Term
What useful functions for leased line WAN connections does Point to Point Protocol (PPP) provide? |
|
Definition
[image] The definition of a header and trailer that permits frame delivery over the link
[image] Support for synchronous and asynchronous WAN links
[image] A Type field that permits many protocols to pass over the link
[image] Authentication protocols; specifically, a clear-text PAP for low-security environments and CHAP for more robust security
[image] Control protocols for each higher-level protocol |
|
|
Term
What are the two control Protocols for PPP ? |
|
Definition
Link Control Protocol (LCP): This control protocol focuses on the link itself and ignores Layer 3 protocols sent across the link
Network Control Protocol (NCP): This category of protocols functions in conjunction with a specific Layer 3 protocol sent across the link |
|
|
Term
What are the command for Configuring PPP with CHAP? |
|
Definition
R1(config)#username R2 password cisco R1(config)#interface serial2/0 R1(config-if)#encapsulation ppp R1(config-if)#ppp authentication chap
R1(config-if)#end |
|
|
Term
What are the significance of the username and password in PPP?
|
|
Definition
-The username commands are entries for the opposite router.
-And The password must match on each device. |
|
|
Term
What command is used to verify PPP config?
|
|
Definition
R1#show ip interface brief
R1#show interface serial2/0 |
|
|
Term
What are the commands to Configure Multilink PPP? |
|
Definition
R1(config)#interface multilink 1 R1(config-if)#encapsulation ppp R1(config-if)#ppp multilink R1(config-if)#ip address 10.1.1.1 255.255.255.0 R1(config-if)#ppp multilink group 1 R1(config-if)#exit |
|
|
Term
PPPoE combines two widely accepted standards, Ethernet and PPP, What are some if its capabilities? |
|
Definition
PPPoE provides a standard method of employing the authentication methods of the Point-to-Point Protocol (PPP) over an Ethernet network.
PPPoE allows authenticated assignment of IP addresses.
Often, PPPoE client and server are interconnected by Layer 2 bridging protocols running over a DSL or other broadband connection.
|
|
|
Term
PPPoE is composed of which two main phases? |
|
Definition
Active Discovery Phase—In this phase, the PPPoE client locates a PPPoE server, called an access concentrator. During this phase, a Session ID is assigned, and the PPPoE layer is established.
PPP Session Phase—In this phase, PPP options are negotiated and authentication is performed. When the link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred over the PPP link within PPPoE headers. |
|
|
Term
WHat are some of the attributes of PPPoE? |
|
Definition
- At system initialization, the PPPoE client establishes a session with the access concentrator by exchanging a series of packets.
- After the session is established, a PPP link is set up, which includes authentication using Password Authentication Protocol (PAP).
- When the PPP session is established, each packet is encapsulated in the PPPoE and PPP headers.
|
|
|
Term
How to configure The PPPoE Client |
|
Definition
interface dialer 2 R1(config-if)#ip address negotiated R1(config-if)#mtu 1492 R1(config-if)#encapsulation ppp R1(config-if)#ppp chap hostname JohnS R1(config-if)#ppp chap password cisco R1(config-if)#dialer pool 1 R1(config-if)#interface fa0/0 R1(config-if)#no ip address R1(config-if)#pppoe-client dial-pool-number 1 R1(config-if)#pppoe enable R1(config-if)#no shutdown R1(config-if)#end |
|
|
Term
What is Generic Routing Encapsulation (GRE)? |
|
Definition
- one method of creating tunnels through your network
- GRE creates an additional header used by GRE to perform tunneling.
- uses a new IP header that encapsulates the original packet
- GRE does not provide any encryption type services.
- If security is required, this can be added using IPsec (for example).
|
|
|
Term
|
Definition
interface tunnel 0 R1(config-if)#ip address 172.16.1.1 255.255.255.0 R1(config-if)#tunnel mode gre ip R1(config-if)#tunnel source serial2/0 R1(config-if)#tunnel destination 10.1.1.2
R1(config)#router ospf 1 R1(config-router)#network 172.16.1.0 0.0.0.255 area 0 R1(config-router)#end |
|
|
Term
How do you verify a GRE config? |
|
Definition
R2#show ip interface brief
R2#show ip ospf neighbor |
|
|
Term
What are the rules that exist to ensure a healthy tunnel interface? |
|
Definition
- The tunnel source reference to a local source interface requires that the interface have an IP address and be in the up/up state
- Referencing a local IP address for your tunnel source requires that the IP address exist on the router and the associated interface be in the up/up state
- If you reference the tunnel destination using an IP address, the router must have a matching route to that destination IP address
- If you reference the destination as a hostname, this hostname must be resolvable by the local device
- %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing error
|
|
|
Term
What does %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing indicate? |
|
Definition
- The error message means that the GRE tunnel router has discovered a recursive routing problem.
