Enable and privileged mode. Both are commonly used and found in Cisco

documentation.

You would use

. Help would appear immediately after you typed the

symbol. You would not need to press Enter afterward; if you did so, the router would

try to execute the command with only the parameters you had typed after the

.

Press the Up-arrow key, Backspace five times, and then type

. The Up-arrow key

retrieves the

command. The Backspace key moves the cursor backward

and erases the character. Typing inserts the characters into the line.

User mode.

line console 0

login

The

command is a context-setting command; it adds no information to

the configuration by itself. The command can be typed from any part of configuration

mode. The

command, which follows the

command, tells the IOS

that a password prompt is desired at the console.

Appendix A: Answers to the “Do I Know This Already?” Quizzes and Q&A Sections

Cisco Discovery Protocol. CDP is Cisco proprietary and is not dependent on a particular

Layer 3 protocol to be configured and working.

Nonvolatile. NVRAM is used for storing the startup configuration file used when the

router is brought up. NVRAM is battery-powered if it is really RAM. In some routers,

Cisco has (sneakily) used a small portion of Flash memory for the purpose of NVRAM,

but Cisco would not ask such trivia on the test.

and

. The newer command is

and, hopefully, is easier to remember.

Setting the configuration register boot field to binary 0001, or adding

to the configuration file and copying it to the startup configuration file. To set the

configuration register to hex 2101, which would yield binary 0001 in the boot field, the

global configuration command would be used.

. The other details, namely the IP address of the TFTP server and the file

name, are requested via prompts to the user.

The first IOS file listed in the

command is the one used at reload time, unless

a boot system command is configured. The configuration command

would override the order of the files in Flash memory. The

command displays the file name of the IOS for the latest reload of a router. The

output tells you the version as well as the name of the file that was used at the last

reload. This information is particularly difficult to find in the output of the command;

watch for three lines, separated by empty lines above and below. The IOS file loaded is in

one of those messages.

Answers to the Chapter 2 Q&A Section

To store IOS and microcode files and to allow remote loading of new versions of these

files. In most routers, only an IOS is found. If microcode is upgraded, these files also

reside in Flash memory.

Enable mode and privileged mode. Both modes are commonly used and found in Cisco

documentation.

Console, auxiliary port, and Telnet. All three cause the user to enter user EXEC mode.

User EXEC mode.

Yes: For direct attachment of a terminal, and dial for the purpose of routing packets.

Although originally created to support remote administration access, many customers use

an auxiliary port for dial backup, particularly when analog lines are desired or when that

is all that is available.

One. This is a purposefully strange question. You do not order the console port; every

router comes with one and only one. So, technically, you do not even order one because it

is implied by ordering the router.

. Help would appear immediately after you typed the

symbol. You would not

need to press Enter after the

. If you did so, the router would try to execute the command

with only the parameters you had typed after the

.

Appendix A: Answers to the “Do I Know This Already?” Quizzes and Q&A Sections

The user was in user mode. The user must be in enable/privileged mode to use the

command. When in user mode, the router does not provide help for privileged commands

and treats the request for help as if there is no such command.

Number of commands. The length (that is, number of characters) of each command does

not affect the command history buffer.

and Up-arrow. Up-arrow refers literally to the Up arrow key on the keyboard. Not

all terminal emulators support

or Up-arrow, so recalling both methods is useful.

Press Up-arrow, Backspace five times, and type

. The Up-arrow key retrieves the

command. Backspace moves the cursor backward and erases the character.

Typing inserts the characters into the line.

Press Up-arrow,

(or Left-arrow) twice, and Backspace once, and then type 4. The

and Left-arrow keys back up one character in the line, without deleting the

character. Backspace deletes the 1, in this case. Typing inserts into the line.

line console 0

login

The

command is a context-setting command; it adds no information to the

configuration. The command can be typed from any part of configuration mode. The

command, which follows the

command, tells IOS that a password prompt

is desired at the console.

Answers to the Chapter 2 Q&A Section

line console 0

password xxxxxxx

The

command tells the IOS the value that should be typed when a user wants

access from the console. This value is requested by the IOS because of the login

command. The password xxxxxxx must be typed while in console configuration mode,

which is reached by typing line console 0.

To store IOS and microcode files and to allow remote loading of new versions of these

files. In most routers, only an IOS is found. If microcode is upgraded, the files also reside

in Flash memory.

To store a single configuration file, used at router load time. NVRAM does not support

multiple files.

Nonvolatile. NVRAM is battery powered if it is really RAM. In some routers, Cisco has

(sneakily) used a small portion of Flash memory for the purpose of NVRAM, but Cisco

would not ask such trivia on the test.

RAM is used as IOS working memory (storing such things as routing tables or packets)

and for IOS code storage. (In some router models, not all the IOS is copied into RAM.

Some of the IOS is left in Flash memory so that more RAM is available for working

memory.)

To store a small limited-function IOS and to store bootstrap code. Typically, this IOS is

used only during maintenance or emergencies.

boot system tftp 128.1.1.1 c2500-j-l.112-14.bin

Appendix A: Answers to the “Do I Know This Already?” Quizzes and Q&A Sections

As for the second part of the question: Log in from con/aux/telnet, type the

command, type the enable password, type the

command, and type

. Help appears for the first parameter of the

encrypted by default. The enable secret password is encrypted using MD5.

banner This is Ivan Denisovich’s Gorno Router--Do Not Use

A delimiter character that is not part of the banner is the first parameter, which is followed

by the banner text, which is followed by the delimiter character. For example, the “#” is

the delimiter in the following command:

banner # This is Ivan.... Do Not Use #

Both NVRAM and RAM. Setup is the only IOS feature that modifies both the active and

the startup configuration files as the result of one action by the user.

to the configuration file and copying it to the startup configuration file. To set the

configuration register to hex 2101, which would yield binary 0001 in the boot field, the

boot system tftp xyz123.bin 128.1.1.1

This is the only way to make the router load this file from the TFTP server.

name, are requested via prompts to the user.

The possible reasons include: 128.1.1.1 is not accessible through the network; there is no

TFTP server on 128.1.1.1; the file is not in the TFTP default directory; the file is

output tells you the version, as well as the name of the file that was used at last reload time.

It is particularly difficult to find in the output of the command.

Cisco Discovery Protocol. CDP is proprietary and is not dependent on a particular Layer

3 protocol to be configured and working.

On all interfaces that support SNAP headers. These include LANs, Frame Relay, and

ATM.

No. The Telnet (“virtual terminal”) password is not the same password, although many

installations use the same value.

subcommand disables it for just that interface.

RIP and IGRP.

hopefully, is easier to remember.

and, hopefully, is easier to remember.

False. Some configuration commands do not replace an existing command but are simply

command simply adds those to the end of the list. Many of these lists in a router

configuration are order-dependent.

Application (Layer 7), presentation (Layer 6), session (Layer 5), transport (Layer 4),

network (Layer 3), data link (Layer 2), and physical (Layer 1).

The network layer defines logical addressing and routing as a means to deliver data across

an entire network. IP and IPX are two examples of Layer 3 equivalent protocols.

The data link layer defines addressing specific to a particular medium as part of the means

to provide delivery of data across that medium. It also includes the protocols used to

determine what device(s) access the media at any point in time.

The data link layer. The trailer typically includes a frame check sequence (FCS), which is

used to perform error detection.

Unordered low-overhead delivery of data from one host to another is the service provided

in most connectionless protocol services.

The protocol must either exchange messages with another device before data is allowed

to be sent, or some pre-established correlation between the two endpoints must be defined.

TCP is an example of a connection-oriented protocol that exchanges messages before data

may be sent; Frame Relay is a connection-oriented protocol for which pre-established

correlation between endpoints is defined.

Setting the acknowledgment field to 4 implies that frames through number 3 were

received successfully. Most windowing, error-recovery (reliable) protocols use forward

acknowledgment.

TCP, SPX, LLC Type 2, and X.25 are some examples of connection-oriented protocols

that happen to provide error recovery. ATM and Frame Relay are also connectionoriented,

but without error recovery.

NIC address, card address, LAN address, hardware address, Ethernet address, Token Ring

address, FDDI address, and burned-in address are used synonymously with MAC address.

