Python/Networking/Security/Virtualization Fundamentals: Networking Questions

http://www.brocade.com/support/Product_Manuals/ServerIron_SwitchRouterGuide/index.html

Note: There are two ways to advertise a default route into a normal area. The first is to advertise 0.0.0.0 into the OSPF domain, provided the advertising router already has a default route. The second is to advertise 0.0.0.0 regardless of whether the advertising router already has a default route. The second method can be accomplished by adding the keyword always to the default-information originate command.

Setting RIP Timers

You can set three new timers for the RIP protocol. The new timers-basic command allows you to set the RIP update timer, aging timeout interval, and garbage-collection timer. The RIP protocol must be enabled on the Foundry device in order to set these timers.

The RIP update-time command, available in previous releases, has lower priority than the timers-basic command. If both commands are configured on the device, then the update-time command is ignored.

For example, the following command sets the three RIP timers:

ServerIron(config) router rip

ServerIron(config-rip-router)# timers-basic 5 15 15

Syntax: [no] timers-basic

The specifies how often RIP update messages are sent. You can specify from 1 – 1,000 seconds. The default is 30 seconds.

The specifies how long the ServerIron ADXe waits for a route update before declaring a route invalid. The value specified for the should be at least three times the value specified for the . The can be from 3 – 3,000 seconds. The default is 180 seconds.

The specifies how long the ServerIron ADX waits for a route update before removing the route from the RIP route table. The value specified for the should be at least three times the value specified for the . The can be from 3 – 3,000 seconds. The default is 120 seconds.

Distance Vector Routing: Count to Infinity and Routing Loops

Networks using distance-vector routing are susceptible to loops and issues with count to infinity. How does this problem develop? In the following illustration, everything is working fine on the network, and the network is converged.

Problems can happen with your routing protocol when a link or a router fails. In this figure, a failure happens on Router3 with interface fa0/0. When this link goes down, the route to 10.4.0.0/16 is no longer available; however, if you look at what follows, you can see the issue.

Router3 initially marks the route to 10.4.0.0 as a link down in its routing table.

Router2 sends out its routing table to each of its neighbors.

This includes Router3, telling them that it has a path to 10.4.0.0 with a hop count of 1.

Router3 then updates its routing table with this new information.

The new information states that the route to 10.4.0.0/16 is now 2 hops away, as shown in Figure 6-3.

Armed with the new information that 10.4.0.0/16 is available.

Albeit through another interface, Router3 sends out its routing table to its neighbors.

Router2 gets the update.

It then identifies that the router that previously said it knew about 10.4.0.0/16 has updated the route from a hop count of 0 to 2, so Router2 updates its own routing table. The old route may have been identified as an updated route, or it may have timed out of the routing table, depending on the routing protocol that is in use.

Router2 then passes its own routing information out through its other interface (S0/0) to propagate the change to Router1.

Router3 eventually receives the update from Router2.

This update tells Router2 that the hop count to 10.4.0.0/16 has been updated to 3, and this process now continues.

This process continues to infinity because no mechanism is in place, in this case, to stop the process from continuing.

However, the RIP routing protocol has a built-in safety mechanism, to a degree. RIP has a maximum hop count of 16, and when the route to a network exceeds the 16-hop rule, the RIP protocol marks that network as unreachable so that it does not further propagate the route. This scenario does not change the information found in the router’s routing table — it only limits how far the error is propagated.

When you send data to a host or device on the 10.4.0.0/16 network, it comes through the fa0/0 interface on Router1 and Router1 thinks that it can get to 10.4.0.0/16 within 4 hops by sending the data out through interface S0/0 based on Router1’s routing table. The following figure shows what happens when the data is sent.

As it arrives at Router3, Router3 determines that the route to 10.4.0.0/16 is back through Router2, which then causes the data to loop infinitely. There is a Time to Live (TTL) on IP packets, which defines the maximum amount of time which an IP packet can remain on a network. After spending some time looping, the data will be dropped from the network and a message sent back to the sender of the data.

