CCIE Flash Cards

5/18/2019 Untitled Document
Sequential order based on sequence

numbers
In what order are route-map commands
processed?
All packets are matched.
What happens if a route-map clause omits

the match command?
Explicitly configured name
Action (permit / deny)
Unique sequence number What three things are a part of every route-
map command (whether explicit or
implicit)?
The then-current routing table
When a route-map is used for

redistribution, the route map processes
routes taken from where?
False: After a particular route is matched
by the route map, it is not processed
beyond that matching route-map command True or False: During route redistribution,
(specific to route redistribution). after a particular route is matched by the
route map, further route-map commands
are processed for more matches.
The permit or deny parameter in the route-
map statement. The route is redistributed
when the route-map command has the Which route-map parameter determines
permit parameter, and not redistributed whether or not a matched route is
when it has the deny parameter. redistributed or not?
Network 1.0.0.0 is not considered
Network 2.0.0.0 is specifically denied
What is the result of this configuration:
ip access-list standard d1p2

deny 1.0.0.0 0.255.255.255
permit 2.0.0.0 0.255.255.255
route-map RM deny 10
match ip address d1p2
The routes are processed by the next route-
map clause, or not redistributed if there are
no further clauses. During redistribution, what happens if a
route-map clause with the permit
parameter does not match any routes?
The routes are either filtered (if matched)
or left in the list of routes to be examined
by the next route-map clause (if not During redistribution, what happens when
matched), if any. the deny parameter is used in the route-
map clause?
The route is not filtered, it just doesn't
match that particular route-map clause.
During redistribution, if a route-map clause
https://neckercube.com/CCIE_RSv5.1_neckercube.com.htm 1/355
references an ACL containing a deny

action, what happens to the route?
Configure a clause at the end with a permit
action, but no match statements.
Route maps include an implicit deny all at
the end. How do you configure an explicit
permit all?
The route is matched only if all of the
match statements parameters match the
route. What happens if more than one match
statement is defined in a single route-map
clause?
False: Routes matched for redistribution
can also have various attributes (such as the
metric) set as the route is redistributed. True or False: During route redistribution,
a route-map can be used only to match
(select) routes from the routing table.
All routes whose first octet is 10 that have
an exact prefix length of 24.
What routes does this prefix-list match?
ip prefix-list PFX_TEN permit 10.0.0.0/8

ge 24 le 24
All routes whose first octet is 10 that have
a prefix length between 8 and 24, inclusive.
What routes does this prefix-list match?
ip prefix-list PFX_TEN permit 10.0.0.0/8

le 24
ip prefix-list PFX_DEF permit 0.0.0.0/0
How can you match only a default route

with a prefix list?
ip prefix-list PFX_ALL permit 0.0.0.0/0
le 32
How can you match all routes with a prefix
list?
Routes from different sources (protocols)
have different non-comparable metrics.
The lowest AD is used to choose which When a router learns a particular route
route gets installed into the routing table from multiple sources, why is
when identical routes (prefix and length) Administrative Distance used to choose a
are present from multiple sources. single source?
0
What is the AD of a Connected route?

1
What is the AD of a Static route?

5
What is the AD of a EIGRP summary

route?
20
What is the AD of an eBGP route?

90
What is the AD of an internal EIGRP

route?
100
What is the AD of an IGRP route?

110
What is the AD of an OSPF route?

115
What is the AD of an IS-IS route?

120
What is the AD of a RIP route?

OSPF is 110
IS-IS is 115
Which route source has the lower AD, IS-
IS or OSPF?
170
What is the AD of an external EIGRP

route?
200
What is the AD of an iBGP route?

255
What is the AD value of an

infinite/unreachable route?
With the distance command under the
particular routing protocol's
subconfiguration. How do you change the default
administrative distance for a particular
routing protocol?
True. The distance command can be used
under the subconfiguration of the particular
routing protocol, and individual routes and True or False: Administrative Distance can
ACLs can be referenced and modified. be changed per-route.
True. With the distance command under
the OSPF subconfiguration, individual
route types (inter-area, intra-area, external) True or False: The default Administrative
can have their AD value modified Distance of OSPF can be changed per route
individually. type.
redistribute
router
The ___ command identifies the routing
Example: source from which routes are taken, and the
router rip ___ command identifies the routing process
redistribute eigrp 1 into which the routes are advertised.
Routes from BGP, IS-IS, OSPF, or RIP will
not be redistributed into EIGRP until a
metric is set. You can specify different When redistributing BGP, IS-IS, OSPF, or
metrics per-route, per-protocol, or set a RIP into EIGRP, what happens if the metric
default metric. However, until a metric is is not set?
configured (whether default or more
specific), IOS accepts the redistribution
commands, but will not actually
redistribute the routes.
160
What is the AD of an ODR route?

Static routes are redistributed into RIP with
a metric of 1 (directly connected), unless
otherwise set with the default or more- When redistributing static routes into RIP,
specific metric. what metric is applied if a default or more-
specific metric is not set?
The routes are redistributed with an
automatic default cost of 20 (IGP) or 1
(BGP) and are of route type E2. When redistributing into OSPF, if the
metric is not set, what happens?
The route will be redistributed with a
metric of 0. A metric of 0 is incompatible
with RIP and EIGRP. OSPF will assign a With the exception of OSPF, what is the
default metric of 20 (IGP) or 1 (BGP) metric assigned to a redistributed route if
unless otherwise specified. none is specified (either through the metric
keyword, or the default-metric
subcommand)?
Only major (classful) networks are
redistributed. For example, if the source
protocol contained the prefix When redistributing into OSPF, what
172.16.10.0/24 to be redistributed, it will happens if the subnets keyword is not
be redistributed as 172.16.0.0/16 without used?
the subnets keyword.
False. All EIGRP metric values must be set
when redistributing into EIGRP, regardless
of the K-values settings. True or False: When redistributing into
EIGRP, only the metric values (K-values)
that are used are required to be set.
Routes from the source protocol in the
then-current IP routing table
During redistribution, what are the two
Connected routes matched by the source sources of the redistributed routes?
routing protocol's network statements.
True
True or False: When redistributing a

routing protocol, any Connected routes
matched by the source protocol's network
statements are automatically redistributed
as well.
-Reference a route-map from the
redistribute command that uses the set
metric command What are the three methods for setting the
metrics of redistributed routes in Cisco
-Use the metric option with the IOS?
redistribute command
-Use the default-metric command under

the router command
Using the redistribute command that
references a route-map.
Which redistribution method allows you to
set metrics per-route with a single
command?
Using the metric option on the
redistribute command.
Which redistribution method most easily
lets you set the same metric for all routes
redistributed by that redistribute
command?
The default-metric command under the
router protocol process.
Which redistribution method allows you to
set the metric for all redistributed routes
whose metric was not set by another
method?
The metric-type option lets you set the
route type of the redistributed routes. For
example, OSPF defaults to E2 routes, but What does the metric-type option in the
you can use the metric-type option to force redistribute command do?
the redistributed routes to be E1 instead.
show ip eigrp topology route | include tag
How can you verifiy if a tag was set on a

route redistributed into EIGRP?
show ip ospf database external route |
include Tag
How can you verify if a tag was set on a
route redistributed into OSPF?
router ospf process
distance ospf external 180
By default, all OSPF routes have an
Administrative Distance value of 110. How
do you modify OSPF so that all routes
redistributed into OSPF have an AD value
of 180?
A route redistributed into a lower-AD
protocol by one router will be learned by
another router, which will then use that When multiple routers are peforming
redistributed route instead of a potentially mutual routing protocol redistribution,
more optimal route presented by a higher- what can be a cause of suboptimal routing?
AD protocol.
The solution, where possible, is to mark the

redistributed routes with a higher AD value
than the source protocol. For example,
marking routes redistributed from RIP into
OSPF with an AD of 180 will permit the
more-optimal routes from the RIP domain
to be used.
EIGRP does this by default.

Under the routing protocol process:
distance distance-value ip-address/RID During route redistribution, how can you

wildcard [ACL] modify the AD value of individual routes?
Where ip-address wildcard is the source

router that is advertising the routes (or RID
in the case of OSPF), and an optional ACL
to further define individual routes.
By filtering routes with the specified tags,
the routes are never entered into the routing
table, whereas when you set a higher A common method of preventing routing
Administrative Distance instead, the routes loops with mutual redistribution is to set
are still present but are not used unless the route tags as the routes are redistributed,
lower-AD route is removed from the and then filter routes with those tags at the
routing table. other points of redistribution. What is a
primary disadvantage of doing this instead
of adjusting the Administrative Distance of
the redistributed routes?
The route with the lowest cost to the ASBR
wins.
What is the tiebreaker when an OSPF
router receives multiple E2 routes of the
same prefix?
The metric advertised by the summary is
that of the current lowest-metric
component subnet. By default, what is the metric advertised by
a summary route?
False, the router does not advertise the
component subnets by default.
True or False: Component subnets are
advertised along with the summary address
by default.
False, the router does not advertise the
summary when its routing table does not
have any of the component subnets. True or False: Summary routes are still
advertised even if there are no component
subnets in the current routing table.
The summarizing router creates a Local
discard route to the summary, with
destination Null0, to prevent routing loops. How does a summarizing router prevent
routing loops?
Summary routes decrease the amount of
specific information in the routing tables,
which can sometimes cause suboptimal Why does the possibility of suboptimal
routing. routing occur when summary routes are
used?
EIGRP summarization is configured on the
interface in classic mode, or the af-
interface in named mode: How do you configure an EIGRP summary
route?
ip summary-address eigrp ASN network
mask
Under the EIGRP process:
summary-metric network mask AD How do you modify the AD of an EIGRP

summary route?
In EIGRP named mode, this is configured
under the topology.
Even if the component route with the
lowest metric remains the lowest, the
summary metric is recalculated every time When an EIGRP summary route is created,
any individual component subnet metric its metric is copied from the component
changes, which adds to router overhead. subnet with the current lowest metric by
default. Why should you set this value
Set the metric manually with the manually?
summary-metric command under the
EIGRP process.
Under the EIGRP process:
summary-metric network mask bandwidth How do you manually configure the metric
delay reliability load mtu [distance used by an EIGRP summary route?
administrative-distance]
In EIGRP named mode, this is configured

under the topology.
OSPF routers in the same area must have
identical LSDBs after flooding is complete,
therefore all routers in an OSPF area must Why can summarization in OSPF happen
have the same summary routes, they all only on ABRs and ASBRs?
must be missing the same component
subnets of each summary.
OSPF allows route summarization only as

routes are injected into an area by an ABR
or ASBR.
Under the OSPF process:
area area range network mask [cost cost] How do you configure an OSPF inter-area
summary?
Where area is where the component
subnets reside. By default, the lowest-cost
component becomes the summary cost, but
this can be set statically with the cost

keyword.
Under the OSPF process:
summary-address network mask [tag tag] How do you configure an OSPF external
summary?
This summarizes external routes as they are
injected into OSPF as an ASBR.
With ip classless, if a packet's destination
does not match a specific route in the IP
routing table, the router uses the default What's the difference between the default
route. ip classless and no ip classless with regard
to whether or not a default route is used?
With no ip classless, the router first checks
to see whether any part of the destination
address's classful network is in the routing
table. If so, that router will not use the
default route for forwarding that packet.
Static route to 0.0.0.0, with the
redistribute static command
In what two ways can both RIP and EIGRP
The ip default-network command advertise a default route?
Of these four, only the default-
information originate command will
cause OSPF to advertise a default route. Which of the following can OSPF use to
advertise a default route?
-Static route to 0.0.0.0 with the

redistribute static command
-The default-information originate
command
-The ip default-network command
-Using summary routes
RIP, OSPF, and IS-IS
The default-information originate

command can be used by which IGPs?
-RIP
-EIGRP
-OSPF
-IS-IS
True
True or False: You can advertise a default

route for one routing protocol by
redistributing another routing protocol's
default route.
In order:
Best AD If a router learns of multiple default routes

Route type (internal vs. external, etc.) (using any method), how does it choose
Lowest metric which one to use?
Static route > prefix list > route map >

redistribute
How can you configure EIGRP to
ip route 0.0.0.0 0.0.0.0 gateway redistribute only a static default route?
ip prefix-list zero-prefix permit 0.0.0.0/0
route-map just-default permit 10

match ip address prefix-list zero-prefix
route-map just-default deny 20
router eigrp ASN

redistribute static route-map just-
default [metric metric]
True: OSPF requires the default-
information originate command, which
tells OSPF to redistribute any default True or False: OSPF does not support
routes found in the routing table, whether redistribution of statically defined default
static or from another routing protocol. routes with the redistribute
static command.
If there are no default routes in the routing
table, the default-information originate
command will not advertise a default route
into OSPF, unless the always keyword is
used.
Cost 1
Type E2
When using the default-information
The metric and route type can be set originate command with OSPF, what is the
directly when using the default- default cost and route type?
information originate command.
False. OSPF uses default-information
originate
True or False: You can use the ip default-
network command to inject a default route
into OSPF.
RIP advertises a route to 0.0.0.0/0
EIGRP advertises the classful network, but How do RIP and EIGRP use the ip
flags it as a candidate default. This is why default-network command differently?
EIGRP must also be advertising the
classful network.
The EIGRP default summary creates the
route 0.0.0.0/0 with the destination null0.
The EIGRP summary has a default AD of What happens if a router learns a default
5, so that route will be used instead of the route from eBGP, and advertises an EIGRP
eBGP route with its default AD of 20. default summary out of an interface?
The local router creates a local summary
route with destination null0 using AD 5.
EIGRP then advertises the summary to When issuing the interface command ip
other routers with AD 90 (EIGRP internal) summary-address eigrp ASN summary
mask, how is the route installed locally, and
then advertised?
Profile
Measure
Apply Policy
Control What are the five phases in the PfR "phase
Verify wheel"?
To learn flows that have high latency and
throughput. Traffic being profiled is
referred to as a traffic class. The list of all What is the goal of the PfR Profile phase?
monitored traffic classes (MTC) is referred
to as an MTC list.
To collect and compute performance
metrics for the traffic identified in the
Monitored Traffic Classes (MTC) list. What is the goal of the PfR Measure
phase?
To create low and high thresholds to define
in-policy and out-of-policy performance
categories. What is the goal of the PfR Apply Policy
phase?
To influence traffic by manipulating
routing or by using policy-based routing
(PBR). What is the goal of the PfR Control phase?
After controls have been introduced, PfR
will verify out-of-policy event performance
and make necessary adjustments to bring What is the goal of the PfR Verify phase?
back in-policy performance.
Internal
External
Local What are the three primary interface types
required in a topology to correctly deploy
PfR?
Interfaces that are used to connect to the
internal network for communication with
the control plane manager, the Master What are PfR Internal interfaces?
Controller.
Interfaces used to transmit packets out of
the local network. At least two external
interfaces are required to successfully What are PfR External interfaces?
deploy PfR. These are the interfaces where
prefixes and exit link performance will be
monitored.
Interfaces used in the formation of the
control plane mechanism that drives the
PfR process. The local interface defines the What are PfR Local interfaces?
source interface that is used to
communicate to the Master Controller.
False: Authentication is mandatory, and
performed with key chains.
True or False: With PfR, communication
between the Master Controller and its slave
devices supports optional authentication.
False. However, the MC must be reachable
by the border routers.
True or False: The PfR Master Controller
must be in the same forwarding path taken

by the controlled network traffic.
10
20
A single PfR MC can support up to ___
individual border routers, or up to ___
managed exit interfaces (external
interfaces).
True. Authentication is still required.
True or False: With PfR, the MC and

border router can be the same device.
Border routers report prefix and transit link
measurements back to the MC, and enforce
policy changes as instructed from the MC, With PfR, what two things are border
such as injecting preferred routes to alter routers responsible for?
the course of packet flows in the network.
Configure the authentication key-chain.
When configuring PfR, what is the first

required step?
pfr master in global configuration mode.
What command is used to create a PfR

Master Controller?
From the Master Controller:
pfr master With PfR, how do you designate the border

border border-ip key-chain key-chain router's internal and external interfaces?
interface interface {internal | external}
show pfr master border
How can you verify the PfR MC / border

router relationship status?
Create the authentication key-chain to be
used to communicate with the Master
Controller. What is the first step to creating a PfR
Border router?
Enable the process:
pfr border How do you enable PfR on a Border

master master-IP key-chain key-chain router?
Define the Local interface used to

communicate with the MC:
local interface
Loopback interfaces are recommended.

At least two configured and reachable
external interfaces from the Border
router(s).
What is required for the PfR MC process to

become active?
show pfr master
How can you verify the status of PfR?

Passive mode uses NetFlow data, and is
used constantly.
Active mode uses IP SLA probes and is By default, the PfR Master Controller uses
used when traffic classes are considered both active and passive monitoring for each
Out Of Policy. traffic class. What is the difference
between the two modes, and when is each
mode used?
NetFlow is used to monitor:
delay, packet loss, reachability, throughput
When PfR is in passive mode, what metrics
are monitored, and what is used to monitor
them?
IP SLA probes are used to monitor:
delay, reachability, jitter, MOS
When PfR is in active mode, what metrics
are monitored, and what is used to monitor
them?
Link Utilization & Range
Link utilization - upper threshold set, What are two PfR features that enable load
traffic beyond is OOP balancing?
Example: 90% link utilization set, traffic
that utilizes 95% of the link is out of policy
Range - multiple WAN link usage is kept

within a relative utilization range of each
other
Example: 10% range tries to keep the usage
of multiple links within 10% of each other
60 seconds
What is the default frequency of PfR active

probes?
Identify traffic to be optimized
Configure active probing (including remote
ip sla responder) What are the 3 high-level configuration-
Configure PfR policy to set performance related steps to optimize voice traffic with
metrics for PfR to apply to identified traffic PfR?
The result is usually that most routes are
propagated correctly, but some are not
propagated. What is a potential symptom of an
incorrect split-horizon configuration?
30
What is the default TTL limit of

traceroute?
33434
In Cisco IOS, what is the traceroute default

destination UDP port for the first probe?
debug ip routing
debug ipv6 routing
What is the most appropriate debug
command for tracking down Layer 3
problems?
debug ip packet detail acl
Where acl matches the specific information How can you filter IP packet debugging to
you're looking for. only receive the information you're looking
for?
show pfr border defined
How can you display all user-defined

applications monitored by a PfR border
router?
show pfr master defined
How can you display all applications that

are defined on a PfR Master Controller?
show pfr master nbar application
How can you display the status of an

application identified by NBAR for the PfR
border routers?
destination, source
A multicast address is always used as the

___, never as the ___.
By listening to the Layer 2 multicast
address derived from the Layer 3 multicast
address. On a network segment, how do hosts
interested in receiving particular multicast
For example, hosts interested in listening to traffic listen for the traffic?
traffic from 255.5.5.5 will listen to the
MAC address 0100.5e05.0505 in addition
to the BIA of the NIC.
IANA
The assignment of IP multicast addresses is

controlled by:
224.0.0.0 - 224.0.1.255
Which IP addresses are considered

permanent multicast groups?
232.0.0.0/8
What range of IP addresses are used with

Source-Specific Multicast?
233.0.0.0/8
Which range of IP addresses are used for
multicast GLOP addressing?
GLOP addresses
233.0.0.0/8
What is the range of multicast addresses
where the 16-bit ASN is mapped to the
middle two octets referred to as?
239.0.0.0/8
What is the range of private IP multicast

addresses?
Transient
If an IP multicast address is not in a

reserved range, what is it referred to as?
224.0.0.0/24
What is the range of IP multicast addresses

that should not be forwarded by multicast
routers?
224.0.1.0/24
What is the range of permanent IP

multicast group addresses that should be
routed by IP multicast routers?
To allow a host to select a source for the
multicast group.
What is the purpose of Source-Specific
Multicast?
The multicast MAC OUI will always be
01-00-5E
The last six hex digits of the MAC consist How do you convert a multicast IP address
of 0 + the last 23 binary bits of the to a multicast MAC address?
multicast IP address
There are 32 non-contiguous IP multicast
addresses mapped to each multicast MAC
address. This means when a host joins a What is the overlap of multicast IP
multicast group, it implicitly joins 31 other addresses to multicast MAC addresses?
groups as well.
Without IGMP snooping or CGMP,
multicast traffic is treated identically to
broadcast and unknown unicast traffic in Without the use of IGMP snooping or
that it is flooded out of all ports in the CGMP, why would a switch flood
VLAN because the Source Address is multicast traffic out of all ports in the
unknown. A Multicast MAC address is VLAN?
never used as a Source Address.
IP Protocol 2
TTL 1
IGMP messages are sent in IP datagrams
IGMP packets are local and not forwarded using IP Protocol ___ with the IP TTL field
by routers because of the TTL value of 1. set to ___.
To inform a local multicast router that a
host wants to receive multicast traffic for a
specific group, or leave that group. What are the two most important goals of
IGMP?
Hosts, routers
IGMP is used for communication between

___ and ___.
IGMPv2
What is the default version of IGMP used

in IOS 15?
False: IGMP is automatically enabled when
multicast routing and PIM are configured
on a router. True or False: IGMP must be enabled per-
interface when multicast routing and PIM
The IGMP version can be changed per- are configured on a router.
interface.
False: The IGMP version can be changed
per-interface, with IGMPv2 being the
default for IOS 15. True or False: The IGMP version used
must be set globally.
Membership Query (type code 0x11)
Version 1 Membership Report (type code
0x12) What are the four message types defined
Version 2 Membership Report (type code for the IGMPv2 Type field?
0x16)
Leave Group (type code 0x17)
The IGMPv2 Version 1 Membership
Report message type is used by IGMPv2
hosts for backward compatibility with What is the IGMPv2 Version 1
IGMPv1. Membership Report message type used
for?
The IGMPv2 Version 2 Membership
Report is sent by a group member to
inform the router that at least one group What is the IGMPv2 Version 2
member is present on the subnet. Membership Report message type used
for?
The IGMPv2 Leave Group message type is
sent by a group member if it was the last
member to send a Membership Report to What is the IGMPv2 Leave Group message
inform the router that it is leaving the type used for?
group.
General Query messages set the Group
Address field to 0.0.0.0.
What two possible values can be placed in
All other message types set the Group the IGMPv2 Group Address field?
Address field to the specific multicast
group.
True. IGMPv2 Type Codes 0x11 and 0x12

match the type codes for IGMPv1
Membership Query and Membership True or False: IGMPv2 is completely
Report messages, which enables IGMPv2 backward compatible with IGMPv1.
hosts and routers to recognize IGMPv1
messages when IGMPv1 hosts or routers
are on the network.
Leave Group messages
Group-specific Query messages
Maximum Response Time field What are the four features added to
Querier election process IGMPv2 over IGMPv1?
With a Leave Group message
How does an IGMPv2 host notify a router

that it wishes to leave a particular multicast
group?
A Group-Specific Query message
What does an IGMPv2 router use to send a

query for a particular multicast group?
The effect is that hosts' collective IGMPv2
Solicited Report messages are spread out
over a longer period of time, which results What is the effect of setting the IGMPv2
in more uniform consumption of subnet Maximum Response Time higher than the
bandwidth and router resources. default value of 10 seconds?
Every 60 seconds
How frequently does an IGMPv2 router

acting as the IGMPv2 querier send general
IGMP Query messages?
SA: Router interface's IP and MAC
DA: 224.0.0.1 and 0100.5e00.0001
What are the source and destination IP and
MAC addresses of an IGMPv2 Host
Membership Query?
1. Hosts join a particular multicast group
and listen on two additional multicast
MAC addresses: the calculated MAC What two steps occur during the IGMPv2
corresponding to the multicast group, and host Membership Query process?
the MAC 0100.5e00.0001 corresponding to
224.0.0.1 (all nodes).
2. The local multicast router periodically

sends IGMPv2 Host Membership Queries.
Hosts that have joined any multicast group
reply with an IGMPv2 Report message.
The router's interface will forward
multicast traffic whether a single host, or
multiple hosts belong to a given multicast Why is it unnecessary for multiple hosts on
group, and therefore additional a LAN segment to send an IGMP
Membership Report messages from Membership Report to the local router?
multiple hosts are unnecessary.
The IGMPv2 Maximum Response Time

(MRT) timer is used. The timer is also
known as the Query Response Interval. How does the IGMP Report Suppression
When any host receives an IGMPv2 Query, mechanism work?
it picks a random time between 0 and the
MRT to send a Host Membership report.
However, if the host hears another host
send a report for the group, it does not send
a report of its own.
To immediately signal to a router that the
host wishes to receive traffic for a
particular multicast group, without having What is the purpose of an IGMPv2
to wait for the router to send its periodic Unsolicited Host Membership Report?
Host Membership Query message.
When an IGMPv2 host leaves a group, it
sends a Leave Group message. When the
IGMPv2 router receives the message, it What is the relationship between the
immediately sends a Group-Specific Query IGMPv2 Leave Group message, and the
message for that group to determine if there Group-Specific Query message?
are any remaining hosts that wish to
receive traffic.
224.0.0.2, All Multicast Routers
To which IP address is the IGMPv2 Leave

Group message sent?
True
True or False: Multicast routers do not

keep track of hosts that are members of the
group, only the group memberships that are
active.
When IGMPv2 routers start, they send a
General Query to 224.0.0.1. When a router
receives a General Query, it compares the How does the IGMPv2 Querier Election
source IP with its own, and the router with process work?
the lowest IP on the subnet is elected the
Querier.
255 seconds
2x Query Intervals (125s) + 1/2 Query How long is the default time before an
Response Interval (10s) IGMPv2 Querier router is considered dead
and a new election occurs?
A time period during which, if an IGMPv2
host does not receive an IGMPv1 Query,
the IGMPv2 host concludes that there are What is the host IGMP Version 1 Router
no IGMPv1 routers present and starts Present timeout?
sending IGMPv2 messages.
The default value is 400 seconds.

IGMPv3 Source-Specific Multicast (SSM)
What allows a host to indicate interest in

receiving multicast packets only from
individual source addresses, or from all

sources except for individual exclusions?
224.0.0.22 (IGMPv3)
What is the destination address for the

IGMPv3 Membership Report message?
The MRT field of the IGMPv1 Query is 0,
whereas the IGMPv2 MRT field is
nonzero. How does an IGMPv2 host determine that
the querying router is IGMPv1?
It marks its interface as IGMPv1 and stops
sending IGMPv2 messages.
What happens when an IGMPv2 host
determines that the router is using
IGMPv1?
The host starts a 400-second Version 1
Router Present Timeout timer, which is
reset whenever an IGMPv1 Query is What happens when an IGMPv2 host
received. If the timer expires, there are no receives an IGMPv1 Query?
longer any IGMPv1 routers present on the
subnet, and the IGMPv2 host starts sending
IGMPv2 messages.
The IGMPv2 router receives an IGMPv1
Report message (type 0x12), and changes
its behavior to accommodate the IGMPv1 How can an IGMPv2 router determine that
host(s). an IGMPv1 host is present on the subnet?
The IGMPv2 router ignores Leave
messages and the Group-Specific Queries
triggered by receipt of the Leave messages. When an IGMPv2 router is aware of
IGMPv1 hosts on the subnet, how does the
IGMPv2 routers continue to ignore Leave router change its behavior?
messages until the IGMPv1-Host-Present
Countdown timer expires (180 seconds).
Equal to the Group Membership Interval,
which is 180 seconds by default for
IGMPv1. How long is the router IGMPv1-host-
present countdown timer?
The switch listens for the following routing
protocol messages:
How does IGMP snooping determine
IGMP General Queries with GDA which ports multicast routers are connected
0100.5e00.0001 to?
OSPF messages with GDA
0100.5e00.0005 or 6
PIMv1 and HSRP Hellos with GDA
0100.5e00.0002
PIMv2 Hellos with GDA 0100.5e00.000d
DVMRP Probes with GDA
0100.5e00.0004
The port is added to the port list of all
Group Destination Addresses in the CAM
table for that particular VLAN. What happens when a switch performing
IGMP snooping detects a router on a port?
The switch creates an entry in the CAM

table for the Group Destination Address
and adds the host port and router port to it. What happens when a switch performing
IGMP snooping receives an IGMP Report
message?
The switch removes the host port from the
Group Destination Address CAM table
entry. The switch then sends the Leave What happens when a switch performing
message to the router, unless there are more IGMP snooping receives an IGMP Leave
host ports in the GDA CAM entry, in message?
which case the switch discards the Leave
message.
True
True or False: IGMP snooping is enabled

by default on most Cisco Layer 3 switches,
including the 3560.
Globally: no ip igmp snooping vlan vlan
How do you disable IGMP snooping for an

individual VLAN?
True, it is not a standalone feature.
True or False: IGMP filtering requires

IGMP snooping to be enabled.
True
True or False: You can configure IGMP

filters separately for each VLAN passing
through a trunk port.
IGMP filters are typically used on access
switches connected to end-user devices.
Where are IGMP filters typically used?
IGMP group/channel access control
IGMP group/channel join limits
IGMP minimum version What are the three different types of IGMP
filters?
To enable hosts that are not directly
connected to a downstream device to join a
multicast group sourced from an upstream What is the IGMP Proxy feature used for?
network (such as with UniDirectional Link
Routing).
Reverse Path Forwarding (RPF) check
What do multicast routers use to prevent

loops?
The router looks at the source IP of the
multicast packet, and if the route to the
source is on the interface where the How does the multicast Reverse Path
multicast packet was received, the packet Forwarding (RPF) check work?
passes the RPF check and is forwarded,
otherwise it is dropped.
The multicast packet is dropped at the RP

until a multicast host has joined the
particular group. What happens when a multicast source
sends a packet to the RP, but no hosts have
joined the multicast group?
The downstream routers check the reverse
path to the RP, not the source.
How does the initial RPF check work with
downstream routers when using PIM-SM?
The router compares the TTL value on the
multicast packet with the configured TTL
value on each outgoing interface (whose How does multicast TTL scoping work?
default is 0). If the configured TTL value is
less than or equal to the TTL present in the
multicast packet, the packet is forwarded.
For example, if the TTL is set to 10 and the

router receives a multicast packet with a
TTL of 15, it will be forwarded.
0
What is the default multicast TTL value on

router interfaces?
The configured TTL threshold value on an
interface applies to all multicast packets,
and therefore does not allow for per-group Other than scaling limitations, what is a
flexibility. downside to using TTL scoping on routers
to enforce multicast boundaries?
Administratively-scoped multicast
addresses are those in the 239.0.0.0/8
range. Administrative scoping works by How does multicast administrative scoping
configuring and applying a filter on the work?
router's interface so that multicast
addresses in the administratively-scoped
range are not allowed to enter or exit the
interface.
PIM-DM
DVMRP
MOSPF What are the three common multicast
dense-mode routing protocols?
30 seconds
What is the default PIMv2 Hello interval?

224.0.0.13
What is the All-PIM-Routers multicast

address?
Neighbors are discovered, and adjacencies
are established and maintained by receiving
PIMv2 Hellos on PIM-enabled interfaces. How does PIMv2 discover neighbors and
establish/maintain adjacencies?
Only when it has an active PIMv2 neighbor

on the interface, which is established by
receiving a PIM Hello message from the When will a PIMv2 router send PIM
neighbor. messages out of a PIM-enabled interface
(other than Hellos)?
Source-based distribution tree
Shortest-path tree
Source tree What are the terms for a path between a
source host that originates multicast
packets and all subnets that need to receive
a copy of the multicast sent by that host?
(S,G)
What multicast notation refers to a

particular shortest-path tree?
The PIM Prune message is sent from one
router to a second router to cause the
second router to remove the link on which What does the PIM Prune message do?
the Prune is received from a particular
(S,G) SPT.
Upon receipt of multicast packets on a non-
RPF interface.
What are the two main reasons for a PIM-
When there are no locally connected hosts DM router to send a Prune message?
in a particular group and no downstream
routers are listening for the group.
The connected device is the source of the
particular multicast group.
When issuing the show ip mroute
command, what does the combination of
the C-flag and an RPF neighbor of 0.0.0.0
indicate?
A Prune message is actually a Join/Prune
message with a group address listed in the
Prune field, and a Join has a group message PIM does not have separate Join or Prune
in the Join field. messages, but a single Join/Prune message.
How is a Join or Prune indicated within the
single message type?
The router finds the matching (S,G) SPT
entry and marks the interface on which the
Prune message was received as "pruned" What happens when a router interface
and starts a Prune timer (whose default is 3 running PIM-DM receives a Prune
minutes). When the timer expires, the message?
interface is placed into a forwarding state.
When a PIM-DM link is pruned, it will
begin flooding again after 3 minutes by
default. The PIM-DM State Refresh What is the PIM-DM State Refresh
message is sent upstream by pruned routers message?
every 60 seconds by default to reset the 3-
minute timer and prevent PIM-DM from
flooding traffic on the link.
False: PIM-DM State Refresh messages are
sent on pruned links every 60 seconds by
default, but are not dependent on the 3- True or False: The PIM-DM State Refresh
minute (default) Prune timer. message timer is dependent on the Prune
timer.
A Graft message is sent by the downstream
router to the upstream router to request the
multicast traffic again for the particular What happens when a multicast host
(S,G). wishes to receive traffic for a group that
was previously pruned by the router?
When the upstream router receives the
Prune, because it was received on a
multiaccess network (as opposed to point- When multiple PIM downstream routers
to-point), it sets a 3-second timer. The other are present on a network segment and one
router(s) on the segement must sent a Prune or more of the routers sends a Prune
Override message (which is actually just a message while at least one other router still
normal Join message) before the timer needs to send the multicast traffic further
expires. downstream, what happens?
The downstream router that sent the Prune

will simply ignore the received multicast
traffic by not listening on the multicast
MAC address for the particular group.
When multiple multicast routers are present
on a network segment, the PIM Assert
process is used to determine which router What is the PIM Assert process used for?
should be the one to forward the multicast
traffic based on which router has a better
metric to the multicast source.
The routers on the multiaccess network
segment receive each other's PIM Assert
message, which contains the AD and During the PIM Assert process, how is the
metric the router used to reach the multicast forwarder for a particular group
multicast source. The forwarder is chosen determined?
by:
-Lowest AD of routing protocol used to

reach the source
-Lowest metric for the route (if AD is tied)
-Highest IP address on the LAN (if AD and
metric are tied)
The DR is elected by receipt of PIM Hello
messages. The PIM router with the highest
IP address becomes the DR for the link. How is a PIM Designated Router elected
on a multiaccess network?
IGMPv1 does not have a mechanism to
elect a querier, so the PIM DR is used as
the IGMPv1 Querier. Why is the PIM DR important for
IGMPv1?
The winner of the Assert is responsible for
forwarding multicast traffic for the
particular multicast group onto the LAN. What is the difference between the winner
of the PIM Assert process, and the IGMP
The IGMP Querier is responsible for Querier?
managing the IGMP process by sending
IGMP Query messages on the LAN.
Globally: ip pim rp-address ip
How can you manually specify the PIM RP

address?
The first-hop multicast router attempts to
register the group with the RP, but since no
receivers for the group have registered with What happens in a PIM-SM network when
the RP, the RP sends a Register-Stop a multicast source sends traffic, but there
message back to the first-hop multicast are no receivers?
router.
The first multicast packet is encapsulated
in the Register message in case the RP has
interested receivers registered with the When a PIM-SM router attempts to register
group. with the RP for a particular group, what is
encapsulated in the Register message?
The router starts a 1-minute Register-
Suppression timer, and does not send any
further Register messages to the RP until What happens when a PIM-SM router
five seconds before the timer expires, when receives a Register-Stop message?
it then sends a Register message with the
Null-Register bit set.
If the RP still has no interested receivers

for the group, it will send back another
Register-Stop message, and the process
starts over again. If the RP does have
interested receivers, it does not reply back
to the Register message, and will begin
receiving multicast packets when the first
router's Register-Stop timer expires.
When the router receives a PIM Join
message on any interface other than the one
used to route packets toward the RP What two things cause a PIM-SM router
send a Join toward the RP?
When the router receives an IGMP
Membership Report from a host on a
directly-connected subnet
The tree with the RP at the root that defines
over which links multicasts should be
forwarded to reach all required routers. What is the PIM-SM Root Path Tree
(RPT)?
To allow a router to inform the RP that it
has a local source for a particular multicast
group What are the two major functions of the
PIM-SM Register message?
To allow a router to forward multicasts to
the RP encapsulated inside a unicast
packet, until the registration process is
completed.
Shortest Path Tree / Source-Based Tree /
Source Tree
What type of multicast tree is indicated by
the (S,G) notation?
Root Path Tree / Shared Distribution Tree

What type of multicast tree is indicated by
the (*,G) notation?
The RP joins the SPT (S,G) toward the
multicast source, and sends a Register-Stop
message to the source's first-hop router so In a PIM-SM network, after interested
that it stops sending multicast-encapsulated receivers register with the RP, and the
packets within unicast Register messages. multicast source begins sending traffic,
how does the RP react?
The end result is that the SPT (S,G) is used
between the RP and the source, and the
RPT (*,G) is used between the RP and the
subnets that need to receive the traffic.
PIM Join. If the router does not send a PIM
Join within the default timeout of 3
minutes, the upstream router's interface PIM-SM steady-state operation requires
reverts to being pruned. PIM-SM routers to send ___ messages
periodically.
The default interval of sending PIM Join
messages is 60 seconds.
Every 60 seconds
During PIM-SM steady-state operations,

how frequently are PIM Join messages
sent, by default?
Shortest Path Tree
Shared Tree / Root Path Tree
A PIM-SM RP uses a ___ tree to pull the
traffic from the multicast source to itself,
and uses a ___ tree to push the traffic down
to the PIM-SM routers that have requested
it.
Cisco routers switch over from the RPT to
the source-specific SPT after they receive
the first packet from the shared tree, by In PIM-SM operations, after the
default. downstream routers join the RPT from the
RP, when do the routers switch over to the
multicast SPT between the individual
routers and the multicast source?
Global: ip pim spt-threshold kbps
After the threshold of kbps is crossed, the How do you configure a Cisco router to
router switches from the RPT through the change from a PIM-SM RPT to a source-
RP to the SPT to the source. By default, specific SPT after a certain rate of traffic?
this occurs after the router receives the first
multicast packet from the RPT.
Downstream routers do not know the IP
address of the multicast source (only the IP
address of the RP) until they receive the Why do receivers of multicast traffic in a
first multicast packet for the group from the PIM-SM network require at least one
source. packet before they can switch from the
RPT to the source-specific SPT?
The presence of the "J" flag.

When looking at the IP multicast routing
table, how can you tell which group(s)
switched over from the RPT to the SPT?
The router sends a Prune for the (S,G) to
the RP with the RP-Tree bit set, which
indicates to the RP (and to the upstream When a PIM-SM router switches to the
routers toward the RP) that the router has SPT toward the multicast source, how does
switched over to the SPT and no longer it signal to the RP that it no longer needs
needs the traffic from the RPT. traffic from the RPT?
Statically with ip pim rp-address
Cisco-proprietary Auto-RP protocol
Standard BootStrap Router (BSR) protocol What are the three methods for which a
Cisco router can learn of the PIM-SM RP?
Anycast RP using MSDP
BootStrap Router (BSR)
What are the two methods Cisco IOS
supports for providing redundant PIM-SM
RPs?
The RP sends RP-Announce messages to
224.0.1.39 stating that the router is an RP,
and the particular multicast groups the RP With Auto-RP, what is the first step the RP
handles. performs?
False: The Auto-RP Mapping Agent can be
a different router than the RP, but they are
usually configured on the same router. True or False: The Auto-RP Mapping
Agent cannot be on the same router as the
RP.
The mapping agent learns all the RPs and
the multicast groups they support, then
multicasts RP-Discovery messages that What does the Auto-RP Mapping Agent
identify the RP for each range of multicast do?
group addresses.
224.0.1.40
To which multicast address are RP-

Discovery messages sent?
By listening to RP-Announce messages
from multicast group 224.0.1.39 sent by the
RP. How does the Auto-RP Mapping Agent
receive information about RPs and their
associated groups?
When multiple RPs are present and serve
as RP for the same groups, the Mapping
Agent advertises the RP with the highest IP When multiple RPs are present, how does
address as the current RP for the particular the Auto-RP Mapping Agent determine
multicast group. which RP to use for a particular group?
RP-Discovery 224.0.1.40
When PIM is enabled on an interface on a
Cisco router, regardless of the mode, what

multicast group is automatically joined?
Sparse-dense-mode allows an interface to
use multicast sparse or dense mode,
depending on the particular group. What is PIM sparse-dense-mode?
The global ip pim autorp listener
command joins the Auto-RP multicast
groups 224.0.1.39 and 224.0.1.40 in dense- How can a router interface configured with
mode in order to discover the RP. After the ip pim sparse-mode discover the RP with
RP is discovered, sparse-mode Auto-RP?
communications can take place.
Globally:
ip pim send-rp-announce {interface | ip-
address} scope TTL [group-list ACL] How do you configure a router to be an RP
with Auto-RP?
Note: the referenced interface (whether by
interface or IP) must have multicast
enabled.
Globally:
ip pim send-rp-discovery scope TTL
How do you configure a router to be an
Auto-RP Mapping Agent?
show ip pim rp
How can you verify which RP is being

used for which multicast groups?
False: Boostrap messages are flooded only
on non-RPF interfaces. Likewise, loops are
prevented because Boostrap messages are True or False: BSR floods Boostrap
discarded when received on non-RPF messages only on RPF interfaces.
interfaces.
Boostrap messages are discarded when
received on non-RPF interfaces.
How does BSR prevent loops when
Boostrap messages are flooded?
The BSR is similar to the Auto-RP
Mapping Agent.
What is the BSR analogous to, as
compared to Auto-RP?
False: Unlike Auto-RP, BSR sends all
group-to-RP mapping information to the
other PIM routers, and they independently True or False: The BSR chooses and
choose the currently best RP for each advertises the best RP for each multicast
multicast group by running the same hash group.
algorithm on the information in the
bootstrap message.
The BSR floods all mapping information in
Boostrap messages to the All-PIM-Routers
address 224.0.0.13. To where does the BSR flood Boostrap
messages to?
When BSR is used, all PIM routers already
know the unicast IP address of the BSR
from the earlier receipt of Boostrap How does a BSR learn about the candidate
messages. Candidate RPs send unicast c- RPs?
RP Advertisements to the BSR which
include the IP address used by the c-RP
and the groups it supports.
True: Each Candidate-BSR sends Bootstrap
messages that include the priority of the
BSR and its IP address. The highest True or False: Multiple PIM-SM BSRs can
priority wins (default 0), followed by be configured on the network
highest IP address. simultaneously.
The winning BSR is called the Preferred

BSR and continues to send Bootstrap
messages while the other BSRs monitor the
messages to attempt to take over if the
Preferred BSR's messages stop.
0, higher priority preferred.
What is the default priority for BSR

routers?
Globally:
ip pim bsr-candidate interface
How do you configure a router to be a
Note: PIM-SM must be configured on the candidate BSR?
interface
Globally:
ip pim rp-candidate interface
How do you configure a PIM-SM router
Note: PIM-SM must be enabled on the using BSR to be a candidate RP?
interface
With Anycast RP, RP redundancy and load
sharing can be achieved with multiple RPs
concurrently acting as the RP for the same What capability does Anycast RP add over
group. static RP configuration, Auto-RP, and
BSR?
Without Anycast RP, RP redundancy only
allows one router to be the active RP for
each multicast group, and load sharing is
achieved by using one RP for some groups,
and another RP for other groups.
Multiple RPs share the load for a single
multicast group
What are the two biggest benefits of using
Recovery after a failed RP is a function of Anycast RP?
IGP convergence, and so it usually fairly
quick.
Multiple RPs are configured with the same
IP address, cover the same multicast
groups, and are advertised into the IGP. All How does Anycast RP work?
the RPs act as normal, and the same
information is distributed either statically,
with Auto-RP, or with BSR. All routers use
the closest RP based on their unicast
routing table.
Globally:
ip msdp peer ip
How do you configure an MSDP peer?
show ip msdp peer
How do you verify an MSDP peer?

To provide a method for RPs in different
multicast domains to register multicast
sources with peer RPs. What is the purpose of MSDP?
Source Active (SA) messages list the IP
addresses of each source for each multicast
group. What are MSDP Source Active (SA)
messages?
Every 60 seconds
How frequently are MSDP SA messages

sent between peers?
Each of their MSDP peers, as well as to the
multicast sources
MSDP peers require routes to ___.
False: RPs can send Source-Active (SA)
request messages. The MSDP peers
respond with SA response messages. True or False: MSDP peers must wait for
the 60 second interval before receiving
updated multicast information from each
other.
-RP builds a shared tree with itself as the
root
-Source's first-hop router registers to the What are the four generic steps of PIM-SM
RP with PIM Register messages operations, starting with the RP?
-RP joins SPT to source with PIM Join
-Routers with receivers join SPT to source
with PIM Join
Normally, PIM-SM uses the shared tree
created to the RP to initialize multicast
traffic, with both the RP and the receivers How does BiDirectional PIM work
eventually joining the SPT to the source. differently than PIM-SM?
BiDirectional PIM uses only the shared

tree for communications between senders
and receivers. The RP and leaf routers do
not join the SPT.
When most of the receivers are also
senders, such as videoconferencing.
What is the primary use case for
BiDirectional PIM?
The sender's first-hop router forwards the
traffic up the shared tree to the RP. The RP
then forwards the traffic back down the With BiDirectional PIM, how does traffic
shared tree to all of the leaf routers flow from sender to receiver?
containing the receivers.
Globally:
ip pim bidir-enable
How do you configure PIM BiDir on a
You must then add the bidir keyword to router?
the RP configuration:
Static: ip pim rp-address ip bidir
Auto-RP: ip pim send-rp-announce
interface scope ttl bidir
BSR: ip pim rp-candidate interface bidir
Important: enable PIM BiDir on all routers

in the network to avoid routing loops.
show ip pim rp mapping will reveal
which groups, if any, are using PIM BiDir.
How can you verify if PIM BiDir is being
used?
30 seconds
What is the default frequency interval of

PIM-DM and PIM-SM Hello and Query
messages?
Globally:
ip pim ssm default
What two configurations are required on a
Interface: router to use Source-Specific Multicast
ip igmp version 3 (SSM)?
Note: SSM requires IGMPv3 configured on

the interface.
SSM receivers know the unicast IP address
of the source, and specify it when they join
the multicast group. SSM receivers join a Why is an RP not needed with SSM?
specific (S,G).
Without SSM, multicast receivers receive
all traffic sent to a particular subscribed
multicast group. With SSM, multicast What is a major advantage of SSM with
traffic is received only from the specified regard to multicast group addresses?
source on the particular multicast group.
True. SSM only uses SPT and hosts join a
specific (S,G) which negates the
requirement of RPs and shared trees. True or False: SSM does not use any RPs
or shared trees.
The default keyword means that the range
232.0.0.0/8 is used for SSM.
When you issue the global command ip
Within this range, no shared trees are pim ssm range default on a router, which
allowed, and (*,G) joins are dropped. groups are used for SSM?
IGMPv1 and IGMPv2 do not allow
receivers to explicitly specify sources in
order to build SPTs. Why is IGMPv3 required for SSM?
Globally:
ipv6 multicast-routing
How do you enable multicast routing for

IPv6 in Cisco IOS?
False: PIMv6 is enabled automatically for
all IPv6-enabled interfaces when ipv6
multicast-routing is issued. True or False: After issuing the ipv6
multicast-routing command, PIMv6 must
be configured on IPv6-enabled interfaces.
Interface:
no ipv6 pim
How can you disable PIM on an IPv6-
enabled interface?
show ipv6 pim neighbor
How can you verify IPv6 PIM adjacencies?

Interface:
ipv6 pim dr-priority priority
How do you configure the IPv6 PIM DR
Higher priority wins. priority?
True. IPv6 multicast operates only in
sparse-mode, and the RP must either be
statically defined, use IPv6 BSR, or True or False: IPv6 multicast does not
Embedded RP. support Auto-RP or dense-mode operation.
Globally:
ipv6 pim rp-address ipv6-address
How do you statically configure the IPv6
PIM RP?
show ipv6 mroute
How do you verify the IPv6 multicast

routing table?
Globally:
ipv6 pim bsr candidate bsr ipv6-address
How do you configure a router to be the
IPv6 PIM BSR candidate?
Globally:
ipv6 pim bsr candidate rp ipv6-address
How do you configure a router to be the
IPv6 PIM BSR candidate RP?
show ipv6 pim range-list
How do you verify the IPv6 group-to-RP

mappings?
MLD is comparable to IGMP.
MLDv1 is comparable to IGMPv2 IPv6 MLD is comparable to ___.

MLDv2 is comparable to IGMPv3
Query
Report
Done What are the three types of messages used
by MLD?
Done
The MLD ___ message is similar to the
IGMPv2 Leave message.
show ipv6 mld interface interface
How can you verify MLD for an interface?

show ipv6 pim traffic
How can you verify IPv6 multicast traffic

statistics?
Embedded RP enables the identity of the
RP to be embedded as part of the multicast
group address. What is Embedded RP?
Embedded RP addresses always being with
FF70::/12
How do you know that an IPv6 multicast
1111 1111 0111 group contains an embedded RP?
Scope
RP interface ID
Prefix length What five pieces of information are
64-bit RP prefix contained in an IPv6 Embedded RP
32-bit group ID address?
FF7<scope>:0<RP interface ID><hex

prefix length>:<64-bit RP prefix>:<32-bit
group ID>:<1-F>
Interface:
ip igmp join-group address
How do you configure a router to join a
multicast group?
The IP Precedence (IPP) field
What are the high-order 3 bits of the ToS

byte in the IP header referred to as?
0 Routine
1 Priority
2 Immediate What are the IP Precedence names for
3 Flash values 0 - 7?
4 Flash Override
5 Critical
6 Internetwork Control
7 Network Control
Reverse mnemonic: NIC F FIPR

Bits 0 - 5 are the DSCP
Bits 6 - 7 are for ECN
How are the bits in the IP header's ToS byte
defined for DiffServ?
Class Selector PHBs
CS0 - CS7 = IPP 0 - 7

What are the bits formerly used by IPP

referred to as with DSCP?
AFxy where x = 1 - 4 and y = 1 - 3. Higher
values of x get better queuing treatment,
and higher values of y have a higher How do the Assured Forwarding (AF)
probability of being dropped. PHBs work?
Example: with AF11 vs AF23, AF23 will

have better queuing treatment, but will
have a higher probability of being dropped.
8x + 2y = decimal
Example: AF41 = (8 * 4) + (2 * 1) = 34 How do you convert AFxy PHB values to

decimal?
46
What is the decimal value of the Expedited

Forwarding (EF) PHB?
False: it is present only when the Ethernet
frame includes an 802.1Q tag, or an ISL
trunking header. True or False: The 3-bit Ethernet CoS field
is always present in the Ethernet header.
On ingress only, and only if the interface
supports that particular header field.
When is classification based on CoS, DE,
CLP, or EXP bits performed?
On egress only, and only if the interface
supports that particular header field.
When is marking based on CoS, DE, CLP,
or EXP bits performed?
NBAR
In a MQC class-map, what is used to

perform matching when the match
protocol statement is used?
The packets would not be marked, and will
retain their existing DSCP values.
A MQC policy is designed to mark packets
as they leave an interface:
policy-map policy1
class class1
set dscp ef
class class2
set dscp default
interface f0/0
service-policy output policy1
What happens if a packet does not match

either of the two classes referenced by the
policy-map?
match-all (logical AND)
If a class-map is defined without

specifying the matching logic, what is the
default?
No packets are matched because a packet
cannot be marked as DSCP 0 and DSCP 1
simultaneously. What is the result of this configuration?
The correct way to issue this configuration class-map match-all class1

is: match dscp 0
match dscp 1
class-map match-any class1
match dscp 0 1
It is matched to the special class class-
default
If a packet inside a policy-map does not
match any referenced classes, how is the
packet handled?
Without the ip keyword, both IPv4 and
IPv6 packets are marked.
When performing class-based marking,
Example: set dscp value marks both what happens if you do not include the ip
IPv4/IPv6 DSCP, but set ip dscp value keyword when setting the IP Precedence or
marks IPv4 only DSCP?
show policy-map name
How do you verify the configuration of a

policy-map?
show policy-map interface
How do you verify the statistical

information about the behavior of a policy-
map enabled on an interface?
class-map class1
match protocol http url "*string*"
How can you configure a class-map to use
NBAR to match web URLs containing a
particular string?
Interface: load-interval
How do you adjust the time interval over

which IOS measures packet and bit rates on
an interface?
ip nbar protocol-discovery
How can you configure NBAR to gather

statistics on an interface?
Copy the PLDM file to the router, then
configure globally:
ip nbar pldm file How do you upgrade NBAR's Packet
Description Language Modules (PLDMs)?
Mark as close as possible to the source, but

not from untrusted devices.
What is the general rule for the location of
For example, a server may have the ingress QoS marking?
capability to mark packets, but you might
not trust those markings and wish to
remark them manually on the ingress
switch port.
5 / 5 / EF
What are the Cisco-recommended

CoS/IPP/DSCP values for voice payload
traffic?
4 / 4 / AF41

CoS/IPP/DSCP values for video payload
traffic?
3 / 3 / CS3

CoS/IPP/DSCP values for voice/video
signaling traffic?
3 / 3 / AF31,AF32,AF33

CoS/IPP/DSCP values for mission-critical
traffic?
2 / 2 / AF21,AF22,AF23

CoS/IPP/DSCP values for transactional
data traffic?
1 / 1 / AF11,AF12,AF13

CoS/IPP/DSCP values for bulk traffic?
0 / 0 / BE

CoS/IPP/DSCP values for best-effort
traffic?
0 / 0 / 2,4,6

CoS/IPP/DSCP values for scavenger
traffic?
Traffic rate measured in bps
Burst size measured in number of bytes
With regard to traffic policing, what are the
two components of the traffic contract?
True - however, features like NBAR are

broken when working with encapsulated
traffic. True or False: The contents of the ToS byte
are automatically copied into the tunnel
header (in IPsec transport mode, in tunnel
mode, and in GRE tunnels) when the
packet is encapsulated.
QoS pre-classification permits routers to
make egress QoS decisions based on the
original traffic before encapsulation. What is Cisco IOS QoS pre-classification?
With the qos pre-classify command under
the tunnel interface, virtual template
interface, or IPsec crypto map. How and where do you enable QoS pre-
classification?
AutoQoS for VoIP
AutoQoS for Enterprise
What are the two versions of Auto-QoS?
auto qos voip {cisco-phone | cisco-soft-
phone}
How do you enable Auto-QoS for VoIP on
an access interface?
All traffic is marked as DSCP 0 and treated
as best effort, which is the default behavior
for a normal trunk port. When enabling AutoQoS for VoIP on an
access interface, what happens if CDP
cannot detect a Cisco phone?
Voice/Video traffic
Routing protocol traffic
STP BPDUs When using AutoQoS for VoIP, which
types (not classes) of traffic are placed into
All other traffic is placed into the normal the PQ on the ingress interface?
ingress queue.
auto qos voip trust
How do you enable AutoQoS for VoIP on

an uplink interface?
QoS enabled globally
CoS-to-DSCP and DSCP-to-CoS mappings
created What five global configurations are added
PQ enabled for ingress and egress when AutoQoS for VoIP is enabled?
Mappings of CoS and DSCP values to
ingress and egress queues and thresholds
Creation of class-maps and policy-maps to
identify, prioritize, and police voice traffic
The router changes the encapsulation to
PPP, creates a PPP Multilink interface, and
enables LFI on the interface. What happens when you issue the
command auto qos voip on a router serial
interface with a bandwidth of 768k or less?
With the trust keyword, the router creates
class maps that group traffic based on
DSCP values, associates the class maps to When configuring auto qos voip on a
a policy map, and assigns the policy map to router, what does the trust keyword do
the interface. with regard to class maps?
Without the trust keyword, the router

creates ACLs that match voice/video data
and call control ports. The ACLs are
associated with class maps, which are
associated with a policy map that marks the
traffic appropriately. Traffic not matched
by the ACLs is marked with DSCP 0.
show auto qos
How do you display the configured

interface AutoQoS commands?
Interface: auto discovery qos [trust]
Interface: auto qos
What are the two steps required to
1. Discover traffic on the interface with configure AutoQoS for the Enterprise?
NBAR: auto discovery qos [trust] where
the trust keyword is used when the
arriving traffic is already marked.
2. Generate the AutoQoS configuration

based on the collected traffic at the
interface: auto qos
Optionally stop NBAR traffic discovery

with no auto discovery qos
show auto discovery qos
With AutoQoS for the Enterprise, how do

you list the types and amounts of traffic
collected by NBAR?
show auto qos
With AutoQoS for the Enterprise, how do

you display the class maps, policy maps,
and interface configuration generated by
the AutoQoS macro?
Fancy queuing
What is an alternative name for a software

queuing (as opposed to hardware queuing)?
FIFO
Hardware queues always use ___ logic.

True
True or False: When an interface finishes

sending a packet, the next packet from the
hardware queue can be serialized and sent
out the interface without requiring a
software interrupt to the CPU.
True
True or False: Hardware queues cannot be
affected by IOS queuing tools.
True
True or False: IOS automatically shrinks

the length of the hardware queue to a
smaller length than the default when a
queuing tool is present.
Short hardware queue lengths mean
packets are more likely to be in the
controllable software queues, giving the What is the advantage of having a shorter
software queuing more control of the hardware queue length in conjunction with
traffic leaving the interface. using software queues?
The queue length
What is the only function of a hardware

queue that can be manipulated?
show controllers interface | inc tx_limited
How can you verify the length of a

hardware transmit queue?
Classification
___ is the ability to look at packet headers

to choose the right queue for each packet.
Drop policy
The rules used to choose which packets to

drop as queues begin to fill is known as the
___.
Scheduling
The logic used to determine which packet

should be dequeued next is known as ___.
LLQ prevents the high-priority queue from
starving other queues with policing.
How is LLQ different from the legacy PQ?
64 queues/classes
How many queues are supported by

CBWFQ and LLQ?
class-default
This queue exists even if it is not CBWFQ and LLQ both have a special
configured. If a packet does not match any queue referred to as ___.
of the explicitly configured classes in a
policy map, IOS places the packet into the
class-default class.
True
If some queues are empty and do not need True or False: The CBWFQ scheduler
their bandwidth for a short period, the guarantees a minimum percentage of a
bandwidth is proportionally allocated link's bandwidth to each class/queue.
across the other classes.
True
True or False: service-policy input is not

allowed on routers for policy maps that
perform queuing.
Explicit
Percent
Remaining percent What are the three methods available in a
policy map for reserving bandwidth?
By using the bandwidth command within
a class map.
How do you configure CBWFQ (as
opposed to LLQ)?
By using the priority command within a
class map.
How do you configure LLQ?
20 percent of the configured bandwidth
LLQ uses a policer for the assigned queue.

What is the default burst size of the
policer?
class-map class1
priority 100
How do you enable a LLQ with a
bandwidth of 100 kbps?
The class will say "Strict Priority"
When looking at the output of show

policy-map policy how can you tell if a
class is using LLQ?
LLQ places packets from multiple LLQs
into a single internal LLQ. Packets in the
different LLQs get scheduled ahead of When LLQ is configured within multiple
nonpriority queues, but are serviced based classes in a policy map, which queue is
on arrival time for all packets in any of the scheduled first?
PQs.
Each LLQ can have different policer
settings. One use case is for sending both
voice and video. Each traffic class can be What is the reason for using multiple LLQs
placed into its own LLQ, but be in a single policy map?
individually policed so that neither traffic
class overruns the other.
True
True or False: The class class-default

internally allocates any unassigned
bandwidth among all classes, but can be
configured to reserve a minimum amount

of bandwidth.
Only when there is congestion, which
occurs when the hardware queue is full.
When does IOS use software queuing?
When a queue is full, there is no place to
put newly arriving packets, so they are
discarded. What is a tail drop, and when does it
occur?
The WRED full drop occurs when the
average queue depth rises above the
configured maximum threshold, and all With regard to WRED, what is the
new packets are discarded. However, the difference between a full drop and a tail
actual queue might not be full. drop?
When the queue is full, a tail drop occurs.

The average queue depth
Packets are randomly dropped when the What value does WRED look at when
average queue depth is between the determining whether a queue has filled
configured minimum and maximum enough to begin discarding packets?
thresholds.
The MPD is the calculated discard
percentage used at the maximum threshold
based on 1/MPD. What is the WRED Mark Probability
Denominator (MPD)?
For example, a MPD of 10 (1/10 = 10%)
means that the discard rate grows from 0%
to 10% as the average queue depth grows
from the minimum threshold to the
maximum. When the maximum is reached,
a full drop occurs.
Minimum threshold
Maximum threshold
Mark Probability Denominator (MPD) What does a WRED traffic profile consist
of?
Physical interfaces (with FIFO queuing)
Non-LLQ classes in a CBWFQ policy map
For which two locations can WRED be
configured?
With the random-detect keyword either
under a physical interface or in a non-LLQ
class in a policy map. How do you enable WRED?
Without the dscp-based keyword, WRED
uses IP Precedence.
What is the difference between random-
detect and random-detect dscp-based?
After issuing the random-detect or
random-detect dscp-based command,
issue either random-detect precedence or How do you modify the default WRED
random-detect dscp traffic profiles?
MDRR is used in place of CBWFQ and

LLQ on the Cisco 12000 series router
platform, because it does not support Modified Deficit Round-Robin (MDRR)
CBWFQ and LLQ. serves as a replacement for what?
seven round-robin queues (0 - 6) plus one
PQ
Modified Deficit Round Robin (MDRR)
allows classifying traffic into ___ queues.
Strict priority mode serves the PQ
whenever traffic is present in the queue,
which can lead to starvation of the other What is the difference between the
queues. Modified Deficit Round-Robin (MDRR)
PQ strict priority mode and alternate
Alternate mode serves the PQ in between mode?
servicing each of the other queues: 0, P, 1,
P, 2, P, etc. This prevents queue starvation
at the expense of jitter and latency as
compared to strict priority mode.
The Quantum Value is the number of bytes
the queue holds. The Deficit Count is the
number of bytes beyond the QV that were What is the relationship between the
transmitted in a single round-robin pass. Modified Deficit Round-Robin (MDRR)
Quantum Value and Deficit Count?
Example: If the QV is set to 1500, and two
1000-byte packets were transmitted during
a pass, there is a Deficit Count of of -500,
so 500 bytes are removed from the next
pass, making the QV 1000 for that pass.
Two, either of which (but not both) can be
configured as a PQ
The Catalyst 3560 series features ___
ingress queues.
Shared Round Robin (SRR)
What method is used by the Catalyst 3560

packet scheduler to control the rates at
which packets are sent from the ingress
queues to the internal switch fabric?
CoS 5
On the Catalyst 3560 platform, ___ traffic

is placed into queue 2 by default, and all
other traffic is placed into queue 1.
90% for queue 1
10% for queue 2
On the Catalyst 3560 platform, what is the
default bandwidth ratio for the two ingress
queues?
Weighted Tail Drop (WTD), which allows
configuration per-queue
What is the congestion avoidance method
(not queuing method) used on the Catalyst
3560?
Four
The Catalyst 3560 has ___ egress queues

per interface.
DSCP-to-CoS map > CoS-to-queue map
The frame's internal DSCP is compared to What are the two steps involved in
a global DSCP-to-CoS map to determine a classifying and assigning a frame to the
CoS value proper egress queue on the interface of a
Catalyst 3560 switch, assuming the
The per-interface CoS-to-queue map forwarding decision has been made?
determines the queue for a frame based on
the assigned CoS value
Both help to prevent queue starvation when
a PQ exists, but shaped round-robin also
rate-limits the queues so that they do not What is the difference between shared
exceed the configured percentage of the round-robin and shaped round-robin
link's bandwidth. queuing?
Globally:
mls qos srr-queue input priority-queue
{1 | 2} bandwidth percentage How do you enable ingress priority
queuing on a Catalyst 3560 switch?
show mls qos input-queue
How do you verify the input queue settings

on a Catalyst 3560 switch?
Per-interface:
srr-queue bandwidth {share | shape}
weight1 weight2 weight3 weight4 On a Catalyst 3560, how do you configure
the egress queues?
The default weights are all 25, where each
queue gets 25% of the available bandwidth.
The shaped scheduler never allows any
queue, PQ or non-PQ, to exceed its
configured percentage of link bandwidth, What is the difference between Shared
even if that means the link sits idle. Round-Robin and Shaped Round-Robin
scheduling with regard to bandwidth
utilization?
True. Two reservations must be made, from
source to destination, and from the
destination back to the source. True or False: RSVP reservations are
unidirectional.
Direction, flow
RSVP reservations are made per ___ and

per ___.
Destination IP address
Protocol ID
Destination port What three things does RSVP use to
classify an individual flow?
The RSVP messages appear as ordinary IP
packets to non-RSVP-capable routers.
How do RSVP messages between two

RSVP-capable routers appear in transit to
non-RSVP-capable routers?
The first RSVP-capable router in the path
from source to destination sends an RSVP
PATH message toward the destination IP What is the first general step in setting up
address. an RSVP-based reservation?
It replies with a RESV message requesting
the necessary QoS.
When the last RSVP-capable router in the
path receives a PATH message, what does
it do?
The failing RSVP router discards the
received RESV message requesting the
particular QoS, and returns an error If any RSVP router along the path does not
message. have the required resources to reserve,
what happens?
The originating router will receive back a
RESV message that has traveled the entire
path between source and destination RSVP How does an initiating RSVP router know
routers. if a reservation has succeeded?
Receipt of a RESV message means the
reservation was successful, and the
originating router sends back a RESV How does an originating RSVP router
message in response to the destination respond to receiving a RESV message?
router's PATH message to secure QoS in
both directions.
The destination router responds with a

ResvConf message, confirming the
reservation.
The destination RSVP router responds with
a ResvConf message, which confirms the
reservation. What is the final RSVP message sent from
destination back to source when resources
have been reserved in both directions?
Interface:
ip rsvp bandwidth total-kbps single-flow-
kbps How do you configure the RSVP total and
per-flow bandwidth reservation?
Interface:
ip rsvp signalling dscp value
How do you set the DSCP value for RSVP
control messages?
False. Transit routers do not require RSVP
to be enabled, and RSVP messages are
forwarded as any other ordinary IP packet. True or False: When using RSVP, it is
necessary to enable RSVP to establish state
on every router in the path.
The packets are delayed and held in a
shaping queue.
When traffic shaping is configured, and the
The packets are released from the queue so configured rate is exceeded, what happens
that over time the overall bit rate does not to the packets?
exceed the shaping rate.
Tc, which is measured in milliseconds
Tc = Bc/CIR What is the shaper static time interval

called?
Committed burst (Bc)
What is the term for the number of bits that

a shaper can send in a time interval (Tc)?
The CIR defines the rate for a VC based on
a business contract
What's the difference between the CIR and
The shaping rate is the configured rate for a the shaping rate?
shaper on a router, which may or may not
be the same value as the CIR
Burst excess (Be)
What is the shaping term used when more

bits than the Bc are allowed to be sent
during a given Tc?
Tc = Bc / CIR (shaping rate)
With a burst size of 8000 bits and a CIR of What is the basic formula for traffic
64 kbps, the Tc = 125ms shaping?
The bucket size is the Bc, and at the
beginning of each Tc, the token bucket is
refilled. With regard to traffic shaping, what is the
token bucket model?
Without Be, if there are tokens still in the
bucket at the beginning of the next Tc, the
overage of new tokens are wasted. If the Bc
is 8000, and there are 1000 tokens still in
the bucket at the next Tc, 7000 new tokens
are placed into the bucket, and 1000 new
tokens are wasted.
The packet must wait until the next Tc
(when new tokens are added to the bucket)
to acquire enough tokens for the packet to With the shaper token bucket model, what
be sent. happens if a packet needs to be sent, but
there are not enough tokens in the bucket?
Be (excess burst) makes the single token
bucket bigger, but there will still only be
the Bc (committed burst) number of tokens How does Be work with the shaper token
added at the beginning of each Tc (time bucket model?
interval).
Generic Traffic Shaping
Newer versions of Cisco IOS use class-

based shaping. What did older versions of
Cisco IOS use?
Identify the traffic in a class-map

Use the shape command in a policy-map
Apply the policy-map to an interface with How do you configure class-based traffic
service-policy output shaping?
Tc = 8000 bits / shaping bit rate
Bc = 8000 bits How does class-based shaping calculate

Be = Bc = 8000 bits Bc, Be, and Tc when the rate is less than or
Tc = Bc / shaping rate equal to 320 kbps?
Bc = Tc (25 ms) * shaping rate
Be = Bc
Tc = 25 ms How does class-based shaping calculate
Bc, Be, and Tc when the rate is more than
320 kbps?
It does not inherit the bandwidth setting of
the physical serial interface, it defaults to
1544. What happens if the bandwidth is not set
on a serial subinterface?
Both calculate Bc, Be, and Tc the same
way
How does shape peak work differently
shape peak refills Bc + Be (instead of just than shape average?
Bc) tokens each Tc
Peak shaping gets the right to send both the

committed burst and excess burst each time
period.
Shaping rate = configured rate * (1+

Be/Bc)
Example, shape peak 64000 = 64 (1 +

8000/8000) = 128
Committed Access Rate
Class-based policing is used in newer

Cisco IOS versions. What was used in
older Cisco IOS versions?
Conforming
Exceeding
Violating What are the three categories of packets in
class-based policing?
Single-rate, two-color
What is the simplest form of policing

referred to as?
bits
bytes
Shaping token buckets are measured in
___. Policing token buckets are measured
in ___.
Tokens are replenished at the policing rate.
For example, with a policed rate of

128kbps, ther policer replenishes 16,000 How does single-rate, two color (one
tokens per second (tokens represent 1 byte bucket) policing use the token bucket
with policing). If 0.1 seconds have passed model?
since the previous packet arrived, 1600
tokens would be replenished.
(Current packet time - previous packet time

* policed rate) / 8
(0 - 0.1 * 128000) / 8 = 1600 tokens to be
replenished
Single-rate, two-color policing uses a
single Bc bucket and supports conform and
exceed actions. What is the difference between single-rate,
two-color (single bucket) and single-rate,
Single-rate, three-color policing uses a Bc three-color (two bucket) policing?
bucket, a Be bucket, and supports conform,
exceed, and violate actions.
When the size of the packet requiring
transmission is equal to or less than the
number of tokens available in the Bc With single-rate, two color policing, when
bucket. is the traffic considered conforming?
Xp <= Xb
Xp tokens are drained from the Bc bucket
transmission is greater than the number of
tokens available in the Bc token bucket. With single-rate, two color policing, when
is the traffic considered exceeding?
Xp > Xb
No tokens are drained from the Bc bucket
transmission is equal to or less than the
number of tokens available in the Bc With single-rate, three color policing, when
bucket. is the traffic considered conforming?
Xp <= Xbc
Xp tokens are drained from the Bc bucket
tokens available in the Bc bucket, but less With single-rate, three color policing, when
than or equal to the number of tokens is the traffic considered exceeding?
available in the Be bucket.
Xp > Xbc AND Xp <= Xbe

Xp tokens are drained from the Be bucket
tokens available in both the Bc and Be With single-rate, three color policing, when
buckets. is the traffic considered violating?
Xp > Xbc AND Xp > Xbe

No tokens are drained from any bucket
Committed Information Rate (CIR)

Peak Information Rate (PIR)
With two-rate, three-color policing, what
are the two rates referred to as?
The Bc bucket is replenished at the CIR,
and the Be bucket is replenished at the PIR.
How does dual-rate, three-color (two
A conforming packet drains tokens equally bucket) policing work?
from both Bc and Be buckets (the same
packet uses double the number of tokens).
An exceeding packet drains tokens from

the Be bucket.
Violating packets drain no tokens, because

there are none to drain.
With the police command inside a policy-
map
Where is class-based policing configured?
police cir 128000 bc 16000 be 8000
conform-action transmit exceed-action
set-dscp-transmit 0 violate-action drop How do you configure a single-rate, three-
color policer with the following
CIR = bits requirements:
Bc & Be = bytes
Policed traffic rate of 128 kbps
Committed burst time of one second
Excess burst time of half of one second
Conform action of forward
Exceed action of marking the packet to
DSCP 0
Violate action of discarding the packet
The single-rate, three-color configuration
must either set a violate action, or
explicitly set the Be to something larger In configuring the police command, what is
than 0. the difference between a single-rate, two-
color and a single-rate, three-color
configuration?
The number of bytes that could be sent in
1/4 second at the defined policing rate.
If you do not configure a Bc value with the
Bc = (CIR * 0.25 seconds) / 8 = CIR / 32 police command, what is the value used by
default?
If the result is less than 1500, the default
Bc will be 1500.
police cir cir-bps pir peak-bps
What is the simplest way to configure dual-

rate policing?
Multi-action policing
When multiple fields in the same packet

are marked when using class-based
policing, what is this referred to as?
When configuring the police statement, do

not enter any actions. When you enter the
command without actions, you are placed How do you configure multi-action
into the policing subconfiguration mode, policing?
where you can configure multiple actions.
The police command uses the percent
keyword for CIR and PIR, the Bc and Be
values use the ms (milliseconds) keyword. How can you configure policing as a
percentage of interface bandwidth?
Example:
police cir percent 25 bc 500 ms pir
percent 50 be 500 ms conform transmit
exceed transmit violate drop
Where the CIR is 25% of the link, the PIR

is 50%, and the Bc and Be are both 500 ms.
single-rate, two-color
CAR uses what type of policing?