All of these names are used casually and in formal documents, and they refer to the same

6-byte MAC address concept as defined by IEEE.

The first 3 bytes. For instance, Cisco is assigned 0000.0C as one of its Organizationally

Unique Identifiers (OUIs). Many Cisco router Ethernet interfaces have MAC addresses

lists the burned in address after the acronym BIA.

Layer 2. While not specifically covered in this chapter, Frame Relay protocols do not

define a logical addressing structure that can usefully exist outside a Frame Relay

network; by definition, the addresses would be OSI Layer 2 equivalent.

MAC addresses comprise 48 bits. The first 24 bits for burned-in addresses represent a code

that identifies the manufacturer.

IPX addresses comprise 80 bits—32 bits in the network portion and 48 bits in the node

portion.

Network and host are the two main parts of an IP address. As described in Chapter 5,

“Network Protocols,” technically there are three portions of the IP address: network,

subnet, and host. However, because most people think of the network and subnet portions

as one portion, another correct answer to this question, using popular terminology, would

be subnet and host.

The routed protocol defines the addressing and Layer 3 header in the packet that is actually

forwarded by a router. The routing protocol defines the process of routers exchanging

topology data such that the routers know how to forward the data. A router uses the routing

table created by the routing protocol to choose how to forward a routed protocol packet.

TCP/IP (IP), Novell (IPX), OSI (CLNP), DECNET (CLNP), AppleTalk (DDP), and

VINES are some examples of routed protocols.

Application (Layer 7), presentation (Layer 6), session (Layer 5), transport (Layer 4),

network (Layer 3), data link (Layer 2), and physical (Layer 1). Some mnemonics to help

you recall the names of the layers are: All People Seem To Need Data Processing (Layer

7 to 1), Please Do Not Take Sausage Pizzas Away (Layer 1 to 7), and the ever-popular

Pew! Dead Ninja Turtles Smell Particularly Awful (Layer 1 to 7).

Layer 7 (application layer) provides standardized services to applications. The definition

for this layer is typically ambiguous because it varies. The key is that it does not define a

user interface, but instead is a sort of toolbox used by application developers. For example,

a Web browser is an application that uses HTML format text, as defined by the TCP/IP

application layer, to describe the graphics to be displayed onscreen.

Layer 6 (presentation layer) defines data formats, compression, and possibly encryption.

Layer 5 (session layer) controls the conversation between two endpoints. Although

the term used is session, the term conversation more accurately describes what is

accomplished. The session layer ensures that not only communication but also useful

sets of communication between endpoints is accomplished.

Layer 4 (transport layer) provides end-to-end error recovery, if requested.

Layer 3 (network layer) defines logical addressing and routing as a means to deliver data

across an entire network. IP and IPX are two examples of Layer 3 equivalent protocols.

The data link layer defines addressing specific to a particular medium as part of the means

to provide delivery of data across that medium. It also includes the protocols used to

determine what device(s) accesses the media at any point in time.

Layer 1 (physical layer) is responsible for encoding energy signals onto the medium and

interpreting a received energy signal. Layer 1 also defines the connector and cabling

details.

Data encapsulation represents the process of a layer adding a header (and possibly a

trailer) to the data as it is processed by progressively lower layers in the protocol

specification. In the context of OSI, each layer could add a header so that—other than the

true application data—there would be six other headers (Layers 2 to 7) and a trailer for

Layer 2, with this L2-PDU being encoded by the physical layer onto the network media.

Unordered low-overhead delivery of data from one host to another is the service provided

in most connectionless protocol services.

LLC type 1, UDP, IPX, IP, and PPP are some examples of connectionless protocols.

Remember, Frame Relay, X.25, and ATM are connection-oriented, regardless of whether

they define error recovery.

The protocol must either exchange messages with another device before data is allowed

to be sent, or some pre-established correlation between the two endpoints must be defined.

TCP is an example of a connection-oriented protocol that exchanges messages before data

may be sent; Frame Relay is a connection-oriented protocol for which pre-established

correlation between endpoints is defined.

Frames up through number 3 were received successfully. Most windowing, error-recovery

protocols use forward acknowledgment.

TCP, SPX, LLC Type 2, and X.25 are some examples of connection-oriented protocols

that provide error recovery. ATM and Frame Relay are also connection-oriented, but

without error recovery.

MAC stands for Media Access Control.

NIC address, card address, LAN address, hardware address, Ethernet address, Token Ring

address, FDDI address, and burned-in address are all synonymous with MAC address. All

of these names are used casually and in formal documents, and refer to the same 6-byte

MAC address concept as defined by IEEE.

IP addresses are defined by the IP part of TCP/IP, which is the second layer of TCP/IP.

However, compared to OSI, IP most closely matches OSI Layer 3 in function, so the

popular (and CCNA exam) answer is Layer 3.

IP addresses are defined by a Layer 3 protocol.

OSI NSAP addresses are defined by a Layer 3 protocol. Of course, they are truly Layer 3

because they are defined by OSI. The number of bits in the address is variable. However,

it is highly unlikely that questions about NSAPs would be on the exam because they are

not mentioned in any objective and are not covered in any class.

The first 3 bytes comprise the portion of a MAC address that encodes an identifier

representing the manufacturer of the card.

MAC addresses are defined by a Layer 2 protocol. Ethernet and Token Ring MAC

addresses are defined in the 802.3 and 802.5 specifications.

DLCI addresses are defined by a Layer 2 protocol. Although they are not specifically

covered in this chapter, Frame Relay protocols do not define a logical addressing structure

that can usefully exist outside a Frame Relay network; by definition, the addresses would

be OSI Layer 2 equivalent.

Layer 3 addresses can be used regardless of media type, whereas Layer 2 addresses are

useful only on a particular medium. Layer 3 addresses are designed with a minimum of

two parts, the first of which creates a grouping concept. Layer 2 addresses do not have a

grouping concept that allows the setup interfaces on the same medium to share the same

value in a portion of the data link address, which is how Layer 3 addresses are structured.

IP addresses have 32 bits: a variable number in the network portion, and the rest of the 32

in the host portion. IP Version 6 uses a much larger address. Stay tuned!

IPX addresses have 80 bits: 32 bits in the network portion and 48 bits in the node portion.

MAC addresses have 48 bits. The first 24 bits for burned-in addresses represent a code that

identifies the manufacturer.

Network number and node number are the two main parts of an IPX address. Addresses

with the same network number are in the same group. On LAN interfaces, the node

number is made to have the same value as the LAN MAC address.

Network and host are the two main parts of an IP address. As described in Chapter 5,

technically there are three portions of the IP address: network, subnet, and host. However,

because most people think of the network and subnet portions as one portion, another

correct answer to this question, using popular terminology, would be subnet and host.

There are no parts, and nothing defines a grouping concept in a MAC address. This is a

trick question. Although you might have guessed that the MAC address has two parts—

the first part dictated to the manufacturer, and the second part made up by the

manufacturer—there is no grouping concept.

Some examples of benefits to layering networking protocol specifications include reduced

complexity, standardized interfaces, modular engineering, interoperable technology,

accelerated evolution, and simplified teaching and learning. Questions such as this on the

exam will require some subjective interpretation of the wording on your part. The wording

in this answer is consistent with the outdated CCNA exam 640-407, but some questions

on the current exam remain from the old one, so the wording in this answer might be

helpful.

A router discards the data link header and trailer as a side effect of routing. This is because

the network layer, where routing is defined, is interested in delivering the network layer

(Layer 3) PDU from end to end. Routing uses intermediate data links (Layer 2) to

transport the data to the next routers and eventually to the true destination. The data link

header and trailer are useful only to deliver the data to the next router or host, so the header

and trailer are discarded by each router.

The routed protocol defines the addressing and Layer 3 header in the packet that is actually

forwarded by a router. The routing protocol defines the process of routers exchanging

topology data so that the routers know how to forward the data. A router uses the routing

table created by the routing protocol to choose how to forward a routed protocol packet.

TCP/IP (IP), Novell (IPX), OSI (CLNP), DECNET (CLNP), AppleTalk (DDP), and

VINES are some examples of routed protocols.