OSPF Notes :

IP Protocol 89
224.0.0.5 is the OSPF All-routers multicast
224.0.0.6 is the OSPF All-Designated routers multicast

Hello and Dead Timers must match to form adjacency

OSPF normally sends Hello packets every 10 seconds and set the Dead Timer to 40 seconds.

The OSPF process ID does not need to match to form a neighbor adjacency.

Interface MTU is not checked during formation of neighbor adjacencies. However, mismatched interface MTU’s will prevent the successful exchange of DD packets and prevent the neighbors from reaching the FULL state.

NBMA (or point-to-multipoint nonbroadcast) interface types require the ‘neighbor’ command to form neighbor adjacencies.

DD (Database Descriptor) packets are acknowledged by sending back an identical DD packet.

For the Database Exchange process (ExStart) the router with the higher RID is designated the Master and is responsible for setting the sequence numbers of the DD packets.

The DD exchange contains LSA headers and sequence number for each LSA (not full LSAs).

If a router does not have an LSA described in a DD packet or has the LSA but with a lower sequence number, the router can request a full copy of the LSA with an LSR (Link State Request).

A router receiveing an LSR responds with a LSU (link state update) that contains a full copy of the LSA requested. Each LSR/LSU is acknowledged by sending back a duplicate LSR/LSU or by sending an LSAack packet

The OSPF router keeps track of which routers still owe it an acknowledgement, and will re-transmit the LSA to neighbors who have not sent an acknowledgement. The frequency in which the LSA is retransmitted can be configured per interface:
interface serial 1/0
ip ospf retransmit-interval (seconds)

During the full LSA updating process the routers are in the “Loading” state. When finished and all LSA’s are exchanged and updated the routers settle into the “Full” state.

For the DR/BDR election process a routers priority is determined by looking at the priority value recieved in the Hello and comparing it to the priority defined in the ‘neighbor’ statement.

The higher of the two values is used for determining the priority. If the priority recieved in the Hello is higher than the ‘neighbor’ statement, the neighbor statement will be dynamically changed in the configuration to match the priority recieved in the Hello.

If two routers have the same priority the one with the higher RID wins.

Each LSA will be re-flooded every 30 minutes by default (LSRefresh timer). The reflood timer is per LSA, so not all LSA’s in the LSDB will necessarily be re-flooded all at the same time.

Each LSA has a MaxAge timer that it must be refreshed within … default is 60 minutes.

To reduce excessive traffic from LSA re-flooding in large networks you can disable the LSA aging process, basically setting LSA’s with a bit that says “Do Not Age”. This is configured per interface with a feature called OSPF Flood Reduction:
interface serial 1/0
ip ospf flood-reduction

Any LSA transmitted from this interface will be marked as Do Not Age, and therefore periodic LSA re-flooding is not necessary.

Type 2 LSA’s (network) are only created for networks where a DR has been elected.
DR/BDR is only elected on NBMA and Broadcast network types

Only NBMA and Broadcast network types will create a Type 2 LSA (originated from the DR)

Configuring broadcast links (Ethernet) as “Point-to-Point” OSPF network types prevents DR election and Type 2 LSA, reducing the size of topology database and Shortest Path Tree for that area.

Point-to-Point network types only allow (2) neighbors on that segment.

Type 2 LSA’s (network link states) are only flooded within the area by the DR of the network.

Type 1 LSA’s (router link states) are created by each router in the area describing itself, its interfaces, and neighbors.

Type 1 and 2 LSA’s contain the most topology detail and are confined to the area.

Type 3 LSA’s provide summary information about Type 1 and 2 LSA’s for other areas.

Type 3 LSA’s have simple information – the subnet, the mask, and the cost as known by the ABR.

When something changes with a Type 3 LSA (cost), only a partial SPF run is needed. Route summarization at the ABR reduces the amount of Type 3 LSA’s but is not required for partial SPF benefits.

Type 3 LSA’s by themselves provide for partial SPF benefits.

