Pages

Friday, December 28, 2012

OSPF - LSAs!!














The OSPF version we use today is version 2. The packet type identifies the actual OSPF message type that is carried in the packet data area at the bottom. The OSPF packet length describes the number of bytes  of the OSPF packet including the OSPF header. Router and Area IDs identify the originator of this packet. If a packet is sent over the virtual link , the Area ID will be 0.0.0.0, because virtual links are considered part of the backbone area. The checksum is calculates over the entire packet including the header.
Three authentication types had been defined.
0 = No authentication
1 = Simple clear text password authentication
2 = MD5 checksum
If the authentication Type =1 , then a 64 bit clear text password is carried in the authentication fields. If the Authentication Type =2 , then the authentication fileds contain a key –ID , the length of the message digest, and a nondecresing cryptographic sequence number to prevent replay attacks . The actual message digest would be appended at the end of the packet.
The efficiency of routing updates also depends on the maximum transfer unit (MTU) defined . Cisco defined a MTU of 1500 bytes for OSPF.



The network mask must match the mask on the receiving interface , ensuring that they share a segment and network.
The Options filed is also used by other message types. If the Router Priority is set to zero this router cannot become DR or BDR.
Note that the fields “DR” and “BDR” only contain the interface IP address of the DR or BDR on that network, not the router ID!!
If these numbers are unknown or not necessary (other network type) then these fields are set to 0.0.0.0

It is important to know that neighbors must have configured identical hello and dead intervals



The DD sequence number is set by the master to some unique value in the first DD packet. This number will be incremented in subsequent packets.



Note that the Link State Request Packet uniquely identifies the LSA by Type , ID, and advertising router fields of its header. It does not include the sequence number , checksum, and age, because the requester is not  interested in a specific instance of the LSA but in the most recent instance .





All LSAs have the LSA header at the beginning. The LSA header is also used in DBD and LSAck packets.
The Age is incremented by InfTansDelay  seconds at each router interface this LSA exists. The Age is also incremented in seconds as it resides in a link state database.
The Options field describes optional capabilities supported at that topological portion described by this LSA.
The LSA Type describes which information is carried in the LSA body. Here the structural differences between Router LSAs, Network LSAs, etc are identified.
The Link State ID is used differently by the LSA types. Basically this field contains some information identifying the topological portion described by this LSA. For example a Router ID or an interface address is used here. The following slides will explain this field for each LSA type.
The Router ID identifies the originating router of this LSA .
The Sequence Number helps routers to identify the most recent instance of this LSA.

The Checksum is so called 8 bit Fletcher checksum , providing more protection than traditional checksum methods such as TCP. The first eight bits contain the 1’s complement sum of all octects, while the second eight bits contain a high-order sum of running sums.


Router LSAs are generated by all OSPF routers and must describe all links of the originating router!
The V-bit (virtual link endpoint) is set to one if the originating router is a virtual link endpoint and this area is a transit area. The E-bit (External) is set if the originating router is an ASBR . The B-bit (Border ) is set if the originating router is an ASBR.
The Link ID and Link Data depend on the Link Type field which describes the general type of connection the link provides.
Link Type 1 is a point –to-point link , the link ID describes the Neighbor Router ID and the Link data field contains the IP address of the originating router’s interface to the network.
Link Type 2 is a link to a transit network , the Link ID describes the interface address of the DR and the Link data field contains the IP address of the originating router’s interface to the network.
Link Type 3 is a  link to stub network, the Link ID describes the IP network number or subnet address and the Link data field contains the network’s IP address or subnet mask.
Link Type 4 is a virtual link , the Link ID describes the neighboring  router’s Router ID and the Link Data contains the MIB-II ifIndex value for the originating router’s interface.
Number of TOS specifies the number of TOS metrics listed for this link. For each TOS an additional line is appended to this link state section.  Generally , TOS is not used today anymore and the Number of TOS field is set to all zero.
Metric is the cost of the interface that established this link.



Network LSAs are originated by DRs and describe the multi-access network and all routers attached to it , including the DR.



Network Summary LSA is originated by an ABR and advertises networks external to an area.



A ASBR summary LSA is originated by an AR and advertises ASBRs external to an area.




http://packetlife.net/blog/2008/jun/24/ospf-area-types/
 http://cisco.iphelp.ru/faq/5/ch08lev1sec2.html

Monday, December 24, 2012

CCNP Switch MCQ!!


Chapter 2:

1. Which of the following devices performs transparent bridging?
a. Ethernet hub
b. Layer 2 switch
c. Layer 3 switch
d. Router

2. When a PC is connected to a Layer 2 switch port, how far does the collision domain
spread?
a. No collision domain exists.
b. One switch port.
c. One VLAN.
d. All ports on the switch.

3. What information is used to forward frames in a Layer 2 switch?
a. Source MAC address
b. Destination MAC address
c. Source switch port
d. IP addresses

4. What does a switch do if a MAC address cannot be found in the CAM table?
a. The frame is forwarded to the default port.
b. The switch generates an ARP request for the address.
c. The switch floods the frame out all ports (except the receiving port).--
d. The switch drops the frame.

5. In the Catalyst 6500, frames can be filtered with access lists for security and QoS
purposes. This filtering occurs according to which of the following?
a. Before a CAM table lookup
b. After a CAM table lookup
c. Simultaneously with a CAM table lookup
d. According to how the access lists are configured-

6. Access list contents can be merged into which of the following?
a. CAM table
b. TCAM table
c. FIB table--
d. ARP table

7. Multilayer switches using CEF are based on which of these techniques?
a. Route caching -
b. Netflow switching
c. Topology-based switching

8. Which answer describes multilayer switching with CEF?
a. The first packet is routed and then the flow is cached.--
b. The switch supervisor CPU forwards each packet.
c. The switching hardware learns station addresses and builds a routing database.
d. A single database of routing information is built for the switching hardware.

9. In a switch, frames are placed in which buffer after forwarding decisions are made?
a. Ingress queues
b. Egress queues
c. CAM table -
d. TCAM

10. What size are the mask and pattern fields in a TCAM entry?
a. 64 bits
b. 128 bits
c. 134 bits
d. 168 bits

11. Access list rules are compiled as TCAM entries. When a packet is matched against an
access list, in what order are the TCAM entries evaluated?
a. Sequentially in the order of the original access list.--
b. Numerically by the access list number.
c. Alphabetically by the access list name.
d. All entries are evaluated in parallel.

12. Which Catalyst IOS command can you use to display the addresses in the CAM table?
a. show cam
b. show mac address-table --
c. show mac
d. show cam address-table


Chapter 3:

1. What does the IEEE 802.3 standard define?
a. Spanning Tree Protocol
b. Token Ring
c. Ethernet --
d. Switched Ethernet

2. At what layer are traditional 10-Mbps Ethernet, Fast Ethernet, and Gigabit Ethernet
the same?
a. Layer 1
b. Layer 2==
c. Layer 3
d. Layer 4

3. At what layer are traditional 10-Mbps Ethernet, Fast Ethernet, and Gigabit Ethernet
different?
a. Layer 1
b. Layer 2
c. Layer 3
d. Layer 4

4. What is the maximum cable distance for a Category 5 100BASE-TX connection?
a. 100 feet
b. 100 m
c. 328 m
d. 500 m

5. Ethernet autonegotiation determines which of the following?
a. Spanning-tree mode
b. Duplex mode
c. Quality of service mode
d. Error threshold

6. Which of the following cannot be automatically determined and set if the far end of
a connection doesn’t support autonegotiation?
a. Link speed
b. Link duplex mode-
c. Link media type
d. MAC address


