Networking And Tcl Interview Questions 3g531w

1. How router control and data packet. Flow of Routing Information Routing information is the information about routes learned by the routing protocols from a router’s neighbors. This information is stored in routing tables. The routing protocols active routes only from the routing tables. An active route is a route that is chosen from all routes in the routing table to reach a destination. To control which routes the routing protocols place in the routing tables and which routes the routing protocols from the routing tables, you can configure routing policies, which are sets of rules that the policy framework uses to preempt default routing policies. The Routing Engine, which runs the router's control plane software, handles the flow of routing information between the routing protocols and the routing tables and between the routing tables and the forwarding table. The Routing Engine runs the Junos OS and routing policies and stores the active router configuration, the master routing table, and the master forwarding table, Flow of Data Packets Data packets are chunks of data that transit the router as they are being forwarded from a source to a destination. When a router receives a data packet on an interface, it determines where to forward the packet by looking in the forwarding table for the best route to a destination. The router then forwards the data packet toward its destination through the appropriate interface. The Packet Forwarding Engine, which is the central processing element of the router’s forwarding plane, handles the flow of data packets in and out of the router’s physical interfaces. Although the Packet Forwarding Engine contains Layer 3 and Layer 4 header information, it does not contain the packet data itself (the packet's payload). 2. What is difference between L3 Switch and Router. - L3 Switch do switching at layer 3 by preserving the source and destination mac and preserving the TTL value of the IP header of the 1st routed packet, so the first packet is routed using normal routing lookup, but after that all packet are switched. - router do normal routing lookup, but by introducing fast switching and CEF, packets are also now switched on a router. - Switches doesnt some QoS features. - Switches doesnt NAT. - The forwarding on switches is done on ASIC (Application Specific Integrated Circuits) which is done in hardware rather than a software. - Forwarding on routers are done in a software. - router s different WAN technologies (modules) unlike switches. 3. How does forwarding happens in router. 4. Distributed vs Centralized architecture

Following figure illustrates the architecture of a router with distributed forwarding capabilities. In this architecture, each interface processor (or line card) has independent ability of forwarding packet. A route processor is running one kind of routing protocol to build RIB which is shared by all interface processors.

On the other hand, following is another router architecture which is called centralized. In this condition, the interface processors have no ability of forwarding packet. Instead, they forward the packet to the centralized packet processor which forward the packet based on the RIB.

5. Where does queuing happens in router. http://wiki.nil.com/Queuing_Principles_in_Cisco_IOS A router has two types of queues: a hardware queue and a software queue. The hardware queue, which is sometimes referred to as the transmit queue (TxQ), always uses FIFO queuing, and only when the hardware queue is full does the software queue handle packets. Therefore, your queuing configuration only takes effect during periods of interface congestion, when the hardware queue has overflowed. 6. Why mac address is needed. Since actual data communication happens in L2 so mac address is needed. 7. Why BDR is elected first. http://www.rfc-base.org/txt/rfc-2328.txt For graceful reset and reduce the convergence time. The reason behind the election algorithm's complexity is the desire for an orderly transition from Backup Designated Router to Designated Router, when the current Designated Router fails. This orderly transition is ensured through the introduction of hysteresis: no new Backup Designated Router can be chosen until the old Backup accepts its new Designated Router responsibilities. Note Also that if Router X is the only attached router that is eligible to become Designated Router, it will select itself as Designated Router and there will be no Backup Designated Router for the network. 8. Does serial interface have mac address ? A serial line has only two ends, so it is fairly obvious where to send the packets. That is why a serial line doesn't have a MAC address. 9. Fast switching vs packet switching In telecommunications, fast packet switching is a variant of packet switching that increases the throughput by eliminating overhead associated with flow control and error correction functions, which are either offloaded to upper layer networking protocols or removed altogether. ATM and Frame Relay are two major implementations of fast packet switching. 10. Cut-through, Store and forwarding and fragment free concept Cut-through : forwarding based on destination mac address Store and forwarding : forwarding based on once complete frame is received. Fragment free : Once first 64 bytes of data is received. 11. Why we need STP in L2. To avoid loops in layer 2 and provide redundancy 12. Why can't we replace HSRP with STP HSRP works at L3, basically at the edge of network for gateway redundancy but stp works at L2 for avoid loops and to provide redundancy. 13. Contents of BPDU Type, Bridge ID, Root path cost, hello timer, forward delay , flags , max age timer. 14. Which switch is responsible for advertising BPDU in STP Root Bridge 15. In case of multiple vlan if i run default STP, what will be the consequences. Legacy STP is based on per vlan instance hence we need to use MST. 16. Why we need root bridge. Root bridge act as a reference point in topology to forward the packets. 17. Does link connected to PC run STP? No link connected to PC is set as edge or portfast to reduce convergence time.

18. How trunking will work. Does trunk allows all vlans. Note: The allowed VLAN list on both the ends of the trunk link should be the same. By default a trunk link carries all the VLANs that exist on the switch. This is because all VLANs are active on a trunk link; and as long as the VLAN is in the switch's local database, traffic for that VLAN is carried across the trunks. You can elect to selectively remove and add VLANs from a trunk link 19. How native vlan works. The terminology of trunk ports and native VLANs is non-standard. Annex D to the 1998 802.1Q standard uses the concept of trunk links, but the current standard does not use the trunk or native. Some vendors (most notably Cisco) use the concepts of a) trunk ports and b) native VLAN. The proprietary term native VLAN is similar to the 802.1Q PVID (port VLAN identifier), which is used "to associate a VID with untagged and priority-tagged received frames." A trunk port can refer a port that sends and receives tagged frames on all VLANs, except the native VLAN, if one is configured. The term trunk may also be used to refer to a connection using link aggregation. Frames belonging to the native VLAN do not carry VLAN tags when sent over the trunk. Conversely, if an untagged frame is received on a trunk port, the frame is associated with the native VLAN configured on that port. For example, if an 802.1Q port has VLANs 2, 3 and 4 assigned to it, with VLAN 2 being the native VLAN, frames on VLAN 2 that are sent from the aforementioned port are not given an 802.1Q header (i.e. they are plain Ethernet frames). Frames that are received on that port and have no 802.1Q header are assigned to VLAN 2. Tagging of frames sent to or received from VLANs 3 and 4 is the same as if no native VLAN had been configured – all frames on those VLANs must carry tags to identify their VLAN hip. Note that unexpected results may occur if the native VLAN configuration is not the same on all sending and receiving ports on a link. Continuing the above example, if VLAN 2 is not configured as the native VLAN on some other 802.1Q port, that port will send tagged frames on VLAN 2. When the local port, on which VLAN 2 is configured as the native VLAN, receives these unexpectedly tagged frames, it will still assign them to VLAN 2, but it will send only untagged frames for VLAN 2. On receipt, the distant port will either associate the untagged frames with a different VLAN ID (the one locally configured as the native VLAN) or it will discard the untagged frames if it has no native VLAN configured. (Symmetrically, this remote port will send only untagged frames on its configured native VLAN, which will be associated with a different VLAN ID by the local port.) 20. If we configure access between two switches. Will it work ? Yes, you can connect two switches with access ports, and you just need to say "switchport mode access" and "switchport access vlan ID" on the ports that you would connect between the switches. 21. If one side of a switch has vlan 10 and other side is configured with vlan 20. Then how things will work? We need to use inter vlan routing ie router on a stick concept. 22. What is advantage of having double tag Segregate vlans of customer from each other. 23. What is advantage of having la LA is used to control the link in case of ether channel. LA is dynamic. 24. What is Gratuitous ARP. To detect duplicate ip address in a network, gratuitous arp is used. Gratuitous ARP is a sort of "advance notification", it updates the ARP cache of other systems before they ask for it (no ARP request) or to update outdated information. When talking about gratuitous ARP, the packets are actually special ARP request packets, not ARP reply packets as one would perhaps expect. Some reasons for this are explained in RFC 5227. The gratuitous ARP packet has the following characteristics: Both source and destination IP in the packet are the IP of the host issuing the gratuitous ARP The destination MAC address is the broadcast MAC address (ff:ff:ff:ff:ff:ff) This means the packet will be flooded to all ports on a switch No reply is expected Gratuitous ARP is used for some reasons: Update ARP tables after a MAC address for an IP changes (failover, new NIC, etc.) Update MAC address tables on L2 devices (switches) that a MAC address is now on a different port Send gratuitous ARP when interface goes up to notify other hosts about new MAC/IP bindings in advance so that they don't have to use ARP requests to find out When a reply to a gratuitous ARP request is received you know that you have an IP address conflict in your network 25. Why MTU should be same in OSPF. Otherwise neighbor relationship will stuck at exstart state. 26. Why show ip ospf neighbour shows 2way/DROTHER? DR and BDR will only have full relation with other routers in segment but rest of the routers among themselves will have 2way relationship. 27. Is OSPF distance vector as well? Inter area routing in ospf work exactly as distance vector

28. What is the need for master/slave in ospf? The master controls the synchronization process and ensures that only one DD packet is outstanding at a time. 29. How internal routers in OSPF identify ABR Type 3 LSA (Summary LSA) is d by the ABR of originating area to network from other areas so we should check the ABRs first 30. Will ABR summarize type 3 LSA’s? Yes. 31. Why type 4 LSA, when you have type 5 that tells about ASBR router? Type 4 - ASBR-Summary LSA - this is needed because Type 5 External LSAs are flooded to all areas except stub and the detailed next-hop information may not be available in those other areas. This is solved by an Area Border Router flooding the information for the router (i.e. the Autonomous System Boundary Router) where the type 5 originated. The link-state ID is the router ID of the described ASBR for type 4 LSAs. 32. What is the link-state retransmit interval? OSPF must send acknowledgment of each newly received link-state ment (LSA). It does this by sending LSA packets. LSAs are retransmitted until they are acknowledged. The link-state retransmit interval defines the time between retransmissions. You can use the command ip ospf retransmit-interval to set the retransmit interval. The default value is 5 seconds. 33. Can an OSPF default be originated into the system based on external information on a router that does not itself have a default? OSPF generates a default only if it is configured using the command default-information originate and if there is a default network in the box from a different process. The default route in OSPF is 0.0.0.0. If you want an OSPF-enabled router to generate a default route even if it does not have a default route itself, use the command default-information originate always. 34. How can I give preference to OSPF inter-area routes over intra-area routes? This rule of preference cannot be changed. However, it applies only within a single OSPF process. If a router is running more than one OSPF process, route comparison occurs. With route comparison, the metrics and istrative distances (if they have been changed) of the OSPF processes are compared. Route types are disregarded when routes supplied by two different OSPF processes are compared. 35. When a route is redistributed between OSPF processes, are all SPF metrics preserved, or is the default metric value used? The SPF metrics are preserved. The redistribution between them is like redistribution between any two IP routing processes. 36. Can I have one numbered side and leave the other side unnumbered in OSPF? No, OSPF does not work if you have one side numbered and the other side unnumbered. This creates a discrepancy in the OSPF database that prevents routes from being installed in the routing table. 37. Can I control the P-bit when importing external routes into a not-so-stubby area (NSSA)? When external routing information is imported into an NSSA in a type 7 link-state ment (LSA), the type 7 LSA has only area flooding scope. To further distribute the external information, type 7 LSAs are translated into type 5 LSAs at the NSSA border. The P-bit in the type 7 LSA Options field indicates whether the type 7 LSA should be translated. Only those LSAs with the P-bit set are translated. When you redistribute information into the NSSA, the P-bit is automatically set. A possible workaround applies when the Autonomous System Boundary Router (ASBR) is also an Area Border Router (ABR). The NSSA ASBR can then summarize with the not- keyword, which results in not advertising the translated type 7 LSAs. 38. Does OSPF form adjacencies with neighbors that are not on the same subnet? The only time that OSPF forms adjacencies between neighbors that are not on the same subnet is when the neighbors are connected through point-to-point links. This may be desired when using the ip unnumbered command, but in all other cases, the neighbors must be on the same subnet. 39. How often does OSPF send out link-state ments (LSAs)? OSPF sends out its self-originated LSAs when the LSA age reaches the link-state refresh time, which is 1800 seconds ie 30 mins. 40. When I have two type 5 link-state ments (LSAs) for the same external network in the OSPF database, which path should be installed in the IP routing table? When you have two type 5 LSAs for the same external network in the OSPF database, prefer the external LSA that has the shortest path to the Autonomous System Boundary Router (ASBR) and install that into the IP routing table. Use the show ip ospf border-routers command to check the cost to the ASBR. 41. Is there a way to manipulate and prefer the Type 3 LSAs to originate from two different areas sent to the non-backbone area? Type 3 LSA is originated by the Area Border Router (ABR) as a summary route. Manipulating the summary route is not possible in an ABR router. 42. Why does the show ip ospf neighbor Command Reveal Neighbors Stuck in Two-Way State? Hello not received from neighbor. 43. OSPF NSSA type-7 to Type-5 translator election

When multiple ABRs connect the NSSA to area 0, the ABR with the highest router-id is elected as the Type-7 to 5 translator, and is responsible for re-originating the Type-5 LSA into area 0. This election process is an optimization of the OSPF database, and relates to how the Type-7 NSSA External route uses the forward address field to ensure optimal routing. 44. Why does the show ip ospf neighbor Command Reveal Neighbors in the Init State? The most likely reason that a local router is not listed in a neighbor's hello packets is that the neighbor has not received hello packets from the local router. Possible reasons for this are: Use the ping and traceroute commands to that links between routers are operational. If a ping between routers is not successful, the link is not functioning properly and you need to be troubleshoot it. Refer to troubleshooting pages related to Layer 2 technology you are using, such as ISDN, Ethernet, ATM, etc. If there are any access lists defined on the neighbor's interface, the destination IP of 224.0.0.5 must be permitted in the input access list. OSPF hello packets have a destination address of 224.0.0.5 (the all ospf routers multicast address). There might be a second layer or configuration problem affecting multicast packets from reaching the neighboring router. You can test this with the ping command on the multicast address 224.0.0.5 and confirm that responses are received from the neighboring router(s). In non-broadcast media such as Frame Relay, X.25, and ISDN, mapping is required between layer 2 and the IP address. In case of static mapping (for example, the interface level frame-relay map ip 1.1.1.1 100 broadcast or dialer map ip 1.1.1.1 broadcast name router1 55346 commands), you must configure the keyword broadcast to avoid encapsulation failure every time OSPF tries to send the multicast hello packet. The debug ip packet detail command used with the access list shows if there are any encapsulation failures. Authentication is not enabled on both sides. The router on which authentication is not enabled still processes hello packets from the neighbor and sees the neighbor in the init state. In order to correct this problem, enable authentication on both sides. 45. Why Are Some OSPF Routes in the Database but Not in the Routing Table? Reason 1: Network Type Mismatch Reason 2: Wrong Address Assignment in Dual Serial Link Setup Reason 3: One Side of Point-to-Point Link Included in Wrong Majornet or Subnet Reason 4: One Side Is Unnumbered and the Other Side Is Numbered Reason 5: Broken PVC in Fully Meshed Frame Relay Environment Reason 6: Forwarding Address Known via an External Route Reason 7: Distribute List Is Blocking the Routes 46. Why Are OSPF Neighbors Stuck in Exstart/Exchange State? The problem occurs most frequently when attempting to run OSPF between a Cisco router and another vendor's router. The problem occurs when the maximum transmission unit (MTU) settings for neighboring router interfaces don't match. If the router with the higher MTU sends a packet larger that the MTU set on the neighboring router, the neighboring router ignores the packet. 47. Why need of virtual-link ? If there are multiples areas, it is not possible to connect each area to area0. Hence virtual link is used to connect every nonzero area to area 0 48. Why does OSPF require all traffic between non-backbone areas to through a backbone area (area 0)? Comparing three fundamental concepts of link state protocols, concepts that even most OSPF beginners understand, easily derives the answer to the question. The first concept is this: Every link state router floods information about itself, its links, and its neighbors to every other router. From this flooded information each router builds an identical link state database. Each router then independently runs a shortest-path-first calculation on its database – a local calculation using distributed information – to derive a shortest-path tree. This tree is a sort of map of the shortest path to every other router. One of the advantages of link state protocols is that the link state database provides a “view” of the entire network, preventing most routing loops. This is in contrast to distance vector protocols, in which route information is ed hop-byhop through the network and a calculation is performed at each hop – a distributed calculation using local information. Each router along a route is dependent on the router before it to perform its calculations correctly and then correctly along the results. When a router s the prefixes it learns to its neighbors it’s basically saying, “I know how to reach these destinations.” And because each distance vector router knows only what its neighbors tell it, and has no “view” of the network beyond the neighbors, the protocol is vulnerable to loops. The second concept is this: When link state domains grow large, the flooding and the resulting size of the link state database becomes a scaling problem. The problem is remedied by breaking the routing domain into areas: That first concept is modified so that flooding occurs only within the boundaries of an area, and the resulting link state database contains only information from the routers in the area. This, in turn, means that each router’s calculated shortest-path tree only describes the path to other routers within the area. The third concept is this: OSPF areas are connected by one or more Area Border Routers (the other main link state protocol, IS-IS, connects areas somewhat differently) which maintain a separate link state database and calculate a separate shortest-path tree for each of their connected areas. So an ABR by definition is a member of two or more areas. It s the prefixes it learns in one area to its other areas by flooding Type 3 LSAs into the areas that basically say, “I know how to reach these destinations.” Wait a minute – what that last concept described is not link state, it’s distance vector. The routers in an area cannot “see” past the ABR, and rely on the ABR to correctly tell them what prefixes it can reach. The SPF calculation within an area derives a shortest-path tree that depicts all prefixes beyond the ABR as leaf subnets connected to the ABR at some specified cost. And that leads us to the answer to the question:

Because inter-area OSPF is distance vector, it is vulnerable to routing loops. It avoids loops by mandating a loop-free interarea topology, in which traffic from one area can only reach another area through area 0. 49. ive interface behaviour in OSPF? In OSPF the ive-interface has a similar behavior to EIGRP. The command suppresses hello packets and hence neighbor relationships. 50. Difference between SPF and CSPF Just as the names sound, SPF is an algorithm that calculates the shortest path through a network for destinations in the network. CSPF does the same thing but it also considers constraints which the specifies e.g available bandwidth on the interface. So, while SPF may take for example path R1-R2-R3-R4 to get to R4, CSPF can choose R1-R2-R7-R8-R9-R4 to get to R4. This all depends on the constraints specified and its used in conjunction with RSVP for MPLS TE. 51. What are the BGP path selection criteria? weight, local pref, self origin, AS path, origin, mED, external 52. What is the difference between always-compare-med and deterministic-med? There are two BGP configuration commands that can influence the MED-based path selection, the bgp deterministic-med and the bgp always-compare-med commands. Enabling the bgp deterministic-med command ensures the comparison of the MED variable when choosing routes d by different peers in the same autonomous system. Enabling the bgp always-compare-med command ensures the comparison of the MED for paths from neighbors in different autonomous systems. The bgp always-compare-med command is useful when multiple service providers or enterprises agree on a uniform policy for setting MED. Thus, for network X, if Internet Service Provider A (ISP A) sets the MED to 10, and ISP B sets the MED to 20, both ISPs agree that ISP A has the better performing path to X. Note: The bgp deterministic-med and bgp always-compare-med commands are not enabled by default. Also, the two commands are separate; enabling one does not automatically enable the other. 53. Does the route reflector change the next hop attribute of a reflected prefix? By default, the next hop attribute is not changed when a prefix is reflected by route reflector. However, you can issue the neighbor next-hop-self command in order to change the attribute of the next hop for prefixes reflected from an eBGP peer to any route reflector client. 54. Why IGP in BGP? Keep in mind these rules when using BGP with other IGP protocols: BGP will not put routes that it cannot reachability for in the main IP routing table. For routers to successfully use BGP routes, they must always have a route to the next-hop IP address in the main IP routing table. Unless otherwise configured, BGP stores only the best path to a destination network in the main IP routing table. However, you can use the BGP maximum-paths command to configure more than one path. BGP s only the best path to a destination network. You can control BGP path selection using BGP attributes, and you can control the best path selection process using certain Cisco IOS Software BGP configuration commands. BGP follows its own best path decision process to find the most efficient path; this path is stored in the main routing table. BGP forms peer relationships only with explicitly configured peers, and only s networks that it was explicitly configured to . BGP does not redistribute its routes into IGPs unless explicitly configured to do so. BGP is an extremely customizable protocol; it can be as dynamic or static as it is configured to be. You can and control route policies in a number of different ways. 55. Difference between BGP synchronization and split-horizon rule. BGP Split horizon: This is for ibgp only and when you have more than 2 routers in ibgp you have to think about this, If only two routers you are ok. If a routes is learned by an ibgp neighbor that route will not be d to another ibgp neighbors The solution is full mesh-- number of bgp =n(n-1)/2 where n is number of routers But this leads to lots of configs so solution is either Route Reflector or confederation(sub AS within main AS) Synchronization: BGP routers try to synchronize between IGP table(show ip route bgp) and bgp table(show ip bgp) In order for bgp route to be used and d, it must be learned by an IGP(another routing protocol rip/eigrp/ospf) etc But if you run only bgp and if same routes are not d by IGP, you may want to turn off this automatic synchronization between IGP table of BGP(show ip route bgp) and BGP table(show ip bgp) with (config-router)#no sync Now in new IOS "no sync" is default. 56. What does r RIB-Failure mean in the show ip bgp command output R1> show ip bgp BGP table version is 5, local router ID is 200.200.200.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric Lorf Weight Path r> 6.6.6.0/24 10.10.13.3 0 130 0 30 i *> 7.7.7.0/24 10.10.13.3 0 125 0 30 i A. When BGP tries to install the bestpath prefix into Routing Information Base (RIB) (for example, the IP Routing table), RIB might reject the BGP route due to any of these reasons:

Route with better istrative distance already present in IGP. For example, if a static route already exists in IP Routing table. Memory failure. The number of routes in VPN routing/forwarding (VRF) exceeds the route-limit configured under the VRF instance. 57. RIP rules for sending and receiving updates Rules for sending update - Check major network of outgoing interface Is it same? – No summarize and send update. 137.99.88.0/24 will get summarize IP Unnumbered Exception : Router will send this network with subnet bit information in RIP update packet. – Yes - Check subnetmask is it same? – Yes Send the update. 131.108.5.0/24 will go now - No Is it the host route with /32 mask? - Yes Send it as host route with host bit set in update. 131.108.1.1/32 will be sent as update. - No Drop the network 131.108.11.0/27 will be dropped here. Rules for Receiving update - Check Major Network is it the same as on source interface? - Yes Is it the host route with /32 mask and host bit set on update packet? - Yes Apply /32 mask and keep the route to whole world. 131.108.1.1/32 will be installed in routing table - No Apply the mask of incoming interface and install in routing table. 131.108.5.0/24 will be in routing table. – No is any subnet of recieved major network in any interface other than source interface. - Yes Drop the route - No Accept the route and apply the default mask. 137.99.0.0/16 route will be installed in the routing table. IP Unnumbered Exception : RIP update packet should have the subnet bit information and link between the router’s is unnumbered. 58. why RIP does not discontiguous network and VLSM With discontiguous networks, you must use static routes to establish connectivity between the discontiguous subnetworks 59. Difference in RIPv1 and v2 Routing Information Protocol Version 1 (RIPv1) RIPv1 is a Distance-Vector Routing protocol. RIPv1 is a Classful routing protocol. Classful routing protocols only the networks which are not subnetted. Classful routing protocols do not send subnet mask information with their routing updates. In other words, if you have a subnetted network in your RIPv1 routing domain, RIPv1 will announce that network to other as unsubnetted network. RIPv1 does not VLSM (Variable Length Subnet Masking). RIPv1 maximum metric (hop count) value of 15. Any router farther than 15 hops away is considered as unreachable. RIPv1 send routing updates periodically every 30 seconds as broadcasts using destination IP address as limited broadcast IP adddress 255.255.255.255. Since the updates are sent using the destination IP address of limited broadcast IP adddress 255.255.255.255, every router need to process the routing update messages (whether they are running RIPv1 or not). RIPv1 does not authentication of update messages (plain-text or MD5). Routing Information Protocol Version 2 (RIPv2) RIPv2 is a Hybrid Routing Protocol. A Hybrid Routing Protocol is basically a Distance-Vector protocol which some characteristics of Link State routing protocols. RIPv2 is classless routing, which allows us to use subnetted networks also. RIPv2 has the option for sending network mask in the update to allow classless routing. RIPv2 VLSM (Variable Length Subnet Masking). RIPv2 maximum metric (hop count) value of 15. Any router farther than 15 hops away is considered as unreachable. RIPv2 s triggered updates. RIPv2 routing updates are sent as Multicast traffic at destination multicast address of 224.0.0.9. Multicast updates reduce the network traffic. The Multicast routing updates also helps in reducing routing update message processing overhead in routers which are not running RIPv2. Only the routers running RIPv2 to the multicast group 224.0.0.9. Other routers which are not running RIPv2 can simply filter the routing update packet at Layer 2. RIPv2 authentication of RIPv2 update messages (plain-text or MD5). Authentication helps in confirming that the updates are coming from authorized sources. 60. Why was the metric chosen as 16? Why not 17&18…? in RIP sum of all timers is equal is 15. update+ invalid + flush timer = 30:180:240 61. How checksum is calculated in IP Header? Take the following truncated excerpt of an IPv4 packet. The header is shown in bold and the checksum is underlined. 4500 0073 0000 4000 4011 b861(cksum) c0a8 0001 c0a8 00c7 0035 e97c 005f 279f 1e4b 8180 To calculate the checksum, we can first calculate the sum of each 16 bit value within the header, skipping only the checksum field itself. Note that the values are in hexadecimal notation. 4500 + 0073 + 0000 + 4000 + 4011 + c0a8 + 0001 + c0a8 + 00c7 = 2479C (equivalent to 149,404 in decimal) Next, we convert the value 2479C to binary: 0010 0100 0111 1001 1100 The first 4 bits are the carry and will be added to the rest of the value: 0010 + 0100 0111 1001 1100 = 0100 0111 1001 1110 Next, we flip every bit in that value, to obtain the checksum: 0100 0111 1001 1110 becomes: 1011 1000 0110 0001 This is equal to B861 in hexadecimal, as shown underlined in the original IP packet header. 62. Content of T and IP header? The fields in the IP header and their descriptions are:

Version - A 4-bit field that identifies the IP version being used. The current version is 4, and this version is referred to as IPv4. HLength—A 4-bit field containing the length of the IP header in 32-bit increments. The minimum length of an IP header is 20 bytes, or five 32-bit increments. The maximum length of an IP header is 24 bytes, or six 32-bit increments. Therefore, the header length field should contain either 5 or 6. Differentiated Services Code Point (DS)—A 6-bit field used to identify the level of service a packet receives in the network. DS is a 3-bit expansion of IP precedence with the elimination of the ToS bits. Total Length—Specifies the length of the IP packet that includes the IP header and the data. The length field is 2 bytes, so the maximum size of an IP packet is 2^16 – 1 or 65,535 bytes. Identifier, Flags, and Fragment Offset—As an IP packet moves through the Internet, it might need to cross a route that cannot handle the size of the packet. The packet will be divided, or fragmented, into smaller packets and reassembled later. These fields are used to fragment and reassemble packets. Time to Live (TTL)—It is possible for an IP packet to roam aimlessly around the Internet. If there is a routing problem or a routing loop, then you don't want packets to be forwarded forever. A routing loop is when a packet is continually routed through the same routers over and over. The TTL field is initially set to a number and decremented by every router that is ed through. When TTL reaches 0 the packet is discarded. Protocol—In the layered protocol model, the layer that determines which application the data is from or which application the data is for is indicated using the Protocol field. This field does not identify the application, but identifies a protocol that sits above the IP layer that is used for application identification. Header Checksum—A value calculated based on the contents of the IP header. Used to determine if any errors have been introduced during transmission. Source IP Address—32-bit IP address of the sender. Destination IP Address—32-bit IP address of the intended recipient. Options and Padding—A field that varies in length from 0 to a multiple of 32-bits. If the option values are not a multiple of 32bits, 0s are added or padded to ensure this field contains a multiple of 32 bits. T Header Format Source port (16 bits) identifies the sending port Destination port (16 bits) identifies the receiving port Sequence number (32 bits) has a dual role: If the SYN flag is set (1), then this is the initial sequence number. The sequence number of the actual first data byte and the acknowledged number in the corresponding ACK are then this sequence number plus 1. If the SYN flag is clear (0), then this is the accumulated sequence number of the first data byte of this segment for the current session. Acknowledgment number (32 bits) if the ACK flag is set then the value of this field is the next sequence number that the receiver is expecting. This acknowledges receipt of all prior bytes (if any). The first ACK sent by each end acknowledges the other end's initial sequence number itself, but no data. Data offset (4 bits) specifies the size of the T header in 32-bit words. The minimum size header is 5 words and the maximum is 15 words thus giving the minimum size of 20 bytes and maximum of 60 bytes, allowing for up to 40 bytes of options in the header. This field gets its name from the fact that it is also the offset from the start of the T segment to the actual data. Reserved (3 bits) for future use and should be set to zero Flags (9 bits) (aka Control bits) contains 9 1-bit flags NS (1 bit) – ECN-nonce concealment protection (added to header by RFC 3540). CWR (1 bit) – Congestion Window Reduced (CWR) flag is set by the sending host to indicate that it received a T segment with the ECE flag set and had responded in congestion control mechanism (added to header by RFC 3168). ECE (1 bit) – ECN-Echo has a dual role, depending on the value of the SYN flag. It indicates: If the SYN flag is set (1), that the T peer is ECN capable. If the SYN flag is clear (0), that a packet with Congestion Experienced flag in IP header set is received during normal transmission (added to header by RFC 3168). URG (1 bit) – indicates that the Urgent pointer field is significant ACK (1 bit) – indicates that the Acknowledgment field is significant. All packets after the initial SYN packet sent by the client should have this flag set. PSH (1 bit) – Push function. Asks to push the buffered data to the receiving application. RST (1 bit) – Reset the connection SYN (1 bit) – Synchronize sequence numbers. Only the first packet sent from each end should have this flag set. Some other flags and fields change meaning based on this flag, and some are only valid for when it is set, and others when it is clear. FIN (1 bit) – No more data from sender Window size (16 bits)

the size of the receive window, which specifies the number of window size units (by default, bytes) (beyond the sequence number in the acknowledgment field) that the sender of this segment is currently willing to receive (see Flow control and Window Scaling) Checksum (16 bits) The 16-bit checksum field is used for error-checking of the header and data Urgent pointer (16 bits) if the URG flag is set, then this 16-bit field is an offset from the sequence number indicating the last urgent data byte Options (Variable 0–320 bits, divisible by 32) 63. How t 3 way handshake works and T connection termination as well? Connection establishment: To establish a connection, T uses a three-way handshake. Before a client attempts to connect with a server, the server must first bind to and listen at a port to open it up for connections: this is called a ive open. Once the ive open is established, a client may initiate an active open. To establish a connection, the three-way (or 3-step) handshake occurs: SYN: The active open is performed by the client sending a SYN to the server. The client sets the segment's sequence number to a random value A. SYN-ACK: In response, the server replies with a SYN-ACK. The acknowledgment number is set to one more than the received sequence number i.e. A+1, and the sequence number that the server chooses for the packet is another random number, B. ACK: Finally, the client sends an ACK back to the server. The sequence number is set to the received acknowledgement value i.e. A+1, and the acknowledgement number is set to one more than the received sequence number i.e. B+1. At this point, both the client and server have received an acknowledgment of the connection. The steps 1, 2 establish the connection parameter (sequence number) for one direction and it is acknowledged. The steps 2, 3 establish the connection parameter (sequence number) for the other direction and it is acknowledged. With these, a full-duplex communication is established. Connection termination: The connection termination phase uses a four-way handshake, with each side of the connection terminating independently. When an endpoint wishes to stop its half of the connection, it transmits a FIN packet, which the other end acknowledges with an ACK. Therefore, a typical tear-down requires a pair of FIN and ACK segments from each T endpoint. After both FIN/ACK exchanges are concluded, the side that sent the first FIN before receiving one waits for a timeout before finally closing the connection, during which time the local port is unavailable for new connections; this prevents confusion due to delayed packets being delivered during subsequent connections. A connection can be "half-open", in which case one side has terminated its end, but the other has not. The side that has terminated can no longer send any data into the connection, but the other side can. The terminating side should continue reading the data until the other side terminates as well. It is also possible to terminate the connection by a 3-way handshake, when host A sends a FIN and host B replies with a FIN & ACK (merely combines 2 steps into one) and host A replies with an ACK.[13] This is perhaps the most common method. It is possible for both hosts to send FINs simultaneously then both just have to ACK. This could possibly be considered a 2-way handshake since the FIN/ACK sequence is done in parallel for both directions. Some host T stacks may implement a half-duplex close sequence, as Linux or HP-UX do. If such a host actively closes a connection but still has not read all the incoming data the stack already received from the link, this host sends a RST instead of a FIN (Section 4.2.2.13 in RFC 1122). This allows a T application to be sure the remote application has read all the data the former sent—waiting the FIN from the remote side, when it actively closes the connection. But the remote T stack cannot distinguish between a Connection Aborting RST and Data Loss RST. Both cause the remote stack to lose all the data received. 64. Which device does reassembly and why Always end device will do reassembly. Reason is buffer issue and all fragments packets should through same router. 65. What is gratuitous ARP. http://wiki.wireshark.org/Gratuitous_ARP Gratuitous ARP Gratuitous ARP could mean both gratuitous ARP request or gratuitous ARP reply. Gratuitous in this case means a request/reply that is not normally needed according to the ARP specification (RFC 826) but could be used in some cases. A gratuitous ARP request is an AddressResolutionProtocol request packet where the source and destination IP are both set to the IP of the machine issuing the packet and the destination MAC is the broadcast address ff:ff:ff:ff:ff:ff. Ordinarily, no reply packet will occur. A gratuitous ARP reply is a reply to which no request has been made. Gratuitous ARPs are useful for four reasons: They can help detect IP conflicts. When a machine receives an ARP request containing a source IP that matches its own, then it knows there is an IP conflict. They assist in the updating of other machines' ARP tables. Clustering solutions utilize this when they move an IP from one NIC to another, or from one machine to another. Other machines maintain an ARP table that contains the MAC associated with an IP. When the cluster needs to move the IP to a different NIC, be it on the same machine or a different one, it reconfigures the NICs appropriately then broadcasts a gratuitous ARP reply to inform the neighboring machines about the change in MAC for the IP. Machines receiving the ARP packet then update their ARP tables with the new MAC. They inform switches of the MAC address of the machine on a given switch port, so that the switch knows that it should transmit packets sent to that MAC address on that switch port. Every time an IP interface or link goes up, the driver for that interface will typically send a gratuitous ARP to preload the ARP tables of all other local hosts. Thus, a gratuitous ARP will tell us that that host just has had a link up event, such as a link bounce, a machine just being rebooted or the /sys on that host just configuring the interface up. If we see multiple gratuitous ARPs from the same host frequently, it can be an indication of bad Ethernet hardware/cabling resulting in frequent link bounces.

66. Difference between VLSM, CIDR and super-netting Classless Inter-Domain Routing. is also called supernetting. The main purpose of CIDR is aggregate route it is also known as supernetting or summarization. CIDR addresses reduce the size of routing tables. Variable-Length Subnet Masking (VLSM) or Subnetting is used to better utilize address space. Subnets divide a single network into smaller pieces. Subnetting is dividing a network into several smaller parts (subnets), each having its own sub-network address. Supernetting is combining several small networks (e.g. of class C) into a big one to create a large range of addresses. VLSM is used to to increase usability of Subnets 67. Vtp modes of operation? VTP Modes of Operation. VTP has three different modes of operation within a domain: Server, Client and Transparent. VTP Server Every catalyst switch is a server by default. Every network or domain requires a server to propagate VLAN information throughout the network or domain. As a server switch, it will be able to create, add and delete VLANs in the domain. VTP server controls any change that’s to be made in the entire domain. When a change is made in the server, it will be d throughout the entire VTP domain. VTP server configurations are saved in the NVRAM. VTP Client Switches in a client mode receive information from VTP servers. VTP client switches also sends and receives updates, but one difference between clients and server is that; VTP client switches can’t create, change and delete VLANs. In other words, none of the ports on the client switch can be added to a new VLAN without the authorisation or notification from the server switch. Switches in client mode processes and forwards VLAN information. VLAN information on client switches is not saved in NVRAM. VTP Transparent Switches in this mode don’t take part in VTP domain or database. They behave more or less like servers in that they create, modify and delete VLANs because they have and keep their own databases, which is only locally important. VTP switches in transparent modes only purpose in a VTP domain is to forward VTP ments through any configured trunk links. 68. Forwarding decision in the routing table and route selection criteria The main considerations while building the routing table are: istrative distance - This is the measure of trustworthiness of the source of the route. If a router learns about a destination from more than one routing protocol, istrative distance is compared and the preference is given to the routes with lower istrative distance. In other words, it is the believability of the source of the route. Metrics - This is a measure used by the routing protocol to calculate the best path to a given destination, if it learns multiple paths to the same destination. Each routing protocol uses a different metric. Prefix length To understand this better, let's look at an example. Assume a router has four routing processes running: EIGRP, OSPF, RIP, and IGRP. Now, all four of these processes have learned of various routes to the 192.168.24.0/24 network, and each has chosen its best path to that network through its internal metrics and processes. Each of these four processes attempts to install their route toward 192.168.24.0/24 into the routing table. The routing processes are each assigned an istrative distance, which is used to decide which route to install. Default istrative Distances Connected 0 Static 1 eBGP 20 EIGRP (internal) 90 IGRP 100 OSPF 110 IS-IS 115 RIP 120 EIGRP (external) 170 iBGP 200 EIGRP summary route 5 Since the internal EIGRP route has the best istrative distance (the smaller the istrative distance, the higher the preference), it's installed in the routing table. How Metrics Determine the Route Selection Process Routes are chosen and built in the routing table based on the routing protocol's istrative distance. The routes learned from the routing protocol with the lowest istrative distance are installed in the routing table. If there are multiple paths to the same destination from a single routing protocol, then the multiple paths would have the same istrative distance and the best path is selected based on the metrics. Metrics are values associated with specific routes, ranking them from most preferred to least preferred. The parameters used to determine the metrics differ for different routing protocols. The path with the lowest metric is selected as the optimal path and installed in the routing table. If there are multiple paths to the same destination with equal metrics, load balancing is done on these equal cost paths Making Forwarding Decisions Let's look at the three routes we just installed in the routing table, and see how they look on the router. router# show ip route ....