Note: external routes redistributed into an OSPF area do provide partial SPF benefits for that area, whereas internally injected routes via the ‘network’ command do not provide partial SPF benefits for that area. External routes are treated as “Leafs” in the SPF, whereas internal routes are treated as “Nodes”. The loss of a “Leaf” can be handled with partial SPF, whereas the loss of a “Node” requires full SPF.

In a nutshell, redistributed routes are not necessarily a bad thing, especially where there are a large number of routes with a lot change (dial-in).

IS-IS, on the other hand, treats all IP networks as “Leafs” in the SPF.

If a network represented by a Type 3 LSA goes down, the ABR refloods the LSA with the OSPF infinite cost so that the route is quickly removed from all other routers which contain that LSA in their LSDB. The alternative would be to simply stop sending that LSA, however the route would not be removed from the other routers until the LSA aged out (MaxAge – default 60 mintues).

Type 4 LSA’s are generated by ABRs that have an ASBR in an area it touches. The Type 4 LSA is created by the ABR to describe the ASBR and its costs to reach it. Type 4 LSA’s are used when an ASBR is present, which helps routers in other areas calculate the exact metric to reach the external route.

Type 4 LSA’s (Summary ASB) are always generated by an ABR when an ASBR is present in an area it touches. OSPF routers in a different area than the ASBR’s area will look at the Type 5 and Type 4 LSA’s to calculate the path and metric to reach the external route. OSPF routers in the same area as the ASBR can look at just the Type 5 LSA to calculate the path. However, the Type 5 LSA by itself does not have enough information for OSPF routers outside the area*, hence the need for the Type 4 LSA.

* The Type 5 LSA remains unmodified as it passes from area to area. One of the key pieces of information that remains unmodified is the “Advertising Router”. Routers outside of the ASBR’s area do not have the Type 1 LSA describing the ASBR (because its a different area). The Type 4 LSA has information about the ASBR that matches the “Advertising Router” information in the Type 5 LSA. Furthermore, the Type 4 LSA’s “Advertising Router” field changes to that of the ABR as it passes into a new area. All of this information helps the OSPF router in other areas calculate the metric and next hop to reach the external routes.

In an OSPF Stub area (area x stub), Type-5 LSA’s (External Routes) are not allowed. The ABR will advertises a default route instead (as a Type 5 LSA). The cost of the default route advertised by the ABR can be set using the ’area x default-cost’ command. The only Type 5 LSA allowed in this area is the default route from the ABR.

OSPF Stub areas (area x stub) do not allow the generation of Type 5 LSA’s (External Routes) from an ASBR within the area.

OSPF Totally Stubby areas (area x stub no-summary) do not allow Type-5 or Type-3 LSA’s, only a default route from the ABR (as a Type 5 LSA). The only Type 5 LSA allowed in this area is the default route from the ABR. No Type 3 LSA’s are allowed.

OSPF Totally Stubby areas also do not allow the generations of Type 5 LSA’s (External Routes) from an ASBR within the area.

OSPF Not So Stubby Area (NSSA) (area x nssa) is like a Stub area in that it does not allow Type 5 LSA’s. However, the NSSA is allowed to have an ASBR originating External Routes as Type 7 LSA’s.

OSPF Totally Not So Stubby Area (area x nssa no-summary) is like a Totally Stub area in that it does not allow Type 5 LSA’s and Type 3 LSA’s. However, the Totally NSSA area is allowed to have an ASBR originating External Routes as Type 7 LSA’s.

Type 7 LSA’s stay inside the NSSA area. The ABR will convert the Type 7 LSA’s into Type 5 LSA’s when flooded into the backbone area.

OSFP has the following order of route preference before route cost is even considered:

1 – Intra-area routes

2 – Inter-area routes

3 – E1 external routes

4 – E2 external routes

Example: OSPF will choose an E1 external route over E2, even if the E2 has a lower cost.

Only when E2 routes have the same external metric will OSPF check the internal cost to the advertising ASBR.

When all else is equal between a Type-5 LSA and Type-7 LSA (metric type, external metric, internal cost) the OSPF router will prefer the Type-5 LSA.