7. Which of these is not a standard type of gigabit interface converter (GBIC) or small
form factor pluggable (SFP) module?
a. 1000BASE-LX/LH
b. 1000BASE-T
c. 1000BASE-FX
d. 1000BASE-ZX

8. What type of cable should you use to connect two switches back to back using their
Fast Ethernet 10/100 ports?
a. Rollover cable
b. Transfer cable
c. Crossover cable -
d. Straight-through cable

9. Assume that you have just entered the configure terminal command. To configure
the speed of the first Fast Ethernet interface on Cisco Catalyst switch module number
one to 100 Mbps, which one of these commands should you enter first?
a. speed 100 mbps
b. speed 100
c. interface fastethernet 1/0/1--
d. interface fast ethernet 1/0/1

10. If a switch port is in the errdisable state, what is the first thing you should do?
a. Reload the switch.
b. Use the clear errdisable port command.
c. Use the shut and no shut interface-configuration commands.
d. Determine the cause of the problem.-

11. Which of the following show interface output information can you use to diagnose a
switch port problem?
a. Port state.
b. Port speed.
c. Input errors.
d. Collisions.
e. All these answers are correct.

Chapter 4:
1. A VLAN is which of the following?
a. Collision domain
b. Spanning-tree domain
c. Broadcast domain--
d. VTP domain

2. Switches provide VLAN connectivity at which layer of the OSI model?
a. Layer 1
b. Layer 2-
c. Layer 3
d. Layer 4

3. Which one of the following is needed to pass data between two PCs, each connected
to a different VLAN?
a. Layer 2 switch
b. Layer 3 switch
c. Trunk
d. Tunnel

4. Which Catalyst IOS switch command is used to assign a port to a VLAN?
a. access vlan vlan-id
b. switchport access vlan vlan-id-
c. vlan vlan-id
d. set port vlan vlan-id

5. Which of the following is a standardized method of trunk encapsulation?
a. 802.1d
b. 802.1Q--
c. 802.3z
d. 802.1a

6. What is the Cisco proprietary method for trunk encapsulation?
a. CDP
b. EIGRP
c. ISL--
d. DSL

7. Which of these protocols dynamically negotiates trunking parameters?
a. PAgP
b. STP
c. CDP
d. DTP--


8. How many different VLANs can an 802.1Q trunk support?
a. 256
b. 1024
c. 4096-
d. 32,768
e. 65,536

9. Which of the following incorrectly describes a native VLAN?
a. Frames are untagged on an 802.1Q trunk.
b. Frames are untagged on an ISL trunk.--
c. Frames can be interpreted by a nontrunking host.
d. The native VLAN can be configured for each trunking port.

10. If two switches each support all types of trunk encapsulation on a link between
them, which one will be negotiated?
a. ISL
b. 802.1Q-
c. DTP
d. VTP

11. Which VLANs are allowed on a trunk link by default?
a. None
b. Only the native VLAN--
c. All active VLANs
d. Only negotiated VLANs

12. Which command configures a switch port to form a trunk without using negotiation?
a. switchport mode trunk--
b. switchport mode trunk nonegotiate
c. switchport mode dynamic auto
d. switchport mode dynamic desirable

13. Two hosts are connected to switch interfaces Fast Ethernet 0/1 and 0/33, but they
cannot communicate with each other. Their IP addresses are in the 192.168.10.0/24
subnet, which is carried over VLAN 10. The show vlan id 10 command generates the
following output:
Switch# show vlan id 10
VLAN Name Status Ports
—— ———————————————— ————- ———————————————
-
Users active Fa0/1, Fa0/2, Fa0/3, Fa0/4,
Fa0/5, Fa0/6, Fa0/7, Fa0/8,
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16,
Fa0/17, Fa0/18, Fa0/19, Fa0/20,
Fa0/21, Fa0/22, Fa0/23, Fa0/25,
Fa0/26, Fa0/27, Fa0/28, Fa0/31,
Fa0/32, Fa0/34, Fa0/35, Fa0/36,
Fa0/37, Fa0/39, Fa0/40, Fa0/41,
Fa0/42, Fa0/43, Fa0/46
The hosts are known to be up and connected. Which of the following reasons might
be causing the problem?
a. The two hosts are assigned to VLAN 1.
b. The two hosts are assigned to different VLANs.
c. Interface FastEthernet0/33 is a VLAN trunk.
d. The two hosts are using unregistered MAC addresses.


14. A trunk link between two switches did not come up as expected. The configuration
on Switch A is as follows:
Switch A# show running-config interface gigabitethernet0/1
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-10
switchport mode dynamic auto
no shutdown
The interface configuration on Switch B is as follows:
Switch B# show running-config interface gigabitethernet0/1
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode dynamic auto
switchport access vlan 5
no shutdown
Which one of the following reasons is probably causing the problem?
a. The two switches don’t have matching switchport trunk allowed vlan
commands.
b. Neither switch has a native VLAN configured.
c. Both switches are configured in the dynamic auto mode.
d. Switch B is configured to use access VLAN 5.--


Chapter 5:

1. Which of the following is not a Catalyst switch VTP mode?
a. Server
b. Client
c. Designated-
d. Transparent

2. A switch in VTP transparent mode can do which one of the following?
a. Create a new VLAN
b. Only listen to VTP advertisements
c. Send its own VTP advertisements
d. Cannot make VLAN configuration changes

3. Which one of the following is a valid VTP advertisement?
a. Triggered update
b. VLAN database -
c. Subset
d. Domain

4. Which one of the following is needed for VTP communication?
a. A Management VLAN
b. A Trunk link -
c. An Access VLAN
d. An IP address

5. Which one of the following VTP modes does not allow any manual VLAN configuration
changes?
a. Server
b. Client -
c. Designated
d. Transparent

6. Select all the parameters that decide whether to accept new VTP information:
a. VTP priority
b. VTP domain name
c. Configuration revision number -
d. VTP server name

7. How many VTP management domains can a Catalyst switch participate in?
a. 1=
b. 2
c. Unlimited
d. 4096


8. Which IOS command configures a Catalyst switch for VTP client mode?
a. set vtp mode client-
b. vtp client
c. vtp mode client
d. vtp client mode

9. What is the purpose of VTP pruning?
a. Limit the number of VLANs in a domain
b. Stop unnecessary VTP advertisements-
c. Limit the extent of broadcast traffic
d. Limit the size of the virtual tree

10. Which VLAN number is never eligible for VTP pruning?
a. 0
b. 1-
c. 1000
d. 1001

11. Which of the following might present a VTP problem?
a. Two or more VTP servers in a domain-
b. Two servers with the same configuration revision number
c. A server in two domains
d. A new server with a higher configuration revision number

12. If a VTP server is configured for VTP version 2, what else must happen for successful
VTP communication in a domain?
a. A VTP version 2 password must be set.
b. All other switches in the domain must be version 2 capable.-
c. All other switches must be configured for VTP version 2.
d. The VTP configuration revision number must be reset

Chapter 6:

1. If Fast Ethernet ports are bundled into an EtherChannel, what is the maximum
throughput supported on a Catalyst switch?
a. 100 Mbps--
b. 200 Mbps
c. 400 Mbps
d. 800 Mbps
e. 1600 Mbps

2. Which of these methods distributes traffic over an EtherChannel?
a. Round robin-
b. Least-used link
c. A function of address
d. A function of packet size

3. What type of interface represents an EtherChannel as a whole?
a. Channel
b. Port
c. Port channel
d. Channel port -

4. Which of the following is not a valid method for EtherChannel load balancing?
a. Source MAC address
b. Source and destination MAC addresses
c. Source IP address
d. IP precedence
e. UDP/TCP port