CAR is configured with the rate-limit
command under an interface.
How do you configure the CAR
(Committed Access Rate) feature?
Configure the first rate-limit statement
with conform-action continue which
causes all conforming packets to be How do you configure CAR to perform
evaluated by subsequent rate-limit subclassification?
statements.
10ms
When configuring traffic shaping for

latency-sensitive traffic, what is the
recommended Tc setting?
Interface:
traffic-shape rate rate
How do you configure the legacy Generic
Traffic Shaping feature?
HDLC
What is the default Layer 2 encapsulation

type on serial interfaces?
Cisco's version of HDLC includes a 2-byte
Type field for multiprotocol support.
HDLC is an ISO standard, but Cisco's
version is proprietary. What makes Cisco's
version proprietary?
show controllers interface
How do you determine which end of a

cable (DTE or DCE) is connected to a
serial interface?
On the DCE end: clockrate
Newer interfaces and versions of IOS

configure this automatically. Which end of a serial link provides the
clock signal, and how do you set it?
PPP includes a standardized Protocol field
in the same location as the Cisco HDLC
Type field. PPP also includes padding in How does the PPP header compare to the
the Data field to ensure the frame has an Cisco HDLC header?
even number of bytes.
Link Control Protocol (LCP) controls the
features independent of any specific Layer
3 protocol What is the difference between the PPP
LCP and NCP?
For each Layer 3 protocol supported by
PPP, a Network Control Protocol (NCP) is
defined (such as IPCP for IP).
Link Quality Monitoring (link is dropped if
a percentage of frames have errors)
Looped Link Detection (by sending a What four features are offered by the PPP
random Magic Number) LCP?
Layer 2 Load Balancing (via MLPPP)
Authentication (PAP/CHAP)
Interface: ppp quality
How do you enable the PPP LQM feature?

Each frame is fragmented by the number of
links in the bundle, and sent across all links
equally. How does MLPPP perform load balancing?
Example: a multilink bundle containing

three links would split each frame into
thirds, and send each fragment across the
individual links.
Create a multilink interface, enable
multilink, and assign a group:
interface multilink number How do you enable MLPPP?
ppp multilink
ppp multilink group x
Assign each interface to the multilink

group:
interface interface
ppp multilink group x
LFI prevents small, delay-sensitive packets
from having to wait on longer, delay-
insensitive packets to be completely What is Link Fragmentation and
serialized out an interface. Interleaving (LFI)?
LFI fragments larger packets and sends

delay-sensitive packets between the
fragments.
LFI is most effective on links of 768k or

less.
Interface: ppp multilink interleave
How do you enable MLPPP LFI?

Interface: ppp multilink fragment-delay x
x = delay in milliseconds After enabling MLPPP LFI, how do you

adjust the fragment size?
Size = x * bandwidth-kbps
Example: If the link is 256k, and the delay

is 5ms, the fragment size = 5 * 256 = 1280
bits = 160 bytes
Layer 2 payload
TCP header
RTP header What are the three types of compression
supported by PPP?
Interface: compress
After issuing this command, PPP starts the How do you enable PPP compression on a
Compression Control Protocol (CCP) NCP link?
to support compression negotiation and
manage the compression process.
When the average payload is small.
When is PPP TCP and RTP header

compression most effective?
Class-based policy-map:
compress header ip {tcp | rtp}
How do you configure PPP TCP or RTP
header compression?
PPPoE provides an emulated (and
optionally authenticated) point-to-point
link across a shared medium. What is the purpose of PPPoE?
Create a Broadband Aggregation Group to
handle the incoming PPPoE connections
and bind it to a virtual template interface: What is the first step in configuring PPPoE
on the ISP/server side?
bba-group pppoe name
virtual-template number
Under the bba-group:
sessions per-mac limit number
How do you limit the number of PPPoE
sessions allowed per-MAC?
The PPP header adds 8 bytes of overhead
to each frame.
Why is the MTU typically lowered to 1492
when using PPPoE?
show pppoe session
How can you verify a PPPoE connection?

Under the virtual-template interface:
ppp authentication chap callin
How do you enable PPPoE authentication

on the ISP/server side?
interface virtual-template number
ip address ip mask
peer default ip address pool pool How do you configure a virtual-template
interface for PPPoE for the ISP/server
The referenced IP address pool is side?
configured globally:
ip local pool pool start-ip end-ip
interface interface
no ip address
pppoe enable group group After creating the BBA group and the
virtual-template interface, how do you
Addressing is issued by the virtual- enable PPPoE on the customer-facing
template. interface on the ISP/server side?
interface dialer1
dialer pool 1
encapsulation ppp How do you configure PPPoE on the CPE?
ip address negotiated
mtu 1492
interface interface
no ip address
pppoe-client dial-pool-number 1
Create a BBA group and assign a virtual
template
Edit the virtual template and assign an IP What are the four high-level steps required
address and an IP pool to use to configure PPPoE on the ISP/server side?
Create the IP pool
Edit the client-facing interface with no IP
address, and enable it for PPPoE
Configure a dialer interface
Associate the dialer interface to a physical
interface What are the two high-level steps required
to configure the client side of a PPPoE
connection?
With the login statement under the console,
aux, or VTY line.
How do you configure Cisco IOS to
prompt the user for a password when
connecting to a console, AUX, or VTY
line?
With the password statement under the
console, AUX, or VTY line.
How do you define the simple password to
be used when logging into a console, AUX,
or VTY line?
With the global service password-
encryption statement.
How do you obfuscate all clear-text
passwords present in the Cisco IOS

configuration?
Individual existing passwords remain
encrypted until they are changed.
If passwords have been encrypted with the
service password-encryption command,
what happens when no service password-
encryption is issued?
False: The enable secret password is not
affected by service password-encryption
and is always encrypted with MD5. True or False: The enable secret password
is listed in plaintext unless service
password-encryption is on.
transport input none
transport input ssh
How do you configure VTY lines to use
If you do not issue transport input none only SSH?
first, the SSH method is added to the
existing default telnet method.
UDP 1812
1645 was the original defined port, but What is the well-known port used for
later changed to 1812. Cisco IOS still uses RADIUS?
1645 by default.
TCP 49
What is the well-known port used for

TACACS+?
False: the first configured reachable
method is used as long as there is a
response of either accepting or rejecting the True or False: When multiple AAA
user. authentication methods are configured, if
one method rejects the user, the next
For example, if there are three configured method is attempted.
methods, TACACS, RADIUS, and local
authentication, and the TACACS server is
not reachable, and the user is rejected by
the RADIUS server, local authentication is
not attempted.
UDP 1646
What is the default port used for RADIUS

accounting?
If the login statement was configured, it is
removed. However, the password
statement remains, and is used if the login What happens when you enable AAA with
authentication method is set to line. regard to accessing console and VTY
lines?
default refers to the default authentication
list. Named authentication lists are also
supported. What does default refer to in the command
aaa authentication login default method?
The method is what is used to validate the

AAA function, authentication in this case.
What does method refer to in the
Examples are group, which referes to command aaa authentication login
AAA servers, line for the line password, default method?
and local to use the local
username/password settings.
group refers to groups of AAA servers,
including named lists, all LDAP servers, all
RADIUS servers, and all TACACS+ What does group refer to in the
servers. command aaa authentication login
default group?
For example, the full command to use all of
the configured RADIUS servers is:
aaa authentication login default group
radius
UDP 1645
What is the default port for RADIUS

authentication used by Cisco IOS?
Configure the global AAA authentication
statement with a user-defined list name:
aaa authentication login name method1 How do you configure an override for the
..method2 etc AAA default login methods for console,
aux, or VTY lines?
Configure the console, aux, or VTY lines
to refer to the list:
line {con | aux | vty} number
login authentication name
Define the AAA methods for PPP:
aaa authentication ppp list method1
..method2 How do you configure PPP to use AAA for
CHAP authentication?
Enable PPP authentication on the interface:
ppp authentication chap list
no cdp run disables CDP globally for the
device
What's the difference between no cdp run
no cdp enable disables CDP at the and no cdp enable?
interface-level
switchport nonegotiate
How do you prevent a switch port from

sending or processing received DTP
messages?
Static configuration of the allowed MAC
addresses
Dynamic learning up to the defined What are the three methods for which a
maximum, entries are lost upon reload Catalyst switch can limit device MAC
Dynamic learning with the addresses saved addresses on a switch port?
in the config (sticky learning)
1
When switchport port-security is enabled,

how many MAC addresses are accepted on
the port by default?
protect silently implements the port
security
restrict adds SNMP traps and Syslog With switchport port-security, what are
logging of events the three violation modes, and what is the
shutdown places the port into the err- difference between them?
disabled state
show port-security interface interface
How do you view the security related

details of a switch port interface?
False: While sticky-learned MAC
addresses are added to the running
configuration, the configuration must be True or False: Sticky-learned MAC
saved before a reload. addresses are automatically retained across
a reload.
Globally:
ip arp inspection vlan vlan
How do you enable Dynamic ARP
Inspection?
Interface:
ip arp inspection trust
When Dynamic ARP Inspection is enabled
globally, all ports become untrusted. How
do you disable DAI on an individual port?
If an ARP reply has a source address that
was not DHCP-assigned to a device off that
port, the ARP reply is filtered by DAI. How does DAI interact with DHCP
snooping on an untrusted port?
Define an ARP ACL, and reference it via
DAI:
How do you configure DAI to filter invalid
Globally: ARP messages based on statically defined
arp access-list arp-acl-name IP or MAC addresses?
ip arp inspection filter arp-acl-name vlan

vlans [static]
The static keyword means ARP messages

are denied unless explicitly permitted by
the ACL. Without the static keyword, if
the ARP message does not match the ACL,
it is then checked against DHCP bindings.
The static keyword means ARP messages
are denied unless explicitly permitted by
the ACL. Without the static keyword, if What does the static keyword refer to in
the ARP message does not match the ACL, the following configuration?
it is then checked against DHCP bindings.
ip arp inspection filter arp-acl-name vlan
vlans [static]
Globally:
ip arp inspection validate src-mac
How do you configure DAI to drop ARP

replies if the source MAC in the Ethernet
header does not match the source MAC in
the ARP reply?
Globally:
ip arp inspection validate ip
How do you configure DAI to drop ARP
messages containing unexpected IP
addresses, such as 255.255.255.255 and
multicasts.
False. DAI can use the DHCP snooping
binding database, in which case DHCP
snooping must first be enabled, however True or False: DAI requires DHCP
DAI does not require DHCP snooping to be snooping to be enabled.
enabled when using static ARP ACLs.
Globally:
ip arp inspection limit
How do you adjust rate limit of ARP
messages accepted per port per second with
Dynamic ARP Inspection?
Dynamic ARP Inspection
IP Source Guard
The DHCP snooping binding database can
also be used by what two other security
features?
DHCP snooping filters messages sent by
only by DHCP servers (not DHCP clients)
on untrusted ports, because a DHCP server How does DHCP snooping prevent a rogue
should never reside on an untrusted port. DHCP server MITM attack?
DHCP release and decline messages on
untrusted ports are checked against the
DHCP snooping binding database. The How does DHCP snooping prevent an
messages are dropped if the IP address in attacking host from releasing a legitimate
the messages is not associated with the host's DHCP lease?
bound port.
Globally:
ip dhcp snooping vlan vlans
How do you enable DHCP snooping?
Interface:
ip dhcp snooping trust
How do you designate a port as trusted by
DHCP snooping?
Privileged EXEC mode:
ip dhcp snooping binding mac vlan vlan
ip interface interface How do you add a static entry into the
DHCP snooping binding database?
Interface:
ip dhcp snooping limit rate messages-per-
second How do you configure the rate at which a
port will accept DHCP messages?
Default: unlimited
IP Source Guard uses either the DHCP
snooping database or static bindings to
permit incoming packets only from bound What does IP Source Guard do?
IP addresses (and optionally IP + MAC).
The helps mitigate IP spoofing.
Interface:
ip verify source [port-security]
How do you enable IP Source Guard?
The port-security keyword verifies both IP
and MAC.
Note: DHCP snooping must be enabled,

even if static bindings are to be used.
Globally:
ip source binding mac vlan vlan ip
interface interface How do you configure a static IP Source
Guard binding?
Note: When using IP Source Guard, DHCP
snooping must be enabled, even if static
bindings are used.
True: IOS will accept all IP Source Guard
configuration commands, including those
for static bindings, but will not become True or False: IP Source Guard does not
active until DHCP snooping is enabled. work with static bindings unless DHCP
snooping is enabled.
EAPoL: Extensible Authentication
Protocol over LAN
What kind of frames are sent between the
802.1X supplicant and authenticator?
The authenticator (typically a switch)
translates between EAPoL frames between
itself and the supplicant, and the RADIUS With regard to communications between
messages required by the authentication the 802.1X supplicant and authentication
server. The authenticator also server, what role does the authenticator
enables/disables ports based on the serve?
success/failure of authentication.
Globally:
aaa authentication dot1x default group
radius After enabling AAA and configuring one
dot1x system-auth-control or more RADIUS servers, how do you
enable 802.1X and configure ports for
Interface: authentication?
authentication port-control {auto | force-
authorized | force-unauthorized}
CDP, STP, and EAPoL
When a port using 802.1X authentication is

forced to be unauthorized, what three types
of traffic are still allowed?
You can use the regular Storm Control
configuration commands on EtherChannel
interfaces, but the commands have no
effect. Storm Control can be enabled only How do you configure Storm Control on
on physical ports. EtherChannel ports?
Storm Control can limit individually
broadcast, multicast, and unicast traffic
per-port. What types of traffic can Storm Control
limit?
Interface:
storm-control traffic-type level rising
[falling] How do you enable the Storm Control
feature?
traffic-type is either broadcast, multicast, or
unicast, and is set individually with
multiple statements.
The level refers to the rate of packets as

either a percentage of the link bandwidth,
bps, or pps, and can have separate rising
and falling thresholds.
Interface:
storm-control action {trap | shutdown}
By default, Storm Control drops packets
when the configured threshold has been
reached. How can you configure the switch
to send an SNMP trap or shut down the
port when this occurs?
show storm-control
How can you verify the settings and current

status for Storm Control?
1-99 and 1300-1999
What are the numbered ranges for standard

IP ACLs?
100-199 and 2000-2699
What are the numbered ranges for extended

IP ACLs?
The 0 bits must match, and the 1 bits are
"don't care"
How do wildcard masks work?
Example:
0.0.0.255 = first 24 bits must match
128.0.0.0 = all bits except the first must
match
254.255.255.254 = the 8th and last bits
must match
255.255.255.255 - subnet mask
Example: What is the quick way to calculate a

255.255.255.255 - 255.255.240.0 = wildcard mask for a particular prefix
0.0.15.255 length?
A directed broadcast address
What is another name for a subnet

broadcast address?
This prevents the router from forwarding
broadcasts onto the network segment from
a different segment. What is the default interface command no
ip directed-broadcast used for?
This prevents certain attacks like the Smurf
attack where a malicious host sends an
ICMP Echo to the destination subnet's
broadcast address, with the source being a
target on the destination subnet.
uRPF is a security feature that checks the
source IP address of incoming packets and
will discard them if the source IP is not What is a unicast Reverse-Path-Forwarding
reachable on the incoming interface (strict (uRPF) check?
mode) or if it is not reachable via any
interface (loose mode).
The default route is not used for this check

unless the router is configured to do so.
Interface:
ip verify unicast source reachable-via rx
How do you enable uRPF strict mode?
Interface:
ip verify unicast source reachable-via
any How do you configure uRPF loose mode?
Whether uRPF strict or loose mode is
configured, the default behavior is to not
verify the uRPF check against the default When configuring uRPF, what does the
route. The allow-default keyword allows allow-default keyword do?
the router's default route to be used in
determining the validity of the packet.
Interface:
ip verify unicast source reachable-via
{rx | any} allow-default
Both trigger IP directed broadcasts. Smurf
uses ICMP Echo, Fraggle uses UDP Echo.
What's the difference between a Smurf
attack and a Fraggle attack?
TCP Intercept monitors TCP connections
for SYN attacks.
With Cisco IOS TCP Intercept, what is the
In Watch mode, it keeps state information difference between Watch mode and
for TCP connections that match an ACL, Intercept mode?
and if TCP does not complete the 3-way
handshake within a particular time period,
TCP Intercept sends a TCP RST to the
destination to clean up the connection.
Watch mode also temporarily denies new
TCP requests if more than 1100 occur in
one second.
In Intercept mode, the router replies to TCP

SYNs instead of forwarding them. If the 3-
Way Handshake completes, the router
creates a TCP connection to the
destination, then stitches the two
connections together.
Globally:
ip tcp intercept list acl
ip tcp intercept mode {watch | intercept} How do you configure TCP Intercept?
show tcp intercept {connections |
statistics}
How do you verify TCP Intercept?
control-plane
service-policy input policy-map-name
After defining a policy-map to be used for
CoPP, how do you apply it?
ARP
All other Layer 2 protocols fall under the With CoPP, the only Layer 2 protocol that
default class. can be explicitly assigned to a class is ___.
ACLs
IP Precedence
DSCP What are the only three match options that
can be used with CoPP class maps?
Malicious traffic should be placed at the
top so that it is dropped immediately.
Because classes within a policy-map are
evaluated top-down, which traffic should
you place at the top for CoPP?
Tunnel interface:
tunnel mode gre multipoint
How do you configure the proper mode on
a tunnel interface for DMVPN?
Tunnel interface:
tunnel source physical-interface
When creating a tunnel interface for
DMVPN, how do you associate the tunnel
interface with a physical interface?
Tunnel interface:
ip nhrp map multicast dynamic
With DMVPN, what configuration
This prevents the Hub router from needing statement on the hub is necessary to allow
a separate configuration line for a multicast dynamic routing protocols to operate?
mapping for each spoke router.
On the DMVPN Tunnel Interface, ip nrhp
network-id id enables NHRP, which is
critical to the operation of DMVPN. All How do you specify which DMVPN a
routers and interfaces configured with the device belongs to?
same ID belong to the same DMVPN.
Tunnel interface:
ip nhrp authentication password
How do you specify a cleartext password

for DMVPN connections?
Tunnel interface:
ip nhrp map hub-tunnel-ip hub-nbma-ip
ip nhrp nhs hub-tunnel-ip On a DMVPN spoke router, how do you
specify the hub router?
Lower the MTU on the tunnel interface to
account for overhead:
ip mtu 1400 What two things should you configure in a
DMVPN to prevent large packets from
Lower the TCP MSS on the tunnel being dropped or fragmented?
interface:
ip tcp adjust-mss 1360
Tunnel interface:
ip nhrp map multicast hub-nbma-ip
How do you configure a DMVPN spoke
This is necessary to prevent issues with router to send multicast traffic only to the
routing protocols like OSPF. hub, and not to other spokes?
show dmvpn
How do you verify the state of DMVPN

tunnels?
Create the ISAKMP policy
Set the ISAKMP key
Define the IPsec transform set What are the five high-level steps of
Create the IPsec profile configuring IPsec with PSK?
Apply the IPsec profile to the interface
ISAKMP policy, key

IPsec transform, profile, apply profile
crypto isakmp policy number
encryption algorithm (aes)
hash algorithm (md5) How do you configure a basic ISAKMP
group dh-group (5) policy for PSK?
lifetime seconds (86400)
authentication pre-share
Globally:
crypto isakmp key password address
0.0.0.0 How do you configure a PSK for
ISAKMP?
With DMVPN, use 0.0.0.0 for the address
since the configuration relies on dynamic
IP addresses on the spoke routers.
Globally:
crypto ipsec transform-set name
transform1 transform2 How do you configure a basic IPsec
transform set?
Example:
crypto ipsec transform-set SET esp-aes
esp-md5-hmac
crypto ipsec profile name
set security-association lifetime seconds
seconds (86400)
set transform-set set-name How do you configure a basic IPsec profile

for DMVPN?
Tunnel interface:
tunnel protection ipsec profile ipsec-
profile After creating an IPsec profile, how do you
apply it to a tunnel interface?
show crypto session
show crypto ipsec sa
What are two different ways to verify
DMVPN IPsec tunnel encryption?
Router discovery
SLAAC
IPv6 address resolution What six functions does NDP for ICMPv6
NUD Neighbor Unreachability Detection provide?
DAD
Redirection
Public/private key pairs
IPv6 SeND uses ___ to verify node address

validity.
Globally create the policy to define the
role:
ipv6 nd raguard policy name How do you configure RA Guard on a
device-role {host | router} switch?
Apply the policy to the interface:

ipv6 nd raguard attach-policy name
client
DHCP server
server With DHCPv6 Guard, all ___ messages are
always switched regardless of device role,
and ___ messages are only processed
further if the device role is set to ___.
To track IPv6 host liveness so the neighbor
table can be immediately updated when an
IPv6 host disappears to revoke network What is the purpose of the IPv6 Device
access privileges as they become inactive. Tracking feature?
Globally:
ipv6 neighbor binding vlan vlan
interface interface How do you enable IPv6 Device Tracking?
show ipv6 neighbor tracking
How do you verify IPv6 Device Tracking?

If its IPv6-to-MAC mapping is verifiable
With IPv6 ND Inspection, when is an ND

message considered trustworthy?
IPv6 ND Inspection learns and secures
bindings for SLAAC addresses in L2
neighbor tables. IPv6 ND Inspection How does IPv6 ND Inspection work?
analyzes ND messages to build a trusted
binding table database, and ND messages

that do not conform are dropped.
Globally create a policy:
ipv6 nd inspection policy name
device-role role How do you configure IPv6 ND
drop-unsecure Inspection?
Apply the policy to an interface:

ipv6 nd inspection attach-policy name
show ipv6 nd inspection policy
How do you verify an IPv6 ND Inspection

policy?
The IPv6 binding table must be populated
with IPv6 prefixes for IPv6 Source Guard
to work. IPv6 Source Guard requires what to be
populated before it will work?
The IPv6 address glean feature is notified
so it can try to recover the traffic by
querying the DHCP server or by using IPv6 With IPv6 Source Guard, what happens
ND. when traffic is denied due to being from an
unknown source or unallocated address?
Globally define the policy:
ipv6 source-guard policy name
permit link-local How do you configure IPv6 Source Guard?
deny global-autoconf
trusted
Apply the policy to an interface:

ipv6 source-guard attach-policy name
show ipv6 source-guard policy
How do you verify IPv6 Source Guard?

ipv6 access-list dhcpv6-server
permit host dhcpv6-server-ipv6-address
any How do you configure DHCPv6 Guard?
ipv6 prefix-list pfx permit ipv6-subnet le

128
ipv6 dhcp guard policy policy

device-role server
match server access-list dhcpv6-server
match reply prefix-list pfx
trusted-port
interface interface
ipv6 dhcp guard attach-policy policy
show ipv6 dhcp guard policy
How do you verify DHCPv6 Guard?

show ipv6 neighbors binding
How do you view the IPv6 address binding

table?
PACLs take precedence. Any traffic
allowed by a PACL will then be evaluated
by a VACL. How is traffic processed on an interface
when both PACLs and VACLs are
configured?
Create an IP or MAC ACL
Interface: How do you configure PACLs?

{ip | mac} access-group ACL {in | out}
Spokes can be added without changing
configuration on the hub router.
With regard to DMVPN, what does "zero-
touch provisioning" refer to?
Tunnel interface:
no ip split-horizon protocol
When using Distance Vector-based routing
protocols with DMVPN, what must be
configured on the hub?
Phase 1 only permits hub-to-spoke and
spoke-to-hub traffic.
Phase 2 can establish direct spoke-to-spoke What is the high-level difference in
tunnels. functionality between DMVPN Phase 1
and Phase 2?
Tunnel interface:
no ip next-hop-self eigrp asn
What EIGRP behavior must be changed for
EIGRP by default changes the next-hop in DMVPN Phase 2?
routing updates to itself when sending the
updates down from the hub to the spokes.
With tunnel mode ipv6ip:
interface tunnel number How do you configure a manual IPv6-over-

ipv6 address ipv6-address IPv4 tunnel?
tunnel source source-interface
tunnel destination ipv4-address
tunnel mode ipv6ip
Tunnel interface:
tunnel mode gre ipv6
How do you configure a tunnel interface
for IPv6-over-IPv4 GRE?
Automatic 6to4 tunnel border router
What type of address is represented with

2002:border-router-IPv4-address::/48 ?
One
Cisco IOS supports configuring ___

automatic 6to4 tunnel(s) on a router.
IPv6 subnet 2002::/16 is reserved for 6to4
addressing. The full IPv6 prefix is derived
from the border router's external-facing How does automatic 6to4 IPv6 addressing
IPv4 address encoded as work?
hexadecimal. Using the example
10.1.100.1, the prefix is
2002:0a01:6401::/64.
The tunnel interface will have an address

such as 2002:0a01:6401::1/64, while the
internal-facing interfaces could have
addresses such as 2002:0a01:6401:1::1/64
and 2002:0a01:6401:2::1/64.
Tunnel > static route > internal interfaces
interface tunnel number What three steps are involved with

ipv6 address 2002:tunnel-source-ip-as- configuring automatic 6to4 tunneling on a
hex::1/64 border router?
tunnel source external-IPv4-interface
tunnel mode ipv6ip 6to4
ipv6 route 2002::/16 tunnel number
Internal interfaces:
ipv6 address 2002:external-ip-as-
hex:subnet::1/64
64-bit-prefix:0000:5EFE:ipv4-address-of-
isatap-link-in-hex
How does ISATAP addressing work?
Example:
IPv6 prefix 2001:0db8:0abc:0def::/64
IPv4 tunnel destination address 172.20.20.1
= AC14:1401
ISATAP address:
2001:0db8:0abc:0def:0000:5efe:ac14:1401
tunnel mode ipv6ip isatap
How do you configure the mode on an

ISATAP tunnel interface?
no ipv6 nd suppress-ra
RAs are disabled by default on tunnel

interfaces, but must be enabled on ISATAP
tunnels. How do you enable this?
115
L2TPv3 uses IP Protocol ___.

Each CE is its own root, and therefore the
STP root does not change when multiple
sites are connected. What is an advantage of OTV with regard
to fault-domain isolation as compared to
other L2VPN technologies?
To allow more than two devices to
exchange traffic securely without requiring
a high number of SAs. What is the primary purpose of GET VPN?
The KS is used to create, maintain, and

send a policy to Group Members, which
provides information as to what traffic In a GET VPN deployment, what is the
should be encrypted by the GM and how it Key Server?
should be encrypted.
The KS generates the Transport Encryption

Key (TEK) and the Key Encryption Key
(KEK).
The TEK is generated by the Key Server
(KS) and is used by the Group Members
(GMs) to encrypt the data. What is the GET VPN Transport
Encryption Key (TEK)?
The Key Server (KS) generates the KEK
which is used to encrypt information
between the KS and the Group Members What is the GET VPN Key Encryption Key
(GMs). (KEK)?
GET VPN does not set up any IPsec
tunnels between Group Members (GMs).
Every GM has the policy (what to encrypt How does GET VPN compare with
and how) and encrypts every packet that DMVPN for IPsec tunnel usage?
conforms to the policy and sends it to the
network using Encapsulated Security
Payload (ESP), using original IP addresses
for routing the packets.
The Key Server (KS) must send out a new
Transport Encryption Key (TEK) and Key
Encryption Key (KEK) to the Group What is the GET VPN Rekey phase?
Members (GMs) before the TEK expires,
which is 3600 seconds by default.
ISAKMP GDOI (Group Domain of
Interpretation)
What is the protocol used in GET VPN
between the Key Server (KS) and Group
Members (GMs)?
The RIB has an entry for each destination
prefix containing the next-hop IP address.
The CEF FIB goes a step beyond and How does the CEF FIB take the RIB a step
maintains an adjacency table containing the further?
Layer 2 header of the outgoing interface
per destination prefix.
The ingress PE's FIB knows to push the
appropriate label onto the packet for the
destination and forward it out the correct With MPLS, how do the FIB and LFIB
interface. The upstream P router receives work together?
the labeled packet, and uses its LFIB to
forward the packet out the correct interface.
The egress PE router receives the labeled
packet, and its LFIB knows to pop the label
and forward the packet unlabeled to the
CE.
20-bit label
3-bit EXP
1-bit Bottom of Stack What are the four fields that make up the
8-bit TTL 32-bit MPLS header?
When an IP packet arrives at the ingress
PE, the IP packet's TTL value is copied
into the MPLS header's TTL field. As the What is MPLS TTL propagation?
MPLS packet traverses the MPLS network,
the TTL field in the MPLS header is
decremented at each hop. When the packet
arrives at the egress PE and the label is
removed, the MPLS TTL is copied back
into the IP packet's TTL field.
Globally:
[no] mpls ip propagate-ttl [forwarded]
[local] How do you configure MPLS TTL
propagation in Cisco IOS?
Interface:
mpls ip
Assuming CEF is enabled and an IGP has
This automatically enables and uses LDP. been configured, how do you enable basic
MPLS unicast IP routing?
show mpls ldp bindings
How do you verify the MPLS LIB?

show mpls forwarding-table
How do you verify the MPLS LFIB?

Routers running LDP multicast Hellos to
224.0.0.2 via UDP 646.
How does LDP establish neighborships?
The Hellos can list a transport address to be
used for the TCP connection. If the
transport address is not specified, the LDP
ID is used.
After neighbors are discovered, a TCP

connection is established also over port
646, and all local label bindings are
advertised.
The LDP neighbor with the highest LDP
ID.
With LDP, which neighbor initiates the
TCP connection after the neighbors are
discovered?
-Manually configured
-Highest IP of up/up loopback
-Highest IP of up/up non-loopback How is the LDP ID chosen?
An RD is 8 bytes
The first two bytes indicate the format of
the last six bytes: A Route Distinguisher (RD) value is ___
bytes, with which bytes identifying which
2-byte-integer:4-byte-integer of the three formats followed?
4-byte-integer:2-byte-integer
4-byte-dotted-decimal:2-byte-integer
Left side: ASN or IPv4 address

Right side: Arbitrary value (16- or 32-bits,
depending on left-side value) The format of a RD is two values separated
by a colon. What values are represented by
each side of the colon?
One RD
Multiple RTs
An individual prefix can have how many
RDs, and how many RTs?
As BGP Extended Communities
How are Route Targets propagated through

the network?
False: RDs make all prefixes unique, while
RTs act as a "tag" for VRFs, and can be
different from the RD value. True or False: RD and RT values must be
the same in order for routes to be
associated with the proper customer VPN.
VRFs can have a RT export value assigned
to them, which tags the routes as BGP
extended communities as they are What is the Route Target export and import
redistributed on the PE into the iBGP table. function?
VRFs on other PE routers can import the
same RT value so that the routes are
redistributed from the iBGP table back into
the VRF routing table.
VRFs can both export and import multiple
RTs.
How do VRF Route Targets facilitate
A common use case is a "centralized overlapping VPNs?
services" VPN, which has routes that need
to be accessible by multiple customers.
Each customer has its own VRF, which
maintains separation, but each VRF can
import routes exported from the centralized
services VRF.
The IP address is removed and must be
reapplied.
What happens when you enter ip vrf
forwarding vrf on an interface?
Globally:
vrf definition name
How do you instantiate a new VRF?
vrf definition name
rd asn/ip:nn
Where and how do you specify a Route
Where asn/ip is an ASN or IP address, and Distinguisher?
nn is an arbitrary number.
vrf definition name
route-target {import | export | both}
asn/ip:nn Where and how do you configure Route
Targets?
ip vrf specifies an IPv4-only VRF, whereas

vrf definition specifies a multiprotocol
VRF. What is the difference between ip vrf name
and vrf definition name?
Interface:
vrf forwarding vrf
How do you associate an interface with a
Note: When you enter this command, the particular VRF?
IP address is removed and must be
reapplied.
IOS automatically creates two lines of
configuration:
What happens when you enter the route-
route-target import value target both value command?
route-target export value
Under the routing protocol's VRF
configuration submode.
When configuring an MPLS PE router for
For example: routing protocol support for the CE, where
router rip is the configuration performed for each
address-family ipv4 vrf name customer?
no auto-summary
You cannot enter BGP configuration mode
for the particular VRF if it does not first
have an RD configured. What happens to BGP if you do not create
a Route Distinguisher for a particular
VRF?
PE router:
router bgp asn
address-family ipv4 vrf vrf How do you take routes learned from a CE
redistribute protocol router and redistribute them into BGP on
the PE router?
Redistribution configuration on the PE is
not required, unlike with IGPs and static
routing. What is an advantage of using BGP as the
PE-CE routing protocol for MPLS
L3VPN?
Configure the peer under the global BGP
process
Activate and send communities to the peer What two steps are required to configure
under the BGP VPNv4 AF MP-BGP between two PE routers?
router bgp asn

neighbor pe-ip remote-as asn
address-family vpnv4
neighbor pe-ip activate
neighbor pe-ip send-community
The inner label in an MPLS label stack that
identifies the outgoing interface the egress
PE should use to forward the unlabeled In the context of MPLS, what is the VPN
packet. label?
False: A PE router only has one LFIB
table, regardless of the number of
configured VRFs. True or False: The MPLS LFIB is a per-

VRF table.
The second-to-last router in the LSP pops
the outer label so that the egress PE does
not have to perform two lookups - one for What is the purpose of penultimate hop
the outer label, and one for the VPN label. popping with regard to MPLS VPNs?
A set of packets that are forwarded along
the same path and receive the same
forwarding treatment. What is the general definition of a
Forwarding Equivalence Class?
An interface can only be associated with a
single VRF, therefore subinterfaces must
be used. What is required when configuring VRF
Lite between two routers with only a single
Ethernet links can use 802.1Q link?
subinterfaces.
Serial links can (usually) use Frame Relay

encapsulation, which supports point-to-
point subinterfaces (whereas HDLC and
PPP does not). FR encapsulation does not
require a FR network -- just configure the
same DLCI on each end per-subinterface.
AS_PATH
If no other path attribute has been set, what

does BGP use as its default metric
mechanism?
The router rejects the request
What happens when a router running BGP

receives a TCP request on port 179, but the
source IP address is not configured as a
BGP neighbor?
BGP Open
After a TCP connection is established

between potential BGP neighbors, what is
the first BGP message that is exchanged?
After BGP Open messages have been
exchanged.
At what point do BGP neighbors reach the
Established state?
60 seconds
What is the default BGP keepalive

interval?
180 seconds
What is the default BGP hold time?

BGP process:
timers bgp keepalive holdtime
How do you adjust the global BGP

keepalive and hold timers?
-Manually configured router-id
-Highest IP of up/up loopback when BGP
process starts How is the BGP Router ID (RID)
-Highest IP of up/up interface when BGP determined?
process starts
By default the IP address of the outgoing
interface used to reach the neighbor IP
address is used. How is the source IP address used to reach
a BGP neighbor determined?
The IP address can be defined with the
BGP neighbor ip-address update-source
interface command.
The destination address is explicitly
configured with the BGP neighbor ip-
address statement. How is the destination IP address used to
reach a BGP neighbor determined?
Disabled by default in newer IOS versions.
Re-enable with auto-summary BGP auto-summary is ___ by default.

neighbor ip-address password password
How do you configure basic neighbor

authentication in BGP?
Whenever there is more than one route
through which the BGP router can reach a
peer. When should a BGP router use a loopback
for peering?
With synchronization enabled, BGP will
not advertise a route to an external
neighbor unless the route is local or exists How does BGP synchronization work?
in an IGP.
BGP process:
neighbor name peer-group
neighbor name bgp-commands How do you configure and apply BGP peer
neighbor neighbor-ip peer-group name groups?
Configured commands with neighbor

name bgp-commands get applied to all
members of the peer group. Likewise, BGP
builds one set of Update messages for the
peer group, instead of messages for
individual routers.
BGP:
neighbor ip-address ebgp-multihop ttl
How do you configure eBGP neighbors
Don't forget to include the associated that are not directly connected?
neighbor update-source command, if
necessary.
show tcp brief | inc .179
What show command can you use to verify

BGP connectivity without using any show
ip bgp or show ip route commands?
Source IP, ASN, RID, MD5:
The router must receive a TCP connection What four checks are used when BGP
request with a source address that the forms neighbor relationships?
router finds in a BGP neighbor statement
A router's ASN must match the

neighboring router's reference to that ASN
in it's neighbor statement (confederations
excluded)
The BGP RIDs of the two routers must not

be the same
MD5 authentication must pass if

configured
The neighbors both use the lower values of
each of the two timers. Mismatched
settings do not prevent neighborship. What happens if BGP neighbors do not
have identical keepalive and holddown
timers?
Idle > Connect > Active > OpenSent >
OpenConfirm > Established
What are the six BGP neighbor states?
BGP is enabled on a router, but neighbor
statements have not yet been configured
and therefore the router is not listening for What is the BGP Idle state?
TCP connections for BGP.
The BGP routing process detects that a
peer is trying to establish a TCP session.
What is the BGP Connect state?
The BGP routing process is trying to
establish a TCP session with a neighbor.
What is the BGP Active state?
Open
Keepalive
Update What are the four basic BGP message
Notification types?
Establishing neighbor relationships and
exchanging basic parameters
What is the BGP Open message used for?
To maintain neighbor relationships. The
relationship is reset if a keepalive message
is not received within the negotiated hold What is the BGP Keepalive message used
time. for?
To exchange NLRI
What is the BGP Update message used for?
Notification is sent (with FSM error code)

if an error or configuration change affects
the peering session What is the BGP Notification message
used for?
The peering session is reset and must be re-
established.
What happens if BGP receives a
Notification message?
BGP process:
neighbor ip shutdown
How do you disable the session with a
BGP neighbor without removing the
configuration?
The route referenced in the network
statement must be in the current IP routing
table. If the route does not exist, it is When using the BGP network statement,
removed from the BGP RIB. what causes a route to be placed into the
BGP RIB?
The default classful mask is assumed.
What happens if you enter a BGP network

statement without a subnet mask?
If any subnets of a classful network would
be redistributed, only the classful network
is redistributed. When BGP auto-summary is configured,
what is the behavior with the redistribute
command?
If a network command lists a classful
network number, with the classful default
mask (or no mask), and any subnets of the When BGP auto-summary is configured,
classful network exist, inject a route for the what is the behavior with
classful network. the network command?
Unlike with the redistribute command,

when the network command is used with
auto-summary, subnets are still injected
into the BGP table if they exist in the IP
routing table.
AS_SEQ
AS_SET
AS_CONFED_SEQ What are the four components (segments)
AS_CONFED_SET of the AS_PATH path attribute?
If the component subnets of the summary
route have different AS_SEQ values, the
router uses a null AS_SEQ. Why would the BGP aggregate-address
create a summary route for which the
AS_SEQ path attribute is null?
When BGP injects a summary route, if the
component subnets have different AS_SEQ
values, the summary route has an AS_SEQ When is the BGP AS_SET path attribute
value of null. The AS_SEQ values are used used?
for loop prevention. The AS_SEQ values
of all the component subnets are placed
into the AS_SET so that loop prevention

can still occur.
When creating a BGP summary, the as-set

keyword causes the generation of the
AS_SET values to be included with the
summary.
BGP process:
aggregate-address summary mask
summary-only How do you configure a BGP summary
address so that the component subnets are
not advertised?
BGP process:
aggregate-address summary mask as-set
How do you configure a BGP summary to
generate values for the AS_SET path
attribute?
True
True or False: The BGP aggregate-

address command will not create a
summary if the BGP table does not
currently have any routes for the NLRI
inside the summary.
The aggregating router removes the
summary and notifies its neighbors by
withdawing the route. What happens when all component subnets
of a BGP summary address are withdrawn
from the aggregating router's BGP table?
The local BGP table lists the next hop as
0.0.0.0
When a BGP summary is created with the
When the summary route is advertised to aggregate-address command, what is the
the BGP neighbors, the next hop is set to NEXT_HOP path attribute set to?
the IP address of the update-source for each
neighbor.
False. The AS_SET is generated only if the
AS_SEQ is null. If the AS_SEQ values of
all the component subnets are identical, the True or False: When using the BGP
AS_SET PA is not generated because the aggregate-address summary mask as-set
AS_SEQ will be that of the component command, the AS_SET path attribute is
subnets. always generated.
All component subnets advertised along
with the summary
No component subnets advertised with the With the BGP aggregate-address
summary-only keyword command, what three options are available
Some component subnets are not with regard to advertising component
advertised with suppress-map subnets?
network command
redistribute command
neighbor ip default-originate What are the three ways that BGP can
inject a default route?
A default route can be injected into BGP

with the network 0.0.0.0 BGP command,
as long as a route to 0.0.0.0/0 exists in the How do you inject a default route into BGP
IP routing table (through any means). without using redistribution or the neighbor
default-originate command?
When you use the redistribute command
under the BGP process, all matched routes
in the current IP routing table are How do you redistribute a default route
redistributed, with the exception of the into BGP?
default route.
To redistribute a default route, you must

additionally configure under the BGP
process:
default-information originate
None: this command does not add a default
route to the local BGP table, and it does not
check for the existence of a default route in What is a prerequisite for the BGP
the IP routing table by default. neighbor ip default-originate command to
advertise a default route to the neighbor?
BGP process:
neighbor ip default-originate route-map
route-map How do you conditionally advertise a
default route to a specific BGP neighbor?
The referenced route-map can check for
entries in the current IP routing table, and if
any of the routes are matched with a
permit statement, a default route is
advertised to the BGP neighbor.
Incomplete
What is the BGP ORIGIN code for routes

redistributed into BGP from an IGP?
IGP
What is the BGP ORIGIN code for a

summary route created with the aggregate-
address command, but without the as-set
option?
IGP if all component subnets also carry the
IGP ORIGIN code
What is the BGP ORIGIN code for a
Incomplete if at least one of the component summary route created with the aggregate-
subnets has the Incomplete ORIGIN code address command with the as-set option?
Withdrawn routes
Path Attributes for each route
Prefix/Length for each NLRI What are the three main components of the
BGP Update message?
Update messages contain NLRI only for
those that share the exact same Path
Attributes and PA values. What is the relationship between the Path
Attributes and NLRI within a BGP Update
message?
NLRI that have different PAs or PA values

requires separate Update messages.
The current BGP table.
What is the information source of

generated BGP Update messages?
BGP will advertise only the single best
route from all that are available in the BGP
table to a neighbor. What is the purpose of the BGP decision
process?
Routes that are not considered best
Routes matched by a deny clause in an
outbound BGP filter When advertising updates to a BGP
iBGP-learned routes if the neighbor is neighbor, which routes in the current BGP
iBGP (excepting route reflectors and table are not advertised?
confederations)
Shortest AS_PATH
eBGP over iBGP
Lowest IGP metric to NEXT_HOP Assuming no routing policies have affected
Lowest BGP RID of advertising router the BGP decision process, how is the best
route chosen?
The NEXT_HOP must be 0.0.0.0 as the
result of the route being injected on the
local router For a BGP route to be considered best, the
NEXT_HOP PA value must meet either of
The NEXT_HOP value must be reachable two conditions. What are the two
according to that router's current IP routing conditions?
table
Do not change the NEXT_HOP PA value
by default when advertising to an iBGP
neighbor When advertising a route to an iBGP
neighbor, what is the default action with
regard to changing the NEXT_HOP path
attribute?
Change the NEXT_HOP value to the
update source IP address.
When advertising a route to an eBGP
neighbor, what is the default action with
regard to changing the NEXT_HOP path
attribute?
BGP process:
neighbor ip next-hop-self
How do you configure BGP to change the
NEXT_HOP value when advertising to an
iBGP peer?
BGP process:
neighbor ip next-hop-unchanged
How do you configure BGP to keep the
existing NEXT_HOP value when
advertising to an eBGP peer?
BGP process:
neighbor ip next-hop-self
neighbor ip next-hop-unchanged What two commands are available for

changing the BGP NEXT_HOP path
attribute?
show ip bgp neighbor ip advertised-
routes
How can you verify which routes are being
advertised to a particular BGP neighbor?
routes displays all routes that have been
received AND accepted
What's the difference between these two
received-routes displays all routes, both BGP commands:
accepted, and rejected, and requires the
neighbor to be configured with soft- show ip bgp neighbor ip routes
reconfiguration inbound show ip bgp neighbor ip received-routes
Make the eBGP neighbor's IP address
reachabile by advertising it's subnet into
the IGP With all default settings, an iBGP-learned
route has a NEXT_HOP address of the last
Use the next-hop-self command on the eBGP router to advertise the route. If the
upstream iBGP neighbor downstream iBGP peer cannot reach the
NEXT_HOP address, what two solutions
can resolve this?
The eBGP route in the BGP table must be
considered "best"
What are the two requirements for an
If the same prefix has been learned through eBGP route to be installed in the local IP
some other method on the router, the AD routing table?
for the eBGP route must be lower than the
AD for the other sources (eBGP default 20)
eBGP (default 20)
iBGP (default 200)
Local (locally-injected) (default 200) What are the three BGP route types for
which you can individually adjust the
Administrative Distance?
BGP process:
distance bgp external internal local
How do you change the default
Default 20, 200, 200 Administrative Distance values for BGP?
BGP process:
distance distance neighbor-ip wildcard
[acl] How do you change the Administrative
Distance for individual BGP routes?
neighbor-ip represents the IP address used
on the BGP neighbor statment. The acl
examines routes received from the
particular neighbor, and assigns the AD for
any routes matching the ACL with a
permit action.
The neighbor-ip represents the IP address
used on the BGP neighbor statment.
The acl examines routes received from the How does the BGP
particular neighbor, and assigns the AD for command distance distance neighbor-ip
wildcard [acl] work?
any routes matching the ACL with

a permit action.
The route entered into the IP routing table
contains the exact same prefix, length, and
next-hop IP address as listed in the BGP What might cause a recursive route lookup
table, even if the NEXT_HOP PA is an IP when a route from the BGP table is entered
address that is not in a connected network. into the IP routing table?
For example, if the NEXT_HOP is 2.2.2.2

and the router is not directly connected to
2.2.2.2, but knows how to get to 2.2.2.2 via
another route in the IP routing table, a
recursive route lookup must be performed.
BGP process:
network prefix mask mask backdoor
How do you configure a BGP backdoor?
When the same prefix is learned from
eBGP and an IGP, the eBGP prefix is
preferred, even though the IGP prefix may What is the purpose of the BGP backdoor
actually be the better path. The BGP command?
network network backdoor command
causes that specific network to use the BGP
Local AD (200 by default) and no longer
advertises the route with BGP.
As long as the IGP-learned prefix is in the

IP routing table, it will be used. If the IGP-
learned prefix disappears, the eBGP-
learned route is used.
BGP synchronization resolves routing
black holes for internal transit routers
between iBGP peers. BGP synchronization What issue does BGP synchronization
says to not consider an iBGP route in the resolve?
BGP table as best unless the exact prefix
was learned through an IGP and is
currently in the routing table. This means
BGP routers need to redistribute their
learned prefixes into the IGP so that traffic
is not blackholed on transit routers, and
BGP routers cannot advertise unreachable
prefixes.
BGP synchronization requires BGP-learned
routes to be redistributed into the IGP
before they can be advertised by an iBGP Why is BGP synchronization disabled by
peer. As the Internet BGP table has grown, default?
it is now infeasible to redistribute all of the
routes into the IGP, so synchronization is
disabled by default now.
BGP does not allow the OSPF-learned
route to be considered best if the OSPF
RID of the router advertising the prefix is What is a requirement related to BGP
different from the BGP router advertising synchronization when OSPF is used as the
the same prefix. IGP?
When using BGP synchronization, it is a

best practice to manually configure the
RID to be the same on both BGP and
OSPF.
Create a full mesh of iBGP peerings
Confederations
Route Reflectors What are the three alternatives to enabling
BGP synchronization?
64512 - 65535
What is the BGP 16-bit private ASN

range?
BGP process:
bgp confederation peers sub-as1 ..sub-as2
How do you configure BGP to identify
Confederation peers need to be identified other confederation sub-ASes?
because while the connections appear as
eBGP, they do not work as true eBGP
connections do. Confederations modify the
AS_PATH PA with AS_CONFED_SEQ
and AS_CONFED_SET attributes, which
are used to prevent loops between the
confederations sub-ASes.
When the routes are advertised to a true

eBGP peer, the AS_CONFED information
is removed.
True. Within a confederation sub-AS, full
iBGP rules are in effect.
True or False: Inside a BGP Confederation
Sub-AS, a full mesh of BGP peerings is
required.
True: If peering between loopbacks, you
must adjust the neighbor ip ebgp-
multihop ttl value. True or False: Confederation eBGP
connections act like normal eBGP
connections with a default TTL of 1.
False: Confederation eBGP connections
work like iBGP connections in that the
NEXT_HOP is not changed by default. True or False: Confederation eBGP
connections change the next-hop to the
neighbor update source when advertising to
other sub-ASes.
True
For example, in the AS_PATH value True or False: When choosing a BGP best
(65001 65002) 123, the confederation route, confederation ASNs are not
ASNs in the parenthesis are not counted. considered part of the length of the
AS_PATH.
Confederation routers remove the
confederation ASNs from the AS_PATH in
Updates sent outside the confederation. Why are external BGP routers unaware of a
confederation being used within an

autonomous system?
router bgp sub-asn
This means you cannot simply convert a When configuring a router for BGP
non-confederation router into a confederations, how do you define the
confederation router. You must remove and router's sub-autonomous system?
re-apply the BGP configuration.
BGP process:
bgp confederation identifier asn
When configuring a router for BGP
confederations, how do you define the
router's actual BGP ASN?
False. Only the RR changes its BGP
behavior. Both clients and non-clients do
not change their behavior and are not even True or False: When using BGP route
aware of the RR. reflectors, RR clients change their BGP
behavior, while non-clients use normal
BGP behavior.
Prefixes learned from non-clients are not
advertised to other non-clients (normal
iBGP peering rules). BGP route reflectors can learn prefixes
from clients, non-clients, and eBGP peers.
The prefixes are advertised to both RR
clients and non-clients, except for which
case?
One or more
A single BGP Route Reflector cluster

consists of ___ route reflector(s), and
clients.
False: One RR from each cluster must be
peered with at least one RR from all
clusters. However, it is typical to create a True or False: When using multiple BGP
full mesh of peerings between all RRs Route Reflector clusters, and one or more
across all clusters. of the clusters contain multiple RRs, all
RRs must be directly peered across all
clusters.
True. Normal iBGP advertisement rules are
in place between RRs and non-clients,
therefore a full mesh of iBGP peerings True or False: With BGP Route Reflectors,
between RRs and non-clients should be non-client iBGP routers should be included
expected. in a full mesh of iBGP peerings between
the route reflectors.
Best > Cluster > Originator
Only advertise best routes. What are three methods that BGP Route
Reflectors use to prevent loops?
CLUSTER_LIST - RRs add their cluster
ID the CLUSTER_LIST PA before sending
an Update, and discard received prefixes
for which their cluster ID already appears.
ORIGINATOR_ID - RID of first iBGP

peer to advertise the route into the AS. If a
router sees its own RID as the
ORIGINATOR_ID in a received route, it
does not use or propagate the route.
Route Reflectors add their cluster ID into
the CLUSTER_LIST PA before sending an
Update. When receiving a BGP Update, What is the BGP CLUSTER_LIST Path
RRs discard received prefixes for which Attribute used for?
their cluster ID already appears.
The ORIGINATOR_ID PA lists the RID of
the first iBGP peer to advertise a route into
the AS. If a router sees its own RID as the What is the BGP ORIGINATOR_ID Path
ORIGINATOR_ID in a received route, it Attribute used for?
does not use or propagate the route.
The default is the RID. The cluster ID can
be manually configured under the BGP
process: With BGP route reflectors, how do you
bgp cluster-id id configure the cluster ID?
Configuration is performed on the RR
under the BGP process:
neighbor ip route-reflector-client How do you configure a BGP route
reflector client?
Cluster list in show ip bgp prefix
In a BGP Route Reflector environment,

how can you verify which RR clusters an
update has passed through?
MP_REACH_NLRI
MP_UNREACH_NLRI
What are the two new attributes introduced
with MP-BGP?
BGP process:
no bgp default ipv4-unicast
When BGP is enabled, it will advertise
IPv4 unicast prefixes by default. How do
you disable this behavior?
Well-known Mandatory
Which of the four BGP path attribute

categories is AS_PATH?

categories is NEXT_HOP?
Optional Transitive

categories is AGGREGATOR?
Well-known Discretionary

categories is ATOMIC_AGGREGATE?

categories is ORIGIN?
Optional Nontransitive

categories is ORIGINATOR_ID?
Optional nontransitive

categories is CLUSTER_LIST?
no bgp client-to-client reflection
By default, routes learned from clients are How do you prevent a BGP route reflector
reflected to all other clients. from advertising routes learned from a
client to the other clients?
show ip bgp injected-paths
How do you verify which routes have been

locally-injected into BGP?
clear ip bgp neighbor-ip soft
After applying an updated BGP policy for a

specific neighbor, how do you implement
the policy without resetting the BGP
connection?
Create an ACL denying the specific routes,
and ending with permit ip any any
How do you filter specific routes from
Reference the ACL under the BGP process: being advertised to a specific BGP
neighbor ip distribute-list ACL out neighbor with a distribute list?
Create a prefix list that denies the specific
routes, and ends with permit 0.0.0.0/0 le
32 How can you use a prefix list to filter
specific routes from being advertised to a
Reference the prefix list under the BGP specific BGP neighbor?
process:
neighbor ip prefix-list prefix-list out
route-map deny means the matched NLRI
is filtered
route-map permit means the matched When performing BGP filtering with a
NLRI is allowed to pass route-map, what determines whether NLRI
is filtered or allowed to pass?
ACL permit statements match the route-
map clause, while ACL deny statements do
not match the route-map clause. When performing BGP filtering with a
route-map, what determines whether NLRI
Example: is matched to a route-map clause?
An ACL configured to permit 1.1.1.0/24

referenced in a route-map deny clause
means that 1.1.1.0/24 matches the route-
map clause and is filtered.
True. BGP must be reconfigured to support
soft reconfiguration for inbound Updates,
though, with the BGP command neighbor True or False: BGP can perform soft
ip soft-reconfiguration inbound reconfiguration for sent Updates
automatically.
To support soft-reconfiguration inbound,
BGP must keep a copy of all of the
received Updates from a neighbor, instead Why is BGP inbound soft-reconfiguration
of just those that are entered into the BGP disabled by default?
table after policies have been applied. This
takes up extra memory, which is why it is
disabled by default.
Prefixes that are matched by a route-map
permit action will not be advertised with
the BGP summary address. How does the matching logic of a BGP
aggregate suppress-map work?
Global:
ip as-path access-list num {permit |
deny} regex How do you filter BGP Updates by
matching the AS_PATH path attribute?
BGP process:
neighbor ip filter-list num {in | out}
Apply the policy:

clear ip bgp neighbor-ip {in | out | soft}
-The regex in the first line in the AS_PATH
ACL is applied to the AS_PATH of each
route and is passed or filtered based on What are the three steps of the matching
permit or deny if there is a match logic of AS_PATH filters?
-If NLRI is not matched, the next line in
the AS_PATH ACL is tried
-Any NLRI not matched explicity is
filtered
Start of line
What does the regex metacharacter ^

mean?
End of line
What does the regex metacharacter $

mean?
Logical OR applied between preceeding
and succeeding characters.
What does the regex metacharacter | (pipe)
If preceded by a value in parenthesis, the mean?
logic applies to the preceding string listed
in side the parenthesis, and not just to the
preceding character.
Any delimiter: blank, comma, start of line,

end of line
What does the regex metacharacter _
(underscore) mean?
Any single character
What does the regex metacharacter .

(period) mean?
Zero or ONE instance of the preceding
character
What does the regex metacharacter ?
mean?
Zero or more instances of the preceding
character
What does the regex metacharacter *
(asterisk) mean?
One or more instances of the preceding
character
What does the regex metacharacter +
mean?
Parenthesis combine enclosed string
characters as a single entitly when used
with ?, *, or + What does the regex metacharacter (string)
mean?
Creates a wildcard for which any of the
single characters in the string can be used
to match that position in the AS_PATH What does the regex metacharacter [string]
mean?
For example ^[(]3[12]* would match an
AS_PATH beginning with (31 or (32 and
could match any combination of ASes that
have 1s or 2s afterward, such as (31121
.*
What regex matches all AS_PATHs, and is

useful as a final match in an as_path
access-list to change the default from deny
to permit?
^$
What regex matches null (empty), and is

used for NLRIs originated in the same AS?
^123$
What regex matches an AS_PATH

containing only the single ASN 123?
^123
What regex matches an AS_PATH whose

first ASN begins with (or is) 123?
^123_45$
What regex matches an AS_PATH with

two ASNs, beginning with 123 and ending
with 45?
^123_.*_45$

beginning with AS 123, and ends in AS 45,
but has at least one other AS in between?
^123_.*45

beginning with AS 123, with zero or more
intermediate ASNs and delimiters, and
ending with any AS whose last two digits
are 45 (including AS 45)?
Without the parenthesis, the | is applied
only to the single characters before and
after the |. This is a common mistake. A regex needs to match an AS_PATH
beginning with 123 and ending with AS 45,
with zero or more other ASNs between the
two.
What is the difference between these two

regex expressions?
(^123_45$)|(^123_.*_45$)
^123_45$|^123_.*_45$
^{

beginning with either an AS_SET or an
AS_CONFED_SET?
ip as-path access-list num deny
^1_.*_.*_.*_44$
ip as-path access-list num permit .* How do you configure an AS_PATH access
list to deny AS_PATHs beginning with AS
1, ending with AS 44, and have three ASNs
in between? The access list should deny
this specific AS_PATH and allow all
others.
True: For example, show ip bgp | include
65000_65000 displays BGP routes that
have been prepended by 65000 at least True or False: Regular expressions can be
twice. used in the output of show commands.
Note: you cannot use ^ or $ in these

statements
show ip bgp regexp expression
This command parses the AS_PATH How can you verify the effects of the regex
variables in a router's BGP table, including in an AS_PATH filter before actually
all special characters. implementing it?
True. You can enter { and } directly into

the AS_PATH access list.
True or False: The { and } characters are
The ( and ) are metacharacters, which is not used as metacharacters for matching
why they must be enclosed in brackets to BGP AS_PATH regular expressions.
be literally matched: [(] or [)]
False: Cisco IOS uses the order listed in the
output of the show ip bgp command when
applying regex logic. True or False: Because AS_SET and
AS_CONFED_SET are both unordered
lists, the order of the ASNs does not matter
when applying regex logic.
Well-known means that the BGP
implementation MUST support the PA.
What's the difference between well-known
Mandatory means the PA must be in every mandatory and well-known discretionary
BGP Update BGP path attributes?
Discretionary means the PA is not required

in every BGP Update, but must be
understood by the BGP implementation
because it is mandatory.
Optional means that the BGP
implementation is not required to support
the particular path attribute. What's the difference between a BGP
optional transitive and nontransitive path
Transitive means that the router should attribute?
silently forward the PA to other routers
whether or not it understands the meaning
of the PA.
Nontransitive means the router should

remove the PA so that it is not propagated
to any peers.
Is the NEXT_HOP PA reachable? If not,
reject the route from the decision process.
In the BGP bestpath decision process, what
does the first N in the N WLLA OMNI
mnemonic mean?
Weight: Cisco-proprietary, higher is better.
The administrative weight can be assigned
to each NLRI locally on the router, and is In the BGP bestpath decision process, what
not passed on in Update messages. does the W in the N WLLA OMNI
mnemonic mean?
LOCAL_PREF PA: higher is better. This
well-known discretionary PA can be set on
a router inside the AS, and is not In the BGP bestpath decision process, what
distributed outside the AS. does the first L in the N WLLA OMNI
mnemonic mean?
Locally-injected routes: choose routes
injected locally (via network,
redistribution, or summarization) first. In the BGP bestpath decision process, what
does the second L in the N WLLA OMNI
mnemonic mean?
AS_PATH length: shorter is better. This

calculation ignores both
AS_CONFED_SET and In the BGP bestpath decision process, what
AS_CONFED_SEQ values, and treats an does the A in the N WLLA OMNI
AS_SET as a single ASN, regardless of the mnemonic mean?
number of ASNs within the set.
BGP process:
bgp bestpath as-path ignore
How do you configure BGP to not use the
length of the AS_PATH PA when
calculating the best BGP routes?
ORIGIN PA: IGP routes preferred over
EGP routes preferred over Incomplete. I >
E>? In the BGP bestpath decision process, what
does the O in the N WLLA OMNI
mnemonic mean?
MED: smaller is better

does the M in the N WLLA OMNI
mnemonic mean?
Neighbor type: eBGP preferred over iBGP.
Confederation eBGP is treated as iBGP.
does the second N in the N WLLA OMNI
mnemonic mean?
IGP metric to reach the NEXT_HOP.
Lower is better.
does the I in the N WLLA OMNI
mnemonic mean?
To determine the single best path for each
NLRI.
What is the goal of the BGP "N WLLA
OMNI" process?
-Keep the oldest eBGP route (which
reduces route flaps)
-Choose smallest neighbor RID (if If a BGP bestpath is not decided upon by
configured to do so) the normal process, what are the final three
-Choose smallest neighbor ID (for peers tiebreakers?
with two or more neighborships with each
other, ID is typically based on configured
IP address of neighbor statement)
BGP process:
bgp bestpath compare-routerid
How do you enable a BGP router to use the
This only comes into play after the 9-step smallest neighbor RID as part of the
"N WLLA OMNI" process, and there is no bestpath decision process?
existing eBGP route.
32768
What is the default BGP Weight for

locally-injected routes?
Weight is a local value and configured per-
neighbor.
How can you configure the BGP
Assign weight to all routes from a administrative Weight?
particular neighbor:
neighbor ip weight weight
Assign weight to some routes from a

particular neighbor:
neighbor ip route-map map in
For example, the route-map can match an

AS_PATH access list, and set the weight.
Be sure to end the route-map with a blank
permit, otherwise the routes will be filtered
by the implicit deny.
100, higher is better
What is the default LOCAL_PREF value?

