500 Cisco Interview Q

Most important 500 Cisco Technical interview questions
If you are a networking aspirant and looking to kick starts your high flying career in networking domain
then, here is a list of top Cisco interview questions. These questions will help you clear you in qualifying
your technical interviews.
The interview questions have been divided into 9 categories:
1. Basic interview questions
2. Osi model interview questions
3. Rip interview questions
4. Eigrp interview questions
5. Ospf interview questions
6. Stp interview questions
7. Vlan interview questions
8. Vtp interview questions
9. Wireless interview questions
Basic networking interview questions
1. Define network?
A network is a collection of computers, servers, mainframes, network devices, peripherals, or other

devices connected to one another allowing for data to be shared and used. A great example of a
network is the internet, connecting millions of people all over the world together.
2. What is a link?
The link is the physical and logical network component used to interconnect hosts or nodes in
the network and a link protocol is a suite of methods and standards that operate only between
adjacent network nodes of a local area network segment or a wide area network connection.
3. What is a node?
A node is a basic unit used in computer science. Nodes are devices or data points on a larger network.
Devices such as a personal computer, cell phone, or printer arenodes. When defining nodes on the
internet, a node is anything that has an ip address.
4. What is a gateway?
A gateway is a network point that acts as an entrance to another network. On the internet, a node or
stopping point can be either a gateway node or a host (end-point) node. Both the computers of internet
users and the computers that serve pages to users are host nodes.
5. What is point-point link?
In computer networking, point-to-point protocol (ppp) is a data link (layer 2) protocol used to establish a
direct connection between two nodes. It can provide connection authentication, transmission
encryption (using ecp, rfc 1968), and compression.
6. What is multiple access?
Multiple access is a radio transmission scheme that allows several earth stations to transmit in the same
time span. This provides the way to network these stations together, either in a star or a mesh network.
7. Whats the benefit of sub netting?
a- ability to secure your resources by placing them into separate

subnetworks
b- ability to organize your resources within a network
c- Speedup your network
8. What is bgp (border gateway protocol)?
Border gateway protocol (bgp) is a standardized exterior gateway protocol designed to exchange routing
and reachability information among autonomous systems (as) on the internet. The protocol is often
classified as a path vector protocol but is sometimes also classed as a distance-vector routing protocol.
9. What is gateway-to-gateway protocol?
The gateway-to-gateway protocol (ggp) is an obsolete protocol defined for routing datagrams between
internet gateways. The gateway-to-gateway protocolwas designed as an internet protocol (ip) datagram
service similar to the transmission control protocol (tcp) and the user datagram protocol (udp).
10. What is a multi-homed host?
A multihomed host is physically connected to multiple data links that can be on the same or different
networks. For example, a computer with a windows nt 4.0 server and multiple ip addresses can be
referred to as "multihomed" and may serve as an ip router.
11. What is ospf?

Open shortest path first (ospf) is a routing protocol for internet protocol (ip) networks. It uses a link
state routing (lsr) algorithm and falls into the group of interior routing protocols, operating within a
single autonomous system (as). It is defined as ospf version 2 in rfc 2328 (1998) for ipv4.
12. What is routing?
Routing is the process of selecting best paths in a network. [a] routing is performed for many kinds
of networks, including the public switched telephone network (circuit switching), electronic
data networks (such as the internet), and transportation networks.
13. What is a protocol?
The tcp/ip internet protocols, a common example, consist of: transmission control protocol (tcp), which
uses a set of rules to exchange messages with other internet points at the information packet
level. Internet protocol (ip), which uses a set of rules to send and receive messages at the internet
address level.
14. Explain difference between router, switch and hub?
What is a router?
A device that forwards data packets along networks. A router is connected to at least two networks,
commonly two lans or wans or a lan and its isp.s network. Routers are located at gateways, the places
where two or more networks connect. Routers use headers and forwarding tables to determine the best
path for forwarding the packets, and they use protocols such as icmp to communicate with each other
and configure the best route between any two hosts.
What is a switch?
In networks, a device that filters and forwards packets between lan segments. Switches operate at the
data link layer (layer 2) and sometimes the network layer (layer 3) of the osi reference model and
therefore support any packet protocol. Lans that use switches to join segments are called switched lans
or, in the case of ethernet networks, switched ethernet lans.
Finally, what is a hub?
A common connection point for devices in a network. Hubs are commonly used to connect segments of
alan. A hub contains multiple ports. When a packet arrives at one port, it is copied to the other ports so
that all segments of the lan can see all packets.
14. What is checksum?
A checksum is a count of the number of bits in a transmission unit that is included with the unit so that
the receiver can check to see whether the same number of bits arrived. If the counts match, it's
assumed that the complete transmission was received. Both tcpand udp communication layers provide a
checksum count and verification as one of their services.
15. What is redundancy?
Redundancy is a system design in which a component is duplicated so if it fails there will be a

backup. Redundancy has a negative connotation when the duplication is unnecessary or is simply the
result of poor planning.
16. What are the criteria necessary for an effective and efficient network?
Criteria necessary for an effective and efficient network. It can be measured in many ways, including
transmit time and response time. It is measured by frequency of failure, the time it takes a link to
recover from a failure, and the networks robustness.
17. What is the key advantage of using switches?
A switch is just a another n/w device which has its own advantages and disadvantages as compared to
a hub/router/bridge etc ... I hope it doesnt have any disadvantages as such unless and until compared to
other n/w devices[note : this is just my opinion,please add details if you have some]
advantages :
1) reduces the number of broadcast domains
2) supports vlan's which can help in logical segmentation
of ports[physical ports].splitting up the broadcast domain.
3) intellegent device[compared to hub's] which can make use
of cam table for port to mac mapping
4) compared to bridges ,switches are more h/w oriented
therefore operations are less cpu intense[basic operations
5) the cost to number of ports ratio is best .. Ie for a
cheaper cost you get switches with more number of ports
available than routers.
Disadvantages :
1) not as good as a router in limiting broadcasts
2) communication b/w vlan's need intervlan routing [router]
,but these days there are a number of multilayer switches
available in the market.
3) handling multicast packets needs quite a bit of
configuration & proper designing.
4) at times swtiches when in promiscuos mode is a opening
for security attacks [spoofing ip address or capturing
ethernet frames using ethereal.
18. When does network congestion occur?
Congestion, in the context of networks, refers to a network state where a node or link carries so much
data that it may deteriorate network service quality, resulting in queuing delay, frame or data packet
loss and the blocking of new connections. In a congested network, response time slows with reduced
network throughput. Congestion occurs when bandwidth is insufficient and network data traffic exceeds
capacity.
19. Does a bridge divide a network into smaller segments?
Not really. What a bridge actually does is to take the large network and filter it, without changing the
size of the network.
20. What is the difference between osi and tcp/ip model?
Comparison of osi reference model and tcp/ip reference model

Following are some major differences between osi reference model and tcp/ip reference model, with
diagrammatic comparison below.
Osi(open system interconnection) Tcp/ip(transmission control protocol / internet protocol)
1. Osi is a generic, protocol independent 1. Tcp/ip model is based on standard protocols around
standard, acting as a communication gateway which the internet has developed. It is a communication
between the network and end user. protocol, which allows connection of hosts over a network.
2. In osi model the transport layer guarantees 2. In tcp/ip model the transport layer does not guarantees
the delivery of packets. delivery of packets. Still the tcp/ip model is more reliable.
3. Follows vertical approach. 3. Follows horizontal approach.
4. Osi model has a separate presentation layer 4. Tcp/ip does not have a separate presentation layer or
and session layer. session layer.
5. Osi is a reference model around which the 5. Tcp/ip model is, in a way implementation of the osi
networks are built. Generally it is used as a
guidance tool. model.
6. Network layer of osi model provides both 6. The network layer in tcp/ip model provides
connection oriented and connectionless service. connectionless service.
7. Osi model has a problem of fitting the 7. Tcp/ip model does not fit any protocol
protocols into the model.
8. Protocols are hidden in osi model and are 8. In tcp/ip replacing protocol is not easy.
easily replaced as the technology changes.
9. Osi model defines services, interfaces and 9. In tcp/ip, services, interfaces and protocols are not clearly
protocols very clearly and makes clear distinction separated. It is also protocol dependent.
between them. It is protocol independent.
10. It has 7 layers 10. It has 4 layers
21. What is the size of ip address?
The number of unassigned internet addresses is running out, so a new classless scheme called cidr is
gradually replacing the system based on classes a, b, and c and is tied to adoption of ipv6. In ipv6 the ip
address size is increased from 32 bitsto 128 bits.
22. What is the range of class c address?
C, 192 223
23. What is poe (power over ethernet)?
Power over ethernet (poe) is a technology for wired ethernet lans (local area networks) that allows the
electrical current necessary for the operation of each device to be carried by the data cables rather than
by power cords. Doing so minimizes the number of wires that must be strung in order to install the
network.
24. What are the advantages of distributed processing?
Distributed data processing is a computer-networking method in which multiple computers across

different locations share computer-processing capability. This is in contrast to a single, centralized server
managing and providing processing capability to all connected systems. Computers that comprise the
distributed data-processing network are located at different locations but interconnected by means of
wireless or satellite links.
Advantage: lower cost, reliable, improved performance and reduced processing time, flexible.
25. When were osi model developed and why its standard called 802.xx and so on?
Osi model was developed in february1980 that why these also known as 802.xx standard (notice 80
means ==> 1980, 2means ==> february)
26. What is full form of ad?
Administrative distance
27. What is a peer-peer process?
In its simplest form, a peer-to-peer (p2p) network is created when two or more pcs are connected and
share resources without going through a separate server computer. A p2p network can be an ad hoc
connectiona couple of computers connected via a universal serial bus to transfer files
28. What is the difference between broadcast domain and collision domain?
Collision domain
A collision domain is, as the name implies, a part of a network where packet collisions can occur. A
collision occurs when two devices send a packet at the same time on the shared network segment. The
packets collide and both devices must send the packets again, which reduces network efficiency.
Collisions are often in a hub environment, because each port on a hub is in the same collision domain.
By contrast, each port on a bridge, a switch or a router is in a separate collision domain.
Tip remember, each port on a hub is in the same collision domain. Each port on a bridge, a switch or
router is in a separate collision domain.
Broadcast domain
A broadcast domain is a domain in which a broadcast is forwarded. A broadcast domain contains all
devices that can reach each other at the data link layer (osi layer 2) by using broadcast. All ports on a
hub or a switch are by default in the same broadcast domain. All ports on a router are in the different
broadcast domains and routers dont forward broadcasts from one broadcast domain to another.
29. What is ping? Why you use ping?
Short for packet internet groper, ping is a utility used to verify whether or not a network data packet is
capable of being distributed to an address without errors. The ping utility is commonly used to check for
network errors.
Ping is a basic internet program that allows a user to verify that a particular ip addressexists and can
accept requests.
Ping is used diagnostically to ensure that a host computer the user is trying to reach is actually
operating. Ping works by sending an internet control message protocol (icmp) echo request to a
specified interface on the network and waiting for a reply. Ping can be used for troubleshooting to test
connectivity and determine response time.
30. What is the defference between cross cable and straight cable
Now days, lan card has intelligence, so that both cables can work.
They have a feature on lots of switches and hubs etc called "auto-mdix" or "auto mdi/mdix", that is the new thing where
detect the proper connection type no matter which cable you use.
The cable can be categorized as cat 5, cat 5e, and cat 6 utp cable. Cat 5 utp cable can support 10/100 mbps ethernet netw
ethernet network running at 10/100/1000 mbps. You might hear about cat 3 utp cable, it's not popular anymore since it c
Straight and crossover cable can be cat3, cat 5, cat 5e or cat 6 utp cable, the only difference is each type will have differen
purposes.
Ethernet network cables are straight and crossover cable. This ethernet network cable is made of 4 pair high performance
data transmission. Both end of cable is called rj45 connector.
There are two types of network cables commonly used in pc networks - straight-through and cross-over.
Straight cable
Usually use straight cable to connect different type of devices. This type of cable will be used most of the time and can be
1) connect a computer to a switch/hub's normal port.
2) connect a computer to a cable/dsl modem's lan port.
3) connect a router's wan port to a cable/dsl modem's lan port.
4) connect a router's lan port to a switch/hub's uplink port. (normally used for expanding network)
5) connect two switches/hubs with one of the switch/hub using an uplink port and the other one using normal port.
If you need to check how straight cable looks like, it's easy. Both sides (side a and side b) of cable have wire arrangement
Crossover cable
Sometimes you will use crossover cable, it's usually used to connect same type of devices. A crossover cable can be used t
1) connect two computers directly.
2) connect a router's lan port to a switch/hub's normal port. (normally used for expanding network)
3) connect two switches/hubs by using normal port in both switches/hubs.
In you need to check how crossover cable looks like, both side (side a and side b) of cable have wire arrangement with fol
This cable (either straight cable or cross cable) has total 8 wires (or we can say lines), i.e. Four twisted pairs (4x2=8) with d
codes. It doesnt matter what color is given to the cable (but there is a standard).
Purpose of this cross cable is rx (receiving terminal) connects to tx (transmitting) of one pc to another pc and vice versa.
As we use two pcs (same devices), straight cable will connect tx to tx and rx to rx of two computers, so cross cable is requ
because it has internal arrangement like cross cable. So note that use cross cable to connect two similar devices.
A straight cable will not work to connect two computers together.
Crossover used to connect to pcs directly together, also used for connecting networking devices together like switch to sw
Straight cables connect two different types of devices. Whereas crossover cables connect two of the same type
31. What is the difference between tracert and traceroute
Traceroute:
1) you can find this utility in linux/unix based operating systems.
2) it relies over udp probe packet with destination port: 33434.
3) it uses random source port.
Tracert :
1)you can find this utility in windows based operating systems as well as servers.
2) it rely over icmp type 8(echo packet) & type 0(echo request).
32. What is round trip time?
In telecommunications, the round-trip delay time (rtd) or round-trip time (rtt) is the length of time it
takes for a signal to be sent plus the length of time it takes for an acknowledgment of that signal to be
received. This time delay therefore consists of the propagation times between the two points of a signal.
33. Define the terms unicasting, multicasting and broadcasting and any casting?
Unicast: a term used in communication to describe a piece of information to send from one point to
another. There are only sender and receiver. All lans support unicast transfer mode and most
applications that employ tcp transport protocol uses unicast messaging.
Broadcast: a term used for describing communication that is sent a piece of information from one point
to all other points. There is one sender and multiple receivers. All lans support broadcast transmission.
Multicast: a term described in communicating a piece of information sent from one or more points to a
set of other points. The senders and receivers are one or more.
Anycast is a network addressing and routing methodology in which datagrams from a single sender are
routed to the topologically nearest node in a group of potential receivers, though it may be sent to
several nodes, all identified by the same destination address.
34. How many pins do serial ports of routers have?
As a 9-pin d connector accessible from the exterior of the case,
35. What are the differences between static ip addressing and dynamic ip addressing?
Difference between static and dynamic ips. When a device is assigned a static ip address, it does not
change. The device always has the same ip address. Most devices use dynamic ip addresses, which are
assigned by the network when they connect.
36. Difference between csma/cd and csma/ca?
Csma ca vs csma cd
Carrier sense multiple access or csma is a media access control (mac) protocol that is used to control the
flow of data in a transmission media so that packets do not get lost and data integrity is maintained.
There are two modifications to csma, the csma cd (collision detection) and csma ca (collision avoidance),
each having its own strengths.
Csma operates by sensing the state of the medium in order to prevent or recover from a collision. A
collision happens when two transmitters transmit at the same time. The data gets scrambled, and the
receivers would not be able to discern one from the other thereby causing the information to get lost.
The lost information needs to be resent so that the receiver will get it.
Csma cd operates by detecting the occurrence of a collision. Once a collision is detected, csma cd
immediately terminates the transmission so that the transmitter does not have to waste a lot of time in
continuing. The last information can be retransmitted. In comparison, csma ca does not deal with the
recovery after a collision. What it does is to check whether the medium is in use. If it is busy, then the
transmitter waits until it is idle before it starts transmitting. This effectively minimizes the possibility of
collisions and makes more efficient use of the medium.
Another difference between csma cd and csma ca is where they are typically used. Csma cd is used
mostly in wired installations because it is possible to detect whether a collision has occurred. With
wireless installations, it is not possible for the transmitter to detect whether a collision has occurred or
not. That is why wireless installations often use csma ca instead of csma cd.
1.csma cd takes effect after a collision while csma ca takes effect before a collision.
2.csma ca reduces the possibility of a collision while csma cd only minimizes the recovery time.
3.csma cd is typically used in wired networks while csma ca is used in wireless networks.
1. Csma cd is used in wired lans and csma ca used in wireless lans and other types of wireless networks.
2. Csma cd is standardized in ieee 802.3 and csma ca is standardized in ieee 802.11.
3. Csma cd will not take steps to prevent transmission collision until it is taken place whilst csma ca will
take actions not to take place any collision since the latter has no means of knowing whether a collision
has taken place.
37. What is dhcp scope?
A dynamic host configuration protocol (dhcp) scope is the consecutive range of possible ip addresses
that the dhcp server can lease to clients on a subnet.scopes typically define a single physical subnet on
your network to which dhcp services are offered.
38. What are the different memories used in a cisco router?
Rom, ram, nvram, flah memory
39. What are the different types of passwords used in securing a cisco router?
The five main passwords of the cisco ios are:
Console, aux , vty, enable password, enable secret
40. What is the use of service password encryption?
The enable-secret option encrypts your password when you configure the router. When someone looks
at your running config, it will not display your "enable" password. However, if you do not use the service
password option, when someone views your running config, it will display all passwords except the
"enable secret". It will show what your password is for your console line, and vty (telnet). When you do
use the service password-encryption, when someone views your running config, those passwords will
not be displayed.
41. Briefly explain the conversion steps in data encapsulation.
42. Transport layer: segment is the pdu of the transport layer.

