If the source and destination hosts are associated with the same port on the switch, frame is dropped.

If the destination is in the switch CAM table, then forward only to the associated port.

If destination is not known, broadcast (flood) on all ports except the originating one.

In STP, how is the root bridge elected?

What are its characteristics?

Switch with lowest Bridge ID is root,

where Bridge ID = [ Admin Priority | MAC ]

All ports are in forwarding state.

What are the port states in STP?

What are their characteristics?

What are the characteristics and purpose of:

BPDU Guard

BPDU Filter

Root Guard

Loop Guard

BPDU Guard - Prevents devices on portfast ports from hijacking as STP root (DoS). Places ports in err-disabled state if detects BPDUs.

BPDU Filter - Prevents sending BPDUs to portfast ports (reconnaisance attack).

Root Guard - Enforces root; puts desginated port in root-inconsistent state if superior BPDU is seen.

Loop Guard - Places root/alt ports in inconsistent state if no BPDU traffic seen.

1. A --> B : FIN_ACK [seq(A), ack(B+1)]

2. B --> A : ACK [seq(B),ack(A+1)]

3.   ...waits...

4. B --> A : FIN_ACK [seq(B),ack(A+1)]

5. A --> B : ACK [seq(A), (B+1)]

Identify the port & transport type:

FTP

DHCP

DNS

HTTP/HTTPS

NTP

SMTP

Syslog

TFTP

FTP : TCP 20, 21

SMTP : TCP 25

DNS : TCP / UDP 53
DHCP : UDP 67, 68

TFTP : UDP 69

HTTP/HTTPS : TCP 80/443

NTP : UDP 123

Syslog: TCP/UDP 124

What are the characteristics of the following TCP services:

ARP

RARP

Inverse ARP

Gratuitous ARP

ARP - MAC address resolution when IP is known

Reverse ARP - requests IP for specific MAC during bootup; replaced by DHCP

Inverse ARP - resolve the remote side DLCI in frame relay

Gratuitous ARP - broadcast updates of new MAC address/MAC address after change of device

What criteria is used to determine which route is placed in the routing table given multiple routes to the same destination?

1. If learned from different routing protocols: use route with lowest administrative distance

2. If learned from same routing protocol: use route with lowest metric/cost

3. If all else above the same, use route with the longest prefix match

What are the administrative distances for the following routing protocols and which is preferred?

Connected

EIGRP (internal/external)

IGRP

OSPF

RIP

Static (not configured)

Lowest AD is preferred

Connected - 0

Static (default) - 1

EIGRP (internal) - 90

IGRP = 100

OSPF - 110

 RIP - 120

 EIGRP (external) - 170

RIP: classful, broadcast

RIPv2: classless, multicast to 224.0.0.9, supports authentication for sessions and equal-cost load balancing

What are the characteristics of RIP

(name, type, transport, security)

Routing Information Protocol

classful, distance vector routing protocol

UDP port 520

no security

What are the characteristics of OSPF?

(type, algorithm, dstIP, security)

Link state routing protocol.

Calculates best path using Shortest Path First (SPF) or Djikstra's algorithm

Updates multicast to AllSPFRouters=224.0.0.5 or ALLDRouters=224.0.0.6

Auth, 3 modes: null (default), plain text, MD5

Area 0

All other areas must be connected to it.

What is the purpose of a designated router in an OSPF network?

What is the process for electing a desginated router and backup DR?

Conserve bandwidth by having all other routers (more than one) communicate with the DR instead of each other in full mesh

Router with highest priority on the segment becomes DR (and second highest becomes BDR).

If tie, router with the highest router ID becomes DR

What are the characteristics of EIGRP?

(type, algorithm, security)

Classless, Hybrid protocol (between distance vector and link state)

Cisco proprietary

Uses DUAL Algorithm for faster convergence

Authentication - same as RIPv2 (key chain, md5)

What are the characteristics of BGP?

(transport, routing protocol type, routing method, security)

TCP port 179

Path vector protocol.

Maintains table of info about all probable paths to destination. Best path is imported into routing table

MD5 authentication available.

What are the characteristics/purpose of BGP:

Route Reflectors

Confederations?

Both are used to work around the requirement for full mesh in iBGP topology, improving scalability

Route Reflectors - Multiple BGP routers ("clients") peer with one RR server (similar to OSPF DR)

Confederation - subdivide AS into multiple internal sub-AS; still advertises single AS to external peers.

What are the characteristics of IGRP?

(name, type, security)

Interior Gateway Routing Protocol

classful, distance vector routing protocol

no security/auth

What are the characteristics of multicast addresses?

What are the special addresses used to send messages/updates to subsets of hosts.

Class D addresses

224.0.0.0 to 239.255.255.255

all hosts: 224.0.0.1

all multicast routers on subnet: 224.0.0.2

What are is the:

first octet range

high order bits

(default subnet mask)

for:

Class A, B, C, D, E IP addresses?

class / first octet range / high order bits / (mask)

A: 1-126 (127 bcst) / 0 / 255.0.0.0

B: 128-190 (191 bcst) / 10 / 255.255.0.0

C: 192-222 (223 bcst) / 110 / 255.255.255.0

D: 224-239 / 1110

E: 240-255 / 1111

Class A: 10.0.0.0 / 8

Class B: 172.[16-31].0.0 (172.16.0.0 /10)

Class C: 192.168.0.0 / 16

RFC 1918

Multiple keys (Key Identifier) can be associated with same interface.

New key set to start on all devices before the old key lifetime expires. During overlap time, devices will process messages using either key.

Thus smooth transition is possible.

What do the following NAT related RFC's cover?

1631

2663

3235

RFC 1631 - Basics of NAT and routing

RFC 2663 - Definitions of the various type of NAT (NAPT, PAT, etc); mechanisms and effects on other protocols (tunnels, DNS, FTP, etc)

RFC 3235 - Recommendations for new protocols to take into account regarding NAT; Limitations of NAT and failures when working with other protocols