Sep 6, 2010 CCIE renew
actualtest, 10-04-07
Q1: understand MPLS forwarding-table in details.
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 18 1.0.0.6/32 0 AT1/0.1 point2point
---------------------
Local tag: assigned by this router.
outgoing tag: assigned by next hop
====================
Q2: understand "show mpls ldp binding x.x.x.x".
R1#show mpls ldp bindings
tib entry: 10.10.10.101/32, rev 4
local binding: tag: imp-null ===> implicit null
remote binding: tsr: 10.10.10.102:0, tag: 16
From: MPLS conf on Cisco IOS, /Chap 1: PHP/, /Chap2:Frame mode config/
The downstream Edge LSR distributes an implicit-null (POP) label to the upstream router, which signals it to pop the top label in the label stack and forward the resulting labeled or IP packet
====================
Q3: OSPF LSA in traffic engineering.
The data plane ingress (headend) router in the MPLS domain requires information pertaining to the resource availability on all links capable of being a part of the MPLS TE tunnel. This information is provided by IGPs like OSPF and IS-IS due to the inherent operation of flooding information about links to all routers in the IGP domain. In IS-IS, a new TLV (type 22) has been developed to transmit information pertaining to resource availability and link status in the LS-PDUs. In OSPF, the type 10 LSA provides resource and links status information. When this information is flooded in IGP updates, the ingress (headend) router gathers information on all the available resources in the network along with the topology, which defines tunnels through the network between a set of MPLS-enabled routers.
From: MPLS conf on Cisco IOS. /chap9: MPLS TE theory/
LSA Type 10
====================================
Q4: Transit AS:
Traffic and prefix originating from source AS are carried to its destinating AS.
===================================
Q5: in which state can BGP peer exchange update message? Established.
==================================
Q6: MPLS TE FR and BFD.
FR: fast reroute.
BFD: Bidirectional Forwarding Detection (BFD) protocol
=================================
Q7: Successor: 继承人.
feasibility condition: The DUAL finite state machine embodies the decision process for all route computations. It tracks all routes advertised by all neighbors. DUAL uses the distance information (known as a metric) to select efficient, loop-free paths. DUAL selects routes to be inserted into a routing table based on a calculation of the feasibility condition. A successor is a neighboring router used for packet forwarding that has a least-cost path to a destination that is guaranteed not to be part of a routing loop. When there are no feasible successors but there are neighbors advertising the destination, a recomputation must occur. This is the process whereby a new successor is determined. The amount of time required to recompute the route affects the convergence time. Recomputation is processor intensive; it is advantageous to avoid unneeded recomputation. When a topology change occurs, DUAL tests for feasible successors. If there are feasible successors, it uses any it finds to avoid unnecessary recomputation.
Diffusing Update Algorithm (DUAL)
http://www.cisco.com/en/US/docs/routers/xr12000/software/xr12k_r4.0/routing/configuration/guide/rc40xr12k_chapter2.html
===========
Q8: Process in IOS XR on route processor.
gsp: Gigabit Switch Platform
wdsysmon: Cisco IOS Software Modularity: System monitor event
=========
Q9: APS : automatic protection switching.
=========
Q10: IS-IS DIS election process.
a, The DIS election is pre-emptive (unlike with OSPF). If a new router boots on the LAN with a higher interface priority, it becomes the DIS, purges the old pseudonode LSP, and a new set of LSPs will be flooded.
b, On broadcast multiaccess media (LAN), a Designated Intermediate System (DIS) is elected and will conduct the flooding over the media. The DIS is analogous to the designated router in Open Shortest Path First (OSPF) Protocol, even though the details including election process and adjacencies within a multiaccess media differ significantly.The DIS is elected by priority. The highest priority becomes the DIS. This is configurable on an interface basis. In the case of a tie, the router with the highest SNPA (MAC) address will become the DIS.
c, •Priority—Higher is better. Used in DIS election (in LAN hello PDUs, there is no DR (Designated Router) election on a point-to-point link).
http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a00800a3e6f.shtml
===================
Q11 Netflow:
http://support.caligare.com/kb/entry/56/
By default, i think netflow only record ingress traffic.
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6555/ps6601/prod_white_paper0900aecd80406232.html
Cisco IOS NetFlow fulfills those needs, creating an environment where administrators have the tools to understand who, what, when, where, and how network traffic is flowing
=======================
Q12. config mode for MVPN's mdt?
http://www.cisco.com/en/US/tech/tk828/tech_digest09186a00801a64a3.html#wp39302
under vrf.
