1. Switches increase
the number of collision domains in a network
2. Switches forward
broadcasts and multicasts by default to all ports within the same vlan. Routers block all broadcasts by default.
3. A switch is a
multiport bridge which learns mac addresses by examining source mac addresses
of incoming frames
4. The main function
of a router is to connect different separated networks together. A subset
of this function is switching packets
and providing network communication and also filtering of addresses and
applications at the port level.
5. Hubs can be used
at layer one to repeat an electrical signal, (extend) and increase the amount
of stations supported on a lan.
Repeaters do not interpret bits but do examine and generate electrical
signals.
6. Packet switching
and path selection are the primary functions of a router.
7. Switches usually
have a higher number of ports than bridges.
Bridges and switches forward layer 2 broadcasts and make forwarding
decisions based on layer 2 addresses.
8. A csu/dsu
terminates a digital local loop. A modem terminates an analog local loop. A
router is commonly considered a dte device.
9. Switches are
capable of filtering frames based on layer 2 fields and also have the potential
for 100Mb full duplex communication.
10. CDP can be used
to determine the ip address of a directly connected device and to verify layer
2 connectivity.
11. CDP can supply
device id’s (hostname), capabilities (router, switch, etc.), platforms (ios and
version), port id (interface), and layer 2 and 3 addresses of directly
connected layer 2 devices.
12. 100 MB utp has a
distance limit of 100 meters. However, fiber is not prone to voltage potential
differences (not susceptible to electrical interference and provides a lack of
emissions).
Page 2
13. Switches on
different networks (subnets, vlans) will need a router between them connected
by a straight through cable. Like
devices require a crossover, unlike devices, straight through and a console cable for the router must be a
rollover cable.
14. WAN connections
operate at layer 1 and layer 2 of the osi model. Occasionally they operate at
layer 3 (in the case of x.25)
15. ICMP is a
protocol that helps manage, control and verify the veracity of a TCP/IP network
at the layer 3 (network) layer.
16. Layer 7
(application layer) is the highest layer of the osi model. It describes the use of applications such as
http, ftp, tftp, etc.
17. IP addressing and
routing reside at OSI layer 3 (network layer)
18. The transport
layer (layer 4) provides end to end connectivity for connection oriented (TCP)
and connectionless oriented (UDP) protocols.
TCP is connection oriented because it includes reliability and flow
control functions. UDP is connectionless because it is merely best effort.
19. The network layer
creates logical paths between host systems on a LAN.
20. The transport
layer is concerned with transmission acknowledgement (syn, syn-ack, ack)
sequencing and flow control on a network, as well as error recovery.
21. As a packet
traverses a network it retains the address of the destination host (OSI layer
header) whereas, the layer 2 address represents only the hardware address of
the next hop device. Layer 2 information
remains local (never passes through a router).
22. The transport
layer provides mechanisms for segmenting upper layer applications, the
establishment, maintenance and orderly termination of virtual circuits, flow
control and reliability via TCP, transport fault detection and recovery. The network layer uses layer 3 addresses for
path determination and packet forwarding.
Packets are encapsulated, not frames.
The datalink layer adds hardware source and destination addresses to
frames, not segments.
23. The transport
layer provides reliability through acknowledgements, sequencing and flow
control. Data segments are sequenced
into their original order upon arrival to the destination. It uses flow control to prevent packet
flooding to the destination host.
24. skipped.
Page 3
25. The TCP segment includes 12 fields:
1. Source port 2.
Destination port. These first two fields
identify the upper layer source and destination ports processed by TCP
services. 3. Sequence number usually
specifies the number assigned to the first byte of data in the current message.
It can also be used to identify an initial sequence number for a future
transmission. 4. Acknowledgement number,
contains the sequence number of the next
byte of data the sender expects to receive.
5. Data offset indicates the
number of 32 bit words in the TCP header.
6. Reserved-for future use. 7. Flags- carries control information, including
syn-ack bits for connection establishment, and FIN for connection
termination. 8. Window-specifies the size of the sender’s
receive window (buffer space available for incoming data) 9. Checksum-indicating header transmission
damage if applicable. 10. Urgent pointer- points to the first urgent
byte in the packet 11. Options-various
tcp options, and 12. Data, contains upper layer information.
26. skipped
27. In order to configure a static (1 to 1) NAT
the ip nat inside source static
(inside-address) (outside-address) command must be issued in global
configuration mode. Then the
corresponding interfaces must be configured for nat, ie:
int fa0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
int s0/0
ip address 69.69.69.69 255.255.255.252
ip nat outside
28. https uses TCP port 443 for a secure web connection at
layer 4.
29. Telnet and FTP
are both examples of programs that use
the Application layer of the OSI model (layer 7). Also www browsers, NFS, SMTP,
SNMP, HTTP.
30. The OSI model
encourages industry standardization by defining what functions should occur at
each layer, and divides the communication process into smaller and simpler
components, aiding component development, design and troubleshooting.
Page 4
31. Types of flow
control used in a network: (layer 4)
Congestion avoidance, windowing and buffering.
32. SMTP, FTP, HTTP and
HTTPS all use TCP at layer 4 because of its reliable delivery.
33. A tcp header
(layer 4) contains source port, destination port, sequence number,
acknowledgement number and window size fields. The acknowledgement number refers to the
sequence number of the last pdu received.
34. A TCP header
contains a source port (ie 21 for FTP0 an acknowledgement number and a window
field.
Source port = 16 bits
Destination port = 16 bits
Sequence number = 32 bits
(the sequence number of the first data byte. If the SYN bit
is set, the sequence number in the first byte of data is the initial sequence
number plus 1).
Acknowledgement number = 32 bits
(if the ack bit is set this field has the value of the next
number the sender is expecting to receive)
Data offset = 4 bits
(the number of 32 bit words in the TCP header, indicating
where the data begins. The length of the
TCP header is always a multiple of 32 bits).