- This condition is usually due to one of these causes: 1—a misconfiguration that causes the router to try to route to the tunnel destination address using the tunnel interface itself (recursive routing)2—a temporary instability caused by route flapping elsewhere in the network
|
|
|
Term
There are many possible topologies in the WAN |
|
Definition
Point-to-point: This simple WAN topology connects two devices over a single connection.
Hub-and-spoke: This WAN topology features a central hub device (typically at a network HQ for example) that makes WAN connections out to branch offices (the spokes).
Full-mesh: This WAN topology is the most expensive and complex to maintain since this topology has all devices making connections to all other devices; although it can be complex and expensive, notice it provides excellent redundancy of WAN paths through the network.
Single-vs dual-homed: These WAN topologies refer to making a connection to multiple ISPs versus a single ISP; a dual-homed configuration is very powerful since it means that an ISP can completely fail to be able to route traffic for the customer, but that customer can dynamically fail over to the surviving ISP. |
|
|
Term
Name at least four key characteristics of UDP |
|
Definition
UDP is connectionless.
UDP has very little overhead.
UDP is often used for voice and video traffic forms.
UDP can multiplex using port numbers to work with multiple applications. |
|
|
Term
Name at least four key characteristics of TCP |
|
Definition
TCP is connection-oriented.
TCP has more overhead than UDP.
TCP uses features like flow control, sequencing and
acknowledgements to ensure reliable and ordered
delivery of segments.
TCP can multiplex using port numbers to work with multiple applications. |
|
|
Term
list of examples of protocol identifiers from the IP header |
|
Definition
1—ICMP
6—TCP
17—UDP
88—EIGRP
89—OSPF
50-ESP
47-GRE |
|
|
Term
TCP is known for the following
|
|
Definition
Error recovery
[image] Flow control using windowing
[image] Connection establishment and termination
[image] Ordered data transfer
[image] Data segmentation |
|
|
Term
|
Definition
[image] Layer 2 switching
[image] Port security
[image] QoS classification and marking and trust boundaries
[image] Address Resolution Protocol (ARP) inspection
[image] Virtual access control lists (VACLs)
[image] Spanning tree
[image] Power over Ethernet (PoE) and auxiliary VLANs for VoIP |
|
|
Term
|
Definition
[image] Aggregation of LAN or WAN links
[image] Policy-based security in the form of access control lists (ACLs) and filtering
[image] Routing services between LANs and VLANs and between routing domains
[image] Redundancy and load balancing
[image] A boundary for route aggregation and summarization configured on interfaces toward the core layer
[image] Broadcast domain control |
|
|
Term
|
Definition
[image] Providing high-speed switching
[image] Providing reliability and fault tolerance |
|
|
Term
troubleshooting methodology
|
|
Definition
Problem isolation
Determining at what layer of the OSI model and on what devices and links the problem may exist
Documentation: It is critical to document the processes you use and the information you find
Resolve: This is, of course, your ultimate goal; you find the root cause of the problem after your problem isolation process, you document what has happened, and then you fix the root cause of the problem
Escalate: Should you not be able to fix the issue, there should be a written escalation process in your organization; this might involve even communicating to a third party that your company partners with in order to fix the issue.
Verify and monitor: Many times it might take time to carefully verify and monitor your solution to ensure the issue(s) are truly resolved; this text provides very important guidance on exact verification and monitoring procedures for various specific technologies.
|
|
|
Term
Troubleshooting approaches |
|
Definition
- Bottom-up troubleshooting approach.
- Top-down approach
- Divide-and-conquer approach
|
|
|
Term
Infrastructure Management: Network Programmability
The creation of a routing table is an example of what plane of operation on a Cisco device? |
|
Definition
|
|
Term
Network Programmability
REST is an excellent example of what in SDN? |
|
Definition
|
|
Term
Network programmability
What is the job of the Control Plane? |
|
Definition
on a Router It builds these things. Routing protocols, such as OSPF, help to create a routing table.
