Implementing Cisco IP Routing (ROUTE v2.0)

 

QUESTION 21

Refer to the exhibit. Which statement is true?

 

clip_image002

 

A.

Traffic from the 172.16.0.0/16 network will be blocked by the ACL.

B.

The 10.0.0.0/8 network will not be advertised by Router B because the network statement for the 10.0.0.0/8 network is missing from Router B.

C.

The 10.0.0.0/8 network will not be in the routing table on Router B.

D.

Users on the 10.0.0.0/8 network can successfully ping users on the 192.168.5.0/24 network, but users on the 192.168.5.0/24 cannot successfully ping users on the 10.0.0.0/8 network.

E.

Router B will not advertise the 10.0.0.0/8 network because it is blocked by the ACL.

 

Correct Answer: E

Explanation:

You can filter what individual routes are sent (out) or received (in) to any interface within your EIGRP configuration.

One example is noted above. If you filter outbound, the next neighbor(s) will not know about anything except the 172.16.0.0/16 route and therefore won’t send it to anyone else downstream. If you filter inbound, you won’t know about the route and therefore won’t send it to anyone else downstream.

 

 

QUESTION 22

A router with an interface that is configured with ipv6 address autoconfig also has a link-local address assigned. Which message is required to obtain a global unicast address when a router is present?

 

A.

DHCPv6 request

B.

router-advertisement

C.

neighbor-solicitation

D.

redirect

 

Correct Answer: B

Explanation:

Autoconfiguration is performed on multicast-enabled links only and begins when a multicast- enabled interface is enabled (during system startup or manually). Nodes (both, hosts and routers) begin the process by generating a link-local address for the interface. It is formed by appending the interface identifier to well-known link-local prefix FE80 :: 0. The interface identifier replaces the right-most zeroes of the link-local prefix.Before the link-local address can be assigned to the interface, the node performs the Duplicate Address Detection mechanism to see if any other node is using the same link-local address on the link. It does this by sending a Neighbor Solicitation message with target address as the “tentative” address and destination address as the solicited- node multicast address corresponding to this tentative address. If a node responds with a Neighbor Advertisement message with tentative address as the target address, the address is a duplicate address and must not be used. Hence, manual configuration is required.Once the node verifies that its tentative address is unique on the link, it assigns that link-local address to the interface. At this stage, it has IP-connectivity to other neighbors on this link.The autoconfiguration on the routers stop at this stage, further tasks are performed only by the hosts. The routers will need manual configuration (or stateful configuration) to receive site-local or global addresses.The next phase involves obtaining Router Advertisements from routers if any routers are present on the link. If no routers are present, a stateful configuration is required. If routers are present, the Router Advertisements notify what sort of configurations the hosts need to do and the hosts receive a global unicast IPv6 address.

Reference:

https://sites.google.com/site/amitsciscozone/home/important-tips/ipv6/ipv6-stateless-autoconfiguration

 

 

QUESTION 23

An engineer has configured a router to use EUI-64, and was asked to document the IPv6 address of the router. The router has the following interface parameters:

 

mac address C601.420F.0007

subnet 2001:DB8:0:1::/64

 

Which IPv6 addresses should the engineer add to the documentation?

 

A.

2001:DB8:0:1:C601:42FF:FE0F:7

B.

2001:DB8:0:1:FFFF:C601:420F:7

C.

2001:DB8:0:1:FE80:C601:420F:7

D.

2001:DB8:0:1:C601:42FE:800F:7

 

Correct Answer: A

Explanation:

Extended Unique Identifier (EUI), as per RFC2373, allows a host to assign iteslf a unique 64-Bit IP Version 6 interface identifier (EUI-64). This feature is a key benefit over IPv4 as it eliminates the need of manual configuration or DHCP as in the world of IPv4. The IPv6 EUI-64 format address is obtained through the 48-bit MAC address. The Mac address is first separated into two 24-bits, with one being OUI (Organizationally Unique Identifier) and the other being NIC specific. The 16-bit 0xFFFE is then inserted between these two 24-bits to for the 64-bit EUI address. IEEE has chosen FFFE as a reserved value which can only appear in EUI-64 generated from the EUI-48 MAC address.

Here is an example showing how the Mac Address is used to generate EUI.