43. Network layer: packet is the pdu of the transport layer.
44. Data link layer: frame is the pdu of the transport layer.
45. Physical layer: bit is the pdu of the transport layer.
46. In configuring a router, what command must be used if you want to delete the configuration
data that is stored in the nvram?
Router= erase startup-configuration
47. Ieee standard for wireless networking?
Ieee 802.11 is a set of media access control (mac) and physical layer (phy) specifications for
implementing wireless local area network (wlan) computer communication in the 900 mhz and 2.4, 3.6,
5, and 60 ghz frequency bands.
48. What is the range of class a address?
Class a- 0-127
49. What is the range of class b address?
Class b- 128-191
50. Differentiate logical topology from physical topology?
A logical topology is how devices appear connected to the user. A physical topology is how they are
actually interconnected with wires and cables. For example, in a shared ethernet network that uses hubs
rather than switches, the logical topology appears as if every node is connected to a common bus that
runs from node to node. However, its physical topology is a star, in which every node on the network
connects to a central hub
51. What is as (autonomous system)?
An autonomous system (as) is a network or a collection of networks that are all managed and supervised
by a single entity or organization.
An as is a heterogeneous network typically governed by a large enterprise. An as has many different
subnetworks with combined routing logic and common routing policies. Each subnetwork is assigned a
globally unique 16 digit identification number (known as the as number or asn) by the internet assigned
numbers authority (iana).
52. What is the difference between private ip and public ip?
Public ip address Private ip address
Connected with the internet network Connected with a lan
Publicly registered with network information center Is not registered with network information center
Requires modem to connect with a network Requires router to connect with a network
Assigned by your isp Assigned by user or router
53. Explain different cable types?
Coaxial cables
Invented back in the 1880s, "coax" was best known as the kind of cable that connected television sets to
home antennas. Coaxial cable is also a standard for 10 mbps ethernet cables. When 10 mbps ethernet
was most popular, during the 1980s and early 1990s, networks typically utilized one of two kinds of coax
cable - thinnet (10base2 standard) or thicknet (10base5). These cables consist of an inner copper wire of
varying thickness surrounded by insulation and other shielding. Their stiffness caused network
administrators difficulty in installing and maintaining thinnet and thicknet.
Twisted pair cables
Twisted pair eventually emerged during the 1990s as the leading cabling standard for ethernet, starting
with 10 mbps (10base-t, also known as category 3 or cat3), later followed by improved versions for 100
mbps (100base-tx, cat5 and cat5e) and successively higher speeds up to 10 gbps (10gbase-t).
Fiber optics
Instead of insulated metal wires transmitting electrical signals, fiber optic network cables work using
strands of glass and pulses of light. These network cables are bendable despite being made of glass.
They have proven especially useful in wide area network (wans) installations where long distance
underground or outdoor cable runs are required and also in office buildings where a high volume of
communication traffic is common.
Two primary types of fiber optic cable industry standards are defined single-mode (100basebx
standard) and multimode (100basesx standard). Long-distance telecommunications networks more
commonly use single-mode for its relatively higher bandwidth capacity, while local networks typically
use multimode instead due to its lower cost.
54. How does rip differ from eigrp?
Rip stands for routing information protocol and eigrp stands for interior gateway routing protocol.
The major difference between both is that eigrp is cisco propriety that is it can be implemented only on
cisco routers.while this is not the case with rip versions (rip,rip2) they are open standards.
Some internal differences between them are:
1.ad value :that is administrative distance which determines the trust worthiness of the routing
protocol.static routing has the highest that is 1.
For rip it is 120
for eigrp it is 90 internal / 170 external.
2.rip uses bellmen ford algorithm to calculate the path while eigrp use dual method to calculate the
routes paths
3.maximum hop count for rip is 15 that is after 15 counts the packet is dropped while that of eigrp is 100
by default and upto 255 by configuration.
4.there is difference between their refresh timers.
5.there is difference between the ip address which they use to send periodic updates over the network.
6.eigrp uses an autonomous number to determine which domain it belongs to which is not the case with
rip protocols.
7.rip is mostly used for smaller networks which eigrp is used for larger networks.
8.rip is a distance vector routing protocol while eigrp is an link state routing protocol.
9. Rip is classful protocol where as eigrp is classless protocol

10.in rip full routing table exchanged, but in eigrp missing routes are exchanged
11. For rip protocol, hello timers every 30 seconds but in eigrp hello timer every 5 seconds
12. Rip sends full update whenever network change occurs whereas eigrp sends triggered updates
55. Differentiate user mode from privileged mode
User mode (user exec mode)
User mode is the first mode a user has access to after logging into the router. The user mode can be
identified by the > prompt following the router name. This mode allows the user to execute only the
basic commands, such as those that show the system's status. The router cannot be configured or
restarted from this mode.
Privileged mode (privileged exec mode)
Privileged mode mode allows users to view the system configuration, restart the system, and enter
router configuration mode. Privileged mode also allows all the commands that are available in user
mode. Privileged mode can be identified by the # prompt following the router name. From the user
mode, a user can change to privileged mode, by running the "enable" command. Also we can keep a
enable password or enable secret to restrict access to privileged mode. An enable secret password uses
stronger encryption when it is stored in the configuration file and it is safer.
56. What is 100basefx?
100base-fx is a version of fast ethernet over optical fiber. It uses a 1300 nm near-infrared (nir) light
wavelength transmitted via two strands of optical fiber, one for receive (rx) and the other for transmit
(tx).
57. Differentiate full-duplex from half-duplex?
58. Simplex: simplex is one direction. A good example would be your keyboard to your cpu. The
cpu never needs to send characters to the keyboard but the keyboard always send characters to
the cpu. In many cases, computers almost always send characters to printers, but printers
usually never send characters to computers (there are exceptions, some printers do talk
back). Simplex requires only one lane (in the case of serial).
59. Half-duplex: half-duplex data transmission means that data can be transmitted in both
directions on a signal carrier, but not at the same time. For example, on a local area network
using a technology that has half-duplex transmission, one workstation can send data on the line
and then immediately receive data on the line from the same direction in which data was just
transmitted.
60. Full-duplex: full-duplex data transmission means that data can be transmitted in both directions
on a signal carrier at the same time. For example, on a local area network with a technology
that has full-duplex transmission, one workstation can be sending data on the line while another
workstation is receiving data. A full-duplex link can only connect two devices, so many such
links are required if multiple devices are to be connected together.
61. What does the show protocol display?
The show protocols command shows the global and interface-specific status of any configured level 3
protocol.
Osi model interview questions
56. List the layers of osi?
The layers are stacked this way:
Application.
Presentation.
Session.
Transport.
Network.
Data link.
Physical.
57. What are the responsibilities of data link layer?
The data link layer is also responsible for logical link control, media access control, hardware addressing,
error detection and handling and defining physical layerstandards. It provides reliable data transfer by
transmitting packets with the necessary synchronization, error control and flow control.
58. What are the responsibilities of network layer?
The network layer is responsible for packet forwarding including routing through intermediate routers,
since it knows the address of neighboring network nodes, and it also manages quality of service (qos),
and recognizes and forwards local host domain messages to the transport layer (layer 4).
59. What are the responsibilities of transport layer?
Major duties of transport layer are:
1. Creating an end-to-end connection between hosts in different network,

2. Error recovery,
3. Flow control,
4. Ensuring complete data transfer in tcp
5. Congestion avoidance
Major transport layer protocols
1. Tcp ( transmission control protocol)
2. Udp (user datagram protocol)
3. Dccp (datagram congestion control protocol)
4. Sctp (stream control transmission protocol).
60. Routers work at which osi layer?
Routers operate on the third layer of the osi model, the network-control layer. Rather than passing
packets based on the media access control (mac) layeraddresses (as bridges do), a router examines the
packet's data structure and determines whether or not to forward it.
61. Switches work at which osi layer?
A switch works at layer 2 of the osi model (data-link). It is a lan device that can also be called a multi-
port bridge. A switch switches ethernet frames between ethernet devices. Switches do not care about ip
addresses nor do they even examine ip addresses as the frames flow through the switch.
62. What is a window in networking terms?
A window refers to the number of segments that is allowed to be sent from source to destination before
an acknowledgement is sent back.
63. What is the role of the llc sublayer in datalink layer?
The logical link control (llc) data communication protocol layer is the upper sub-layer of the data link
layer (which is itself layer 2, just above the physical layer) in the seven-layer osi reference model. It
provides multiplexing mechanisms that make it possible for several network protocols (ip, ipx) to coexist
within a multipoint network and to be transported over the same network media, and can also provide
flow control mechanisms.
The llc sub-layer acts as an interface between the media access control (mac) sublayer and the network
layer.
As the ethertype in an ethernet ii framing formatted frame is used to multiplex different protocols on
top of the ethernet mac header it can be seen as llc identifier.
Operation
the llc sublayer is primarily concerned with:
Multiplexing protocols transmitted over the mac layer (when transmitting) and decoding them
(when receiving).
Providing flow and error control
The protocol used for llc in ieee 802 networks, such as ieee 802.3/ethernet (if the ethertype field isn't
used), ieee 802.5, and ieee 802.11, and in some non-ieee 802 networks such as fddi, is specified by the
ieee 802.2 standard.
Some non-ieee 802 protocols can be thought of as being split into mac and llc layers. For example, while
hdlc specifies both mac functions (framing of packets) and llc functions (protocol multiplexing, flow
control, detection, and error control through a retransmission of dropped packets when indicated),
some protocols such as cisco hdlc can use hdlc-like packet framing and their own llc protocol.
Another example of a data link layer which is split between llc (for flow and error control) and mac (for
multiple access) is the itu-t g.hn standard, which provides high-speed local area networking over existing
home wiring (power lines, phone lines and coaxial cables).
An llc header tells the data link layer what to do with a packet once a frame is received. It works like this:
a host will receive a frame and look in the llc header to find out where the packet is destined for - for
example, the ip protocol at the network layer or ipx.
The gprs llc layer also does ciphering and deciphering of sn-pdu (sndcp) packets.
64. What is the function of the application layer in networking?
The application layer is a layer in the open systems interconnection (osi) seven-layer model and in
the tcp/ip protocol suite. It consists of protocols that focus on process-to-process communication across
an ip network and provides a firm communication interface and end-user services.
65. What are the difference between tcp and udp?
Tcp Udp
Acronym for Transmission control protocol User datagram

protocol or
universal
datagram
protocol
Connection Tcp is a connection-oriented protocol. Udp is a

connectionless
protocol.
Function As a message makes its way across the internet from one Udp is also a
computer to another. This is connection based. protocol used in
message
transport or
transfer. This is
Tcp Udp
not connection
based which
means that one
program can
send a load of
packets to
another and that
would be the
end of the
relationship.
Usage Tcp is suited for applications that require high reliability, and Udp is suitable
transmission time is relatively less critical. for applications
that need fast,
efficient
transmission,
such as games.
Udp's stateless
nature is also
useful for
servers that
answer small
queries from
huge numbers of
clients.
Use by other protocols Http, https, ftp, smtp, telnet Dns, dhcp, tftp,
snmp, rip, voip.
Ordering of data Tcp rearranges data packets in the order specified. Udp has no
packets inherent order
as all packets are
independent of
each other. If
ordering is
required, it has
to be managed
by the
application layer.
Tcp Udp
Speed of transfer The speed for tcp is slower than udp. Udp is faster
because error
recovery is not
attempted. It is a
"best effort"
protocol.
Reliability There is absolute guarantee that the data transferred There is no

remains intact and arrives in the same order in which it was guarantee that
sent. the messages or
packets sent
would reach at
all.
Header size Tcp header size is 20 bytes Udp header size

is 8 bytes.
Common header fields Source port, destination port, check sum Source port,
destination port,
check sum
Streaming of data Data is read as a byte stream, no distinguishing indications Packets are sent
are transmitted to signal message (segment) boundaries. individually and
are checked for
integrity only if
they arrive.
Packets have
definite
boundaries
which are
honored upon
receipt, meaning
a read operation
at the receiver
socket will yield
an entire
message as it
was originally
sent.
Tcp Udp
Weight Tcp is heavy-weight. Tcp requires three packets to set up a Udp is

socket connection, before any user data can be sent. Tcp lightweight.
handles reliability and congestion control. There is no
ordering of
messages, no
tracking
connections, etc.
It is a small
transport layer
designed on top
of ip.
Data flow control Tcp does flow control. Tcp requires three packets to set up a Udp does not
socket connection, before any user data can be sent. Tcp have an option
handles reliability and congestion control. for flow control
Error checking Tcp does error checking and error recovery. Erroneous Udp does error
packets are retransmitted from the source to the checking but
destination. simply discards
erroneous
packets. Error
recovery is not
attempted.
Fields 1. Sequence number, 2. Ack number, 3. Data offset, 4. 1. Length, 2.

Reserved, 5. Control bit, 6. Window, 7. Urgent pointer 8. Source port, 3.
Options, 9. Padding, 10. Check sum, 11. Source port, 12. Destination port,
Destination port 4. Check sum
Acknowledgement Acknowledgement segments No

acknowledgment
Handshake Syn, syn-ack, ack No handshake

(connectionless
protocol)
66. What is the port no of dns and telnet?

20 ftp data (file transfer protocol)
21 ftp (file transfer protocol)
22 ssh (secure shell)
23 telnet
25 smtp (send mail transfer protocol)
53 dns (domain name service)
68 dhcp (dynamic host control protocol)
80 http (hypertext transfer protocol)
110 pop3 (post office protocol, version 3)
115 sftp (secure file transfer protocol)
119 nntp (network new transfer protocol)
123 ntp (network time protocol)
139 netbios
143 imap (internet message access protocol)
161 snmp (simple network management protocol)
220 imap3 (internet message access protocol 3)
389 ldap (lightweight directory access protocol)
443 ssl (secure socket layer)
67. Which service use both tcp and udp?
Dns and some other services work on both the protocols. We will take an example of dns service. Two
protocols are somewhat different from each other. Tcp is a connection-oriented protocol and it requires
data to be consistent at the destination and udp is connection-less protocol and doesn't require data to
be consistent or don't need a connection to be established with host for consistency of data.
Udp packets are smaller in size. Udp packets can not be greater then 512 bytes. So any
application needs data to be transferred greater than 512 bytes require tcp in place. For example, dns
uses both tcp and udp for valid reasons described below. Note that udp messages are not larger than
512 bytes and are truncated when greater than this size. Dns uses tcp for zone transfer and udp for
name queries either regular (primary) or reverse. Udp can be used to exchange small information
whereas tcp must be used to exchange information larger than 512 bytes. If a client doesn't get
response from dns it must re-transmit the data using tcp after 3-5 seconds of interval.
There should be consistency in dns zone database. To make this, dns always transfer zone data using tcp
because tcp is reliable and make sure zone data is consistent by transferring the full zone to other dns
servers who has requested the data.
The problem occurs when windows 2000 server and advanced server products uses dynamic ports for all
above 1023. In this case your dns server should not be internet facing i.e. Doing all standard queries for
client machines on the network. The router (acl) must permitted all udp inbound traffic to access any
high udp ports for it to work.
Ldap always uses tcp - this is true and why not udp because a secure connection is established between
client and server to send the data and this can be done only using tcp not udp. Udp is only used when
finding a domain controller (kerberos) for authentication. For example, a domain client finding a domain
controller using dns.
68. What is the port no of smtp and pop3?
69. In which layer term frames is used?
Data link layer
70. In which layer term packets is used?
Network layer
71. In which layer term segments is used?
Transport layer
72. Give some example for protocols work at application layer?
Bgp,dhcp,dns ftp http imap ldap mgcp nntp ntp pop onc/rpc rtp rtsp rip sip smtp snmp ssh telnet tls/ssl
xmpp
73. What is crc? Which layer crc works?
A cyclic redundancy check (crc) is an error-detecting code commonly used in digital networks and
storage devices to detect accidental changes to raw data. Blocks of data entering these systems get a
short check value attached, based on the remainder of a polynomial division of their contents. On
retrieval, the calculation is repeated and, in the event the check values do not match, corrective action
can be taken against data corruption.it work on data link layer
74. What is the purpose of the data link?
It makes sure the appropriate physical protocol is assigned to the data. The data link layer is the second
layer in the osi model. The three main functions of the data link layer are to deal with transmission
errors, regulate the flow of data, and provide a well-defined interface to the network layer.
75. Which one is reliable tcp or udp?
Tcp
76. What is the port number of ftp (data) and ftp?
77. Which layer provides logical addressing that routers will use for path determination?
Network layer
78. Which layer specifies voltage, wire speed, and pinout cables and moves bits between devices?
Physical layer
79. Which layer combines bits into bytes and bytes into frames, uses mac addressing, and provide
error detection?
Data link layer
80. Which layer is responsible for keeping the data from different applications separate on the
network?
The session layer creates sessions between different hosts applications
81. Which layer segments and resembles data into a data stream?
Transport layer
82. Which layer provides the physical transmission of the data and handless error notification,
network topology, and flow control?
Data link layer
83. Which layer manages device addressing, tracks the location of devices on the network, and
determines the best way to move data?
Network layer
84. How data breaks down on each layer from top to bottom?
Table 1: pdu names on the layers of the osi model
Osi layer Pdu name
Application Data
Presentation Data
Session Data
Transport Segment
Network Packet
Data link Frame
Physical Bits
85. Mac address works on which layer? What are the differences of mac sublayer and llc
sublayer?
Data link layer
86. Which layer is responsible for converting data packets from the data link layer into electrical
signals?
Physical layer
87. At which layer is routing implemented, enabling connections and path selection between two
end systems. ?
Network layer
88. Which layer defines how data is formatted, presented, encoded, and converted for use on the
network?
Presentation layer
89. Which layer is responsible for creating, managing and terminating sessions between
applications?
The session layer sets up, maintains, and terminates sessions between applications.
90. Dns uses which protocol? Why?
Dns queries consist of a single udp request from the client followed by a single udp reply from the
server. The transmission control protocol (tcp) is used when the response data size exceeds 512 bytes,
or for tasks such as zone transfers. Some resolver implementations use tcp for all queries.
91. Which layer is closer to the user?

Application layer
92. Differentiate between forward lookup and reverse lookup in dns?
Forward dns lookup is used to convert the human meaningful name (domain name) which is in easy to
understand format to computer meaningful name (ip address), however reverse dns lookup works in
reverse way to convert ip address to domain name.
93. What is ipsec?
Ipsec is an internet engineering task force (ietf) standard suite of protocols that provides data
authentication, integrity, and confidentiality as data is transferred between communication points
across ip networks. Ipsec provides data security at the ip packet level.
94. What is the way to establish a tcp connection?
The tcp three-way handshake intransmission control protocol (also called the tcp-handshake; three
message handshake and/or syn-syn-ack) is the method used by tcp set up a tcp/ip connection over
aninternet protocol based network. Tcp's three way handshaking technique is often referred to as "syn-
syn-ack" (or more accurately syn, syn-ack, ack) because there are three messages transmitted by tcp to
negotiate and start a tcp session between twocomputers. The tcp handshaking mechanism is designed
so that two computers attempting to communicate can negotiate the parameters of the network tcp
socket connection before transmitting data such as ssh and http web browser requests.
This 3-way handshake process is also designed so that both ends can initiate and negotiate separate tcp
socket connections at the same time. Being able to negotiate multiple tcp socket connections in both
directions at the same time allows a single physical network interface, such as ethernet, to
bemultiplexed to transfer multiple streams of tcp data simultaneously.
95. What is the difference between flow control and error control?
Flow control and error control are the control mechanism at data link layer and transport layer.
Whenever the sends the data to the receiver these two mechanisms helps in proper delivering of the
reliable data to the receiver. The main difference between the flow control and error control is that
the flow control observes the proper flow of the data from sender to receiver, on the other hand,
the error control observes that the data delivered to the receiver is error free and reliable.
Rip interview questions
96. What is route poisoning?
Route poisoning is a method that prevents a certain network from sending data packets to a path
destination that has already became invalid. This is done when a distance vector routing protocol sees
an invalid route or one with large routing loops. A route will be considered unreachable if it exceeds the
maximum allowed. So the routing protocol simply informs all the routers connected in the network that
a certain path is invalid by saying that it has a hop count that exceeds the maximum allowable.
97. What is split horizon?
Split horizon is a technique incorporated by distance vector routing protocols for avoiding routing loops
by preventing the routing path to be sent/advertised back to the node from which the advertising router
has received it.
98. Utilizing rip, what is the limit when it comes to number of hops?
15
99. Multicast address of rip v2?
224.0.0.9
100. Administristative distance of rip?
120
101. Can we use rip in a scenario having more than 15 routers?
No
102. What is the difference between rip and ripng?
Difference between rip and ripng
Rip (routing information protocol) comes in two different versions ripv1 and ripv2. It is widely used in
small and medium sized ipv4 networks due to ease of configuration, implementation and maintenance.
To route ipv6 packets, the internet engineering task force (ietf) developed ripng based on rip. Ripng has
become a main routing protocol used on ipv6 networks.
Routing information protocol-ripv1
Ripv1 is a distance vector routing protocol. It uses local broadcasts ip address 255.255.255.255 to share
routing information. These updates are periodic in nature, occurring by default and sent after every 30
seconds. To prevent packets from circulating around in a loop forever, rip places a hop count limit on
packets of 15 hops. Packets that reach the sixteenth hop will be dropped. Ripv1 is a classful protocol.
Classful routing protocols dont send information of subnet mask with their routing table updates. In
other words, if you have a subnetted network in your ripv1 routing domain, ripv1 will announce that
network to other as un-subnetted network. Rip supports up to six equal-cost paths to a single
destination. Equal-cost path are the paths where the metric is same (hop count).
Features of ripv1
Administrative distance: 120
Algorithm: bellman-ford
Protocol type: distance vector
Metric: it supports maximum metric (hop count) value of 15. Any router farther than 15 hops away is
considered as unreachable.
Routing updates: it sends routing updates after every 30 second at broadcast ip address
255.255.255.255.
Supports: it supports only classful network.
Timer:
Update time: 30 sec
Invalid time: 180 sec
Hold time: 180 sec
Flush time: 240 sec
Send/receive:
Send update: ripv1
Receive update: ripv1 & ripv2
Authentication: it does not support authentication of update messages (plain-text or md5).
Routing information protocol-ripv2
Ripv2 is a hybrid routing protocol with routing enhancements built into it. It uses multicasts ip address
224.0.0.9 instead of broadcasts for sending updates of routing information. Ripv2 supports triggered
updates. When a change occurs in network, ripv2 router immediately propagates its routing information
to its connected neighbours. Ripv2 is a classless protocol and it supports classful and variable-length
subnet masking (vlsm). Ripv2 supports authentication of ripv2 update messages (md5 or plain-text).
Authentication helps in confirming that the updates are coming from authorized sources.
Features of ripv2

Protocol type: hybrid
Metric: ripv1 support maximum metric (hop count) value of 15. Any router farther than 15 hops away
is considered as unreachable.
Routing updates: ripv2 never broadcasts, it sends routing updates after every 30 second at multicasts
ip address 224.0.0.9.
Supports: it supports classful, classless and vlsm network.
Timer:
Update time: 30 sec
Hold time: 180 sec
Flush time: 240 sec
Send/receive:
Send update: ripv2
Receive update: ripv2
Authentication: it supports authentication of ripv2 update messages (plain-text or md5). Authentication

helps in confirming that the updates are coming from authorized sources.
Routing information protocol-next generation (ripng)
Ripng is a distance vector protocol and works basically the same way as rip but has some differences
from rip to support ipv6 address format.
Ripng sends an update to its connected routers after every 30 seconds. It sends updates to the ipv6
multicast group ff02::9 using port 521 by default.
Features of ripng
Protocol type: distance vector

Metric: it supports maximum metric (hop count) value of 15. Any router farther than 15 hops away is
considered as unreachable.
Routing updates: ripng multicasts routing updates and uses reserved ipv6 multicast address ff02::9 for
multicasting.
Supports: it supports only classful network.
Timer:
Update time: 30 sec
Hold time: 180 sec
Flush time: 240 sec
103. What is the multicast address that rip v2 uses?
224.0.0.9
104. What are the four timers in rip?
Timers basic, all in seconds:

update: how often to send updates in seconds
invalid: how many seconds, since seeing a valid update, to consider the route invalid, and placing the
route into hold down
hold down: once in hold down, how long (in seconds) to not believe any equal or less impressive
(worse) route updates for routes that are in hold down
flush: how many seconds, since the last valid update, until we throw that route in the trash (garbage
collection for un-loved non-updated routes)
Update: 30
invalid: 180
hold down: 180
flush: 240
105. What is the difference between ripv1 & ripv2?