======================
Q13. VPLS sigalling
VPLS Signaling
Chapter 2, "Pseudowire Emulation Framework and Standards," explained two MPLS pseudowire emulation frameworks, known as draft-martini and draft-kompella, in the context of point-to-point Layer 2 VPN architectures. Each architecture defines a signaling protocol to establish and manage pseudowires. Just as the networking community debates which signal protocol is superior in the point-to-point Layer 2 VPN architectures, a similar debate arose when VPLS debuted as a multipoint Layer 2 VPN architecture. The two competing proposals that were made to the networking community are based on the same ideas as in draft-martini and draft-kompella, where one is based on Label Distribution Protocol (LDP) and the other is based on Border Gateway Protocol (BGP). Despite being applied to a new architecture like VPLS, the fundamental property of each protocol still remains.
The LDP-based VPLS solution, like its point-to-point counterpart, receives much wider acceptance in terms of vendor implementation and network deployment. The VPLS solution that Cisco IOS offered is an LDP-based solution.
To comprehend the details of the BGP-based VPLS solution, refer to the relevant documents of the Layer 2 VPN working group at the IETF web site (http://www.ietf.org). This chapter focuses on the LDP-based VPLS solution and its deployment scenarios. Note that both solutions have the same data forwarding specifications despite the difference in signaling.
The procedure of setting up pseudowires for VPLS is quite similar to that for point-to-point Ethernet over MPLS (EoMPLS). First, a targeted LDP session is created between each pair of PE routers that participate in a given VPLS domain. In a full-mesh deployment model, N * (N 1) / 2 LDP sessions need to be established, where N is the number of PE routers participating in VPLS. These LDP sessions can be shared among different VPLS domains. In other words, you can use a single LDP session between a pair of PE routers to establish pseudowires for all VPLS domains that are provisioned on the PE routers.
After LDP sessions are established among participating PE routers, the next step is to create pseudowires to interconnect the virtual switches. Again, in a full-mesh deployment model, each VPLS domain requires N * (N 1) / 2 pseudowires throughout the network, where N is the number of virtual switches.
=============================
Q14: What IOS feature are used to avoid routing loops when dynamic routing are used between PE and CE?
SOO and ACL.
=============================
Q15: which statements regarding MPLS label stack encoding r true?
There are several reserved label values:
i. A value of 0 represents the "IPv4 Explicit NULL Label".
This label value is only legal at the bottom of the label
stack. It indicates that the label stack must be popped,
and the forwarding of the packet must then be based on the
IPv4 header.
ii. A value of 1 represents the "Router Alert Label". This
label value is legal anywhere in the label stack except at
the bottom. When a received packet contains this label
value at the top of the label stack, it is delivered to a
local software module for processing. The actual
forwarding of the packet is determined by the label
beneath it in the stack. However, if the packet is
forwarded further, the Router Alert Label should be pushed
back onto the label stack before forwarding. The use of
this label is analogous to the use of the "Router Alert
Option" in IP packets [5]. Since this label cannot occur
at the bottom of the stack, it is not associated with a
particular network layer protocol.
iii. A value of 2 represents the "IPv6 Explicit NULL Label".
This label value is only legal at the bottom of the label
stack. It indicates that the label stack must be popped,
and the forwarding of the packet must then be based on the
IPv6 header.
iv. A value of 3 represents the "Implicit NULL Label". This
is a label that an LSR may assign and distribute, but
which never actually appears in the encapsulation. When
an LSR would otherwise replace the label at the top of the
stack with a new label, but the new label is "Implicit
NULL", the LSR will pop the stack instead of doing the
replacement. Although this value may never appear in the
encapsulation, it needs to be specified in the Label
Distribution Protocol, so a value is reserved.
v. Values 4-15 are reserved.
http://www.ietf.org/rfc/rfc3032.txt
===========================
Q16: urpf can work in the following mode:
Introduction
Network administrators can use Unicast Reverse Path Forwarding (Unicast RPF) to help limit the malicious traffic on an enterprise network. This security feature works by enabling a router to verify the reachability of the source address in packets being forwarded. This capability can limit the appearance of spoofed addresses on a network. If the source IP address is not valid, the packet is discarded. Unicast RPF works in one of three different modes: strict mode, loose mode, or VRF mode. Note that not all network devices support all three modes of operation. Unicast RPF in VRF mode will not be covered in this document.
http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html
===============================
Q17: which command will display the label binding for prefix x.x.x.x on the router.
sh tag-switch tdp binding x.x.x.x/24
===============================
Q18: what can be concluded from the output of show ip cache flow?
===============================
Q19: Identify the AVP that must be present in L2TPv3 ICRQ message.
The following AVPs MUST be present in the ICRQ:
AVP: attribute value pair.