ABR’s will ignore Type 3-5 LSA’s from other ABR’s over links in the same non-backbone area. In other words, and ABR will always prefer its direct connection to area 0, even if there is a lower cost path through another ABR.

The IP address configured in ‘area x virtual-link 1.1.1.1′ is the RID of the other router participating in the virual link.

An OSPF virtual link cannot exist in a stub area.

An OSPF “stub router” is one that will only route for traffic to/from directly connected networks.

A stub router will the advertise cost to routes not directly connected as infinite, so it will never

become a transit router.

You can tell an OSPF router to set its own Type-1 router LSA to an infinite metric for a specific period of time after a router reload, or until BGP converges after a reload – before acting like a normal OSPF router. This will prevent some black hole situations where an OSPF router is connected to a BGP link. When the OSPF router reboots, the OSPF process will usually converge much faster than BGP, so you can tell OSPF to wait for BGP to converge before advertising a normal Type-1 LSA.

for X amount of time after reload: ’max-metric router-lsa on-startup X’

until BGP converges after reload: ‘max-metric router-lsa on-startup wait-for-bgp’

OSPF uses a default metric of 20 when redistributing from an IGP

OSPF uses a default metric of 1 when redistributing from BGP

‘area x range’ is used to summarize at an ABR. The area x is the area containing the component subnets to be summarized. The ABR will not summarize external routes.

router ospf 10
area 1 range 10.0.0.0 255.0.0.0
(Internal 10.x.x.x subnets exist in Area 1. Send a summary of 10.0.0.0/8 into Area 0)

‘summary-address’ is used to summarize external routes at an ASBR. Only an ASBR can summarize external routes.
router ospf 10
redistribute bgp 10 metric 100 subnets
summary-address 40.0.0.0 255.0.0.0

With either method, ‘not-advertise’ will not advertise the summary or its components to effectively filter the routes from being advertised.

OSPF does not support redistributing a static default route as a means of advertising a default route into OSPF.

‘default-information originate’ must be used to source a default route in OSPF.

essentially redistributes a default route found in the IP routing table (as E2 cost 1)

if no default route is available in the IP routing table the additive ‘always’ can be added.

Filtering Routes
You can filter routing information at an ABR in the same way you summarize routing information.
router ospf 10
area 1 range 10.0.0.0 255.0.0.0 not-advertise

The above will create a summary for 10.0.0.0/8 for Area 1 but not advertise the summary or any of the component subnets, effectively acting as a filter.

You can selectively filter LSA’s at an ABR using a filter list

router ospf 10
area 1 filter-list prefix-list permitted-nets in
ip prefix-list permitted-nets permit 10.1.1.0/24

OSPF Graceful Restart, 2 different methods:

1) OSPF Link Local Signalling (LLS) – This is a change in the format of the OSPF Hello’s from fixed length fields to the use of TLV’s to insert other information, such as Graceful Restart (RS bit).

2) Opaque LSA’s – Send a “Grace LSA” prior to restart informing neighbors. Designed with planned outages in mind.

Cisco IOS uses the LLS method by default

Graceful Restart awareness is on by default

Graceful Restarting is enabled on NSF (non stop forwarding) capable routers with ‘nsf’

router ospf 100

nsf

LSA exponential backoff

A flapping link can cause excessive LSA updates and cause routers to be consumed with processing LSA’s.

Cisco routers running OSPF correct this problem with LSA exponential backoff.

3 Timers:

Initial timer

Incremental time

Maximum time

The router sets a an Initial update timer of 1 second after the first link flap. Meaning it will not generate an LSA until 1 second after the link fails.

After the LSA is sent, it sets the next LSA timer to the Initial timer (1 second) plus the Incremental time (lets say 1 second). So the next LSA update would be scheduled for 2 seconds after link failure.

The link flaps again and the previous 2 second timer is doubled to 4 seconds.

The timer can never be set longer than the Maximum time.