106. Explain load-balancing in rip?
The default variance is 1, which is equal-cost load balancing. With the maximum-paths command, the
router uses up to six paths to share traffic across; to limit this number, use the maximum-paths
command. The multiple paths that make up a single-hop transport to a common destination are called
a load-sharing group.
107. Explain split horizon?
an invalid route or one with large routing loops. A route will be considered unreachable if it exceeds the
maximum allowed. So the routing protocol simply informs all the routers connected in the network that
a certain path is invalid by saying that it has a hop count that exceeds the maximum allowable
an invalid route or one with large routing loops.
109. How do you stop rip updates from propagating out an interface on a router?
Passive interfaces
110. What is the administrative distance of rip?
120
111. How do we configure rip? Specify the commands.
Router rip
112. If a rip v2 router advertises its route, would it be received by all the devices on the network?
Rip v2 is multicast. So the route advertisement would be received only by devices which have rip v2
enabled. If the advertisement was rip v1, then it would be received by all devices on the network as rip
v1 is broadcast.
113. Which transport layer protocol does rip use and the associated port number?
Udp port 520
114. If a static route and a rip learnt route are available on a router which entry would be chosen
by the router to forward the packet?
Static route would be chosen since it has lower administrative distance than rip
115. What is the major benefit of dynamic routing protocol like rip over static route?
In a static route, the route entries have to be manually configured on the router. Where as in a dynamic
routing protocol like rip, routes are learnt automatically.
116. Can subnet mask information be stored in a rip v1 packet?
Rip v1 is a class full routing protocol. It does not understand classless concepts like subnets. So it is not
possible
117. Is a subnet mask field available in a rip v2 packet?
Rip v2 is classless routing protocol. A rip v2 packet has a field to include the subnet mask information.
Eigrp interview questions
118. What is eigrp?
Enhanced interior gateway routing protocol (eigrp) is an advanced distance-vector routing protocol that
is used on a computer network for automating routing decisions and configuration. The protocol was
designed by cisco systems as a proprietary protocol, available only on cisco routers.
119. What are the different tables in eigrp?
Explain the different tables used in eigrp.
Neighbor table: the neighbor relationships are tracked in this table which are the basis for eigrp routing
and convergence activity. The address and the interface of a neighbor is discovered and recorded in a
new entry of the neighbor table, whenever a new neighbor is discovered. These tables are used for
reliable and sequenced delivery of packets.
Topology table: routers use topology table which route traffic in a network. All routing tables inside the
autonomous system are available in this table, where the router is positioned. Each router uses routing
protocol and maintains a topology table for each configured network protocol. The routes leading to a
destination are found in the topology table.
Route table: the routes of particular destinations are stored in the routing tables. The information
contains the network topology that is immediately around it. The primary goal of routing protocols and
routes is the construction of routing tables. Network id, cost of the packet path and next hop are the
details are available in the routing table.
120. Why eigrp is called hybrid protocol?
Eigrp can be referred to as a hybrid protocol. It combines most of the characteristics of traditional
distance vector protocols with some characteristics of link-state protocols. Specifically, eigrp is
"enhanced" by using four routing technologies: neighbor discovery/recovery.
121. What are the different packets in eigrp?
Explain the different types of packets in eigrp
- hello packets: eigrp neighbor ship is discovered and maintained by hello packets. If the router fails to
receive a hello packet within the hold timer, the corresponding router will be declared dead.
- update packets: at the time of discovering new neighbor, update packets are sent, so that the topology
table can be built by the neighbor router. Update packets are unicast and always transmitted reliably.
- query packets: when the destination goes into active state, the query packets are sent. Query packets
are multicast and replies are always sent in reply to the queries for indicating the originator that it does
not need to go into active state.
- reply packets: when the destination goes into active state, the reply packets are sent. Reply packets
are unicast to the originator of the query and transmission of reply packets are reliable.
- ack packets: ack packets use to know the transmission status. If a hello packet sent without data is also
recognized as acknowledgement. Unicast address with non-zero acknowledgement number is always
sent by acks.
122. Conditions for eigrp neighbors.
Both routers must be in the same primary subnet

both routers must be configured to use the same k-values
both routers must in the same as
both routers must have the same authentication configuration (within reason)
the interfaces facing each other must not be passive
123. What settings must match between two routers in order to become eigrp neighbors?
Both routers must be in the same primary subnet
both routers must be configured to use the same k-values
both routers must in the same as
both routers must have the same authentication configuration (within reason)
the interfaces facing each other must not be passive
124. What is meant by active and passive states in eigrp?
Eigrp route states

An eigrp route can exist in one of two states, in the topology table:
active state
passive state
A passive state indicates that a route is reachable, and that eigrp is fully
Converged. A stable eigrp network will have all routes in a passive state.
A route is placed in an active state when the successor and any feasible
Successors fail, forcing the eigrp to send out query packets and reconverge.
Multiple routes in an active state indicate an unstable eigrp
Network. If a feasible successor exists, a route should never enter an active
State.
Routes will become stuck-in-active (sia) when a router sends out a query
Packet, but does not receive a reply packet within three minutes. In other
Words, a route will become sia if eigrp fails to re-converge. The local
Router will clear the neighbor adjacency with any router(s) that has failed to
Reply, and will place all routes from that neighbor(s) in an active state.
125. What are the different k-values used in eigrp?
Eigrp uses different k values to determine the best path to each destination. If you studied ccna you
might have seen and/or learned the following list:
Bandwidth (k1)
Load (k2)
Delay (k3)
Reliability (k4)
Mtu (k5)
126. Does eigrp require an ip default-network command to propagate a default route?
Although eigrp can propagate a default route using the default network method, it is not required. Eigrp
redistributes default routes directly.
127. Should i always use the eigrp log-neighbor-changes command when i configure eigrp?
Yes, this command makes it easy to determine why an eigrp neighbor was reset. This reduces
troubleshooting time.
128. Does eigrp support secondary addresses?
Eigrp does support secondary addresses. Since eigrp always sources data packets from the primary
address, cisco recommends that you configure all routers on a particular subnet with primary addresses
that belong to the same subnet. Routers do not form eigrp neighbors over secondary networks.
Therefore, if all of the primary ip addresses of routers do not agree, problems can arise with neighbor
adjacencies.
129. What debugging capabilities does eigrp have?
. There are protocol-independent and -dependent debug commands. There is also a suite
of show commands that display neighbor table status, topology table status, and eigrp traffic statistics.
Some of these commands are:
Show ip eigrp neighbors
Show ip eigrp interfaces
Show ip eigrp topology
Show ip eigrp traffic
130. What are the advantages of eigrp other routing protocol?
Advanced distance vector

Routes ip, ipx, decnet, appletalk
Routing advertisements: partial when route changes occur
Metrics: bandwidth, delay, reliability, load, mtu size
Hop count: 255
Variable length subnet masks
Summarization on network class address or subnet boundary
Load balancing across 6 equal or unequal cost paths (ios 11.0)
Hello timer: 1 second on ethernet / 60 seconds on non-broadcast
Holddown timer: 3 seconds on ethernet / 180 seconds on non-broadcast
Metric calculation = destination path minimum bw * delay (msec) * 25
Bidirectional forwarding detection (bfd) support
Split horizon
Lsa multicast address: 224.0.0.10
131. What is advertised distance?

Advertised distance or reported distance. The advertised distance (ad) is thedistance from a given
neighbor to the destination router. Feasible distance. The feasible distance (fd) is the distance from the
current router to the destination
132. What is successor?
A feasible successor is a path whose reported distance is less than the feasible distance, and it is
considered a backup route. Eigrp will keep up to six feasiblesuccessors in the topology table. Only the
one with the best metric (the successor) is placed in the routing table.
133. What is the multicast address used by eigrp to send hello packets?
224.0.0.10
134. What is stuck in active?
When eigrp returns a stuck in active (sia) message, it means that it has not received a reply to a
query. Eigrp sends a query when a route is lost and another feasible route does not exist in the topology
table. The sia is caused by two sequential events: * the route reported by the sia has gone away.
135. What types of authentication is supported by eigrp?
Eigrp route authentication provides md5 authentication of routing updates from the eigrp routing
protocol. The md5 keyed digest in each eigrp packet prevents the introduction of unauthorized or false
routing messages from unapproved sources.
136. What is the use of variance command in eigrp?
Eigrp provides a mechanism to load balance over unequal cost paths throungh variance command.
Variance is a number (1 to 128), multiplied by the local best metric then includes the routes with the
lesser or equal metric. The default variance value is 1, which means equal-cost load balancing.
137. Internal and external administrative distance in eigrp?
Connected interface 0
Static route 1
Enhanced interior gateway routing protocol
(eigrp) summary route 5
External border gateway protocol (bgp) 20
Internal eigrp 90
Igrp 100
Ospf 110
Intermediate system-to-intermediate 115
system (is-is)
Routing information protocol (rip) 120
Exterior gateway protocol (egp) 140
On demand routing (odr) 160
External eigrp 170
Internal bgp 200
Unknown* 255
138. What is feasible successor?
A feasible successor is a path whose reported distance is less than the feasibledistance, and it is
considered a backup route. Eigrp will keep up to six feasible successors in the topology table. Only the
one with the best metric (the successor) is placed in the routing table
139. What is graceful shutdown?
This feature helps in faster convergence of networks. With graceful shutdown, a goodbye message is
broadcast when an eigrp routing process is shutdown, to inform adjacent peers about the impending
topology change
140. Maximum path load balanced by eigrp?
In general, load balancing is the capability of a router to distribute traffic over all the router network
ports that are the same distance from the destination address. Load balancing increases the utilization
of network segments, and so increases effective network bandwidth. There are two types of load
balancing:
Equal cost path applicable when different paths to a destination network report the same routing
metric value. The maximum-paths command determines the maximum number of routes that the
routing protocol can use.
Maximum-paths 6
Router(config-router)#maximum-paths 6
Unequal cost path applicable when different paths to a destination network report are of different
routing metric values. The variance command determines which of these routes is used by the router.
141. How eigrp support unequal load balancing?
Eigrp supports up to six unequal-cost paths.
Router(config-router)#variance n
142. What happen when we enable passive interface in eigrp?
With eigrp running on a network, the passive-interface command stops both outgoing and incoming
routing updates, since the effect of the command causes the router to stop sending and receiving hello
packets over an interface.
143. What does the word serno mean on the end of an eigrp topology entry when you issue the
show ip eigrp topology command?
For example:
Show ip eigrp topology
P 172.22.71.208/29, 2 successors, fd is 46163456
Via 172.30.1.42 (46163456/45651456), serial0.2, serno 7539273
Via 172.30.2.49 (46163456/45651456), serial2.6, serno 7539266
Serno stands for serial number. When drdbs are threaded to be sent, they are assigned a serial
number.if you display the topology table at the time an entry is threaded, it shows you the serial
numberassociated with the drdb.threading is the technique used inside the router to queue items up for
transmission to neighbors. Theupdates are not created until it is time for them to go out the interface.
Before that, a linked list of pointers to items to send is created (for example, the thread).these sernos is
local to the router and arenot passed with the routing update
143. What percent of bandwidth and processor resources does eigrp use?
Eigrp version 1 introduced a feature that prevents any single eigrp process from using more than fifty
percent of the configured bandwidth on any link during periods of network convergence. Each as or
protocol (for instance, ip, ipx, or appletalk) serviced by eigrp is a separate process. You can use the ip
bandwidth-percent eigrp interface configuration command in order to properly configure the bandwidth
percentage on each wan interface. Refer to the eigrp white paper for more information on how this
feature works.
In addition, the implementation of partial and incremental updates means that eigrp sends routing
information only when a topology change occurs. This feature significantly reduces bandwidth use.
The feasible successor feature of eigrp reduces the amount of processor resources used by an
autonomous system (as). It requires only the routers affected by a topology change to perform route re-
computation. The route re-computation only occurs for routes that were affected, which reduces search
time in complex data structures
144. Does eigrp support aggregation and variable length subnet masks?
Yes, eigrp supports aggregation and variable length subnet masks (vlsm). Unlike open shortest path first
(ospf), eigrp allows summarization and aggregation at any point in the network. Eigrp supports
aggregation to any bit. This allows properly designed eigrp networks to scale exceptionally well without
the use of areas. Eigrp also supports automatic summarization of network addresses at major network
borders.
145. Can i configure more than one eigrp autonomous system on the same router?
Yes, you can configure more than one eigrp autonomous system on the same router. This is typically
done at a redistribution point where two eigrp autonomous systems are interconnected. Individual
router interfaces should only be included within a single eigrp autonomous system.
Cisco does not recommend running multiple eigrp autonomous systems on the same set of interfaces on
the router. If multiple eigrp autonomous systems are used with multiple points of mutual redistribution,
it can cause discrepancies in the eigrp topology table if correct filtering is not performed at the
redistribution points. If possible, cisco recommends you configure only one eigrp autonomous system in
any single autonomous system. You can also use another protocol, such as border gateway protocol
(bgp), in order to connect the two eigrp autonomous systems.
146. If there are two eigrp processes that run and two equal paths are learned, one by each eigrp
process, do both routes get installed?
No, only one route is installed. The router installs the route that was learned through the eigrp process
with the lower autonomous system (as) number. In cisco ios software releases earlier than 12.2(7)t, the
router installed the path with the latest timestamp received from either of the eigrp processes. The
change in behavior is tracked by cisco bug id cscdm47037.
147. When i configure eigrp, how can i configure a network statement with a mask?
The optional network-mask argument was first added to the network statement in cisco ios software
release 12.0(4)t. The mask argument can be configured in any format (such as in a network mask or in
wild card bits). For example, you can use network 10.10.10.0 255.255.255.252 or network 10.10.10.0
0.0.0.3.
148. What is goodbye message received in eigrp?
Goodbye message
The goodbye message is a feature designed to improve eigrp network convergence. The goodbye
message is broadcast when an eigrp routing process is shut down to inform adjacent peers about the
impending topology change. This feature allows supporting eigrp peers to synchronize and recalculate
neighbor relationships more efficiently than would occur if the peers discovered the topology change
after the hold timer expired.
The following message is displayed by routers that run a supported release when a goodbye message is
received:
Apr 26 13:48:42.523: %dual-5-nbrchange: ip-eigrp(0) 1: neighbor 10.1.1.1 (ethernet0/0) is down:

interface goodbye received
A cisco router that runs a software release that does not support the goodbye message can misinterpret
the message as a k-value mismatch and display the following message:
Apr 26 13:48:41.811: %dual-5-nbrchange: ip-eigrp(0) 1: neighbor 10.1.1.1 (ethernet0/0) is down: k-

value mismatch
Obviously, the signalling to a neighbor that a protocol has been gracefully shutdown means good things
for protocol convergence and loop prevention in a distance vector protocol. The point that i think is
important is that a network that has some ios 15.1m and more mainstream sofware might see error
messages about k-value mismatch and think that something is broken. In this case, the error message is
exactly correct, and can be safely ignored.
As always, it depends on your exact configuration, its possible that someone has actually configured k-
values (but its unlikely these days) and the message is telling you.
149. Who does load-balancing when there are multiple links to a destination?
Load balancing is a standard functionality of the cisco ios router software, and is available across all
router platforms. It is inherent to the forwarding process in the router and is automatically activated if
the routing table has multiple paths to a destination. It is based on standard routing protocols, such as
routing information protocol (rip), ripv2, enhanced interior gateway routing protocol (eigrp), open
shortest path first (ospf), and interior gateway routing protocol (igrp), or derived from statically
configured routes and packet forwarding mechanisms. It allows a router to use multiple paths to a
destination when forwarding packets.
150. How can i use only one path when a router has two equal cost paths?
Configure the bandwidth value on the interfaces to default, and increase the delay on the backup
interface so that the router does not see two equal cost paths.
151. What is the difference in metric calculation between eigrp and igrp?
Eigrp has totally replaced the obsolete igrp