On a switch, it builds a nice MAC address table
It is the raw forwarding mechanics of the devices |
|
|
Term
Moving frames or packets from one interface to the next based on the information from the Control Plane is the job of the __________? |
|
Definition
Data Plane (sometimes called the Forwarding Plane). |
|
|
Term
What is Cisco's version of SDN? |
|
Definition
ACI
Application Centric Infrastructure (ACI)
in SDN where you take the Control Plane intelligence needed and centrally locate it in a device called the controller. |
|
|
Term
What is the Function of a Controller? |
|
Definition
in SDN where you take the Control Plane intelligence needed and centrally locate it in a device called the controller.
This device can then handle (very efficiently) all the Control Plane items while the other networking devices just handle the Data Plane tasks |
|
|
Term
|
Definition
It is a key component is the (controller)called the Application Policy Infrastructure Controller—Enterprise Module |
|
|
Term
What are API's?
(application programming interfaces). |
|
Definition
These are basically standardized languages for communications between devices.
Cisco likes to use REST-based APIs. This allows the fancy discovery and control of the network elements using the HTTPS protocol.
|
|
|
Term
What's the difference between a Northbound and Southbound API? |
|
Definition
Northbound used for communication between the controller and Network Application thru REST-based APIs
Southbound is aided by a service abstraction layer in order to control the devices. Cisco likes to keep it simple—they use the (CLI) and (SNMP). It is between the SAL and the Data Plane devices |
|
|
Term
What is the default status of monitor and buffer logging? |
|
Definition
|
|
Term
What version of SNMP provides robust security mechanisms? |
|
Definition
|
|
Term
What is the command to configure the timestamp information in your syslog messages? |
|
Definition
|
|
Term
What are three forms of logging that are enabled by default? |
|
Definition
Console logging
Monitor logging
Buffer logging |
|
|
Term
|
Definition
Alert
(Immediate action required) |
|
|
Term
|
Definition
Emergency
(system unusable) |
|
|
Term
|
Definition
Critical
(Critical Event) |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Debug
(Requested by user) |
|
|
Term
What does logging console 6 state? |
|
Definition
Console syslog messages are limited to levels 6 through 0. |
|
|
Term
What does logging buffered 4 state? |
|
Definition
Buffer syslog messages are limited to levels 4 through 0. |
|
|
Term
What does logging monitor warning state? |
|
Definition
Monitor syslog messages are limited to levels 4 through 0; note that you can use the keyword or level number. |
|
|
Term
What does the following command do,
logging host 10.1.1.3? |
|
Definition
Sends syslog messages to a recipient network device for storage; this device is located at 10.1.1.3. |
|
|
Term
What does Cisco IOS IP service-level agreements (SLAs) do? |
|
Definition
Allows administrators to analyze IP service levels by performing active traffic monitoring, as a way of measuring and verifying network performance |
|
|
Term
What command do you use to schedule an IP SLA test? |
|
Definition
|
|
Term
what command is used to Monitor the IP SLA Test |
|
Definition
R1#show ip sla statistics 6 |
|
|
Term
What command do you use to create an ICMP-based SLA test? |
|
Definition
|
|
Term
|
Definition
Displays a table of LLDP neighbors |
|
|
Term
What is Link Layer Discovery Protocol (LLDP)? |
|
Definition
It is an open standard protocol that provides similar functionality to the proprietary Cisco Discovery Protocol (CDP) |
|
|
Term
|
Definition
Obtains detailed information about a specific neighbor, including IP information |
|
|
Term
|
Definition
Enables LLDP globally on the router |
|
|
Term
lldp transmit and lldp receive |
|
Definition
Interface-level commands for controlling the sending and receiving of LLDP information |
|
|
Term
|
Definition
Allows you to view the license state on your device; information shown includes the type of license and the time period left. |
|
|
Term
|
Definition
Allows you to see the specific features you might be permitted to use and whether they are enabled. |
|
|
Term
|
Definition
Provides information about the license in use on the device. |
|
|
Term
|
Definition
Allows you to install a license on a Cisco device. |
|
|
Term
What license verification command can be used for verifying the status of certain features? |
|
Definition
|
|
Term
What command stops the console line timing out after inactivity? |
|
Definition
no exec-timeout or exec-timeout 0 0 |
|
|
Term
What is the purpose of the line console 0? |
|
Definition
this mode allows you to apply important parameters for the console connection to the device |
|
|
Term
What is logging synchronous ? |
|
Definition
this line-configuration command ensures that console messages do not interrupt your entry of commands at the command-line interface. |
|
|
Term
|
Definition
although in actual production you would want your console port to time out when inactive, in a lab environment |
|
|
Term
Steps in the password recovery process |
|
Definition
1. Boot the device into ROMMON mode; this is accomplished with a break key during boot or the removal of flash memory.
2. The configuration register of the device is then set to ignore the startup-config file (a common configuration register setting for this is 0x2142); a sample ROMMON command for this is confreg 0x2142
3. Reboot the router
4. Enter privileged mode.
5. issue the command copy startup-config running-config.