 

clip_image004

 

Next, the seventh bit from the left, or the universal/local (U/L) bit, needs to be inverted. This bit identifies whether this interface identifier is universally or locally administered. If 0, the address is locally administered and if 1, the address is globally unique. It is worth noticing that in the OUI portion, the globally unique addresses assigned by the IEEE has always been set to 0 whereas the locally created addresses has 1 configured. Therefore, when the bit is inverted, it maintains its original scope (global unique address is still global unique and vice versa). The reason for inverting can be found in RFC4291 section 2.5.1.

Reference:

https://supportforums.cisco.com/document/100566/understanding-ipv6-eui-64-bit-address

 

 

QUESTION 24

For security purposes, an IPv6 traffic filter was configured under various interfaces on the local router. However, shortly after implementing the traffic filter, OSPFv3 neighbor adjacencies were lost. What caused this issue?

 

A.

The traffic filter is blocking all ICMPv6 traffic.

B.

The global anycast address must be added to the traffic filter to allow OSPFv3 to work properly.

C.

The link-local addresses that were used by OSPFv3 were explicitly denied, which caused the neighbor relationships to fail.

D.

IPv6 traffic filtering can be implemented only on SVIs.

 

Correct Answer: C

Explanation:

OSPFv3 uses link-local IPv6 addresses for neighbor discovery and other features, so if any IPv6 traffic filters are implemented be sure to include the link local address so that it is permitted in the filter list.

Reference:

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/unicast/configuration/guide/l3_cli_nxos/l3_ospfv3.html

 

 

QUESTION 25

What is the purpose of the autonomous-system {autonomous-system-number} command?

 

A.

It sets the EIGRP autonomous system number in a VRF.

B.

It sets the BGP autonomous system number in a VRF.

C.

It sets the global EIGRP autonomous system number.

D.

It sets the global BGP autonomous system number.

 

Correct Answer: A

Explanation:

To configure the autonomous-system number for an Enhanced Interior Gateway Routing Protocol (EIGRP) routing process to run within a VPN routing and forwarding (VRF) instance, use the autonomous-system command in address-family configuration mode. To remove the autonomous-system for an EIGRP routing process from within a VPN VRF instance, use the no form of this command.

autonomous-system autonomous-system-number

no autonomous-system autonomous-system-number

Reference:

http://www.cisco.com/c/en/us/td/docs/ios/iproute_eigrp/command/reference/ire_book/ire_a1.html# wp1062796

 

 

QUESTION 26

Which type of traffic does DHCP snooping drop?

 

A.

discover messages

B.

DHCP messages where the source MAC and client MAC do not match

C.

traffic from a trusted DHCP server to client

D.

DHCP messages where the destination MAC and client MAC do not match

 

Correct Answer: B

Explanation:

The switch validates DHCP packets received on the untrusted interfaces of VLANs with DHCP snooping enabled. The switch forwards the DHCP packet unless any of the following conditions occur (in which case the packet is dropped):

The switch receives a packet (such as a DHCPOFFER, DHCPACK, DHCPNAK, or DHCPLEASEQUERY packet) from a DHCP server outside the network or firewall.

The switch receives a packet on an untrusted interface, and the source MAC address and snooping MAC address verification option is turned on.

The switch receives a DHCPRELEASE or DHCPDECLINE message from an untrusted host with an entry in the DHCP snooping binding table, and the interface information in the binding table does not match the interface on which the message was received.

The switch receives a DHCP packet that includes a relay agent IP address that is not 0.0.0.0. To support trusted edge
switches that are connected to untrusted aggregation-switch ports, you can enable the DHCP option-82 on untrusted port feature, which enables untrusted aggregation- switch ports to accept DHCP packets that include option-82 information. Configure the port on the edge switch that connects to the aggregation switch as a trusted port.

Reference:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/snoodhcp.html

 

 

 

 

 

 

 

 

 

 

QUESTION 27

Refer to the exhibit. Which command only announces the 1.2.3.0/24 network out of FastEthernet 0/0?

