Chapter 13. Answer Key 1

Answers B and D are correct. The output shows that the switch is the root bridge. This can be learned from the line, We are the root of the spanning tree. The diameter value has not been modified from the default as evidenced by the spanning tree timers that are at their default parameters. This is evidenced by the line, hello 2, max age 20, forward delay 15. Answer A is incorrect because this switch is functioning as the root bridge; it is not the designated bridge. Answer C is incorrect. The output hello 2, max age 20, forward delay 15 shows us that the spanning tree timers have not been modified.

Answers C and D are correct. Examples of network solutions are IP telephony, multi-unit applications, content networking, and storage networking. Answer A is incorrect because quality of service is an example of an intelligent network service. Answer B is also incorrect because it is an intelligent network service. Finally, answer E is also incorrect because it is an intelligent network service as well.

Answer B is correct. The Building Distribution layer provides aggregation of Building Access devices often using Layer 3 switching. Answer A is incorrect because the Building Access layer provides connectivity to end-user systems in the campus. Answers C and D are incorrect because the Enterprise Core and the Campus Backbone each describe the same layers. They provide redundant and fast-converging connectivity between buildings.

Answer C is correct. A route processor is required to move traffic between VLANs in a campus network. That route processor can be internal in a multilayer switch, or it can be an external device such as a classic Cisco router. An example of an internal route processor would be a route switch module (RSM) or a multilayer switch feature card (MSFC). Answer A is incorrect. A core layer switch does not necessarily contain a route processor, which is required. Answer B is also incorrect. Software-based bridges do not possess a route processor. Finally, answer D is incorrect because a switch fabric card enables the increase of throughput on a switch, but does not provide route processor functionality.

Answer A is correct. The Building Access layer typically contains Layer 2 switching that provides simple and fast access for end users' systems in need of network connectivity. Answer B is incorrect. The Building Distribution layer also typically features Layer 3 switching because this is an aggregation point that requires routing. Answers C and D are incorrect. The Enterprise Core and the Campus Backbone each describe the same layers. They provide redundant and fast-converging connectivity between buildings and utilize either Layer 2 or Layer 3 switching.

Answers A, B, and C are correct. Speed and duplex mismatches are a common misconfiguration between the host and switches. You should ensure that this isn't the problem. Use the show mac dynamic command to ensure that the switch is properly learning the MAC address of the host as it should. You should also check the status of the port connection the status should appear as connected you can use the show interfaces command. Answer D is incorrect because the host does not need a default gateway configured to communicate with its local switch port.

Answers B and C are correct. The VLAN design enables you to increase the number of broadcast domains and allows for greater security. The increase of broadcast domains means smaller broadcast domains overall and a far lighter burden on end user systems due to large amounts of broadcast traffic. Answer A is incorrect because the creation of VLANs does not reduce the number of collision domains. Collision domains are increased with switching in general; in fact, this is a benefit of using switches in your design. Answer D is also incorrect. Using VLANs actually requires that you use Layer 3 routing in your design. With today's fast Layer 3 switches, this is not a disadvantage.

Answer D is correct. The local VLAN approach is used most often now in campus networks especially ones that feature centralized resources. As corporations have moved to centralize their resources, end-to-end VLANs have become more difficult to maintain. Users might use many different resources, including many that are no longer in their VLAN. Answer A is incorrect. Auxiliary VLANs are typically used for voice traffic. Answer B is incorrect because dynamic VLANs are not typically used due to the high administrative overhead involved as well as potential performance issues. Answer C is also incorrect because end-to-end VLANs are too difficult to maintain in most modern networks.

Answers C and D are correct. You can create VLANs in two main ways on Catalyst switches. Some switches allow the creation of VLANs in global configuration mode, whereas others require the use of the VLAN database mode. Answers A and B are both incorrect. You cannot create VLANs in Privilege EXEC mode, nor can you create VLANs in Interface configuration mode.

Answer C is correct. The switchport access vlan 200 command places the port in VLAN 200. If the VLAN you specify does not exist, the port will not become operational until you create the VLAN. Answers A, B, and D are incorrect. Each of these commands is invalid and will produce syntax error.

Answer C is correct. The dynamic desirable switch port DTP setting doesn't tag frames, but does cause the switch port to actively send and respond to DTP negotiation frames. Answer A is incorrect. The trunk mode sets the switch port to unconditional trunking mode and negotiates the port to become a trunk link. Answer B is also incorrect. The Nonegotiate option specifies that DTP negotiation packets are not sent on the interface. Finally, answer D is also incorrect. The Dynamic Auto setting has the port respond, but not to actively send DTP negotiation frames.

