Term
| What useful functions for leased line WAN connections does Point to Point Protocol (PPP) provide? |
|
Definition
[image] The definition of a header and trailer that permits frame delivery over the link
[image] Support for synchronous and asynchronous WAN links
[image] A Type field that permits many protocols to pass over the link
[image] Authentication protocols; specifically, a clear-text PAP for low-security environments and CHAP for more robust security
[image] Control protocols for each higher-level protocol |
|
|
Term
| What are the two control Protocols for PPP ? |
|
Definition
Link Control Protocol (LCP): This control protocol focuses on the link itself and ignores Layer 3 protocols sent across the link
Network Control Protocol (NCP): This category of protocols functions in conjunction with a specific Layer 3 protocol sent across the link |
|
|
Term
| What are the command for Configuring PPP with CHAP? |
|
Definition
R1(config)#username R2 password cisco
R1(config)#interface serial2/0
R1(config-if)#encapsulation ppp
R1(config-if)#ppp authentication chap
R1(config-if)#end |
|
|
Term
What are the significance of the username and password in PPP?
|
|
Definition
-The username commands are entries for the opposite router.
-And The password must match on each device. |
|
|
Term
What command is used to verify PPP config?
|
|
Definition
R1#show ip interface brief
R1#show interface serial2/0 |
|
|
Term
| What are the commands to Configure Multilink PPP? |
|
Definition
R1(config)#interface multilink 1
R1(config-if)#encapsulation ppp
R1(config-if)#ppp multilink
R1(config-if)#ip address 10.1.1.1 255.255.255.0
R1(config-if)#ppp multilink group 1
R1(config-if)#exit |
|
|
Term
| PPPoE combines two widely accepted standards, Ethernet and PPP, What are some if its capabilities? |
|
Definition
PPPoE provides a standard method of employing the authentication methods of the Point-to-Point Protocol (PPP) over an Ethernet network.
PPPoE allows authenticated assignment of IP addresses.
Often, PPPoE client and server are interconnected by Layer 2 bridging protocols running over a DSL or other broadband connection.
|
|
|
Term
| PPPoE is composed of which two main phases? |
|
Definition
Active Discovery Phase—In this phase, the PPPoE client locates a PPPoE server, called an access concentrator. During this phase, a Session ID is assigned, and the PPPoE layer is established.
PPP Session Phase—In this phase, PPP options are negotiated and authentication is performed. When the link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred over the PPP link within PPPoE headers. |
|
|
Term
| WHat are some of the attributes of PPPoE? |
|
Definition
- At system initialization, the PPPoE client establishes a session with the access concentrator by exchanging a series of packets.
- After the session is established, a PPP link is set up, which includes authentication using Password Authentication Protocol (PAP).
- When the PPP session is established, each packet is encapsulated in the PPPoE and PPP headers.
|
|
|
Term
| How to configure The PPPoE Client |
|
Definition
interface dialer 2
R1(config-if)#ip address negotiated
R1(config-if)#mtu 1492
R1(config-if)#encapsulation ppp
R1(config-if)#ppp chap hostname JohnS
R1(config-if)#ppp chap password cisco
R1(config-if)#dialer pool 1
R1(config-if)#interface fa0/0
R1(config-if)#no ip address
R1(config-if)#pppoe-client dial-pool-number 1
R1(config-if)#pppoe enable
R1(config-if)#no shutdown
R1(config-if)#end |
|
|
Term
| What is Generic Routing Encapsulation (GRE)? |
|
Definition
- one method of creating tunnels through your network
- GRE creates an additional header used by GRE to perform tunneling.
- uses a new IP header that encapsulates the original packet
- GRE does not provide any encryption type services.
- If security is required, this can be added using IPsec (for example).
|
|
|
Term
|
Definition
interface tunnel 0
R1(config-if)#ip address 172.16.1.1 255.255.255.0
R1(config-if)#tunnel mode gre ip
R1(config-if)#tunnel source serial2/0
R1(config-if)#tunnel destination 10.1.1.2
R1(config)#router ospf 1
R1(config-router)#network 172.16.1.0 0.0.0.255 area 0
R1(config-router)#end |
|
|
Term
How do you verify a GRE config? |
|
Definition
R2#show ip interface brief
R2#show ip ospf neighbor |
|
|
Term
| What are the rules that exist to ensure a healthy tunnel interface? |
|
Definition
- The tunnel source reference to a local source interface requires that the interface have an IP address and be in the up/up state
- Referencing a local IP address for your tunnel source requires that the IP address exist on the router and the associated interface be in the up/up state
- If you reference the tunnel destination using an IP address, the router must have a matching route to that destination IP address
- If you reference the destination as a hostname, this hostname must be resolvable by the local device
- %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing error
|
|
|
Term
| What does %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing indicate? |
|
Definition
- The error message means that the GRE tunnel router has discovered a recursive routing problem.
