CCNP Route FAQ: Managing Scalable Network Growth

CCNP Route FAQ: Managing Scalable Network Growth

Q1. State two reasons to use an IP tunnel.

Answer: The following are reasons to use an IP tunnel:

  • To solve problems with discontiguous networks
  • To simplify network administration
  • To tunnel desktop protocols through an IP-only backbone

Q2. State instances when access lists may be used for something other than filtering traffic.

Answer: Access lists may be used for the following:

  • Queuing
  • Policy routing
  • QoS
  • Filtering routing updates

Figure: Processing of an IP Access List—Incoming and Outgoing Packets

Q3. In configuring an IP tunnel, how many IP tunnels may be created with the same source and destination address?

Answer: By default, only one tunnel is allowed with the same source and destination address.

Q4. Associate the appropriate IOS feature to solve the network congestion problem experienced on the network in the following table.

Network Congestion Problem IOS Solution
Clients cannot connect to the centralized servers Routing access list
Cisco environment in a large network with a large number of WAN connections Prioritization on the interface
Large routing tables using RIP for IP Reduction of the size of the broadcast domain
by adding a router
Spanning tree is failing IP helper address
SNA sessions are failing EIGRP

Answer: By matching the numbers in the following list you will have the correct answers:

Network Congestion Problem IOS Solution
Clients cannot connect to the centralized servers 3. Routing access list
Cisco environment in a large network with a large number of WAN connections 5. Prioritization on the interface
Large routing tables using RIP for IP 4. Reduction of the size of the broadcast domain
by adding a router
Spanning tree is failing 1. IP helper address
SNA sessions are failing 2. EIGRP

Q5. Which command would prevent the router from forwarding data to a remote network without generating an ICMP message?

Answer: The command that would prevent the router from forwarding data to a remote network without generating an ICMP message is the interface null 0 command.

Q6. Identify two commands that might be used to verify the configuration of an IP access list configuration.

Answer: Two commands that might be used to verify the configuration of an IP access list configuration could be taken from the following list:

  • show ip interface
  • show access-list
  • show running config
  • show startup config

Q7. What UDP ports will the IP helper address forward automatically?

Answer: UDP ports that the IP helper address will forward automatically are TFTP, DNS, BOOTP server, BOOTP client, time, TACACS, NetBIOS name server, and NetBIOS datagram service.

Q8. If the number of workstations increases on a physical segment, the user may experience delays. Give two reasons why this might occur.

Answer: As the number of workstations increases on a physical segment, the user may experience delays because of the following reasons:

  • There are collisions that require retransmission.
  • There is packet loss because buffers on devices are overflowing and require retransmission.
  • The end systems could be slowing down because of excessive broadcast traffic.

Q9. State three considerations when deciding where to place extended IP access lists.

Answer: You should consider at least three of the following:

  • Minimize the distance that denied traffic must travel. Place the access list as close to the source as possible.
  • Keep the denied traffic off the backbone connecting buildings or campuses.
  • Ensure that the router chosen can deal easily with the additional CPU requirements.
  • Consider the CPU utilization because an inbound access list does not have to do a routing update on denied traffic.
  • However, the interface may have to match the access list against more traffic.
  • Consider the number of interfaces affected.
  • Consider the number of nodes affected. Outbound access lists may afford greater granularity.
    Consider access list management.
  • Consider the network growth and the effect on the management of the interfaces and the changing needs in connectivity.

Q10 What is the function of the access layer?

Answer: The function of the access layer is to act as the first point of contact for the end devices or workstations. It also acts as a filter layer to ensure that all local traffic stays local and does not unnecessarily clog the network.

Q11. What is the access list number range for IP extended access lists?

Answer: The extended access list number range is 100 to 199.

Q12. What is priority queuing?

Answer: Priority queuing enables network managers to define how they want traffic to be prioritized in the network. By defining a series of filters based on packet characteristics, traffic is placed into a number of queues; the queue with the highest priority is serviced first, and then the lower queues are serviced in sequence. If the highest-priority queue is always full, this queue will continually be serviced, and packets from the other queues will queue up and be dropped. In this queuing algorithm, one particular kind of network traffic can dominate all others. Priority queuing assigns traffic to one of four queues: high, medium, normal, and low.

Q13. List two symptoms of network congestion.

Answer: Symptoms of network congestion include these:

  • Applications timing out at end stations
  • Clients not being capable of connecting to network resources
  • Network death resulting

The causes of congestion are often the symptoms seen, and they include these:

  • Excessive traffic, seen on the network-management tools
  • Dropped packets, seen on the router interfaces
  • The retransmission of packets, seen on the network-management tools
  • Incomplete routing tables, seen on the router
  • Incomplete service tables, seen on servers and routers
  • Broadcast storms caused by spanning tree

Q14. If a switch has redundant links to another switch, what action would be taken if the Spanning-Tree Protocol fails to see a BPDU in time (within the MaxAge Timer value)?