Reserved 3 bits (must be cleared to zero.
ECN = 3 bits Explicit Congestion Notification (rfc 3168)
Control bits = 6 bits
Window = 16 bits (number of data bytes which the sender will
accept).
Checksum = 16 bits.
Urgent pointer = 16 bits
Options = 0 – 44 bytes
Data = Variable length.
35. Acknowledgement,
sequencing and flow control are functions of the transport layer.
36. If a receiving
host is failing to receive all the segments that should be acknowledged, the
receiver can decrease the window size, however this will reduce throughput
overall as the segments are smaller and more acknowledgements will need to be
sent.
Page 5
37. The highest layer
used by FTP is the application layer.
Naturally, in the course of the communication, all OSI layers will be
used.
38. ICMP is used for
network troubleshooting and verification.
It can provide hosts with information about network problems and is
encapsulated within IP datagrams. ICMP
is a an IP protocol. No source or
destination ports are included in its packets.
39. SMTP, FTP and
HTTP use TCP for reliable data delivery.
40. Buffering,
windowing and congestion avoidance are type of flow control used by the
transport layer.
41. Telnet uses TCP
port 23 at layer 4.
42. DNS uses
both TCP and UDP at layer 4.
FTP ports 20 and 21, SMTP port 25, Telnet port 23 all use
TCP at layer 4.
43. A switch with
VLAN’s is the best method to segregate traffic at layer 2, with the aid of a
router (LAYER 3).
44. Applications that
use UDP for transport are tolerant of UDP’s connectionless quality and usually
have some mechanism to recover data loss.
Therefore in the case of VOIP, UDP will pass the datagrams up to the
next layer of OSI in the order that they arrive, and the application will sort
it out.
46. A fully meshed
network (all network devices connected directly to all other network devices)
creates maximum redundancy, and minimum latency.
47. Partially meshed skipped. See partially meshed.
48. Hub and
spoke. All connections linked to a
single Hub.
Page 6
54. when packets
leave hostA destined for hostB, the packet contains the source ip address of
hostA, the destination ip address of hostB, but arrives bearing the mac address
of the default gateway for hostB.
57. a router that
does not responf to a trace can be a potential problem in a network path.
58. A mac address is
changed after crossing each broadcast domain.
Ie. A packet leaves a host, it’s ip address remains intact throughout
the trip. The mac address will be the
mac address of its default gateway. For
the receiving host, the mac address will be the mac address of its gateway.
59. a packet destined
for an http server leaves a host. The
destination port number will be 80. the
source port is chosen randomly but in this case the destination port will be 80
(http) the destination ip remains the same but the destination mac will be that
of the receiving host’s default gateway.
60. routers forward
packets based on the network address.
They build a new mac header which includes the router’s mac address and the final
destination’s mac, or the mac address of the next router in the path.
61. as a packet traverses
its path the source and destination ip address does not change. The mac address will be the default gateway
of the sender, unless it passes through another router.
62. a packet’s ip
addresses remains the same as it traverses the network but the destination’s
physical address is the gateway router’s physical address.
63. as a packet
traverses a network it retains its source and destination ip addresses. The destination mac address will be that of
the receiving host’s gateway router.
64. packets destined
for a host on another network will begin the journey with the hardware address
of it’s gateway router.
65. if a destination
ip address resides on a different network, the frame begin’s its journey with
the mac address of the sending hosts gateway.
It will arrive at the host with the mac address of its own gateway
router.
66. source and
destination ip addresses never change as a packet traverses an
internetwork. The frame however begins
the journey with the senders gateway mac, and ends the journey with the
receivers gateway mac.
67. another name for
a mac address is content addressable memory.
68. BGP is
unnecessary on networks that contain only a single link to the internet. IGP’s are usually not supported by ISP’s.
69. setting a default
route can be done two ways; using the interface name of the originating router,
or the address of the next hop address.
Ie., 0.0.0.0 0.0.0.0 s0/0 (of the originating router) or 0.0.0.0 0.0.0.0
192.168.1.2 (s0/1 address of next hop)
70. review
config-router#default-information originate for OSPF networks
71. a default ip
route. Ip route 0.0.0.0 0.0.0.0 197.100.100.1 and a default network route, ip
default-network 197.100.100.0, are the same basic ideas
72. to provide a wan
connection to an isp through the local loop to the CO of the provider use a
csu/dsu or a modem
73. STP takes 30 to
50 seconds to converge. If a primary trunk goes down, the blocked trunk,
redundant link will take over after convergence.
74. show cdp neighbor
detail will give you layer 3 information about directly connected layer 2
devices.
75. if a directly
connected link is up, and you have no layer 2 communication, you have a layer 2
problem.
76. with link lights
and no ability to ping (request timed out) the problem is most likely a layer 3
problem.
77. straight through
cables connect unlike devices, host to switch, switch to router. Crossovers
connect like devices. Lights at the
links mean physically, links are good.
An encapsulation problem would have lights but no connectivity (layer 2
problem)
78. administratively
down means the administrator has the port in shutdown (or out of the box
config), just down indicates a physical problem and line protocol down
indicates a layer 2 problem
79. CDP is a device
discovery protocol (cisco proprietary) that operates at layer 2 (datalink)
80. https, smtp and
tftp are application layer protocols
81. full duplex
Ethernet can provide higher throughput than half duplex of the same bandwidth.
82. in store and
forward switching the frame is received before forwarding. Store and forward
may increase latency but it can reduce the amount of errors forwarded through
the network.
83. split horizon
means that information about a route should never be sent back in the direction
in which it came.
84. PPP is not an
option for lan interfaces. CHAP authentication can only be used on PPP
encapsulated interfaces. The speed command is not used on WAN interfaces
85. use straight
through for unlike devices, crossover for like devices, and a console cable
from host to router.
86. a crossover cable
should be used between switches for trunking (like devices)
87. trunked links
should be provisioned with 100M cables at a minimum between switch and router
to provide IVR. Either isl or 802.1q may be employed for the trunk.