 

clip_image006

 

A.

distribute list 1 out

B.

distribute list 1 out FastEthernet0/0

C.

distribute list 2 out

D.

distribute list 2 out FastEthernet0/0

 

Correct Answer: D

Explanation:

Access list 2 is more specific, allowing only 1.2.3.0/24, whereas access list 1 permits all 1.0.0.0/8 networks. This question also asks us to apply this distribute list only to the outbound direction of the fast Ethernet 0/0 interface, so the correct command is “distribute list 2 out FastEthernet0/0.”

 

 

QUESTION 28

Which prefix is matched by the command ip prefix-list name permit 10.8.0.0/16 ge 24 le 24?

 

A.

10.9.1.0/24

B.

10.8.0.0/24

C.

10.8.0.0/16

D.

10.8.0.0/23

 

Correct Answer: B

Explanation:

With prefix lists, the ge 24 term means greater than or equal to a /24 and the le 24 means less than or equal to /24, so only a /24 is both greater than or equal to 24 and less than or equal to 24. This translate to any prefix in the 10.8.x.0/24 network, where X is any value in the 0-255 range.

Only the choice of 10.8.0.0.24 matches this.

 

 

QUESTION 29

Router A and Router B are configured with IPv6 addressing and basic routing capabilities using OSPFv3. The networks that are advertised from Router A do not show up in Router B’s routing table. After debugging IPv6 packets, the message “not a router” is found in the output. Why is the routing information not being learned by Router B?

 

A.

OSPFv3 timers were adjusted for fast convergence.

B.

The networks were not advertised properly under the OSPFv3 process.

C.

An IPv6 traffic filter is blocking the networks from being learned via the Router B interface that is connected to Router A.

D.

IPv6 unicast routing is not enabled on Router A or Router B.

 

Correct Answer: D

Explanation:

show ipv6 traffic Field Descriptions

Field

Description

source-routed

Number of source-routed packets.

truncated

Number of truncated packets.

format errors

Errors that can result from checks performed on header fields, the version number, and packet length.

not a router

Message sent when IPv6 unicast routing is not enabled.

 

Reference:

http://www.cisco.com/c/en/us/td/docs/ios/ipv6/command/reference/ipv6_book/ipv6_16.html

 

 

QUESTION 30

After you review the output of the command show ipv6 interface brief, you see that several IPv6 addresses have the 16-bit hexadecimal value of “FFFE” inserted into the address. Based on this information, what do you conclude about these IPv6 addresses?

 

A.

IEEE EUI-64 was implemented when assigning IPv6 addresses on the device.

B.

The addresses were misconfigured and will not function as intended.

C.

IPv6 addresses containing “FFFE” indicate that the address is reserved for multicast.

D.

The IPv6 universal/local flag (bit 7) was flipped.

E.

IPv6 unicast forwarding was enabled, but IPv6 Cisco Express Forwarding was disabled.

 

Correct Answer: A

Explanation:

Extended Unique Identifier (EUI), as per RFC2373, allows a host to assign iteslf a unique 64-Bit IP Version 6 interface identifier (EUI-64). This feature is a key benefit over IPv4 as it eliminates the need of manual configuration or DHCP as in the world of IPv4. The IPv6 EUI-64 format address is obtained through the 48-bit MAC address. The Mac address is first separated into two 24-bits, with one being OUI (Organizationally Unique Identifier) and the other being NIC specific. The 16-bit 0xFFFE is then inserted between these two 24-bits to for the 64-bit EUI address. IEEE has chosen FFFE as a reserved value which can only appear in EUI-64 generated from the an EUI-48 MAC address.

Here is an example showing how a the Mac Address is used to generate EUI.

 

clip_image008

Next, the seventh bit from the left, or the universal/local (U/L) bit, needs to be inverted. This bit identifies whether this interface identifier is universally or locally administered. If 0, the address is locally administered and if 1, the address is globally unique. It is worth noticing that in the OUI portion, the globally unique addresses assigned by the IEEE has always been set to 0 whereas the locally created addresses has 1 configured. Therefore, when the bit is inverted, it maintains its original scope (global unique address is still global unique and vice versa). The reason for inverting can be found in RFC4291 section 2.5.1.

 

clip_image010

 

Once the above is done, we have a fully functional EUI-64 format address.

Reference:

https://supportforums.cisco.com/document/100566/understanding-ipv6-eui-64-bit-address

 

Free VCE & PDF File for Cisco 300-101 Practice Test

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …