Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Refer to the exhibit.
All routers are running EIGRP and the network has converged. R3 and R4 are configured as EIGRP Stub. If the link between R1 and R3 goes down, which statement is true?
A. R1 sends traffic destined to 192.168.0.100 via R2.
B. R2 does not have a route to 192.168.0.0/24 in the routing table.
C. The prefix 192.168.0.0/24 becomes stuck-in-active on R4.
D. R3 does not advertise 192.168.0.0/24 to R4 anymore.
Answer: B
Q2. Which three conditions can cause excessive unicast flooding? (Choose three.)
A. Asymmetric routing
B. Repeated TCNs
C. The use of HSRP
D. Frames sent to FFFF.FFFF.FFFF
E. MAC forwarding table overflow
F. The use of Unicast Reverse Path Forwarding
Answer: A,B,E
Explanation:
Causes of Flooding
The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on). Below case studies display most
common reasons for destination MAC address not being known to the switch.
Cause 1: Asymmetric Routing
Large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links.
Cause 2: Spanning-Tree Protocol Topology Changes
Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur. TCNs are triggered by a port that is transitioning to or from the forwarding state. After the TCN, even if the particular destination MAC address has aged out, flooding should not happen for long in most cases since the address will be relearned. The issue might arise when TCNs are occurring repeatedly with short intervals. The switches will constantly be fast-aging their forwarding tables so flooding will be nearly constant. Normally, a TCN is rare in a well-configured network. When the port on a switch goes up or down, there is eventually a TCN once the STP state of the port is changing to or from forwarding. When the port is flapping, repetitive TCNs and flooding occurs.
Cause 3: Forwarding Table Overflow
Another possible cause of flooding can be overflow of the switch forwarding table. In this case, new addresses cannot be learned and packets destined to such addresses are flooded until some space becomes available in the forwarding table. New addresses will then be learned. This is possible but rare, since most modern switches have large enough forwarding tables to accommodate MAC addresses for most designs. Forwarding table exhaustion can also be caused by an attack on the network where one host starts generating frames each sourced with different MAC address. This will tie up all the forwarding table resources. Once the forwarding tables become saturated, other traffic will be flooded because new learning cannot occur. This kind of attack can be detected by examining the switch forwarding table. Most of the MAC addresses will point to the same port or group of ports. Such attacks can be prevented by limiting the number of MAC addresses learned on untrusted ports by using the port security feature.
Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/23563-143.html#causes
Q3. DRAG DROP
Drag and drop the BGP attribute on the left to the correct category on the right.
Answer:
Q4. Which type of EIGRP routes are summarized by the auto-summary command?
A. internal routes that are learned from a peer that is outside the range of local network statements
B. external routes that are learned from a peer that is inside the range of local network statements
C. locally created routes that are outside the range of local network statements
D. external routes that are learned from a peer that is outside the range of local network statements
Answer: B
Explanation:
Auto-Summarization of External Routes
EIGRP will not auto-summarize external routes unless there is a component of the same major network that is an internal route. To illustrate, let us look at Figure 15.
Router Three is injecting external routes to 192.1.2.0/26 and 192.1.2.64/26 into EIGRP using the redistribute connected command, as shown in the configurations below.
Router Three
interface Ethernet0
ip address 192.1.2.1 255.255.255.192
!
interface Ethernet1
ip address 192.1.2.65 255.255.255.192
!
interface Ethernet2
ip address 10.1.2.1 255.255.255.0
!router eigrp 2000
redistribute connected
network 10.0.0.0
default-metric 10000 1 255 1 1500
With this configuration on Router Three, the routing table on Router One shows:
one# show ip route
10.0.0.0/8 is subnetted, 2 subnets
D 10.1.2.0 [90/11023872] via 10.1.50.2, 00:02:03, Serial0
C 10.1.50.0 is directly connected, Serial0
192.1.2.0/26 is subnetted, 1 subnets
D EX 192.1.2.0 [170/11049472] via 10.1.50.2, 00:00:53, Serial0
D EX 192.1.2.64 [170/11049472] via 10.1.50.2, 00:00:53, Serial0
Although auto-summary normally causes Router Three to summarize the 192.1.2.0/26 and 192.1.2.64/26 routes into one major net destination (192.1.2.0/24), it does not do this because both routes are external. However, if you reconfigure the link between Routers Two and Three to 192.1.2.128/26, and add network statements for this network on Routers Two and Three, the 192.1.2.0/24 auto-summary is then generated on Router Two.