Message Type
Local Session ID
Remote Session ID
Serial Number
Pseudowire Type
Remote End ID
Circuit Status
The following AVPs MAY be present in the ICRQ:
Random Vector
Message Digest
Assigned Cookie
Session Tie Breaker
L2-Specific Sublayer
Data Sequencing
Tx Connect Speed
Rx Connect Speed
Physical Channel ID
http://www.rfc-ref.org/RFC-TEXTS/3931/chapter6.html#d4e459952
==============================
Q20: Best common practices 38 (BCP) /RFC 2827.
what r ingress packet filter principle?
http://tools.ietf.org/html/rfc2827
a, as close to the edge as possible/b, as precisely as possible/c, filter both src and dst where possible.
==============================
Q21: QinQ
===============================
Q22: layer 2 protocol used by POS offers a standarized way for mapping ip packets into SONET/SDH payload. select the correct sequence.
1,data segmented into ip/2,ppp encap, add framing informantion/3,gap flap (7E)/4,7D/ 5,data is scrambled and SDH frame
============================
Q23: IPv6 FE80, link-local
=============================
Q24: MQC: modular QoS CLI.
which MQC-based output queueing method support multiple traffic classes.
LLC.
============================
Q25: show ip ospf external ==> LSA type 5.
============================
Q26: BCP38/RFC2827 would help mitigate what classsification of attack?
A: spoofing attack
===========================
Q27: DSCP 101110 looks like which IP frecedence ?
http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0/qos/configuration/guide/qos_6dscp_val.html
101=5=critical.
=============================
Q28: what is used as label in cell-mode MPLS.
VPI and VCI.
========================
Q29: what is encapsulation mode for MPLS running on Ethernet.
Frame mode
======================
Q30: which of the following statement regarding SPD is correct?
drop non-routing packet first.
========================
Q31:which statement about LDP are valid?
http://en.wikipedia.org/wiki/Label_Distribution_Protocol
UDP port 646 for peer discover, TCP port 646 for session setup.
==========================
Q32: which bit should be set in link state PDU in ISIS level-1-2 router to indicate they are a potential exit point out of the area.
att bit
========================
Q33. Which of the following statement regarding CoPP is correct?
-a,CoPP leverage MQC to define the classsification and to specify the action.
-b,used dedicated cli via MQC to provide filtering and limiting capacibility.
-c,address the need to protect the management plant.
=========================
Q34: urpf loose mode:
mRPF and uRPF: (multicast and unicast) reverse path forwarding.
http://en.wikipedia.org/wiki/Reverse_path_forwarding
Strict mode
In strict mode each incoming packet is tested against the FIB and if the incoming interface is not the best reverse path the packet check will fail. By default failed packets are discarded.
[edit] Feasible mode
In Feasible mode, the FIB maintains alternate routes to a given ip address. If the incoming interface matches with any of the routes associated with the ip address, then the packet is forwarded. Otherwise the packet is dropped.
[edit] Loose mode
In loose mode each incoming packet's source address is tested against the FIB. The packet is dropped only if the source address is not reachable via any interface on that router.
Difference: any interface, best route or any interface (asymetrical route)
=============================
Q35. inter-VPN next hop for MP-iBGP update?
one hop away downstream.
===========================
Q36. what best describe the usage of route-target rewrite?
used in inter-AS MPLS-VPN deployment,
config at ASBR,
to avoide misconfig.
========================
Q37.ASBR-summary LSA.
Generated by ABR, Describe reachability to ASBR For router in different area.
=====================
Q38. OSPF external LSA exist in ospf database, but not installed in routing table. which are possible explanations?
a, inbound distribute list configured which deny that subnet
b, FA (forward address) is not in internal ospf route.
c, asbr origination lsa is not reachable.
=======================
Q39 with the DSCP value of 101110, what does the 11 in bit 1 and bit 2 mean?
Link: http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a00800949f2.shtml
Classes 1 to 4 are referred to as AF classes. The following table illustrates the DSCP coding for specifying the AF class with the probability. Bits DS5, DS4 and DS3 define the class; bits DS2 and DS1 specify the drop probability; bit DS0 is always zero.
===========================
Q40. identifies the difference of option 10A, as opposed to option 10C.
a, relative tech simplicity is offered.
b, asbr hold vpnv4 routes.
c, better suitability for interAS VPN..
==================================
Q41.which statements are true about RPF check in MSDP (multicast source discovery protocol)
a, it prevent message looping.
b, this check should be done against the route to RP.
=============
Q42. BGP confederation.
a, inside confederation, use BGP as number to establish the peer
b, outside confederation, use confederation ID to do it.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.shtml#bgpconfed
======================
Q43. etherchannel.
a, help aggregate traffic grouping multiple, full-duplex p2p link together.
b, can aggregate up to 800M, 8G and 80 G respectively.