88. like devices used
crossed cables, unlike, straight through, router to host (console) uses
rollover.
89. two pc’s
connected together need a crossed cable and need to be in the same subnet.
90. 10baset has a
distance limitation of 100 meters. 100basetx (fastethernet) and 1000baset (1
gig)
91. full duplex
provides higher throughput than does half duplex
92. port security
(mac security) . if a mac address other than one designated attempts to access
a secure port the port shuts down permanently (default), shuts down based on a
time constraint or drops the packets.
93. the max segment
length for an Ethernet cable should not exceed 100 meters.
94. ieee 802.3u
describes 100base-tx. 802.3z
describes 1000 base-sx. 802.3ab
describes 1000base-t.
95. too many hosts in
a broadcast domain, broadcast storms and low bandwidth can contribute to lan
congestion.
96. on a csma/cd Ethernet
a device with a frame to send listens for the Ethernet to be
not busy
the device sends the frame after not busy detected
the sender listens to insure no collision has been detected
after a collision is detected, they each send a jamming
signal to ensure all stations
recognize the
collision
after jamming is complete each sender randomizes a timer and
waits
after timer expiration start step 1
97. half-duplex
Ethernet uses a loopback circuit to detect collisions. Full duplex uses two
wire pairs to avoid collisions altogether.
98. Full duplex is
good because it is collision free with increased throughput
99. half duplex means
you can’t send and receive at the same time
100. a device with a frame to send listens for the Ethernet
to be not busy
the device sends the frame after not busy detected
the sender listens to insure no collision has been detected
after a collision is detected, they each send a jamming
signal to ensure all stations
Page 10
recognize the
collision
after jamming is complete each sender randomizes a timer and
waits
after timer expiration start step 1
101. logical bus and
ring topologies are often organized as a
star topology. Ethernet 802.3 networks
are primarily bus topologies.
102. csma/cd: a
device listens and waits until the media is not busy. All devices see data that passes on the
network medium.
102. . csma/cd: a device listens and waits until the
media is not busy. All devices see data
that passes on the network medium.
103. on a csma/cd
Ethernet
a device with a frame to send listens for the Ethernet to be
not busy
the device sends the frame after not busy detected
the sender listens to insure no collision has been detected
after a collision is detected, they each send a jamming
signal to ensure all stations
recognize the
collision
after jamming is complete each sender randomizes a timer and
waits
after timer expiration start step 1
104. for every switch
port there is one collision domain. For every hub there is one collision
domain. For every port on a router there
is one broadcast domain.
105. a switch and a hub are each connected to an interface
on a router. The switch has four hosts.
There are 5 collision domains from the vantage point of the switch (4
hosts + 1 connection to the router. The hub provides 1 the router provides 2 broadcast domains. The router segments broadcast domains.
106. routers are good
for a network because they filter layer 3 information and don’t forward broadcasts.
107. switches,
bridges and routers work together to segment a collision domain using vlans.
Page 11
108. a switch and a
hub are each connected to an interface on a router. The switch has four
hosts. There are 5 collision domains
from the vantage point of the switch (4 hosts + 1 connection to the router. The
hub provides 1 the router provides 2
broadcast domains. The router separates
broadcast domains.
109. routers do not
forward broadcasts by default, routers separate broadcatsts, unless you use ip
helper-address
110. root bridge selection is determined by mac address and
bridge priority.
111. if a switch
receives a frame with a destination MAC in it’s table it will forward the frame
to the corresponding port. See diag.
112. Multiple frame
copies can cause MAC database instability.
If multiple connections between switches (redundancy) network loops can
occur in an improperly designed topology.
113. skipped. See
diag.
114. In spanning tree
a lower priority means better.
115. an unknown host
sends a frame to a host on the other side of the switch. The first thing the
switch does is update it’s mac table with unknown’s mac address.
116. A broadcast
address will never be the source address of a frame for input into a
mac-address-table.
118. if a switch
receives a frame destined for a host whose mac address is not in its mac table
it will flood the frame back out all ports except the one upon which it was
received.
119. if a source
address is not in the mac table a switch will flood thye frame out all ports
except the one upon which it was received.
120. if a source
address is received by a switch but is not in the mac table, but the
destination is, the switch will add the new source mac to its table and forward
the frame to the proper destination port.
121. if a switch
receives a frame from a source mac in it’s table destined for a mac also in its
table it will forward the frame to the destination mac.
Page 12
122. if two mac’s
populate a mac table and those two macs are off a hub, there are two macs in
the switches table assigned to one port because a hub is a single collision domain
and the switch will assign the one port both addresses dynamically.
123. mtu is maximum
transmit unit which in this example 1500 is the supported mtu size of the
packet.
124. see diagram
125. ip
default-gateway (address) will set the default gateway on a switch to it’s
directly connected next hop router. The
default gateway receives unresolved destination ip’s from the switch.
126. assigning an ip
to a switch will allow the switch to be manged on the network.
127. all fa and gig
links by default are capable of trunk negotiation using dtp. On auto or
desirable. If both ends are set to auto as dtp considers
this passive, they will be set to non-trunking.
128. when setting a
switch first configure the default-gateway of the next hop router in global
configuration mode, then set the ip address of int vlan 1? And issue the no shut command. A copy run start wouldn’t hurt either
129. to configure a
switch remotely two criteria must be met; it has to be reachable through a vlan
management port, and it must have an ip address, subnet, mask and ip
default-gateway.
130. for telnet a
switch must have an ip, subnet mask and default gateway assigned.
131. for a switch to
use telnet a default gateway, and interface ip and subnet mask must be configured.
132. for a switch to
communicate across a router that is directly connected, the switch will need a
default gateway, and ip and subnet mask on a switch interface.
133. unicast icmp
packets are required to be sent to a host in order to receive a ping reply.