IP RIP, IP IGRP, IP/IPX/AppleTalk EIGRP, IP OSPF, OSI NLSP, AppleTalk RTMP, Vines

VTP, OSI IS-IS are some examples of routing protocols

Typically an IP host knows to what router to send a packet based on its configured default

router. If the destination of the packet is in another subnet, the host sends the packet to the

default router. Otherwise, the host sends the packet directly to the destination host because

it is in the same subnet and, by definition, must be on the same data link.

An IPX host knows which router to send a packet to by broadcasting a RIP request to

locate any servers or routers on the attached IPX network that have a route to the

destination network. If the destination is an IPX address on the attached network, a router

is not needed and the node forwards the packet directly instead of sending a RIP request.

The group identifier, the interface by which to forward the packet, and the Layer 3 address

of the next router to send this packet to are three items that you will always find in a

routing table entry.

The data link layer typically encapsulates using both a header and a trailer. The trailer

typically includes a frame check sequence (FCS), which is used to perform error

detection.

Media Access Control (MAC). Many terms are used to describe a MAC address: NIC,

LAN, hardware, burned-in, Universally Administered Address (UAA), Locally

Administered Address (LAA), Ethernet, Token Ring, FDDI, card, wire, and real are all

terms used to describe this same address in different instances.

IEEE. The first half of the burned-in MAC address is a value assigned to the manufacturer

by the IEEE. As long as the manufacturer uses that prefix and doesn’t duplicate values it

assigns in the last 3 bytes, global uniqueness is attained.

10BaseT allows 100 meters between the device and the hub or switch, as does

100BaseTX. Table 4-5 on page 144 summarizes the lengths for all Ethernet LAN types.

100 million bits per second (100 Mbps).

None. Bridges do not use routing protocols. Transparent bridges do not care about Layer

3 address groupings. Devices on either side of a transparent bridge are in the same Layer

3 group—in other words, the same IP subnet or IPX network.

Store-and-forward, cut-through, and fragment-free. Cut-through has less latency per

frame but does not check for bit errors in the frame, including errors caused by collisions.

Store-and-forward stores the entire received frame, verifies that the FCS is correct, and

then sends the frame. Cut-through sends the first bytes of the frame out before the last

bytes of the incoming frame have been received. Fragment-free is like cut-through, in that

the frame can be sent before the incoming frame is totally received; however, fragmentfree

processing waits to receive the first 64 bytes, to ensure no collisions, before beginning

to forward the frame.

The root port is the port in which the CBPDU with the lowest-cost value is received. The

root port is placed into a forwarding state on each bridge and switch.

Fewer collisions and less waiting should occur because twice as much capacity exists.

Also, if the placement of devices causes a small percentage of traffic to be forwarded by

the bridge, fewer collisions and less waiting should occur.

A set of Ethernet devices for which a broadcast sent by any one of them should be received

by all others in the group. Unlike routers, bridges and switches do not stop the flow of

broadcasts. Two segments separated by a router would each be in a different broadcast

domain. A switch can create multiple broadcast domains by creation of multiple VLANs,

but a router must be used to route packets between the VLANs.

Three different broadcast domains are created with three VLANs, so the devices’ CPU

utilization should decrease due to decreased broadcast traffic. Traffic between devices in

different VLANs will pass through some routing function, which can add some latency

for those packets. Better management and control are gained by including a router in the

path for those packets.

ISL and 802.1Q are the trunking protocols used by Cisco over Fast Ethernet. If only one

VLAN spans the two switches, a trunking protocol is not needed. Trunking or tagging

protocols are used to tag a frame as being in a particular VLAN; if only one VLAN is used,

tagging is unnecessary.

Virtual LAN (VLAN) refers to the process of treating one subset of a switch’s interfaces

as one broadcast domain. Broadcasts from one VLAN are not forwarded to other VLANs;

unicasts between VLANs must use a router. Advanced methods, such as Layer 3 switching

in a NetFlow feature card in a Catalyst 5000 switch, can be used to allow the LAN switch

to forward traffic between VLANs without each individual frame being routed by a router.

However, for the depth of CCNA, such detail is not needed.

A single IP address is needed. There is no need for an IP address per port because the

switch is not a router. The management IP address is considered to be in VLAN1.

but because the switch does not run IOS, no command will display the level of IOS in the

switch.

Unlike the router IOS, commands are saved in both running config and in NVRAM as the

Server and client modes are used to actively participate in VTP, and transparent mode is

used to simply stay out of the way of servers and clients while not participating in VTP.

Switches in client mode cannot change or add VLANs.

Media Access Control (MAC). Many terms are used to describe a MAC address: NIC,

LAN, hardware, burned-in, UAA (Universally Administered Address), LAA (Locally

Administered Address), Ethernet, Token Ring, FDDI, card, wire, and real are all terms

used to describe this same address in different instances.

The main benefits are reduced collisions and more bandwidth. Multiple 10- or 100-Mbps

Ethernet segments are created, and unicasts between devices on the same segment are not

forwarded by the bridge, which reduces overhead.

None. Bridges do not use routing protocols. Transparent bridges do not care about Layer

3 address groupings. Devices on either side of a transparent bridge are in the same Layer

3 group—in other words, the same IP subnet or IPX network.

The bridge priority is first examined (the lowest wins). In case of a tie, the lowest bridge

ID wins. The priority is prepended to the bridge ID in the actual CBPDU message so that

the combined fields can be easily compared.

Virtual LAN (VLAN) refers to the process of treating one subset of a switch’s interfaces

as one broadcast domain. Broadcasts from one VLAN are not forwarded to other VLANs;

unicasts between VLANs must use a router. Advanced methods, such as Layer 3 switching

in a NetFlow feature card in a Catalyst 5000 switch, can be used to allow the LAN switch

to forward traffic between VLANs without each individual frame being routed by a router.

However, for the depth of CCNA, such detail is not needed.

Fewer collisions and less waiting should occur because twice as much capacity exists.

Also, if the placement of devices causes a small percentage of traffic to be forwarded by

the bridge, fewer collisions and less waiting should occur.

IEEE. The first half of the burned-in MAC address is a value assigned to the manufacturer

by the IEEE. As long as the manufacturer uses that prefix and doesn’t duplicate values it

assigns in the last 3 bytes, global uniqueness is attained.

Two switch ports are used, which reduces the possibility of collisions. Also, each segment

has its own 10- or 100-Mbps capacity, allowing more throughput and reducing the

likelihood of collisions. Furthermore, although unlikely to be on the CCNA exam, some

Cisco switches can reduce the flow of multicasts using the Cisco Group Message Protocol

(CGMP).

Store-and-forward, cut-through, and FragmentFree. Cut-through has less latency per

frame but does not check for bit errors in the frame, including errors caused by collisions.

Store-and-forward stores the entire received frame, verifies that the FCS is correct, and

then sends the frame. Cut-through sends the first bytes of the frame out before the last

bytes of the incoming frame have been received. Fragment free is similar to cut-through

in that the frame can be sent before the incoming frame is totally received; however,

fragment-free processing waits to receive the first 64 bytes, to ensure no collisions, before

beginning to forward the frame.

10BaseT allows 100 meters between the device and the hub or switch, as does

100BaseTX. Table 4-5 on page 144 summarizes the lengths for all Ethernet LAN types.

The bridge examines the destination MAC address of a frame and looks for the address in

its bridge (or address) table. If found, the matching entry tells the bridge which output

interface to use to forward the frame. If not found, the bridge forwards the frame out all

other interfaces (except for interfaces blocked by Spanning Tree and the interface in which

the frame was received). The bridge table is built by examining incoming frames’ source

MAC addresses.

100 million bits per second (100 Mbps).

Physically redundant paths in the network are allowed to exist and be used when other

paths fail. Also, loops in the bridged network are avoided. Loops are particularly bad

because bridging uses LAN headers, which do not provide a mechanism to mark a frame

so that its lifetime can be limited; in other words, the frame can loop forever.

The root port is the port in which the CBPDU with the lowest-cost value is received. The

root port is placed in forwarding state on each bridge and switch.

The bridge listens for incoming frames and examines the source MAC address. If not in

the table, the source address is added, along with the port (interface) by which the frame

entered the bridge. The bridge also marks an entry for freshness so that entries can be

removed after a period of disuse. This reduces table size and allows for easier table

changes in case a Spanning Tree change forces more significant changes in the bridge

(address) table.