- This condition is usually due to one of these causes: 1—a misconfiguration that causes the router to try to route to the tunnel destination address using the tunnel interface itself (recursive routing)2—a temporary instability caused by route flapping elsewhere in the network
|
|
|
Term
| There are many possible topologies in the WAN |
|
Definition
Point-to-point: This simple WAN topology connects two devices over a single connection.
Hub-and-spoke: This WAN topology features a central hub device (typically at a network HQ for example) that makes WAN connections out to branch offices (the spokes).
Full-mesh: This WAN topology is the most expensive and complex to maintain since this topology has all devices making connections to all other devices; although it can be complex and expensive, notice it provides excellent redundancy of WAN paths through the network.
Single-vs dual-homed: These WAN topologies refer to making a connection to multiple ISPs versus a single ISP; a dual-homed configuration is very powerful since it means that an ISP can completely fail to be able to route traffic for the customer, but that customer can dynamically fail over to the surviving ISP. |
|
|
Term
Name at least four key characteristics of UDP |
|
Definition
UDP is connectionless.
UDP has very little overhead.
UDP is often used for voice and video traffic forms.
UDP can multiplex using port numbers to work with multiple applications. |
|
|
Term
Name at least four key characteristics of TCP |
|
Definition
TCP is connection-oriented.
TCP has more overhead than UDP.
TCP uses features like flow control, sequencing and
acknowledgements to ensure reliable and ordered
delivery of segments.
TCP can multiplex using port numbers to work with multiple applications. |
|
|
Term
list of examples of protocol identifiers from the IP header |
|
Definition
1—ICMP
6—TCP
17—UDP
88—EIGRP
89—OSPF
50-ESP
47-GRE |
|
|
Term
TCP is known for the following
|
|
Definition
Error recovery
[image] Flow control using windowing
[image] Connection establishment and termination
[image] Ordered data transfer
[image] Data segmentation |
|
|
Term
|
Definition
[image] Layer 2 switching
[image] Port security
[image] QoS classification and marking and trust boundaries
[image] Address Resolution Protocol (ARP) inspection
[image] Virtual access control lists (VACLs)
[image] Spanning tree
[image] Power over Ethernet (PoE) and auxiliary VLANs for VoIP |
|
|
Term
|
Definition
[image] Aggregation of LAN or WAN links
[image] Policy-based security in the form of access control lists (ACLs) and filtering
[image] Routing services between LANs and VLANs and between routing domains
[image] Redundancy and load balancing
[image] A boundary for route aggregation and summarization configured on interfaces toward the core layer
[image] Broadcast domain control |
|
|
Term
|
Definition
[image] Providing high-speed switching
[image] Providing reliability and fault tolerance |
|
|
Term
troubleshooting methodology
|
|
Definition
Problem isolation
Determining at what layer of the OSI model and on what devices and links the problem may exist
Documentation: It is critical to document the processes you use and the information you find
Resolve: This is, of course, your ultimate goal; you find the root cause of the problem after your problem isolation process, you document what has happened, and then you fix the root cause of the problem
Escalate: Should you not be able to fix the issue, there should be a written escalation process in your organization; this might involve even communicating to a third party that your company partners with in order to fix the issue.
Verify and monitor: Many times it might take time to carefully verify and monitor your solution to ensure the issue(s) are truly resolved; this text provides very important guidance on exact verification and monitoring procedures for various specific technologies.
|
|
|
Term
| Troubleshooting approaches |
|
Definition
- Bottom-up troubleshooting approach.
- Top-down approach
- Divide-and-conquer approach
|
|
|
Term
Infrastructure Management: Network Programmability
The creation of a routing table is an example of what plane of operation on a Cisco device? |
|
Definition
|
|
Term
Network Programmability
REST is an excellent example of what in SDN? |
|
Definition
|
|
Term
Network programmability
What is the job of the Control Plane? |
|
Definition
on a Router It builds these things. Routing protocols, such as OSPF, help to create a routing table.