Answer B is correct. The 802.1Q Trunking protocol actually modifies the original Ethernet data frame. Answer A is incorrect. ISL encapsulation does not modify the original data frame. It adds a new header to the frame as it is carried over the trunk link. Answer C is incorrect because DTP allows for the dynamic negotiation of trunk links. Finally, answer D is also incorrect because VTP allows for the management of VLAN information in a campus network.

Answers A and D are correct. Both server mode and transparent mode allow for the creation, deletion, and modification of VLANs on the switch. Transparent mode will not propagate this information to other switches, however. Answer B is incorrect. There is no such mode as slave mode. Answer C is also incorrect because client mode does not allow for the creation, modification, and deletion of VLANs on the switch. Answer E is incorrect because there is no such mode as master mode.

Answers A and C are correct. VTP pruning increases available bandwidth by restricting the flooding of traffic to those trunk links that the traffic must use to access the appropriate network devices. It might have a negative impact on network update performance. Answer B is incorrect. You can implement VTP pruning only on VTP servers the setting cannot be configured on a client. Also answer D is incorrect. VTP pruning does not block spanning tree information.

Answers B, D, and E are correct. The three port states identified in RSTP (802.1w) are discarding, learning, and forwarding. Answers A and C are incorrect. The blocking and listening states are used in STP (802.1D) and are not used in RSTP.

Answer C is correct. An alternate port is a port blocked by receiving more useful BPDUs from another bridge. The alternate port becomes the root port if the active root port fails. Answer A is incorrect because the root port is the closet to the root bridge. Answer B is also incorrect. The designated port is the port on the designated bridge for each segment. Answer D is incorrect because the backup port becomes the designated port if the existing designated port fails. Finally, answer E is incorrect because the disabled port has no role within the operation of spanning tree.

Answer C is correct. The Multiple Spanning Tree enhancement from the IEEE enables the network administrator to map VLANs to spanning tree topologies as needed to properly model the physical topology. This enables the administrator to reduce the number of spanning tree topologies but still load-balance. Answer A is incorrect. PVST+ features a separate spanning tree instance for each VLAN. Answer B is incorrect because CST features a single instance of spanning tree for all VLANs. Finally, answer D is incorrect because PVST features a separate spanning tree instance for each VLAN.

Answer C is correct. Cisco relies on CEF (Cisco Express Forwarding) to implement topology-based switching. Answer A is incorrect. NetFlow-based switching uses multilayer forwarding engines. ASICs and the route processor work together to forward data at high speeds. Answer B is also incorrect. With distributed forwarding, the switching decision is made at the port or module level. Finally, answer D is also incorrect. With centralized forwarding, a single central forwarding table is used.

Answer C is correct. A switch virtual interface must be created when you want to route between VLANs, fallback-bridge non-routable protocols between VLANs, or to provide IP host connectivity to the switch. Answer A is incorrect because an access port carries the traffic of and belongs to only one VLAN. Answer B is also incorrect. A trunk port carries the traffic of multiple VLANs and is a member of all VLANs by default. Finally, answer D is incorrect. A routed port acts just like the port of a router.

Answer C is correct. In the speak state, the route processor sends periodic hello messages and actively participates in the election of the active and/or standby router. Answer A is incorrect. HSRP is not running in the initial state. Answer B is also incorrect. In the listen state, the router listens for hello messages. Answer D is also incorrect. In the standby state, the route processor is a candidate to become the next active router. Finally, answer E is also incorrect. In the active state, the router is currently forwarding packets that are sent to the virtual MAC address of the group.

Answer B is correct. In SSM deployment cases where IGMPv3 cannot be used because it isn't supported by the receiver host or the receiver applications, there are two Cisco-developed transition solutions that enable the immediate deployment of SSM services: URL Rendezvous Directory (URD) and IGMP Version 3 lite (IGMP v3lite). Answer A is incorrect. Cisco Group Management Protocol (CGMP) limits the forwarding of IP multicast packets to only those ports associated with IP multicast clients. Answer C is also incorrect. Protocol Independent Multicast is a routing protocol for multicast traffic, there are two types of PIM protocols: Dense Mode (DM) and Sparse Mode (SM). Finally, answer D is also incorrect. IGMP snooping allows a switch to snoop or capture information from IGMP packets being sent back and forth between hosts and a router.

Answer B is correct. The show spanning-tree inconsistentports command enables you to quickly determine whether any ports are in the root-inconsistent state under root guard. Answers A, C, and D are incorrect. Unidirectional Link Detection does not place ports in the inconsistent state, nor does BDPU Guard or EtherChannel.

Answer A is correct. The default port cost for Fast Ethernet is 19. Setting the VLAN port cost to 20 makes it less likely to be placed in forwarding mode when compared to a default configuration of Fast Ethernet. Answer B is incorrect. Because the default cost is 19, this port is less likely to be in forwarding mode. Answer C is incorrect. Although manipulating the port cost value does not directly influence root bridge selection, it does manipulate the forwarding state of the port. Finally, answer D is incorrect. To influence the root bridge selection, you should use bridge priority.

Answer D is correct. The standard value for secondary root bridge operation is 8192. Answer A is incorrect. The value 32768 is the default priority value. Answer B is incorrect. The value of 4096 is typically used to set the device as the root bridge. Answer C is also incorrect. 24982 is not a typical priority setting.

Answers B and C are correct. The listening and learning states are affected by the Forward Delay timer, which has a default of 15 seconds. Answer A is incorrect. The blocking state is directly affected by the Max Age value. Answer D is also incorrect. The forwarding state is not directly attributed to a timer.

Answer C is correct. Four criteria are used in the decision-making process, and they are used in the following order: lowest root bridge ID; lowest path cost to the root bridge; lowest sender bridge ID; lowest port ID. Answers A, B, and D are incorrect. These options do not convey the correct order of the four criteria that are used in the decision-making process.

Answer B is correct. The default timer setting for Max Age is 20 seconds; the possible range is 6 to 40 seconds. Answer A is incorrect. 15 seconds is the default value for the forward delay value, not max age. Answer C is also incorrect. 30 seconds is not a valid timer default. Finally, answer D is also incorrect. 50 seconds is the default time that a port takes to transition from the blocking state to the forwarding state.

Answer B is correct. To globally enable the IP multicast routing protocol, use the global configuration command: ip multicast-routing. Answers A, C, and D are incorrect. These commands are invalid and all produce syntax errors.

Answer D is correct. Negotiation parameters do not need to be identical. For example, one side of the trunk may be set to desirable, while the other is set to auto. In fact, this is the most common configuration with Cisco equipment. Answers A, B, and C are incorrect. Identical speed settings, identical duplex settings, and identical trunk encapsulation parameters are all required.

Answer C is correct. The data link layer encompasses hardware-based bridging. Answer A is incorrect. The presentation layer is concerned with data encryption and presentation including formatting issues. Answer B is also incorrect. The network layer involves routing. Finally, answer D is also incorrect. The transport layer encompasses an addressing system used for delivery.

Answer D is correct. The 2900 series switches are perfect for the access layer and provide high port densities at a low cost. Answer A is incorrect. The Catalyst 8500 family of Cisco devices is often found in the core layer in order to provide very high data transfers from one area of the network to another. Answer B is incorrect. The Catalyst 4000 series provides control from the backbone to the network edge. This series of switches has the ability to provide intelligent network services including advanced quality of service (QoS), scalable performance, security, and simple manageability. Answer C is also incorrect. Although the 6500 Series can function at any layer of the campus, it is most often appropriate for the distribution or core layers.

Answers B, C, and D are all correct. A destination port in one SPAN cannot be a destination port for another SPAN. EtherChannel interfaces can be SPAN sources. Ports cannot be configured as both sources and destinations. Answer A is incorrect. Layer 2 switched ports and Layer 3 ports may function as SPAN sources or destinations.

Answers B, C, and D are correct. RSPAN VLANs can be used only for RSPAN traffic, and you cannot configure any ports in an RSPAN VLAN except those selected to carry RSPAN traffic. Finally, RSPAN does not support BPDU monitoring. Answer A is incorrect. Networks impose no limit on the number of RSPAN VLANs that the network can carry.

Answer D is correct. The Network Analysis module gathers multilayer information about data and voice flows. Answer A is incorrect. The FlexWAN module allows WAN connectivity via the 6000/6500 series switches. Answer B is also incorrect. An RMON probe is a dedicated hardware device for monitoring the network and is not a module. Answer C is also incorrect. An IDS module allows the 6000/6500 to monitor traffic for security breaches.

Answer A is correct. These commands create an authentication list named securelist. It is applied to the console port and indicates that TACACS+ should authenticate logins. If the service is not available, the local security database is used. Answer B is incorrect. If TACACS+ is not available, logins may still be permitted thanks to the local security accounts database. Answer C is incorrect. The services are attempted in order. If an account does not exist in one of them, the login fails. Answer D is incorrect. This is a valid configuration. No default list must be created.

