| 1: | Explain the command match ip address { access-list - number name } [ access-list number name ]. |
| A1: | The command is used to match criteria in establishing the policy-based routing. Access lists are used to specify the addressing of the packets to be affected. |
| 2: | Explain the command ip route-cache policy . |
| A2: | This command is set on an incoming interface and enables the fast switching of policy-based routing. Before version 11.2 of the Cisco IOS software, policy-based routing was process-switched. This caused some applications to time out, but the problem has now been resolved. Fast switching of policy-based routing is disabled by default. Therefore, it is necessary to manually configure it. |
| 3: | State two benefits of using policy-based routing. |
| A3: | The benefits of policy-based routing include the following: -
- Organizations can determine traffic flow based on the origin of the traffic. They can send traffic owned by different groups across different paths. -
- QoS can be set in the IP header using the precedence or TOS bits. This allows certain traffic to be prioritized through the network. -
- High-cost links can be raised or made active on more specific criteria, which allows an efficient use of the resources available. -
- Traffic can be sent across multiple paths based on traffic characteristics. |
| 4: | How are matching routes modified in a route map? |
| A4: | Using the set command modifies matching routes. If the criteria are met in the match command and the action was to permit, the set criteria is initiated to control the routing as specified. |
| 5: | Explain the command set ip default next -hop [ ip-address...ip-address ]. |
| A5: | This command provides a list of IP addresses for traffic if there is no explicit route in the routing table for the destination address of the packet. These addresses are those of next-hop routers or of the interfaces of adjacent routers. If multiple next-hop addresses are listed, then the first address is tried. If it is unavailable, the others are tried in turn . |
| 6: | Which command displays route maps that are configured on interfaces? |
| A6: | The command show ip policy displays the route maps used for policy-based routing on the router's interfaces. The command show route-map [ map-name ] displays the route maps. |
| 7: | What command is used to attach a route map to an incoming interface? |
| A7: | The command ip policy route-map map-tag assigns the route map to the incoming interface where it examines all incoming packets and issues set commands on all packets that match at least one of the match criteria. |
| 8: | What is a map tag? |
| A8: | A map tag is the name of the route map to be used in policy-based routing. This must match a map tog specified by a route-map command. |
| 9: | Explain briefly the difference between the match and set commands. |
| A9: | The match command determines whether the packet will be routed using the route map, and the set command determines how the packet will be routed. |
| 10: | What are the criteria by which policy-based routes are determined? |
| A10: | Instead of routing by the destination address, policy-based routing allows you to determine and implement routing policies to allow or deny paths based on the following: -
- The identity of a particular end system -
- The application being run -
- The IP protocol in use -
- The size of packets |
| 11: | How would you block traffic that found no match? |
| A11: | The way to block traffic that is not matched in the route map is to add an extra line of configuration. Adding a set command at the end of the route map routes all unmatched routes to the interface null0. |
| 12: | What is the purpose of the sequence number in a route map? |
| A12: | Within a route map, each route map statement is numbered with sequence numbers and, therefore, can be edited individually. The sequence number is also used to specify the order in which conditions are checked. Thus, if there are two statements in a route map named BESTEST, one with sequence 5 and the other with sequence 15, sequence 5 is checked first. If there is no match for the conditions in sequence 5, then sequence 15 will be checked. |
| 13: | What logic is used if there are multiple match statements in the route map? |
| A13: | A route map statement might contain multiple match statements. All match statements in the route map statement must be considered true for the route map statement to be considered matched. This is a logical AND. |
| 14: | What parameters can an extended access list define in the route map selection process? |
| A14: | An extended IP access list is used to specify criteria based on source and destination, application, protocol type, TOS, and precedence. If multiple access list statements are specified, matching any one will result in a match. |
| 15: | How can policy-based routing save money for the network? |
| A15: | The very nature of policy-based routing allows the network to be streamlined and to forward traffic down cheaper circuits. The bulk traffic generated by a specific activity can be diverted to use a higher-bandwidth, high-cost link for a short time. Meanwhile, interactive traffic is provided basic connectivity over a lower-bandwidth, low-cost link. For example, a dial-on-demand ISDN line might be raised in response to traffic to a finance server for file transfers selected by policy-based routing. |
| 16: | What are some of the potential disadvantages of using policy-based routing? |
| A16: | The following are disadvantages of policy-based routing: -
- You need a backup path in place in case the defined next-hop router goes down. If there is no alternative defined, policy-based routing will default to dynamic routing decisions. -
- Additional CPU is required to examine every source address to affect the defined policy. -
- Extra configuration is required. -
- The possibility exists that other traffic will be disrupted. |
| 17: | Explain the use of the command match length min max . |
| A17: | This command is used to define the criteria based on the Layer 3 length of the packet. The min parameter states the minimum inclusive length of the packet allowed for a match. The max parameter states the maximum inclusive length of the packet allowed for a match. In this way, interactive traffic that is time-sensitive, such as SNA traffic tunneled in IP, can be sent on a dedicated route. Interactive traffic uses small packets, so the links could be dedicated by packet size, allowing file transfers using large packets to use a separate link so that the terminal sessions are not starved of resources. |
| 18: | Explain the following sample configuration. |
| A18: | Router(config)# interface s0 Router(config-if)# ip address 190.10.10.2 255.255.255.0 Router(config)# ip policy route-map tryout Router(config)# ! Router(config)# access-list 5 permit 140.10.0.0 0.0.255.255 Router(config)# ! Router(config)# route-map tryout permit 10 Router(config-route-map)# match ip address 5 Router(config-route-map)# set interface e1 Router(config-route-map)# set ip default next-hop 190.10.20.2 The serial interface has been configured with an IP address and has the route map tryout assigned to make decisions about inbound packets. The route map tryout is configured to send all packets that are destined for network with the address in the 140.10.0.0 network address space. All routes that have this destination address will be sent out of the interface e1, whereas all unknown addresses, including broadcasts, will be sent to the default next hop of 190.10.20.2. |
| 19: | Briefly explain the use of the command show ip policy . |
| A19: | This command displays the route maps used for policy-based routing on the router's interfaces. |
| 20: | Configuring route maps is complex, and it is easy to confuse the logic by which they work. State one of the things you should be aware of when configuring a route map. |
| A20: | When editing a route map statement with the no version of the existing command line, if you forget to type in the sequence number, you will delete the entire route map. |