====
Q44. ISIS and ipv6
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-is-is.html
====================
Q45. aggregate label in mpls.
remove top label in mpls label stack and does a layer 3 lookup on underlying IP
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/pfc3mpls.html
=======
Q46. which option described INCORRECT usage of LDP.
MP-BGP is used for MPLS Traffic engineering.
==========================
Q47. with 4 router in a chain, which 3 solutions are the most correct?
a,1,2 and 3 in one confederation and 2 is route-reflector
b, 1 and 2 are in one confederation sub AS and 3 and 4 in different one
c, 1 and 4 are route-reflector-client. 2 and 3 are the reflector.
====================
Q48. LMI extension. (Local management interface)
Frame Relay Local Management Interface
The Local Management Interface (LMI) is a set of enhancements to the basic Frame Relay specification. The LMI was developed in 1990 by Cisco Systems, StrataCom, Northern Telecom, and Digital Equipment Corporation. It offers a number of features (called extensions) for managing complex internetworks. Key Frame Relay LMI extensions include global addressing, virtual circuit status messages, and multicasting.
http://www.cisco.com/en/US/docs/internetworking/technology/handbook/Frame-Relay.html
================
Q49. what is the action of pop in the context of MPLS switching?
remove the top label
===================
Q50. which of the following command cause the syslog message to timestamped with date and time.
service timestamps log datetime
==================
Q51. what is the role of FEC in MPLS?
FEC determined how a group of IP are mapped to LSP.
================
Q52. Which of the following statement about MD5 is valid?
a, input routing update of arbitrary length and output an 128 bit hash.
b, multiple key is supported.
=========================
Q53. the different between VC type 4/5/
https://supportforums.cisco.com/thread/248863
VC Type 4 is used for Ethernet VLAN mode.
VC Type 5 is used for Ethernet Port mode.
In the Ethernet VLAN mode (VC-Type4), a VLAN header that has some meaning to
the PE routers is always present. In other words, the PE routers look at the VLAN header.
In Ethernet Port mode (VC-TPE 5), the VLAN header might or not be present on the frame.
if a VLAN header does exist, the PE router does not inspect it; rather, it carries the frame transparently.
Running EoMPLS in Ethernet Port mode allows a complete Ethernet trunk to be transported over
one pseudowire, for example if the customer wanna to carry all VLANs from one side to the other side within one VC, and this is happen in case if the customer CE Is ethernet switches.
=============
Q54. 3 BGP extended community in MPLS-VPN deployment.
route target, SOO, domain ID BGP extended community.
========================
Q55. Find out the correct comparison of CoPP with Recieve ACL.
a, CoPP (control plane policy) apply to control plane interface. RACL apply to all interface.
b, CoPP support rate limit. RACL does not.
======================
Q56. select the best answer which best describe PNNI in ATM network.
a, PNNI use Djisktra algo For SFP calculation.
b, PNNI is routing protocol for atm switch.
c, PNNI measure capacity and delay in additon to simple cost metrics.
====================
Q57. protocol used for path setup in MPLS traffic engineering.
RSVP.
==================
Q58.AFI and SAFI.
a, AFI carried ID of network layer protocol for which BGP speaker intend to advertise multiple path.
b, SAFI provide additional information carried in attribute.
===============
Q59. the steps to config destination-based remote trigger black hole filter. (RTBH)
a,active the black hole
b, config bgp between black hole and trigger
c, config edge router with static route to Null0.
===============
Q60. what best describe the usage of route-target rewrite?
USED in inter-AS deployment and CONFIGURED at ASBR to avoid misconfig.
===============
Q61. there is MPLS VPN traffic traversing through a TE tunnel. what is the label stack sequence
(from outer to inner).
TE label, IGP label and VPN label.
===========
Q62. which IOS feature can prevent ip spoofing attack?
uRPF.
============
Q63. what method would enable the traffic to be forward along TE tunnel.
1,autoroute 2, static route 3, policy routing 4, forwarding adjancy
==========
Q64.using more than one label on a packet is required in what context?
MPLS vpn.
==============
Q65.how many token buckets are needed to support multi-actions policer that meters conforming , exceeding and violationg traffic?
LINK
Token Bucket Algorithm with Two Token Buckets Example
If the violate-action option is specified when you configure a policy with the police command in Cisco IOS Release 12.1(5)T onward, the token bucket algorithm uses two token buckets. The following example uses the token bucket algorithm with two token buckets.
The following configuration shows users how to define a traffic class (using the class-map command) and associate the match criteria from the traffic class with the traffic policing configuration, which is configured in the service policy (using the policy-map command). The service-policy command is then used to attach this service policy to the interface.
