Term
| What does the CHAP authentication mechanism in PPP link do? |
|
Definition
a) Three way handshake
b)CHAP authentication periodically occurs after the link has been established.
{Point-to-Point Protocol (PPP) can use either Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP) for authentication. CHAP is used upon initial link establishment and periodically to make sure that the router is still communicating with the same host. CHAP passwords arc exchanged as message digest algorithm 5 (MD5) hash values.
The three-way handshake steps are as follows:
Challenge: The authenticator generates a frame called a Challenge and sends it to the initiator. This frame contains a simple text message (sometimes called the challenge text). The message has no inherent special meaning so it doesn’t matter if anyone intercepts it. The important thing is that after receipt of the Challenge both devices have the same challenge message.
Response: The initiator uses its password (or some other shared “secret” that the authenticators also knows) to encrypt the challenge text. It then sends the encrypted challenge text as a Response back to the authenticator.
Success or Failure: The authenticator performs the same encryption on the challenge text that the initiator did. If the authenticator gets the same result that the initiator sent it in the Response, the authenticator knows that the initiator had the right password when it did its encryption, so the authenticator sends back a Success message. Otherwise, it sends a Failure message.} |
|
|
Term
| status up/administratively down can mean? |
|
Definition
+ Keepalives mismatch
+ Encapsulation mismatch
+ Clocking problem |
|
|
Term
| Which command is used to enable CHAP authentication with PAP as the fallback method on a serial interface? |
|
Definition
(config-if)# ppp authentication chap pap
{The command “ppp authentication chap pap” command indicates the CHAP authentication is used first. If it fails or is rejected by other side then uses PAP instead. If you want to use PAP first (then CHAP) you can use the “ppp authentication pap chap” command.} |
|
|
Term
| Which Layer 2 protocol encapsulation type supports synchronous and asynchronous circuits and has built-in security mechanisms? |
|
Definition
PPP
{PPP supports both synchronous (like analog phone lines) and asynchronous circuits (such as ISDN or digital links). With synchronous circuits we need to use clock rate.
Note: Serial links can be synchronous or asynchronous. Asynchronous connections used to be only available on low-speed (<2MB) serial interfaces, but now, there are the new HWICs (High-Speed WAN Interface Cards) which also support asynchronous mode. To learn more about them please visit http://www.cisco.com/en/US/prod/collateral/modules/ps5949/ps6182/prod_qas0900aecd80274424.html.} |
|
|
Term
| At which layer of the OSI model does PPP perform? |
|
Definition
Layer 2
{Layer 2 includes the popular WAN standards, such as the Point-to-Point Protocol (PPP), High-Level Data-Link Control (HDLC) and Frame Relay protocols.} |
|
|
Term
| Which PPP subprotocol negotiates authentication options? |
|
Definition
LCP
Link Control Protocol (LCP) is a subprotocol within the Point-to-Point Protocol protocol suite that is responsible for link management. During establishment of a PPP communication session, LCP establishes the link, configures PPP options, and tests the quality of the line connection between the PPP client and PPP server. LCP automatically handles encapsulation format options and varies packet sizes over PPP communication links.
LCP also negotiates the type of authentication protocol used to establish the PPP session. Different authentication protocols are supported for satisfying the security needs of different environments.
Other subprotocol within PPP is Network Control Protocol (NCP), which is used to allow multiple Network layer protocols (routed protocols) to be used on a point-to-point connection. |
|
|
Term
| What are are valid WAN connectivity methods? |
|
Definition
|
|
Term
| What is Local Management Interface (LMI)? |
|
Definition
| It is a signaling standard protocol used between your router (DTE) and the first Frame Relay switch. From the output we learn this interface is sending and receiving LMI messages -> Frame Relay is being used. |
|
|
Term
| What is default serial interface encapsulation |
|
Definition
HDLC
(High Level Data Link control/Cisco Proprietary)
(When used the other end must use HDLC) |
|
|
Term
A network administrator needs to configure a serial link between the main office and a remote location. The router at the remote office is a non-Cisco router. How should the network administrator configure the serial interface of the main office router to make the connection?
A. Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# no shut
B. Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# encapsulation ppp
Main(config-if)# no shut
C. Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# encapsulation frame-relay
Main(config-if)# authentication chap
Main(config-if)# no shut
D. Main(config)# interface serial 0/0
Main(config-if)#ip address 172.16.1.1 255.255.255.252
Main(config-if)#encapsulation ietf
Main(config-if)# no shut |
|
Definition
B) Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# encapsulation ppp
Main(config-if)# no shut |
|
|
Term
| What can be done to Frame Relay to resolve split-horizon issues? |
|
Definition
A) Create a full-mesh topology
B) Configure point-to-point subinterfaces.
