I save it to this page, in case i needed them.
(updated @ 2008/02/14)
1. VoIP bearer traffic is typically marked to ef value.
2. DSCP value "101110" looks like IP Precedence value to non-DiffServ compliant devices.
3. Traffic shaping should be implemented on Frame Relay PVCs when there is a speed mismatch between the central site and the remote site & when over-subscribing the central site link.
4. LLQ supports the addition of strict priority queuing, and LLQ priority queue bandwidth is policed with a congestion aware policer.
5. Jitter is the variations of delay.
6. Two token buckets are needed to support a multi-actions policer that meters conforming, exceeding and violating traffic.
7. One of the BGP synchronization rule is that BGP shall not advertise a route until that route has been learned via an IGP also.
8. The BGP attributes MED & AS-Path can be used to influence inbound traffic flow.
9. The attribute filed with the IS-IS LSP header contains the following flags: IS-Type, Overload(LSPDBOL), Attached(ATT) and Partition(P).
10. The criteria used for DIS selection in the IS-IS Designated Intermediate System(DIS) election process is that Highest priority first then highest MAC address.
11. The NSSA OSPF area type accepts type 7 LSA.
12. Routes redistributed into an OSPF ASBR are the LSA type 5.
13. CSNP is periodically multicasted(every 10 seconds) by the DIS on a LAN to ensure IS-IS Link State Dateabase accuracy.
14. The EIGRP SIA condition occurs when there is no response to an EIGRP query after a defined timeout period.
15. In PIM-SM operations, the first router connected to the multicase source sends the Register message to the RP device.
16. The IOS default for switching from the shared tree to the SPT in PIM-SM operations is immediately after receiving the first packet on the shared tree for a given (S,G).
17. In Established state, BGP peers can exchange Update messages.
18. The IPv6 address FE80::656:78FF:FE9A:BCDE is a Link-local address.
19. The no-advertise BGP Community option is used to prevent the advertisement of the BGP prefix to any other BGP peer.
20. BGP best route selection process is based on path attributes.
21. A route can be tagged with a community attribute using the set command within a route-map.
22. With the DSCP value of "101110", the "11" in bits 1 and 2 indicate Drop Probability.
23. Receivers are "joined" to the Shared Tree(rooted at the RP) by their local Designated Router(DR).
24. The show ip ospf database external command displays information about the LSA type 5.
25. Cisco Class-Based QoS MIB is used to provide read access to QoS configuration and statistics information on Cisco platforms that support Modular QoS CLI(MQC).
26. ATT(Attached) bit should be set in the link state PDUs in an IS-IS level-1-2 router to indicate that they are a potential exit point out of the area.
27. The MQC-based output queuing method: LLQ is designed to support multiple traffic classes including VoIP traffic, mission-critical traffic, bulk traffic, interactive traffic and default class traffic.
28. With EIGRP DUAL, a feasible successor is considered loop-free if its AD is less than the successor's FD.
29. The two characteristics of an IPv6 multicase address is that First(most significant) octec is FF in hex & second octet contains a 4-bit multicast scope field.
30. Adding a router with a higher priority than the current DIS will result in the new router becoming the DIS.
31. Separate L1 and L2 election processes are held on a broadcast network.
32. In Multicast VPN(MVPN) implementations, two statements are true regarding the Default MDT Group are the follows: It's used for PIM control traffic & there is a reduced multicast state in the MPLS core P routers.
33. Regarding to route distinguisher defined in RFC 4364, AKA IP-VPN(MPLS-VPN), Router-Distinguisher is an 8 bytes value used in creating unique VPNv4 address, and the configuration to define router-distinguisher is:
ip vrfblue
rd 1:1
34. When configuring Multicast VPN(MVPN) over an MPLS core, both the Default and Data MDT is configured under the router(config-vrf)# mode.
35. router bgp 1
neighbor 1.1.1.1 remote-as 2
the above bgp configuration has the effect of allowing imcoming TCP connections from 1.1.1.1 that are destinated to port 179.
36. The ASBR-summary LSA is generated by the ABR and describes reachability to the ASBR for routers in a different area from the ASBR.
37. RIPv2 differs from RIPv1 in that:
It uses multicast address 224.0.0.9, instead of broadcast.
It is classless, instead of classful.
It supports authentication, and RIPv1 does not.
38. The OSPF External LSA for prefix x.x.x.x exists in the OSPF database, but the prefix is not installed in the routing table. The possible explanations could be the following:
Inbound distribute-list is configured under the ospf process and it is denying x.x.x.x
ASBR orignating the LSA is not reachable.