In this particular example, traffic policing is configured with the average rate at 8000 bits per second, the normal burst size at 1000 bytes, and the excess burst size at 1000 bytes for all packets leaving Fast Ethernet interface 0/0.
Router(config)# class-map access-match
Router(config-cmap)# match access-group 1
Router(config-cmap)# exit
Router(config)# policy-map police-setting
Router(config-pmap)# class access-match
Router(config-pmap-c)# police 8000 1000 1000 conform-action transmit exceed-action
set-qos-transmit 1 violate-action drop
========================================
Q66. which of the following events can not be tuned via router config to faster convergence following a link failure.
Number of hops
===========
Q67. BGP sync rule.
BGP should not advertise the route until that route has been learned via IGP also.
===========
Q68. BGP best route selection process is based on what?
path attribute.
==============
Q69. which ATOm traffic encapsulation require the use of a control word.
aal5 and Frame relay.
==============
Q70. which statement is correct regarding PIM sparse mode?
receiver r joined to shared tree (rooted the rp)by their local DR.
============================
Q71. according to RFC 3931, l2tpv3 utilizes the IANA assigned ip protocol ID of ?
Link
4.1.1. L2TPv3 over IP
L2TPv3 over IP (both versions) utilizes the IANA-assigned IP protocol
ID 115.
==================================
Q72. As described in rfc 3270, short-pipe operation, PE to CE egress policy are based on ?
customer marking.
===================
Q73. with EIGRP DUAL, a feasible successor is considered loop-free if which condition is true.
AD is less than the successor's FD.
=========
Q74. SPD (selective packet drop) operate in the following mode:
LINK
SPD State Check
The IP process queue on the RP is divided into two parts: a general packet queue and a priority queue. Packets put in the general packet queue are subject to the SPD state check, and those that are put in the priority queue are not. Packets that qualify for the priority packet queue are high priority packets such as those of IP precedence 6 or 7 and should never be dropped. The non-qualifiers, however, can be dropped here depending on the length of the general packet queue depending on the SPD state. The general packet queue can be in three states and, as such, the low priority packets may be serviced differently:
*
NORMAL: queue size <= min
*
RANDOM DROP: min <= queue size <= max
*
FULL DROP: max <= queue size
In the NORMAL state, we never drop well-formed and malformed packets.
In the RANDOM DROP state, we randomly drop well-formed packets. If aggressive mode is configured, we drop all malformed packets; otherwise, we treat them as well-formed packets.
==================================
Q75. select 3 best answer describing operation and config of frame relay inverse ARP.
a, dynamic address mapping use frame relay inverse ARP to request the next-hop protocol address for a specific connection on its know DLCI.
b, inverse ARp is enabled by default.
c, response to Inverse ARP are entered in address-to-DLCI mapping table.
=================================
Q76. To bring on IPv6 enterprise, what is the best transition strategy for service provider?
deply ipv6 at the edges and tunnel Enterprise through the core.
==============================
Q77. anycast RP:
a, anycast RP provides redundancy and load-sharing.
b, routerwith anycast rp can be configured statically with the command: ip pim rp-add 1.1.1.1
c, in anycast RP, 2 or more routering are configured with same IP.
LINK
=============
Q78. which model alter code point in different Diff-Serve domain.?
uniform model.
================
Q79. In any transport over MPLS, where is the "control word" inserted?
inserted between the MPLS label stack and Layer 2 payload
================
Q80. in Multicast VPN, which statements are regarding the default MDT group?
a, there is reduced multicast state in MPLS core P router
b, It is used for PIM control traffic.
==============
Q81. router bgp 1
neighbor 1.1.1.1 remote-as 2
the above bgp command has what effect on the router?
A. allow incoming TCP connection from 1.1.1.1 that are destined to port 179.
===============
Q82. which IOS feature examine the packet received to make sure the source address is in the routing table.
C. Unicast RPF.
===================
Q83. what is jitter?
the variation of delay.
===================
Q84. the difference between LLQ and CBWFQ.
a, LLQ support the addition of strict priority queuing.
b, LLQ priority queue bw is policed with a congestion aware policer.
==============
Q85. in the context of GMPLS, LMP stands for
link management protocol
LINK
=============
Q86. which statement regarding LCP is true?
LCP, link control protocol, is used for basic PPP link setup and operation.
====================
Q87. what is periodically multicasted (every 10 seconds) by the DIS on a LAN to ensure ISIS link state database accuracy?
A, CSNP.
Complete sequence number PDUs (CSNPs) are sent by the designated router to maintain database synchronization. You can configure the IS-IS CSNP interval for the interface.
http://www.cisco.com/en/US/docs/ios/11_3/np1/configuration/guide/1cisis.html
=====================
Q88. in MPLS TE, which router is point of local reair?