Router Three
interface Ethernet0
ip address 192.1.2.1 255.255.255.192
!
interface Ethernet1
ip address 192.1.2.65 255.255.255.192
!
interface Serial0
ip address 192.1.2.130 255.255.255.192
!
router eigrp 2000 network 192.1.2.0
Now Router Two generates the summary for 192.1.2.0/24:
two# show ip route
D 192.1.2.0/24 is a summary, 00:06:48, Null0
And Router One shows only the summary routE.
one# show ip route
10.0.0.0/8 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Serial0
D 192.1.2.0/24 [90/11023872] via 10.1.50.2, 00:00:36, Serial0
Reference: http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/16406-eigrp-toc.html
Q5. Which two options are BGP attributes that are updated when router sends an update to its eBGP peer? (Choose two.)
A. weight
B. local preference
C. AS_path
D. next-hop
Answer: C,D
Explanation:
AS_Path describes the inter-AS path taken to reach a destination. It gives a list of AS Numbers traversed when reaching to a destination. Every BGP speaker when advertising a route to a peer will include its own AS number in the NLRI. The subsequent BGP speakers who advertise this route will add their own AS number to the AS_Path, the subsequent AS numbers get prepended to the list. The end result is the AS_Path attribute is able to describe all the autonomous systems it has traversed, beginning with the most recent AS and ending with the originating AS.
NEXT_HOP Attribute specifies the next hop IP address to reach the destination advertised in the NLRI. NEXT_HOP is a well-known mandatory attribute that is included in every eBGP update.
Reference: http://netcerts.net/bgp-path-attributes-and-the-decision-process/
Q6. Which two statements about BGP prefix-based outbound filtering are true? (Choose two.)
A. It must be configured per address family.
B. It can use prefix lists and route maps for filtering.
C. It can be configured under the global BGP routing process.
D. It can be configured for external peering sessions only.
E. It can increase the processing load on the router.
F. It supports IP multicast routes.
Answer: A,D
Q7. Which two options are benefits of EIGRP OTP? (Choose two.)
A. It allows EIGRP routers to peer across a service provider without the service provider involvement.
B. It allows the customer EIGRP domain to remain contiguous.
C. It requires only minimal support from the service provider.
D. It allows EIGRP neighbors to be discovered dynamically.
E. It fully supports multicast traffic.
F. It allows the administrator to use different autonomous system numbers per EIGRP domain.
Answer: A,B
Explanation:
EIGRP Over the Top (OTP) allows EIGRP routers to peer across a service provider infrastructure without the SP’s involvement. In fact with OTP, the provider won’t see customer routes at all. EIGRP OTP acts as a provider-independent overlay that transports customer data between the customer’s routers. To the customer, the EIGRP domain is contiguous. A customer’s EIGRP router sits at the edge of the provider cloud, and peers with another EIGRP router a different location across the cloud. Learned routes feature a next hop of the customer router — not the provider. Good news for service providers is that customers can deploy EIGRP OTP with their involvement
Reference: http://ethancbanks.com/2013/08/01/an-overview-of-eigrp-over-the-top-otp/
Q8. DRAG DROP
Drag and drop the extended ping command field on the left to its usage on the right.
Answer:
Q9. Which two statements about IPv4 and IPv6 networks are true? (Choose two.)
A. In IPv6, hosts perform fragmentation.
B. IPv6 uses a UDP checksum to verify packet integrity.
C. In IPv6, routers perform fragmentation.
D. In IPv4, fragmentation is performed by the source of the packet.
E. IPv4 uses an optional checksum at the transport layer.
F. IPv6 uses a required checksum at the network layer.
Answer: A,B
Q10. You are implementing new addressing with EIGRP routing and must use secondary addresses, which are missing from the routing table. Which action is the most efficient solution to the problem?