BGP process:
bgp default local-preference value
How can you change the default BGP local
Default, 100 preference?
Range, 0 - 4B
BGP process:
neighbor ip route-map map in
How do you configure BGP to set the
route-map map permit 10 LOCAL_PREF for particular routes from a
match routes particular neighbor?
set local-preference value
route-map map permit 20
The final route-map statement is necessary,

otherwise routes will be filtered. You can
set multiple individual values with multiple
route-map statements.
If the router attempts to inject routes
locally through multiple methods, such as a
route injected through both redistribute Why might a BGP route need to be
connected and the network command. By compared on a router in the bestpath
default, both routes would have the same decision process against the ORIGIN code?
weight and local preference, so the
ORIGIN code would be the tiebreaker.
-Private ASNs can be removed only at the
point of sending an eBGP Update
-If the current AS_SEQ or What are three restrictions associated with
AS_CONFED_SEQ contains both private automatically removing private BGP ASNs
and public ASNs, the private ASNs will in outbound Updates?
not be removed
-If the ASN of the BGP peer is in the
current AS_PATH, the private ASNs will
not be removed
BGP process:
neighbor ip route-map map out
How do you configure AS_PATH
route-map map permit 10 prepending?
match routes
set as-path prepend asn1 ..asn2
The final route-map statement is necessary,

otherwise routes will be filtered.
With the neighbor local-as keyword.
Example: How can you configure BGP to use a

router bgp 100 different ASN when setting up a BGP
neighbor ip remote-as 200 neighbor session than the one configured
neighbor ip local-as 300 on the BGP process with router bgp asn?
The neighbor would peer with ASN 300

instead of 100.
This is commonly used during ASN

migration.
With this configuration, BGP
communicates with 10.10.10.1 using 50 as
its ASN. When the router sends Updates to What is the result of this configuration?
the neighbor, it prepends 50 100 to each
AS_PATH. With the no-prepend keyword, router bgp 100
any routes received from the neighbor will neighbor 10.10.10.1 remote-as 10
not have 50 prepended upon reception, so neighbor 10.10.10.1 local-as 50 no-
when this router sends the routes to another prepend
neighbor, only 100 will appear in the
AS_PATH instead of 50 100.
True, this is accomplished by matching
routes and using set origin in a route-map.
True or False: It is possible to manually set
the BGP ORIGIN code for individual
routes.
True, MED is an optional nontransitive PA.
True or False: The BGP MED is advertised

by one AS into another, and can be
propagated inside the AS but not sent to
any other ASes.
0
Range 0 - 4B, smaller is better What is the default BGP MED value?
Through the BGP neighbor ip route-map
map out command. The route map matches
the desired routes and changes the MED How do you configure the BGP MED
with set metric value?
The default MED value for routes is 0. This
command makes the default value 4B.
What does the following command do?
It is important for all routers to either use bgp bestpath med missing-as-worst
the default of 0, or configure this
command, otherwise routing choices will
be affected.
True. You can override this behavior with
bgp always-compare-med under the BGP
process. True or False: BGP ignores the MED value
when multiple routes to a single NLRI pass
If you implement this command, you through different neighboring ASNs.
should implement it on all routers in an AS,
otherwise routing loops can occur.
By default, Cisco IOS processes BGP table
entries from newest (most recently learned)
to oldest. When there are multiple routes to What does the BGP command bgp
the same NLRI, IOS compares the newest deterministic-med do?
two and selects the best, then compares it
against the next route and chooses the best
of the two, and so on.
The bgp deterministic-med IOS processes

the routes per adjacent AS by choosing the
best from each neighboring AS, and then
comparing those routes.
Cisco recommends this setting for all new

BGP implementations.
False: With the maximum-paths
command, multiple routes can be added to
the local IP routing table, but BGP will still True or False: When BGP is configured to
only advertise a single "best" route from allow multiple routes for a particular NLRI
the BGP table. (instead of choosing the single bestpath),
all routes are added to the IP routing table
(similar to how an IGP would), and the
routes are all advertised as "best" by BGP.
Choose the neighbor with the lowest RID
among only eBGP sources if there is a mix
of iBGP and eBGP sources, otherwise If multiple routes to a BGP NLRI have
choose the lowest RID if there are only made it through the normal "N WLLA
iBGP sources. OMNI" decision process without a single
best route, the first tiebreaker is to use the
oldest eBGP route. What is the second
tiebreaker?
The existing best route is kept to avoid
route flaps. This behavior can be modified
with the BGP command bgp bestpath What happens if BGP has a current best
compare-routerid route to an NLRI through an eBGP
neighbor, but receives an otherwise
This applies only to eBGP routes. iBGP identical route from a neighbor with a
routes always use the lowest RID as the smaller BGP RID?
tiebreaker.
The route through the neighbor with the
smaller rid is used for iBGP.
What happens if BGP has a current best
route to an NLRI through an iBGP
With eBGP, the route remains so as to not neighbor, but receives an otherwise
cause route flaps, but can be changed with identical route from an iBGP neighbor with
bgp bestpath compare-routerid a smaller BGP RID?
The final tiebreaker is the lowest BGP
neighbor ID (IP address). This is used
when the route is coming from a router What is the final BGP bestpath decision
who has multiple separate neighbor tiebreaker?
relationships, as opposed to a single
relationship using loopback addresses.
1
What is the default setting of the BGP

maximum-paths command?
-The multiple routes must have made it
through the normal BGP "N WLLA
OMNI" decision process Assuming the BGP maximum-paths
-Only eBGP routes whose adjacent ASNs command has been configured higher than
are the same as the single best route are 1, when are multiple eBGP routes allowed
considered as candidates to be entered into the IP routing table?
-If there are more candidates than what is
set with maximum-paths the candidates
must go through the final tiebreaker steps
up to the maximum-paths setting
-The iBGP routes must have made it
through the normal "N WLLA OMNI"
bestpath selection process Assuming the BGP maximum-paths
-The iBGP routes must have different ibgp command has been configured higher
NEXT_HOP values than 1, when are multiple iBGP routes
-If there are more candidates than what the allowed to be entered into the IP routing
maximum-paths ibgp allows, the final table?
tiebreaker steps are used to only select the
maximum-paths value
This command is used to allow more than a
single BGP route to be entered into the
routing table for both eBGP and iBGP What is the BGP maximum-paths eibgp
routes, but only for MPLS under BGP command used for?
address family configuration mode.
False: You must configure under the BGP
process neighbor ip send-community
[standard | extended | both] True or False: BGP advertises community
values to neighbors by default.
BGP process:
neighbor ip send-community
neighbor ip route-map map out How do you configure BGP to send a
specific community value to a specific
route-map map permit 10 neighbor?
match routes
set community value
show ip bgp community value
How do you view BGP table entries tagged

with a specific community?
To permit or deny specific community

values, which can then be referenced in a
route-map. What is the ip community-list command
used for?
Create a community-list:
ip community-list num {permit | deny}
value How do you configure the router to take an
action based on the receipt of a particular
Reference the list in a route-map: BGP community?
match community num
set attribute
The original community was a 32-bit
decimal value, but the new-format is
defined by RFC 1997 which is AA:NN What is the purpose of the global ip bgp-
where AA is a 16-bit number typically community new-format command?
representing an ASN, and NN is an
arbitrary 16-bit number.
The first command replaces any existing
community values with 10, 20, and 30.
Within a route-map, what is the difference
The second command adds 10, 20, and 30 between these two commands?
to any existing values.
set community 10 20 30
set community 10 20 30 additive
Route-map:
match community ip-community-list
set community none How do you remove all BGP communities
from a route?
Do not advertise outside this AS (excepting
confederations)
What is the BGP NO_EXPORT
community used for?
Do not advertise to any other peer.
What is the BGP NO_ADVERT

community used for?
Do not advertise outside the local
confederation sub-AS.
What is the BGP LOCAL_AS /
NO_EXPORT_SUBCONFED community
used for?
30 seconds
What is the default Update interval for

eBGP peers?
60 seconds by default
How frequently does BGP verify next-hop

reachability?
eBGP sessions between directly-connected

neighbors are torn down the moment the
connected subnet between the peers is lost. What is BGP fast external fall-over?
BGP routes are immediately flushed, and
BGP immediately begins looking at
alternate routes.
When enabled, BGP monitors the peering
session with the specified neighbor, and
terminates the BGP session when an What is BGP fast peering session
adjacency change is detected. A route-map deactivation?
can be referenced to make the fall-over
action conditional.
Fast external fall-over is automatic.

Global:
[no] bgp fast-external-fallover
How do you configure BGP fast external
Enabled by default. fall-over detection?
BGP process:
bgp bestpath med confed
How do you configure the router to
consider the MED value when choosing
routes through different Confederation sub-
ASes?
BGP process:
bgp maxas-limit number
How do you configure BGP to discard
routes whose AS_PATH length exceeds a
configured value?
When component subnets have been
filtered with the aggregate-address
command, unsuppress-map can be used What is the BGP neighbor ip unsuppress-
per-neighbor to re-advertise specific routes map command used for?
that were filtered through summarization.
Create an IP community-list to reference
the values to be removed:
ip community-list num permit value How do you remove individual BGP
communities from the COMMUNITY PA?
Reference the list in a route-map:
match routes
set comm-list num delete
1,2 transmit
3,6 receive
On a standard T568A or T568B-wired
straight-through Ethernet cable connected
to the host side, which pins transmit, and
which pins receive?
Fast Link Pulses are detected as part of the
autonegotiation process
What do Cisco (and other vendor) switches
use to automatically detect the speed of an
Ethernet link?
HDX for 10/100 links

FDX for 1000 links
Without autonegotiation, what duplex is
assumed on an Ethernet link?
If the port is capable of gigabit or higher
speeds, the speed must be set to either 10
or 100. What is a condition for configuring an
Ethernet switch port for half duplex?
If the port is a 10/100 port, the duplex
setting is independent of the speed setting.
Errors and collisions
Other than CDP messages, what is an

indication of duplex mismatch on an
Ethernet link?
Collions are detected within the first 64
bytes of a transmitted frame, assuming
proper cable lengths. On an Ethernet link, what is the difference
between a collision and a late collision?
Late collisions are those detected after the
first 64 bytes have been transmitted.
The Universal/Local bit is the 2nd least-
significant bit in the first octet of the MAC
address. When toggled, it means that the What is the position and meaning of the
address has been administratively assigned, U/L bit in an Ethernet MAC address?
overriding the vendor-assigned address.
The Individual/Group bit is the least-
significant bit in the first octet of the MAC
address. When toggled, it means the frame What is the position and meaning of the
is either multicast or broadcast, otherwise it I/G bit in an Ethernet MAC address?
is a unicast frame when not toggled.
Ethernet II / DIX
IEEE 802.3 + 802.2 LLC
IEEE 802.3 SNAP What are the three main Ethernet frame
formats?
Ethernet II / DIX
What is the most common Ethernet frame

format used today?
These frame types are typically used by
protocols invented by the IEEE, such as
STP Which types of traffic mostly use the IEEE
802.3 + 802.2 LLC Ethernet frame format?
Vendor-proprietary Layer 2 protocols like
CDP, DTP, VTP, etc.
Which types of traffic are often associated
with IEEE 802.3 SNAP Ethernet frames?
Across the Ethernet formats, there is a 2-
byte field after the Preamble, Destination
Address, and Source Address. How does a system determine if a received
Ethernet frame is in Ethernet II or
LLC/SNAP format?
If the value of the 2-byte field is <= 1500,

the frame is in LLC or SNAP format.
If the value of the 2-byte field is >= 1536,

the frame is in Ethernet II format.
This is an Ethernet II format frame, and the
value is the EtherType.
If an Ethernet frame is received where the
2-byte field after the Source Address has a
value of 1536 or greater, what does this
indicate?
This is an 802.2 LLC or SNAP format
Ethernet frame, and this field is interpreted
as the total length of the 802.2 header + If an Ethernet frame is received where the
data field, which is a value between 46 and 2-byte field after the Source Address has a
1500. value of 1500 or less, what does this
indicate?
SNAP frames have the value 0xAA for
both the DSAP and SSAP fields in the LLC
header. Any other values indicate that the How can you tell if an Ethernet frame is
frame is not in SNAP format. either in 802.2 LLC or in SNAP format?
300 seconds
What is the default Catalyst CAM aging

time?
The original configuration is suspended
while the port is acting as a SPAN
destination. When the SPAN configuration What happens when you specify a
is removed, the port's original destination SPAN port that has an existing
configuration is resumed. configuration?
64
How many SPAN destination ports can be

configured on a switch?
monitor session num filter vlan vlans-to-
capture
How do you limit a SPAN capture on a
trunk port to specific VLANs?
True. Only traffic that enters or exits the
switch in a source port or VLAN is
forwarded in a SPAN session. If the traffic True or False: Traffic that is routed from
comes from another source within the another VLAN within a switch to a source
source (such as routing from another VLAN cannot be monitored with SPAN.
VLAN), that traffic isn't forwarded through
SPAN.
RX traffic is transmitted to the SPAN
destination before any modification, such
as VACL/ACL filtering, QoS modification, What is the difference between Receive
policing, etc.) (RX) SPAN and Transmit (TX) SPAN with
regard to traffic processing?
TX traffic is transmitted to the SPAN
destination after modification
With the SPAN encapsulation replicate

command.
Many types of Layer 2 frames (such as
CDP, BPDUs, etc) are ignored by SPAN.
How do you capture and forward this
traffic to a SPAN destination?
vlan number
remote span
How do you configure an RSPAN VLAN?
monitor session num {source |
destination} remote vlan num
After you designate an RSPAN VLAN,
how do you use it?
monitor session num type erspan-source
source source
no shutdown How do you configure a basic ERSPAN
destination source session?
erspan-id id
ip address dst-ip
origin ip address src-ip
monitor session num type erspan-
destination
destination destination How do you configure a basic ERSPAN
no shutdown destination session?
source
erspan-id id
ip address src-ip
show monitor session
How do you verify

SPAN/RSPAN/ERSPAN?
Running the Layer 2 and Layer 3 control
protocols for the switching modules on
both switches, as well as providing What is the VSS Active switch responsible
management functions for the VSS for?
including module Online Insertion and
Removal (OIR) and the console interface.
Up to 8
How many links can the Virtual Switch

Link (VSL) contain?
True
True or False: The Virtual Switch Link

(VSL) automatically gives control and
management plane traffic higher priority
than data traffic.
256
How many EtherChannels are supported in

a VSS?
-Configure the switch virtual domain id

and switch {1 | 2} on both switches
What are the three steps to enable VSS
-Configure unique port-channel interfaces between a pair of switches?
(different numbers on each switch) and
issue switch virtual link {1 | 2} and assign
physical interfaces to the VSL port channel
with channel-group num mode on and
make sure to set switchport mode trunk
-Enable VSS with switch convert mode

virtual on SW1, then on SW2
Globally:
switch virtual domain 1-255
The first step in configuring VSS is to
This same value must be configured on assign a domain ID. How do you configure
both switches participating in the VSS. this, and what is the valid range?
False: The VSL requires unique port
channel values on each switch (e.g. po10
on one, po20 on the other). True or False: The Virtual Switch Link
(VSL) must be configured with the same
port channel number on both switches.
The VSS will come up in Route Processor
Redundancy mode. To avoid this, the port
channel numbers on each switch must be What happens if a VSS standby switch
unique and must be available. VSL port channel number has been
previously configured for another use?
Up/Down
What will the status of a configured VSS

VSL be before the switches are rebooted
into VSS mode?
switch convert mode virtual
After setting up the prerequisite

configuration, how do you enable VSS
mode?
show switch virtual
When in VSS mode, how do you view the

VSS domain number, switch number, and
switch role?
The prompt will be:
hostname-standby> What happens when you connect to the

Standby console disabled console port of a VSS Standby switch?
show switch virtual role
How can you verify detailed information

about the VSS member role?
show switch virtual link [port-channel]
How can you view more detailed

information about the VSS VSL?
The FFM provides a set of APIs used to
manage the control plane processes, and
the FFM programs the data plane through What is the IOS-XE Forwarding and
the FED and maintains all forwarding Feature Manager (FFM)?
states for the system.
IEEE 802.3u
What is the IEEE standard for 100 Mbps

Ethernet over copper and optical cabling?
IEEE 802.3z
What is the IEEE standard for gigabit

Ethernet over optical cabling?
IEEE 802.3ab
What is the IEEE standard for gigabit

Ethernet over twisted-pair copper cabling?
Store-and-forward switching fully receives
all bits in a frame and checks against the
FCS for errors before forwarding a frame. What is store-and-forward switching?
Fragment-free switching performs like cut-
through, but the switch waits for the first
64 bytes of the frame to be received What is the difference between cut-through
because Ethernet collisions should be and fragment-free switching?
detected within the first 64 bytes of the
frame.
4 Mbps Token Ring
What is UTP Category 2 cable used for?

16 Mbps Token Ring
What is UTP Category 4 cabling used for?

185m
What is the maximum single cable length

of 10BASE2?
Active (default)
Suspended
What are the VLAN operational states?
Only normal range: 1 - 1005
What is the range of VLANs configurable

in the VLAN Database Configuration
mode?
EXEC mode: vlan database
How do you enter VLAN Database

Configuration mode?
You must issue the apply command

After creating VLANs in VLAN Database
Configuration mode with the vlan number
command, what must you do next?
show proposed
When in VLAN Database Configuration

mode, how can you view VLANs that have
been configured but not yet added to the
switch?
True. The deprecated VLAN Database
Configuration mode can only configure
Normal range VLANs, 1 - 1005. True or False: Global Configuration mode
is the only way to configure Extended-
range and Private VLANs.
You must exit the VLAN subconfiguration
mode before the configuration changes will
apply. After creating a VLAN in global
configuration mode, what must you do for
the settings to take effect?
The VLAN is created automatically.
What happens if you issue the interface

command switchport access vlan num
when the num VLAN doesn't exist?
True
True or False: A VLAN can be disabled

both globally with VTP, or locally on the
individual switch.
This command disables the VLAN globally
through VTP, which suspends the VLAN
on all switches participating in the VTP What does the VLAN state suspend
domain. command do?
Globally:
vlan num
shutdown How do you disable a VLAN locally,
without deleting it?
Note: You cannot use this command in
VLAN Database Configuration mode.
One shuts down the entire VLAN locally
on the switch, the other just shuts down the
SVI associated with the VLAN, but does What is the difference between these two
not disable the VLAN itself. commands?
vlan num
shutdown
interface vlan num

shutdown
The VLAN will be disabled. While a
VLAN can be enabled globally and
disabled locally, a locally enabled VLAN What happens if a VLAN is suspended

will still be disabled if it is suspended globally through VTP, but not locally?
globally through VTP.
In other words, a VLAN must be enabled

both globally and locally.
To separate switch ports as if they were on
different VLANs while consuming only a
single IP subnet. What is the overall purpose of private
VLANs?
Confederations. Private VLANs consist of
a Primary VLAN, and one or more
Secondary VLANs, but the rest of the Private VLANs are a Layer 2 construct that
network only sees the Primary VLAN. This are similar in conception to what BGP
is similar in concept to a BGP Autonomous construct?
System with confederation Sub-ASes,
where other ASes only see the main AS.
Community VLANs can communicate with
the Primary VLAN, and to devices within
the single Community VLAN, but not to What are the two types of secondary
devices in other Community VLANs. Private VLANs, and what is the difference
between them?
Isolated VLANs can communicate with the
Primary VLAN, but nothing else, including
other devices within the same Isolated
VLAN.
1
Because devices in an Isolated VLAN A Primary Private VLAN can be associated

cannot communicate with each other, only with ___ Isolated VLAN(s).
to the Primary VLAN, there is no need for
multiple Isolated VLANs within a single
Primary VLAN.
1
How many Primary Private VLANs can a

Secondary or Isolated VLAN be associated
with?
Primary
All Secondary
A Private VLAN Promiscuous port is
associated with the ___ VLAN and can
communicate with ___ VLANs.
False
True or False: A frame received on a

promiscuous, community, or isolated
Private VLAN port can never be forwarded
through a trunk port.
The frame is tagged with the corresponding
secondary VLAN ID. The receiving
switching then forwards the received frame If a frame is received on a private VLAN
according to the type of secondary VLAN. community or isolated port, how is the
frame tagged when it is forwarded through

a trunk?
The frame will be tagged with the
associated primary VLAN ID.
If a frame is received on a private VLAN
promiscuous port and forwarded across a
trunk, how will the frame be tagged?
The switch must be placed into vtp mode
transparent if not running VTPv3.
When configuring Private VLANs, what is
a prerequisite if the switch is not running in
VTPv3 mode?
Globally:
vlan num
private-vlan {primary | community | How do you create a private VLAN?
isolated}
Globally:
vlan primary-number
private-vlan primary How do you associate secondary private
private-vlan association secondaries VLANs with the primary?
show vlan private-vlan
How do you verify private VLAN types

and mappings?
Interface:
switchport mode private-vlan host
switchport private-vlan host-association How do you configure an interface to
primary-vlan secondary-vlan participate in a secondary private VLAN?
Interface:
switchport mode private-vlan
promiscuous How do you configure an interface to be
switchport private-vlan mapping promiscuous in a private VLAN?
primary-vlan secondary-vlans
The SVI must be configured as a
promiscuous interface:
In a private VLAN environment, what must
SVI interface: be configured if an SVI is used for the
private-vlan mapping secondary-vlans default gateway?
Promiscuous PVLAN trunk
Isolated PVLAN trunk
What are the two types of private VLAN
trunks for connecting to devices that do not
support private VLANs?
This is for devices that do not support
PVLANs, with the most common use case
being a router-on-a-stick scenario. What is a Promiscuous private VLAN
trunk used for?
When traffic from a secondary VLAN is
sent over the trunk, its VLAN tag is
rewritten with the primary VLAN ID.
When a frame is received, no tag
manipulation is performed.
The Isolated PVLAN trunk is used to

extend the secondary isolated PVLAN to a
switch that doesn't support PVLANs, but is What is an Isolated private VLAN trunk
capable of isolating its ports (such as with used for?
Catalyst Protected Ports switchport
protected).
An Isolated PVLAN trunk port rewrites the

primary VLAN ID into the isolated
secondary VLAN ID when sending a
frame. When a frame is received, no tag
Enabled at the interface:
switchport protected
How do you enable protected ports?
4 bytes
Location is after the Source Address field
What is the size and location of the 802.1Q
header?
0x8100
What is the EtherType of a frame

containing a 802.1Q tag?
Two VLANs are merged into one if the
Native VLAN does not match between
devices. What is the result of an 802.1Q Native
VLAN mismatch?
True. If trunking is negotiated, ISL will be
used if both devices support it, otherwise
802.1Q is used. True or False: Dynamic Trunking Protocol
(DTP) negotiates both whether the port
becomes a trunk or access port, and what
type of trunking protocol to use.
ISL is used if both devices support ISL,
otherwise 802.1Q is used.
If DTP negotiates a trunk, and both devices
support both ISL and 802.1Q trunking,
which protocol is used?
Dynamic desirable
Dynamic auto
Older Catalyst switches default to DTP ___
mode, while newer Catalyst switches
default to DTP ___ mode.
True. While DTP and VTP are independent
protocols, DTP carries the VTP domain
name in its messages. True or False: DTP will successfully
negotiate the link operating mode only if
This design decision was chosen because the VTP domain name on both switches is
different VTP domains may use the same either the same or NULL.
VLANs, but for different purposes, so
bridging them together should not be
automatic.
These commands specify how the port

operates depending on which mode it is in.
If the port is in access mode, the What happens if an interface is configured
switchport access commands are applied, with both switchport access and
and the switchport trunk commands are switchport trunk commands?
ignored, and vice versa.
show dtp
How do you verify the global DTP

settings?
30 seconds
What is the default DTP Hello interval?

All VLANs allowed by default
Trunk interface: Which VLANs are allowed across a trunk

switchport trunk allowed link by default, and how do you configure
this?
-VLAN must in the allowed list for the
trunk
-VLAN must exist in the VLAN What are the three requirements for a
configuration on the switch VLAN to be in the "allowed and active"
-VLAN must be in the active state (not state on a trunk?
suspended or shutdown)
One of the following:
switchport mode trunk
switchport dynamic desirable If an interface is configured with
switchport dynamic auto switchport mode trunk and nothing else,
what must the other side be configured as
to form a trunk?
True. DTP is always used unless the
switchport nonegotiate command is
issued. True or False: If an interface is configured
with switchport mode trunk and nothing
else, DTP is still used on the interface.
If switchport mode access is configured
on an interface, the interface never forms a
trunk, and sends a single DTP message to What is the relationship between the
help the other side reach the same command switchport mode access and
conclusion, but ceases to send or process DTP?
DTP messages afterward.
encapsulation dot1q native-vlan-id native
How do you configure the 802.1Q Native

VLAN on a router's Ethernet subinterface?
The S-tag (Service Provider)
What is the outer tag referred to as in QinQ

tunneling?
The C-tag (Customer)
What is the inner tag referred to as in QinQ

tunneling?
Global:
vlan dot1q tag native
In a QinQ environment, what is a common
This prevents the issue of a customer's configuration with regard to the Native
untagged frames from being misforwarded VLAN?
or blackholed when the S-tag is added.
The S-tag adds 4 bytes, so it is common to
adjust the MTU to 1504.
When configuring an 802.1QinQ
environment, what is a common setting
with regard to the MTU?
The jumbo keyword applies to 1/10 Gbps
interfaces, while the other command
applies to 100 Mbps interfaces. What is the difference between these two
commands?
system mtu 1504

system mtu jumbo 1504
switchport mode dot1q-tunnel
How do you enable 802.1Q-in-Q tunneling

on an interface?
False. Layer 2 management protocols are
not enabled across the tunnel by default,
but can be enabled with the interface True or False: When 802.1Q-in-Q
command: tunnelling is enabled, Layer 2 management
protocols are forwarded across the tunnel
l2protocol-tunnel <-- enables all by default, but can be disabled individually.
l2protocol-tunnel [cdp] [lldp] [stp] [vtp]
VLAN ID
VLAN name
VLAN type What VLAN information is advertised with
VLAN state VTP?
VTPv1
What is the default VTP version on

enterprise IOS-based switches?
VTPv1 drops all unrecognized TLVs from
received messages
VTPv2 keeps all TLVs in propagated How do VTPv1 and VTPv2 handle
messages even if they are not recognized unknown TLVs differently?
The VTP domain matches between
switches
The VTP domain is NULL What are the two circumstances that a
switch in VTP Transparent Mode will
forward VTP messages?
Both VTPv1 and VTPv2 support only
Normal range VLANs 1 - 1005. The switch
must be in VTP Transparent Mode, or use Which VLAN IDs are supported in
VTPv2?
VTPv3 to use Extended range VLANs

1006 - 4094.
False, VTPv3 supports Extended range
VLANs, but can still only prune Normal
range VLANs. True or False: VTPv3 supports Extended
range VLAN pruning.
True. For two switches to communicate in
VTP, they must first be interconnected
through a working trunk link. True or False: Access ports neither send
nor accept VTP messages.
Summary advertisement
Subset advertisement
Advertisement request What are the four VTPv1 and VTPv2
Join message types?
Message originated by both Servers and
Clients that carries information about:
What is a VTP Summary Advertisement
-VTP domain name message?
-Revision number
-ID of last updater
-Timestamp of last update
-MD5 of contents of VLAN database
-VTP password (if configured)
-Number of Subset Advertisements to
follow
Both VTP Servers and Clients
Which devices generate VTP Summary

Advertisement messages?
True, these are carried in Subset
Advertisement messages.
True or False: VTP Summary
Advertisement messages do not carry
VLAN database contents.
Subset advertisement messages carry full
contents of the VLAN database. One
message can hold multiple VLAN database What are VTP Subset Advertisement
entries, but multiple messages might be messages?
required if the VLAN database is large.
VTP Subset Advertisement messages are
originated by both VTP Servers and Clients
whenever the VLAN database is modified. Who sends VTP Subset Advertisement
messages, and when?
A message originated by both VTP Servers
and Clients to request their neighbors send
all or part of the VTP database. What is the VTP Advertisement Request
message?
-When a VTP Client switch is restarted
-When a switch enters VTP Client mode
-When a Server or Client receives a What three different events cause VTP
Summary Advertisement with a higher Advertisement Request messages to be
revision number than its own sent?
Join messages are originated by both VTP

Servers and Clients every 6 seconds when
VTP Pruning is enabled. Join messages What are VTP Join messages?
contain a bit field that indicates for each
VLAN in the Normal range if it is active or
unused (pruned).
False. A switch in VTP Server mode does
not send VTP updates until a VTP domain
name is configured. True or False: Since Catalyst switches
default to VTP Server mode, VTP updates
While a switch does not need any explicit are sent to trunked neighbors by default.
configuration to become a member of a
VTP domain, the minimum requirements
for VTP are that at least one switch must
have a domain name configured.
The switch with no VTP configuration
assumes the VTP domain name of the first
received VTP advertisement message, joins What happens when a switch with no VTP
the VTP domain as a Server, and configuration forms a trunk to a switch in
configures the advertised VLANs locally. an existing VTP domain?
In the vlan.dat file in flash memory, not in
NVRAM.
When using VTP, where is the VLAN
configuration stored?
True, VTPv3 Servers (non-Primary) and
Clients will share their VLAN databases
only if they agree on both the domain name True or False: With VTPv3, the Primary
and identity of the Primary server (via base Server is the only switch whose VLAN
MAC address). database can be propagated throughout the
VTP domain.
In VTPv3, Servers and Clients are
identical, except Servers can be promoted
to the Primary Server, while clients can With VTPv3, what is the difference
not. between Servers and Clients?
True, however the switches must agree on
the VTP domain name, password, and
identity of the Primary Server. True or False: VTPv3 secondary servers
and clients can overwrite a neighbor's
VLAN database if they have a higher
revision number than the neighbor.
The other switches will be in conflict and
will not agree on who the Primary Server
is. In this situation, even though this switch What happens if a VTPv3 switch is
may have a higher revision number, the disconnected from the VTP domain,
database will not be accepted by the VTP promoted to the Primary Server and has
neighbors. changes made to the VLAN database, and
then rejoins the VTP domain?
EXEC: vtp primary
How do you promote a VTPv3 server to

the Primary server?
The switch floods its VLAN database to all

neighbors, who install and flood the
database even if the revision number is What happens when a VTPv3 server is
lower so that the Primary server's database promoted to Primary?
is asserted over the VTP domain.
True
True or False: When a VTPv3 server is

promoted to Primary, its VLAN database
overwrites all other switches in the VTP
domain, even if it has a lower revision
number.
The Primary server setting is not retained,
and the switch resumes the role of a
Secondary server. What happens if a switch acting as the
VTPv3 Primary server is reloaded?
You must either modify the VTP domain
name, or configure a VTP password.
With VTPv3, how do you reset the revision
VTPv3 does not reset the revision number number to 0?
by switching to VTP Transparent mode and
back, unlike VTPv1 and VTPv2.
The VTPv3 switch reverts to VTPv2
operation on the port, and forces the
neighbor switch to operate in VTPv2 mode What happens if a VTPv3 switch detects a
if it is running VTPv1. switch running VTPv1 or VTPv2 on its
port?
If the neighboring switch is not VTPv2
capable, VTP communications between the
two switches cannot occur.
The other switch will start out as a VTPv1
server with a NULL VTP domain. When it
receives the advertisement from the first Two switches that have no VTP
switch, it changes its domain name, configuration are connected together with a
changes its version to VTPv2, and installs trunk link. One switch configures a VTP
the VLAN. domain name, changes the VTP version to
3, becomes the Primary server, and creates
a new VLAN.
What is the VTP and VLAN status on the

second switch after this occurs?
Globally:
vtp domain name
How do you configure the VTP domain
name?
show vtp status
How do you verify VTP?

All switches in the VTP domain change
their version to VTPv2.
In a VTPv1 environment, what happens if
you issue the vtp version 2 command on a
VTP server?
Only that switch is changed to VTPv3.

VTPv3 must be configured manually on
each switch. In a VTP environment, what happens when
you issue vtp version 3 on a switch?
The switch must have a non-NULL VTP
domain name.
What is the single requirement (other than
IOS version/feature support) of activating
VTPv3?
Specifies the interface whose IP address is
used to identify the switch as an updater in
VTP updates. By default, a configured IP What does the command vtp interface
from the lowest-numbered SVI interface is interface do?
used.
The configured IP address of the lowest-
numbered SVI, unless explicitly configured
with vtp interface interface What is the default IP address used to
identify the updater in VTP updates?
True: The no vtp command disables VTP
at the interface level. You can disable VTP
globally with vtp mode off in VTPv3 True or False: With VTPv3, you can
mode. disable VTP per-interface.
True
True or False: If a password has been set

for the VTP domain, you must enter that
password when promoting a VTPv3 server
to Primary.
Globally:
vtp password plaintext-password hidden
How do you configure a VTPv3 password
so that it will never be displayed in
plaintext?
Globally:
vtp password encrypted-password secret
How do you configure a VTPv3 password
that was previously encrypted on other
switches in the VTPv3 domain?
interface dialer num
mtu 1492
ip tcp adjust-mss 1452 When configuring the PPPoE client-side
dialer interface, what are two common
commands issued to resolve connectivity
issues?
show vlan internal usage
How do you verify which VLANs are

being used internally on a switch (such as
those used for Layer 3 switchports).
Configuration
Topology Change Notification (TCN)
What are the two types of STP BPDUs?
I Verify That Four Raccoons Can Skip

Safely Across My Huge Forest
What are the twelve fields in a STP
Protocol Identifier (2B) Configuration BPDU?
Protocol Version (1B)
BPDU Type (1B)
Flags (1B)
Root Bridge ID (8B)
Root Path Cost (4B)
Sending Bridge ID (8B)
Sending Port ID (2B)
Message Age (2B)
Max Age (2B)
Hello Time (2B)
Forward Delay (2B)
Protocol Identifier (2B)
Protocol Version (1B)
BPDU Type (1B) What are the three fields in a STP
Topology Change Notification BPDU?
Protocol ID: 0x0000
Protocol Version: 0x00
What are the Protocol ID and Protocol
Version values for STP BPDUs?
0x00
What is the value of the STP BPDU Type

field for a Configuration BPDU?
0x80
What is the value of the STP BPDU Type

field for a Topology Change Notification
BPDU?
Topology Change Acknowledgement
Topology Change
What are the two flags used in the STP
BPDU Flags field?
An estimatation of the BPDU's age since it
was originated at the Root bridge. The
Root sets the Message Age to 0, and What is the Message Age field in a STP
downstream switches increment the value BPDU?
(usually by 1) as the BPDU propagates
outward.
True. The timers values are generated by
the Root switch, conveyed in BPDUs, and
used on all downstream switches in the True or False: The STP MaxAge,
STP domain. HelloTime, and ForwardDelay timers are
not used on nonroot switches with classic
STP, even if they are configured.
The lowest value of:
Root Bridge ID What is the five-step process to determine

Root Path Cost which of two STP BPDUs are superior and
Sender Bridge ID inferior?
Sender Port ID
Receiver Port ID (not included in the
BPDU - evaluated locally as the final
tiebreaker)
Hellos, because their origination is driven
by the Hello timer.
What is another term for STP
Configuration BPDUs?
The BPDU expires within a time interval of
MaxAge - MessageAge seconds, and must
receive another BPDU within that time Each port in an STP topology stores the
frame. Designated Port's BPDU. DPs send their
own BPDU, and Root and Blocking ports
For example, with the default MaxAge store the received BPDU from the
time of 20 seconds, a switch that is two upstream switch.
hops away from the Root should receive a
BPDU with a MessageAge of 4, therefore When a port stores a received BPDU, when
it must receive another BPDU within 16 must it be refreshed?
seconds, otherwise the stored BPDU
expires.
-Elect the root switch
-Determine each switch's Root Port
-Determine the Designated Port for each What are the three steps STP uses to
segment determine which ports to forward and
block?
When STP is initialized on a switch, it
sends out BPDUs claiming itself to be the
Root. If it receives a superior BPDU, it How does STP elect the root bridge?
stops claiming to be the Root and stops
originating BPDUs, and starts forwarding
the received superior BPDUs onward.
The original Bridge ID is a 2-byte Priority
field + 6-byte System ID (MAC address).
What is the difference between the original
The revised BID splits the Priority field 802.1D Bridge ID, and the revised 802.1t
into a 4-bit Priority field + 12-bit System Bridge ID (now a part of 802.1D-2004)?
ID Extension (which is typically set to the
VLAN ID).
The revised 4-bit Priority field represents

the original Priority values in multiples of
4096.
Having multiple STP instances with the
same BID was in violation of 802.1D that
required a distinct BID for each switch. Before the 802.1D Bridge ID format was
Cisco used a different MAC address for revised, how did Cisco implement PVST?
each VLAN, which consumed a large
number of reserved MAC addresses in each
switch.
MAC address reduction
Prior to the 802.1t amendment, Per-VLAN What is another term for the revised STP
Spanning-Tree required a separate unique BID System ID Extension field?
MAC address for the BID for each VLAN,
which consumed a large number of

reserved MAC addresses on each switch.
Each switch must determine its single Root
Port.
What is the next step after the STP Root
Bridge is elected?
The switch adds the cost of the received
port to the RPC value in the received
BPDU, yielding a resulting BPDU that can What happens with regard to cost when a
be propagated on the switch's Designated nonroot switch in a STP domain receives a
ports. BPDU?
Root Path Cost
Sender Bridge ID
Sender Port ID When a nonroot switch in a STP domain
MessageAge receives a BPDU on its Root Port, what
BPDU values must be updated before the
BPDU is propagated on the switch's
Designated Port(s)?
True: BPDUs on these ports would be
inferior to BPDUs originated by a
neighbor's Designated Port for the segment. True or False: Classic STP switches do not
forward Configuration BPDUs (Hellos) out
Root Ports or ports that stabilize into
Blocking state.
There will always be only a single received
Configuration BPDU (Hello) that is
superior over all other received BPDUs. Why can there only be a single STP Root
Port?
False: The Root Bridge sends BPDUs with
a Root Path Cost of 0 since it is the root.
Additionally, the RPC value is adjusted by True or False: The STP Root Bridge adds
adding the port cost when a nonroot switch its STP Port Cost when sending BPDUs
receives a BPDU. out its Designated Ports.
Global:
spanning-tree pathcost method {short |
long} How do you change the STP cost method?
The short (802.1D-1998) method is used

by default for (R)PVST.
The long (802.1D-2004) method is used by

default for MST.
10 Mbps = 100
100 Mbps = 19
1 Gbps = 4 What are the STP port costs used for 10
10 Gbps = 2 Mbps, 100 Mbps, 1 Gbps, and 10 Gbps
links for the 802.1D-1998 standard?
10 Mbps = 2,000,000
100 Mbps = 200,000
1 Gbps = 20,000 What are the STP port costs used for 10
10 Gbps = 2,000 Mbps, 100 Mbps, 1 Gbps, and 10 Gbps
links for the 802.1D-2004 standard?
Designated Bridge (Switch)
What is the STP term for the nonroot

switch that forwards Configuration BPDUs
(Hellos) onto a particular LAN segment?
They are moved to Blocking state.
With STP, what happens when ports are

determined to be neither Root nor
Designated?
After the switch adds the STP Port Cost of
the port which received the BPDU, then all
received BPDUs (with the local Port Cost When determining the STP Root Port,
added to the RPC value) are compared. when is the Root Path Cost considered?
-A TCN BPDU is received on a DP
-A port moves to the Forwarding state and
the switch has at least one DP What four events are considered a STP
-A port moves from Learning or topology change?
Forwarding to Blocking
-A switch becomes the Root
The switch declares itself as the Root and
starts flooding its own BPDUs through its
connected ports. What happens if a switch running STP
loses its Root Port, but is not receiving
BPDUs from adjacent switches?
The inferior BPDUs are ignored until the
current Root Port's stored BPDU expires
(MaxAge - MessageAge). What happens when a STP Root Port starts
receiving inferior BPDUs?
The port becomes a Designated Port and
moves to the Listening state after the stored
BPDU expires (MaxAge - MessageAge). What happens when a switch running STP
The switch then searches for a new Root stops receiving BPDUs on its current Root
Port by comparing received superior Port?
BPDUs on other ports.
When there is a topology change, the link
used to reach the Root Bridge might be
changed as well, which means the CAM When there is a STP topology change, why
table must be updated to reflect which port do all of the CAM entries need to be aged
is now used to reach the MAC address of out?
the Root Bridge.
The switch sends a TCN BPDU out its
Root Port, repeating every Hello interval
(2s default) until it is acknowledged by the What happens when a switch in a STP
upstream switch. domain detects a topology change?
It sends back an acknowledgement in the
next forwarded Configuration BPDU
(Hello) by marking the Topology Change What happens in a STP topology when a
Acknowledgement bit in the Flags field. switch receives a TCN BPDU?
The Root Bridge originates BPDUs with
the Topology Change bit set for the next
MaxAge + ForwardDelay seconds, which What happens when the Root Bridge in a
instructs all switches in the STP domain to STP domain is informed of a topology
shorten their aging time for CAM entries to change?
ForwardDelay seconds.
Blocking, Forwarding, Disabled = stable
Listening, Learning = Transitory
Which classic STP port states are
considered stable, and which are
transitory?
Learning, Forwarding
During which classic STP port states are

source MAC addresses learned from
received frames?
By creating a different STP instance for
each VLAN, each VLAN can use a
different Root Bridge, which enables load What major issue does PVST solve over
distribution since a port that is blocked for Common Spanning Tree (CST)?
one VLAN can be forwarding for another
VLAN.
Classic IEEE 802.1D STP is not VLAN-
aware, and uses a single STP topology for
all VLANs, which is why it is referred to as Why is classic STP sometimes referred to
"common". as "Common Spanning Tree (CST)"?
Cisco PVST+ running on 802.1Q trunks
uses a VLAN 1 STP instance to
communicate with non-Cisco switches and How does Cisco PVST+ interoperate with
their STP. This allows for separate PVST+ non-Cisco switches that only support CST?
and CST regions, which creates an overall
loop-free topology across the CST regions
and VLAN 1 inside PVST+ regions, while
each PVST+ region utilizes multiple
spanning trees with potentially different
topologies within each separate PVST+
region.
There is an overall loop-free topology that
is bound to all VLANs in CST regions, and
VLAN 1 within PVST+ regions. Within In a STP topology containing both CST
individual PVST+ regions, other VLANs and PVST+ regions, how does the STP
can utilize different per-VLAN STP toplogy compare between regions?
topologies.
PVST+ BPDUs are encapulated on trunks
differently than ordinary BPDUs.
How is PVST+ able to treat CST regions
-Their destination MAC address is between PVST+ regions as loop-free
0100.0CCC.CCCD (as opposed to ordinary shared segments?
BPDU destination 0180.C200.0000)
-They are tagged with the corresponding
VLAN (ordinary BPDUs are untagged)
-They are SNAP encapsulated (ordinary
BPDUs are LLC encapsulated)
-They have a Port VLAN ID (PVID) TLV
placed at the end that carries the originating
VLAN number
0100.0CCC.CCCD
To which destination MAC address are
PVST+ BPDUs sent?
0180.C200.0000
To which MAC address are regular BPDUs

sent?
SNAP
What type of Ethernet encapsulation do

PVST+ BPDUs use?
LLC
What type of Ethernet encapsulation do

regular BPDUs use?
PVST+ BPDUs are 802.1Q tagged, and
each PVST+ BPDU has a Port VLAN ID
(PVID) TLV record carrying the How is the VLAN information conveyed in
originating VLAN ID. PVST+ BPDUs?
PVST+ BPDUs are 802.1Q tagged, and
carry a Port VLAN ID (PVID) TLV record.
When the destination switch receives the How can PVST+ BPDUs be used to detect
BPDU, it analyzes the PVID and compares native VLAN mismatches?
it with the VLAN on which it was received.
If the BPDU was sent untagged and
received on a destination VLAN requiring
a tag, or vice-versa, the native VLAN
mismatch is detected.
CST regions treat PVST+ BPDUs are
ordinary multicasts and floods the BPDUs
without processing them. When the PVST+ How are PVST+ BPDUs tunneled across
switches receive the flooded BPDUs from CST regions?
the CST regions, they can examine the
PVID TLV and process the BPDUs further
within the individual PVST+ regions.
VLAN 1 on PVST+ trunks sends both
standard BPDUs and PVST+ BPDUs. Only
the STP BPDU is used by both CST and How is VLAN 1 treated differently for
PVST+ to compute the spanning tree. The BPDU processing in PVST+?
PVST+ BPDU for VLAN 1 is used to
detect native VLAN mismatches, but is
otherwise ignored upon arrival.
Access ports send only IEEE BPDUs
relevant to their access VLAN
With PVST+, which types of BPDUs are
sent on access ports?
Trunk ports always send untagged IEEE
BPDUs for VLAN 1, and tagged PVST+
BPDUs for all existing and allowed With PVST+, which types of BPDUs are
VLANs, including VLAN 1, though the sent on trunk ports?
native VLAN will be untagged.
When processing received BPDUs, an

access port must receive only IEEE
BPDUs, otherwise a Type Inconsistent What happens if an access port receives a
state is declared. non-IEEE BPDU?
That BPDU is processed for the VLAN 1

STP instance.
What happens when a trunk port in a
PVST+ domain receives an IEEE-
formatted BPDU?
-Assign the BPDU to the proper VLAN via
802.1Q tag (or native VLAN if untagged)
What are the three processing steps that
-Check the PVID TLV in the BPDU. If the take place when a trunk port receives a
PVID does not match the VLAN, declare PVST+ BPDU?
PVID_Inconsistent state for the pair of
mismatched VLANs
-If the PVID matches the VLAN, process

the BPDU with STP, except for VLAN 1.
For VLAN 1, drop the BPDU and use the
received IEEE BPDU. The PVST+ BPDU
for VLAN 1 is only used for the native
VLAN mismatch check.
When a received PVST+ BPDU's PVID
TLV does not match the VLAN for which
the BPDU was received. There is a native What causes PVID_Inconsistent state?
VLAN mismatch in this case, and both
VLANs become PVID_Inconsistent.
A loop-free STP topology is calculated
across all CST regions, and across VLAN 1
in PVST+ regions. Then the remaining When PVST+ regions are interconnected
VLANs inside PVST+ regions calculate with CST regions, what two high-level
the loop-free STP topology per-VLAN. steps are performed to ensure an overall
loop-free topology?
show spanning-tree root
What command displays the STP Root

Bridge?
Globally:
spanning-tree vlan vlan priority priority
How do you configure the STP priority of a
Where priority is in increments of 4096. VLAN?
32768 + VLAN number (System ID
Extension)
What is the default STP priority for any
Example, VLAN 11 is 32768 + 11 = 32779 given VLAN?
Interface:
spanning-tree [vlan vlan] cost cost
How do you adjust the STP cost of a port?
Global:
spanning-tree vlan vlan root primary
diameter diameter
What single command sets the STP Root

This command is a macro that configures Bridge and adjusts all of the timers?
the switch with a lower priority than all
other switches, and adjusts the Hello,
ForwardDelay, and MaxAge timers
according to the entered diameter value
(the default being 7).
28672
What priority values does the command

spanning-tree vlan vlan root secondary
set the switch to?
24576 if the current root is higher, or the
same with a higher MAC address, or 4096
less than the current root. What priority value does the command
spanning-tree vlan vlan root primary set
the switch to?
Discarding, Forwarding = stable
Learning = Transitory
What are the RSTP stable and transitory
states?
Disabled, Blocking, Listening
RSTP defines the "Discarding" state as the

replacement for which STP states?
True. Ports in RSTP Discarding or STP
Blocking do not forward data frames,
receive data frames, or learn source MAC True or False: Ports in RSTP Discarding or
addresses, but do continue to process Layer STP Blocking states still process non-data
2 control plane traffic. frames including BPDUs and other Layer 2
protocols like DTP, VTP, CDP, etc.
Root Port
Designated Port
Alternate Port What are the RSTP Port Roles?
Backup Port
Alternate = replacement Root Port, event-
driven
Backup = replacement Designated Port, What is the difference between an RSTP
timer-driven Alternate Port and Backup Port?
The Alternate Port becomes the new Root
Port and immediately transitions to
Forwarding. With RSTP, what happens if the current
Root Port is lost, but an Alternate Port
exists?
Edge
Non-Edge (default)
What are the two RSTP port types, and
which is the default?
True: RSTP Edge ports immediately
become Designated Forwarding after
coming up, and send BPDUs, but do not True or False: RSTP Edge ports still send
expect to receive any back. If a BPDU is BPDUs.
received on an Edge port, it begins

operating as a Non-Edge port.
When an RSTP Edge port receives a
BPDU, it reverts to Non-Edge operations.
However, if the port is later disconnected What happens if an RSTP Edge port
or shutdown, when it comes back up it will receives a BPDU, but is later disconnected
revert to RSTP Edge operations until a or shut down?
BPDU is received again.
Interface:
spanning-tree link-type {point-to-point |
shared} How do you manually configure the RSTP
link type?
Designated, Discarding, Non-Edge
What is the default RSTP port role, state,

and type?
The RSTP link type is shared and uses
timer-driven operations instead of event-
driven. With RSTP, what happens if an inter-switch
link is either negotiated to or manually-
configured to half-duplex?
The RSTP link type is point-to-point until
proven otherwise (such as RSTP not
running on the other end of the link). With RSTP, what happens if an inter-switch
link is either negotiated to or manually-
configured to full-duplex?
One
STP uses Configuration and TCN BPDUs, How many types of BPDUs are used by
while RSTP contains everything within the RSTP?
single BPDU type.
2
What is the BPDU Protocol Version field

set to for RSTP?
TPPL FAT
Topology Change What bits are defined in the Flags field of

Proposal the RSTP BPDU?
Port Role (uses 2 bits)
Learning
Forwarding
Agreement
TC Ack
The MessageAge field is only used as a
hop count with RSTP. Any BPDU with a
MessageAge equal to or higher than the What is the MessageAge BPDU field used
MaxAge is discarded. for in RSTP?
When three Hellos are missed on a port, the
stored BPDU is aged out immediately.
What happens if an RSTP switch misses
three Hellos?
The receiving switch accepts the BPDUs

immediately, and replaces the previously-
stored BPDUs, as if the previous superior What happens with RSTP when a
BPDU had expired. Designated Switch starts sending BPDUs
that are inferior to those sent previously?
The receiving switch then re-evaluates its
port roles and states. This allows RSTP to
more quickly react to changes in the
topology, because receipt of an inferior
BPDU means there was a change with
regard to reaching the root (or the root
itself changed).
RSTP uses the Proposal/Agreement
process on point-to-point links to quickly
put them into operation without causing a What is the purpose of the RSTP
temporary switching loop or significant Proposal/Agreement process?
interruption in communications.
For example, a newly-added p2p link could

cause one of the attached switches to place
its Root Port on the new link, which could
change other port roles in the network.
Without the Proposal/Agreement process,
switching loops can occur.
The Proposal signifies the willingness of a
port to become Designated Forwarding.
With the RSTP Proposal/Agreement
The Agreement grants permission for the process, what is the meaning of the
upstream port to become Designated proposal, and what is the meaning of the
Forwarding immediately. agreement?
True. The Proposal bit indicates the port's
willingness to become Designated
Forwarding. True or False: Any RSTP Designated Port
in the Discarding or Learning state sends
BPDUs with the Proposal bit set.
The switch receiving the best resulting
BPDU changes its port role from
Designated to Root (while remaining in the What is the first thing that happens when
Discarding state). two ends of an RSTP point-to-point link
receive each other's Proposals, assuming
each end of the link has the right to be
Designated?
Connect > Determine Root > Others
Discard > Root Agreement Forward >
Designated Agreement Forward > Repeat What are the six steps of the RSTP
Proposal/Agreement & Sync process?
-P2P link connected, both ports are
Designated Discarding and send Proposals
-Port receiving superior BPDU becomes
Root Discarding and adjusts other port
roles on the switch
-All Non-Edge Designated ports on the
switch are put into Discarding state (Sync)
-New Root moved to Forwarding state and
Agreement sent upstream
-Upstream switch receives Agreement and

moves Designated port to Forwarding state
-Entire process repeats between
downstream switches
Non-Edge ports participate in the
Proposal/Agreement/Sync process during
topology changes, which can result in Why is it critical to define Edge ports in an
major temporary connectivity losses if the RSTP domain?
connected devices do not participate in the
process (such as with a regular host),
whereas Edge ports are always in the
Forwarding state.
The transition of a Non-Edge port from
Discarding or Learning to Forwarding.
What consistutes a topology change event
This is due to Forwarding ports providing a in RSTP?
path to a set of MAC addresses, and
therefore the CAM tables need to be
updated.
When a port is moved into Forwarding
state, it can provide a path to a set of MAC
addresses, and therefore CAM tables need Why is a port that is moved into the
to be updated. Forwarding state considered a topology
change event for RSTP?
True, Edge ports remain in the Forwarding
state, and the MAC addresses learned on
Edge ports are unaffected. True or False: RSTP Edge ports never
cause a topology change event, and MAC
addresses learned on them are not flushed
during topology change event handling.
If one of its own Non-Edge ports moves
into the Forwarding state, or if it receives a
BPDU on a Root or Designated port with How does an RSTP switch detect a
the TC flag set. topology change?
-The switch sets a tcWhile timer (Hello + 1
sec) on all Non-Edge Designated Ports and
Root Port, except the port that What three things happen when an RSTP
detected/learned the change switch detects a topology change?
-The switch immediately flushes all MAC
addresses learned on those ports
-The switch sends BPDUs with the TC flag
set on those ports every Hello seconds until
the tcWhile timer expires
Globally:
spanning-tree mode rapid-pvst
How do you enable RPVST+?
Important: Define Edge ports with
spanning-tree portfast or spanning-tree
portfast default
True. While PVST+/STP will use classic
STP rules, and RPVST+/RSTP will use
RSTP rules, Per-VLAN regions are still True or False: RPVST+ and RSTP operate
tunneled over the CST regions in the same exactly like PVST+ and STP with regard to
manner. CST and Per-VLAN regions.
-All switches must run RSTP/RPVST+
-All inter-switch links must be properly
installed and recognized as point-to-point What are the three requirements for RSTP
links to provide quick reaction to changes in the
-All ports toward end stations must be network topology?
properly identified as Edge ports
Classic STP / PVST+ rules will be in effect
for that port
What happens if a switch running
RSTP/RPVST+ connects to a switch
running classic STP or PVST+?
RSTP reverts to timer-based (instead of
event-driven) operations on shared
segments, which greatly increases What happens when switches running
reconvergence time during topology RSTP have shared segments (instead of
changes. point-to-point links)?
Several platforms, such as the 2960, 3560
and 3750, support up to 128 STP instances
(and therefore 128 active VLANs). To get For lower-end Catalyst switching
around this limitation, use MST. platforms, what is the R/PVST+ instance
limitation, and how do you get around it?
65: Instance 0 + up to 64 user-defined
instances
How many active instances does MST
support?
0 - 4095. MST uses the 802.1t System ID
Extension field for instance numbers.
What is the valid range of MST instance
numbers?
MST uses a single BPDU to carry
information about about all instances.
How many BPDUs are used to carry
information about MST instances?
Designated
In MST, a port sends BPDUs if it is ___ for

at least one MST instance.
Internal Spanning Tree
What is MST instance 0 referred to as?

Without configuration, MST maps all
VLANs to instance 0, the Internal
Spanning Tree (IST) When MST is used without being
configured, where do all VLANs reside?
At the MST region boundary, the role and
state of the port is a part of the IST and is
inherited by all VLANs on that port, not What purpose does the MST Internal
just the VLANs mapped onto the IST. This Spanning Tree serve at MST region
is what allows MST to make the entire boundaries?
region appear as a single switch to other

regions and non-MST switches.
Each region is treated by the rest of the
network as a single switch, and a Common
Spanning Tree representing all VLANs is How is a loop-free topology built between
built between each region, and non-MST MST regions?
regions.
Costs in the CST reflecting links both
between MST regions and non-MST
regions. What are MST external costs?
The CIST is the union of the CST between
regions and the ISTs inside individual
regions, and is the single spanning tree that What is the MST Common and Internal
spans the entire switched topology. Spanning Tree (CIST)?
Each IST has a regional Root switch

(called the CIST Regional Root), and the
CIST has a single CIST Root switch
overall.
The MST CIST Root Swith is the switch
with the lowest Bridge ID from all switches
that participate in CIST - both IST roots How is the MST CIST Root Switch
inside MST regions, and from all elected?
STP/RSTP switches.
Only those MST swtiches at the region
boundary (those that have links to other
regions). For MST regions that do not contain the
CIST Root, which switches are allowed to
assert themselves as IST Root switches?
The MST Master port is the CIST Regional
Root switch (IST Root)'s Root Port to
reach the CIST Root switch, and provides What is the MST Master port?
connectivity toward the CIST Root for all
MST instances inside the region.
-Lowest external root path cost to the CIST
Root switch (the CST cost of reaching the
region with the CIST Root) How are MST IST Root switches elected?
-Lowest IST Bridge ID of boundary
switches if there is a tie in cost
The external root path cost from candidate
IST Root bridges is calculated using the
Common Spanning Tree costs toward the During MST IST Root election, how is the
region containing the CIST Root switch. In external root path cost calculated?
other words, the cost of the links between
regions, not the costs within the regions
themselves, are used.
To allow for a consistent interoperation
between MST and PVST+ regions. The
PVST Simulation process allows a single What is the reason for the PVST
MST instance and a single PVST+ instance Simulation mechanism?
to directly interact with each other, but
have all PVST+ instances arrive at a
consistent port role decision.
The MST switch boundary ports replicate

the IST's BPDUs into PVST+ BPDUs for
all active VLANs. When MST interacts with PVST+, what
does the MST boundary port do to ensure
all PVST+ instances make a consistent
decision regarding the PVST+ boundary
port role?
If the BPDUs sent by the MST boundary
port are superior to all received PVST+
BPDUs on the port. When a PVST+ region interacts with a
MST region, what causes the MST
boundary port to become Designated?
The MST boundary port must receive
PVST+ BPDUs that are identical or
superior to the received PVST+ BPDU for When a PVST+ region interacts with a
VLAN 1. MST region, what causes the MST
boundary port to become Root?
For the BPDUs for all VLANs other than 1
to be superior when the System ID
Extension is used, their priority must be at
least 4096 lower than the priority of the
PVST+ VLAN 1 root switch.
If the incoming VLAN 1 PVST+ BPDU is
superior to its own BPDUs, but not
superior enough to make it become a Root When a PVST+ region interacts with a
port (e.g. there is another connection MST region, what causes the MST
between the regions that is better). Non- boundary port to become Non-Designated
Designated ports are blocked. (but not Root)?
-If the Root Bridge for the CIST is in a
non-MST region, the STP priority of
VLANs 2 and above within that region When a PVST+ region interacts with a
must be superior to that of VLAN 1 MST region, what two rules must be
followed to prevent PVST Simulation
-If the Root Bridge for the CIST is within a Inconsistent / Root Inconsistent errors?
MST region, the STP priority of VLANs 2
and above in the non-MST regions must be
inferior than that of the CIST root
The MST region should appear as a root
switch to all PVST+ instances by lowering
the IST root's priority below all PVST+ What is considered a best practice when
switches in all VLANs. working with a mixed MST and PVST+
network?
-STP
-RSTP
-PVST+ Which STP mode will a Cisco MST switch
-PVST+ port operate in when connecting to a switch
running:
When a Cisco MST switch connects to a
RPVST+ region, PVST+ operation is used -STP
on the region boundary. -RSTP
-PVST+
-RPVST+
-Region Name
-Revision Number
-VLAN-to-Instance Mappings
What are the three mandatory elements in
an MST region whose configuration must
match on all switches within the region?
Within the MST BPDUs is the region
name, revision number, and MD5 hash of
the VLAN-to-Instance mapping. If all three How do two MST switches consider
of these match, the switches are in the same themselves to be in the same MST region?
MST region.
The MST VLAN-to-Instance mappings are
distributed in the MST BPDUs as an MD5
hash, and can be verified with: How are MST VLAN-to-Instance
mappings distributed, and how can you
show spanning-tree mst configuration verify this?
digest
Create the VLAN-to-Instance mappings for
all possible VLANs within a region, even if
the VLANs do not currently exist. What is considered a best practice for MST
with regard to VLAN-to-Instance
Modifying the VLAN-to-Instance mapping mappings?
must be performed on all switches within
the region and requires an outage window.
However, VLANs can be both created and
deleted after they are mapped to an
instance and will not cause a topology
change event with respect to MST.
show spanning-tree mst configuration
digest
How can you verify if a switch supports
If a single MD5 value is listed, the switch only pre-standard MST?
only supports pre-standard MST. Two MD5
digests indicate support for both standard
and pre-standard MST.
The switch running standard MST must
have spanning-tree mst pre-standard
configured on the port toward the pre- If a switch running standard MST is
standard MST switch. connected to another switch supporting
only pre-standard MST, what must be
configured?
Globally:
spanning-tree mst configuration
What is the first step to configure MST?
abort
How do you exit from MST configuration

mode without saving the changes?
show pending
How do you verify unapplied changes to

the MST configuration?
show current
From within MST configuration mode,

how do you verify the existing
configuration, whether or not changes have
been made?
spanning-tree mode mst
After configuration, how do you enable

MST on a switch?
name name
revision number
instance number vlan number-or-range From within MST configuration mode,
how do you configure the three required
parameters?
Globally, per-instance:
spanning-tree mst instance priority
priority How do you modify the MST priority on a
switch?
VTPv3 can distribute MST configuration
information, and there is a 1:1 relationship
between the VTPv3 domain and the MST What is the relationship between the
region. VTPv3 domain and the MST region?
Globally:
vtp mode server mst
How do you configure VTPv3 to distribute
Exec: the MST configuration?
vtp primary mst
PortFast will be the default operating mode
for all interfaces in access mode (whether
statically set or dynamically negotiated), What does the global command spanning-
unless configured otherwise, or unless the tree portfast default do?
individual port receives a BPDU.
Interface:
spanning-tree portfast disable
With PortFast enabled globally, how do
you disable it on a specific interface?
Interface:
spanning-tree portfast trunk
How do you enable PortFast on a port that
Important: This command is meant for end- connects to a host capable of 802.1Q
devices like routers and hypervisors. Never tagging?
issue this command on ports connecting to
other switches.
BPDU Guard error-disables a port
immediately upon receipt of any BPDU.
What is the purpose of BPDU Guard?
Root Guard ignores any received superior
BPDUs to prevent the port from becoming
the Root Port. When a superior BPDU is What is the purpose of Root Guard?
received, the port is placed into Root-
Inconsistent Blocking state and stops
sending and receiving data frames until the
superior BPDUs stop.
Globally:
spanning-tree portfast bpduguard
default How do you globally enable BPDU Guard?
Interface:
spanning-tree bpduguard {enable |
disable} How do you unconditionally configure the
operation of BPDU Guard?
Interface:
spanning-tree guard root
How do you enable Root Guard?
spanning-tree portfast bpdufilter default
How do you configure BPDU Filter

globally?
When enabled globally, BPDU Filter is
activated only on PortFast (Edge) ports.
When the port comes up, the port sends 11 When BPDU Filter is enabled globally,
BPDUs (1 immediately, then again over the how does it operate?
next 10 Hello intervals). If no BPDUs are
received, the port stops sending BPDUs. If
BPDUs are received at any time, BPDU
Filter is deactivated on the port and starts
sending and receiving BPDUs normally. If
the port is disconnected, the process starts
over again.
spanning-tree bpdufilter disable
How do you disable BPDU Filter on an

interface?
Interface:
spanning-tree bpdufilter enable
How do you cause a port to unconditionally
stop sending and receiving BPDUs?
The port is automatically err-disabled.
What happens if an interface receives a

BPDU when it is configured globally for
BPDU Filter, and also configured (either
globally or per-port) for BPDU Guard?
UDLD
STP Loop Guard
Bridge Assurance What are the four mechanisms available to
RSTP/MSTP Dispute detect and avoid issues caused by
unidirectional links on Catalyst switches?
Switch identity / port identity pair as
message originator
List of all neighboring switch/port pairs What information is transmitted in UDLD
heard on the same segment messages?
-Received UDLD messages do not contain
the exact switch/port pair from the list of
detected neighbors What three ways does UDLD detect
-Received UDLD messages containing the unidirectional links, and what happens
exact switch/port pair as the originator when a unidirectional link is detected?
(self-looped port)
-Received UDLD messages contain more
than one switch/port pair in the list of
detected neighbors, but only one neighbor
is detected.
If any of these conditions occur, UDLD

declares the link as unidirectional and err-
disables the port.
When UDLD messages are no longer
received, both try to reconnect with the
switch's neighbor(s) eight times. What is the difference between UDLD
Normal and Aggressive mode?
If the attempts fail, Normal mode does
nothing, while Aggressive mode err-
disables the port.
It only applies to fiber ports when enabled
globally, whereas per-port UDLD
configuration activates regardless of the What is a caveat of enabling UDLD
underlying media type. globally?
Globally:
udld {enable | aggressive}
How do you enable UDLD?
Per-port (required for non-fiber interfaces):
udld port [aggressive]
show udld
How do you verify the operational state of

UDLD?
show udld neighbors
How do you verify connectivity with

UDLD neighbors?
You can shut/no-shut, or issue the
command udld reset
How do you re-enable a port that has been
err-disabled by UDLD?
STP Loop Guard prevents Root and
Alternate ports from becoming Designated
as a result of total loss of incoming What is the purpose of Loop Guard?
BPDUs.
STP Loop Guard places Root and Alternate
ports into blocking Loop Inconsistent state
if they stop receiving BPDUs, and are How does Loop Guard work?
brought out of that state automatically if
they start receiving BPDUs again.
Globally:
spanning-tree loopguard default
How do you configure Loop Guard
Interface: globally, and per-port?
spanning-tree guard loop
Bridge Assurance is for RPVST+ and

MST, and when enabled, always sends
BPDUs each Hello interval, whether the What is STP Bridge Assurance?
port is Root, Designated, Alternate or
Backup. If a BA-protected port does not
receive BPDUs, the port is placed into BA-
Inconsistent blocking state until it starts
receiving BPDUs again.
BA protects against both unidirectional

links, and malfunctioning switches that
completely stop participating in
RPVST+/MST while opening all their
ports.
It requires RPVST+ or MST point-to-point
links
It requires configuration on the neighboring What are the three major requirements of
device(s) using STP Bridge Assurance?
It requires a supported platform, such as
Catalyst 6500
Requires both global and per-port
configuration.
How do you enable STP Bridge
Global: Assurance?
spanning-tree bridge assurance
Interface:
spanning-tree portfast network
This can only be configured on

RPVST+/MST point-to-point links.
It is used to detect unidirectional link
failures.
What is the RPVST+/MST Dispute
If a Designated Port receives an inferior mechanism?
BPDU from another port that claims to be
Designated Learning or Designated
Forwarding, the Designated Port keeps its
role but is moved to Discarding state.
STP Dispute does not work with classic
STP / PVST+ because it relies on the Port
Role and Port State flags within the RSTP Why does the STP Dispute mechanism
BPDU, which are not present in classic require RPVST+ / MST?
STP BPDUs.
There is no configuration because it is built
into the RSTP protocol and is conveyed by
the Port Role and Port State flags inside the How do you configure the STP Dispute
RSTP BPDU. mechanism?
The data is based on the contents of the
Layer 2, 3, or 4 headers.
The EtherChannel load-balancing method
If load balancing is based on only one is based on a proprietary hashing function.
header field in the frame, that single field is What data is fed to this hashing function,
fed to the hashing function. and how?
If multiple headers from the frame are

used, an XOR operation between the fields
is used, and the result of the XOR is fed to
the hashing function.
False, devices can and often do use
different load-balancing algorithms on each
end. True or False: Devices on opposite ends of
an EtherChannel bundle must use the same
load-balancing algorithm.
Globally:
port-channel load-balance type
How do you configure the EtherChannel
load distribution method?
Some platforms support a 3-bit load
balancing hash, and others support an 8-bit
hash. The difference is how fine-grained What is the difference between the
the distribution of traffic is across the links EtherChannel 3-bit and 8-bit load
in the bundle. A 3-bit hash means the balancing hash?
traffic can be divided into 8 chunks
(12.5%), whereas an 8-bit hash can divide
traffic into 256 chunks (0.39%).
If there are three links in an EtherChannel

bundle, traffic is distributed across the links
in a ratio of 3:3:2 or 37.5%:37.5%:25%
with a 3-bit hash. With an 8-bit hash, the
same traffic is distributed in a ratio of
86:85:85 or 33.6%:33.2%:33.2%.
True
True or False: All links in an EtherChannel

bundle must have the same speed and
duplex settings.
True

bundle must have the same operating mode
(trunk, access, dynamic).
True

bundle must have the same access VLAN if
not trunking.
False: the trunk type, allowed VLANs, and
native VLAN must be the same on all
links. True or False: All links in an EtherChannel
bundle, if trunking, must use the same
trunk type and native VLAN, but can have
different allowed VLANs.
True

bundle must have the same STP cost per-

VLAN.
False. While you can do this, it is
recommended to configure the physical
interfaces identically first, and then issue True or False: You must create the
the command channel-group number EtherChannel interface (with the command
mode mode on each of the physical interface port-channel number) before
interfaces. The port-channel interface is adding physical interfaces to the bundle.
automatically created and inherits the
configuration of the first physical interface
to be added to the bundle.
All physical interfaces that are members of
an EtherChannel bundle must have the
same configuration. When you issue the Why should you have an EtherChannel
command channel-group number mode interface created automatically via the
mode on the first physical interface, the physical interface channel-group number
port-channel interface is created mode mode command, instead of creating
automatically, the configuration of the first the interface manually?
physical interface is copied to it, and the
configuration of all subsequent physical
interfaces that are added to the bundle are
compared to the port-channel interface
configuration. Interface configurations that
do not conform are suspended from the
port-channel interface.
If the configuration on the physical
interface differs from the port-channel
interface, it becomes Suspended from the What causes an EtherChannel member to
bundle. become Suspended?
The configuration changes are pushed
down the the port-channel member
interfaces, but only for those that are not What is a caveat of modifying the
currently Suspended. You must manually configuration on a port-channel interface?
configure the Suspended members to be
identical to the port-channel interface to
unsuspend them.
True: You must delete and re-create an
EtherChannel to switch the mode. You
must change the mode on the physical True or False: An EtherChannel can be
interfaces first, then re-create the either Layer 2 or Layer 3, but the mode
EtherChannel. cannot be changed.
Both the port-channel and physical
interfaces must be shutdown, then unshut.
If an EtherChannel has err-disabled ports,
If this does not resolve the issue, the port- how do you resolve this without errdisable
channel may need to be deleted and re- recovery?
created.
Enabled by default, disable with no
spanning-tree etherchannel guard
misconfig How do you configure EtherChannel
Misconfig Guard?
EtherChannel Misconfig Guard disables an
entire port-channel bundle if it receives
BPDUs sources from different MAC How does EtherChannel Misconfig Guard
addresses on a port-channel interface, work?
indicating that the neighbor is treating
some of the links as individual and not
bundled together.
802.1AX
Previously 802.3ad
What is the IEEE standard for LACP?
The frequency of sending PAgP messages
can be configured per-port:
pagp timer {normal | fast} What is the only configurable parameter of
PAgP?
Normal = 30 seconds
Fast = 1 second
16, though only up to 8 can be active. The
remaining are in Standby.
How many links can be placed into an
LACP bundle?
The switch with the lower LACP System
ID selects the link to be promoted. The link
with the lowest Port ID is chosen. How does an LACP Standby link get
promoted to Active?
A configurable 16-bit Priority value + base
MAC address
What does the LACP System ID consist
of?
16-bit Priority + port number
What does the LACP Port ID consist of?

Globally:
lacp system-priority 0-65535
How do you configure the LACP System
ID?
Interface:
lacp port-priority 0-65535
How do you configure the LACP Port
Priority?
It forces IOS to reject EtherChannel
commands for the other protocol, and for
on mode. For example, channel-protocol What does the EtherChannel channel-
lacp forces you to use the channel-group protocol {lacp | pagp} command do?
number mode {active | passive}
command, and prevents you from using
mode auto, desirable, or on.
False: PAgP and LACP only verify whether
the links to be bundled are consistently
connected to the same neighboring device True or False: PAgP and LACP perform
and are to be bundled into the same link checks to ensure ports are configured
aggregation group. identically with regard to operating mode,
allowed VLANs, native VLAN, and
enapsulation type.
60 seconds
How frequently are CDP messages

generated?
show cdp
How can you verify the current CDP hello

and hold time?
Globally:
cdp timer seconds
cdp holdtime seconds How do you adjust the CDP timers?
show cdp entry DeviceName
How can you view more information about

a single CDP neighbor?
802.1AB
What is the IEEE standard for LLDP?