5. How can the EtherChannel load-balancing method be set?
a. Per switch port
b. Per EtherChannel
c. Globally per switch
d. Can’t be configured

6. What logical operation is performed to calculate EtherChannel load balancing as a
function of two addresses?
a. OR
b. AND
c. XOR
d. NOR

7. Which one of the following is a valid combination of ports for an EtherChannel?
a. Two access links (one VLAN 5, one VLAN 5)
b. Two access links (one VLAN 1, one VLAN 10)
c. Two trunk links (one VLANs 1 to 10, one VLANs 1, 11 to 20)
d. Two Fast Ethernet links (both full duplex, one 10 Mbps)

8. Which of these is a method for negotiating an EtherChannel?
a. PAP
b. CHAP
c. LAPD
d. LACP

9. Which of the following is a valid EtherChannel negotiation mode combination between
two switches?
a. PAgP auto, PAgP auto
b. PAgP auto, PAgP desirable
c. on, PAgP auto
d. LACP passive, LACP passive

10. When is PAgP’s “desirable silent” mode useful?
a. When the switch should not send PAgP frames
b. When the switch should not form an EtherChannel
c. When the switch should not expect to receive PAgP frames
d. When the switch is using LACP mode

11. Which of the following EtherChannel modes does not send or receive any negotiation
frames?
a. channel-group 1 mode passive
b. channel-group 1 mode active
c. channel-group 1 mode on
d. channel-group 1 mode desirable
e. channel-group 1 mode auto

12. Two computers are the only hosts sending IP data across an EtherChannel between
two switches. Several different applications are being used between them. Which of
these load-balancing methods would be more likely to use the most links in the
EtherChannel?
a. Source and destination MAC addresses.
b. Source and destination IP addresses.
c. Source and destination TCP/UDP ports.
d. None of the other answers is correct.

13. Which command can be used to see the status of an EtherChannel’s links?
a. show channel link
b. show etherchannel status--
c. show etherchannel summary
d. show ether channel status

Chapter 7:

1. How is a bridging loop best described?
a. A loop formed between switches for redundancy-
b. A loop formed by the Spanning Tree Protocol
c. A loop formed between switches where frames circulate endlessly
d. The round-trip path a frame takes from source to destination

2. Which of these is one of the parameters used to elect a root bridge?
a. Root path cost
b. Path cost
c. Bridge priority -
d. BPDU revision number

3. If all switches in a network are left at their default STP values, which one of the following
is not true?
a. The root bridge will be the switch with the lowest MAC address.-
b. The root bridge will be the switch with the highest MAC address.
c. One or more switches will have a bridge priority of 32,768.
d. A secondary root bridge will be present on the network.

4. Configuration BPDUs are originated by which of the following?
a. All switches in the STP domain
b. Only the root bridge switch -
c. Only the switch that detects a topology change
d. Only the secondary root bridge when it takes over

5. Which of these is the single most important design decision to be made in a network
running STP?
a. Removing any redundant links--
b. Making sure all switches run the same version of IEEE 802.1D
c. Root bridge placement
d. Making sure all switches have redundant links

6. What happens to a port that is neither a root port nor a designated port?
a. It is available for normal use.
b. It can be used for load balancing.
c. It is put into the Blocking state.--
d. It is disabled.

7. What is the maximum number of root ports that a Catalyst switch can have?
a. 1--
b. 2
c. Unlimited
d. None

8. What mechanism is used to set STP timer values for all switches in a network?
a. Configuring the timers on every switch in the network.
b. Configuring the timers on the root bridge switch.--
c. Configuring the timers on both primary and secondary root bridge
switches.
d. The timers can’t be adjusted.

9. MAC addresses can be placed into the CAM table, but no data can be sent or received
if a switch port is in which of the following STP states?
a. Blocking
b. Forwarding
c. Listening--
d. Learning

10. What is the default “hello” time for IEEE 802.1D?
a. 1 second
b. 2 seconds--
c. 30 seconds
d. 60 seconds

11. Which of the following is the Spanning Tree Protocol defined in the IEEE 802.1Q
standard?
a. PVST--
b. CST
c. EST
d. MST

12. If a switch has 10 VLANs defined and active, how many instances of STP will run using
PVST+ versus CST?
a. 1 for PVST+, 1 for CST
b. 1 for PVST+, 10 for CST
c. 10 for PVST+, 1 for CST
d. 10 for PVST+, 10 for CST


Chapter 8:

1. Where should the root bridge be placed on a network?
a. On the fastest switch --
b. Closest to the most users
c. Closest to the center of the network
d. On the least-used switch

2. Which of the following is a result of a poorly placed root bridge in a network?
a. Bridging loops form.
b. STP topology can’t be resolved.
c. STP topology can take unexpected paths.
d. Root bridge election flapping occurs.--

3. Which of these parameters should you change to make a switch become a root bridge?
a. Switch MAC address
b. Path cost
c. Port priority
d. Bridge priority--

4. What is the default 802.1D STP bridge priority on a Catalyst switch?
a. 0
b. 1
c. 32,768-
d. 65,535

5. Which of the following commands is most likely to make a switch become the root
bridge for VLAN 5, assuming that all switches have the default STP parameters?
a. spanning-tree root
b. spanning-tree root vlan 5 -
c. spanning-tree vlan 5 priority 100
d. spanning-tree vlan 5 root

6. What is the default path cost of a Gigabit Ethernet switch port?
a. 1
b. 2
c. 4
d. 19 -
e. 1000

7. What command can change the path cost of interface Gigabit Ethernet 3/1 to a
value of 8?
a. spanning-tree path-cost 8
b. spanning-tree cost 8 -
c. spanning-tree port-cost 8
d. spanning-tree gig 3/1 cost 8

8. What happens if the root bridge switch and another switch are configured with different
STP Hello timer values?
a. Nothing—each sends hellos at different times.--
b. A bridging loop could form because the two switches are out of sync.
c. The switch with the lower Hello timer becomes the root bridge.
d. The other switch changes its Hello timer to match the root bridge

9. What network diameter value is the basis for the default STP timer calculations?
a. 1
b. 3
c. 7
d. 9
e. 15

10. Where should the STP PortFast feature be used?
a. An access-layer switch port connected to a PC-
b. An access-layer switch port connected to a hub
c. A distribution-layer switch port connected to an access layer switch
d. A core-layer switch port

11. Where should the STP UplinkFast feature be enabled?
a. An access-layer switch.--
b. A distribution-layer switch.
c. A core-layer switch.
d. All these answers are correct.