When the link is stable for 2 x the Maximum time, the LSA update timer resets to start from scratch

The same backoff mechanism can be applied to SPF calculations (SPF exponential Backoff)

router ospf 10

timers throttle lsa all (initial timer, incremental time, max time)

timers throttle spf (initial timer, incremental time, max time)

The rate at which a router processes the same LSA (based on LSA-ID) received from neighbors can be throttled

router ospf 10

timers lsa arrival (milliseconds)

RSTP vs STP

RSTP has two more port designations

Alternate Port—backup for Root Port

Backup port—backup for Designated Port on the segment

In RSTP, all bridges send BPDUs automatically while in STP, the root triggers BPDUs

In RSTP, bridges act to bring the network to

convergence while in STP, bridges passively wait for time-outs before changing port states

RSTP is based on IEEE 802.1w standard.

Numerous differences exist between RSTP and STP.

RSTP requires full-duplex point-to-point connection between adjacent switches to achieve fast convergence.

Half duplex, denotes a shared medium, multiple devices.

As a result, RSTP cannot achieve fast convergence in half-duplex mode.

STP and RSTP also have port designation differences.

RSTP has alternate port and backup port designations.

Ports not participating in spanning tree are known as edge ports.

The edge port becomes a nonedge port immediately if a BPDU is heard on the port.

Network Fundamentals:

Q.1) A 24 port switch receives a frame with destination mac-address unknown. To how many ports will the frame be flooded

A. 23

B. 24

C. 1

D. None of these

Q.2) Which of the following fields in an Ethernet frame is not usually checked by a layer 2 switch unless destined for itself

A. Data

B. Type

C. Source- Mac-address

D. Preamble

Q.3) Which of the following devices does not have a mac-address

A. Access points

B. Switches

C. Routers

D. None of the above

Q.4) In a 802.1q encapsulated ethernet frame, which field contains the value of the upper layer protocol

A. Type field in the ethernet frame.

B. TPID (Tag protocol identifier) in the 802.1q header in the ethernet frame.

C. VID (VLAN identifier)in the 802.1q header in the ethernet frame

D. CFI

Q.5) Which form of switching can be used if the CRC value of the frame is to be calculated only by the destination

A. Cut through

B. Store and forward

C. Cut through without CRC check

D. None of the above

Q.6) What would happen if the source and destination mac-address in an ethernet frame received on a switch port is the same

A. The frame will be forwarded back to the source and a loop will be created

B. The frame will be filtered and discarded

C. The frame will be broadcasted to all ports on the switch

D. The frame will be routed

Q.7) Which of the following offers a connectionless acknowledged service

A. LLC Type 1

B. LLC Type 2

C. LLC Type 3

D. None of the above

Q.8) A switch port operating in full duplex mode is connected to a PC operating in half duplex. What would be the effective duplex settings for the communication

A. Full duplex

B. Half Duplex

C. Link will be up but communication would be unsuccessful.

D. Link will not be established (Your Answer)

Q.9) Two switches sw1 and sw2 are connected using two links ( port 5 and port 6 on sw1 is connected to port 5 and port 6 on sw2 respectively).If a PC on sw1 generates a broadcast frame, how many copies of the frame would be received back by sw1 on ports 5 and 6

A. None

B. 1

C. 2

D. 3

Q.10) The mac-age time configured on the port of a switch is 5 minutes. A hub is connected to the port. PC1 and PC2 are connected to the hub. The mac-address of PC2 is added to the mac-address table of the switch just before 2 minutes. Assuming no traffic has been triggered, after 2 minutes from start on both the PC's,What info would be displayed in the mac-address table related to the port on the switch after 5 minutes

A. Mac-address of PC2

B. Mac-address of PC2 and PC1

C. None

D. Mac-address of the hub port

Q.11) A hub is connected to a switch port 1. A PC is connected to a hub. The PC on the hub communicates with servers residing on the switch. The PC is disconnected from the hub. Which of the following statements are true

A. The mac-address table w.r.t to port 1 of the switch will not be modified. Mac-address will be retained

B. The mac-address table w.r.t to port 1 of the switch will be modified. Mac-address will be removed

C. Link will be disabled on the switch

D. Mac-address of the port of the hub will be added instead of the PC's mac-address.

Q.12) A PC is connected to a 5 port ethernet hub operating at 100 Mbps.Other ports of the hub are free and not connected to any other devices. At what duplex setting can the hub operate