Port description
System description
System capabilities What are the five mandatory LLDP TLVs?
System name
Management address
Globally:
lldp run
How do you enable LLDP?
Interface:
[no] lldp transmit
[no] lldp receive When LLDP is enabled globally, how do
you enable/disable it per-interface?
Globally:
lldp holdtime seconds
lldp reinit seconds How do you adjust the LLDP timers?
lldp timer seconds
show interfaces status err-disabled
How do you view which ports are in the

err-disabled state?
show spanning-tree inconsistent ports
How do you verify which ports have a

Spanning-Tree-related error?
PVST+ BPDUs are received on a non-
802.1Q port, which is usually caused by
interconnecting access and trunk ports. What does the STP inconsistency "Type
(*TYPE_Inc)" indicate?
PVST+ BPDUs are received in a different
VLAN than they were originated in, which
is usually caused by a native VLAN What does the STP inconsistency "Port
mismatch. VLAN ID (*PVID_Inc)" indicate?
PVST+ BPDUs received on an MST

boundary port do not meet the PVST
Simulation consistency criteria. What does the STP inconsistency "PVST
Simulation (*PVST_Inc)" indicate?
A Loop Guard-protected Root or Alternate
Port was prevented from becoming
Designated after BPDUs stopped arriving. What does the STP inconsistency "Loop
(*LOOP_Inc)" indicate?
A Root Guard-protected port tried to
become a Root Port after receiving superior
BPDUs. What does the STP inconsistency "Root
(*ROOT_Inc)" indicate?
A Bridge Assurance-protected port stopped
receiving BPDUs.
What does the STP inconsistency "Bridge
Assurance (*BA_Inc)" indicate?
True, the error message received is similar
to:
True or False: A different VTP domain
%DTP-5-DOMAINMISMATCH: Unable name can cause a failure with DTP trunk
to perform trunk negotiation on port negotation.
interface because of VTP domain
mismatch.
show vtp status will reveal "MD5 digest
checksum mismatch"
What is an indication of a mismatched VTP
password?
True. Individual ports can be a SPAN
source, but not a destination.
True or False: No port in an EtherChannel
can be a SPAN destination port.
QoS parameters are configured on the
physical interfaces, not the logical port-
channel interface, and must match across How is QoS configured with
all interfaces. EtherChannels?
show etherchannel summary
How can you view information about all

EtherChannels?
show interface interface etherchannel
How do you view information about a

specific EtherChannel member?
-Eliminate Layer 1 issues with show
interface commands
-Verify that the VLAN exists on the switch What are four ways to troubleshoot a
-Verify that the interface is assigned to the switch for lack of reachability to devices in
correct VLAN the same VLAN?
-Verify that the VLAN is allowed on the
trunk
(2^X) - 2
Example: /24 is 8 host bits, (2^8) - 2 = 254 If a subnet is defined with X host bits, how
usable IP addresses. many valid usable IP addresses are in the
Example: /30 is 2 host bits, (2^2) - 2 = 2 subnet?
usable IP addresses
Example: /21 is 11 host bits, (2^11) - 2 =
2046 usable IP addresses
-Inside Local (private) address maps to
Inside Global (public)
-Outside Local (typically private) address With static NAT, what is the relationship
maps to Outside Global (public) between inside/outside/local/global IP
addresses?
Interface:
ip nat {inside | outside}
How do you define interfaces for NAT?
Globally:
ip nat inside source static inside-local
inside-global How do you configure static NAT to map
an inside local address to an inside global
address?
show ip nat translations
How do you verify the current NAT table?

access-list number permit subnet wildcard
ip nat pool inside-global start-ip end-ip
netmask mask How do you configure dynamic NAT to
ip nat inside source list number pool map a range of inside local addresses to a
inside-global pool of inside global addresses?
Misses occur when NAT looks for a NAT
table entry, doesn't find one, and needs to
dynamically create the entry. When viewing the output of show ip nat
translations, what does the "Misses:" field
indicate?
clear ip nat translations entry-or-*
How do you remove entries from the

current NAT table?
ip nat inside source list number interface
interface overload How do you configure PAT using a range
of IP addresses as inside local addresses,
and the IP address of a specific interface as
the inside global address?
ip nat pool inside-global start-ip end-
ip netmask mask How do you configure PAT using a range
ip nat inside source of IP addresses as inside local addresses,
list number pool inside-global overload and a pool of addresses as inside global
addresses?
-Stateful is similar to how DHCP operates
for IPv4
-Stateless uses DHCP to provide various For IPv6, what is the difference between
DHCP options (such as TFTP server), but stateful and stateless DHCP?
uses SLAAC for addressing.

show ip nat statistics
How do you view NAT counters and basic

configuration information?
1
What is the IP protocol number for ICMP?

6
What is the IP protocol number for TCP?

17
What is the IP protocol number for UDP?

Very Heavy Dudes Prefer Fat Fried Food
To Pretty Healthy Salad Dish Options
What are the 13 fields in the IPv4 header?
Version
Header Length
DS Field
Packet Length
Fragment ID
Fragment Flag
Fragment Offset
TTL
Protocol
Header Checksum
Source IP Address
Destination IP Address
Options
Very Tall Fellows Place Nine Hammers
Softly Down
What are the fields in the IPv6 header?
Version
Traffic Class
Flow Label
Payload Length
Next Header
Hop Limit
Source IPv6 Address
Destination IPv6 Address
The Header Length field is 4 bits
representing the number of 32-bit words.
The minimum value is 5 (20 bytes) and the What is the range of values for the IPv4
maximum is 15 (60 bytes) since it is a 4-bit header Header Length field?
field.
Bit 0: Reserved, must be 0
Bit 1: Don't Fragment (DF)
Bit 2: More Fragments (MF) What are the values of the fragment flags
in the IPv4 header?
The DF bit is commonly used for Path
MTU Discovery
Fragmented packets have the MF bit set

except for the final fragment
0x0806
What is the EtherType of ARP?

Both static and dynamic entries are stored
in the local ARP cache.
Where are static ARP entries stored?
Source knows Destination IP, but needs
MAC. Is the IP on the same subnet?
How does the ARP process work?
-Source checks ARP cache first
-If no entry, Source broadcasts ARP
Request for destination MAC if IP is on the
same subnet, or MAC of default gateway
-Destination (or default gateway) adds
Source's MAC to its ARP cache, and sends
unicast ARP Reply to Source
-Source updates its ARP cache
-Devices that heard the ARP Request

broadcast may update their own caches
with the Source's MAC/IP so they do not
have to send their own ARP Request later.
-If the Destination IP must pass through the
default gateway, the DG begins its own
ARP process, if necessary.
A router can use Proxy ARP when the
Source needs to reach a Destination that is
not on the local network segment, but can How does Proxy ARP work?
be reached through the router.
For example, if Device A is in the

10.1.0.0/16 network, and Device B is in the
10.1.100.0/24 network, and both segments
are connected to different interfaces on the
same router, Device A believes it is on the
same network as Device B. Device A sends
an ARP Request for Device B, and the
router replies back to A on behalf of B.
-Client broadcasts DHCPDISCOVER
request
-Router forwards request to DHCP server What is the general process of a DHCP
IP address configured on the receiving client receiving an appropriate IP address
interface with ip helper-address ip and from a DHCP server on another subnet?
sets its own interface IP address in the
giaddr (gateway IP address) field
-DHCP server uses giaddr field to
determine appropriate IP address to offer,
and to which IP address to send the
DHCPOFFER to
-Router receives DHCPOFFER message
from server and broadcasts it to the client
-Client broadcasts DHCPREQUEST, router
unicast forwards it to the DHCP server
-Server unicasts DHCPACK to router,

router forwards to client
Globally:
ip dhcp excluded-address ip
How do you prevent the IOS DHCP server
from handing out specific addresses?
ip dhcp excluded-address start-ip end-ip
ip dhcp pool name How do you configure a basic DHCP

network network mask server on IOS?
dns-server ip
default-router ip
3s Hello
10s Dead
What are the default HSRP Hello and Dead
intervals?
1 - 255
100
What is the HSRP priority range, and
default value?
Disabled
HSRP preemption is ___ by default.

255
How many HSRP groups can be

configured per-interface?
0000.0C07.ACxx where xx is the HSRP
group in hexadecimal
What is the HSRP vMAC?
False
True or False: The HSRP VIP does not

have to be in the same subnet as the router
interface.
True
True or False: The HSRP VIP must be

different from any of the routers' individual
interface IP addresses.
Cleartext
MD5 via key-chain
What types of authentication does HSRP
support?
Interface:
standby group track number decrement
number How do you configure HSRP to
automatically decrease its priority based on
the state of a tracked object?
show standby interface
How do you view the HSRP state, VIP,

vMAC, and timers for a particular
interface?
MHRSP works by creating two or more
HSRP groups within the same IP subnet,
and assigning groups of clients to different How does MHSRP work?
VIPs with the intention of multiple routers
serving as the default gateway for different
groups of clients, but still allowing for
failover.
0000.5E00.01xx where XX is the group
number in hexadecimal.
What is the vMAC used by VRRP?
Enabled
VRRP preemption is ___ by default.

Master
HSRP uses the term Active router. What is

the VRRP equivalent?
0007.B40X.xxyy where Xxx is the 10-bit
GLBP group number, and yy is the AVF
number. What is the vMAC used by GLBP?
The Active Virtual Gateway (AVG) assigns
a vMAC for up to four Active Virtual
Forwarders (AVFs). When a client ARPs How does GLBP work, at a high level?
for the VIP of the default gateway, the
AVG hands out a different AVF vMAC for
each request.
1024
How many GLBP groups can be

configured on an interface?
Interface:
ntp broadcast
How do you configure a router to advertise
itself as an NTP server?
Globally:
ntp authentication-key number md5
password How do you configure MD5-based
ntp authenticate authentication for NTP?
ntp trusted-key number
Globally:
ntp master level
How do you configure the NTP server
stratum level?
show ntp associations
How do you display the NTP servers in use

by the device?
Globally:
ntp server ip
How do you configure a device to be an

NTP client?
Globally:
ntp peer ip
How do you configure NTP symmetric
active mode?
The SNMP Agent
With SNMP, what is the device being

managed referred to as?
The management software polling the
SNMP agent on the device.
What is the SNMP Manager?
-Data definition
-MIBs
-Protocols What are the four major functional areas to
-Security/Administration support the core function of allowing
SNMP mangers to manage SNMP agents?
Structure of Management Information
(SMI)
The SNMP data definition refers to syntax
conventions for how to define the data to
an agent or manager. What are these
specifications referred to as?
SMI
SNMP MIB definitions conform to the

appropriate ___ version.
UDP 161
UDP 162 for traps
Which ports are used by SNMP?
SNMP v2c is a pseudo-release (RFC 1905)
that allowed SNMP v1-style communities
with SNMP v2, but is otherwise equivalent What does the "c" refer to for SNMP v2c?
to SNMP v2.
community strings
What does SNMP refer to the cleartext

passwords as?
Both to supply SNMP information and
acknowledge receipt of other SNMP
messages. What is the purpose of the SNMP
Response message?
Get
GetNext
GetBulk What are the three SNMP messages used to
request information from an SNMP Agent?
Response
Trap
Which SNMP messages are typically sent

by an SNMP Agent?
False, Traps are unsolicited and
unacknowledged.
True or False: The SNMP manager
produces a Response message when
receiving a Trap message from an SNMP
agent.
Get is a request for a single variable's
value.
What is the difference between the SNMP
GetNext is a request for the next single Get, GetNext, and GetBulk messages?
MIB leaf variable in the MIB tree.
GetBulk is a request for multiple

consecutive MIB variables with one
request, which is useful for getting
complex structures such as an IP routing
table.
True
True or False: An SNMP Agent replies to

an SNMP Set message from an SNMP
Manager with an SNMP Response
message.
To allow SNMP Agents to send unsolicited
information to SNMP Managers.
What is the purpose of the SNMP Trap
message?
The SNMP Inform message is used
between SNMP managers to allow MIB
data to be exchanged. What is the SNMP Inform message used
for?
GetBulk
Inform
What are the two new message types
introduced in SNMP v2?
MIB walk
What is the name of the process of viewing

large portions of an SNMP MIB from an
SNMP Agent?
Define an ACL and reference it with the
SNMP configuration.
How can you configure IOS to allow
Example: SNMP access from only specific IP
access-list 1 permit 10.1.1.0 0.0.0.255 addresses?
snmp-server community community RO
1
Globally:
snmp-server enable traps trap-type
How do you configure an IOS device to
send specific SNMP traps?
Globally:
snmp-server host ip community
How do you specify which SNMP
Manager for IOS to send SNMP traps to?
True, but can be configured to do so with
logging buffered
True or False: Cisco devices do not log
events to NVRAM by default.
UDP 514
What is the default Syslog port?

To provide real-time event notification by
sending messages that enter the event log
to a specified Syslog server. What is the general purpose of Syslog?
All events that enter the event log are sent
by default.
By default, what events are sent to a
configured Syslog server from IOS?
Globally:
logging host syslog-server
How do you enable an IOS device to send
events to a Syslog server?
Globally:
logging trap level
How do you configure the severity level of
Syslog messages to be sent to the Syslog
server?
0 emergency
1 alert
2 critical What are the eight Syslog severity levels?
3 error
4 warning
5 notification
6 informational
7 debugging
0-6
7 debugging is excluded by default. What is the default Syslog logging level?

IP SLA monitor types cannot be edited
after creation, and must be deleted and re-
created, along with any associated How do you edit a configured IP SLA
schedules. monitor type?
Globally:
ip sla responder
How do you configure an IP SLA
responder?
Globally:
ip sla key-chain keychain
How do you configure MD5 authentication
for IP SLA?
show ip sla statistics
How do you view the results of IP SLA?

Records
Flow monitors
Flow exporters What are the four components of NetFlow?
Flow samplers
A set of predefined and user-defined key
fields (such as source/destination IP and
port) for network monitoring. What are NetFlow records?
Flow monitors collect information about
flows and are applied to an interface and
include records, a cache, and optionally a What are NetFlow flow monitors?
flow exporter.
NetFlow exporters export the cached flow
information to outside systems, which is
typically a server running a NetFlow What are NetFlow exporters?
collector.
Flow samplers allow specifying the sample
size of traffic in order to reduce the load on
the NetFlow-enabled device. What is a NetFlow flow sampler?
1/2 - 1/32768
What is the configurable range of NetFlow

flow sampling?
Globally:
flow exporter name
destination ip How do you define a destination NetFlow
transport udp port collector?
Globally:
flow monitor name
options How do you define a NetFlow flow
monitor?
Interface:
ip flow monitor name direction
How do you attach a NetFlow flow monitor
to an interface?
Event detectors
Actions
What are the two major components of
Embedded Event Manager?
IOS does not support being configured as
an FTP server. You can configure IOS to be
a TFTP server, and you can use IOS as an How do you configure IOS to be an FTP
FTP client. server?
Globally:
ip ftp username username
ip ftp password password How do you configure IOS to send an
exception dump to an FTP server in the
exception protocol ftp event of a crash/exception?
exception region-size 65536
exception dump ftp-server-ip

Globally:
tftp-server filename alias alias-name acl
How do you configure IOS to make a file
Example: available via TFTP with an alternate
tftp-server flash:file1.bin alias file2.bin filename, and only to specific clients?
10
where 10 is the referenced ACL
AAA must be enabled first via aaa new-
model and aaa authorization exec
What is a requirement before using SCP on
IOS?
AAA must be enabled first.
Globally: How do you enable the SCP server on

ip scp server enable IOS?
Globally:
ip http secure-server
How do you enable HTTPS access to an
IOS device?
Globally:
ip http access-class acl
How can you restrict HTTP/S access to an
IOS device by ACL?
Globally:
ip http port port
How do you change the port on which
HTTP/S access is available for IOS?
Globally:
ip http client username name
ip http client password password How do you configure a simple
username/password for HTTP/S access on
IOS?
Globally:
ip http authentication mode
How do you configure the mode of
Modes include aaa, local, enable, tacacs authentication for HTTP/S access on IOS?
The login command must be configured,
otherwise access is refused.
What must be configured on a VTY line to
allow for Telnet access?
line interface:
access-class acl in
How do you apply an ACL to a VTY line?
hostname hostname
ip domain-name domain
crypto key gen rsa What are the four steps required to enable
VTY lines: transport input ssh SSH access on IOS?
show ip dhcp binding
How do you verify IOS DHCP server

leases?
event manager applet name
How do you enter EEM applet

configuration mode?
event cli pattern regex
How do you configure an EEM applet to

match a CLI command string?
-Router receives frame and checks FCS,
discarding if errors
-Router decapsulates IP packet from Layer What is the general IP forwarding process
2 frame, and verifies header checksum if for a router?
IPv4
-Router checks if it is the destination. If
not, the IP Protocol field is used to
determine how to handle the upper-layer
protocol
-If TTL > 1, check IP routing table for
most specific route
-Update TTL, recalculate IPv4 header
checksum, and encapsulate packet in
appropriate Layer 2 frame for the interface
toward the next-hop
fast-switching path
What is referenced by the phrase "route

once, forward many"?
A packet arrives at a router, and the router
rewrites the Layer 2 frame by
encapsulating the packet appropriately, and What is the router Layer 2 frame rewrite
sends the packet toward the next hop. process?
All destinations reachable through a
particular next-hop use the same Layer 2
rewrite information. During the IP forwarding process, what is
common about all frames sent out the same
egress interface toward the next-hop?
The FIB stores destination prefixes, the
adjacency table stores Layer 2 rewrite
information, and entries in the FIB point to What is the relationship between the FIB
appropriate entries in the adjacency table. and the CEF adjacency table?
Globally:
ipv6 cef
How do you enable CEF for IPv6?
show ip cef
How do you view the FIB?

show adjacency
How do you view the CEF neighbors?

show adjacency interface detail
An Ethernet interface, for example, will

have a long string made up of the How do you view the CEF Layer 2 rewrite
destination MAC, source MAC, EtherType, information?
and VLAN tag (if present).
True, you can enable IPv4 CEF but not
IPv6 CEF, but not vice-versa.
True or False: IPv6 CEF requires IPv4 CEF
to be enabled.
Interface:
no ip route-cache cef
How do you disable CEF on a particular
interface?
FIB
Adjacency table
What are the two high-level components of
CEF?
Per-packet
Per-destination
What load-sharing methods are available
with CEF?
Interface:
ip load-share {per-destination | per-
packet} How do you change the CEF load-sharing
method?
This command is only available for
interfaces that support it. Per-destination is
the default.
A loadshare table containing 16 pointers is
placed between the FIB and the adjacency
table. The loadshare table entries are How does CEF implement per-destination
populated so that the counts of loadshare load sharing?
pointers to particular adjacency entries are
proportional to the costs of parallel routes
toward the same destination.
For example, two equal-cost paths each

have 8 entries, three equal-cost paths each
use five entries.
When multiple routers in the path toward a
destination all use the same CEF load-
sharing method, they will all calculate the What is CEF polarization?
same hash and therefore not use all
available links.
Newer versions of IOS use a random 32-bit

number called the Universal ID as a seed to
the hashing function to avoid CEF
polarization.
The CEF load sharing hashing function is
seeded with a random 32-bit Universal ID.
Each router in the path will have a different How is CEF polarization avoided on newer
Universal ID, so each router will calculate versions of IOS?
a different hash result for each particular

packet flow.
Original
Universal
Tunnel What are the four CEF load-sharing
L4 Port algorithms?
Globally:
ip cef load-sharing algorithm algorithm
How do you change the CEF load-sharing
algorithm?
show cef state
How do you view the current CEF load-

sharing algorithm?
Globally:
mls ip cef load-sharing algorithm
How do you adjust the CEF load-sharing
algorithm on the Catalyst 6500 and related
platforms?
The corresponding VLAN does not exist,
or is not active (e.g. state suspend or
shutdown on the VLAN itself) What would cause an SVI to be in the
"Down / line protocol down" state?
The corresponding VLAN exists, but is not
allowed and in an STP forwarding state on
any Layer 2 switch port (access or trunk). What would cause an SVI to be in the "Up
/ line protocol down" state?
True
True or False: Most Catalyst platforms

cannot configure a routed port with
subinterfaces.
If any switches in the VTPv3 domain are
using a particular VLAN internally (VLAN
1006 for example), when that VLAN is What is a caveat of using VTPv3 with
created on the VTPv3 Primary Server, the regard to internal usage VLANs?
VLAN will be created on all switches in
the VTPv3 domain that are not currently
using that particular VLAN. However, for
any switches that are using it internally, the
conflict is logged locally only, and there
may be connectivity issues across the
VTPv3 domain.
A routed port is a single port associated
with a dedicated internal usage VLAN with
its Layer 2 control plane protocols How is a routed port handled internally on
deactivated (such as STP and MAC a Layer 3 switch?
learning).
Interface:
no switchport
How do you convert a switch port to
routed?
To make routing decisions based on

information besides the destination IP
address. What is the purpose of Policy-Based
Routing?
show sdm prefer
How do you verify a switch's current SDM

template?
Globally:
sdm prefer template
How do you change the SDM template?
A reload is required for the setting to take
effect.
The SDM template might need to be
changed with the sdm prefer command.
On a Catalyst switch, what can cause
certain commands (such as those related to
routing and PBR) to not appear in the CLI,
even though the switch supports the
features?
Interface:
ip policy route-map route-map
How do you enable PBR?
match ip address to reference an ACL
match length min-bytes max-bytes to
specify matched packet length in bytes For PBR, what are the two types of
supported match statements?
The default keyword changes the logic so
that PBR first attempts to forward based on
the normal routing table, and if no entry For PBR, what is the difference between
exists, the packet is handled by PBR. set ip next-hop and set ip default next-
hop?
Only when the outgoing interface is a
point-to-point link.
With PBR, when is it appropriate to use the
set interface command?
True. For example, you can set both the
next-hop and QoS treatment
simultaneously. True or False: PBR route-maps can contain
multiple set commands within a single
clause.
set ip next-hop
set interface
set ip default next-hop If a PBR route-map clause has multiple set
set default interface statements specifying where the packet is
to be forwarded, in what order are the
statements evaluated?
Migrate per-area, with the backbone area
the final area to migrate.
When migrating routing protocols, if the
current IGP is a link-state protocol, what is
a recommended practice for migration?
The AD should be set higher than the

current routing protocol until after
migration is complete. When migrating to another routing
protocol, what should the AD value be set
to?
Each router must be configured with
redistribution from the current IGP into the
new IGP. During routing protocol migration, what
must be configured on each router if the
new IGP is RIP or EIGRP?
Distance-Vector protocols advertise a
learned route only if it is also installed in
the routing table by the same protocol, During routing protocol migration, the new
based on the logic that the router should protocol's database should be verified
not advertise a route that it is not using before transitioning. Why is this potentially
itself. As a result, RIP and EIGRP an issue with RIP and EIGRP?
databases may be incomplete until after the
transition.
The old routing protocol should be disabled
or removed one router at a time among
contiguous sets of routers. During During routing protocol migration, what is
deactivation, there should never be more the general process of deactivating the old
than two contiguous regions (migrated and protocol?
unmigrated).
EIGRP adjancies will be dropped and re-
established, causing a transient disruption,
and therefore should be performed during a During a routing protocol migration, what
maintenance window. is the consequence of changing the EIGRP
AD?
Each router in the topology must
redistribute from OSPF/IS-IS into
RIP/EIGRP. When OSPF/IS-IS is When migrating from OSPF or IS-IS to
deactivated on the router, the RIP/EIGRP either RIP or EIGRP, what must be
routes take over. This assumes that the performed on every router during the
RIP/EIGRP AD was modified to be higher migration?
than OSPF/IS-IS during the migration.
Since link-state protocols contain
information about all routers and links
within an area, this detailed information is Why do technologies like MPLS-TE and
critical for applications like MPLS-TE and MPLS-FRR depend on a link-state routing
MPLS-FRR, which is not possible with protocol, as opposed to distance-vector?
traditional distance-vector protocols who
only know what their direct neighbors told
them.
Route summarization, filtering, offset lists,
and failure domain containment can only
be performed on area boundaries with link- What is the primary reason for multi-area
state routing protocols. Areas were topologies with link-state routing protocols
originally used to separate complexity due in modern networks?
to low router resources, but this is no
longer true. Areas are now primarily used
to enforce policies.
UDP 520
What does RIPv2 use for transport?

16
What is RIPv2's infinite metric?

224.0.0.9
To where are RIPv2 updates sent by

default?
30 seconds
How frequently are RIPv2 updates sent?

Cleartext
MD5
What forms of authentication does RIPv2
support?
Per-interface:
ip rip v2-broadcast
How do you configure RIPv2 to send
broadcast updates instead of multicast?
Request
Reponse
What are the two types of RIPv2
messages?
25
How many routing entries can be placed

into a single RIPv2 message?
To ask a neighbor to send a partial or full
RIP update immediately instead of waiting
for the Update timer to expire. What is a RIPv2 Request message used
for?
A full RIPv2 update is requested by a
Request message containing exactly one
routing entry with the AF_ID set to 0 and How is a full RIPv2 update requested?
metric set to 16.
A partial RIPv2 update is requested by a
Request message listing one or more
particular networks. How is a partial RIPv2 update requested?
Full Request is sent when the RIP process
is started, a RIP-interface comes up, or
when clear ip route * is issued. When do Cisco routers send RIPv2
Request messages?
Sending
Receiving
RIPv2 increments the metric when ___
updates. RIPng increments the metric when
___ updates.
4
How many RIPv2 ECMP routes can be

installed by default?
router rip
maxium-paths number
How do you configure the number of
Default 4 ECMP routes that RIPv2 can install in the
routing table?
When a route fails, a RIPv2 router can
advertise the route with an infinite metric
to more rapidly remove it from routing What is RIPv2 route poisoning?
tables.
The immediate sending of a new update
when routing information changes, instead
of waiting for the normal Update timer to What is a RIPv2 triggered update?
expire. Only the changed network is sent in
the triggered update.
Update: 30 seconds
Invalid After: 180 seconds
Holddown: 180 seconds What are the four RIPv2 timers, and what
Flushed After: 240 seconds are their default values?
The Invalid After timer defaults to 180-
seconds and is reset after an update about a
route is received from its next-hop. If the What is the RIPv2 Invalid After timer?
updates stop being received within 180
seconds, the route is declared invalid, and
the 180-second Holddown timer for the
particular route begins.
After a route has been declared Invalid (the
180-second Invalid After timer has
expired), the router starts advertising the What is the RIPv2 Holddown timer?
route as unreachable, does not accept any
updated information, and does not modify
the routing table entry for that route until
the Holddown timer expires (180 seconds)
for that particular route.
A 240-second per-route timer that is reset
and begins after an update about a route
has been received from its next hop. If What is the RIPv2 Flushed After timer?
updates stop being received and the
Flushed After timer expires, the router
removes the route from the routing table
completely.
show ip interface interface
How do you verify the state of RIPv2 split

horizon?
True
True or False: Cisco's implementation of

RIPv2 does not use poisoned reverse.
show ip rip database
How do you verify the RIPv2 RIB?

When a RIPv2 route is removed from the
routing table, it remains in the RIB for
Flushed After - Invalid After seconds. When a RIPv2 route is removed from the
During this time, the route is repeatedly routing table, how long does it remain in
advertised as unreachable. This is done the RIB, and why?
because RIPv2 is UDP-based with no
acknowledgements.
Flash updates
What is another term for RIPv2 Triggered

Updates?
60 seconds
While the holddown timer is 180 seconds, What is the effective RIPv2 holddown
it is preceded by the Invalid After timer. period?
The Flushed After timer is 240 seconds and
begins after the last route update. The
Flushed After and Invalid After times are
reset together, and increment together.
Flushed After - Invalid After = 60 seconds
of effective holddown.
The Flushed After timer is reset with each
route update. It counts down
simultaneously with the Invalid After When is the RIPv2 Flushed After timer
timer. However, the Flushed After timer is taken into account?
not taken into account until after the
Invalid After timer expires. This means if
the Flushed After timer is less than the
Invalid After timer, the route will not be
removed from the routing table until the
Invalid After timer expires first.
True, only a subsequent arrival of an
update from a different neighbor with a
lower total metric would cause the router to True or False: If the next-hop RIPv2 router
change the next hop. The logic is that if the for a destination network suddenly
next-hop router is suddenly more distant to advertises a higher distance than
the destination network than before, so previously, the advertisement is accepted
must all other routers that traverse the next- immediately.
hop.
To delay processing updates about a
network whose reachability has become
questionable because any received updates What is the main purpose of the RIPv2
might not have accurate information. By Holddown timer?
delaying processing of updates for a period
of time, there is a better chance of accurate
information being propagated when the
Holddown timer expires.
The router declares the network to be
invalid (e.g. the route is "possibly down"),
and starts the Holddown timer while What happens when the RIPv2 Invalid
advertising the network with an infinite After timer expires?
metric (route poisoning) to force its

neighbors to find an alternate route if
possible. After 60 seconds, the Flushed
After timer expires, and the route is
removed from the routing table.
RIPv2 takes the approach that it is better
the temporarily blackhole traffic than to
cause a routing loop by prematurely using a When the RIPv2 Invalid After timer
different neighbor that claims to have a expires, the Holddown timer begins, where
route toward the failed network, because the route (including the next-hop) is kept in
that neighbor might not yet have accurate the routing table, but advertised with an
information. infinite metric, and no updates to the route
are accepted from any neighbors. Why are
these actions performed?
Send: v1
Receive: v1 and v2
What is the default version of RIP used on
Cisco IOS?
When triggered extensions are enabled,
RIPv2 sends full updates only once, and
then is silent, to support on-demand What is the RIPv2 triggered extensions?
circuits. This feature is enabled on the
interface with ip rip triggered.
Under the RIP process:
timers basic update invalid holddown
flush How do you configure RIP timers?
Smaller values increase the chance of
transient routing loops being formed during
convergence. What is a potential consequence of
lowering RIP timers?
The version 2 RIP command causes the
router to send and receive only RIPv2
updates, and to ignore RIPv1 updates. What does the RIP version 2 command do?
classful
What is the default behavior of RIPv2 on

Cisco IOS, classful or classless?
The subnet is converted automatically to its
classful network, and all interfaces within
that classful network are enabled for RIP. With the default configuration of RIP, what
happens if you enter a subnetwork with the
For example, if you enter network network command?
10.10.10.0 the CLI automatically converts
it to 10.0.0.0 and all interfaces with 10 in
the first octet of the IP address are enabled
for RIP.
RIP process:
passive-interface interface
How do you enable RIPv2, but disable
sending updates on an interface?
Filter all incoming routes with a
distribute-list or filter incoming RIPv2
packets using a per-interface ACL. How do you enable RIPv2 to send updates
out of an interface, but disable receiving
updates?
Filter the outbound advertisements of the
subnet on the other interfaces using
distribute lists. How do you prevent a RIPv2 router from
advertising a connected subnet?
router rip
neighbor ip
How do you configure RIPv2 to use unicast
updates?
Automatic summarization applies
whenever a router intends to advertise a
subnetwork of a particular classful network How does the defaut autosummarization
out an interface that is itself in a different work with RIPv2?
classful network.
For example, if one interface has the IP

address 10.1.1.1/24, and another interface
has the IP address 192.168.1.1/24, the
classful network 10.0.0.0/8 is advertised
out of the 192.168.1.1 interface, not
10.1.1.0/24.
Autosummarization must be disabled with
no auto-summary under the RIP process.
What is a requirement for RIPv2 when
10.1.0.0/16 and 10.2.0.0/16 are considered using discontiguous networks?
contiguous because they are in the same
classful network 10.0.0.0/8. 10.1.0.0/16
and 192.168.10.0/24 are considered
discontiguous because they are in different
classful networks.
True, multiple keys are supported through
key-chains.
True or False: RIPv2 supports multiple
authentication keys.
The valid key with the lowest sequence
number is used, except for OSPF which
always uses the key last added. How are key chains with multiple valid
keys used for authentication?
Authentication is based on key-chains,
whether encrypted or not. Authentication is
configured per-interface: How do you configure RIPv2
authentication?
ip rip authentication key-chain keychain
ip rip authentication mode {text | md5}
text is the default.

RIPv2 updates can carry a maximum of 25
prefixes, unless authentication is enabled,
in which case only 24 can be carried. The How does RIPv2 authentication affect RIP
first route entry in each RIPv2 message update messages?
carries 20 bytes of authentication data.
When cryptographic authentication is used,

the remaining authentication data is placed
after the 25th entry.
The default next-hop field value is set to
0.0.0.0, which indicates that the next-hop is
the source of the update. Cisco IOS does What is the RIPv2 update next-hop field set
not allow you to directly change this value. to by default, and when would this value be
The only time the value is changed to a changed?
non-zero address is when RIPv2 is run over
NBMA interfaces to facilitate direct spoke-
to-spoke routing.
Under the RIP process:
distribute-list {acl | prefix prefix-list} {in
| out} [interface] How do you configure a RIPv2 distribute
list?
ACL permit statements allow the routes
through, and deny statements filter those
particular routes.
UDP 521
What transport is used for RIPng?

FF02::9
To which address are RIPng updates sent

to?
Whereas RIP is limited to 25 entries,
RIPng updates can support as many
updates as will fit within the link MTU. How many prefixes can the RIPng update
message contain?
RFC-based RIPng supports authentication
via IPsec, similar to OSPFv3, however
Cisco does not implement this. How is authentication handled with RIPng
on Cisco IOS?
Split horizon can be enabled/disabled per-
process only, not per-interface.
How does Cisco IOS handle split-horizon
with RIPng?
Cisco RIPng does not support passive
interfaces.
How does RIPng handle passive interfaces
in Cisco IOS?
True
True or False: Static neighbors cannot be

configured with RIPng on Cisco IOS.
False, only per-interface
True or False: RIPng supports per-process

offset lists in Cisco IOS.
Four
How many RIPng processes are supported

in Cisco IOS?
Interfaces can be configured with a metric-
offset value that is added to the metric in
all received advertisements over that What is the purpose of the interface metric-
interface, which effectively allows RIPng offset in RIPng?
to operate with link costs instead of hop
counts.
The default route can be originated per-
interface, including an option of
suppressing all other updates over that How does RIPng handle the origination of
interface. default routes in Cisco IOS?
Interface:
ipv6 rip process default-information only
ipv6 rip process enable
How do you enable RIPng on an interface?

Interface:
ipv6 rip process metric-offset metric
How do you configure the RIPng metric-
offset?
show ipv6 rip
How do you verify RIPng?

ipv6 router rip process
poison-reverse
How do you enable RIPng poison reverse?
Interface:
ip summary-address rip address netmask
How do you create a manual summary in
RIPv2?
debug ip rip
How do you display the details of the RIP

process?
ipv6 router rip process
port udp-port multicast-group group-
address While multiple RIPng processes can run
simultaneously, they cannot operate on the
same UDP port simultaneously. How do
you configure this?
Interface:
ipv6 rip process summary-address ipv6-
prefix/length How do you configure a manual summary
for RIPng?
IP Protocol 88, Reliable Transport Protocol
What does EIGRP use for transport?

224.0.0.10 or FF02::A
Retransmissions are unicast. Where are EIGRP Updates sent to?

With RIP, building and maintaining
adjacencies is based on sending the entire
routing table with each Update. With What makes EIGRP's use of a Hello
EIGRP's use of a Hello protocol, protocol superior to RIP?
neighborship is independent of routing
information.
Since EIGRP uses a Hello protocol to
maintain neighbor adjacencies, a lack of
updates indicates a stable network that is With EIGRP, the lack of Updates from a
not changing, and is considered normal. neighbor indicates what?
1 - 255
100
What is the EIGRP hop count range, and
default setting?
EIGRP process:
metric maximum-hops hopcount
How do you modify the EIGRP hop count
setting?
Bandwidth, Delay, Reliability, Load
MTU and hop count are metric What components can be used to calculate
components, but are not used in the the EIGRP classic composite metric?
calculation of the composite metric.
Lowest
When calculating the composite metric,

EIGRP takes the ___ bandwidth along the
route into account.
EIGRP uses the lower of the two values for
the bandwidth component of the composite
metric calculation. For example, the When calculating the composite metric,
neighbor advertises a bandwidth of 10 how does EIGRP account for a neighbor's
Mbps, but the link toward that neighbor is advertising bandwidth versus the
1.5 Mbps, the value of 1.5 Mbps is used in bandwidth of the interface toward the
the local computation. advertising neighbor?
1 kbps - 10 Gbps
What is the range of the available

bandwidth metric for EIGRP classic metric
calculation?
The bandwidth is assumed based on the
interface, which may or may not reflect the
actual bandwidth. For example, serial and For the EIGRP bandwidth metric
tunnel interfaces typically have different component calculation, what value is used
default values that do not reflect the actual if the bandwidth is not explicitly set on the
value. interface?
The estimated average serialization delay
for the interface. The value is static, but
represents an estimated average due to What is the interface delay intended to
varying frame sizes. represent?
Tens of microseconds. delay 10 means 100

microseconds.
What is the interface delay value measured
in?
The total delay of the path to the
destination is used for the metric
component. The delay advertised by a How does EIGRP process delay as part of
neighbor is added to the delay of the the composite metric?
interface toward the advertising neighbor.
16,777,215 tens of microseconds (24-bit
value) indicates an infinite distance and is
used to advertise an unreachable network, What delay value is used by EIGRP using
which is used with split horizon with classic metrics to indicate infinite distance,
poisoned reverse, route poisoning, and and what is this value used for?
route withdrawal.
Maximum delay value, 16,777,215 (24-bit
value).
What does EIGRP use to indicate an
unreachable route?
False: A change in an interface's reliability
does not trigger the sending of an EIGRP
Update message. The reliability metric of a True or False: While EIGRP does not use
route is only a snapshot of its then-current the Reliability metric component by default
reliability when the route was last to calculate the composite metric, EIGRP
advertised. still sends a triggered update when an
interface's reliability changes.
timer
event
IGRP was a ___-driven protocol, whereas
EIGRP is a ___-driven protocol.
1 - 255, where 255 = 100% reliable.
What is the range of values for the EIGRP

classic Reliability metric?
The minimum reliability of the path is used
by comparing the reliability advertised by
the neighbor and the reliability of the How does EIGRP derive the classic
interface toward the neighbor and using the Reliability metric?
lower of the two values.
While interfaces maintain separate Rx and
Tx load counters, only the Tx counter is
used for EIGRP calculations. How does EIGRP derive the classic Load
metric?
Similar to Reliability, EIGRP uses the
value of the maximum load value across
the entire path, which is derived by
comparing the advertised Tx load of the
EIGRP Update with the Tx load of the
interface toward the neighbor, and using
the higher of the two values.
1 - 255, 1 = 0% load
What is the range of values for the EIGRP

classic Load metric?
True, MTU is not factored in any way for
the EIGRP best-path selection algorithm.
True or False: Link MTU is advertised in
EIGRP Updates, but is not factored into the
composite metric or used for tiebreakers.
The hop count is not factored into the
composite metric calculation and therefore
does not impact the best-path selection. What is the purpose of the EIGRP hop
However, EIGRP can be configured to count value?
advertise routes over a configured
threshold to be unreachable (default 100,
range 1 - 255).
Each router calculates the EIGRP
composite metric independently using
individual metric components. If routers Why must the EIGRP K-values match
used different K-values within the same across the entire EIGRP AS?
AS, the calculated metrics will not be
proportional to each other, and therefore
lose meaning between each router.
The scaling factor is 256, and is so because
the metrics are 32-bit values, whereas the
IGRP values were 24-bit. What scaling factor does the EIGRP classic
composite metric use for bandwidth and
delay, and why?
(Minimum bandwidth + summed delay) *
256
How is the EIGRP composite metric
BW = 10,000,000 Kbps / minimum calculated when the default K-values are
bandwidth along path in Kbps used?
Delay = Sum of all delays in 10s of µs
EIGRP classic metrics cannot distinguish
between links that are faster than 10 Gbps.
What is the EIGRP classic metric
limitation with regard to bandwidth?
EIGRP classic metrics cannot distinguish
between interfaces over 1 Gbps with regard
to delay, because the delay of a 1 Gbps is What is the EIGRP classic metric
the lowest value of 1 (one 10's of limitation with regard to delay?
microseconds = 10 µsec)
Loss of precision over time.
Bandwidth and delay metric values are What is a negative consequence of the
carried in EIGRP Updates in their scaled scaling factor in EIGRP classic metrics?
form, so each router must descale them,
then re-scale them when computing the
composite metric and advertising the
values to neighbors. Because the
calculations are performed via integer
arithmetic, round-off errors introduce a
gradual loss of resolution.
EIGRP Wide Metrics distribute the values

in their raw form to avoid the loss of
precision.
show eigrp plugins
eigrp-release >= 8.0 supports wide metrics How can you determine if a router supports
EIGRP wide metrics?
show ip protocols also reveals the K6
constant, which classic metrics do not
support.
65536 * 10,000,000 / interface bandwidth
in kbps
How is the EIGRP wide metric Throughput
The Throughput component tells how represented?
many times slower the interface is than a
655.36 Tbps link
(65536 * interface delay in picoseconds) /
1,000,000
How is the EIGRP wide metric latency
calculated?
Default interface delay converted to
picoseconds
For EIGRP wide metrics, how is the
Example, 1 Gpbs link default delay is 10 interface delay (not the overall latency
µsec, so the converted value is 10,000,000 component metric) calculated for 1 Gbps
and slower interfaces without bandwidth
and delay commands issued?
10,000,000,000,000 / interface default
bandwidth
Example: 10 Gbps link interface delay (not the overall latency
component metric) calculated for interfaces
10,000,000,000,000 / 10,000,000 kbps = faster than 1 Gbps
1,000,000 picosecond delay without bandwidth and delay commands
issued?
Default interface delay converted to
picoseconds
interface delay (not the overall latency
configured with bandwidth but not delay?
The specified delay value converted to
picoseconds
interface delay (not the overall latency
with delay configured?
These values are identical, and used
identically, to EIGRP classic metrics.
How are the EIGRP Reliability, Load,
MTU, and Hop Count values used for wide
metrics?
The extended metrics are considered a

placeholder for potential future extensions
to the composite metric calculation. Three What are EIGRP wide metrics extended
metrics were originally defined: jitter, metrics?
energy, quiescent energy, but are not
supported for use.
Wide metrics are enabled automatically
with EIGRP named mode, and their
activation cannot be controlled. How do you enable EIGRP wide metrics?
EIGRP routers running wide metrics

automatically detect if the neighbor
supports it, and adjusts accordingly if not.
The EIGRP routers supporting wide
metrics will use both metric formats in
their messages and each neighbor will How do EIGRP routers using wide metrics
process the metric format it supports. deal with mixed neighbors (those
supporting wide metrics, and those
supporting only classic metrics) on a
common link?
The scale value is adjusted with the EIGRP
command metric rib-scale with a range of
1 - 255, with a default of 128. How is the EIGRP wide metrics composite
value scaled for the RIB?
Up to 50% of the configured bandwidth
value
EIGRP uses up to __ of a link's bandwidth
by default.
Version = 2 and has not changed since
EIGRP was introduced.
What is the value of the EIGRP header
Version field?
1 Update
3 Query
4 Reply What six EIGRP Opcode values are used in
5 Hello/Ack the header?
10 SIA Query
11 SIA Reply
0x1 Init (using during initial adjacency
buildup)
0x2 Conditional Receive (used by RTP to What four flags are used in the EIGRP/RTP
control who can receive the packet) header?
0x4 Restart
0x8 End-of-Table (transmission of entire
database is complete)
An ACK packet has the ACK field set to
the sequence number of the last packet
received from the neighbor to which the How does EIGRP differentiate between a
ACK is being sent. ACKs are also always Hello and an ACK packet?
unicast, never multicast.
A Hello packet has the ACK field set to 0.
0x1 = Unicast Address Family

0x2 = Multicast Address Family
0x8000 = Unicast Service Address Family What is the Virtual Router ID field in the
(for Service Advertisement Framework) EIGRP/RTP header?
Within TLVs in the EIGRP packets.
How is NLRI carried in EIGRP?

Each internal and external route TLV
contains a single route entry.
How many route entries are contained in
EIGRP TLVs?
Hello
Acknowledgement
Update What are the seven EIGRP packets used
Query when communicating with neighbors?
Reply
SIA-Query
SIA-Reply
show ip eigrp traffic
How can you view statistics about EIGRP

packets?
Identify neighbors
Verify neighbor compatibility
Neighbor keepalive What three functions do EIGRP Hello
packets serve?
Same IP subnet
Same ASN
Same K-values What four items determine EIGRP
Same authentication neighbor compatibility?
The EIGRP router must also be using their

primary IP addresses on the interface for
the EIGRP neighbor relationship.
5 seconds
60 seconds on NBMA interfaces with 1544
kbps or less bandwidth What is the default EIGRP Hello interval?
False
True or False: EIGRP Hello packets are

acknowledged.
Update
Query
Reply To which EIGRP packets are
SIA-Query Acknowledgement packets sent in response
SIA-Reply to (e.g. delivered reliably)?
EIGRP ACKs are always unicast to the
sender of the acknowledged packet
How are EIGRP Acknowledgement
packets delivered?
EIGRP ACKs are Hello packets with no

TLVs that have the Acknowledgement
number field set to the value of the What are the contents of an EIGRP
Sequence number of the reliable packet acknowledgement?
being acknowledged.
A standalone acknowledgment is not
required if a router also has a unicast
reliable packet to send to a neighbor in When can EIGRP send an
addition to needing to acknowledge a acknowledgement along with other
previously-received reliable packet from information in a single packet?
that neighbor. Since all EIGRP packets
carry an Acknowledgement number field,
this allows both types of information to be
sent with a single packet. The received
packet is processed both as an ACK and as
its original intended type.
Point-to-point interfaces
Statically configured neighbors
Neighbors that did not acknowledge a What four reasons would cause EIGRP
previously-sent Update Updates be sent as unicast?
During a new adjacency buildup, unless
there are many simultaneously-discovered
neighbors
After routers have fully synchronized
(unless P2P/static)
During a new adjacency buildup if many When are EIGRP Updates sent as
routers are detected simultaneously multicast?
To involve the neighbor in the task of
searching for the best route toward a
destination. What is the general purpose of an EIGRP
Query packet?
Multicast on multiaccess interfaces with
only dynamic neighbors
Unicast in all other cases When is an EIGRP Query packet multicast,
and when is it unicast?
False: EIGRP Query messages do require
an ACK, but the EIGRP Reply packet is
the response to the Query. True or False: EIGRP Query messages
must receive an ACK, which constitutes a
response to the Query message.
Always unicast to the initiator of the
Query, and always delivered reliably
(requiring an ACK) How are EIGRP Reply packets sent?
Reply messages are a response to Query
messages
What are EIGRP Reply messages used for?
SIA-Query messages are sent to a neighbor
that has not sent a Reply to a previous
Query message in attempt to see if the What are EIGRP SIA-Query and SIA-
neighbor is still reachable and working on Reply messages used for?
the original Query. If it is, the neighbor
responds immediately with a SIA-Reply
messaage the timeout for working on the

diffusing computation is reset to allow
more time.
Unicast
How are EIGRP SIA-Query and SIA-Reply

packets sent?
A global value maintained on each router
per-EIGRP process and incremented
whenever a packet is sent reliably. The What is an EIGRP packet sequence
EIGRP process expects to have a packet number?
returned by the neighbor with the
Acknowledgment field set to the same
value as the received sequence number to
indicate successful receipt.
Hello and ACK packets are not delivered
reliably, meaning their sequence number is
set to zero and does not cause the EIGRP How is the EIGRP packet sequence
process global sequence number to number used with Hello and ACK packets?
increase.
Conditional Receive is a method for which
EIGRP can send reliable multicast packets
on a multiaccess interface where at least What is EIGRP Conditional Receive?
one neighbor is performing poorly. It
allows EIGRP to partition all its neighbors
on the multiaccess interface into two
groups: well-behaved routers who have
ACK'd all multicast messages so far, and
those routers who failed to ACK at least
one reliable EIGRP packet.
The router sends a "Sequenced Hello"
containing a Sequence TLV and a Next
Multicast Sequence TLV on a multiaccess How does EIGRP Conditional Receive
interface with both well-behaved and work?
poorly-performing routers.
The Sequence TLV contains the IPs of

lagging neighbors, The NMS TLV contains
the Seq of the upcoming next reliable
multicast message.
Routers not listed in the Sequence TLV

place themselves into CR mode, and wait
to receive the next packet with the CR flag
set. Those routers process the packet as
normal, and exit CR mode.
Routers not in CR mode (those contained

in the Sequence TLV) ignore the packet (if
they receive it at all).
The Smooth Round-Trip Time is the
average elapsed time in milliseconds
between when a reliable EIGRP packet is What is the EIGRP SRTT?
sent to when an ACK is received.
The multicast flow timer is the time to wait

for an ACK before declaring a neighbor as
lagging and switching from multicast to What is the EIGRP multicast flow timer?
unicast transmissions.
EIGRP sends multicast Hellos to
224.0.0.10 / FF02::A as soon as EIGRP is
activated on an interface. How does EIGRP dynamically discover
neighbors?
All EIGRP multicasts on the interface
through which the neighbor is reachable
are disabled. This means if one neighbor is What is a caveat of configuring a static
statically configured on an interface, all EIGRP neighbor on an interface?
neighbors reachable by that interface on the
common network segment must also be
statically configured.
False, neighbors must use primary IP
addresses to form neighborships.
True or False: EIGRP can form
neighborships using secondary IP
addresses.
False, timers are not required to match.
True or False: Timers must match between

EIGRP neighbors for neighborships to be
formed and maintained.
Interface:
ip hello-interval eigrp asn seconds
How do you modify the EIGRP Hello
timer?
Interface:
ip hold-time eigrp asn seconds
How do you modify the EIGRP hold time?
Nothing, the timer settings are independent.
The default EIGRP hold time is 3x the

Hello time. What happens if you modify
the EIGRP Hello time with regard to the
hold time?
The EIGRP Hold timer is reset every time
an acceptable EIGRP packet is received
from a neighbor. What causes the EIGRP hold timer to be
reset?
After discovering each other, the EIGRP
neighbors are placed into a pending state,
and a Null Update is sent with the Init flag How is the EIGRP neighbor adjacency
set, and a particular Seq number. This is process similar to the TCP 3-way
similar to the initial TCP SYN. handshake?
The other EIGRP neighbor sends its own

Null Update with the Init flag set, a
particular Seq number, and the Ack field
set to the received Seq number from the
other neighbor. This is similar to the TCP

SYN/ACK.
The other neighbor sends a Null Update

with the Init flag set, and the Ack field set
to the received Seq from the other
neighbor. This is similar to the final TCP
ACK.
When this process is completed, the

neighbors are adjacent and database
synchronization begins.
It expedites sending its own Hello packet in
response to allow for the other router to
quickly discover it. What is the first thing that happens when
an EIGRP router receives a Hello packet
from a potential new neighbor?
Hello
Ack
Null Update with the Init flag set While EIGRP neighbors are in the Pending
state, what are the only packets that can be
exchanged?
When EIGRP is restarted, or
resynchronization is manually invoked.
Under what conditions is the full EIGRP
database exchanged between adjacent
neighbors?
show ip eigrp neighbors
How do you view the contents of the

EIGRP neighbor table?
The internal number that EIGRP assigns to
each neighbor to identify neighbors in an
address-family independent way. What is the EIGRP neighbor Handle?
In a stable network, the "Q Cnt" field
should be zero, indicating no reliable
packets are waiting in queue to be sent. With EIGRP, what does a non-zero "Q Cnt"
Nonzero values are normal during intial value indicate when viewing the output of
synchronization and reconvergence events, show ip eigrp neighbors?
but if it remains nonzero for a long period
of time, it indicates a communication
problem with the neighbor.
The sequence number of the last reliable
packet received from the particular
neighbor. What does the sequence number in the
output of the command show ip eigrp
neighbors represent?
The topology table
What is the EIGRP RIB referred to as?

Passive means the shortest path to the
destination network has been found and is
considered current.
What is the difference between the EIGRP

Active means EIGRP is currently searching Passive and Active states?
for a new shortest path to the destination.
The router must receive a Reply (in
response to a Query) from all its neighbors.
What must occur for an EIGRP route to
move from Active state back to Passive?
The all-links command also displays
entries that fail to meet the Feasibility
Condition. What does the all-links keyword do for the
show ip eigrp topology command?
show ip eigrp topology network
How can you view detailed information

about a particular EIGRP destination
network?
The metric to a particular destination as
received from a particular neighbor. This is
the metric that the neighbor reports in a What is the EIGRP Reported Distance?
sent EIGRP message.
The Reported Distance + cost of the link to
the advertising neighbor
What is the EIGRP Computed Distance?
(Computed Distance / Reported Distance)
In the output of show ip eigrp topology

each destination prefix lists the neighbor
(as "via"). What are the two numbers in the
parenthesis?
The FD is a historical record of the
smallest known Computed Distance toward
a particular destination since its last What is the EIGRP Feasible Distance?
transition from Active to Passive.
True, the FD is an internal variable
maintained for each network known to
EIGRP whose value is never advertised to True or False: The EIGRP Feasible
another router. Distance is not advertised to adjacent
neighbors.
The FD is the lowest known metric to a
destination since the last time the route
went Passive, so any neighbor whose Why is the EIGRP Feasible Distance value
Reported Distance is less than the FD maintained?
cannot cause a routing loop because they
are closer to the destination (this is the
Feasibility Condition).
If a neighbor's Reported Distance to a
destination is less than the current router's
Feasible Distance to the same destination, What is the EIGRP Feasibility Condition?
the neighbor can be used as a loop-free
path to reach the destination.
True. The FC guarantees a loop-free path,
but not all loop-free paths can be
guaranteed due to the nature of distance- True or False: Every neighbor satisfying
vector routing protocols. the EIGRP Feasibility Condition provides a
loop-free path, however not every loop-free
path satisfies the Feasibility Condition.
Feasible Successor
This applies to all neighbors that can What is the term for an EIGRP neighbor
guarantee a loop-free path toward the that meets the Feasibility Condition for a
destination. particular destination?
Successors are also Feasible Successors, as
they both meet the Feasibility Condition.
Successors are neighbors with the lowest What is the difference between EIGRP
Computed Distance toward the destination. Successors and Feasible Successors?
A topology change occurs whenever the
distance to a network changes or a new
neighbor comes online that advertises the For EIGRP, what constitutes a topology
network. change?
The router sets the Computed Distance /
Reported Distance of all networks
reachable through that neighbor to infinity. With regard to the topology, how does
EIGRP process the event of a neighbor
going down?
-The FS providing the least Computed
Distance is made the new Successor
-The FD is updated if the CD of the new What is the EIGRP local computation
Successor is less than the current FD process when a Feasible Successor is
-The routing table is updated to point present?
toward the new Successor
-An Update is sent to all neighbors if the
current distance to the destination has
changed as a result of switching to the new
Successor
If there are no Feasible Successors, the
diffusing computation must be performed
so that a new loop-free path can be Why might an EIGRP diffusing
guaranteed. computation be necessary after detecting a
topology change?
Route locked > FD set to CD > Active /
Query > Neighbors process
What four events consist of the EIGRP
-The entry in the routing table (pointing to diffusing computation process when a route
the current unchanged Successor) is locked becomes Active?
and cannot be changed until the route
returns to Passive
-The FD is set to the current (possibly
increased) Computed Distance through the
current unchanged Successor
-The route is put into Active state and a
Query is sent to all neighbors with the
current CD
-Each neighbor receiving the Query
updates its own topology table and
reevaluates its own Successor/FSs. If the
neighbor still has a Successor, it sends back
a Reply, otherwise it starts its own Query

process.
When an EIGRP route goes Active, Query
messages are sent to all neighbors, and the
entry is locked and cannot be changed or When an EIGRP route goes Active, what
removed until the router has received back happens to the entry in the routing table?
a Reply from all neighbors, and the route
has been moved back into the Passive state
again.
It is set to the current (and possibly
increased) calculated distance through the
current unchanged Successor. When an EIGRP route goes Active, what
happens to the Feasible Distance of the
route?
The router can put the Active route back
into the Passive state and choose the
neighbor with the lowest computed What happens when an EIGRP router that
distance as the new Successor. The FD is previously had to send out a Query
reinitialized to the current computed message receives back a Reply from all of
distance, and the routing table entry is its neighbors?
updated and the router can send EIGRP
Update messages.
If the router itself became Active by

receiving a Query, it can send back its own
Reply and possibly Update packets.
When the EIGRP router receives a Query,
it uses the distance value for the route to
determine if its own current Successor and When an EIGRP router receives a Query
Feasible Successors are still valid. If they packet from a neighbor, what determines if
are not, then the router becomes Active for that router must become Active for the
the route, and starts its own Query process. route and send its own Query?
The FS is NOT automatically promoted to
the Successor.
What happens with EIGRP when the
EIGRP always tries to choose the shortest Successor of a route fails, but a Feasible
path to the destination, but must verify the Successor is available?
FC.
When EIGRP detects a topology change, it

updates the CD/RD of the neighbor that
advertised the change (or was influenced
by it, such as with a link metric change).
EIGRP then identifies the route from all
neighbors providing the least CD (taking
updated CDs into account). EIGRP then
verifies if the neighbor with the least CD
meets the FC. If it does, the FS is promoted
to Successor, otherwise the route is put into
Active state.
debug eigrp fsm
How do you display EIGRP's DUAL finite

state machine events?
A0: Local Origin with Distance Increase

A1: Local Origin
A2: Multiple Origins What are the names of the four EIGRP
A3: Successor Origin FSM Active states, and what do the names
refer to?
The names refer to the origin of the
diffusing computation, e.g. which router
appears to have started it.
3 minutes
What is the default EIGRP Active time?

EIGRP process:
timers active-time {minutes | disabled}
How do you modify the EIGRP Active
timer?
If a neighbor does not respond with a
Reply within half of the Active timer time
(90 seconds by default) When is an EIGRP SIA-Query message
sent?
The Active timer is reset, which gives the
diffusing computation additional time to
complete. What happens when an EIGRP SIA-Reply
is received?
A maximum of three SIA-Query messages
can be sent to a neighbor. If the neighbor
still has not responded with a Reply How many EIGRP SIA-Query messages
message (not a SIA-Reply message) after can be sent to a neighbor?
receiving three SIA-Query messages plus
the remainder of the Active time (a total
default of 360 seconds), the neighbor
adjacency is torn down.
SIA-Query messages are sent at half the
Active time if a regular Reply message is
not received. The router to which the SIA- After a router sends an EIGRP SIA-Query
Query was sent has until the Active timer message, what is the maximum wait time
expires to send a SIA-Reply message back, for a SIA-Reply message?
otherwise the neighbor adjacency is
dropped.
360 seconds by default
SIA-Query messages are sent at half the Assuming an EIGRP router receives all
Active time (90 seconds by default). When SIA-Reply messages in response to SIA-
an SIA-Reply is received, the Active time Query messages, at what point is the
is reset. A maximum of three SIA-Query neighbor adjacency torn down?
messages can be sent, and if a regular
Reply (not an SIA-Reply) is not received
after the third SIA-Query, the neighbor
adjacency is torn down after the Active
timer expires.
show ip eigrp topology active
How do you quickly view routes for which

EIGRP is currently in the Active state?
The router responds immediately with a

Reply containing its current distance to the
route in question. What happens if an EIGRP router receives
a Query for a route that is currently in the
Active state for which the same router has
already sent another Query to?
False, on a single router you can run
multiple EIGRP processes, some
configured with classic mode, and some True or False: You cannot run EIGRP in
configured with named mode. classic mode and in named mode on the
same router simultaneously.
Interface-level EIGRP commands are
handled under the EIGRP named process.
If interface-level commands are configured How does EIGRP named mode handle
on the interface itself, they are ignored interface-level commands?
when EIGRP named mode is used.
-Address Family (AF) section
-Per-AF-interface section
-Per-AF-topology section What are the three main components of
EIGRP named mode?
router eigrp name
address-family afi safi autonomous-
system asn How do you enter the EIGRP named mode
Address Family configuration section?
Example:
address-family ipv4 unicast autonomous-
system 1
With the af-interface {default | interface}
command under the EIGRP address-
family How do you configure interface-level
commands in EIGRP named mode?
Example:
router eigrp name
address-family afi safi autonomous-
system asn
af-interface {default | interface}
Settings that apply to all interfaces within
the AFI ASN.
What is the af-interface default section in
EIGRP named mode?
The af-interface interface settings take
precedence for that particular interface.
With EIGRP named mode, what happens
when settings are configured both in the af-
interface default and af-interface
interface sections?
Multi Topology Routing (MTR)
However, topology base is always present, What is the per-AF-topology section in

even if MTR is not supported or used. EIGRP named mode used for?
EIGRPv6 is enabled automatically on all
IPv6-enabled interfaces.
With EIGRP named mode, what happens
This can be disabled under the af- when you enter the configuration mode for
interface default section. the IPv6 address family, and how do you
modify this behavior?
There is a 1:1 correspondence between an
EIGRP named process and an address
family instance with a particular AS. What is the relationship with EIGRP
named mode processes and address family
For example, you cannot have multiple instances?
IPv4 unicast ASNs under a single process,
and you cannot have the same IPv4 unicast
ASN under multiple processes.
Unlike with named mode, EIGRPv6 in
classic mode is shutdown by default when
configured, so no shutdown must be After configuring EIGRPv6 in classic
issued under the ipv6 router eigrp process. mode, what final step must be performed?
MTR is defined as a subset of routers and
links in a network for which a separate set
of routes is calculated. MTR includes the How does MTR (Multi Topology Routing)
base topology which is the entire network, compare to VRF (Virtual Routing and
and additional topologies are class-specific, Forwarding)?
which are a subset of the base topology.
Each class-specific topology carries a class
of traffic and has independent NLRI used
to maintain separate RIBs and FIBs, which
allows the router to perform independent
calculations and forwarding for each
topology.
However, MTR topologies are subsets of a

base topology and uses the same address
space, whereas VRFs do not share a
common address space and are completely
independent of each other.
True
True or False: Each EIGRP address family

instance has its own independent Router ID
and multiple EIGRP processes and AFIs on
the same router can use the same RID.
-Remove and reinitialize the EIGRP
process
-Manually configure the RID What are three ways to modify the existing
-Remove the RID manual configuration EIGRP RID?
RID configuration order is:

-Manually configured
-Highest IP of nonshutdown loopback
-Highest IP of up/up nonloopback interface
0.0.0.0
255.255.255.255
When manually configuring the EIGRP
RID, which values are specifically
disallowed?
All neighbor adjacencies are dropped and

re-established
What happens if the EIGRP RID is
changed?
The RID stays the same until EIGRP is
restarted. This can lead to inadvertent
duplicate RIDs on the network. What happens to the EIGRP RID if you
change the IP address of the interface on
which the RID was based?
You can adjust the variance setting to
enable unequal-cost load-sharing, but the
number of available links is still bound by What is the relationship between the
the maximum-paths setting, whose default EIGRP variance setting, and maximum-
is 4. paths?
Add-Path and unequal cost load balancing
are mutually-exclusive features and cannot
be configured together. Add-Path only How does the EIGRP Add-Path feature
supports ECMP links. work with unequal cost load balancing?
DMVPN deployments where multiple
branch offices are dual-homed. The hub
router normally can only advertise a single What is the primary use case for the
path toward a destination, but when the EIGRP Add-Path feature?
Add-Path feature is configured on the
DMVPN hub, it can advertise multiple
ECMP paths to the spokes.
What are the five requirements for using

the EIGRP Add-Path feature?
The number of paths to add, with the range
of 1 - 4
What is the mandatory argument for the
EIGRP Add-Path feature?
In named mode, under the DMVPN tunnel
af-interface section:
no split-horizon How do you configure the EIGRP Add-
no next-hop-self Path feature?
add-paths 1-4
This command should be used in
conjunction with the Add-Path feature
when the hub router is dual-homed. This With a DMVPN deployment, when should
causes EIGRP to retain all Successor's you use the no next-hop-self no-ecmp-
addresses as the next-hop in EIGRP mode command?
advertisements, not just the first entry in
the topology table.
When no next-hop-self is used, the
command only applies to the first entry in
the EIGRP topology table, and if there are What does the EIGRP no next-hop-self
multiple ECMP entries, the command is no-ecmp-mode command do?
not applied to the subsequent entries. The
no-ecmp-mode keyword forces EIGRP to
honor the no next-hop-self command for
all entries and keep the Successor's address

in the advertisements.
The EIGRP Hello contains an additional
TLV indicating stub status.
How does EIGRP advertise itself as a stub
router?
True, with the exception of EIGRP-learned
routes that are explicitly selected using the
leak-map keyword. True or False: An EIGRP stub router does
not propagate routes learned through
EIGRP to its neighbors.
Since the stub router does not propagate
routes learned through EIGRP to its
neighbors, the stub router cannot become a How is an EIGRP stub router prevented
Feasible Successor and cannot become a from becoming a transit router?
transit router for remote networks.
True, this prevents the neighbors from
converging through a stub router to reach
networks that are remote to the stub router. True or False: EIGRP neighbors of a stub
router who are aware of its stub status will
never send a Query to the stub router.
EIGRP stub routers generate Query
messages exactly the same way as normal
EIGRP routers. How does an EIGRP stub router handle
generating Query messages when a route
goes Active?
If the stub is allowed to advertise the
network (summary, connected, static,
redistributed, leak-map), the router How does an EIGRP stub router process a
processes the Query like a normal EIGRP received Query?
router.
If the Query is about a network the EIGRP

stub knows about, but is not allowed to
advertise, the Reply always contains an
infinte metric, regardless of what the stub
router truly knows about the network.
Both EIGRP stubs and regular EIGRP

routers immediately respond to a Query for
an unknown network with a Reply with an
infinite distance.
-Older EIGRP routers can form
adjacencies, but do not recognize the stub
TLV What two conditions cause an EIGRP stub
-If multiple routers are on a common router to receive Query messages?
network segment and they are ALL
configured as stubs, when any of the stubs
needs to send a Query, it sends it to all the
neighbors
Query messages are sent as unicasts to
nonstub routers, or the RTP Conditional
Receive feature is used to multicast Query How are Query messages handled when
messages so that nonstub routers will not both regular EIGRP and stub EIGRP
process them. routers exist on a common network
segment?
This is common for hub and spoke routers
connected by DMVPN or VPLS.
-The keyword cannot be used with any
other keyword
-To reach networks behind the router, What are two caveats of using the eigrp
neighbors must use static routing, or the stub receive-only command?
stub router must use NAT
connected
summary
static What are the EIGRP stub advertisement
redistributed options?
leak-map
receive-only
connected and summary are the defaults

when eigrp stub is issued.
show ip protocols
How do you verify the EIGRP stub

settings?
show ip eigrp neighbors detail
How do you verify if an EIGRP neighbor is

configured as a stub?
EIGRP neighbors of a router performing
summarization do not have information
about the specific component subnets of How does summarization bound the
the summary, so they immediately send a EIGRP Query domain?
Reply indicating an unreachable
destination (infinte metric) without having
to go Active and propagate the Query
further.
True, each summary is advertised as long
as at least one component subnet exists.
This allows for hierarchical summaries True or False: You can configure multiple
where, for example, two routers can overlapping summary addresses on a single
advertise the same less-specific summary, interface with EIGRP.
and they can each advertise a separate,
more-specific summary for traffic
engineering.
A discard route (a local route to Null0)
prevents suboptimal routing or routing
loops when a summarizing router does not What is the purpose of a discard route with
have knowledge of a more specific prefix summarization?
for which it is advertising a summary. For
example, if a router is advertising
10.1.0.0/22 and has more specific routes to
10.1.0.0/24, 10.1.1.0/24, and 10.1.2.0/24,
but not 10.1.3.0/24, any traffic destined for
10.1.3.0/24 would be discarded.
5
What is the default administrative distance
of an EIGRP discard route?
If the router is configured to advertise a
manual summary route that exactly
matches a route that is already learned by With an EIGRP router performing
the router from another source, the discard summarization, what is a potential issue
route can possibly replace the route learned with regard to an automatically installed
in the routing table due to the default AD discard route?
of 5. For example, if EIGRP is configured
to advertise a summarized default 0.0.0.0/0,
but the router has the same route learned
from another source, it may no longer be
able to reach that default route because of
the automatic discard route.
The solution is to adjust the AD of the

summary with the EIGRP summary-
metric summary mask distance distance
command.
It prevents the router from installing the
discard route into the routing table, as well
as stops the router from advertising the What happens if you set the AD of a
summary route. Neither the summary nor discard route to 255?
the component routes will be advertised to
neighbors.
show ip protocols
How do you view all configured EIGRP

summary addresses, and the interfaces they
are placed on?
router eigrp asn
[no] passive-interface {default |
interface} How do you configure EIGRP passive
interface in classic mode?
This allows you to set all interfaces as
passive by default, and then allow specific
interfaces with no passive-interface
interface
You can also configure configure

individual interfaces as passive.
With the [no] passive-interface command
under either af-interface default or af-
interface interface How do you configure EIGRP passive
interface in named mode?
Graceful shutdown (which occurs when the
EIGRP shutdown command is used) sends
a Goodbye message, which is a Hello How does EIGRP Graceful Shutdown
message with all K-values set to 255. work?
It can only be performed in named mode.
What is a requirement of configuring SHA-

256 authentication for EIGRP?
EIGRP named mode allows configuring
authentication simultaneously on all
interfaces with the af-interface default What is an advantage of configuring
section, of which there is no equivalent in EIGRP authentication in named mode
classic mode. instead of classic mode with regard to
interfaces?
Interface:
ip authentication mode eigrp asn md5
ip authentication key-chain eigrp asn How do you configure EIGRP
key-chain authentication in classic mode?
af-interface interface
authentication mode hmac-sha-256
password How do you configure EIGRP SHA-256
authentication?
Note: you can optionally use a key-chain,
but the password must still be configured.
Both will be sent when using key-chains.
af-interface interface
no authentication mode
With EIGRP named mode, if authentication
is configured under the af-interface
default, how do you disable it for a
particular interface?
The valid key with the lowest key ID is
used to sign egress packets
If a key-chain is configured with multiple
valid keys, which key is used?
-Add the new key with a higher key ID into
the key-chain on all routers
-Configure the send-lifetime of the old key How do you seamlessly change the keys in
to some time in the past, which causes the a key-chain?
key to stop being sent
-Remove the old key from the key-chain on
all routers
True, a default route must be either
redistributed into EIGRP, or manual
summarization must be used. True or False: EIGRP has no dedicated
command to inject a default route into the
EIGRP domain.
network 0.0.0.0 causes all IPv4-enabled
interfaces to be enabled for EIGRP.
Additionally, if the static default route is If you have a static default route pointing
not configured specifically with an toward an interface, you can cause EIGRP
interface (as opposed to an IP address), the to advertise it with the network 0.0.0.0
network 0.0.0.0 command has no effect command. Why should you never do this?
and it will not be advertised.
EIGRP uses Split Horizon with Poisoned
Reverse to advertise learned networks out
the interface toward the Successor with an How does EIGRP use Split Horizon?
infinite metric.
Interface:
[no] ip split-horizon eigrp
How do you configure split horizon for
EIGRP classic mode?
router eigrp
event-log-size 500
event-logging What are the EIGRP logging defaults?
log-neighbor-changes
log-neighbor-warnings
show eigrp address-family ipv4 events
How do you view the EIGRP event log?