D 192.168.32.0/26 [90/25789217] via 10.1.1.1 R 192.168.32.0/24 [120/4] via 10.1.1.2 O 192.168.32.0/19 [110/229840] via 10.1.1.3 .... If a packet arrives on a router interface destined for 192.168.32.1, which route would the router choose? It depends on the prefix length, or the number of bits set in the subnet mask. Longer prefixes are always preferred over shorter ones when forwarding a packet. In this case, a packet destined to 192.168.32.1 is directed toward 10.1.1.1, because 192.168.32.1 falls within the 192.168.32.0/26 network (192.168.32.0 to 192.168.32.63). It also falls within the other two routes available, but the 192.168.32.0/26 has the longest prefix within the routing table (26 bits verses 24 or 19 bits). Likewise, if a packet destined for 192.168.32.100 arrives on one of the router's interfaces, it's forwarded to 10.1.1.2, because 192.168.32.100 doesn't fall within 192.168.32.0/26 (192.168.32.0 through 192.168.32.63), but it does fall within the 192.168.32.0/24 destination (192.168.32.0 through 192.168.32.255). Again, it also falls into the range covered by 192.168.32.0/19, but 192.168.32.0/24 has a longer prefix length. 69. How iBGP works? ###Routes learnt from One IBGP Peer cannot be d to another IBGP Peer. ### split horizon rule When two IBGP neighbors send update messages to each other they do not add the ASN in AS_Path attribute in the update because both of them are in the same AS and the AS_Path will not change. Since BGP uses the ASN in the AS_Path attribute to avoid loops, and IBGP will not add the ASN to AS_Path when sending updates in the same AS, this can cause a potential routing loop. To avoid such loops IBGP has to follow a rule which says that when a route is learnt from an IBGP neighbor, that route cannot be d to another IBGP Peer. Consider the example below. RTR-A is advertising 1.1.1.0/24 to RTR-B. RTR-B learns the route but will not that route to RTR-C. Similarly RTR-B will also learn the route 2.2.2.0/24 From RTR-C but will not this route to RTR-A. Since all the three routers are in the same AS and in same AS BGP does not routes that have been learned from an IBGP peer to another IBGP peer. This is a partially meshed IBGP network hence RTR-A and RTR-C are not exchanging the NLRI. This can be resolved by creating a logical connection between RTR-A and RTR-C. A BGP Session can be established between RTR-A and RTR-C to allow both of them to exchange their BGP learnt Routes. The T Session that RTR-A and RTR-C use to establish the BGP es through RTR-B, so it is important that the data link addresses interconnecting RTR-A and RTR-C are known to them.

In iBGP, the routes learnt from one iBGP neighbor are not d to another iBGP neighbor due to the BGP Split Horizon Rule. To overcome the issues generated by this rule, one option is to have a full mesh of iBGP routers, where each iBGP router is peering directly with all other iBGP routers in the AS. The solution is feasible if you have a small number of iBGP routers, but it will not scale if you need a large number of iBGP speaking routers in the AS. The number of iBGP Sessions needed in an AS for Full mesh IBGP are calculated with the formula N(N-1)/2. So assuming you have 10 iBGP routers then the number of iBGP peering sessions would be 10(10-1)/2 = 45 iBGP Sessions to manage within the AS. That’s a lot of configuration and a lot of room for errors and may become difficult to troubleshoot. There are 2 alternatives to creating a Full Mesh iBGP Routing, which are 1. Route Reflectors 2. Confederations ## Rule of Synchronization: For A Route to be learnt from an IBGP neighbor, it must first be known via an IGP. Any route learnt from IBGP is entered into the routing table only if that route is first learnt by an IGP Note: In some case Synchronization is not practical and this rule can be turned off by command: No Synchronization.

Synchronization requires that before a route is learnt from an IBGP neighbor and entered into Routing table and d to other BGP peers, the route must first be learnt via IGP. In this example, RTR-A and RTR-C have formed a BGP Peering, and the T session es through RTR-B. There is no physical connectivity between RTR-A and RTR-C but a logical connection exists. If Synchronization is turned on, then it is important to note that the routes d by RTR-A will appear in the RTR-C’s Routing table only if these routes exist in the IGP. The same applies for RTR-A, the routes d by RTR-C will not appear in the RTR-A’s Routing table if these routes are not being learnt by the IGP first. RTR-B is directly connected to Both RTR-A and RTR-C and is learning the routes from both of them. RTR-B still cannot the routes learnt from RTR-A to RTR-C and the routes learnt from RTR-C to RTR-A because there is either no IGP running or these routes are not in IGP, and since both RTR-A and RTR-C are not directly connected they have to cross through RTR-B. Since there is no entry in IGP for these routes RTR-B cannot these routes -as per the rule of synchronization. If the routes d by RTR-A and RTR-C are being learnt by an IGP then both RTR-A and RTR-C will learn each others BGP routes in their BGP and routing tables. There are two workarounds for these situations. 1. Not all routes can be redistributed into IGP (Since the Internet Routing table is very large and IGP cannot scale to it) then have all the IBGP routers fully meshed and then turn off the Synchronization rule with no synchronization command. 2. Redistribute all external routes into IGP. Not a feasible solution as IGP will not scale to hold all the internet routes. 70. How link between etherchannel works? What happens when one of the link goes down? Described in another question. 71. switch --- Router --- switch Is communication between two switches happens ? Is this a valid scenario? This is not a valid scenario. Since both switches are in different broadcast domains. 72. Can we have multiple area o’s in a network. No we can’t have multiple area 0s. Always we have one area 0 ie backbone area. This is used to avoid looping in ospf while interacting between areas. 73. Why netconf is used instead of SNMP? SNMP is too limited to be useful for exchanging configuration data. SNMP is stateless. Therefore cannot handle multi-stage data transactions. Not able to backup/restore elements – one SNMP sets a variable there is no recovery action. Therefore, setting multiple SNMP variable is risky and difficult. Because of this, very few applications perform SNMP writes. 74. How SNMP operates. How data transfer between manager and agent happens? Understanding the Management Information Base (MIB) When an SNMP manager requests information from an SNMP agent, the SNMP agent retrieves the current value of the requested information from the Management Information Base (MIB). The MIB defines the managed objects that an SNMP manager monitors (or sometimes configures) on an SNMP agent. Each system in a network (workstation, server, router, bridge, and so forth) maintains a MIB that reflects the status of the managed resources on that system, such as the version of the software running on the device, the IP address assigned to a port or interface, the amount of free hard drive space, or the number of open files. The MIB does not contain static data, but is instead an object-oriented, dynamic database that provides a logical collection of managed object definitions. The MIB defines the data type of each managed object and describes the object. http://technet.microsoft.com/en-us/library/cc783142(v=ws.10).aspx 75. How switch operates? Concept on port based, mac address and normal mac address? How unicast and broad cast happens in these cases? An Ethernet switch is mainly used to forward packets at the data link layer, that is, transmit the packets to the corresponding ports according to the destination MAC address of the packets. To forward packets quickly, a switch maintains a MAC address table, which is a Layer 2 address table recording the MAC address-to-forwarding port association. Each entry in a MAC address table contains the following fields: Destination MAC address

ID of the VLAN which a port belongs to Forwarding egress port numbers on the local switch When forwarding a packet, an Ethernet switch adopts one of the two forwarding methods based upon the MAC address table entries. Unicast forwarding: If the destination MAC address carried in the packet is included in a MAC address table entry, the switch forwards the packet through the forwarding egress port in the entry. Broadcast forwarding: If the destination MAC address carried in the packet is not included in the MAC address table, the switch broadcasts the packet to all ports except the one receiving the packet. Each hardware device that you connect to your Ethernet network has a unique MAC address assigned to it by the device’s manufacturer. For example, every network interface card (NIC) that you use to connect your computers to your network has a MAC address assigned to it by the adapter’s manufacturer. The switch contains a MAC address table with a storage capacity of up to 16,000 entries. The switch uses the table to store the MAC addresses of the network nodes connected to its ports, along with the port number on which each address was learned. The switch learns the MAC addresses of the end nodes by examining the source address of each packet received on a port. It adds the address and port on which the packet was received to the MAC table if the address has not already been entered in the table. The result is a table that contains all the MAC addresses of the devices that are connected to the switch’s ports, and the port number where each address was learned. When the switch receives a packet, it also examines the destination address and, by referring to its MAC address table, determines the port where the destination node is connected. It then forwards the packet to the appropriate port and on to the end node. This increases network bandwidth by limiting each frame to the appropriate port when the intended end node is located, freeing the other switch ports for receiving and transmitting data. If the switch receives a packet with a destination address that is not in the MAC address table, it floods the packet to all the ports on the switch. If the ports have been grouped into virtual LANs, the switch floods the packet only to those ports which belong to the same VLAN as the port on which the packet was received. This prevents packets from being forwarded onto inappropriate LAN segments and increases network security. When the destination node responds, the switch adds its MAC address and port number to the table. If the switch receives a packet with a destination address that is on the same port on which the packet was received, it discards the packet without forwarding it on to any port. Because both the source node and the destination node for the packet are located on the same port on the switch, there is no reason for the switch to forward the packet. This too increases network performance by preventing frames from being forwarded unnecessarily to other network devices. The type of MAC address described above is referred to as a dynamic MAC address. Dynamic MAC addresses are addresses that the switch learns by examining the source MAC addresses of the frames received on the ports. Dynamic MAC addresses are not stored indefinitely in the MAC address table. The switch deletes a dynamic MAC address from the table if it does not receive any frames from the node after a specified period of time. The switch assumes that the node with that MAC address is no longer active and that its MAC address can be purged from the table. This prevents the MAC address table from becoming filled with addresses of nodes that are no longer active. The period of time that the switch waits before purging an inactive dynamic MAC address is called the age-out time. The default value is 300 seconds (5 minutes) and the range is 15 to 3000 seconds. For instructions on changing the aging timer, refer to Setting the Age-Out Time. 76. If switch is connected to four ports. Then how many mac address will be there in switch ? For every port, there will be one mac address. Apart from this switch has one default mac address ie for vlan 1 used for management purpose(used in case of managed switch). 77. What happens when hub is connected in between of two switches . what will happen when one of the links connected to hub goes down . how stp work? Hub won’t have any effect in topology since hub is L1 device. 78. When three routers are connected back to back in ospf topology. Will loop occur? No loop will not occur. If cost is same for both links – load balancing will happen otherwise best route is choosen based on ## sequence number. In a link-state routing protocol, such as OSPF or IS-IS, a routing loop disappears as soon as the new network topology is flooded to all the routers within the routing area. Link State ments LSAs contain a sequence number and a Router ID. Sequence numbers are 32 bits, starting with 0×80000001. The sequence number increases if: a route is added or deleted a LSA ages out The largest sequence number is always the most current. The default time that LSAs are aged out is 30 minutes. When an LSA enters a router, it checks it against its internal Link State Database (LSDB). If it is new, it is added to the LSDB and the SPF algorithm is re-run. If it contains a Router ID (RID) that is already in the database, entries with an older sequence number are discarded. If it receives an older version (according to its sequence number), it discards the LSA and sends back the newer version to the original sender.

All OSPF routers synchronize their link state databases (LSDB) and then run the shortest path first (SPF) algorithm (all the routers have the very same topology information but set themself as root of the tree), so the calculations result in loop-free shortest paths to the destinations. This is a key property of link-state routing protocols. OSPF is link state protocol, Router exchange routing information through LSA in OSPF domain. When any change occures in network, LSA exchange happens.LSA have sequence number starting with 0x80000001 and it increament by one. Whenever network changes happen routers update LSA to other routers and router checks the sequence number if it is older one it ignore the LSA. If it is new one it sent to LSDB. 79. What is default route? Also known as the gateway of last resort, a default route is a special type of static route with an all-zeros network and network mask. The default route is used to route any packets to a network that a router does not directly know about to a next-hop router. By default, if a router receives a packet to a destination network that is not in its routing table, it drops the packet. When a default route is specified, the router does not drop the packet. Instead, it forwards the packet to the IP address specified in the default route. 80. What is the major difference between BGP and IGP route summarization? When a summary address is created with an IGP (EIGRP, OSPF, and IS-IS), the specific routes of the summary are not d. BGP s the summary, and all the specific routes of the summary unless they are specifically suppressed. 81. Why does IBGP require a full mesh? BGP uses the AS _PATH attribute for loop detection. If a router sees its own AS number in a BGP ment, the ment is dropped. IBGP routers have the same AS number so the AS number cannot be used for loop detection. IBGP neighbors will not prefixes learned from one IBGP neighbor to another IBGP neighbor; therefore, a full mesh is required. 82. How many OSPF databases are on an OSPF router? The number of OSPF databases on a router is equal to the number of OSPF areas configured on the router. 83. How does OSPF determine an inter area shortest path? First, calculate the shortest path to an ABR. Second, calculate the shortest path across area 0 to an ABR that is attached to the destination area. Third, calculate the shortest path across the destination area from the ABR to the destination network. 84. Why are intra-area summary routes not allowed? OSPF databases on routers in the same area must be identical. If route summarization was allowed within an area, some routers would have specific routes and some routers would have summary routes for routers in the area. If this were allowed, the databases for the area would never agree. 85. Can I run two BGP process on single router? No, You cannot run two BGP process on a Single Router. But this is possible in case of ospf . In ospf we can enable two processes on two separate interfaces. Doing so we can segregate the routes between two interfaces and we will have two separate databases and separate ospf processes don’t share betweem themselves unless redistribution is used. 86. Default BGP timers? There are two primary timers in BGP. The first is the Hold Down timer, the other is the Keepalive Interval. The Hold Down Timer indicates how long a router will wait between hearing messages from it's neighbor. The Hold Down Timer defaults to 180 seconds on a Cisco router, but can be reconfigured. cisco default setting: 60 seconds To be certain that a BGP session stays up and functional, Keepalive messages are exchanged. The Keepalive Interval counts down to zero and then sends out another Keepalive. There is no timer for route updates, as updates happen dynamically on an incremental basis. 87. What is recursive lookup in BGP and how it works? The router looks up the BGP route and the BGP next hop to reach a destination in the remote AS. Then the router looks up the route to reach the BGP next hop using the IGP. 88. What is an IP Helper address feature and why is it required in a DH environment DH Discover packets are broadcast packets. This means that a DH Discover packet which is sent from the client would not reach the DH Server , if the server resides on a different network. This is because, routers are required for communication between different networks and routers do not forward broadcast packets. The IP Helper address feature is configured on the router. The feature informs the router the DH Servers IP address for the network. So, when the router receives the DH Discover packet, it would convert it from broadcast to unicast packet and then send it to the DH Server. 89. What is a DH Scope and why is it required A scope includes information like IP address ranges, Subnet Masks, gateway address, DNS Server etc. This required so that clients would require the necessary information from the server. 90. How would you troubleshoot DH server related issues. Check the IP connectivity with the DH server from a system configured on the network. Test if the DH client and server service is started on the DH server and the client. Test if the DH server service is reachable using nmap. 91. What is difference in L2 and L3 Switch L2 switch is mac address based whereas L3 switch is based on logical address.

Creating vlans in L2 switch and communicating between vlans is not possible. Communication between vlans is possible in L3 Switch. With L3 switch we can connect to WAN link but it is not possible with L2 switch. 92. Changing the reference bandwidth for the cost on OSPF interfaces Each interface on which OSPF is enabled has a cost associated with it. The device s its interfaces and their costs to OSPF neighbors. For example, if an interface has an OSPF cost of ten, the device s the interface with a cost of ten to other OSPF routers. By default, an interface’s OSPF cost is based on the port speed of the interface. The cost is calculated by dividing the reference bandwidth by the port speed. The default reference bandwidth is 100 Mbps, which results in the following default costs: 10 Mbps port - 10 All other port speeds - 1 You can change the reference bandwidth, to change the costs calculated by the software. The software uses the following formula to calculate the cost: Cost = reference-bandwidth/interface-speed If the resulting cost is less than 1, the software rounds the cost up to 1. The default reference bandwidth results in the following costs: 10 Mbps port’s cost = 100/10 = 10 100 Mbps port’s cost = 100/100 = 1 1000 Mbps port’s cost = 100/1000 = 0.10, which is rounded up to 1 10 Gbps port’s cost = 100/10000 = 0.01, which is rounded up to 1 The bandwidth for interfaces that consist of more than one physical port is calculated as follows: LAG group - The combined bandwidth of all the ports. Virtual interface - The combined bandwidth of all the ports in the port-based VLAN that contains the virtual interface. The default reference bandwidth is 100 Mbps. You can change the reference bandwidth to a value from 1 - 4294967. If a change to the reference bandwidth results in a cost change to an interface, the device sends a link-state update to update the costs of interfaces d by the device. NOTE: If you specify the cost for an individual interface, the cost you specify overrides the cost calculated by the software. 93. Why the forwarding address is set to 0.0.0.0 instead of 110.100.1.1? The forwarding address is set to 0.0.0.0 if the ASBR redistributes routes and OSPF is not enabled on the next hop interface for those routes. These conditions set the forwarding address field to a non-zero address: OSPF is enabled on the ASBR’s next hop interface AND ASBR’s next hop interface is non-ive under OSPF AND ASBR’s next hop interface is not point-to-point AND ASBR’s next hop interface is not point-to-multipoint AND ASBR’s next hop interface address falls under the network range specified in the router ospf command. 94. Which two options are advantages of NetFlow version 9 over NetFlow version 5? NetFlow version 9 adds for IPv6 headers. NetFlow version 9 adds for MPLS labels. 94. what is Etherchannel? EtherChannel is a term used to describe bundling or aggregating 2-8 parallel links. EtherChannel provides a level of link redundancy. If one link in the bundle fails, traffic sent through that link is automatically moved to an adjacent link in the bundle. Normally multiple links between switches creates the potential for bridging loops, but because an EtherChannel bundle is treated as a single logical link by both switches, it avoids the problem. Spanning Tree sees the bundle as a single link so individual ports will not be placed in a blocked STP state, allowing greater bandwidth utilization. If there are two redundant EtherChannel bundles, one entire EtherChannel will be blocked by STP to prevent a loop. Any changes made to an interface after the EtherChannel has been created will be automatically make the same change to all other ports in that bundle. Also – bundles cannot form if any of the assigned ports are SPAN ports. EtherChannel links can be either access or trunk links, but if they are trunked (usually the case), they require the following be the same on all connected interfaces: VLANs Trunking Mode Native VLAN Speed Duplex 95. What are the Etherchannel link negotiation protocols? EtherChannel link negotiation protocols PAgP (Port Aggregation Protocol) Cisco proprietary Forms EtherChannel only if ports are configured for identical static VLANs or trunking Will automatically modify interface parameters on all ports of the bundle if the EtherChannel interface is changed STP sends packets over only one physical link in a PAgP bundle. Because STP’s algorithm uses the lowest port priority (priority + port ID), if defaults are set, STP will always use the lowest number port for BPDUs. LA (Link Aggregation Control Protocol) An open standard to PAgP IEEE 802.3ad

Uses priority system for end switches Switch with the lowest system priority (2 byte value followed by MAC – lowest wins) determines which ports are active in the EtherChannel at any given time Uses port priority to determine which ports to place in standby mode if hardware limitations do not allow all ports to participate in the EtherChannel Most implementations leave the system and port priority to defaults 96. How load balancing happens in Ether Channel? Etherchannel Load Balancing The bundles use an algorithm to determine each link’s load, so they will never be able to operate at 100% capacity of the sum of the links. That means the load will not be balanced equally amongst the individual links. A hash algorithm is used to determine which individual interface each frame is forwarded through. The algorithm can use source IP, destination IP, a combination of the two, source and destination MAC, or T/UDP port numbers. If only one address or port number is used for the hash, the switch uses one or more low-order bits of the hash results as an index into the bundled links. If two or more addresses and or T ports are hashed, the hash performs an XOR on the low-order bits of the addresses or ports as the index. To configure the EtherChannel load balancing type globally on the switch: Switch(config)# port-channel load-balance method Methods: src-ip source IP dst-ip destination IP src-dst-ip source and destination IP (XOR) **DEFAULT METHOD** src-mac source MAC dst-mac destination MAC src-dst-mac source and destination MAC (XOR) src-port source port dst-port destination port src-dst-port source and destination port (XOR) 97. What are trunking modes of a switch port? There are 5 possible trunking modes for a switch port: Auto: this is the default mode. In this mode, a port will become a trunk port if the device the port is connected to is set to the on or desirable mode. Desirable: allows the port to become a trunk port if the device the port is connected to is set to the on, desirable, or auto mode On: sets the port to permanent trunking mode. Nonegotiate: sets the port to permanent trunking mode without sending Dynamic Trunking Protocol (DTP) frames Off: sets the port to permanent non-trunking mode 98. what is difference between LAG and LA? LAG : Link aggregation group(LAG) – combination of multiple links between two devices to form a single(larger ) link

LAG is a process of inter-connecting two switches with two or more links between them (or between a switch and a server), so that multiple links are combined into one bigger virtual link that can carry a higher (combined) bandwidth. All these multiple links participating in a Link Aggregation Group act like a single large (virtual) link. LAG is also used for increasing link reliability. Since multiple links connect two devices, even if one fails the other links keep carrying the information and the traffic on the failed link is also transferred to them. That way, loss of a single link between two switches doesn’t stop the communication between them. Multiple links participating in a LAG can also load-balance the traffic between them so that traffic is evenly distributed. The number of links that can combine to form a larger link between two devices is generally restricted by the hardware vendor. LAG is a static protocol and needs to be configured individually for each pair of physical ports. LAG is a standard. LA – Link Aggregation Control Protocol

LA is similar to LAG, where multiple ports/links between two switches combine to provide higher bandwidth links between them. Additionally, ports that are LA enabled can automatically configure themselves into trunk groups, without any manual configuration/intervention. The main purpose of LA is to automatically add/delete individual links to the aggregate bundle, while adding new links and also after recovering from link failures. LA can monitor to if all the links are connected to the right group. Basically, LA helps automate the configuration and maintenance of LAG’s. LA is a dynamic protocol. It is sufficient if multiple ports on various devices are LA enabled, once. LA is a standard and hence LA can be implemented between multi-vendor switches. LA should be enabled on the trunk ports initially in order for both the participating switches/devices that the standard, to use it. If there are more links (between two devices) than what is ed by the vendor for LA, the additional links are placed in stand-by mode and activated automatically when a link fails. LA, otherwise known as IEEE 802.1ax Link Aggregation Control Protocol, is simply a way to dynamically build an EtherChannel. Essentially, the “active” end of the LA group sends out special frames advertising the ability and desire to form an EtherChannel. It’s possible, and quite common, that both ends are set to an “active” state (versus a ive state). Additionally, LA only s full duplex links (which isn’t a concern for gigabit or faster links). Once these frames are exchanged, and if the ports on both side agree that they the requirements, LA will form an EtherChannel. http://www.thomas-krenn.com/en/wiki/Link_Aggregation_and_LA_basics 99. What are limitations of SNMP? While SNMP provides good network management at the macro level, it does not provide many network details required to solve many network issues. Since it needs to manage multiple devices manufactured by different vendors, the parameters that SNMP can manage are quite limited, based on the standards defined. But network devices are always very different from each other. Some are really complex. So, customization for management of particular elements cannot be defined by the . 100. What happens when one computer (C1) wants to communicate with another computer (C2) in a LAN segment? When it comes to the Layer 2 communications between networked systems, IP address is not used. So, within a LAN segment computers identify each other and communicate with each other using the MAC Address. So, when Computer (C1) gets the target IP address of the Computer (C2) it wants to communicate with, It first looks at its own ARP cache (which is a table that contains the IP addresses and their corresponding MAC addresses for computers/ systems within a network) to see if it already has the MAC address for the computer (C2), it wants to communicate with. If the MAC address of C2 is present in its ARP cache table, it can then append the message with the corresponding MAC address and send it over the network (cable, switch). If the MAC address of C2 is not present in its ARP cache table, C1 will broadcast an ARP request message to all the computers / systems in the network indicating that it wants the MAC address for the IP address in its possession. This ARP request is received by all the systems in the network, but only the computer with the target IP address (C2) responds to C1 with an ARP reply message, indicating its MAC address. Now since C1 has both IP address and MAC address of C2, it will communicate with C2 using this information. In the process, both C1 and C2 update their ARP cache tables with the newly acquired information so that the next time the ARP broadcast message can be avoided. What is ARP (Address Resolution Protocol)? As you see in the above example, an ARP – Address Resolution Protocol is used to translate an IP address into MAC address. There are two type of ARP messages – ARP request that is broadcast to all the systems in a LAN segment and the ARP reply that is unicast to the requesting station alone. ARP messages contain source and destination IP addresses & MAC addresses (if available), among other information. The Address Resolution Protocol is used within a single LAN segment and cannot be routed across a different network. A Gratuitous ARP message is broadcast to all the systems of a LAN segment when a system is just starting up or when the IP address/ MAC address of system has changed. This enables the computers in a LAN to update their ARP cache tables appropriately. This message does not solicit a response. In IPv6, there is a protocol called Neighbor Discovery Protocol (NDP) that does the same function as the ARP in IPv4. 101. What is an ARP Cache / Cache Table? Since computers cannot send broadcast messages every time they need to connect with another network device, they store the IP addresses and the corresponding MAC addresses of systems they frequently communicate with, in a table called ARP Cache table. All the systems in the LAN maintain this table. The entries in the ARP cache table are generally short lived and are updated every 15-20 minutes. Since a LAN segment consists of a number of computing devices, some individual ARP table entries are removed if the system doesn’t communicate with certain devices for considerable amount of time. This is done mainly to limit the size of ARP cache. 102. What is ARP Poisoning? The Address Resolution Protocol itself doesn’t come with any authentication / protection mechanism. So, ARP requests or/and replies can be forged by malicious systems under the control of hackers. If a forged ARP request/ reply is used to update the ARP cache of another system, the process is called ARP poisoning. This is mainly done to redirect network traffic for malicious purposes. 103. What is ARP broadcast storm? The ARP traffic on a network can be around 10% of the network traffic during normal times and up to 85% of the network traffic during abnormal network conditions caused by ARP broadcast storm. Basically, ARP requests are broadcast multiple

times or to multiple systems (sometimes more than thousand requests within a second) during an ARP broadcast storm thereby taking up a lot of network bandwidth and thereby making normal network communications difficult. This can happen due to a lot of reasons and some of them are given below: ARP request for a non existent host triggers a series of ARP messages within a short interval of time. Its only eventually that ARP gives up. Virus/ malware in a system can generate a lot of ARP broadcast messages in order to create a DOS type of network attack. If there are loops within the network that are not prevented by using protocols like STP/ RSTP, ARP requests would be looped back and fourth between switches creating an ARP broadcast storm. Incorrect router configuration, Network Interface Card/ Network Switch malfunction can also create ARP broadcast storms. A large unsegmented network is especially susceptible to excessive ARP broadcasts/ broadcast storms and hence it is always a good practice to sub-divide a large network into various segments (using VLAN’s etc) and enable Inter-VLAN routing using Layer-3 switches. This limits the broadcast domain to a limited number of systems. So, next time when there is a congestion in the network, you can monitor for ARP broadcast storms as well. You can use network monitoring tools like Wireshark to monitor for abnormal ARP activity. 104. How many mac address does a switch have ? It is based on a number of ports on switch + 1 default base mac address (for vlan 1) 105. What is double tagging? With the IEEE standard 802.1ad, double-tagging can be useful for Internet service providers, allowing them to use VLANs internally while mixing traffic from clients that are already VLAN-tagged. The outer (next to source MAC and representing ISP VLAN) S-TAG (service tag) comes first, followed by the inner C-TAG (customer tag). In such cases, 802.1ad specifies a TPID of 0x88a8 for service-provider outer S-TAG.

106. which packet contains MTU parameter in case of OSPF? Interface MTU is present in the Database description packet of OSPF. 107. If MTU size mismatch happens in router in BGP .Will sessions be up ? Sessions will not come up . Configuring MTU Discovery for BGP Sessions T path maximum transmission unit (MTU) discovery enables BGP to discover the best T path MTU for each BGP session automatically. In Junos OS, T path MTU discovery is disabled by default for all BGP neighbor sessions. When MTU discovery is not enabled, T sessions that are not directly connected transmit packets of 512-byte maximum segment size (MSS). These small packets minimize the chances of packet fragmentation at a device along the path to the destination. However, when you consider that most links use an MTU of at least 1500 bytes, 512-byte packets do not result in the most efficient use of link bandwidth. For directly connected EBGP sessions, MTU mismatches prevent the BGP session from being established. As a workaround, enable path MTU discovery within the EBGP group. Path MTU discovery dynamically determines the MTU size on the network path between the source and the destination, with the goal of avoiding IP fragmentation. Path MTU discovery works by setting the Don’t Fragment (DF) bit in the IP headers of outgoing packets. When a device along the path has an MTU that is smaller than the packet, the device drops the packet. The device also sends back an ICMP Fragmentation Needed (Type 3, Code 4) message that contains the device MTU, thus allowing the source to reduce its path MTU appropriately. The process repeats until the MTU is small enough to traverse the entire path without fragmentation. To enable MTU discovery, include the mtu-discovery statement: BGP Path MTU Discovery When a host generates Data, the packetization layer (T/UDP) will decide the packet size based on the MTU size of the outgoing interface. When the packet traverses along the path to ultimate destination, it may get fragmented if the MTU of outgoing interface on any router is less than the packet size. Packet fragmentation on intermittent router is always considered inefficient as it may result in below: 1. One fragment lost will result in entire packet sent from the source. 2. Introduce U/buffer burden. Path MTU Discovery is introduced to reduce the chances of IP packet getting fragmented along the path. The ultimate source will use this feature to identify the lowest MTU along the path to destination and will decide the packet size. 108. How does PMTUD works? When the host generates the packet, it decides the size as MTU size of the outgoing interface and set the DF bit. Any receiving intermittent device who has MTU less than the packet size on outgoing interface have two choices: 1. Fragment and send if the DF bit is not set

2. Drop the packet and send an ICMP error message with Type=3 (Destination Unreachable); Code=4 (Fragmentation needed and DF bit set) ICMP error message will have the MTU details of the outgoing interface in “Next-Hop MTU” field. Source on receiving the error message will now send the packet with mentioned MTU. This continues till it reaches the ultimate destination. BGP for Path MTU Discovery Introducing Path MTU Discovery on BGP session allows the BGP router to discover the best MTU size along the path to neighbor resulting in efficient way of exchanging BGP packets. Consider the below scenario for further reading,

Initial T negotiation between R1 and R5 will have MSS value equal to (IP MTU – 40 bytes of IP header) with DF set. In our case, IP MTU is 1500 which results in 1460 as MSS. As the initial negotiation packets are very small, it mostly moves the BGP to Established state with MSS as same value. R1#sh ip bgp nei | inc Data Datagrams (max data segment is 1460 bytes): After T negotiation, when the BGP update packets are sent, DF bit will be set wich will result in ICMP error message from R3 with 300 as Next-Hop MTU. Now the MSS is reduced to 260 (300 – 40 bytes of IP header). R1#sh ip bgp nei | inc Data Datagrams (max data segment is 260 bytes) R1# Now, with the same topology, when some intermittent device is not able to forward ICMP (some Firewall in between), end to end Path MTU discovery will not be successful. This may result in BGP session flap. We have configured ACL on R2 to block ICMP message towards R1. So ICMP error message from R3 will not reach R1. As soon we have BGP configured between R1 and R5, T negotiation will be successful and BGP will move to Established state. Now when the BGP Update is sent to R5, it will send the same with DF bit set. When a BGP router send BGP Update to any neighbor, it will not send keepalive. R3 on receiving it, will send an ICMP error message to R1 which is getting blocked in R2. R5 after BGP session is up will except either BGP update or keepalive from R1 to reset the hold down timer. After 180 seconds, it will neither receive Update nor keepalive resulting in sending BGP Notification to R1 with error message as “Hold time expired”. R1#sh ip bgp nei | inc Data Datagrams (max data segment is 1460 bytes): R1# *Mar 22 15:16:23.033: %BGP-3-NOTIFICATION: received from neighbor 150.1.5.5 4/0 (hold time expired) 0 bytes R1# *Mar 22 15:16:23.033: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Down BGP Notification received R1# *Mar 22 15:16:55.621: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Up R1# *Mar 22 15:19:56.409: %BGP-3-NOTIFICATION: received from neighbor 150.1.5.5 4/0 (hold time expired) 0 bytes R1# *Mar 22 15:19:56.409: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Down BGP Notification received R1# *Mar 22 15:20:13.361: %BGP-5-ADJCHANGE: neighbor 150.1.5.5 Up 109.How does a router knows whether it has to fragment a packet or not? IP Fragmentation An IP packet that is larger than the Maximum Transmission Unit (MTU) of an interface, is too large for transmission over that interface. The packet must either be fragmented, or discarded (and an ICMP error message returned to the sender). In either case, the original data will be fragmented into smaller packets (less than the smallest MTU) in order to allow it to be received by the final destination system. There are two approaches to doing this fragmentation: IP Router Segmentation - performing the fragmentation in the routers IP Path MTU Discovery - forcing the sender to perform the fragmentation IP Fragmentation processing at a Router The simplest approach from the end-system point of view is not to worry about the MTU size. In this simple approach, the sender simply has to ensure that each packet is less than the MTU of the link on which it is sent. (The router always knows this from the link interface configuration information). Large IP packets that exceed the MTU of the link between R1 and R2 are fragmented by R1 in to two or more IP packets each smaller than the MTU size. The network layer then has to arrange to cut packets up into smaller fragments whenever a router encounters a link with an MTU smaller than the received IP packet size. All the fragments of an IP packet carry the same ID in the IP packet header (allowing the final receiver to reassemble the fragmented parts into the original PDU). This is called "IP fragmentation" or "IP segmentation". The problem is, this offloads a lot of work on to routers, and in the worst case, can also result in packets being segmented by several IP routers one after another, resulting in very peculiar fragmentation. Fragmentation Method To fragment/segment a long internet packet, a router (R1 in the figure below) creates a new IP packet and copies the contents of the IP header fields from the long packet into the new IP header. The data of the long packet is then divided into two portions on a 8 byte (64 bit) boundary, so that the first packet is less than the MTU of the out-going interface. The more-

fragments flag (MF) in the first packet is set to one (to indicate that more fragments of this packet follow). The More Flag may already be set in this packet if it has already been fragmented by another system. This packet is forwarded. The second created new packet is then processed. The packet header field is identical to that of the original packet (including the same value of the packet ID, the total length field, the more-fragments flag (MF) and the fragment offset field in the original packet). The packet header field is updated with a new offset field, by adding the number of payload bytes sent in the first fragment. If this new packet is larger than the allowed link MTU, the packet is again fragmented.

IP Router Fragmentation Any packet that has a more fragments (MF) flag set, must have an integral multiple of 8 bytes. (The final fragment, which does not have this flag set, may have an arbitrary number of bytes). IP Router fragmentation is not recommended in the modern Internet, and this feature was not carried-forward when the next generation Internet Protocol (IPv6) was specified. IP Fragmentation processing at a Sender Path MTU Discovery allows a sender to fragment/segment a long internet packet, rather than relying on routers to perform IPlevel fragmentation. This is more efficient and more scalable. It is therefore the recommended method in the current Internet. This is also the only method ed in IPv6. IP Reassembly processing at the Receiving End System IP fragmentation and reassembly employs updating and using the values in the second 32 bits of the IPv4 packet header. An end system that accepts an IP packet (with a destination IP address that matches its own IP source address) will also reassemble any fragmented IP packets before these are ed to the next higher protocol layer. The system stores all received fragments (i.e., IP packets with a more-fragments flag (MF) set to one, or where the fragment offset is non-zero), in one of a number of buffers (memory space). Packets with the same 16-bit Identification value are stored in the same buffer, at the offset specified by the fragment offset field specified in the packet header. Packets which are incomplete remain stored in the buffer until either all fragments are received, OR a timer expires, indicating that the receiver does not expect to receive any more fragments. Completed packets are forwarded to the next higher protocol layer. 110. What are the issues with IP fragmentation? There are several issues that make IP fragmentation undesirable. There is a small increase in U and memory overhead to fragment an IP datagram. This holds true for the sender as well as for a router in the path between a sender and a receiver. Creating fragments simply involves creating fragment headers and copying the original datagram into the fragments. This can be done fairly efficiently because all the information needed to create the fragments is immediately available. Fragmentation causes more overhead for the receiver when reassembling the fragments because the receiver must allocate memory for the arriving fragments and coalesce them back into one datagram after all of the fragments are received. Reassembly on a host is not considered a problem because the host has the time and memory resources to devote to this task. But, reassembly is very inefficient on a router whose primary job is to forward packets as quickly as possible. A router is not designed to hold on to packets for any length of time. Also a router doing reassembly chooses the largest buffer available (18K) with which to work because it has no way of knowing the size of the original IP packet until the last fragment is received. Another fragmentation issue involves handling dropped fragments. If one fragment of an IP datagram is dropped, then the entire original IP datagram must be resent, and it will also be fragmented. You see an example of this with Network File System (NFS). NFS, by default, has a read and write block size of 8192, so a NFS IP/UDP datagram will be approximately 8500 bytes (including NFS, UDP, and IP headers). A sending station connected to an Ethernet (MTU 1500) will have to fragment the 8500 byte datagram into six pieces; five 1500 byte fragments and one 1100 byte fragment. If any of the six fragments is dropped because of a congested link, the complete original datagram will have to be retransmitted, which means that six more fragments will have to be created. If this link drops one in six packets, then the odds are low that any NFS data can be transferred over this link, since at least one IP fragment would be dropped from each NFS 8500 byte original IP datagram. Firewalls that filter or manipulate packets based on Layer 4 (L4) through Layer 7 (L7) information in the packet may have trouble processing IP fragments correctly. If the IP fragments are out of order, a firewall may block the non-initial fragments because they do not carry the information that would match the packet filter. This would mean that the original IP datagram could not be reassembled by the receiving host. If the firewall is configured to allow non-initial fragments with insufficient information to properly match the filter, then a non-initial fragment attack through the firewall could occur. Also, some network devices (such as Content Switch Engines) direct packets based on L4 through L7 information, and if a packet spans multiple fragments, then the device may have trouble enforcing its policies. 111. What T MSS Does and How It Works? The T Maximum Segment Size (MSS) defines the maximum amount of data that a host is willing to accept in a single T/IP datagram. This T/IP datagram may be fragmented at the IP layer. The MSS value is sent as a T header option only in T SYN segments. Each side of a T connection reports its MSS value to the other side. Contrary to popular belief, the MSS

value is not negotiated between hosts. The sending host is required to limit the size of data in a single T segment to a value less than or equal to the MSS reported by the receiving host. Originally, MSS meant how big a buffer (greater than or equal to 65496K) was allocated on a receiving station to be able to store the T data contained within a single IP datagram. MSS was the maximum segment (chunk) of data that the T receiver was willing to accept. This T segment could be as large as 64K (the maximum IP datagram size) and it could be fragmented at the IP layer in order to be transmitted across the network to the receiving host. The receiving host would reassemble the IP datagram before it handed the complete T segment to the T layer. Below are a couple of scenarios showing how MSS values are set and used to limit T segment sizes, and therefore, IP datagram sizes. Scenario 1 illustrates the way MSS was first implemented. Host A has a buffer of 16K and Host B a buffer of 8K. They send and receive their MSS values and adjust their send MSS for sending data to each other. Notice that Host A and Host B will have to fragment the IP datagrams that are larger than the interface MTU but still less than the send MSS because the T stack could 16K or 8K bytes of data down the stack to IP. In Host B's case, packets could be fragmented twice, once to get onto the Token Ring LAN and again to get onto the Ethernet LAN. Scenario 1

Host Host Host Host Host Host

A B B B A A

sends its MSS value of 16K to Host B. receives the 16K MSS value from Host A. sets its send MSS value to 16K. sends its MSS value of 8K to Host A. receives the 8K MSS value from Host B. sets its send MSS value to 8K.

In order to assist in avoiding IP fragmentation at the endpoints of the T connection, the selection of the MSS value was changed to the minimum buffer size and the MTU of the outgoing interface (- 40). MSS numbers are 40 bytes smaller than MTU numbers because MSS is just the T data size, which does not include the 20 byte IP header and the 20 byte T header. MSS is based on default header sizes; the sender stack must subtract the appropriate values for the IP header and the T header depending on what T or IP options are being used. The way MSS now works is that each host will first compare its outgoing interface MTU with its own buffer and choose the lowest value as the MSS to send. The hosts will then compare the MSS size received against their own interface MTU and again choose the lower of the two values. Scenario 2 illustrates this additional step taken by the sender to avoid fragmentation on the local and remote wires. Notice how the MTU of the outgoing interface is taken into by each host (before the hosts send each other their MSS values) and how this helps to avoid fragmentation. Scenario 2

Host Host Host Host

A compares its MSS buffer (16K) and its MTU (1500 - 40 = 1460) and uses the lower value as the MSS (1460) to send to B. B receives Host A's send MSS (1460) and compares it to the value of its outbound interface MTU - 40 (4422). B sets the lower value (1460) as the MSS for sending IP datagrams to Host A.