12. If used, the STP BackboneFast feature should be enabled on which of these?
a. All backbone- or core-layer switches
b. All backbone- and distribution-layer switches
c. All access-layer switches-
d. All switches in the network

13. Which one of the following commands can be used to verify the current root bridge
in VLAN 10?
a. show root vlan 10
b. show root-bridge vlan 10
c. show spanning-tree vlan 10 root
d. show running-config --


Chapter 9:

1. Why is it important to protect the placement of the root bridge?
a. To keep two root bridges from becoming active
b. To keep the STP topology stable--
c. So all hosts have the correct gateway
d. So the root bridge can have complete knowledge of the STP topology

2. Which of the following features protects a switch port from accepting superior BPDUs?
a. STP Loop Guard
b. STP BPDU Guard--
c. STP Root Guard
d. UDLD

3. Which of the following commands can you use to enable STP Root Guard on a
switch port?
a. spanning-tree root guard
b. spanning-tree root-guard
c. spanning-tree guard root
d. spanning-tree rootguard enable--

4. Where should the STP Root Guard feature be enabled on a switch?
a. All ports
b. Only ports where the root bridge should never appear
c. Only ports where the root bridge should be located-
d. Only ports with PortFast enabled

5. Which of the following features protects a switch port from accepting BPDUs when
PortFast is enabled?
a. STP Loop Guard
b. STP BPDU Guard-
c. STP Root Guard
d. UDLD

6. To maintain a loop-free STP topology, which one of the following should a switch uplink
be protected against?
a. A sudden loss of BPDUs
b. Too many BPDUs
c. The wrong version of BPDUs
d. BPDUs relayed from the root bridge

7. Which of the following commands can enable STP Loop Guard on a switch port?
a. spanning-tree loop guard-
b. spanning-tree guard loop
c. spanning-tree loop-guard
d. spanning-tree loopguard enable

8. STP Loop Guard detects which of the following conditions?
a. The sudden appearance of superior BPDUs
b. The sudden lack of BPDUs
c. The appearance of duplicate BPDUs-
d. The appearance of two root bridges

9. Which of the following features can actively test for the loss of the receive side of a
link between switches?
a. POST
b. BPDU
c. UDLD
d. STP

10. UDLD must detect a unidirectional link before which of the following?
a. The Max Age timer expires.
b. STP moves the link to the Blocking state.
c. STP moves the link to the Forwarding state.
d. STP moves the link to the Listening state.

11. What must a switch do when it receives a UDLD message on a link?
a. Relay the message on to other switches
b. Send a UDLD acknowledgment
c. Echo the message back across the link
d. Drop the message

12. Which of the following features effectively disables spanning-tree operation on a
switch port?
a. STP PortFast
b. STP BPDU filtering
c. STP BPDU Guard-
d. STP Root Guard

13. To reset switch ports that have been put into the errdisable mode by UDLD, which
one of the following commands should be used?
a. clear errdisable udld-
b. udld reset
c. no udld
d. show udld errdisable

Chapter 10:

1. Which one of the following commands enables the use of RSTP?
a. spanning-tree mode rapid-pvst--
b. no spanning-tree mode pvst
c. spanning-tree rstp
d. spanning-tree mode rstp
e. None. RSTP is enabled by default.

2. On which standard is RSTP based?
a. 802.1Q
b. 802.1D
c. 802.1w--
d. 802.1s

3. Which of the following is not a port state in RSTP?
a. Listening-
b. Learning
c. Discarding
d. Forwarding

4. When a switch running RSTP receives an 802.1D BPDU, what happens?
a. The BPDU is discarded or dropped.
b. An ICMP message is returned.
c. The switch begins to use 802.1D rules on that port.--
d. The switch disables RSTP.

5. When does an RSTP switch consider a neighbor to be down?
a. After three BPDUs are missed--
b. After six BPDUs are missed
c. After the Max Age timer expires
d. After the Forward timer expires

6. Which process is used during RSTP convergence?
a. BPDU propagation --
b. Synchronization
c. Forward timer expiration
d. BPDU

7. What causes RSTP to view a port as a point-to-point port?
a. Port speed
b. Port media-
c. Port duplex
d. Port priority

8. Which of the following events triggers a topology change with RSTP on a nonedge
port?
a. A port comes up or goes down.--
b. A port comes up.
c. A port goes down.
d. A port moves to the Forwarding state.

9. Which of the following is not a characteristic of MST?
a. A reduced number of STP instances
b. Fast STP convergence
c. Eliminated need for CST
d. Interoperability with PVST+

10. Which of the following standards defines the MST protocol?
a. 802.1Q
b. 802.1D
c. 802.1w
d. 802.1s

11. How many instances of STP are supported in the Cisco implementation of MST?
a. 1
b. 16
c. 256
d. 4096

12. What switch command can be used to change from PVST+ to MST?
a. spanning-tree mst enable
b. no spanning-tree pvst+
c. spanning-tree mode mst
d. spanning-tree mst

Chapter 11:

1. Which of the following arrangements can be considered interVLAN routing?
a. One switch, two VLANs, one connection to a router.--
b. One switch, two VLANs, two connections to a router.
c. Two switches, two VLANs, two connections to a router.
d. All of these answers are correct.

2. How many interfaces are needed in a “router on a stick” implementation for inter-
VLAN routing among four VLANs?
a. 1 --
b. 2
c. 4
d. Cannot be determined

3. Which of the following commands configures a switch port for Layer 2 operation?
a. switchport--
b. no switchport
c. ip address 192.168.199.1 255.255.255.0
d. no ip address

4. Which of the following commands configures a switch port for Layer 3 operation?
a. switchport
b. no switchport
c. ip address 192.168.199.1 255.255.255.0--
d. no ip address

5. Which one of the following interfaces is an SVI?
a. interface fastethernet 0/1
b. interface gigabit 0/1
c. interface vlan 1
d. interface svi 1--

6. What information must be learned before CEF can forward packets?
a. The source and destination of the first packet in a traffic flow
b. The MAC addresses of both the source and destination
c. The contents of the routing table--
d. The outbound port of the first packet in a flow

7. Which of the following best defines an adjacency?
a. Two switches connected by a common link.
b. Two contiguous routes in the FIB.--
c. Two multilayer switches connected by a common link.
d. The MAC address of a host is known.

8. Assume that CEF is active on a switch. What happens to a packet that arrives needing
fragmentation?
a. The packet is switched by CEF and kept intact.
b. The packet is fragmented by CEF.-
c. The packet is dropped.
d. The packet is sent to the Layer 3 engine.

9. Suppose that a host sends a packet to a destination IP address and that the CEFbased
switch does not yet have a valid MAC address for the destination. How is the
ARP entry (MAC address) of the next-hop destination in the FIB obtained?
a. The sending host must send an ARP request for it.--
b. The Layer 3 forwarding engine (CEF hardware) must send an ARP request
for it.
c. CEF must wait until the Layer 3 engine sends an ARP request for it.
d. All packets to the destination are dropped.

10. During a packet rewrite, what happens to the source MAC address?
a. There is no change.
b. It is changed to the destination MAC address.-
c. It is changed to the MAC address of the outbound Layer 3 switch interface.
d. It is changed to the MAC address of the next-hop destination.

11. What command can you use to view the CEF FIB table contents?
a. show fib
b. show ip cef fib
c. show ip cef--
d. show fib-table

12. Which one of the following answers represents configuration commands needed to
implement a DHCP relay function?
a. interface vlan 5
ip address 10.1.1.1 255.255.255.0
ip helper-address 10.1.1.10
b. interface vlan 5
ip address 10.1.1.1 255.255.255.0
ip dhcp-relay
c. ip dhcp pool staff
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
exit
d. hostname Switch
ip helper-address 10.1.1.10


Chapter 12:

1. Where does a collision domain exist in a switched network?
a. On a single switch port
b. Across all switch ports-
c. On a single VLAN
d. Across all VLANs

2. Where does a broadcast domain exist in a switched network?
a. On a single switch port
b. Across all switch ports
c. On a single VLAN-
d. Across all VLANs

3. What is a VLAN primarily used for?
a. To segment a collision domain
b. To segment a broadcast domain--
c. To segment an autonomous system
d. To segment a spanning-tree domain

4. How many layers are recommended in the hierarchical campus network design model?
a. 1
b. 2
c. 3-
d. 4
e. 7

5. What is the purpose of breaking a campus network into a hierarchical design?
a. To facilitate documentation
b. To follow political or organizational policies
c. To make the network predictable and scalable
d. To make the network more redundant and secure--