134. an alternating
amber and green light on a switch port
means the port is experiencing errors.
Page 13
137. in arp
establishes correspondence between ip and an Ethernet hardware address. Serial
interfaces will never appear, only the local Ethernet address.
138. from a router
show arp will display entries in the arp table, layer 2 , associated to layer 3
addresses. As will sh int
139. arp finds a
hardware address from a known ip address
140. sh ip arp will
show ip addresses and associated hardware addresses.
141. a switchport
operating in a csma/cd network is at half duplex but may or not be at 10 mbps.
142. for a vlan trunk
the valid modes of operation are on, dyn auto, dyn desirable. Off an nonegotiate are the other two modes.
143. isl and 802.1q
are the two trunking encapsulations used on cisco switches.
144. a duplex
mismatch will normally result in performance issues. (fcs’s)
145. a lan segment
with too many hosts, broadcast storms
and low bandwidth are usually the causes of network congestion.
146. unlike devices
require straight through cabling.
147. do not use
portfast on trunks
148. vtp is used by a
router (layer 3 switch) to propagate vlan configuration information in a
network
149. vtp allows
switches to share vlan configuration information.
150. a switch in vlan
transparent mode can have it’s local vlan database configured but will not
propagate this information across the wire.
Page 14
151. if a switch has
another vlan added to it, that switch will support another broadcast domain
152. for vlan
information to pass through a network, a switch in server mode is needed, the
switches need to be in the same vtp domain, and tagging has to be the same (trunking,
isl or 802.1q)
152. to ensure a
switch becomes the root switch in the network, set the swich’s id to the lowest
value (combination BID and mac address; lower value, higher priority)
153. STP is a layer 2
protocol used to maintain a loop free environment int a meshed or partially
meshed switch fabric.
154. the spanning
tree cost is the accumulated path cost based on the bandwidth of each of the
links.
155. stp in redundant
lans works to prevent loops.
156. the bridge with
the lowest priority value (the bridge id is made up of priority number, first part of number, and
wins regardless of mac number)
157. 4 stp states for
a bridge port; blocking , listening, learning, forwarding in that order.
158. a fully
converged switch network for spanning tree is when all bridge ports are in
blocking or forwarding state.
159. full convergence
in spanning tree is when all bridge ports are forwarding or blocking.
160. in a redundant
switch fabric, stp works to prevent switching loops using 802.1d IEEE algorithm
161. stp prevents
loops in redundant switch environments by placing links in forwarding or
blocking state, blocking redundant paths,
162. in both the
learning and forwarding states will an stp switch learn mac addresses.
163. the root bridge
will have the lowest mac address according to the diagram
164. spanning tree
protocol prevents loops in switches connected by multiple paths by placing
ports in forwarding and blocking states.
Page 15
165. stp’s primary
purpose is to prevent loops in redundant topologies
166. when every
operating switch has it’s ports either blocking or forwarding, spanning tree is
converged.
169. the purpose of
stp is to maintain a loop free layer 2 topology
170. disabled ports
are admin down, or shut down by the system due to faults
a blocked
port still receives bpdu’s
listening
occurs when the root switch determines the port can be ready to forward
after
forward delay, a port can move into learning and can place mac addresses in its
table
after
forward delay the port becomes forwarding
171. the root bridge
is elected root because of its lower priority. In case of a tie, the lowest mac
address is the tie breaker.
173. the root port is
the port closest to the root switch in terms of cost.
174. an 8 byte value consisting of BID 2 bytes (prioriy), and mac 6 bytes. The lower priority wins, go to mac’s if tied.
175. spanning tree
can only be converged after, root bridge, root ports and designated ports are
elected. The root port is always either directly connected to root or the least
cost path to the root based on bandwidth.
176. an admin would
change a switch’s priority in order to optimize the path frames take from
source to destination.
177. the least cost
path to root determines which port becomes the root port for non-root switches.
Page 16
180. VTP will
accomplish a single vlan management domain in a switched network
182. vlans segment
traffic into multiple smaller lans. This enhances security and efficiency as
traffic remains in the vlans whenever possible.
183. vlans will
segment a lan into smaller broadcast domains.
184. vlans group
users by department or groups, reduce overhead by limiting the size of
broadcast domains, increase security by keeping traffic separated per vlan, and
separate traffic overall, ie, voip on a separate vlan.
185. vlans can
subdivide collision domains into smaller functional units, without being
hampered by location. Vlans logically
divide a switch into multiple switches at layer 2.
186. vlans establish
broadcast domains in switched networks, thereby creating many and more
efficient broadcast domains as well as reducing congestion which enhances
throughput overall.
188. vlans are great
for segmenting departments into separate segments at layer 2. another option would be to create two wholly
separate networks and route between them.
189. a vlan needs a
router to route traffic between or separate vlans will not
intercommunicate.
190. a trunk port is
needed between a single link on a switch to a router to support subinterfaces.
191. subinterfaces
need to be on the same vlan to support a host on that vlan.
192. inter vlan
communication requires the use of a router.
194. if the link
supporting a trunk is down the subinterfaces are also down.
195. vlans are good,
because of; increased performance, improved manageability, tuning and
simplification of software configs, physical topology independence, increased
security, and increased performance.
196. if a routers
interface that is connecting the vlans is down, hosts in the same network would
still be able to communicate with each other but not with hosts in other vlans.
197. the only
requirements for creating a vlan, are
number… these last two are incorrect name and assigned ports.
200. a switchport
will need to be in the proper vlan to support particular system resources for a
given host (pc)
201. sh vlan will
give you the vlan names and port members of those named vlans
202. sh vlan will
show all ports in access mode… ports that are missing are trunks
203. all vlans are
allowed over trunks by default.
204. by making a vlan
native it will designate that vlan for untagged traffic
206. isl (cisco) and
dot1q (IEEE) are the two main choices for trunk links.