Host B compares its MSS buffer (8K) and its MTU (4462-40 = 4422) and uses 4422 as the MSS to send to Host A. Host A receives Host B's send MSS (4422) and compares it to the value of its outbound interface MTU -40 (1460). Host A sets the lower value (1460) as the MSS for sending IP datagrams to Host B. 1460 is the value chosen by both hosts as the send MSS for each other. Often the send MSS value will be the same on each end of a T connection. In Scenario 2, fragmentation does not occur at the endpoints of a T connection because both outgoing interface MTUs are taken into by the hosts. Packets can still become fragmented in the network between Router A and Router B if they encounter a link with a lower MTU than that of either hosts' outbound interface. http://www.cisco.com/c/en/us//docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html#topic2 112. Explain ping packet(ICMP echo request/reply) format? An Echo is simply what we networking engineers call a 'ping'. The Echo Reply is, as most would guess, the 'ping reply'. ICMP Echos are used mostly for troubleshooting. When there are 2 hosts which have communication problems, a few simple ICMP Echo requests will show if the 2 hosts have their T/IP stacks configured correctly and if there are any problems with the routes packets are taking in order to get to the other side. The 'ping' command is very well known, but the results of it are very often misunderstood and for that reason I have chosen to explain all those other parameters next to the ping reply, but we will have a look at that later on. Let's have a look at what an ICMP-Echo or Echo Reply packet looks like:

If the above packet was an ICMP Echo (ping), then the Type field takes a value of 8. If it's an ICMP Echo Reply (ping reply) then it would take a value of 0. The picture below is a screen shot I took when doing a simple ping from my workstation:

Okay, now looking at the screen shot above, you can see I 'pinged' www.firewall.cx. The first thing my workstation did was to resolve that URL to an IP address. This was done using DNS. Once the DNS server returned the IP address of www.firewall.cx, the workstation generated an ICMP packet with the Type field set to 8. Here is the proof:

The picture above is a screenshot from my packet sniffer the same time this experiment was taking place. The packet displayed is one of the 4 packets which were sent from my workstation to the webserver of firewall.cx Notice the ICMP type=8 Echo field right under the ICMP Header section. This clearly shows that this packet is being sent from the workstation and not received. If it was received, it would have been an 'Echo Reply' and have a value of 0. The next weird thing, if anyone noticed, is the data field. Look at the screen shot from command prompt above and notice the value there and the value the packet sniffer is showing on the left. One says 32 Bytes, and the other 40 Bytes ! The reason for this is that the packet sniffer is taking into the ICMP header files (ICMP type, code, checksum and identifier), and I'll prove it to you right now. Look at the top of this page where we analysed the ICMP headers , you will notice that the lengths (in Bits) of the various fields are as follows: 8, 8, 16, 16, 16. These add up to a total of 64 Bits. Now 8 Bits = 1 Byte, therefore 64 Bits = 8 Bytes. Take the 32 Bytes of data the workstation's command prompt is showing and add 8 Bytes .... and you have 40 Bytes in total. 113. Two routers A and B are connected back to back with hub in between. Router A ip is 2.2.2.2 and Router B ip 3.3.3.3. Will ping happens? Will ARP happens? Ping will fail so do arp. Router#ping 3.3.3.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) Here routing table and ARP table do not show any entry of router B Router#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per- static route, o - ODR P - periodic ed static route

Gateway of last resort is not set 2.0.0.0/24 is subnetted, 1 subnets C 2.2.2.0 is directly connected, FastEthernet0/0 Router# Router# Router#show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 2.2.2.2 - 0007.EC3B.29C5 ARPA FastEthernet0/0 Routers b2k interfaces need to be in same subnet. Now I configured router B interface as 2.2.2.1 Router#ping 2.2.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2.2.2.1, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 0/0/0 ms Router#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per- static route, o - ODR P - periodic ed static route Gateway of last resort is not set 2.0.0.0/24 is subnetted, 1 subnets C 2.2.2.0 is directly connected, FastEthernet0/0 Router# Router#show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 2.2.2.1 0 0060.7039.799A ARPA FastEthernet0/0 Internet 2.2.2.2 - 0007.EC3B.29C5 ARPA FastEthernet0/0 114. ospf hello packets are multicast or unicast or broadcast? Ospf hello packets are multicast and sent to all ospf routers address ie 224.0.0.5 115. Explain ospf packet overview?

116. What is primary difference between IBGP and EBGP in case of BGP? The primary difference between E-BGP and I-BGP is a difference in T endpoint conventions. The endpoints of T connections for EBGP sessions are the addresses of the physical interfaces over which the E-BGP session runs. The endpoints of T connections for I-BGP sessions correspond to a virtual (loopback) T connection over which the I-BGP session runs, and reflect a fully meshed network configuration 117. Why area 0 is required in case of Ospf?

Backbone “Area 0” (level 2) is a central (transition) area to which all other areas are connected, which distributes routing information between areas, and has the same properties as other areas. Backbone routers use the same procedures and algorithms as Internal Routers. 118. Describe ospf adjacency process? OSPF Routers go through various states exchanging messages as they proceed form Down to Full Adjacency. They initiate the Hello process and decide on initialization parameters, for the adjacency they decide on a master/slave relationship, and then they exchange/load each others databases using Database Description and LSA packets. When the databases are synchronized the routers are considered to be in “full” adjacency. 119. Does ospf provide fragmentation? Ospf does not provide any explicit fragmentation/reassembly . When fragmentation is necessary, IP fragmentation/reassembly is used. 120. What is ospf Interface MTU? Interface MTU – The size in bytes of the largest IP datagram that can be sent out the associated interface, without fragmentation. Interface MTU should be set to 0 in Database Description packets sent over virtual links. 121. Why do you require a limit on the minimum size of Ethernet frame? Ans. To detect collision, it is essential that a sender continue sending a frame and at the same time receives another frame sent by another station. Considering maximum delay with five Ethernet segments in cascade, the size of frame has been found to be 64 bytes such that the above condition is satisfied. 122. What is difference in Control plane, Data plane and Forwarding Plane? http://networkstatic.net/the-control-plane-data-plane-and-forwarding-plane-in-networks/ 123. Is there any L2 redundancy protocol other than STP ? Etherchannels can be used for redundancy at L2. Other than this we have VRRP and HSRP but these are used for gateway redundancy at L3. 124. What are the troubleshooting points for Etherchannels? Troubleshooting EtherChannels EtherChannel issues usually fall into one of three categories: 1. Every port participating in an EtherChannel must have identical speed, duplex, access or trunk settings. If an EtherChannel isn’t forming, check each port configuration. 2. Both sides of the EtherChannel must be configured as a bundle directly or by using a link aggregation protocol (LA or PAgP). If one side is configured as an EtherChannel and the other side is not, look for error-disabled EtherChannel ports on the EtherChannel-enabled switch. 3. If traffic is only flowing over a single link in a bundle, it is likely that the hash algorithm should be adjusted to use different seed values. Also note that link bundles should be used in even numbered pairs like 2, 4, 8, etc. 125. What are different BGP databases? BGP Databases Like most modern routing protocols, BGP has two separate databases – a neighbor database and a BGP-specific database. Neighbor Database Lists all of the configured BGP neighbors Router# show ip bgp summary BGP Database Lists all networks known by BGP along with their attributes. Router# show ip bgp 126. What are benefits of routing? Broadcast control Multicast control Optimal path determination Traffic management Logical addressing Layer 3 security 127. Benefits of L3 Switching? Hardware-based packet forwarding High-performance packet switching High-speed scalability Low latency Lower per-port cost Flow ing Security QoS Layer 3 switching is hardware-based routing. A full Layer 3 switch does everything to a packet that a traditional router does. Layer 3 switching is a combination of Layer 2 switching and Layer 3 routing to that provides integrated switching and routing. While a router is like a mailroom with a single chute, a switch provides multiple chutes to direct data. Traditionally, applications at Layer 2 are responsible for the validity and integrity of transmission from node to node. However, the advent

of the Internet has meant that most network traffic is now on a backbone system. Smart switches are now able to do most of the functions of a router. Layer 3 switches can be used to prioritize traffic and can control larger networks than Layer 2 switches, reducing the need to create subnets isolated by routers. The primary difference between the packet-switching operation of a router and a Layer 3 switch is the physical implementation. In general-purpose routers, microprocessor-based engines typically perform packet switching. A Layer 3 switch performs packet switching with hardware. Layer 3 devices can interrogate packets to determine priorities to allocate bandwidth, and this is where Quality of Service (QoS) features are usually implemented. When performing Layer 3 functions, a switch reads the T and Datagram Protocol (UDP) fields to determine what type of information the packet is carrying. The network manager can then program the switch to prioritize traffic by application. When being used for QoS purposes, this means that a videoconferencing application might be granted more bandwidth than an e-mail message. If the network is only at 50 percent capacity on the backbone, each or application on the network is already getting the same QoS without Layer 4 switching. 128. What is multilayer Switch? Combines functionality of: Layer 2 switching Layer 3 switching Layer 4 switching High-speed scalability Low latency Multilayer Switching is the combination of traditional Layer 2 switching with Layer 3 protocol routing in a single box, usually through a fast hardware implementation. Multilayer switches are not called routers because multilayer switches are much faster and generally less expensive than a router with the same Layer 3 throughput. The Catalyst® family of switches does the following: As a Layer 3 switch, caches flows based on the IP or IPX addresses. As a Layer 4 switch, caches flows based on the source address, destination address, source port, and destination port. Multilayer Switching products with high-speed hardware IP routing offer significant improvements in scalability and performance over simple Layer 2 switches or traditional routers. 129. What is auto-negotiation? The Auto-Negotiation function is an optional part of the Ethernet standard that makes it possible for devices to exchange information about their abilities over a link segment. This, in turn, allows the devices to perform automatic configuration to achieve the best possible mode of operation over a link. At a minimum, Auto-Negotiation can provide automatic speed matching for multi-speed devices at each end of a link Multispeed Ethernet interfaces can then take advantage of the highest speed offered by a multi-speed hub port. Stress: Auto-negotiation is not a fully implemented standard and, therefore, the behavior of the link cannot be guaranteed when using this feature. Cisco strongly recommends that each end of the link be manually configured for the desired duplex and speed. 130. What is ping used for? The ping command sends a specified number of ICMP echo requests and measures the time the destination device takes to respond to each request To test connectivity to remote hosts. Switch (enable) ping destination ip address The ping command will return one of the following responses: Success rate is 100 percent or ip address is alive. This response occurs in 1 to 10 seconds, depending on network traffic and the number of ICMP packets sent. Destination does not respond. No answer message is returned if the host does not respond. Unknown host. This response occurs if the targeted host does not exist. Destination unreachable. This response occurs if the default gateway cannot reach the specified network Network or host unreachable. This response occurs if there is no entry in the route table for the host or network. 131. What is access link ? An access link is a link that is a member of only one VLAN Also emphasize the use of the native VLAN. An access link has a native VLAN that is the only VLAN that it s. The device on the end of the access is generally unaware that a VLAN ID even exists. The switch must deploy some mechanism of identification so that a frame being received in an access link is marked with the correct VLAN information. This can be done with either frame filtering (maintaining a table of VLAN-port assignments) or frame tagging (marking the frame as it leaves the port to cross the backplane). 131. What is a trunk link? A trunk link is capable of carrying multiple VLANs Trunk links are typically used on switch-to-switch connections or switch to router connections. They can be used to connect end devices such as servers; however, this is not as common. Trunk links carry multiple VLANs. A trunk link may have a native VLAN which is the VLAN that it reverts to if the trunk fails, or in the case of 802.1Q, the VLAN identifier that is used if a frame comes in from a “non-trunk” device. This allows 802.1Q to trunk links and access links on the same port, creating a hybrid link. 132. What are two different vlan tagging options? The two different tagging options, as follows: ISL (Cisco proprietary) IEEE 802.1Q (industry standard)

133. How trunk negotiation happens? Dynamic Trunk Protocol (DTP) handles the negotiation of trunk links The Dynamic Trunk Protocol (DTP) makes trunking configuration easier. DTP negotiates port capability and configuration with its neighboring peer ports for a proper trunk type: an ISL trunk, an 802.1Q trunk, or an access link. Also, a variety of hardware may exist with different capabilities—some capable of ISL only, some capable of 802.1Q only, or some capable of both ISL and 802.1Q. DTP negotiation also takes into these variations of hardware capabilities before it configures the port to be a particular type of trunk. During DTP negotiation, the ports will not participate in the Spanning-Tree Protocol. Only after the port type is configured to be one of the three types (access, ISL trunk, or 802.1Q trunk), the port will be added to spanning tree. The basic requirement for running DTP is that the port must be able to operate as an access port. Whenever a port fails to negotiate to become a trunk port, it will stay an access port. If the negotiating ports allow, DTP prefers ISL to 802.1Q. 134. Explain how VTP enables propagation of VLAN data across the network. VTP enables VLAN propagation across the network by advertising the VLANs that exist in a VTP domain to all other switches in that domain on trunk links. This ensures that all switches in a VTP domain have a consistent view of the VLANs that exist in their network. 135. Discuss how frame identification enables VLAN hip association. There are two different methods of frame identification. These methods are IEEE 802.1Q and Cisco ISL. Each of these techniques enables VLAN hip association by identifying the VLAN in the frame. IEEE 802.1Q does this by tagging, or inserting, 4 bytes of VLAN information into the frame. Cisco ISL identifies the VLAN by encapsulating the frame with an additional 30 bytes of information. These two methods allow the switch to identify the VLAN hip of the frame. 136. Define the three VTP modes of operation and describe how they work. The three different VTP modes are server, client, and transparent. Server mode allows VLANs to be created, deleted, and modified on the switch. In addition it saves the VLAN information to NVRAM so that the VLANs are known the next time the switch is reset. Server mode VLANs are called “global” VLANs because they will be copied by all other switches in the VTP domain. Client mode does not allow VLANs to be created, deleted, or modified. A client switch must receive all VLAN information from another switch in order to know that a VLAN exists. Once the client knows that the VLAN exists it can have its ports assigned to that VLAN. A client does not save its VLAN information to NVRAM. Transparent mode means that the switch does not participate in the VTP domain. VLANs can be created, deleted, and renamed on the switch however they will not be d to any other switch. VLANs are called “local” VLANs as they will not be copied to other switches. The VTP domain information must be given to the transparent switch, however, as it will VTP ments for other server and client switches. 137. Describe the use of VTP pruning. Explore the same solution without VTP pruning By default all broadcasts and multicasts must be sent to every switch in a VTP domain if the trunk link s the VLAN. This is done even if the switch has no ports other than the trunk link in the VLAN. VTP Pruning is a process that prevents broadcasts from being sent to switches that do not have ports in a VLAN. Another way of eliminating the broadcast traffic is to clear the trunk link of the VLAN. If there are no ports assigned to the VLAN on the switch there may be no reason for the VLAN to be carried on the trunk link. 138. List the five Spanning-Tree Protocol port states and describe their function. The five Spanning Tree states are Blocked, Listen, Learn, Forward, and Disabled.

Blocked is the initial state of the port. A port will also be placed in a blocked state if there is a redundant path to the Root Bridge and the port does not have the best cost. Blocked means that the port can send and receive BPDUs but cannot send or receive data. 139. Identify at least one network problem caused by Spanning-Tree Protocol. Following are three network problems caused by Spanning Tree Convergence time after a network failure. The time that it takes a port to move into forwarding mode will cause many workstations to time out while attempting to attach to a service. Paths can be sub-optimal if network is not designed correctly 140. Explain the solutions developed to improve STP convergence time. Spanning-Tree Protocol operation. The following solutions improve spanning tree PortFast – enables a port to by Spanning Tree operations UplinkFast – creates an UplinkFast group of ports that can be used to perform a rapid failover in the case of a direct link failure. BackboneFast – expires the Max Age timer when it stops hearing the superior BPDU but continues hearing the inferior BPDU EtherChannel – bundles parallel ports together which allows Spanning Tree to treat them as one port Root Bridge – correct placement of the Root Bridge and modification of the diameter will improve path selection and convergence time. Port Priority and Port Cost – Used to influence the path selections made by Spanning Tree 141. Discuss the purpose of an inferior BPDU. The loss of a superior BPDU and the receipt of an inferior BPDU trigger the BackboneFast process. BackboneFast is initiated when a Root port or blocked port on a switch receives inferior BPDUs from its designated bridge. An inferior BPDU identifies one switch as both the Root Bridge and the designated bridge. When a switch receives an inferior BPDU, it indicates that a link to which the switch is not directly connected (an indirect link) has failed (that is, the designated bridge has lost its connection to the Root Bridge). Under normal spanning-tree rules, the switch ignores inferior BPDUs for the configured maximum aging time. 142. Explain how the routing and switching functions of a Cisco MLS switch work together to enable multilayer switching. Multilayer switching (MLS) is a technique used to increase IP routing performance by handling the packet switching and rewrite function in ASICs. In MLS, the frame forwarding and rewrite process functions previously handled by a router have now been moved into switch hardware. The Cisco implementation of MLS is comprised of three components: Multilayer Switching-Switching Engine (MLS-SE). The multilayer switching switch engine is the switching entity that handles the function of moving and rewriting the packets. The MLS-SE is a NetFlow Feature card residing on a Supervisor III card in a Catalyst switch. Multilayer Switching-Route Processor (MLS-RP). This component is an Route Switch Module (RSM) or an externally connected Cisco 7500, 7200, 4500, 4700, or 8500 series router with software that s multilayer switching. The MLS-RP sends MLS configuration information and updates, such as the router MAC address and Vlan number, flow mask, and routing and access list changes. Multilayer Switching Protocol (MLSP). This protocol operates between the MLS-Switch Engine and MLS-Route Processor to enable multilayer switching. , The MLSP is the method in which the RSM or router s routing changes and the Vlans or MAC addresses of the interfaces that are participating in MLS. An MLS cache entry is created for the initial packet of each flow. This is packet is called the Candidate packet. The switch forwards the frame to the MLS-RP. If the MLS-RP finds an entry for the destination address in the routing table, the MLSP-RP rewrites the packet and returns the frame to the switch. The MLS-SE compares the XTAGs for both the candidate entry in the MLS cache and the returned frame. If the two XTAGs match, the frame came from the same router for the same flow. This second frame becomes the “enable” entry in MLS cache and the partial entry for that flow is completed. 143. Describe the three flow mask modes and the impact ACLs have on those modes. The three flow mask types ed by the MLS-SE are: destination-ip mode. This mode represents the least-specific flow mask. The MLS-SE maintains one MLS entry for each destination IP address. All flows to a given destination IP address use this MLS entry. This mode is used if there are no access lists configured on any of the MLS router interfaces. source-destination-ip mode. The MLS-SE maintains one MLS entry for each source and destination IP address pair. All flows between a given source and destination use this MLS entry regardless of the IP protocol ports. This mode is used if there is a standard access list on any of the MLS interfaces. ip-flow mode. This mode represents the most-specific flow mask. The MLS-SE creates and maintains a separate MLS cache entry for every IP flow. An ip-flow entry includes the source IP address, destination IP address, protocol, and protocol ports. This mode is used if there is an extended access switching. 144. Discuss how various router/switch configuration can effect multilayer switching There is a dependency between the router and the switch at the distribution layer. How these devices are placed in relationship to each other is critical to multilayer switching. As long as the MLS-SE can detect both the candidate and enable packets, multilayer switching will take place. However, if the configuration is designed in such as way as the enabling packet is never returned to the MLS-SE, the candidate packet will age out of the MLS cache and all packets in that flow are routed. Changes to the routing table may affect the behavior of MLS. Whenever a route change takes place, the MLS cache is flushed for any flow entries effected by the route change.

As long as the MSL-SE detects both the candidate and enable packets for the new route, a flow entry will be entered into the MLS cache . 145. Can I bundle two different type of interface ex. a fastethernet with gigabitethernet? No, it is not possible 146. How many number of routes carried by RIP packet? Each RIP router s all RIP routes periodically via RIP updates. Each update can contain a maximum of 25 route ments. This limit is imposed by RIP specifications. RIP can sometimes be configured to send as many as 255 routes per update. 147. How many network types available in OSPF? There are 5 types of OSPF network types Point to point Broadcast Non broadcast NBMA Point to multipoint 149. What is the requirement of doing summarization? To reduce the size of the ospf LSDB 151. If any of the OSPF area is not stabilized, does it impact another area? If the area 0 is not stable then the SPF will be calculated with in the area0 for LSA1 and LSA 2 these LSAs are summary LSAs for the other areas, so other area routers will calculate the SPF for summary LSA, when ever wrong happens in area 0. now the point is other area routers will not calculate the spf for their own area but for area0. 152. What is the use of forwarding address in LSA 5 and LSA 7? Covered in another question. 153. Can we run multiple OSPF process in single router and what is the advantage of using it? We can have multiple process but it can have one process per interface. 155. After configuring new router-id, automatically it will be used or do we need to use some type of command to get it operational. We need to clear the ospf process to get is reflected. 157. If DR is down and no BDR is configured what will happen? The DR must be elected in a Multi access network. If DR goes down and there is no other BDR, either a new election will occur to find the new DR. or if no other router are eligible to become DR because their Priority was set to 0, then all the Routers will not form adjacency to each other.T here has to be DR atleast. This happens when you explicitly defines a certain router to be a DR and other routers not to become DR or BDR ever. a common practice found in HUB and SPOKE style NBMA networks.in which HUB is always a DR and there is no need for a Spoke router to participate in DR./BDR election process If the Old DR comes back after a new DR is elected or BDR is promoted to become DR. it cannot dominate OSPF running topology until the current Designated router goes offline. OSPF DR/BDR election process is pretty much similar to Spanning-Tree Protocol Root election process. 158. What is the difference between a neighbor and adjacent neighbor? Neighbors are routers who are in the same area who exchange hello packets, but not LSA information. Such as, between two DROther routers. Adjacent routers are routers who have fully exchanged their LSA information and are stable. Lets take a broadcast access medium topology like a LAN for example, to illustrate the differences. As you know, in a LAN environment you have a DR election. After this election, the DR and BDR are elected, and all other routers( DROthers) form adjacencies with the DR/BDR. Meaning, they the 2WAY state into ex-start and start exchanging LSA headers to begin the route exchange. However, between two DROther routers, you will never beyond 2WAY. That is to say, they will exchange hello packets, but will never enter exstart, never exchange LSA headers, never converge into adjaceny neighbors. 159. What is C and R in OSPF debug? Ans: C stands for local router and R stands for remote router. 160. Define various tools which participates in OSPF fast convergence OSPF have various tool and techniques for fast convergence as below mentioned:• Event Detection • Event Propagation • Event Processing • RIB Update 161. In layer 2 domain do we need ip address for communication? No we don’t. L2 works on mac address 163. How to perform inter vlan routing without layer 3 device? Yes this is possible by configuring link between the two switches as access ports. http://www.mplsvpn.info/2010/07/inter-vlan-routing-without-layer-3.html 164. what is the importance of PMTU in bgp? T MTU path discovery allows BGP to use the largest packets possible Without PMTU discovery, we can 100 peers with 120,000 routes each With PMTU discover, we can 175 peers with 120,000 routes each

165. How to avoid route reflector loops? Never peer through a route reflector client to reach a route reflector 166. Larger the IP datagram less the overhead, is it true or false? Yes, true 167. In RIP why do we have hop count of 15? Ratio of Summation of all the timers yield to 15 168. when is a BGP route invalid? The next-hop must be accessible and reachable for a path to a BGP network to be valid. 169. What excatly is a control plane ? Other control plane protocols (BGP, OSPF, LDP, LA, BFD ...) are more clear-cut – they run between individual network devices (usually adjacent, but there’s also targeted LDP and multihop BGP) and could be (at least in theory) made to run across a separate control plane network (or VRF). Control plane protocols usually run over data plane interfaces to ensure shared fate – if the packet forwarding fails, the control plane protocol fails as well – but there are scenarios (example: optical gear) where the data plane interfaces cannot process packets, forcing you to run control plane protocols across a separate set of interfaces. Typical control plane protocols aren’t data-driven: BGP, LA or BFD packet is never sent as a direct response to a data plane packet. ICMP is different: some ICMP packets are sent as replies to other ICMP packets, others are triggered by data plane packets (ICMP unreachables and ICMPv6 neighbor discovery). Trying to classify protocols based on where they’re run is also misleading. It’s true that the networking device U almost always generates ICMP requests and responses (it doesn’t make sense to spend silicon real estate to generate ICMP responses). In some cases, ICMP packets might be generated in the slow path, but that’s just how a particular network operating system works. Let’s ignore those dirty details for the moment; just because a device’s U touches a packet doesn’t make that packet a control plane packet. Vendor terminology doesn’t help us either. Most vendors talk about Control Plane Policing or Protection, equating control plane with the device U – these mechanisms usually apply to control plane protocols as well as data plane packets punted from ASICs to the U. Even IETF terminology isn’t exactly helpful – while C in ICMP does stand for Control, it doesn’t necessarily imply control plane involvement. ICMP is simply a protocol that es control messages (as opposed to data) between IP devices. 170. In a single switch if port1 is connected to vlan 10 with pc ip 10.1.1.2 and port 2 is connected with vlan 20 with pc ip 10.1.1.3. Will ping works? No, here ping will not work since both ports are in different vlans. Vlan10 packet in port 1 will not be broadcast to port 2 having vlan 20 171. Same scenario if we have two switches and link between the switches are configured as access ports. Will ping happen? Yes, ping will work here , Since outgoing access ports are not tagged with vlans. And raw traffic will flow. 172. In same scenario, if links between switches is configured as trunk . Will ping happen? No, ping will not happen. Since trunk link is tagged with the vlans. Packet from Vlan 10 will not broadcast to vlan 20. 173. How STP behaves if port is loopbacked in a single switch ? 174. Describe ospf packet format structure?

175. What is the use of forwarding address in LSA 5? Forwarding Address is used in OSPF to avoid extra hop count when traffic is routed to an external ASBR. The value of forwarding address in LSA 5 can either be zero or non-zero. The forwarding address sets to 0.0.0.0 when the ASBR redistributes the external routes and OSPF is not enabled on next hop interface. The forwarding address sets to non-zero when any of the following condition occurs:1.OSPF is enabled on the ASBR’s next hop interface. 2.ASBRs next hop interface is not point to point and point to multipoint. 3.ASBRs next hop interface falls under the network range specified in the router OSPF. 176. What is the use of bidirectional detection forwarding? Business critical application demands convergence very fast but on shared IP infrastructure, it’s difficult to meet the requirement. Even with redundant network, in case of failure of device or link how fast the convergence can happen? May be in seconds or minutes. BFD(Bi Directional Forwarding Detection) is a protocol which is used to achieve the convergence of links in sub seconds. The fastest convergence could be achieved by IGP also which is almost equal to one minute not less than that but by using BFD it could be in sub seconds like we get in SDH/SONET. BFD is a protocol which uses hello packets to exchange the information of neighbor with irrespective of the protocol used (It can work with OSPF, EIGRP, BGP, LDP, ISIS. PWE3 etc.). The Internet Draft for BFD does not specify a specific encapsulation type for BFD control packets; rather, it recommends the use of an encapsulation “appropriate to the medium and the network”. BFD payload control packets will be encapsulated in UDP packets, using destination port 3784 and a source port in the range of 49152 to 65535. The primary mode is known as Asynchronous mode. In this mode, the systems periodically send BFD Control packets to one another, and if a number of those packets in a row are not received by the other system, the session is declared to be down. 177. What is Inter Packet Gap or Inter Frame Gap? Let's assume if a Gigi port which could transfer raw data up to 125,000,000 bytes per second with minimum frame size of 64 bytes. Device must need some time to process one packet after another. The difference of time to process from one packet to another is known as inter-frame or inter-packet gap. The minimum inter frame gap period is 96 bits or 12 bytes which amounts to 96 nano seconds + 7 byte of preamble and 1 byte of delimiter consequence 84 bytes 178. Why is a MAC address not a true address? An address specifies a location. A MAC address is not a true address because it is permanently associated with the interface of a specific device and moves whenever the device moves. A MAC identifies the device, not the location of the device. 179. What is the purpose of the TTL field in the IP header? How does the TTL process work? The Time to Live (TTL) field prevents "lost" packets from being ed endlessly through the IP internetwork. The field contains an 8-bit integer that is set by the originator of the packet. Each router through which the packet es will decrement the integer by one. If a router decrements the TTL to zero, it will discard the packet and send an ICMP "time exceeded" error message to the packet's source address. 180. What is proxy ARP? Proxy ARP (Address Resolution Protocol) is a technique by which a device on a given network answers the ARP queries for a network address that is not on that network. The ARP Proxy is aware of the location of the traffic's destination, and offers its own MAC address in reply, effectively saying, "send it to me, and I'll get it to where it needs to go." Serving as an ARP Proxy for another host effectively directs LAN traffic to the Proxy. The "captured" traffic is then typically routed by the Proxy to the intended destination via another interface or via a tunnel. 181. What is a floating static route? A floating static route is an alternative route to a destination. The istrative distance is set high enough that the floating static route is used only if a more-preferred route becomes unavailable. 182. How does the switching mode at an interface affect load sharing?

If an interface is fast switched, per destination load sharing is performed. If an interface is process switched, per packet load sharing is performed. 183. What is a recursive table lookup? A recursive routing table lookup occurs when a router cannot acquire all the information it needs to forward a packet with a single routing table lookup. For example, the router may perform one lookup to find the route to a destination and then perform another lookup to find a route to the nexthop router of the first route. 184. What is load balancing? Name four different types of load balancing. Load balancing is the process of sending packets over multiple paths to the same destination. Four types of load balancing are: Equal cost, per packet Equal cost, per destination Unequal cost, per packet Unequal cost, per destination 185. Why are sequence numbers important in link state protocols? Sequence numbers help a router differentiate between multiple copies of the same link state ment and also prevent flooded link state ments from circulating endlessly throughout the internetwork. 186. Explain how an SPF algorithm works. A router builds a shortest path tree by first adding itself as the root. Using the information in the topological database, the router creates a list of all of its directly connected neighbors. The lowestcost link to a neighbor becomes a branch of the tree, and that router's neighbors are added to the list. The list is checked for duplicate paths, and if they exist, the higher-cost paths are removed from the list. The lowest-cost router on the list is added to the tree, that router's neighbors are added to the list, and the list is again checked for duplicate paths. This process continues until no routers remain on the list. 187. How do areas benefit a link state internetwork? Within a routing domain, areas are subdomains. They make link state routing more efficient by limiting the size of the link state database of each router in the area. 188. How many updates must be missed before a route entry will be marked as unreachable in RIP? A route entry is marked as unreachable if six updates are missed. 189. What is the purpose of the garbage collection timer? The garbage collection timer, or flush timer, is set when a route is declared unreachable. When the timer expires, the route is flushed from the route table. This process allows an unreachable route to remain in the routing table long enough for neighbors to be notified of its status. 190. Why is a random timer associated with triggered updates? What is the range of this timer? The random timer, whose range is 1 to 5 seconds, prevents a "storm" of triggered updates during a topology change. 191. What is the difference between a RIP Request message and a RIP Response message? A Request message asks a router for an update. A Response message is an update. 192. Which two types of Request messages does RIP use? Request message may either ask for a full update or in some special cases it may ask for specific routes. 193. Under what circumstances will a RIP response be sent? A Response is sent when the update timer expires, or upon reception of a Request message. 194. Why does RIP hide subnets at major network boundaries? RIP updates do not include the subnet mask of the destination address, so a RIP router depends on the subnet masks of its own interfaces to determine how an attached major network address is subnetted. If a router does not have an attachment to a particular major network address, it has no way to know how that major network is subnetted. Therefore, no subnets of a major network address can be d into another major network. 195. Which three fields are new to the RIPv2 message format? The Route Tag field, the Subnet Mask field, and the Next Hop field are RIPv2 extensions that do not exist in RIPv1 messages. The basic format of the RIP message remains unchanged between the two versions; version 2 merely uses fields that are unused in version 1. 196. What is the purpose of the Route Tag field in the RIPv2 message? When another routing protocol uses the RIPv2 domain as a transit domain, the protocol external to RIPv2 can use the Route Tag field to communicate information to its peers on the other side of the RIPv2 domain. 197. Which one feature must a routing protocol have to be a classless routing protocol? A classless routing protocol does not consider the major network address in its route lookups, but just looks for the longest match. 198. What is an OSPF neighbor? From the perspective of an OSPF router, a neighbor is another OSPF router that is attached to one of the first router's directly connected links. 199. What is an OSPF adjacency? An OSPF adjacency is a conceptual link to a neighbor over which LSAs can be sent.

200. What is MaxAge? MaxAge, 1 hour, is the age at which an LSA is considered to be obsolete. 201. What is the difference between OSPF network entries and OSPF router entries? OSPF network entries are entries in the route table, describing IP destinations. OSPF router entries are entries in a separate route table that record only routes to ABRs and ASBRs. 202. Which three fields in the LSA header distinguish different LSAs? Which three fields in the LSA header distinguish different instances of the same LSA? The three fields in the LSA header that distinguish different LSAs are the Type, Advertising Router, and the Link State ID fields. The three fields in the LSA header that distinguish different instances of the same LSA are the Sequence Number, Age, and Checksum fields. 203.From what sources can a route be redistributed? Routes that are learned from another routing protocol, static routes, or a direct connection to the destination network can be redistributed into a routing domain. 204. How can istrative distances cause problems when redistributing? route to a destination within a routing domain with a higher istrative distance can be redistributed into a routing domain with a lower istrative distance. If that route is redistributed back into the higher-distance domain, packets might be misrouted into the lower-distance domain. 205. What is the purpose of the subnets keyword when redistributing OSPF? Without the subnets keyword, only major network addresses that are not directly connected to the router will be redistributed. 206. How is the null interface useful when summarizing routes? A router that originates a summary route should use the null interface as the next hop of the summary route. Any packets that match the summary route, but for which there is no more-specific route to the packet's destination address, will be dropped. This prevents the router from forwarding "lost" packets. 207. How are route maps similar to access lists? How are they different? Route maps are similar to access lists in that they define match criteria and an action to take in the event of a match. Route maps are different from access lists in that they not only specify match criteria but also specify set criteria. The set action can modify a route or route a packet according to the parameters of the packet. 208. What are policy routes? Policy routes are static routes that use route maps to determine which packets should be routed and where the packets should be routed. 209. What are route tags? Route tags are fields within routing information packets that allow external information to be carried through the routing domain. 210. In what way do route tags affect routing protocols? Route tags have no effect on the routing protocols that carry them 211. Does static routing load balancing? Yes . Both routes will get installed in the routing table( provided these are for the same prefix) but it will be the switching process that will do the load-sharing and default is CEF which load-shares per session( src-dst IP pair). http://freelabworkbook.blogspot.in/2010/09/static-route-load-balancing.html 212. Can we use OSPF without backbone area? OSPF uses a central area, area 0, to exchange routes between other areas. This is part of the reason area 0 exists to stop routing loops. if you have multiple areas without an area 0 they are in fact treated as separate OSPF processes and would not exchange routes anyway. 214. Does route reflector come in actual path during traffic forwarding? RR is deployed as a control plane to reduce the requirements for a full iBGP mesh. Thus, it is not in the forwarding path, but forms iBGP peering 215. Can we use local preference outside the autonomous system? local preference is NOT communicated outside an autonomous system, that is to say it is not sent over EBGP connections. Only IBGP neighbors receive this information 216. How many links can be assigned for load balancing or sharing in BGP load sharing can be achieved when there are multiple (up to a maximum of six), equal-cost links. 217. What is the difference between the ip default−gateway, ip default−network, and ip route 0.0.0.0/0 commands? The ip default−gateway command is used when IP routing is disabled on the router. However, ip default−network and ip route 0.0.0.0/0 are effective when IP routing is enabled on the router and they are used to route any packets which do not have an exact route match in the routing table 218. What are the maximum number of secondary IP address that can be configured on a router interface? There are no limits on configuring secondary IP addresses on a router interface.

219. How do I connect two different ISPs and route different traffic to different ISPs? Policy based routing (PBR) is the feature that allows you to route the traffic to different ISPs based on the source address. 220. What is the difference between the two methods to create static routes? There are two methods to create static routes: The ip route 10.1.1.1 255.255.255.0 eth 0/0 command generates an ARP broadcast that looks for the next−hop IP address. The ip route 10.1.1.1 255.255.255.0 172.16.1.1 command does not generate an ARP request. It keeps Layer 2 out of the routing process. 221. Can you configure different MTU for sub-interfaces under the same main interface? You can configure different IP MTU with the ip mtu command on different sub-interfaces. When you change the MTU on a subinterface, the router checks the MTU from the main interface. If the main interface MTU is set to a lower value than the one configured on the sub-interface, the router changes the MTU on the main interface to match with the sub-interface. Thus, the physical MTU configured with the mtu command on the main interface needs to be higher than the IP MTU configured on the sub interfaces 222. What are a different types of communities in BGP? 223. What is difference between distance vector and link state protocols?

224. Explain 802.1Q tunneling? http://packetlife.net/blog/2010/jul/12/ieee-802-1q-tunneling/ IEEE 802.1Q tunneling can be used to achieve simple layer two VPN connectivity between sites by encapsulating one 802.1Q trunk inside another. The topology below illustrates a common scenario where 802.1Q (or "QinQ") tunneling can be very useful.

A service provider has infrastructure connecting two sites at layer two, and desires to provide its customers transparent layer two connectivity. A less-than-ideal solution would be to assign each customer a range of VLANs it may use. However, this is very limiting, both in that it removes the customers' flexibility to choose their own VLAN numbers, and there may not be enough VLAN numbers (we can only use a maximum of 4,094 or so) available on large networks. 802.1Q tunneling solves both of these issues by asg each customer a single VLAN number, chosen by the service provider. Within each customer VLAN exists a secondary 802.1Q trunk, which is controlled by the customer. Each customer packet traversing the service provider network is tagged twice: the inner-most 802.1Q header contains the customer-chosen VLAN ID, and the outer-most header contains the VLAN ID assigned to the customer by the service provider.

802.1Q Tunnel Configuration Before we get started with the configuration, we must that all of our switches the necessary maximum transmission unit (MTU), 1504 bytes. We can use the command show system mtu to check this, and the global configuration command system mtu to modify the device MTU if necessary (note that a reload will be required for the new MTU to take effect). S1# show system mtu System MTU size is 1500 bytes S1# configure terminal S1(config)# system mtu 1504 Changes to the System MTU will not take effect until the next reload is done.

Next, we'll configure our backbone trunk to carry the top-level VLANs for customers A and B, which have been assigned VLANs 118 and 209, respectively. We configure a normal 802.1Q trunk on both ISP switches. The last configuration line below restricts the trunk to carrying only VLANs 118 and 209; this is an optional step. S1(config)# interface f0/13 S1(config-if)# switchport trunk encapsulation dot1q S1(config-if)# switchport mode trunk S1(config-if)# switchport trunk allowed vlan 118,209 S2(config)# interface f0/13 S2(config-if)# switchport trunk encapsulation dot1q S2(config-if)# switchport mode trunk S2(config-if)# switchport trunk allowed vlan 118,209 Now for the interesting bit: the customer-facing interfaces. We assign each interface to the appropriate upper-level (service provider) VLAN, and its operational mode to dot1q-tunnel. We'll also enable Layer two protocol tunneling to transparently carry CDP and other layer two protocols between the E devices. S1(config)# interface f0/1 S1(config-if)# switchport access vlan 118 S1(config-if)# switchport mode dot1q-tunnel S1(config-if)# l2protocol-tunnel S1(config-if)# interface f0/3 S1(config-if)# switchport access vlan 209 S1(config-if)# switchport mode dot1q-tunnel S1(config-if)# l2protocol-tunnel S2(config)# interface f0/2 S2(config-if)# switchport access vlan 118 S2(config-if)# switchport mode dot1q-tunnel S2(config-if)# l2protocol-tunnel S2(config-if)# interface f0/4 S2(config-if)# switchport access vlan 209 S2(config-if)# switchport mode dot1q-tunnel S2(config-if)# l2protocol-tunnel We can use the command show dot1q-tunnel on the ISP switches to get a list of all interfaces configured as 802.1Q tunnels: S1# show dot1q-tunnel dot1q-tunnel mode LAN Port(s) ----------------------------Fa0/1 Fa0/3 Now that our tunnel configurations have been completed, each customer VLAN has transparent end-to-end connectivity between sites. This packet capture shows how customer traffic is double-encapsulated inside two 802.1Q headers along the ISP backbone. Any traffic left untagged by the customer (i.e., traffic in the native VLAN 1) is tagged only once, by the service provider. 225. Explain Etherchannel? http://packetlife.net/blog/2010/jan/18/etherchannel-considerations/ EtherChannel is Cisco's term for bundling two or more physical Ethernet links for the purposes of aggregating available bandwidth and, to a lesser extent, providing a measure of physical redundancy. Under normal conditions, all but one redundant physical link between two switches will be disabled by STP at one end.