6 bytes long, or 48 bits.

Collisions are reduced by creating two collision domains. Broadcasts also are reduced

because the router does not forward broadcasts. Routers provide greater control and

administration as well.

The bridge/switch examines both MAC addresses. The source is examined so that entries

can be added to the bridge/address table. The destination address is examined to determine

the interface out which to forward the frame. Table lookup is required for both addresses

for any frame that enters an interface. That is one of the reasons that LAN switches, which

have a much larger number of interfaces than traditional bridges, need to have optimized

hardware and logic to perform table lookup quickly.

A collision domain is a set of Ethernet devices for which concurrent transmission of a

frame by any two of them will result in a collision. Bridges, switches, and routers separate

LAN segments into different collision domains. Repeaters and shared hubs do not

separate segments into different collision domains.

Each bridge/switch begins by sending CBPDUs claiming itself as the root bridge.

First, all ports on the root bridge are placed in forwarding state. Second, one port on each

bridge is considered its root port, which is placed in forwarding state. Finally, on each

LAN segment, one bridge is considered to be the designated bridge on that LAN; that

designated bridge’s interface on the LAN is placed in forwarding state.

Both identify more than one device on the LAN. Broadcast always implies all devices on

the LAN, whereas multicast implies some subset of all devices. Multicast is not allowed

on Token Ring; broadcast is allowed on all LAN types. Devices that intend to receive

frames addressed to a particular multicast address must be aware of the particular

multicast address(es) they should process. These addresses are dependent on the

applications used. Read RFC 1112, the Internet Group Message Protocol (IGMP), for

related information about the use of Ethernet multicast in conjunction with IP multicast.

For example, the broadcast address is FFFF.FFFF.FFFF, and one sample multicast address

is 1000.5e00.0001.

1518 bytes. See Figure 4-5 on page 141 for more detail.

A broadcast domain is a set of Ethernet devices for which a broadcast sent by any one of

them should be received by all others in the group. Unlike routers, bridges and switches

do not stop the flow of broadcasts. Two segments separated by a router would each be in

a different broadcast domain. A switch can create multiple broadcast domains by creating

multiple VLANs, but a router must be used to route packets between the VLANs.

Three different broadcast domains are created with three VLANs, so the devices’ CPU

utilization should decrease due to decreased broadcast traffic. Traffic between devices in

different VLANs will pass through some routing function, which can add some latency

for those packets. Better management and control are gained by including a router in the

path for those packets.

ISL and 802.1Q are the trunking protocols used by Cisco over Fast Ethernet. If only one

VLAN spans the two switches, a trunking protocol is not needed. Trunking or tagging

protocols are used to tag a frame as being in a particular VLAN; if only one VLAN is used,

tagging is unnecessary.

The loopback feature copies the transmitted frame back onto the receive pin on the NIC

interface. The collision detection logic compares the received frame to the transmitted

frame during transmission; if the signals do not match, then a collision is occurring. This

logic implies that half duplex is being used because if collisions can occur, only one

transmitter at a time is allowed. With full duplex, collisions cannot occur, so the loopback

and collision detection features are not needed, and concurrent transmission and reception

is allowed.

Blocking, listening, and learning. Blocking is the only stable state; the other two are

transitory between blocking and forwarding. Table 4-13 on page 170 summarizes the

states and their features.

If the port is the designated bridge on its LAN segment, the port is placed in forwarding

state. Also, if the port is the root port, it is placed in forwarding state. Otherwise, the port

is placed in blocking state.

The root bridge’s ports are always in a forwarding state because they always have cost 0

to the root, which ensures that they are always the designated bridges on their respective

LAN segments.

A single IP address is needed. No need exists for an IP address per port because the switch

is not a router. The management IP address is considered to be in VLAN1.

command would block the frames. This also makes address 0200.7777.7777 permanently

held in the MAC address table for port 0/6.

but because the switch does not run IOS, no command will display the level of IOS in the

switch.

This global configuration command tells the switch what action to take when the

maximum number of addresses on a port has been exceeded. If a new dynamically learned

MAC address on some port had caused the maximum (as defined by the port secure

command) to be exceeded, the port would have been disabled.

although it is easy to call it the startup-config, commands instead refer to this

configuration file as NVRAM.

Unlike the router IOS, commands are saved in both running config and in NVRAM as the

These two ports are known as fastethernet 0/26 and 0/27. 0/25 is always reserved for the

AUI port, and 0/1 through 0/24 are always reserved for the (up to) first 24 Ethernet ports.

switching decisions.

VLAN Trunking Protocol is a protocol used to transmit configuration information about

VLANs between interconnected switches. VTP helps prevent misconfiguration, eases

administration of the switches, and also reduces broadcast overhead by the use of VTP

pruning.

Server and client modes are used to actively participate in VTP; transparent mode is used

to simply stay out of the way of servers and clients while not participating in VTP.

Switches in client mode cannot change or add VLANs.

other words, to use ISL) as long as the switch in the other end of the trunk is configured

for on, autonegotiate, or desirable. If the other switch has configured the trunk as off or

nonegotiate, trunking will not be enabled.

Only VTP servers generate VTP advertisements.

Transmission Control Protocol, User Datagram Protocol, Internet Protocol, and Internet

Control Message Protocol. Both TCP and UDP are Layer 4 protocols. ICMP is considered

a Layer 3 protocol because it is used for control and management of IP. IP is the core part

of the network layer of TCP/IP, so it is also considered to be a Layer 3 protocol.

TCP numbers the first byte in each segment with a sequence number. The receiving host

uses the acknowledgment field in segments it sends back to acknowledge receipt of the

data. If the receiver sends an acknowledgment number that is a smaller number than the

sender expected, the sender believes the intervening bytes were lost, so the sender resends

them. The router plays no role unless the TCP connection ends in the router—for example,

a Telnet into a router.

Both FTP and TFTP perform error recovery. FTP relies on TCP, whereas TFTP performs

application layer recovery one block of data at a time.

A three-way connection establishment sequence is performed, and a four-flow connection

termination sequence is used.

The subnet is 134.141.7.0. The binary algorithm is shown in the following table.

The broadcast address is 134.141.7.255. The binary algorithm is shown in the following

table.

The subnet number is 200.1.1.128, and the subnet broadcast address is 200.1.1.159. The

assignable addresses are all the addresses between the subnet and broadcast addresses,

namely 200.1.1.129 to 200.1.1.158.

The Class C network number is 220.8.7.0. The mask implies that the bits 25 through 28,

which are the first 4 bits in the fourth octet, comprise the subnet field. Essentially, the

subnet numbers have the same numbers in the network portion and the same (all binary 0)

value in the host portion of the number. Each individual subnet number has a unique value

in the subnet portion of the number.

The binary algorithm is shown in the following table. Refer to the section “Given a

Network Number and a Static Subnet Mask, What Are the Valid Subnet Numbers?” in

Chapter 5 for a review of the algorithm.

First three octets in binary 1101 1100 0000 1000 0000 0111

Host field with all zeros added 1101 1100 0000 1000 0000 0111 0000

All binary 0 subnet field added,

completing the first subnet

number

Added binary 1 to subnet field,

giving second subnet number

Added binary 1 to subnet field,

giving third subnet number

Added binary 1 to subnet field,

giving fourth subnet number

Added binary 1 to subnet field,

giving fifth subnet number

Added binary 1 to subnet field,

giving sixth subnet number

router rip

network 8.0.0.0

interface ethernet 0

ip address 8.0.1.1 255.255.255.0

interface serial 0

ip address 8.0.2.1 255.255.255.0

interface serial 1

ip address 8.0.3.1 255.255.255.0

command could have been used, enabling subnet 8.0.0.0 as well as the subnets 8.0.1.0,

8.0.2.0, and 8.0.3.0 to be used in the configuration.

When using versions of the IOS before version 12.0, the question asks for the number of

in the response.) “Number of subnet bits” from the setup question uses the definition that

there are three parts to an address—network, subnet, and host. The size of the network

field is based on the class of address; the interface’s address was typed in response to an

earlier setup question. The mask simply has binary 1s in the network and subnet fields,

and binary 0s in the host field.