ACLs
Prefix lists
Route maps What three options are available for
filtering via distribute-list with EIGRP?
EIGRP process, topology-base:
distribute-list method direction optional-
interface How do you configure a distribute-list for
EIGRP?
All outgoing Updates, Queries, Replies,
SIA-Queries, and SIA-Replies indicate the
correct metric for permitted prefixes, and How do EIGRP distribute-lists work in the
infinite metric for denied prefixes. out direction?
In all incoming Updates, Replies, and SIA-
Replies, permitted prefixes are processed
normally, while denied prefixes are How do EIGRP distribute-lists work in
ignored. the in direction?
Received Queries and SIA-Queries are

unaffected and processed normally.
Offset lists refer to an ACL to match routes
which will have the specified offset added
to their Delay metric component. How do offset lists work with EIGRP?
Offset lists also specify the direction, and

optionally the interface.
clear eigrp address-family ipv4
neighbors soft
How do you perform an EIGRP graceful
Topology databases between the router and restart?
its neighbors are resynchronized without
the neighbor relationship being torn down.
Without the soft keyword, adjacencies
must be re-established.
router eigrp asn
eigrp upgrade-cli process-name
How do you convert from EIGRP classic
mode to named mode?
show ip eigrp traffic asn
How do you view EIGRP traffic statistics?

With EIGRP OTP, the LISP control plane

(native LISP mapping and resolving
mechanisms) are replaced by EIGRP, while How are EIGRP OTP and LISP related?
the LISP data plane is not modified.
DMVPN uses mGRE to encapsulate both
data and control plane traffic, whereas OTP
uses LISP UDP-based encapsulation for the How does EIGRP OTP compare with
data plane while running EIGRP natively DMVPN?
without additional encapsulation. This
means no tunnel interfaces are required for
OTP.
All OTP traffic can be encrypted with

GETVPN, whereas DMVPN relies on
IPsec tunnel configuration.
DMVPN relies on NHRP for mappings,

whereas OTP uses EIGRP for the mapping
and no other control plane protocol is
required.
EID = Endpoint Identifier, an IPv4 or IPv6
address
RLOC = Routing Locator, outside address What is the LISP EID and RLOC?
of a router
EIDs reside behind RLOCs, and the LISP

control plane registers and maps EIDs to
RLOCs.
Instead of doing dynamic EID-to-RLOC
mappings with native LISP-mapping
services, EIGRP routers running OTP How does EIGRP OTP replace the LISP
create targeted sessions over the WAN and control plane?
use the WAN IP addresses as RLOCs, and
exchange routes as EIDs.
56 kbps
Adjust with the following: When EIGRP OTP is used, a LISP0

interface LISP0 interface is created automatically. What is
bandwidth kbps the default bandwidth setting of this
interface?
router eigrp process
address-family ipv4 unicast
autonomous-system asn How do you enable EIGRP OTP?
neighbor ip interface remote hops lisp-
encap
Since the EIGRP remote neighbor is
configured with a static IP address, the
router must send ARP requests for the What is a caveat of using EIGRP OTP with
neighbor. This relies on Proxy ARP from an Ethernet WAN interface?
the service provider, and if it is disabled on
the SP edge, the OTP peering will not
come up unless static ARP mappings are
configured on the OTP router.
router eigrp process

autonomous-system asn
remote-neighbors source How do you configure an EIGRP OTP
interface unicast-listen lisp-encap router to be a route reflector?
af-interface source-interface
no next-hop-self
no split-horizon
no next-hop-self enables spoke-to-spoke

traffic
no split-horizon allows learned routes to
be reflected back out to the spokes
On the router configured as the route
reflector, the remote-neighbors EIGRP
command can reference an ACL with the With EIGRP OTP, how can you control
allow-list acl keyword. which routers are allowed to connect to the
route reflector?
-Manually-configured with router-id under
the OSPF process
-Highest IP of any non-shutdown How does OSPF choose a RID?
loopbacks that have not been allocated as a
RID by any other OSPF processes
-Highest IP of any non-shutdown non-
loopback interfaces that have not yet been
allocated as a RID by any other OSPF
processes
The first process to start chooses the
highest IP address of any non-shutdown
loopback interface, or regular non- Two OSPF processes are started on a
shutdown interface is there are no router, neither of which manually
loopbacks. configures a router ID. How are the router
IDs chosen for each process?
The second process chooses the next-
highest IP address of any non-shutdown
loopback interfaces, the next-highest IP
address of a regular non-shutdown
interface if there were no loopbacks, or the
highest IP address of a regular non-
shutdown interface if there was only a
single non-shutdown loopback interface
and the first OSPF process claimed it for its
router ID.
True
True or False: The interface from which the

OSPF RID is taken does not have to be
matched by an OSPF network command.
True. The interface cannot be
administratively shutdown but if it
happens to be down for other reasons, it True or False: An IP address configured on
can still be considered. an interface in the down/down state can
still be considered for use as the OSPF
RID.
False, the RID is just an identifier, and does

not even require reachability per the IP
routing table. True or False: OSPF must advertise a route
to reach the RID's subnet when an interface
IP address is used as the RID.
If the RID is not manually configured, the
choice of RID based on available IP
addresses is re-evaluated. If a different RID What happens to the router ID when the
is chosen, all routers in the same are must OSPF process is restarted?
perform a new SPF calculation, even if the
actual topology has not changed.
IP Protocol 89
What does OSPF use for transport?

Hello
Database Description (DD/DBD)
Link-State Request (LSR) What are the five different types of OSPF
Link-State Update (LSU) messages?
Link-State Acknowledgement (LSAck)
-Discover neighbors
-Bring a neighbor relationship to 2-Way
state What three things are OSPF Hello
-Monitor neighbor's continuous liveliness messages used for?
They are used to exchange LSA headers
during the initial topology exchange so that
a router knows a list of that neighbor's What are OSPF Database Description
LSAs, including their versions. (DD/DBD) messages used for?
A LSR is a packet that identifies one or
more LSAs that the sending router would
like the neighbor to supply full details What are OSPF Link-State Request (LSR)
about. messages used for?
An LSU is a packet that contains fully
detailed LSAs and is sent in response to an
LSR, or in the event of a topological What are OSPF Link-State Update (LSU)
change. messages used for?
LSAcks are sent to confirm receipt of
LSUs.
What are OSPF Link-State
Acknowledgement (LSAck) messages used
for?
True: LSAs are data structures held inside a
router's LSDB and exchanged inside LSU
messages. True or False: Link State Advertisements
(LSAs) are not considered OSPF messages.
The OSPF neighbor state
What is an indication of how an OSPF

router treats a particular neighbor?
True, though this is a temporary condition.
Ultimately, both routers must arrive at the
same state. True or False: Two OSPF neighbors
building an adjacency can temporarily
consider each other to be in a different

neighbor state.
Down
Attempt
Init What are the eight OSPF neighbor states?
2-Way
ExStart
Exchange
Loading
Full
When a working adjacency to the neighbor
is torn down, such as when no valid OSPF
packets are received before the Dead What are two common reasons to see an
interval expires. OSPF neighbor in the Down state?
The other common case is when a

manually-configured neighbor does not
respond to initial Hello packets.
The router must already know about the
neighbor's IP address, either manually or
through previous discovery. What is a requirement for an OSPF router
to consider a neighbor in the Down state?
Down
What is the initial state of an OSPF

neighbor?
This state is valid only on NBMA and
P2MP NBMA networks. On these
networks, a neighbor is placed immediately For which network types is the OSPF
into the Attempt state and contact by Hello Attempt neighbor state valid for?
packets sent at usual intervals. If the
neighbor does not respond within the Dead
interval, it is placed back into the Down
state.
A valid Hello has been received from the
neighbor, but the list of "Seen Routers" in
the received Hello packet does not contain When is an OSPF neighbor placed into the
the receiving router's RID. If a neighbor Init state?
stays in the Init state for a long period of
time, it indicates that the neighbor router is
not properly receiving this router's Hellos.
A valid Hello packet containing this
router's RID in the list of seen neighbors
from the neighbor, indicating bidirectional What causes an OSPF router to reach the 2-
visibility between the two routers. Way state with a neighbor?
The 2-Way state is a stable state between
routers on multiaccess networks that do not
intend to become fully adjacent. When is the OSPF 2-Way neighbor state
considered stable?
After bidirectional visibility is confirmed,
routers move into the ExStart state in these
circumstances: What four circumstances cause an OSPF
-The network type is P2P router to move from the Init or 2-Way
-The network type is P2MP neighbor state to ExStart?
-The network type is virtual link
-The router itself or its neighbor is a DR or
BDR
-Compare RIDs to determine Master/Slave
roles
-Establish common starting sequence What two things happen during the OSPF
number for DBD packets ExStart neighbor state?
After the Master/Slave relationship is
established.
When does an OSPF neighbor state move
from ExStart to Exchange?
DBDs are exchanged between the
neighbors to build the list of LSAs known
by each router. Actual LSAs are not What occurs during the OSPF Exchange
exchanged at this time. neighbor state?
After a router receives the complete list of
LSAs via DBD exchange during the
Exchange state, the Loading state is when What is the OSPF Loading neighbor state?
the actual LSAs are exchanged between the
neighbors.
All required LSAs have been exchanged
between neighbors, and the neighbors are
now considered fully adjacent. What is the OSPF Full neighbor state?
2-Way
Full
What are the stable OSPF neighbor states?
-Discover OSPF routers on common
subnets
-Check for agreement on configuration What are the four major functions of OSPF
parameters Hello messages?
-Verify bidirectional visibility between
neighbors
-Monitor neighbor liveliness and react
accordingly
The primary IP address for an interface
must also be advertised into OSPF, either
directly at the interface or through the What must be true for OSPF to advertise
OSPF network command. Even if the secondary IP addresses?
secondary IP address is explicitly
configured for advertisement, it will not be
advertised if the primary IP address is not
also advertised.
224.0.0.5 All OSPF Routers
Which address is used for OSPF neighbor

discovery?
-Same primary IP subnet
-Nonduplicate RIDs
-Authentication What five parameter checks must be passed
-Same OSPF area and type for OSPF routers to become neighbors?
-Same Hello/Dead timers
MTU must match for DBD packets to be

successfully processed, but this parameter
check is not part of the Hello process and
would not prevent routers from reaching
the 2-Way state.
False: MTU checking is not part of the
Hello process and does not prevent
neighbors from forming. However, True or False: The MTU must match
mismatched MTUs prevent routers from between OSPF neighbors to form a
moving past the 2-Way state. neighborship.
10s on broadcast and P2P network type
30s on nonbroadcast and P2MP network
type What is the default OSPF Hello time?
4x the Hello time:
40s on broadcast and P2P network type What is the default OSPF Dead time?
120s on nonbroadcast and P2MP network
type
debug ip ospf hello will reveal "Mistached
hello parameters from RID"
How can you verify that OSPF Hello
parameters are mismatched between
neighbors?
show ip ospf interface interface
How can you view the OSPF settings

applied to an interface?
show ip ospf neighbor RID
How can you verify information about a

particular OSPF neighbor?
Each DBD packet has a sequence number,
and the receiver acknowledges the DBD
packet by sending back a DBD packet with How does OSPF perform error recovery
the same sequence number. When a DBD when exchanging DBD packets?
packet is sent, another DBD packet is not
sent until the previous packet was
acknowledged.
The Master sends DBD packets on its own
accord, and sets the contained sequence
numbers. During OSPF database exchange, what is
the role of the Master, and what is the role
The Slave sends DBD packets only as a of the Slave?
response to DBD packets received from the
Master, and must use the same sequence
number set by the Master.
-Master (MS) - set in all DBD packets sent
by the Master, cleared in all sent by the
Slave What are the three flags present in the
-More (M) - router intends to send an OSPF DBD packet?
additional DBD packet after this one
-Init (I) - Initial DBD packet that starts the

exchange with subsequent DBD packets
having the I flag cleared
-Each DBD packet sent from the Master
must be replied to by the slave
-A slave can send a DBD packet only as a What are the two rules governing the
response to receiving a Master's DBD sending of OSPF DBD packets?
packet
When the Slave sends its response DBD
packet, it sets the M (More) flag if it has
additional LSAs to send to the Master. During the OSPF database exchange, since
the Slave router can only send DBD
If the Master has no additional LSAs to packets as a response to DBD packets sent
send, but it receives the DBD response by the Master, what happens when the
with the M flag set, it polls the Slave with Slave has additional LSAs to send to the
an empty DBD packet. Master?
The Master stops sending DBD packets to
the Slave when both it has no more LSA
headers to advertise, and the Slave's last During the OSPF database exchange, when
DBD packet has the M (More) flag cleared, does the Master stop sending DBD packets
indicating the Slave has advertised its to the Slave?
entire list of LSA headers.
Both start out considering themselves to be
the Master and send an empty DBD packet
with a random sequence number and MS, During the OSPF database exchange, how
M, and I flags set to 1. does the Master/Slave election work?
The router with the lower RID becomes the

Slave, and responds with a DBD packet
with the MS and I flags cleared, and the
sequence number received from the other
router.
A newer LSA will have a later sequence
number compared to the existing LSA in
the local LSDB. How does an OSPF router determine if a
received LSA is newer than the existing
LSA sequence numbers are incremented LSA in the LSDB?
whenever the LSA changes or is
reoriginated.
True, the sequence number is incremented
whenever there is a change to the LSA, or
the LSA is reoriginated. True or False: Re-originating an OSPF
LSA causes its sequence number to
increment.
The sequence number space is a signed 32-
bit integer from -2^31+1 (-2B) to 2^31-1
(+2B). How do OSPF sequence numbers work,
and what is the starting number?
The starting value is 0x80000001 because
most computer systems store negative
numbers in two's complement.
0x80000001 increments to 0xFFFFFFFF,

then to 0x00000000, 0x00000001 on up to
0x7FFFFFFF.
0x80000000 is a reserved value. When an

LSA reaches 0x7FFFFFFF and needs to be
incremented, the LSA is instead flushed
from the LSDB and re-originated with
sequence 0x80000001.
During the Exchange state, DBD packets
are exchanged with contain LSA headers.
What is the difference between the OSPF
During the Loading state, full LSAs are Exchange and Loading neighbor states?
exchanged via LSR and LSU packets.
-An LSU can be acknowledged by the
receiver sending back the exact same LSU
to the sender (as in the case of the DR) What two methods are available for OSPF
-A router can send back an LSAck packet routers to acknowledge successful
containing a list of acknowledged LSA LSR/LSU exchange?
headers
-DR floods LSAs to adjacent neighbors,
instead of all routers in a multiaccess
segment flooding directly to each other What are the two primary functions of the
-DR generates Type 2 LSAs to represent OSPF DR?
the multiaccess network segment
The LSU is sent to 224.0.0.5, and each
neighbor sends a unicast LSAck back to the
DR. How does an OSPF DR send an update for
a multiaccess network segment?
LSU packets are sent to 224.0.0.6, All
OSPF DR Routers
On an OSPF multiaccess network segment
with a DR, where do non-DR/BDR routers
send updates to?
When a DR receives an LSU from a non-
DR/BDR neighbor, the LSU is then
flooded by the DR to all neighbors, which When an OSPF DR receives an LSU from
serves as an implicit acknowledgement. a neighbor, how does it acknowledge its
receipt?
All other routers send a normal unicast
LSAck to the DR after the LSU has been
flooded.
224.0.0.5, All OSPF Routers
In OSPF network segments that do not

have a DR/BDR, where are LSU packets
typically sent?
The election occurs after the 2-Way state,
but before the ExStart state.
At what point during the OSPF neighbor
adjacency process is the DR/BDR elected?
The OSPF Wait Time is set to the same
value as the Dead Time, and is a period of
time that must expire before the DR is What is the OSPF Wait Time?
elected. The goal is to allow all routers on
the network segment to finish initializing

after a failure so that all routers can
participate in the DR election, otherwise
the first router to become active would
always become the DR. During the Wait
Time, the priorities and RIDs of neighbors
are collected, and each router
independently calculates the DR/BDR,
though they all arrive at the same
conclusion.
This occurs when the OSPF router receives

a Hello with the DR set to 0.0.0.0,
indicating the DR has not yet been elected.
This indicates the DR has not yet been
elected, and the router starts the OSPF Wait
Time (set to same value as Dead Time). What happens when an OSPF router on a
When the timer expires, the DR can be multiaccess network segment receives a
elected. Hello packet with the DR field set to
0.0.0.0?
The received Hello packet will have the
RID of the DR.
How does an OSPF router know that a DR
has already been elected?
The BDR is elected first, and then
promoted to DR. This process allows a
BDR to always be promoted to the DR if Which is elected first, the OSPF DR or
the DR fails. BDR?
Highest priority, with highest RID as the
tiebreaker
What determines the OSPF DR when none
has yet been elected?
When a stable network that has already
elected the DR/BDR becomes partitioned,
new elections occur if necessary for each What is the exception to the OSPF
partition (normal OSPF rules), and re- DR/BDR non-preemption rule?
elections occur when the partitions are
collapsed.
-Whether the router tries to elect a DR on
the interface
-Whether the router must statically What three behaviors are determined by the
configure a neighbor, or use multicast OSPF network type?
-Whether more than two neighbors should
be allowed on the same subnet
Interface:
ip ospf network type
How do you configure the OSPF network
type?
Broadcast
Point-to-Point
Non-Broadcast What are the six OSPF network types?
Point-to-Multipoint
Point-to-Multipoint Non-Broadcast
Loopback
Broadcast
Non-Broadcast (NBMA)
Which OSPF network types elect a DR?
Point-to-Multipoint Non-Broadcast
Which OSPF network types require static
"Nonbroadcast Needs Neighbors" configuration of neighbors?
Point-to-Point
Loopback
Which OSPF network types do not permit
more than two routers on the subnet?
Broadcast
Point-to-Point
For which OSPF network types is the
default Hello interval set to 10 seconds?
Point-to-Multipoint
Point-to-Mulitpoint Non-Broadcast For which OSPF network types is the
default Hello interval set to 30 seconds?
-Matching Hello/Dead timers
-Whether or not a DR is expected to be
elected, and if so, it must have reachability While certain OSPF network types can be
to all routers in the common subnet mixed together, what are the caveats to
watch out for?
1
What is the default OSPF priority?

This is an optimization.
The default neighbor priority is 0. When When manually configuring OSPF

there are multiple neighbor statements neighbors, what is the purpose of
configured and at least one of them has a specifying the priority on the neighbor
nonzero priority specified, the router first statement?
sends Hellos only to those neighbors, and
only after the DR/BDR elections have
occurred between those neighbors will the
router start sending Hellos to the remaining
neighbors.
If the interface is set to priority 0 with ip

ospf priority 0 the neighbor priority
setting has no effect.
30 minutes
What is the default OSPF LSRefresh

interval?
60 minutes
What is the default value of the OSPF LSA

MaxAge timer?
-Each router sends Hellos based on per-

interface Hello intervals
-Each router expects to receive Hellos from After convergence, what four items entail
neighbors within the per-interface Dead the OSPF steady-state operation?
interval
-Each router refloods each LSA it
originates (after incrementing the seq by 1)
per LSA LSRefresh interval (30 min)
-Each router expects to have its LSA
refreshed before the LSA MaxAge timer
expires (60 min)
It has one more more connections to Area 0
and one or more connections to any other
Area. What makes a Cisco OSPF router an ABR?
Other vendors may have different

interpretations of the RFC.
False: ABRs keep independent separate
LSDBs for each connected Area. Likewise,
SPF is run independently in each Area, and True or False: OSPF ABRs maintain a
the results are combined into a single single LSDB.
routing table subject to OSPF path
preference rules.
SPF is run independently in each area, and
the results are placed into the IP routing
table based on OSPF path preference rules. How does an OSPF ABR maintain its local
IP routing table?
False: OSPF always chooses intra-area
routes over inter-area routes for the same
prefix, regardless of the metric. True or False: OSPF chooses intra-area
routes over inter-area routes for a given
prefix, unless the inter-area route has a
better metric.
ABRs ignore Type 3 LSAs learned in
nonbackbone areas during SPF calculation,
which prevents an ABR from choosing a How do ABRs handle Type 3 LSAs learned
route that goes into a nonbackbone area, from nonbackbone areas during SPF
and then back into the backbone. calculation?
None. Only routers originating a particular
LSA can modify or withdraw it.
Under what circumstances can an OSPF
router modify or withdraw an LSA if that
router did not originate the LSA itself?
The router must process and flood the LSA
within the LSA's defined flooding scope if
the router recognizes the LSA's type and What is true of an OSPF router with regard
contents. The router must not ever change to processing LSAs that it did not itself
the LSA's contents, block it, or drop it originate?
before its maximum lifetime has expired.
This ensures all OSPF routers in the area

have the same LSDB contents and a
consistent view of the network.
Type 6: MOSPF Group Membership

Type 8: BGP External Attributes (designed
to carry BGP information during BGP-to- Which two OSPF LSA types are not
OSPF redistribution) supported on Cisco routers?
Router: one per router per area, listing the
router's RID and all interface IPs within the
area. What is OSPF LSA Type 1?
Flooded only within the area of origin.

Network: one Type 2 LSA per transit
network, created by the DR on the subnet
and represents the subnet and the router What is OSPF LSA Type 2?
interfaces connected to the subnet.
Flooded only within its area of origin.

Net Summary: created by ABRs to
represent networks present in one area
when being advertised into another area. What is OSPF LSA Type 3?
Type 3 LSAs define the subnets and cost in
the origin area, but no topology data.
Flooded only within its area of origin,

reoriginated on ABRs.
ASBR Summary: similar to Type 3 LSA,
but advertises a host route used to reach the
ASBR. What is OSPF LSA Type 4?
Flooded only within its area of origin,

reoriginated on ABRs.
AS External: created by ASBRs for
external routes injected into OSPF.
What is OSPF LSA Type 5?
Flooded to all regular areas.
NSSA External: created by ASBRs inside
an NSSA instead of Type 5.
Flooded only within its area of origin and
converted to Type 5 LSA on an ABR
toward other areas.
Opaque: Generic LSA with link-local
flooding scope
Opaque: Generic LSA with area-local
flooding scope. Used for MPLS-TE
Opaque: Generic LSA with autonomous-
system flooding scope similar to Type 5 -
flooded into normal areas but not into What is OSPF LSA Type 11?
stubby areas and NSSAs.
A subnet on which a router has not formed
any neighbor relationships.
What is an OSPF stub network?
This is different from a stub area.

A network over which two or more OSPF
routers have become neighbors and elected
a DR so that traffic can transit from one to What is an OSPF transit network?
the other.
show ip ospf database lsa-type lsa-id
How do you view an individual OSPF

LSA?
The appropriate Type 1 or Type 2 LSA can
be reoriginated with the disconnected
network removed from the LSA, or the What are two ways that OSPF can
LSA can be prematurely aged out by distribute information that a particular
setting its age to 3600 seconds and flooding network that is no longer reachable?
it, causing it to immediately expire from all
LSDBs.
-The originating router, and it's interfaces
in that area
-List of neighboring routers in that area on What basic information is described in an
each interface OSPF Type 1 LSA?
The subnet, mask, and the ABR's cost to
reach that subnet
What three things are described in an OSPF
Type 3 LSA?
show ip ospf border-routers
How do you view which OSPF routers are

ABRs or ASBRs?
show ip ospf statistics
How can you view how many times the

OSPF SPF algorithm has executed for each
area?
partial run, partial SPF, or partial route
calculation
What is the term used to describe an OSPF
This is different from incremental SPF router updating its computed shortest path
(iSPF) tree based on updated costs from routers in
other areas?
The routers check if another Type 3 LSA
for the same network is available, and if
not, the affected networks are removed How do OSPF routers handle a Type 3
from their routing tables without requiring LSA being removed from the area?
an SPF run.
Type 3 LSAs are flooded only within the
area originated by ABRs. A Type 3 LSA
from one nonbackbone area is re-originated How does the information in a Type 3 LSA
at the ABR into the backbone area. Other originated in one nonbackbone area get
attached nonbackbone areas receive the retransmitted to another nonbackbone area?
originated Type 3 LSA at their respective
ABRs, which then re-originate the Type 3
LSA into their respective nonbackbone

areas.
nonbackbone originated > backbone re-

originated > nonbackbone re-originated
Only Type 3 LSAs received over the
backbone area. Type 3 LSAs received over
nonbackbone areas are skipped during the When an OSPF ABR performs a SPF
ABR's SPF computation, though they are calculation, which Type 3 LSAs are used in
stored in the ABR's LSDB and flooded the calculation?
within the nonbackbone area.
E1 = both external and internal metrics
added together
E2 = only external metric is considered by What is the difference between OSPF route
SPF when choosing best routes types E1 and E2, and which is used by
default in Cisco IOS?
E2 = default
E1 is always preferred over E2
With OSPF, if there are both E1 and E2

routes to the same external network, which
is preferred?
Subnet
Metric
Metric Type (E1/E2) What general information is contained in
an OSPF Type 5 LSA?
The cost of E1 routes are calculated as the
cost to reach the ASBR, plus the cost of the
external route. When multiple E1 routes are How does OSPF decide which path to use
present for the same destination, the lowest when there are multiple E1 routes to the
total cost path is used. If multiple equal- same destination?
cost paths are present, all are used.
E2 routes only take the external metric into
consideration. If there are multiple E2
routes available to the same destination How does OSPF decide which path to use
network, the lowest cost E2 metric is used. when there are multiple E2 routes to the
If there are multiple E2 routes with the same destination?
same metric, the path through the closest
ASBR is used. If multiple equal-cost paths
route through the same closest ASBR, all
of them are used.
-Prefer E1 over E2
-E1:
-If multiple, use lowest cost What is the OSPF E1/E2 route path
-If multiple lowest cost, use all selection process?
-E2:
-If multiple, use lowest cost
-If multiple lowest cost, use closest ASBR
-If multiple lowest cost through closest
ASBR, use all
When an ABR floods a Type 5 LSA into
another area, it also creates a Type 4 LSA.
Routers in other areas use the Type 4 LSAs What are OSPF Type 4 LSAs used for?
to know what ASBRs in other areas exist,

what ABRs can be used to reach them, and
what is the distance of each ABR to a
particular ASBR.
For a router in a different area from the

ASBR, the cost of reaching the ASBR is
the cost between the router and the ABR,
plus the cost indicated in the Type 4 LSA
toward a particular ASBR.
Cost from internal router to ABR + cost
from ABR to ASBR as advertised in the
Type 4 LSA + external cost of route as What is the cost of an internal OSPF router
advertised by the ASBR in the Type 5 LSA in a nonbackbone area to reach an E1
route?
Stubby
Totally stubby
NSSA What are the OSPF stub area types?
Totally NSSA
Type 4 and Type 5 LSAs are not injected
into any variation of a stub area, and are
replaced with default routes instead. What is common across all OSPF stub area
types with regard to LSAs?
Both stop the injection of Type 4 and Type
5 LSAs and replace them with a default
route. Totally stubby areas take this a step What is the difference between an OSPF
further and replace all Type 3 LSAs with a stubby and totally stubby area?
default route as well.
NSSA's have an ASBR present and inject
Type 7 LSAs into the area, which are
converted to Type 5 by the ABRs as the What makes an OSPF area not-so-stubby?
information leaves the area.
OSPF process on all routers in the area:
area area stub
How do you configure an OSPF stub area?
OSPF process on the ABR:
area area stub no-summary
How do you configure an OSPF totally
OSPF process on internal routers: stubby area?
area area stub
The no-summary keyword is configured

only on the ABR, because only the ABR is
permitted to filter Type 3 LSAs.
OSPF process on all routers in the area:
area area nssa
How do you configure an OSPF NSSA?
OSPF process on ABR:
area area nssa no-summary
How do you configure an OSPF Totally
OSPF process on internal routers: NSSA?
area area nssa
The no-summary keyword is configured

only on the ABR, because only the ABR is
permitted to filter Type 3 LSAs.
The NSSA is used for areas where an
ASBR is located, but the routers within the
area do not need specific information about What is the purpose of an OSPF NSSA?
external networks located in other areas.
Since Type 5 LSAs are not allowed inside
any kind of OSPF stub area, Type 7 LSAs
are used to distinguish the external Why does the OSPF LSA Type 7 exist?
information from normal Type 5 LSAs. By
default, the ABR with the highest RID
translates the Type 7 LSAs to Type 5 as the
information leaves the area.
The ABR with the highest RID.
By default, which OSPF ABR performs

Type 7 to Type 5 LSA translation for an
NSSA?
NSSA ABRs must be configured with area
area nssa default-information-originate
to advertise a default route. ABRs in OSPF stub areas automatically
inject default routes, except for which
This applies to NSSAs only. Stubby, variation?
Totally stubby, and NSSA-TS areas all
inject default routes automatically.
True
True or False: OSPF considers E1 routes

equivalent to N1 routes, and E2 equivalent
to N2, with regard to path selection.
This process ensures the only valid way of
an area learning about routes from another
area is through the the backbone, and that Why does an OSPF ABR originating Type
the backbone is never fed a route that has 3 LSAs translate only intra-area routes
already traversed the backbone. from a nonbackbone area and flood them
into the backbone, or conversely, translate
both intra- and inter-area routes from the
backbone and flood them into a
nonbackbone area?
To ensure that an ABR does not traverse a
nonbackbone area to reach a network that
is located in the backbone or another Why does an OSPF ABR ignore all Type 3
nonbackbone area. An ABR never uses a LSAs received over nonbackbone areas
nonbackbone area to reach an inter-area when running the SPF algorithm?
network.
R2 > R4 > R5, even though the cost
through R3 is less. This is because ABRs
ignore Type 3 LSAs from nonbackbone What path will OSPF router R2 use to
areas for loop prevention. Since the link reach subnet S1 and why?
between R3 and R4 is within Area 1, R4
ignores the route to S1 through R3 and
prefers its own more-costly route directly

to R5.
R2 > R4 > R3 > R5, even though R4 has a
direct link to R5. Because all of the links
between R3, R4 and R5 reside within the What path will OSPF router R2 use to
same area, normal SPF rules apply reach subnet S1, and why?
whereby the lowest cost path is used to exit
the area.
R5 > R3 > R4 > R2. Both R3 and R4 inject
Type 3 LSAs into the backbone area to
describe nonbackbone area 1. R5 then What path will traffic coming from subnet
chooses the path with the least cost to reach S1 use to reach OSPF router R2 and why?
area 1. However, traffic will be
asymmetrically routed, because the return
traffic will take the path R2 > R4 > R5
since Type 3 LSAs originated in
nonbackbone areas are ignored by ABRs.
Therefore, R4 ignores R3's Type 3 LSA
describing subnet S1, even though it has a
lower-cost path.
Interface:
ip ospf dead-interval minimal hello-
multiplier hellos How do you configure the OSPF Fast
Hello feature?
Where the dead-interval becomes fixed at
one second, and hellos refers to the number
of hellos to be sent every second.
OSPF process:
network ip wildcard area area
What are two ways that you can activate an
Interface: interface for OSPF?
ip ospf process area area
OSPF process:
log-adjacency-changes detail
How do you configure OSPF to create a
log message for each state change?
clear ip ospf process
How do you restart the OSPF process on a

router?
show ip ospf interface brief
How do you view the costs currently

assigned to OSPF interfaces?
Per-interface details:
-PID
-Area What information is provided in the output
-IP/mask of show ip ospf interface brief?
-Cost
-State (P2P, DR, etc)
-Neighbors
OSPF process:
auto-cost reference-bandwidth Mbps
How do you configure the default OSPF

cost calculation?
False, though it is recommended to use the
same values.
True or False: When adjusting the OSPF
reference-bandwidth cost, this value must
match on all routers.
Down
Example: The default reference bandwidth When calculating OSPF costs, the resulting
is 100 Mbps. The cost of a serial link with value is rounded ___ to the nearest integer.
its default bandwidth of 1.544 Mbps is 100
/ 1.544 = 64.77, which is rounded down to
an OSPF cost of 64.
OSPF process:
neighbor ip cost cost
How do you set the OSPF cost for a
This is valid only on OSPF point-to- particular neighbor?
multipoint nonbroadcast network types.
Interface:
ip ospf cost cost
How do you set the OSPF cost value on an
interface?
OSPF process network command
advertises stub networks for any secondary
IP subnets matched by the network With regard to advertising secondary IP
command addresses, what is the difference between
the OSPF process network command, and
Interface ip ospf area command includes the interface ip ospf area command?
all secondary subnets by default, unless the
secondaries none parameter is used at the
end of the command.
By default, when using the ip ospf area
command on an interface, all secondary IP
subnets are advertised as stub networks. What does the following command do?
Including the secondaries none parameter
at the end causes only the primary IP ip ospf pid area area secondaries none
subnet to be advertised.
With RIP and EIGRP, the routes are filtered
from the respective protocol's update
messages. What is the difference between the way the
distribute-list command works for RIP
With OSPF and IS-IS, the LSDB within an and EIGRP, versus OSPF and IS-IS?
area must be identical, so the distribute-
list prevents the routes from being installed
in the local IP routing table, but remain
within the LSDB.
The inbound direction applies to the results
of SPF - LSAs are not filtered, but routes
that SPF would choose to install into the With OSPF, how does the distribute-list
local routing table are. command work differently in the inbound
and outbound directions?
The outbound direction applies only to

redistributed routes, and only on an ASBR.
It selects which redistributed routes will be
advertised.
access-list num permit RID
Route-map: How do you use a route-map to match on a

match ip route-source acl-num router's RID?
area filter-list
area range
What are the two ways to filter OSPF Type
3 LSA generation at the ABR?
OSPF process on ABR:
area area filter-list prefix prefix-list
direction How do you configure OSPF to filter Type
3 LSAs at the ABR based on a prefix-list?
Where direction references whether the
prefix list is applied to routes entering or
leaving the specified area.
OSPF process:
area area range ip mask not-advertise
How do you configure an OSPF inter-area
The not-advertise keyword causes both the summary to filter all included routes?
subnets and the summary itself to be
filtered, and is equivalent ot the area filter-
list command with the out keyword.
The not-advertise keyword causes both the
included subnets and the summary itself to
not be advertised, effectively filtering the What does the not-advertise keyword of
routes. the OSPF area range command do?
Virtual links are not tunnels, but targeted
OSPF sessions that allow two remote
routers within a single area to become fully Why must an OSPF virtual link pass
adjacent and synchronize their LSDBs. The through a regular OSPF area and not any
transit area must be a regular area because variation of stub areas?
packets routed through the transit area are
forwarded based on their true destination
addresses (as opposed to tunneling), which
requires the transit area to know all
networks in the OSPF domain (intra-area,
inter-area, and external).
True. When configuring virtual links, you
specify the transit area, but the virtual link
itself always belongs to Area 0. True or False: OSPF virtual links are
always members of Area 0.
OSPF process:
area transit-area virtual-link remote-RID
How do you configure an OSPF virtual
link?
show ip ospf virtual-links
How do you view the status of OSPF

virtual links?
Unnumbered point-to-point interfaces
How are OSPF virtual links represented

internally to IOS?
OSPF treats each partition as a separate
area and overall connectivity is not
disrupted. What happens if a nonbackbone area
becomes partitioned due to link failure, but
each partition has a reachable ABR?
Interface:
ip ospf authentication null
How do you enable OSPF Type 0
authentication?
Interface:
ip ospf authentication
ip ospf authentication-key value How do you enable OSPF Type 1
authentication for an interface?
Interface:
ip ospf authentication message-digest
ip ospf message-digest-key number md5 How do you enable OSPF Type 2
value authentication?
Type 0: Null
What is the default OSPF authentication

type?
Multiple MD5 keys with different key IDs
are allowed per interface. When signing
sent packets, OSPF uses the key that was How does OSPF graceful authentication
last added to the interface (regardless of key rollover work?
key number). When authenticating received
packets, it uses the key ID indicated in the
packet.
When a neighbor detects a different key

number from the receiving router, OSPF
enters a key migration phase where all
packets are sent as many times as the
number of configured keys. After all
neighbors are using the same key number,
the migration phase ends.
debug ip ospf adj
How can you verify the OSPF

authentication processes?
This changes the area's default
authentication type. The default
unconfigured authentication type is 0: Null. What is the purpose of the OSPF area
You can configure the area to default to authentication command?
Type 1 or Type 2 authentication with the
area area authentication [message-
digest] command. When this command is
used, routers within the area will not form
neighborships unless authentication is

specifically configured.
Virtual links have no underlying interfaces
on which to configure authentication, as
normal OSPF interfaces do. Virtual links Why must you configure OSPF virtual link
are internal unnumbered point-to-point authentication with the area virtual-link
interfaces. command?
Type 0: area area virtual-link router-id
authentication null
Type 1: area area virtual-link router- How do you configure authentication on
id authentication authentication-key OSPF virtual links?
value
Type 2: area area virtual-link router-
id authentication message-digest
message-digest-key key-num md5 key-
value
When multiple keys have a valid send-
lifetime the key with the highest ID is
used, which is the opposite of RIPv2 and How does OSPF using cryptographic
EIGRP, which use the lowest ID key. authentication with key chains use multiple
keys?
False: While you must use the newer key-
chain based syntax to configure SHA
authentication, you can specify MD5 as the True or False: OSPF routers using MD5
authentication method associated with a authentication cannot interoperate with
particular key. routers using the newer key-chain based
cryptographic authentication.
OSPF process:
area area virtual-link RID key-chain key-
chain How do you configure extended
cryptographic authentication on an OSPF
virtual link?
The ip ospf message-digest-key
commands are ignored.
What happens if you have both classic
OSPF MD5 authentication and newer
extended cryptographic authentication with
key-chains configured on a router?
key chain name
key num
cryptographic-algorithm algorithm How do you configure extended
key-string string cryptographic authentication with OSPF?
interface interface
ip ospf authentication key-chain name
OSPF routers send their packets with the
TTL set to 255. With the exception of
virtual and sham links, OSPF routers What is the general premise of the OSPF
should always receive OSPF packets with TTL security check feature?
the TTL still set to 255 based on direct
router-to-router communications. Packets
received with a TTL of less than 255,
outside of a virtual or sham link, should
therefore be dropped because they could be

malicious.
Interface:
ip ospf ttl-security
How do you enable the OSPF TTL security
OSPF process: check mechanism?
ttl-security all-interfaces
Interface:
ip ospf ttl-security disable
If the OSPF TTL security mechanism is
enabled for all interfaces under the OSPF
process, how do you disable it for specific
interfaces?
Either at the interface or at the process
level with the hops count parameter. The
check will be against 255 - count and any How do you enable the OSPF TTL security
received OSPF packets outside the range mechanism, but relax the strict hop count
are dropped. of 255?
Interface:
ip ospf ttl-security hops count
OSPF process:
ttl-security all-interfaces hops count
When IOS processes received OSPF
packets, the TTL is decremented by one
before handing the packet to the OSPF When configuring the OSPF TTL security
process, unless the TTL is already one, in mechanism, you can relax the setting by
which case the number is not decremented. adjusting the hop count. Why is the
minimum value for this setting 1?
This is considered a peculiarity of IOS and
is not considered standard behavior.
OSPF virtual and sham links are unaffected
by these settings. Virtual and sham links
can be protected with the TTL security When OSPF is configured for the TTL
mechanism directly with the area virtual- security mechanism either under the OSPF
link ttl-security hops or area sham-link process or directly on an interface, how are
ttl-security hops commands. The hops OSPF virtual and sham links affected?
parameter is mandatory.
First activate the feature with the hop count
set to 254, which effectively configures but
does not enforce the feature. After routers What is the recommended process of
have been migrated, set the hop count to migrating OSPF routers to use the TTL
the default of 1. security mechanism?
For interfaces toward routers that do not

support the TTL security check, configure
ip ospf ttl-security disable
A variable-length wait interval between
two consecutive SPF runs.
What is SPF throttling?
SPF-start
SPF-hold
SPF-max-wait What three parameters control SPF

throttling?
The initial wait interval before an SPF
computation, if the network has been stable
for a prolonged period of time. What is the SPF throttling SPF-start
parameter?
The wait time between subsequent SPF
runs, whose value doubles for each
consecutive SPF run. What is the SPF throttling SPF-hold
parameter?
The maximum time between two SPF runs.
During consecutive SPF runs, the SPF-hold
parameter value doubles, up to the limit of What is the SPF throttling SPF-max-wait
the SPF-max-wait parameter value. parameter?
The SPF-max-wait value also defines the

amount of time during which the network
must be stable for the wait interval to be set
back to SPF-start and the SPF-hold back to
is preconfigured value.
The wait interval returns to the SPF-start
value, but the subsequent wait is still set to
twice the previous SPF-hold value. With SPF throttling, if the network has
been stable for the last SPF-hold period,
but not for the entire SPF-max-wait time
since the last SPF run, what happens?
The router schedules an SPF run for the
value of SPF-start seconds in the future.
For example, if the value is set to 10, an With SPF throttling, assuming the network
SPF run will occur 10 seconds after the has been stable for a prolonged period of
LSA is received. Any other updates LSAs time, what happens when an updated LSA
received within the 10 seconds are included arrives?
in the SPF run.
The router sets the next wait interval to the
initial SPF-hold value. If any updated
LSAs arrive during the next seconds until With SPF throttling, what happens when
the SPF-hold value, SPF will run at the the first SPF run occurs?
expiration of the SPF-hold value.
The network is considered stable if no
updated LSAs are received with SPF-max-
wait seconds after the last SPF run. With SPF throttling, when is the network
considered stable?
After each SPF run (except for the initial
run), the SPF-hold value is doubled, and
the next scheduled SPF run occurs when With SPF throttling, what happens if
that value expires. updated LSAs are received after a second
consecutive SPF run, but before the SPF-
For example, if the SPF-hold value is 20 max-wait timer expires?
seconds after the second consecutive SPF
run, it is doubled to 40 seconds. Any
received updated LSAs within the next 40
seconds are included in the next scheduled
SPF run.
After the SPF-hold time expires, if an

updated LSA arrives before the SPF-max-
wait time expires, the next SPF run will be With SPF throttling, after an SPF run, what
in the number of seconds defined by the happens if an updated LSA arrives after the
SPF-start value, but the SPF-hold time SPF-hold time expires, but before the SPF-
remains at its current value until SPF-max- max-wait time expires?
wait seconds have passed without an LSA
update.
The SPF-hold timer is reset to its
configured value if SPF-max-wait seconds
have passed with no updates. With SPF throttling, what happens to the
SPF-hold timer if SPF-max-wait seconds
have elapsed with no updated LSAs?
OSPF process:
timers throttle spf spf-start spf-hold spf-
max-wait How do you configure the OSPF SPF
throttling timers?
show ip ospf
debug ip ospf spf statistic
How do you verify the current OSPF SPF
throttling timer values?
LSA throttling works exactly like SPF
throttling. Whereas SPF throttling controls
how often SPF runs are performed, LSA What is OSPF LSA Throttling?
throttling controls how frequently updated
LSAs are allowed to be re-originated.
OSPF process:
timers throttle lsa all start-interval hold-
interval max-interval How do you configure OSPF LSA
throttling?
debug ip ospf database-timer rate-limit
How can you verify the current OSPF LSA

throttling wait intervals?
OSPF process:
timers lsa arrival milliseconds
How do you throttle received OSPF LSAs?
The default is 1 second (1000ms). If two
more more identical LSAs arrive within 1
second, only the first one is accepted, and
the remaining are dropped.
The minimum LSA arrival interval should

be less than the neighbors' intial hold
interval in LSA throttling, otherwise a
neighbor would be allowed to send updated
LSAs faster than the router would be
willing to accept them.
The neighbor would be allowed to send an
updated LSA sooner than the router would
be willing to accept it. With OSPF LSA throttling, why should the
minimum LSA arrival interval be less than
the neighbors' initial LSA throttling hold

value?
Incremental SPF causes the router to
maintain more information in the SPT
about transit nodes' parent and neighbor What is OSPF Incremental SPF?
nodes, which allows SPF to recalculate
only those portions of the SPT that are
affected by a topology change.
For example, if a topology change occurs

several hops away within the same area,
but the router must still use the same
path(s) to reach the changed topology, iSPF
only needs to recalculate the affected
changes instead of the entire SPT.
OSPF process:
ispf
How do you configure OSPF Incremental
SPF?
False. It can be enabled/disabled
individually. ISPF is essentially a local
optimization. True or False: OSPF Incremental SPF must
be configured on all OSPF routers within
an area.
-Point-to-point link to another router (other
router's RID)
-Link to a transit network (IP of DR) What are the four possible link types that
-Stub network can be described by an OSPF Type 1 LSA?
-Virtual link
Transit link prefixes are suppressed by
omitting stub network entries that contain
prefixes on point-to-point interfaces to How does OSPFv2 prefix suppression
other routers. work with Type 1 LSAs?
The netmask in the LSA is set to
255.255.255.255 to signal to compatible
routers that the LSA contains no prefix How does OSPFv2 signal prefix
information. Incompatible routers simply suppression with Type 2 LSAs?
install a /32 host route.
OSPF process:
prefix-suppression
How do you configure OSPFv3 prefix
Optionally per-interface: suppression?
ip ospf prefix-suppression
Disable per-interface when enabled

globally:
ip ospf prefix-suppression disable
All prefixes on all OSPF-enabled interfaces
are suppressed except for loopbacks,
secondary IPs, and prefixes on passive When an OSPFv2 router has prefix
interfaces, since all of those are considered suppression enabled, what exactly is
nontransit prefixes. suppressed?
To prevent the router from becoming a

transit router.
What is the purpose of the OSPF stub
router feature?
When configured, the OSPF stub router
advertises its own Type 1 LSAs with an
infinite metric (16M) for all transit-type How does the OSPF stub router feature
adjacencies, while stub network work?
adjacencies continue to be advertised with
their normal metrics.
An ASBR redistributing BGP routes into
the OSPF domain is a good candidate for
the OSPF stub router feature because BGP What is a common use case for the OSPF
usually converges slower than OSPF. For stub router feature?
example, if OSPF is advertising a default
route, but depends on BGP for actual
reachability, OSPF will still advertise the
default route before BGP has converged,
causing traffic blackholing. The OSPF stub
router feature uses timers to prevent this
situation.
Two variations under the OSPF process:
max-metric router-lsa on-startup seconds
max-metric router-lsa on-startup wait- How do you configure the OSPF stub
for-bgp router feature?
The first variation activates the stub router

feature for the specified number of seconds
after the OSPF process starts. The second
variation waits for BGP to converge, up to
a maximum of 10 minutes.
The router can restart the OSPF process
while packets continue to be forwarded.
What is OSPF graceful restart?
Graceful Restart is the standardized version
of Cisco's Non Stop Forwarding (NSF).
OSPF process:
nsf
How do you enable OSPF Graceful Restart
or Cisco Non Stop Forwarding (NSF)?
NSF-capable devices have forwarding
hardware independent from the main CPU.
What is the difference between Cisco NSF-
NSF-aware devices can act as helpers to capable and NSF-aware devices?
NSF-capable devices to allow them to
perform a graceful restart of a supported
routing protocol process while maintaining
the adjacency.
The NSF-aware device maintains the
neighbor adjacency and continues to use
the neighbor for forwarding traffic, despite What is the role of an NSF-aware device
the lack of Hellos, during the neighbor's during a neighbor's routing protocol
restart of the routing protocol process. graceful restart?
The router whose OSPF process is

restarting notifies its neighbors with a Type
9 "grace" LSA (opaque, link-local scope) How does an OSPF router signal that it is
containing the estimated duration of the about to perform a graceful restart?
restart (the grace period), the reason of the
restart, and the IP of the restarting router if
on a multiaccess network.
False: It is enabled by default for platforms
that support the feature. It can be disabled
under the routing protocol process with: True or False: Graceful Restart / NSF
nsf helper disable helper mode must be explicitly enabled.
All neighboring fully-adjacent routers must
operate in helper mode.
What is a neighbor requirement for
successful routing protocol graceful
restart?
OSPF process:
shutdown
How do you enable OSPF graceful
Alternatively, you can issue the command shutdown?
per-interface:
ip ospf shutdown
Directly on the interface:
ipv6 ospf pid area area
How do you enable regular OSPFv3?
This automatically instantiates the ipv6
router ospf pid process globally.
All IPv6 networks on an interface are
advertised by default.
With OSPFv3, what is the default with
regard to advertising IPv6 addresses on an
interface?
False: OSPFv3 can set its 32-bit RID
automatically based on the same rules as
OSPFv2, however the RID must be set True or False: The OSPFv3 RID must
manually if no IPv4 addresses are always be set manually.
available.
-Link-local, used for Link LSAs
-Area, used for Router, Network, Inter-
Area Prefix, Inter-Area Router, Intra-Area What are the three OSPFv3 LSA flooding
Prefix LSAs scopes?
-AS, used for AS External LSAs
Interface:
ipv6 ospf pid area area instance instance
How do you configure multiple OSPFv3
instances?
network
An OSPFv3 link is equivalent to an

OSPFv2 ___?
The link-local address of the interface.
Virtual links use globally-scoped IPv6 With the exception of virtual links, which
addresses. address does OSPFv3 use to source
OSPFv3 packets from?
Prefix, Length
OSPFv2 expresses networks in LSAs as the

network address and mask. How does
OSPFv3 express networks in LSAs?
OSPFv3 separates the topology from the
NLRI. With OSPFv2, Type 1 & 2 LSAs
contain addressing information as well as How does OSPFv3 handle Type 1 and Type
RIDs. OSPFv3 moves the addressing 2 LSAs differently than OSPFv2?
information to Type 8 & 9 LSAs. By doing
this, if the NLRI changes, but the topology
remains the same, SPF does not need to be
recalculated.
IPv6 prefixes on individual interfaces of a
router are carried in Type 9 LSAs with area
flooding scope. With OSPFv3, what are Type 9 LSAs used
for?
IPv6 prefixes associated with a transit
network are pointed to a Type 2 Network
LSA.
IPv6 prefixes associated with a router are

pointed to a Type 1 Router LSA.
Type 9 LSAs allow for separation of NLRI

from topology.
IPv6 unicast routing uses link-local
addresses for the next-hop. Each router
advertises its link-local address in a Type 8 What are OSPFv3 Type 8 LSAs used for?
LSA, which has link-local flooding scope
and is never flooded beyond the receiving
neighbor on the link.
You must use link-local addresses. All
other addresses are rejected.
What is the requirement when manually
configuring OSPFv3 neighbors?
Nonbroadcast networks need manual
neighbor configuration.
What is true of configuring both OSPFv2
"Nonbroadcast Needs Neighbors" and OSPFv3 on NBMA networks?
It makes the network appear as a /64
instead of a /128 in the routing table.
What does the command ipv6 ospf
network point-to-point do when
configured on a loopback interface?
Interface:
ipv6 ospf authentication parameters
How do you configure OSPFv3
The parameters must match on both ends authentication on a link?
of the link.
Interface:
ipv6 ospf encryption parameters
How do you configure OSPFv3 encryption
The parameters must match on both ends on a link?
of the link.
OSPFv3 process:
area area {authentication | encryption}
parameters How do you configure OSPFv3
authentication or encryption for an area?
The parameters must match on all routers
in the area. Interface-level commands
override area-level commands.
Interface:
ospfv3 authentication key-chain keychain
How do you configure OSPFv3
Authentication Trailer?
Global:
router ospfv3 pid
How is multi-AF OSPFv3 configured in
Interface: IOS?
ospfv3 pid afi area area
0: IPv6 Unicast
32: IPv6 Multicast
64: IPv4 Unicast What are the OSPFv3 base instance ID
96: IPv4 Multicast values?
128-191 = Unassigned
192-255 = Private
The instance ID allows multiple OSPFv3
processes to communicate over the same
link while remaining separate. What is the purpose of the OSPFv3
instance ID?
The types of addresses advertised in Type 8
& 9 LSAs.
What do OSPFv3 instance ID values
indicate?
The base instance ID for the address family
type:
When configuring OSPFv3 multiple
0 IPv6 Unicast address family support, what instance ID is
32 IPv6 Multicast automatically chosen, if not specified
64 IPv4 Unicast manually?
96 IPv4 Multicast
The instances are each run completely
independent of each other, even under the
same OSPFv3 process. In addition to When running multiple OSPFv3 instances
addresses being separated, the topology is under a single OSPFv3 process, what is
calculated seperately per-instance as well. shared among the instances?
The AF-bit in the Options bitfield inside
OSPFv3 Hello, DBD, and LSA packets is
set when the sending router supports the When is the OSPFv3 AF-bit set?
AF extension and the particular instance is

not an IPv6 unicast instance.
An OSPFv3 router supporting address

families keeps the bit cleared for IDs 0 -
31, and sets it for all other instance IDs.
It indicates the router does not support
multiple address families, and both routers
must use instance IDs within 0 - 31 to form What happens if an OSPFv3 router
an IPv6 unicast adjacency. receives a packet with the AF-bit cleared in
instances other than 0 - 31?
True. All OSPFv3 packets are encapsulated
into IPv6 using link-local addresses
between routers, even if carrying only IPv4 True or False: OSPFv3 using non-IPv6
reachability information (for example). address families still requires full IPv6
addressing and support between neighbors.
True. This is because all OSPFv3 packets
are encapsulated in IPv6 packets using
link-local addressing, regardless of the True or False: OSPFv3 supports virtual
address family contained in the NLRI. links only for the IPv6 unicast address
family.
Prefix suppression in OSPFv3 works by
omitting suppressed transit link prefixes
from the Type 8 & 9 LSAs, whereas with How does OSPFv3 prefix suppression
OSPFv2 this information is carried in Type compare to OSPFv2?
1 & 2 LSAs.
OSPFv2 and OSPFv3 prefix suppression

both apply to all interfaces except
loopbacks, passive interfaces, and
secondary IPv4 addresses.
The shutdown occurs over the Dead
interval.
How does graceful shutdown work with
-Hello packets are sent with priority 0 OSPFv3?
-Hello packets are no longer accepted
-All originated LSAs except Type 1 are
flushed
-Type 1 LSAs are flooded with max cost
65K
-After Dead interval, flush all Type 1 LSAs
-Stop sending and processing OSPFv3
packets
The interval between successive LSUs
when flooding LSAs. Configured per-
interface, default 33ms What is the OSPF flood pacing timer?
The interval between retransmitted packets
as part of a single retransmission event.
Configured per-interface, default 66ms What is the OSPF retransmission pacing
timer?
1 - 65535
What is the range of values for OSPF

single interface cost?
1 - 16M
What is the range of values for OSPF

complete route cost?
16M
What cost value is considered infinite for

an OSPF route?
1 - 4B in units of Mbps (default 100)
What is the range of values for the OSPF

reference bandwidth?
Circuit
What is the ISO OSI term for an interface?

NSAP, Network Service Access Point,
which represents an address of a particular
network service on a particular network What type of addressing is used in OSI
node. networks?
interface
node
TCP/IP uses per-___ addressing, whereas
NSAP addressing is per-___.
IDP Initial Domain Part
DSP Domain Specific Part
What are the two main parts of an NSAP
address?
AFI (Authority and Format Identifier)
IDI (Initial Domain Identifier)
What two fields are in the Initial Domain
Together, they indicate the routing domain Part (IDP) of an NSAP address?
(autonomous system) in which the node is
located.
-HO-DSP (High-Order DSP), indicates
area of domain where the node is located
-System ID, unique identifier of the node What three fields are in the Domain
itself Specific Part (DSP) of an NSAP address?
-SEL/NSEL/NSAP Selector, identifies
service in or above the network layer
8 - 20 octets
What is the size range of NSAP

addressing?
NET Network Entity Title
When the SEL is 0, no particular service is What is the name of an NSAP address
being addressed, and the entire NSAP where the SEL octet is 0?
address identifies the destination node itself
without referring to any particular service.
A dot after the first octet (2 hex digits), and

dots between two-octet groups:
How are NSAP addresses usually
49.0001.0000.1111.2222.00 formatted?
Dots are arbitrary, carry no significance,

and are not required.
49.xxxx.yyyy.yyyy.yyyy.00
x = area ID What is the typical format for NSAP

y = system ID addresses used with IS-IS?
Each IS assembles a list of all attached ES
nodes and advertises the list to its
neighbors. When a packet is routed, it is With IS-IS, there is no concept of a subnet.
encapsulated into a frame addressed to the How is routing between two networks
next directly attached hop identified by its accomplished?
Layer 2 address.
SNPA Sub Network Point of Attachment
What are Layer 2 addresses referred to in

OSI networks?
Each IS enumerates its interfaces with a
locally-significant 1-octet number called
the Local Circuit ID, which increments by How does IS-IS distinguish between
1 with every interface added to the IS-IS interfaces on the same node in Cisco IOS?
instance, beginning with 0 on Cisco
routers.
-Level 0: between two ES nodes on the
same link, or between an ES node and its
nearest IS What are the four levels of routing in OSI
-Level 1: between ES nodes in a single area networks?
of a domain
-Level 2: between ES nodes in different
areas of a domain
-Level 3: between ES nodes in different
domains
ES nodes send ESH ES Hello messages
IS nodes send ISH IS Hello messages
How is OSI Level 0 routing established and
Level 0 routing is also known as ES-IS maintained?
routing. This is similar in concept to IPv6
RA and NA messages.
At Level 2, IS nodes do not advertise the
list of connected ES nodes. Instead, they
exchange area prefixes. How does OSI Level 2 routing work?
When a Level 1 IS determines that the

destination ES is in a different area, the
packet is forwarded toward the nearest IS
capable of Level 2 routing, regardless of
the destination area.
The packet is then forwarded by Level 2-

capable IS nodes until it reaches the
destination area, where it is again

forwarded by Level 1 IS nodes.
System ID
Area prefix
OSI Level 1 routes by ___, whereas Level
2 routes by ___.
IDRP Inter Domain Routing Protocol
OSI Level 3 routing was originally

accomplished with ___, but is being
replaced by MP-BGP.
Default
Delay
Expense What are the four metric types defined in
Error the original IS-IS specification?
Each metric is intended to be evaluated

individually, creating four independent
SPTs
Most IS-IS implementations only support

the Default metric.
10, regardless of bandwidth
What is the default metric assigned to all

IS-IS interfaces in Cisco IOS?
Interface:
isis metric metric [level]
How do you change the IS-IS metric on an
interface?
Attached network: 1 - 63 (6-bit)
Complete path: 1 - 1023 (10-bit)
What is the range of metric values for IS-IS
narrow metrics?
Interface: 1 - 16M (24-bit)
Path: 1 - 4B (32-bit)
What is the range of values of IS-IS wide
metrics?
True
True or False: All IS-IS routers in an area

must use the same type of metrics (narrow
or wide).
-Two Level 1 routers form a Level 1
adjacency if the area matches
-Two Level 2 routers form a Level 2 What types of adjacencies are established
adjacency between Level 1 and Level 2 routers in IS-
-Two Level 1 + Level 2 routers for a IS?
separate adjacency for Level 1 and Level 2
-A Level 1 and a Level 2 router do not
form adjacencies
-A Level 1 + Level 2 router forms a single
adjacency with a Level 2 router, or a Level
1 router in the same area

One
How many areas can an IS-IS Level 1

router belong to?
One for each participating Level (so a
Level 1 + Level 2 router maintains two
LSDBs). How many LSDBs are maintained for IS-
IS routers?
Link State Updates containing LSAs
IS-IS Link State PDUs (LSPs) are

equivalent to what in OSPF?
Hello
LSP Link State PDU
CSNP Complete Sequence Numbers PDU What are the four basic IS-IS packet types?
PSNP Partial Sequence Numbers PDU
Broadcast interfaces use separate Hello
packet types for L1 and L2 adjacencies
With IS-IS, what is the difference between
P2P interfaces use a single L1L2 Hello, aka Hello packets on broadcast interfaces
a P2P Hello versus point-to-point?
10 seconds
What is the default IS-IS Hello interval?