6. End-user PCs should be connected into which of the following hierarchical layers?
a. Distribution layer
b. Common layer
c. Access layer--
d. Core layer

7. In which OSI layer should devices in the distribution layer typically operate?
a. Layer 1
b. Layer 2-
c. Layer 3
d. Layer 4

8. A hierarchical network’s distribution layer aggregates which of the following?
a. Core switches
b. Broadcast domains
c. Routing updates
d. Access-layer switches

9. In the core layer of a hierarchical network, which of the following are aggregated?
a. Routing tables--
b. Packet filters
c. Distribution switches
d. Access-layer switches

10. In a properly designed hierarchical network, a broadcast from one PC is confined
to what?
a. One access-layer switch port
b. One access-layer switch
c. One switch block-
d. The entire campus network

11. Which one or more of the following are the components of a typical switch block?
a. Access-layer switches
b. Distribution-layer switches
c. Core-layer switches
d. E-commerce servers
e. Service provider switches-

12. What are two types of core, or backbone, designs?
a. Collapsed core
b. Loop-free core
c. Dual core
d. Layered core

13. What is the maximum number of access-layer switches that can connect into a single
distribution-layer switch?
a. 1
b. 2
c. Limited only by the number of ports on the access-layer switch-
d. Limited only by the number of ports on the distribution-layer switch
e. Unlimited

14. A switch block should be sized according to which two of the following parameters?
a. The number of access-layer users
b. A maximum of 250 access-layer users
c. A study of the traffic patterns and flows
d. The amount of rack space available

15. What evidence can be seen when a switch block is too large? (Choose all that apply.)
a. IP address space is exhausted.
b. You run out of access-layer switch ports.
c. Broadcast traffic becomes excessive.
d. Traffic is throttled at the distribution-layer switches.
e. Network congestion occurs.

16. How many distribution switches should be built into each switch block?
a. 1
b. 2
c. 4
d. 8

17. What are the most important aspects to consider when designing the core layer in a
large network? (Choose all that apply.)
a. Low cost
b. Switches that can efficiently forward traffic, even when every uplink is at
100 percent capacity
c. High port density of high-speed ports
d. A low number of Layer 3 routing peers
e. The number of servers accessed by users

Chapter 13:

1. Which one of the following do multilayer switches share when running HSRP?
a. Routing tables
b. ARP cache
c. CAM table--
d. IP address

2. What HSRP group uses the MAC address 0000.0c07.ac11?
a. Group 0
b. Group 7
c. Group 11
d. Group 17

3. Two routers are configured for an HSRP group. One router uses the default HSRP priority.
What priority should be assigned to the other router to make it more likely to
be the active router?
a. 1
b. 100
c. 200
d. 500

4. How many routers are in the Standby state in an HSRP group?
a. 0
b. 1
c. 2
d. All but the active router

5. A multilayer switch is configured as follows:
interface fastethernet 1/1
no switchport
ip address 192.168.199.3 255.255.255.0
standby 1 ip 192.168.199.2
Which IP address should a client PC use as its default gateway?
a. 192.168.199.1
b. 192.168.199.2
c. 192.168.199.3
d. Any of these

6. Which one of the following is based on an IETF RFC standard?
a. HSRP
b. VRRP
c. GLBP
d. STP

7. What VRRP group uses the virtual MAC address 0000.5e00.01ff?
a. Group 0
b. Group 1
c. Group 255
d. Group 94

8. Which one of the following protocols is the best choice for load balancing redundant
gateways?
a. HSRP
b. VRRP
c. GLBP
d. GVRP

9. Which one of the following GLBP functions answers ARP requests?
a. AVF
b. VARP
c. AVG
d. MVR

10. By default, which of the following virtual MAC addresses will be sent to the next
client that looks for the GLBP virtual gateway?
a. The GLBP interface’s MAC address
b. The next virtual MAC address in the sequence
c. The virtual MAC address of the least-used router
d. 0000.0c07.ac00

11. Which one of these features is used to reduce the amount of time needed to rebuild
the routing information after a supervisor module failure?
a. NFS
b. NSF
c. RPR+
d. SSO

12. Which one of the following features provides the fastest failover for supervisor or
route processor redundancy?
a. SSL
b. SSO
c. RPR+

Chapter 14:

1. For a Catalyst switch to offer Power over Ethernet to a device, what must occur?
a. Nothing; power always is enabled on a port.
b. The switch must detect that the device needs inline power.
c. The device must send a CDP message asking for power.
d. The switch is configured to turn on power to the port.

2. Which one of these commands can enable Power over Ethernet to a switch interface?
a. inline power enable
b. inline power on
c. power inline on
d. power inline auto

3. What does a Cisco IP Phone contain to allow it to pass both voice and data packets?
a. An internal Ethernet hub
b. An internal two-port switch
c. An internal three-port switch
d. An internal four-port switch

4. How can voice traffic be kept separate from any other data traffic through an IP Phone?
a. Voice and data travel over separate links.
b. A special-case 802.1Q trunk is used to connect to the switch.
c. Voice and data can’t be separated; they must intermingle on the link.
d. Voice and data packets both are encapsulated over an ISL trunk.

5. What command configures an IP Phone to use VLAN 9 for voice traffic?
a. switchport voice vlan 9
b. switchport voice-vlan 9
c. switchport voice 9
d. switchport voip 9

6. What is the default voice VLAN condition for a switch port?
a. switchport voice vlan 1
b. switchport voice vlan dot1p
c. switchport voice vlan untagged
d. switchport voice vlan none

7. If the following interface configuration commands have been used, what VLAN numbers
will the voice and PC data be carried over, respectively?
interface gigabitethernet1/0/1
switchport access vlan 10
switchport trunk native vlan 20
switchport voice vlan 50
switchport mode access
a. VLAN 50, VLAN 20
b. VLAN 50, VLAN 1
c. VLAN 1, VLAN 50
d. VLAN 20, VLAN 50
e. VLAN 50, VLAN 10

8. What command can verify the voice VLAN used by a Cisco IP Phone?
a. show cdp neighbor
b. show interface switchport
c. show vlan
d. show trunk

9. When a PC is connected to the PC switch port on an IP Phone, how is QoS trust
handled?
a. The IP Phone always trusts the class of service (CoS) information coming
from the PC.
b. The IP Phone never trusts the PC and always overwrites the CoS bits.
c. QoS trust for the PC data is handled at the Catalyst switch port, not the
IP Phone.
d. The Catalyst switch instructs the IP Phone how to trust the PC QoS information.

10. An IP Phone should mark all incoming traffic from an attached PC to have CoS 1.
Complete the following switch command to make that happen:
switchport priority extend __________
a. untrusted
b. 1
c. cos 1
d. overwrite 1

11. What command can verify the Power over Ethernet status of each switch port?
a. show inline power
b. show power inline
c. show interface
d. show running-config

12. Which DSCP codepoint name usually is used for time-critical packets containing
voice data?
a. 7
b. Critical
c. AF
d. EF

Chapter 15:

1. Which one of the following standard sets is used in wireless LANs?
a. IEEE 802.1
b. IEEE 802.3
c. IEEE 802.5
d. IEEE 802.11-

2. Which one of the following methods is used to minimize collisions in a wireless LAN?
a. CSMA/CD-
b. CSMA/CA
c. LWAPP
d. LACP

3. A wireless scenario is made up of five wireless clients and two APs connected by a
switch. Which one of the following correctly describes the wireless network?
a. BSS
b. ESS
c. IBSS
d. CBS

4. If a wireless access point is connected to a switch by a trunk port, which one of the
following is mapped to a VLAN?
a. Channel
b. Frequency
c. BSS
d. SSID

5. Which of the following terms represents a Cisco wireless access point that cannot operate
independently?
a. Autonomous AP
b. Roaming AP
c. Lightweight AP
d. Dependent AP

6. Suppose that an autonomous AP is used to support wireless clients. Which one of the
following answers lists the devices that traffic must take when passing from one wireless
client to another?
a. Through the AP only.
b. Through the AP and its controller.
c. Through the controller only.
d. None of these answers is correct; traffic can go directly over the air.

