Config Router

You are here: Home / Cisco / CCNP Voice FAQ: Classification, Marking, and NBAR

CCNP Voice FAQ: Classification, Marking, and NBAR

by

CCNP Voice FAQ: Classification, Marking, and NBAR

Q1. Which of the following is not a valid classification traffic descriptor?
A. Incoming interface
B. Traffic path
C. IP precedence or DSCP value
D. Source or destination address

Answer: B

Q2. Which of the following is not considered a data link layer QoS marking field?
A. CoS
B. Frame Relay DE
C. DSCP
D. ATM CLP

Answer: C

Q3. Which of the following CoS values is reserved for internetwork and network control?
A. 0,1
B. 2,3
C. 4,5
D. 6,7

Answer: D

Q4. Which of the following is the Frame Relay QoS marking field?
A. DE
B. CLP
C. CoS
D. EXP

Answer: A

Q5. Which of the following is true about the MPLS header and its EXP field size?
A. The MPLS header is 2 bytes and the EXP field is 3 bits long.
B. The MPLS header is 2 bytes and the EXP field is 6 bits long.
C. The MPLS header is 4 bytes and the EXP field is 6 bits long.
D. The MPLS header is 4 bytes and the EXP field is 3 bits long.

Answer: D

Q6. What is “an externally observable forwarding behavior of a network node toward a group of IP packets that have the same DSCP value”?
A. BA
B. Prec
C. Service class
D. PHB

Answer: D

Q7. Which of the following is not a DSCP PHB?
A. Default PHB
B. Class selector PHB
C. Assured forwarding PHB
D. Cisco Express Forwarding PHB

Answer: D

Q8. Which of the following has the higher drop probability?
A. AF31.
B. AF32.
C. AF33.
D. They all have the same drop probability.

Answer: C

Q9. Which of the following is not a common voice and video service class?
A. Voice bearer (or payload)
B. Voice and video conferencing
C. Video payload
D. Voice and video signaling

Answer: B

Q10. At which of the following places is the trust boundary not implemented?
A. Core switch
B. Distribution switch
C. Access switch
D. End system

Answer: A

Q11. Which of the following is not a service that NBAR provides?
A. Protocol discovery
B. Collection of traffic statistics
C. Traffic classification
D. Traffic policing

Answer: D

Q12. Which of the following is true about loading a new PDLM?
A. You need to upgrade the IOS and reload your router.
B. You need to upgrade the IOS, but a reload is not necessary.
C. You do not need to upgrade the IOS, but a router reload is necessary.
D. You do not need to upgrade the IOS and do not need to reload either.

Answer: D

Q13. Which of the following is not an NBAR limitation?
A. NBAR can handle only up to 24 concurrent URLs.
B. NBAR analyzes only the first 400 bytes of the packet.
C. NBAR is not supported on interfaces in which tunneling or encryption is used.
D. NBAR is dependent on CEF.

Answer: C

Q14. Which of the following commands uses the NBAR classification feature within a class map?
A. match protocol protocol-name
B. match nbar protocol protocol-name
C. match protocol-name
D. match nbar protocol-name

Answer: A

Q15. What does the * character mean in a regular expression?
A. Match one of a choice of characters.
B. Match any zero or more characters in this position.
C. Match any one character in this position.
D. It means OR.

Answer: B

Q16. Define and explain classification.

Answer: Classification is the process or mechanism that identifies traffic and categorizes it into classes.

Q17. Define and explain marking.

Answer: Marking is the process of tagging or coloring traffic based on the category it falls into.You normally mark the traffic after it is classified.

Q18. What is the marker field on the 802.1Q/P frame called?

Answer: The marker field on the 802.1Q/P frame is called PRI (priority) or CoS (class of service).

Q19. What are the names and definitions for CoS values 0 through 7?

Answer: The names and definitions for CoS values 0 through 7 are as follows:
4

Q20. Which one of the DSCP PHBs provides backward compatibility with ToS-based IP precedence?

Answer: The class selector (CS) PHB (CS1 through CS7) provides backward compatibility with ToSbased IP precedence. The three least-significant DSCP bits are set to 000 to identify the class selector (CS) PHB.

Q21. What are the four DiffServ (DSCP) PHBs?

Answer: The four DiffServ (DSCP) PHBs are as follows:
Default PHB—Used for best-effort service (000—)
Class selector PHB—Used for backward compatibility with non-DiffServ-compliant devices (—000)
Assured forwarding (AF) PHB—Used for guaranteed bandwidth services
(001—, 010—, 011—, 100—)
Expedited forwarding (EF) PHB—Used for low-delay service (101110)

Q22. How is compatibility between MPLS and network layer QoS achieved?

Answer: Compatibility between MPLS and network layer QoS is achieved by mapping between MPLS EXP bits and IP precedence or DSCP bits. A service provider can map the customer network layer QoS marking or change it to meet an SLA.

Q23.What is a QoS service class?

Answer: A QoS service class is a logical grouping of packets that are to receive a similar level of applied quality

Q24. What is a trust boundary?

Answer: A trust boundary is the point within the network in which markings such as CoS or DSCP begin to be accepted. For scalability reasons, classification and marking should be done as close to the ingress edge of the network as possible, depending on the capabilities of the edge devices, at the end system, access layer, or distribution layer.

Q25. What is NBAR?

Answer: Network Based Application Recognition (NBAR) is a classification and protocol discovery tool or feature. You can use NBAR to perform three tasks:

  • Protocol discovery
  • Traffic statistics collection
  • Traffic classification

Q26. Name at least three limitations of NBAR

Answer: NBAR has several limitations:

  • NBAR does not function on Fast EtherChannel and on interfaces that are configured to use encryption or tunneling.
  • NBAR can only handle up to 24 concurrent URLs, hosts, or MIME types.
  • NBAR analyzes only the first 400 bytes of the packet.
  • NBAR supports only CEF and does not work if another switching mode is used.
    Multicast packets, fragmented packets, and packets that are associated with secure HTTP (URL, host, or MIME classification) are not supported.
  • NBAR does not analyze or recognize the traffic that is destined to or emanated from the router running NBAR.

Q27. List application support for NBAR.

Answer: You can use NBAR to recognize packets that belong to different types of applications: applications that use static (well-known) TCP or UDP port numbers, applications that use dynamic (negotiated during control session) port numbers, and some non-IP protocols. NBAR also can do deep-packet inspection and classify packets based on information stored beyond the IP, TCP, or UDP headers; for example, NBAR can classify HTTP sessions based on requested URL, MIME type, or hostname.

Q28. What is PDLM?

Answer: Packet Description Language Modules (PDLM) allow NBAR to recognize new protocols matching text patterns in data packets without requiring a new Cisco IOS software image or a router reload. PDLMs can also enhance an existing protocol recognition capability.

Q29. What types of RTP payload classification does NBAR offer?

Answer: NBAR offers audio, video, and CODEC-type RTP payload classifications.

Q30. Which match command within a class map allows you to identify FastTrack peer-to-peer protocols?

Answer: match protocol fasttrack file-transfer regular-expression allows you to identify FastTrack
peer-to-peer protocols.