Answer C is correct. To enter VLAN database configuration mode, the VLAN database command is issued from Privilege EXEC mode. Answer A is incorrect. (config) indicates global configuration mode. Answer B is incorrect. (config-if) indicates interface configuration mode. Answer D is also incorrect. (config-vlan) indicates VLAN configuration mode.

Answer D is correct. The native VLAN is not used to represent multiple spanning tree instances to common spanning tree domains. Answers A, B, and C are incorrect because they are valid statements. The native VLAN allows untagged frames to be sourced and received over 802.1Q trunks. This VLAN also becomes the VLAN of a trunk port if it is in nonoperational trunk mode.

Answer A is correct. The Generic Bridge PDU Tunneling (GBPT) solution allows the tunneling of protocol data units through a service provider cloud. Answer B is incorrect. RSTP enhanced standard spanning tree technologies for faster convergence. Answer C is incorrect. Multiple spanning tree enhances the 802.1Q protocol to support multiple instances of spanning tree. Finally, answer D is also incorrect. PVST+ is Cisco's implementation of multiple spanning trees.

Answers A and C are correct. ISL is proprietary to Cisco and is not supported on switches from many other vendors. It demonstrates true encapsulation by placing a new header and frame check sequence (FCS) on the original frame. Answer B is incorrect because 802.1Q is not protocol-independent; it must be used with Ethernet-type VLANs such as 802.3 Ethernet and 802.5 token ring. Also, answer D is not correct ISL contains two FCS fields, not 802.1Q.

Answer B is correct. Nonegotiate causes the port not to participate in DTP. You must configure the other port in the trunk link for trunking manually. Answer A is incorrect access causes permanent nontrunking mode and DTP frames are sent. Answer C is also incorrect. Dynamic desirable causes the link to attempt to trunk DTP frames are sent. Finally, answer D is also incorrect. Dynamic auto makes the interface willing to trunk DTP frames are used.

Answer B is correct. The link between the customer device and the service provider edge switch is called an asymmetric link because one end is a trunk port and the other is a tunnel port. Answer A is incorrect. A trunk link is not used between the enterprise and the service provider. Answers C and D are incorrect. A tunnel link is not used in 802.1Q tunneling, nor is an access link.

Answers A, B, and C are correct. Common troubleshooting steps include verifying encapsulations, switch port modes, and native VLAN configurations in the case of 802.1Q. Answer D is incorrect. VLAN mapping is not a valid troubleshooting step.

Answer C is correct. Use the switchport trunk native VLAN command to specify the native VLAN. VLAN 1 is the default. Answers A, B, D, and E are incorrect. Native 10 produces a syntax error, as does every other option presented.

Answers B and D are correct. VTP pruning is disabled on this switch as evidenced by the VTP Pruning Mode : Disabled output. Also, the domain name is test as evidenced by the output: VTP Domain Name : test. Answers A and C are incorrect. The switch is not running VTP version 2 as evidenced by the output VTP V2 Mode : Disabled. Because this switch is running in server mode, VLANs can be created, modified, and deleted on this device.

Answers C and D are correct. The most common cause for the nonpropagation of VLAN information over VTP domains is the misconfiguration of trunk links or domain names on devices. Answer A is incorrect. Only one or two VTP server systems should exist in the network. Answer B is also incorrect. Currently, only two versions of VTP exist: version 1 and version 2.

Answers A, B, and C are correct. All of these statements accurately describe transparent bridging. Answer D is incorrect. Unknown unicast destination addresses are flooded Known unicast destination addresses are intelligently forwarded.

Answers A and C are correct. Each switch in a Spanning Tree topology has a unique Bridge ID value. It is made up of a Bridge Priority value and a MAC address. Answer B is incorrect. Port Cost is a Spanning Tree value, but it is not part of the Bridge ID. Answer D is also incorrect instance ID is not a valid Spanning Tree component.

Answers A and D are correct. Metro Ethernet over DWDM is an implementation option that provides gigabit rates with easy configuration and transparency. It is typically used in the long-distance, ultra-high-bandwidth transport market. Answer B is incorrect. Scalability is not viewed as an advantage. Also, answer C is incorrect. Distance capabilities are not viewed as an advantage for Metro Ethernet over DWDM. Also, answer E is incorrect. Statistical multiplexing provisions are not viewed as an advantage.