Answer: If the Spanning-Tree Protocol fails to see the BPDU packet in time, it will unblock the redundant path, in the belief that the primary path is no longer available.

Q15. How could the dropping of packets cause an increase of traffic on the network?

Answer: The dropping of packets could increase the traffic on the network because the applications may request the retransmission of the packet. This is particularly true on a connection-orientated communication.

Q16. How might network congestion cause a loss of services?

Answer: Services may be lost when network congestion is experienced. The reasons include these:

  • The input buffers of the server are overloaded.
  • The application times out.
  • The network traffic informing clients of services is lost or delayed sufficiently for the services to be dropped from the
  • server lists.

Q17. In Cisco’s hierarchical design, what is the function of the core layer?

Answer: A layer is created by defining what needs to run through the layer. The core layer is defined by the need for a high-speed backbone linking the different sites, or logical groupings, of the network. It is the central internetwork for the entire enterprise and may include LAN and WAN backbones. The primary function of this layer is to provide an optimized and reliable transport structure.

Q18. In Cisco’s hierarchical design, where is the access layer located?

Answer: The access layer is the layer that is the closest to the end stations. The router keeps that local traffic local and therefore prevents unnecessary traffic from traversing the network. The access layer is designed to ensure that LAN traffic can be contained locally and does not travel off the network to create network congestion.

Q19. In the hierarchical design suggested by Cisco, at which layer are access lists not recommended?

Answer: Access lists are not recommended at the core layer because this is where the traffic should switch at the highest speeds. Because access lists are CPU-intensive (adding about 15 percent overhead), they are not recommended for use in the core layer. This is still true despite the fact that the technology allows the access list to be cached for fast switching; the general rule is that all decisions are made at the previous layers of the network.

Q20. What is the function of the distribution layer?

Answer: The distribution layer provides the demarcation point between the core and access layers, providing policy-based connectivity and allowing you to do packet manipulation.

Q21. If an access list is configured as an inbound list, will the packet be sent to the routing process?

Answer: The packet from an inbound access list will not be sent to the routing process if a match is found for the access list criteria, and the action is to deny the packet. The packet is discarded before it reaches the routing process.

Q22. State three uses of access lists.

Answer: The following are all valid uses for access lists:

  • Restricting networks sent out in routing updates
  • Restricting connectivity to remote networks
  • Restricting the services advertised in an IPX network
  • Restricting large packet sizes from traversing the network

Q23. In an IP standard access list, what is the default wildcard mask?

Answer: The default wildcard mask in an IP standard access list is 0.0.0.0.

Q24. If a packet does not match any of the criteria in an access list, what action will be taken?

Answer: If the packet being tested against the access list does not match any of the criteria, it will hit the implicit deny all at the bottom of the access list. This results in it being discarded, generating an ICMP message to the sending station.

Q25. Why does the null interface not report an ICMP message stating that the packet is undeliverable?

Answer: The null interface does not report an ICMP message because there is no error to report. From the viewpoint of the routing process, the packet has been successfully routed to the outgoing interface. The routing process is unaware that the outgoing interface is a virtual interface that does not exist. Effectively, the packet has been sent to the dump, thus killing the packet.

Q26. How would you restrict Telnet connectivity to the router that you were configuring?

Answer: To restrict Telnet connections into the router that you are configuring, use access lists that are applied to the terminal lines with the access-class command.

Q27. Which of the queuing techniques offered by the Cisco IOS are manually configured?

Answer: The queuing techniques manually configured on a Cisco system are custom and priority queuing.

Q28. Explain ip helper address. What is its function?

Answer: ip helper address is a command that has the router forward User Datagram Protocol (UDP) broadcasts received on an interface to a directed or specific destination on another network.
Combined with the ip forward-protocol global configuration command, the ip helper-address command enables you to control which broadcast packets and which protocols are forwarded. One common application that requires helper addresses is Dynamic Host Configuration Protocol (DHCP). DHCP is defined in RFC 1531. DHCP protocol information is carried inside BOOTP packets. To enable BOOTP broadcast forwarding for a set of clients, configure a helper address on the router interface closest to the client. The helper address should specify the address of the DHCP server. If you have multiple servers, you can configure one helper address for each server. Because BOOTP packets are forwarded by default, the router can now forward DHCP information. The DHCP server now receives broadcasts from the DHCP clients.

About the author

James Palmer

Leave a Comment