2. Eigrp is a classless routing protocol while igrp is a classful routing protocol
3. Eigrp uses the dual while igrp does not
4. Eigrp consumes much less bandwidth compared to igrp
5. Eigrp expresses the metric as a 32 bit value while igrp uses a 24 bit value
152. What is the eigrp stub routing feature?
The enhanced interior gateway routing protocol (eigrp) stub routing feature improves network stability,
reduces resource utilization, and simplifies stub router configuration. Stub routing is commonly used in a
hub and spoke network topology.
153. How can i send a default route to the stub router from the hub?
Do this under the outbound interface on the hub router with the ip summary-address eigrp x 0.0.0.0
0.0.0.0command. This command suppresses all the more specific routes and only sends the summary
route. In the case of the 0.0.0.0 0.0.0.0, it means it suppresses everything, and the only route that is in
the outbound update is 0.0.0.0/0. One drawback to this method is that eigrp installs a 0.0.0.0/0 route to
null0 is the local routing table with an admin distance of 5.
154. What are different route types in eigrp?
Internal routeroutes that are originated within the autonomous system (as).
Summary routeroutes that are summarized in the router (for example, internal paths that have been
summarized).
External routeroutes that are redistributed to eigrp.
155. What is an offset-list, and how is it useful?
The offset-list is an feature used to modify the composite metrics in eigrp. The value configured in the
offset-list command is added to the delay value calculated by the router for the route matched by an
access-list. An offset-list is the preferred method to influence a particular path that is advertised and/or
chosen.
156. What does the neighbor statement in the eigrp configuration section do?
The neighbor command is used in eigrp in order to define a neighboring router with which to exchange
routing information. Due to the current behavior of this command, eigrp exchanges routing information
with the neighbors in the form of unicast packets whenever the neighbor command is configured for an
interface.
157. Why does the eigrp passive-interface command remove all neighbors for an interface?
The passive-interface command disables the transmission and receipt of eigrp hello packets on an
interface. Unlike igrp or rip, eigrp sends hello packets in order to form and sustain neighbor adjacencies.
Without a neighbor adjacency, eigrp cannot exchange routes with a neighbor. Therefore, the passive-
interface command prevents the exchange of routes on the interface. Although eigrp does not send or
receive routing updates on an interface configured with the passive-interface command, it still includes
the address of the interface in routing updates sent out of other non-passive interfaces.
158. Why are routes received from one neighbor on a point-to-multipoint interface that runs eigrp
not propagated to another neighbor on the same point-to-multipoint interface?
The split horizon rule prohibits a router from advertising a route through an interface that the router
itself uses to reach the destination. In order to disable the split horizon behavior, use the no ip split-
horizon eigrp as-numberinterface command. Some important points to remember about eigrp split
horizon are:
Split horizon behavior is turned on by default.
When you change the eigrp split horizon setting on an interface, it resets all adjacencies with eigrp
neighbors reachable over that interface.
Split horizon should only be disabled on a hub site in a hub-and-spoke network.
Disabling split horizon on the spokes radically increases eigrp memory consumption on the hub router,
as well as the amount of traffic generated on the spoke routers.
The eigrp split horizon behavior is not controlled or influenced by the ip split-horizon command.
159. What are the primary functions of the pdm?
Eigrp supports 3 protocol suites: ip, ipv6, and ipx. Each of them has its own pdm. These are the primary
functions of pdm:
Maintaining the neighbor and topology tables of eigrp routers that belong to that protocol suite
Building and translating protocol specific packets for dual
Interfacing dual to the protocol specific routing table
Computing the metric and passing this information to dual; dual handles only the picking of the
feasible successors (fss)
Implement filtering and access lists.
Perform redistribution functions to/from other routing protocols.
160. What are the various load-balancing options available in eigrp?
The offset-list can be used to modify the metrics of routes that eigrp learns through a particular
interface, or pbr can be used.
161. What does the %dual-5-nbrchange: ip-eigrp(0) 100: neighbor 10.254.0.3 (tunnel0) is down:
holding time expired error message mean?
This message indicates that the router has not heard any eigrp packets from the neighbor within the
hold-time limit. Because this is a packet-loss issue, check for a layer 2 problem.
162. From the 16:29:14.262 poison squashed: 10.x.x.x/24 reverse message, what does poison
squashed mean?
The router threads a topology table entry as a poison in reply to an update received (the router sets up
for poison reverse). While the router is building the packet that contains the poison reverse, the router
realizes that it does not need to send it. For example, if the router receives a query for the route from
the neighbor, it is currently threaded to poison. Thus, it sends the poison squashed message.
Ospf interview questions
163. Why are loopbacks advertised as /32 host routes in ospf?
Loopbacks are considered host routes in ospf, and they are advertised as /32
164. Which command in ospf shows the network lsa information?
Show ip ospf 10 database network
165. What command would you use to create a totally stubby area?
Router ospf 10
Area 10 stub no summary
166. What the hello packet carries when we enable ospf?
Hello packets are ospf packet type 1. These packets are multicast periodically to 224.0.0.5 multicast
address on all interfaces (unicast on virtual-links) enabling dynamic discovery of neighbors and maintain
neighbor relationships. On broadcast and nbma networks, hello packets are used to elect dr and bdr.
Network mask- subnet mask of the advertising ospf interface. For unnumbered point-to-point interfaces
and virtual-links, it is set to 0.0.0.0 (4-bytes)
hellointerval- interval at which hello packets are advertised. By default, 10 seconds for point-to-point
link and 30 seconds for nbma/broadcast links (2-bytes)
options- the local router advertises its capabilities in this field. (1-byte)
rtr pri- the priority of the local router. It is used for dr/bdr election. If set to 0, the router is ineligible for
the election. (1-byte)
routerdeadinterval- the dead interval as requested by the advertising router. By default, 40 seconds for
point-to-point link and 120 seconds for nbma/broadcast links (4-bytes)
designated router- the ip address of the current dr. Set to 0.0.0.0 if no dr is elected yet. (4-bytes)
backup designated router- the ip address of the current bdr. Set to 0.0.0.0 if no bdr is elected yet. (4-
bytes)
neighbor- the router ids of all ospf routers from whom a valid hello packet have been seen on the
network.
167. What are lsa types?
Lsa type 1 (router lsa)
Router link state advertisments type 1 are generated by every router for each link that belongs to an
area. They are flooded only inside of area to which they belong. Link id of this lsa is the router id of the
router that generated it.
Lsa type 2 (network lsa)
Generated by designated router (dr) for multiaccess networks and describe the routers that are
connected to that segment. They are sent inside the area to which the network segment belong. The
link id is the interface ip address of the designated router which describe that particular segment.
Lsa type 3 (summary lsa)
Type 3 lsas are generated by area border routers (abrs). In type 3 lsas are advertised networks from an
area to the rest of the areas in as. Advertised networks in type 4 lsa can be summarized or not. The link-
state id used by this lsa is the network number advertised.
Lsa type 4 (summary lsa)
Generated by abrs, this type os lsa contain routes to asbrs. Link id used is router id of the asbr described.
Are not flooded in stub areas.
Lsa type 5 (external lsa)
Autonomous system external lsas are generated by asbrs and contain routes to networks that are
external to current as. Link-state id is network number advertised in lsa. Type 5 lsas are not flooded
inside any stub areas.
Lsa type 6 (multicast lsa)
This type of lsa is used for multicast applications.
Lsa type 7 (nssa external lsa)
Type 7 lsa allow injection of external routes throug not-so-stubby-areas (nssa). Generally external routes
are advertised by type 5 lsa but they are not allowed inside any stub area. Thats why type 7 lsa is used,
to trick ospf. Type 7 lsa is generated by nssa asbr and is translated into type 5 lsa as it leaves the area by
nssa abr, which is then propagated throughout the network as type 5 lsa.
Lsa type 8 (external attributes lsa for border gateway protocol (bgp))
Used to work with bgp.
Lsa type 9,10,11 (opaque lsas)
For future use.
168. What are area types? Why there are different area concepts?
Standard areas can contain lsas of type 1, 2, 3, 4, and 5, and may contain an asbr. The backbone
is considered a standard area.
Stub areas can contain type 1, 2, and 3 lsas. A default route is substituted for external routes.
Totally stubby areas can only contain type 1 and 2 lsas, and a single type 3 lsa. The type 3 lsa
describes a default route, substituted for all external and inter-area routes.
Not-so-stubby areas implement stub or totally stubby functionality yet contain an asbr. Type 7
lsas generated by the asbr are converted to type 5 by abrs to be flooded to the rest of the ospf
domain.
169. What is the main importance of stub network? Why it is been developed in ospf?
A stub network is a somewhat casual term describing a computer network, or part of an internetwork,
with no knowledge of other networks, that will typically send much or all of its non-local traffic out via a
single path, with the network aware only of a default route to non-local destinations
170. What will happen if we redistribute between different processes?
There can be several reasons for redistribution between multiple processes. These are a few examples:
Filter an ospf route from part of the domain
Separate different ospf domains
Migrate between separate domains
171. What is the adjacency type? Is adjacency is formed in between all the ospf enabled routers or
not? Explain
Down
This is the first ospf neighbor state. It means that no information (hellos) has been received from this
neighbor, but hello packets can still be sent to the neighbor in this state.
During the fully adjacent neighbor state, if a router doesn't receive hello packet from a neighbor within
the routerdeadinterval time (routerdeadinterval = 4*hellointerval by default) or if the manually
configured neighbor is being removed from the configuration, then the neighbor state changes from full
to down.
Attempt
This state is only valid for manually configured neighbors in an nbma environment. In attempt state, the
router sends unicast hello packets every poll interval to the neighbor, from which hellos have not been
received within the dead interval.
Init
This state specifies that the router has received a hello packet from its neighbor, but the receiving
router's id was not included in the hello packet. When a router receives a hello packet from a neighbor,
it should list the sender's router id in its hello packet as an acknowledgment that it received a valid hello
packet.
2-way
This state designates that bi-directional communication has been established between two routers. Bi-
directional means that each router has seen the other's hello packet. This state is attained when the
router receiving the hello packet sees its own router id within the received hello packet's neighbor field.
At this state, a router decides whether to become adjacent with this neighbor. On broadcast media and
non-broadcast multiaccess networks, a router becomes full only with the designated router (dr) and the
backup designated router (bdr); it stays in the 2-way state with all other neighbors. On point-to-point
and point-to-multipoint networks, a router becomes full with all connected routers.
At the end of this stage, the dr and bdr for broadcast and non-broadcast multiacess networks are
elected. For more information on the dr election process, refer to dr election.
Note: receiving a database descriptor (dbd) packet from a neighbor in the init state will also a cause a
transition to 2-way state.
Exstart
Once the dr and bdr are elected, the actual process of exchanging link state information can start
between the routers and their dr and bdr.
In this state, the routers and their dr and bdr establish a master-slave relationship and choose the initial
sequence number for adjacency formation. The router with the higher router id becomes the master
and starts the exchange, and as such, is the only router that can increment the sequence number. Note
that one would logically conclude that the dr/bdr with the highest router id will become the master
during this process of master-slave relation. Remember that the dr/bdr election might be purely by
virtue of a higher priority configured on the router instead of highest router id. Thus, it is possible that a
dr plays the role of slave. And also note that master/slave election is on a per-neighbor basis.
Exchange
In the exchange state, ospf routers exchange database descriptor (dbd) packets. Database descriptors
contain link-state advertisement (lsa) headers only and describe the contents of the entire link-state
database. Each dbd packet has a sequence number which can be incremented only by master which is
explicitly acknowledged by slave. Routers also send link-state request packets and link-state update
packets (which contain the entire lsa) in this state. The contents of the dbd received are compared to
the information contained in the routers link-state database to check if new or more current link-state
information is available with the neighbor.
Loading
In this state, the actual exchange of link state information occurs. Based on the information provided by
the dbds, routers send link-state request packets. The neighbor then provides the requested link-state
information in link-state update packets. During the adjacency, if a router receives an outdated or
missing lsa, it requests that lsa by sending a link-state request packet. All link-state update packets are
acknowledged.
Full
In this state, routers are fully adjacent with each other. All the router and network lsas are exchanged
and the routers' databases are fully synchronized.
Full is the normal state for an ospf router. If a router is stuck in another state, it is an indication that
there are problems in forming adjacencies. The only exception to this is the 2-way state, which is normal
in a broadcast network. Routers achieve the full state with their dr and bdr in nbma/broadcast media
and full state with every neighbor in the remaining media such as point-to-point and point-to-
multipoint.
Note: the dr and bdr that achieve full state with every router on the segment will display full/drother
when you enter the show ip ospf neighbor command on either a dr or bdr. This simply means that the
neighbor is not a dr or bdr, but since the router on which the command was entered is either a dr or
bdr, this shows the neighbor as full/drother.
172. If router id is same between ospf enabled routers will they form adjacency or not?
Yes
173. What is lsa 7 and how it can be used?
Type 7 lsa allows injection of external routes throug not-so-stubby-areas (nssa). Generally external
routes are advertised by type 5 lsa but they are not allowed inside any stub area. Thats why type 7 lsa
is used, to trick ospf. Type 7 lsa is generated by nssa asbr and is translated into type 5 lsa as it leaves the
area by nssa abr, which is then propagated throughout the network as type 5 lsa.
174. How we can connect a normal area to a backbone area if they are not directly connected.
By using virtual link
175. What is lsa in case of ospf? It resemblance to which properties of eigrp?

176. What is ospfs metric? How is it identified in routing table? Does it support redistribution?
Ospf uses a reference bandwidth of 100 mbps for cost calculation. The formula to calculate the cost is
reference bandwidth divided by interface bandwidth. For example, in the case of ethernet, it is 100
mbps / 10 mbps = 10. Note: if ip ospf cost cost is used on the interface, it overrides this formulated cost.
177. What are the states used in ospf when forming neighbor ship?
2-way. The 2-way state indicates that the local router has received a hello packet with its own router id
in the neighbor field. Thus, bidirectional communication has been established and the peers are now
ospf neighbors
178. What are the packet types does ospf use? Explain hello, dead timers, lsa, lsu, lsr packets.
Types of ospf packets:
1. The hello packet:

the hello packets are sent over a period of time on all interfaces for the purpose of establishing and
maintaining neighbor relationships. Hello packets are multicast on the networks having multicast
capability, which enables discovery of neighboring routers dynamically. The inhabitance of differences
among hello packets can form neighbor relationships by agreeing certain parameters.
2. The database description packet:

at the time of adjacency is being initialized, these packets are exchanged. These packets describe
topological database contents. The database may be described by using multiple packets. A poll-
response procedure is used for the description of multiple packets usage. Among the routers, one is
designated to be master, and the other a slave. The database description packets are sent by the slave
after sending the database description packets by the master.
3. The link state request packet:

a router may find the parts of its topological database are out of date, after database description
package exchange with a neighboring router. The link state request packet is utilized for requesting the
pieces of the neighbors database which are more up to date. There may be a need to utilize multiple
link state request packets.
4. The link state update packets:

the flooding of link state advertisements is implemented by these packets. A collection of link state
advertisements are carried by each link statement update packet, one hop further from its origin. A
packed may be included by several link state advertisements.
5. The link state acknowledge packets:

the reliability of flooding link state advertisement is made by explicitly acknowledging flooded
advertisements. The accomplishment of this acknowledgement is done through the sending and
receiving of link sate acknowledgement packets. A single link state acknowledgement packet is used to
acknowledge the multiple link state advertisements.
179. What will be hello/dead timers in network having link capacity of >t1 and <=t1?
For link above t1 i.e. 1.544mbps hello = 10 seconds, dead is 40 seconds
For link = or below hello = 30 seconds, dead = 120 seconds.
Dead interval is exact four times than hello and its value cant be set manually.
180. What is ospf router id and how is it elected?
Router id is 32 bit number similar to ip address. It is elected as highest ip address of loopback interfaces
or highest ip of the active physical interfaces if loopback is not present. It can also be set manually but it
will take effect when ospf process is reset completely or device is reloaded. There should be only one
router-id per device running ospf to avoid database issues.
181. What is the dr/bdr in ospf? How these are elected and in what scenario?
Dr/bdr election happens in shared multi access network to avoid full mesh scenario. In shared
environment, every ospf router will try to form neighbor ship with other router, so dr/bdr comes in to
action and act as single point of contact. Neighborship will only form with dr and backup dr. Dr router
will be the highest priority router and bdr will be second highest priority. If there is a tie, then highest
router-id will be used to make the decision. Router id is elected as the highest numerical loopback ip or
the highest physical active ip address or the interface ip which comes up first.
182. What is the multicast ips used by ospf? What multicast ip does dr/bdr router and non-dr use?
Ospf routers use 224.0.0.5 multicast ip address. However, in dr/bdr it uses 224.0.0.5 and 224.0.0.6.
Dr/bdr will use 224.0.0.6 while replying to ospf routers in broadcast multi access network.
183. How do i change the reference bandwidth in ospf?
You can change the reference bandwidth in cisco ios software release 11.2 and later using the ospf auto-
cost reference-bandwidth command under router ospf. By default, reference bandwidth is 100 mbps.
The ospf link-cost is a 16-bit number. Therefore, the maximum value supported is 65,535.
184. How to generate default route in ospf?
There are two ways to inject a default route into a normal area. If the asbr already has the default
route in its routing table, you can advertise the existing 0.0.0.0/0 into the ospf domain with thedefault-
information originate router configuration command
185. How external routes are advertised generally (e1 or e2)? How to change from e2 to e1?
When we redistribute a protocol in ospf, by default itaccept those route as e2 in ospf domain. E1 & e2 is
external type 1 and rxternal type 2. In cisco external route are e2 by nature. Basically difference
between e1 and e2 is : e1 includes internal cost to asbr added to external cost, e2 does not include
internal cost. It is same as external cost.E1 is prefered if route is equal cost path exist. Example: r1-r2-r3
is connected and r3 is a asbr. And suppose a cost of between r1 to r2 is 10 and r2 to r3 is 10. Cost of
external router on r3(asbr) is 1800. Now if you thik about e1 cost to external route from r1 is
(10+10+1800) 1820 but in case of e2 it is 1800.. E1 is usefull when there are multiple asbr to same
destination and e2 is usefull when there is only one asbr in
to reach destinaltion
186. What is ospf super backbone area?
The idea is that this super backbone can override the default behavior of ospf and provide connectivity
between customers without the need for crazy virtual-links or tunneling (cant use vls across area 0
anyway).
187. What is the concept of auto-cost in ospf?
The default reference bandwidth for OSPF is 10^8 bps or 100Mbit. Increasing the reference-bandwidth
allows a more granular OSPF design. If changed it should be changed on all routers in the OSPF
domain.The reason you would change the reference-bandwidth is that you may have link faster than
100M in your network. If you have Gigabit networks but are using the default reference-bandwidth,
then Gigabit links are equal in cost to fast Ethernet.
device# configure
device(config)# router ospf
device(config-ospf-router)# auto-cost reference-bandwidth 500
188. Is there any dr and bdr concept in /31 networks?
No
189. What are the different network types in ospf?
Ospf network types

Having worked almost exclusively with ethernet transport my whole career, it took me a while to really
grasp the concept of non-broadcast networks. Dynamic routing protocols, particularly ospf, demand
familiarity with all sorts of layer two topologies, so i knew i had to better educate myself on the matter.
Fortunately, working withdynamips and virtual frame relay networks provided the experience i needed
to feel comfortable implementing all the different ospf network types.
Ospf addresses three classes of network (as listed in section 1.2 of rfc 2328): point-to-point, broadcast,
and non-broadcast.
Point-to-point
This is by far the simplest network type, and serves as a convenient anchor from which to advance the
discussion. A point-to-point network is, as its name aptly describes, a link between exactly two points (or
routers). A packet sent from on of the routers will always have exactly one recipient on the local link.
Broadcast
Obviously, point-to-point links don't scale well. A much more efficient manner of connecting a large
number of devices is to implement a multiaccess segment; that is, a segment which can be accessed by
multiple end points. An ethernet segment is an example of such a network.
Ethernet networks support broadcasts; a single packet transmitted by a device can be multiplied by the
medium (in this case an ethernet switch) so that every other end point receives a copy. This is
advantageous not only in bandwidth savings, but also in facilitating automatic neighbor discovery.
In the example pictured above, r1 can multicast (a broadcast intended only for certain recipients) an
ospf hello message to the link, knowing that all other ospf routers connected to the link will receive it
and reply with their own multicast message. Consequently, neighbors can quickly identify each other
and form adjacencies without knowing addresses beforehand. Isn't that convenient?
Ospf routers on a multiaccess segment will elect a designated router (dr) and backup designated router
(bdr) with which all non-designated routers will form an adjacency. This is to ensure that the number of
adjacencies maintained does not grow too large; a segment containing ten routers would require 45
adjacencies to form a mesh, but only 17 when a dr and bdr are in place.
Non-broadcast
Unfortunately, not all multiaccess technologies support broadcast transmissions. Frame relay and atm
are probably the most common examples of non-broadcast transport, requiring individual permanent
virtual circuits (pvcs) to be configured between end points.
Notice in the frame relay topology pictured above, r1 must craft and transmit an individual packet for
every destination he wants to reach. Aside from being horribly inefficient with regard to bandwidth, this
limitation requires the router to know the addresses of his neighbors before he can communicate to
them.
Ospf can operate in one of two modes across a non-broadcast network: non-broadcast multi-access
(nbma) or point-to-multipoint. Each of these topologies tackles the absence of broadcast capability from
a different direction.
Non-broadcast multi-access (nbma)
An nbma segment emulates the function of a broadcast network. Every router on the segment must be
configured with the ip address of each of its neighbors. Ospf hello packets are then individually
transmitted as unicast packets to each adjacent neighbor.
As in a true broadcast network, a dr and bdr are elected to limit the number of adjacencies formed.
Point-to-multipoint
A point-to-multipoint configuration approaches the non-broadcast limitation in a different manner.