With version 12.0 and beyond, setup prompts for the subnet mask in canonical decimal

format—for example, 255.255.255.0.

with UDP as the transport layer protocol, with TTL values beginning at 1 and then

incrementing by 1 in successive messages. The result is that intervening routers find that

the TTL is exceeded and send ICMP “TTL exceeded” messages back to the originator of

addresses of the “TTL exceeded” packets identify each router. By sending other packets

with TTL=2, then 3, and so on, eventually the packet is received by the host. The host

endpoint host has been reached.

U is an indication that an unreachable message was received. The type of unreachable

message is not implied by the “U”.

Ten bytes. The network portion is 32 bits, and the node portion is 48 bits. The node part

conveniently is the same size as a LAN MAC address.

There is no such thing as subnetting with IPX. This is an example of a question meant to

shake your confidence on the exam. Thoughts like, “I never read about subnetting IPX!”

can destroy your concentration. Be prepared for unusual questions or answers like this on

the exam.

ipx routing 0200.1111.1111

interface serial 0

ipx network 100

interface serial 1

ipx network 200

interface ethernet 0

ipx network 300

addresses are easily recognizable on the serial interfaces. This helps with troubleshooting

because it will be easier to remember the IPX addresses used when pinging.

the entire IPX addresses.

Transmission Control Protocol, User Datagram Protocol, Internet Protocol, and Internet

Control Message Protocol. Both TCP and UDP are Layer 4 protocols. ICMP is considered

a Layer 3 protocol because it is used for control and management of IP. IP is the core part

of the network layer of TCP/IP.

Network, subnet, and host are the three parts of an IP address. However, many people

commonly treat the network and subnet parts of an address as a single part, leaving only

two parts, the subnet and host parts. On the exam, the multiple-choice format should

provide extra clues as to which terminology is used.

A subnet mask defines the number of host bits in an address. The bits of value 0 define

which bits in the address are host bits. The mask is an important ingredient in the formula

to dissect an IP address; along with knowledge of the number of network bits implied for

Class A, B, and C networks, the mask provides a clear definition of the size of the network,

subnet, and host parts of an address.

The subnet is 134.141.7.0. The binary algorithm is shown in the table that follows.

The network number is 193.193.7.0. Because this is a Class C address and the mask used

is 255.255.255.0 (the default), there is no subnetting in use. The binary algorithm is shown

in the table that follows.

The subnet is 10.5.0.0. The binary algorithm math is shown in the table that follows.

Address 193.193.7.7 1100 0001 1100 0001 0000 0111 0000 0111

Mask 255.255.255.0 1111 1111 1111 1111 1111 1111 0000 0000

Result 193.193.7.0 1100 0001 1100 0001 0000 0111 0000 0000

The subnet is 190.1.42.0. The binary algorithm math is shown in the table that follows.

The subnet is 200.1.1.128. The binary algorithm math is shown in the table that follows.

The subnet is 220.8.7.96. The binary algorithm math is shown in the table that follows.

The subnet is 140.1.1.0. The binary algorithm math is shown in the table that follows.

The subnet is 167.88.99.64. The binary algorithm math is shown in the table that follows.

The broadcast address is 134.141.7.255. The binary algorithm is shown in the table that

follows.

The broadcast address is 193.193.7.255. Because this is a Class C address and the mask

used is 255.255.255.0 (the default), there is no subnetting in use. The binary algorithm is

shown in the table that follows.

The subnet is 10.5.0.0. The binary algorithm math is shown in the table that follows.

Broadcast

Address

Address 193.193.7.7 1100 0001 1100 0001 0000 0111 0000 0111

Mask 255.255.255.0 1111 1111 1111 1111 1111 1111 0000 0000

Result 193.193.7.0 1100 0001 1100 0001 0000 0111 0000 0000

Broadcast

Address

Broadcast

Address

The broadcast address is 190.1.42.255. The binary algorithm math is shown in the table

that follows.

The broadcast address is 200.1.1.159. The binary algorithm math is shown in the table that

follows.

The broadcast address is 220.8.7.111. The binary algorithm is shown in the table that

follows.

Broadcast

Address

Broadcast

Address

Broadcast

Address

The broadcast address is 140.1.1.7. The binary algorithm math is shown in the table that

follows.

The broadcast address is 167.88.99.127. The binary algorithm math is shown in the table

that follows.

The subnet number is 134.141.7.0, and the subnet broadcast address is 134.141.7.255. The

assignable addresses are all the addresses between the subnet and broadcast addresses,

namely 134.141.7.1 to 134.141.7.254.

The subnet number is 193.193.7.0, and the subnet broadcast address is 193.193.7.255. The

assignable addresses are all the addresses between the subnet and broadcast addresses,

namely 193.193.7.1 to 193.193.7.254.

The subnet number is 10.5.0.0, and the subnet broadcast address is 10.5.255.255. The

assignable addresses are all the addresses between the subnet and broadcast addresses,

namely 10.5.0.1 to 10.5.255.254.

Broadcast

Address

Broadcast

Address

The subnet number is 190.1.42.0, and the subnet broadcast address is 190.1.42.255. The

assignable addresses are all the addresses between the subnet and broadcast addresses,

namely 190.1.42.1 to 190.1.42.254.

The subnet number is 200.1.1.128, and the subnet broadcast address is 200.1.1.159. The

assignable addresses are all the addresses between the subnet and broadcast addresses,

namely 200.1.1.129 to 200.1.1.158.

The subnet number is 220.8.7.96, and the subnet broadcast address is 220.8.7.111. The

assignable addresses are all the addresses between the subnet and broadcast addresses,

namely 220.8.7.97 to 220.8.7.110.

The subnet number is 140.1.1.0, and the subnet broadcast address is 140.1.1.7. The

assignable addresses are all the addresses between the subnet and broadcast addresses,

namely 140.1.1.1 to 140.1.1.6.

The subnet number is 167.88.99.64, and the subnet broadcast address is 167.88.99.127.

The assignable addresses are all the addresses between the subnet and broadcast

addresses, namely 167.88.99.65 to 167.88.99.126.

The Class B network number is 134.141.0.0. The mask implies that the entire third octet,

and only that octet, comprises the subnet field. Essentially, the subnet numbers have the

same numbers in the network portion and the same (all binary 0) value in the host portion

of the number. Each individual subnet number has a unique value in the subnet portion of

the number.

The binary algorithm is shown in the table that follows. Refer to the section “Given a

Network Number and a Static Subnet Mask, What Are the Valid Subnet Numbers?” in

Chapter 5 for a review of the algorithm.

The Class A network number is 10.0.0.0. The mask implies that the entire second and

third octets, and only those octets, comprise the subnet field. Essentially, the subnet

numbers have the same numbers in the network portion and the same (all binary 0)

value in the host portion of the number. Each individual subnet number has a unique value

in the subnet portion of the number.

The binary algorithm is shown in the table that follows. Refer to the section “Given a

Network Number and a Static Subnet Mask, What Are the Valid Subnet Numbers?” in

Chapter 5 for a review of the algorithm.

Step 2 (only one line shown) 1000 0110 1000 1101

Step 3 (only one line shown) 1000 0110 1000 1101 0000 0000

Step 2 (only one line shown) 0000 1010

Step 3 (only one line shown) 0000 1010 0000 0000

The Class C network number is 220.8.7.0. The mask implies that the bits 25 to 28, which

are the first 4 bits in the fourth octet, comprise the subnet field. Essentially, the subnet

numbers have the same numbers in the network portion and the same (all binary 0) value

in the host portion of the number. Each individual subnet number has a unique value in the

subnet portion of the number.

Refer to the section “Given a Network Number and a Static Subnet Mask, What Are the

Valid Subnet Numbers?” in Chapter 5 for a review of the algorithm.

The Class B network number is 140.1.0.0. The mask implies that the bits 17 to 29, which

are all the bits in the third octet and the first 5 bits in the fourth octet, comprise the subnet

field. Essentially, the subnet numbers have the same numbers in the network portion and

the same (all binary 0) value in the host portion of the number. Each individual subnet

number has a unique value in the subnet portion of the number.

The binary algorithm is shown in the table that follows. Refer to the section “Given a

Network Number and a Static Subnet Mask, What Are the Valid Subnet Numbers?” in

Chapter 5 for a review of the algorithm.

Step 2 (only one line shown) 1101 1100 0000 1000 0000 0111

Step 3 (only one line shown) 1101 1100 0000 1000 0000 0111 0000

Step 2 (only one line shown) 1000 1100 0000 0001

information in the same manner as the “Foundation Topics” section of Chapter 5

described the binary algorithm to solve this type of problem.

related information in the same manner as the “Foundation Topics” section of Chapter 5

described the binary algorithm to solve this type of problem.

Network and

Mask

Number of

Network Bits

Number of

Host Bits

Number of

Subnet Bits

Number of

Hosts per

Subnet

Number of

Subnets

134.141.0.0,

255.255.255.0

16 8 8 254 256

Network and

Mask

Number of

Network Bits

Number of

Host Bits

Number of

Subnet Bits

Number of

Hosts per

Subnet

Number of

Subnets

10.0.0.0,

255.255.255.0

8 8 16 254 65,536

information in the same manner as the “Foundation Topics” section of Chapter 5

described the binary algorithm to solve this type of problem.

related information in the same manner as the “Foundation Topics” section of Chapter 5

described the binary algorithm to solve this type of problem.

router rip

network 8.0.0.0

interface ethernet 0

ip address 8.0.1.1 255.255.255.0

interface serial 0

ip address 8.0.2.1 255.255.255.0

interface serial 1

ip address 8.0.3.1 255.255.255.0

Network and

Mask

Number of

Network Bits

Number of

Host Bits

Number of

Subnet Bits

Number of

Hosts per

Subnet

Number of

Subnets

220.8.7.0,

255.255.255.

240

24 4 4 14 16

Network and

Mask

Number of

Network Bits

Number of

Host Bits

Number of

Subnet Bits

Number of

Hosts per

Subnet

Number of

Subnets

140.1.0.0 16 3 13 6 8096

command could have been used, enabling subnet 8.0.0.0 as well as the subnets 8.0.1.0,

8.0.2.0, and 8.0.3.0 to be used in the configuration.

address of the interface.

When using versions of the IOS before version 12.0, the question asks for the number of

in the response.) “Number of subnet bits” from the setup question uses the definition that

there are three parts to an address—network, subnet, and host. The size of the network

field is based on the class of address; the interface’s address was typed in response to an

earlier setup question. The mask simply has binary 1s in the network and subnet fields,

and binary 0s in the host field.

With version 12.0 and beyond, setup prompts for the subnet mask in canonical decimal

format—for example, 255.255.255.0.

Class A, B, and C, with default masks 255.0.0.0, 255.255.0.0, and 255.255.255.0,

range.

TCP numbers the first byte in each segment with a sequence number. The receiving host

uses the acknowledgment field in segments it sends back to acknowledge receipt of the

data. If the receiver sends an acknowledgment number that is a smaller number than the

sender expected, the sender believes that the intervening bytes were lost, so the sender

resends them. The router plays no role unless the TCP connection ends in the router—for

example, a telnet into a router. A full explanation is provided in the section, “Error

Recovery (Reliability)” in Chapter 5.

The ICMP redirect message enables a router to tell a host to use a different router than

itself because that other router has a better route to the subnet to which the host sent a

packet. The redirect also implies that the router sending the redirect, the host sending the

original packet, and the better router all have interfaces attached to this same subnet.

with UDP as the transport layer protocol, with TTL values beginning at 1 and then

incrementing by 1 in successive messages. The result is that intervening routers will find

that the TTL is exceeded and will send ICMP “TTL exceeded” messages back to the

The source addresses of the “TTL exceeded” packets identify each router. By sending

other packets with TTL=2, then 3, and so on, eventually the packet is received by the host.

know that the endpoint host has been reached.

Internet Protocol and Internet Control Message Protocol. Both protocols are considered

to be part of TCP/IP’s protocols equivalent to OSI Layer 3. ICMP is also considered a

Layer 3 protocol because it is used for control and management of IP. However, an IP

header precedes an ICMP header, so it is common to treat ICMP as another Layer 4

protocol, like TCP and UDP. ICMP does not provide services to a higher layer, so it is

really an adjunct part of Layer 3.

U is an indication that an unreachable message was received. The type of unreachable

message is not implied by the “U”.

address, the MAC address, and the interface from which the information was learned. The

encapsulation type is also in the table entry.

two hosts. 255.255.255.252 is often used on serial links when using VLSM; point-to-point

links need only two IP addresses.

With a Class B network, the first 16 bits are network bits. With mask 255.255.255.224,

are avoided, 2046 are left. For the mask 255.255.252.0, there are 10 host bits, leaving 6

Ten bytes. The network portion is 32 bits, and the node portion is 48 bits. The node part

conveniently is the same size as a LAN MAC address.

Internetwork Packet Exchange and Sequenced Packet Exchange.

Data link encapsulation describes the details of the data link header and trailer created by

a router as the result of routing a packet out an interface. Novell allows several options on

LANs. Encapsulation is used for any routed protocol on every router interface. Novell just

happens to have many options that are still in use, particularly on Ethernet.

There is no such thing as subnetting with IPX. This is an example of a question meant to

shake your confidence on the exam. Thoughts like, “I never read about subnetting IPX!”

can destroy your concentration. Be prepared for unusual questions or answers like this on

the exam.

Ethernet_II uses Ethernet version 2 headers (destination and source address, and

type field). Ethernet_802.3 uses an 802.3 header (destination and source address, and

length field). Ethernet_802.2 uses an 802.3 header and an 802.2 header (802.2 adds DSAP,

SSAP, and Control fields). Ethernet_SNAP uses an 802.3 header, an 802.2 header, and

then a SNAP header (SNAP adds OUI and protocol fields). The names in this answer use

Novell’s names. The corresponding keywords in the IOS are arpa, novell-ether, SAP, and

SNAP, respectively. The Novell names refer to the last header before the IPX header. See

Table 5-32 and Table 5-33, on pages 301 and 302, for a reference for all LAN

encapsulations.

SPX (Sequenced Packet Exchange).

four answers; spend a little time memorizing the commands summarized at the beginning

of each configuration section in most chapters of this book.

network number is one big reason why there is no need for subnetting IPX networks.

ipx routing 0200.1111.1111

interface serial 0

ipx network 100

interface serial 1

ipx network 200

interface ethernet 0

ipx network 300

The node part of the address was supplied in the IPX routing command so that the IPX

addresses are easily recognizable on the serial interfaces. This helps troubleshooting

because it will be easier to remember the IPX addresses used when pinging.

100.0200.1111.1111

show ipx interface

If you left off the node parameter on the IPX routing command in the previous question,

the IPX address would have a node number equal to the MAC address used on the Ethernet

interface.

the entire IPX addresses.

There are four encapsulations for Ethernet, three encapsulations for FDDI, and two

encapsulations for Token Ring. Table 5-32 and Table 5-33, on pages 301 and 302, list the

different encapsulations.

and this is the default IPX encapsulation. This question is just trying to test your recall of

the default encapsulation for Ethernet.

interface ethernet 0

ipx network 1 encapsulation sap

ipx network 2 encapsulation snap secondary

Subinterfaces could also have been used instead of secondary IPX networks.

False. Only one network per encapsulation is allowed. Because four Ethernet

encapsulations can be used with IPX, four IPX networks are supported. Using the same

logic, only three networks are allowed on FDDI, and two on Token Ring.

All IPX network numbers are considered to be hexadecimal by the IOS. The largest value

is FFFFFFFE, with FFFFFFFF being reserved as the broadcast network.

SAP encapsulation on the IOS implies use of the 802.2 header immediately before the IPX

packet. SAP and SNAP are valid on Ethernet, FDDI, and Token Ring. SAP also refers to

the field in the 802.2 header that is used to identify IPX as the type of packet that follows

the 802.2 header.

accomplish the goal of having the router use a known route as the default for packets that

0.0.0.0 is used by the IOS to represent the default network.

The packet will be routed using the default route, regardless of other configuration

commands. In this particular scenario, where the Class A, B, or C network is known, there

is no match for the destination in the known subnets, and a default exists, the default must

be used.

Classless Interdomain Routing is the concept of grouping multiple sequential network

numbers into a single routing table entry, for the purpose of improving scalability of

Internet routers by reducing the size of the IP routing table.

Some hosts will never need to communicate with other hosts across the Internet. For such

hosts, assignment of IP addresses from registered networks wastes IP addresses. To

reserved and can be used in these cases to help conserve IP addresses for use over the

Internet.

Network Address Translation is a mechanism for allowing hosts with private addresses or

addresses that conflict with IP addresses from a registered network to communicate with

hosts over the Internet. The basic operation involves the NAT router changing the IP

addresses in packets to and from these hosts so that the only type of IP address used in

flows through the Internet uses addresses that are legitimately registered.

TFTP requires less code. It was designed to be simple (that is, trivial), with the small

amount of memory needed to load the code ranking as an advantage to using TFTP. FTP

is much more robust, with many more features and more code.

Both FTP and TFTP perform error recovery. FTP relies on TCP, whereas TFTP performs

application layer recovery one block of data at a time.

When a packet must be forwarded but the packet is larger than the maximum transmission

unit (MTU) size for the outgoing interface, the router fragments the packet, as long as the

Don’t Fragment bit is not set. No IP router reassembles the fragments; fragments are

reassembled at the final destination host.

A three-way connection establishment sequence is used, and a four-flow connection

termination sequence is used.

Sixteen Class B networks are reserved for use as private networks in RFC 1918, networks

172.16.0.0 to 172.31.0.0.

Routing updates sent out an interface do not contain routing information about subnets

learned from updates entering the same interface. Split horizon is used only by distance

vector routing protocols.

default. SAP also uses split horizon concepts.

Route poisoning is the distance vector routing protocol feature in which a newly bad route

is advertised with an infinite metric. Routers receiving this routing information then can

mark the route as a bad route immediately. The purpose is to prevent routing loops.

A triggered update is the routing protocol feature in which an update is sent immediately

when new routing information is learned rather than waiting on a timer to complete before

sending another routing update.

Issue the following commands in configuration mode:

router igrp 5

network 10.0.0.0

no router rip

If RIP still was configured, IGRP’s routes would be chosen over RIP. The IOS considers

IGRP to be a better source of routing information, by default, as defined in the

administrative distance setting (default 120 for RIP, 100 for IGRP).

from RIP.

routers sending updates to this router. Knowing how to determine a fact without looking

command lists next-hop router IP addresses. The next-hop routers listed identify the

routers that are sending routing updates.

No. There must be a network statement for network 168.10.0.0 before RIP will advertise

out that interface.

The primary metric is a counter of timer ticks. If two routes to the same network tie with

the ticks metric, the hop count is considered. Ticks are increments of 1/18ths of a second.

The number of ticks is not measured but is set with defaults of 1 on LAN interfaces and 6

on WAN interfaces. The IPX delay interface subcommand overrides the defaults.

GNS stands for Get Nearest Server. Clients create the request, which is a broadcast

looking for a nearby server. Servers and routers reply, based on their SAP table, with the

IPX address of a server whose RIP metric is low.

The IOS is unaffected by an interface’s bandwidth when considering IPX RIP metrics;

ticks will default to 6 for any serial interface, regardless of bandwidth setting.

show ipx route

show ipx servers

a reference to the RIP metrics; the information is handy when looking for good servers for

a GNS reply.

Integrated multiprotocol routing means that multiple routed protocols use a common

routing protocol, which consolidates routing updates. EIGRP is the only such routing

protocol covered in the recommended training path for CCNAs; EIGRP exchanges

routing information for IP, IPX, and AppleTalk. IGRP and Integrated IS-IS support both

IP and OSI CLNS routable protocols.

EIGRP supports integrated multiprotocol routing for IP, IPX, and AppleTalk. IGRP and

Integrated IS-IS support integrated multiprotocol routing for IP and OSI CLNS.

The four reasons outlined in this text are these:

limitations

Other reasons may also be valid because this question is somewhat subjective.

other side of the tunnel. There is only one transport protocol in the IOS: IP.

Distance vector. Holddown helps prevent counting to infinity problems. Holddown is

explained in detail in the section “Distance Vector Routing Protocols” in Chapter 6. After

hearing that a route has failed, a router waits for holddown time before believing any new

information about the route.

Routing updates sent out an interface do not contain routing information about subnets

learned from updates entering the same interface. Split horizon is used only by distance

vector routing protocols.

Issue the following commands in configuration mode:

router igrp 5

network 10.0.0.0

no router rip

If RIP still were configured, IGRP’s routes would be chosen over RIP. The IOS

considers IGRP to be a better source of routing information by default, as defined in

the administrative distance setting (default 120 for RIP, 100 for IGRP).

routes.

router igrp 5

network 10.0.0.0

network 199.1.1.0

If you noticed that 224.1.2.3 is not a valid Class A, B, or C address, you get full credit.

A new address will be needed for Ethernet 1, with a matching network command.

router igrp 1

network 200.1.1.0

network 128.1.0.0

network 192.0.1.0

network 223.254.254.0

Because four different networks are used, four network commands are required. If you

noticed that the question did not specify the process ID (1, in this sample) but configured

one, you get full credit. A few of these network numbers are used in examples; memorize

the range of valid A, B, and C network numbers.

routers sending updates to this router. Knowing how to determine a fact without looking

command lists next-hop router IP addresses. The next-hop routers listed identify the

routers that are sending routing updates.

Every 60 seconds.

The primary metric is a counter of timer ticks. If two routes to the same network tie with

the ticks metric, the hop count is considered. Ticks are increments of 1/18ths of a second.

The number of ticks is not measured but is set with defaults of 1 on LAN interfaces and 6

on WAN interfaces. The IPX delay interface subcommand overrides the defaults.

SAP also uses split horizon concepts.

subcommand.

GNS stands for Get Nearest Server. Clients create the request, which is a broadcast

looking for a nearby server. Servers and routers reply, based on their SAP table, with the

IPX address of a server whose RIP metric is low.

Separate multiprotocol routing means that each routed protocol, such as IP, IPX, or

AppleTalk, uses a separate set of routing protocols, which each send separate routing

updates to advertise routing information.

Every 60 seconds.

The IOS is unaffected by an interface’s bandwidth when considering IPX RIP metrics;

ticks will default to 6 for any serial interface, regardless of bandwidth setting.

False. Routers never forward SAP packets, but they instead read the information in the

updates, update their own SAP tables, and then discard the packets. Routers also send SAP

updates every update timer (default 60 seconds), regardless of what other routers may do.

This sample question is another case of tricky wording that may be used to make sure you

know the topic.

show ipx route

show ipx servers

a reference to the RIP metrics; the information is handy when looking for good servers for

a GNS reply.

Integrated multiprotocol routing means that multiple routed protocols use a common

routing protocol, which consolidates routing updates. EIGRP is the only such routing

protocol covered in the recommended training path for CCNAs; EIGRP exchanges

routing information for IP, IPX, and AppleTalk. IGRP and Integrated IS-IS support both

IP and OSI CLNS routable protocols.

No. There must be a network statement for network 168.10.0.0 before RIP will advertise

which to send and receive updates.

No. There must be a network statement for network 168.10.0.0 before IGRP will advertise

about that directly connected subnet.

Yes. The route will be in the routing table because it is a directly connected subnet, not

because of any action by IGRP.

EIGRP supports integrated multiprotocol routing for IP, IPX, and AppleTalk. IGRP and

Integrated IS-IS support integrated multiprotocol routing for IP and OSI CLNS.

IGRP (and EIGRP) use a concept called variance, which represents how close the metrics

subcommand is used to set the value.

the number. The maximum is 6, and the default is 4.

the number. The maximum is 6, and the default is 4.

The association and transmission of mask information with each route allows VLSM

support with any routing protocol, RIP-2 included.

The features included in RIP-2 but not in RIP-1 include: transmission of subnet mask with

routes, authentication, next-hop router IP address in routing update, external route tags,

and multicast routing updates.

require a version 2 router subcommand to enable RIP-2.