With EtherChannel configured, multiple links are grouped into a port-channel, which is assigned its own configurable virtual interface. The bundle is treated as a single link.

EtherChannel Negotiation An EtherChannel can be established using one of three mechanisms: PAgP - Cisco's proprietary negotiation protocol LA (IEEE 802.3ad) - Standards-based negotiation protocol Static Persistence ("On") - No negotiation protocol is used Any of these three mechanisms will suffice for most scenarios, however the choice does deserve some consideration. PAgP, while perfectly able, should probably be disqualified as a legacy proprietary protocol unless you have a specific need for it (such as ancient hardware). That leaves LA and "on", both of which have a specific benefit. LA helps protect against switching loops caused by misconfiguration; when enabled, an EtherChannel will only be formed after successful negotiation between its two ends. However, this negotiation introduces an overhead and delay in initialization. Statically configuring an EtherChannel ("on") imposes no delay yet can cause serious problems if not properly configured at both ends.

To configure an EtherChannel using LA negotiation, each side must be set to either active or ive; only interfaces configured in active mode will attempt to negotiate an EtherChannel. ive interfaces merely respond to LA requests. PAgP behaves the same, but its two modes are refered to as desirable and auto.

Only a single line is needed to configure a group of ports as an EtherChannel: S1(config)# interface range f0/13 -15 S1(config-if-range)# channel-group 1 mode ? active Enable LA unconditionally auto Enable PAgP only if a PAgP device is detected desirable Enable PAgP unconditionally on Enable Etherchannel only ive Enable LA only if a LA device is detected S1(config-if-range)# channel-group 1 mode active Creating a port-channel interface Port-channel 1 As noted, a virtual port-channel interface Port-channel1 has been created to represent the logical link. Switchport configurations applied to this interface are replicated to the physical member interfaces. We can inspect the health of the EtherChannel with the show etherchannel summary command: S1# show etherchannel summary Flags: D - down P - bundled in port-channel I - stand-alone s - suspended H - Hot-standby (LA only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator M - not in use, minimum links not met u - unsuitable for bundling w - waiting to be aggregated d - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+----------------------------------------------1 Po1(SD) LA Fa0/13(D) Fa0/14(D) Fa0/15(D) The opposite side of the LA EtherChannel will typically be configured as ive, however it can be active as well. S2(config-if-range)# channel-group 1 mode ive Creating a port-channel interface Port-channel 1 When the member ports on both sides of the EtherChannel are enabled, the port-channel interface also transitions to the up state. However, note the timing of the system messages: *Mar 1 00:45:50.647: %LINK-3-UPDOWN: Interface FastEthernet0/14, changed state to up *Mar 1 00:45:50.683: %LINK-3-UPDOWN: Interface FastEthernet0/13, changed state to up *Mar 1 00:45:50.691: %LINK-3-UPDOWN: Interface FastEthernet0/15, changed state to up *Mar 1 00:45:53.487: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up Almost a full three seconds elapsed between the member ports transitioning to the up state and the port-channel interface coming up. Once it did, we can see the state of the EtherChannel has changed to "in use": S1# show etherchannel summary Flags: D - down P - bundled in port-channel I - stand-alone s - suspended H - Hot-standby (LA only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator M - not in use, minimum links not met u - unsuitable for bundling w - waiting to be aggregated d - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+-----------------------------------------------

1 Po1(SU) LA Fa0/13(P) Fa0/14(P) Fa0/15(P) Note the S indicating layer two operation; on multilayer platforms, EtherChannel interfaces can be configured for routed operation as well. For comparison, let's reconfigure the EtherChannel to function without a negtiation protocol ("on" mode): S1(config)# no interface po1 S1(config)# interface range f0/13 -15 S1(config-if-range)# channel-group 1 mode on Creating a port-channel interface Port-channel 1 S1(config-if-range)# no shutdown This time we observe that the port-channel interface is enabled as soon as its first member port comes up, as there is no delay imposed by negotiation: *Mar 1 00:56:12.271: %LINK-3-UPDOWN: Interface FastEthernet0/13, changed state to up *Mar 1 00:56:12.287: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up *Mar 1 00:56:12.291: %LINK-3-UPDOWN: Interface FastEthernet0/14, changed state to up *Mar 1 00:56:12.307: %LINK-3-UPDOWN: Interface FastEthernet0/15, changed state to up In the Campus Network High Availability Design Guide, Cisco recommend forgoing the use of a negotiation protocol and configuring EtherChannels for static "on/on" operation; however they also caution that this approach offers no protection against the effect of misconfigurations. EtherChannel Load-Balancing Another consideration to make when implementing EtherChannels is the type of load-balancing in effect. EtherChannel provides load-balancing only per frame, not per bit. A switch decides which member link a frame will traverse by the outcome of a hash function performed against one or more fields of each frame. Which fields are considered is dependent on the switch platform and configuration. For example, a Catalyst 3550 can match only against a frame's destination or source MAC address: S1(config)# port-channel load-balance ? dst-mac Dst Mac Addr src-mac Src Mac Addr The show etherchannel load-balance command reveals that source MAC address load-balancing is default on the Catalyst 3550: S1# show etherchannel load-balance EtherChannel Load-Balancing Configuration: src-mac EtherChannel Load-Balancing Addresses Used Per-Protocol: Non-IP: Source MAC address IPv4: Source MAC address More powerful platforms can match against IP address(es) or layer four port(s). Generally speaking, higher layer fields are more favorable as they tend to be more dynamic, resulting in a more granular distribution of traffic across member links. Direction of flow is also an important detail. For example, consider the following topology:

Routed packets entering the subnet from S1 are always sourced from the MAC address of the VLAN interface. If source MAC load-balancing is in use, these frames will be forwarded down only one member link, because the outcome of the hash function will always be the same. Configuring destination MAC load-balancing on S1 is recommended to achieve a more varied distribution of frames and make better use of the available bandwidth.

The opposite is true on S2: Since all frames entering the EtherChannel from LAN hosts are destined for the MAC address of the gateway (VLAN interface), source MAC address load-balancing works better here. EtherChannel Bandwidth and Costs Finally, that the perceived bandwidth of a port-channel interface is equal to the sum of its active member links. For example, an EtherChannel with three active 100 Mbps will show a bandwidth of 300 Mbps. Because can still fail individually, the bandwidth of a port-channel interface can fluctuate without going down. 226. Are Vlan locally significant? http://packetlife.net/blog/2008/apr/11/vlans-are-locally-significant/ One common misconception regarding VLANs is that they are significant beyond a single switch. Of course, VLAN numbers have to match for trunking to work, and VTP can be used to automatically propagate VLAN information. However, a VLAN, being essentially little more than a number, is significant only within a device. Consider the following scenario:

All of the ports on switch A are set to access mode in VLAN 10, and all of the ports on switch B are set to access mode in VLAN 20. Note that the connection between the two switches is not a trunk; each end is configured as an access port in the respective VLAN. Our two hosts A and B are similarly connected to different VLANs, but still reside in the same IP subnet. Can hosts A and B communicate? The answer is yes. Follow the path of a frame leaving host A destined for host B. Switch A receives this frame on a port in VLAN 10, so it can only egress out another port in VLAN 10 or a trunk port. It performs the usual MAC lookup to determine the appropriate outbound port is its link to switch B. Now, here's the key: the frame is forwarded to switch B without a VLAN tag, because this is an access port. Switch B receives the frame on an interface it considers VLAN 20 and performs the same switching decision to forward the frame to host B. So, does it work? Yep! Is it a good idea? Probably not. In an instance where VLANs are used, you're probably using more than one. For this reason and others, it's recommended to always trunk between switches using IEEE 802.1q or (less favorably) Cisco ISL. 229. Why BGP Uses T and IGPs Don't? http://packetlife.net/blog/2010/jun/24/why-bgp-uses-t-and-igps-dont/ Convenience Arguably the most obvious motivation to design BGP to run over T is simple convenience. that BGP is essentially just another application layer protocol to the T/IP stack; at the time of BGP's creation T was already out there and working, so why not take advantage of it? From RFC 4271: BGP uses T as its transport protocol. This eliminates the need to implement explicit update fragmentation, retransmission, acknowledgement, and sequencing. Security Unlike other IPv4 routing protocols, BGP does not provide its own security mechanism. Sure, you can secure neighbor adjacencies using MD5 digests, but these aren't actually carried within the BGP header. Rather, security is facilitated by a T option defined in RFC 2385, the T Authentication Option (kind 19). This T option was originally created specifically to secure BGP adjacencies (which typically have quite long lifetimes), and for a decade or so has worked quite well. However, as MD5 is beginning to show its age, a new RFC (5925) was published just this month to provide a more resilient alternative. No Need for Neighbor Discovery Unlike interior routing protocols, BGP has no requirement for dynamic neighbor discovery. As BGP adjacencies are (or more accurately, should be) very carefully weighed design considerations, BGP neighbors must be configured statically at both ends. This is in contrast to a protocol like OSPF, which uses hello packets to automatically discover and form adjacencies with neighbors. Adjacency Traffic is Always Point-to-Point A corollary of our last point, we know that BGP unicasts ments to each of its adjacent neighbors separately. This is in contrast to interior routing protocols, which typically employ multicast transmissions to more efficiently communicate with one or more other neighbors on a multiaccess segment. 231. Explain Path Mtu discovery?

When a host needs to transmit data out an interface, it references the interface's Maximum Transmission Unit (MTU) to determine how much data it can put into each packet. Ethernet interfaces, for example, have a default MTU of 1500 bytes, not including the Ethernet header or trailer. This means a host needing to send a T data stream would typically use the first 20 of these 1500 bytes for the IP header, the next 20 for the T header, and as much of the remaining 1460 bytes as necessary for the data payload. Encapsulating data in maximum-size packets like this allows for the least possible consumption of bandwidth by protocol overhead. Unfortunately, not all links which compose the Internet have the same MTU. The MTU offered by a link may vary depending on the physical media type or configured encapsulation (such as GRE tunneling or IPsec encryption). When a router decides to forward an IPv4 packet out an interface, but determines that the packet size exceeds the interface's MTU, the router must fragment the packet to transmit it as two (or more) individual pieces, each within the link MTU. Fragmentation is expensive both in router resources and in bandwidth utilization; new headers must be generated and attached to each fragment. (In fact, the IPv6 specification removes transit packet fragmentation from router operation entirely, but this discussion will be left for another time.)

To utilize a path in the most efficient manner possible, hosts must find the path MTU; this is the smallest MTU of any link in the path to the distant end. For example, for two hosts communicating across three routed links with independent MTUs of 1500, 800, and 1200 bytes, the smallest (800 bytes) must be assumed by each end host to avoid fragmentation.

Of course, it's impossible to know the MTU of each link through which a packet might travel. RFC 1191 defines path MTU discovery, a simple process through which a host can detect a path MTU smaller than its interface MTU. Two components are key to this process: the Don't Fragment (DF) bit of the IP header, and a subcode of the ICMP Destination Unreachable message, Fragmentation Needed.

Setting the DF bit in an IP packet prevents a router from performing fragmentation when it encounters an MTU less than the packet size. Instead, the packet is discarded and an ICMP Fragmentation Needed message is sent to the originating host. Essentially, the router is indicating that it needs to fragment the packet but the DF flag won't allow for it. Conveniently, RFC 1191 expands the Fragmentation Needed message to include the MTU of the link necessitating fragmentation. A Fragmentation Needed message can be seen in packet #6 of this packet capture.

Now that the actual path MTU has been learned, the host can cache this value and packetize future data for the destination to the appropriate size. Note that path MTU discovery is an ongoing process; the host continues to set the DF flag so that it can detect further decreases in MTU should dynamic routing influence a new path to the destination. RFC 1191 also allows for periodic testing for an increased path MTU, by occasionally attempting to a packet larger than the learned MTU. If the packet succeeds, the path MTU will be raised to this higher value. You can test path MTU discovery across a live network with a tool like tracepath (part of the Linux IPutils package) or mturoute (Windows only). Here's a sample of tracepath output from the lab pictured above, with the MTU of F0/1 reduced to 1400 bytes using the ip mtu command: Host$ tracepath -n 192.168.1.2 1: 192.168.0.2 0.097ms pmtu 1500 1: 192.168.0.1 0.535ms 1: 192.168.0.1 0.355ms 2: 192.168.0.1 0.430ms pmtu 1400 2: 192.168.1.2 0.763ms reached Resume: pmtu 1400 hops 2 back 254 233. You are the network for a small network that has two routers (R1 and R2, as shown in the figure below) that are connected via serial interfaces. You have used the command Ip route 13.0.0.0 255.0.0.0 12.0.0.2 on R1 to finalize configuration. What happens if the serial interface on R2 shuts down?

The route of 13.0.0.0 remains on router R1. Because you are using static routing, there is no way for router R1 to know that the interface is down on router R2. This means that the route is still valid on router R1 as far as router R1 is concerned. 234. You have typed the following command on switch SW1. Using the figure below, what effect will the commands have on the network? Interface f0/24 Switchport mode access

(A) All systems in VLAN 10 can communicate with one another. (B) Systems will not be able to communicate between the two switches. (C) All systems in VLAN 20 can communicate with one another. (D) Systems can communicate between the two switches. B. Systems will not be able to communicate between the two switches. In order for systems to communicate across switches to other systems in the same VLAN, you need to configure port F0/24 as a trunk port instead of an access port. Configuring F0/24 as a trunk port will allow it to carry VLAN traffic between the two switches. 235. Using the figure below, which of the following statements are true of router R1?

(A) There are too many sub-interfaces on f0/0. (B) Interface f0/0 should be configured as an access port. (C) Interface f0/0 should be configured as a trunk port. (D) Interface F0/1 should be configured as a trunk port. C. Interface f0/0 should be configured as a trunk port. When creating a router on a stick scenario, you will need to create the sub-interfaces on the port connected to the switch, but you also need to enable the port on both the router and the switch as a trunk port so that it can carry VLAN traffic. In this case, the router is only asking what you should do with router R1. 236. Which OSPF command turn OSPF on all interfaces of a router? Answer: network 0.0.0.0 255.255.255.255 237. Refer the exhibit

What two results would occur if the hub were to be replaced with a switch that is configured with one Ethernet VLAN? (Choose two) A. The number of collision domains would remain the same. B. The number of collision domains would decrease. C. The number of collision domains would increase. D. The number of broadcast domains would remain the same. E. The number of broadcast domains would decrease. F. The number of broadcast domains would increase. Answer: C D

238. The network normally establishes a Telnet session with the switch from host A. The ’s attempt to establish a connect via Telnet to the switch from host B fails, but pings from host B to other two hosts are successful. What is the issue for this problem?

A. Host B and the switch need to be in the same subnet. B. The switch needs an appropriate default gateway assigned. C. The switch interface connected to the router is down. D. Host B need to be assigned an IP address in vlan 1. Answer: B Explanation Host A (172.19.1.1) and the management IP address of the Switch (172.19.1.250) are in the same subnet so telnet from host A to the switch can be successful even if a default gateway is not set on host A. But host B (172.19.32.2) and the management IP address of the Switch (172.19.1.250) are not in the same subnet so host B needs a default gateway to telnet to the switch. The default gateway on host B should be 172.19.32.254. 239. Refer to the topology and router output shown in the exhibit:

A technician is troubleshooting host connectivity issues on the switches. The hosts in VLANs 10 and 15 on Sw11 are unable to communicate with hosts in the same VLANs on Sw12. Hosts in the VLAN are able to communicate. The port-to-VLAN assignments are identical on the two switches. What could be the problem? A. The Fa0/1 port is not operational on one of the switches. B. The Link connecting the switches has not been configured as a trunk. C. At lease one port needs to be configured in VLAN 1 for VLANs 10 and 15 to be able to communicate. D. Port FastEthernet 0/1 needs to be configured as an access link on both switches. E. A router is required for hosts on Sw11 in VLANs 10 and 15 to communicate with hosts in the same VLAN on Sw12. Answer: B Explanation The show vlan command only displays access ports, the trunk ports are not shown in this command (we can use the “show interface trunk” command to see trunked ports). In the output we can see the ports Fa0/1 connecting between two switches in VLAN 20 -> they are access ports and only VLAN 20 can communicate. To make all VLANs can communicate (with the same VLAN at the other switch), the link between two switches must be set as trunk -> B is correct. 240. Refer to the exhibit:

What commands must be configured on the 2950 switch and the router to allow communication between host 1 and host 2? (Choose two) Router(config)#interface fastethernet 0/0 Router(config-if)#no shutdown Router(config)#interface fastethernet 0/0.1 Router(config-subif)#encapsulation dot1q 10 Router(config-subif)#ip address 192.168.10.1 255.255.255.0 Router(config-subif)#interface fastethernet 0/0.2 Router(config-subif)#encapsulation dot1q 20 Router(config-subif)#ip address 192.168.20.1 255.255.255.0 Switch1(config) # interface fastEthernet 0/1 Switch1(config-if)# switchport mode trunk 241. Refer to the topology shown in the exhibit. Which ports will be STP designated ports if all the links are operating at the same bandwidth? (Choose three)

A. Switch A – Fa0/0 B. Switch A – Fa0/1 C. Switch B – Fa0/0 D. Switch B – Fa0/1 E. Switch C – Fa0/0 F. Switch C – Fa0/1 Answer: B C D Explanation First by comparing their MAC addresses we learn that switch B will be root bridge as it has lowest MAC. Therefore all of its ports are designated ports -> C & D are correct. On the link between switch A & switch C there must have one designated port and one non-designated (blocked) port. We can figure out which port is designated port by comparing their MAC address again. A has lower MAC so Fa0/1 of switch A will be designated port while Fa0/1 of switch C will be blocked -> B is correct. 242. Refer to the exhibit. Each of these four switches has been configured with a hostname, as well as being configured to run RSTP. No other configuration changes have been made. Which three of these show the correct RSTP port roles for the indicated switches and interfaces? (Choose three)

A. SwitchA, Fa0/2, designated B. SwitchA, Fa0/1, root C. SwitchB, Gi0/2, root D. SwitchB, Gi0/1, designated E. SwitchC, Fa0/2, root F. SwitchD, Gi0/2, root Answer: A B F Explanation The question says “no other configuration changes have been made” so we can understand these switches have the same bridge priority. Switch C has lowest MAC address so it will become root bridge and 2 of its ports (Fa0/1 & Fa0/2) will be designated ports -> E is incorrect. Because SwitchC is the root bridge so the 2 ports nearest SwitchC on SwitchA (Fa0/1) and SwitchD (Gi0/2) will be root ports -> B and F are correct. Now we come to the most difficult part of this question: SwitchB must have a root port so which port will it choose? To answer this question we need to know about STP cost and port cost. In general, “cost” is calculated based on bandwidth of the link. The higher the bandwidth on a link, the lower the value of its cost. Below are the cost values you should memorize: Link speed Cost 10Mbps 100 100Mbps 19 1 Gbps 4 SwitchB will choose the interface with lower cost to the root bridge as the root port so we must calculate the cost on interface Gi0/1 & Gi0/2 of SwitchB to the root bridge. This can be calculated from the “cost to the root bridge” of each switch because a

switch always s its cost to the root bridge in its BPDU. The receiving switch will add its local port cost value to the cost in the BPDU. One more thing to notice is that a root bridge always s the cost to the root bridge (itself) with an initial value of 0. Now let’s have a look at the topology again

SwitchC s its cost to the root bridge with a value of 0. Switch D adds 4 (the cost value of 1Gbps link) and s this value (4) to SwitchB. SwitchB adds another 4 and learns that it can reach SwitchC via Gi0/1 port with a total cost of 8. The same process happens for SwitchA and SwitchB learns that it can reach SwitchC via Gi0/2 with a total cost of 23 -> Switch B chooses Gi0/1 as its root port -> D is not correct. Now our last task is to identify the port roles of the ports between SwitchA & SwitchB. It is rather easy as the MAC address of SwitchA is lower than that of SwitchB so Fa0/2 of SwitchA will be designated port while Gi0/2 of SwitchB will be alternative port -> A is correct but C is not correct. Below summaries all the port roles of these switches:

+ DP: Designated Port (forwarding state) + RP: Root Port (forwarding state) + AP: Alternative Port (blocking state) 243. On corporate network, hosts on the same VLAN can communicate with each other, but they are unable to communicate with hosts on different VLANs. What is needed to allow communication between the VLANs?

A. a router with subinterfaces configured on the physical interface that is connected to the switch B. a router with an IP address on the physical interface connected to the switch C. a switch with an access link that is configured between the switches D. a switch with a trunk link that is configured between the switches Answer: A

244. A frame from VLAN1 of switch S1 is sent to switch S2 where the frame received on VLAN2. What causes this behavior?

A. trunk mode mismatches B. vlans that do not correspond to a unique IP subnet C. native vlan mismatches D. allowing only vlan 2 on the destination. Answer: C Explanation For 802.1q encapsulation, the native VLAN must matched at both side; otherwise the link will not work. In this case the native VLAN of S1 is 1 while the native VLAN of S2 is 2. 245. Refer to the exhibit. A network attempts to ping Host2 from Host1 and receives the results that are shown. What is a possible problem?

A. The link between Host1 and Switch1 is down. B. T/IP is not functioning on Host1 C. The link between Router1 and Router2 is down. D. The default gateway on Host1 is incorrect. E. Interface Fa0/0 on Router1 is shutdown. F. The link between Switch1 and Router1 is down. Answer: C Explanation In this question, Host1 wants to ping Host2 but it receives a reply from the interface Fa0/0 of Router1 (10.1.1.1/24) that the “destination host unreachable”. If the link between Host1 and Switch1 is down or the link between Switch1 and Router1 is down then Host1 cannot receive this reply -> A and F are not correct. Host1 can receive a reply from 10.1.1.1 -> the T/IP is working properly -> B is not correct. For answer D, if the default gateway was not configured correctly on Host1 (in this case the default gateway should be 10.1.1.1/24) then 10.1.1.1 cannot receive the ping packets from Host1 and cannot reply for Host1 that the destination is unreachable -> D is not correct.

Interface Fa0/0 on Router1 replies for the ping packets from Host1 so it is up -> E is not correct. If the interface Fa0/0 on Router is shutdown then we will receive a message of “Request timed out”, not “Destination host unreachable”. Answer C is correct because we can get a reply from the interface Fa0/0 of Router1 so the link between Host1 and Router1 should be fine -> the problem lies at the other side of Router1. But if the link between Router2 and Host2 is down then we will receive a reply from interface S0/1 of Router2 that the “destination host unreachable”. Therefore the problem can just be the link between Router1 and Router2. 246. Refer to the exhibit. The network requires easy configuration options and minimal routing protocol traffic. Which two options provide adequate routing table information for traffic that es between the two routers and satisfy the requests of the network ? (choose two)

A. a dynamic routing protocol on InternetRouter to summarized routers to CentralRouter. B. a dynamic routing protocol on CentralRouter to summarized routers to InternetRouter. C. a static route on InternetRouter to direct traffic that is destined for 172.16.0.0/16 to CentralRouter. D. a dynamic routing protocol on InternetRouter to all routes to CentralRouter. E. a dynamic routing protocol on CentralRouer to all routes to InternetRouter F. a static, default route on CentralRouter that directs traffic to InternetRouter. Answer: C F 247. Refer to the exhibit:

After HostA pings HostB, which entry will be in the ARP cache of HostA to this transmission? Host A knows host B is in another network so it will send the pings to its default gateway 192.168.6.1. Host A sends a broadcast frame asking the MAC address of 192.168.6.1. These information (IP and MAC address of the default gateway) is saved in its ARP cache for later use.

248. Refer to the exhibit. The following commands are executed on interface fa0/1 of 2950Switch. 2950Switch(config-if)#switchport port-security 2950Switch(config-if)#switchport port-security mac-address sticky 2950Switch(config-if)#switchport port-security maximum 1 The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur when this frame is received by 2950Switch? (Choose two)

A. The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF. B. Only host A will be allowed to transmit frames on fa0/1. C. This frame will be discarded when it is received by 2950Switch. D. All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out fa0/1. E. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be forwarded out fa0/1. F. Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be forwarded out fa0/1. Answer: B D 249. Host 1 is trying to communicate with Host 2. The e0 interface on Router C is down. Which of the following are true? (Choose two)

A. Router C will use ICMP to inform Host 1 that Host 2 cannot be reached. B. Router C will use ICMP to inform Router B that Host 2 cannot be reached. C. Router C will use ICMP to inform Host 1, Router A, and Router B that Host 2 cannot be reached. D. Router C will send a Destination Unreachable message type. E. Router C will send a Router Selection message type. F. Router C will send a Source Quench message type. Answer: A D Explanation The last known good router will try to inform you that the destination cannot be reached (with a Destination Unreachable message type) so from that information you can learn how far your packets can travel to and where the problem is. 250. Refer to the exhibit.

All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP link metrics. Which two ports are in blocking state after STP converges? (Choose two)

A. the port on switch SWD that connects to switch SWE B. the port on switch SWF that connects to switch SWG C. the port on switch SWD that connects to switch SWC D. the port on switch SWB that connects to switch SWD Answer: C D 251. Refer to the exhibit.

All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP link metrics. Which two ports are forwarding traffic after STP converges? (Choose two) A. The port connecting switch SWD with switch SWE B. The port connecting switch SWG with switch SWF C. The port connecting switch SWC with switch SWE D. The port connecting switch SWB with switch SWC Answer: C D

252. Refer to the exhibit. router ospf 100 router-id 4.4.4.4 area 110 nssa summary-address 192.168.0.0 255.255.0.0 nssa-only redistribute static metric-type 1 subnets tag 704 network 110.110.0.0 0.0.255.255 area 110 This is the configuration of the ASBR of area 110. Which option explains why the remote ABR should not translate the type 7 LSA for the prefix 192.168.0.0/16 into a type 5 LSA? A. The remote ABR translates all type 7 LSA into type 5 LSA, regardless of any option configured in the ASBR. B. The ASBR sets the forwarding address to 0.0.0.0 which instructs the ABR not to translate the LSA into a type 5 LSA. C. The ASBR originates a type 7 LSA with age equal to MAXAGE 3600. D. The ABR clears the P bit in the header of the type 7 LSA for 192.168.0.0/16.

Answer: D Explanation When external routing information is imported into an NSSA, LSA Type 7 is generated by the ASBR and it is flooded within that area only. To further distribute the external information, type 7 LSA is translated into type 5 LSA at the NSSA border. The P-bit in LSA Type 7 field indicates whether the type 7 LSA should be translated. This P-bit is automatically set by the NSSA ABR (also the Forwarding Address (FA) is copied from Type 7 LSA). The P-bit is not set only when the NSSA ASBR and NSSA ABR are the same router for the area . If bit P = 0, then the NSSA ABR must not translate this LSA into Type 5.

The nssa-only keyword instructs the device to instigate Type-7 LSA with cleared P-bit, thereby, preventing LSA translation to Type 5 on NSSA ABR device. Note: If a router is attached to another AS and is also an NSSA ABR, it may originate a both a type-5 and a type-7 LSA for the same network. The type-5 LSA will be flooded to the backbone and the type-7 will be flooded into the NSSA. If this is the case, the P-bit must be reset (P=0) in the type-7 LSA so the type-7 LSA isn’t again translated into a type-5 LSA by another NSSA ABR. 253. Which statement about a type 4 LSA in OSPF is true? A. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ASBR. B. It is an LSA that is originated by an ASBR, that is flooded throughout the AS, and that describes a route to the ASBR. C. It is an LSA that is originated by an ASBR, that is flooded throughout the area, and that describes a route to the ASBR. D. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ABR. E. It is an LSA that is originated by an ABR, that is flooded throughout the area, and that describes a route to the ASBR. Answer: E Explanation LSA Type 4 (called Summary ASBR LSA) is generated by the ABR to describe an ASBR to routers in other areas so that routers in other areas know how to get to external routes through that ASBR.

254. Refer to the exhibit.

R3 prefers the path through R1 to reach host 10.1.1.1. Which option describes the reason for this behavior? A. The OSPF reference bandwidth is too small to for the higher speed links through R2. B. The default OSPF cost through R1 is less than the cost through R2. C. The default OSPF cost through R1 is more than the cost through R2. D. The link between R2 and R1 is congested. Answer: A Explanation The default formula to calculate OSPF bandwidth is BW = Bandwidth Reference / interface bandwidth [bps] = 10^8 / / interface bandwidth [bps] BW of the R1-R3 link = 10^8 / 100Mbps = 10^8 / 10^8 = 1 BW of the R2-R3 link = 10^8 / 1Gbps = 10^8 / 10^9 = 1 (round up) Therefore OSPF considers the two above links have the same Bandwidth -> R3 will go to 10.1.1.1 via the R1-R3 link. The solution here is to increase the Bandwidth Reference to a higher value using the “auto-cost reference-bandwidth” command under OSPF router mode. For example: Router(config)#router ospf 1 Router(config-router)#auto-cost reference-bandwidth 10000 This will increase the reference bandwidth to 10000 Mbps which increases the BW of the R2-R3 link to 10^10 / 10^8 = 100. 255. Refer to the exhibit.

AS#1 and AS#2 have multiple EBGP connections with each other. AS#1 wants all return traffic that is destined to the prefix 10.10.10.1/32 to enter through the router R1 from AS#2. In order to achieve this routing policy, the AS 1 s a lower MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this measure guarantee that the routing policy is always in effect? AS #1 and AS #2 have multiple EBGP connections with each other. AS #1 wants all return traffic that is destined to the prefix 10.10.10.1/32 to enter through the router R1 from AS #2. In order to achieve this routing policy, the AS#1 s a lower MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this measure guarantee that the routing policy is always in effect? A. Yes, because MED plays a deterministic role in return traffic engineering in BGP. B. Yes, because a lower MED forces BGP best-path route selection in AS #2 to choose R1 as the best path for 10.10.10.0/24. C. Yes, because a lower MED in AS #2 is the highest BGP attribute in BGP best-path route selection. D. No, AS #2 can choose to alter the weight attribute in R2 for BGP neighbor R1, and this weight value is cascaded across AS #2 for BGP best-path route selection. E. No, AS #2 can choose to alter the local preference attribute to overwrite the best-path route selection over the lower MED ment from AS #1. This local preference attribute is cascaded across AS #2 for the BGP best-path route selection. Answer: E 256. Refer to the exhibit. All iBGP routes should have the iBGP peer as the next hop address. Why is this not the case for BGP routes learned between R1 and R2?

A. R2 is missing the next-hop-self option under the neighbor command for R1 B. ISP-A is missing the next-hop-self option under the neighbor command for R1 C. ISP-B is missing the next-hop-self option under the neighbor command for R1 D. R2, ISP-A, and ISP-B are missing the next-hop-self option under the neighbor command for R1 Answer: A Explanation In this case networks 10.0.0.0, 172.17.0.0, 172.18.0.0, 192.168.60.0, 192.168.70.0 are networks learned and d from R2. We see that the next-hop of these networks are 209.165.202.158 while they should be 209.165.202.130. With the nexthop of 209.165.202.158, R1 may not know how to send traffic to above networks and the traffic is dropped. To avoid this failure we should configure the ‘next-hop-self’ under the neighbor command for R1 like this: R2(config-router)#neighbor 209.165.202.129 next-hop-self 257. During a recent OSPF election among three routers. RTA was elected the DR and RTB was elected the BDR, as seen in the graphic. Assume that RTA fails, and that RTB takes the place of the DR while RTC becomes the new BDR. What will happen when RTA comes back online?

A – RTA will take the place of DR immediately upon establishing its adjacencie B – RTA will take the place of DR only if RTB fails C – RTA will take the place of DR only if both RTB and RTC fail D – A new election will take place establishing an all new DR and BDR based on configured priority levels and MAC addresses Answer: C 258. Refer to the exhibit. During the process of configuring a virtual link to connect area 2 with the backbone area, the network received this console message on R3: *Mar 1 00:25:01.084: %OSPF-4-ERRRCV: Received invalid packet: mismatch area ID, from backbone area must be virtual link but not found from 20.20.20.1, Serial 0 How should the virtual link be configured on the OSPF routers to establish full connectivity between the areas?

A – R1(config-router)# area 1 virtual-link 30.30.30.3 R3(config-router)# area 1 virtual-link 20.20.20.1 B – R1(config-router)# area 1 virtual-link 20.20.20.2 R3(config-router)# area 1 virtual-link 30.30.30.2 C – R1(config-router)# area 0 virtual-link 1.1.1.1 R3(config-router)# area 2 virtual-link 3.3.3.3 D – R1(config-router)# area 1 virtual-link 3.3.3.3 R3(config-router)# area 1 virtual-link 1.1.1.1 E – R1(config-router)# area 1 virtual-link 2.2.2.2 R3(config-router)# area 1 virtual-link 2.2.2.2 Answer: D Explanation When deg a multi-area OSPF network, all areas should be connected to the backbone area. However, there may be instances when an area will need to cross another area to reach the backbone area like area 2 in this case. A virtual link has the following two requirements: + It must be established between two routers that share a common area and are both ABRs. + One of these two routers must be connected to the backbone. In this case, two routers that satisfy the above requirements are R1 and R3. The syntax for creating a virtual link across an area is:

area area-id virtual-link neighbor-router-id The area-id is the number of the transit area, in this example Area 1 and neighbor-router-id is the IP address of the highest loopback interface configured or can be manually set on the neighboring router. 259. As shown in the exhibit ,OSPF is configured over a Frame Relay network. All PVCs are active. However, P4S1 and P4S3 fail to see all OSPF routes in their routing tables. The show ip ospf neighbor command executed on P4S2 displays the state of the neighbors. In order to fix the problem , what should be done?

A – The neighbor command should be configured under the OSPF routing process on all routers B – The ip ospf network broadcast command should be configured on each Frame Relay interface C – The ip ospf network non-broadcast command should be configured on each Frame Relay interface D – The ip ospf priority value on the spoke routers should be set to 0 Answer: D Explanation In an NBMA network topology, neighbors are not discovered automatically. OSPF tries to elect a DR and a BDR due to the multi-access nature of the network, but the election fails since neighbors are not discovered because NBMA environment doesn’t forward broadcast and multicast packets. Neighbors must be configured manually to overcome these problems. Also, additional configuration is necessary in a hub and spoke topology to make sure that the hub routers, which have connectivity with every other spoke router, are elected as the DR and BDR. You must set the spoke interfaces to an OSPF priority of zero, this ensures that the spokes will not become the DR or BDR. 260. Refer to the exhibit. OSPF is configured on all routers in the network. On the basis of the show ip ospf neighbor output, what prevents R1 from establishing a full adjacency with R2?

A. Router R1 will only establish full adjacency with the DR and BDR on broadcast multiaccess networks. B. Router R2 has been elected as a DR for the broadcast multiaccess network in OSPF area C. Routers R1 and R2 are configured as stub routers for OSPF area 1 and OSPF area 2. D. Router R1 and R2 are configured for a virtual link between OSPF area 1 and OSPF area 2. E. The Hello parameters on routers R1 and R2 do not match. Answer: A Explanation From the output, we learn that R4 is the DR and R3 is the BDR so other routers will only establish full adjacency with these routers. All other routers have the two-way adjacency established -> A is correct.

261. Refer to the exhibit. On the basis of the configuration provided, how are the Hello packets sent by R2 handled by R5 in OSPF area 5?

A. The Hello packets will be exchanged and adjacency will be established between routers R2 and R5. B. The Hello packets will be exchanged but the routers R2 and R5 will become neighbors only. C. The Hello packets will be dropped and no adjacency will be established between routers R2 and R5. D. The Hello packets will be dropped but the routers R2 and R5 will become neighbors. Answer: C Explanation Recall that in OSPF, two routers will become neighbors when they agree on the following: Area-id, Authentication, Hello and Dead Intervals, Stub area flag. We must specify Area 5 as a stub area on the ABR (R2) and all the routers in that area (R5 in this case). But from the output, we learn that only R2 has been configured as a stub for Area 5. This will drop down the neighbor relationship between R2 and R5 because the stub flag is not matched in the Hello packets of these routers. 262. Refer to the exhibit. Two routers are connected by Frame Relay and are running OSPF between them. Each router has been configured with the appropriate network statements under router ospf 1, but the routers are not forming an adjacency. Which of the following three commands could be configured on each router to correct this problem? (Choose three)

A. RouterC(config-if )#ip ospf network broadcast RouterD(config-if )#ip ospf network broadcast B. RouterC(config-if)#ip ospf network point-to-point RouterD(config-if)#ip ospf network point-to-point C. RouterC(config-router)#neighbor 10.100.100.4 RouterD(config-router)#neighbor 10.100.100.3 D. RouterC(config-router)#neighbor 10.255.255.254 RouterD(config-router)#neighbor 10.255.255.253 Answer: A B D

Explanation By default, Frame Relay is classified as a non-broadcast network, meaning it doesn’t send any broadcasts/multicasts like RIP, OSPF or EIGRP updates across the network (hello packets of OSPF are multicast to 224.0.0.5). Hence, in NBMA network, the neighbors are not discovered automatically; they must be configured manually. There are two ways to simulate a broadcast model on an NBMA network: + Define the network type as broadcast with the “ip ospf network broadcast” interface sub-command + Configure the neighbor statements under router ospf mode (though configuring the neighbor statement on one end is sufficient to form adjacency, it is a good practice to have it configured on both the ends) Besides these two ways, another way for making OSPF work with Frame Relay is configuring the network as a Point-to-Point network (or Point-to-Multipoint, notice that OSPF treats Point-to-Multipoint network as a collective of point-to-point links). Some information about Point-to-Multipoint (or Point-to-Point) network: Note: Point-to-Multipoint networks do not maintain a DR/BDR relationship. 263. What are two different types of bgp sessions? There are two different types of BGP sessions: internal and external. The internal one is established between routers inside the same AS and the external session is established between routers in different AS. 264. Refer to the exhibit. What is the effect of the OSPF configuration on router B?

A. All interfaces will be in area 0. B. The router will be an ABR with s1/0 in area 0 and 0/0 and 0/1 in area 1. C. The router will be an ABR with s1/0 in area 0 and 0/0 and 0/1 in area 2. D. The router will be an ABR with s1/0 in area 0, f0/0 in area 1, and f0/1 in area 2. Answer: D 265.