On a switch, it builds a nice MAC address table
It is the raw forwarding mechanics of the devices |
|
|
Term
| Moving frames or packets from one interface to the next based on the information from the Control Plane is the job of the __________? |
|
Definition
| Data Plane (sometimes called the Forwarding Plane). |
|
|
Term
| What is Cisco's version of SDN? |
|
Definition
ACI
Application Centric Infrastructure (ACI)
in SDN where you take the Control Plane intelligence needed and centrally locate it in a device called the controller. |
|
|
Term
| What is the Function of a Controller? |
|
Definition
in SDN where you take the Control Plane intelligence needed and centrally locate it in a device called the controller.
This device can then handle (very efficiently) all the Control Plane items while the other networking devices just handle the Data Plane tasks |
|
|
Term
|
Definition
| It is a key component is the (controller)called the Application Policy Infrastructure Controller—Enterprise Module |
|
|
Term
What are API's?
(application programming interfaces). |
|
Definition
These are basically standardized languages for communications between devices.
Cisco likes to use REST-based APIs. This allows the fancy discovery and control of the network elements using the HTTPS protocol.
|
|
|
Term
| What's the difference between a Northbound and Southbound API? |
|
Definition
Northbound used for communication between the controller and Network Application thru REST-based APIs
Southbound is aided by a service abstraction layer in order to control the devices. Cisco likes to keep it simple—they use the (CLI) and (SNMP). It is between the SAL and the Data Plane devices |
|
|
Term
| What is the default status of monitor and buffer logging? |
|
Definition
|
|
Term
| What version of SNMP provides robust security mechanisms? |
|
Definition
|
|
Term
| What is the command to configure the timestamp information in your syslog messages? |
|
Definition
|
|
Term
| What are three forms of logging that are enabled by default? |
|
Definition
Console logging
Monitor logging
Buffer logging |
|
|
Term
|
Definition
Alert
(Immediate action required) |
|
|
Term
|
Definition
Emergency
(system unusable) |
|
|
Term
|
Definition
Critical
(Critical Event) |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Debug
(Requested by user) |
|
|
Term
| What does logging console 6 state? |
|
Definition
| Console syslog messages are limited to levels 6 through 0. |
|
|
Term
| What does logging buffered 4 state? |
|
Definition
| Buffer syslog messages are limited to levels 4 through 0. |
|
|
Term
| What does logging monitor warning state? |
|
Definition
| Monitor syslog messages are limited to levels 4 through 0; note that you can use the keyword or level number. |
|
|
Term
What does the following command do,
logging host 10.1.1.3? |
|
Definition
| Sends syslog messages to a recipient network device for storage; this device is located at 10.1.1.3. |
|
|
Term
| What does Cisco IOS IP service-level agreements (SLAs) do? |
|
Definition
| Allows administrators to analyze IP service levels by performing active traffic monitoring, as a way of measuring and verifying network performance |
|
|
Term
| What command do you use to schedule an IP SLA test? |
|
Definition
|
|
Term
| what command is used to Monitor the IP SLA Test |
|
Definition
| R1#show ip sla statistics 6 |
|
|
Term
| What command do you use to create an ICMP-based SLA test? |
|
Definition
|
|
Term
|
Definition
| Displays a table of LLDP neighbors |
|
|
Term
| What is Link Layer Discovery Protocol (LLDP)? |
|
Definition
| It is an open standard protocol that provides similar functionality to the proprietary Cisco Discovery Protocol (CDP) |
|
|
Term
|
Definition
| Obtains detailed information about a specific neighbor, including IP information |
|
|
Term
|
Definition
| Enables LLDP globally on the router |
|
|
Term
| lldp transmit and lldp receive |
|
Definition
| Interface-level commands for controlling the sending and receiving of LLDP information |
|
|
Term
|
Definition
| Allows you to view the license state on your device; information shown includes the type of license and the time period left. |
|
|
Term
|
Definition
| Allows you to see the specific features you might be permitted to use and whether they are enabled. |
|
|
Term
|
Definition
| Provides information about the license in use on the device. |
|
|
Term
|
Definition
| Allows you to install a license on a Cisco device. |
|
|
Term
| What license verification command can be used for verifying the status of certain features? |
|
Definition
|
|
Term
| What command stops the console line timing out after inactivity? |
|
Definition
| no exec-timeout or exec-timeout 0 0 |
|
|
Term
| What is the purpose of the line console 0? |
|
Definition
| this mode allows you to apply important parameters for the console connection to the device |
|
|
Term
| What is logging synchronous ? |
|
Definition
| this line-configuration command ensures that console messages do not interrupt your entry of commands at the command-line interface. |
|
|
Term
|
Definition
| although in actual production you would want your console port to time out when inactive, in a lab environment |
|
|
Term
| Steps in the password recovery process |
|
Definition
1. Boot the device into ROMMON mode; this is accomplished with a break key during boot or the removal of flash memory.
2. The configuration register of the device is then set to ignore the startup-config file (a common configuration register setting for this is 0x2142); a sample ROMMON command for this is confreg 0x2142
3. Reboot the router
4. Enter privileged mode.
5. issue the command copy startup-config running-config.