MPLS Fast Reroute (also called MPLS local restoration or MPLS local protection) is a local restoration network resiliency mechanism. It is actually a feature of RSVP Traffic Engineering (RSVP-TE). In MPLS local protection each LSP passing through a facility [1] is protected by a backup path which originates at the node immediately upstream to that facility. [2] [3][4] [5] [6]
This node which redirects the traffic onto the preset backup path is called the Point of Local Repair (PLR), and the node where a backup LSP merges with the primary LSP is called Merge Point (MP)[2][3].
=====================================
Q89. a network admin want to detect a login attackagainst a router. what IOS command can make the attack recorded in syslog srv?
login on-failure log.
3550(config)#login on-fa
3550(config)#login on-failure ?
every Periodicity for logs/traps generated
log Generate syslogs on failure logins
trap Generate traps on failure logins
3550(config)#login on-failure
===================================
Q90. what statement best describe the BGP route-reflector?
it does not have to be in the forwarding path of data coming from the client.
=================================
Q91. the attribute field within ISIS header contains which of the following flags?
overload, Partion (P), IS-type, Attached (att)
=============================
Q92. which of the following process are likely to be found in microkernel?
process scheduling, host stack, memory management, lightweight messaging, hardware abstraction (all of them)
===========================
Q96. Pick the 4 valid ATM cell header fields:
HEC, GFC, CLP, VCI, not Frame relay's FECN and DE.
============================
Q97. what is the default PF throuttle timer in OSPF?
5
============================
Q98. regarding route-map.
a, set community no-export
b, route-map permit 10 /xxxxx; route-map permit 20
=======================
Q99. how would you charaterize the source and type in an DOS attack on a router?
set up an access list to permit all ICMP, tcp and udp traffic with the log. show accesslist and show log.
=======================
Q100. typical ADSL, adsl modem+ PC with usr/passwd. If using Cisco adsl router, that router need to support ?
A. PPPoE.
========================
Q101. The mechanisms for distributed LDP are:
A. LDP and RSVP
======================
Q102.what is the proper MP-BGP config to implement MPLS VPN on PE router?
A. address-family vpnv4
neighbor x.x.x.x activate
neighbor x.x.x.x send-community extended
exit-address-family
=======================
Q103. which BGP community option is used to prevent the advertisement of BGP prefix to any other BGP peer?
A. No-advertise
========================
Q104. which 2 statement are correct regarding to route distinguisher as defined in RFC 4364 (MPLS-VPN)?
A. config:
ip vrf xxx
rd 1:1
B. RD is an 8 byte value used in creating unique vpnv4 address
=======================
Q105. SONET's three layers are:
path, line and section
LINK
========================
Q106. HSRP config:
standby 1 priority 130 preempt
=======================
Q107. End-of-RIB message is send out in which of following BGP-related events?
a,during intial convergence
b, following a route processor switchover
=======================
Q108. In PIM-SM operations, the first router connected to multicast source send the register to which device?
a,RP
==========================
Q109. with VPLS, which protocol is used for label exchange and PW signalling?
dircted LDP
====================
Q110. which two are characters of ipv6 multicast address?
a, start with FF
b, second octet are scope filed
LINK
===================
Q111. which two options best describe the purpose of session ID and cookie in L2TPv3?
a, session ID is 32bit locally signicant field to identify the call
b, cookie is variable length, word align field.
================
Q112. packed cell relay encap with AToM includes which of following:
tunnel label, vc-label, 4 byte atm header and payload
================
Q113. what ISIS TLV are used in MPLS TE?
LINK
22 TE IIS Neighbors
Increases the maximum metric to three bytes (24 bits). Known as the Extended IS Reachability TLV, this TLV addresses a TLV 2 metric limitation. TLV 2 has a maximum metric of 63, but only six out of eight bits are used.
134 TE Router ID
This is the Multi-Protocol Label Switching (MPLS) traffic engineering router ID.
135 TE IP Reachability
Provides a 32 bit metric and adds a bit for the "up/down" resulting from the route-leaking of L2->L1. Known as the Extended IP Reachability TLV, this TLV addresses the issues with both TLV 128 and TLV 130.
=========================
Q134. what is the importance of using virtual output queues on ingress line card in high end router?
prevent head-of-line blocking
========================
Q135. select 2 answer that best describe IP event dampening feature:
a, works with routing protocol by stopping the announcement of dampened interface subnet
b, use exponential decay mechanism to suppress the effects of excessive interface flapping.
=======================
Q116. what IOS command display MPLS label mapping on LSR?
show mpls ldp bindings.
======================
Q117. what is used to provide read access to QoS conf and statistics information on Cisco Platform that support Modular QoS CLI?
Cisco class-based QoS MIB
=======================
Q118. choose 2 statement that are true about BGP.
a, an internal BGP network can have RR within confederation
b, cluster are used in RR schemes to avoid loops.
========================
Q119. If OSPF protocol is used to connect CE to PE router in VPN backbone, which 2 options best describe the use of sham link?
a, sham-link is sessn as intra-area link between PE, an OSPF adjacency is created and database is exchanged
b, sham-link is created between any 2 vpn sites that belong to the same ospf area and share an ospf backdoor link
==================
Q120. how do routers in an ISIS level-1 domain exit to reach other level-1 domains?
a, level-1 router use default routes intalled based on ATT bit in announcement from level-1-2 router
b, level-1 router use specific routes, for other level-1 domain, announced by l1/l2 by route-leaking feature of cisco IOS.
===================
Q121. ripv2 differ from ripv1 in that:
a, it support authentication
b, it uses mcast address 224.0.0.9, instead of broadcast.
c,it is classless , instead of classful
=====================
Q122. route-reflector question.
image not clear.
=====================
Q123. In which of the following BGP related events is an End-of-RIP message sent?
a,during initial convergence
b, following a route processor switchover
=======================
Q124. when provisioning for interactive video, which 3 statement depict the correct requirement?
a, jitter should be no more than 30ms
b, loss should be no more than 1 percent
b, one way latency should be no more than 150ms.
==========================
Q125. how would u caracterize the source and type in a DOS attack on a router?
a, by setting up an ACL to permit all icmp, tcp and udp traffic with log or log-input, then use show access-list adn show log to determine the type and source of attack
==========================
Q126. GMPLS is based upon
a, non-packet-based devices.
===========================
Q127 3 AVP must be present in ICRQ (incoming call request)
a, call serial number
b, message type
c, assigned session ID
=========================
Q128. which IOS command can detect whether the SQL slammer virus propagates in ur networks?
a, access-list 100 permit any any udp eq 1434 log.
LINK
=========================
Q129. what is true regarding AS?
a, AS number are assigned by IANA
b, AS is a collection of IP network and router
c, AS are used by BGP to exchange IP routing information with neighboring AS.
==========================
Q130. select the statement that best describe amplification pricinple in the internet domain.
as explained in RFC 3429
a, amplification is prevented if local changes have only a local effect as opposed to system in which local change have a global effect.
===========================
Q131. if 2 routers, both reachable from one another, originate functionally equivalent type 2 external-LSA, which of the following statemnets would apply?
A, only LSA generated by the highest RID ASBR will exist in the network.
=========================
Q132. when should traffic shaping be implemented on Frame Relay PVC?
a, when over-subscribing the centeral site link
b, when there is a speed mismatch between the central site and the remote site.
==========================================
Q133. what r the benefits of using TCAM tech in high-end routing products?
a, longer uptime
b, deterministic performance
CAM: content addressable memory.
CAM stands for Content Addressable Memory which is a special type of memory used by
Cisco switches, in the case of ordinary RAM the IOS uses a memory address to get the data
stored at this memory location, while with CAM the IOS does the inverse, it uses the data
and the CAM returns the address where the data is stored, also the CAM is considered to be
faster than the RAM since the CAM searches the entire memory in one operation
The problem with CAM is that it can only do exact matches on ones and zeros (binary
CAMs), and here TCAM (Ternary CAM) comes, since it can match a third state which is
any, this makes TCAM a very important component of Cisco layer 3 switches and modern
routers, since they can store their routing table in the TCAMs, allowing for very fast lookups,
which is considerably better than routing tables stored in ordinary RAM.
CAM and TCAM are the most important parts of the so called ASICs that Cisco switches
leverage for line-speed fast switching.
==================================
Q134. select 2 statement which are true:
LINK
Dynamic Packet Transport (DPT) technology, a Resilient Packet Ring (RPR)
a, DPT/RPR use a bi-directional ring consisting of 2 symmetric counter rotating fibre rings
b, in DPT/rpr rings, data packet can be sent in one direction (downstream) and the correspongding control packets in the opposite direction (upstream), thus using both fibres concurrently to maximise bandwidth.
======================================
Q135. what is the limitation of uRPF?
a, symmetrical routing is required.
======================================
Q136. which of the following is a correct arrangement of APS action requests in order of priority, with highest priority first?
Link
APS and Related Commands
Here are the APS triggers categorized hierarchically (from lowest priority to highest priority):
*
Manual switch request.
*
SD condition (Bit Error Rate (BER) exceeding the SD threshold).
*
SF condition (Loss of Frame (LOF), Loss of Signal (LOS), Alarm Indication Signal-Line(AIS-L), and a Line BER that exceeds 10-3/or user-provisionable).
*
Forced switch request.
====================================
Q137. in the context of MPLS traffic engineering, TE path calculatiion is conducted by
a, TE head end
===================================
Q138. route redistributed into an OSPF ASBR are which LSA type?
a, LSA type 5.
OSPF LSA Types
Type 1: Router link advertisements generated by each router for each area it belongs to. Flooded to a single area only (intra-area route). In a multiarea OSPF network, routes, originated within an area, are known by the routers in the same area as Intra-Area routes. These routes are flagged as O in the “show ip route” command output.
Type 2: Network link advertisements generated by designated routers describing the set of routers attached to a particular network. Flooded to the area that contains the network (intra-area route). When a route crosses an OSPF Area Border Router (ABR), the route is known as an OSPF Inter-Area route. These routes are flagged as O IA in the “show ip route” command output.
Both Intra and Inter-Area routes are also called OSPF Internal routes, as they are generated by OSPF itself, when an interface is covered with the OSPF network command.
Type 3/4: Summary link advertisements generated by ABRs describing inter-area routes. Type 3 describes routes to networks and is used for summarization. The "default-information originate" is also Type 3. Type 4 describes routes to the ASBR (interarea summary route).
Type 5: Generated by the ASBR and describes links external to the Autonomous System (AS). These are the redistributed (from other routing protocols including static routes) routes. Flooded to all areas except stub areas (external route). Routes which were redistributed into OSPF, such as Connected, Static, or other Routing Protocol, are known as External Type-2 or External Type-1. These routes are flagged as O E2 or O E1 in the “show ip route” command output.
Type 6: Group membership link entry generated by multicast OSPF routers.
Type 7: NSSA external routes generated by ASBR. Only flooded to the NSSA. External routes injected internally by ASBRs within each POP (Areas other than Area 0) are LSAs of type 7. The ABR between will translate LASs type 7 to LSAs type 5 from each POP/Area to Area 0 (external route). When an area is configured as a Not-So-Stub Area (NSSA), and routes are redistributed into OSPF, the routes are known as NSSA external type 2 or NSSA external type 1. These routes are flagged as O N2 or O N1 in the “how ip route” command output.
===================================
Q139. which 2 of the following are designated field for mac tunneling protocol (802.1 ah)?
a, servic ethertype
b, pseudoLAN tag.
802.1 ah ==> QinQ
===================================
Q140. what is the requirement of Remote triggered black hole filter? (RTBH)
a, IBGP updates exchage between trigger router and black hole router
=================================
Q141. in a frame, the MPLS label is imposed
a, after the layer 2 header and before layer 3 header.
===================================
Q142. which statement are correct for forwarding traffic into MPLS TE tunnels?
a, autoroute causes the tunnel to be treated as a directly connected link to the head-end
b, forwarding adjacency makes the TE head-end node advertise the tunnel LSP into the IGP
c, forwarding adjacency supports unequal cost load balancing over multiple TE tunnel
==================================
Q143. If RTP header comparession is used on the link, the header's overhead on the voice packet will be reduced by what percent?
a, from 70% to 33%
70%= (12+8+6+20)/66
33%=(4+6)/30
RFC 2508
6 20 8 12 20
ppp ip udp rtp voice
So the header's overhead before compression is (12+8+6+20)/66= 70%
After compression, ip+udp=2bytes. rtp=2 bytes. so overhead is (4+6)/30=33%
COMPRESSED_UDP - communicates the IP and UDP headers compressed to
6 or fewer bytes (often 2 if UDP checksums are disabled), followed
by any subsequent headers (possibly RTP) in uncompressed form,
plus data. This packet type is used when there are differences in
the usually constant fields of the (potential) RTP header. The
RTP header includes a potentially changed value of the SSRC field,
so this packet may redefine the session context. The format is
shown in section 3.3.3.
COMPRESSED_RTP - indicates that the RTP header is compressed along
with the IP and UDP headers. The size of this header may still be
just two bytes, or more if differences must be communicated. This
packet type is used when the second-order difference (at least in
the usually constant fields) is zero. It includes delta encodings
for those fields that have changed by other than the expected
amount to establish the first-order differences after an
uncompressed RTP header is sent and whenever they change. The
format is shown in section 3.3.2.
=====================
Q144. Select 2 valid administratively scoped multicast address in networks
running Interior Gateway protocols like EIGRP and OSPF
a, 239.255.255.255
b, 239.0.0.1
Not c, 224.0.0.10 OR d, 224.0.0.5
========================
Q145. which of the folloing descriptions about IP spoofing is correct?
a, ip source address is forged. (伪造)。
Monday, September 6, 2010
Subscribe to:
Posts (Atom)