RouterA#debug ip ospf events OSPF events debugging is on RouterA# 04:43:16: OSPF: Rev pkt from 10.3.0.2, Ethernet0/1, area 0.0.0.1 mismatch area 0.0.0.2 in the header 04:43:19: OSPF: Rev hello from 10.100.100.3 area 0 from Ethernet0/0 10.1.0.1 04:43:19: OSPF: End of hello processing Refer to the exhibits. What can be done to fix the problem? A. Change router B E0/1 interface to area 0. B. Change router A interface E0/1 to area 0.0.0.2. C. Configure the E0/1 interfaces of router A and router B to be in area 0. D. Shut down the E0/1 interfaces in router A and router B as OSPF does not allow “back doors” between areas. E. Remove the E0/1 interfaces in router A and router B from the OSPF process. Use static routes to route data directly from router A to router B to avoid ing data through router C in area 0. Answer: C

266. Refer to the exhibit. What additional commands should be used to configure OSPF area 5 as a Totally Stubby area?

A. area 0 stub on routers R4 and R5 B. area 5 stub on routers R4 and R5 C. area 5 stub no-summary on routers R4 and R5 D. area 0 stub no-summary on router R4 and area 5 stub no-summary on router R5 E. area 5 stub no-summary on router R4 and area 5 stub on router R5 Answer: E Explanation To define a totally stub area, use the area area-id stub no-summary command on the ABR (in OSPF router configuration) and the area area-id stub on the totally stub router. The ABR will inject a default route into the area so routers in this type of area only see routing information local to their area, plus a default route pointing to the ABR, from which they can reach all other areas and all other networks 267. Refer to the exhibit. Which statement is true about the configuration?

A. RTA will not establish an OSPF adjacency with RTB. B. RTA will not accept OSPF hello packets from RTB. C. RTA will send OSPF hello packets, but will not send OSPF updates. D. RTA will send OSPF updates, but will not establish an adjacency with RTB. Answer: A Explanation ive-interface command is used to disable sending updates out from a specific interface. For OSPF it prevents Hello packets from being sent out or received through the interface. This will not allow to create a neighbor adjacency and prevent a router from learning prefixes from those neighbors. For RIP, configuring an interface as ive will still allow the interface to listen to incoming routing updates for other RIP neighbors, but the interface will no longer send them. Note: The ive-interface command is used in router configuration mode, not interface mode. 268. Refer to the exhibit. All routers have simultaneously been reloaded, and the DR election has concluded as expected. Which state is RTC in?

A. 2WAY/DROTHER B. 2WAY/BDR C. 2WAY/DR D. FULL/DROTHER E. FULL/BDR F. FULL/DR Answer: E Explanation All the routers are allowed to take part in the DR/BDR election because all the “Pri”s (Priority) are 1 and they are equal so with default parameters, the router with highest IP address will become DR (RTD in this case) and the router with second highest IP address (RTC) will become BDR. 269. Refer to the diagram. Which OSPF configuration command is required to configure Area 3 as a totally stubby area?

A. On the ABR router ospf 10 area 3 nssa B. On the ABR router ospf 10 area 3 stub C. On all Area 3 routers router ospf 10 area 3 stub no-summary D. On all Area 3 routers router ospf 10 area 3 stub E. On the ABR router ospf 10 area 3 stub no-summary Answer: E Explanation To make an area “totally stubby” we must apply the “area area-id stub no-summary” command on the ABR (the middle router in this case) and area area-id stub” commands to all other routers in that area. 270. Refer to the exhibit. OSPF has been configured on all routers in the network. However, router R1 does not receive a default route to router R2 as intended. Which configuration change would ensure that R1 would receive a default route from R2?

A. Add the area 1 stub command on routers R1. B. Add the always keyword to the default-information originate configuration command on router R2. C. Remove the default information originate configuration command from router R2 and place it on router R1. D. Add the ip route 5.0.0.0 255.255.255.0 0.0.0.0 command to router R2. Answer: B Explanation The default-information originate command s a default route into a normal area, provided the advertising router already has a default route. If we want the router to the default route even if it does not have a default route then we can append the keyword always after the above command. In this question, notice that R2 does not have a default route (something like this: ip route 0.0.0.0 0.0.0.0 6.0.0.2) so the “default-information originate” will not this default route to R1 -> We need to add the keyword “always” or declare a default route -> B is correct. 271. Refer to the exhibit. OSPF is configured on all routers in the network. Area 5 is configured as an NSSA area. The RIPv2 routes are redistributed into the OSPF domain on router R5. What two types of LSAs will be originated by router R5? (Choose two)

A. type 1 Router LSA B. type 2 Network LSA C. type 3 Network Summary LSA D. type 4 ASBR Summary LSA E. type 5 AS External LSA F. type 7 NSSA External LSA Answer: A F Explanation Each router creates Type 1 LSA to describe itself, its interfaces, and neighbors -> A is correct. Notice that LSA Type 7 is generated by an ASBR inside a Not-so-stubby area (NSSA) to describe routes redistributed into the NSSA -> F is correct. For your information, the main difference between LSA Type 7 and Type 5 is Type 7 is generated inside a NSSA while Type 5 is generated inside a standard area. 272. Refer to the exhibit. Will redistributed RIP routes from OSPF Area 2 be allowed in Area 1?

A. Because Area 1 is an NSSA, redistributed RIP routes will not be allowed. B. Redistributed RIP routes will be allowed in Area 1 because they will be changed into type 5 LSAs in Area 0 and ed on into Area 1. C. Because NSSA will discard type 7 LSAs, redistributed RIP routes will not be allowed in Area 1. D. Redistributed RIP routes will be allowed in Area 1 because they will be changed into type 7 LSAs in Area 0 and ed on into Area 1. E. RIP routes will be allowed in Area 1 only if they are first redistributed into EIGRP. Answer: A Explanation Area 1 is a NSSA so we can inject EIGRP routes into this area with Type 7 LSAs. Notice that Type 7 LSAs can only be existed in a NSSA. The NSSA ABR of area 1 must converted it into LSA Type 5 before flooding to the whole OSPF domain. When redistribute RIP into area 2, LSA Type 5 will be created an sent through area 0. But a NSSA is an extension of a stub area. The stub area characteristics still exist, which includes no type 5 LSAs allowed. Note: A stub area only allows LSA Type 1, 2 and 3. 273. Refer to the exhibit. OSPF has been configured on all routers in the network and Area 1 has been configured as a NSSA. Which statement is true about the NSSA Area 1?

A. Redistributed RIP and IGRP routes will appear in Area 1. They will be d via type 5 LSAs. B. Only redistributed RIP routes will appear in Area 1. They will be d via type 7 LSAs. C. Only redistributed IGRP routes will appear in Area 1. They will be d via type 7 LSAs. D. No redistributed routes can appear in Area 1, only summary routes. Answer: C Explanation Same explanation of Question 6. Please notice that the IGRP routes are redistributed to NSSA area 1 via LSA Type 7. The NSSA ABR of area 1 will convert it into a LSA Type 5 before flooding to area 0 & area 2. 274. Refer to the exhibit. OSPF is running throughout the network. You want to minimize the propagation of LSAs into and out of Area 1. Which OSPF feature would best achieve this goal?

A. stub B. totally stubby C. NSSA D. totally NSSA Answer: D Explanation We need to redistribute RIP from R1 to Area 1 so Area 1 cannot be a stub or totally stubby area. To minimize the propagation of LSAs into and out of Area 1 we should configure it as a totally NSSA. Notice that a NSSA allows LSA Type 3 & 7 while a Totally NSSA only allows LSA Type 7. Note: Both Totally Stubby Area & Totally Stubby NSSA do not accept external AS routes or inter-area routes (LSA Types 3, 4 and 5). They recognize only intra-area routes and the default route 0.0.0.0. The main difference between them is Totally Stubby NSSA accepts routes from other AS while Totally Stubby Area does not. Below summarizes the LSA Types allowed and not allowed in area types: Area Type Type 1 Standard & backbone Stub Yes Totally stubby NSSA Yes Totally (stubby) NSSA

& 2 (within area) Yes Yes Yes

Type 3 (from other areas) Yes Yes No No Yes No No

Type Yes No No No No

4Type Yes No No Yes No

5Type 7 No No Yes

275. Refer to the exhibit. A company would prefer all Internet-bound OSPF routed traffic to use ISP ABC with ISP DEF as a backup. As the network consultant, what three configuration changes might you make? (Choose three)

A. The default-information originate command should be configured on router B1 and B4. B. The default-information originate command should be configured on router B2 and B3. C. If the metric value for ISP ABC is set at the default, the ISP DEF metric value should be set to 1.

D. If the metric value for ISP ABC is set at the default, the ISP DEF metric value should be set to 25. E. The metric type value should be set to type 1. F. The metric type value should be set to type 2. Answer: B D F Explanation Routers B2 & B3 need to a default route to the Internet for “inside” OSPF routers so we should use the “defaultinformation originate” command with a default route (something like “ip route 0.0.0.0 0.0.0.0″) pointing to the ISP router -> B is correct. If no metric is specified, OSPF puts a default value of 20 when redistributing routes from all protocols except BGP routes (BGP routes get a metric of 1). We use ISP DEF as a backup so its metric value should be set to a higher value than 20 -> D is correct. There are two types of external routes: external type 1 and external type 2. The difference between the two is in the way the cost (metric) of the route is being calculated: + The cost of a type 2 route is always the external cost, irrespective of the interior cost to reach that route. + Type 1 cost is the addition of the external cost and the internal cost used to reach that route. -> We should configure the type 2 external route to make sure the ISP ABC is always referred over ISP DEF because internal routing does not determine the path. Note: E2 is the default external metric, but E1 is preferred over E2 if two equal-cost paths exist. 276. Refer to the exhibit. A network wants to reduce the number of OSPF routes d from Area 1 into Area 2. As the router configuration specialist, what two things would you do to accomplish this goal? (Choose two)

A. Enter the configuration on router B1. B. Enter the configuration on router B4. C. On the same router, enter the Summary-address 10.10.1.0 255.255.255.128 subcommand. D. On the same router, enter the Area 1 range 10.10.1.0 255.255.255.128 subcommand. E. On the same router, enter the Area 2 range 10.10.1.0 255.255.255.128 subcommand. Answer: A D 277. Refer to the exhibit. Given the exhibited router output, which command sequence can be added to R1 to generate a default route into the OSPF domain?

A. default-router B. ip default-network C. default-information originate always D. ip default-gateway Answer: C

Explanation The default-information originate command s a default route to other routers, telling something like “please send me your unknown traffic”. With the always parameter, the default route is d even if there is no default route in the router’s routing table. In this case we don’t see any default route in the configuration of R1 (like ip route 0.0.0.0 0.0.0.0 ….) so it must include the keyword “always” so that the default route is d. 278. Given the above OSPF network, which command will RTB use to summarize routes for the 192.168.16.0/22 supernet before injecting them into Area 0?

A. area 10 range 192.168.16.0 255.255.252.0 B. summary-address 192.168.16.0 255.255.252.0 C. ip summary-address ospf 101 192.168.16.0 255.255.252.0 D. area 0 range 192.168.16.0 255.255.252.0 E. ip summary-address area 0 192.168.16.0 255.255.252.0 Answer: A 279. Refer to the exhibit. Which statement is true?

A. RTA will redistribute the RIP routers into the NSSA as type 7 LSAs. RTB will translate the type 7 LSAs into type 5 LSAs and flood them throughout the OSPF backbone. B. RTA will redistribute the RIP routers into the NSSA as type 7 LSAs. RTB will flood the type 7 LSAs throughout the backbone. C. RTA will redistribute the RIP routers into the NSSA as type 5 LSAs. RTB will flood the type 5 LSAs throughout the backbone. D. RTA will redistribute the RIP routers into the NSSA as type 5 LSAs. RTB will translate the type of 5 LSAs into type 7 LSAs and flood them throughout the OSPF backbone. E. RTA will not redistribute the RIP routers into the NSSA. Ans: A 280. Refer to the network topology diagram shown in the exhibit. The routing table of R3 contains all the proper OSPF routes except the 10.4.4.0/24 OSPF route. Which show command on R3 will be the most useful to determine the cause of this problem and why?

A. Perform show ip ospf virtual-link to examine if the virtual link between R3 and R4 is configured and in the up state.

B. Perform show run to examine if area 3 is configured as a stubby area. C. Perform show run to examine if area 3 is configured as a nssa area. D. Perform show ip ospf neighbor to examine which router is elected as the DR on the e2 interface. E. Perform show ip ospf database to examine the OSPF database entries. Answer: A 281. A network recently redistributed RIP routes into an OSPF domain. However, the wants to configure the network so that instead of 32 external type-5 LSAs flooding into the OSPF network, there is only one. What must the do to accomplish this?

A. Configure summarization on R1 with area 1 range 172.16.32.0 255.255.224.0 B. Configure summarization on R1 with summary-address 172.16.32.0 255.255.224.0 C. Configure area 1 as a stub area with area 1 stub D. Configure area 1 as a NSSA area with area 1 stub nssa Answer: B 282. Refer to the exhibit. Routers R2, R3, R4, and R5 have OSPF enabled. What should be configured on the routers in area 1 to ensure that all default summary routes and redistributed EIGRP routes will be forwarded from R6 to area 1, and only a default route for all other OSPF routes will be forwarded from R5 to area 1.

A. R5(config-router)# area 1 stub R6(config-router)# area 1 stub B. R5(config-router)# area 1 stub no-summary R6(config-router)# area 1 stub C. R5(config-router)# area 1 nssa R6(config-router)# area 1 nssa D. R5(config-router)# area 1 nssa no-summary R6(config-router)# area 1 nssa Answer: D 283. Refer to the exhibit. Router RIP is attempting to establish BGP neighbor relationships with routers RT1 and RT3. On the basis of the information that is presented in the exhibit, which two statements are true? (Choose two)

A – RTR has a BGP set but neighbor 10.0.0.1 does not B – RTR has a BGP set but neighbor 10.0.0.5 does not C – RTR has a BGP set but neighbor 10.0.0.1 has an incorrect set D – RTR has a BGP set but neighbor 10.0.0.5 has an incorrect set E – Neighbor 10.0.0.1 has a BGP set but RTR does not F – Neighbor 10.0.0.5 has a BGP set but RTR does not Answer: A D Explanation: You can configure MD5 authentication between two BGP peers, MD5 authentication must be configured with the same on both BGP peers; otherwise, the connection between them will not be made. If a router has a configured for a peer, but the other peer does not, a message “No MD5 digest from…” will appear on the console while the routers attempt to establish a Multicast Source Discovery Protocol (MSDP) session between them. Therefore A is correct because RT1 (with an ip address of 10.0.0.1) is not configured with a . Similarly, if the two routers have different s configured, a message “Invalid MD5 digest from…” will appear on the screen. 284. Refer to the exhibit diagram and configuration. RTB is summarizing its networks from AS 64100 with the aggregate-address command. However, the show ip route command on RTA reveals the RTB individual networks as well as its summary route. Which option would ensure that only the summary route would appear in the routing table of RTA?

A – Delete the four network statements and leave only the aggregate-address statement in the BGP configuration B – Add the keyword summary-only to the aggregate-address command C – Add a static route with a prefix of 192.168.24.0 255.255.252.0 pointing to the null interface D – Create a route map permitting only the summary address Answer: B Explanation When the aggregate-address command is used within BGP routing, the aggregated address is d, along with the more specific routes. The exception to this rule is through the use of the summary-only command. The “summary-only” keyword suppresses the more specific routes and announces only the summarized route. 285. Refer to the exhibit The neighbor 10.1.1.1 weight 200 BGP configuration command has been configured on router A. What will be the result of this configuration?

A – Router A will prefer the path through router B for network 172.20.0.0 B – Router A will prefer the path through router C for network 172.20.0.0 C – Packets from router D will prefer the path through router B for networks d by router A D – Packets from router D will prefer the path through router C for networks d by router A Answer: A Explanation The weight attribute is a special Cisco attribute that is used in the path selection process when there is more than one route to the same destination. The higher the weight value, the better the path. The default weight is 0. Therefore, by configuring weight 200 to the neighbor 10.1.1.1, router A will prefer the path through router B for network 172.20.0.0 then the path through router C. The weight attribute is local to the router and not propagated to other routers. In this case the weight is local to router A so it has no effect on the decision of transferring packets from router D. 286. What technique should be used on BGP edge routers to prevent a multi-homed autonomous system from becoming a transit system? A. with a high MED value all networks that are discovered via external BGP. B. Remove the AS-Path information on all routes in the BGP table prior to advertising externally. C. Only networks externally if they have been discovered via internal BGP. D. Use an outgoing distribution list to filter all networks not originating from inside the autonomous system. E. Set the no-export community attribute on all networks that are d externally. F. Set the origin code to incomplete for all networks that are discovered via external BGP. Answer: D Explanation A transit AS is an AS that routes traffic from one external AS to another external AS. Let’s see an example below:

Suppose your company has 2 internet links to 2 different ISPs. If one connection to the ISP goes down, your traffic can be sent through the other ISP. It is a good way to make sure your company can access the internet any time. But if your routers are not configured carefully, your company AS may become a transit AS. For example, AS 65002 learned the route 10.10.10.0/24 from ISP1. If R2 s that route to ISP2 then ISP2 may use it to send traffic to that network -> your company becomes a transit AS. There are two popular ways to prevent a multi-homed autonomous system from becoming a transit system: + Use a distribute-list or filter-list to filter all networks not originating from inside the autonomous system. + Use the no-export community attribute on all networks not originating from inside the autonomous system. Answer E seems to be correct but in fact it is not because “all networks that are d externally” include networks originating from inside and outside our AS. We should only filter networks originating from outside our AS. In some cases, the routers in our company may some internal networks (for remote access, for example). 287. Refer to the exhibit. By default, when RTB es BGP ments from RTA about network 192.168.2.0 to RTC, what address will be listed as the next-hop address?

A. 10.1.1.1 B. 10.1.1.2 C. 192.168.1.49 D. 192.168.1.50 Answer: D Explanation This is a rule for BGP ment: “For EBGP, the next hop is always the IP address of the neighbor specified in the neighbor command. For IBGP, the protocol states that the next hop d by EBGP should be carried into IBGP“. In this case, when RTA (in AS 65000, which is an EBGP for RTB) s a route to RTB, it specifies its interface (192.168.1.50) as the next-hop. But when RTB es this ment to RTC, it specifies RTA interface (also 192.168.1.50) as the next-hop (IBGP). This can cause some routing failures because if RTC does not know a way to reach RTA interface via IGP (OSPF, EIGRP…), it will drop that packet. To fix this problem, add the “neighbor 10.1.1.2 next-hop-self” command under BGP mode in RTB. 288. Refer to the exhibit. It is desired to set up a BGP neighbor relationship between routers R1 and R4. BGP packets between them could travel through R2 or R3. What is the simplest configuration that will allow for failover?

A. Configure BGP neighbor relationships between all interfaces on R1 and R4. B. Install a direct connection between R1 and R4. C. Configure loopback interfaces on R1 and R4 to provide the update source address for BGP packets. D. Configure only one neighbor relationship between R1′s 192.168.1.2 interface and R4′s 172.16.10.2 interface. Answer: C Explanation Assume R4 only uses this configuration: R4(config)#router bgp 65000 R4(config-router)#neighbor 192.168.1.2 remote-as 65000 Then if R1 sends BGP packets to R4 via R3, the source IP address of the packets is 192.168.2.2. But R4 does not recognize this IP address because 192.168.2.2 is not configured in the “neighbor” command of R4. Therefore the IBGP session between R1 & R4 is not established -> these packets will be dropped. The simplest configuration to allow R1 and R4 communicate via both R2 & R3 is to use a loopback interface address rather than a physical interface address as the source IP address for all BGP packets. To do this, use the command: R4(config-router)#neighbor 1.1.1.1 update-source loopback0 (In which 1.1.1.1 is the loopback interface of R1). In practical, we should establish neighborship with the loopback interface rather than the physical interface because if the physical interface goes down, the neighborship would be lost while a loopback interface never goes down. Also, when configuring “1.1.1.1″ as the neighbor, you must configure on R1 the “neighbor 4.4.4.4 update-source loopback0” command so that the source IP address of packets sent from R1 (loopback0 – 1.1.1.1) will be matched with the neighbor command configured on R4.

289. Refer to the exhibit. Network 10.0.0.0/8 is being d to autonomous system 65550 via both external links. Which statement about the preferred path to the 10.0.0.0/8 network is true?

A. Router R1 will be preferred because its neighbor has the higher autonomous system number. B. Router R1 will be preferred because it has the lower neighbor IP address. C. Router R1 will be preferred because it has a lower local preference. D. Router R2 will be preferred because its neighbor has a lower autonomous system number. E. Router R2 will be preferred because it has the higher neighbor IP address. F. Router R2 will be preferred because it has a higher local preference. Answer: F Explanation Local preference is an indication to the AS about which path has preference to exit the AS in order to reach a certain network. A path with a higher local preference is preferred more. The default value for local preference is 100. Unlike the weight attribute, which is only relevant to the local router, local preference is an attribute that routers exchange in the same AS. The local preference is set with the “bgp default local-preference value” command. In this case, both R1 & R2 learn about the network 10.0.0.0/8 but R2 has higher local-preference so R2 will be chosen as the preferred exit point from AS 65550. 290. Refer to the exhibit. Router RT-1 and router RT-2 both network 131.25.0.0/16 to router RT-3 via internal BGP. What is the reason that router RT-3 chose router RT-1 as its best path to network 131.25.0.0/16.

A. It s the best AS-path. B. It s the best origin code.

C. It s the best MED. D. It s the best local preference. E. It has a better router ID. F. It s a lower autonomous system. Answer: E Explanation Recall the route selection decision process in BGP: Consider only (synchronized) routes with no AS loops and a valid next hop, and then: Route selection decision process (from top to bottom) In this question… Prefer highest weight (local to router) RT-3 is not an exit point Prefer highest local preference (global within AS) same local preference of 100 Prefer route originated by the local router (next hop = 0.0.0.0) both routes are from IBGP Prefer shortest AS path same Prefer lowest origin code (IGP < EGP ) both are incomplete (EGP > IGP > Incomplete) Prefer lowest MED (exchanged between autonomous systems) both MEDs are 0 Prefer EBGP path over IBGP pathboth are IBGP Prefer the path through the closest IGP neighbor (IGP cost) not used because IBGPs are used Prefer oldest route for EBGP paths. not used Prefer the path with the lowest neighbor BGP router ID. the router-id 162.105.11.1 is lower than 165.105.3.2 Prefer the path with the lowest neighbor IP address. 291. Refer to the exhibit. Router RT-1 chooses one path to network 198.133.219.0/24. Indicate the reason Router RT-1 chooses this “best” path.

A. In making its decision about the best path, RT-1 gives precedence to the origin code. B. In making its decision about the best path, RT-1 gives precedence to the BGP MED values. C. IP address 128.107.2.2 is lower than 128.107.255.2. D. In making its decision about the best path, RT-1 prefers the IGP metrics. E. RT-1 prefers internal BGP routes. F. IP address 128.107.254.2 is lower than 128.107.255.2. Answer: A Explanation As explained above, the IGP is preferred over incomplete. 292. The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. Refer to the exhibit. Routers A and B are running BGP but the session is active. What command needs to be added to establish the BGP session?

hostname A ! interface loopback 0 ip address 10.10.10.2 255.255.255.255 !

interface serial 0/0 ip address 172.16.10.2 255.255.255.252 ! interface serial 0/1 ip address 172.16.10.5 255.255.255.252 ! router bgp 65444 neighbor 10.10.10.1 remote-as 65111 neighbor 10.10.10.1 update-source loopback 0 neighbor 10.10.10.1 ebgp-multihop A. ip route 10.10.10.1 255.255.255.255 s0/0 ip route 10.10.10.1 255.255.255.255 s0/ 1 B. no synchronization C. network 10.10.10.0 D. neighbor 10.10.10.1 next-hop-self Answer: A Explanation In this case we want to achieve load balancing so the loopback interface must be used to establish neighborship. If we check the routing table of router A, we will see that there is no entry for the remote network 1.1.1.1/32 -> router A does not know how to reach the loopback interface on router B -> a T session can’t be established to router B. Therefore we need to tell router A a way to reach router B. 293. Refer to the exhibit. Autonomous systems 200 and 300 have EBGP sessions established with their directly connected routers in autonomous system 100. IGP has been configured on all routers in autonomous system 100 and they successfully exchange routing updates. Traffic originated in autonomous system 200 cannot reach the destination autonomous system 300. What configuration should be done on the routers in autonomous system 100 in order for the traffic coming from autonomous system 200 to be forwarded to autonomous system 300?

A. IBGP session must be established between routers R1 and R3, and the synchronization must be turned on. B. IBGP session must be established between routers R1 and R3, and the synchronization must be turned off. C. IBGP session must be established between routers R1 R2 and R2 R3. and the synchronization must be turned on. D. IBGP session must be established between routers R1 R2 and R2 R3, and the synchronization must be turned off. E. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned on. F. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned off. Answer: F Explanation The synchronization rule states that if an AS provides transit service to another AS, BGP should not a route until all of the routers within the AS have learned about the route via an IGP. To understand why this rule exists, let’s take an example if this rule is not there.

Suppose Rt-A wants RT-B to access its local LAN 1.1.1.0, so it s this network through R1. R1 and R3 are running IBGP so R1 sends this update to R3 through R2 (using the next-hop-self to use its own interface’s IP address). In turn, R3 announces to RT-B that it can reach 1.1.1.0 via R3. Now Rt-B really wants to send traffic to 1.1.1.0 so it will send to R3. R3 does a look up and sees that the network can be reachable via R1. It then does a lookup for R1′s IP address and sees that it is reachable via R2 -> so it forwards packets to R2. But R2, running IGP (like OSPF), does not find an entry for 1.1.1.0 so R2 drops all the packets for that network – a black-hole is created! That is why the BGP synchronization rule is born. With this rule, when R3 receives an ment for 1.1.1.0 from R1, it adds that route to its BGP table and before sending ment to RT-B, it first checks its IGP routing table to see whether an entry exists for that route. In this example, R3′s IGP routing table does not know how to reach 1.1.1.0 so R3 will not this network to RT-B. This route is only d to RT-B when IGP makes an entry in the routing table for 1.1.1.0. Well, now you understand the importance of BGP Synchronization rule but now I wish to explain why this rule causes trouble in fully-meshed IBGP!

Synchronization prevents fully-meshed IBGP from working properly. Because no IGP is running so R3 cannot any route to RT-B even if no black-hole exists in this topology. Note: A “fully-meshed” can be a physical fully-meshed topology or a topology where all routers in the same AS established IBGP connections with each other (although they do not need to be directly connected). So in the topology above, the connection between R1 & R3 is represented by a dashed line, which means it can be physically connected or not (but an IBGP connection must be established on both routers). Therefore if all routers in AS 100 is fully-meshed, the synchronization rule must be turned off -> F is correct. 294. Which BGP option is required when load sharing over multiple equal-bandwidth parallel links from a single CE router to a single ISP router over eBGP? A. eBGP Multipath B. eBGP Multihop C. BGP Synchronization D. Public AS numbers Answer: B Explanation The eBGP multihop allows a neighbor connection between two external peers that do not have direct connection. The multihop is only for eBGP and not for iBGP. For example, in the topology below router A wants to establish neighbor

relationship with the loopback0 of router B (to allow load balancing), which does not have direct connection so it must use “ebgp-multihop”

For your reference, the full configurations of both router A & B are shown below: A# int loopback 0 ip address 10.10.10.2 255.255.255.255 router bgp 1 neighbor 10.10.10.1 remote-as 2 neighbor 10.10.10.1 ebgp-multihop neighbor 10.10.10.1 update-source loopback 0 network 10.10.10.2 mask 255.255.255.255 ip route 10.10.10.1 255.255.255.255 172.16.10.1 ip route 10.10.10.1 255.255.255.255 172.16.10.6 B# int loopback 0 ip address 10.10.10.1 255.255.255.255 router bgp 2 neighbor 10.10.10.2 remote-as 1 neighbor 10.10.10.2 ebgp-multihop neighbor 10.10.10.2 update-source loopback 0 network 10.10.10.1 mask 255.255.255.255 ip route 10.10.10.2 255.255.255.255 172.16.10.2 ip route 10.10.10.2 255.255.255.255 172.16.10.5 Note: If router B wants to establish neighbor relationship with the directly connected interface of router A, it only needs these commands: B# router bgp 2 neighbor 172.16.10.2 remote-as 1 But notice the traffic from router B would be sent to 172.16.10.2 interface only and load balancing would not take place. 295. Refer to the exhibit. On the basis of the configuration that is provided, how would the BGP updates that come from router R1 be replicated inside autonomous system 65200?

A. All BGP updates that are received on router R2 will be sent to routers R3 and R4. Routers R3 and R4 will then forward those BGP updates to router R5. B. All BGP updates that are received on router R2 will not be sent to routers R3 and R4.

C. All BGP updates that are received on router R2 will be sent directly to router R5. D. None of the BGP updates that are received on router R2 will ever be received by router R5. Answer: D Explanation All BGP updates that are received on router R2 will be sent to routers R3 and R4 but R3 & R4 will not forward those BGP updates to R5. This is called the BGP split-horizon rule (which states that a route learned from one IBGP neighbor will not be d to another IBGP neighbor) -> A is not correct. The BGP updates received on router R2 will be sent to R3 and R4 without violating the BGP split-horizon rule because R2 receives updates from an EBGP (R1), not IBGP -> B is not correct. From the configuration of R2, we learn that R2 did not establish neighbor relationship with R5 so they are not neighbors -> no BGP updates will be sent from R2 to R5 -> C is not correct. The BGP split-horizon rule prevents updates received on R2 from being sent to R5 -> D is correct. 296. Why should iBGP sessions be fully meshed within a Transit AS? A. BGP requires redundant T sessions between iBGP peers. B. A full mesh allows for optimal routing within the Transit AS. C. Routes learned via iBGP are never propagated to other eBGP peers. D. Routes learned via iBGP are never propagated to other iBGP peers. E. Routes learned via eBGP are never propagated to other iBGP peers. Answer: D Explanation BGP split-horizon rule states that a route learned from one IBGP neighbor will not be d to another IBGP neighbor so IBGP sessions should be fully meshed. For example in the topology below, routes learned from R1 about AS 200 will be d to R2. For R2, the route learned from R1 is a route learned from one IBGP neighbor so R2 will not this route to R3 and AS 100 can never be a transit AS -> IBGP sessions should be fully meshed within a transit AS -> D is correct.

297. Observe the diagram. RTC is the hub router and RTA and RTB are the spokes. There are no virtual circuits between the spoke locations. What is needed to successfully route traffic to the 11.11.11.0/24 network from RTA?

A. The neighbor 10.10.10.1 next-hop-self command on RTA. B. The neighbor 10.10.10.1 next-hop-self command on RTB. C. The neighbor 10.10.10.1 next-hop-self command on RTC. D. Nothing is required. This is the default behavior on this topology. Answer: C Explanation The next-hop-self command must be used on RTC to specify RTC’s IP address as the source address in the packets sent to RTB (and RTB knows how to reach RTC but it does not know how to reach RTA).

298. Refer to the exhibit. Currently the two eBGP links between AS100 and AS200 have an average inbound load of 65% and 20% respectively. After further investigation, traffic to 10.10.1.16/28 s for 45%, and traffic to 10.10.1.32/28 and to 10.10.1.48/28 each for 20% of the inbound load. The BGP attributes are currently set at their default values in both autonomous systems. If you want to influence how AS200 sends traffic to AS100, which eBGP configurations would you configure in AS100 to influence AS200 to use the eBGP links more evenly? (Choose two.)

A. neighbor 192.168.30.2 route-map as_50 out B. neighbor 192.168.20.2 route-map as_50 out C. route-map as_50 permit 10 match ip address 50 set metric 150 access-list 50 permit 10.10.1.16 0.0.0.240 D. route-map as_50 permit 10 match ip address 50 set metric 150 access-list 50 permit 10.10.1.32 0.0.0.240 Answer: B D Explanation Note: The wildcard masks in the access-list are not correct, they should be 0.0.0.15 instead of 0.0.0.240. First let’s recall about MED. If you want to influence external neighbors about the path it sends traffic then MED, also called the metric, should be used. A lower MED value is preferred over a higher value. The default MED value is 0. Also, an important point I wish to notice in this question is: for Policy-based routing, if no match is made, the packets are forwarded normally via the routing table. In answer C & B (combined), the MED for prefix 10.10.1.16/28 through router A is set to 150. This would make traffic for this route (45%) go through router B (because the MED default value is 0, which is lower than 150). Since the access-list will also NOT match prefixes: 10.10.1.32/28 & 10.10.1.48/28 – traffic for these two prefixes will be forwarded just normally (via the routing table) -> Traffic for prefix: 10.10.1.32/28 will continue to go via the upper E-A link (now just 20% total load), while traffic for prefixes 10.10.1.16/28 and 10.10.1.48/28 will be going through the lower F-B link (now 65% total load) -> Original unbalanced (65/20) load is maintained, although it has been reversed between the upper (A-E) and lower (B-F) link -> C is not correct. For more information about Policy-based routing matches you can read this article: http://www.ciscopress.com/articles/article.asp?p=426637&seqNum=2 If answer D is applied for router A, the MED for 10.10.1.32 set to 150 would make traffic for this route go through router B (because the MED default value is 0, which is lower than 150). So router A will be responsible for 45% traffic and router B will receive 40% traffic -> D is correct. 299. Refer to the exhibit. A client has asked you to consult on an eBGP loading question. Currently the AS 100 eBGP links have an average outbound load of 65% and 20% respectively. On further investigation, traffic from 10.10.24.0 s for 45%, and 10.10.25.0 and 10.10.32.0 s for 20% each of the outbound load. The customer wants to spread the load between the two eBGP links more evenly. The BGP attributes are currently set at their default values. If you are located at AS 100 and want to influence how AS 100 sends traffic to AS 200, what BGP attribute could you configure to cause AS 100 outbound traffic to load the eBGP links more evenly?

A. On router A, set the default local-preference to 50. B. On router B, set the default metric to 150. C. On router B, configure a route map for 10.10.25.0/24 with a local preference of 150 linked to neighbor 192.168.30.2. D. On router B, set the default local-preference to 150. Answer: C Explanation To make the eBGP links more evenly we should use the link B-F for network 10.10.25.0/24 so that the total traffic going through B-F link is about 40%. In this case we should apply a route map on B to set the local preference of 10.10.25.0/24 to a higher value than 100. But notice that we must use a second clause to permit other traffic if not they will be filtered out. Note: The default value for local preference is 100. A path with higher local preference is preferred. 300. Refer to the exhibit. What will RTB do with a packet sourced from within AS 64200 with a destination address of 192.168.25.1?

A. It will be dropped because network 192.168.25.0 is not in the RTA routing table. B. It will be dropped because network 192.168.25.0 is not in the RTB routing table. C. It will be forwarded to the null 0 interface of RTB and dropped. D. It will be forwarded to the RTB 192.168.25.0 network. Answer: D Explanation First I want to make it clear that the above configuration belongs to RTB (with AS 64100). The “network” statement in other routing protocols (EIGRP, OSPF, RIP…) is used to enable routing protocol on the interfaces within that “network” statement. But in BGP, the function of a network statement is to tell the router to search the IP routing table for a particular network, and if that network is found, originate it into the BGP database. But notice that you must have an exact match in the IP routing table to appear the network in the BGP routing table (in this case we don’t see the autosummary command so we suppose it is disabled in this case). For example: + network 10.10.10.0/8 will appear in BGP if network 10.10.10/8 appears in the IP routing table. + network 10.10.10.0/24 will appear in BGP if network 10.10.10.0/24 appears in the IP routing table. Therefore, in this question the static route “ip route 192.168.24.0 255.255.252.0 null0″ was used to put a route to 192.168.24.0/22 into the routing table (although it points to Null0 but this command really makes that route appears in the routing table). Notice this network 192.168.24.0/22 also coverts network 192.168.25.0 -> RTB will forward that packet to 192.168.25.0 network. 301. Refer to the exhibit. All routers are configured for BGP. EBGP routes received on router R2 show up in the BGP table on routers R1 and R3 but not in their IP routing table. What would cause this? (Choose two)

A. Synchronization in autonomous system 100 is turned is on. B. Synchronization in autonomous system 100 is turned is off. C. EBGP multihop is not configured on routers R1 and R3. D. Routers R1 and R3 do not receive the same routes via an IGP. E. The BGP routers in autonomous system 100 are not logically fully-meshed. Answer: A D Explanation The synchronization rule states BGP should not a route until all of the routers within the AS have learned about the route via an IGP so in this case if R1 and R3 have not learned that route via IGP, they cannot appear in their routing tables. 302. Refer to exhibit. RA (DR) failed, and after 10 minutes it came back. Which two statements are true? (Choose two)

A. RA is a DR B. RA is a BDR C. RA is a DROTHER D. RB is a DR E. RB is a BDR F. RC is a DROTHER Answer: C D(?) Explanation This question is missing some information. We don’t know before RA failed, who the BDR was. Suppose RB was the BDR before RA failed then RB would be the DR even when RA comes back. When RA comes back, its segment has both DR and BDR elected so RA will take the DROTHER role -> C is correct but D is missing information. 303. Refer to the exhibit. VLAN 1 and VLAN 2 are configured on the trunked links between Switch A and Switch B. Port Fa 0/2 on Switch B is currently in a blocking state for both VLANs. What should be done to load balance VLAN traffic between Switch A and Switch B?

A. Lower the port priority for VLAN 1 on port 0/1 for Switch A. B. Lower the port priority for VLAN 1 on port 0/2 for Switch A. C. Make the bridge ID of Switch B lower than the ID of Switch A. D. Enable HSRP on the access ports. Answer: B Explanation Please read the explanation of Question 3 in http://www.certprepare.com/vlan-questions-4. In general, lower the port priority for VLAN 1 will lower the Root Bridge ID for port Fa0/2 on Switch A -> traffic for VLAN 1 will flow via Fa0/2 link. 304. Refer to the exhibit and the show interfaces fastethernet0/1 switchport outputs. s in VLAN 5 on switch SW_A complain that they do not have connectivity to the s in VLAN 5 on switch SW_B. What should be done to fix the problem?

A. Configure the same number of VLANs on both switches. B. Create switch virtual interfaces (SVI) on both switches to route the traffic. C. Define VLAN 5 in the allowed list for the trunk port on SW_A. D. Disable pruning for all VLANs in both switches. E. Define VLAN 5 in the allowed list for the trunk port on SW_B. Answer: C Explanation SW_A is missing VLAN 5 in the “Trunking VLANs Enabled”, that means the trunk link currently does not accept traffic from VLAN 5 to be sent on the link. 305. Two switches SA and SB are connected as shown below. Given the below partial configuration, which two statements are true about VLAN traffic? (Choose two)

A – VLANs 1-5 will be blocked if fa0/10 goes down. B – VLANs 6-10 have a port priority of 128 on fa0/10. C – VLANs 6-10 will use fa0/10 as a backup only. D – VLANs 1-10 are configured to load share between fa0/10 and fa0/12. Answer: C D Explanation: Let’s assume that SA is the root bridge for all VLANs, it will make the explanation a bit clearer… First we should understand what will happen if nothing is configured (use default values). Because we assumed that SA is the root bridge so all of its ports will forward. SB will need to block one of its ports to avoid a bridging loop between the two switches. But how does SB select its blocked port? Well, the answer is based on the BPDUs it receives from SA. A BPDU is superior than another if it has:

1. A lower Root Bridge ID 2. A lower path cost to the Root 3. A lower Sending Bridge ID 4. A lower Sending Port ID These four parameters are examined in order. In this specific case, all the BPDUs sent by SA have the same Root Bridge ID, the same path cost to the Root and the same Sending Bridge ID. The only parameter left to select the best one is the Sending Port ID (Port ID = port priority + port index). If using default values, the default port priority’s value is 32 or 128 (128 is much more popular today but 32 is also a default port priority’s value), so SB will compare port index values, which are unique to each port on the switch, and because Fa0/12 is inferior to Fa0/10, SB will select the port connected with Fa0/10 (of SA) as its root port and block the other port.

To change the default decision of selecting root port, we can change the port priority of each interface. The above picture is true for VLAN 1-5 because port Fa0/10 has a lower port-priority so the peer port will be chosen as the root port. For VLAN 610, port Fa0/12 has higher priority ID (lower port priority value) so SB will block its upper port. For answer A – “VLANs 1-5 will be blocked if fa0/10 goes down” – is not correct because if Fa0/10 goes down, SB will unblock its lower port therefore VLANs 1-5 will still operate. For answer B – “VLANs 6-10 have a port priority of 128 on fa0/10″ – is not always correct because VLAN 6-10 can have a different port priority (of 32) according to the Cisco’s link below. Answer C is correct because VLAN 6-10 uses Fa0/12 link as it main path. Fa0/10 is the backup path and is only opened when port Fa0/12 fails. Answer D is correct because this configuration provide load-balance traffic based on VLAN basis. VLANs 1-5 use Fa0/10 and VLANs 6-10 use Fa0/12 as their main paths. Note: We can not assure the answer B is always correct so we should choose C and D if the question asks us to give only 2 choices). 306. You ister the network shown above. You issue the show interfaces trunk command on SwitchA and receive the following output:

Which of the following statements is true regarding VLAN 32? A. VLAN 32 is not allowed on the trunk port. B. VLAN 32 is not active on the switch. C. Traffic from VLAN 32 is not being sent over the trunk port. D. Traffic from VLAN 32 is not restricted to only the trunk ports that require it. Answer: C Explanation In the “Vlans in spanning tree forwarding state and not pruned” VLAN 32 is not listed so we can conclude it is not in forwarding state or it is pruned. But with the above topology STP cannot block any port so we can deduce it is pruned. 307. Refer to the exhibit.

The link between switch SW1 and switch SW2 is configured as a trunk, but the trunk failed to establish connectivity between the switches. Based on the configurations and the error messages received on the console of SW1, what is the cause of the problem? A. The two ends of the trunk have different duplex settings. B. The two ends of the trunk have different EtherChannel configurations. C. The two ends of the trunk have different native VLAN configurations. D. The two ends of the trunk allow different VLANs on the trunk. Answer: C Explanation As you can see in the configuration of two switches, the native VLAN on SW1 is set to 1 while the native VLAN on SW2 is set to 2. This will cause a “native VLAN mismatch” error and it looks like this: #CDP-4-NATIVE VLAN_MISMATCH: Native VLAN mismatch discovered on Fa0/1 … the native VLAN must match on both sides of the trunk link for 802.1Q; otherwise the link will not work. Also, Spanning Tree Protocol (STP) will place the port in a port VLAN ID (PVID) inconsistent state and will not forward on the link. 308. Given the configurations on SwitchA and SwitchB, which two statements are true? (Choose two)

A. The trunk is currently using the ISL trunking protocol B. The trunk is currently using the 802.1q trunking protocol C. By default, the trunk can only one VLAN, and only that single VLAN is transmitted across the trunk D. By default all VLANs will be transmitted across this trunk E. By default, SwitchA and SwitchB’s FastEthernet 0/1 port will not generate DTP messages Answer: B D Explanation The command “switchport trunk encapsulation dot1q” sets the trunking encapsulation format to IEEE 802.1Q-> B is correct. By default all VLANs are allowed to transmitted across the trunk -> D is correct. Note: The “switchport mode trunk” command enables trunking on the interface. 309. Given the configurations on SwitchA and SwitchB, which statement is true?

A. The link is set to auto-negotiate trunking, and it will automatically become a trunk link unless configured otherwise B. The link is a trunking link and by default all VLANs will be transmitted across this link C. The link is prevented from generating DTP frames, turning the Negotiation of Trunking off D. The link is not a trunk link so both interfaces must be on the same VLAN and only that single VLAN is transmitted across the link

Answer: D 310. Study the diagram below carefully, which three statements are true? (Choose three)

A – DTP packets are sent from Switch SB. B – DTP is not running on Switch SA. C – A trunk link will be formed. D – The native VLAN for Switch SB is VLAN 1. Answer: A C D Explanation: Dynamic Trunking Protocol (DTP) is the Cisco-proprietary that actively attempts to negotiate a trunk link between two switches. If an interface is set to switchport mode dynamic desirable, it will actively attempt to convert the link into trunking mode. If the peer port is configured as switchport mode trunk, dynamic desirable, or dynamic auto mode, trunking is negotiated successfully -> C is correct. SB is in “dynamic desirable” mode so it will send DTP packets to SA to negotiate a trunk link -> A is correct. On an 802.1Q trunk, DTP packets are sent on the native VLAN. By default, it is VLAN 1 (notice that SA’s native VLAN is 5) -> D is correct. (Note: an 802.1Q trunk’s native VLAN is the only VLAN that has untagged frames) Below is the switchport modes for easy reference: Mode Function Dynamic Auto Creates the trunk based on the DTP request from the neighboring switch. Dynamic Desirable Communicates to the neighboring switch via DTP that the interface would like to become a trunk if the neighboring switch interface is able to become a trunk. Trunk Automatically enables trunking regardless of the state of the neighboring switch and regardless of any DTP requests sent from the neighboring switch. Access Trunking is not allowed on this port regardless of the state of the neighboring switch interface and regardless of any DTP requests sent from the neighboring switch. Nonegotiate Prevents the interface from generating DTP frames. This command can be used only when the interface switchport mode is access or trunk. You must manually configure the neighboring interface as a trunk interface to establish a trunk link. 311. When is a BGP route invalid The next-hop must be accessible and reachable for a path to a BGP network to be valid. 312. What exactly is a control plane ? Other control plane protocols (BGP, OSPF, LDP, LA, BFD ...) are more clear-cut – they run between individual network devices (usually adjacent, but there’s also targeted LDP and multihop BGP) and could be (at least in theory) made to run across a separate control plane network (or VRF). Control plane protocols usually run over data plane interfaces to ensure shared fate – if the packet forwarding fails, the control plane protocol fails as well – but there are scenarios (example: optical gear) where the data plane interfaces cannot process packets, forcing you to run control plane protocols across a separate set of interfaces. Typical control plane protocols aren’t data-driven: BGP, LA or BFD packet is never sent as a direct response to a data plane packet. ICMP is different: some ICMP packets are sent as replies to other ICMP packets, others are triggered by data plane packets (ICMP unreachables and ICMPv6 neighbor discovery). Trying to classify protocols based on where they’re run is also misleading. It’s true that the networking device U almost always generates ICMP requests and responses (it doesn’t make sense to spend silicon real estate to generate ICMP responses). In some cases, ICMP packets might be generated in the slow path, but that’s just how a particular network operating system works. Let’s ignore those dirty details for the moment; just because a device’s U touches a packet doesn’t make that packet a control plane packet. Vendor terminology doesn’t help us either. Most vendors talk about Control Plane Policing or Protection, equating control plane with the device U – these mechanisms usually apply to control plane protocols as well as data plane packets punted from ASICs to the U. Even IETF terminology isn’t exactly helpful – while C in ICMP does stand for Control, it doesn’t necessarily imply control plane involvement. ICMP is simply a protocol that es control messages (as opposed to data) between IP devices.

313. Study the exhibit carefully. Both host stations are part of the same subnet but are in different VLANs. On the basis of the information presented in the exhibit, which statement is true about an attempt to ping from host to host?

A – Layer 3 device is needed for the ping command to be successful. B – A trunk port will need to be configured on the link between SA and SB for the ping command to be successful. C – The two different hosts will need to be in the same VLAN in order for the ping command to be successful. D – The ping command will be successful without any further configuration changes. Answer: D Explanation: For two hosts in different VLANs, we must use a layer 3 device to transport packages between them. However, in this case both switches are set in “access” mode therefore the VLAN information sent between them will be set as untagged. Moreover, they are in the same subnet so they can ping each other without a layer 3 device. 314. Based on the following exhibit, which problem is preventing s on VLAN 100 from pinging addresses on VLAN 200?

A – Native VLAN mismatch. B – Subinterfaces should be created on Fa0/7 and Fa0/8 on DLS1. C – Trunking needs to be enabled. D – The ip routing command is missing on DLS1. Answer: D Explanation:

To allow communication between two VLANs, we need to enables Layer 3 routing on the switch with the “ip routing” command. Some flatforms are enabled by default but some are not. 315. Based on the network diagram and routing table output in the exhibit, which one of these statements is true?

A – InterVLAN routing has been configured properly, and the workstations have connectivity to each other. B – InterVLAN routing will not occur since no routing protocol has been configured. C – Although interVLAN routing is not enabled, both workstations will have connectivity to each other. D – Although interVLAN routing is enabled, the workstations will not have connectivity to each other. E – None of the above. Answer: A Explanation: In the output we can see both VLAN10 and VLAN20 are shown up (as networks 10.1.1.0 and 10.2.2.0) so the routing has been configured properly. Notice that the “C” letter indicates that these networks are directly connected with the router. 316. Study the following exhibit carefully, what is the reason that s from VLAN 100 can’t ping s on VLAN 200?

A – IP routing needs to be enabled on the switch B – Trunking needs to be enabled on Fa0/1

C – VLAN 1 needs the no shutdown command D – The native VLAN is wrong Answer: B Explanation: The Fa0/1 interface on the switch is not configured with trunking mode. It needs to be configured as shown below: SA(config)#interface Fa0/1 SA(config-if)#switchport mode trunk SA(config-if)#switchport trunk encapsulation dot1q 317. Refer to the exhibit.

Host A and Host B are connected to the Cisco Catalyst 3550 switch and have been assigned to their respective VLANs. The rest of the 3550 configuration is the default configuration. Host A is able to ping its default gateway, 10.10.10.1, but is unable to ping Host B. Given the output in the exhibit, which statement is true? A. HSRP must be configured on SW1. B. A separate router is needed to inter-VLAN routing. C. Interface VLAN 10 must be configured on the SW1 switch. D. The global configuration command ip routing must be configured on the SW1 switch. E. VLANs 10 and 15 must be created in the VLAN database mode. F. VTP must be configured to inter-VLAN routing. Answer: D Explanation To enable routing on a Layer 3 switch first we have to use the ip routing command. From the output of “show vlan brief” command above, we learn that ports connected to hosts have been configured as access ports and assigned to VLAN 10 & 15. The missing thing here is only the “ip routing” command. Below lists the full configuration so that these two hosts can communicate. ip routing ! interface FastEthernet0/10 switchport access vlan 10 switchport mode access ! interface FastEthernet0/15 switchport access vlan 15 switchport mode access ! interface Vlan10 ip address 10.10.10.1 255.255.255.0 ! interface Vlan15 ip address 10.15.15.1 255.255.255.0 318. Which two steps are necessary to configure inter-VLAN routing between multilayer switches? (Choose two) A. Configure a dynamic routing protocol. B. Configure SVI interfaces with IP addresses and subnet masks. C. Configure access ports with network addresses. D Configure switch ports with the autostate exclude command. E. Document the MAC addresses of the switch ports. Answer: A B

Explanation A multilayer switch can use a switched virtual interface (SVI) to provide inter-VLAN routing rather than use an external router. Below is a simple example of using SVIs to configure inter-VLAN routing on a Layer 3 switch.

ip routing ! interface FastEthernet0/1 switchport access vlan 10 switchport mode access ! interface FastEthernet0/2 switchport access vlan 20 switchport mode access interface Vlan10 ip address 192.168.10.1 255.255.255.0 ! interface Vlan20 ip address 192.168.20.1 255.255.255.0 (In fact we need to configure two more interfaces so that all hosts can communicate) Also, the above configuration is only for a single multilayer switch. If we enable interVLAN-routing between two multilayer switches, a routing protocol needs to be used. 319. Refer to the exhibit

For the configuration shown, which is the recommended method of providing inter VLAN routing? A. Determine which switch is the root bridge then connect a router on a stick to it B. Configure SVIs on the core switches C. Configure SVIs on the distribution switches D. Configure SVIs on the access layer switches Answer: C Explanation We can configure SVIs on Multilayer switches to use as the default gateways or Layer 3 routing for the devices connected to SA1 & SA2. 320. Refer to the exhibit. Initially, LinkA is connected and forwarding traffic. A new LinkB is then attached between SwitchA and HubA. Which two statements are true about the possible result of attaching the second link? (Choose two)

A. The switch port attached to LinkB will not transition to up.

B. One of the two switch ports attached to the hub will go into blocking mode when a BPDU is received. C. Both switch ports attached to the hub will transition to the blocking state. D. A heavy traffic load could cause BPDU transmissions to be blocked and leave a switching loop. E. The switch port attached to LinkA will immediately transition to the blocking state. Answer: B D Explanation we know that there will have only one Designated port for each segment (notice that the two ports of SwitchA are on the same segment as they are connected to a hub). The other port will be in Blocking state. But how does SwitchA select its Designated and Blocking port? The decision process involves the following parameters inside the BPDU: * Lowest path cost to the Root * Lowest Sender Bridge ID (BID) * Lowest Port ID In this case, both interfaces of SwitchA have the same “path cost to the root” and “sender bridge ID” so the third parameter “lowest port ID” will be used. Suppose two interfaces of SwitchA are fa0/1 & fa0/2 then SwitchA will select fa0/1 as its Designated port (because fa0/1 is inferior to fa0/2) -> B is correct. Suppose the port on LinkA (named portA) is in forwarding state and the port on LinkB (named portB) is in blocking state. In blocking state, port B still listens to the BPDUs. If the traffic ing through LinkA is too heavy and the BPDUs can not reach portB, portB will move to listening state (after 20 seconds for STP) then learning state (after 15 seconds) and forwarding state (after 15 seconds). At this time, both portA & portB are in forwarding state so a switching loop will occur -> D is correct. 321. Refer to the exhibit. Switch S1 is running mst IEEE 802.1s. Switch S2 contains the default configuration running IEEE 802.1D. Switch S3 has had the command spanning-tree mode rapid-pvst running IEEE 802.1w. What will be the result?

A. IEEE 802.1D and IEEE 802.1w are incompatible. All three switches must use the same standard or no traffic will between any of the switches. B. Switches S1, S2, and S3 will be able to traffic between themselves. C. Switches S1, S2, and S3 will be able to traffic between themselves. However, if there is a topology change, Switch S2 will not receive notification of the change. D. Switches S1 and S3 will be able to exchange traffic but neither will be able to exchange traffic with Switch S2 Answer: B Explanation A switch running both MSTP and RSTP s a built-in protocol migration mechanism that enables it to interoperate with legacy 802.1D switches. If this switch receives a legacy 802.1D configuration BPDU (a BPDU with the protocol version set to 0), it sends only 802.1D BPDUs on that port. An MST switch can also detect that a port is at the boundary of a region when it receives a legacy BPDU, an MST BPDU (version 3) associated with a different region, or an RST BPDU (version 2). However, the switch does not automatically revert to the MSTP mode if it no longer receives 802.1D BPDUs because it cannot determine whether the legacy switch has been removed from the link unless the legacy switch is the designated switch 322. Refer to the exhibit. Switch 15 is configured as the root switch for VLAN 10 but not for VLAN 20. If the STP configuration is correct, what will be true about Switch 15?

A. All ports will be in forwarding mode. B. All ports in VLAN 10 will be in forwarding mode. C. All ports in VLAN 10 will be in forwarding mode and all ports in VLAN 20 will be in blocking mode.

D. All ports in VLAN 10 will be in forwarding mode and all ports in VLAN 20 will be in standby mode. Answer: B Explanation All ports on root bridge are designated ports, which are in forwarding state but notice in this case Switch 15 is the root switch for VLAN 10 -> all ports in VLAN 10 will be in forwarding state. We can not say anything about the modes of ports of Switch 15 in other VLANs. 323. Refer to the exhibit. STP has been implemented in the network. Switch SW_A is the root switch for the default VLAN. To reduce the broadcast domain, the network decides to split s on the network into VLAN 2 and VLAN 10. The issues the command spanning-tree vlan 2 root primary on switch SW_A. What will happen as a result of this change?

A. All ports of the root switch SW_A will remain in forwarding mode throughout the reconvergence of the spanning tree domain. B. Switch SW_A will change its spanning tree priority to become root for VLAN 2 only. C. Switch SW_A will remain root for the default VLAN and will become root for VLAN 2. D. No other switch in the network will be able to become root as long as switch SW_A is up and running. Answer: C Explanation This command sets the switch to become root for a given VLAN. It works by lowering the priority of the switch until it becomes root. Once the switch is root, it will not prevent any other switch from becoming root. In particular, if the current root bridge is greater than 24576 then our switch will drop to 24576. If the current root bridge is less than 24576, our new bridge priority will be (Priority value of the current root bridge – 4096). This command does not affect other VLAN so SW_A will remain root for the default VLAN -> C is correct. Note: This command is not shown in a Catalyst switch configuration because the command is actually a macro executing other switch commands. 324. Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on both switch S2 and S5. The global configuration command spanning-tree uplinkfast has been configured on both switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able to reach Host B?

A. Fifty percent of the traffic will successfully reach Host B, and fifty percent will dead-end at switch S3 because of a partial spanning-tree loop. B. No. Traffic will from switch S6 to S2 and dead-end at S2. C. No. Traffic will loop back and forth between switch S6 and Host A. D. No. Traffic will loop back and forth between switches S2 and S3. E. Yes. Traffic will from switch S6 to S2 to S1. Answer: E Explanation First we should understand about UpLinkFast.

Suppose S1 is the root bridge in the topology above. S3 is connected to S1 via two paths: one direct path and another goes through S2. Suppose the port directly connected to S1 is root port -> port connected to S2 will be in Blocking state. If the primary link goes down, the blocked port will need about 50 seconds to move from Blocking -> Listening -> Learning -> Forwarding to be used. To shorten the downtime, a feature called Uplink Fast can be used. When the primary (root) link fails, another blocked link can be brought up immediately for use. When UplinkFast is enabled, it is enabled for the entire switch and all VLANs. It cannot be enabled for individual VLANs. In this question, the Root Guard feature has been enabled on Gi0/0 of S2 & S5 so these two Gi0/0 ports cannot be root ports and cannot forward traffic -> the link between S2 & S6 must be used. Note: The idea of Uplink Fast is based on blocked ports which are possible to become a root port. Therefore the Uplink Fast feature is not allowed on the root bridge -> S2 & S5 cannot be root bridges in this case. 325. Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on both switch S2 and S5. The global configuration command spanning-tree uplinkfast has been configured on both switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able to reach Host B?

A. Yes. Traffic can either from switch S6 to S3 to S2 to S1, or, from switch S6 to S5 to S2 to S1. B. No. Traffic will from switch S6 to S5 and dead-end at interface Gi0/0. C. No. Traffic will loop back and forth between switch S5 and S2. D. Yes. Traffic will from switch S6 to S3 to S2 to S1. E. No. Traffic will either from switch S6 to S5 and dead-end, or traffic will from switch S6 to S3 to S2 and dead-end. Answer: D Explanation Same explanation as Question 6. When the link between S4 – S5 goes down, Gi0/0 on S5 cannot become root port because of Root Guard feature on it. But maybe Host A can’t reach host B in the first 15 seconds after the link between S4 & S5 fails by default. It is the time for S5 to clear the MAC address table (please read the explanation of Question 5 for more detail). 326. Given the diagram and assuming that STP is enabled on all switch devices, which two statements are true? (Choose two)

A. DSW11 will be elected the root bridge. B. DSW12 will be elected the root bridge.

C. ASW13 will be elected the root bridge. D. P3/1 will be elected the nondesignated port. E. P2/2 will be elected the nondesignated port. F. P3/2 will be elected the nondesignated port. Answer: A D Explanation If all the switches are turned on at the same time, DSW11 will win the election and become Root Bridge because it has lowest Bridge ID (including Bridge Priority and MAC address) so all of its ports are Designated Port (forwarding state). Also P2/1, P3/2 and P4/1 become Root Ports because they are closest to the Root Bridge (in of path cost) for each switch. P3/1 will be Nondesignated (Blocked) Port because P1/2 must be a Designated Port (of course P1/2 s better BPDU, in other words better Bridge ID, than P3/1).

327. Refer to the exhibit. The service provider wants to ensure that switch S1 is the root switch for its own network and the network of the customer. On which interfaces should root guard be configured to ensure that this happens?

A. interfaces 1 and 2 B. interfaces 1,2,3, and 4 C. interfaces 1, 3, 5, and 6 D. interfaces 5 and 6 E. interfaces 5, 6, 7, and 8 F. interfaces 11 and 12 Answer: D Explanation Let’s see what will happen if we set port 5 & 6 as “root guard” ports: First, notice that the “root guard” command cannot be used on root switch (because this command is based on blocked port – while a root switch can’t have a blocked port -> two middle switches cannot become root bridges. Moreover, the neighbor switch which has its port connected with this “root guard” port can’t be the root bridge. For example if we configure port 6 as “root guard” port, the left-bottom switch (the switch with ports 3, 4) can’t be root bridge because that will make port 6 root port. Therefore by configuring port 5 & 6 as “root guard” ports, two switches in the “Customer network” cannot become root bridge. 328. A port in a redundant topology is currently in the blocking state and is not receiving BPDUs. To ensure that this port does not erroneously transition to the forwarding state, which command should be configured to satisfy the requirement? A. Switch(config)#spanning-tree loopguard default B. Switch(config-if)#spanning-tree bpdufilter C. Switch(config)#udld aggressive D. Switch(config-if)#spanning-tree bpduguard Answer: A Explanation Loop guard prevents alternate or root ports from becoming the designated port due to a failure that could lead to a unidirectional link. An example is shown below:

Suppose S1 is the root bridge. S3′s port connected with S2 is currently blocked. Because of unidirectional link failure on the link between S2 and S3, S3 is not receiving BPDUs from S2. Without loop guard, the blocking port on S3 will transition to listening (upon max age timer expiration) -> learning -> forwarding state which create a loop.n With loop guard enabled, the blocking port on S3 will transition into the STP loop-inconsistent state upon expiration of the max age timer. Because a port in the STP loop-inconsistent state will not traffic, no loop is created. The loopinconsistent state is effectively equal to the blocking state. To enable loop guard globally use the command spanning-tree loopguard default. 329.

All links in this network are layer 2, fast Ethernet 100 Mb/s and operating as trunks. After a failure, the link between ASW-1 and DSW-1 has incorrectly come back up at 10 Mb/s although it is connected. Which one of the following will occur as a result of this failure? A. There will be no change to the forwarding path to traffic from ASW-1 B. ASW1 will block Fa0/24 in order to maintain the shortest path to the root bridge DSW-1 C. ASW-1 will block Fa0/23 in order to maintain the shortest path to the root bridge DSW-1 D. ASW-1 will elect DSW-2 as the root primary since it is close than DSW-1 Answer: C Explanation The picture below shows the port roles of all ports when the topology is converged after the failure.

RP: Root Port BP: Blocked Port DP: Designated Port 330. Regarding the exhibit and the partial configuration of switch SA and SB. STP is configured on all switches in the network. SB receives this error message on the console port: 00:06:34: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/5 (not half duplex), with SA FastEthernet0/4 (half duplex), with TBA05071417(Cat6K-B) 0/4 (half duplex). What would be the possible outcome of the problem?

A – The root port on switch SB will fall back to full-duplex mode. B – The interfaces between switches SA and SB will transition to a blocking state. C – The root port on switch SA will automatically transition to full-duplex mode. D – Interface Fa0/6 on switch SB will transit to a forwarding state and create a bridging loop. Answer: D Explanation: From the output, we learned that the interfaces on two switches are operating in different duplex modes: Fa0/4 of SA in halfduplex mode & Fa0/5 of SB in full-duplex mode. In this case, because SB is operating in full duplex mode, it does not check the carrier sense before sending frames (CSMA/CD is not used in full-duplex mode). Therefore, SB can start to send frames even if SA is using the link and a collision will occur. The result of this is SA will wait a random time before attempting to transmit another frame. If B sends enough frames to A to make every frame sent from A (which includes the BPDUs) get dropped then SB can think it has lost root bridge (B does not receive BPDUs from A anymore). Therefore SB will unblock its Fa0/6 interface for transmitting and cause a bridging loop. 332. Refer to the exhibit. LA has been configured on Switch1 as shown. Which is the correct command set to configure LA on Switch2?

A. Switch2# configure terminal Switch2(config)# interface range gigabitethernet3/1 -2 Switch2(config-if)# channel-group 5 mode auto B. Switch2# configure terminal Switch2(config)# interface range gigabitethemet3/1 -2 Switch2(config-if)# channel-group 5 mode ive C. Switch2# configure terminal Switch2(config)# interface range gigabitethernet3/1 -2 Switch2(config-if)# channel-group 5 mode desirable D. Switch2# configure terminal Switch2(config)# interface range gigabitethernet3/1 -2 Switch2(config-if)# channel-group 5 mode on Answer: B Explanation LA trunking s four modes of operation, as follows: * On: The link aggregation is forced to be formed without any LA negotiation. In other words, the switch will neither send the LA packet nor process any incoming LA packet. This is similar to the on state for PAgP.

* Off: The link aggregation will not be formed. We do not send or understand the LA packet. This is similar to the off state for PAgP. * ive: The switch does not initiate the channel, but does understand incoming LA packets. The peer (in active state) initiates negotiation (by sending out an LA packet) which we receive and reply to, eventually forming the aggregation channel with the peer. This is similar to the auto mode in PAgP. * Active: We are willing to form an aggregate link, and initiate the negotiation. The link aggregate will be formed if the other end is running in LA active or ive mode. This is similar to the desirable mode of PAgP. LA does not have “auto” & “desirable” modes so A & C are not correct. Also there are only three valid combinations to run the LA link aggregate, as follows: Switch Switch Description active active Recommended active ive Link aggregation occurs if negotiation is successful. on on Link aggregation occurs without LA. Although this works, it is not recommended. Therefore if Switch1 is set “active” mode, we cannot set “on” mode on Switch2 -> D is not correct. Only answer B is suitable in this case. (Reference: http://www.cisco.com/en/US/tech/tk389/tk213/technologies_configuration_example09186a0080094470.shtml) An example of configuring Layer 2 EtherChannel using LA (applied these commands to both switches): SW(config)#interface range f0/1 – 2 SW(config-if-range)#channel-group 1 mode active 333. Refer to the exhibit. The command switchport mode access is issued on interface FastEthernet0/13 on switch CAT1. What will be the result?

A. The command will be rejected by the switch. B. Interfaces FastEthernet0/13 and FastEthemet0/14 will no longer be bundled. C. Dynamic Trunking Protocol will be turned off on interfaces FastEthernet0/13 and FastEthemet0/14. D. Interfaces FastEthernet0/13 and FastEthernet0/14 will only allow traffic from the native VLAN. E. Interfaces FastEthernet0/13 and FastEthernet0/14 will continue to traffic for VLANs 88,100,360. Answer: B Explanation The default channel protocol in Cisco switches is Port Aggregation Protocol (PAgP). PAgP groups the interfaces with the same speed, duplex mode, native VLAN, VLAN range, and trunking status and type. After grouping the links into an EtherChannel, PAgP adds the group to the spanning tree as a single switch port. An interface in the on mode that is added to a port channel is forced to have the same characteristics as the already existing on mode interfaces in the channel (applied for both PAgP & LA). So if we configure “switchport mode access” on Fa0/13, this interface will no longer be bundled with Fa0/14. 334. What is the result of entering the command “port-channel load-balance src-dst-ip” on an EtherChannel link? A. Packets are distributed across the ports in the channel based on both the source and destination MAC addresses. B. Packets are distributed across the ports in the channel based on both the source and destination IP addresses. C. Packets are balanced across the ports in the channel based first on the source MAC address, then on the destination MAC address, then on the IP address. D. Packets are distributed across the access ports in the channel based first on the source IP address and then the destination IP addresses. Answer: B

Explanation The syntax of configuring load balancing on a Cisco switch is: Switch(config)# port-channel load-balance method Many methods can be used here. By default, the “src-dst-ip” (source and destination IP address) method is used for Layer 3 switching. Let’s take an example to understand more about this method.

In the topology above, Switch1 uses the “src-dst-ip” method to load balancing traffic to Switch2. With this method, only one link is used for a specific pair of source & destination IP address and the switch uses the XOR function to generate the hash that is used to determine which interface to use. Suppose the packets have the source IP of 1.1.1.1 & destination IP of 1.1.1.2. Write them in binary we get: 1.1.1.1 = 0000 0001.0000 0001.0000 0001.0000 0001 1.1.1.2 = 0000 0001.0000 0001.0000 0001.0000 0010 In this case we have only 2 interfaces in this channel group so the XOR function only gets the last bit, which means 1 XOR 0 = 1. Each interface is assigned an index that starts from 0 so Fa0/2 will be indexed 1 -> traffic will be sent over Fa0/2. If we have 4 interfaces in a channel group then XOR function gets last 2 bits. If we have 8 interfaces, it gets 3 bits and so on. For example, with 8 interfaces the result will be 3 (because 001 XOR 010 = 011) -> Fa0/4 will be used. Note: If the two address values have the same bit value, the XOR result is always 0. If the two address bits differ, the XOR result is always 1. For example, 0 XOR 0 = 0; 0 XOR 1 = 1; 1 XOR 0 = 1; 1 XOR 1 = 0. In conclusion, the “port-channel load-balance src-dst-ip” command uses a pair of source & destination IP address to select the port to send traffic to -> B is correct. 335. Which statement is true regarding the Port Aggregation Protocol? A. Configuration changes made on the port-channel interface apply to all physical ports assigned to the portchannel interface. B. Configuration changes made on a physical port that is a member of a port-channel interface apply to the port-channel interface. C. Configuration changes are not permitted with Port Aggregation Protocol; instead, the standardized Link Aggregation Control Protocol should be used if configuration changes are required. D. The physical port must first be disassociated from the port-channel interface before any configuration changes can be made. Answer: A Explanation The port-channel interface represents for the whole bundle and all the configurations on this interface are applied to all physical ports that are assigned to this logical interface. Note: We must manually create port-channel logical interface when configuring Layer 3 EtherChannels. The port-channel logical interface is automatically created when configuring Layer 2 EtherChannels (you can’t put Layer 2 ports into a manually created port channel interface). An example of configuring Layer 3 EtherChannels with port-channel interfaces:

Switch1(config)# interface port-channel 1 Switch1(config-if)# no switchport Switch1(config-if)# ip address 192.168.1.1 255.255.255.0 Switch1(config-if)# exit Switch1(config)# interface range fastethernet0/1 -2 Switch1(config-if-range)# no switchport Switch1(config-if-range)# no ip address Switch1(config-if-range)# channel-group 1 mode desirable Switch2(config)# interface port-channel 1 Switch2(config-if)# no switchport Switch2(config-if)# ip address 192.168.1.2 255.255.255.0 Switch2(config-if)# exit Switch2(config)# interface range fastethernet0/1 -2 Switch2(config-if-range)# no switchport Switch2(config-if-range)# no ip address Switch2(config-if-range)# channel-group 1 mode auto Note: The “no switchport” command is required to change interface from layer2 to layer3 mode. 336. What is a native VLAN?

A: A native VLAN is an untagged VLAN on an 802.1q trunked switch port. If a switch receives untagged frames on a trunk port, they are assumed to be part of the VLAN that are designated on the same switch port as the native VLAN. Frames that through a switch port on the native VLAN are not tagged. 337. What is EtherChannel and is it possible to achieve load balancing using EtherChannels? A: EtherChannel is a LAN port aggregation technology which allows grouping of several physical Ethernet links to create one logical Ethernet link for the purpose of providing fault-tolerance and high-speed links between switches, routers and servers. Yes, EtherChannel s load balancing on the basis of predefined hash algorithms but you cannot control the port that a particular flow uses. The hash algorithm cannot be configured or changed to load balance the traffic among the ports in an EtherChannel. Main hash algorithms are src_ip_addr | dest_ip_addr | src_mac_addr | dest_mac_addr | src_port | dest_port} [dest_ip_addr | dest_mac_addr | dest_port. 338. What does non transitive attribute in BGP means? Weight is not a transitive attribute which means that it can’t influence the routing decision of the other routers. Same is the case for Local preference. 339. Use of access-list and route-map in BGP? The access-list will classify what prefix we want to manipulate and the route-map will tell what actions we want to do with that prefix. 340. Use of MED MED (multi-exit Discriminator) is a BGP attribute that is used to influence the other AS on how to reach the prefixes inside your own AS. The lower the MED, the higher the preference 341. Explain BGP attributes. A quick copy-and-paste summary on BGP attribute categorization. WELL-KNOWN, MANDATORY AS-path: A list of the Autonomous Systems (AS) numbers that a route es through to reach the destination. As the update es through an AS the AS number is inserted at the beginning of the list. The AS-path attribute has a reverse-order list of AS ed through to get to the destination. Next-hop: The next-hop address that is used to reach the destination. Origin: Indicates how BGP learned a particular route. There are three possible types -- IGP (route is internal to the AS), EGP (learned via EBGP), or Incomplete (origin unknown or learned in a different way). WELL-KNOWN, DISCRETIONARY Local Preference: Defines the preferred exit point from the local AS for a specific route. Atomic Aggregate: Set if a router s an aggregate causes path attribute information to be lost. OPTIONAL, TRANSITIVE Aggregator: Specifies the router ID and AS of the router that originated an aggregate prefix. Used in conjunction with the atomic aggregate attribute. Community: Used to group routes that share common properties so that policies can be applied at the group level. OPTIONAL, NON-TRANSITIVE Multi-exit-discriminator (MED): Indicates the preferred path into an AS to external neighbors when multiple paths exist. A list of path attributes is contained in BGP update messages. The attribute is variable length and consists of three fields: Attribute type consisting of a 1-byte attribute flags field and a 1-byte attribute code field, Attribute length field that is 1 or 2 bytes, and a variable length attribute value field. The attribute type codes used by Cisco are: 1-origin, 2-AS-path, 3-Next-hop, 4-MED, 5-Local preference, 6-Atomic aggregate, 7-aggregator, 8-community, 9-originator-ID, and 10-cluster list. 342. What is the command to compare start-up and running –config in router. There is a easy way though to compare the configs and the command is "show archive config differences" for the router to compare the start-up and the running-config. 343. How many BGP processes can you run in a Cisco router? You can run multiple bgp processes in single router based on router performance. 344. Into which of the BGP neighbor states must a neighbor stabilize before BGP Update messages may be sent? Established state 345. what is best way to BGP best path selection.

W L O AS O M P R

“We Love Oranges AS Oranges Mean Pure Refreshment” Weight (Highest) LOCAL_PREF (Highest) Originate (local) routes that are through the "network" command or redistributed from an IGP. AS_PATH (shortest) ORIGIN Code (IGP > EGP > Incomplete) MED (lowest) Paths (External > Internal) RID (lowest)

346. Refer the exhibit

All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP link metrics. Which two ports are in blocking state after STP converges? (Choose two) A. the port on switch SWD that connects to switch SWE B. the port on switch SWF that connects to switch SWG C. the port on switch SWD that connects to switch SWC D. the port on switch SWB that connects to switch SWD Answer: C D 347. Refer the exhibit

All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP link metrics. Which two ports are forwarding traffic after STP converges? (Choose two) A. The port connecting switch SWD with switch SWE B. The port connecting switch SWG with switch SWF C. The port connecting switch SWC with switch SWE D. The port connecting switch SWB with switch SWC Answer: C D 348. Refer to the exhibit. router ospf 100 router-id 4.4.4.4 area 110 nssa summary-address 192.168.0.0 255.255.0.0 nssa-only redistribute static metric-type 1 subnets tag 704

network 110.110.0.0 0.0.255.255 area 110 This is the configuration of the ASBR of area 110. Which option explains why the remote ABR should not translate the type 7 LSA for the prefix 192.168.0.0/16 into a type 5 LSA? A. The remote ABR translates all type 7 LSA into type 5 LSA, regardless of any option configured in the ASBR. B. The ASBR sets the forwarding address to 0.0.0.0 which instructs the ABR not to translate the LSA into a type 5 LSA. C. The ASBR originates a type 7 LSA with age equal to MAXAGE 3600. D. The ABR clears the P bit in the header of the type 7 LSA for 192.168.0.0/16. Answer: D Explanation When external routing information is imported into an NSSA, LSA Type 7 is generated by the ASBR and it is flooded within that area only. To further distribute the external information, type 7 LSA is translated into type 5 LSA at the NSSA border. The P-bit in LSA Type 7 field indicates whether the type 7 LSA should be translated. This P-bit is automatically set by the NSSA ABR (also the Forwarding Address (FA) is copied from Type 7 LSA). The P-bit is not set only when the NSSA ASBR and NSSA ABR are the same router for the area . If bit P = 0, then the NSSA ABR must not translate this LSA into Type 5.

The nssa-only keyword instructs the device to instigate Type-7 LSA with cleared P-bit, thereby, preventing LSA translation to Type 5 on NSSA ABR device. Note: If a router is attached to another AS and is also an NSSA ABR, it may originate a both a type-5 and a type-7 LSA for the same network. The type-5 LSA will be flooded to the backbone and the type-7 will be flooded into the NSSA. If this is the case, the P-bit must be reset (P=0) in the type-7 LSA so the type-7 LSA isn’t again translated into a type-5 LSA by another NSSA ABR. 349. Which statement about a type 4 LSA in OSPF is true? A. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ASBR. B. It is an LSA that is originated by an ASBR, that is flooded throughout the AS, and that describes a route to the ASBR. C. It is an LSA that is originated by an ASBR, that is flooded throughout the area, and that describes a route to the ASBR. D. It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ABR. E. It is an LSA that is originated by an ABR, that is flooded throughout the area, and that describes a route to the ASBR. Answer: E Explanation LSA Type 4 (called Summary ASBR LSA) is generated by the ABR to describe an ASBR to routers in other areas so that routers in other areas know how to get to external routes through that ASBR.

350. Refer to the exhibit.

Why is R2 unable to ping the loopback interface of R4? A. The local preference is too high. B. The weight is too low. C. The next hop is not reachable from R2. D. The route originated from within the same AS. Answer: C 351. Refer to the exhibit.

R2 is mutually redistributing between EIGRP and BGP. Which configuration is necessary to enable R1 to see routes from R3? A. The R3 configuration must include ebgp-multihop to the neighbor statement for R2. B. The R2 BGP configuration must include bgp redistribute-intemal. C. R1 must be configured with next-hop-self for the neighbor going to R2. D. The AS numbers configured on R1 and R2 must match. Answer: B 352. Refer to the exhibit.

AS#1 and AS#2 have multiple EBGP connections with each other. AS#1 wants all return traffic that is destined to the prefix 10.10.10.1/32 to enter through the router R1 from AS#2. In order to achieve this routing policy, the AS 1 s a lower MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this measure guarantee that the routing policy is always in effect? AS #1 and AS #2 have multiple EBGP connections with each other. AS #1 wants all return traffic that is destined to the prefix 10.10.10.1/32 to enter through the router R1 from AS #2. In order to achieve this routing policy, the AS#1 s a lower MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this measure guarantee that the routing policy is always in effect? A. Yes, because MED plays a deterministic role in return traffic engineering in BGP. B. Yes, because a lower MED forces BGP best-path route selection in AS #2 to choose R1 as the best path for 10.10.10.0/24. C. Yes, because a lower MED in AS #2 is the highest BGP attribute in BGP best-path route selection. D. No, AS #2 can choose to alter the weight attribute in R2 for BGP neighbor R1, and this weight value is cascaded across AS #2 for BGP best-path route selection.

E. No, AS #2 can choose to alter the local preference attribute to overwrite the best-path route selection over the lower MED ment from AS #1. This local preference attribute is cascaded across AS #2 for the BGP best-path route selection. Answer: E 353. Refer to the exhibit. All iBGP routes should have the iBGP peer as the next hop address. Why is this not the case for BGP routes learned between R1 and R2?

A. R2 is missing the next-hop-self option under the neighbor command for R1 B. ISP-A is missing the next-hop-self option under the neighbor command for R1 C. ISP-B is missing the next-hop-self option under the neighbor command for R1 D. R2, ISP-A, and ISP-B are missing the next-hop-self option under the neighbor command for R1 Answer: A Explanation In this case networks 10.0.0.0, 172.17.0.0, 172.18.0.0, 192.168.60.0, 192.168.70.0 are networks learned and d from R2. We see that the next-hop of these networks are 209.165.202.158 while they should be 209.165.202.130. With the nexthop of 209.165.202.158, R1 may not know how to send traffic to above networks and the traffic is dropped. To avoid this failure we should configure the ‘next-hop-self’ under the neighbor command for R1 like this: R2(config-router)#neighbor 209.165.202.129 next-hop-self 354 . What is a router? Or define the basic requirements of a router? Answer: A router is a layer 3 network device used to establish communication between different networks. Basic roles performed by a router are: * Inter-network communication * Best path selection * Packet forwarding * Packet filtering 355. What is the use of routing? or Why we use routing? Answer: By default, a router provides inter-network communication only for directly connected networks. To establish communication between indirectly connected networks, we require ROUTING. We can use static or dynamic (IGP or EGP) routing, according to topology requirement. 356. Define the criteria for best path selection of a router? Answer: A router’s routing table contains only best route. To select a route as best, a router considers the following parameters; * Longest prefix match * Minimum AD (istrative distance) * Lowest metric value If all listed parameters are the same, then it would perform equal cost load balancing.

357. Define “stuck in active.” Answer: If a successor route (best route) fails, then the router sends a query message to its neighbor demanding a feasible successor (back-up route) and a query received by the router may be forwarded to other neighbors that could lead to a loop, as well. The wait for the response of query message is called “stuck in active” (SIA). 358. Can we use OSPF without backbone area? Answer: Yes, but it will be limited to intra-area (same area) communication. By default, Inter-area communication is not possible without backbone area. 359. What do you mean by OSPF transit area ? Answer: A transit area is the area that has a virtual link connecting two or more ABRs attached to this area. 360. What is the difference between an OPPF neighbor and an adjacent neighbor? Answer: Neighbors are the routers that are in the same area and exchange hello packets, but not LSA information. Adjacent routers are routers that have fully exchanged their LSA information and are stable. If OSPF state is in 2WAY/DROTHER, it means a neighbor relationship and, if the state is FULL/DR or FULL/BDR, it means that the adjacency is formed. 361. BGP neighborship is not coming up. Please define the various steps to troubleshoot it. Answer: To troubleshoot BGP, first we need to check neighbor state using “show ip bgp summary.” If the state is Idle, it means that the peer address or AS is not defined properly; if the state is Active, it means that T port 179 is not open, the peer is not reachable, network congestion, or BGP misconfiguration. Common neighbor stability problems of BGP * Misconfigured neighbor’s IP address and AS number * Reachability issues when interfaces other than directly connected interfaces are used while peering (update-source issue). * Authentication must be properly implemented (if configured) * Router-ID must be unique 362. What is route reflector and why it is required? Answer: Route reflector is a solution for BGP split horizon. The rule says “prefix learned from an iBGP neighbor will not be d to another iBGP neighbor.” To overcome this situation, we have multiple options: Make your network a full mesh Route confederation Confederation Route reflector is something like a central point acting as a route reflector server: Rather than peering with every iBGP router in a full mesh, it makes IBGP neighbors as route reflector clients to overcome the split horizon issue. 363. What is the difference between standard and extended ACL? Answer: Standard ACLs are source-based, whereas extended ACLs are source- and destination-based. Standard ACLs can only filter layer 3 network traffic, while extended ACLs can be used to filter layer 3 and layer 4, as well. 364. What is the use of distribute-list? Answer: To filter a routing database, we use distribute-list, which can be applied over most routing protocols. This means that, If you don’t want any specific network in your routing table, then you can use distribute-list. 365. MPLS works on which layer? Answer: MPLS operates between layer 2 and layer 3, so it is sometimes called layer 2.5. 366. What is penultimate hop popping (PHP) and what is its use? Answer: PHP is the technique for removing the (POP) MPLS label before the egress router. The MPLS label on a switched packet is popped by either the egress router or the penultimate router, depending on your configuration. If you decide to use penultimate hop popping, you essentially terminate the LSP one hop earlier. The MPLS labels are popped by the routers that connect to the egress router, rather than all of them being popped by the same egress router. 367. What is the difference between layer 2 and layer 3 QoS? Answer: L2-QoS is at the MAC layer and can be applied by using CoS (class of service) filed in the VLAN header. This will be used to prioritize traffic. Later, a QOS scheduler can use the COS filed to qualify the traffic into different QOS queues. L3 QOS is required for IP level classification; it can be achieved through ToS (type of service) priority values—IPP (3-bit), DS (6-bit), which can be set in the TOS field of the IP header. This TOS will later be used by scheduling process to achieve QOS. L2 queues are hardware-based, while L3 queues are software-based. That’s why we can modify L3 queues to meet our requirements. 368. What is traffic black hole? A traffic black hole is having a next-hop neighbor that doesn’t have any routes for a specific prefix but the routing table points to that device as the next-hop of the route. In distance vector protocols like RIP and EIGRP, this rarely happens because, in those protocols, anything that is not in the routing table will not be announced to the neighbor. Link-state protocols like OSPF make use of LSAs, which will still enable the routes to be propagated regardless whether the route is in the routing table or not. 369. BGP session is not established BGP uses T, so to discover the cause of the problem, you can start with testing T connectivity. One way to do that is as simple as /system telnet 179 and check if the T connection can be established, and BGP port 179 is open and reachable. If this is eBGP, make sure you have configured multihop=yes and TTL settings as needed. Use routing bgp peer print status to see the current state of BGP connection.

Also note that if the remote peer is not ing BGP Capabilities ment (RFC 2842), some extra time will be needed for session establishment. The establishment will fail at the first time in this case, because of unknown options in BGP OPEN message. It should succeed at second attempt (i.e. after about a minute) and in any further attempts, because RouterOS will the offending options for that peer and not include them in BGP OPEN messages anymore. 370. Difference in BOOTP and RARP. RARP and BOOTP require a static reservation of an IP address for each specific MAC address. Because BOOTP encapsulates its messages inside an IP packet, the packets can be routed to a BOOTP server; RARP does not use an IP header, so its messages cannot be routed. Also, RARP only s the assignment of the IP address, whereas BOOTP allows the assignment of other settings, such as the mask and default gateway. 371. what is GRE tunnel? GRE is Generic routing protocol. It is used to simulate point to point connection between the end routers. Tunnel interface is created in both end routers which is a logical interface and can be loopback interface. Tunnel interfaces on both the routers should be in same subnet. Already some L3 IGP should be there before configuring tunnel. To tunnel, we can traceroute form one end to the router present at other end on tunnel interface and we can see that it is one hop away. 372. What are BGP attributes. Well-known mandatory : AS-path , next-hop, origin Well-known discretionary : local preference, atomic aggregate Optional non-transitivie : MED == does not travel from router to router Optional transitive : aggregator, community. 373. Will the actual route propagate through route reflector? RR will forward both data plane and control plane traffic. 374. Why we need NSSA? http://networklessons.com/ospf/introduction-to-ospf-stub-areas/ Within an NSSA you allow the Type 7s which are created on an ASBR within an NSSA area. These type 7s are then translated at the ABRs at the internal edge of the NSSA area. If you permitted Type 5s within the NSSA area - then you would permit ALL type 5s whether they originated within the NSSA area or not. By doing type restrictions it is a clean way to prune the database. 375. Does DBD contain LSA’s? Yes DBD contain lsa header. 01234567890123456789012345678901 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Version # | 2 | Packet length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Router ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Area ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | AuType | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Authentication | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Authentication | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 0 | 0 | Options |0|0|0|0|0|I|M|MS +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DD sequence number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | +-+ | A | +Link State ment -+ | Header | +-+ | | +-+ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 376. What is SVI? Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual Interface 377. Is it possible to have DR/BDR election in case of LAN? Or point to point connection? 378.How ASBR knows it has to transfer packet to backbone area? The NSSA External LSA has a flag in its header known as the P-bit. The NSSA ASBR has the option of setting or clearing the Pbit. If the NSSA*s ABR receives a type 7 LSA with the P-bit set to one, it will translate the type 7 LSA into a type 5 LSA and flood it throughout the backbone area, It the P-bit is set to zero, no translation will take place and the destination in the type 7 LSA will not be d outside of the NSSA. This option allows you to design an NSSA in which the external destinations learned in that area are known onlyin that area. 379. How to set P bit?

For example, you have a RIP learned route 1.1.1.0/24 that is injected into the OSPF NSSA Area. You do not want this route to be leaked into the rest of the OSPF areas. Use the below configuration on the NSSA ASBR in order to accomplish this: router ospf 1 summary-address 1.1.1.0 255.255.255.0 not- This configuration generates a type 7 LSA that is not translated into type 5 by the NSSA ABR. 380. Why do we use route reflector? A route reflector (RR) is a network routing component. It offers an alternative to the logical full-mesh requirement of internal border gateway protocol (IBGP). A RR acts as a focal point[clarify] for IBGP sessions. The purpose of the RR is concentration. Multiple BGP routers can peer with a central point, the RR - acting as a route reflector server - rather than peer with every other router in a full mesh. All the other IBGP routers become route reflector clients. 381. Explain booting process in router?

http://computernetworkingnotes.com/cisco-devices-istration-and-configuration/router-booting-process.html Router is powered on. Power on self test (POST) is performed to check hardware components including memory and interfaces. Bootstrap program is loaded and executed. Bootstrap reads configuration value to determine how the router will boot up. Depending on the value of configuration , bootstrap program finds and loads the IOS image. If bootstrap fails to load IOS from all possible locations it will drop boot sequence in ROMMON mode for troubleshooting. If IOS is loaded, the IOS will try to find and load the configuration. If configuration is not presented, system configuration dialog would be launched. If configuration is loaded, you would be presented in CLI interface. 382.What line-card you used? 10-Port 1-Gigabit Ethernet Line Card for Cisco 12000 Series Internet Routers 8-Port OC-3 STM-1 ATM Line Card for Cisco 12000 Series Internet Routers 4-Port Gigabit Ethernet ISE Line Card for Cisco 12000 Series Internet Router 383. Is looping happens in case of route re-distribution? http://blog.ine.com/tag/redistribution/

Note: The redistribution of internal Border Gateway Protocol (iBGP) routes into an Interior Gateway Protocol can cause routing loops within the Autonomous System (AS). This is not recommended. Route filters need to be set in order to control the information, which is imported into the IGP. http://routingnull0.com/2014/10/06/hour-560-solving-redistribution-loops/ 384. Why hello of ospf cannot travel more than one hop? Certain OSPF packets take the form of IP multicast datagrams. for receiving and sending IP multicast datagrams, along with the appropriate lower-level protocol , is required. The IP multicast datagrams used by OSPF never travel more than one hop. For this reason, the ability to forward IP multicast datagrams is not required. For information on IP multicast, see [RFC 1112]. or OSPF uses multicast addressing for route flooding on a broadcast domain. For non-broadcast networks special provisions for configuration facilitate neighbor discovery. OSPF multicast IP packets never traverse IP routers (never traverse Broadcast Domains), they never travel more than one hop. OSPF reserves the multicast addresses 224.0.0.5 for IPv4 or FF02::5 for IPv6 (all SPF/link state routers, also known as AllSPFRouters) and 224.0.0.6 for IPv4 or FF02::6 for IPv6 (all Designated Routers, AllDRouters), as specified in RFC 2328 and RFC 5340. 385. Which layer protocol is BGP? = it is application layer protocol It rides over our existing T/IP structure, Hence BGP is a Application layer Protocol. And both BGP and RIP are application layer protocols using T 179 and UDP 520 respectively for communication. OSPF and EIGRP are network layer protocols using protocol number 89 and 88 respectively for communication. 386. Cisco IOS image format? c7200-jk9o3s-mz.122-16.bin 387. What is PIM , IGMP. 388. What is *,G and s,G? 389. In MPLS what is penultimate hop? 390. After the initial exchange of DBD packets after neighbourship formation, how often does the DBD exchange happens? if any new network is say added to the DROTHER router for example, how does it initiate the further ments? DBDs are used between the master and slave devices to start building the topology table. Each DBD packet has a sequence number (but only the master can increment it). The sequence number increments when a link in OSPF changes. Once the weve got past the exchange state, the device will then compare the its database with its neighbors to see if there is any newer info. If any info is missing, the router (or whatever device it is) sends a LSR to request the missing info. The LSU packet is the packet that actually exchanges the routing information between devices. Each device generates an LSA, or multiple LSAs (there are eleven different types), that stipulate the routing information the device currently knows. Each type of LSA is then encapsulated into a LSU and transmitted between devices. Upon receiving the LSU the LSA is stripped out and inserted into the LSDB. The LSAck packets are used as a receipt in order to acknowledge receiving the LSU. So to answer your question, the once the DBD's are sent, the only thing what happens is LSRs, LSUs, and LSAcks maintain the topology. If there is ever a problem with this device, then we may need to go through the process of establishing an OSPF adjancency: exstart exchange loading full 391. Purpose of DBD sequence number? Each DBD packet has a sequence number which can be incremented only by master which is explicitly acknowledged by slave. I believe DBD sequence number is used to compare 2 consecutive DBD updates and find which one is the latest one. On a P-2-P link, how is it decided who will first send the Database Description (DBD) packet. I understand that on a broadcast network they use a master/slave configuration that is determined by the priority. 392. Does the same apply for P-2-P links? Yes, it is same in case of point to point as well. One will act as Master and other will act as slave. 393. Can you configure a SVI on layer 2 switch? If yes then what is the benefit to configure SVI on L2 switch? yes we can A switch virtual interface (SVI) is a logical interface that ties Layer 3 functionality, such as IP information, to a VLAN. The SVI, in turn, can be used for inter-VLAN routing, to fallback-bridge nonroutable protocols between VLANs, and to represent the VLAN to a routing domain. By default, an SVI is created for VLAN 1 for management. If you are familiar with the Cisco 2900XL/3500XL series switches from CCIE PSV1, an SVI is very much like the "interface VLAN 1" used for management. Unlike the previous switches, you can configure multiple SVIs and a routing protocol to provide connectivity between the VLANs. To configure an SVI, aside from the single default, you must have the EMI software image installed on the switch. 393. How long would a switch retain a mac-address in its mac-address table 300 sec

394. Can we use port fast on trunk ports? yes 395. Can we use bpdu-guard on trunk ports? 396. Can we use bpdu-filter on trunk ports? 397. In which address the neighbours reply for the hello packet sent by the source router to form adjacency? Ans: 224.0.0.6 398. LSAck: LSAck packet will be send as an Ack only for the following packet types -> Database Description -> Link-State Request -> Link-State Update 399. Router ID: While sending the "hello packet" the highest configured ip address on an active interface is choosen as a "Router ID" by default, unless a loopback interface or the router id is configured. 400. Process ID: An internally used number to identify the OSPF routing process. The process ID does not need to match process IDs on other routers. 401. If we have 70 to 80 areas then how we can connect all the areas to the backbone area? If we have more areas in OSPF then it is not possible to connect all the areas to the backbone area. For that "Virtual link" is used. We use virtual routes only when we are not able to reach the area-0 directly. usage of virtual routes is a poor design. so how many ever areas we have should connect to area 0 to reach other areas 402. Why do we need iBGP if we already have iGP? Scalability1: Imagine that you're receiving 500,000 EBGP routes in more than one location2, and you need to influence the per route exit point in your AS. BGP can handle many more routes than IGP protocols. Thus, iBGP is required unless you're willing to redistribute all the routes you've learned via eBGP Enforce boundaries of trust / control: BGP has many more knobs than IGPs for controlling what you and receive. Flexible tools: BGP communities, BGP Extended communities, local-pref, etc... these make BGP an attractive way to implement custom routing policies within your own autonomous system (by using iBGP). As with everything... the scalability, control, and flexibility you get from iBGP means that it's a slower converging protocol than IGPs (in general). iBGP is usually used with in once istrative boundary of large enterprises to get the advantage of the BGP route stability and policy manipulations through the BGP attributes. That doesn't mean you can't use eBGP with in the istrative boundary but iBGP is preferred due to some attributes which are only used within the same AS only like Local preference, ease of management since you are using one AS rather than different AS numbers. And eBGP (even if there is away) require direct link due to use of TTL 1. 403. How to create host route in Linux? http://linux-ip.net/html/tools-route.html To add a static host route on Linux, run: route add -host <destination IP address> gw or route add <destination IP address> gw Example: Security gateway's external IP address is 192.168.1.1 Security gateway's internal IP address is 10.1.1.1 The desired Static NAT IP address is 192.168.1.20 The internal host to be translated is 10.1.1.20 Use the following command: route add -host 192.168.1.20 gw 10.1.1.20 or route add 192.168.1.20 gw 10.1.1.20

Alternately, the static routes can be entered in the /etc/sysconfig/static-routes file in this format: eth1 net 192.168.1.20 netmask 255.255.255.255 gw 10.1.1.20 where eth1 is the gateway's internal interface. The /etc/sysconfig/static-routes file will be parsed by Linux kernel at startup. To that route was added successfully, check the routing table by running netstat –rn 404. What is the maximum TTL value? 255 405. How traceroute works? 406. How routing works? Prefix Ad metric 407. packet format in case of wireshark? Arp request – arp response Source mac – dest mac Source ip – dest ip T session 408. host1 (1.1.2.2/24) ====== host2 (1.1.3.2/24) Will communication happens Communication will not happen since both host are in different network ie different broadcast domains. Apr request will be sent if both host are in same network. So here arp request will not be send. 409. T and UDP protocol number. T 6 and UDP 17 410. What is STP ? explain by scenario Create triangle topology and explain 411. What is etherchannel and usecases. Link aggregation technology 412. host ---switch (vlan1) vlan access vlan101 ---------------switch2 (switch pot trunk , switchport allowed trunk vlan 101)---host2 Will communication happens ? No both ports should be assigned as trunk. 413. What is VTP and how it works. 412. What should be your trouble shooting approach when two routers are not forming neighborship in case of ospf. Start from L2 and go up in OSI model 413. How dh works. What are the steps involved in case of dh? Explain the process 412. what is NAT and how it works? 413. what happens if one of the link goes down incase of etherchannel? 414. What are AD for all routing protocols? 415. What is GRE and why is it required? Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route other protocols over IP networks. GRE enables a wrapper to be placed around a packet during transmission of the data. A receiving GRE removes the wrapper, enabling the original packet to be processed by the receiving stack. Advantages of GRE tunnels include the following: * GRE tunnels connect discontinuous sub-networks. * GRE tunnels allow VPNs across wide area networks (WANs). * GRE tunnels encase multiple protocols over a single-protocol backbone. * GRE tunnels provide workarounds for networks with limited hops.

416. use of tail –f NAME tail - output the last part of files SYNOPSIS tail [OPTION]... [FILE]... DESCRIPTION Print the last 10 lines of each FILE to standard output. With more than one FILE, precede each with a header giving the file name. With no FILE, or when FILE is -, read standard input. Mandatory arguments to long options are mandatory for short options too. --retry keep trying to open a file even if it is inaccessible when tail starts or if it becomes inaccessible later; useful when following by name, i.e., with --follow=name -c, --bytes=N output the last N bytes -f, --follow[={name|descriptor}] output appended data as the file grows; -f, --follow, and --follow=descriptor are equivalent -F

same as --follow=name --retry

-n, --lines=N output the last N lines, instead of the last 10 --max-unchanged-stats=N with --follow=name, reopen a FILE which has not changed size after N (default 5) iterations to see if it has been unlinked or renamed (this is the usual case of rotated log files) --pid=PID with -f, terminate after process ID, PID dies -q, --quiet, --silent never output headers giving file names -s, --sleep-interval=S with -f, sleep for approximately S seconds (default 1.0) between iterations. -v, --verbose always output headers giving file names --help display this help and exit --version output version information and exit If the first character of N (the number of bytes or lines) is a ‘+’, print beginning with the Nth item from the start of each file, otherwise, print the last N items in the file. N may have a multiplier suffix: b 512, k 1024, m 1024*1024. With --follow (-f), tail defaults to following the file descriptor, which means that even if a tail’ed file is renamed, tail will continue to track its end. This default behavior is not desirable when you really want to track the actual name of the file, not the file descriptor (e.g., log rotation). Use --follow=name in that case. That causes tail to track the named file by reopening it periodically to see if it has been removed and recreated by some other program. 417. what are different ls command. Explain NAME ls - list directory contents SYNOPSIS ls [OPTION]... [FILE]... DESCRIPTION List information about the FILEs (the current directory by default). Sort entries alphabetically if none of -cftuvSUX nor --sort. Mandatory arguments to long options are mandatory for short options too. -a, --all do not ignore entries starting with . -A, --almost-all do not list implied . and ..

--author with -l, print the author of each file -b, --escape print octal escapes for nongraphic characters --block-size=SIZE use SIZE-byte blocks -B, --ignore-backups do not list implied entries ending with ~ -c with -lt: sort by, and show, ctime (time of last modification of file status information) with -l: show ctime and sort by name otherwise: sort by ctime -C

list entries by columns

--color[=WHEN] control whether color is used to distinguish file types. WHEN may be ‘never’, ‘always’, or ‘auto’ -d, --directory list directory entries instead of contents, and do not dereference symbolic links -D, --dired generate output designed for Emacs’ dired mode 418. check for scale topology 419. How you customer scenario in Spirent . 420. How to analyze captured network data in wireshark. http://www.unixarena.com/2013/06/wireshark-how-to-analyse-captured.html http://tipguru.com/wireshark-interview-questions/ 421. what all testcases you can think on TTL 422. DR and ospf router ip in ospf 423. collision and broadcast domain difference A switch has 4 ports. Now 2ports are assigned to vlan 1 and next 2 ports are assigned to vlan2 . How many collision domains will be there? Collision domain should remain same. 424. How many lines of code you can write in a day 50 lines of code per day on average 425. what are 5 fundamental knobs in network security. 426. How to create sub interfaces in Linux or host? Create sub interfaces on CentOS and Redhat Sub interfaces or virtual interfaces are used for a number of reasons. Normally for VLANs, but also if you want your machine to have multiple IP addresses. This is relatively straight forward to do. It can be done from the command line like this: # ifconfig eth0:1 192.168.111.1 The above command has just created a virtual / sub interface on eth0 called eth0:1 and assigned it the IP 192.168.111.1 This however is not a permanent solution because when you reboot, this interface will be lost. To make it permanent we need to create a file in /etc/sysconfig/network-scripts/ called ifcfg-eth0:1 DEVICE=eth0:1 BOOTPROTO=none HWADDR=00:16:17:90:a5:15 ONPARENT=yes IPADDR=192.168.111.1 NETMASK=255.255.255.0 TYPE=Ethernet Very similar to ifcfg-eth0 but note there is no default gateway set. Always remove the gateway line from the cfg file you will inevitably copy to create this. The MAC or Hardware address must also match the parent interface. If you need more than one virtual / sub interface, simply create more config files. To bring an interface up after creating the config file use: # ifup eth0:1 427. BGP is unicast or multicast. It is possible to configure BGP peers that exchange both unicast and multicast network layer reachability information (NLRI), but you cannot connect multiprotocol BGP clouds with a BGP cloud. That is, you cannot redistribute multiprotocol BGP routes into BGP.

428. Is one to one mapping happens between DNs name and ip address. A name server is used to keep track of information associated with domain names. A name server can maintain a database of hostname-to-address mappings. Each name can map to one or more IP addresses. In order to use this service to map domain names to IP addresses, you must specify a name server. The name lookup system can be statically configured using the commands described in this task. Some other functions in Cisco IOS software, such as DH, can dynamically modify the state of the name lookup system. Use the show hosts command to display the cached hostnames and the DNS configuration. 429. Can we assign ipv4 and ipv6 address to same client. Yes we can. If we see our windows we can see link local ipv6 address as well as ipv4 address. Dual stack it is possible. But dhv6 server and dhv4 server will be different. 430. R1 (1500)----------------------------------(1000)r2 How R1 will know it has to do fragmentation? Mtu size exchange will happen between the neighbors in L1 431. pc ---switch ------R1 -------R2-----switch---PC2 Expalin Arp, ping and traceroute 432. pc1 -----R1---------R2-------pc2 Static route is configured on R1 to reach pc2. Will ping happens? Ping will not be successful since pc1 knows to reach the pc1 and pc2 doesn’t know how to reach pc1. 433. What are different flags in Ip header other than MF and DF. Reserved , DF and MF 434. Area concept in ospf? We can have area 1 and area 2 without area 0. Check what all route will be there in this scenario.

Check what all lsa’s will be present on each router. 435. where exactly vlan tag is placed in Ethernet header?

436. what is difference in 802.1q and 802.1p The IEEE 802.1p is a signalling technique for prioritising network traffic at the data-link/MAC sub layer (OSI Reference Model Layer 2).

Priority 3 bits filed is know as 802.1p and total 4 byte is 802.1q Quality of Service QoS is a mechanism that allows for better handling of data that es over a network. There are two major types of Quality of Service (QoS) techniques, hard QoS and soft QoS. Hard QoS has a hard-set capacity reserved for certain types of service, while soft QoS just deals with data prioritization. QoS provides a kind of guarantee to ensure that important data packets reach their destinations as quickly as possible. Use of the 802.1p Standard The IEEE 802.1p standard is a method for asg priority to packets traversing a network. It works with the MAC (media access control) header at the data link layer (Layer 2 in the OSI reference model). The MAC header is one of those parts that are inspected by hubs and switches in a network, which are also responsible for differentiating between network packets on the basis of their priorities. The 802.1p sets a 3-bit value in the MAC header to indicate prioritization. This 3-bit value provides priority levels ranging from 0 to 7 (i.e., a total of 8 levels), with level 7 representing the highest priority. This permits packets to cluster and form different traffic classes. Thus, when network congestion occurs, those packets that have higher priorities will receive preferential treatment while low priority packets will be kept on hold. 802.1p is not backward compatible and can lead to instability on networks with non-802.1p switches. This is because older switches will misinterpret the header used by the 802.1p protocol. It is important that the switches, Ethernet cards, and device drivers are all 802.1p compatible. 437. Will destination and source mac address will change for ospf and bgp? Yes there will be change in source and destination mac address as mac addresses are different for BGp and ospf. 438. GSR architecture? 439. How ingress to egress communication happens in GSR? Line cards perform packet forwarding. Each LC uses DCEF tables to look up destination addresses. 440. R1 1500--------------------1000R21500---------------1000R3 How packet will flow here? R1 will fragement data into 1000 and 500 and both will through R2 and reassembly happens at R3. 441. Difference in routing RIB and FIB table. RIBs maintain the network topologies and routing tables for each protocol. This would include many routes going to the same destination prefix. FIBs are the best route from the possibly many protocols in the RIBs pushed down to fast forwarding lookup memory for the best path(s).

442. What is Non stop forwarding ? Already covered. 443. How about vpn and firewall concepts? 444. What is t sync attack? A sender transmits a volume of connections that cannot be completed. This causes the connection queues to fill up, thereby denying service to legitimate T s. A T SYN attack (also called SYN attack) is a common type of Denial of Service attack. 445. What is T windowing? T windowing concept is primarily used to avoid congestion in the traffic. It controls the amount of unacknowledged data a sender can send before it gets an acknowledgement back from the receiver that it has received it. 446.How ICMP Redirect Messages Work? ICMP redirect messages are used by routers to notify the hosts on the data link that a better route is available for a particular destination. For example, the two routers R1 and R2 are connected to the same Ethernet segment as Host H. The default gateway for Host H is configured to use router R1. Host H sends a packet to router R1 to reach the destination on Remote Branch office Host 10.1.1.1. Router R1, after it consults its routing table, finds that the next-hop to reach Host 10.1.1.1 is router R2. Now router R1 must forward the packet out the same Ethernet interface on which it was received. Router R1 forwards the packet to router R2 and also sends an ICMP redirect message to Host H. This informs the host that the best route to reach Host 10.1.1.1 is by way of router R2. Host H then forwards all the subsequent packets destined for Host 10.1.1.1 to router R2.

This debug message shows router R1, as in the network diagram, sending an ICMP redirect message to Host H (172.16.1.1). R1# debug ip icmp ICMP packet debugging is on *Mar 18 06:28:54: ICMP:redirect sent to 172.16.1.1 for dest 10.1.1.1, use gw 172.16.1.200 R1# Router R1 (172.16.1.100) sends a redirect to Host H (172.16.1.1) to use router R2 (172.16.1.200) as the gateway to reach the destination 10.1.1.1. When Are ICMP Redirects Sent? Cisco routers send ICMP redirects when all of these conditions are met: The interface on which the packet comes into the router is the same interface on which the packet gets routed out. The subnet or network of the source IP address is on the same subnet or network of the next-hop IP address of the routed packet. The datagram is not source-routed. The kernel is configured to send redirects. (By default, Cisco routers send ICMP redirects. The interface subcommand no ip redirects can be used to disable ICMP redirects.)

Note: ICMP redirects are disabled by default if Hot Standby Router Protocol (HSRP) is configured on the interface. In Cisco IOS Software Release 12.1(3)T and later, ICMP Redirect is allowed to be enabled on interfaces configured with HSRP. For more information, refer to HSRP for ICMP Redirects section of Hot Standby Router Protocol Features and Functionality. For example, if a router has two IP addresses on one of its interfaces: interface ethernet 0 ip address 171.68.179.1 255.255.255.0 ip address 171.68.254.1 255.255.255.0 secondary If the router receives a packet that is sourced from a host in the subnet 171.68.179.0 and destined to a host in the subnet 171.68.254.0, the router does not send an ICMP redirect because only the first condition is met, not the second. The original packet for which the router sends a redirect still gets routed to the correct destination. 447. looping in different layer? 448. what is inter frame gap and which layer it belongs to? Why frame payload size is in range of 46-1500. Interpacket gap is idle time between packets. After a packet has been sent, transmitters are required to transmit a minimum of 96 bits (12 octets) of idle line state before transmitting the next packet. There is an obvious reason why the frame payload size was chosen to be 1500 bytes. A frame size of 1500 bytes, offers, maximum efficiency or throughput. As you know, ethernet frame has 8 byte preamble, 6 byte source and 6 byte destination mac address, mac type of 2 bytes, and 4 bytes CRC. Assuming the MTU payload to be 1500 the total number of bytes comes to 1500 + 8 + 6 + 6 + 2 + 4 = 1526 bytes. Now between each frame there is a inter frame gap of 12 bytes which constitues 9.6micro seconds gap between each frame. This is essential so that frames dont mix up. So the total size of each frame going out of a host is 1538 bytes. So at 10 Mbps rate, the frame rate is 10 Mbps / 1538 bytes = 812.74 frames / second. Now we can find the throughput or efficiency of link, to transmit 1500 bytes of payload. by multiplying the frame rate with the number of bytes of the payload. So efficiency = 812.74 * 1500 * 8 = 9752925.xxxxx bps which is 97.5 percent efficient ( comparing with 10 MBps) I guess I have gone too much with mathematics of Ethernet, but the interesting thing to notice is that, as the number of bytes in the payload increases, the frame rate is decreasing. See that for an MTU of 1500 bytes on payload, the frame rate has reduced to 812 frames per second. If you increase it above 1500, frame rate would become less than 812. Also there is a minimum limit for the MTU which is actually 46 bytes. If you calculate the size of the frame for a 46 byte payload it would come to 12+8+6+6+2+46+4 = 84 bytes. Now calculating the frame rate we get it as = 10mbps/ (84 * 8 bytes) = 14880 frames per second. We could have gone to a frame size even lesser than this, which could increase the frame rate even more, but I guess during those times, when IEEE made the standards, the routers didnt have that much frame forwarding capability. So I think due to above reasons, and considering maximum efficiency, IEEE would have fixed the min and max size of payload as 46 bytes and 1500 bytes. 449. Difference in performance and scalability testing? Performance testing is the process of determining the speed or effectiveness of a computer, network, software program or device. This process can involve quantitative tests done in a lab, such as measuring the response time or the number of MIPS (millions of instructions per second) at which a system functions. scalability testing is performed as a series of load tests with different hardware (or software) settings while keeping other testing environment conditions unchanged. When you perform scalability testing, you can vary the U speed, the number and type of servers, the amount of available RAM, and so on. 440. How to check performance of the router? Performance Testing is performed to determine response time of the some components of the system perform under a particular workload. It is generally measured in of response time for the activity. It is designed to test the overall performance of the system at high load and stress condition It identifies the drawback of the architectural design which helps to tune the application. It includes the following: Increasing number of s interacting with the system. Determine the Response time. Repeating the load consistently. Monitoring the system components under controlled load. Providing robust analysis and reporting engines.

441. what is throughput and latency ? Bandwidth commonly measured in bits/second is the maximum rate that information can be transferred Throughput is the actual rate that information is transferred

Latency the delay between the sender and the receiver decoding it, this is mainly a function of the signals travel time, and processing time at any nodes the information traverses Jitter variation in the time of arrival at the receiver of the information Error rate the number of corrupted bits expressed as a percentage or fraction of the total sent 442. Name 2.5 layer protocol. MPLS 443. defect logged by you in GSR. CSCtq21722 Symptom: A Cisco switch may reload when configured for SNMP. Conditions: This symptom is observed when SNMP is configured. Workaround: There is no workaround. 444. blackhole in networking? In networking, black holes refer to places in the network where incoming or outgoing traffic is silently discarded (or "dropped"), without informing the source that the data did not reach its intended recipient. When examining the topology of the network, the black holes themselves are invisible, and can only be detected by monitoring the lost traffic; hence the name. Dead addresses[edit] The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address to which no host has been assigned. Even though T/IP provides means of communicating the delivery failure back to the sender via ICMP, traffic destined for such addresses is often just dropped. Note that a dead address will be undetectable only to protocols that are both connectionless and unreliable (e.g., UDP). Connection-oriented or reliable protocols (T, RUDP) will either fail to connect to a dead address or will fail to receive expected acknowledgements. Firewalls and "stealth" ports[edit] Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports, resulting in small or large "black holes" in the network. Personal firewalls that do not respond to ICMP echo requests ("ping") have been designated by some vendors[1] as being in "stealth mode". Despite this, in most networks the IP addresses of hosts with firewalls configured in this way are easily distinguished from invalid or otherwise unreachable IP addresses: On encountering the latter, a router will generally respond with an ICMP network rsp. host unreachable error. NAT, as used in home and office routers, is generally a more effective way of obscuring the layout of an internal network. 445. fields of 802.1q ? Tid + priority + CFI+ vlan id 446. what are all BGP mandatory attributes? As path and next hop 447. what is proxy arp? 448. How priority is set in layer 3 ? With ds 449. check different mtu size scenario in STC? 450. HL and TL calculation in IP? 451. ARP table entries? Ip to mac address mapping. Only directly connected interfaces information will be present in arp cache. 452. What you want to be ? I want to see myself as a network specialist. 453. What is socket? A network socket is an endpoint of an inter-process communication flow across a computer network. Today, most communication between computers is based on the Internet Protocol; therefore most network sockets are Internet sockets. A socket address is the combination of an IP address and a port number, much like one end of a telephone connection is the combination of a phone number and a particular extension. Based on this address, internet sockets deliver incoming data packets to the appropriate application process or thread. 454. do you have any experience in customer actual deployment network? No 455. Difference in local pref and MED? Local pref is used within AS between IBGP and MED is used between peers in different AS. 456. How confederation works in BGP?

457. How blackhole is avoided in IGP? In networking, black holes refer to places in the network where incoming or outgoing traffic is silently discarded (or "dropped"), without informing the source that the data did not reach its intended recipient. When examining the topology of the network, the black holes themselves are invisible, and can only be detected by monitoring the lost traffic; hence the name. Dead addresses[edit] The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address to which no host has been assigned. Even though T/IP provides means of communicating the delivery failure back to the sender via ICMP, traffic destined for such addresses is often just dropped. Note that a dead address will be undetectable only to protocols that are both connectionless and unreliable (e.g., UDP). Connection-oriented or reliable protocols (T, RUDP) will either fail to connect to a dead address or will fail to receive expected acknowledgements. §Firewalls and "stealth" ports[edit] Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports, resulting in small or large "black holes" in the network. Personal firewalls that do not respond to ICMP echo requests ("ping") have been designated by some vendors[1] as being in "stealth mode". Despite this, in most networks the IP addresses of hosts with firewalls configured in this way are easily distinguished from invalid or otherwise unreachable IP addresses: On encountering the latter, a router will generally respond with an ICMP network rsp. host unreachable error. NAT, as used in home and office routers, is generally a more effective way of obscuring the layout of an internal network. Black hole filtering[edit] Black hole filtering refers specifically to dropping packets at the routing level, usually using a routing protocol to implement the filtering on several routers at once, often dynamically to respond quickly to distributed denial-of-service attacks.

458. ping is which layer protocol? Ping is L3 protocol. 459. what is performance testing? How much time the application is taking to perform a task. Types of performance testing. -Load testing -Stress testing -Volume testing -Security testing(authentication, access control. encryption) 460. find expression find . –name “*.tcl ” –print find . –size 1000c find . –size + 1000c find . –size -1000c 461. what are different types of software testing methodologies? Unit test Functional test Integration test Smoke test Acceptance test System test Regression test

462. Explain t sync flooding. T Intercept is designed to prevent a SYN flooding Denial of Service attack by tracking, optionally intercepting and validating T connection requests. A SYN flooding attack involves flooding a server with a barrage of requests for connection.

