
;# Set x, two layers up to 2;
}
;# A first level proc - This will be called by the global space code.
proc one {y} {
upvar $y z
;# This ties the calling value to variable z
puts "one: Z: $z"
;# Output that value, to check it is 5
two z;
;# call proc two, which will change the value
}
one y;
puts "\nX: $x Y: $y"

;# Call one, and output X and Y after the call.

Out:
one: Z: 5
two: Z: 5 A: 5
X: 2 Y: 1
60.
How to check whether a path is relative or absolute
set fullpath "/usr/home/clif/TCL_STUFF/TclTutor/Lsn.17"
set relativepath "CVS/Entries"
set directorypath "/usr/bin/"
set paths [list $fullpath $relativepath $directorypath]
foreach path $paths {
set first [string first "/" $path];
set last [string last "/" $path];
;# Report whether path is absolute or relative
if {$first != 0} {
puts "$path is a relative path"
} else {
puts "$path is an absolute path"
}
}
61.
Some regexp and regsub scenarios
set str2 "abc^def"
regexp "\[^a-f]*def" $str2 match
puts "using \[^a-f] the match is: $match"
regexp "\[a-f^]*def" $str2 match
puts "using \[a-f^] the match is: $match"
regsub {\^} $str2 " is followed by: " str3
puts "$str2 with the ^ substituted is: \"$str3\""
regsub "(\[a-f]+)\\^(\[a-f]+)" $str2 "\\2 follows \\1" str3
puts "$str2 is converted to \"$str3\""
62.
What are the two commadns that provide information about the contents of directories and files?
There are two commands that provide information about the contents of directories and the files within those
directories. These two commands are glob and file.
Glob provides the access to the names of files in a directory. It is similar to the ls shell command.
File provides three sets of functionality in a platform independant manner:
1.access to file status.
2.access to the file system.
3.tools for manipulating filenames.
63.
What are errorInfo and errorCode?
errorInfo
errorInfo is a global variable that contains the error information from commands that have failed.
errorCode
errorCode is a global variable that contains the error code from command that failed.
64.
Regsub example
regsub -all {,} "a,b,c,d,e" ":" res
puts $res
;# prints "a:b:c:d:e"
65.
Example for arrays as parameter
proc print12 {array} {
upvar $array a
puts "$a(1), $a(2)"

}
set array(1) "A"
set array(2) "B"
print12 array
66.
File reading example
## all problems found by 'open' throw exceptions:
if {[catch {set read_fh [open "input.txt" "r"]} errmsg]} {
error "ERROR: $errmsg"
}
## read the file line-by-line:
while {[gets $read_fh this_line] != -1} {
...
}
## or read the entire file into one string:
set file_contents [read $read_fh]
## or read the next N bytes into a string:
set next_block [read $read_fh 1024]
close $read_fh
67.
File writing example
## all problems found by 'open' throw exceptions:
if {[catch {set write_fh [open "output.txt" "w"]} errmsg]} {
error "ERROR: $errmsg"
}
puts $write_fh "blah blah blah"
## need a catch on close, because that's where most errors happen:
if {[catch { close $write_fh } errmsg]} {
error "ERROR: $errmsg"
}
68.
To check whether file is dir or file
file isdirectory
file isdirectory <path>
Returns whether or not the given path is a directory.
if {![file isdirectory "indir"]} {
...
}
file isfile
file isfile <path>
Returns whether or not the given path is a regular file.
if {[file isfile "maybe_a_link.txt"]} {
...
}
69.
What will this script output when it is evaluated
set x 1
while {$x < 10} {
puts "X: $x"
set y [expr $x + 1]
}
A) an infinite number of "X: 1" lines. =
B) lines from "X: 1" to "X: 9"
C) lines from "X: 1" to "X: 10"
70.
The upvar command will
A) Map a variable from the calling scope into the local procedure scope.=
B) Map a variable from the local scope into the calling scope.
C) Copy the value of a variable from the calling scope to the local scope.
upvar [level ] otherVar myVar...
Make local variable myVar become an alias for variable otherVar in the
stack frame indicated by level, where level is either a number indicating
the number of levels up the stack relative to the current level or a number
preceded by #, indicating an absolute level. The default level is 1.
Tcls upvar command is another answer to coding indirect variable refer ences.
Upvar allows one to refer ence a variable or array by some other name. Using a
first argument of 0 allows variables in the current scope to be accessed.
Upvar is also used when passing arrays to procedures, in which the default procedure scope frame (1) is used:
proc calc_pop_density {state_array_name} {