7. Suppose that a lightweight AP is used to support wireless clients. Which one of the
following answers lists the device path that traffic must take when passing from one
wireless client to another?
a. Through the AP only.
b. Through the AP and its controller.
c. Through the controller only.
d. None of these answers is correct.

8. A lightweight access point is said to have which one of the following architectures?
a. Proxy MAC
b. Tunnel MAC
c. Split-MAC
d. Fat MAC

9. How does a lightweight access point communicate with a wireless LAN controller?
a. Through an IPsec tunnel
b. Through an LWAPP or CAPWAP tunnel
c. Through a GRE tunnel
d. Directly over Layer 2

10. Which one of the following types of traffic is sent securely over an LWAPP tunnel?
a. Control messages
b. User data
c. DHCP requests
d. 802.11 beacons

11. Which one of the following must be consistent for a wireless client to roam between
lightweight APs that are managed by the same WLC?
a. SSID
b. Mobility group
c. VLAN ID
d. AP management VLAN

12. Which one of the following must be consistent for a wireless client to roam between
lightweight APs that are managed by two different WLCs?
a. VLAN ID
b. SSID
c. AP management VLAN
d. Mobility group

13. Which one of the following locations is appropriate for an LAP?
a. Access-layer switch port
b. Distribution-layer switch port
c. Core-layer switch port
d. Data center switch port

14. Which one of the following locations is appropriate for a WLC?
a. Access-layer switch port
b. Distribution-layer switch port
c. Core-layer switch port
d. Data center switch port

15. Which one of the following is the correct switch configuration for a port connected
to an LAP?
a. switchport mode trunk
b. switchport mode lap
c. switchport mode access
d. switchport mode transparent

16. Suppose an LAP/WLC combination is used to provide connectivity from SSID “staff’’
to VLAN 17. Which one of the following is the correct extent for the VLAN?
a. VLAN 17 exists on the LAP only.
b. VLAN 17 extends from the LAP to the access switch only.
c. VLAN 17 extends from the LAP to the WLC.
d. VLAN 17 extends from the LAP to the access switch and from the distribution
switch to the WLC.

Chapter 16:

1. Which switch feature can grant access through a port only if the host with MAC address
0005.0004.0003 is connected?
a. SPAN
b. MAC address ACL
c. Port security
d. Port-based authentication

2. Port security is being used to control access to a switch port.Which one of these commands
will put the port into the errdisable state if an unauthorized station connects?
a. switchport port-security violation protect
b. switchport port-security violation restrict
c. switchport port-security violation errdisable
d. switchport port-security violation shutdown

3. If port security is left to its default configuration, how many different MAC addresses
can be learned at one time on a switch port?
a. 0
b. 1
c. 16
d. 256

4. The following commands are configured on a Catalyst switch port. What happens
when the host with MAC address 0001.0002.0003 tries to connect?
switchport port-security
switchport port-security maximum 3
switchport port-security mac-address 0002.0002.0002
switchport port-security violation shutdown
a. The port shuts down.
b. The host is allowed to connect.
c. The host is denied a connection.
d. The host can connect only when 0002.0002.0002 is not connected.

5. What protocol is used for port-based authentication?
a. 802.1D
b. 802.1Q
c. 802.1x
d. 802.1w

6. When 802.1x is used for a switch port, where must it be configured?
a. Switch port and client PC
b. Switch port only
c. Client PC only
d. Switch port and a RADIUS server

7. When port-based authentication is enabled globally, what is the default behavior for
all switch ports?
a. Authenticate users before enabling the port.
b. Allow all connections without authentication.
c. Do not allow any connections.
d. There is no default behavior.

8. When port-based authentication is enabled, what method is available for a user to
authenticate?
a. Web browser
b. Telnet session
c. 802.1x client
d. DHCP

9. The users in a department are using a variety of host platforms, some old and some
new. All of them have been approved with a user ID in a RADIUS server database.
Which one of these features should be used to restrict access to the switch ports in
the building?
a. AAA authentication
b. AAA authorization
c. Port security
d. Port-based authentication

10. With DHCP snooping, an untrusted port filters out which one of the following?
a. DHCP replies from legitimate DHCP servers
b. DHCP replies from rogue DHCP servers
c. DHCP requests from legitimate clients
d. DHCP requests from rogue clients

11. Which two of the following methods does a switch use to detect spoofed addresses
when IP Source Guard is enabled?
a. ARP entries
b. DHCP database
c. DHCP snooping database
d. Static IP source binding entries
e. Reverse path-forwarding entries

12. Which one of the following should be configured as a trusted port for dynamic ARP
inspection?
a. The port where the ARP server is located.
b. The port where an end-user host is located.
c. The port where another switch is located.
d. None; all ports are untrusted.

13. Which two of the following methods should you use to secure inbound CLI sessions
to a switch?
a. Disable all inbound CLI connections.
b. Use SSH only.
c. Use Telnet only.
d. Apply an access list to the vty lines.

14. Suppose you need to disable CDP advertisements on a switch port so that untrusted
devices cannot learn anything about your switch. Which one of the following interface
configuration commands should be used?
a. cdp disable
b. no cdp
c. no cdp enable
d. no cdp trust

Chapter 17:

1. Which one of the following can filter packets even if they are not routed to another
Layer 3 interface?
a. IP extended access lists
b. MAC address access lists
c. VLAN access lists
d. Port-based access lists

2. In what part of a Catalyst switch are VLAN ACLs implemented?
a. NVRAM
b. CAM
c. RAM
d. TCAM

3. Which one of the following commands can implement a VLAN ACL called test?
a. access-list vlan test
b. vacl test
c. switchport vacl test
d. vlan access-map test

4. After a VACL is configured, where is it applied?
a. Globally on a VLAN
b. On the VLAN interface
c. In the VLAN configuration
d. On all ports or interfaces mapped to a VLAN

5. Which of the following private VLANs is the most restrictive?
a. Community VLAN
b. Isolated VLAN
c. Restricted VLAN
d. Promiscuous VLAN

6. The vlan 100 command has just been entered. What is the next command needed to
configure VLAN 100 as a secondary isolated VLAN?
a. private-vlan isolated
b. private-vlan isolated 100
c. pvlan secondary isolated
d. No further configuration necessary

7. What type of port configuration should you use for private VLAN interfaces that
connect to a router?
a. Host
b. Gateway
c. Promiscuous
d. Transparent

8. Promiscuous ports must be ______________ to primary and secondary VLANs, and
host ports must be ________________.
a. Mapped, associated
b. Mapped, mapped
c. Associated, mapped
d. Associated, associated

9. In a switch spoofing attack, an attacker makes use of which one of the following?
a. The switch management IP address
b. CDP message exchanges
c. Spanning Tree Protocol
d. DTP to negotiate a trunk

10. Which one of the following commands can be used to prevent a switch spoofing attack
on an end-user port?
a. switchport mode access
b. switchport mode trunk
c. no switchport spoof
d. spanning-tree spoof-guard

11. Which one of the following represents the spoofed information an attacker sends in a
VLAN hopping attack?
a. 802.1Q tags
b. DTP information
c. VTP information
d. 802.1x information

12. Which one of the following methods can be used to prevent a VLAN hopping attack?
a. Use VTP throughout the network.
b. Set the native VLAN to the user access VLAN.
c. Prune the native VLAN off a trunk link.
d. Avoid using EtherChannel link bundling.