The Hold time is specified as the Hello
Multiplier, whose default is 3 (30 seconds)
How is the IS-IS hold time specified?
False
True or False: IS-IS timers must match

between nodes for adjacency.
Timers are always 1/3 of their configured
values (Hello 3.3s and Hold 10s by
default), so that detecting a DIS or a DIS How are timers calculated on an IS-IS
outage occurs more quickly. DIS?
IS-IS uses LSPs (Link State PDUs)
containing TLVs
OSPF uses LSAs inside the LSDB to
convey link-state information. How is this
done with IS-IS?
LSPID = System ID + Pseudonode ID +
LSP Number
How are IS-IS LSPs uniquely identified?
System ID is taken from the router's NET
Pseudonode ID is 0 when the LSP
describes the router itself
LSP Number is the fragment number
32-bit unsigned integer starting at
0x00000001 - 0xFFFFFFFF and
incremented each time the LSP is modified
How do IS-IS LSP sequence numbers

work?
Unlike OSPF, the number does not wrap
around and the LSP must be expired and
re-originated, though this is uncommon due What happens when an IS-IS LSP reaches
to the size of the LSP sequence number its maximum sequence value?
space.
20 minutes, with IS-IS routers refreshing
self-originated LSPs every 15 minutes
What is the default IS-IS LSP remaining
lifetime value?
When an LSP's remaining lifetime reaches
0 (whether by actually timing out or set
purposely), the router deletes the LSP's What is the process of the IS-IS LSP
body from the LSDB, but keeps its header Purge?
and advertises the empty LSP with the
remaining lifetime set to 0.
The expired LSP is finally purged from the

LSDB after the ZeroAgeLifetime which is
60 seconds by default, though Cisco routers
hold the empty LSP for an additional 20
minutes.
LSPs are fragmented based on the
originating router's MTU, and only the
originating router is allowed to fragment or Why must the MTU match between all
otherwise modify LSPs. routers in an IS-IS flooding scope (Level 1
area, or all Level 2 routers)?
The MTU must be set to be equal to or
smaller than the lowest MTU link within
the flooding scope. The originating router
can adjust the MTU under the IS-IS
process with lsp-mtu mtu whose default
value is 1497.
True. You can view adjacent neighbors
hostnames with show isis hostname which
also displays the neighbors' System ID. True or False: IS-IS node hostnames are
carred within LSPs.
show isis database
How do you view the contents of the IS-IS

LSDB?
show isis database detail
How do you view the contents of an IS-IS

LSP?
Each IS-IS router generates a single
(possibly fragmented) LSP describing itself
and all relevant topological information. With IS-IS, how many LSPs are generated
by each router?
The DIS on multiaccess networks also
generates a Pseudonode LSP for each
network for which it is the DIS, which
contains topological information about the

network itself, and the list of connected
routers.
The originating router must regenerate and
reflood the entire LSP.
With IS-IS, what happens if a single TLV
needs to be modified within an LSP?
IS-IS CSNPs are equivalent to OSPF
DBDs
IS-IS PSNPs are equivalent to OSPF LSRs IS-IS CSNPs and PSNPs are equivalent to
and LSAcks what in OSPF?
A complete list of LSPs in the sender's
LSDB.
What is contained in an IS-IS CSNP?
True
True or False: A single IS-IS PSNP can

request or acknowlege multiple LSPs.
Broadcast / multiaccess
Point-to-Point
What network types are recognized by IS-
Partial-mesh (such as hub-and-spoke) is not IS?
directly supported and should be run as a
collection of point-to-point links.
-Down - no IIHs have been received from
the neighbor
-Initializing - IIHs have been received, but What are the IS-IS adjacency states?
it is not yet certain of the neighbor is
receiving IIHs from this router
-Up - both routers have received each
other's IIHs and bidirectional
communications are established
Verifiying adjacencies, as well as

synchronization and flooding is different
depending on if the network is P2P or
broadcast.
The original IS-IS specification said that an
adjacency on P2P links could be formed as
soon as a P2P IIH was received from the How did IS-IS originally establish
neighbor. The issue with this is that neighbors on P2P links, what was the issue
bidirectional communications are not with this, and how was it resolved?
confirmed. This was resolved with a newer
three-way handshake process which
included router and interface IDs.
The Local Circuit ID is a 1-octet field.
Newer implementations of IS-IS are
capable of the point-to-point three-way How can an IS-IS router support more than
handshake, which introduces the 4-octet 256 point-to-point interfaces?
Extended Local Circuit ID field.
-Adjacency Three-Way State - the state as
seen by the sending router
The IS-IS P2P three-way handshake is
-Extended Local Circuit ID - ID of sending based on each router on a P2P link

router's interface advertising an adjacency state TLV in its
-Neighbor System ID - value of neighbor packets. What fields are in the adjacency
whose IIHs have been received state?
-Neighbor Extended Local Circuit ID -
value from received IIHs
Interface:
isis three-way-handshake ietf
How do you enable the IS-IS point-to-point
three-way handshake?
Interface:
isis csnp-interval interval [level]
How do you configure IS-IS CSNPs to be
Cisco routers do not send CSNPs on P2P sent periodically on P2P interfaces?
links after the initial adjacency buildup by
default, but some IS-IS implementations
do.
LLC format frames with DSAP and SSAP
both set to 0xFE
What is the Ethernet frame format for IS-IS
packets?
0180.c200.0014 Level 1
0180.c200.0015 Level 2
Which MAC address are IS-IS frames sent
to on Ethernet networks?
Highest interface priority
Highest SNPA (MAC address)
Highest System ID (in case SNPAs are not How is a DIS elected in IS-IS?
comparable, such as with FR and ATM)
Interface:
isis priority priority [level]
For IS-IS DIS elections, how do you
configure the interface priority value?
True. DIS elections are performed with
each received IIH.
True or False: IS-IS DIS elections are
always preemptive.
False. Unlike OSPF, IS-IS priority 0 is
simply the lowest priority, but does not
exempt a router from participating in the True or False: An IS-IS router with an
DIS election. interface priority of 0 is ineligible for DIS
election on a broadcast link.
The routers all become fully adjacent with
each other, regardless of the DIS.
How are adjacencies handled in IS-IS on a
broadcast link?
-Helping routers on the broadcast segment
to synchronize by sending CSNPs
periodically What two operations are the responsibility
-Representing the broadcast segment in the of the IS-IS DIS?
LSDB as a standalone object (Pseudonode)
The DIS sends a CSNP reflecting the

contents of its LSDB every 10 seconds by
default. When the other routers receive the How does synchronization of IS-IS routers
CSNP, they compare it against their own on a broadcast segment work?
LSDB, and either create a PSNP request, or
flood missing LSPs onto the segment.
The DIS acts as a reference point of
comparison. If the DIS is missing an LSP,
the originating router floods it to the DIS. How does IS-IS DIS implicit
The DIS should then advertise it with its acknowledgement work?
next regular CSNP advertisement (10s
default). If the CSNP does not contain the
LSP, the originating router floods it again.
System ID = the System ID of the DIS
Pseudonode ID = Local Circuit ID of the
DIS's interface in the network With IS-IS pseudonode LSPs, what is the
System ID and Pseudonode ID set to?
show isis neighbors
How can you verify IS-IS adjacencies?

show clns interface interface
How can you view interface-level details

for IS-IS?
The router acting as the DIS uses
Hello/Hold times of 1/3 of the configured
values. Since all routers are adjacent with Why does IS-IS not require a backup DIS?
each other, if the DIS fails, another router
can become the DIS by simply replacing
the old Pseudonode LSP with one that it
generates, and flooding the LSP to the
neighbors.
True. Up to three NSAP addresses can be
assigned to a single IS-IS instance, with the
requirement of the System ID being True or False: IS-IS routers belong to a
identical, but with a different area ID. IS-IS single area only, but can have multiple
routers are intended to have a single NSAP NSAP addresses assigned.
address, so adding multiple causes the
areas to merge.
Assigning multiple NSAP addresses to a

router is a temporary situation used to
facilitate splitting or merging areas.
Each Level 2 router advertises its directly
connected IP networks as well as all other
Level 1 routes from its own area (with How does IS-IS advertise IP networks
appropriate metrics). between areas?
IP routing information flows from L1 into

L2, but not from L2 into L1 unless
specfically configured, and L2 routers
establish adjacencies regardless of their
areas.
NSSA-TS. Level 1 routers can perform

redistribution from external sources, but
can see routes within their own area and IS-IS Level 1 routers operate similar to
nothing more. routers in what type of OSPF area?
Both Level 1 and Level 2 are enabled by

default.
What is the default IS-IS level on Cisco
routers?
When an L1L2 router determines (though
L2 SPF) that it can reach areas other than
its own, it sets the ATT (attachment) flag What is the IS-IS ATT flag?
on its L1 LSP.
L1 routers in the area can use any router

with the ATT flag set to reach other areas,
and automatically install a default route
pointing toward the nearest L2 router
advertising the ATT flag.
Partition repair. The functionality is similar
to OSPF virtual links. The value is always
set to 0 because Cisco and most other IS-IS What is the IS-IS P-bit?
implementations, do not use this feature.
When the O-bit is set in the LSP, it signals
to other routers in the area to not use it for
transit when calculating SPF. Directly- What is the IS-IS Overload bit?
attached networks can still be reached
through the router, though.
Setting the O-bit allows a router to join the

IS-IS area without altering existing paths in
the network. This is useful for waiting for
BGP to converge, and then clearing
afterward.
Level 2, but can be configured for either or
both.
By default, which Level is an external
route redistributed into on an IS-IS L1L2
router?
L1L2 routers
Where is address summarization

configured in IS-IS?
IIH packets are used for individual
adjacencies.
With IS-IS, why are IIH packets
LSPs cannot be modified except by their authenticated seperately from LSPs?
originating router, therefore all L1 LSPs
must use the same area password, and all
L2 LSPs must use the same domain
password.
Interface:
isis authentication mode {text | md5}
[level]
isis authentication key-chain keychain How do you configure IIH authentication

[level] in IS-IS?
IS-IS process:
isis authentication mode {text | md5}
level How do you configure LSP/CSNP/PSNP
isis authentication key- authentication in IS-IS?
chain keychain level
metric-style wide
log-adjacency-changes all
What two commands are recommended for
new IS-IS deployments?
Interface:
ip router isis
How do you enable an interface for IS-IS?
router isis
net 49.xxxx.yyyy.yyyy.yyyy.00
How do you configure the NET on an IS-IS
Where xxxx is the area, and router?
yyyy.yyyy.yyyy is the System ID.
IS-IS process:
is-type level
How do you change the IS-IS router level?
Interface:
isis circuit-type
How do you control which types of
adjacencies are allowed over an interface in
IS-IS?
IS-IS process:
passive-interface interface
How do you configure passive interfaces in
IS-IS?
IS-IS process:
summary-address network mask
How do you configure summarization in
IS-IS?
All local interfaces' networks are
advertised into IS-IS
What is the effect of the IS-IS command
passive-interface default on a router?
Interface:
ipv6 router isis
How do you configure IS-IS for IPv6?
router isis
address-family ipv6
commands How do you make IPv6-specific
configurations in IS-IS?
Example, IPv6 summarization is
configured with summary-prefix under
the address-family.
show clns
How can you display basic information

about IS-IS on a router?
IS-IS process:
protocol shutdown
How do you disable IS-IS without
removing its configuration?
Interface:
isis network point-to-point
How do you configure IS-IS to treat a
broadcast link as point-to-point?
If the bridge is looped back to itself.
What condition would cause the STP root

bridge to have ports in the blocking state?
debug spanning-tree events
How can you verify Spanning-Tree related

events in real time?
The other end of the link is a designated
port, because STP Designated ports source
BPDUs, while Root and blocking ports With classic STP, if issuing the command
receive BPDUs. show spanning-tree vlan vlan interface
interface detail reveals few BPDUs sent,
and many BPDUs received, what does this
indicate?
The maximum number of switches that
could possibly be in the path between two
end hosts. What is the Spanning-Tree diameter?
False. The timers set on the root bridge are
used throughout the classic STP domain,
and changing the timers does not create a True or False: Changing the STP timers
topology change event. constitutes a topology change event.
The port priority is sent with BPDUs
downstream, which means to change the
root port of a switch, the port-priority Using the spanning-tree port-priority
needs to be modified on the upstream parameter, how can you change the root
switch. port on a switch?
Port IDs (port priority + port number) are
evaluated on received BPDUs, not the
locally-configured value, though the local How are the STP port IDs and port costs
value is considered when sending BPDUs evaluated differently?
further downstream.
Port costs are evaluated based on adding

the cost in the BPDU to the locally-
configured value.
The local port ID (with the port-priority
parameter)
With STP, what value do you configure to
influence the downstream neighbor's
choice of root port?
The local STP interface cost
With STP, what do you configure to change

the local root port?
EXEC: tclsh
foreach var {
ip1 How do you use TCL to perform a
ip2} { command $var parameters } command on multiple IP addresses (such as
ping)?
Example:
foreach var {
10.1.1.10
10.1.1.20} { ping $var repeat 2 }
0 - 65535
What is the range of configurable values

for the MST configuration revision
number?
At the boundary of the MST region, the
RPC and MA values are incremented as
though the BPDU had traversed only a How are the Root Path Cost and Message
single switch. Age values of a BPDU treated when
traversing an MST region?
Interface:
spanning-tree mst instance port-priority
priority How can you change the priority of an
interface with MST?
One
When BPDU Guard is enabled, how many

BPDUs must be received before the port is
placed into err-disable state?
bridge num protocol ieee
interface interface How do you configure a router to act as a

bridge-group num bridge and send BPDUs?
This may be useful in lab environments to

test features like BPDU Guard.
BPDU Guard has no effect because BPDU
Filter takes precedence.
What happens if you enable BPDU Guard
and BPDU Filter on the same interface?
show spanning-tree blockedports
How do you verify which ports have been

blocked by Spanning-Tree?
It is recommended to enable Root Guard on
all access ports so that a root bridge cannot
be elected out of those ports. What is a recommended best practice with
enabling Root Guard?
Having a Type field allows multiple higher-

layer protocols to be used simultaneously
over the link. Previous standards required What is the significance of the PPP Type
either proprietary extensions (like Cisco's field as compared to older serial data link
version of HDLC or Frame Relay), or standards?
required static configurations between
sender and receiver to know what was
expected to be sent over the link.
Link Establishment
Authentication
Network Layer Protocol What are the three phases of initiating a
PPP session between two devices?
Two devices verify whether they speak
PPP and negotiate basic link operation
parameters using LCP. At a high level, what occurs during the PPP
Link Establishment Phase?
-Verify devices speak PPP
-Verify link is not looped
-Negotiate basic parameters What five main functions are provided by
-Verify session liveliness PPP LCP?
-Tear down session if either device requests
it
Configure-Request
Configure-Ack
Configure-Nak What are the four Configure messages used
Configure-Reject by PPP LCP?
During link-establishment, LCP sends a
CONFREQ message containing a random
"magic" number. If the sender receives a What is the PPP "magic number" used for?
CONFREQ with the same number once, it
is possible that both sender and receiver
chose the same number, and a different
number is chosen. If the received
CONFREQ message has the same magic
number again, the link is most likely
looped.
MTU
Authentication type
Link Quality Monitoring What are four of the capabilities exchanged
Selected frame header compression (IP, during PPP link establishment?
RTP, etc)
With a CONFACK Configure-Ack
message
During PPP link establishment, when a
device receives a CONFREQ message and
agrees with all of the parameters, how does
it respond?
A CONFACK is an exact duplicate of an
accepted CONFREQ message. A
CONFACK means both PPP devices agree What is contained in a PPP CONFACK
on the link establishment parameters. message?
A CONFNAK message is the response to a

CONFREQ message where some of the
parameters are not acceptable, but can be What is the purpose of the PPP
negotiated. CONFNAK message?
CONFNAK message contain a list of all
unacceptable options from the received
CONFREQ message, with values set to the What is contained in the PPP CONFNAK
device's own acceptable values for the message?
options.
CONFNAK is used when certain
parameters are unacceptable, but
negotiable. What's the difference between a PPP
CONFNAK and CONFREJ message?
CONFREJ is used when certain paramaters
are unacceptable and nonnegotiable.
False: CONFREJ lists the parameters and
values that are unacceptable and
nonnegotiable by the neighbor. The True or False: A PPP device receiving a
sending PPP device has the option of CONFREJ message is unable to establish a
operating without the nonnegotiable PPP session with its neighbor.
features to allow the PPP session to come
up.
PPP authentication is a one-way procedure
where one device proves its identity to the
other device. Mutual authentication is two At a high level, how does authentication
independent one-way authentications. work with PPP?
Both devices must negotiate and agree on
Network Control Protocols for each upper-
layer data type to be transferred. For After a PPP link has been established and
example, if both devices support IPv4 (via authentication passed, what must occur
IPCP), but only one device supports IPv6 before any data can be transmitted?
(via IPv6CP), IPv6 data will not be
transmitted over the link.
Discovery
PPP Session
What are the two stages of PPPoE?
To allow the client to discover an access
concentrator and associate with it.
What is the PPPoE Discovery Stage used
for?
-PADI PPPoE Active Discovery Initiation
-PADO PPPoE Active Discover Offer
-PADR PPPoE Active Discovery Request What are the four steps of the PPPoE
-PADS PPPoE Active Discovery Session- Discovery Stage?
confirmation
Similar in concept to DHCP DORA

PPPoE client broadcasts a PADI frame to
solicit access concentrators in the same
broadcast domain. What is the PPPoE Active Discovery
Initiation (PADI) used for?
PPPoE access concentrator receiving a

PADI responds with a unicast PADO frame
containing the name of the access What is the PPPoE Active Discovery Offer
concentrator to the client. (PADO) used for?
PPPoE client chooses a particular access

concentrator and unicasts a PADR frame to
associate with it. What is the PPPoE Active Discovery
Request (PADR) used for?
A PPPoE access concentrator willing to
handle a particular client (by receipt of
PADR) responds with a unicst PADS frame What is the PPPoE Active Discovery
and assigns a unique Session ID to the Session-confirmation (PADS) used for?
particular client's session.
Clients send and receive PPP frames using
the same PPPoE Session ID assigned by
the access concentrator. During this stage, What occurs during the PPPoE Session
all PPP operations are the same as if PPP Stage?
was running over a serial link in HDLC
framing.
0x8863 (discovery)
0x8864 (session)
What are the EtherTypes of PPPoE control
(discovery) frames, and PPPoE data
(session) frames?
IPCP adds a /32 neighbor route to the IP
routing table.
What happens to the IP routing table when
a PPP link is established?
Interface:
no peer neighbor-route
How do you prevent a PPP-encapsulated
link from automatically adding a neighbor
route upon successful connection?
Interface:
ppp ipcp route default
How do you configure PPP to install a
default route to the neighbor?
Assigning device interface:
peer default ip address ip
How do you configure a PPP session so
Assigned device interface: that one device assigns a static IP address
ip address negotiated to the other side?
As a /32 host route
When configuring a PPP interface to

provide a static IP address to the peer
device, how is the IP address installed in
the peer device's IP routing table?
Interface:
ppp authentication pap
How do you configure a router using PPP
to request the peer device to authenticate

itself with PAP?
Interface:
ppp pap sent-username username
password password How do you configure a router running
PPP to provide authentication information
to a requesting device via PAP?
The global username user password
password for the authenticated peer device.
When configuring a router to ask the peer
device to provide authentication via PAP,
what additional information must be
configured?
show ppp interface interface
How can you view what PPP options have

been established for a particular interface?
Challenge
Response
Success/Failure What are the three packets exchanged
during CHAP authentication?
With one-way authentication, even though
only one device is asking the other device
to authenticate itself, each device sends its Why does PPP CHAP one-way
hostname (corresponding to the username) authentication require a username and
in the CHAP message, which the opposite password configured on both devices?
device uses for reference when calculating
the MD5 hash.
For both one-way and two-way
authentication, a username and password
must be configured on both devices. With With regard to configuration, what is the
one-way authentication, ppp difference between PPP CHAP one-way
authentication chap is configured on one and two-way authentication?
device, and with two-way authentication, it
is configured on both devices.
Interface:
ppp chap hostname username
How do you configure PPP to send a
CHAP username that is different from the
default hostname?
bba-group
For devices acting as PPPoE concentrators,

each PPPoE concentrator instance is
represented by what construct?
The bba-group contains the configuration
details of a particular PPPoE concentrator
instance, such as the concentrator name For PPPoE, what is contained in the bba-
presented to clients, maximum number of group?
attached clients, and a reference to the
Virtual-Template.
A Virtual Template interface is a

placeholder for the configuration of per-
client Virtual-Access interfaces that are What is a Virtual Template interface?
created when the client connects. The
configuration of the Virtual Template
interface is cloned to the Virtual-Access
interfaces as they are instantiated.
bba-group
With PPPoE, what are Virtual Template

interfaces applied to?
Ethernet interfaces (or subinterfaces)
With PPPoE, what are bba-groups applied

to?
PPP
What is the default encapsulation of

virtual-template interfaces?
It is recommended to create a loopback
interface, and then reference it from the
virtual-template interface with ip What is a recommended configuration for
unnumbered loopback virtual-template interfaces with regard to
sourcing an IP address?
This was due to a limitation in older
versions of IOS with using the same IP
address on more than a certain number of
interfaces.
Under the virtual-template interface
When configuring PPPoE on the server

side, where do you specify the MTU and
MSS settings?
Under the dialer interface
When configuring PPPoE on the client

side, where do you specify the MTU and
MSS settings?
HDLC
What is the default encapsulation of Dialer

interfaces?
show ip local pool
How do you view the status of locally-

configured IP address pools?
Phase 1 only allows hub-to-spoke traffic,
not spoke-to-spoke, and the spoke tunnel
interfaces are configured as regular point- What is the difference between DMVPN
to-point GRE. Phase 1 and Phase 2?
Phase 2 allows dynamic spoke-to-spoke

traffic with the spoke tunnel interfaces
configured as multipoint GRE, just as the
hub is.
-Spoke1 sends NHRP resolution request for
Spoke2 to the tunnel IP of the Hub
-Hub relays request to Spoke2 What is the process of a DMVPN Phase 2
-Spoke2 adds its own mapping to the spoke learning the NHRP mapping of
received request and sends NHRP reply another spoke?
directly to Spoke1
-Spoke2 sends NHRP resolution request for
Spoke1 to Hub
-Hub relays request to Spoke1
-Spoke1 adds its own mapping to the
received request and sends NHRP reply
directly to Spoke2
The first spoke sends a NHRP resolution
request to the hub for the second spoke.
The hub forwards the request to the second During the buildup of DMVPN Phase 2
spoke, which then replies directly to the spoke-to-spoke communications, how is
original spoke. The second spoke then bidirectional communication between the
sends its own NHRP resolution request to spokes established?
the hub for the first spoke. The hub
forwards the request to the first spoke,
which then replies directly to the second
spoke, completing verified bidirectional
communications.
By repeating the NHRP resolution process
on the second spoke, both spokes
acknowledge each other's requests were When establishing spoke-to-spoke
received, and spoke-to-spoke NBMA DMVPN Phase 2 tunnels, why does the
reachability is confirmed. second spoke perform its own NHRP
resolution request, even though it already
received information about the originating
spoke from the hub?
-Summarization is not allowed on the hub
-Default routing is not allowed on the hub
-Spokes must always maintain next-hop What are the three primary restrictions of
reachability DMVPN Phase 2?
The network ID is locally-significant and
distinguishes between different DMVPNs
on the same device. It makes operational What is the significance of the DMVPN
sense to configure the same ID across all NHRP network ID?
devices in the same DMVPN, but it is not
required.
Tunnel interface:
ip nhrp nhs hub-tunnel-ip
ip nhrp map hub-tunnel-ip hub-nbma-ip From a DMVPN spoke router, how do you
configure reachability to the hub?
NHRP Redirect
NHRP Shortcut
What two features enable DMVPN Phase
3?
-Summarization is allowed on the hub

-Default routing is allowed on the hub
-Next-hop values on the spokes are always What three major restrictions are removed
modified in DMVPN Phase 3, as opposed to Phase
2?
Hub tunnel interface:
ip nhrp redirect
What two configurations are added to
Spoke tunnel interface: enable DMVPN Phase 3?
ip nhrp shortcut
This command enables the hub router to
send out NHRP Traffic Indication
messages, which let the originating spoke With regard to DMVPN Phase 3, what does
know that there is a better way to reach it's the ip nhrp redirect command do?
destination.
This command enables a spoke router to
accept incoming NHRP Traffic Indication
messages, which causes the spoke to send With regard to DMVPN Phase 3, what does
an NHRP Resolution Request message for the ip nhrp shortcut command do?
the original packet's destination address,
then install the destination network (with
the destination spoke as the next hop) in
the local IP routing table after receiving the
NHRP Resolution Reply from the
destination spoke.
Phase 1 & 3
DMVPN Phase 1 does not establish spoke- For which DMVPN Phase(s) is
to-spoke tunnels, and summarization is not summarization on the hub allowed?
an issue. Summarization on the hub is not
allowed in DMVPN Phase 2 because the
next-hop address cannot be modified.
Phase 3 allows summarization on the hub
due to the behavior of the NHRP redirect /
shortcut.
DMVPN Phase 1 does not establish spoke-
to-spoke tunnels, and summarization is not
an issue. Why is summarization allowed on the hub
in DMVPN Phase 1?
Summarization on the hub is not allowed in
DMVPN Phase 2 because the next-hop
address cannot be modified. Why is summarization on the hub not
allowed in DMVPN Phase 2?
Phase 3 allows summarization on the hub
due to the behavior of the NHRP redirect /
shortcut. Why is summarization allowed on the hub
with DMVPN Phase 3?
-1st spoke sends packet destined for 2nd
spoke with hub as next-hop
-Hub forwards packet to 2nd spoke, and What is the process of building spoke-to-
sends NHRP Redirect to 1st spoke spoke communication with DMVPN Phase
-1st spoke receives NHRP Redirect and 3?
sends NHRP Resolution Request toward
the hub for the 2nd spoke, which the hub

then forwards to the 2nd spoke
-2nd spoke responds to inital packet with
reply packet destined for 1st spoke with
hub as next-hop, which the hub
then forwards to 1st spoke, and sends
NHRP Redirect to 2nd spoke
-2nd spoke receives NHRP Redirect and
sends NHRP Resolution Request to the hub
for the 1st spoke, which the hub then
forwards to the 1st spoke
-2nd spoke sends NHRP Resolution Reply
directly to 1st spoke
-1st spoke receives NHRP Resolution
Request and sends NHRP Resolution
Reply directly to 2nd spoke
Traffic Indication message
What is another term for the NHRP

Redirect message?
The entire destination prefix, not just the
destination (next-hop) IP address.
With DMVPN Phase 3, what is returned
with NHRP Resolution Reply messages?
ip prefix-list name permit 0.0.0.0/1 ge 8 le
8
How do you configure a prefix-list to
Class A addresses have the first bit set to 0, match all Class A addresses that are not
and are in the range of 1 - 126 inclusive. subnetted?
Class A addresses have a prefix length of 8,
therefore any prefix length of 9 or greater
means the Class A network has been
subnetted.
ip prefix-list name permit 128.0.0.0/2 ge
16 le 16
Class B addresses are in the range of 128 - match all Class B addresses that are not
191, inclusive, whose first two bits are 1 0. subnetted?
All non-subnetted Class B addresses have a
prefix length of 16.
ip prefix-list name permit 192.0.0.0/3 ge
24 le 24
The range of Class C addresses is 192 - match all Class C addresses that are not
223, inclusive. The first three bits of all subnetted?
Class C addresses is 1 1 0. Non-subnetted
Class C networks have a prefix length of
exactly 24.
Determine the common network bits, and
the minimum and maximum prefix lengths.
What is the process to create a single
For example, to create a single prefix-list prefix-list entry matching two or more
entry matching 10.1.204.0/28 and ranges of IP addresses?
10.1.203.0/26, you can see immediately
that the first 16 bits are common. 203 in

binary is 11001011 and 204 is 11001100,
so there are a total of 16 + 5 = 21 bits in
common. This translates to a base prefix of
10.1.200.0 with a minimum length of 21
and a maximum length of 28:
ip prefix-list name permit 10.1.200.0/21

ge 21 le 28
ip prefix-list name deny 0.0.0.0/0 ge 32
ip prefix-list name permit 0.0.0.0/0 le 32
How do you configure a prefix list to deny
only host routes?
Tunnel interface:
ip nhrp map multicast
no ip split-horizon eigrp asn What are the configuration requirements
for using EIGRP over DMVPN?
Phase 2 also requires:
The other neighbor must also be manually
configured. Additionally, for broadcast
interfaces, if one neighbor is manually What is a caveat of manually configuring a
configured, all neighbors must be manually neighbor in EIGRP?
configured.
Under topology base
Where is redistribution configured for

EIGRP named mode?
Interface:
How do you configure classic EIGRP
third-party next-hop?
AF-interface:
no next-hop-self
How do you configure named EIGRP
third-party next-hop?
You cannot configure summarization under
af-interface default, you must configure it
under the individual af-interfaces. How do you configure summarization for
multiple interfaces in EIGRP named mode?
AF global:
neighbor neighbor maximum-prefix
maxpfx percent How do you configure EIGRP named
mode to limit the number of prefixes
allowed to be learned from a particular
neighbor, and issue a syslog message when
a certain percentage threshold has been
crossed?
With the warning-only keyword, a syslog
message is generated whenever the limit
has been reached, and no new prefixes can When configuring a maximum number of
be received from the neighbor. Without the prefixes allowed to be received from a
keyword, the neighbor adjacency is torn particular EIGRP neighbor, what happens
down when the limit is crossed. if the warning-only keyword is not used?
View existing ACLs first:
show access-lists
What is a good practice before configuring
an ACL?
10,000,000 Kbps / lowest bandwidth along
the path in Kbps
+ Sum of all delays along the path in 10s of How do you manually calculate the default
microseconds EIGRP classic metric?
* 256
Example: Path contains a 1 Gbps link and a

100 Mbps link, with 10µs and 100µs delay,
respectively. 100 Mbps is the lowest value
along the path, so the formula is [
(10,000,000 / 100,000) + (1 + 10) ] * 256 =
111 * 256 = 28,416
Throughput + Latency
Throughput = 10,000,000 * 65,536 / How do you manually calculate the EIGRP

minimum bandwidth in Kbps wide default composite metric?
Latency = Total delay in picoseconds *
65,536 / 1,000,000
Example: 100 Mbps link as slowest, with

total delay of 101,250,000 picoseconds
Throughput: 10,000,000 * 65,536 /

100,000 Kbps = 6,553,600
Latency = 101,250,000 * 65,536 /
1,000,000 = 6,635,520
Metric = 13,189,120 = 6,553,600 +

6,635,520
Value placed in the RIB is 103,040 =

13,189,120 / 128
show ip eigrp topology zero-successors
How can you view received EIGRP routes

for which there are no Successors?
EIGRP wide metrics are 64-bit, and the
current IOS RIB is 32-bit. With slower
links, such as 10 Mbps Ethernet, the default Why would the EIGRP wide metric rib-
rib-scale value of 128 is too small, and scale need to be adjusted?
would cause the metric for those slower
links to be larger than what can fit in the
RIB (and therefore, the route would be
seen as having an infinite metric and
unusable). By increasing the metric rib-
scale value, slower links can be used.
In the future, the rib-scale value may need

to be adjusted downward to accomodate
faster-speed links.
No, the rib-scale value has local
significance only in the sense that the
calculation is performed locally, and the If you adjust the EIGRP wide metric rib-
resulting value is stored only in the local scale value on one router, do you have to
RIB and not advertised. change it on all routers?
However, you should make sure all routers

use the same value, unless you are
adjusting the value purposely to filter
routes. If the value is adjusted so that, for
example, a slower link can be used (and not
seen as having an infinite metric), then
every router in a path that must use that
link must also have its rib-scale value
adjusted as well.
Only the summary route is advertised
With EIGRP, what happens if you

configure a leak-map to reference a route-
map that does not exist?
The summary route and all specific routes
are advertised
With EIGRP, what happens if you
configure a leak-map to reference a route-
map that references an ACL that does not
exist?
Esc, q, ?
On Cisco IOS, how do you enter a ? as part

of a character string (such as a password)?
IT resources and services that are
abstracted from the underlying
infrastructure and provided on-demand How does Cisco define "cloud"?
and at-scale in a multitenant
environment.
On-demand resources
At-scale meaning illusion of infinite
resource availability What are the three components of Cisco's
Multitenant Environment definition of "cloud"?
Public
Private
Virtual Private What are the four general cloud
Inter-Cloud architectures?
Automation / Orchestration
Workload Mobility
Compartmentalization What are the three components of Cisco's
definition of private cloud?
A combination of public and private
clouds, sometimes referred to as a hybrid
cloud. What is Cisco's definition of a virtual
private cloud?
IT Foundation
SaaS Software as a Service
PaaS Platform as a Service What are the four critical service layers of
Iaas Infrastructure as a Service cloud computing as defined by Cisco?
Software as a Service
A hosted web-based word processor is an

example of what?
Platform as a Service
The interface (typically APIs) between a

hosted application and a
development/scripting environment that
supports it is known as what?
Infrastructure as as Service
What is the model of having compute,

network, and storage delivered over the
network on a pay-as-you-go basis?
The basis of the other types of delivered
services. A collection of core technologies
that evolve over time, such as When referring to XaaS, what is the IT
virtualization, and the evolution of physical Foundation?
networks from 3-tier to leaf/spine.
-The speed of access to a private cloud may
be slower than a private cloud
-The reliability of a public cloud may be What are some performance and reliability
higher than a private cloud tradeoffs to consider with cloud
environments?
The physical location of the data. For
example, sensitive data stored in
"unfriendly" locations, or areas prone to What is a potentially major security
natural disasters. consideration with data storage in a public
cloud?
Multitenancy. Customers are logically (and
sometimes physically) separated from each
other. How is privacy typically achieved with
cloud computing?
Private cloud involves the highest cost to
expand scalability. The other models
provide extreme scalability, with the inter- What is the difference in scalability among
cloud model providing the highest level of the four cloud models?
scalability.
With public cloud, it is up to the developer
to use the cloud-provided APIs. However,
custom in-house applications may be better What is a potential issue of cloud
suited to private cloud. interoperability with applications?
Private WAN
Internet Exchange Point (IXP)
Internet VPN What are the three main cloud network
access methods?
Automation refers to completing a single

task.
Orchestration is an ordered set of tasks What is the difference between automation
with conditions. and orchestration?
The capability of distributing various
resources (computer, storage, network, etc)
in an abstracted manner. For example, What is workload mobility?
geographically-based anycast solutions.
A protocol by which configurations are
installed and changed. YANG represents
the meaning of the data, and NETCONF What is NETCONF?
delivers the data itself in XML format.
A modeling language used to represent
device configurations and state, which
defines the structure of the data, but not the What is YANG?
data itself.
NETCONF is the transport vessel for
YANG information to be transferred from a
NMS to a network device, similar in How are NETCONF and YANG related?
concept to HTTP (NETCONF) being used
to transport HTML (YANG). Another
analogy is YANG is to NETCONF as
MIBs are to SNMP.
YANG
YAML
JSON What are four common data representation
XML formats for network programmability?
Nova
What is the codename for the OpenStack

compute component?
Nova manages pools of compute resources,
such as VMs, containers, and bare-metal
servers. What is the OpenStack codename Nova
component?
Neutron

networking component?
Neutron manages networks and IP
addresses, and provides network
abstraction. What is the OpenStack codename Neutron
component?
Cinder

block storage component?
Cinder is an API that manages creating,
attaching and detaching block storage
devices to servers. Many storage vendors What is the OpenStack codename Cinder
component?
include a Cinder plug-in that translates the

API to vendor-specific interfaces.
Keystone

identity component?
Keystone is the identity component that
provides a directory service with users
mapped to the services they can access. What is the OpenStack codename Keystone
component?
Glance

imaging component?
Glance provides discovery, registration,
and retrieval of VM images
What is the OpenStack codename Glance
component?
Swift

object storage component?
Swift provides object storage with built-in
data replication and integrity.
What is the OpenStack codename Swift
component?
Horizon

dashboard component?
Horizon provides a dashboard/GUI for
administering various aspects of
OpenStack. What is the OpenStack codename Horizon
component?
Heat

orchestration component?
Heat provides orchestration for cloud
applications via templates using APIs
What is the OpenStack codename Heat
component?
Mistral

workflow component?
Mistral manages user-created workflows,
which can be event-driven or triggered
manually. What is the OpenStack codename Mistral
component?
Ceilometer
telemetry component?
Ceilometer is used for telemetry and
provides a single point of contact for
billing systems used within the cloud What is the OpenStack codename
environment. Ceilometer component?
Trove

database component?
Trove is a database-as-a-service
provisioning engine.
What is the OpenStack codename Trove
component?
Sahara

Elastic MapReduce component?
Sahara provides Elastic MapReduce
functionality, which is an automated way to
provision Hadoop clusters. What is the OpenStack codename Sahara
component?
Ironic

bare metal provisioning component?
Ironic provisions bare metal machines
rather than VMs
What is the OpenStack codename Ironic
component?
Zaqar

messaging component?
Zaqar provides a cloud messaging service
for web developments used to
communicate between SaaS and mobile What is the OpenStack codename Zaqar
applications. component?
Manila

shared file system component?
Manila provides an API to manage file
shares in a vendor agnostic fashion
What is the OpenStack codename Manila
component?
Designate

DNS component?
Designate provides a multi-tenant REST
API for managing DNS-as-a-service
What is the OpenStack codename
Designate component?
Searchlight

search component?
Searchlight provides search capabilities
across various cloud services, such as
searching for compute instance status or What is the OpenStack codename
storage system names. Searchlight component?
Barbican

key manager component?
Barbican is a key manager that provides
secure storage, provisioning and
management of passwords. What is the OpenStack codename Barbican
component?
Distributed
Augmented
Hybrid What are the four primary SDN models?
Centralized
The distributed SDN model is most similar
to traditional networking with the control
plane distributed among devices (as in What is the distributed SDN model?
traditional routing protocols).
The augmented SDN model builds on the
distributed model by including a
centralized controller that adjusts various What is the augmented SDN model?
policies as they are needed, but otherwise
relies on the traditional distributed control
plane. An example of this is Cisco's PfR.
The hybrid SDN model is similar to the
augmented SDN model in that there is a
traditional distributed control plane What is the hybrid SDN model?
operating underneath, however the hybrid
model can implement policy at any point in
the network. Cisco's ACI is an example of
this model.
The centralized model relies on a single
central controller to program the
forwarding plane of all network devices. What is the centralized SDN model?
The SDN controller is the component
responsible for programming the
forwarding tables of data-plane devices. What is an SDN controller?
Application Programmability Interface
defines a standard way of interfacing with a
software application or operating system. What is an API?

Examples are REST and RESTCONF
available in IOS-XE.
Northbound protocols are typically APIs
that applications can use to make requests
of the network. For example, a specific What are northbound protocols?
QoS treatment could be specified by the
application.
a REST API
What is an example of a northbound

interface?
The control plane protocol(s) between the
centralized controller and the network
forwarding hardware. An example is What is a southbound interface?
OpenFlow.
OpenFlow
What is an example of a southbound

protocol?
Waterfall
Iterative
Agile / DevOps What are the three common software
development models?
Sequencing virtualized network services
(VNFs) in a particular order to solve a
particular business problem. Examples What is service function chaining?
include placing virtual routers, firewalls,
and IPS in a particular order.
Low-Power and Lossy Networks
With regard to IoT, what are LLNs?

IPv6 Routing Protocol for LLNs, which is
a distance-vector routing protocol
specifically designed to support IoT. RPL With regard to IoT, what is RPL?
borrows ideas from traditional IP routing,
multi-topology routing (MTR), and MPLS-
TE.
IPv6 over Low Power WPANs.
6LoWPAN is an adaptation layer for IPv6 What is 6LoWPAN?

using IEEE 802.15.4 wireless networks.
MTU correction - fragments IPv6
minimum 1280 byte MTU to 802.15.4 127
byte MTU How does 6LoWPAN adapt IPv6 for IEEE
Header compression - assumes common 802.15.4 wireless networks?
fields to compress IPv6 (40B) + UDP (8B)
to 7B
Mesh routing
MAC-level retransmissions - instead of
higher-layer responsibility
Constrained Application Protocol
Similar to (but simpler than) HTTP,

designed to support machine-to-machine What is CoAP?
communications over UDP for Low-power
and Lossy Networks (LLNs)
Message Queuing Telemetry Transport
Lightweight machine-to-machine What is MQTT?

communications over TCP
ETSI European Telecommunications
Standards Institute
What standards body has defined the NFV
architectural framework?
To provide an interoperable /24 multicast
address space for every 16-bit ASN in the
233/8 range. What was the intended use for GLOP
addressing?
Connected
What type of route has the default AD of

0?
Static

1?
EIGRP summary route

5?
eBGP

20?
EIGRP internal

90?
IGRP

100?
OSPF

110?
IS-IS

115?
RIP

120?
EIGRP external

170?
iBGP
BGP Local (locally-injected)
200?
ODR

160?
Discard / infinite / unreachable routes

255?
The routes for those interfaces are injected
as OSPF Intra-Area routes, while the other
interfaces are redistributed as OSPF When redistributing connected interfaces
External Type 2 routes (by default). into OSPF that have IP addresses within an
OSPF network statement, what happens?
point-to-point
What is the default OSPF network type for

tunnel interfaces?
OSPF treats tunnel interfaces as network
type point-to-point by default, and the
OSPF network type setting may need to be What two special considerations must you
changed, depending on the network design. give to OSPF when using DMVPN tunnel
Likewise, timers may also need to be interfaces?
adjusted.
OSPF neighbors will be formed by way of
multicast, but next-hops will not be
reachable until the NBMA addresses are What is the result of an interface
mapped. configured as OSPF network type
broadcast on an NBMA network where
multicast capabilities have been provided
through mapping, but not L2 address
resolution?
On the interfaces between the neighbors,
enable null authentication with ip ospf
authentication null When authentication is configured for an
OSPF area, how can you exempt particular
neighbors?
Downstream neighbors will not require
authentication.
When OSPF authentication is enabled for
an area, what happens if you disable the
authentication on a particular link?
Virtual links are treated like demand

circuits in OSPF
Why does OSPF suppress hello and refresh
messages on virtual links?
With links that are not intended to be up
100% of the time, OSPF hello and refresh
messages would cause the link to remain What does the ip ospf demand-circuit
up indefinitely. The ip ospf demand- command do?
circuit command causes OSPF to suppress
hello and refresh while still maintaining the
neighbor adjacency. The link comes back
up when there is an OSPF topology
change.
area-range is used to summarize internal
routes
summary-address is used to summarize With OSPF, what is the difference between
external routes area range and summary-address?
An internal discard route to Null0 is
automatically injected along with the
summary address. What is automatically generated when you
issue the OSPF area range command, and
You can prevent this under the OSPF what are two ways to prevent it?
process with either of the following:
no discard-route internal
discard-route internal 255
OSPF process:
no discard-route external
discard-route external 255 What are two ways to prevent an external
OSPF discard route from being installed on
an ASBR?
ABR OSPF process:
area area range prefix mask not-advertise
How do you prevent an OSPF Type 3 LSA
from being generated?
ASBR OSPF process:
summary-address prefix mask not-
advertise How can you prevent an OSPF Type 5 or
Type 7 LSA from being generated?
Interface:
ip ospf database-filter all out
How can you prevent OSPF from
advertising LSAs on a particular interface?
OSPF neighborships will remain, but the
routers connected over the interface will
not receive LSAs. What happens if you prevent OSPF from
advertising LSAs on an interface?
The OSPF cost of a virtual link is based on
the total OSPF cost between the two
endpoints. What determines the OSPF cost value of a
virtual link?
GRE tunnels
OSPF virtual links are not allowed to

traverse stub areas. What is a workaround
for this issue?
The "P" bit is set by the ASBR in an NSSA
to indicate whether or not to propagate the
redistributed route beyond the local area. If What is the OSPF "P" bit?
the bit is not set, the redistributed route
remains within the NSSA and is not
translated to a Type 5 LSA by the ABR.
OSPF process:
area area default-cost cost
How do you manually configure the OSPF
cost of injected default routes (such as for
stub areas)?
To set the OSPF cost of an injected default
route (such as for stub areas).
What is the OSPF area area default-
cost cost command used for?
Prevents OSPF from advertising LSAs on
the interface for which the command is
configured. What does the interface command ip ospf
database-filter all out do?
Prevents OSPF Type 5 or Type 7 LSAs
from being generated.
What does the OSPF command summary-
address prefix mask not-advertise do?
Prevents OSPF Type 3 LSAs from being
generated.
What does the OSPF
command area area range prefix
mask not-advertise do?
Interface:
ip ospf demand-circuit
How can you prevent OSPF from sending
This must be configured on both ends of periodic hello or refresh messages on a
the link. link, but maintain the neighbor adjacency?
To reach the next hop, go the the
advertising router, as described in the LSA.
What does a forwarding address of 0.0.0.0
in an OSPF LSA mean?
When an ASBR in an NSSA generates a
Type 7 LSA, the forwarding address it
itself, and remains so when the ABR What does the OSPF command area area
translates the Type 7 LSA to a Type 5 LSA nssa translate type7 suppress-fa do?
when reoriginating into the backbone. This
command causes the Type 5 LSA to have
the forwarding address set to 0.0.0.0 (the
ABR) instead of that of the NSSA ASBR.
When an ASBR in an NSSA generates a
Type 7 LSA, the forwarding address is
itself, and remains so when the ABR What is OSPF forwarding address
translates the Type 7 LSA to a Type 5 LSA suppression?
when reoriginating into the backbone. FA

suppression causes the Type 5 LSA to have
the forwarding address set to 0.0.0.0 (the
ABR) instead of that of the NSSA ASBR.
The ASBR in an NSSA originates a Type 7
LSA for each redistributed route, which the
ABR then re-originates as Type 5 in area 0, What is the primary use case for OSPF
with the forwarding address set to the forwarding address suppression?
originating ASBR. It may be undesirable to
inject all of the external routes directly into
the backbone, so the ABR can filter them
out, but in doing so, the reachability to the
ASBR outside the NSSA may be filtered as
well. OSPF forwarding address
suppression causes the ABR to set the
forwarding address to 0.0.0.0 as it
originates the translated Type 5 LSAs into
the backbone.
When there are multiple ABRs in an
NSSA, the ABR with the highest RID is
elected to perform the Type 7 to Type 5 What is the result of configuring OSPF
translation. FA suppression may lead to forwarding address suppression when there
suboptimal routing when there are multiple are multiple ABRs in the NSSA?
exit points because enabling it causes
traffic to always flow through the
translating ABR.
Type 7 LSA with P-bit set
Type 5 LSA
LSA with higher RID How does RFC 3101 NSSA behavior
prefer two LSAs with the same destination,
cost, and non-zero forwarding address?
Type 5 LSA
Type 7 LSA with P-bit set and non-zero
forwarding address How does RFC 1587 NSSA behavior
Type 7 LSA prefer two LSAs with the same destination,
cost, and non-zero forwarding address?
OSPF process:
compatible rfc1587
Newer versions of Cisco IOS use the RFC
3101 OSPF NSSA LSA selection rules.
How do you modify OSPF to use the older
RFC 1587 rules?
Newer versions of Cisco IOS use the RFC
3101 NSSA LSA selection rules. Issuing
this command causes IOS to use the older What does the OSPF command
RFC 1587 rules. compatible rfc1587 do?
match source-protocol protocol pid
When configuring a route-map, how can

you select a particular routing protocol?
With the match metric option, you can
either match multiple individual metric
values, or you can match a range by
entering the value range midpoint, the +- When configuring a route-map, how do
modifier, and the positive and negative you select a range of metric values?
range.
For example, to match a range of metric

values from 500 - 1500, the command
would be:
match metric 1000 +- 500
Mid value = (min + max) / 2
Derivation value = (max - min) / 2
What is the process of determining the
midpoint and derivation values for
configuring a range of metric values?
Change BOTH speed and duplex to
something other than auto
How do you disable Ethernet
autonegotiation?
2 - 1001
When VTP Pruning is enabled, which

VLANs become prune eligible?
2
What is the IP Protocol for IGMP?

4
What is the IP Protocol for IP-in-IP

encapsulation?
41
What is the IP Protocol for IPv6?

46
What is the IP Protocol for RSVP?

47
What is the IP Protocol for GRE?

50
What is the IP Protocol for Encapsulating

Security Payload (ESP)?
51
What is the IP Protocol for Authentication

Header (AH)?
103
What is the IP Protocol for Protocol

Independent Multicast (PIM)?
ICMP
What is IP Protocol 1?
IGMP
IP-in-IP encapsulation
TCP
UDP

IPv6

RSVP

GRE

ESP

AH

EIGRP

OSPF

PIM

L2TPv3

Raw mode
Tagged mode
What are the two Ethernet pseudowire
modes?
Tagged mode requires a service-delimiting
VLAN tag, while raw mode removes any
service-delimiting VLAN tags, when What is the difference between tagged and
sending data across the pseudowire. raw mode Ethernet pseudowires?
Both modes transparently pass customer

VLAN tags across the pseudowire.
VLAN-based
What is another name for an Ethernet

pseudowire in Tagged mode?
Port-based
What is another name for an Ethernet

pseudowire in Raw mode?
0x0004
What is the pseudowire type of tagged-

mode Ethernet?
0x0005
What is the pseudowire type of raw-mode

Ethernet?
Tagged-mode Ethernet
What is the pseudowire type 0x0004?

Raw-mode Ethernet
What is the pseudowire type 0x0005?

0x0800
What is the EtherType for IPv4?

0x86DD
What is the EtherType for IPv6?

0x88CC
What is the EtherType for LLDP?

IPv4
What is EtherType 0x0800?

ARP

802.1Q-tagged frame

IPv6
What is EtherType 0x86DD?

PPPoE Discovery

PPPoE Session

LLDP
What is EtherType 0x88CC?

The local port is put into an independent
state and continues to carry traffic like a
regular single link. The port configuration When using PAgP or LACP on an
does not change, but the port does not EtherChannel, what happens to the the
participate in the EtherChannel. local port if it cannot negotiate an
EtherChannel with the remote port?
PAgP does not support cross-stack
EtherChannels.
What is a limitation of using PAgP with
StackWise?
The first port in the channel that comes up.
Where does a Layer 2 EtherChannel obtain

its MAC address from?
False. Ports with different STP path costs
can form an EtherChannel if they are
otherwise compatibly configured. True or False: EtherChannel member ports
with different STP path costs will be
suspended from the EtherChannel.
Redistributed routes should be marked with
a higher AD so that the redistributing
routers will use the source protocol when How does Administrative Distance affect
routing. routing optimality when performing mutual
routing protocol redistribution on multiple
routers?
When the packet's destination does not
match any specific route in the IP routing
table. With the default classless routing
configuration, when is the default route
used?
The default route is used only if the
packet's destination does not exist in any
classful network in the IP routing table. With a classful routing configuration, when
is the default route used?
The classful network must be in the local
router's IP routing table.
What must be true for RIP to advertise a
default route via the ip default-network
command?
The classful network must be advertised by
the local router into EIGRP through any
means. What must be true for EIGRP to advertise a
default route via the ip default-
network command?
RIP advertises a route to 0.0.0.0/0
How does RIP utilize the ip default-

network setting?
EIGRP advertises the classful network
flagged as the candidate default.
How does EIGRP utilize the ip default-
network setting?
5
What is the AD of an EIGRP Summary

route?
EIGRP process:
summary-metric summary distance
distance How do you modify the default AD of an
EIGRP summary route?
Profile phase
During which PfR phase are flows that

have high latency and throughput learned,
and Monitored Traffic Classes assembled?
Measure phase
During which PfR phase are performance

metrics collected and computed for the
traffic previously identified in the
Monitored Traffic Classes (MTC) list?
Apply Policy phase
During which PfR phase are low and high

thresholds defined for in-policy and out-of-
policy performance categories?
Control phase
During which PfR phase is traffic

influenced by manipulating routing or
using PBR?
Verify phase
During which PfR phase is out-of-policy

traffic performance re-evaluated and
adjusted if necessary?
Internal
What is the term for PfR interfaces that

connect to the network for communication
with the Master Controller?
External
What is the term for PfR interfaces that are

used to transmit packets out of the local
network?
External
On which PfR interfaces are prefixes and

link performance monitored?
At least two
How many External interfaces are required

for PfR?
Local
Which PfR interface is used as the source

to communicate with the Master
Controller?
Permanent multicast groups
What are IP addresses in the range of

224.0.0.0 - 224.0.1.255 referred to as?
Source-Specific Multicast
What are IP addresses in the range of 232/8

referred to as?
GLOP addressing

referred to as?
Private / Administratively-scoped multicast

referred to as?
An IP multicast address that does not reside
within a reserved range.
What is a transient multicast address?
Multicast addresses in this range usually
have a TTL of 1 and are not intended to be
forwarded by routers. How are IP addresses in the 224.0.0.0/24
subnet intended to be handled by routers?
IGMP
What protocol is used to inform a local

multicast router that a host wants to receive
multicast traffic for a specific group, or to
leave that group?
Message types defined in the IGMPv2
Type field
Membership Query, v1 Membership
Report, v2 Membership Report, and Leave
Group refer to what?
It is used by multicast routers to discover
the presence of group members on a
subnet. What is the IGMPv2 Membership Query
message type used for?
It is sent by a multicast router after it
receives an IGMPv2 Leave Group message
from a host to determine if any other hosts When is an IGMPv2 Membership Query
exist on the segment. sent?
0.0.0.0
What is the Group Address field set to in

an IGMPv2 General Membership Query?
The multicast IP address of the group being
queried.
To which address is an IGMPv2 Group-
Specific Query message sent to?
1 - 255, each value represents 1/10th of a
second
What is the range of the IGMPv2
Maximum Response Time?
100 (10 seconds)
What is the default value of the IGMPv2

Maximum Response Time?
The field is used only in Query messages.
When is the IGMPv2 Maximum Response

Time used?
When the host receives an IGMPv2 Query
from the local router, the host sends a MR
for all the multicast groups for which it What causes a host to send a solicited
wants to receive traffic from, which is a IGMPv2 Host Membership Report?
solicited host MR.
When a host joins a new group, it
immediately sends a host MR to the local
router that it wants to recieve multicast What causes a host to send an unsolicited
traffic for the group it just joined, which an IGMPv2 Host Membership Report?
unsolicited host MR.
The host sends a solicited Membership
Report for all multicast groups it wishes to
receive traffic from. What does a host do when it receives an
IGMPv2 Query from the local multicast
router?
With an unsolicited Host Membership
Report message
How does an IGMPv2 host signal to a
router that it wishes to receive traffic for a
particular multicast group?
The IGMPv2 Last Member Query Interval,
and the Last Member Query Count
What determines how long it takes a
multicast router to determine that all hosts
on a LAN have left a particular multicast
group?
1 second
What is the default IGMPv2 Last Member

Query Interval?
What is the default IGMPv2 Last Member

Query Count?
The router sends a Group-Specific Query
to determine if there are any remaining
hosts on the segment interested in receiving What happens when a multicast router
the multicast traffic. receives an IGMPv2 Leave Group
message?
If no Membership Report message is
received within 1 second, a second Query
is sent. If a Membership Report is still not What happens after a multicast router sends
received, the router stops forwarding an IGMPv2 Group-Specific Query
multicast traffic for that group. message?
400 seconds
What is the default value of the host

IGMPv1 Router Present timeout?
224.0.0.22
What is the multicast address for IGMPv3?

IGMPv3
What is the multicast address 224.0.0.22

used for?
When the router running IGMPv2 detects a
host running IGMPv1 on the segment.
What would cause a router to ignore IGMP
Leave messages?
180 seconds, the IGMPv1 Host Present
countdown timer
How long will a triggered IGMPv2 router
ignore Leave messages?
IGMP Proxy
What feature enables hosts not directly

connected to a downstream device to join a
multicast group sourced from an upstream
network (such as with UDLR)?
Multicast scoping
What is the term for defining boundaries

that determine how far multicast traffic can
travel in the network?
A definition of boundaries that determine
how far multicast traffic will travel in the
network. What is multicast scoping?
TTL
Administrative (239/8)
What are the two methods of multicast
scoping?
Limiting the TTL of multicast packets. For

example, 224.0.0.0/24 packets typically
have a TTL of 1 to keep the traffic in the What is multicast TTL scoping?
local scope.
Filtering of multicast routes in the 239/8
range.
What is multicast adminstrative scoping?
103
PIMv2 Hello messages use IP Protocol

___.
224.0.0.13 (All-PIM-Routers)
PIMv2 Hello messages use which multicast

address?
A particular shortest-path tree
What does the multicast notation (S,G)

refer to?
60 seconds
How frequently are PIM-DM State Refresh

messages sent?
Downstream PIM-DM routers send PIM-
DM State Refresh messsages upstream
every 60 seconds to indicate they wish to How do downstream PIM-DM routers
remain pruned. remain pruned?
Register-Stop is used by an RP to indicate
there are no interested receivers for a
particular multicast group. What is the PIM-SM Register-Stop
message used for?
A timer that is reset to 60 seconds upon
receipt of a Register-Stop message from an
RP do indicate that no further Regster What is the PIM-SM Register-Suppression
messages should be sent. timer?
Register message
How does a multicast router inform an RP

that is has a local source for a particular
multicast group?
60 seconds
What is the default frequency of PIM-SM

Join messages?
The router must sent a PIM Join message
to the upstream router within the default
timeout of 3 minutes, otherwise the What is required for the steady-state
upstream router will prune the group. operation of a PIM-SM router?
The group has switched over from the RPT
to the SPT.
What does the "J" flag indicate in the IP

multicast routing table?
224.0.1.39
To which address are RP-Announce

messages sent?
RP-Announce messages
What is sent to the multicast address

224.0.1.39?
60 seconds
How frequently are RP-Announce

messages sent?
RP-Discovery messages
What is sent to multicast address

224.0.1.40?
The purpose of Auto-RP is to automatically
distribute RP information, but a router
cannot reach the RP without sending a PIM How is PIM sparse-dense-mode used with
Join, and it cannot send a PIM Join without Auto-RP?
knowing the RP. Sparse-dense-mode allows
the RP to be discovered with dense-mode.
After the RP is discovered, sparse-mode is
used.
The single Preferred BSR is elected by
highest priority, then highest IP, and
continues to send Boostrap messages while How can multiple PIM-SM BSRs coexist
the other candidate BSRs monitor and re- on the network?
elect if the Preferred BSR's messages stop.
MSDP
What protocol provides a method of RPs in

different multicast domains to register
multicast sources with each other?
60 seconds
How frequently are MSDP SA messages

sent?
Unicast TCP between peer RPs
How are MSDP SA messages exchanged?

Shared trees are not allowed, and (*,G)
joins are dropped.
What is a restriction of the default SSM IP
range?
MLD
Query, Report, and Done are three types of

messages used by which protocol?
IPv6 Embedded RP
What type of IPv6 address is FF70::/12?
IPv6 Embedded RP
What is represented in the following

address format?
FF7<scope>:0<RP interface ID><hex

prefix length>:<64-bit RP prefix>:<32-bit
group ID>:<1-F>
IP Precedence values
Routine, Priority, Immediate, Flash, Flash

Override, Critical, Internetwork Control,
and Network Control are the names for
what?
Higher values of x receive better queuing
treatment.
With the AFxy PHBs, what does x signify?
Higher values of y have a higher
probability of being dropped.
With the AFxy PHBs, what does y signify?
AF33 will have better queuing treament,
but have a higher probability of being
dropped. With the AFxy PHBs, how does AF11
compare to AF33?
Expedited Forwarding
What does the PHB value 46 indicate?

-Queue EF packets so they get scheduled
quickly, for low latency
-Police EF packets so they do not consume What are two PHB actions associated with
all bandwith on the link or starve other EF?
queues
5 minutes
What is the default time interval over

which IOS measures packet and bit rates on
an interface?
Voice payload
What type of traffic does Cisco recommend

be marked with CoS / IPP / DSCP values
of 5 / 5 / EF?
Video payload

of 4 / 4 / AF41?
Voice and video signaling

of 3 / 3 / CS3?
Mission-critical

of 3 / 3 / AF31,AF32,AF33?
Transactional

of 2 / 2 / AF21,AF22,AF23?
Bulk

of 1 / 1 / AF11,AF12,AF13?
Best-Effort

of 0 / 0 / BE?
Scavenger

of 0 / 0 / 2,4,6?
QoS pre-classification works by keeping
the original unencrypted traffic in memory
until the egress QoS actions are taken. How does Cisco IOS QoS pre-
classification work?
QoS pre-classification
What Cisco IOS feature permits routers to

make egress QoS decisions based on the
original traffic before encapsulation.
The rules used to choose which packets to
drop as queues begin to fill.
What is the QoS drop policy?
The logic used to determine which packet
should be dequeued next.
What is QoS scheduling?
class-default
This queue always exists even if no With CBWFQ and LLQ, what queue
configuration for it is defined. requires no configuration?
It is placed into the class-default class.
What happens if a packet does not match

any explicitly configured classes in a
policy-map?
The bandwidth is proportionally allocated

across the other classes.
What happens with the CBWFQ scheduler
if some queue classes are empty and do not
need their bandwidth for a short period?
Tail drop
What is the term for when a queue is full

and there is no place to put newly-arriving
packets?
A WRED Full Drop occurs when the
average queue depth is higher than the
configured maximum threshold, and all What is a WRED Full Drop?
new packets are discarded.
WRED traffic profile
Minimum and Maximum thresholds, and

the Mark Probability Denominator (MPD)
are components of what?
Strict priority mode serves the PQ
whenever traffic is present in the queue.
What is the Modified Deficit Round-Robin
(MDRR) PQ strict priority mode?
The PQ is always serviced first, which can
lead to starvation of the other queues.
What is an issue with the Modified Deficit
Round-Robin (MDRR) PQ strict priority
mode?
Alternate mode serves the PQ in between
servicing each of the other queues: 0, P, 1,
P, 2, P, etc. How does Modified Deficit Round-Robin
(MDRR) PQ alternate mode work?
Alternate mode prevents queue starvation
at the expense of jitter and latency as
compared to strict priority mode. What is a caveat of using Modified Deficit
Round-Robin (MDRR) PQ alternate mode?
The Quantum Value is the number of bytes
the queue holds.
What is the Modified Deficit Round-Robin
(MDRR) Quantum Value?
The Deficit Count is the number of bytes
beyond the Quantum Value that were
transmitted in a single round-robin pass. What is the Modified Deficit Round-Robin
(MDRR) Deficit Count?
WTD allows configuration per-queue.
What is a feature of Weighted Tail Drop?

The default total bandwidth reservation is
75% of the interface bandwidth, and any
single flow can reserve the entire With RSVP, what is the default total and
bandwidth. per-flow bandwidth reservation?
Milliseconds
What is the shaper static time interval (Tc)

measured in?
Tc = Bc / CIR
What is the formula for calculating Tc?

The number of bits that a shaper can send
within a time interval (Tc)
What does committed burst (Bc) refer to?
CIR Committed Information Rate
What defines the rate for a virtual circuit

based on a business contract?
Committed Information Rate defines the
rate for a virtual circuit based on a business
contract. What is the CIR?
Be is the number of bits beyond the Bc that
are allowed to be sent during a given Tc
What is burst excess (Be)?
Conforming
With single-rate, two-color policing, what

state is the traffic considered if the size of
the packet to be transmitted is equal to or
less than the number of tokens available in
the Bc bucket?
Traffic is conforming

does this notation indicate?
Xp <= Xb
Exceeding

the packet to be transmitted is greater than
the number of tokens available in the Bc
bucket?
None, traffic cannot be transmitted until
tokens have been replenished
With single-rate, two-color policing, how
many tokens are drained from the Bc
bucket when traffic is exceeding?
Traffic is exceeding

Xp > Xb
Violating
With single-rate, three-color policing, what

the packet to be transmitted is greater than
the number of tokens available in both Bc
and Be buckets?
Traffic is violating
With single-rate, three-color policing, what

Xp > Xbc + Xp > Xbe

None, traffic cannot be transmitted until
tokens have been replenished
With single-rate, three-color policing, how
many tokens are drained from the Bc and
Be buckets when traffic is violating?
The Bc bucket is replenished at the CIR
The Be bucket is replenished at the PIR
With dual-rate, three-color policing, how
are the token buckets replenished?
dual-rate, three-color policing
When the Bc bucket is replenished at the

CIR, and the Be bucket is replenished at
the PIR, what type of policing is this?
A conforming packet drains tokens equally
from both Bc and Be buckets. That is, the
same packet uses double the number of With dual-rate, three-color policing, how
tokens with the dual-rate model. does a conforming packet affect the token
buckets?
Conforming
With dual-rate, three-color policing, what

state is traffic considered to be if a packet
drains tokens equally from both Bc and Be
buckets?
When there are enough tokens in both the
Bc and Be buckets, as a conforming packet
drains tokens equally from both buckets. With dual-rate, three-color policing, when
is traffic considered to be conforming?
An exceeding packet drains tokens from
the Be bucket
happens when traffic is considered to be
exceeding?
Exceeding

is the state of traffic that drains tokens from
the Be bucket only?
When multiple fields in the same packet

are marked during class-based policing.
What is multi-action policing?
CAR Committed Access Rate
Single-rate, two-color policing is used by

what legacy technology?
LFI Link Fragmentation and Interleaving
What is the term for breaking up larger

packets and sending delay-sensitive
packets between the larger packets?
Links with 768k or less bandwidth
Where is the use of LFI most effective?

PPP starts the CCP Compression Control
Protocol NCP
What happens after PPP compression is
enabled on a link?
Negotiates and manages the compression
process
What does the PPP NCP CCP Compression
Control Protocol do?
Interface:
ip {tcp | rtp} header-compression
How do you configure PPP TCP or RTP
This is considered legacy, and class-based header compression on an interface?
policy-maps should be used instead.
15
When DAI is enabled, what is the default

rate limit of ARP messages accepted per
port per second?
Unlimited by default
What is the default rate at which a port

enabled for DHCP Snooping will accept
DHCP messages?
False, DHCP Snooping must be enabled,
even if static bindings are used.
True or False: IP Source Guard using static
bindings does not depend on DHCP
Snooping.
The port-security keyword enables
verification of both IP and MAC.
When enabling IP Source Guard, what does
the port-security keyword do?
802.1X supplicant and authenticator
What devices exchange EAPoL frames?

Interface:
authentication port-control {auto | force-

authorized | force-unauthorized}
With 802.1X enabled, how do you
configure a port for authentication?
Globally:
aaa authentication dot1x default group
radius How do you enable a device for 802.1X
dot1x system-auth-control authentication?
Interface:
storm-control traffic-
type level rising [falling] How do you adjust the parameters for
individual traffic types with Storm
traffic-type is either broadcast, multicast, or Control?
unicast, and is set individually with
multiple statements.
The level refers to the rate of packets as

either a percentage of the link bandwidth,
bps, or pps, and can have separate rising
and falling thresholds.
IP Standard
What types of ACLs use the numbered

range of 1-99 and 1300-1999?
IP Extended
What types of ACLs use the numbered

range of 100-199 and 2000-2699?
Strict mode uses the rx keyword, and
causes the router to check incoming
packets to see if the router has a route back What is uRPF strict mode?
to the source IP address out of the interface
the packet was received on.
When a router receives a packet, it
examines the source IP address and verifies
that it has any route in its routing table to What is uRPF loose mode?
reach the source (ignoring the default route
by default).
Watch mode
Intercept mode
What are the two modes of operation for
Cisco IOS TCP Intercept?
In Watch mode, it keeps state information
for TCP connections that match an ACL,
and if TCP does not complete the 3-way How does Cisco IOS TCP Intercept operate
handshake within a particular time period, in Watch mode?
TCP Intercept sends a TCP RST to the
destination to clean up the connection.
Watch mode also temporarily denies new
TCP requests if more than 1100 occur in
one second.
In Intercept mode, the router replies to TCP
SYNs instead of forwarding them. If the 3-
Way Handshake completes, the router How does Cisco IOS TCP Intercept operate
creates a TCP connection to the in Intercept mode?
destination, then stitches the two
connections together.
On the DMVPN Tunnel Interface, ip nrhp
network-id id enables NHRP, which is
critical to the operation of DMVPN. All What is the purpose of the ip nhrp
routers and interfaces configured with the network-id command?
same ID belong to the same DMVPN.
0.0.0.0
When configuring an ISAKMP PSK for

use with DMVPN, what value should the
address be set to?
With DMVPN, use 0.0.0.0 for the address
since the configuration relies on dynamic
IP addresses on the spoke routers. When configuring an ISAKMP PSK for
use with DMVPN, why should the address
be set to 0.0.0.0?
Zero-touch provisioning
What is adding DMVPN spokes without

changing configuration on the hub referred
to as?
2002:border-router-IPv4-address::/48
What is the IPv6 address format of an

automatic 6to4 tunnel border router?
ISATAP
Which type of IPv6 address is represented?
2001:0db8:0abc:0def:0000:5efe:ac14:1401
ISATAP
Which type of IPv6 addressing is

represented here?
64-bit-prefix:0000:5efe:ipv4-in-hex
False, RAs are disabled by default on
tunnel interfaces.
True or False: RAs are enabled by default
on tunnel interfaces.
RAs are disabled by default on tunnel
interfaces, but must be enabled on ISATAP
tunnels. What is the relationship between ISATAP
tunnel interfaces and IPv6 RAs?
show interfaces pruning
How do you verify which VLANs have

been pruned?
VTP pruning is effectively disabled across

the VTP domain because it is unclear as to
which VLANs might be needed across the What happens if VTP pruning is enabled,
port. and a device attached to a trunk port either
does not support VTP, is in a different VTP
domain, or is in VTP Transparent mode?
Manually configure the allowed VLANs on
the trunk
If VTP pruning is enabled, and a device
attached to a trunk port either does not
support VTP, is in a different VTP domain,
or is in VTP Transparent mode, how can
you allow VTP pruning to operate correctly
without modifying any VTP settings?
A trunk port connecting to either:
-Device that doesn't support VTP
-Device in a different VTP domain What three things can cause VTP pruning
-Device in VTP Transparent mode to be effectively disabled?
25 ms
With class-based shaping, what is the Tc

value when the rate is more than 320 kbps?
Tc (25 ms) * shaping rate
With class-based shaping, what is the Bc

value when the rate is more than 320 kbps?
GET VPN
What allows more than two devices to

exchange traffic securely without requiring
a high number of SAs?
TEK Transport Encryption Key
With GET VPN, what is generated by the

Key Server and used by the Group
Members to encrypt data?
Key Encryption Key
With GET VPN, what is used to encrypt

information between the Key Server and
the Group Members?
Forwarded TTL propagation carries the
original packet's TTL value through the
MPLS network, decrementing the value at What is the difference between forwarded
each hop. and local TTL propagation in MPLS
networks?
Local TTL propagation carries the TTL
generated by packets sourced from the
MPLS router itself, staying inside the
MPLS network.
TTL propagation can be enabled/disabled
individually for forwarded traffic, and for
locally-originated traffic. For example, you
can disable TTL propagation for forwarded What are the two types of MPLS TTL
traffic, which effectively hides the internals propagation in Cisco IOS?
of the MPLS network between the CEs, but
still have locally-originated traffic
propagate the TTL in order to use tools like
traceroute internally to the MPLS network.
The LDP ID
When establishing TCP connections in

LDP, what IP address is used if the
transport address is not specified?
TCP connections are established over port
646, and local label bindings are
advertised. What happens after LDP neighbors are
discovered?
Hellos are multicast to 224.0.0.2 UDP port
646
How is LDP neighbor discovery
performed?
Initiate the TCP connection between
neighbors to exchange label bindings
After LDP neighbor discovery, what is the
responsibility of the neighbor with the
highest LDP ID?
Established
What neighbor state is BGP in after Open

messages have been exchanged?
neighbor ip-address timers keepalive
holdtime
How do you adjust BGP keepalive and
hold timers for a neighbor?
neighbor ip-address update-
source interface
How do you modify the source IP address
used to reach a BGP neighbor?
MD5
When performing basic neighbor

authentication in BGP, what algorithm is
used?
Use loopback interfaces
What is a best configuration practice for

BGP when there is more than one route
through which the BGP router can reach a
peer?
Disabled
What is the default state of BGP

synchronization?
Idle
What state is BGP in when BGP has been

enabled, but neighbors have not yet been
configured?
Idle
What state is BGP in when BGP has been

enabled, but is not listening for any TCP
connections?
Connect
What is the BGP state when the BGP

process detects that a peer is trying to
establish a TCP connection?
Active
During which state is BGP trying to

establish a TCP session with a neighbor?
The four basic BGP message types
Open, Keepalive, Update, and Notification

refer to what?
Open
What BGP message is used to establish

neighbor relationships and exchange basic
parameters?
Keepalive
What BGP message is used to maintain

neighbor relationships?
Update
What BGP message is used to exchange

NLRI?
Notification
What type of BGP message is sent if an

error or configuration change affects the
peering session?
FSM error code
What information is included with a BGP

Notification message?
True
This does not occur with the redistribute True or False: When BGP auto-summary
command and auto-summary is enabled, and the network command is
used, subnets are still injected into the BGP
table if they exist in the IP routing table.
BGP AS_PATH path attribute
AS_SEQ, AS_SET, AS_CONFED_SEQ,

and AS_CONFED_SET are components of
what?
An unordered list of ASNs
What is the BGP AS_SET path attribute?