Rather than trying to emulate broadcast capability, it seeks to organize the pvcs into a collection of
point-to-point networks. Hello packets must still be replicated and transmitted individually to each
neighbor, but the multipoint approach offers two distinct advantages: no dr/bdr is needed, and the
emulated point-to-point links can occupy a common subnet.
All routers attached to a non-broadcast network must be manually configured to recognize it as a point-
to-multipoint segment:
Router(config-if)# ip ospf network point-to-multipoint [non-broadcast]
The non-broadcast parameter can be appended to the ospf network type to force unicasting of packets
rather than relying on multicast. This might be necessary when dynamic circuits are in use.
190. How does ospf calculate its metric or cost?
Ospf uses a reference bandwidth of 100 mbps for cost calculation. The formula to calculate the cost is
reference bandwidth divided by interface bandwidth. For example, in the case of ethernet, it is 100
mbps / 10 mbps = 10.
Note: if ip ospf cost cost is used on the interface, it overrides this formulated cost.
191. What algorithm is used by ospf if equal cost routes exist?
If equal cost routes exist, ospf uses cef load balancing.
192. Are ospf routing protocol exchanges authenticated?
Yes, ospf can authenticate all packets exchanged between neighbors. Authentication may be through
simple passwords or through md5 cryptographic checksums. To configure simple password
authentication for an area, use the command ip ospf authentication-key to assign a password of up to
eight octets to each interface attached to the area. Then, issue the area x authentication command to
the ospf router configuration to enable authentication. (in the command, x is the area number.)
193. What is the link-state retransmit interval, and what is the command to set it?
Ospf must send acknowledgment of each newly received link-state advertisement (lsa). It does this by
sending lsa packets. Lsas are retransmitted until they are acknowledged. The link-state retransmit
interval defines the time between retransmissions. You can use the command ip ospf retransmit-
interval to set the retransmit interval. The default value is 5 seconds.
194. What is the purpose of the variable ip-ospf-transmit-delay?
This variable adds a specified time to the age field of an update. If the delay is not added before
transmission over a link, the time in which the link-state advertisement (lsa) propagates over the link is
not considered. The default value is 1 second. This parameter has more significance on very low-speed
links.
195. Can an ospf default be originated into the system based on external information on a router
that does not itself have a default?
Ospf generates a default only if it is configured using the command default-information originate and if
there is a default network in the box from a different process. The default route in ospf is 0.0.0.0. If you
want an ospf-enabled router to generate a default route even if it does not have a default route itself,
use the command default-information originates always.
196. Can i use the distribute-list in/out command with ospf to filter routes?
The distribute-list commands are supported in ospf but work differently than distance-vector routing
protocols such as routing information protocol (rip) and enhanced interior gateway routing protocol
(eigrp). Ospf routes cannot be filtered from entering the ospf database. The distribute-list in command
only filters routes from entering the routing table; it does not prevent link-state packets from being
propagated. Therefore, this command does not help conserve router memory, and it does not prohibit a
router from propagating filtered routes to other routers.
197. How can i give preference to ospf interarea routes over intra-area routes?
According to section 11 of rfc 2328 , the order of preference for ospf routes is:
Intra-area routes, o
Interarea routes, o ia
External routes type 1, o e1
External routes type 2, o e2
This rule of preference cannot be changed. However, it applies only within a single ospf process. If a
router is running more than one ospf process, route comparison occurs. With route comparison, the
metrics and administrative distances (if they have been changed) of the ospf processes are compared.
Route types are disregarded when routes supplied by two different ospf processes are compared.
198. Do i need to manually set up adjacencies for routers on the switched multimegabit data
service (smds) cloud with the ospf neighbor subcommand?
In cisco ios software releases earlier than cisco ios software release 10.0, the neighbor command was
required to establish adjacencies over nonbroadcast multiaccess (nbma) networks (such as frame relay,
x.25, and smds). With cisco ios software release 10.0 and later, you can use the ip ospf network
broadcastcommand to define the network as a broadcast network, eliminating the need for
the neighbor command. If you are not using a fully meshed smds cloud, you must use the ip ospf
network point-to-multipoint command.
199. When routes are redistributed between ospf processes, are all shortest path first algorithm
(spf) metrics preserved, or are the default metric value used?
The spf metrics are preserved. The redistribution between them is like redistribution between any two
ip routing processes.
200. How does cisco accommodate ospf routing on partial-mesh frame relay networks?
You can configure ospf to understand whether it should attempt to use multicast facilities on a multi-
access interface. Also, if multicast is available, ospf uses it for its normal multicasts.
Cisco ios software release 10.0 includes a feature called subinterfaces. You can use subinterfaces with
frame relay to tie together a set of virtual circuits (vcs) to form a virtual interface, which acts as a single
ip subnet. All systems within the subnet should be fully meshed. With cisco ios software releases 10.3,
11.0 and later, the ip ospf point-to-multipoint command is also available.
201. Which address-wild-mask pair should i use for assigning an unnumbered interface to an area?
When an unnumbered interface is configured, it references another interface on the router. When
enabling ospf on the unnumbered interface, use the address-wild-mask pair of interfaces to which the
unnumbered interface is pointing.
202. Can i have one numbered side and leave the other side unnumbered in ospf?
No, ospf does not work if you have one side numbered and the other side unnumbered. This creates a
discrepancy in the ospf database that prevents routes from being installed in the routing table.
203. Why do i receive the cannot allocate router id error message when i configure router ospf
one?
Ospf picks up the highest ip address as a router id. If there are no interfaces in up/up mode with an ip
address, it returns this error message. To correct the problem, configure a loopback interface.
204. Why do i receive the unknown routing protocol error message when i configure router ospf
one?
Your software may not support ospf. This error message occurs most frequently with the cisco 1600
series routers. If you are using a 1600 router, you need a plus image to run ospf.
205. Is it true that only the static option of the virtual link in ospf allows discontinuous networks,
regardless of the mask propagation properties?
No, virtual links in ospf maintain connectivity to the backbone from nonbackbone areas, but they are
unnecessary for discontiguous addressing. Ospf provides support for discontiguous networks because
every area has a collection of networks, and ospf attaches a mask to each advertisement.
206. Are the multicast ip addresses mapped to mac-level multicast addresses?
No, virtual links in ospf maintain connectivity to the backbone from nonbackbone areas, but they are
unnecessary for discontiguous addressing. Ospf provides support for discontiguous networks because
every area has a collection of networks, and ospf attaches a mask to each advertisement.
207. Does the cisco ospf implementation support ip tos-based routing?

Cisco ospf only supports tos 0. This means that routers route all packets on the tos 0 path, eliminating
the need to calculate nonzero tos paths.
208. Does the offset-list subcommand work for ospf?
The offset-list command does not work for ospf. It is used for distance vector protocols such as interior
gateway routing protocol (igrp), routing information protocol (rip), and rip version 2.
209. Do i need any special commands to run ospf over bri/pri links?
In addition to the normal ospf configuration commands, you should use the dialer map command.
When using the dialer map command, use the broadcast keyword to indicate that broadcasts should be
forwarded to the protocol address.
210. Which cisco ios software release began support for per-interface authentication type in ospf?
Per-interface authentication type, as described in rfc 2178 , was added in cisco ios software release
12.0(8).
211. How can you detect the topological changes rapidly?
In order to have a rapid fault detection of topology changes, the hello timer value needs to be set to 1
second. The hold timer value, which is is four times that of the hello timer, also needs to be configured.
There is a possibility of more routing traffic if the hello and hold timer values are reduced from their
default values.
Note: tuning ospf timers might result in network as well device resource overhead. Cisco recommends
using bidirectional forwarding detection (bfd) instead of tuning the routing protocol timers. Bfd also
gives sub-second convergence. Refer to ospf support for bfd over ipv4 for more information.
212. How does ospf use two multilink paths to transfer packets?
Ospf uses the metric a cost, which is related to the bandwidth. If there are equal cost paths (the same
bandwidth on both multilink), ospf installs both routes in the routing table. The routing table tries to use
both links equally, regardless of the interface utilization. If one of the links in the first multilink fails, ospf
does not send all the traffic down the second multilink. If the first multilink peaks 100%, ospf does not
send any traffic down the second multilink because ospf tries to use both links equally, regardless of the
interface utilization. The second is used fully only when the first multilink goes down.
213. Can we have ospf run over a gre tunnel?
Yes, refer to configuring a gre tunnel over ipsec with ospf.
214. Is there a way to manipulate and prefer the type 3 lsas to originate from two different areas
sent to the non-backbone area?
Type 3 lsa is originated by the area border router (abr) as a summary route. Manipulating the summary
route is not possible in an abr router.
215. What is the maximum number of ospf processes (vrf aware) on 7600/6500 platforms?
Cisco ios has a limit of 32 routing processes. Two of these are saved for static and directly connected
routes. The cisco 7600 router supports 28 ospf processes per vrf.
216. Is there a way to compare cisco nx-os/ios ospf commands?
Yes, refer to cisco nx-os/ios ospf comparison.
217. Is there any feature of ospf protocol for quick convergence and a slow re-convergence of
routes?
The ospf shortest path first throttling feature makes it possible to configure spf scheduling in millisecond
intervals and to potentially delay spf calculations during network instability. Spf is scheduled to calculate
the shortest path tree (spt) when there is a change in topology.
Syntax of the command under ospf:
Timers throttle spf [spf-start] [spf-hold] [spf-max-wait]
Where:
Spf-startinitial delay to schedule an spf calculation after a change, in milliseconds. Range is from 1 to
600000.
Spf-holdminimum hold time between two consecutive spf calculations, in milliseconds. Range is from
1 to 600000.
Spf-max-waitmaximum wait time between two consecutive spf calculations, in milliseconds. Range is
1 to 600000.
Stp interview questions
220. What is spanning tree aka stp ?
Spanning tree protocol (stp) is a layer 2 protocol that runs on bridges and switches. The specification
for stp is ieee 802.1d. The main purpose of stp is to ensure that you do not create loops when you have
redundant paths in your network. Loops are deadly to a network.
221. How does stp maintain a loop-free network?
Spanning tree works by first using an algorithm to find redundant links in the lan and selecting the best
paths. Its initial goal is to put all links in either forwarding or blocking. In the end, the links without a
redundant link and the best links with a redundant link would be in forwarding state. The redundant
links that werent as good as the selected links would be in blocking state.
Spanning tree cannot use multiple links to the same destination. There is no load-sharing feature with
spanning tree. Any redundant link that is not as preferred is blocked (essentially shut down) until the
primary link goes down.
Because the best ports are put into forwarding state and the other ports are put into blocking state,
there are no loops in the network. When a new switch is introduced to the network, the algorithm and
port states are recalculated to prevent a new loop.
222. What parameters can be tuned to influence the selection of a port as a root or designated
port?
If a switch has multiple paths to reach the root bridge (root switch), it must select one path and
the associated port as the root port. Following are the different steps for selecting the root
bridge (switch).
Spanning tree root port selection process in a non-root switch involves the following steps.
Select the port connected to the path with the lowest accumulated spanning tree path cost to
theroot bridge (root switch) as the root port, when a non-root switch has multiple paths to
reach the root switch.
If multiple paths are available to reach the root bridge (root switch) with the same
accumulatedspanning tree path cost in a non-root switch, select the port connected to the
neighbor switch which has the lowest switch id value as the root port.
If all the multiple paths go through the same neighboring switch to reach the root bridge (root
switch), non-root switch will select the local port which receives the lowest port spanning tree
port priority value from neighbor switch as the root port.
If the received spanning tree port priority value values are the same between the connecting
ports to reach the root bridge (root switch), non-root switch will select the port which receives
the lowest physical port number from neighbor switch as the root port.
223. What is bdpu ?What is the basics function of bpdu?
The spanning tree protocol (stp) enabled switches in a redundant local area network (lan) need to
exchange information between each other for spanning tree protocol (stp) to work properly. Bridge
protocol data units (bpdus) are messages exchanged between the switches inside an interconnected
redundant local area network (lan).
Bridge protocol data units (bpdus) frames contain information regarding the switch id, originating
switch port, mac address, switch port priority, switch port cost etc.
Bridge protocol data units (bpdus) frames are sent out as multicast messages regularly at multicast
destination mac address 01:80:c2:00:00:00. When bridge protocol data units (bpdus) are received, the
switch uses a mathematical formula called the spanning tree algorithm (sta) to know when there is a
layer 2 switch loop in network and determines which of the redundant ports needs to be shut down.
Three types of bridge protocol data units (bpdus) are configuration bpdu (cbpdu), topology change
notification (tcn) bpdu and topology change notification acknowledgment (tca).
The basic purpose of the bridge protocol data units (bpdus) and the spanning tree algorithm (sta) is to
avoid layer 2 switching loops and broadcast storms.
224. What is the stp listening state?
The ports on a switch with enabled spanning tree protocol (stp) are in one of the following five port
states.
blocking
listening
learning
forwarding
disabled
A switch does not enter any of these port states immediately except the blocking state. When
the spanning tree protocol (stp) is enabled, every switch in the network starts in the blocking state and
later changes to the listening and learning states.
Blocking state
The switch ports will go into a blocking state at the time of election process, when a switch receives
a bpduon a port that indicates a better path to the root switch (root bridge), and if a port is not a root
port or adesignated port.
A port in the blocking state does not participate in frame forwarding and also discards frames received
from the attached network segment. During blocking state, the port is only listening to and
processing bpdus on its interfaces. After 20 seconds, the switch port changes from the blocking state to
the listening state.
Listening state
After blocking state, a root port or a designated port will move to a listening state. All other ports will
remain in a blocked state. During the listening state the port discards frames received from the attached
network segment and it also discards frames switched from another port for forwarding. At this state,
the port receives bpdus from the network segment and directs them to the switch system module for
processing. After 15 seconds, the switch port moves from the listening state to the learning state.
Learning state
A port changes to learning state after listening state. During the learning state, the port is listening for
and processing bpdus . In the listening state, the port begins to process user frames and start updating
the mac address table. But the user frames are not forwarded to the destination. After 15 seconds, the
switch port moves from the learning state to the forwarding state.
Forwarding state
A port in the forwarding state forwards frames across the attached network segment. In a forwarding
state, the port will process bpdus , update its mac address table with frames that it receives, and
forward user traffic through the port. Forwarding state is the normal state. Data and configuration
messages are passed through the port, when it is in forwarding state.
Disabled state
A port in the disabled state does not participate in frame forwarding or the operation of stp because a
port in the disabled state is considered non-operational.
225. Which command enables rstp on a switch?
Spanning-tree mode rapid-pvst
226. What is per-vlan spanning tree protocol (pvst)
A single spanning tree lacks flexibility in how the links are used in the network topology. Cisco
implements a protocol known as per-vlan spanning tree plus (pvst+) that is compatible with 802.1q cst
but allows a separate spanning tree to be constructed for each vlan.
227. What is the default bridge priority in a bridge id for all cisco switches?
Bridge id priority 32769 (priority 32768 sys-id-ext 1)
228. Which stp version run default on cisco switches ?
Pvst+
229. What is the purpose of spanning tree protocol in a switched lan?
The spanning tree protocol (stp) was designed to stop layer 2 loops. All ciscoswitches have the stp on by
default. ... Convergence occurs when all ports on bridges and switches have transitioned to either the
forwarding or blocking states. No data is forwarded until convergence is complete.
230. Difference between spanning tree protocol (stp) and rapid spanning tree protocol (rstp)?
The main difference between rapid spanning tree protocol (rstp ieee 802.1w) and spanning tree
protocol (stp ieee 802.1d) is that rapid spanning tree protocol (rstp ieee 802.1w) assumes the
three spanning tree protocol (stp) ports states listening, blocking, and disabled are same (these
states do not forward ethernet framesand they do not learn mac addresses). Hence rapid spanning tree
protocol (rstp ieee 802.1w) places them all into a new called discarding state. Learning and forwarding
ports remain more or less the same.
in spanning tree protocol (stp ieee 802.1d), bridges would only send out a bpdu when they received
one on their root port. They only forward bpdus that are generated by the root switch (root
bridge). Rapid spanning tree protocol (rstp ieee 802.1w) enabled switches send out bpdus every hello
time, containing current information.
spanning tree protocol (stp ieee 802.1d) includes two port types; stp root port and designated
port. Rapid spanning tree protocol (rstp ieee 802.1w) includes two additional port types called as
alternate ports and backup ports.
An alternate port is a port that has an alternative path or paths to the root switch (root bridge) but is
currently in a discarding state (can be considered as an additional unused root port). A backup port is a
port on a network segment that could be used to reach the root switch, but there is already an
active stp designated port for the segment (can be considered as an additional unused designated port).
231. Difference between root port and designated port?
The differences between root port and designated port are listed below.
root port is a single selected port on a switch, other than root switch, with least path cost to reach the
root bridge. The designated port is the port that has the lowest spanning tree path cost on a particular
local area network (lan) segment.The root port is the port on the bridge (switch) with the least spanning
tree path cost from the switch to theroot bridge.
A designated port is the port on a local area network (lan) segment with the least spanning tree path
cost to the root bridge (root switch).there can be only one root port on a bridge (switch). There may be
multiple designated ports on a bridge (switch).All the ports on a root bridge (root switch) are designated
port and there is no root port on a root bridge (root switch).a root port can never be a designated port.if
one end of a local area network (lan) segment is a designated port, other end is called as non designated
port (marked as ndp), if it is not a root port. Non designated port will be always in blocking state, to
avoid layer 2 switching loops.
232. What is the difference between path cost and root path cost?
Spanning tree uses costs associated to ingress ports to calculate the best path to the root bridge. The
root path cost is the cumulative cost from the root to any given switch. Each port has a cost associated
to it. On a cisco switch, the port cost can be altered using
Sw1 (config-if)# spanning-tree [vlan vlan-id] cost cost
A third term exists which causes a little confusion: path cost. The path cost is the same thing as the port
cost, just a different name for it.
233. What is the difference between stp, mstp, pvst and rstp?
Stp. Spanning tree protocol (ieee 802.1d). Forms a loop free graph (tree) in an arbitrary
topology of switches. Gives you tools to set preferred location of a root and link costs for
determining links to block.
Pvstp. Per-vlan spanning tree protocol . Cisco proprietary protocol that allows each vlan in a
network to run an independent spanning tree with an independent root rather than forcing a
single topology for all vlans.
Rstp. Rapid spanning tree protocol (ieee 802.1w). An evolution of the spanning tree protocol
with faster convergence time, relying one some more advanced switch capabilities.
Mst. Multiple spanning tree protocol
(ieee 802.1s). A standarized and evolved form of pvstp.
Etherchannel. A cisco technique that provides the ability to negotiate to bundle multiple
physical links into a single, logical, higher speed link. (the standardized form is is ieee
802.3ad link aggregation)
234. What is path cost?
Ports that are determined to have the lowest cost path to the root bridge are called designated ports.
Switches or bridges running stp uses bpdu to exchange information.the bridge id is use to determine the
root bridge and to determine the root port
235. Define selection criteria of stp root bridge.
Spanning tree protocol (stp) is a layer 2 protocol that runs on bridges and switches. The specification
for stp is ieee 802.1d. The main purpose of stp is to ensure that you do not create loops when you have
redundant paths in your network. Loops are deadly to a network.
236. How do non root bridge decide which port will elect as root port?
1. Lowest bridge id (priority:mac address) switch becomes the root-bridge

2. Each non-root bridge should have one root port (rp) which is the port having lowest path-cost to root
bridge.
3. All ports in root bridge become designated ports (dp)
4. Each segment should have one designated port (dp)
5. All rp/dps will be in forwarding state & all other ports will be in blocking state.
237. If a non root bridge has two redundant ports with the same root path cost, how does the
bridge choose which port will be the root port?
Bridge priority
Mac address
238. Why spanning tree bpdu filter is used?
The bpdu filter feature effectively disables stp on the selected ports by preventing them from sending or
receiving any bpdus. Bpdu filtering supports the ability to prevent switches from sending bpdus on
portfast-enabled interfaces. Ports configured for the portfast feature typically connect to host devices.
239. Can i use bpdu filter on trunk ports?
If a bpdu is received inbound when bpdu filter is applied globally then the portstops filtering and
it will lose its portfast status. The bpdu guard default commandwill only apply to ports that are in a
portfast operational state.
240. Which port state is introduced by rapid-pvst?
Which port state is introduced by rapid-pvst? Pvst+ is based on ieee802.1dspanning tree protocol (stp).
But pvst+ has only 3 port states (discarding, learning and forwarding) while stp has 5 port states
(blocking, listening, learning, forwarding and disabled).
241. What is spanning tree protocol (stp) portfast?
Spanning tree protocol (stp) convergence (layer 2 convergence) happens when bridges and switches
have transitioned to either the forwarding or blocking state. ...portfast feature should be used only to
connect a single workstation to a switch port to avoid layer 2 switching loop.
242. What does stp do when it detects a topology change in the network due to a bridge or link
failure?
If spanning tree detects a change in the network due to a bridge or link failure, at least one bridge
interface changes from the blocking state to the forwarding state, or vice versa.
243. What is the reason for developing another version stp i.e. Rstp?
Convergence
244. Can stp be configured on a router?
No
245. Is stp required to be configured when there is only one switch involved.
No
246. Is a generic ethernet frame modified when stp is configured on the network
Stp is a protocol. It has its own frame when configured. So it would not affect a generic ethernet frame
on the network.
247. How many designated ports can be available on a root bridge
248. How many root bridges can be available on a stp configured network
Only one
249. If the priority value of the two switches are same, which switch would be elected as the root
bridge
Lowest mac address value
250. What is the basic purpose of the bpdus and sta?
To avoid the loop
251. What is configuration bpdu?
The default bpdu advertisement time of 2 seconds allows changes to be quickly shared with all the other
switches in the network, reducing the amount of time any disruption would create. There are three
kinds of bpdus: configuration bpdu, used by spanning tree protocol to provide information to all
switches.
252. What is the destination mac address used by bridge protocol data units (bpdus)?
Bridge protocol data units (bpdus) are frames that contain information about the spanning
tree protocol (stp). Switches send bpdus using a unique mac addressfrom its origin port and a
multicast address as destination mac(01:80:c2:00:00:00, or 01:00:0c:cc:cc:cd for per vlan spanning tree).
253. What is tcn bpdu?

The root switch (bridge) bridge broadcasts the topology change information into the whole network.
When a switch (bridge) discovers topology change, it generates atcn (topology change
notification) bpdu (bridge protocol data unit) and sends the tcn bpdu on its root port.
254. What is tca bpdu?
The upstream switch (bridge) responds back the sender with tca (topology change
acknowledgment) bpdu (bridge protocol data unit) and tca (topology change
acknowledgment) bpdu (bridge protocol data unit) ... The process continues until the root switch (root
bridge) receives the tcn bpdu.
255. What is bridge protocol data unit (bpdu) frame format?
Bridge protocol data units (bpdus) are frames that contain information about the spanning
tree protocol (stp). Switches send bpdus using a unique mac address from its origin port and a multicast
address as destination mac (01:80:c2:00:00:00, or 01:00:0c:cc:cc:cd for per vlan spanning tree).
256. What is root port?
The root port is the port on the bridge (switch) with the least spanning tree path cost from the switch to
the root bridge. A designated port is the port on a local area network (lan) segment with the least
spanning tree path cost to the rootbridge (root switch).
257. What is pvst or pvst+?
Overview of pvst and pvst+ per vlan spanning tree (pvst) is a cisco proprietary protocol that allows a
cisco device to have multiple spanning trees. ...pvst+ is an extension of pvst that allows a cisco device to
also interoperate with devices that are running a single spanning tree (ieee 802.1q).
258. What is extended system id?
The bridge priority value and the extended system id extension together make up a 16 bit (2-byte)
value. The bridge priority making up the left most bits, is a value of 0 to 61440. The extended system
id is a value of 1 to 4095 corresponding to the respective vlan participating in stp.
259. What are stp timers and explain different types of stp timers?
Important spanning tree protocol (stp) timers are hello timer, forward delay timer and max age timer
and their default values are listed below.
Hello timer
The hello timer is the time interval between each bridge protocol data unit (bpdu) that is sent on a port.
Defaut spanning tree protocol (stp) hello timer is 2 seconds. You can adjust spanning tree protocol
(stp) hello timer to any value between 1 and 10 sec.
Click the following link to learn how to change the default spanning tree protocol (stp) hello timer.
Forward delay timer
The forward delay timer is the time interval that is spent in the listening and learning state.
Default spanning tree protocol (stp) forward delay timer is 15 seconds. You can adjust the spanning tree
protocol (stp) forward delay timer to any value between 4 and 30 seconds.
Max age timer
The max age timer controls the maximum length of time interval that a spanning tree protocol
(stp) switch port saves its configuration bridge protocol data unit (bpdu) information. Default max age
timer is 20 seconds. You can tune the spanning tree protocol (stp) max age timer to any value between 6
and 40 sec.
Vlan interview questions
267. Which switching technology reduces the size of a broadcast domain?
By using vlan technology we can reduces the size of Broadcast domain.Vlan (virtual local area network)
is a logical grouping or Segmenting the devices under a single broadcast domain.As a result provides
security and flexibility.
268. Which protocols are used to configure trunking on a switch?
Vlan trunking protocol (vtp) is a cisco proprietary protocol that propagates the definition of virtual local
area networks (vlan) on the whole local area network. To do this, vtp carries vlan information to all the
switches in a vtp domain. Vtpadvertisements can be sent over 802.1q, and isl trunks.
269. What is svi ?
A switched virtual interface (svi) is a vlan of switch ports represented by one interface to a routing or
bridging system. There is no physical interface for the vlan and the svi provides the layer 3 processing
for packets from all switch ports associated with the vlan.
270. What is meant by router on stick ?
Router-on-a-stick is a term frequently used to describe a setup up that consists of a router and switch
connected using one ethernet link configured as an 802.1q trunk link. In this setup, the switch is
configured with multiple vlans and the routerperforms all routing between the different networks/vlan
271. Which are the two trunking protocols ?
Difference between isl & 802.1q. A single communication link called trunk is usedbetween devices to
carry traffic which may belong to multiple vlans. ... There are two main types of
encapsulation protocols called isl (inter switch link) which is cisco proprietary protocol and 802.1q which
is an ieee standard.
272. Which protocol encapsulate etherframes ?
Isl encapsulates ethernet frames while 802.1q tags ethernet frame.
273. Which is the vlan not tagged by 802.1q ?
Native vlan
274. How to delete vlan information from switch ?
Delet flash:vlan.dat
275. Difference between access and trunk mode ?
Access mode is used to connect end devices(host) to switches while trunk mode is used to connect
between switches.
276. Difference between dynamic auto and dynamic desirable ?
Dynamic desirable: attempts to negotiate a trunk with the other end.
Dynamic auto: forms a trunk only if requested by the other end
277. What is the use of nonegociate command in switch ?
Nonegociate command disables automatic formation of trunk links. It will be good to configure trunk
manually and give non-negociate command for security reason.
278. Explain different switch port modes ?
Trunk: forms an unconditional trunk
Dynamic desirable: attempts to negotiate a trunk with the far end
Dynamic auto : forms a trunk only if requested by the far end
Access: will never form a trunk
279. What is dtp?
Dynamic trunking protocol is used to automatically establish trunks between capable ports (insecure
method)
280. Can we see trunk interfaces in show vlan command ?
Nope
281. Which is the command used to see trunk interfaces ?
Show interface trunk
Show interface fa1/0/13 trunk
Show interface fa1/0/13 switchport
Show interface status | include trunk
282. What is the maximum number of vlans permitted in 802.1q and isl?
Maximum vlan permitted in 802.1q is 4094
Maximum vlan permitted in isl is 1000
283. What is the header size of 802.1q ?
4 bytes
284. How does a switch forward traffic from a trunk port to appropriate vlan.
Enerally, there are two ways to look at a trunk line. In telephony, the term trunk refers to connections
between offices or distribution facilities. These connections represent an increased number of lines or
time division multiplexed connections as shown in figure 4-15. Examples include 25 pair bundles or t
carriers.
When a trunk line is installed, a trunking protocol is used to modify the ethernet frames as they travel
across the trunk line. In figure 4-14 the ports interconnecting the switches are trunk ports. This also
means that there is more than one operational mode for switch ports. By default, all ports are called
access ports. This describes a port used by a computer or other end node to access the network.
When a port is used to interconnect switches and convey vlan information, the operation of the port is
changed to a trunk. For example, on a cisco switch the mode command would be used to make this
change. Other vendors indicate that the port is now tagged, indicating that a vlan id will now be
inserted into the frames. The 802.1q standard also includes a provision for hybrid ports that
understand both tagged and untagged frames. To be clear, nodes and routers are often unaware of the
vlans and use standard ethernet or untagged frames. Trunk lines providing vlan or priority values will
be using tagged frames
285. On a multilayer catalyst switch, which interface command is used to convert a layer 3
interface to a layer 2 interface?
Switchport
286. Which protocol reduces administrative overhead in a switched network by allowing the
configuration of a new vlan to be distributed to all the switches in a domain?
Vtp
287. What is the difference between an access port and a trunk port?
As for the difference between trunks and access ports, a trunk does add dot1q or isl tags directly to
frames and can exist on all or multiple vlans. While an access port only passes traffic from a set vlan but
does not modify the frame with a vlan tag
288. What is frame tagging and different types of frame tagging?
Vlan frame tagging is a technology which is used to identify the vlan that the packet belongs to. The vlan
frame tag is placed on the ethernet frame when the ethernet frame reaches a switch from an access
port, which is a member of avlan.
289. What is a native vlan and what type of traffic will go through native vlan?
The native vlan is the only vlan which is not tagged in a trunk, in other words,native vlan frames are
transmitted unchanged. Per default the native vlan isvlan 1 but you can change that: #show interface
fa0/8 trunk. Port mode encapsulation status native vlan. Fa0/8 on 802.1q othe
290. What is inter-vlan routing?
Virtual lans (vlans) divide one physical network into multiple broadcast domains. But, vlan-enabled
switches cannot, by themselves, forward traffic across vlanboundaries. So you need to
have routing between these vlans which is calledintervlan routing.
Vtp interview questions
300. What are different vlan modes ?
The vtp protocol is a fairly complex protocol, but easy to understand and implement once you get to
know it. Currently, 3 different versions of the protocol exist, that is, version 1, 2 (adds support for token
ring networks) and 3, with the first version being used in most networks.
Despite the variety of versions, it also operates in 3 different modes: server, client and transparent
mode, giving us maximum flexibility on how changes in the network effect the rest of our switches. To
help keep things simple and in order to avoid confusion, we will work with the first version of the vtp
protocol - vtp v1, covering more than 90% of networks.
Below you'll find the 3 modes the vtp protocol can operate on any switch throughout the network:
Vtp server mode
Vtp client mode
Vtp transparent mode
301. What happens to interfaces when you delete a vlan?
You can delete a specific vlan or all vlans that are configured on a network interface. When you delete
all vlans on an interface, the interface is then available to be configured as a regular physical interface.
302. What is the difference between vtp transparent and vtp client mode ?
All server and client switches in the same vtp domain will use the vlan database with the highest revision
number. ... Vtp transparent mode, maintains its own vlan definitions in its config file. Vtp transparent
mode, though, can pass a vlan database through it, although it doesn't use it itself.
303. Which is the default mode of vtp ?
Server mode
304. What is vtp pruning ?
Vlan trunking protocol (vtp) is used to communicate vlan information between switches in the
same vtp domain. Vlan trunking protocol (vtp) pruning is a feature in cisco switches, which
stops vlan update information traffic from being sent down trunk links if the updates are not needed.
305. What are two benefits of using vtp in a switching environment?
C. It maintains vlan consistency across a switched network. D. It allows frames from multiple vlans to use
a single interface. E. It allows vlan information to be automatically propagated throughout the switching
environment. ... D. One of thetwo switches must be configured as a vtp server.
306. Which vtp mode is capable of creating only local vlans and does not synchronize with other
switches in the vtp domain?
Transparent
Wireless interview questions
308. What is wi-fi?

Wifi is a technology that uses radio waves to provide network connectivity. A wifi connection is
established using a wireless adapter to create hotspots - areas in the vicinity of a wireless router that are
connected to the network and allow users to access internet services. Once configured, wifi provides
wireless connectivity to your devices by emitting frequencies between 2.4ghz - 5ghz, based on the
amount of data on the network. This article will introduce you to the basics of wifi so that you may have
a better understanding of the worldwide phenomenon that provides you with your internet access.
309. What is a wi fi hotspot?
A hotspot is a physical location where people may obtain internet access, typically using wi-
fi technology, via awireless local area network (wlan) using a router connected to an internet service
provider.
310. What is ibss, bss and ess ?
Independent basic service set (ibss) allows two or more devices to communicate directly with each
other without a need for a central device. ... Basic service set (bss) wireless lan is established using a
central device called an access point that centralizes access and control over a group of wireless devices.
311. Why wpa encryption is preferred over wep?
What is one reason that wpa encryption is preferred over wep? ... B. The access point and the client are
manually configured with different wpa key values. C. Wpakey values remain the same until the client
configuration is changed. D. The values of wpa keys can change dynamically while the system is used.
312. What is 802.1x and eap ?
Ieee 802.1x is an ieee standard for port-based network access control (pnac). It is part of the ieee 802.1
group of networking protocols. It provides an authentication mechanism to devices wishing to attach to
a lan or wlan.
313. Name two devices can interfere with the operation of a wireless network because they
operate on similar frequencies?
Microwave oven
Cordless phone
314. What are three basic parameters to configure on a wireless access point?
Ssid
Rf channel
authentication method
315. What is the maximum data rate specified for ieee 802.11b wlans?
11 mbps
316. Which encryption type does wpa2 uses ?
Wpa uses tkip and wpa2 uses aes, but in summary, tkip is an older encryption standard used by the old
wpa standard. Aes is a newer wi-fiencryption solution used by the new-and-securewpa2 standard. In
theory, that's the end of it. 317. 802.1b is being utilized in the wireless network. Which spread spectrum
technology does the 802.1b standard define for operation in this network?
Dsss
Which two wireless encryption method are based on rc4 encryption algorithm ?
Wep
Tkip
317. How wlc works in terms of packet transfer or what is the mechanism?
All the client (802.11) packets are encapsulated in a lwapp packet by the lap and sent To the wlc. Wlc
descapsulates the lwapp packet and acts based on the destination ip Address in the 802.11 packet. If the
destination is one of the wireless clients associated to the Wlc, it encapsulates the packet again with the
lwapp and sends it to the lap of the client, Where it is decapsulated and sent to the wireless client. If the
destination is on the wired side Of the network, it removes the 802.11 header, adds the ethernet
header, and forwards the Packet to the connected switch, from where it is sent to the wired client.
When a packet Comes from the wired side, wlc removes the ethernet header, adds the 802.11 header,
Encapsulates it with lwapp, and sends it to the lap, where it is decapsulated, and the 802.11 packet is
delivered to the wireless client
318. What is the master controller mode on wlc?

When there is a master controller enabled, all newly added access points with no primary, Secondary, or
tertiary controllers assigned associate with the master controller on the same Subnet. This allows the
operator to verify the access point configuration and assign primary, Secondary, and tertiary controllers
to the access point using the all aps > details page. The master controller is normally used only when
adding new access points to the cisco Wireless lan solution. When no more access points are being
added to the network, cisco Wlan solution recommends that you disable the master controller.
319. What is the function of wlan on wlc?
Wlan is similar to that of ssid in the access points. It is required for a client to associate With its wireless
network. In order to configure a wlan on a wlc, refer to the sample Configuration in the document guest
wlan and internal wlan using wlcs configuration
320. How does dhcp work with the wlc?
The wlc is designed to act as a dhcp relay agent to the external dhcp server and acts Like a dhcp server
to the client. This is the sequence of events that occurs:Generally, wlan is tied to an interface which is
configured with a dhcp server.When the wlc receives a dhcp request from the client on a wlan, it relays
the Request to the dhcp server with its management ip address.The wlc shows its virtual ip address,
which must be a nonroutable address,Usually congured as 1.1.1.1, as the dhcp server to the client.
321. What happens to the wireless network when i perform a software upgrade? Do all the access
points (aps) registered to a wlc go down until they are upgraded, or are they upgraded one at a time
so that thewireless network can remain up?
Once the wlc is upgraded, it must be rebooted for the changes to take effect. Within this Time,
connectivity to the wlc is lost. Laps registered to a wlc lose their association to the Wlc, so service to the
wireless clients is interrupted. When you upgrade the controllers Software, the software on the
controllers associated access points is also automatically upgraded.Up to 10 access points can be
concurrently upgraded from the controller. Do not power down the controller or any access point during
this process; otherwise, you might corrupt the software image. Can a cisco ios softwarebased access
point (ap) that has been converted to lightweight mode register with cisco 4100 series wlcs? No, cisco
ios softwarebased aps that are converted to lightweight mode cannot register with the cisco 40xx,
41xx, or 3500 wlcs. These lightweight aps (laps) can register only with the cisco 4400 and the 2000 series
wlcs. Is it possible to go back and make corrections in the wlc configuration wizard at the time of the
initial configuration? Yes, this can be done with the (hyphen) key. Use this key to reenter the previous
parameter value.With the management via wireless feature enabled on wlcs in a mobility group, i can
only access one wlc from that mobility group, but not all. Why? This is an expected behavior. When
enabled, the management via wireless feature allows a wireless client to reach or manage only the wlc
to which its associated access point is registered. The client cannot manage other wlcs, even though
these wlcs are in same mobility groups. This is implemented for security, and recently was tightened
down to just the one wlc in order to limit exposure.Is it possible to assign an integrated controller in a
3750 switch and a 4400 wireless lan controller within the same mobility group? Yes, it is possible to
create a mobility group between a catalyst 3750 switch with an integrated controller and a 4400 wlc.
322. Can i upgrade the wlc from one major version to another directly?
You can upgrade or downgrade the wlc software only between two releases. In order to Upgrade or
downgrade beyond two releases, you must first install an intermediate release. We have finished our
initial deployment of laps. When our clients move from one end of the building to the other, they stay
associated with the ap to which they were closest. The clients do not appear to be handed off to the
nextclosest ap un l the signal strength from the ini al ap is completely depleted. Why?
Coverage area of an ap is entirely controlled by the wlc. The wlc talks between its aps and manages their
signal strength on the basis of how each ap senses other aps. However the client movement from one
ap to other is entirely controlled by the client. The radio within the client determines when the client
wants to move from one ap to the other.
No setting on the wlc, ap, or the rest of your network can influence clients decision to roam to a
different ap.
323. How do i prevent loops on the wlc?
You can enable stp on the wlc to prevent loops. From the wlc gui click controller, then navigate to the
advanced submenu located on the left side of the application. Click the spanning tree option, and
choose enable for spanning tree algorithm located on the right side of the application. By default, stp
need not be enabled to prevent loops
324. What is routing?

Routing is the process of finding a path on which data can pass from source to destination. Routing is
done by a device called routers, which are network layer devices.
325. What is the purpose of the data link?

The job of the data link layer is to check messages are sent to the right device. Another function of this
layer is framing.
326. What is the key advantage of using switches?

When a switch receives a signal, it creates a frame out of the bits that was extracted from that signal.
With this process, it gains access and reads the destination address, after which it forwards that frame
to the appropriate port. This is a very efficient means of data transmission, instead of broadcasting it on
all ports.
327. When does network congestion occur?

Network congestion occurs when too many users are trying to use the same bandwidth. This is
especially true in big networks that do not resort to network segmentation.
328. What are three types of lan traffic?
Ans. Unicasts - intended for one host.

Broadcasts - intended for everyone.
Multicasts - intended for a only a subset or group within an entire network.
329. What are unicast frames?
Ans. Unicast frames are the most common type of network traffic. A unicast frame is a frame intended
for only one host. The only station that processes this frame is one station that has its own mac address
in the destination portion of packet.
330. How do you enable eigrp on a cisco router?

Ans. The way you enable eigrp on a cisco router is similar to the way you enable rip, except you specify
eigrp as the protocol and add an autonomous system number. For example:
routera(config)# router eigrp 10 (10 is the as number)
routera(config-router)# network 192.168.0.0
331 . What is exterior gateway routing protocol (eigrp)?
Ans. Eigrp is a cisco proprietary distance vector routing protocol. Eigrp has a default hop count of 100
hops, with a maximum hop count of 255. Igrp uses bandwidth and line delay as its default metric, but it
can also use reliability, load, and mtu.
332. What is the destination address of broadcast frames?