A. Half duplex only

B. Since only the PC is on the hub, the hub will be forced to operate in full duplex

C. Half or Full duplex

D. None of the above

Q.13) PC1 communicates with another PC2 on the same segment of a switch .What is the destination mac-address in the frame if the mac-address of PC1 is 00-1b-78-ab-9f-90

A. The mac-address of PC2

B. The mac-address of the default gateway configured on PC1

C. The mac-address of the switch port on which PC1 is connected

D. The mac-address of the switch

Q.14) What would be the value of TYPE in an ethernet frame communicating in a TCP/IP environment in which the data is HTTP traffic

A. IP

B. HTTP

C. TCP

D. 6

Q.15) A PC which is connected to a switch port 1 is disconnected and connected to port 2. Which of the following is true w.r.t the above action ?

The mac-address of PC learned on port1 will be retained in the mac-address table

B. The mac-address of PC will be learned on port 2 immediately after link is up (Your Answer)

C. Mac-address of PC will be removed from the mac-address table on disconnect from port 1

D. Switch will add the mac-address learned on port 1 to internal buffer before disconnect.

IP Routing :

Q.1) Which field in an incoming IP packet would be used by the router to perform a route look up process

A. Source IP address

B. Destination IP address

C. TTL

D. Subnet Mask

Q.2) Refer the exhibit - E0 and E1 interface of the router is configured with IP address 192.168.1.1/24 and 192.168.2.1/24. The IP address of PC1 is 192.168.1.2/24 and the default gateway is 192.168.1.1. The IP address of PC2 is 192.168.2.2/24. If a user on PC1 issues the command ping 192.168.2.2, what would be the source IP address of the IP packet carrying the icmp (ping) packet when it exits the E1 interface of the router.

A. 192.168.1.2

B. 192.168.2.1

C. 192.168.1.1

D. 192.168.2.2

Q.3) The IP address of a PC is 192.168.1.2 /24 and the default gateway configured on the TCP/IP adapter setting on the PC is 192.168.1.1, which is the routers IP address for the network. If a user on the PC pings the website, www.tcpipguru.com, what would be the destination IP address of the IP packet carrying the icmp (ping) data send from the PC.

A. 192.168.1.1

B. www.tcpipguru.com

C. The IP address of www.tcpipguru.com

D. The routers default gateways IP address

Q.4) A PC is connected to a switch, which is connected to a router. The management IP address of the switch is 192.168.1.3/24. The IP address of the PC is 192.168.1.2/24 and that of the routers interface is 192.168.1.1 /24. The default gateway of the router is 192.168.2.1 /24, which is used for internet access. What should be the default gateway on the PC , if it has to access the internet.

A. 192.168.2.1

B. 192.168.1.1

C. 192.168.1.3

D. Default gateway is not required for internet access

Q.5) A router is required for communication between two PC's with IP address 192.168.1.63/26 and 192.168.1.65/26 respectively.

A. True

B. False

Q.6) What would a router do if it receives an IP packet with TTL value as 1

A. The router would forward the packet to the appropriate destination.

B. The router would decrement the TTL value and then forward the packet.

C. The router would drop the packet.

D. The next hop for the router would drop the packet.

Q.7) Which of the following fields would be included in a class full routing protocol update packet.

A. Subnet Mask

B. Default Subnet Mask

C. Default gateway

D. None of the above

Q.8) A PC is connected to a switch, which is connected to a router. The router is connected to the internet and has the default gateway configured on it. The PC does not have a default gateway configured on it's TCP/IP adapter settings. Will the PC be able to access the internet.

A. Yes

B. No

Q.9) A router has two directly connected networks - 192.168.1.0/24 and 192/168.2.0/24. What should be configured on the router for enabling communication between the networks.

A. Static routes

B. Any dynamic routing protocol

C. Since the networks are directly connected, additional configuration is not required.

D. None of the above

Q.10) How many routing entries would be available on a routers routing table which has two interfaces configured with IP addresses 192.168.1.1/24 and 192.168.2.1/24 respectively.