Router to the forwarding address is not an internal OSPF route
39. If two routers, both reachable from one another, originate functionally equivalent type 2 external-LSAs(i.e, same destination, cost and non-zero forwarding address), then only the LSA generated by the highest RID ASBR will exist in the network.
40. A successor is a neighbor that has met the feasibility condition and has the lowest cost path towards the destination.
41. According to RFC 3931, L2TPv3 utilizes the IANA assigned IP protocol ID of 115.
42. As described in RFC 3270, Short-Pipe Mode operation, the PE to CE egress polices are based upon Customer marking.
43. Identify the differences of Option 10A, as opposed to Option 10C, for InterAS VPN offerings. For option 10A:
The ASBR holds VPNv4 routes
Relative technical simplicity is offered
Better suitability for InterProvider VPNs is provided
44. Packed Cell Relay encapsulation with AToM includes the following:
Tunnel lable
VC-label
Payload
4 byte ATM header
45. AVPs that must be present in L2TPv3 ICRQ messages are:
Message type
PW type
Remote session ID
46. The aal5 and Frame Relay AToM traffic encapsulations require the use of a Control Word.
47. With VPLS, the Directed LDP protocol is used for label exchange and PW signalling.
48. The Service Ethertype and PseudoLAN TAG are designated fields for MAC tunneling protocol(802.1ah).
49. In Any Transport over MPLS(AToM) Control Word is an optional 4-byte field used in the pseudowire packet. The control word carries generic and Layer 2 payload-specific information to emulate L2 packets correctly. In pseudowire packet, this control word is inserted between the MPLS label stack and the layer 2 payload.
50. RFC 3270 describes Differentiated Services(Diff-Serv) over Multi-Protocol Label Switching(MPLS) networks. The uniform model alters Differentiated Services code points set in different Differentiated Services domain.
51. access-list 100 permit any any udp eq 1434 log IOS command can detect whether the SQL slammer virus propagates in your networks.
52. Selective Packet Discard(SPD) is a mechanism to drop non-routing packets instead of routing packets when the process level queue is congested.
53. Selective Packet Discard(SPD) operates in three modes, they are: Normal, Random and Full.
54. Regarding the Control Plane Policing(CoPP):
Control Plane Policing(CoPP) address the need to protect the management planes, ensuring routing stability, availablity, and critical packet delivery.
Control Plane Policing(CoPP) leverages MQC to define traffic classification criteria and to specify configurable policy actions for the classified traffic.
Control Plane Policing(CoPP) uses a dedicated "control-plane" command via the Modular QoS CLI(MQC) to provide filtering and rate limiting capabilities.
55. Two comparision of Control Plane Policing(CoPP) with Receive ACL(rACL) are:
CoPP applies to dedicated control plane interface, rACL applies to all interfaces.
CoPP supports rate limits; rACL does not support rate limits.
56. The BCP 38(Best Common Practices 38)/RFC 2827 Ingress Packet Principles include:
Filter as close to the edge as possible
Filter as precisely as possible
Filter both source and destination where possible
57. BCP (Best Common Practises) 38/RFC 2827 Ingress and Egress Packet Filtering would help mitigate the Spoofing classfication of attack.
58. BGP, OSPF, RIPv2, EIGRP and ISIS support MD5 authentication.
59. The following statements about MD5 Routing Updates authentication is valid:
The MD5 algorithm inputs the routing updates of arbitrary length and outputs a 128-bit hash.
Multiple keys are supported.
60. A limitation of implementing uRPF is that symmetrical routing is required.
61. The Unicast RPF CISCO IOS feature examines packets received to make sure that the source address and interface are in the routing table and match the interface that the packet was received on.
62. You can characterize the source and type in a Denial of Service attack on a router by:
Setting up an access-list to permit all ICMP, TCP and UDP traffic with the log or log-input commands, then use the show access-list and show log commands to determine tye type and source of the attack.
63. The PPP over Ethernet IOS feature can prevent IP spoofing attacks.
64. IP spoofing is that the IP source address is forged.
65. Unicast Reverse Path Forwarding(uRPF) can work in Strict mode and Loose mode.
66. About the uRPF:
It's typically used on multipoint interfaces or on routers where asymmetrical routing is used(packets are received on one interface but the reture path is not on the same interface); loose mode verifies a source address by looking in forwarding information base(FIB), created by routing protocols, to verify there is a reture route to the source and to verify that the path uses a valid interface.
If a packet fails the uRPF Loose mode check, the packet is then dropped.