Ans. The destination address of broadcast frames (layer 2 broadcast addresses) is ff-ff-ff-ff-ff-ff, or all 1s
in binary.
333. What is the difference between bridges and switches?
Ans. Bridges and switches function the same way; the only difference is in how they are implemented.
Bridges are implemented by software and usually have a couple of network ports. Switches are
implemented in hardware by asic chips and have many ports.
334. does a bridge divide a network into smaller segments?
Not really. What a bridge actually does is to take the large network and filter it, without changing the
size of the network.
335. which lan switching method is used in cisco catalyst 5000?
This model uses the store-and-forward switching method. It stores the entire frame to its buffers and
performs a crc check before deciding whether or not to forward that data frame.
336. what is the role of the llc sublayer?
The llc sublayer, short for logical link control, can provide optional services to an application developer.
One option is to provide flow control to the network layer by using stop/start codes. The llc can also
provide error correction.
337. How does rip differ from igrp?
Rip relies on the number of hops in order to determine the best route to a network. On the other hand,
igrp takes consideration many factors before it decides the best route to take, such as bandwidth,
reliability, mtu and hop count.
338. what are the different memories used in a cisco router?
nvram stores the startup configuration file

dram stores the configuration file that is being executed
flash memory stores the cisco ios.
339. what is bootp?
Bootp is a protocol that is used to boot diskless workstations that are connected to the network. It is
short for boot program. Diskless workstations also use bootp in order to determine its own ip address as
well as the ip address of the server pc.
340. what is the function of the application layer in networking?
The application layer supports the communication components of an application and provides network
services to application processes that span beyond the osi reference model specifications. It also
synchronizes applications on the server and client.
341 . what is the spanning-tree protocol (stp)?
Ans. Stp is a loop-prevention bridge-to-bridge protocol. Its main purpose is to dynamically maintain a
loop-free network. It does this by sending out bridge protocol data units (bpdus), discovering any loops
in the topology, and blocking one or more redundant links.
342. in spanning tree, what is a bridge id (bid)?
Ans. A bid is an 8-byte field that is composed of the bridge's 6-byte mac address and a 2-byte bridge
priority.
343. what is the default bridge priority in a bridge id for all cisco switches?
32,768
344. in spanning tree, what is path cost?
Ans. Path cost is a calculation to determine the link's bandwidth. It is a value assigned to each port that
is based on the port's speed.
345. How do bridges pass spanning tree information between themselves?
Ans. Bridges pass stp information using special frame called bridge protocol data units (bpdus).
346. How often do bridges send bpdus out active ports?
The default time that bridges send bpdus out active ports is 2 seconds.
Note: all ports on a switch listen for bpdus in case there is a topology change.
347. What is the stp blocking state?
Ans. When a switch starts, all ports are in the blocking state. This is to prevent any loops in the network.
If there is a better path to the root bridge, the port remains in the blocked state. Ports in the blocked
state cannot send or receive traffic, but they can receive bpdus.
348. Differentiate user mode from privileged mode
User mode is used for regular task when using a cisco router, such as to view system information,
connecting to remote devices, and checking the status of the router. On the other hand, privileged
mode includes all options that are available for user mode, plus more. You can use this mode in order to
make configurations on the router, including making tests and debugging.
349. What is 100basefx?
This is ethernet that makes use of fiber optic cable as the main transmission medium. The 100 stands for
100mbps, which is the data speed.
350. Differentiate full-duplex from half-duplex.
In full-duplex, both the transmitting device and the receiving device can communicate simultaneously,
that is, both can be transmitting and receiving at the same time. In the case of half-duplex, a device
cannot receive while it is transmitting, and vice versa.
351. What is mtu?
Mtu stands for maximum transmission unit. It refers to the maximum packet size that can be sent out
onto the data line without the need to fragment it.
352. How does cut-through lan switching work?
In cut-through lan switching, as soon as the router receives the data frame, it will immediately send it
out again and forward it to the next network segment after reading the destination address.
353. What is latency?
Latency is the amount of time delay that measures the point from which a network device receives a
data frame to the time it sends it out again towards another network segment.
354. Utilizing rip, what is the limit when it comes to number of hops?
The maximum limit is 15 hop counts. Anything higher than 15 indicates that the network is considered
unreachable.
355. What is a frame relay?
Frame relay is a wan protocol that provides connection-oriented communication by creating and
maintaining virtual circuits. It has a high performance rating and operates at the data link and physical
layers.
356. How do you configure a cisco router to route ipx?
The initial thing to do is to enable ipx routing by using the ipx routing command. Each interface that is
used in the ipx network is then configured with a network number and encapsulation method.
357. What are the different ipx access lists?
There are two access lists: standard and extended. Standard access list can only filter the source or
destination ip address. An extended access list uses the source and destination ip addresses, port,
socket and protocol when filtering a network.
358. Explain the benefits of vlans.
Vlans allow the creation of collision domains by groups other than just physical location. Using vlans, it is
possible to establish networks by different means, such as by function, type of hardware, protocol,
among others. This is a big advantage when compared to conventional lans wherein collision domains
are always tied to physical location.
359. What is subnetting?
Subnetting is the process of creating smaller networks from a big parent network. Being a part of a
network, each subnet is assigned some additional parameters or identifier to indicate its subnet
number.
360. What is the stp listening state?
Ports transition from a blocked state to a listening state. In this state, no user data is passed. The port
only listens for bpdus. After listening for 15 seconds (if the bridge does not find a better path), the port
moves to the next state, the learning state.
361. What is the stp learning state?
Ans. In the stp learning state, no user data is being passed. The port quietly builds its bridging table. The
default time in the learning state is 15 seconds.
362. What is the stp forwarding state?
Ans. After the default time in the learning state is up, the port moves to the forwarding state. In the
forwarding state, the port sends and receives data.
363. What is stp forward delay?
Ans. The forward delay is the time it takes for a port to move from the listening state to the learning
state or from the learning state to the forwarding state. The default time is 30 seconds.
364. What is the hello time in stp timers?
Ans. The hello time is the time interval between the sending of bpdus. The default time is 2 seconds.
365. What is the max age timer?
Ans.the max age timer is how long a bridge stores a bpdu before discarding it. The default time is 20
seconds (ten missed hello intervals).
366. What is the default time a port takes to transition from the blocking state to the forwarding
state?
Ans.the default time a port takes to transition from the blocking state to the forwarding state is 50
seconds: 20 seconds for max age, 15 seconds for listening, and 15 seconds for learning.
367. What are the advantages of a layered model in the networking industry?
A layered network offers many advantages. It allows administrators to make changes in one layer
without the need to make changes in the other layers. Specialization is encouraged, allowing the
network industry to make progress faster. A layered model also lets administrators troubleshoot
problems more efficiently.
368. Why is udp lease favored when compared to tcp?
Its because udp is unreliable and unsequenced. It is not capable of establishing virtual circuits and
acknowledgements.
369. What are some standards supported by the presentation layer?
Presentation layer supports many standards, which ensures that data is presented correctly. These
include pict, tiff and jpeg for graphics, midi, mpeg and quicktime for video/audio.
370. Whats the simplest way to remotely configure a router?
In cases when you need to configure a router remotely, the most convenient is to use the cisco
autoinstall procedure. However, the router must be connected to the wan or lan through one of the
interfaces.
371. What does the show protocol display?
routed protocols that is configured on the router
the address assigned on each interface
the encapsulation method that was configured on each interface
372. How do you depict an ip address?
It can be done in three possible ways:
using dotted-decimal. For example: 192.168.0.1
using binary. For example: 10000010.00111011.01110010.01110011
using hexadecimal. For example: 82 1e 10 a1
373. How do you go to privileged mode? How do you switch back to user mode?
To access privileged mode, you enter the command enable on the prompt. In order to get back to user
mode, enter the command disable
374. What is hdlc?
Hdlc is short for high level data link control protocol, and is a propriety protocol of cisco. It is the default
encapsulation operated within cisco routers.
375. How are internetworks created?
Internetworks are created when networks are connected using routers. Specifically, the network
administrator assigns a logical address to every network that connects to the router.
376. What is bandwidth?
Bandwidth refers to the transmission capacity of a medium. It is a measure of how much volume a
transmission channel can handle, and is measured in kbps.
377. How does hold-downs work?
Hold-downs prevent regular update messages from reinstating a downed link by removing that link from
update messages. It uses triggered updates to reset the hold-down timer.
378. What are packets?
Packets are the results of data encapsulation. These are data that has been wrapped under the different
protocols of the osi layers. Packets are also referred to as datagrams.
379. What are segments?
Segments are sections of a data stream that comes from the upper osi layers and ready for transmission
towards the network. Segments are the logic units at the transport layer.
380. Give some benefits of lan switching.
allows full duplex data transmission and reception
media rate adaption
easy and efficient migration
Route poisoning is the process of inserting a table entry of 16 to a route, making it unreachable. This
technique is used in order to prevent problems caused by inconsistent updates on a route.
382. How do you find valid hosts in a subnet?
The best way to go about this is to use the equation 256 minus the subnet mask. The hosts that are
considered valid are those that can be found between the subnets.
383. What does stp do when it detects a topology change in the network due to a bridge or link
failure?
Ans. If spanning tree detects a change in the network due to a bridge or link failure, at least one bridge
interface changes from the blocking state to the forwarding state, or vice versa.
384. Describe the central office (co)?
Ans. The co is the telco switching facility that connects the customer to the
provider's switching network. The co is sometimes referred to as a point of presence. It is the point
where the local loop gains access to the service provider's access lines.
385. What is the toll network?
Ans. All the telco switches, cos, and trunk lines inside the wan provider's network are the toll network.
386. What are synchronous links?
Ans. Synchronous links have identical frequencies and contain individual characters encapsulated in
control bits, called start/stop bits that designate the beginning and end of each character. Synchronous
links try to use the same speed as the other end of a serial link.
387. What are asynchronous links?
Ans. Asynchronous links send digital signals without timing. Asynchronous links agree on the same
speed, but there is no check or adjustment of the rates if they are slightly different. Only 1 byte per
transfer is sent.
384. what are the three layers of the cisco hierarchical model?
Ans. The three layers of the cisco hierarchical model are: 1
The access layer
The distribution layer
The core layer

385. What is flow control, and what are the three methods of implementing it?
Ans. Flow control is the method of controlling the rate at which a computer sends data, thus preventing
network congestion. The three methods of implementing flow control are
Buffering
Congestion avoidance
Windowing
Almost certain to be on the exam.
386. The ieee defines what two sublayers of the data link layer?
Ans.the two sublayers of the data link layer are
The logical link control (llc) sublayer
The media access control (mac) sublayer
These two sublayers provide physical media independence.
387. What are some network devices that operate at the data link layer?
Ans. Bridges and switches are network devices that operate at the data link layer. Both devices filter
traffic by mac addresses.
388. Brielfly explain the conversion steps in data encapsulation.
From a data transmitters point of reference, data from the end user is converted to segments.
Segments are then passed on to the other layers and converted into packets or datagrams. These
packets are then converted into frames before passing on to the network interface. Finally, frames are
converted to bits prior to actual data transmission.
389. What are the different types of passwords used in securing a cisco router?
There are actually five types of passwords that can be used. These are enable secret, enable, virtual
terminal, console, and auxiliary.
390. Why is network segmentation a good idea when managing a large network?
For a network administration, segmenting a network would help ease network traffic and ensures that
high bandwidth is made available at all times for all users. This translates to better performance
especially for a growing network.
391. Differentiate logical topology from physical topology
Logical topology refers to the signal path through the physical topology. Physical topology is the actual
layout of the network medium.
391. What causes a triggered update to reset the router hold-down timer?
This may happen when the hold-down timer has already expired, or when the router received a
processing task that incidentally was proportional to the number of links in the internetwork.
392. in configuring a router, what command must be used if you want to delete the configuration data
that is stored in the nvram?
A. Erase running-config
B. Erase startup-config
C. Erase nvram
D. Delete nvram
Correct answer: b. Erase startup-config
393. Referring to the commands shown, what command must next be used on the branch router prior
to traffic being sent to the router ?
Hostname: branch hostname: remote
Ph# 123-6000, 123-6001 ph# 123-8000, 123-8001
Spid1: 32055512360001 spid1: 32055512380001
Spid2: 32055512360002 spid2: 32055512380002
Isdn switch-type basic ni
Username remote password cisco
Interface bri0
Ip address 10.1.1.1 255.255.255.0
Encapsulation ppp
Ppp authentication chap
Isdn spid1 41055512360001
Isdn spid2 41055512360002

Dialer map ip 10.1.1.2 name remote 1238001
Dialer-list 1 protocol ip permit
Correct answer: (config-if)# dialer-group 1
394. When configuring a router utilizing both physical and logical interfaces, what factor must be
considered in determining the ospf router id?
A. The highest ip address of any physical interface.
B. The lowest ip address of any logical interface.
C. The middle ip address of any logical interface..
D. The lowest ip address of any physical interface.
E. The highest ip address of any interface.
F. The highest ip address of any logical interface.
G. The lowest ip address of any interface.
Correct answer: a. The highest ip address of any physical interface.
395.Mention what is the size of ip address?
Size of ip address is 32 bit for ipv4 and 128 bit for ipv6
396. Mention what does data packets consist of?
A data packet consists of senders information, recipients information, and the data contained. It also
has the numeric identification number that defines the packet number and order. When data is send
across the network, that information is segmented into data packets. In short, data packets carry the
information and routing configuration for your transferred message.
397. Mention what is dhcp?
Dhcp stands for dynamic host configuration protocol. Dhcp assigns an ip address automatically to a
given workstation client. You can also make static ips for machines like printers, servers, routers and
scanners.
398. Mention what is bootp?
Bootp is a computer networking protocol used to deploy an ip address to network devices from a
configuration server.
399. Explain why is udp lease favored when compared to tcp?

It is because udp is un-sequenced and unreliable. It is not capable of creating virtual circuits and
acknowledgments
400. Mention what is the difference between dynamic ip and static ip addressing?
Dynamically ip addresses are provided by dhcp server and static ip address are given manually.
401. Mention what are the ranges for the private ips?
Ranges for private ips are
Class a: 10.0.0.0 10.0.0.255
Class b: 172.16.0.0 172.31.0.0
Class c: 192.168.0.0 192.168.0.255
402. in how many ways you can access router?
You can access it in three ways
Telnet (ip)
Aux (telephone)
Console (cable)
403. Explain what is eigrp?
Eigrp stands for enhanced interior gateway routing protocol; it is a routing protocol designed by cisco
systems. It is availed on a router to share routes with other routers within the same autonomous
system. Unlike other routers like rip, eigrp only sends incremental updates, decreasing the workload on
the routerand the amount of data that needs to be transferred.
404. Mention what is the matric of eigrp protocol?
Eigrp protocol consists of
Bandwidth
Load
Delay
Reliability
Mtu
Maximum transmission unit

405. Mention what does the clock rate do?
Clock rate enables the routers or dce equipment to communicate properly.
406. Mention what command you must use if you want to delete or remove the configuration data
that is stored in the nvram?
Erase startup- coding is the command you must use if you want to delete the configuration data that is
stored in the nvram.
407. Explain the difference between half-duplex and full-duplex?
Full duplex means that the communication can occur in both directions at the same time, while half
duplex means that the communication can occur in one direction at time.
408. Mention the conversion steps of data encapsulation?
Conversion steps of data encapsulation includes
Layer one, two and three (application/presentation/session): alphanumeric input from the user is
converted into data
Layer four (transport): data is converted into small segments
Layer five (network): data converted into packets or datagrams and network header is added
Layer six (data link): datagrams or packets are built into frames
Layer seven (physical): frames are converted into bits
409. What command do we give if router ios is stucked?
Cntrl+shift+f6 and x is the command we give if router ios is stucked.
410. Explain what is route poisoning?
Route poisoning is a technique of preventing a network from transmitting packets through a route that
has become invalid.
411. What route entry will be assigned to dead or invalid route in case of rip?
In the case of rip table entry 16 hops will be assigned to dead or invalid route making it unreachable.
412. What are broadcast domains?

Ans. A broadcast domain defines a group of devices that receive each others' broadcast messages. As
with collisions, the more broadcasts that occur on the network, the slower your network will be. This is
because every device that receives a broadcast must process it to see if the broadcast is intended for it.
413. What is the difference between a routing protocol and a routed protocol?
Ans. Routing protocols determine how to route traffic to the best location of a routed protocol.
Examples ofrouting protocols are rip, eigrp, osfp, and bgp. Examples of routed protocols are ip and ipx.
414. What 3 devices are used to segment a lan?
Ans. Router
Switch
Bridge
415. in how many ways you can access router?
You can access it in three ways
Telnet (ip)
Aux (telephone)
Console (cable)
416. Explain what is eigrp?
Eigrp stands for enhanced interior gateway routing protocol; it is a routing protocol designed by cisco
systems. It is availed on a router to share routes with other routers within the same autonomous
system. Unlike other routers like rip, eigrp only sends incremental updates, decreasing the workload on
the routerand the amount of data that needs to be transferred.
417. mention what is the matric of eigrp protocol?
Eigrp protocol consists of
Bandwidth
Load
Delay
Reliability
Mtu (Maximum transmission unit)
418. In an Ethernet network, under what two scenarios can devices transmit? (Choose two.)
A. when they receive a special token
B. when there is a carrier
C. when they detect no other devices are sending
D. when the medium is idle
E. when the server grants access
Answer: C, D
419. A router has two Fast Ethernet interfaces and needs to connect to four VLANs in the local
network. How can you accomplish this task, using the fewest physical interfaces and without
decreasing network
performance?
A. Use a hub to connect the four VLANS with a Fast Ethernet interface on the router.
B. Add a second router to handle the VLAN traffic.
C. Add two more Fast Ethernet interfaces.
D. Implement a router-on-a-stick configuration.
Answer: D
420. What is the difference between a CSU/DSU and a modem?
A. A CSU/DSU converts analog signals from a router to a leased line; a modem converts analog signals
from a router to a leased line.
B. A CSU/DSU converts analog signals from a router to a phone line; a modem converts digital signals
from a router to a leased line.
C. A CSU/DSU converts digital signals from a router to a phone line; a modem converts analog signals
from a router to a phone line.
D. A CSU/DSU converts digital signals from a router to a leased line; a modem converts digital signals
from a router to a phone line.
Answer: D
421. Which port state is introduced by Rapid-PVST?
A. learning
B. listening
C. discarding
D. forwarding
Answer: C
422. VLAN 3 is not yet configured on your switch. What happens if you set the switchport access vlan
3 command in interface configuration mode?
A. The command is rejected.

B. The port turns amber.
C. The command is accepted and the respective VLAN is added to vlan.dat.
D. The command is accepted and you must configure the VLAN manually.
Answer: C
423. What value is primarily used to determine which port becomes the root port on each nonroot
switch in a spanning-tree topology?
A. path cost
B. lowest port MAC address
C. VTP revision number
D. highest port priority number
E. port priority number and MAC address
Answer: A
424. In a switched environment, what does the IEEE 802.1Q standard describe?
A. the operation of VTP

B. a method of VLAN trunking
C. an approach to wireless LAN communication
D. the process for root bridge selection
E. VLAN pruning
Answer: B
425. What is the function of the command switchport trunk native vlan 999 on a Cisco Catalyst
switch?
A. It creates a VLAN 999 interface.
B. It designates VLAN 999 for untagged traffic.
C. It blocks VLAN 999 traffic from passing on the trunk.
D. It designates VLAN 999 as the default for all unknown tagged traffic.
Answer: B
426. Which two protocols are used by bridges and/or switches to prevent loops in a layer 2 network?
(Choose two.)
A. 802.1d
B. VTP
C. 802.1q
D. STP
E. SAP
Answer: A, D
427. Which layer in the OSI reference model is responsible for determining the availability of the
receiving program and checking to see if enough resources exist for that communication?
A. transport
B. network
C. presentation
D. session
E. application
Answer: E
428. Which of the following describes the roles of devices in a WAN? (Choose three.)
A. A CSU/DSU terminates a digital local loop.
B. A modem terminates a digital local loop.
C. A CSU/DSU terminates an analog local loop.
D. A modem terminates an analog local loop.
E. A router is commonly considered a DTE device.
F. A router is commonly considered a DCE device.
Answer: A, D, E
429. A network administrator is verifying the configuration of a newly installed host by establishing an
FTP connection to a remote server. What is the highest layer of the protocol stack that the network
administrator is using for this operation?
A. application
B. presentation
C. session
D. transport
E. internet
F. data link
Answer: A
430. A network interface port has collision detection and carrier sensing enabled on a shared twisted
pair network. From this statement, what is known about the network interface port?
A. This is a 10 Mb/s switch port.
B. This is a 100 Mb/s switch port.
C. This is an Ethernet port operating at half duplex.
D. This is an Ethernet port operating at full duplex.
E. This is a port on a network interface card in a PC.
Answer: C
431. A receiving host computes the checksum on a frame and determines that the frame is damaged.
The frame is then discarded. At which OSI layer did this happen?
A. session
B. transport
C. network
D. data link
E. physical
Answer: D
432. A network engineer notices that transmission rates of senders of TCP traffic sharply increase and
decrease simultaneously during periods of congestion. Which condition causes this?
A. global synchronization
B. tail drop
C. random early detection
D. queue management algorithm
Answer: A
433. Which three problems result from application mixing of UDP and TCP streams within a network
with no QoS? (Choose three.)
A. starvation
B. jitter
C. latency
D. windowing
E. lower throughput
Answer: A,C,E
434. Which method allows IPv4 and IPv6 to work together without requiring both to be used for a
single
connection during the migration process?
A. dual-stack method
B. 6to4 tunneling
C. GRE tunneling
D. NAT-PT
Answer: A
435. A network administrator executes the command clear ip route. Which two tables does this
command clear and rebuild? (Choose two.)
A. IP routing
B. FIB
C. ARP cache
D. MAC address table
E. Cisco Express Forwarding table
F. topology table
Answer: A,B
436. Which switching method is used when entries are present in the output of the command show ip
cache?
A. fast switching
B. process switching
C. Cisco Express Forwarding switching
D. cut-through packet switching
Answer: A
437. Which two actions must you perform to enable and use window scaling on a router? (Choose
two.)
A. Execute the command ip tcp window-size 65536.
B. Set window scaling to be used on the remote host.
C. Execute the command ip tcp queuemax.
D. Set TCP options to "enabled" on the remote host.
E. Execute the command ip tcp adjust-mss.
Answer: A,B
438. Which three TCP enhancements can be used with TCP selective acknowledgments? (Choose
three.)
A. header compression
B. explicit congestion notification
C. keepalive
D. time stamps
E. TCP path discovery
F. MTU window
Answer: B,C,D
439. A network administrator uses IP SLA to measure UDP performance and notices that packets on
one router have a higher one-way delay compared to the opposite direction. Which UDP
characteristic does this scenario describe?
A. latency
B. starvation
C. connectionless communication
D. nonsequencing unordered packets
E. jitter
Answer: A
440. Under which condition does UDP dominance occur?
A. when TCP traffic is in the same class as UDP
B. when UDP flows are assigned a lower priority queue
C. when WRED is enabled
D. when ACLs are in place to block TCP traffic
Answer: A
441. Prior to enabling PPPoE in a virtual private dialup network group, which task must be completed?
A. Disable CDP on the interface.
B. Execute the vpdn enable command.
C. Execute the no switchport command.
D. Enable QoS FIFO for PPPoE support.
Answer: B
442. Which PPP authentication method sends authentication information in clear text?
A. MS CHAP
B. CDPCP
C. CHAP
D. PAP
Answer: D
442. PPPoE is composed of which two phases?

