Term
| What are the three (four) basic WAN connection types? |
|
Definition
|
leased line circuit switched packet switched (cell-switched)
|
|
|
Term
What are the characteristics of a leased line WAN connection? (Include pros /cons) |
|
Definition
|
WAN connection for exclusive use of a customer. Uses synchronous serial interfaces Pros: Total control over traffic on circuit, easy to configure, best reliability Cons: Expensive over long distance
|
|
|
Term
What are the characteristics of a circuit-switched WAN connection? |
|
Definition
|
both modems connected to asynchronous interfaces and ISDN technologies circuit established using a telephone company
|
|
|
Term
| What are the characteristics of a packet-switched WAN connection? |
|
Definition
|
synchronous serial interfaces, but a virtual circuit is established on them between two or more sites. technologies include frame-relay, ATM, X.25 alternative to leased line with less cost
|
|
|
Term
What WAN encapsulations are supported on leased lines and circuit-switched connections? |
|
Definition
|
|
Term
| What WAN encapsulations are supported on a packet-switched connection? |
|
Definition
|
|
Term
What WAN connections are the following encapsulations supported on? ATM Frame Relay HDLC PPP SLIP X.25 |
|
Definition
|
ATM: Packet switched Frame Relay: Packet switched HDLC: Leased line/circuit switched PPP: Leased line/circuit switched SLIP: Leased line/circuit switched X.25: Packet switched
|
|
|
Term
What are the 3 major WAN protocols? And which is the default encapsulation on serial interfaces of Cisco devices? |
|
Definition
|
Frame Relay, PPP, HDLC Cisco HDLC is default
|
|
|
Term
| What does PPP stand for and what kind of links is it used on? |
|
Definition
|
Point-to-point protocol encapsulates network layer protocols over point-to-point links used over asynchronous, synchronous, or ISDN links
|
|
|
Term
| What are the sublayers of PPP and what do they do? |
|
Definition
|
NCP: Network Control Protocol - Responsible for supporting L3 protocols, encapsulate them into PPP LCP: Link Control Protocol - Establishes the WAN link and negotiating optional settings.
|
|
|
Term
| What are the optional settings for PPP? |
|
Definition
|
CCMA: Compression - Stacker and Predictor options Callback - used for centralized billing/security Multilink - bundle more than one link for BW Authentication - CHAP and PAP options
|
|
|
Term
| What does PAP stand for and how does it work? |
|
Definition
|
Password Authentication Protocol Two way authentication process where the username and password is sent followed by a response message indicating success or fail.
|
|
|
Term
| What does CHAP stand for and how does it work? |
|
Definition
|
Challenge Handshake Authentication Protocol Performs three-way handshake at the start of a connection and every two minutes. MD5 hash used to mask the password. 1. ----Challenge---> 2. <---Response---- 3. --Success/Fail-->
|
|
|
Term
| What are the steps for configuring authentication for PPP? |
|
Definition
|
1. Configure hostname and enable password/secret (used to authenticate to other routers) 2. Configure username and password list (for other routers to authenticate to) 3. Enable PPP encapsulation (encapsulation ppp)
4. Enable PAP or CHAP (ppp authentication pap/chap)
|
|
|
Term
| What are the two types of FR virtual circuits and what are their characteristics? |
|
Definition
|
PVC: Permanent Virtual Circuit - always connected, like a leased line SVC: Switched Virtual Circuit - established only when needed.
|
|
|
Term
| What does DLCI stand for and what is it for? |
|
Definition
|
Data-Link Connection Identifiers Maps IP with frame relay circuit ends (locally significant)
|
|
|
Term
| What does LMI stand for and what does it do? |
|
Definition
|
Local Management Interface status enquiry and reporting message to verify/report on the status of the PVC also used as a keepalive mechanism
|
|
|
Term
| What are the three possible states of a PVC? |
|
Definition
|
Active Inactive (problem with remote end) Deleted (problem between ends)
|
|
|
Term
| What are the three types of LMI that can be configured? |
|
Definition
|
|
Term
| For Frame Relay, what does CIR stand for and what is it? |
|
Definition
|
Commited Information Rate guaranteed rate at which a particular PVC is allowed to pass data at if there is no congestion, burst rate allowed to exceed CIR
|
|
|
Term
| How is congestion managed over Frame Relay? |
|
Definition
|
Any traffic above CIR is marked with a DE (Discard Eligible) bit, and dropped FECN (Forward Explicit Congestion Notification) bit set on frames to receiving destination and requests some traffic to be sent back. BECN bit set on returning frames to sender
|
|
|
Term
| What are the methods that Frame Relay can use to map L3 address to DLCI? |
|
Definition
|
static map command or inverse arp
|
|
|
Term
| What is the default setting for Frame Relay with regards to broadcast traffic? (What does NBMA stand for?) |
|
Definition
|
Frame Relay is by default Non-Broadcast Multi-Access
|
|
|
Term
| What are the possible solutions to the Split Horizon problem with point-to-multipoint Frame Relay connections? |
|
Definition
|
1. Disable split horizon (no ip split-horizon) 2. Use fully meshed topology 3. Use static routes instead of dynamic routing 4. Use point-to-point subinterfaces instead of point-to-multipoint interfaces
|
|
|
Term
| What are the three main show commands to verify a Frame Relay connection? |
|
Definition
|
show frame-relay lmi - shows LMI stats, eg. # of status inquiries sent/rec, which should be incrementing as keepalives show frame-relay pvc - gives status of PVC and if there is any BECN/FECN messages show frame-relay map - shows status of PVC and IP-DLCI mapping
|
|
|
Term
| What are the four major reasons for implementing VPN? |
|
Definition
|
1. cost saving - using existing connections to internet for WAN instead of adding dedicated lines 2. backup connection if primary goes down 3. security 4. telecommuting
|
|
|
Term
| What are the characteristics of IPsec VPNs versus SSL VPNs? |
|
Definition
|
IPSec usings secure TCP/IP traffic SSL VPNs use secure HTTP and only work with HTTP
|
|
|
Term
| What are the four main security benefits to IPsec VPNs? |
|
Definition
|
authentication of every packet verification of data integrity of every packet confidentiality of packet payload anti-replay protection to verify each packet is unique
|
|
|
Term
| What are the three main components to IPSec security? |
|
Definition
|
security protocols (AH, ESP) key management (ISAKMP, IKE, SKEME, Oakley) security algorithms (DES, AES, MD5, SHA-1)
|
|
|
Term
| What are common examples of DCE devices? |
|
Definition
|
|
Term
What is the requirement for multipoint frame relay router interfaces? ...For multiple point-to-point subinterfaces? |
|
Definition
|
Multipoint: must all be on same subnet to forward routing updates and broadcasts Point-to-Point: each subinterface connection on its own subnet
|
|
|
Term
| What command enables clocking when absent a DCE device? |
|
Definition
|
|
Term
| What is a cell-switched connection? |
|
Definition
|
Similar to packet switching except that cell size is constant (whereas frame size in packet-switching is variable)
|
|
|
Term
| Where are IP addresses located if using subinterfaces for frame relay? |
|
Definition
|
On subinterfaces only Removed from physical interface
|
|
|
Term
| What must be specified on subinterfaces configured for frame relay? |
|
Definition
|
point-to-point or multipoint (no defaults)
|
|
|
Term
| What's the command to statically map a frame relay link? |
|
Definition
|
On interface: frame-relay map ip [nexthop] [localDLCI] (broadcast) (broadcast keyword allows routing updates over PVC
|
|
|
Term
| What are the two frame relay encapsulations (and which is default)? |
|
Definition
|
|