71.
The "global" command
A) maps a variable from the global scope into the procedure scope and gives it a unique name.
B) maps a variable from the global scope into the procedure scope retaining the original name.=
C) makes a global-scope variable automatically map into all procedures.
72.
What will be the value of i after this code is evaluated:
proc inc {nm} {
upvar $nm x
incr x
}
set i 2
inc i
A) 4
B) 3=
C) 2
73.What will be the value of i after this code is evaluated:
proc inc {nm} {
incr nm
}
set i 2
inc $i
A) 3
B) 2=
C) 4
74.
Regexp and glob difference
To match any number of characters
glob *
regexp .*
To match single character
glob ?
regexp .
Find all the Tcl files in the current directory:
glob *.tcl
75.
Which test would assign "choose correctly" to variable c?
set str "better tests choose correctly"
regexp $test $str a b c
set test {(b[^c]*)(c.*)}
76.
If you use a quoted string, instead of a curly-braced string as a test with regexp. What care you
should take?
you must backslash escape square braces
77.
What will be the contents of "path" after this line of code is evaluated.
% set path [file split "C:/Program Files/Tcl/bin/tclsh"]
C:/ {Program Files} Tcl bin tclsh
78.
What will the contents of "folder" be after this script is evaluated
% set folder [file normalize "/tmp/../etc/passwd"]
G:/etc/passwd
79.
Why packages are created
Whenever an application needs a library of related functions.
80.
How many procedure a package can include.
A package can include only one procedure.
81.Use of subst.
It is used to perform multiple passes of substitution before evaluating a command. Example is shown below.
array set french {I Je speak parlez French Francais}
set language french
foreach word {I speak French} {
if {[info exists ${language}($word)]} {
puts -nonewline "[subst $${language}($word)] "
} else {
puts -nonewline "$word "
}
}
Output: Je parlez Francais
or
subst - Perform backslash, command, and variable substitutions
When it performs its substitutions, subst does not give any special treatment to double quotes or curly braces (except
within command substitutions)
set a 44
puts [subst {xyz {$a}}]

Output: xyz {44}

82.Program for Ping.
foreach address {
1.1.1.1
2.2.2.2
3.3.3.3
4.4.4.4
5.5.5.5
6.6.6.6
} { puts [ exec "ping $address" ] }
83.What is difference between lappend and concat?
The difference is in the output .
set list1 {1 2 3}
puts $list1
set list2 {a b c}
puts $list2
set new [lappend list1 $list2]
puts $new
set lengthlist [llength $new]
puts $lengthlist
#output
123
abc
1 2 3 {a b c}
4
set list1 {1 2 3}
puts $list1
set list2 {a b c}
puts $list2
set b [concat $list1 $list2]
puts $b
set concatlength [llength $b]
puts $concatlength
#output
123
abc
123abc
6
84.
Regexp to find and print a duplicate word in a string
set line "hello sir how r u. Good to see u sir"
regexp -all {\S+} $line new
puts $new
Within the RE, \S+ means a non-empty sequence of non-whitespace characters and \s+ means a non-empty sequence
of whitespace.

85.
Eval example
set a b
set c a
eval puts $$c
86.

Write a script to display the version of Tcl you are using

puts [info tclversion]

puts [info patchlevel]

87.
Write code fragments to store, retrieve, and display your first, middle, and last name using a single
string variable, a single list variable, a single array variable, and a single keyed list variable
set name "nawraj lekhak"
puts $name
set name [list nawraj lekhak]
puts $name
puts [lindex $name 0]

puts [lindex $name 1]

array set arrname {nawraj lekhak}
puts "==[array get arrname]"
puts "[array names arrname]--"
puts $arrname(nawraj)

88.

Write five integers into a file called myfile, then close the file.

set fd [open "myfile.txt" w+]

set data "1 2 3 4 5"
puts $fd $data
close $fd

89.