6. Change the enable secret password
7. Set the configuration register back with config-reg 0x2102.
8. Copy the running-config to the startup-config with copy running-config startup-config. |
|
|
Term
Secure Copy Protocol (SCP) |
|
Definition
is a secure method of moving configuration files or IOS images through the network.
SCP uses Secure Shell (SSH) for data transfer and uses authentication and encryption. This ensures the authenticity and confidentiality of the information in transit. SCP runs over TCP port 22 by default. |
|
|
Term
|
Definition
Technically, when you use this feature, you ensure the integrity of the image. Integrity checks verify the original image is the image you acquired. |
|
|
Term
What does the archive command do? |
|
Definition
It provides you with the ability to automate the archiving of configuration files on set intervals. |
|
|
Term
configure replace command |
|
Definition
command that allows the enactment of a new running-config without a reload of the device.
Note: this could work well when used in conjunction with the archive command to restore a previous version of the device’s configuration. |
|
|
Term
|
Definition
This layer controls the reliability of communications through flow control mechanisms |
|
|
Term
What are the TCP three-way handshakes |
|
Definition
1. SYN: The client sends a SYN to the server.
2. SYN-ACK: In response, the server replies with a SYN-ACK.
3. ACK: Finally, the client sends an ACK back to the server. |
|
|
Term
Name at least four key characteristics of UDP. |
|
Definition
UDP is connectionless.
UDP has very little overhead.
UDP is often used for voice and video traffic forms.
UDP can multiplex using port numbers to work with multiple applications. |
|
|
Term
Name at least four key characteristics of TCP. |
|
Definition
TCP is connection-oriented.
TCP has more overhead than UDP.
TCP uses features like flow control, sequencing and acknowledgements to ensure reliable and ordered delivery of segments.
TCP can multiplex using port numbers to work with multiple applications. |
|
|
Term
Here is a list of examples of protocol identifiers from the IP header |
|
Definition
1—ICMP
6—TCP
17—UDP
88—EIGRP
89—OSPF |
|
|
Term
Applications That Rely on TCP versus UDP |
|
Definition
TCP and UDP can both multiplex using port numbers to work with multiple applications. For example, DHCP uses UDP ports 67 and 68, RIP uses UDP port 520, and HTTP uses TCP port 80. |
|
|
Term
TCP we have the following? |
|
Definition
Error recovery
Flow control using windowing
Connection establishment and termination
Ordered data transfer
Data segmentation |
|
|
Term
|
Definition
This layer provides workgroup/user access to the network; as a result, this layer is sometimes called the workstation layer.
Layer 2 switching
Port security
QoS classification and marking and trust boundaries
Address Resolution Protocol (ARP) inspection
Virtual access control lists (VACLs)
Spanning tree
Power over Ethernet (PoE) and auxiliary VLANs for VoIP |
|
|
Term
|
Definition
The layer provides policy-based connectivity and controls the boundary between the access and core layers.