AS_SET path attribute
What BGP construct represents an

unordered list of ASNs?
The AS_SET is generated only if the
AS_SEQ is null.
When using the BGP aggregate-
address summary mask as-set command,
what causes the AS_SET value to be filled?
The summary-only keyword
When using the BGP aggregate-address

command, what keyword causes only the
summary route to be advertised?
The suppress-map keyword
When using the BGP aggregate-address

command, what can be used to filter some
of the component subnets?
BGP Update message
Withdrawn routes, PAs for each route, and

prefix/length for each NLRI, are the three
main components of what?
Enabling synchronization
With BGP, what are confederations, route

reflectors, and a full mesh of iBGP
peerings an alternative to?
Confederation peers need to be identified
because while the connections appear as
eBGP, they do not work as true eBGP Why do BGP confederation peers need to
connections do. Confederations modify the be identified?
AS_PATH PA with AS_CONFED_SEQ
and AS_CONFED_SET attributes, which
are used to prevent loops between the
confederations sub-ASes.
When the routes are advertised to a true

eBGP peer, the AS_CONFED information
is removed.
The AS_CONFED information is removed.
What happens when BGP routes from a
confederation are advertised to a true eBGP

peer?
A BGP confederation router is defined with
the regular router bgp asn command,
which means you must remove and re- How do you revert a router participating in
apply the BGP configuration to leave the a BGP confederation back to a regular BGP
confederation. router?
The BGP RID of the RR
With BGP route reflectors, what is the

default cluster ID?
Originator in show ip bgp prefix
In a BGP route reflector environment, how

can you verify which router originated a
particular prefix?
Optional nontransitive
What type of attributes are

MP_REACH_NLRI and
MP_UNREACH_NLRI?
AFI
Next_Nop
NLRI What is contained inside BGP
MP_REACH_NLRI and
MP_UNREACH_NLRI?
BGP process:
neighbor ip soft-reconfiguration inbound
How do you enable soft reconfiguration for
inbound BGP Updates?
^
What is the regex metacharacter for the

start of a line?
$
What is the regex metacharacter for the end

of a line?
| (pipe)
What is the regex metacharacter for a

logical OR applied between the preceeding
and succeeding characters?
(string1)|(string2)
Strings enclosed in parenthesis separated How do you apply a regex logical OR

by a pipe comparison between two strings?
_ (underscore)
What is the regex metacharacter for any

delimter, such as a blank, comma, start of
line, end of line?
. (period)
What is the regex metacharacter for any

single character?
?
What is the regex metacharacter for zero or

one instance of a preceeding character?
* (asterisk)
What is the regex metacharacter for zero or

more instances of the preceeding character?
+
What is the regex metacharacter for one or

more instances of the preceding character?
(string) string enclosed in parenthesis
What is the regex metacharacter to

reference a string?
[string] characters enclosed in square
brackets
What is the regex metacharacter for
referencing a set of characters in any order?
Matching all AS_PATHs, which is useful
as a final match in an as_path access-list to
change the default from deny to permit. What is the BGP regex .* useful for?
null
What does this regex match?
^$
^$
What BGP regex matches NLRIs

originated in the same AS?
An AS_PATH containing only the single
ASN 123
What does this BGP regex match?
^123$
^asn$ where asn is the AS to be matched
What BGP regex matches an AS_PATH

containing only a single ASN?
An AS_PATH whose first ASN begins with
(or is) 123
^123
An AS_PATH with two ASNs, beginning

with 123 and ending with 45
^123_45$
An AS_PATH beginning with AS 123,
ending in AS 45, with at least one other AS
in between What does this BGP regex match?
^123_.*_45$
An AS_PATH beginning with AS 123 with
zero or more ASNs and delimiters, and
ending with any AS whose last two digits What does this BGP regex match?
are 45 (including AS 45 itself)
^123_.*45
An AS_PATH beginning with either an
AS_SET or an AS_CONFED_SET
^{
The administrative weight can be assigned
to each NLRI locally on the router, and is
not passed on in Update messages. It is set Within a single BGP AS, where can the
either directly with neighbor ip weight or Weight PA be assigned?
within a route-map.
This well-known discretionary PA can be
set on any router inside the AS, and is not
distributed outside the AS. Within a BGP AS, where can the
LOCAL_PREF value be set?
As a single ASN, regardless of the number
of ASNs in the set
Within the BGP AS_PATH, how is an
AS_SET treated with regard to bestpath
calculation?
BGP process:
bgp bestpath as-path ignore
How do you configure a router to disregard
the AS_PATH lengh when calculating the
BGP best path?
This command causes BGP to disregard the
AS_PATH length when calculating the
BGP best path What does the following command do?
bgp besthpath as-path ignore

0
What is the default BGP Weight for learned

routes?
BGP process:
neighbor ip remove-private-as
How do you automatically remove private
BGP ASNs in outbound Updates?
BGP process:
bgp always-compare-med
How do you configure BGP to take the
MED value into consideration when
multiple routes to a single NLRI pass
through different neighboring ASNs?
If you implement this command, you
should implement it on all routers in an AS,
otherwise routing loops can occur. What is a caveat of enabling the bgp
always-compare-med command?
Ignore the MED value unless configured
with bgp always-compare-med
What is the default BGP behavior with
regard to the MED value when multiple
routes to a single NLRI pass through
different neighboring ASNs?
BGP process:
bgp bestpath compare-routerid
If a BGP router has a current best route
installed from an eBGP neighbor, but
receives an otherwise identical route from
an eBGP neighbor with a smaller RID, how
do you configure the router to accept and
use the new route?
To avoid route flaps. This behavior can be
changed with bgp besthpath compare-
routerid If a BGP router has a current route for a
prefix through an eBGP neighbor, but
This applies only to eBGP routes. iBGP receives an otherwise identical route from
routes always use the lowest RID as the another eBGP neighbor with a lower BGP
tiebreaker. RID, why is the existing route kept?
This is used when the route is coming from
a router who has multiple separate
neighbor relationships, as opposed to a What causes the lowest BGP neighbor ID
single relationship using loopback (IP address) to be used as the final best
addresses. path tiebreaker?
FFFF:FF01
What is the value of the BGP

NO_EXPORT community?
NO_EXPORT
What BGP community has the value

FFFF:FF01?
FFFF:FF02
What is the value of the BGP

NO_ADVERT community?
NO_ADVERT

FFFF:FF02?
FFFF:FF03
What is the value of the BGP LOCAL_AS
/ NO_EXPORT_SUBCONFED
community?
LOCAL_AS /
NO_EXPORT_SUBCONFED
FFFF:FF03?
5 seconds
What is the default Update interval for

iBGP peers?
BGP fast external fall-over
What BGP term is used for the process of

directly-connected neighbors being torn
down when the connected subnet is lost,
BGP routes immediately being flushed, and
BGP immediately looking for alternate
routes?
BGP process:
neighbor ip fall-over [route-map map]
How do you enable BGP fast peering
Fast external fall-over is automatic. This session deactivation?
command must be enabled for iBGP
sessions or when the fall-over needs to be
conditional.
A common use case for disabling fast
external fall-over detection is when you
want to control the behavior per-neighbor Why would you disable the default BGP
with the BGP command neighbor ip fall- external fast fall-over detection?
over [route-map map]
BGP process:
neighbor ip unsuppress-map
When more-specific BGP routes have been
filtered via the aggregate-
address command, how do you selectively
re-advertise more specific routes per-
neighbor?
Duplex mismatch
Errors and collisions on an Ethernet link

are typically an indication of what?
IEEE 802.3 + 802.2 LLC
Protocols invented by the IEEE typically

use which Ethernet frame format?
IEEE 802.3 SNAP
Vendor-proprietary Layer 2 protocols such

as CDP typically use which type of
Ethernet frame format?
The port channel numbers for the VSL

must be different on each switch and must
be available for use. How do you prevent a VSS standby switch
from coming up in RPR mode?
When in VSS mode, interfaces follow the
naming convention:
switch-number/slot/port What happens to the switch interfaces after
VSS mode is enabled?
The FED allows the drivers to affect the
data plane, and is provided by the platform
(similar to a network card driver in a What is the IOS-XE Forwarding Engine
traditional operating system) Driver (FED)?
100 Mbps Ethernet over copper and optical
cabling
What is the IEEE 802.3u standard?
Gigabit Ethernet over optical cabling
What is the IEEE 802.3z standard?

Gigabit Ethernet over twisted-pair copper
cabling
What is the IEEE 802.3ab standard?
Cut-through switching performs the
address-table lookup as soon as the
Destination Address field in the header is What is cut-through switching?
received which results in lower latency, but
does not allow the switch to discard frames
that fail the FCS.
Fragment-free switching is similar to cut-
through, but waits until the first 64 bytes of
the frame are received before switching, What is fragment-free switching?
since Ethernet collisions should be detected
within the first 64 bytes of the frame.
Private VLANs
Protected ports (aka PVLAN Edge)
What two Layer 2 technologies separate
switch ports as if they were on different
VLANs while consuming only a single IP
subnet?
Traffic from secondary VLANs have their
tags rewritten as the primary VLAN tag
when being sent over the trunk. No tag How is the VLAN tag manipulated with a
manipulation is performed for received promiscuous Private VLAN trunk?
frames.
When traffic is sent across the isolated
PVLAN trunk, the primary VLAN ID is
changed to the isolated secondary VLAN How is the VLAN tag manipulated with an
ID. When frames are received, no tag isolated Private VLAN trunk?
A protected port is similar to a private
VLAN Isolated port. Protected ports are
essentially a subset of private VLAN What is a protected port?
functionality. Protected ports cannot

communicate with other protected ports on
the same switch.
This design decision was chosen because
different VTP domains may use the same
VLANs, but for different purposes, so Why will DTP not negotiate a trunk link if
bridging them together should not be the VTP domain names are different?
automatic.
This prevents the issue of a customer's
untagged frames from being misforwarded
or blackholed when the S-tag is added. Why is it common to tag the native VLAN
in a QinQ environment?
Interface:
l2protocol-tunnel <-- enables all
l2protocol-tunnel [cdp] [lldp] [stp] [vtp] How to you enable Layer 2 management
protocols to be forwarded across a QinQ
tunnel?
Permits Layer 2 management protocols,
such as CDP, STP, etc, across a QinQ
tunnel. What does the command l2protocol-
tunnel do?
VTPv1 drops all unrecognized TLVs from
received messages
How does VTPv1 handle unknown TLVs?
VTPv2 propagates all TLVs even if they
are unrecognized
How does VTPv2 handle unknown TLVs?
Every 5 minutes, and after each
modification to the VLAN database
How frequently are VTP Summary
Advertisement messages generated?
VTP Summary Advertisement
With VTP, what type of message is

generated with each modification to the
VLAN database?
VTP Subset Advertisement
Which VTP messages contain the full

contents of the VLAN database?
One message can hold multiple VLAN
database entries, but multiple messages
might be required if the VLAN database is How many VLAN entries can be contained
large. in a VTP Subset Advertisement message?
VTP Advertisement Request
What VTP message is used to request VTP

neighbors to send all or part of their VTP
database?
VTP Advertisement Request
What type of VTP message is sent under

the following circumstances:
-When a VTP Client switch is restarted

-When a switch enters VTP Client mode
-When a Server or Client receives a
Summary Advertisement with a higher
revision number than its own
6 seconds
How frequently are VTP Join messages

sent?
When VTP Pruning is enabled
When are VTP Join message used?

The IP of the lowest-numbered SVI
Which IP address is used as the VTP

Updater address by default?
Globally:
vtp mode off
How do you disable VTP completely for
switches that support VTPv3?
Prior to the 802.1t amendment, Per-VLAN
Spanning-Tree required a separate unique
MAC address for the BID for each VLAN, How did PVST operate prior to the 802.1t
which consumed a large number of amendment?
reserved MAC addresses on each switch.
MAC address reduction
What is IEEE 802.1t referred to as?

The short (802.1D-1998) method is used
by default for (R)PVST.
What is the default STP cost method?
The long (802.1D-2004) method is used by
default for MST.
Replacement Root port using event-driven
operations
What is an RSTP Alternate port?
Alternate port
What RSTP port serves as an event-driven

replacement for the Root port?
Replacement Designated port with timer-
driven operation
What is an RSTP Backup port?
Backup port
What RSTP port serves as a timer-driven

replacement for a Designated port?
It begins operating as a Non-Edge port
What happens if an RSTP Edge port

receives a BPDU?
Point-to-point
Shared
What are the RSTP link types?
Master port
Which MST port provides connectivity

toward the CIST Root?
Designated
If the BPDUs sent by the MST boundary

port are superior to all received PVST+
BPDUs on the port, what is the port type?
Root
If the MST boundary port receives PVST+

BPDUs that are identical or superior to the
received PVST+ BPDU for VLAN 1, what
is the port type?
Non-Designated (blocked)
If the incoming VLAN 1 PVST+ BPDU is

superior to its own BPDUs, but not
superior enough to make it become a Root
port, what is the MST boundary port type?
superior
With MST, if the Root Bridge for the CIST

is in a non-MST region, the STP priority of
VLANs 2 and above within that region
must be ___ to that of VLAN 1 to prevent
PVST Simulation Inconsistent / Root
Inconsistent errors.
inferior
With MST, if the Root Bridge for the CIST

is within a MST region, the STP priority of
VLANs 2 and above in the non-MST
regions must be ___ than that of the CIST
root to prevent PVST Simulation
Inconsistent / Root Inconsistent errors.
If a single MD5 value is listed, the switch
only supports pre-standard MST. Two MD5
digests indicate support for both standard When issuing the show spanning-tree mst
and pre-standard MST. configuration digest command, one MD5
digest is listed. What does this indicate?
BPDU Guard
What feature err-disables a port

immediately upon receipt of any BPDU?
Only ports operating as PortFast are

affected.
What is a limitation of enabling BPDU
Guard globally?
They are all designed to detect and avoid
issues caused by unidirectional links.
What do UDLD, Loop Guard, Bridge
Assurance, and the RSTP Dispute
mechanism have in common?
UDLD messages
The switch / port pair identity and a list of

all neighboring switch / port pairs heard on
the same segment are transmitted in what?
Loop Guard
What prevents Root and Alternate ports

from becoming Designated due to total loss
of incoming BPDUs?
Global configuration protects point-to-
point links. Port configuration additionally
protects shared links. What is the difference between configuring
Loop Guard globally or per-port?
RSTP Dispute mechanism
What causes a Designated port to keep its

role but move to a Discarding state if it
receives an inferior BPDU from another
port that claims to be Designated Learning
or Designated Forwarding?
Port Role and Port State flags in the RSTP
BPDU
What information does the RSTP Dispute
mechanism use to determine what action to
take?
Enabled by default
What is the default state of EtherChannel

Misconfig Guard?
EtherChannel Misconfig Guard disables an
entire port-channel bundle if it receives
BPDUs sources from different MAC What technology disables an entire port-
addresses on a port-channel interface, channel bundle if BPDUs with different
indicating that the neighbor is treating MAC addresses are received on the port-
some of the links as individual and not channel interface?
bundled together.
LACP
Previously 802.3ad IEEE 802.1AX is the standard for what?

30 seconds
What is the frequency of PAgP messages in

normal mode?
1 second
What is the frequency of PAgP messages in

fast mode?
LLDP
IEEE 802.1AB is the standard for what?

Type (*TYPE_Inc)
What type of STP inconsistency is caused

when PVST+ BPDUs are received on a
non-802.1Q port?
Port VLAN ID (*PVID_Inc)
What type of STP inconsistency occurs

when PVST+ BPDUs are received in a
different VLAN than they were originated
in?
Native VLAN mismatch
What typically causes the STP PVID

inconsistency error?
PVST Simulation (*PVST_Inc)

when PVST+ BPDUs received on an MST
boundary port do not meet the PVST
Simulation consistency criteria?
Loop (*LOOP_Inc)

when a Loop Guard protected Root or
Alternate port was prevented from
becoming Designated after BPDUs stopped
arriving?
Root (*ROOT_Inc)

when a Root Guard protected port receives
superior BPDUs?
Bridge Assurance (*BA_Inc)

when a Bridge Assurance protected port
stops receiving BPDUs?
Mismatched VTP password
What does "MD5 digest checksum

mismatch" mean when issuing the show
vtp status command?
Path MTU Discovery

What is the DF bit in the IPv4 header
commonly used for?
The DF (don't fragment) bit in the IPv4
header
What mechanism facilitates Path MTU
Discovery?
The MF bit is set in all packet fragments
except for the final fragment.
What is the MF bit in the IPv4 header?
HSRP group 1
What does this MAC address correspond

to?
0000.0C07.AC01
VRRP group 1
What does this MAC address correspond

to?
0000.5E00.0101
GLBP group 1 AVF 1
0007.B40X.xxyy where Xxx is the 10-bit What does this MAC address correspond
GLBP group number, and yy is the AVF to?
number.
0007.B400.0101
0007.B40X.xxyy where Xxx is the 10-bit
GLBP group number, and yy is the AVF
number. How does GLBP addressing work?
The device being managed
What is the SNMP Agent?

SNMP Manager
What is the term for the management

software polling the SNMP agent on a
device?
Structure of Management Information
(SMI), the SNMP data definition refers to
syntax conventions for how to define the What is SNMP SMI?
data to an agent or manager.
SNMP
What is associated with UDP port 161?

SNMP traps

SNMP Response message
What is used to supply SNMP information

and acknowledge the receipt of other
SNMP messages?
SNMP Agent
Response and Trap are two SNMP

messages typically sent by what?
SNMP Trap
What is used to send unsolicited

information to SNMP Managers?
SNMP Inform
Which message is used between SNMP

managers to allow MIB data to be
exchanged?
Syslog

Netflow records
A set of predefined and user-defined key

fields (such as source/destination IP and
port) for network monitoring are defined in
what?
Netflow monitor
What collects information about flows and

is applied to an interface and includes
records, a cache, and optionally a flow
exporter.
Netflow exporter
What transfers the cached flow information

to outside systems, which is typically a
server running a NetFlow collector?
Netflow sampler
What allows specifying the sample size of

traffic in order to reduce the load on the
NetFlow-enabled device?
Down / Line Protocol Down
If a corresponding VLAN does not exist, or

is not active (e.g. state
suspend or shutdown on the VLAN
itself), what is the status of the SVI?
Up / Line Protocol Down
If the corresponding VLAN exists, but is

not allowed and in an STP forwarding state

on any Layer 2 switch port (access or
trunk), what is the state of the SVI?
If the new IGP is RIP or EIGRP
During routing protocol migration, when

must you configure redistribution from the
current IGP into the new IGP on each
router?
RIPv2

RIPv2
What uses multicast address 224.0.0.9?

Request message
What does RIPv2 use to ask a neighbor to

send a partial or full RIP update
immediately, instead of waiting for the
Update timer to expire?
Route poisoning
What is the term for advertising a route

with an infinite metric in effort to more
rapidly remove it from routing tables?
Triggered / flash update
What is the term for immediately sending a

new update when routing information
changes?
Only the changed networks
What information is sent in a RIPv2

triggered update?
30 seconds
What is the default RIPv2 Update timer?

The Flushed After timer is not taken into
consideration until after the Invalid After
timer has expired. The route is not removed What happens if the RIPv2 Flushed After
from the routing table until the Invalid timer is set to less than the Invalid After
After timer has expired. timer?
Triggered extensions
What is the term for when RIPv2 sends a

full update only once, and then is silent
until changes are made?
Interface:
ip rip triggered
How do you enable RIPv2 triggered
extensions?
Lowering the RIP timers
With RIPv2, there is an increased chance of

transient routing loops being formed during
convergence as a result of what?
RIPng

RIPng
What is associated with multicast address

FF02::9?
EIGRP

224.0.0.10?
EIGRP

FF02::A?
The IOS RIB supports only 32-bit metrics,
so the EIGRP 64-bit wide metrics
composite value must be scaled down. Why is the EIGRP wide metrics composite
EIGRP makes all path selection decisions value scaled for the RIB?
based on the full metric, and the metric is
only scaled down when it is placed in the
local RIB.
The sender's current distance to the
destination after taking into account the
topology change that prompted the Query. What is contained in an EIGRP Reply
message?
EIGRP Reply
The EIGRP sender's current distance to the

destination after taking into account the
topology change that prompted the Query
is contained in what message?
It is used as part of the calculation of the
neighbor multicast flow timer, and the RTO
retransmission timeout. What is the EIGRP SRTT used for?
The RTO retransmission timeout is the
time between subsequent unicasts to be
sent after normal multicasts have failed. What is the EIGRP RTO?
The EIGRP RTO retransmission timeout
What controls the amount of time before

EIGRP messages are unicast after normal
multicasts have failed?
The EIGRP multicast flow timer
What timer controls how long to wait for

an ACK before declaring an EIGRP

neighbor as lagging, and switching from
multicast to unicast transmissions?
Both timers are calculated based on the
SRTT of the neighbor. This allows for each
neighbor to have different automatically- What is the basis for the EIGRP multicast
calculated timers. flow timer and RTO values?
Multicast flow timer
RTO retransmission timeout
What two EIGRP timers are based on the
SRTT of a neighbor?
The neighbor is declared unreachable and
DUAL is informed of the loss of a
neighbor. What is the result of the EIGRP neighbor
hold timer expiring?
Pending
EIGRP Hello, Ack, and Null Update with

the Init flag set are the only packets that
can be exchanged during which EIGRP
neighbor state?
Handle
What is the internal number EIGRP assigns

to each neighbor for reference?
Reported Distance
What is the EIGRP metric to a particular

destination as received from a particular
neighbor.
Computed Distance
What is the result of the EIGRP Reported

Distance + cost of the link to the
advertising neighbor?
Feasible Distance
What is the historical record of the smallest

known EIGRP Computed Distance toward
a particular destination since its last
transition from Active to Passive?
Feasibility Condition
What is the EIGRP term for a neighbor's

Reported Distance being less than the
current Feasible Distance to a destination?
Any neighbor that can guarantee a loop-
free path toward a particular destination is
said to have met the Feasibility Condition What is an EIGRP Feasible Successor?
and is therefore a Feasible Successor.
The router sends a Reply back to the
neighbor with its information about the
destination What happens if an EIGRP router receives

a Query and determines its current Feasible
Successors are still valid?
The route becomes Active and the router
starts its own Query process
What happens if an EIGRP router receives
a Query and determines its current Feasible
Successors are no longer valid?
The four EIGRP FSM Active states. The
names refer to the origin of the diffusing
computation, e.g. which router appears to What does the following refer to?
have started it.
A0: Local Origin with Distance Increase
A1: Local Origin
A2: Multiple Origins
A3: Successor Origin
If all expected Replies are not received
before the Active timer expires, the route is
designated SIA and the neighbor(s) that did What happens if the EIGRP Active time
not send back a Reply are removed from expires?
the neighbor table and their adjacencies are
torn down.
An SIA-Query message is sent
What happens if an EIGRP neighbor does

not respond with a Reply within half of the
Active timer time (90 seconds by default)?
The commands are ignored, and must be
configured under the EIGRP af-interface,
not directly on the interface itself. What happens if you issue EIGRP
commands on an interface when using
EIGRP named mode?
Interface:
no next-hop-self no-ecmp-mode
What configuration causes EIGRP to retain
all Successor's addresses as the next-hop in
EIGRP advertisements, and not just the
first entry in the topology table?
This causes EIGRP to retain all Successor's
addresses as the next-hop in EIGRP
advertisements, not just the first entry in What does the EIGRP interface no next-
the topology table. hop-self no-ecmp-mode command do?
connected and summary are used if the
options are not explicitly set.
When the eigrp stub command is used,
what are the default advertisement options?
DMVPN relies on IPsec tunnel encryption,
whereas EIGRP OTP uses GETVPN.
How is encryption performed differently
between DMVPN and EIGRP OTP?
DMVPN encapsulates both data plane and
control plane traffic inside mGRE.
How do DMVPN and EIGRP OTP perform

OTP uses LISP UDP encapsulation for the encapsulation differently?
data plane, and the control plane uses
native EIGRP without encapsulation.
A Hello message with all K-values set to
255
What is an EIGRP Goodbye message?
Goodbye message
What type of EIGRP message has all K-

values set to 255?
Topology databases between the router and
its neighbors are resynchronized without
the neighbor relationship being torn down. What happens during an EIGRP graceful
restart?
LSR Link-State Request message
The identity of one or more OSPF LSAs

that the sending router would like the
neighbor to supply full details about are
contained in what?
LSU Link-State Update
What OSPF packet type contains fully

detailed LSAs?
LSU
What OSPF packet type is sent as a

response to an LSR, or in the event of a
topological change?
On these network types, a neighbor is
placed immediately into the Attempt state
and contact by Hello packets sent at usual What is the first step in OSPF neighborship
intervals. If the neighbor does not respond on NBMA and P2MP NBMA networks?
within the Dead interval, it is placed back
into the Down state.
Init
What is the OSPF neighbor state when a

valid Hello has been received from the
neighbor, but the list of "Seen Routers" in
the received Hello packet does not contain
the receiving router's RID?
The neighbor router is not properly
receiving this router's Hellos.
What is the cause of an OSPF neighbor
remaining in the Init state?
2-Way neighbor state
What is an indication of bidirectional

visibility between two OSPF routers?
2-Way
What is the OSPF neighbor state when a

valid Hello packet containing this router's
RID is in the list of seen neighbors from
the neighbor?
ExStart
The comparison of RIDs to determine

Master/Slave roles, and the establishment
of a common starting sequence number for
DBD packets occurs during which OSPF
neighbor state?
Exchange
What OSPF neighbor state is entered after

the Master/Slave relationship is
established?
Exchange
During which OSPF neighbor state

are DBDs transmitted between the
neighbors to build the list of LSAs known
by each router?
False: DBDs are transmitted during the
Exchange state. LSAs are transmitted
during the Loading state. True or False: OSPF LSAs are transmitted
during the Exchange neighbor state.
All OSPF Routers
What is associated with mulitcast address

224.0.0.5?
They will not proceed past the 2-Way
neighbor state, however they will still be
considered neighbors. What happens if two OSPF routers have
mismatched MTU settings?
DBD
The Master (MS), More (M), and Init (I)

flags are present in what OSPF packet?
All packets sent by the Master have the MS
flag set, and all packets sent by the Slave
have the MS flag cleared. How does the MS flag work in OSPF DBD
packets?
The sending router sets the M flag if it has
an additional DBD packet to send. The M
flag is how the Slave indicates it has more How does the M flag work in OSPF DBD
DBD packets to send, since it can only packets?
send packets as a response to the Master.
The first DBD packet that starts the
exchange is set with the I flag, and all other
DBD packets have the flag cleared.
How does the I flag work in OSPF DBD

packets?
0x80000000 is a reserved value, so the
LSA is flushed from the LSDB and re-
originated with sequence 0x80000001 What happens if an OSPF LSA has a
sequence number of 0x7FFFFFFF and a
change is made?
All OSPF DR Routers

224.0.0.6?
Receipt of a Hello with the DR set to
0.0.0.0, indicating the DR has not yet been
elected. What triggers the OSPF Wait Time?
The priorities and RIDs of neighbors are
collected, and each router independently
calculates the DR/BDR, though they all What happens during the OSPF Wait
arrive at the same conclusion. Time?
The goal is to allow all routers on the
network segment to finish initializing after
a failure so that all routers can participate What is the purpose of the OSPF Wait
in the DR election, otherwise the first Time?
router to become active would always
become the DR.
Only the router originating an LSA can
modify it, which ensures all OSPF routers
in an area have the same LSDB contents Why must a non-originating OSPF router
and a consistent view of the network. never modify an LSA?
Area
What is the flooding scope of OSPF LSA

Type 1?
Area

Type 2?
Area; re-originated between areas by ABRs

Type 3?
Area; re-originated between areas by ABRs

Type 4?
All regular areas

Type 5?
Area; re-originated as Type 5 by the ABR

Type 7?
Link-local

Type 9?
Area

Type 10?
All regular areas

Type 11?
LSA Type 1
Which OSPF LSA type lists the router's

RID and all interface IPs with the area?
LSA Type 2
Which OSPF LSA type represents a subnet

and the router interfaces connected to it?
LSA Type 3
Which OSPF LSA type represents

networks present in one area when being
advertised into another area?
LSA Type 4
Which OSPF LSA type advertises a host

route to reach an ASBR?
LSA Type 5
Which OSPF LSA type describes routes

external to the AS in regular areas?
LSA Type 7
Which OSPF LSA type describes routes

external to the AS inside an NSSA?
LSA Type 9
Which OSPF LSA type is considered

generic with a link-local flooding scope?
LSA Type 10

generic with an area-local flooding scope?
LSA Type 11
generic with a flooding scope including all

regular areas?
A stub network
Within OSPF, what is an advertised subnet

for which a router has not formed any
neighbor relationships?
Transit network
What is a network over which two or more

OSPF routers have become neighbors and
traffic is neither sourced or destined
locally?
100,000 Kbps (100 Mbps) / interface
bandwidth in Kbps
How is the OSPF link cost calculated by
default?
This is valid only on OSPF point-to-
multipoint nonbroadcast network types.
What is the requirement for configuring
per-neighbor costs in OSPF?
It can only be applied on an ASBR, and
only to redistributed routes.
What are the restrictions for using an OSPF
distribute-list in the outbound direction?
OSPF uses the last key to be added to the
interface, regardless of the key number.
When signing sent packets, which key does
OSPF use?
Routers within the area will not form
neighborships unless authentication is
specifically configured, even if the What is the result of configuring
authentication type is just null. authentication under the OSPF process?
SPF throttling
What is the variable-length wait interval

between two consecutive SPF runs?
SPF-start
With SPF throttling, what is the initial wait

interval before an SPF computation called?
SPF-hold
With SPF throttling, what is the wait time

between subsequent SPF runs?
SPF-max-wait
With SPF throttling, what is the amount of

time during which the network must be
stable for the wait interval to be set back to
SPF-start and the SPF-hold back to is
preconfigured value?
LSA throttling
Controlling how frequently updated LSAs

are allowed to be re-originated is referred
to as what?
Originate updated LSAs immediately, and
delay subsequent origination by 5 seconds,
but do not progressively increase the What are the default IOS settings for OSPF
interval. LSA throttling?
If two more more identical LSAs arrive
within 1 second, only the first one is
accepted, and the remaining are dropped. How does OSPF LSA arrival throttling
work?
The minimum LSA arrival interval should
be less than the neighbors' intial hold
interval in LSA throttling, otherwise a What should the minimum OSPF LSA
neighbor would be allowed to send updated arrival throttling timer be set to?
LSAs faster than the router would be
willing to accept them.
flood pacing
What is the interval between successive

OSPF LSUs when flooding LSAs referred
to as?
33 ms
What is the default OSPF flood pacing

timer?
OSPF retransmission pacing
What is the interval between restransmitted

OSPF packets as part of a single
retransmission event?
66 ms
What is the default OSPF retransmission

pacing timer?
Prefix suppression - the LSA contains no
prefix information to be used.
If an OSPF Type 2 LSA has the mask of a
prefix set to 255.255.255.255, what does
this indicate?
OSPF stub router
What feature is used to prevent an OSPF

router from becoming a transit router?
One variation activates the stub router
feature for the specified number of
seconds, while the other variation waits for What are the two variations of the OSPF
BGP to converge first (up to a maximum of stub router feature?
10 minutes)
Cisco NSF Non Stop Forwarding
OSPF graceful restart is a standardized

version of what?
OSPF process:
nsf helper disable
How do you disable OSPF graceful restart /
NSF helper mode?
-All adjacencies are dropped
-All originated LSAs are flushed (age set to
3600 seconds) What happens when OSPF graceful
-Hello sent to all neighbors with DR/BDR shutdown is enabled?
set to 0.0.0.0 with no neighbors
-Stop sending/receiving OSPF packets
To selectively enable adjacencies. For
example, there can be multiple reachable
routers over a link, but you can form What is the purpose of OSPFv3 supporting
specific adjacencies. multiple instances on a link?
Virtual links use globally-scoped IPv6
addresses.
Which address is used to source OSPFv3
packets on virtual links?
OSPFv3 Authentication Trailer is an
alternative to regular OSPFv3 IPsec
authentication, and operates similar to What is OSPFv3 Authentication Trailer?
OSPFv2 extended cryptographic
authentication by referencing a key-chain.
The AF-bit in OSPFv3 packets is cleared in
all instances (not just 0 - 31)
What is an indication that an OSPFv3
router does not support multiple address
families?
An address of a particular network service
on a particular network node
What does an NSAP address represent?
Together, they indicate the routing domain
(autonomous system) in which the node is
located. What do the fields in the IDP of an NSAP
address indicate?
The IDP Initial Domain Part, which
consists of the AFI Authority and Format
Identifier, and the IDI Initial Domain With NSAP addressing, what indicates the
Identifier. routing domain (AS) in which the node is
located?
When the SEL is 0, no particular service is
being addressed, and the entire NSAP
address identifies the destination node itself What does the OSI NET Network Entity
without referring to any particular service. Title identify?
Level 0 routing is also known as ES-IS
routing. This is similar in concept to IPv6
RA and NA messages. OSI Level 0 routing is similar to what in
IPv6?
The MTU must be set to be equal to or

smaller than the lowest MTU link within
the flooding scope. With IS-IS, the MTU must be set to what
on a Level 1 or Level 2 router?
1497
What is the IS-IS LSP default MTU?

CSNP Complete Sequence Number PDU
A list of all IS-IS LSPs in the sender's

LSDB are contained in what?
As a collection of point-to-point links
How are hub-and-spoke topologies handled

in IS-IS?
Cisco routers do not send CSNPs on P2P
links after the initial adjacency buildup by
default, but some IS-IS implementations True or False: IS-IS CSNPs are sent
do. periodically on P2P interfaces.
IS-IS Level 1 frames
0180.c200.0014 is the MAC address for

what?
IS-IS Level 2 frames
0180.c200.0015 is the MAC address for

what?
0 - 127 inclusive, default 64
For IS-IS DIS elections, what is the

interface priority value range?
Assigning multiple NSAP addresses to a
router is a temporary situation used to
facilitate splitting or merging areas. What is the reason for assigning multiple
IS-IS NSAP addresses to a router?
The System ID must be identical, with a
different Area ID.
What is the requirement of assigning
multiple NSAP addresses to an IS-IS
router?
Since the requirement of multiple NSAP
addresses is the System ID must be the
same, but the Area IDs must be different, What is the result of having multiple NSAP
the end result is that the areas are merged addresses assigned to an IS-IS router?
together while the IS-IS router has multiple
NSAP addresses assigned to it.
Level 1 routers can perform redistribution
from external sources, but can see routes
within their own area and nothing more. In what way do IS-IS Level 1 routers
operate similar to an OSPF NSSA-TS area?
It sets the ATT (attachment) flag on its L1

LSP
How does an IS-IS L1L2 router indicate
that it can reach areas other than its own?
L1 routers install a default route toward the
nearest L2 router advertising the ATT flag.
How do IS-IS L1 routers respond to
receiving an LSP with the ATT flag?
Spanning-Tree diameter
The maximum number of switches that

could possibly be in the path between two
end hosts is known as what?
The downstream neighbor's choice of root
port
What does changing the STP local port ID
influence?
The local choice of the root port
What does changing the local STP

interface cost influence?
DMVPN Phase 2
The following are characteristics of which

DMVPN phase?
-Summarization is not allowed on the hub

-Default routing is not allowed on the hub
-Spokes must always maintain next-hop
reachability
DMVPN Phase 3
The following are characteristics of which

DMVPN phase?
-Summarization is allowed on the hub

-Default routing is allowed on the hub
-Next-hop values on the spokes are always
modified
An external discard route to Null0 is
automatically injected along with the
summary address. What is automatically generated when you
issue the OSPF summary-
address command?
With the "P" (propagate) bit. If the bit is
not set, the redistributed route remains
within the NSSA and is not translated to a How does OSPF indicate that an external
Type 5 LSA by the ABR. route installed in an NSSA should not leave
the area?
Link Establishment Phase
During which phase do two devices verify
whether they speak PPP and negotiate

basic link operation parameters?
LCP Link Control Protocol
The following functions are provided by

what aspect of PPP?
-Verify devices speak PPP

-Verify link is not looped
-Negotiate basic parameters
-Verify session liveliness
-Tear down session if either device requests
it
CONFNAK
What PPP message is sent when certain

parameters of unacceptable, but
negotiable?
CONFREJ
What PPP message is sent when certain

parameters of unacceptable, and
nonnegotiable?
bba-group
The configuration details of a particular

PPPoE concentrator instance, such as the
concentrator name presented to clients,
maximum number of attached clients, and a
reference to the Virtual-Template, are
contained in what?
255
What is the limit to the number of BGP

ASes an advertised prefix can pass
through?
show ip bgp peer-group
How do you view information about BGP

peer groups?
NEXT_HOP
AS_PATH
LOCAL_PREF A BGP route reflector is not allowed to
MED change which four attributes of reflected
routes?
BGP route reflectors are not allowed to
change those attributes.
How does a BGP route reflector handle the
NEXT_HOP, AS_PATH, LOCAL_PREF,
and MED attributes in reflected routes?
show ip bgp rib-failure
How can you determine the reason for a

BGP RIB failure?
advertise-map
non-exist-map
exist-map What four tools are available with BGP for
inject-map conditional route advertisement?
Conditional route advertisement
The BGP tools advertise-map, non-exist-

map, exist-map, and inject-map, are
associated with what?
The advertise-map specifies the routes to
be advertised to the neighbor when the
condition of the exist-map or non-exist- How does the BGP advertise-map
map is met. conditional route tool work together with
exist-map and non-exist-map?
With the exist-map the condition is met
when the prefix exists both in the advertise-
map and the exist-map.
With the non-exist-map the condition is

met when the prefix exists in the advertise-
map but not in the non-exist-map.
When the prefix exists in both the
advertise-map and the exist-map.
What causes the BGP exist-map condition
to be met?
When the prefix exists in the advertise-
map, but not in the non-exist-map.
What causes the BGP non-exist-
map condition to be met?
Routes with the no-advertise community
attached should not be advertised to any
BGP neighbor, whereas no-export routes What is the difference between the BGP
should not be advertised to any eBGP no-advertise and no-export communities?
neighbor.
local-as
no-advertise
no-export What are the three well-known BGP
communities?
BGP process:
neighbor ip send-community
How do you advertise BGP communities to
a neighbor?
By default IOS routers strip the community
attribute of a route when advertising to
neighbors unless specifically configured With Cisco IOS, how are BGP
with neighbor ip send-community communities propagated by default?
If a route is tagged with the no-export (or

any other) community, that information is
lost unless the router is specifically
configured to send communities.
Reference a route-map with the network

statement under the BGP process.
How do you change BGP attributes for an
advertised prefix?
no-export ignores the BGP confederation
identifier, and keeps the prefixes local to
the overall BGP ASN. How do the BGP no-export and local-as
communities work with BGP
local-as takes the BGP confederation confederations?
identifier into account and keeps the routes
local to the sub-AS if the confederation
identifier is configured. Otherwise it
behaves identically to the no-export
community.
The internet community is essentially an
"advertise to all" setting, commonly used to
override previously-set advertising What is the internet BGP community?
restrictions.
show ip bgp regexp _ASN_
How do you view BGP prefixes that have

passed through a particular AS?
show ip bgp regexp _ASN$
How do you view which BGP prefixes

originated from a particular ASN?
show ip bgp regexp ^$
How do you view which BGP prefixes

originated in the local AS?
ip as-path access-list num deny ^$
ip as-path access-list num permit .*
How can you configure an AS_PATH
access list to deny prefixes originated from
the local AS?
All prefixes from the local BGP AS are
denied
What is the result of this configuration?
ip as-path access-list num deny ^$

ip as-path access-list num permit .*
show ip bgp regexp ^([0-9]+)(_\1)+$
How can you view BGP prefixes which

have been prepended?
ip as-path access-list num permit ^([0-
9]+)(_\1)+$
How can you match with an AS_PATH
access list BGP routes that have been
prepended?
Normal Configuration BPDUs flow from
the root bridge downstream in classic STP.
TCN BPDUs are necessary for downstream Why are classic STP TCN BPDUs
bridges to notify upstream bridges of a necessary?
topology change.
The switch detecting the topology change
sends a TCN BPDU on its root port toward
the designated switch. The designated How do classic STP TCN BPDUs get
switch responds back with a normal processed in the network?
configuration BPDU with the TCAck bit
set. The process repeats with the designated
switch sending a TCN BPDU on its own
root port and expecting to receive a TCAck
from it's designated bridge. When the TCN
reaches the root, the root sends out
configuration BPDUs with the TC bit set,
which then flows downstream to all
switches in the topology.
The switch becomes aware of a topology
change and reduces its CAM aging time to
the forward delay, which is 15 seconds by What is the effect of a switch running
default. classic STP receiving a configuration
BPDU with the TC bit set?
The root bridge sends out configuration
BPDUs with the TC bit set for max age +
forward delay (20+15=35) seconds. With classic STP, when the root bridge is
Downstream bridges receiving the BPDU notified of a topology change, how does it
with the TC bit set reduce their CAM aging react?
time to the forward delay.
Max Age + Forward Delay seconds
20 + 15 = 35 seconds by default With classic STP, when the root bridge is

notified of a topology change, how long
does it send out configuration BPDUs with
the TC bit set?
Neighbor Solicitation
What function replaces ARP in IPv6?

-Discover link-layer IPv6 address of
neighbor (replaces ARP)
-Duplicate Address Detection What three main functions are performed
-Determine reachability of neighbor by IPv6 Neighbor Solicitation?
Neighbor Solicitation
With IPv6, the following three functions

are performed by what?
-Discover link-layer IPv6 address of

neighbor (replaces ARP)
-Duplicate Address Detection
-Determine reachability of neighbor
FF02::1
What is the IPv6 All Nodes multicast

address?
All Nodes
What is the IPv6 address FF02::1
associated with?
FF02::2
What is the IPv6 All Routers multicast

address?
All Routers
What is the IPv6 address FF02::2?

-Host receives RA message and updates its
default router list, neighbor cache, and
prefix list What are the two high-level steps of the
-Host uses info from RA to create modified SLAAC process?
EUI-64 IPv6 address for all received
prefixes
Interface:
ipv6 enable
ipv6 address autoconfig How do you enable a Cisco IOS device to
configure an IPv6 address via SLAAC?
show ipv6 routers
How do you view the addresses and

interfaces on which IPv6 RA messages
have been received?
33:33 + Last four bytes of multicast IPv6
address
How are multicast MAC addresses
Example: FF02::1 = 3333.0000.0001 generated from multicast IPv6 addresses?
Example: FF02::1:FF11:1111 =
3333.FF11.1111
This interface command uses SLAAC to
configure the IPv6 address on the interface
based on received RA messages, and to What does the following command do?
install a default route automatically to the
routers advertising the RA messages. ipv6 address autoconfig default
False: They are sent on Ethernet interfaces
automatically, but must be explicitly
enabled on Serial interfaces with: True or False: IPv6 RA messages are sent
by default on Serial and Ethernet interfaces
no ipv6 nd ra suppress after IPv6 unicast-routing is enabled.
Interface:
no ipv6 nd ra suppress
How do you enable the sending of IPv6 RA
messages on a serial interface?
Interface:
ipv6 nd managed-config-flag
How do you set the "M" flag in outgoing
IPv6 RA messages?
Interface:
ipv6 nd other-config-flag
How do you set the "O" flag in outgoing

IPv6 RA messages?
The "M" flag indicates to the receiver that
it should receive its entire IPv6
configuration using DHCP, with the What is the IPv6 RA "M" flag?
exception of the default gateway address,
since that is already conveyed in the RA
message.
By setting the "M" flag in outgoing RA
messages.
How do IPv6 routers indicate to hosts that
they should receive their entire IPv6
addressing information from a DHCPv6
server?
The "O" flag indicates that a host should
obtain its IPv6 address and gateway from
SLAAC, and use DHCPv6 to acquire all What is the IPv6 RA "O" flag?
other information (such as DNS servers).
Setting the "O" flag
What is an indication in an IPv6 RA

message that the receiving device should
set its IPv6 address and default gateway via
SLAAC, but use DHCPv6 for all other
settings, such as DNS servers?
It is up to the host as to whether or not the
flags will be honored. For example, a
router can send an RA with either of the What happens if an IPv6 host receives RA
flags set, but it will be ignored if the host messages with either the "M" or "O" flags
already has a static configuration. set?
This command allows the interface to have
a link-local address.
In Cisco IOS, what does the interface
command ipv6 enable do?
show ipv6 dhcp interface
How do you view the parameters received

from a DHCPv6 server?
Solicit
Advertise
Request What is the DHCPv6 four-stage process?
Reply
Interface:
ipv6 dhcp relay destination ipv6-address
interface How do you configure DHCPv6 relay?
Rapid Commit allows a DHCPv6 client to
obtain its information from the DHCPv6
server with the exchange of two messages, What is the DHCPv6 Rapid Commit
instead of four. This feature must be feature?
configured on both the server and client.
Solicit
Reply
What messages are exchanged during

DHCPv6 Rapid Commit?
Interface:
ipv6 address dhcp rapid-commit
How do you enable the DHCPv6 Rapid
Commit feature on the client side?
Interface:
ipv6 dhcp server pool rapid-commit
How do you enable the DHCPv6 Rapid
Commit feature on the server side?
Prefix delegation is a mechanism to assign
entire prefixes to a downstream router,
which can then be further subnetted at will. What is IPv6 prefix delegation?
IPv6 prefix delegation
What is the IPv6 mechanism to assign an

entire prefix to a downstream router, which
can then be further subnetted at will?
Global:
ipv6 local pool pool ipv6-prefix/length
sublength For IPv6 prefix delegation, how do you
configure the pool of prefixes available for
Example: assignment?
ipv6 local pool Pool1 2001:1:1::/48 56
This example provides assignment for up

to 256 /56's within the parent /48
show ipv6 local pool
For IPv6 prefix delegation, how can you

view how many prefixes have been
assigned for each pool?
ipv6 dhcp pool name
prefix-delegation pool pfx-pool lifetime
infinite infinite How do you configure a DHCPv6 pool to
permanently assign delegated prefixes?
Interface:
ipv6 dhcp client pd tag
How do you configure an interface to
Where tag is assigned locally and used for request a DHCPv6 delegated prefix?
reference in other configuration commands
(such as for further subnetting the prefix on
another interface).
Interface:
ipv6 address tag prefix/length
How do you configure an IPv6 address to
Where tag refers to the DHCP-requested be assigned based on a previously-received
delegated prefix from a different interface, delegated prefix?
and prefix/length is the value appended to
the delegated prefix.
Example: ipv6 address Pfx1

::2:0:0:0:20/64
If Pfx1 = 2001:0:1, the final prefix would

be 2001:0:1:2::20/64
ipv6 local pool Pfx1 pfx/len delegated-
length
ipv6 dhcp pool Pool1 How do you configure IPv6 prefix
prefix-delegation pool Pfx1 lifetime delegation on the upstream router?
valid-lifetime preferred-lifetime
interface interface
ipv6 dhcp server Pool1
router ospfv3 pid
summary-prefix prefix/length How do you configure an OSPFv3 external
summary?
summary-prefix is used instead of
summary-address
The V6-Bit indicates that the router has the
capability of forwarding transit IPv6
packets. Within the context of OSPFv3 LSAs, what
is the V6-Bit?
The E-Bit indicates the capability of the
local router to accept external LSAs.
Within the context of OSPFv3 LSAs, what
is the E-Bit?
The R-Bit indicates that the router can be
used to route transit traffic.
is the R-Bit?
The DC-Bit indicates that the router is
capable of running demand circuits.
is the DC-Bit?
V6-Bit

identifies the router's capability to forward
transit IPv6 packets?
E-bit

identifies the router's capability to accept
external LSAs?
R-bit

identifies the router's capability to route
transit traffic?
DC-bit

identifies the router's capability to run
demand circuits?
Interface IDs are used instead of IPv6

addresses to indicate interfaces that are
connected together. Each interface on a How does OSPFv3 use interface IDs in
router is assigned an interface ID, and the LSAs?
local router can learn about its neighbor's
interface ID from the received OSPFv3
Hello packets.
One Type-9 LSA containing all stub
networks
One Type-9 LSA for each transit network How many Type-9 LSAs are generated by
for which the router is a DR and has an OSPFv3 router?
originated a corresponding Network LSA.
ipv6 unicast-routing
router eigrp name
address-family ipv6 unicast as asn What is the minimum configuration for
eigrp router-id rid enabling EIGRP for IPv6 in named mode?
EIGRP is automatically enabled on all

interfaces at this point.
EIGRP process:
distance eigrp 90 255
How can you filter out all EIGRP External
routes without using a route-map or prefix-
list?
All autoconfiguration features are disabled
when a static IPv6 address is configured.
How does configuring a static IPv6 address
on an interface affect IPv6
autoconfiguration features?
If the other end of the link does not
understand RSTP BPDUs, or if the remote
bridge is blocking, the RSTP designated How does an RSTP designated discarding
discarding port falls back to classic STP port react to not receiving an agreement
timers and proceeds through listening and after sending a proposal?
learning into forwarding.
match-all
What is the default match type in a class-

map if not specified?
Directly on the interface
Where do you apply Generic Traffic

Shaping?
True
True or False: Generic Traffic Shaping

supports selectively shaping via ACLs.
HSRP members configured with standby
preempt will attempt to become the active
device if its priority is higher than the How does HSRP preemption work?
current active device. Without preemption,
the current HSRP active device remains
active (regardless of interface tracking)

unless there is loss of reachability between
HSRP members.
-Users
-Groups
-Views What are the three main entities of
SNMPv3?
SNMPv3 Views define subsets of MIBs
visible to groups.
What are SNMPv3 Views?
-NoAuthNoPriv
-AuthNoPriv
-AuthPriv What are the three SNMPv3 security
levels?
With SNMPv3, traps must have a user
associated with them.
With SNMPv3, what is a requirement for
sending traps?
-Read
-Write
-Notify What are the three types of SNMPv3
Views?
All three protocols require the client host to
send a broadcast to begin discovery, and all
three protocols rely on a server to hear the What two things are common between
request and supply an IP address to the RARP, BOOTP, and DHCP?
client.
A client sends an ARP request containing
its MAC as the target, with the target IP
0.0.0.0. The RARP server, if configured How does RARP work?
with the host's MAC address in its lookup
table, sends an ARP reply with the host's IP
address in the Source IP address field.
RARP works based on normal ARP
messages, and therefore must be on the
same L2 network segment as the RARP Where in the network must a RARP server
clients. be placed?
BOOTP includes many features over
RARP, most of which were later included
or improved in DHCP. However, BOOTP What is the major limitation of BOOTP?
still requires the server to be preconfigured
with the MAC and IP addresses of each
participating client.
False. BOOTP uses UDP packets, and is
able to support a centrally-located BOOTP
server. True or False: Like RARP, the BOOTP
server must reside on the same L2 network
segment as the client.
-Dynamic: must be set to static access or
trunk
-Routed Switchport port-security cannot work with
-SPAN destination which five types of ports?
-EtherChannel
-PVLAN
0100.0C00.0000 or 0300.0C00.0000 for
Ethernet
To which addresses are ISL encapsulated
frames sent to?
Both normal and extended range
What range of VLANs are supported by

ISL?
The bytes are sent left-to-right, with the
least significant bit in each byte transmitted
first. How are the bits and bytes of MAC
addresses in Ethernet frames transmitted?
A MAC address beginning with "12" is
0001 0010 in binary, but would be
transmitted as 0100 1000.
The dead interval becomes fixed at one
second, and a hello multiplier is used to
specify the number of hellos to be sent How does the OSPF Fast Hello feature
every second. work?
With the OSPF Fast Hello feature, the hello
interval advertised in hello packets is set to
0, and the hello interval is ignored in With OSPF Fast Hellos, how is the hello
received hello packets on the interface. interval advertised in hello packets?
False. With fast hellos, the hello interval
value is ignored in received hello packets.
The value does not need to match between True or False: When using OSPF Fast
neighbors as long as at leats one hello Hellos, the hello multiplier value must
packet is sent and received within the deal match between devices.
interval (1 second).
39 Data Country Code
45 E.164
47 International Code Designator What are the four main NSAP address
49 Locally Defined formats?
Prefixes learned via:
-network
-neighbor ip default-originate What causes the BGP Origin code to be
-aggregate-address without as-set IGP?
-aggregate-address with as-set if all
components use IGP code
Prefixes learned via:
-redistribute
-default-information originate (not What causes the BGP Origin code to be
neighbor default originate) Incomplete?
-aggregate-address with as-set where at
least one component has Incomplete code
Label
However, not all packets with the same All packets belonging to the same MPLS
label belong to the same FEC FEC have the same ___.
The markings on all incoming traffic is

dropped unless the interface is configured
to trust the existing markings. What is the default behavior with regard to
marked traffic on Catalyst switches when
mls qos is enabled?
CIR / 32 or 1500 bytes, whichever is
higher.
With class-based policing, if the Bc value
is not specified, what is the default?
IOS does not allow the burst size to be less
than CIR / 32 or 1500 bytes.
What happens if you configure a Bc size to
For example, if you attempt to configure a be less than the CIR / 32?
CIR of 10 Mbps with a Bc of 1000 bytes,
IOS notifies you that it is automatically
increasing the burst size to 5000 bytes.
Create an IP or MAC ACL and reference it
in the class-map with match access-group
ACL How can you match on an IP or MAC
address in a class-map without using
match source-address [mac]?
The Be value is equal to the Bc value,
unless explicitly configured.
With class-based shaping, what is the Be
value if not specified?
Tc
What is the result of Bc / CIR?

OAKLEY
What is the key exchange protocol used by

Cisco inside IKE?
IKE
OAKLEY is the key exchange protocol

that Cisco uses inside what?
Main mode
Aggressive mode
What are the two modes defined by
ISAKMP?
ISAKMP policy
To enable IKE Phase 1, what must be

configured?
IPsec transform set
To enable IKE Phase 2, what must be

configured?
UDP 500
What port is associated with IKE?
IKE
Port UDP 500 is associated with what
technology?
-Authentication method
-Diffie-Hellman group
-Encryption type What are the four main parameters
-Hash algorithm exchanged during IKE Phase 1?
IKE Phase 1
Authentication method, Diffie-Hellman

group, Encryption type, and Hash
algorithm are exchanged during which IKE
phase?
Multiple ISAKMP policies can be
exchanged, and the first match is used
based on the lowest local priority value. During ISAKMP policy exchange between
peers, which policy is chosen?
-Security protocol (ESP or AH)
-Encapuslation mode (Transport or Tunnel)
-Encryption What are the four main parameters
-Authentication exchanged during IKE Phase 2?
The combination is referred to as the IPsec

Transform Set
The set of parameters used to define IKE
Phase 2:
What is the IPsec transform set?
-Security protocol (ESP or AH)
-Encapsulation mode (Transport or Tunnel)
-Encryption
-Authentication
IKE Phase 2
The security protocol, encapsulation mode,

encryption, and authentication, are the four
main parameters of which IKE phase?
IPsec transform set
What are the combination of security

protocol, encapsulation mode, encryption,
and authentication parameters referred to
as?
Higher numbers indicate a stronger level of
cryptography.
How are Diffie-Hellman group numbers
related to each other?
Quick Mode
What mode is IKE Phase 2 referred to as?

crypto map name seq ipsec-isakmp
set peer ip
match address ACL How do you configure a basic crypto map

set transform-set transform-set for IPsec-ISAKMP?
interface interface
crypto map name
show crypto isakmp [default] policy
How do you verify the custom or default

IKE Phase 1 policies?
show crypto isakmp key
How do you verify ISAKMP PSKs?

show crypto ipsec transform-set name
How do you verify custom or default IKE

Phase 2 policies?
show crypto map interface interface
How do you verify the crypo map

configuration for an interface?
show crypto isakmp sa
How do you view the result of the IKE

Phase 1 negotiation?
debug crypto isakmp
How do you view realtime details about

IKE Phase 1?
debug crypto ipsec
How do you view realtime details about

IKE Phase 2?
show crypto ipsec sa
How do you view the results of IKE Phase

2 negotiations?
The device first checks to see if there is an
existing local IPsec SA (Phase 2 SA)
matching the particular traffic. Before a device sends IKE packets to a
peer, what is checked first?
Six
How many packets are exchanged for the

IKE Phase 1 SA in Main mode?
Three

IKE Phase 1 SA in Aggressive mode?
Three

IKE Phase 2 SA Quick Mode?
The first packet is sent by the IPsec tunnel
initiator, and contains the ISAKMP policy.
What is contained in the first packet of the
IKE Phase 1 Main Mode SA?
The second packet is sent from the
responder back to the initiator containing
the exact same information matching the What is contained in the second packet of
ISAKMP policy sent in the first packet the IKE Phase 1 Main Mode SA?
(assuming a matching policy is configured
on the responder).
Various features such as NAT-Traversal and
Dead Peer Detection
What do the vendor-IDs exchanged during
the IKE Phase 1 setup refer to?
86400 seconds (1 day)
What is the default ISAKMP SA lifetime?

Sent from the initiator to the responder
containing the Key Exchange information
with the purpose of generating the What is contained in the third packet of the
information for the Diffie-Hellman secret IKE Phase 1 Main Mode SA?
key.
Sent from the responder back to the
initiator containing Key-Exchange
information so that both peers can generate What is contained in the fourth packet of
a common session key based on the the IKE Phase 1 Main Mode SA?
locally-configured PSK.
Sent to responder and protected by the
common shared secret, the fifth message is
used for sending authentication information What is contained in the fifth packet of the
to the peer. IKE Phase 1 Main Mode SA?
The sixth and final packet is sent from the
responder back to the initiator containing
matching authentication information. What is contained in the sixth packet of the
IKE Phase 1 Main Mode SA?
The first packet is sent from initiator to
responder and contains enough information
for the responder to generate its Diffie- What is contained in the first packet of the
Hellman secret. This single packet is IKE Phase 1 Aggressive Mode SA?
equivalent to the first four Main Mode
packets.
The second packet is sent from the
responder back to the initiator, and contains
the Diffie-Hellman key. What is contained in the second packet of
the IKE Phase 1 Aggressive Mode SA?
Sent from the initiator to the responder,
conatins the identity and hash payloads. If
the information matches on the responder, What is contained in the third packet of the
the IKE Phase 1 SA is established. IKE Phase 1 Aggressive Mode SA?
Proxy ID
With IPsec, what is the "interesting" traffic
referred to as?
The ACLs must mirror each other between
peers.
When configuring ACLs to be used as
Proxy IDs for IPsec, what is the
configuration requirement of both peers?
Security Parameter Index (SPI) values
What differentiates different IPsec SAs?

Two - one SPI for the inbound SA, and one
SPI for the outbound SA
How many SPI values are generated for
each IPsec tunnel?
Crypto maps require mirrored ACLs for
each SA, whereas GRE tunnels with IPsec
protect all traffic. This allows for the What are the two major benefits of using
second major benefit, the ability to run GRE tunnels with IPsec as opposed to
dynamic routing protocols instead of using legacy crypto maps?
static routes.
show ip pim interface
How can you view information about PIM

on the configured interfaces?
show ip igmp interface interface
How can you view information (versions,

timers, etc.) about IGMP on the configured
interfaces?
Global or per-interface:
ip igmp limit number
How do you configure the maximum
number of mroute states created as a result
of IGMP host membership reports?
Globally:
mpls ldp router-id
How do you manually configure the LDP
RID?
True. Unlike OSPF, the LDP RID
represents an actual IP address, and is used
for transport. If not set manually, it follows True or False: The value used for the LDP
the same auto-assignment rules as other RID must be reachable on the network.
protocols (highest loopback IP, etc), but
whether set manually or not, it must be
reachable on the network.
How can you verify IGMP timers?

How can you verify which multicast router

is the DR on a segment?
How can you verify which multicast

groups have been joined on a network
segment, and how many users are
participating in the groups?
Interface:
ip igmp query-interval seconds
How do you modify the IGMP query
interval?
Interface:
ip igmp querier-timeout
How do you modify the IGMP querier
Default is 2x query-interval, and is timeout?
automatically adjusted when the query-
interval is adjusted unless set manually.
The querier-timeout value is automatically
set to 2x the value of the query interval,
unless configured manually. What is the effect of changing the IGMP
query interval on an interface?
Interface:
ip igmp query-max-response-time
How do you change the IGMP query max
response time?
IGMPv1 does not support querier election,
so the multicast routing protocol elects a
DR for that purpose. Why is a DR used with IGMPv1?
The static-group command causes the
router to maintain multicast state for the
particular group so that multicast traffic What is the difference between ip igmp
can flow through the router to the particular static-group and ip igmp join-group?
group.
The join-group command causes the router

to act as a multicast client and participate
in group membership, such as the ability to
send pings.
Interface:
ip igmp access-group ACL
How do you limit which multicast groups
can be joined from a network segment?
Interface:
ip igmp last-member-query-count
number How do you modify the IGMP last member
query count?
Interface:
ip igmp last-member-query-interval ms
How do you modify the IGMP last member
query interval on a network segment?
Automatic PIM-SM tunnel interfaces.
What is used in newer IOS versions to

register with the RP instead of unicast-
encapsulated multicast register messages?
show ip pim tunnel
Displays type (PIM Encap or PIM Decap), How can you view information about
RP address, source address automatic PIM-SM tunnels?
This interface command can reference an
ACL to prevent state from specified
multicast groups from being installed. What is the purpose of the ip multicast
boundary command?
When an interface is configured for sparse-
dense mode, if an RP is not found for a
particular multicast group, the interface What does the command ip pim dm-
attempts to locate the multicast source via fallback do?
PIM-DM.
The default ip pim dm-fallback command
instructs the router to attempt to find the
multicast source via PIM-DM. What is the default behavior of an interface
configured for PIM sparse-dense-mode if it
cannot find the RP for a particular
multicast group?
5 / 15 seconds
What are the default LDP Hello and Hold

timers?
Specify the desired traffic with an ACL,
then reference it with:
debug ip packet detail acl How do you perform conditional
debugging?
The peer IP address is 1.2.3.4 and its label
space is platform-wide (indicated by :0,
any other value indicates per-interface label What does the Peer LDP Ident 1.2.3.4:0
space). indicate?
Basic is used to discover directly-
connected neighbors.
What is the difference between the two
Extended uses targeted IP addresses to types of LDP neighbor discovery?
discover neighbors that are not directly
connected.
Globally:
mpls ldp discovery hello {interval |
holdtime} seconds How do you adjust the LDP discovery
timers?
Globally:
mpls ldp holdtime seconds
How do you adjust the LDP session
The keepalive time is automatically set to timers?
1/3 the value.
The force keyword causes all LDP TCP

sessions to be reset.
When manually configuring the LDP router
ID, what does the force keyword do?
show mpls label range
Default 16 - 100,000 How do you verify which range of MPLS

labels are available for assignment?
16 - 100,000
What is the default range of MPLS label

values on IOS?
Global:
mpls label range start end
How do you adjust the range of MPLS
Note: adjusting this value requires a reload labels available for assignment?
before taking effect.
3
What is the reserved MPLS label value for

implicit null?
Values 0 - 15 are reserved by IANA and are
never to be made available for allocation.
Why does the default MPLS label value
range begin at 16?
Global:
no mpls ldp advertise-labels
How do you prevent LDP from advertising
labels, without completely disabling LDP?
Global:
mpls ldp advertise-labels for ACL1 to
ACL2 How do you conditionally advertise MPLS
labels?
Where ACL1 indicates prefixes for which
labels will be generated, and ACL2
indicates prefixes for which the labels will
be advertised to.
Interface:
no mpls ldp igp autoconfig
How can you disable LDP for a particular
interface?
Enables LDP for a particular OSPF or IS-
IS process. You can optionally specify the
OSPF area or IS-IS level as part of the What does the mpls ldp autoconfig
command. command do?
LDP session protection is a targeted
session between two LDP neighbors
(typically via loopback interfaces) so that if What is LDP session protection?
a link between the two neighbors goes
down, the TCP session and neighborship
remains active.
Globally:
mpls ldp session protection
How do you enable LDP session

protection?
Global:
mpls ldp discovery targeted-hello accept
How do you configure a router to
participate in LDP session protection
without enabling LDP session protection
on the router itself?
Prefixes are not exchanged between
neighbors unless activated until the
respective address family. What is a consequence of entering the no
bgp default ipv4-unicast command?
ABR
What type of OSPF routers are MPLS PE's

considered?
When using OSPF, the MPLS PE's are
considered ABRs, and the internal MPLS
network is considered the OSPF What is the MPLS OSPF SuperBackbone?
SuperBackbone.
The Domain ID is used when redistributing
OSPF routes into BGP VPNv4. The
Domain ID is attached to BGP updates as What is the OSPF Domain ID?
an extended community, and is used to
determine the LSA type to be generated.
Type 5 LSAs are generated if the Domain
IDs do not match between MPLS PEs, and
Type 3 LSAs are generated if the Domain
IDs do match.
The OSPF Domain ID is either based on
the local OSPF process ID, or configured
manually. How is the OSPF Domain ID determined?
MPLS PE:
router ospf pid vrf vrf
domain-id id How do you configure the OSPF Domain
ID?
OSPF Sham Link
GRE tunnels between PE routers
What are the two main methods of
supporting intra-area OSPF routes across
the MPLS SuperBackbone?
To connect discontiguous OSPF backbones
together over an MPLS network so that
routes between sites appear as intra-area. What is the purpose of an OSPF Sham
Link?
router ospf pid vrf vrf
area 0 sham-link src dst cost cost
How do you configure an OSPF Sham
Link?
show ip ospf sham-links
How do you verify OSPF Sham Links?

The sham link operates similar to a regular
OSPF virtual link in that it has specific
endpoints, traverses a single area, has an What is the MPLS OSPF Sham Link
adjustable cost, and operates as a demand equivalent to?
circuit.
Normal BGP loop prevention mechanisms
are in place by default, so either the CE
must be configured with BGP allowas-in When configuring the same BGP ASN
or the PE must be configured with BGP as- between multiple sites across an MPLS
override L3VPN, what else must be configured?
This allows a BGP router to accept an
advertisement containing its own ASN,
which is normally dropped due to BGP What is the purpose of the BGP allowas-in
loop prevention rules. feature?
This is commonly used across MPLS

L3VPN when the customer has the same
BGP ASN at multiple sites.
Commonly used with MPLS L3VPN, as-
override causes the peer's ASN to be
replaced with the local ASN and How does the BGP as-override feature
prepended. This is used on the PE router work?
side if the CE router is using the same BGP
ASN at multiple sites within the VPN.
Peers must accept prepended routes for this

to work.
show vlan filter
How can you verify which VLANs have a

VACL applied?
True, however those VLANs cannot be
deleted, and they cannot be pruned by VTP.
True or False: VLANs 1 and 1002-1005
can be manually pruned from trunks.
MAC address table
Spanning-Tree instance
What two things are automatically
instantiated when a new VLAN is created?
The root port is elected based on the lowest
root path cost. If there is a tie in cost, the
link through the switch with the lower BID How does the upstream STP switch port ID
is used. If there is a tie for the BID, the affect a downstream switch's choice of root
lowest upstream port ID is used. port?
Layer 3 to Layer 2 resolution
When forwarding to a destination, what is a

requirement for multipoint interfaces that
does not apply to point-to-point interfaces?
show ip nhrp
How can you verify the NHRP cache?
The matched criteria should use normal
forwarding, not policy routing.
With PBR, what does a route-map deny
clause indicate?
debug ip policy
How do you verify if PBR is working?

Metric or AD errors
What are the two primary causes of tunnel

recursive routing errors?
The summary cannot be larger than the
major network. For example, you cannot
create a summary address including both What is the limitation of creating summary
4.0.0.0/8 and 5.0.0.0/8. routes with RIPv2?
EIGRP does not have this limitation.

Both have a link-local scope.
Type 8 "Link LSA" provides all the IPv6 What's the difference between an OSPF
addresses on the link Type 8 and Type 9 LSA?
Type 9 "Intra-Area-Prefix LSA" is defined

as opaque and contains prefixes for stub
and transit networks
True
True or False: EIGRP maintains

completely separate topologies and
performs separate DUAL calculations
when both IPv4 and IPv6 are used
simultaneously.
Broadcast
Non-broadcast
Which OSPF network types use a Type 2
LSA?
Point-to-point
Point-to-multipoint
Point-to-multipoint non-broadcast Which OSPF network types do not use a
Type 2 LSA?
The virtual link must have a total path cost
of less than 65535. If the reference
bandwidth is set to a high value, and the If the OSPF reference bandwidth is set to a
virtual link must traverse a comparatively high value, what could prevent a virtual
low speed interface, the total cost could link from initializing?
exceed the limit.
Example: Reference bandwidth set to 100

Gbps, but virtual link crossing a T1.
Because the VL runs as a demand circuit,

you must clear the VL after authentication
is applied for it to take effect. What is a caveat of enabling authentication
on an OSPF virtual link?
The spoke's overlay IP address
For DMVPN Phase2, what is the next-hop

IP address advertised by the hub for a
particular spoke?
The hub's overlay address. For spoke-to-
spoke traffic, the hub sends an NHRP
redirect to inform the source spoke of the For DMVPN Phase3, what is the next-hop
destination spoke's NBMA address. IP address advertised by the hub for a
particular spoke?
The prefix from the lowest EIGRP ASN
If multiple EIGRP processes are running

and there are multiple equal matches to the
same prefix, which one is installed in the
RIB?
The prefix from the lowest OSPF PID
If multiple OSPF processes are running and

there are multiple equal matches to the
same prefix, which one is installed in the
RIB?
250
What is the AD of NHRP?

NHRP
What protocol has the AD 250?

When redistributing from OSPF into BGP,
external routes are denied by default. This
is changed with redistribute ospf pid During redistribution into BGP, how are
match internal external OSPF routes handled by default?
BGP process:
redistribute ospf pid match internal
external How do you configure BGP redistribution
to allow OSPF external routes?
Only eBGP routes are redistributed by
default. Configure bgp redistribute
internal under the BGP process to allow What is the default behavior of
iBGP routes to be redistributed as well. redistributing BGP routes into an IGP?
Use this with caution as routing loops can

occur.
By default, when redistributing BGP routes
into an IGP, only eBGP routes are
redistributed. This command also permits What does the BGP command bgp
iBGP routes to be redistributed. redistribute internal do?
BGP process:
bgp redistribute internal
This behavior is disabled by default to How do you enable redistribution of iBGP

prevent routing loops. routes into an IGP?
A configurable exponential delay that
causes a flapping interface to be removed
from use by routing protocols until the link What is IP event dampening?
has been stable for a period of time. This
prevents distributed routing protocols from
constantly having to recalculate due to the
rapid presence and removal of the flapping
link.
debug mpls ldp transport events
How can you troubleshoot LDP

adjacencies in realtime?
show vrf detail
How can you verify the VRF RT

import/export policy?
debug mpls ldp binding
How can you view realtime MPLS label

binding information?
clear ip route vrf *
How can you force re-import/export of

route targets in a VRF?
One per physical (sub)interface
One crypto map can be applied to multiple How many crypto maps can be applied on
interfaces. an interface?
One crypto map per (sub) interface.
However, one crypto map can be applied to
multiple interfaces. What is the relationship between crypto
maps and interfaces?
Crypto maps are applied to outbound
traffic on an interface, after NAT and
routing have occurred. This means static How do crypto maps interact with routing
routing and/or NAT exemption may be and NAT?
required.
Routing, NAT, and crypto are independent

of each other.
ISAKMP priorities are processed top-down
until a match occurs with the lower priority
value having a higher precedence. In this When multiple ISAKMP policies are
case, the "lower requirements" would be configured between two devices, what is
used due to it having a higher priority on the result of this configuration:
Router B.
Router A:
-Priority 10: Higher requirements
-Priority 20: Lower requirements
Router B:
-Priority 10: Lower requirements
-Priority 20: Higher requirements
The crypto map should be applied to the
physical interface, not the tunnel interface,
for GRE over IPsec. Traffic is GRE When using crypto maps with GRE
encapsulated first, and encrypted second. tunnels, where should the crypto map be
This allows for a single Proxy ACL entry applied?
to permit GRE traffic between the
endpoints.
By applying the crypto map to the physical
interface instead of the tunnel interface,
traffic is GRE encapsulated first, and How does GRE over IPsec work?
encrypted second. This allows for a single
Proxy ACL entry to permit GRE traffic
between the endpoints.
The MTU value is not copied between
headers, so the MTU of the GRE tunnel
must be adjusted downward accordingly How does GRE over IPsec break PMTUD?
(1400 bytes is standard, with 1360 TCP
MSS).
FC00::/7 (1111 110)
Equivalent to RFC 1918 private What are IPv6 Unique Local addresses?
addressing, not routable via global BGP
Unique Local
What type of IPv6 address is this?
FC00::/7
The general prefix allows multiple longer
IPv6 addresses to be defined from a single
shorter base prefix, which acts as a shortcut What is an IPv6 general prefix?
for renumbering scenarios.
Globally:
ipv6 general-prefix name prefix/length
How do you configure an IPv6 general
Example: prefix?
ipv6 general-prefix GenPfx
2001:db8:1234::/48
Interface:
ipv6 address gen-pfx-name address/length
How do you configure a more specific IPv6
Example: address based on a general prefix?
Configured general prefix:
2001:db8:1234::/48
ipv6 address GenPfx 0:0:0:5678::1/64
Results in final address
2001:db8:1234:5678::1/64
vrf upgrade-cli
How do you convert from an IPv4-only

VRF to one that supports multiple address

families?
Tunnel IPv6 traffic over MPLS IPv4 core
What is the general premise of both 6PE

and 6VPE?
6PE tunnels IPv6 traffic from the global
routing table over the MPLS IPv4 core
What is the difference between 6PE and
6VPE tunnels IPv6 traffic from VRFs over 6VPE?
the MPLS IPv4 core using the VPNv6 AF
To attempt to force multicast traffic to use a
different RPF than would otherwise be
generated via PIM. What is the purpose of creating a static
mroute?
UDP 1985 to 224.0.0.2
What does HSRP use for transport?