Read the contents of myfile from exercise 1. Calculate and display the sum of the integers.

set fd1 [open myfile.txt r]

set sum 0
foreach num [read $fd1] {
set sum [expr $sum + $num]
}
puts $sum

Exercise 1
# open a file for writing
if {[catch {set fd [open myfile w]} errmsg]} {
error "Unable to open file 'myfile' for writing\n$errmsg"
}
# write 5 integers into the file
puts $fd "5 10 15 20 25"
# close the file
close $fd
Exercise 2
#open the file myfile for reading
if {[catch {set fd [open myfile]} errmsg]} {
error "Unable to open file 'myfile' for reading\n$errmsg"
}
# read the contents of the file myfile into a variable called nums
# then calculate and display the total of the integers
while {[gets $fd nums] != -1} {
set sum 0
foreach num $nums {
set sum [expr $num + $sum]
}
}
puts "The sum is $sum
# close the file
close $fd
Exercise 3
#open the file for reading
if {[catch {set fd [open myfile]} errmsg]} {
error "Unable to open file 'myfile' for reading\n$errmsg"
}
# read the contents of the file into a variable called 'nums'
while {[gets $fd nums] != -1} {
set sum 0
foreach num $nums {
puts [format "%20d" $num]
set sum [expr $num + $sum]
}
}
puts [format "\nTotal: %13d" $sum]

90.

How to return status from script?

package require Tclx

proc sum {a b} {
keylset retList status 0
set res [expr $a + $b]
if {$res > 5} {
puts pass
keylset retList status 1

} else {
keylset retList status 0
puts fail
keylset retList log $res
}
return $retList
}
set out [sum 1 2]
puts $out

91.

Get two numbers from user input and do the sum.

C:\Users\NLekhak>tclsh
puts Enter the number
flush stdout
% set n1 [gets stdin]
% set n2 [gets stdin]
% set n3 [expr $n1 + $n2]
% flush stdout
92. Print below format
*
**
***
****
set out ""
set i 1
set pattern *
while {$i < 5} {
append out "$pattern "
puts $out
incr i
}
Or
set lst {* * * * * * *}
set i 0
foreach val $lst {
puts "[lrepeat [incr i] $val]"
}
93.Write a Program to print half pyramid as using numbers as shown in figure below.
1
1
1
1
1

2
23
234
2345

set out ""

set i 1
set pattern 0
while {$i < 6} {
append out "[incr $pattern] "
puts $out
incr i
}
94.

Write a C Program to print triangle of characters as below

A
BB
CCC
DDDD
set lst {A B C D E}
set i 0
foreach val $lst {
set out [lrepeat [incr i] $val]
puts "$out "

95. Write a C Program to print inverted half pyramid using * as shown below
*
*
*
*
*

****
***
**
*

set a *
set i 5
for {set i 5} {$i > 0} {incr i -1} {
puts [lrepeat $i $a]
}
95.
Write a C Program to print inverted half pyramid as using numbers as shown below.
1234
123
12
1
set lst {1 2 3 4 5}
set len [llength $lst]
set i 0
while {$len > 0} {
set out [lrange $lst $i [expr $len - 1]]
puts $out
incr len -1
}
97.

Write a C program to print pyramid using * from middle.

98.

Write a C program to print the pyramid of digits in pattern as below.

http://www.programiz.com/c-programming/examples/pyramid-pattern

99.

A program that computes sum from 1 to n

proc sumto {n} {

set sum 0
for {set i 0} {$i <= $n} {incr i} {
set sum [expr $i + $sum]
}
return $sum
}
set out [sumto 5]
puts $out
100 . Check whether input char is vowel or notputs "Enter a character\n"
set ch [gets stdin]
if {$ch == "a" || $ch == "A" || $ch == "e" || $ch == "E" || $ch == "i" || $ch == "I" || $ch == "o" || $ch == "O" || $ch
== "u" || $ch == "U"} {
puts "character is vowel"
} else {
puts "Input charcater is not vowel"
}

100. TCL program to check a leap year

puts "Enter a year\n"
set yr [gets stdin]
if {$yr%400 == 0} {
puts "Input year is leap year\n"
} elseif {$yr%100 == 0} {
puts "Input year is leap year\n"
} elseif {$yr%4 == 0} {

puts "Input year is leap year\n"

} else {
puts "Input year is not leap year\n"
}
101.TCL program to find LCM and HCF
102.TCL program to print diamond pattern

103.TCL program to find Armstrong number

A number is armstrong if the sum of cubes of individual digits of a number is equal to the number itself. For example
371 is an armstrong number as 33 + 73 + 13 = 371. Some other armstrong numbers are: 0, 1, 153, 370, 407.
set
set
set
set
set

str 153
len [string length $str]
num1 [string index $str 0]
num2 [string index $str 1]
num3 [string index $str 2]

if {[expr ($num1*$num1*$num1) + ($num2*$num2*$num2) + ($num3*$num3*$num3)] == "$str"} {

puts "str is a armstrong number"
} else {
puts "given string is not an armstrong number"
}
Or
set
set
set
set
set