Aggregation of LAN or WAN links
Policy-based security in the form of access control lists (ACLs) and filtering
Routing services between LANs and VLANs and between routing domains
Redundancy and load balancing
A boundary for route aggregation and summarization configured on interfaces toward the core layer |
|
|
Term
|
Definition
This layer provides fast transport between distribution switches within the enterprise campus; this is sometimes called the backbone layer. |
|
|
Term
|
Definition
The number of hours, minutes, and seconds since the interface was last reset because of a transmission that took too long. |
|
|
Term
|
Definition
The number of frames dropped on the input interface. Typically, this is a result of congestion on the interface. |
|
|
Term
|
Definition
The number of frames dropped on the output interf |
|
|
Term
|
Definition
The number of input packets dropped because of no available buffers. |
|
|
Term
|
Definition
The number of times the local interface requested another local interface within the switch to slow down. |
|
|
Term
|
Definition
The total of no buffer, runts, giants, CRCs, frame, overrun, ignored, and aborts errors |
|
|
Term
|
Definition
The Cyclic Redundancy Check failed on an input packet. This is made possible to detect thanks to the Frame Check Sequence on frame formats. |
|
|
Term
|
Definition
The number of frames received that did not end on an eight-bit byte boundary |
|
|
Term
|
Definition
The number of times the receiver hardware was unable to transfer received data to a hardware buffer because the input rate exceeded the receiver’s ability to process the data. |
|
|
Term
|
Definition
The frames dropped because the interface hardware buffers ran low on internal buffers. |
|
|
Term
|
Definition
An illegal sequence of 1 bits was detected in a frame received. |
|
|
Term
Dribble Condition Detected: |
|
Definition
A dribble bit error indicates that a frame is slightly too long. The frame is still accepted in this case. |
|
|
Term
|
Definition
The number of times the sender has been running faster than the switch can handle. |
|
|
Term
|
Definition
The number of times the interface had a reset. This is normally the result of missed keepalives from a neighboring device. |
|
|
Term
|
Definition
Misaligned reads and writes. |
|
|
Term
|
Definition
The number of frames transmitted greater than 1518 bytes in size. |
|
|
Term
|
Definition
A collision that occurs after the interface has started transmitting the frame. |
|
|
Term
|
Definition
The number of frames that were transmitted successfully after waiting because the media was busy. |
|
|
Term
|
Definition
The number of times the carrier was lost during transmission. |
|
|
Term
|
Definition
The number of times the carrier was not present during the transmission. |
|
|
Term
|
Definition
The number of times a frame was not output from the output hold queue because of a shortage of shared memory. |
|
|
Term
Output Buffers Swapped Out:
|
|
Definition
The number of frames stored in main memory when the output queue is full. |
|
|
Term
Tag protocol identifier (TPID): |
|
Definition
A 16-bit field set to a value of 0x8100 in order to identify the frame as an IEEE 802.1Q-tagged frame. |
|
|
Term
Tag control information (TCI): consists of the following:
|
|
Definition
[image]Priority code point (PCP): A three-bit field that refers to the IEEE 802.1p class of service and maps to the frame priority level.
[image] Drop eligible indicator (DEI): A one-bit field that may be used separately or in conjunction with PCP to indicate frames eligible to be dropped in the presence of congestion.
[image] VLAN identifier (VID): A 12-bit field specifying the VLAN to which the frame belongs. |
|
|
Term
|
Definition
- Switches use STP Bridge Protocol Data Units (BPDUs) to carry their bridge ID information. The device with the lowest bridge ID becomes the root bridge.
- The bridge ID is an eight-byte value that is unique for each switch.
- The bridge identifier(ID) consists of two parts, a two-byte priority value and a six-byte system ID. The six-byte system ID is based on the built-in MAC address for the switch.
|
|
|
Term
Why was Rapid Spanning-Tree Protocol (RSTP) invented?
|
|
Definition
To improve convergence time |
|
|
Term
What optional STP feature permits ports to quickly transition from blocking to forwarding? |
|
Definition
|
|
Term
What optional STP feature is a protection mechanism against switch loops and is triggered by seeing a BPDU? |
|
Definition
|
|
Term
What are three options for the EtherChannel configuration? |
|
Definition
|
|
Term
Using PAgP to Form a Layer 2 EtherChannel |
|
Definition
a Layer 2 EtherChannel using the built-in and default dynamic method of using the Port Aggregation Protocol (PAgP)
Note: There are two settings possible here—auto and desirable
channel-group 2 mode desirable Creating a port-channel interface Port-channel 2
|
|
|
Term
create a Layer 2 EtherChannel using LACP for automatic negotiation |
|
Definition
Note: This mode uses Active or Passive settings
DISTSW1(config-if-range)#shutdown DISTSW1(config-if-range)#channel-group 3 mode active
show etherchannel 3 summary |
|
|
Term
Configuring a Layer 3 EtherChannel is also simple |
|
Definition
Note: how we create the port-channel interface first and assign it an IP address.
interface port-channel 1 DISTSW1(config-if)#no switchport DISTSW1(config-if)#ip address 10.10.10.1 255.255.255.0 DISTSW1(config-if)#exit
interface range gi0/1 , gi0/3 DISTSW1(config-if-range)#no switchport DISTSW1(config-if-range)#shutdown DISTSW1(config-if-range)#channel-group 1 mode on DISTSW1(config-if-range)#no shutdown
|
|
|