GLOSSARY:

20/80 rule Network traffic pattern where 20 percent of traffic stays in a local area,
while 80 percent travels to or from a remote resource.

802.1Q A method of passing frames and their VLAN associations over a trunk link,
based on the IEEE 802.1Q standard.

access layer The layer of the network where end users are connected.

active virtual forwarder (AVF) A GLBP router that takes on a virtual MAC address
and forwards traffic received on that address.

active virtual gateway (AVG) The GLBP router that answers all ARP requests for the
virtual router address and assigns virtual MAC addresses to each router in the GLBP
group.

adjacency table A table used by CEF to collect the MAC addresses of nodes that can
be reached in a single Layer 2 hop.

alternate port In RSTP, a port other than the root port that has an alternative path to
the root bridge.

ARP poisoning Also known as ARP spoofing. An attack whereby an attacker sends
specially crafted ARP replies so that its own MAC address appears as the gateway or
some other targeted host. From that time on, unsuspecting clients unknowingly send
traffic to the attacker.
Auto-QoS An automated method to configure complex QoS parameters with a simple
IOS macro command.

autonegotiation A mechanism used by a device and a switch port to automatically
negotiate the link speed and duplex mode.

autonomous mode AP An access point that operates in a standalone mode, such that
it is autonomous and can offer a functioning WLAN cell itself.

BackboneFast An STP feature that can detect an indirect link failure and shorten the
STP convergence time to 30 seconds by bypassing the Max Age timeout period.

backup port In RSTP, a port that provides a redundant (but less desirable

best effort delivery Packets are forwarded in the order in which they are received,
regardless of any policy or the packet contents.

BPDU Bridge protocol data unit; the data message exchanged by switches participating
in the Spanning Tree Protocol.

BPDU filtering Prevents BPDUs from being sent or processed on a switch port.

BPDU Guard An STP feature that disables a switch port if any BPDU is received there.

bridging loop A condition where Ethernet frames are forwarded endlessly around a
Layer 2 loop formed between switches.

broadcast domain The extent of a network where a single broadcast frame or packet
will be seen.

CAM Content-addressable memory; the high-performance table used by a switch to
correlate MAC addresses with the switch interfaces where they can be found.

CEF Cisco Express Forwarding; an efficient topology-based system for forwarding IP
packets.

collapsed core A network design where the core and distribution layers are collapsed
or combined into a single layer of switches.

collision domain The extent within a network that an Ethernet collision will be noticed
or experienced.

Common Spanning Tree (CST) A single instance of STP defined in the IEEE 802.1Q
standard.

community VLAN A type of secondary private VLAN; switch ports associated with a
community VLAN can communicate with each other.
Control and Provisioning Wireless Access Point (CAPWAP) A standards-based
tunneling protocol used to transport control messages and data packets between a WLC
and an LAP. CAPWAP is defined in RFC 4118.

core layer The “backbone” layer of the network where all distribution layer switches
are aggregated.

CoS marking A method of marking frames with a QoS value as they cross a trunk link
between two switches.

CSMA/CA Carrier sense multiple access collision avoidance. The mechanism used in
802.11 WLANs by which clients attempt to avoid collisions.

CSMA/CD Carrier sense multiple access collision detect. A mechanism used on
Ethernet networks to detect collisions and cause transmitting devices to back off for a
random time.

delay The amount of time required for a packet to be forwarded across a network.

designated port One nonroot port selected on a network segment, such that only one
switch forwards traffic to and from that segment.

DHCP Dynamic Host Configuration Protocol; a protocol used to negotiate IP address
assignment between a client and a server. The client and server must reside on the same
VLAN.

DHCP relay A multilayer switch that intercepts and relays DHCP negotiation messages
between a client and a DHCP server, even if they exist on different VLANs.

DHCP snooping A security feature that enables a switch to intercept all DHCP
requests coming from untrusted switch ports before they are flooded to unsuspecting
users.

differentiated services (DiffServ) model Packet forwarding is handled according to
local QoS policies on a per-device or per-hop basis.

discarding state In RSTP, incoming frames are dropped and no MAC addresses are
learned.

distribution layer The layer of the network where access layer switches are aggregated
and routing is performed.

DTP Dynamic Trunking Protocol; a Cisco-proprietary method of negotiating a trunk
link between two switches.

dual core A network design that has a distinct core layer made up of a redundant pair
of switches.

duplex mismatch A condition where the devices on each end of a link use conflicting
duplex modes.

duplex mode The Ethernet mode that governs how devices can transmit over a connection—
half-duplex mode forces only one device to transmit at a time, as all devices
share the same media; full-duplex mode is used when only two devices share the media,
such that both devices can transmit simultaneously.

Dynamic ARP Inspection (DAI) A security feature that can mitigate ARP-based
attacks. ARP replies received on untrusted switch ports are checked against known, good
values contained in the DHCP snooping database.

edge port In RSTP, a port at the “edge” of the network, where only a single host connects.

end-to-end VLAN A single VLAN that spans the entire switched network, from one
end to the other.

EtherChannel A logical link made up of bundled or aggregated physical links.

expedited forwarding (EF) The DSCP value used to mark time-critical packets for
premium QoS handling. EF is usually reserved for voice bearer traffic.

FIB Forwarding Information Base; a CEF database that contains the current routing
table.

flooding An Ethernet frame is replicated and sent out every available switch port.

forward delay The time interval that a switch spends in the Listening and Learning
states; default 15 seconds.

hello time The time interval between configuration BPDUs sent by the root bridge;
defaults to 2 seconds.

hierarchical network design A campus network that is usually organized into an
access layer, a distribution layer, and a core layer.

host port A switch port mapped to a private VLAN such that a connected device can
communicate with only a promiscuous port or ports within the same community VLAN.

HSRP active router The router in an HSRP group that forwards traffic sent to the virtual
gateway IP and MAC address.

HSRP standby router A router in an HSRP group that waits until the active router
fails before taking over that role.

Hybrid Remote Edge Access Point (HREAP) A special mode where an LAP at a
remote site can take on characteristics of a lightweight AP, as long as the LAP can reach
the WLC, or an autonomous AP, when the WLC is unreachable.

IEEE 802.1x The standard that defines port-based authentication between a network
device and a client device.

IEEE 802.3 The standard upon which all generations of Ethernet (Ethernet, Fast
Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet) are based.

InterVLAN routing The function performed by a Layer 3 device that connects and forwards
packets between multiple VLANs.

ISL Inter-Switch Link; a Cisco-proprietary method of tagging frames passing over a
trunk link.

isolated VLAN A type of secondary private VLAN; switch ports associated with an
isolated VLAN are effectively isolated from each other.

IST instance Internal spanning-tree instance; used by MST to represent an entire
region as a single virtual bridge to a common spanning tree.

jitter The variation in packet delivery delay times.

LACP Link Aggregation Control Protocol; a standards-based method for negotiating
EtherChannels automatically.

Layer 2 roaming Movement of a WLAN client from one AP to another, while keeping
its same IP address.

Layer 3 roaming Movement of a WLAN client from one AP to another, where the
APs are located across IP subnet boundaries.

lightweight access point (LAP) An access point that runs a lightweight code image
that performs real-time 802.11 operations. An LAP cannot offer a fully functioning
WLAN cell by itself; instead, it must coexist with a wireless LAN controller.