207. the two essentials
for setting up a trunk link are, vtp server, and vtp domain (case sensitive)
208. all vlans are
allowed on trunks by default.
209. frame tagging
allows for trunk encapsulations to use vlans
210. VTP is a
protocol that allows information about a new or existing vlan to be shared
across a switched network.
Page 18
211. two
encapsulation types are configurable on cisco trunks, isl and 802.1q
212. swichport encap
dot1q then sw mode trunk are the two necessary commands to make a trunk.
213. encap frame
types for cisco switches are isl and dot1q
214. without a router
a host can only ping hosts who are members of the same vlan
215. without a router
hosts across two switches will still need a trunked link to communicate in the
same vlan.
216. trunks are used
only between routers and switches, never end stations or servers.
217. hosts need to be
in the same vlan as the vlan supported
by it’s router’s gateway.
219. split up a
single trunk to support subinterfaces for a router to isolate vlans
220. use
subinterfaces for inter-vlan comm. On a trunk to a switch/ switch switch/router
221. the subinterface
on the trunk to the router corresponding to that vlan is the gateway for a
host.
225. the vtp password
is used to validate sources of vtp adverts between switches.
226. for switches to
share vtp information they must also share the same vtp domain name.
227. a switch in vtp
client more cannot save changes to nvram
228. a switch is
required to be in server mode to make changes to a vtp domain.
229. in transparent
mode a switch can forward advertisements but does not participate in vtp processing.
Page 19
230. in client mode a
switch will forward advertisements and participate in vtp processing.
231. if a switch in
client mode, although receiving update information from a server mode switch
will ignore that servers updates if the client switch has a higher revision
number.
232. a client forwards
but does not save
233. a vtp client
will forward information to other vtp enabled switches in the domain.
234. change disparate
names of vtp domains to be the same so that vtp servers and clients can
participate in vtp
235. see 234
236. an arp request
is a broadcast and without the aid of spanning tree in a redundant switched
network there is a potential for a broadcast loop.
237.
non-designated ports equal
blocked ports by spanning tree, flows are through root and dp’s
238. a root switch
has all ports in non-blocking
239. the lowest
bridge priority value will win the election.
241. 100,000 kbits is
fast Ethernet…
242. if a switch
receives a frame that is not in its mac table, it will flood the frame out all
the ports except the one upon which it was received. A mac address will age out
after 300 seconds
244. use port
security on a switch port and/or static entry to ensure that only the assigned mac is allowed.
Page 20
245. mac layer security
will restrict access to that port based on a number of criteria. Restrict to single mac, restrict to a subset
of macs. Restrict to a defined maximum of sticky’s…
246. sw port-security
max 1 would limit a host of 1 on that port. If violation is set to shut down,
guess what, the port shuts down.
247. sticky addresses
can be learned dynamically. Port security sticky will retain dynamically
learned addresses even after the link goes down.
248. with port security dynamically learned addresses run in
running config and can be saved to start so they are there on next restart.
249. use mac security
to limit a host or hosts to a port on the switch.
250. private addresses are 10.0.0.0 – 10.255.255.255 172.16-
172.31.255.255 and 192.168. – 192.168.255.255
251. private
addresses are not routable and were devised as a way of conserving addresses on
the internet
252. rfc 1918 defines
the private, non royable addresses for use on private networks. They are 10 – 10.255.255.255 172.16 –
172.31.255.255 and 192.168.0.0 192.168.255.255
253. all addresses in
the rfc defined private ranges are not routable on the internet. Those except the private addresses and beyond
223.255.255.255 are not routable.
Privates are 10.0.0.0 /8 172.16.0.0 /12 192.168.0.0 /16
254. typically a
small network will be issued public addresses by an isp. Isp’s typically get their registered
addresses from IANA RIPE or ARIN
255. a dhcp server
typically automates/assigns ip addresses, and masks, host gateways and dns
server information.
256. dhcp uses udp at
the transport layer (port 67 dhcp server, port 68, client). A broadcast of dhcpdiscover leads to
dhcpoffer from the server.
257. dns uses both
tcp and udp at the transport layer. Udp
messages are not larger than 512 bytes.
Tcp is connection-oriented and zone transfers must be reliable. Udp is responsible for name lookup
Page 21
258. an ip address
must be assigned to an interface before it can be used by dhcp access lists
259. ensure that a
host ip falls within the subnet of it’s router’s (gateway) subnet.
260. see question for
details
261. use ip
subnet-zero to get more subnet bits out of a tight subnet requirement
262. be careful of
subnet questions that pose different masks from slash notation to decimal
notation
263. for the host the
gateway is always the ip address of the next hop router. Careful of slash v.
decimal notation in the same question
269. be careful when
asked which one host when two answers are right… correct here
270. the gateway
router and a host need to be in the same subnet, correct
271. for class b address
the third octect, ie, 172.16.8.0 and 16.0 in a /21 or 248.0 would be network
addresses, correct
272. the default
gateway is always the next hop router, and they have to be in the same subnet.
Correct
313. incorrect. Route aggregation means combining routes to
multiple networks into one, summarization and supernetting. These are the SAME
328. correct a router
rorwards an incoming packet by finding routes that match the destination
address of the packet, and forwards it to the closest applicable one. An entry with a host address rather than a
network address is the closest of all.
329. a routing
protocol must be enabled to route packets to discontiguous network addresses.
330. if a router
cannot find a boot image in flash it will try a tftp server, unless there are
specific boot system instructions
331. x2102 default
boot from flash, x2142 bypass start in nvram, x2100 boot into rommon
332. if no boot system
in nvram, then tftp, then setup
333. if a valid start
is not found in nvram, nor tftp, the router
334. up arrow recalls
the last command
335. show history
will open the history buffer
page 25
336. setup mode is
usually run out of the box on a new router.
If a router can’t load start from nvram it will load setup… what about tftp?