str 150
len [string length $str]
num1 [string index $str 0]
num2 [string index $str 1]
num3 [string index $str 2]

if {[expr (pow($num1,3)) + (pow($num2,3)) + (pow($num3,3))] == "$str"} {

puts "str is a armstrong number"
} else {
puts "given string is not an armstrong number"
}
104.Print Floyd triangle
1
23
456
7 8 9 10
It's clear that in Floyd's triangle nth row contains n numbers.
105.Print pascal triangle
Number of rows of Pascal triangle to print is entered by the user. First four rows of Pascal triangle are shown below :1
11
121
1331
106.TCL program to find maximum and minimum element in array
array set arr1 { 12 322343 0 -1 9 10}
set lst [array get arr1]
set lst [lsort -integer $lst]
puts $lst
set len [llength $lst]
set max [lindex $lst [expr $len -1]]
puts $max
set min [lindex $lst 0]
puts $min
107.TCL program to add two matrix
This c program add two matrices i.e. compute the sum of two matrices and then print it. Firstly user will be asked to
enter the order of matrix ( number of rows and columns ) and then two matrices. For example if the user entered order
as 2, 2 i.e. two rows and two columns and matrices as
First Matrix :12
34
Second matrix :45
-1 5
then output of the program ( sum of First and Second matrix ) will be

57
29

108.set 0 0
puts $0
109. Write a loop that will calculate sum of every third digit beginning with 2
set sum 0
set i 2
while {$i <= 10} {
set sum [expr $sum + $i]
incr i 3
}
puts $sum
110. How can in invoke another program from within a TCL program ?
exec
111. Program to check whether input number is odd or even?
puts -nonewline "Enter a number:"
flush stdout
set str [gets stdin]
puts [expr {$str%2}?("ODD NUMBER"):("EVEN NUMBER")]
112. Difference of local and global variable.
set x 100
proc fun {} {
global x
puts "inside fun $x"
}
proc fun1 {} {
set x 500
puts "inside fun1 $x"
}
fun
fun1
113. To read entire file.
set fd [open "myfile.txt" r]
while {![eof $fd]} {
gets $fd data
puts $data
}
close $fd
114. regexp for date
puts -nonewline "Enter your date (dd/mm/yyyy):"
flush stdout
set date [gets stdin]
regexp {((^[0-2][0-9]|[0-3][0-1])/(0[0-9]|1[0-2])/(20[0-9][0-9]))} $date match
puts $match
115. uplevel example
proc do {varname first last body} {
upvar $varname v
for {set v $first} {$v <= $last} {incr v} {
uplevel $body
}
}
set lst {}
do i 1 5 {
lappend lst [expr {$i*$i}]
}
puts $lst
116. Write a command to create two directories pp1 and pp2 under the current dir
Mkdir p /pp1/pp2
117. Who performs the job of command interpretor?
Shell

118. What is core of OS?

Kernel
119. What is command to link two directories dir1 and dir2
ln s dir1 dir3
120. Give the command to append the contents of a file named thisfile
Cat >> thisfile
121. Give the command to remove a file named file2 interactively
rm i
122. Give the command to find all files having .txt extension from the root directory
Find / -name .txt print
123. Print below pattern.
0
01
012
0123
01234
012345
set i 0
set out ""
while {$i <= 5} {
append out "$i "
puts $out
incr i
}

123. Print below pattern

01234
0123
012
01
0
set lst {0 1 2 3 4 5}
set len [llength $lst]
set i 0
while {$len > 0} {
set out [lrange $lst $i [expr $len -1]]
puts $out
incr len -1
}
124. Print below pattern
543210
54321
5432
543
54
5
set lst {5 4 3 2 1 0}
set len [llength $lst]
set i 0
while {$len > 0} {
set out [lrange $lst $i [expr $len -1]]
puts $out
incr len -1
}
125. print below pattern
0
01
012
0123
01234
012345
01234
0123
012
01
0

set i 0
set out ""
while {$i <= 5} {
append out "$i "
puts $out
incr i
}
set len [llength $out]
while {$len >= 0} {
set out [lrange $out 0 [expr $len -2]]
incr len -1
puts $out
}
126. best regexp to match ip address
set ip "192.168.2.254"
regexp {(^[0-9]+).([0-9]+).([0-9]+).([0-9]+)} $ip match a b c d
puts $match; puts $a; puts $b; puts $c; puts $d
if {$a <= 255 && $b <= 255 && $c <= 255 && $d <= 255} {
puts "Input ip is valid"
} else {
puts "Input ip is not valid address"
}