67. The command of service timestamps log datetime causes syslog messages to be stamped with time and date.
68. If you want to detect a login attack against a router. The login on-failure log command you would use.
69. The Netflow:
Netflow answers questions regarding IP traffic: who, what, where, when and how.
Netflow accounts for both transit traffic destinated for the router.
Netflow returns the subinterface information in the flow records.
70. The requirement of Remote Triggered Black Hole(RTBH) filtering is IBGP updates exchange between trigger router and black hole router.
71. To configure destination-based Remote Triggered Black Hole(RTBH) filtering:
Configure all edge routers with static(reserved) host route to Null0
Configure BGP between trigger router and black hole routers.
Activate black hole by redistributing route for victim into BGP with next-hop set to the static(reserved) host route configured on edge routers
72. Two statements best describe the signalling requirements of virtual circuit setup of VPLS and exchange of reachablity information (MAC addresses) are:
In Cisco? VPLS the virtual circuit setup uses the same LDP signalling mechanism defined for point-to-point services. Using a directed LDP session, each provider edge advertises a virtual circuit label mapping that is used as part of the label stack imposed on the Ethernet frames by the ingress provider edge during packet forwarding.
Cisco VPLS does not require the exchange of reachability(MAC addresses) information via a signalling protocol. This information is learned from the data plane using standard address learning, aging, and filtering mechanisms defined for Ethernet bridging.
73. Regarding to QinQ used in VPLS(Virtual Private LAN Services):
It is an effective way to achieve VLAN transparency between Provider and enterprise customer by tunneling one set of VLAN tags inside a second VLAN tag.
The Outer .1Q tag represents Service VLAN(PVLAN) and inner .1Q tag represents customer VLAN.
74. Address Family Identifier(AFI) carries the identify of the Network Layer protocol for which the BGP speaker intends to advertise multiple paths.
75. Subsequent Address Family Identifier(SAFI) provides additional information about the type of the network layer reachability information carried in the attribute.
76. The role of Forwarding Equivalence Class(FEC) in MPLS is that FEC determines how a group of IP packets are mapped to an LSP.
77. Forwarding Equivalence Class(FEC) corresponds to:
Layer 2 circuits(ATM, FR, PPP, HDLC, Ethernet)
Groups of address/sites-VPN x
A bridge/switch instance-VSI
Tunnel interface-traffic engineering
78. MPLS label headers for packet media consist of Label, COS/EXP, TTL and S flag.
79. Protocols include BGP, LDP and RSVP can be used for MPLS to distribute labels.
80. Packet mode is the mode for MPLS running on ATM.
81. The following processes are likely to be found in a microkernel:
Lightweight messaging
Memory management
Hardware abstraction
Host stack
Process scheduling
82. The importance of using Virtual Output Queues on ingress Line Cards in a high-end router is that prevents head-of-line blocking.
83. The benefits of using TCAM technology in high-end routing products are Deterministic performence and longer update.
84. The default SPF throttle timer in OSPF is 5s.
85. Both the MPLS TE FRR and BFD technology can improve convergence time following a link failure in a service provider network.
86. An End-of-RIB(EOR) message snet in the following BGP-related events:
Following a Route Processor Switchover
During initial convergence
87. The correct arrangement of APS action requests in order of priority, with highest priority first is:
Lockout of protection, forced switch, SD, Manual switch.
88. The number of hops that need to be notified of new link state can NOT be tuned via router configuration to provide for faster convergence following a link failure.
89. Assume two routers on the same subnet, R1 and R2, both configured for HSRP. R1 has a priority of 120. the following HSRP interface configurations will always result in the R2 becoming the primary:
standby 1 priority 130
standby 1 priority 130 preempt
90. The priority correctly arranged from lowest to highest in APS action requests is:
Wait-to-Restore, Manual switch, forced switch, lockout of protection
91. The bgp & mpls_ldp processes in IOS XR run exclusively on the Router Processor.
92. In a frame, the MPLS label is imposed after the layer 2 header and before the layer 3 header.
93. The mechanisms for distributing LDP are LDP and RSVP.
94. For TE tunnels, OSPF uses Type 9,10,11 and ISIS uses TLV.
95. GMPLS is based uponj non-packet-based devices.
96. Using more than one label on a sigle packet is required in MPLS VPN.
97. The show tag-switching tdp binding 1.1.1.0/24 command will display the MPLS label binding for IP prefix 1.1.1.0 on the router.
98. The IOS features are used to avoid routing loops when dynamic routing protocols are used between PE and CE in MPLS-VPN networks are Site of Origin(SOO) and access-list control in distance vector protocol like RIP and EIGRP.