337. x2102 loads ios
from flash and start from nvram. X2142 will by pass start in nvram for password
recovery. If there is a physical problem
in flash or nvram it won’t boot properly and will not go to setup
338. ctrl-c will bust
you out of setup
339. o/r 0x2142 will
tell the registry to bypass nvram
340. nvram is the
storage location for start
341. use 0x2142 to
recover the console password, or enable secret after overwriting start
342. on boot up the
router, performs podt(hardware checks), loads and runs bootstrap code from rom,
finds and runs ios and other software, finds start in nvram and loads it into
run
343. to recover a
password, set the config-register to 0x2142 (which bypasses start) then rename
config.text in nvram to config.old and reboot.
Set new password, rename start,
copy run to start and reboot
344. if a router has
not been configured it will go into setup, otherwise it will load start into
ram
345. two ways a
router gets into setup, config is missing in nvram, or setup is run from
priviledged mode.
346. ios will only be
overwritten if there is not enough space available.
347. 0x2102 is normal
for config register it means load start from nvram into ram
348. boot sequence is
flash, tftp, rom (not full ios)
349. if start is not
found in nvram, the router searches tftp, and if not, will run setup
350. boot sequence
nvram, flash, tftp, or rom (partial ios) rommon 1> means ios in flash
invalid or corrupt and admin should attempt ios transfer from tftp
Page 26
351. rommon is an
operating system used for hw troubleshooting and password recovery. Also used
after break sequence
352. use a straight
through cable to connect a router to a switch.
353. you can connect
a pc to router using crossover cable.
Try this
354. connect pc to
router, crossed, switch to switch crossed
356. if serial 0/0 is
down, layer 1 or incorrect cable is being used
357. a serial
interface on a router would be used for a t1 connect
359. rip v2 supports
authentication, is classless and has the same max hop count as 1
360. DV’s use split
horizon and hold down timers to avoid
routing loops
361. for dynamic
routing in hub and spoke topologies configure subinterfaces and define each as
point to point
362. for rip [120/2]
means default admin distance, and two hops away
363. use disco to get
rid of a vty line from the hosting router, use exit from the router you moved
to
364. you can set a
vty line to one line by; line vty 0 and it works
365. if a router is
set up with ip addressing and telnet is enabled you can connect to the router,
Ethernet to Ethernet using a crossed cable
366. connect to a
router’s console port using a rolled cable from your pc
367. disco, sh sess
and resume are valid commands to manage telnet TO other routers
368. transport input
ssh will configure ssh connectivity only
369. global config =
router(config)#
page 27
371. if a router is
up down on a serial int possible problems are clock rate, encap and/or no
keepalives.
372. issue command no
shut when an interface is administratively down
373. sh interfaces
gives you the configurable parameters and stats of all interfaces
374. in full duplex
mode there should never be any collisions on an interface
375. there is no e0
on the router just fe’s
376. when an
interface is admin down, issue no shut on the int
377. keep alives are
essential to line protocol up status
379. to use telnet on
a remote router make sure the remote router’s vty’s are configured
380. to check the
protocol (ip) stack ping the loopback
381. the ip stack for
a pc is checked by issuing ping 127.0.0.1… it is working if there is an icmp
reply
383. extended ping is
not available from user mode, and cannot specify tcp or udp ports
384. echo request and
reply are the two most common pair that will be seen
385. destination host
unreachable- no local or remote route exists for a destination host
386. tricky, you know
static routes but if no AD is presented, it uses the default AD… be careful
read the fucking question
387. to establish a
static route, use the ip route command, dest net and mask and either next hop
ip or local outgoing interface
Page 28
388. format for
default route is ip route 0.0.0.0 0.0.0.0 ip address of next hop
389. static routes
are good for isp to stub networks
390. static route is
ip route dest net mask next hop ip and AD if applicable
391. to get to
network, use next hop or local outgoing interface… that is a static route
392. for default route use 0.0.0.0 0.0.0.0 ip of next hop or local outgoing interface
392. for default route use 0.0.0.0 0.0.0.0 ip of next hop or local outgoing interface
393. ip route 0.0.0.0
0.0.0.0 s/0 or ip address of next hop
394. correct see
diagram
395. static routes
are good for stubs
396. a static route
is primarily used for packets sent to a remote network for which a routing
protocol has not been configured.
397. flash is the
default storage area for IOS
398. start is
normally saved in nvram
399. 0x2102 is normal
boot for a router… review diagram here
400. before copy tftp
flash ensure connectivity to tftp server
402. flash, tftp then
rommon boot sequence
403. 0x2142 means
boot w/o start in nvram
404. with 0x2142 the
router bypasses start in nvram and goes to set up… check this
405. use copy flash
tftp to back up ios to tftp server
407. verify memory
and flash before upgrading
page 29
409. show ver will
show you the config-register
410. router# is the
enable prompt
411. a command from
global config mode is global and affects
the entire router
412. sh ver and sh
flash will give the ios image file
413. check the
config-register setting before rebooting to make sure it is 0x2102
414. copy from to,
copy from to. Copy from to….
415. wrong subnet…
correct but look at it again
416. 3 minimum
requirements for tftp transfer tftp server running, ip address and tftp must be
in same subnet
417. from an ios name
can be determined feature capabilities, hardware platform, run location
418. sh flaqsh will
give you size and used
419. sh version will
give the amount of ram and flash plus file name… show flash will give used
space and ios name plus total space available
420. to back uo ios
make sure the server is accessible, has room, verify naming and path
conventions
421. sh ver gives the
ios running in ram review the graphic
422. the graphic is
mismarked ignore
423. rip uses hop
count, eigrp has lower admin distance than ospf, and eigrp load balances by
default for equal cost paths
424. ospf uses a
hierarchical design to speed convergence, to confine instability to single
areas, and to reduce routing overhead REVIEW hierarchical design
page 30
425. OSPF provides
scalability, vlsm, interoperability and minimal overhead
426. IGRP and EIGRP
support unequal cost path load balancing or variance.