Answers B, C, and D are all correct. Low latency queuing, weighted fair queuing, and class-based weighted fair queuing are all congestion management tools available for use in campus networks. Answer A is incorrect because link fragmentation and interleaving is considered a link efficiency mechanism, not a congestion management tool.

Answer B is correct. The priority command is used to allow delay-sensitive data to be dequeued and sent first. Answer A is incorrect. You use the fair-queue interface configuration command to enable weighted fair queuing (WFQ) for an interface. Answer C is incorrect. You use the class-map global configuration command to create a class map to be used for matching packets to a specified class. Finally, answer D is incorrect. You use the policy-map command to access the QoS policy map configuration mode to configure the QoS policy map.

Answer B is correct. You should use the debug priority command in order to display priority queuing output. Answer A is incorrect. The debug ip rsvp command displays information about Subnetwork Bandwidth Manager (SBM) message processing and other RSVP-related parameters. Answer C is incorrect. The debug multilink ppp command is not valid. Finally, answer D is incorrect. Use the debug ppp multilink fragments command to display information about individual multilink fragments and important multilink events.

Answer A is correct. An Ether ACL is a non-existent ACL type. Answers B, C, and D are incorrect because router, VLAN, and QoS are valid types of ACLs.

Answer A is correct. Private VLAN infrastructures define isolated, community, and promiscuous ports. An isolated port features complete Layer 2 separation from other ports within the same private VLAN except for the promiscuous port. Answer B is incorrect. There is no separated port in a private VLAN. Answer C is also incorrect. Community ports feature the ability to communicate amongst themselves and with promiscuous ports. Answer D is also incorrect. Promiscuous ports (as their name implies) communicate with all interfaces.

Answer C is correct. The recommended configuration of PIM on a specific interface is to use ip pim sparse-dense-mode. In this case, the interface is treated as dense mode if the group is in dense mode or sparse mode if the group is in sparse mode. Answer A is incorrect. ip pim dense-mode configures the interface for dense mode. Answer B is also incorrect. ip pim sparse-mode configures the interface for sparse mode. Finally, answer D is also incorrect. ip pim dense-sparse-mode is not a valid command.

Answer B is correct. If UplinkFast is enabled on a root port and the link that is directly connected to that port fails, the port can transition from the blocking state to the forwarding state in as little as 3 seconds after the detection of the failure. Answer A is incorrect. PortFast eliminates the delay encountered by computers that are connected directly to a switch in an STP network. Enabling PortFast on a port allows it to begin forwarding as soon as the connected computer boots, rather than waiting the default 50 seconds. Answer C is incorrect. BackboneFast reduces the convergence time that results when an inferior Bridge Protocol Data Unit (BPDU) is detected. Finally, answer D is also incorrect. RSTP is not a Cisco proprietary mechanism.

Answers A and C are correct. VLAN trunking is supported by the IEEE standards 802.10 and 802.1q. IEEE 802.10 defines VLAN trunking over FDDI. IEEE 802.1q defines a standardized method of trunking between different vendors' devices. Answers B and D are incorrect. 802.1d defines Spanning Tree Protocol, and 802.4 defines the Token Bus standard.

Answer B is correct. An access link can be a member of only one VLAN. Answer A is incorrect. A trunk link (not an access link) carries multiple VLAN traffic. Answer C is also incorrect. 802.1Q trunk ports may receive tagged and untagged frames. Answer D is also incorrect. Trunk ports are typically used to connect access layer and distribution layer switches.

Answer C is correct. A crossover cable is used to connect like devices; in this case, two switches. Answer A is incorrect. A straight-through cable is used to connect unlike devices. For example, a switch and an end-user workstation. Answer B is incorrect. A rollover cable is used to connect to the console port of the switch. Finally, answer D is incorrect. A null-modem cable is not used to connect switches to other switches, but is sometimes used for serial connections.

Answer B is correct. All multicast frames have the same prefix of 01:00:5e. This is the first 24 bits of the MAC address in question. The remainder of the MAC address is derived from the IP multicast address. Answers A, C, and D are incorrect because they do not specify 01:00:5e.

Answers A, B, and C are correct. Core-Based Trees (CBT) is not typically implemented today. It was the first initial and experimental center-based tree multicast routing protocol. Protocol Independent Multicast is commonly used, however. DVMRP is a multicast routing protocol that uses a technique known as reverse path forwarding. Answer D is incorrect. IGMP is used with multicast, but it is not a routing protocol. IGMP provides a way for an Internet computer to report its multicast group membership to adjacent routers.