SPLIT HORIZON: A router never sends information about a route back in same direction which is original information came, routers keep track of where the information about a route came from. Means when router A sends update to router B about any failure network, router B does not send any update for same network to router A in same direction.
Therefore in order to resolve split-horizon issue, we can create a full-mesh topology (a network topology in which there is a direct link between all pairs of nodes) so that all the routers can learn all the routes advertised by the neighbors |
|
|
Term
| Which encapsulation type is a Frame Relay encapsulation type that is supported by Cisco routers? |
|
Definition
IETF
{Cisco supports two Frame Relay encapsulation types: the Cisco encapsulation and the IETF Frame Relay encapsulation, which is in conformance with RFC 1490 and RFC 2427. The former is often used to connect two Cisco routers while the latter is used to connect a Cisco router to a non-Cisco router. } |
|
|
Term
| What are two characteristics of Frame Relay point-to-point subinterfaces? |
|
Definition
A) They require a unique subnet within a routing domain.
B) They emulate leased lines. |
|
|
Term
| What is the result of issuing the frame-relay map ip 192.168.1.2 202 broadcast command? |
|
Definition
Defines the DLCI that is used for all packets that are sent to the 192.168.1.2 IP address.
{This command is described in detail at http://www.9tut.com/frame-relay-tutorial/2. If you don’t get this question please read it.} |
|
|
Term
| What does the frame-relay interface-dlci command configure? |
|
Definition
Local DLCI on the sub-interface
{When configuring on a point-to-point subinterface, the command frame-relay interface-dlci associates the selected point-to-point subinterface with a DLCI} |
|
|
Term
| What command is used to verify the DLCI destination address in a Frame Relay static configuration? |
|
Definition
|
|
Term
| We can see the IP address 172.16.3.1 is associated with the DLCI 100? |
|
Definition
All traffic exceeding the CIR is marked discard eligible.
{Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by the Frame Relay switch. Frames that are sent in excess of the CIR are marked as discard eligible (DE) which means they can be dropped if the congestion occurs within the Frame Relay network.
Note: In the Frame Relay frame format, there is a bit called Discard eligible (DE) bit that is used to identify frames that are first to be dropped when the CIR is exceeded.} |
|
|
Term
| What is the purpose of Inverse ARP? |
|
Definition
| To map a known DLCI to an IP address |
|
|
Term
| What is the advantage of using a multipoint interface instead of point-to-point subinterfaces when configuring a Frame Relay hub in a hub-and-spoke topology? |
|
Definition
IP addresses can be conserved if VLSM is not being used for subnetting.
{A main advantage of configuring Frame Relay multipoint compared to point-to-point subinterfaces is we can assign IP addresses on the same subnets/networks to the interfaces of Frame Relay switch, thus saving the subnets/networks you have.} |
|
|
Term
| Which command allows you to verify the encapsulation type (CISCO or IETF) for a frame relay link? |
|
Definition
|
|
Term
The command show frame-relay map gives the following output:
Serial 0 (up): ip 192.168.151.4 dlci 122, dynamic, broadcast, status defined, active
Which statements represent what is shown? |
|
Definition
A. 192.168.151.4 represents the IP address of the remote router
B. DLC1122 represents the local number used to connect to the remote address
C. Broadcast indicates that a dynamic routing protocol such as RIP v1 can send packets across this PVC |
|
|
Term
| The output of the show frame-relay pvc command shows ”PVC STATUS=INACTIVE”. What does this mean? |
|
Definition
The PVC is configured correctly on the local switch, but there is a problem on the remote end of the PVC.
{The PVC STATUS displays the status of the PVC. The DCE device creates and sends the report to the DTE devices. There are 4 statuses:
+ ACTIVE: the PVC is operational and can transmit data
+ INACTIVE: the connection from the local router to the switch is working, but the connection to the remote router is not available
+ DELETED: the PVC is not present and no LMI information is being received from the Frame Relay switch
+ STATIC: the Local Management Interface (LMI) mechanism on the interface is disabled (by using the “no keepalive” command). This status is rarely seen so it is ignored in some book} |
|
|
Term
| What two statistics appear in show frame-relay map output? |
|
Definition
A. The value of the local DLCI
B. The status of the PVC that is configured on the router |
|
|
Term
|
Definition
A. 02.1Q native VLAN frames are untagged by default
B. 802.1Q trunks can use 10 Mb/s Ethernet interfaces.
C. 802.1Q trunks should have native VLANs that are the same at both ends. |
|
|