Lightweight Access Point Protocol (LWAPP) The tunneling protocol developed by
Cisco that is used to transport control messages and data packets between a WLC and an
LAP.

local VLAN A single VLAN that is bounded by a small area of the network, situated
locally with a group of member devices.

Loop Guard An STP feature that disables a switch port if expected BPDUs suddenly
go missing.

max age time The time interval that a switch stores a BPDU before discarding it or
aging it out; the default is 20 seconds.

MST Multiple Spanning-Tree protocol, used to map one or more VLANs to a single
STP instance, reducing the total number of STP instances.

MST instance (MSTI) A single instance of STP running within an MST region; multiple
VLANs can be mapped to the MST instance.

MST region A group of switches running compatible MST configurations.

native VLAN On an 802.1Q trunk link, frames associated with the native VLAN are not
tagged at all.

Non-Stop Forwarding (NSF) A redundancy method that quickly rebuilds routing
information after a redundant Catalyst switch supervisor takes over.

packet loss Packets are simply dropped without delivery for some reason.

packet rewrite Just before forwarding a packet, a multilayer switch has to change several
fields in the packet to reflect the Layer 3 forwarding operation.

PAgP Port Aggregation Protocol; a Cisco-developed method for negotiating
EtherChannels automatically.

point-to-point port In the Cisco implementation of RSTP, a full-duplex port that connects
to another switch and becomes a designated port.

PortFast An STP feature used on a host port, where a single host is connected, that
shortens the Listening and Learning states so that the host can gain quick access to the
network.

power class Categories of PoE devices based on the maximum amount of power
required; power classes range from 0 to 4.

Power over Ethernet (PoE) Electrical power supplied to a networked device over the
network cabling itself.

primary VLAN A normal Layer 2 VLAN used as the basis for a private VLAN when it
is associated with one or more secondary VLANs.

private VLAN A special purpose VLAN, designated as either primary or secondary,
which can restrict or isolate traffic flow with other private VLANs.

promiscuous port A switch port mapped to a private VLAN such that a connected
device can communicate with any other switch port in the private VLAN.

PVST Per-VLAN Spanning Tree; a Cisco-proprietary version of STP where one instance
of STP runs on each VLAN present in a Layer 2 switch.

PVST+ Per-VLAN Spanning Tree Plus; a Cisco-proprietary version of PVST that
enables PVST, PVST+, and CST to interoperate on a switch.

quality of service (QoS) The overall method used in a network to protect and prioritize
time-critical or important traffic.

root bridge The single STP device that is elected as a common frame of reference for
working out a loop-free topology.

Root Guard An STP feature that controls where candidate root bridges can be found
on a switch.

root path cost The cumulative cost of all the links leading to the root bridge.

root port Each switch selects one port that has the lowest root path cost leading
toward the root bridge.

Route Processor Redundancy (RPR) A redundancy mode where a redundant supervisor
partially boots and waits to become active after the primary supervisor fails.

Route Processor Redundancy Plus (RPR+) A redundancy mode where a redundant
supervisor boots up and waits to begin Layer 2 or Layer 3 functions.

RPVST+ Also known as Rapid PVST+, where RSTP is used on a per-VLAN basis; in
effect, RSTP replaces traditional 802.1D STP in the PVST+ operation.

RSTP The Rapid Spanning-Tree Protocol, based on the IEEE 802.1w standard.

secondary VLAN A unidirectional VLAN that can pass traffic to and from its associated
primary VLAN, but not with any other secondary VLAN.

Spanning Tree Protocol (STP) A protocol communicated between Layer 2 switches
that attempts to detect a loop in the topology before it forms, thus preventing a bridging
loop from occurring.

Split-MAC architecture Normal Media Access Control (MAC) operations are divided
into two distinct locations—the LAP and theWLC, such that the two form a completely
functioningWLAN cell.

SSID Service set identifier; a text string that identifies a service set, or a group of
WLAN devices, that can communicate with each other.

stateful switchover (SSO) A redundancy mode where a redundant supervisor fully
boots and initializes, allowing configurations and Layer 2 tables to be synchronized
between an active supervisor and a redundant one.

sticky MAC address MAC addresses dynamically learned by the port

superior BPDU A received BPDU that contains a better bridge ID than the current
root bridge.

SVI Switched virtual interface; a logical interface used to assign a Layer 3 address to an
entire VLAN.

switch block A network module or building block that contains a group of access
layer switches, together with the pair of distribution switches that connect them.

switch spoofing A malicious host uses DTP to masquerade as a switch, with the goal
of negotiating a trunk link and gaining access to additional VLANs.

synchronization In RSTP, the process by which two switches exchange a proposalagreement
handshake to make sure neither will introduce a bridging loop.

TCAM Ternary content-addressable memory; a switching table found in Catalyst
switches that is used to evaluate packet forwarding decisions based on policies or access
lists. TCAM evaluation is performed simultaneously with the Layer 2 or Layer 3 forwarding
decisions.

TCN Topology Change Notification; a message sent out the root port of a switch when
it detects a port moving into the Forwarding state or back into the Blocking state. The
TCN is sent toward the root bridge, where it is reflected and propagated to every other
switch in the Layer 2 network.

transparent bridge A network device that isolates two physical LANs but forwards
Ethernet frames between them.

trust boundary A perimeter in a network, formed by switches and routers, where QoS
decisions take place. QoS information found inside incoming traffic is evaluated at the
trust boundary; either it is trusted or it is not trusted. In the latter case, the QoS information
can be altered or overridden. All devices inside the trust boundary can assume that
QoS information is correct and trusted, such that the QoS information already conforms
to enterprise policies.

UDLD Unidirectional Link Detection; a feature that enables a switch to confirm that a
link is operating bidirectionally. If not, the port can be disabled automatically.

unknown unicast flooding The action taken by a switch when the destination MAC
address cannot be found; the frame is flooded or replicated out all switch ports except
the receiving port.

UplinkFast An STP feature that enables access layer switches to unblock a redundant
uplink when the primary root port fails.

VACL VLAN access control list; a filter that can control traffic passing within a VLAN.

VLAN Virtual LAN; a logical network existing on one or more Layer 2 switches, forming
a single broadcast domain.

VLAN hopping A malicious host sends specially crafted frames that contain extra,
spoofed 802.1Q trunking tags into an access port, while the packet payloads appear on a
totally different VLAN.

VLAN number A unique index number given to a VLAN on a switch, differentiating it
from other VLANs on the switch.

VLAN trunk A physical link that can carry traffic on more than one VLAN through
logical tagging.

voice VLAN The VLAN used between a Cisco IP Phone and a Catalyst switch to carry
voice traffic.

VRRP backup router A router in a VRRP group that waits until the master router fails
before taking over that role.

VRRP master router The router in a VRRP group that forwards traffic sent to the virtual
gateway IP and MAC address.

VTP VLAN Trunking Protocol; used to communicate VLAN configuration information
among a group of switches.

VTP configuration revision number An index that indicates the current version of
VLAN information used in the VTP domain; a higher number is more preferable.

VTP domain A logical grouping of switches that share a common set of VLAN
requirements.

VTP pruning VTP reduces unnecessary flooded traffic by pruning or removing
VLANs from a trunk link, only when there are no active hosts associated with the
VLANs.

VTP synchronization problem An unexpected VTP advertisement with a higher configuration
revision number is received, overriding valid information in a VTP domain.

wireless LAN controller (WLC) A Cisco device that provides management functions
to lightweight access points and aggregates all traffic to and from the LAPs.