427. only eigrp will
support multiple protocols, ip appletalk and ipx because of built in pdm’s,
protocol dependant modules.
428. eigrp, rip2 and
ospf all support vlam and route summarization
429. ospf is-is eigrp
bgp and rip2 support vlsm
430. rip1 igrp do not
support vlsm
431. eigrp supports
multiple protocols, appletalk, ip, ipx because of pdm, and cidr and vlsm
433. rip2, eigrp and
ospf support vlsm, which is required by
the diagram
434. with ip subnets
and variable length masks vlsm, rip2 eigrp or ospf
435. vlsm support is
provided by ospf, eigrp and rip2
436. ospf is cpu
intensive, and requires lots of memory, ripv2 does not
437. ospf rip2 and
eigrp support vlsm
438. a static route
has an AD of 1, directly connected 0
439. to force a route
to be selected versus ospf and rip, lower the AD for rip below that of ospf
440. static routes,
review
441. ospf beats eigrp
when all things equal except size (amount of routers)
442. eigrp uses
bandwidth and delay of the line as metrics by default
443. rip2 ospf and
eigrp minimize the complexity of discontiguous networks
444. split horizon
and poison reverse are two methods of preventing routing loops. Split
445. rip2 ospf and
eigrp are prone to less problems in discontiguous networks
446. link state
routing (ospf, is-is) is defined by exchanging triggered updates, routing
packets based on shortest path, and every router in an ospf area is capable of representing
the entire network topology
447. correct, but
this question’s answer for DV is dubious, review
448. split horizon
states that a routing update will never be sent out the same interface upon
which the udate was received.
449. ripv2 supports
classless routing and vlsm is allowed
450. rip uses hop
count as its determining path metric, while eigrp uses bandwidth
451. ospf is not
vendor specific, unlike eigrp, and it operates within a hierarchy. The largest entity is the autonomous system,
a collection of networks under a common administration that shares a routing
strategy.
452. review big time
453. link state
algorithms sned only the portion of its routing table that describes the state
of its links. Link state’s send small portions of tables everywhere whereas
DV’s send all or portions only to neighbors
454. in subnet masks
only bits set to 1 are acted upon… in wildcard masks only bits set to 0 are
acted upon. Remember this. Care, don’t
care. Subnet masks 1 = care, wildcard masks 0 bits = care
456. dr and bdr are
elcted on broadcast and non-broadcast multi access networks… review this
page 32.
457. hello and dead timers for routers to create and
adjacency have to be the same
458. OSPF CANNOT use
process id 0… OSPF cannot use process id
0
459. in point to
point ospf there is no need for a dr or bdr election. By definition only two routers exist on a
point to point connection.
460. the highest
number interface would be the router id in ospf, unless it is shutdown, then
ospf would choose the next lower id
461. in ospf area 0
is known as the backbone and multiple ospf area must connect to area 0
462. bandwidth
calculation… if bw =64kbps, that is
(default 100,000,00) /64000 or 1562.5
463. the hierarchical
design of ospf reduce routing overhead, it doesn’t route between AS’s, uses
cost for its metric, supports vlsm, uses short hello messages at a regular
interval … review for more
464. for ospf,
multiple areas must connect to area 0 and area 0 is called the backbone
465. bdr’s and dr’s
are elected in non-broadcast multi access networks and broadcast networks.
466. ways to make a
router ; configure an interface to a higher value than any other on the
network, configure a higher loopback address higher than the rest, or set the
others to zero… this will not take effect until routers reboot
467. ospf on the wan
maintains neighbor relationships and provides dynamic neighbor discovery
468. 224.0.0.5 is the
ospf multicast address point to point links are no different
469. the process id
is locally significant and it is used to identify a unique instance of the ospf
database
470. the highest
loopback address will be the router id, no loopback and it will go to highest
active interface
Page 32
471. for interfaces
to participate in ospf they have to fall within the vlsm area of the network
statement
472. sh ip ospf int
fa0/0 will give dr and bdr information… s0/0 will not because it is point to
point on my network
473. hello and dead
timers must match for an adjacency to form
474. for ospf the
wildcard mask is inverse
475. for neighbor
adjacency routers must be in the same area
476. the dr is
responsible for making adjacencies with all neighbors on a multi-access
networkb. The bdr backs up the dr if the dr fails. In interface config mode set a priority from
0-255 manually with ip ospf priority (number)
477. timers, hello
and dead and subnet masks must match for an adjacency to form, and area
480. the hello
protocol in opsf provides dynamic neighbor discovery, and maintain neighbor
relationships
481. for router id,
the hifhest logical (loopback address) is used for determination. If none exist, highest ACTIVE physical
interface address
482. with point to
point connections there is no need for a designated router or bdr
election. In broadcast and multicast
network, elections occur. The backbone area 0 is not a network type, rather a
collection of links.
483. traits of ospf network,
area 0 is the backbone area, multiple areas are not required but multiple areas
must connect to area 0
484. the AD of ospf
is 110
Page 33
485. hello packets are
what are used by ospf to keep up with neighbor states (links)
487. a loopback
interface creates stability for the routing process (database) and specifies
its router id
488. d is the letter
designation for EIGRP
THIS is the successor...
the default is four equal cost paths for determination, but this can be adjusted to include more or less paths... equal is a relative term and allowances can be determined using variance (to establish near equality)
a feasible successor is a path determined close, but not best after the calculation... this so called backup neighbor may be placed in the topology table and utilized in the event of successor failure
bandwidth and delay are EIGRP's default calculators... load and reliability can also be considered... see below...
r2620_01#sh int fa0/0
fastEthernet0/0 is up, line protocol is up
Hardware is AmdFE, address is 000f.2394.6c40 (bia 000f.2394.6c40)
Internet address is 192.168.1.50/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
490. network
statements under routing protocols need to advertise all interface networks
page 34
491. the eigrp
topology table shows all routes to a destination
492. summary… correct
493. to enable
eigrp… router eigrp 1, network number
494. incorrect look
again
495. eigrp maintains
a neighbor table and topology table in ram through hello and update
packet. Review eigrp tables
496. use no auto-summ
in eigrp to get specific subnets
497. review eigrp
498. sh ip eigrp
neighbors contains ip addresses of adjacent neighbors
499. turn off
auto-summ on eigrp to get non-summarized neighbors
500. sh ip eigrp
route will show only eigrp learned routes, versus sh ip route which will show
all routes
501. debug ip eigrp
will give you all eigrp related activities in real time.