99. If the OSPF protocol is used to connect customer edge(CE) routers to service provider edge(PE) routers in the VPN backbone, two options best describe the used of SHAM links are:
A sham-link is created between any two VPN sites that belong to the same OSPF area and share an OSPF backdoor link.
A sham-link is seen as an intra-area link between PE routers, an OSPF adjacency is created and database is exchanged.
100. Three choices that BGP extended communities used in MPLS-VPN deployment are:
Site of Origin(SOO)
Route-Target
Domain Identifier BGP extended community
101. Two options best describe the purpose of session ID and cookie field in a L2TPv3 packet are:
The session ID is a 32-bit locally significant field used to identify the call on the destination or egress tunnel endpoint. The session ID will be negotiated by the control connection or statically defined if using the L2TPv3 data plan only
The cookie is a variable length(with a maximum of eight bytes), word-aligned optional field. The control connection can negotiate this as an additional level of guarantee beyond regular session ID lookup to make sure that a data message has been directed to the correct session or that any recently reused session ID will not be misdirected.
102. 3 AVPs (Attribute-Value Pair) which MUST be present in the ICRQ are: Message Type, Assigned Session ID and Call Serial Number.
103. The Any Transport over MPLS(AToM) of ATM Cell Relay over MPLS solution allows transportation of ATM signalling as well as Operations Administration and Maintenance(OAM) cells across a packet network, making a packet network invisible to the ATM network.
104. A VC type 5 tunnels an Ethernet port over MPLS. A VC Type 4 transports a VLAN over MPLS.
105. MP-BGP is used for label distribution in MPLS Traffic Engineered networks is incorrect usage of the Label Distribution method.
106. Regarding MPLS Label Stack Encoding:
A value of 0 represents the "IPv4 Explicit NULL label.
A value of 1 represents the "Router Alert Label". The use of this label is analogous to the use of the "Router Alert Option" in IP packets(for example, ping with record route option).
A value of 2 represents the "IPv6 Explicit NULL Label"
A value of 3 represents the "Implicit NULL label"
107. Route-Target is an 8 byte BGP extended community that acts as a filter used in the distribution of VPN routing information.
108. The correct configuration to define Route-Target is
ip vrfblue
route-target both 1:1
or
ip vrfblue
route-target export 1:1
route-target import 1:1
109. Route-target rewrite is mainly use in inter-as mpls-vpn deployments and is configured at the asbr to avoid misconfiguration in route-target assignment for vpn configurations.
110. In any transport over mpls (AToM), the sequence number field is defined in pseudowire emulation that mainly serves as a detection mechanism for network operators to troubleshoot occasional out-of-order delivery problems.
111. The valid statements about mpls label distribution protocol(LDP) are:
LDP hello packets are sent to UDP port 646
LDP sessions are TCP sessions to port 646
LDP can establish a peer relationship with another router that is not directly attached.
112. the following ISIS TLV are used to support MPLS-traffic engineering
Extended IS neighbor TLV#22
Extended IP reachability TLV#135
Router ID TLV#134
113. The Opaque LSA(Type 10) OSPF LSA is used to support MPLS-traffic engineering.
114. Interfaces defined in GMPLS are:
Packet-Switch Capable Interfaces(PSC)
Time-Division Multiplex Capable Interfaces(TDM)
Lambda Switch Capable Interfaces(LSC)
Fibre-Switch Capable Interfaces(FSC)
Layer 2 Switch Capable Interfaces(L2SC)
115. In the context of GMPLS, LMP stands for Link Management Protocol.
116. Frame mode is the encapsulation mode for MPLS running on Ethernet
117. VPI & VCI are used as label in cell-based MPLS.
118. There is MPLS VPN traffic traversing through a TE intermediate router. The MPLS packet label stack sequence(from outer to inner) for the VPN traffic on this router is: TE label, IGP label, VPN label.
119. The IOS command of show mpls ldp bindings command will display MPLS label mapping on an LSR.
120. The label distribution modes for LDP are:
Downstream unsolicited mode
Downstream on-demand mode
121. The 'pop' action in the context of MPLS switching is that it removes the top label in the MPLS label stack.
122. In the context of MPLS, the correct action to be performed when an aggregate label is received is that it removes the top label in the mpls label stack and does a layer 3 lookup on underlying ip packets.