However, since these messages have invalid return addresses, the connections can never be established. The resulting volume of unresolved open connections eventually overwhelms the server and can cause it to deny service to valid requests. T Intercept is capable of operating in two different modes - intercept mode and monitor mode. When used in intercept mode (the default setting), it checks for incoming T connection requests and will proxy-answer on behalf of the destination server to ensure that the request is valid before connecting to the server. In monitor mode, T Intercept ively watches the connection requests flowing through, and, if a connection fails to get established in a configurable interval, it will intervene and terminate the connection attempt. 463. What is a firewall? Why do I want one? Firewalls are used to build trusted perimeters around information and services. Your Internet security solution must be able to allow employees to access Internet resources, while keeping out unauthorized traffic. The most common way of protecting the internal network is by using a firewall between the intranet and the Internet. 464. What is Ipsec? IPSec provides IP network-layer encryption. IPSec is a standards-based technology that governs security management in IP environments. Originally conceived to solve scalable security issues in the Internet, IPSec establishes a standard that lets hardware and software products from many vendors interoperate more smoothly to create end-to-end security. IPSec provides a standard way to exchange public cryptography keys, specify an encryption method (e.g., data encryption standard (DES) or RC4), and specify which parts of packet headers are encrypted. 465. In Ethernet network in ospf . Does DR and BDR election happens? If two routers are connected by Ethernet and point to point network is not defined , DR election will happen. 466. What happens in all 7 layers of OSI model if I type www.google.com or any other link? What do these layers do? 467. Data Encryption Standard (DES) weakness and strength. The Data Encryption Standard (DES) is a symmetric key block cipher which takes 64-bit plaintext and 56-bit key as an input and produces 64-bit cipher text as output. The DES function is made up of P and S-boxes. P-boxes transpose bits and S-boxes substitute bits to generate a cipher. Strength- The strength of DES lies on two facts: The use of 56-bit keys: 56-bit key is used in encryption, there are 256 possible keys. A brute force attack on such number of keys is impractical. The nature of algorithm: Cryptanalyst can perform cryptanalysis by exploiting the characteristic of DES algorithm but no one has succeeded in finding out the weakness. Weakness- Weakness has been found in the design of the cipher: Two chosen input to an S-box can create the same output. The purpose of initial and final permutation is not clear. 468. If you are a victim of Denial of Service (Dos) then what you do? The function of a denial of service attack is to flood its target machine with too much traffic and prevents it from being accessible to any other requests or providing services. To prevent DoS attacks firewall can be configured as a relay; in this approach the firewall responds on behalf of the internal host. During the attack, the firewall responds to the SYN sent by the attacker; since the ACK never arrives, the firewall terminates the connection. By Keeping protocols and Antivirus software up-to-date, we can prevent to be a victim of DoS. A regular scanning of the machine is also necessary in order to detect any “anomalous” behavior. 469. What are the main qualities of an effective and efficient network? a. Performance b. Reliability c. Security 470. Name the factors that tell us about the security of the network. a. Virus attacks on the system. b. Unauthorized access to the system. 471. Define Bandwidth and Latency? - Bandwidth/ Throughput – It means the number of bits which can be transmitted over the network in a specified time. - Latency – It is the time taken by a message to travel from one side to another. Bandwidth and latency describe the performance of a network. 472. If two connected routers are configured with RIP routing. What will be the result when a router receives a routing update that contains a higher-cost path to network already in its routing table? When a routing update is received by a router, the router first checks the istrative distance (AD) value and always choose the route with the lowest istrative distance value. However, if two routes are received and they both have same istrative distance value, then the router will choose the one route with the lowest metrics, or in RIP’s case, hop count. RIP allows a maximum hop-count of 15, so anything that requires 16 hops is consider as unreachable. Hence if a router receives a routing update that contains a higher-cost path but have lower hops than the packet will be transferred through that path

473. How do you use RSA for both authentication and secrecy? RSA is a public key encryption algorithm. The RSA algorithms are based on the mathematical part that it is easy to find and multiply large prime numbers together, but it is extremely difficult to factor their product. For authentication: One can encrypt the hash (MD4/SHA) of the data with a private key. This is known as digital signature. For Secrecy: Secrecy/confidentiality is achieved by encrypting the data with public key and decrypting with private key. 474. Can you differentiate among encoding, encryption and hashing? Encoding: Basically encoding is used to protect the integrity of data as it crosses through communication network to keep its original message upon arriving. It is primarily an insecure function because it is easily reversible. Encryption: Encryption is basically designed for confidentiality and data integrity and reversible only if you have the appropriate key. Hashing: With hashing the operation is one-way i.e. non-reversible. It takes an input (or ‘message’) and returns a fixed-size string, which is called the hash value. 475. What is Authentication Header and how it provides the protection to IP header? Basically Authentication Header protects IP header and provides the complete authenticity to the IP packets. AH may work in two ways: transport mode and tunnel mode. In tunnel mode; AH protects the IP header using two IP header layers inner and outer. Inner IP header is used to contain the source and destination addresses, and the outer IP header is used to contain the security gateway information 476. What is VPN? A VPN is a service that offers secure, reliable connectivity over a shared public network infrastructure such as the Internet. VPNs maintain the same security and management policies as a private network. They are the most cost effective method of establishing a virtual point-to-point connection between remote s and an enterprise customer's network. 477. What is Trusted and Untrusted Networks? Trusted networks: Such Networks allow data to be transferred transparently. The machines using a trusted network are usually istered by an to ensure that private and secured data is not leaked. Access to this network is limited. Computers using trusted networks are more secured and confidential because of strong firewalls. Untrusted networks: Such networks are usually istered by the owners. They can allow improper access to sensitive or personal data. These machines are usually separate. Such machines could me more prone to attacks. 478. In computer networking and telecommunications, a pseudowire (or pseudo-wire) is an emulation of a point-to-point connection over a packet-switching network (PSN). The pseudowire emulates the operation of a "transparent wire" carrying the service, but it is realized that this emulation will rarely be perfect. The service being carried over the "wire" may be Asynchronous Transfer Mode (ATM), Frame Relay, Ethernet or time-division multiplexing (TDM) while the packet network may be Multi-protocol Label Switching (MPLS), Internet Protocol (IPv4 or IPv6), or Layer 2 Tunneling Protocol Version 3 (L2TPv3). 479. TCL 1. What is the use of upvar? Upvar : Create link to variable in a different stack frame. upvar simplifies the implementation of call-by-name procedure calling and also makes it easier to implement Tcl procedures that are new control constructs 2. How to an array to a proc ? You will need to use ing by reference to array information to a procedure. Array values cannot be ed as procedure arguments. Keyed lists should also be ed by reference It is not possible directly we need to use upvar . http://stackoverflow.com/questions/3513266/ing-arrays-to-functions-in-tcl-only-upvar http://www.cab.u-szeged.hu/local/doc/tcl.old/tclFAQ/part2/faq-doc-20.html http://objectmix.com/tcl/775140-ing-arrays-arguments-procedures.html proc show_array arrayName { upvar $arrayName myArray foreach element [array names myArray] { puts stdout "${arrayName}($element) = $myArray($element)" } } set arval(0) zero

set arval(1) one show_array arval or proc arr arr1 { upvar $arr1 arr2 set namelst [array names arr2] foreach val $namelst { puts "${arr1}($val) = $arr2($val)" } } array set arr3 {0 hello 1 hi} arr arr3 3. Write a program which two strings are anagram of each other . ie ball and lbal http://www.invece.org/tclwise/lists_and_strings.html set str1 ball set str2 labl set lst1 [split $str1 ""] puts $lst1 set lst2 [split $str2 ""] puts $lst2 set newstr1 [lsort $lst1] puts $newstr1 set newstr2 [lsort $lst2] puts $newstr2 set newstr1 [ $newstr1 ""] puts $newstr1 set newstr2 [ $newstr2 ""] puts $newstr2 set res [string equal "$newstr1" "$newstr2"] puts $res or if {[string equal $newstr1 $newstr2] == 1} { puts “yes” } else { Puts “no” }

4. Write a proc which will reverse a array ie value as index and index as value. Eg a(1) 10 should be a(10) 1 http://pleac.sourceforge.net/pleac_tcl/arrays.html http://stackoverflow.com/questions/11497726/how-to-reverse-an-array-in-tcl array set A {1 10 2 20 3 30 4 40 5 50} set lst [array get A] puts $lst set newlst [lreverse $lst] puts $newlst array set B $newlst puts [array get B] puts [parray B]

5. Input is “40000000000000000000”. It can be any number long . Write a regexp which will take block of 2 nos from given number and print the values in separate variables. set num "125342354832" regsub -all {(..)} $num {\1 } var puts $var or set str "40awd409999" set i 1 while {[string length $str] > 1} { regexp -nocase {[0-9a-z][0-9a-z]} $str match set str$i $match regsub $match $str "" str incr i } if {[string length $str] == 1} { set str$i $str } puts "$str1 $str2 $str3 $str4 $str5 $str6"

or % set data "asdhlakjfsdhfl12312" asdhlakjfsdhfl12312 % set fivers [regexp -all -inline {.{1,2}} $data] as dh la kj fs dh fl 12 31 2 set i 0 foreach num $lst { set var($i) $num puts $var($i) incr i } http://wiki.tcl.tk/1499 http://inguza.com/document/expect-and-tcl-mini-reference-manual

6. Given is “ Nawraj Lekhak kumar jagdish” . If given input is two values print 1 st and 2nd names. If input values is 3 or 4 print 1st, 2nd and 3rd name. set lst [list nawraj kumar lekhak dutt] set len [llength $lst] puts $len if {$len == 4 || $len == 3} { puts [lrange $lst 0 2] } elseif {$len == 2} { puts [lrange $lst 0 1] } else { puts "invalid length" } http://zetcode.com/lang/tcl/lists/

7. Write a regexp which will match all valid ip addresses in a file. set ip "1.0.0.0" regexp {([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][09]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-4])} $ip var puts $var if {[string equal $ip $var] == 1} { puts "$var is valid ip" } else { puts "$var is not valid ip" } or set ip "19.0.0.1" regexp {([0-9]|1[0-9]|[2-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.([0-9]|1[0-9]|[2-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[05])\.([0-9]|1[0-9]|[2-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.([1-9]|1[0-9]|[2-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-4])} $ip var puts $var if {[string equal $ip $var] == 1} { puts "$var is valid ip" } else { puts "$var is not valid ip" } 8. Use of catch command . (just want to know what happen if we use variable m or without using it) catch {puts $b} err puts $err or Puts “ hello” Catch {puts $a} m Puts “name” Ouput will be : Hello 1 and variable is not defined. Name. Or catch is used to change the actions produced by errors Example: if {[catch {set foobar} errmsg]} { puts “the message output: $errmsg”

} May take up to two arguments: A command block to execute. An optional variable to store error messages within. Returns: 1 if an error has been caught. 0 otherwise. 9. Regexp http://docs.activestate.com/activetcl/8.5/expect4win/regex.html 10. How can I create/use association lists or property lists? Use arrays or Extended Tcl keyed lists. For example, if you did a: keylset ttyFields ttyName tty1a keylset ttyFields baudRate 57600 keylset ttyFields parity strip And then an echo $ttyFields, you'd get: {ttyName tty1a} {baudRate 57600} {parity strip} Or using arrays: set ttyFields(ttyName) tty1a set ttyFields(baudRate) 57600 set ttyFields(parity) strip 11. Write a proc to increment the ip by the given no. of times. The incremented IPs should be a valid one. proc generate_ips {start_ip number_of_ips} { regexp {([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)} $start_ip - oct1 oct2 oct3 oct4 set ip_list "" while {[llength $ip_list] < $number_of_ips} { for {} {$oct4 <= 254} {incr oct4} { lappend ip_list "$oct1.$oct2.$oct3.$oct4" if {[llength $ip_list] == $number_of_ips} { break } } if {$oct4 == set oct4 0 incr oct3 } if {$oct3 == set oct3 0 incr oct2 } if {$oct2 == set oct2 0 incr oct1 } if {$oct1 == break }

255} {

256} {

256} {

256} {

} return $ip_list } 12. What are the different ways to initialize a variable. How to differentiate global and local variables, explain it through a simple tcl program. 13. Create a list of week days and print the first and last character of each day using foreach command set lst {sunday monday tuesday wednesday thursday friday saturday} foreach day $lst { set out "[string index $day 0][string index $day end] " append newlst "$out" } puts $newlst 14. Can you write a small program to the given input is file or directory. Before checking, just ensure that the file/dir exists or not in the given path. If the given input is a file, findout the size and that the file has all read ,write and execute permission.

15. How to increment each element in a list ? set lst {0 3 2 10} foreach num $lst {

incr num append newlst "$num " } puts $newlst

16. Find maximum number in the given 3 numbers using tcl? set a -3 set b 2 set c 6 if {$a > $b && $a > $c} { puts "a is the max number" } elseif {$b > $a && $b > $c} { puts "b is max" } else { puts "c is the max number" } 17. Write a script to display how many times each words appearing in a given string set str "hello nawraj how are you. Hope you are fine" set out [lsearch -all -inline $str "are"] puts $out set len [llength $out] puts $len 18.Write a script to remove duplicates word in string set lst "This issues the have is can be the most the" regsub -all "the" $lst "" out puts $out

19. How can I an array into a proc? Use upvar rather than try to use global variables when possible. If the function is event driven, you are forced to use global variables. # print elements of an array proc show_array arrayName { upvar $arrayName myArray foreach element [array names myArray] { puts stdout "${arrayName}($element) = $myArray($element)" } } set arval(0) zero set arval(1) one show_array arval To return an array from a procedures, just take the array name in as an argument, as above. Any changes you make in the array will be made in the parent's array as well. Extended Tcl introduces a concept called keyed lists which are arrays made out of lists of key-value pairs and can be ed by value to routines, over networks, etc. 20. How can I delete a procedure from within a script? Rename the procedure to have no name, for example: rename procedureName "" 21.

How can I use variables to hold array names? % set foo "bar baz" bar baz % foreach aap $foo { set $aap(1) "something" } can't read "aap(1)": variable isn't array This means Tcl tries to substitute the array element aap(1) which doesn't exist. To fix this use: % foreach aap $foo { set [set aap](1) "something" } In this case two arrays bar and baz are created. An alternative format is: % foreach aap $foo { set ${aap}(1) "something" }

22.

script that can create loopback interfaces for you.

The Script proc int_config {x} { for {set n 1} {$n<=$x} {incr n 1} { puts [ ios_config "interface Loopback$n" "ip address 192.168.$n.1 255.255.255.0" ] } } int_config 3 23.

4 ways to an arguments to procedure.

by value Proc sum {a b} { Set num [expr $a + $b] Puts “The sum is: $num” } Sum 2 3 by name Array set months {1 Jan 2 Feb} Parray months Or Proc increase {initial_apy change} { Upvar $initial_pay x Foreach item [array names x] { Set x($item) [expr $x($item) + $change] } } Array set Pay {Ray Steve 50 Fred 200} Increase Pay 25 Parray Pay Defaults Proc myprocdefault {{}{}{}} { Puts “$a $b $c” } Myprocdefault Variable arguments Proc show {a args} { Puts $a foreach val $args {puts $val} } Show 1 2 3 24. What is the use of upvar? The upvar command links a local variable with another variable (usually global). Any change made to local variable will also change the global variable. The upvar command allows you to easily arrays and arguments into procedures. Syntax : upvar level $target_variable link_variable 25. What is the use of return command? The return command will return a value from procedure. Proc sum {a b} { return [expr $a + $b] } Set num [sum 2 3] Puts “The sum is: $num” 26. Different ways of global variable identification set var 3 proc glob {} { global var puts "the value of variable is $var" } glob or Declaring global variable using double colon (::) Proc proc01 {} { Puts “The value of var1 is: $::var1” } 27.Example for call a procedure by name and value. proc Hours {weekly daily} { upvar $weekly x foreach item [array names x] { set x($item) [expr $x($item) + $daily] }

} array set Timecard {Tom 20 Sue 24 Mike 18} puts "This is the array before the procedure:" parray Timecard set res [Hours Timecard 8] puts $res

28. Create a procedure that will accept one argument and variable arguments proc variable {a args} { puts $a foreach val $args { puts $val } } variable 1 2 3 4 5 Output: 1 2 3 4 5 29. What is exec command used for ? Exec command is used to execute programs external to TCL. % cd "C:/Program Files (x86)/Windows Media Player" % exec wmplayer.exe test.wmv 30. What are special variables in TCL Argc : number of command line arguments Argv0: name of the script Argv: list of command line arguments Env : env array is an array of environmental variables. 31. Use of source command? Source command loads in a Tcl file and will execute the commands contained within the file. 32. Use of package command? Package is similar to libraries except that they require explicit loading. 33. Use of package require command? Package require command organizes sets of procedures under a single name, and lets you request packages by name and revision number. 34. What are the possible package require problem? Say package A and package B both define procedure name sum. If these two packages are loaded and each contains same proc name, then the last package loaded will define the procedure, even it is different from the first procedure. Solution: namespaces will help alleviate this problem 35. What is namespace? A namespace is a encapsulated collection of commands and variables to ensure that they won’t interfere with the commands and variables of other namespaces. A namespace is similar to a local variable within a proc. Tcl has always had one such collection, which we refer as the global namespace. Tcl s many object-oriented programming constructs, including namespaces. A namespace is a collection of commands and variables. Namespaces are very useful for avoiding name collisions. In addition, most Tcl packages create their own namespace to store their procedures and variables. 36. Name space example. namespace eval test { proc sum {a b} { set num [expr $a + $b] puts “The sum is: $num” } } You can easily call a procedure within a namespace from another namespace by using the double colons (::) test::sum 2 3 namespace eval sample { proc sum {m n} { set res [expr $m + $n] return $res } } puts [sample::sum 2 5]

37. Use of catch command. Catch command is use to handle exceptions within a script. Catch command will gather an error condition and return the results rather than aborting the script. % catch {unset var} result 1 % puts $result can't unset "var": no such variable % 38. an array to proc proc a1 {a2} { upvar $a2 x foreach index [array names x] { puts "x($index) = $x($index)" } } array set a {0 10 1 20 2 30} a1 a 39. Regexp to match email-id Regex: [a-z0-9_-]+(\.[a-z0-9_-]+)*@[a-z0-9_-]+(\.[a-z0-9_-]+)+ Matches: [email protected] [email protected] [email protected] [email protected] Doesn't Match: @foo.com [email protected] [email protected] www.myemail.com 40. Match the preceding "e" exactly twice. Regex: be{2}t Matches: beet Doesn't Match: bet beat eee 41. Converting Between Binary and Decimal proc dec2bin {string} { binary scan [binary format I $string] B32 str return [string trimleft $str 0] } dec2bin 54 # => 110110 proc bin2dec {string} { set string [format %032s $string] binary scan [binary format B32 $string] I str return $str } bin2dec 110110 # => 54 42. Sort the arrays % set numsorted [lsort -real [list 38 388.9 1.78 200 1e7]] 1.78 38 200 388.9 1e7 % set descending [lsort -decreasing -real [list 38 388.7 1.56 279 1e6]] 1e6 388.7 279 38 1.56 43. (hardware )?address matches either “hardware address” or “address” set add "hardware address" regexp -- {(hardware)?address} $add print puts $print This just print address 44. Write a script that searches the contents of a directory recursively for a pattern Find all the Tcl files in the current directory: glob *.tcl Find all the Tcl files in the 's home directory, irrespective of what the current directory is: glob -directory ~ *.tcl Find all subdirectories of the current directory: glob -type d * Find all files whose name contains an "a", a "b" or the sequence "cde":

glob -type f *{a,b,cde}* 45.How unset command works. Unset a variable, array element or entire array. unset a unset array(elf) unset array 46. How global, upvar and uplevel behaves in TCL? Variables are local to the procedure unless "global" or "upvar" command is used, see below. If the last argument is named args all the remaining arguments are stored in this list. This way a procedure can have variable number of arguments. global global variablename variablename2 ... Indicate that the variable with name variablename is in the global scope. upvar upvar $name1 a $name2 b ... Indicate the that procedure can change data in the callers scope for argument name1 using the name a and name2 using name b, etc. Use with care! upvar $name a set a 1 uplevel Similar to the upvar command but used to evaluate commands in the scope of the calling procedure. Use with care! uplevel incr x Increments the variable x in the calling procedure. Uplevel : Execute a script in a differ ent stack frame. uple vel uplevel [level ] arg... Concatenate arguments and evaluate them in the stack frame context indicated by level, wher e level is either a number indicating the number of levels up the stack relative to the current level or a number preceded by “#”, indicating an absolute level. The default level is 1. 47. List

What will be the format of output of split command in TCL?

48. How to parse a list and return the index of the match? lsearch 49. tcl script to extract the nos of warning and errors? input: xx : Severity: Warning Occurrence: 2 yy :Severity: Error Occurrence: 2 ZZ:Severity: Error Occurrence: 4 at the end I want to have Warnings =2 Error =6 program: # input file set fname "tcl16.txt" set input_file [open $fname "r"] # define variables set nr_warns 0 set nr_errs 0 while { [gets $input_file line] != -1 } { # try to extract Warning Occurrence set result [regexp {[Ww]arning\s+.*:\s*([0-9]+)}\ $line match num] if {$result} { set nr_warns [expr $nr_warns + $num] } # try to extract extract Error Occurrence set result [regexp {[Ee]rror\s+.*:\s*([0-9]+)}\ $line match num] if {$result} { set nr_errs [expr $nr_errs + $num] } } # print results puts "Number of Warnings: $nr_warns" puts "Number of Errors : $nr_errs" # close input file close $input_file

50. Find duplicate files from different directories? set searcrhResults { dir1/dir2/dir3/file1.tcl dir1/dir3/file1.tcl dir1/dir2/file1.tcl dir1/dir2/dir3/file2.tcl dir1/dir2/dir3/file3.tcl dir1/dir3/file2.tcl dir1/file3.tcl dir1/file4.tcl } foreach file $searcrhResults { if {[catch {incr filenames([file tail $file],cnt)}]} {set filenames([file tail $file],cnt) 1} lappend filenames([file tail $file],paths) [file dirname $file] } 51. regexp to match below pattern? set mystring "------ some string ---------" set result [regexp {(-+)\s*([^-]*)\s*(-+)} $mystring match first middle rest] or regexp -- {(^[-]+)([a-z]+\s[a-z]+)([-]+$)} $pattern newstring first middle end puts $newstring puts $first puts $middle puts $en 52. proc

how to return an array ? get_mroute_active { &multicast } { upvar ${&multicast} MULTICAST ; set group -1 ; set src -1 ; set mcast_group_source_id -1 ; set MULTICAST($mcast_group_source_id,id) $mcast_group_source_id ; set MULTICAST($mcast_group_source_id,mcast_group) $group ; set MULTICAST($mcast_group_source_id,mcast_source) $src ;

puts [array size MULTICAST] ; parray MULTICAST ; } array set

multicast { } ;

get_mroute_active multicast puts [array size multicast] ; parray multicast ; 53. replace a number at the end of the line by empty string? set line "number 108, then something other and at end number 108" puts "\$line='$line'\n" set result [regexp {\d+$} $line match] puts "Matching Result=$result" if {$result} { puts "This was matched: '$match'" regsub {\d+$} $line "" line puts "result after substitution:\n\$line='$line'\n" } or set me [string range $me 0 [string last " " $me]] or set line "number 108, then something other and at end number 108" regsub {[0-9]+$} $line {} newline puts $newline 54. how to split string by blank lines? set a {dfsfhdslkj} set a [split $a ""] puts $a foreach val $a { puts "$val \n" } 55. program to count the repeat numbers in the file Input: January 4000 300 200 February 2000 100 0 March 4000 50 10 April 4000 120 300 May 1000 100 0 June 2000 0 0 July 400 1 1

August 4000 200 100 September 2000 100 200 October 0 0 0 Then the program will write to an output file with content January 4000 300 200 1 February 2000 100 0 1 March 4000 50 10 2 April 4000 120 300 3 May 1000 100 0 0 June 2000 0 0 2 July 400 1 1 0 August 4000 200 100 4 September 2000 100 200 3 October 0 0 0 0 Program: set fil [open "tpham1002002.txt"] while {! [eof $fil]} { set line [gets $fil] set col2 [lindex $line 1] if {$col2!=""} { if {[array get count $col2]==""} { set count($col2) 0 } incr count($col2) lappend line $count($col2) } puts $line } close $fil 56. Obtaining computer name using TCL? # list all evironment variables foreach key [lsort [array names env]] { puts "$key = $env($key)" } puts "***********************" # on Windows there is variable COMPUTERNAME set computer_name $env(COMPUTERNAME) puts "computername = '$computer_name'" # check if variable exists then print it set var_name {COMPUTERNAME} if {[info exists env($var_name)]} { set var_value $env($var_name) puts "variable $var_name found: '$var_value'" } else { puts "variable $var_name was not found !" } 57. TCL numeric two list comparision? set a [list 2 1 3] set b [list 3 1 2] set a1 [lsort $a] puts $a1 set b1 [lsort $b] puts $b1 if {[string equal -nocase [llength $a1] [llength $b1]] == 1} { puts "list are of equal length" if {$a1 == $b1} { puts "list are equal" } } else { puts "list are unequal" } 58. Find the biggest element from the list? % set numberlist {15 30 22 75 50 0x30A 150 110} 15 30 22 75 50 0x30A 150 110 % set numberlist [lsort -integer $numberlist] 15 22 30 50 75 110 150 0x30A % puts [lindex $numberlist end] 0x30A % 59. Different levels of procs in tcl Set x 5; set y 5

;# A second level proc - This will be called by one proc two {y} { upvar 1 $y z ;# tie the calling value to variable z upvar 2 x a ;# Tie variable x two levels up to a puts "two: Z: $z A: $a" ;# Output the values, just to confirm set z 1; ;# Set z, the ed variable to 1; set a 2; ;# Set x, two layers up to 2; } ;# A first level proc - This will be called by the global space code. proc one {y} { upvar $y z ;# This ties the calling value to variable z puts "one: Z: $z" ;# Output that value, to check it is 5 two z; ;# call proc two, which will change the value } one y; puts "\nX: $x Y: $y"

;# Call one, and output X and Y after the call.

Out: one: Z: 5 two: Z: 5 A: 5 X: 2 Y: 1 60. How to check whether a path is relative or absolute set fullpath "/usr/home/clif/TCL_STUFF/TclTutor/Lsn.17" set relativepath "CVS/Entries" set directorypath "/usr/bin/" set paths [list $fullpath $relativepath $directorypath] foreach path $paths { set first [string first "/" $path]; set last [string last "/" $path]; ;# Report whether path is absolute or relative if {$first != 0} { puts "$path is a relative path" } else { puts "$path is an absolute path" } } 61. Some regexp and regsub scenarios set str2 "abc^def" regexp "\[^a-f]*def" $str2 match puts "using \[^a-f] the match is: $match" regexp "\[a-f^]*def" $str2 match puts "using \[a-f^] the match is: $match" regsub {\^} $str2 " is followed by: " str3 puts "$str2 with the ^ substituted is: \"$str3\"" regsub "(\[a-f]+)\\^(\[a-f]+)" $str2 "\\2 follows \\1" str3 puts "$str2 is converted to \"$str3\"" 62. What are the two commadns that provide information about the contents of directories and files? There are two commands that provide information about the contents of directories and the files within those directories. These two commands are glob and file. Glob provides the access to the names of files in a directory. It is similar to the ls shell command. File provides three sets of functionality in a platform independant manner: 1.access to file status. 2.access to the file system. 3.tools for manipulating filenames. 63. What are errorInfo and errorCode? errorInfo errorInfo is a global variable that contains the error information from commands that have failed. errorCode errorCode is a global variable that contains the error code from command that failed. 64. Regsub example regsub -all {,} "a,b,c,d,e" ":" res puts $res ;# prints "a:b:c:d:e" 65. Example for arrays as parameter proc print12 {array} { upvar $array a puts "$a(1), $a(2)"

} set array(1) "A" set array(2) "B" print12 array 66. File reading example ## all problems found by 'open' throw exceptions: if {[catch {set read_fh [open "input.txt" "r"]} errmsg]} { error "ERROR: $errmsg" } ## read the file line-by-line: while {[gets $read_fh this_line] != -1} { ... } ## or read the entire file into one string: set file_contents [read $read_fh] ## or read the next N bytes into a string: set next_block [read $read_fh 1024] close $read_fh 67. File writing example ## all problems found by 'open' throw exceptions: if {[catch {set write_fh [open "output.txt" "w"]} errmsg]} { error "ERROR: $errmsg" } puts $write_fh "blah blah blah" ## need a catch on close, because that's where most errors happen: if {[catch { close $write_fh } errmsg]} { error "ERROR: $errmsg" } 68. To check whether file is dir or file file isdirectory file isdirectory <path> Returns whether or not the given path is a directory. if {![file isdirectory "indir"]} { ... } file isfile file isfile <path> Returns whether or not the given path is a regular file. if {[file isfile "maybe_a_link.txt"]} { ... } 69. What will this script output when it is evaluated set x 1 while {$x < 10} { puts "X: $x" set y [expr $x + 1] } A) an infinite number of "X: 1" lines. = B) lines from "X: 1" to "X: 9" C) lines from "X: 1" to "X: 10" 70. The upvar command will A) Map a variable from the calling scope into the local procedure scope.= B) Map a variable from the local scope into the calling scope. C) Copy the value of a variable from the calling scope to the local scope. upvar [level ] otherVar myVar... Make local variable myVar become an alias for variable otherVar in the stack frame indicated by level, where level is either a number indicating the number of levels up the stack relative to the current level or a number preceded by “#”, indicating an absolute level. The default level is 1. Tcl’s upvar command is another answer to coding indirect variable refer ences. Upvar allows one to refer ence a variable or array by some other name. Using a first argument of 0 allows variables in the current scope to be accessed. Upvar is also used when ing arrays to procedures, in which the default procedure scope frame (1) is used: proc calc_pop_density {state_array_name} {

71. The "global" command A) maps a variable from the global scope into the procedure scope and gives it a unique name. B) maps a variable from the global scope into the procedure scope retaining the original name.= C) makes a global-scope variable automatically map into all procedures. 72. What will be the value of i after this code is evaluated: proc inc {nm} { upvar $nm x incr x } set i 2 inc i A) 4 B) 3= C) 2 73.What will be the value of i after this code is evaluated: proc inc {nm} { incr nm } set i 2 inc $i A) 3 B) 2= C) 4 74. Regexp and glob difference To match any number of characters glob * regexp .* To match single character glob ? regexp . Find all the Tcl files in the current directory: glob *.tcl 75. Which test would assign "choose correctly" to variable c? set str "better tests choose correctly" regexp $test $str a b c set test {(b[^c]*)(c.*)} 76. If you use a quoted string, instead of a curly-braced string as a test with regexp. What care you should take? you must backslash escape square braces 77. What will be the contents of "path" after this line of code is evaluated. % set path [file split "C:/Program Files/Tcl/bin/tclsh"] C:/ {Program Files} Tcl bin tclsh 78. What will the contents of "folder" be after this script is evaluated % set folder [file normalize "/tmp/../etc/wd"] G:/etc/wd 79. Why packages are created Whenever an application needs a library of related functions. 80. How many procedure a package can include. A package can include only one procedure. 81.Use of subst. It is used to perform multiple es of substitution before evaluating a command. Example is shown below. array set french {I Je speak parlez French Francais} set language french foreach word {I speak French} { if {[info exists ${language}($word)]} { puts -nonewline "[subst $${language}($word)] " } else { puts -nonewline "$word " } } Output: Je parlez Francais or subst - Perform backslash, command, and variable substitutions When it performs its substitutions, subst does not give any special treatment to double quotes or curly braces (except within command substitutions) set a 44 puts [subst {xyz {$a}}]

Output: xyz {44} 82.Program for Ping. foreach address { 1.1.1.1 2.2.2.2 3.3.3.3 4.4.4.4 5.5.5.5 6.6.6.6 } { puts [ exec "ping $address" ] } 83.What is difference between lappend and concat? The difference is in the output . set list1 {1 2 3} puts $list1 set list2 {a b c} puts $list2 set new [lappend list1 $list2] puts $new set lengthlist [llength $new] puts $lengthlist #output 123 abc 1 2 3 {a b c} 4 set list1 {1 2 3} puts $list1 set list2 {a b c} puts $list2 set b [concat $list1 $list2] puts $b set concatlength [llength $b] puts $concatlength #output 123 abc 123abc 6 84. Regexp to find and print a duplicate word in a string set line "hello sir how r u. Good to see u sir" regexp -all {\S+} $line new puts $new Within the RE, \S+ means a non-empty sequence of non-whitespace characters and \s+ means a non-empty sequence of whitespace.

85. Eval example set a b set c a eval puts $$c 86.

Write a script to display the version of Tcl you are using

puts [info tclversion] puts [info patchlevel]

87. Write code fragments to store, retrieve, and display your first, middle, and last name using a single string variable, a single list variable, a single array variable, and a single keyed list variable set name "nawraj lekhak" puts $name set name [list nawraj lekhak] puts $name puts [lindex $name 0]

puts [lindex $name 1] array set arrname {nawraj lekhak} puts "==[array get arrname]" puts "[array names arrname]--" puts $arrname(nawraj)

88.

Write five integers into a file called “myfile,” then close the file.

set fd [open "myfile.txt" w+] set data "1 2 3 4 5" puts $fd $data close $fd

89.

Read the contents of “myfile” from exercise 1. Calculate and display the sum of the integers.

set fd1 [open myfile.txt r] set sum 0 foreach num [read $fd1] { set sum [expr $sum + $num] } puts $sum

Exercise 1 # open a file for writing if {[catch {set fd [open myfile w]} errmsg]} { error "Unable to open file 'myfile' for writing\n$errmsg" } # write 5 integers into the file puts $fd "5 10 15 20 25" # close the file close $fd Exercise 2 #open the file ‘myfile’ for reading if {[catch {set fd [open myfile]} errmsg]} { error "Unable to open file 'myfile' for reading\n$errmsg" } # read the contents of the file ‘myfile’ into a variable called ‘nums’ # then calculate and display the total of the integers while {[gets $fd nums] != -1} { set sum 0 foreach num $nums { set sum [expr $num + $sum] } } puts "The sum is $sum” # close the file close $fd Exercise 3 #open the file for reading if {[catch {set fd [open myfile]} errmsg]} { error "Unable to open file 'myfile' for reading\n$errmsg" } # read the contents of the file into a variable called 'nums' while {[gets $fd nums] != -1} { set sum 0 foreach num $nums { puts [format "%20d" $num] set sum [expr $num + $sum] } } puts [format "\nTotal: %13d" $sum]

90.

How to return status from script?

package require Tclx proc sum {a b} { keylset retList status 0 set res [expr $a + $b] if {$res > 5} { puts keylset retList status 1

} else { keylset retList status 0 puts fail keylset retList log $res } return $retList } set out [sum 1 2] puts $out

91.

Get two numbers from input and do the sum.

C:\s\NLekhak>tclsh puts “Enter the number” flush stdout % set n1 [gets stdin] % set n2 [gets stdin] % set n3 [expr $n1 + $n2] % flush stdout 92. Print below format * ** *** **** set out "" set i 1 set pattern * while {$i < 5} { append out "$pattern " puts $out incr i } Or set lst {* * * * * * *} set i 0 foreach val $lst { puts "[lrepeat [incr i] $val]" } 93.Write a Program to print half pyramid as using numbers as shown in figure below. 1 1 1 1 1

2 23 234 2345

set out "" set i 1 set pattern 0 while {$i < 6} { append out "[incr $pattern] " puts $out incr i } 94.

Write a C Program to print triangle of characters as below

A BB CCC DDDD set lst {A B C D E} set i 0 foreach val $lst { set out [lrepeat [incr i] $val] puts "$out "

}

95. Write a C Program to print inverted half pyramid using * as shown below * * * * *

**** *** ** *

set a * set i 5 for {set i 5} {$i > 0} {incr i -1} { puts [lrepeat $i $a] } 95. Write a C Program to print inverted half pyramid as using numbers as shown below. 1234 123 12 1 set lst {1 2 3 4 5} set len [llength $lst] set i 0 while {$len > 0} { set out [lrange $lst $i [expr $len - 1]] puts $out incr len -1 } 97.

Write a C program to print pyramid using * from middle.

98.

Write a C program to print the pyramid of digits in pattern as below.

http://www.programiz.com/c-programming/examples/pyramid-pattern

99.

A program that computes sum from 1 to n

proc sumto {n} { set sum 0 for {set i 0} {$i <= $n} {incr i} { set sum [expr $i + $sum] } return $sum } set out [sumto 5] puts $out 100 . Check whether input char is vowel or notputs "Enter a character\n" set ch [gets stdin] if {$ch == "a" || $ch == "A" || $ch == "e" || $ch == "E" || $ch == "i" || $ch == "I" || $ch == "o" || $ch == "O" || $ch == "u" || $ch == "U"} { puts "character is vowel" } else { puts "Input charcater is not vowel" }

100. TCL program to check a leap year puts "Enter a year\n" set yr [gets stdin] if {$yr%400 == 0} { puts "Input year is leap year\n" } elseif {$yr%100 == 0} { puts "Input year is leap year\n" } elseif {$yr%4 == 0} {

puts "Input year is leap year\n" } else { puts "Input year is not leap year\n" } 101.TCL program to find LCM and HCF 102.TCL program to print diamond pattern

103.TCL program to find Armstrong number A number is armstrong if the sum of cubes of individual digits of a number is equal to the number itself. For example 371 is an armstrong number as 33 + 73 + 13 = 371. Some other armstrong numbers are: 0, 1, 153, 370, 407. set set set set set

str 153 len [string length $str] num1 [string index $str 0] num2 [string index $str 1] num3 [string index $str 2]

if {[expr ($num1*$num1*$num1) + ($num2*$num2*$num2) + ($num3*$num3*$num3)] == "$str"} { puts "str is a armstrong number" } else { puts "given string is not an armstrong number" } Or set set set set set

str 150 len [string length $str] num1 [string index $str 0] num2 [string index $str 1] num3 [string index $str 2]

if {[expr (pow($num1,3)) + (pow($num2,3)) + (pow($num3,3))] == "$str"} { puts "str is a armstrong number" } else { puts "given string is not an armstrong number" } 104.Print Floyd triangle 1 23 456 7 8 9 10 It's clear that in Floyd's triangle nth row contains n numbers. 105.Print pascal triangle Number of rows of Pascal triangle to print is entered by the . First four rows of Pascal triangle are shown below :1 11 121 1331 106.TCL program to find maximum and minimum element in array array set arr1 { 12 322343 0 -1 9 10} set lst [array get arr1] set lst [lsort -integer $lst] puts $lst set len [llength $lst] set max [lindex $lst [expr $len -1]] puts $max set min [lindex $lst 0] puts $min 107.TCL program to add two matrix This c program add two matrices i.e. compute the sum of two matrices and then print it. Firstly will be asked to enter the order of matrix ( number of rows and columns ) and then two matrices. For example if the entered order as 2, 2 i.e. two rows and two columns and matrices as First Matrix :12 34 Second matrix :45 -1 5 then output of the program ( sum of First and Second matrix ) will be

57 29

108.set 0 0 puts $0 109. Write a loop that will calculate sum of every third digit beginning with 2 set sum 0 set i 2 while {$i <= 10} { set sum [expr $sum + $i] incr i 3 } puts $sum 110. How can in invoke another program from within a TCL program ? exec 111. Program to check whether input number is odd or even? puts -nonewline "Enter a number:" flush stdout set str [gets stdin] puts [expr {$str%2}?("ODD NUMBER"):("EVEN NUMBER")] 112. Difference of local and global variable. set x 100 proc fun {} { global x puts "inside fun $x" } proc fun1 {} { set x 500 puts "inside fun1 $x" } fun fun1 113. To read entire file. set fd [open "myfile.txt" r] while {![eof $fd]} { gets $fd data puts $data } close $fd 114. regexp for date puts -nonewline "Enter your date (dd/mm/yyyy):" flush stdout set date [gets stdin] regexp {((^[0-2][0-9]|[0-3][0-1])/(0[0-9]|1[0-2])/(20[0-9][0-9]))} $date match puts $match 115. uplevel example proc do {varname first last body} { upvar $varname v for {set v $first} {$v <= $last} {incr v} { uplevel $body } } set lst {} do i 1 5 { lappend lst [expr {$i*$i}] } puts $lst 116. Write a command to create two directories pp1 and pp2 under the current dir Mkdir –p /pp1/pp2 117. Who performs the job of command interpretor? Shell

118. What is core of OS? Kernel 119. What is command to link two directories dir1 and dir2 ln –s dir1 dir3 120. Give the command to append the contents of a file named thisfile Cat >> thisfile 121. Give the command to remove a file named file2 interactively rm –i 122. Give the command to find all files having .txt extension from the root directory Find / -name “.txt” –print 123. Print below pattern. 0 01 012 0123 01234 012345 set i 0 set out "" while {$i <= 5} { append out "$i " puts $out incr i }

123. Print below pattern 01234 0123 012 01 0 set lst {0 1 2 3 4 5} set len [llength $lst] set i 0 while {$len > 0} { set out [lrange $lst $i [expr $len -1]] puts $out incr len -1 } 124. Print below pattern 543210 54321 5432 543 54 5 set lst {5 4 3 2 1 0} set len [llength $lst] set i 0 while {$len > 0} { set out [lrange $lst $i [expr $len -1]] puts $out incr len -1 } 125. print below pattern 0 01 012 0123 01234 012345 01234 0123 012 01 0

set i 0 set out "" while {$i <= 5} { append out "$i " puts $out incr i } set len [llength $out] while {$len >= 0} { set out [lrange $out 0 [expr $len -2]] incr len -1 puts $out } 126. best regexp to match ip address set ip "192.168.2.254" regexp {(^[0-9]+).([0-9]+).([0-9]+).([0-9]+)} $ip match a b c d puts $match; puts $a; puts $b; puts $c; puts $d if {$a <= 255 && $b <= 255 && $c <= 255 && $d <= 255} { puts "Input ip is valid" } else { puts "Input ip is not valid address" }