A. Active Authentication Phase and PPP Session Phase
B. Passive Discovery Phase and PPP Session Phase
C. Active Authorization Phase and PPP Session Phase
D. Active Discovery Phase and PPP Session Phase
Answer: D
443. What is the purpose of the autonomous-system {autonomous-system-number} command?

A. It sets the EIGRP autonomous system number in a VRF.
B. It sets the BGP autonomous system number in a VRF.
C. It sets the global EIGRP autonomous system number.
D. It sets the global BGP autonomous system number.
Answer: A
444. What is the default OSPF hello interval on a Frame Relay point-to-point network?
A. 10
B. 20
C. 30
D. 40
Answer: A
445. Router A and Router B are configured with IPv6 addressing and basic routing capabilities using
OSPFv3. The networks that are advertised from Router A do not show up in Router B's routing table.
After debugging IPv6 packets, the message "not a router" is found in the output. Why is the routing
information not being learned by Router B?
A. OSPFv3 timers were adjusted for fast convergence.
B. The networks were not advertised properly under the OSPFv3 process.
C. An IPv6 traffic filter is blocking the networks from being learned via the Router B interface that
is connected to Router A.
D. IPv6 unicast routing is not enabled on Router A or Router B.
Answer: D
446. After you review the output of the command show ipv6 interface brief, you see that several IPv6
addresses have the 16-bit hexadecimal value of "fFFE" inserted into the address. Based on this
information, what do you conclude about these IPv6 addresses?
A. IEEE EUI-64 was implemented when assigning IPv6 addresses on the device.
B. The addresses were misconfigured and will not function as intended.
C. IPv6 addresses containing "FFFE" indicate that the address is reserved for multicast.
D. The IPv6 universal/local flag (bit 7) was flipped.
E. IPv6 unicast forwarding was enabled, but IPv6 Cisco Express Forwarding was disabled.
Answer: A
447. Which common issue causes intermittent DMVPN tunnel flaps?

A. a routing neighbor reachability issue
B. a suboptimal routing table
C. interface bandwidth congestion
D. that the GRE tunnel to hub router is not encrypted
Answer: A
448. Which encapsulation supports an interface that is configured for an EVN trunk?
A. 802.1Q
B. ISL
C. PPP
D. Frame Relay
E. MPLS
F. HDLC
Answer: A
449. Which three characteristics are shared by subinterfaces and associated EVNs? (Choose three.)
A. IP address
B. routing table
C. forwarding table
D. access control lists
E. NetFlow configuration
Answer: A,B,C
450. A user is having issues accessing file shares on a network. The network engineer advises the user
to open a web browser, input a prescribed IP address, and follow the instructions. After doing this,
the user is able to access company shares. Which type of remote access did the engineer enable?
A. EZVPN
B. Ipsec VPN client access
C. VPDN client access
D. SSL VPN client access
Answer: D
451. Which Cisco IOS VPN technology leverages Ipsec, mGRE, dynamic routing protocol, NHRP, and
Cisco Express Forwarding?
A. FlexVPN
B. DMVPN
C. GETVPN
D. Cisco Easy VPN
Answer: B
452 . Which traffic does the following configuration allow?
Ipv6 access-list cisco
permit ipv6 host 2001:DB8:0:4::32 any eq ssh
line vty 0 4
ipv6 access-class cisco in
A. all traffic to vty 0 4 from source 2001:DB8:0:4::32
B. only ssh traffic to vty 0 4 from source all
C. only ssh traffic to vty 0 4 from source 2001:DB8:0:4::32
D. all traffic to vty 0 4 from source all
Answer: C
453. For troubleshooting purposes, which method can you use in combination with the debug ip
packet command to limit the amount of output data?
A. You can disable the IP route cache globally.
B. You can use the KRON scheduler.
C. You can use an extended access list.
D. You can use an IOS parser.
E. You can use the RITE traffic exporter.
Answer: C
454. Which address is used by the Unicast Reverse Path Forwarding protocol to validate a packet
against the routing table?
A. source address
B. destination address
C. router interface
D. default gateway
Answer: A
455. What are the three modes of Unicast Reverse Path Forwarding?
A. strict mode, loose mode, and VRF mode
B. strict mode, loose mode, and broadcast mode
C. strict mode, broadcast mode, and VRF mode
D. broadcast mode, loose mode, and VRF mode
Answer: A
456. A network engineer is configuring a routed interface to forward broadcasts of UDP 69, 53, and 49
to 172.20.14.225. Which command should be applied to the configuration to allow this?
A. router(config-if)#ip helper-address 172.20.14.225
B. router(config-if)#udp helper-address 172.20.14.225
C. router(config-if)#ip udp helper-address 172.20.14.225
D. router(config-if)#ip helper-address 172.20.14.225 69 53 49
Answer: A
457. A network engineer is configuring SNMP on network devices to utilize one-way SNMP
notifications. However, the engineer is not concerned with authentication or encryption. Which
command satisfies the requirements of this scenario?
A. router(config)#snmp-server host 172.16.201.28 traps version 2c CISCORO
B. router(config)#snmp-server host 172.16.201.28 informs version 2c CISCORO
C. router(config)#snmp-server host 172.16.201.28 traps version 3 auth CISCORO
D. router(config)#snmp-server host 172.16.201.28 informs version 3 auth CISCORO
Answer: A
458. When using SNMPv3 with NoAuthNoPriv, which string is matched for authentication?
A. username
B. password
C. community-string
D. encryption-key
Answer: A
459. A network engineer finds that a core router has crashed without warning. In this situation, which
feature can the engineer use to create a crash collection?
A. secure copy protocol
B. core dumps
C. warm reloads
D. SNMP
E. NetFlow
Answer: B
460. A network engineer is trying to implement broadcast-based NTP in a network and executes the
ntp broadcast client command. Assuming that an NTP server is already set up, what is the result of
the command?
A. It enables receiving NTP broadcasts on the interface where the command was executed.
B. It enables receiving NTP broadcasts on all interfaces globally.
C. It enables a device to be an NTP peer to another device.
D. It enables a device to receive NTP broadcast and unicast packets.
Answer: A
461. A network engineer executes the show ip flow export command. Which line in the output
indicates that the send queue is full and export packets are not being sent?
A. output drops
B. enqueuing for the RP
C. fragmentation failures
D. adjacency issues
Answer: A
462. An organization decides to implement NetFlow on its network to monitor the fluctuation of
traffic that is disrupting core services. After reviewing the output of NetFlow, the network engineer is
unable to see OUT traffic on the interfaces. What can you determine based on this information?
A. Cisco Express Forwarding has not been configured globally.
B. NetFlow output has been filtered by default.
C. Flow Export version 9 is in use.
D. The command ip flow-capture fragment-offset has been enabled.
Answer: A
463. A network engineer has left a NetFlow capture enabled over the weekend to gather information
regarding excessive bandwidth utilization. The following command is entered:
switch#show flow exporter Flow_Exporter-1
What is the expected output?
A. configuration of the specified flow exporter
B. current status of the specified flow exporter
C. status and statistics of the specified flow monitor
D. configuration of the specified flow monitor
Answer: B
464. Which two functions are completely independent when implementing NAT64 over NAT-PT?
(Choose two.)
A. DNS
B. NAT
C. port redirection
D. stateless translation
E. session handling
Answer: A,B
465. Which type of traffic does DHCP snooping drop?
A. discover messages
B. DHCP messages where the source MAC and client MAC do not match
C. traffic from a trusted DHCP server to client
D. DHCP messages where the destination MAC and client MAC do not match
Answer: B
466. Which two commands would be used to troubleshoot high memory usage for a process? (Choose
two.)
A. router#show memory allocating-process table
B. router#show memory summary
C. router#show memory dead
D. router#show memory events
E. router#show memory processor statistics
Answer: A,B
467. The enterprise network WAN link has been receiving several denial of service attacks from both
IPv4 and IPv6 sources. Which three elements can you use to identify an IPv6 packet via its
header, in order to filter future attacks? (Choose three.)
A. Traffic Class
B. Source address
C. Flow Label
D. Hop Limit
E. Destination Address
F. Fragment Offset
Answer: A,C,D
468. Which technology was originally developed for routers to handle fragmentation in the path
between end points?
A. PMTUD
B. MSS
C. windowing
D. TCP
E. global synchronization
Answer: A
469. Which traffic characteristic is the reason that UDP traffic that carries voice and video is assigned
to the queue only on a link that is at least 768 kbps?
A. typically is not fragmented
B. typically is fragmented
C. causes windowing
D. causes excessive delays for video traffic
Answer: A
470. To configure SNMPv3 implementation, a network engineer is using the AuthNoPriv security level.
What effect does this action have on the SNMP messages?
A. They become unauthenticated and unencrypted.
B. They become authenticated and unencrypted.
C. They become authenticated and encrypted.
D. They become unauthenticated and encrypted.
Answer: B
471. A network engineer is investigating the cause of a service disruption on a network segment and
executes the debug condition interface fastethernet f0/0 command. In which situation is the
debugging output generated?
A. when packets on the interface are received and the interface is operational
B. when packets on the interface are received and logging buffered is enabled
C. when packets on the interface are received and forwarded to a configured syslog server
D. when packets on the interface are received and the interface is shut down
Answer: A
472. An engineer executes the ip flow ingress command in interface configuration mode. What is the
result of this action?
A. It enables the collection of IP flow samples arriving to the interface.
B. It enables the collection of IP flow samples leaving the interface.
C. It enables IP flow while disabling IP CEF on the interface.
D. It enables IP flow collection on the physical interface and its subinterfaces.
Answer: A
473. What is the primary service that is provided when you implement Cisco Easy Virtual Network?
A. It requires and enhances the use of VRF-Lite.
B. It reduces the need for common services separation.
C. It allows for traffic separation and improved network efficiency.
D. It introduces multi-VRF and label-prone network segmentation.
Answer: C
474. Which statement about dual stack is true?
A. Dual stack translates IPv6 addresses to IPv4 addresses.
B. Dual stack means that devices are able to run IPv4 and IPv6 in parallel.
C. Dual stack translates IPv4 addresses to IPv6 addresses.
D. Dual stack changes the IP addresses on hosts from IPv4 to IPv6 automatically.
Answer: B
475. Which type of BGP AS number is 64591?
A. a private AS number
B. a public AS number
C. a private 4-byte AS number
D. a public 4-byte AS number
Answer: A
476. Which Cisco VPN technology can use multipoint tunnel, resulting in a single GRE tunnel interface
on the hub, to support multiple connections from multiple spoke devices?
A. DMVPN
B. GETVPN
C. Cisco Easy VPN
D. FlexVPN
Answer: A
477. Which Cisco VPN technology uses AAA to implement group policies and authorization and is also
used for the XAUTH authentication method?
A. DMVPN
B. Cisco Easy VPN
C. GETVPN
D. GREVPN
Answer: B
478. Which parameter in an SNMPv3 configuration offers authentication and encryption?
A. auth
B. noauth
C. priv
D. secret
Answer: C
479. Which three items can you track when you use two time stamps with IP SLAs? (Choose three.)
A. delay
B. jitter
C. packet loss
D. load
E. throughput
F. path
Answer: A,B,C
480. If the total bandwidth is 64 kbps and the RTT is 3 seconds, what is the bandwidth delay product?
A. 8,000 bytes
B. 16,000 bytes
C. 24,000 bytes
D. 32,000 bytes
E. 62,000 bytes
Answer: C
481. What is the purpose of the route-target command?
A. It extends the IP address to identify which VRF instance it belongs to.
B. It enables multicast distribution for VRF-Lite setups to enhance IGP routing protocol
capabilities.
C. It manages the import and export of routes between two or more VRF instances.
D. It enables multicast distribution for VRF-Lite setups to enhance EGP routing protocol
capabilities.
Answer: C
482. A network engineer has configured a tracking object to monitor the reachability of IP SLA 1. In
order to update the next hop for the interesting traffic, which feature must be used in conjunction
with the newly created tracking object to manipulate the traffic flow as required?
A. SNMP
B. PBR
C. IP SLA
D. SAA
E. ACLs
F. IGP
Answer: B
483. A route map uses an ACL, if the required matching is based on which criteria?
A. addressing information
B. route types
C. AS paths
D. metrics
Answer: A
484. Various employees in the same department report to the network engineer about slowness in
the network connectivity to the Internet. They are also having latency issues communicating to the
network drives of various departments. Upon monitoring, the engineer finds traffic flood in the
network. Which option is the problem?
A. network outage
B. network switching loop
C. router configuration issue
D. wrong proxy configured
Answer: B
485. Which type of handshake does CHAP authentication use to establish a PPP link?
A. one-way
B. two-way
C. three-way
D. four-way
Answer: C
486. Which two authentication protocols does PPP support? (Choose two.)
A. WAP
B. PAP
C. CHAP
D. EAP
E. RADIUS
Answer: B,C
487. Which statement is a restriction for PPPoE configuration?

A. Multiple PPPoE clients can use the same dialer interface.
B. Multiple PPPoE clients can use the same dialer pool.
C. A PPPoE session can be initiated only by the client.
D. A PPPoE session can be initiated only by the access concentrator.
Answer: C
488. The OSPF database of a router shows LSA types 1, 2, 3, and 7 only. Which type of area is this
router connected to?
A. stub area
B. totally stubby area
C. backbone area
D. not-so-stubby area
Answer: D
489. An engineer is configuring a GRE tunnel interface in the default mode. The engineer has assigned
an IPv4 address on the tunnel and sourced the tunnel from an Ethernet interface. Which option
also is required on the tunnel interface before it is operational?
A. tunnel destination address
B. keepalives
C. IPv6 address
D. tunnel protection
Answer: A
490. Which two routing protocols are supported by Easy Virtual Network? (Choose two.)
A. RIPv2
B. OSPFv2
C. BGP
D. EIGRP
E. IS-IS
Answer: B,D
491. Which statement is true?
A. RADIUS uses TCP, and TACACS+ uses UDP.
B. RADIUS encrypts the entire body of the packet.
C. TACACS+ encrypts only the password portion of a packet.
D. TACACS+ separates authentication and authorization.
Answer: D
492. Which option is invalid when configuring Unicast Reverse Path Forwarding?
A. allow self ping to router
B. allow default route
C. allow based on ACL match
D. source reachable via both
Answer: D
493. Which two statements indicate a valid association mode for NTP synchronization? (Choose two.)
A. The client polls NTP servers for time.
B. The client broadcasts NTP requests.
C. The client listens to NTP broadcasts.
D. The client creates a VPN tunnel to an NTP server.
E. The client multicasts NTP requests.
Answer: A,C
494. A network engineer wants to add a new switch to an existing switch stack. Which configuration
must be added to the new switch before it can be added to the switch stack?
A. No configuration must be added.
B. stack ID
C. IP address
D. VLAN information
E. VTP information
Answer: A
495. What percentage of bandwidth is reduced when a stack cable is broken?
A. 0
B. 25
C. 50
D. 75
E. 100
Answer: C
496. After the implementation of several different types of switches from different vendors, a
network engineer notices that directly connected devices that use Cisco Discovery Protocol are not
visible. Which vendor-neutral protocol could be used to resolve this issue?
A. Local Area Mobility
B. Link Layer Discovery Protocol
C. NetFlow
D. Directed Response Protocol
Answer: B
497. After the recent upgrade of the switching infrastructure, the network engineer notices that the
port roles that were once blocking are now defined as alternate and backup. What is the reason
for this change?
A. The new switches are using RSTP instead of legacy IEEE 802.1D STP.
B. IEEE 802.1D STP and PortFast have been configured by default on all newly implemented
Cisco Catalyst switches.
C. The administrator has defined the switch as the root in the STP domain.
D. The port roles have been adjusted based on the interface bandwidth and timers of the new
Cisco Catalyst switches.
Answer: A
498. An administrator recently configured all ports for rapid transition using PortFast. After testing, it
has been determined that several ports are not transitioning as they should. What is the reason for
this?
A. RSTP has been enabled per interface and not globally.
B. The STP root bridge selection is forcing key ports to remain in non-rapid transitioning mode.
C. STP is unable to achieve rapid transition for trunk links.
D. The switch does not have the processing power to ensure rapid transition for all ports.
Answer: C
499. What effect does the mac address-table aging-time 180 command have on the MAC
addresstable?
A. This is how long a dynamic MAC address will remain in the CAM table.
B. The MAC address-table will be flushed every 3 minutes.
C. The default timeout period will be 360 seconds.
D. ARP requests will be processed less frequently by the switch.
E. The MAC address-table will hold addresses 180 seconds longer than the default of 10 minutes.
Answer: A
500. A network engineer deployed a switch that operates the LAN base feature set and decides to use
the SDM VLAN template. The SDM template is causing the CPU of the switch to spike during
peak working hours. What is the root cause of this issue?
A. The VLAN receives additional frames from neighboring switches.
B. The SDM VLAN template causes the MAC address-table to overflow.
C. The VLAN template disables routing in hardware.
D. The switch needs to be rebooted before the SDM template takes effect.
Answer: C

500 Cisco Interview Q

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

500 Cisco Interview Q

Загружено:

Авторское право:

Доступные форматы

Most important 500 Cisco Technical interview questions

The interview questions have been divided into 9 categories:

1. Basic interview questions

2. Osi model interview questions

3. Rip interview questions

4. Eigrp interview questions

5. Ospf interview questions

6. Stp interview questions

7. Vlan interview questions

8. Vtp interview questions

9. Wireless interview questions

Basic networking interview questions

A network is a collection of computers, servers, mainframes, network devices, peripherals, or other

5. What is point-point link?

6. What is multiple access?

7. Whats the benefit of sub netting?

a- ability to secure your resources by placing them into separate

b- ability to organize your resources within a network

c- Speedup your network

8. What is bgp (border gateway protocol)?

9. What is gateway-to-gateway protocol?

10. What is a multi-homed host?

11. What is ospf?

12. What is routing?

13. What is a protocol?

14. Explain difference between router, switch and hub?

14. What is checksum?

Redundancy is a system design in which a component is duplicated so if it fails there will be a

17. What is the key advantage of using switches?

19. Does a bridge divide a network into smaller segments?

20. What is the difference between osi and tcp/ip model?

Comparison of osi reference model and tcp/ip reference model

Osi(open system interconnection) Tcp/ip(transmission control protocol / internet protocol)

3. Follows vertical approach. 3. Follows horizontal approach.

10. It has 7 layers 10. It has 4 layers

21. What is the size of ip address?

22. What is the range of class c address?

23. What is poe (power over ethernet)?

Distributed data processing is a computer-networking method in which multiple computers across

26. What is full form of ad?

27. What is a peer-peer process?

1) connect a computer to a switch/hub's normal port.

2) connect a computer to a cable/dsl modem's lan port.

3) connect a router's wan port to a cable/dsl modem's lan port.

1) connect two computers directly.

3) connect two switches/hubs by using normal port in both switches/hubs.

A straight cable will not work to connect two computers together.

31. What is the difference between tracert and traceroute

32. What is round trip time?

34. How many pins do serial ports of routers have?

As a 9-pin d connector accessible from the exterior of the case,

36. Difference between csma/cd and csma/ca?

each having its own strengths.

collisions and makes more efficient use of the medium.

2. Csma cd is standardized in ieee 802.3 and csma ca is standardized in ieee 802.11.

37. What is dhcp scope?

38. What are the different memories used in a cisco router?

Rom, ram, nvram, flah memory

The five main passwords of the cisco ios are:

Console, aux , vty, enable password, enable secret

40. What is the use of service password encryption?

41. Briefly explain the conversion steps in data encapsulation.

42. Transport layer: segment is the pdu of the transport layer.

47. Ieee standard for wireless networking?