6. Change the enable secret password
7. Set the configuration register back with config-reg 0x2102.
8. Copy the running-config to the startup-config with copy running-config startup-config. |
|
|
Term
| Secure Copy Protocol (SCP) |
|
Definition
is a secure method of moving configuration files or IOS images through the network.
SCP uses Secure Shell (SSH) for data transfer and uses authentication and encryption. This ensures the authenticity and confidentiality of the information in transit. SCP runs over TCP port 22 by default. |
|
|
Term
|
Definition
| Technically, when you use this feature, you ensure the integrity of the image. Integrity checks verify the original image is the image you acquired. |
|
|
Term
| What does the archive command do? |
|
Definition
| It provides you with the ability to automate the archiving of configuration files on set intervals. |
|
|
Term
| configure replace command |
|
Definition
command that allows the enactment of a new running-config without a reload of the device.
Note: this could work well when used in conjunction with the archive command to restore a previous version of the device’s configuration. |
|
|
Term
|
Definition
| This layer controls the reliability of communications through flow control mechanisms |
|
|
Term
| What are the TCP three-way handshakes |
|
Definition
1. SYN: The client sends a SYN to the server.
2. SYN-ACK: In response, the server replies with a SYN-ACK.
3. ACK: Finally, the client sends an ACK back to the server. |
|
|
Term
| Name at least four key characteristics of UDP. |
|
Definition
UDP is connectionless.
UDP has very little overhead.
UDP is often used for voice and video traffic forms.
UDP can multiplex using port numbers to work with multiple applications. |
|
|
Term
| Name at least four key characteristics of TCP. |
|
Definition
TCP is connection-oriented.
TCP has more overhead than UDP.
TCP uses features like flow control, sequencing and acknowledgements to ensure reliable and ordered delivery of segments.
TCP can multiplex using port numbers to work with multiple applications. |
|
|
Term
| Here is a list of examples of protocol identifiers from the IP header |
|
Definition
1—ICMP
6—TCP
17—UDP
88—EIGRP
89—OSPF |
|
|
Term
| Applications That Rely on TCP versus UDP |
|
Definition
| TCP and UDP can both multiplex using port numbers to work with multiple applications. For example, DHCP uses UDP ports 67 and 68, RIP uses UDP port 520, and HTTP uses TCP port 80. |
|
|
Term
| TCP we have the following? |
|
Definition
Error recovery
Flow control using windowing
Connection establishment and termination
Ordered data transfer
Data segmentation |
|
|
Term
|
Definition
This layer provides workgroup/user access to the network; as a result, this layer is sometimes called the workstation layer.
Layer 2 switching
Port security
QoS classification and marking and trust boundaries
Address Resolution Protocol (ARP) inspection
Virtual access control lists (VACLs)
Spanning tree
Power over Ethernet (PoE) and auxiliary VLANs for VoIP |
|
|
Term
|
Definition
The layer provides policy-based connectivity and controls the boundary between the access and core layers.