A. Disable split-horizon on the interfaces with secondary addresses.
B. Disable split-horizon inside the EIGRP process on the router with the secondary interface addresses.
C. Add additional router interfaces and move the secondary addresses to the new interfaces.
D. Use a different routing protocol and redistribute the routes between EIGRP and the new protocol.
Answer: A
Explanation:
Normally, routers that are connected to broadcast-type IP networks and that use distance-vector routing protocols employ the split horizon mechanism to reduce the possibility of routing loops. Split horizon blocks information about routes from being advertised by a router out of any interface from which that information originated. This behavior usually optimizes communications among multiple routers, particularly when links are broken. However, with nonbroadcast networks, situations can arise for which this behavior is less than ideal. For these situations, you might want to disable split horizon with EIGRP and RIP. If an interface is configured with secondary IP addresses and split horizon is enabled, updates might not be sourced by every secondary address. One routing update is sourced per network number unless split horizon is disabled.
Reference:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/ip/configuration/guide/fipr_c/1cfrip.html
Q11. Which two attributes were introduced with the Cisco IOS BGP 4-byte ASN feature? (Choose two.)
A. AS4_AGGREGATOR
B. AS4_PATH
C. AS4_PLAIN
D. AS4_DOT
E. AS4_TRANS
Answer: A,B
Q12. Which option is the most effective action to avoid packet loss due to microbursts?
A. Implement larger buffers.
B. Install a faster CPU.
C. Install a faster network interface.
D. Configure a larger tx-ring size.
Answer: A
Explanation:
You can't avoid or prevent them as such without modifying the sending host's application/network stack so it smoothes out the bursts. However, you can manage
microbursts by tuning the size of receive buffers / rings to absorb occasional microbursts.
Q13. A TCP/IP host is able to transmit small amounts of data (typically less than 1500 bytes), but attempts to transmit larger amounts of data hang and then time out. What is the cause of this problem?
A. A link is flapping between two intermediate devices.
B. The processor of an intermediate router is averaging 90 percent utilization.
C. A port on the switch that is connected to the TCP/IP host is duplicating traffic and sending it to a port that has a sniffer attached.
D. There is a PMTUD failure in the network path.
Answer: D
Explanation:
Sometimes, over some IP paths, a TCP/IP node can send small amounts of data (typically less than 1500 bytes) with no difficulty, but transmission attempts with larger amounts of data hang, then time out. Often this is observed as a unidirectional problem in that large data transfers succeed in one direction but fail in the other direction. This problem is likely caused by the TCP MSS value, PMTUD failure, different LAN media types, or defective links.
Reference: http://www.cisco.com/c/en/us/support/docs/additional-legacy-protocols/ms-windows-networking/13709-38.html
Q14. In the DiffServ model, which class represents the highest priority with the lowest drop probability?
A. AF11
B. AF13
C. AF41
D. AF43
Answer: C
Q15. What is the destination multicast MAC address for BPDUs on the native VLAN, for a switch that is running 802.1D?
A. 0185. C400. 0000
B. 0100.0CCC.CCCC
C. 0100.0CCC.CCCD
D. 0180.C200.0000
Answer: D
Explanation:
If the native vlan is 1:
A STP BPDU for VLAN 1 will be sent untagged to MAC 0180.c200.0000 (this is the
common spanning tree)
A PVST+ BPDU for VLAN 1 will be sent untagged to MAC 0100.0ccc.cccd
A PVST+ BPDU for all other vlans will be sent with a 802.1Q tag to MAC 0100.0ccc.cccd
(with a PVID = to the VLAN)
If the native vlan is not 1:
A STP BPDU for VLAN 1 will be sent untagged (on the native vlan) to MAC
0180.c200.0000 (this is the common spanning tree)
A PVST+ BPDU for VLAN1 will be sent with a 802.1Q tag to MAC 0100.0ccc.cccd (with a PVID=1)
A PVST+ BPDU for the native vlan will be sent untagged to MAC 0100.0ccc.cccd (with a PVID=native vlan)
A PVST+ BPDU for all other vlans will be sent with a 802.1Q tag to MAC 0100.0ccc.cccd (with a PVID = to the VLAN)