123. In the context of mpls traffice engineering, te path calculation is conducted by TE head end.
124. The RSVP protocol is used for path setup in mpls traffic engineering.
125. methods would enable traffic to be forwarded along an mpls te tunnel are:
static routing
policy routing
autoroute
forwarding adjacency
126. the following statements are correct for forwarding traffic into mpls te tunnels:
autoroute causes the tunnel to be treated as a directly connected link to the head-end.
forwarding adjacency makes the te head-end node advertise the tunnel lsp into the igp
forwarding adjacency supports unequal cost load balancing over multiple te tunnels.
127. traffic and prefixes originating from source as are carried across a transit as to reach their destination as.
128. when provisioning for interactive-video(e.g. video conferencing traffic), the requirements are:
loss should be no more than 1 percent.
one-way latency should be no more than 150 ms
jitter should be no more than 30ms
129. the statement that best describes "the cure for amplification principle" in the internet domain, as explained in rfc 3429(internet architectural guidelines):
Amplification is prevented if local changes have only a local effect as opposed to systems in which local changes have a global effect.
130. SONET's three layers are: Section, Line and Path
131. The 3 best answers describing operation and configuration of FR Inverse ARP are:
Dynamic address mapping uses FR Inverse ARP to request the next-hop protocol address for a specific connection on its know DLCI
Responses to Inverse ARP requests are entered in an address-to-DLCI mapping table on the router or access server which is used to supply the next-hop protocol addresss or the DLCI for outgoing traffic.
Inverse ARP is enabled by default for all protocols enabled on the physical interface
132. DPT/RPR uses a bi-directional ring consisting of two symmetric counter rotating fibre rings
133. In DPT/RPR rings, data packets can be sent in one direction (downstream) and the corresponding control packets in the opposite direction (upstream), thus using both fibres concurrently to maximise bandwidth.
134. 4 valid atm cell header fields are:
GFC-4 bits of generic flow control
VCI-16 bits of virtual channel identifier
CLP-1 bit of congestion loss
HEC-8 bits of header error control
135. The layer 2 protocol used by POS technology offers a standarized way for mapping ip packets into SONET/SDH payloads. the correct sequence of POS operation is:
1)Data is segmented into an ip datagram with its 20-byte ip header
2)encapsulated via point-to-point protocol takes place and framing information is added with high-level data link control(HDLC)
3)gaps between frames are filled with flags, set to value 7E
4)octec stuffing occurs if any flags or resultant escape characters(of value 7D) are found in the data
5)data is scrambled and synchronous mapping takes place by octet into the SONET/SDH frame.
136. Link Control Protocol(LCP) is used for basic PPP link setup and operation
137. three valid LMI extensions are:
Multicasting
Global addressing
Virtual circuit status messages
138. three best answers best describe private network-to-network interface(PNNI) in an ATM network are:
It is the routing protocol used between atm switches
PNNI uses the same Dijsktra algorithm for spf calculation
PNNI measures line capacities and delays in addition to simple cost metrics.
139. 239.0.0.1 & 239.255.255.255 are two valid administratively scoped multicast addresses in networks running interior gateway protocols like eigrp and ospf.
140. when ipv6 is deployed by a service provider to bring on an ipv6 enterprise, which transition strategy works the best? deploy ipv6 at the edges and tunnel enterprise through the core.
141. An internal BGP(iBGP) network can have router-reflectors within a confederation
142. Clusters are used in route-reflector schemes to avoid loops.
143. two ways do routers in an is-is level-1 domain exit to reach other level-1(L1) domains are:
level-1 routers use default routes installed based on ATT bit (Attached Bit) in announcements from level-1-2(L1/L2) router.
Level-1 routers use specific routes, for other level-1 domain, announced by level-1-2(L1/L2) by route-leaking feature of Cisco IOS.
144. correct descriptions and configurations of Anycast RP are:
In Anycast RP, two or more RPs are configured with the same ip address on loopback interfaces
anycast rp provides redundancy and load-sharing capabilities
routers with anycast rp can be configured statically(loopback 1.1.1.1) with the command of ip pim rp-address 1.1.1.1
145. two correct statements about rpf checks in msdp(multicast source discovery protocol) are:
it prevents message looping, session advertisement(SA) messages must be rpf checked
rpf check should be done against the route to the rendez-vous point of the corresponding pim-sm domain, which originated the sa.
146. two answers best describe the ip event dampening feature are:
the ip event dampening uses exponential decay mechanism to suppress the effects of excessive interface flapping.
the ip event dampening works with routing protocols by stopping the announcement of dampened interface subnet in their updates.
147. bgp route-reflector does not have to be in the forwarding path of data coming from its clients.