Aggregation of LAN or WAN links
Policy-based security in the form of access control lists (ACLs) and filtering
Routing services between LANs and VLANs and between routing domains
Redundancy and load balancing
A boundary for route aggregation and summarization configured on interfaces toward the core layer |
|
|
Term
|
Definition
| This layer provides fast transport between distribution switches within the enterprise campus; this is sometimes called the backbone layer. |
|
|
Term
|
Definition
| The number of hours, minutes, and seconds since the interface was last reset because of a transmission that took too long. |
|
|
Term
|
Definition
| The number of frames dropped on the input interface. Typically, this is a result of congestion on the interface. |
|
|
Term
|
Definition
| The number of frames dropped on the output interf |
|
|
Term
|
Definition
| The number of input packets dropped because of no available buffers. |
|
|
Term
|
Definition
| The number of times the local interface requested another local interface within the switch to slow down. |
|
|
Term
|
Definition
| The total of no buffer, runts, giants, CRCs, frame, overrun, ignored, and aborts errors |
|
|
Term
|
Definition
| The Cyclic Redundancy Check failed on an input packet. This is made possible to detect thanks to the Frame Check Sequence on frame formats. |
|
|
Term
|
Definition
| The number of frames received that did not end on an eight-bit byte boundary |
|
|
Term
|
Definition
| The number of times the receiver hardware was unable to transfer received data to a hardware buffer because the input rate exceeded the receiver’s ability to process the data. |
|
|
Term
|
Definition
| The frames dropped because the interface hardware buffers ran low on internal buffers. |
|
|
Term
|
Definition
| An illegal sequence of 1 bits was detected in a frame received. |
|
|
Term
| Dribble Condition Detected: |
|
Definition
| A dribble bit error indicates that a frame is slightly too long. The frame is still accepted in this case. |
|
|
Term
|
Definition
| The number of times the sender has been running faster than the switch can handle. |
|
|
Term
|
Definition
| The number of times the interface had a reset. This is normally the result of missed keepalives from a neighboring device. |
|
|
Term
|
Definition
| Misaligned reads and writes. |
|
|
Term
|
Definition
| The number of frames transmitted greater than 1518 bytes in size. |
|
|
Term
|
Definition
| A collision that occurs after the interface has started transmitting the frame. |
|
|
Term
|
Definition
| The number of frames that were transmitted successfully after waiting because the media was busy. |
|
|
Term
|
Definition
| The number of times the carrier was lost during transmission. |
|
|
Term
|
Definition
| The number of times the carrier was not present during the transmission. |
|
|
Term
|
Definition
| The number of times a frame was not output from the output hold queue because of a shortage of shared memory. |
|
|
Term
Output Buffers Swapped Out:
|
|
Definition
| The number of frames stored in main memory when the output queue is full. |
|
|
Term
| Tag protocol identifier (TPID): |
|
Definition
| A 16-bit field set to a value of 0x8100 in order to identify the frame as an IEEE 802.1Q-tagged frame. |
|
|
Term
Tag control information (TCI): consists of the following:
|
|
Definition
[image]Priority code point (PCP): A three-bit field that refers to the IEEE 802.1p class of service and maps to the frame priority level.
[image] Drop eligible indicator (DEI): A one-bit field that may be used separately or in conjunction with PCP to indicate frames eligible to be dropped in the presence of congestion.
[image] VLAN identifier (VID): A 12-bit field specifying the VLAN to which the frame belongs. |
|
|
Term
|
Definition
- Switches use STP Bridge Protocol Data Units (BPDUs) to carry their bridge ID information. The device with the lowest bridge ID becomes the root bridge.
- The bridge ID is an eight-byte value that is unique for each switch.
- The bridge identifier(ID) consists of two parts, a two-byte priority value and a six-byte system ID. The six-byte system ID is based on the built-in MAC address for the switch.
|
|
|
Term
Why was Rapid Spanning-Tree Protocol (RSTP) invented?
|
|
Definition
| To improve convergence time |
|
|
Term
| What optional STP feature permits ports to quickly transition from blocking to forwarding? |
|
Definition
|
|
Term
| What optional STP feature is a protection mechanism against switch loops and is triggered by seeing a BPDU? |
|
Definition
|
|
Term
| What are three options for the EtherChannel configuration? |
|
Definition
|
|
Term
| Using PAgP to Form a Layer 2 EtherChannel |
|
Definition
a Layer 2 EtherChannel using the built-in and default dynamic method of using the Port Aggregation Protocol (PAgP)
Note: There are two settings possible here—auto and desirable
channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2
|
|
|
Term
| create a Layer 2 EtherChannel using LACP for automatic negotiation |
|
Definition
Note: This mode uses Active or Passive settings
DISTSW1(config-if-range)#shutdown
DISTSW1(config-if-range)#channel-group 3 mode active
show etherchannel 3 summary |
|
|
Term
| Configuring a Layer 3 EtherChannel is also simple |
|
Definition
Note: how we create the port-channel interface first and assign it an IP address.
interface port-channel 1
DISTSW1(config-if)#no switchport
DISTSW1(config-if)#ip address 10.10.10.1 255.255.255.0
DISTSW1(config-if)#exit
interface range gi0/1 , gi0/3
DISTSW1(config-if-range)#no switchport
DISTSW1(config-if-range)#shutdown
DISTSW1(config-if-range)#channel-group 1 mode on
DISTSW1(config-if-range)#no shutdown
|
|
|