A. None

B. 1

C. 2

D. 3

Q.11) The IP address of a PC is 192.168.1.2/24 and the default gateway is 192.168.1.1. Which of the following actions would result in the request to be send to the default gateway.

A. ping www.tcpipguru.com (Your Answer)

B. http://www.tcpipguru.com (On the browser)

C. ping 192.168.2.3

D. All of the above (Correct Answer)

Q.12) How do routers derive network address for directly connected interfaces.

A. The network address has to be manually configured.

B. The network address is derived from the IP address and subnet mask configured on the interface

C. The network address is derived from the IP address configured on the interface.

D. A network address is not required for directly connected interfaces.

Q.13) A PC does not have default gateway configured on it's TCP/IP adapter. Which of the following route entries would be unavailable in its routing table

A. Default route

B. PC does not have routing table

C. Static route

D. Directly connected route

Q.14) Two routers are directly connected. What should be used so that the routing table on the routers are exchanged with each other.

A. This is not possible

B. Dynamic routing protocols should be configured on both the routers

C. The routing table information should be manually configured on both the routers

D. Routing tables would be exchanged since the routers are directly connected.

Q.15) A PC is configured with an IP address 192.168.1.2 and subnet mask 255.255.255.0. The default gateway on the TCP/IP adapter settings of the PC is not configured. The default gateway, which is the router, is configured with an IP address of 192.168.1.1 and subnet mask 255.255.255.0. What would happen if a user on the PC issues the command ping 192.168.1.1.

A. A response would be received from the router on the PC.

B. The packet would be dropped on the PC

C. The packet would be dropped on the router

D. The router would receive the packet , but a response would not be received by the PC.

Vlan Design:

Q.1) How many untagged VLAN's can a switch port be a member of

A. 1

B. unlimited

C. 4096

D. Dependent on the capacity of the switch

Q.2) On a switch , port 1 and port 2 are configured as members of vlan 2 and vlan 3 respectively. Which of the following is true

A. Broadcast traffic initiated on port 1 will not be available on port 2

B. Unicast traffic initiated on port 1 will be available on port 2

C. Broadcast traffic initiated on port 1 will be available on port 2 if a router is configured.

D. All of the above

Q.3) Which of the following would be unavailable in a 802.1q tagged frame

A. source mac-address

B. destination mac-address

C. 802.1q tag

D. None of the above

Q.4) Which of the following are true

A. VLAN's needs to be configured with IP addresses

B. VLANs need not have an IP address

C. VLAN's does not allow broadcast traffic from one VLAN to another (Missed)

D. VLAN's can be configure on Hubs

Q.5) PC1 and PC2 are connected to port 1 and port 2 of a switch. Port 1 and Port 2 are members of VLAN 1 and VLAN 2 respectively. A router is also configured, with VLAN 1 IP address as 192.168.1.1/24 and VLAN 2 IP address as 192.168.2.1/24 and connected to the switch with trunking enabled. What should be the default gateway on PC1 for it to access PC2.

A. 192.168.2.1

B. 192.168.1.1

C. A default gateway need not be explicitly configured since a router is available

D. Management IP address of vlan 1

Q.6) Which of the following features can be used to restrict communication between VLAN's

A. Access list

B. mac-based authentication

C. Web-based authentication

D. port-security

Q.7) What additional device is required for communication between two PC's on same VLAN

A. Router

B. Layer 3 switch

C. Default gateway

D. No additional device is required

Q.8) How many VLAN's can be configured on a switch

A. 4096

B. 2048

C. Number of ports on the switch = Number of VLAN's

D. Based on the switch design

Q.9) An IP address is required for TCP communication between two computers residing on the same VLAN.

A. True

B. False

Q.10) Which feature can be used to carry all VLAN traffic on one link from a switch to a router

A. trunking

B. pruning

C. LACP

D. None of the above

Python/Networking/Security/Virtualization Fundamentals

Pages

Friday, December 21, 2012

Networking Questions - Part II

No comments:

Post a Comment