The four reasons outlined in this text are: to allow multiprotocol traffic to flow over an IP

backbone, to support VPNs, to overcome discontiguous network problems, and to

overcome the shortcoming of some routing protocols with low maximum metric

limitations. Other reasons also might be valid because this question is somewhat

subjective.

To answer this question, you must know what the term transport protocol refers to.

Transport protocol refers to the protocol that both encapsulates the data and transports the

data to the other side of the tunnel. This is a trick question—there is only one transport

protocol in the IOS: IP.

transport protocol; its main purpose is to have a type field to identify the type of packet

it is being carried to the other end of the tunnel.

RIP-1, IGRP, EIGRP, and RIP-2 all have auto summarization enabled by default. EIGRP

and RIP-2 can disable this feature.

EIGRP and OSPF support route aggregation.

command lists only the mask in the heading line for the network. If VLSM were in use,

then each route for each subnet would reflect the mask used in that case.

False. Routes are learned by receiving routing updates from neighboring routers.

In this scenario, the first route learned is placed into the table. If that route is removed at

a later time, the next routing update received after the original route has been removed is

added to the routing table.

Route poisoning is the distance vector routing protocol feature in which a newly bad route

is advertised with an infinite metric. Routers receiving this routing information then can

mark the route as a bad route immediately. The purpose is to prevent routing loops.

A triggered update is the routing protocol feature in which an update is sent immediately

when new routing information is learned rather than waiting on a timer to complete before

sending another routing update.

access-list 4 deny 134.141.7.0 0.0.0.255

access-list 4 permit any

interface serial 0

ip access-group 4

The first access list statement denied packets from that subnet. The other statement is

needed because of the default action to deny packets not explicitly matched in an access

list statement.

Two statements are required. If the protocol type IP is configured, the port number is not

allowed to be checked. So, the TCP or UDP protocol type must be used to check the port

numbers. Therefore, if port 25 needs to be checked for both TCP and UDP, two statements

are needed: one for TCP and one for UDP.

False. The default action at the end of any IP or IPX access list is to deny all other packets.

Only one IP access list per interface, per direction. In other words, one inbound and one

outbound are allowed, but no more.

Three statements will remain in the list, with the newly added statement at the end of the

subcommand in named lists. However, when the command is added again, it cannot be

placed anywhere except at the end of the list.

Many people would consider checking the network number and checking a full IPX

address as the same item. These functions are listed separately here only to make sure you

recall that both variations are possible.

Many people would consider checking the network number and checking a full IPX

address as the same item. These functions are listed separately here only to make sure you

recall that both variations are possible. Also, the mask can be used only if the full IPX

address is specified and masks out only parts of the node part of the address.

The same matching criteria are used for numbered extended IPX access lists as that used

for named extended IPX access lists.

You cannot match more than one SAP with a single access list statement. To match four

separate SAP values, four separate access list statements are required.

including the name and number of all standard, extended, and SAP access lists enabled on

each interface.

access-list 4 deny 134.141.7.0 0.0.0.255

access-list 4 permit any

interface serial 0

ip access-group 4

The first access list statement denied packets from that subnet. The other statement is

needed because the default action to deny packets is not explicitly matched in an access

list statement.

access-list 105 permit tcp 193.7.6.0 0.0.0.255

128.1.0.0 0.0.255.255 eq www

!

interface serial 0

ip access-group 105 in

A “deny all” is implied at the end of the list.

access-list 1 deny 10.3.4.0 0.0.0.255

access-list 1 permit any

access-list 2 deny 134.141.5.4

access-list 2 permit any

interface serial 0

ip access-group 1

ip access-group 2 in

access-list 101 permit tcp 10.3.4.0 0.0.0.255 any eq www

access-list 102 permit tcp host 134.141.5.4 any lt 1023

interface serial 0

ip access-group 101 out

ip access-group 102 in

Two extended access lists are required. List 101 permits packets in the first of the two

criteria, in which packets exiting S0 are examined. List 102 permits packets for the second

criterion, in which packets entering S0 are examined.

access-list 800 permit 500.0000.0000.0001 4

interface serial0

ipx access-group 800 in

A “deny all else” is implied at the end of the list.

None. This is a trick question. SAP types 4 and 7 represent file and print services,

respectively. However, sockets are different, and there is no correlation between SAP

service types and sockets. The message: Read all the words in the question! Some

questions are purposefully designed to ensure that you know what each term means.

access-list 1000 deny -1 7

access-list 1000 permit -1

interface serial 0

ipx output-sap-filter 1000

interface serial1

ipx output-sap-filter 1000

denies those services. However, other proprietary print solutions could use a different SAP

type. This access list matches only for the standard SAP type for printers.

Many people would consider checking the network number and checking a full IPX

address as the same item. These functions are listed separately here only to make sure you

recall that both variations are possible.

No. Standard IP access lists check only the source IP address, regardless of whether the

packets are checked when inbound or outbound.

Two statements are required. If the protocol type IP is configured, the port number is not

allowed to be checked. So, the TCP or UDP protocol type must be used to check the port

numbers. Therefore, if port 25 needs to be checked for both TCP and UDP, two statements

are needed: one for TCP and one for UDP.

False. The default action at the end of any IP or IPX access list is to deny all other packets.

Only one IP access list per interface, per direction. In other words, one inbound and one

outbound are allowed, but no more.

For questions 16 through 18, assume that all parts of the network in Figure A-1 are up and

working. IGRP is the IP routing protocol in use. Answer the questions following Example

A-1, which contains an additional configuration in the Mayberry router.

Only packets coming from Andy exit Mayberry’s Serial 0 interface. Packets originating

work because the IOS will not filter packets originating in that router. Opie is still out of

luck—he’ll never get (a packet) out of Mayberry!

Packets from Andy can get to Web server Governor; packets from Mount Pilot can be

delivered to Governor if the route points directly from Mount Pilot to Raleigh so that the

packets do not pass through Mayberry. Therefore, the access list, as coded, stops only

hosts other than Andy on the Mayberry Ethernet from reaching Web server Governor.

! this access-list is enabled on the Raleigh router

access-list 130 permit tcp 180.3.5.0 0.0.0.255 host 144.155.3.99 eq www

access-list 130 permit tcp 180.3.7.0 0.0.0.255 host 144.155.3.99 eq www

!

interface serial 0

ip access-group 130 in

This access list performs the function, but it also filters IGRP updates as well. That is part

of the danger with inbound access lists; with outbound lists, the router will not filter

packets originating in that router. With inbound access lists, all packets entering the

interface are examined and could be filtered. An IGRP protocol type is allowed in the

updates, permitting those packets. (This command would need to appear before any

statements in list 130 that might match IGRP updates.)

access-list 44 permit 180.3.5.13 0.0.0.0

!

interface serial 0

ip access-group 44

Many people would consider checking the network number and checking a full IPX

address as the same item. These functions are listed separately here only to make sure you

recall that both variations are possible. Also, the mask can be used only if the full IPX

address is specified and masks out only parts of the node part of the address.

Many people would consider checking the network number and checking a full IPX

address as the same item. These functions are listed separately here only to make sure you

recall that both variations are possible. Also, the mask can be used only if the full IPX

address is specified and masks out only parts of the node part of the address.

False. Access list logic is always first match for any application of the list.

command are typed in when issuing the no version of the command.

Three statements will remain in the list, with the newly added statement at the end of the

subcommand in named lists. However, when the command is added again, it cannot be

placed anywhere except at the end of the list.

Five statements will remain in the list, with the newly added statement at the end of the

subcommand in named lists. However, when the command is added again, it cannot be

placed anywhere except at the end of the list.

The same matching criteria are used for numbered extended IPX access lists as are used

for named extended IPX access lists.

Named standard IP access lists match the same items that numbered IP access lists match.

You cannot match more than one SAP with a single access list statement. To match four

separate SAP values, four separate access list statements are required.

ip access-list standard fred

deny 134.141.7.0 0.0.0.255

permit any

!

interface serial 0

ip access-group fred

The first access list statement denies packets from that subnet. The other statement is

needed because the default action to deny packets is not explicitly matched in an access

list statement.

ip access-list extended barney

permit tcp 193.7.6.0 0.0.0.255 128.1.0.0 0.0.255.255 eq www

!

interface serial 0

ip access-group barney in

A “deny all” is implied at the end of the list.