502. eigrp as’s must
match and eigrp needs to be turned on for all routers
503. unfair
question. Review
504. correct, but
review
505. eigrp summarizes
at network boundaries. Turn that shit
off for discontiguous networks
506. the eigrp
composite metric is 32 bits and can support external routes (those supported by
another routing protocol
507. a feasible
successor in EIGRP is known as a backup route and stored in the topology table.
Feasible distance the lowest calculated metric to each
distance
Feasibility condition
is met if a neighbor’s advertised distance is lower than the router’s
feasible destination to that network
Page 35
508. successor, still
not clear
509. if a successor
fails and there is no feasible successor, the router sends queries out to
neighbors until a new successor is found
510. if a successor
is in active status (go into active state here) and there is no feasible
successor, the router sends a multicast query for available routing paths to
that destination.
511. telnet sends
text in the plain and the destination device has to be configured to accept a
session
512. ping trace sh
int and sh ip route are great tools to troubleshoot ip connectivity on a router
513. ping verifies
connectivity between hosts using icmp echo messages
514. if a link is
down the router on that link will send a destination unreachable message to the
originating host. Lab this
515. icmp sends an
echo request to test connectivity
516. every interface
is a broadcast domain on a router
517. rip will make a
route invalid after 30 seconds (remove it from the table) review lab this
518. ip classless
will allow a router to forward a packet that is destined for a classful
discontiguous network
519. serial
interfaces need to be on the same subnet for routers to communicate and they
are usually configured with a /30
520. see diagram,
correct
521. correct but see
diagram
522. runts are the result of faulty nics, collisions, duplex
mismatch, or trunk issue review
523. sh proc issues
details about active processes. Check
cpu utilization before debugging
page 36
524. use sho cdp
neigh det to verify layer 2 connectivity from one router to another and also
see the ip address of the neighbor
525. in a frame
network use sh int sh frame map and sh frame pvc to troubleshoot connectivity… back to the lab on frame REVIEW p-to-p
multipoint subs, the whole smash
526. use term mon to
display info to the terminal if telnetted to a remote router
527. sh interfaces is
usually the first troubleshooting step in connectivity from a router
528. line vty 0 pass
cisco login will enable telnet on line 0
529. the telnet
password is mandatory
530. make telnet
available with the above commands and lock it up with access-class on the lines
in vty config
531. service
password-encry enables encryption on all current and future passwords.
532. use banner motd
for messages upon login to telnet review this stupid shit
533. the enable
secret always takes precedence
534. service
password-encry encrypts all passwords, new or old
535. be careful… vty
access can be prohibited by a password and acl
536. review big time
537. 802.11b is 11meg
802.11a and g are 54… review all wireless
538. 802.11 is IEEE
wi-fi standard… wi-fi alliance sets interoperability standards
539. dsss is spread
spectrum technology… review wireless
540. bss basic
service set, peer to peer review
541. cordless phones
antenna type or direction and metal file cabinets can all cause wireless
problems
page 37
542. using an access
point defines ess, review channel distribution here
543. wpa specifies
the use of dynamic encryption keys, and includes authentication by psk
544. wpa is defined
by psk authentication and dynamic encryption keys
545. wpa keys are
dynamic and can change while the system is being used
546. if an access
point has broadcasting disabled, set the ssid to match that which is configured
on the AP
547. IR has a high
data rate but limited distance, and require line of sight
548. microwave ovens
and cordless phones can interfere with wireless networks because they operate
on similar freq’s
549. physical
security is perhaps the first line of security in a network
550 a DoS attack is defined by a flood of tcp packets
requesting server connection. To make it unavailable. SYN flood
551. from the outside
in, use a firewall to restrict access and ssh to obtain access to network
devices.
552. line vty 0
password cisco login
553. ids and ips? Are
intrusion detection systems… what the
fuck is ips.
554. use a vlan to
segregate student groups from faculty
555. 3 good reasons
to assign ports to vlans, isolate broadcast traffic, logically group hosts
according to function, increase network security
556. line cons 0,
password, login
557. use cdp to enable layer 2 identification in a
network. Use no cdp enable on an
interface facing the internet to avoid cdp exploitation on the inside
originating from the wild while keeping it on the inside network
page 38
558. extended acl’s
can be used with source and destination ip’s, protocol, and ycp and udp port
numbers
559. use acl’s to
filter traffic as it passes through a router and to control vty access
560. inbound acl’s
are processed as part of ingress, outbound as part of egress
561. acl’s can
identify interesting traffic for ddr in isdn networks and can provide ip route
filtering among others
562. with named
acl’s, specify whether standard or extended, individual statemements can be
deleted and you can use the ip access-list command to create them
563. standard acl’s
filter on source address only
564. acls are used to
filter traffic as it passes through a router and for vty security
565. named
access-lists can have individual statements deleted, must be specified standard
or extended and can be created with the command, ip access-list
566. standard acl’s
should be placed close to the destination, while extended should be placed
close to the source. Because extended
acl’s have destination information, place it as close to the source as possible
so the filtering happens before it traverses
567. correct see
diagram
568. block icmp to
prevent pings, ie, ip access-list ext no_ping
deny icmp any any echo
permit ip any any
ip access-group no_pings in
569. use vlans and
acl’s to increase security in a network
No comments:
Post a Comment