HSRP
UDP 1985 to 224.0.0.2 is associated with

what?
VRRP

112
What IP Protocol is used by VRRP?

VRRP
The sending of messages to 224.0.0.18

using IP Protocol 112 is associated with
what?
224.0.0.18 using IP Protocol 112 for
transport
Where do VRRP messages get sent to?
GLBP
What is associated with IP address

224.0.0.102 port UDP 3222?
224.0.0.102 UDP 3222
Where does GLBP send its messages to?

Packets are first routed, and then have
sources translated since the destination
addresses are global. What is the NAT/routing order of
operations for inside addressing?
Packets have destinations that are
untranslated first, so routing occurs after
translation, which allows proper routing for What is the NAT/routing order of
returning packets with translated sources. operations for outside addressing?
BFD Bidirectional Forwarding Detection
What is a lightweight keepalive protocol

designed to reduce dead peer detection
time across Layer 2 networks?
Interface:
bfd interval ms min_rx ms multiplier
multiplier How do you enable BFD on an interface?
Example:
bfd interval 50 min_rx 50 multiplier 5
This causes BFD echoes to be sent at 50ms,
and BFD expects to receive the echo back
within 50ms. If five consecutive echoes are
missed, the upper-layer protocol is notified
of the failure.
show bfd neighbors
How do you verify BFD?

Routing process:
bfd interface interface
How do you register a routing protocol
or with BFD?
bfd all-interfaces
BFD does not detect neighbors, and relies
on the neighborship formed by upper-layer
protocols. Without the neighborship, BFD What happens if BFD is enabled, but not
is idle. registered to any upper-layer protocol?
uRPF and IP redirects must be disabled
What features must be disabled for BFD

echoes to work?
True, via the BFD authentication and
dampening commands
True or False: BFD supports both
authentication and event dampening.
A BFD template is similar to a BGP peer
group where you can define common
attributes, such as timers, authentication, What is a BFD template?
dampening, and then apply them to an
interface via bfd template name
BFD echo is enabled by default when
BFD's parameters are configured directly
on the interface, and disabled by default How is the BFD echo setting different for
when configured via BFD template. template versus interface configuration?
Enable under the template with the echo

command.
Control
Echo
What are the two different packet types

used by BFD?
The sending device. This allows the
receiving device to immediately redirect
the packet back out the interface without What is the source and destination of BFD
processing it. echo packets?
BFD timers are unidirectional and can
differ between neighbors. The local min_tx
value is compared against the received How does the exchange of BFD hello
min_rx value from the peer, and the higher timers between neighbors work?
(slower) value is used as the local router's
BFD hello interval.
Peer policy
Peer session
What are the two types of BGP peer
templates?
Peer policy templates contain common
attributes and filters to be applied to all
peer members. What is the difference between BGP peer
policy and peer session templates?
Peer session templates contain common
neighbor settings such as timers and remote
ASNs to be applied to all peer members.
False. BGP can be configured with both
peer groups and peer templates, but
individual neighbors can be configured True or False: A BGP neighbor can both be
only by one method or the other, not both a member of a peer group and inherit
simultaneously. policies from peer templates.
Unlike peer groups, peer templates can
inherit other peer templates.
What is a major advantage of BGP peer
templates over peer groups with regard to
flexibility?
Peer session templates are used to group
and apply the configuration of general
session commands that are common to all A BGP peer session template can be
address family and Network Layer applied to which AFI and NLRI
Reachability Information (NLRI) configuration modes?
configuration modes.
Peer policy templates are used to group and
apply the configuration of commands that
are applied within specific address-families A BGP peer policy template can be applied
and NLRI configuration modes. to which AFI and NLRI configuration
modes?
BGP process:
template {peer-policy | session-policy}
name How do you configure a BGP peer policy
or session template?
neighbor ip inherit {peer-policy | session-
policy} name
BGP dynamic neighbors allows BGP

peering to a group of remote neighbors that
are defined by a range of IP addresses and What is the BGP dynamic neighbors
peer groups. feature?
bgp listen is used to configure the BGP
dynamic neighbors feature.
What is the bgp listen command used for?
BGP process:
bgp listen range prefix/length peer-group
group How do you configure BGP dynamic
neighbors for a particular subnet?
Where prefix/length represents the source
IP range of the dynamic neighbors.
Note: this command requires the

configuration of a peer-group, with a
minimum configuration indicating the
remote-as.
With BGP dynamic neighbors, you must
configure potential neighbors using a peer-
group. With the neighbor peer-group What is the BGP neighbor remote-as
remote-as asn alternate-as as1 as2 as3 alternate-as keyword used for?
as4 as5 command, you can configure a
total of six (one regular and five alternate)
ASNs from which the dynamic neighbor
connection is allowed.
The "P" bit (propagate)
This is controlled by various OSPF What option controls whether or not a Type
commands with the nssa-only keyword. 7 LSA is propagated to the rest of the
With the nssa-only keyword, the Type 7 OSPF domain?
LSA is not converted to Type 5 at the ABR
and remains within the NSSA.
You can reduce unicast flooding by
ensuring ARP entries time out before CAM
entries, so that the ARP table can be What is the relationship between ARP
repopulated before the CAM entires expire. entries, the switch CAM table, and unicast
flooding?
Interface:
switchport block unicast
How do you prevent a switch from
flooding unknown unicast frames?
When traffic enters a higher-speed
interface and exits a lower-speed interface
What are two common causes of traffic
When traffic from multiple ports are trying "microbursts"?
to reach a single port
When the source sets the Record Route IP
option, an empty list is created in the
header, and each router along the path adds What is the IP Record Route option?
its IPv4 address to the list.
With the strict source route IP option, the

sender can specify the complete path the
packet must take to reach its destination. What is the IP Strict Source Route option?
The loose source route IP option allows the
sender to specify a list of routers that the
packet must pass through toward the What is the IP Loose Source Route option?
destination, though additional unspecified
routers may also be in the path.
The Router Alert option causes each router
along the path to examine the packet, even
if the router is not the ultimate destination. What is the IP Router Alert option?
Intermediate routers ignore all extension
headers, unless the Next Header is set to 0
Hop By Hop Options, in which case all How do intermediate IPv6 routers handle
routers along the path examine the packets with extension headers?
extension headers.
With IPv6, only the sending device may
fragment the packet, whereas any device in
the path can fragment IPv4 packets unless How do intermediary devices handle IP
the DF bit is set. packet fragmentation differently for IPv4
and IPv6?
The FO field indicates the position of the
fragment within the overall packet, with
each value representing 8 bytes. If the FO How does the IP Fragment Offset field
field has a value of 100, it means the work?
fragment begins 800 bytes into the payload.
Time Exceeded
What ICMP response may be sent if the

TTL of a packet reaches 0?
When a packet's TTL reaches 0.
What usually triggers the ICMP Time

Exceeded message?
The number of bytes that may be sent
before an ACK is required.
What is the TCP window size?
The amount of data that can be in transit at
any time between hosts.
What is the bandwidth delay product?
BDP is measured as the capacity of the link
multiplied by the round-trip delay time.
Networks with large bandwidth delay
products, such as high-speed satellite links.
These networks have a high bandwidth What is a Long Fat Network?
capacity, but also have large delay values,
which can cause issues with TCP
windowing.
Global synchronization occurs due to the
combination of TCP slow-start,
windowing, and tail-drop queuing on the What causes TCP global synchronization?
router. TCP keeps expanding the window

size until traffic drops due to link
congestion, which begins the slow-start
process again.
Congestion avoidance algorithms like
WRED randomly drop TCP packets for
different TCP sessions, which causes TCP How can you alleviate the symptoms of
to use slow-start for each session. Since TCP global synchronization?
sessions are affected individually instead of
simultaneously (as in the case of a tail
drop), global synchronization is avoided.
Create separate queues for TCP and UDP
traffic.
How do you prevent TCP starvation / UDP
dominance?
Sequence numbers and timestamps which
can be used for re-ordering packets if
necessary. RTP also conveys the format of What does RTP (Real-time Transport
the payload carried in the stream. Protocol) add over UDP?
RTCP works in conjunction with RTP, and
carries additional information about the
RTP stream, such as quality and What is the purpose of RTCP (Real-time
synchronization. The information is Transport Control Protocol)?
provided through Report messages.
RTP uses even-numbered ports, and RTCP
uses the next-higher odd-numbered port.
How does RTP and RTCP use individual
UDP ports?
Stack Master
What is the StackWise switch responsible

for operations referred to as?
6in4 relies on static tunnel configuration,
and works by encapsulating the IPv6
payload directly after the IPv4 header. What's the primary difference between 6in4
and 6to4?
6to4 automatically generates the tunnel
endpoints based on the IPv6 address, and
uses 6in4 for transport.
6RD is IPv6 Rapid Deployment tunneling,
which is similar to 6to4, but more flexible.
What is 6RD?
6RD does not require addresses to have a
2002::/16 prefix
What are the two main differences between
6RD does not require all 32 bits of the IPv4 6RD and 6to4?
destination to be carried in the IPv6
payload header
Switch ports can be protected with 802.1X,
but allow devices matching a particular
MAC address to bypass the authentication. What is MAC Authentication Bypass?
This is useful for devices like printers.
When the switch detects a connection from

the client device, it uses the MAC address
as the client identity and sends the How does MAC Authentication Bypass
authentication server a RADIUS work?
access/request frame with a username and
password based on the MAC address.
This is useful for devices like printers that

do not support 802.1X authentication.
The BGP Additional Paths feature is a BGP
extension that allows the advertisement of
multiple paths for the same prefix without What is the BGP Add Path feature?
the new paths implicitly replacing any
previous paths. This behavior promotes
path diversity and reduces MED
oscillations.
-Enable the sending and/or receiving of
additional paths
-Select the candidate paths to advertise What are the three high-level steps needed
-Advertise the selected additional paths to enable BGP add-path?
The add-path feature is a negotiated
capability. Both BGP neighbors must be
explicitly configured to send and/or receive What is the neighbor requirement for the
additional paths with the BGP process bgp BGP add-path feature?
additional-paths {send [receive] |
receive}
BGP process:
bgp additional-paths select all
neighbor ip additional-paths send What is the basic BGP add-path
receive configuration to accept additional paths,
neighbor ip advertise additional-paths and advertise all available paths?
all
The BGP Additional Paths feature is
implemented by adding a path identifier to
each path in the NLRI. The path identifier What is the BGP add-path path identifier?
(ID) can be considered as something
similar to a route distinguisher (RD) in
VPNs, except that a path ID can apply to
any address family. Path IDs are unique to
a peering session and are generated for
each network. The path identifier is used to
prevent a route announcement from
implicitly withdrawing the previous one.
Each multiple path must have a different
next-hop address in order to be considered
What is the requirement of the multiple
available paths for BGP PIC to work?
BGP process:
bgp additional-paths install
How do you enable BGP PIC?
Backup/alternate paths are calculated and
stored in the RIB and FIB so that when a
How does BGP PIC work?
failure is detected, the backup path can

immediately take over.
While EIGRP has fast convergence when
feasible successors are present, FRR takes
the extra step of calculating a Loop-Free With EIGRP, how is FRR different from
Alternate backup route, which is then backups via Feasible Successors?
entered into the FIB. Feasible Successors
must be promoted to the Successor,
whereas FRR places the FS into the FIB
preemptively.
Topology base:
fast-reroute per-prefix {all | route-map
route-map} How do you enable EIGRP FRR?
show ip eigrp topology frr
How can you view the list of configured

EIGRP LFAs?
OSPF process:
fast-reroute per-prefix enable area area
prefix-priority low How do you enable basic OSPF FRR?
Remote LFA uses targeted MPLS LDP
sessions to calculate alternate paths if
direct LFA does not result in any backups. What is OSPF Remote LFA?
OSPF process:
fast-reroute per-prefix remote-lfa tunnel
mpls-ldp How do you enable OSPF Remote LFA?
Requires MPLS with targeted LDP session

capability:
Interface: mpls ldp discovery targeted-
hello accept
Outbound Route Filtering is a negotiable
capability whereby one neighbor can
request only a portion of routes to be What is BGP ORF?
received from the other neighbor.
When the match-host keyword is used, the
mapping between the local and global
addresses must use the same host number. When defining a NAT pool, what does the
For example, 10.10.10.5 could match to match-host keyword do?
20.20.20.5.
The default is rotary

The extendable keyword:
ip nat inside source static IL IG What allows static NAT mappings of one
extendable inside local address to multiple inside
global addresses?
ip nat pool name prefix-length length
address start end
address start end How do you configure multiple address
ranges in a single NAT pool?
Stateless IP/ICMP Translation (SIIT),

formerly NAT-PT
What is the base algorithm for IPv4/IPv6
translation called?
To translate IPv4 packets into IPv6, and
vice-versa
What is the purpose of Stateless IP/ICMP
Translation (SIIT)?
The IPv4 TTL or IPv6 Hop Limit field is
decremented by one since the translator
counts as a router What happens to the TTL when an IPv4 or
IPv6 packet passes through a device
performing SIIT?
Header Length
Fragment fields (Identification, Flags,
Fragment Offset) When using SIIT to translate from IPv4 to
Header Checksum IPv6, which IPv4 header fields are
Options / Padding discarded?
Only the Flow Label field is discarded, all
other IPv6 header fields are translated to
the IPv4 header. When SIIT is used to translate from IPv6 to
IPv4, which fields are dropped from the
IPv6 header?
The IPv4 Version field value of 4 is
changed to the IPv6 Version field value of
6. With SIIT, how is the Version field in the
IPv4 header translated?
The IPv4 ToS bits are copied to the IPv6
Traffic Class field, or set to 0
With SIIT, how is the ToS field in the IPv4
header translated?
IPv4 > IPv6 = 0
IPv6 > IPv4 = Discard
With SIIT, how is the Flow Label field in
the IPv6 header handled?
The IPv4 value is copied to the IPv6 Next
Header field, unless it is for ICMP (IP
Protocol 1), in which case the IPv6 Next With SIIT, how is the Protocol field in the
Header value is 58 (ICMPv6) IPv4 header translated?
The addresses is dependent on the type of
translation being performed, such as NAT-
PT, MAP-T, or Stateless or Stateful With SIIT, how are the Source and
NAT64. Destination fields translated?
The Header Length field is set to 5
With SIIT, how is the IPv4 Header Length

field treated when translating from IPv6 to
IPv4?
The value is copied to the IPv4 ToS bits
With SIIT, how is the Traffic Class field in

the IPv6 header translated?
Add 5 (IPv4 Header Length) to the IPv6

Total Length field
With SIIT, how is the IPv4 Payload Length
field handled when translating from IPv6?
Identification = 0
More Fragments = 0
Don't Fragment = 1 With SIIT, how are the IPv4 Fragment
Fragment Offset = 0 fields handled when translating from IPv6?
The value is copied to the IPv4 Protocol
field, with the following exceptions:
With SIIT, how is the Next Header field in
58 (ICMPv6) is changed to 1 (ICMP) the IPv6 header translated?
0, 43, 60 = skip to next Next Header value
because these extensions are meaningless
to IPv4
NAT64
NAT-PT has been replaced by what?

NAT64 does not support DNS-ALG, and
the DNS translation is a separate DNS64
function. How does NAT64 compare to NAT-PT
with regard to DNS?
With NAT64, IPv4 devices cannot initiate
sessions to IPv6 devices without a static
address mapping in the translator. IPv6 What is a limitation of NAT64 with regard
devices can initiate sessions to IPv4 to session initiation?
devices, however.
False, IP multicast is not yet supported by
any translation method.
True or False: Both NAT-PT and NAT64
support multicast translation.
IPv4 addresses are embedded in the IPv6
address. The translator recognizes the
address format and converts as appropriate. How does Stateless NAT64 work?
The addresses are typically maintained in a

DNS64 server, and can be assigned either
manually or via DHCPv6.
64:ff9b::/96
The IPv4 address is encoded into the final What is the IPv6 Well-Known Prefix used
32 bits. for IPv4 translation?
The IPv6 prefix can be either 32, 40, 48,
56, 64, or 96 bits in length.
How are locally-designated prefixes used
The embedded IPv4 address begins directly with NAT64?
after the prefix, with the exception of bits
64-71 which are always set to 0 (except for
the 96-bit prefix length which does not
have any null bits).
With a prefix length of 32, all of the IPv4

address bits come before the null bits 64-
71. With a prefix length of 64, all IPv4
address bits are after the null bits. Prefix
lengths 40, 48, and 56 divide the IPv4
address bits around the null bits.
Stateless NAT64 requires a 1:1 mapping
between IPv4 and IPv6 addresses.
However, Stateful NAT64 can map What is an advantage of Stateful NAT64
multiple IPv6 addresses to a single IPv4 with regard to addressing?
address.
BGP exchanges the entire route table once
per session, and only changed information
afterward. The keepalive function keeps Why is it important for BGP to send
the session open so that the changed keepalive messages to ensure the neighbor
information can be exchanged, instead of connection is maintained?
the entire routing tabling with each update.
224.0.0.1
What is the destination address for an

IGMP General Query for all three IGMP
versions?
IGMPv1
IGMPv2
Which IGMP versions support Report
Suppression?
IGMPv2
IGMPv3
Which IGMP versions support group-
specific queries?
IGMPv2
IGMPv3
Which IGMP versions support querier
elections?
The router on the segment with the lowest
IP address
Which router is elected the IGMP querier
by default?
60s for all IGMP versions, though the RFC
standard is 125s.
What is the default IGMP query interval?
120s (2x query interval)
What is the default IGMP querier timeout?

IGMPv1 = Joining multicast group address
IGMPv2 = Joining multicast group address
IGMPv3 = 224.0.0.22 What is the group address for an IGMP
Report for all three IGMP versions?
IGMPv1 = not supported
IGMPv2 = 224.0.0.2
IGMPv3 = 224.0.0.22 What is the destination address for the
IGMP Leave Group message for all three

IGMP versions?
PVLAN Edge
What is another name for Catalyst

protected switch ports?
Virtual Switch Link Protocol (VSLP)
The VSS Link Management Protocol

(LMP) and Role Resolution Protocol
(RRP) are two components of which
protocol?
Link Management Protocol (LMP)
Role Resolution Protocol (RRP)
What are the two subcomponents of the
Virtual Switch Link Protocol (VSLP)?
Verify VSL link integrity
Reject unidirectional links
Establish bidirectional communication What actions are performed by the VSS
between chassis Link Management Protocol (LMP)?
Exchange switch IDs for duplicate
detection
Check hardware and software versions
Check VSL configuration compatibility
Assign active and standby virtual switch What actions are performed by the VSS
roles Role Resolution Protocol (RRP)?
The global keyword is used in combination
with vrf name to indicate that the next hop
is in the global IP routing table, not within When configuring a static route, what does
the specified VRF. the global keyword do?
The permanent keyword causes the static
route to remain in the routing table even if
the interface shuts down. When configuring a static route, what does
the permanent keyword do?
What are the major BGP attributes and

their associated categories?
Egress only
Which Catalyst 3560 queues use Shaped

Round Robin?
Both egress and ingress
Which Catalyst 3560 queues use Shared

Round Robin?
Shared RR guarantees bandwidth but does
not limit other queues
What is the difference between Shared and
Shaped RR guarantees bandwidth and rate- Shaped Round Robin queuing?
limits other queues even if they are empty
The hops parameter inverts the TTL. For

example, a neighbor that is 4 hops away
should have a setting of 251, and a How does the BGP command neighbor ip
neighbor that is 251 hops away should have ttl-security hops hops work?
a setting of 4.
255 - hops = hops value

SNMPv1
Without additional configuration, what is

the default version of SNMP used on Cisco
IOS?
Inside = Routing then NAT
Which is performed first, NAT or routing,

from the inside to the outside?
Outside = NAT then Routing
Which is performed first, NAT or routing,

from the outside to the inside?
Controller node
Network node
Compute node What are the names of the nodes in the 3-
node OpenStack architecture?
Asymmetric routing
STP topology changes
Forwarding table overflow What are the three primary causes of
unicast flooding?
Contexts
What is contained inside the Cisco ACI

Tenant construct?
A collection of VRFs and IP address
spaces. Each ACI Tenant can have one or
more contexts, and the EPs and EPGs What is a Cisco ACI Context?
define the application within each context
End Point Group, a collection of EPs that
provide a similar function. EPGs are
defined by NIC, vNIC, port group, IP What is a Cisco ACI EPG?
address, and DNS names
Application Network Profile, a collection
of EPGs, their connections, and related
policies What is a Cisco ACI ANP?
Cisco APIC Application Policy
Infrastructure Controller
What is the cluster of controllers that
provide a single point of control, a central
API, a central repository of global data, and
a repository of policy data for Cisco ACI?
To provide policy authority and policy
resolution mechanisms for Cisco ACI and
devices attached to Cisco ACI. What is the primary function of the Cisco
APIC?
The traffic transit point where a packet is
captured and associated with a buffer, such
as the IPv4/IPv6 CEF switching path with What is the EPC capture point?
interface input and output.
A capture buffer and a capture point need
to be defined. The capture point should be
associated with the capture buffer. What are the two requirements for
configuring EPC?
-Create the buffer (traffic to be captured)
-Define the capture point
-Associate the capture point with the buffer What are the four major steps of capturing
-Start the capture point (and optionally data with EPC?
stop)
monitor capture buffer name options
options include clearing or exporting the How do you configure an EPC capture
buffer, filtering, and limiting by duration, buffer?
packet count, packets per second, and size
CEF:
monitor capture point {ip | ipv6} cef
name interface {in | out | both} How do you configure an EPC capture
point?
Process Switched:
monitor capture
point {ip | ipv6} process-switched name
{in | out | both | from-us}
monitor capture point associate capture-
point-name capture-buffer-name
How do you configure an EPC association?
monitor capture point start {capture-
point-name | all}
How do you activate an EPC session?
Stop the capture with the same command,
replacing start for stop
monitor capture buffer name export
location
How do you export an EPC session?
An applet is a form of policy defined
within the CLI configuration
What is the difference between an EEM
A script is a form of policy written in TCL applet and an EEM script?
Event Detector, of which there are multiple
types (CLI event, IP SLA event, Syslog
event, etc). What is the EEM component that monitors
the system for particular conditions?
EEM Actions, such as executing particular
CLI commands, sending an email,
generating SNMP trap, etc. What is the EEM response to a detected
event?
The SoO is an extended community used to

identify routes originating from a particular
site for the purpose of preventing What is the BGP Site-of-Origin (SoO)
readvertisement back into the source site to attribute?
prevent routing loops.
The configuration is performed on the PE
router, the VPN entry point, which tags the
incoming routes with the SoO extended How does BGP per-neighbor SoO work?
community. The PE forwards prefixes to
the CPE only when the SoO tag of the
prefix does not match the SoO tag
configured for the CPE.
neighbor ip soo value
The SoO can also be configured via peer How do you configure a BGP Site-of-
groups and policy templates. Origin (SoO) value?
EIGRP SoO is used for per-site VPN
filtering:
-MPLS VPNs with backdoor links What are the general use cases for the
-CE routers dual-homed to different PE EIGRP Site-of-Origin (SoO) feature?
routers
-PE routers that support CE routers from
different sites in the same VRF
PIMv1 uses IGMP for transport
PIMv2 uses IP Protocol 103
What is the difference between PIMv1 and
PIMv2 with regard to transport?
PIMv2 is required
What is the PIM requirement of using

BSR?
10s of µs
1 Gbps = 1 (one 10s of µs) When calculating the EIGRP classic

100 Mbps = 10 (ten 10s of µs) composite metric, what are the delay values
10 Mbps = 100 (one hundred 10s of µs) measured in?
Sum of delays along the path in 10s of µs,
multiplied by 256
When calculating the EIGRP classic
Example: one 10 Mbps link + one 1 Gbps composite metric, how is the delay
link + one 100 Mbps link = component calculated?
( 100 + 1 + 10 ) * 256 = 28,416 (111 *
256)
Divide 10,000,000 kbps by the lowest
bandwidth link along the path in kbps, then
multiply by 256. When calculating the EIGRP classic
composite metric, how is the bandwidth
Example, if the slowest link in the path is component calculated?
100 Mbps:
10,000,000 kbps / 100,000 kbps * 256 =

25,600
If the interface is in the Up/Up state, the

router identifies the upper-layer protocol
and passes the packet to the appropriate How does a router handle a packet destined
upper-layer protocol driver. to an IP address belonging to one of its
locally-configured interfaces if the TTL is
1?
Source IP, Destination IP, Universal ID
What is the default CEF load-sharing

method used on the Catalyst 6500?
Source and Destination Layer 3 and 4
information with multiple adjacencies
What is included with the mls ip cef load-
sharing full command?
Source and Destination Layer 3 and 4
information without multiple adjacencies
sharing full simple command?
Source and Destination Layer 3
information without multiple adjacencies
sharing simple command?
This command excludes destination Layer
4 ports and both source and destination IP
addresses from the load-balancing What is included with the mls ip cef load-
algorithm. sharing full exclude-port
destination command?
This command includes source Layer 4
ports only
This command excludes source Layer 4
ports and both source and destination IP
addresses from the load-balancing What is included with the mls ip cef load-
algorithm. sharing full exclude-port
source command?
This command includes destination Layer 4
ports only
DHCPREQUEST is used when a DHCP
client has chosen a specific DHCP server.
The packet is broadcast instead of unicast Why is the DHCPREQUEST packet
so that other DHCP servers can reallocate broadcast from the DHCP client?
the IP address they offered to the client.
The DHCPDECLINE message is broadcast
from the DHCP client to formally reject a
DHCPOFFER from a DHCP server. This What is a DHCPDECLINE message?
packet is usually sent when the IP
configuration is not valid for the client.
The DHCPNAK is broadcast from the
DHCP server to inform the DHCP client
that the IP address in the previous What is a DHCPNAK message?
DHCPREQUEST message is no longer
valid for use, which can happen if the client
is slow to respond to the server.
With PFS, each negotiation of a new Phase

2 SA requires regeneration of new Phase 1
Diffie-Hellman keys. This ensures that What is IPsec Perfect Forward Secrecy
when the Phase 2 SAs have expired (or (PFS)?
need to be re-keyed), new keying material
is used in case the old keys have been
compromised.
Without PFS, the DH keys calculated

during Phase 1 are used over and over
again.
PFS is also known as a session key.

Bandwidth starvation occurs when higher-
priority queues monopolize an interface's
bandwidth so that traffic from lower- What is the primary cause of bandwidth
priority queues is never sent. starvation?
Queuing
What class of QoS tools mitigate

bandwidth starvation?
One session per address family per
interface, regardless of the number of
registered upper-layer protools Assuming multiple registered upper-layer
protocols, how many sessions does BFD
create?
Kbps
When creating a policy map, what unit of

value is used when specifying the priority
or bandwidth if the percent keyword is
not used?
200ms of traffic at the configured
bandwidth rate
When creating a PQ with the priority
Example: priority 1000 sets up a priority command, what is the default burst size if
queue for 1,000 Kbps, with a burst size of not specified?
200,000 bytes
A PQ with 256 Kbps guaranteed
bandwidth, with a 512 byte burst
What is indicated by this policy-map
command: priority 256 512
The policed rate is defined in bps, and the
burst rates are defined in bytes.
What rate values are used with the police
Example: police 100000 10000 command?
5000 indicates a rate of 100,000 bps, with a
normal burst of 10,000 bytes, and a max
burst of 5,000 bytes.
This command indicates a policed rate of
256,000 bps, with a normal burst of 15,000
bytes, and a max burst of 10,000 bytes. What values are indicated by this
command: police 256000 15000 10000
This command causes a default route to be

sent on RIP interfaces marked as passive.
What does the RIP default-information
originate on-passive command do?
Reachability
Delay
What metrics are monitored by both PfR
active and passive mode?
Passive mode via NetFlow
Which PfR mode monitors delay, packet

loss, reachability, and throughput?
Active mode via IP SLA
Which PfR mode monitors delay, jitter,

MOS, and reachability?
Active mode monitors the active exit path,
whereas Fast mode continuously generates
IP SLA probes for all possible exit paths. What is the difference between PfR Active
mode and Fast mode?
Traffic Class (TC)
Within MPLS labels, what is the name of

the field that used to be referred to as the
EXP bits?
Traffic Class, which is a field in the MPLS
header/label that used to be referred to as
the EXP bits What is the MPLS TC field?
Traffic Load (Utilization)
Range
Cost What are the PfR link policies?
The traffic load (utilization) policy
specifies an upper threshold on the amount
of traffic that a particular link can carry, What is the PfR traffic load (utilization)
and can be defined for both ingress and policy?
egress links.
The range policy maintains all links within
a certain utilization range relative to each
other to ensure that the traffic load is What is the PfR range policy?
distributed.
The cost policy allows you to specify link
usage based on the monetary cost of each
exit link. The most cost-effective link will What is the PfR cost policy?
be used while remaining within the desired
performance level.
FF3x::/32, where x indicates the scope
What is the IPv6 address range for SSM?

IPv6 Source-Specific Multicast
What type of IPv6 address is FF30::1/32?

FF01::/16 Node-local
FF02::/16 Link-local
FF05::/16 Site-local What are the five IPv6 multicast scopes?
FF08::/16 Organization-local
FF0E::/16 Global
FF01::/16
What is the prefix for an IPv6 node-local

multicast address?
FF02::/16
What is the prefix for an IPv6 link-local

multicast address?
FF05::/16
What is the prefix for an IPv6 site-local

multicast address?
FF08::/16
What is the prefix for an IPv6 organization-

local multicast address?
FF0E::/16
What is the prefix for an IPv6 global

multicast address?
node-local
What type of IPv6 multicast address has

the prefix FF01::/16?
link-local

site-local

organization-local

global

the prefix FF0E::/16?
FF00 - FFFF
FF00::/8 What is the prefix range for IPv6 multicast

addressing?
IPv4-mapped IPv6 addresses.
What is the IPv6 prefix ::FFFF:0:0/96 used

Example: 10.10.10.1 = ::FFFF:10.10.10.1 for?
FE80::/10
FE80 - FEBF What is the range of IPv6 link-local

addresses?
Link-local addressing
What does the IPv6 prefix range of FE80 -

FEBF correspond to?
2000::/3
2000 - 3FFF What is the prefix range of globally-

routable IPv6 addresses?
Unique local
What type of IPv6 addresses correspond to

a prefix of FC00 - FDFF?
FC00::/7
FC00 - FDFF What is the range of IPv6 unique local

addressing?
255 - routers expect to see a value of 255,
and drop ND packets that are less.
IPv6 ND packets should be generated with
what TTL value?
A runt frame. Runt frames are discarded.
What is an Ethernet frame with fewer than

64 bytes?
Adaptive cut-through switching uses an
error threshold. Cut-through switching is
used until the error threshold is crossed, What is adaptive cut-through switching?
upon which time the switch reverts to
store-and-forward switching. The switch
reverts to cut-through switching when the
error rate falls below the threshold.
Private is port-based
Virtual-private is a VLAN-based
multiplexed service where the virtual What is the difference between "private"
circuit is identified by a VLAN ID and "virtual private" Metro Ethernet
services?
Q-in-Q
What is IEEE 802.1ad?

802.1ad
What is the IEEE standard for Q-in-Q?

EPL Ethernet Private Line
What is the MEF term for a port-based

point-to-point Ethernet virtual circuit?
EVPL Ethernet Virtual Private Line
What is the MEF term for a VLAN-based

point-to-point Ethernet virtual circuit?
EP-LAN Ethernet Private LAN
What is the MEF term for a port-based

multipoint-to-multipoint Ethernet virtual
circuit?
EVP-LAN Ethernet Virtual Private LAN
What is the MEF term for a VLAN-based

multipoint-to-multipoint Ethernet virtual
circuit?
Ethernet Private Line, a port-based P2P
Ethernet virtual circuit which preserves
CE-VLAN IDs and associated CoS What is a MEF EPL?
markings across the EVC
Ethernet Virtual Private Line, a VLAN-
based P2P Ethernet virtual circuit which
allows service multiplexing and CoS What is a MEF EVPL?
parameters assigned per-EVC. CE-VLAN
IDs and associated CoS markings do not
have to be preserved across the EVC,
meaning C-VLAN rewrite operations are
permitted.
Ethernet Private LAN, a port-based
MP2MP EVC where every node has "root"
status and can talk to every other node What is a MEF EP-LAN?
directly. CE-VLAN IDs and CoS values are
preserved across the service.
Ethernet Virtual Private LAN, a VLAN-
based MP2MP service where every node is
set to "root" status and can talk to every What is a MEF EVP-LAN?
other node directly. Bundling and service
multiplexing are possible, and C-VLAN
IDs and CoS values do not require
preservation across the service.
EIGRP routes are considered internal
between sites if the EIGRP ASN matches,
otherwise the routes are considered When using EIGRP as the MPLS PE-CE
external. routing protocol, what causes EIGRP
routes to be internal or external between
sites?
The POI is automatically configured when
using EIGRP for the PE-CE routing
protocol, and is set when EIGRP is What is the MPLS L3VPN EIGRP pre-
redistributed into BGP. The POI compares bestpath Point of Insertion (POI)?
EIGRP metrics before BGP makes a best
path decision.
Active mode is configured within a class-

map with match protocol
What is the difference between NBAR
Passive mode is configured directly on an active and passive mode?
interface with ip nbar protocol-discovery
The IP SLA operation is automatically
scheduled in a "pending" state and is
essentially configured but suspended. The When does an IP SLA operation begin if
operation will never start unless start-time the scheduling start-time is not specified?
is explicitly configured.
One hour (3600 seconds)
What is the default lifetime of a scheduled

IP SLA operation if not specified?
Every 60 seconds
What is the default IP SLA operation

frequency, if not specified?
The capture point must be process-
switched on the ingress direction:
How do you capture multicast packets with
monitor capture point ip process- EPC?
switched buffer in
Create a flow record
Configure a flow monitor
Create one or more classes What are the five high-level steps of
Create a policy configuring Cisco Performance Monitor?
Associate the policy with an interface
flow record type performance-monitor
You then define interesting traffic with With Cisco Performance Monitor, how do
match and what particular statistics to you configure a flow record?
collect with collect
flow monitor type performance-monitor
The flow monitor is used to associate a With Cisco Performance Monitor, how do
flow record with a flow exporter you configure a flow monitor?
policy-map type performance-monitor
The policy-map associates the class with a With Cisco Performance Monitor, how do
flow monitor you configure a performance monitor
policy?
Associate the performance monitor policy
with an interface:
service-policy type performance-monitor What is the final step in implementing
Cisco Performance Monitoring?
0 CS0 / Routine
8 CS1 / Priority
16 CS2 / Immediate What are the decimal values for the
24 CS3 / Flash corresponding eight Class Selector / IP
32 CS4 / Flash Override Precedence values?
40 CS5 / Critical
48 CS6 / Internetwork Control

56 CS7 / Network Control
NIC-F-FIPR
MPP restricts the interfaces and protocols
for which remote administration can be
performed. Management protocols not What is Cisco Managment Plane Protection
permitted by the MPP policy, or received (MPP)?
on a non-mangement interface, are
dropped.
control-plane host
management-interface interface allow
protocol1 protocol2... How do you configure Management Plane
Protection (MPP)?
Example:
management-interface g0/1 allow ssh
snmp
System IDs must be unique within an area
for L1 adjacency, and must be unique
within the domain for L2 adjacency. What is the requirement of IS-IS System
IDs for router adjacencies?
IS-IS will not establish an adjacency
between two routers with the same System
ID.
-If IPSec then check input access list
-decryption
-check input access list What is the order of operations for NAT
-check input rate limits inside-to-outside translation?
-input accounting
-redirect to web cache
-policy routing
-routing
-NAT inside to outside (local to global
translation)
-crypto (check map and mark for

encryption)
-check output access list
-inspect (Context-based Access Control
(CBAC))
-TCP intercept
-encryption
-Queueing
-If IPSec then check input access list
-decryption
-check input access list What is the order of operations for NAT
-check input rate limits outside-to-inside translation?
-input accounting
-redirect to web cache
-NAT outside to inside (global to local

translation)
-policy routing
-routing
-crypto (check map and mark for

encryption)
-check output access list
-inspect (Context-based Access Control
(CBAC))
-TCP intercept
-encryption
-Queueing
Route first, then NAT
With inside-to-outside (local to global)

NAT, which is performed first, routing or
NAT?
NAT first, then routing
With outside-to-inside (global to local)

NAT, which is performed first, routing or
NAT?
ip cef load-sharing algorithm tunnel
Which CEF load-sharing algorithm is

appropriate for environments with a small
number of source and destination pairs?
798
EEM publishes events to which subsystem

number?
Monitoring memory and processor usage
What is the IOS Watchdog System Monitor

used for?
show ip eigrp topology active
How can you determine which EIGRP

neighbors have not yet responded to a
Query?
With ip options ignore the router does not
process any options that may be present in
the IPv4 header, but keeps the options in What is the difference between the ip
the header when sending the packet options drop and ip options ignore
onward. commands with regard to downstream
devices?
The ip options drop command causes the
router to discard any packets with options
set in the IPv4 header, and therefore
downstream devices will not receive these
packets.
Both versions of the command protect the
router from exploits based on IPv4 header
options, but breaks certain control plane What is the use case and caveat for
protocols like RSVP and IGMPv2. configuring ip options {ignore | drop}?
The drop option also protects downstream

devices by discarding packets with options
present in the IPv4 header.
The ip options ignore command takes
precedence.
What happens if both ip options drop and
ip options ignore are configured on a
router?
The mapping was obtained directly from
the next-hop router or server.
When issuing the show ip nhrp detail
command, what does the authoritative flag
indicate?
The mapping was obtained from an NHRP
resolution request or packet.
When issuing the show ip nhrp
detail command, what does the implicit
flag indicate?
The mapping is for networks that are local
to the router.
detail command, what does the local flag
indicate?
The remove device supports NHRP NAT
extensions
detail command, what does the nat flag
indicate?
A mapping could not be obtained for
negative caching.
detail command, what does the negative
flag indicate?
The mapping was created in response to an
NHRP registration
detail command, what does the registered
flag indicate?
The mappings for a remote router are
marked with the router flag.
detail command, what does the router flag
indicate?
The mapping cannot be overwritten by a
different NBMA entry with the same IP
address. When issuing the show ip nhrp
detail command, what does the unique flag
indicate?
Data packets are being process-switched
for the given mapping.
detail command, what does the used flag

indicate?
authoritative

detail command, which flag indicates that
the mapping was obtained directly from the
next-hop router or server?
implicit

detail command, which flag indicates the
mapping was obtained from an NHRP
resolution request or packet?
local

mapping is for networks that are local to
the router?
nat

remote device supports NHRP NAT
extensions?
negative

detail command, which flag indicates that
a mapping could not be obtained for
negative caching?
registered

mapping was created in response to an
NHRP registration?
router

mappings for a remote router are marked
with the router flag?
unique

mapping cannot be overwritten by a
different NBMA entry with the same IP
address?
used

detail command, which flag indicates data
packets are being process-switched for the
given mapping?
Network type
Routing level
Area When an IS-IS L1 router receives an IIH
MTU packet on a network segment, what five
Authentication things are verified before forming an
adjacency?
Network type
Routing level
MTU When an IS-IS L2 router receives an IIH
Authentication packet on a network segment, what four
things are verified before forming an
L2 does not require the Area to match, adjacency?
unlike L1
P2P IIH packets are ignored on broadcast
network types, and vice-versa.
What happens if an IS-IS router configured
The network type (broadcast or P2P) must for the broadcast network type on a link
match between routers for an adjacency to receives a point-to-point IIH packet?
form.
IIH packets are padded to the full MTU
size by default. If either of these commands
are configured, only the first five IIH What happens if the IS-IS process no hello
packets are padded (for the purposes of padding or interface no isis hello padding
forming a neighbor adjacency). command is configured?
The two routers may still form an ES-IS
adjacency.
If two IS-IS neighbors fail to form either an
L1 or L2 adjacency, what might be the
results of the show clns neighbors
command?
60 seconds
How long do incomplete ARP entries

remain in the ARP and CEF adjacency
tables?
The LFIB is derived from information in
the FIB (CEF table) and the LIB.
Why is CEF required for MPLS on Cisco
platforms?
Local host routes (/32 and /128) cannot be
redistributed into a dynamic routing
protocol. How are local host routes handled during
redistribution?
A Local host route is marked as "L" in the
output of show ip route
Connected /32 and /128 routes can be

redistributed.
log-input provides all of the details

provided by the log keyword, but adds
source MAC and ingress interface When configuring logging for an ACL,
information. what does the log-input keyword provide
that the log keyword does not?
IGMPv3 source filtering enables a
multicast receiver to signal to a router
which groups it wants to receive multicast What is IGMPv3 source filtering?
traffic from, and from which sources the
traffic is expected.
INCLUDE, where the receiver joins a
group and lists the IPs from which it wants
to receive traffic What are the two IGMPv3 source filtering
modes?
EXCLUDE, where the receiver joins a
group and lists the IPs from which id does
not want to receive traffic (an empty
EXCLUDE list indicates all sources are
acceptable)
DCE data communications equipment
Which end of a serial link must provide

clocking?
DTE data terminal equipment
Which end of a serial link receives the

clocking information?
show controllers serial
How do you determine if a serial interface

is the DCE or DTE end?
Protect: silently discard offending traffic
Restrict: discard offending traffic, log, What's the difference between the
SNMP trap, increment SecurityViolation switchport port security violation modes?
counter
Shutdown: discard offending traffic, log,

SNMP trap, increment SecurityViolation
counter, err-disable port
shutdown
The port is err-disabled. When switchport port-security is

configured, what is the default violation
action if not configured?
When sync yes is configured with the
event cli command, the event is processed
synchronously, which means the EEM With EEM, what's the difference between
applet must finish before the CLI command the sync yes and sync no keywords?
can be executed. With sync no the CLI
command is executed immediately.
skip no or skip yes which indicates
whether or not the detected CLI event
should be executed. With EEM, when configuring

asynchronous processing with the sync no
keyword, what other keyword must also be
included?
set num _exit_status {0 | 1}
When set to 0, the detected CLI command With EEM, when using synchronous
is skipped. When set to 1, the CLI processing, what determines if the CLI
command is executed. event is executed or not?
0900.2B00.0005
What MAC address does IS-IS use to send

to All Intermediate Systems?
0900.2B00.0004
What MAC address does IS-IS to send to

All End Systems?
IS-IS All Intermediate Systems
What is associated with the MAC address

0900.2B00.0005?
IS-IS All End Systems
What is associated with the MAC address

0900.2B00.0004?
OSPF and IS-IS
Which routing protocols are used with PfR

PIRO (Protocol Independent Routing
Optimization)?
When PfR modifies a path for a traffic
class, it searches for a parent route (exact
or less-specific) in the order of BGP RIB, What is PfR PIRO (Protocol Independent
EIGRP RIB, static route RIB. Routing Optimization)?
With PIRO, PfR can also examine the RIBs

of OSPF and IS-IS after BGP, EIGRP, and
static RIBs have been searched.
Port VLAN ID
MAC/PHY Configuration Status
What two additional TLVs are advertised
by LLDP to support LLDP-MED?
To advertise support for LLDP-MED
Why would LLDP advertise the additional

TLVs, Port VLAN ID and MAC/PHY
configuration status?
LLDP-MED Capabilities
Network policy
Power management What are the five TLVs advertised by
Inventory Management LLDP-MED?
Location
EIGRP External routes are not

automatically summarized unless there is
an internal route within the same classful How does EIGRP auto-summary work with
network. external routes?
SSH support is required

TLS
SOAP What are the three main methods of
transport for NETCONF?
Network Prefix Translation v6
NPTv6 translates unique IPv6 prefixes to What is NPTv6?

other unique IPv6 prefixes and creates a
one-to-one relationship between addresses
on each side of the translating device.
NTPv6 does not modify the interface
identifier portion of an IPv6 address.
Globally:
key config-key password-encryption key-
string How do you configure the IOS Master Key
password encrpytion aes feature?
All plaintext keys are now stored in secure

Type 6 format.
The MS (Map Server) contains the
mapping database of EID-to-RLOC
mappings. Which LISP component stores the
registered EID prefixes?
The MR receives map-request queries from
LISP site Ingress Tunnel Routers (ITRs)
when they attempt to populate the local What is the function of the LISP Map
map-cache of resolved EID-to-RLOC Resolver (MR)?
mappings.
ITR Ingress Tunnel Router receives
packets from internal hosts and forwards
them to external sites. What is a LISP ITR, ETR, and xTR?
ETR Egress Tunnel Router receives

packets from external sites and forwards
them to internal hosts.
Edge devices performing both duties are

xTRs.
ITR Ingress Tunnel Router
Which LISP device receives packets from

internal hosts and forwards them to
external sites?
ETR Egress Tunnel Router
Which LISP device receives packets from

external sites and forwards them to internal
hosts?
False: LISP is designed to communicate

with networks that are not using LISP.
True or False: LISP must be running on
both ends of a tunnel.
Globally:
service timestamps log {uptime |
datetime} How do you add timestamps to log entries?
4 Warning
3 Errors
2 Critical With Cisco IOS, at which logging level are
1 Alerts error messages about software or hardware
0 Emergencies malfunctions indicating functionality of the
device is affected logged at?
5 Notifications
With Cisco IOS, at which logging level are

interface up/down and system restart
messages logged at?
6 Informational
With Cisco IOS, at which logging level are

reload requests and low-process stack
messages logged at?
Error messages about software or hardware
malfunctions that affect functionality of the
device With Cisco IOS, what is logged by default
at the 4 Warning - 0 Emergencies level?
Interface up/down transitions and system
restart messages
With Cisco IOS, what is logged by default
at the 5 Notifications level?
Reload requests and low-process stack
messages
With Cisco IOS, what is logged by default
at the 6 Informational level?
Globally:
ip multicast multipath [s-g-hash {basic |
next-hop-based}] How can you enable ECMP with multicast
routing?
Configuring ip multicast multipath
without keywords performs load splitting
based on the source address only. When configuring multicast routing ECMP,
what three load splitting options are
s-g-hash basic where a simple hash is available?
performed on both the source and group
address
s-g-hash next-hop-based where a hash is

performed on the source, group, and next-
hop addresses
Asynchronous
Demand
What are the two different operating modes

of BFD?
With asynchronous mode, BFD control
packets are sent frequently, and if control
packets are not received from a neighbor in What is BFD Asynchronous mode?
a timely fashion, the neighbor is assumed
to be down.
With demand mode, the system can ask
neighbors to stop sending BFD control
packets except when necessary, which What is BFD Demand mode?
allows BFD to support a large number of
sessions at the expense of slower failure
detection.
Asynchronous mode requires half as many
packets to detect a failure as compared to
the Echo function (which can be used with With BFD, what is an advantage of using
either Asynchronous or Demand mode) Asynchronous mode for failure detection?
SRLG
Primary path
Interface disjoint What is the default order of the OSPF LFA
Lowest metric FRR path selection policy when a primary
Linecard disjoint path fails?
Node protecting
Broadcast interface disjoint
Mandatory:
-Event register keyword
-Body What are the two mandatory and four
optional components of an EEM policy?
Optional:
-Environmental must defines
-Namespace import
-Entry status
-Exit status
tunnel mode auto can be used on the
responder's tunnel interface to
automatically use GRE or IPsec With an IPsec VPN, where can you
encapsulation depending on the parameters configure the tunnel mode auto
sent by the tunnel initiator. command?
536 bytes
What is the default TCP MSS value when a

Cisco router originates data destined for a
remote network?
DHCP pool:
client-identifier 01aa.aabb.bbcc.cc
What is the 7-byte format for the client-
Where 01 identifies Ethernet media, and identifier command for DHCP pools?
aa.aabb.bbcc.cc is the client's MAC
address.
Line configuration mode:
activation-character ascii-code
How do you change the key to be pressed
The default is 13, which is the Enter key. to initiate terminal access?
When the router is first powered on

When the router receives a specific request
for the full routing table With RIP triggered extensions, what causes
the full RIP database to be sent?
When the configured interface comes up or
goes down
When information from another interface With RIP triggered extensions, when is a
modifies the routing table partial RIP database sent?
10s
What is the default hello time for the OSPF

broadcast network type?
10s

point-to-point network type?
30s

nonbroadcast network type?
30s

point-to-multipoint network type?
30s

point-to-multipoint nonbroadcast network
type?
The capability vrf-lite command issued
inside OSPF VRF configuration mode
causes OSPF to ignore the DN bit and How do you prevent OSPF from
domain tag. performing "PE checks"?
When OSPF is used as the MP-BGP PE-
CE routing protocol, this bit is set when the
VPNv4 routes are redistributed back into What is the OSPF DN bit?
OSPF for Type 3, 5 and 7 LSAs. When the
LSAs are to be redistributed back into
VPNv4 (such as when a site is multihomed
to the same SP), LSAs with the DN bit are
not considered for the OSPF route
calculation to prevent loops.
When OSPF is used as the MP-BGP PE-
CE routing protocol, the Domain Tag is set
for external routes (Type 5 and Type 7) What is the OSPF Domain Tag?
when redistributing VPNv4 routes into
OSPF. This tag is then examined upon
redistribution from OSPF back into VPNv4
and routes are not redistributed if the
domain tag matches.
When using OSPF inside VRFs that are not
redistributing into BGP. The capability
vrf-lite command disables the PE checks, When do you need to use the OSPF
causing the router to ignore the DN bit and capability vrf-lite command?
domain tag present in any LSAs.
2-byte Type field
Administrator field
Assigned number field What are the three fields of a Route
Distinguisher?
Type 0: ASN:nn
Type 1: IP:nn
Type 2: 4-byte ASN:nn What are the three types of Route
Distinguisher?
ASN:nn where ASN is a 16-bit value, and
nn is a 32-bit value
What is the format of the Type 0 RD?
IP:nn where IP is a 32-bit value, and nn is a
16-bit value
What is the format of a Type 1 RD?
4-byte ASN:nn where ASN is a 32-bit
value, and nn is a 16-bit value
What is the format of a Type 2 RD?
AS_TRANS, which is used by BGP router
supporting 4-byte ASNs to peer with BGP
routers that only support 2-byte ASNs. What is another name for BGP ASN
23456?
AS4_PATH, which is used if any of the
ASNs in the path are newer 4-byte ASNs
What are the new optional transitive BGP
AS4_AGGREGATOR may also be present PAs used to support 32-bit ASN?
The router supporting only 2-byte ASNs
peers with ASN 23456
How does a BGP router supporting only 2-
byte ASNs peer with one that has a 4-byte
ASN?
asplain is the default format, where the
ASN is a 32-bit decimal value
What is the default BGP 4-byte ASN
BGP process: display format in Cisco IOS, and how do
bgp asnotation dot you change it?
This changes the display to two 16-bit

decimal values separated by a dot.
With PIM-SM, the RP is responsible for
the registration process and creation of
source trees between multicast sources and How is the RP for PIM BiDir different than
the RP. PIM BiDir does not use either of for PIM-SM?
those functions, so the RP is merely a
meeting point and can be any arbitrary
routable (reachable) IP address. It does not
need to be a multicast router.
With OSPF Fast Hellos, the Dead interval
is fixed at one second. This means the
failure detection time will always be a Why would you use BFD instead of OSPF
minimum of one second, and never sub- Fast Hellos to detect a failed link in less
second as in the case of BFD. than one second?
Interface: isis password
Area: area-password
Domain: domain-password What are the three methods of plaintext
authentication in IS-IS?
Interface:
isis password password [level-1 | level-2]
How do you configure plaintext
If not specified, the password is used for authentication for IS-IS hellos?
both levels.
IS-IS process:
area-password password
authentication for IS-IS L1 LSPs, CSNPs,
and PSNPs?
IS-IS process:
domain-password password
authentication for IS-IS L2 LSPs, CSNPs,
and PSNPs?
Infinite
The metric must be set during What is the default seed metric of routes
redistribution or with the default-metric redistributed into EIGRP if the source
command. protocol does not have a compatible metric,
such as RIP and OSPF?
The two routers are considered to be in
different areas, and with the default setting
of L1/L2, a L2 IS-IS adjacency is formed. What type of IS-IS neighbor adjacency is
formed between two routers connected to
the same IP subnet where the NET of one
router is 45.1234.000a.0003.00 and the
other is 49.4567.0000.0000.000b.00 when
all other settings are at their defaults on
Cisco IOS?
With multi-host mode, you can attach
multiple hosts to a single 802.1X-enabled
port. Only one of the attached supplications How does 802.1X multi-host mode work?
must be authorized for all supplicants to be
granted access. If the port becomes
unauthorized for any reason, access is
denied to all attached supplicants.
A 64-bit header used by an IPv6 source to
indicate that a packet exceeds the path
MTU size. What is the IPv6 fragment header?
LMP Link Management Protocol
Which VSS VSLP subprotocol is

responsible for exchanging switch IDs,
verifying link integrity, rejecting
unidirectional links, and establishing
communication between chassis?
RRP Role Resolution Protocol
Which VSS VSLP subprotocol is

responsible for checking VSL
configurations for compatibility, checking
hardware and software version
compatibility, and assigning the
active/standby virtual switch roles?
The S bit (Bottom of Stack field) is set to 1
to indicate it is the last label in the stack.
What specific value in an MPLS label
indicates it is the last label in a stack?
The VPN ID is a standards-based (RFC
2685) method of identifying a VRF on a
router, which is independent of the What is the VRF VPN ID?
assigned VRF name.
The VPN ID format is a 3-byte OUI, and a

4-byte VPN index, separated by a colon.
The VPN ID can be used with other
services such as DHCP and RADIUS.
Configured under the VRF:

vpn id oui:vpn-index
Forward delay, 15 seconds by default
When a switch running STP receives a

BPDU with the TC bit set, what is the
CAM aging time adjusted to?
Create an NHRP group on the interface:
ip nhrp group name
How do you apply a QoS policy-map to a
Assign the group to the policy-map on the DMVPN spoke?
interface:
ip nhrp map group name service-policy
output policy-map
Only the output direction is supported.

0180.C200.000E
What MAC address is used by LLDP?

LLDP
What technology uses the MAC address

0180.C200.000E?
0180.C200.0003
What is the MAC address used by 802.1X?

802.1X
What technology uses the MAC address

0180.C200.0003?
Associated with IoT, some devices

generate a very large amount of telemetry
data. With Fog Computing, the data is What is the Cisco term "Fog" computing?
collected and analyzed locally, and the
most important information is then passed
onto the cloud.
BPDU Guard errdisables the interface
when BPDUs are received.
What is the difference between BPDU
Loop Guard suspends the port in a "loop- Guard and Loop Guard with how ports
inconsistent" state when BPDUs stop being react to error conditions?
received, but automatically transitions the
port back into the normal STP states when
BPDUs arrive again.
Discard (TCP 9)
Echo (TCP 7)
Chargen (TCP 19) What is included with the TCP small
servers feature?
Route Target Constraint
RTC allows a PE to signal to an internal Within the context of MPLS, what is RTC?
route reflector only the prefixes it needs.
Normally, the RR sends all VPNv4 prefixes
to the PE, even if it will never import some
of the available route targets.
RTC allows a PE to send its RT

membership data to the RR with an address
family "rtfilter"
False
True or False: NBAR can classify multicast

traffic.
BGP RIB failure
What happens when BGP attempts to

install a route that already exists in the
routing table with a lower AD?
Unicast and broadcast
Which packet types can EPC capture on

egress?
Unicast, broadcast, and multicast
Which packet types can EPC capture on

ingress?
True
True or False: Multiple EPC capture points

can be active on a single interface.
The final three out of six bits are always 0:
CS0: 000 000 What is common across all Class Selector

CS1: 001 000 PHBs when their values are represented in
CS2: 010 000 binary form?
CS3: 011 000
CS4: 100 000
CS5: 101 000
CS6: 110 000
CS7: 111 000
The sixth bit is always 0
The first three bits correspond to the queue What is common across all Assured
class (1 - 4) Forwarding PHBs when their values are
represented as binary?
The fourth and fifth bits correspond to the
drop priority (1 - 3)
A non-transitive extended community that
can be passed between iBGP and
Confederation peers to influence the path What is the BGP cost community?
selection when multiple ECMPs exist, with
the lowest cost community being preferred.
The cost value is a 32-bit number, whose

default is the midpoint, 2147483647
IP SLA responders add timestamps when a
packet enters or leaves an interface, which
the router performing the IP SLA operation How does a router performing IP SLA
can use to account for the IP SLA operations consider the IP SLA responder's
responder's processing time. processing time?
The tunnel does not establish, because one
router must be configured statically.
What happens if tunnel mode auto is
tunnel mode auto allows a responding configured on both ends of a VPN tunnel?
router to automatically use either GRE or
IPsec mode depending on the packets
received, but the initiator must be statically
configured.
The rwin value should be equal to or
greater than the bandwidth delay product.
What should the TCP rwin value be set to
for maximum throughput?
6to4 should be used to connect isolated
IPv6 domains with P2MP links over IPv4
Per Cisco recommendations, when should
ISATAP should be used to connect within a 6to4 tunneling be used, and when should
single IPv6 domain with P2MP links over ISATAP tunneling be used?
IPv4
False, only GRE supports the keepalive
feature
True or False: IP-in-IP tunnels support
native keepalives.
GRE
What tunnel type supports a native

keepalive feature?
100 bytes
What is the default size of an IOS ping

packet?
When the tunnel destination is learned via
the tunnel itself. Avoid by determining
which addresses can never be learned over What causes a recursive tunnel failure?
a tunnel interface.
Ping the tunnel destination address from
the tunnel source address.
What is the proper way to use ping to test
tunnel connectivity?
The interface remains Up/Up by default,
because there is no default keepalive
mechanism. By default, what happens to the status of a
tunnel interface if it is shutdown on the
opposite end?
debug tunnel
What command generates this output?
*Mar 2 16:29:14.325: Tunnel0: GRE/IP

encapsulated 10.1.1.1->10.2.2.2
(linktype=7, len=124)
show interfaces status | exclude _1_
How can you view the status of all

interfaces while filtering those assigned to
VLAN 1?
udld port [aggressive]
How do you enable UDLD on an interface?

Configure bridging on the interface
Configure a logical interface such as a
tunnel, logical subinterface, virtual- What options are available to forward IP
template/virtual-access, etc. packets out of a physical interface without
configuring an IP address on the physical
interface itself?
-Is the interface physical or logical
-Will the interface perform Layer 2
(bridging) or Layer 3 IP forwarding What three simple questions should be
-Is the interface type P2P, multi-access, or asked of every router and switch interface
P2MP within the overall network with regard to
operation?
The interface must be point-to-point
(whether physical or logical)
What is the interface requirement of
issuing the ip unnumbered command?
Some versions of IOS automatically enable
keepalives on the Virtual Template, and
others do not. Verify keepalives are enabled What is a troubleshooting issue you should
on both sides with the keepalive command verify when using Virtual Templates on
under the Virtual Template configuration. both ends of a link?
Communication between two unnumbered
interfaces
With PPP, what is the no peer neighbor-
route command designed for?
debug ip packet and debug interface
If you do not receive back a ping, how can

you verify the packets are attempting to be
forwarded out the correct interface?
Layer 3 to Layer 2 resolution has failed,
and can be further examined with debug
arp If the output of debug ip packet reveals
"encapsulation failed", what does this
mean, and how can you further
troubleshoot it?
Type 1: Resolution Request
Type 2: Resolution Reply
Type 3: Registration Request What are the seven NHRP packet types?
Type 4: Registration Reply
Type 5: Purge Request
Type 6: Purge Reply
Type 7: Error Indication
This packet allows the sending router to
dynamically discover the physical IP
address associated with the destination's What is the purpose of the NHRP Type 1
logical tunnel IP address (such as in spoke- Resolution Request packet?
to-spoke traffic)
This packet is used by the spoke (NHC) to
inform the hub (NHS) of its physical IP
address. What is the purpose of the NHRP Type 3
Registration Request packet?
7200 seconds (2 hours)
What is the default holdtime for an NHRP

resolution request?
ip nhrp holdtime
How do you modify the timeout of an

NHRP resolution request?
1/3 the holdtime: 40 minutes by default,
2400 seconds
How frequently are NHRP registrations
sent from spokes to the hub?
ip nhrp registration timeout
How can you control the frequency of

NHRP client re-registration?
show ip nhrp nhs detail
How can you verify NHRP timeout values?

Define an ACL matching "interesting"
traffic and reference it with ip nhrp
interest How do you control which traffic will
generate an NHRP resolution request?
Shut/no shut each spoke tunnel interface, or
perform clear ip nhrp on the hub.
When enabling multicast support on a
DMVPN hub with the ip nhrp map
multicast dynamic command, what
additional step must be performed if spokes
are already connected to the hub?
Enable 802.1X globally:
dot1x system-auth-control
How can you configure a Catalyst switch to
Interface: dynamically assign a switch port to a
switchport mode access particular VLAN if no response is received
authentication event no-response action from a RADIUS server?
authorize vlan vlan
authentication port-control auto
dot1x pae authenticator
show dot1x
show dot1x interface interface
How can you verify 802.1X information on
a device?
RIP process:
no validate update-source
How can you force RIP to accept updates
from "bad sources", such as when using ip
unnumbered on a P2P link?
TTL = 2
What is the TTL of both RIP and EIGRP

packets when neighbors are manually
configured?
Like ACLs, OSPF network statements are
processed top-down and therefore more
specific entries should be added first. What order should the OSPF process
network commands be entered?
debug ip ospf hello
What debug command should you run if

OSPF is not forming a neighbor
relationship?
OSPF packets have a TTL of 1, therefore
all communications must be direct. This is
also the reason why the hub MUST be Why are OSPF spokes unable to form
elected DR, and not one of the spokes spoke-to-spoke adjacencies over a hub-
and-spoke topology?
The secondary addresses must be placed in
the same OSPF area as the primary address
What is a requirement for OSPF to

advertise secondary addresses?
A link that has only a single connection to
the rest of the physical topology.
What is a stub physical link?
Transit routing domain (core)
Non-transit routing domain (edge)
What are the two general tiers of a routing
hierarchy?
Non-transit multi-homed routing domains
should advertise only those routes which
originate within the same routing domain. During redistribution, which routes should
be advertised by a non-transit multi-homed
routing domain?
distance ad 0.0.0.0 255.255.255.255 acl
How can you modify the AD of particular

routes from all routing sources?
distance 255 0.0.0.0 255.255.255.255 acl
What command is equivalent to distribute-

list acl in ?
You must configure ebgp-multihop since
traffic passes through the hub.
What is a requirement of configuring
spoke-to-spoke eBGP on an NBMA
network?
The cluster ID must be configured with
bgp cluster-id id before any neighbors are
configured to be RR clients. The command What is the order of operations for
is otherwise rejected. configuring a BGP RR cluster ID?
This command is necessary for BGP
speakers that are members of a
confederation and also eBGP neighbors When is the bgp confederation identifier
with an AS outside of the confederation. command necessary?
When the router is a member of a
confederation and it maintains an eBGP
neighbor relationship with another AS When is the bgp confederation
inside the confederation. peers command necessary?
The confederation identifier command is
used when the BGP speaker is a member of
a confederation and maintains an eBGP What is the difference between bgp
connection with a public AS outside the confederation identifier and bgp
confederation. confederation peers ?
The confederation peers command is used

when the BGP speaker is a member of a
confederation and maintains an eBGP
connection with a private AS inside the
confederation.
The NEXT_HOP PA is not changed.
How is the BGP NEXT_HOP PA affected

as it is propaged over eBGP connections
inside a confederation?
-filter-list (AS_PATH filtering)
-route-map
-distribute-list / prefix-list What is the order of precedence for
filtering inbound BGP advertisements?
-distribute-list / prefix-list
-filter-list (AS_PATH filtering)
-route-map What is the order of precedence for
filtering outbound BGP advertisements?
The expanded option can accept regular
expressions
What is a feature of ip community-list
expanded over the standard option?
Weight is used to inflence outbound traffic
on a single BGP router, whereas Local-
Preference is used to influence outbound Within Cisco IOS, what is the difference
traffic among all iBGP routers in a single between BGP Weight and Local-Preference
AS. for intended use?
The aggregate contains the sum of all the
communities, so if one of the component
prefixes carries, for example, the no- What is a caveat of creating a BGP
advertise community, the scope of the aggregate with regard to communities?
aggregate will be limited.
-Adj-RIBs-In - routing information learned
from inbound UPDATEs
-Loc-RIB - local routing information What are the three components of the BGP
selected after local policies applied RIB?
-Adj-RIBs-Out - routing information carred
in outbound UPDATEs
Check the configuration of the DMVPN
tunnel interfaces to determine the DMVPN
phase. With DMVPN Phase 1, OSPF When attempting to configure OSPF
neighborships are between hubs and spokes neighbors over a DMVPN, what should
only, not between spokes. you check first with regard to potential
neighbors?
EIGRP summary routes are seen as EIGRP
Internal with an AD of 90.
With EIGRP, what is the AD of a summary
route created exclusively from EIGRP
External routes?
With regular Split Horizon, route
information is not advertised back out the
interface on which is was received. Why is Split Horizon with Poisoned
Poisoned Reverse advertises back the Reverse an improvement over regular Split
routes with an infinite metric. This is an Horizon?
improvement because if the originating
router receives corrupted information, it
could proceed as if the particular route is
reachable via the router it had previously
advertised to. Split Horizon with Poisoned
Reverse prevents this type of routing loop.
-Change in cost of directly connected link

-Change in state (up/down) of directly
connected link An EIGRP router reasses its list of feasible
-Reception of Update packet successors for a route any time an input
-Reception of Query packet event occurs. What are the five input
-Reception of Reply packet events?
Interface:
ip ospf flood-reduction
How can you set the OSPF DoNotAge bit
With this command, the DoNotAge bit is on LSAs?
set on LSAs advertised out the interface
and the LSAs are not refreshed unless they
change.
Globally:
ip name-server ip
How can you configure OSPF to use DNS?
OSPF process:
ip ospf name-lookup
disable-connected-check is used when
two eBGP neighbors are directly
connected, but not peered over a common What is the difference between the BGP
subnet (such as when loopback interfaces commands neighbor ip disable-
are used for peering). connected-check and neighbor ip ebgp-
multihop hops ?
ebgp-multihop is used when one or more
routers are between the two eBGP peers.
bgp suppress-inactive
What BGP command prevents the router

from advertising a prefix to other BGP
peers if an entry in the BGP table could not
be entered into the local RIB (RIB failure)?
The established keyword in an ACL
What causes IOS to look for a cleared

ACK or RST bit in the TCP header?

CCIE Flash Cards

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

CCIE Flash Cards

Enviado por

Direitos autorais:

Formatos disponíveis

5/18/2019 Untitled Document

Sequential order based on sequence

What happens if a route-map clause omits

When a route-map is used for

ip access-list standard d1p2

references an ACL containing a deny

ip prefix-list PFX_TEN permit 10.0.0.0/8

ip prefix-list PFX_TEN permit 10.0.0.0/8

How can you match only a default route

What is the AD of a Connected route?

What is the AD of a Static route?

What is the AD of a EIGRP summary

What is the AD of an eBGP route?

What is the AD of an internal EIGRP

What is the AD of an IGRP route?

What is the AD of an OSPF route?

What is the AD of an IS-IS route?

What is the AD of a RIP route?

What is the AD of an external EIGRP

What is the AD of an iBGP route?

What is the AD value of an

What is the AD of an ODR route?

True or False: When redistributing a

-Use the default-metric command under

How can you verifiy if a tag was set on a

The solution, where possible, is to mark the

EIGRP does this by default.

distance distance-value ip-address/RID During route redistribution, how can you

Where ip-address wildcard is the source

summary-metric network mask AD How do you modify the AD of an EIGRP

In EIGRP named mode, this is configured

OSPF allows route summarization only as

this can be set statically with the cost

-Static route to 0.0.0.0 with the

The default-information originate

True or False: You can advertise a default

Best AD If a router learns of multiple default routes

Static route > prefix list > route map >

ip prefix-list zero-prefix permit 0.0.0.0/0

route-map just-default permit 10

router eigrp ASN

must be in the same forwarding path taken

True or False: With PfR, the MC and

When configuring PfR, what is the first

What command is used to create a PfR

pfr master With PfR, how do you designate the border

How can you verify the PfR MC / border

pfr border How do you enable PfR on a Border

Define the Local interface used to

Loopback interfaces are recommended.

What is required for the PfR MC process to

How can you verify the status of PfR?

Range - multiple WAN link usage is kept

What is the default frequency of PfR active

What is the default TTL limit of

In Cisco IOS, what is the traceroute default

How can you display all user-defined

How can you display all applications that

How can you display the status of an

A multicast address is always used as the

The assignment of IP multicast addresses is

Which IP addresses are considered

What range of IP addresses are used with

What is the range of private IP multicast