Implementing Cisco Switched Networks Part 4
Dumps, Free Dumps, VCP5 Dumps| VMware Dumps, VCP Dumps, VCP4 Dumps, VCAP Dumps, VCDX Dumps, Cisco Dumps, CCNA, CCNA640-802, CCNA Dumps, CCNP Dumps, CCIE Dumps, ITIL, Exin Dumps, ITIL Dumps, ITIL3 Dumps, ITIL4 Dumps, ITIL 2012 Dumps, CWNP Dumps, PW0-050, PW0-070, Microsoft, Microsoft Dumps, MCTS Dumps, MCP Dumps, MCSA Dumpe, MCITP Dumps, 70-640, 70-642, 70-643, Oracle, Oracle Dumps, CompTIA, Sun Dumps, RedHat Dumps, Other Dumps, Novell Dumps, Other Dumps, Citrix Dumps, 1Y0-A19, 1Y0-A20 ITIL V3,
-->
Exam Vendor: Cisco
Exam Code: Cisco-642-813
Exam Name: CCNA
Dumps, Free Dumps, VCP5 Dumps| VMware Dumps, VCP Dumps, VCP4 Dumps, VCAP Dumps, VCDX Dumps, Cisco Dumps, CCNA, CCNA640-802, CCNA Dumps, CCNP Dumps, CCIE Dumps, ITIL, Exin Dumps, ITIL Dumps, ITIL3 Dumps, ITIL4 Dumps, ITIL 2012 Dumps, CWNP Dumps, PW0-050, PW0-070, Microsoft, Microsoft Dumps, MCTS Dumps, MCP Dumps, MCSA Dumpe, MCITP Dumps, 70-640, 70-642, 70-643, Oracle, Oracle Dumps, CompTIA, Sun Dumps, RedHat Dumps, Other Dumps, Novell Dumps, Other Dumps, Citrix Dumps, 1Y0-A19, 1Y0-A20 ITIL V3,
-->
Exam D
QUESTION 1
VTP Lab Sim 1
The headquarter offices for a book retailer are enhancing their wiring closets with Layer3
switches. The new distribution-layer switch has been installed and a new access-layer
switch cabled to it. Your task is to configure VTP to share VLAN information from the
distribution-layer switch to the access-layer devices. Then, it is necessary to configure
interVLAN routing on the distribution layer switch to route traffic between the different
VLANs that are configured on the access-layer switches; however, it is not necessary for
you to make the specific VLAN port assignments on the access-layer switches. Also,
because VLAN database mode is being deprecated by Cisco, all VLAN and VTP
configurations are to be completed in the global configuration mode. Please reference the
following table for the VTP and VLAN information to be configured:
Requirements:
These are your specific tasks:
1. Configure the VTP information with the distribution layer switch as the VTP server
2. Configure the VTP information with the access layer switch as a VTP client
3. Configure VLANs on the distribution layer switch
4. Configure inter-VLAN routing on the distribution layer switch
5. Specific VLAN port assignments will be made as users are added to the access layer
switches in the future.
6. All VLANs and VTP configurations are to completed in the global configuration. To
configure the switch click on the host icon that is connected to the switch be way of a serial
console cable.
A.
B.
C.
D.
Correct Answer: C
Section: Module: Simmulation
Explanation
Explanation/Reference:
DLSwitch# conf t
DLSwitch(config)# vtp mode server
DLSwitch(config)# vtp domain cisco
DLSwitch(config)# vlan 20
DLSwitch(config)# vlan 21
DLSwitch(config)# int vlan 20
DLSwitch(config-if)# ip address 172.16.236.1 255.255.255.0
DLSwitch(config-if)# no shutdown
DLSwitch(config-if)# exit
DLSwitch(config)# int vlan 21
DLSwitch(config-if)# ip address 172.16.170.1 255.255.255.0
DLSwitch(config-if)# no shutdown
DLSwitch(config-if)# exit
DLSwitch(config)# ip routing
DLSwitch(config)# end
DLSwitch# copy running-config startup-config
====================================================================
ALSwitch# conf t
ALSwitch(config)# vtp mode client
ALSwitch(config)# vtp domain cisco
ALSwitch(config)# end
ALSwitch# copy running-config startup-config
====================================================================
Notice: do a "sh vtp stat" on both devices to see if the VLANs is advitise out.
QUESTION 2
VTP Lab Sim 2
Acme is small export company that has an existing enterprise network comprised of 5 switches; CORE,DSW1,
DSW2,ASW1 and ASW2. The topology diagram indicates their desired pre-VLAN spanning tree mapping.
Previous configuration attempts have resulted in the following issues:
- CORE should be the root bridge for VLAN 20; however, DSW1 is currently the root bridge for VLAN 20.
- Traffic for VLAN 30 should be forwarding over the gig 1/0/6 trunk port between DSW1 and DSW2.
However VLAN 30 is currently using gig 1/0/5.
- Traffic for VLAN 40 should be forwarding over the gig 1/0/5 trunk port between DSW1 and DSW2.
However VLAN 40 is currently using gig 1/0/6.
You have been tasked with isolating the cause the these issuer and implementing the appropriate solutions.
You task is complicated by the fact that you only have full access to DSW1, with isolating the cause of these
issues and implementing the appropriate solutions, Your task is complicated by the fact that you only have full
access to DSW1, with the enable secret password cisco. Only limited show command access is provided on
CORE, and DSW2 using the enable 2 level with a password of acme. No configuration changes will be possible
on these routers. No access is provided to ASW1 or ASW2.
A.
B.
C.
D.
Correct Answer:
Section: Module: Simmulation
Explanation
Explanation/Reference:
Source: http://www.certprepare.com/vtp-lab-2#more-48
1) “CORE should be the root bridge for VLAN 20; however, DSW1 is currently the root bridge for VLAN
20″ -> We need to make CORE switch the root bridge for VLAN 20.
By using the “show spanning-tree” command as shown above, we learned that DSW1 is the root bridge for
VLAN 20 (notice the line “This bridge is the root”).
DSW1>enable
DSW1#show spanning-tree
To determine the root bridge, switches send and compare their priorities and MAC addresses with each other.
The switch with the lowest priority value will have highest priority and become the root bridge. Therefore, we
can deduce that the priority of DSW1 switch is lower than the priority of the CORE switch so it becomes the root
bridge. To make the CORE the root bridge we need to increase the DSW1′s priority value, the best value
should be 61440 because it is the biggest value allowed to assign and it will surely greater than of CORE
switch. (You can use another value but make sure it is greater than the CORE priority value by checking if the
CORE becomes the root bridge or not; and that value must be in increments of 4096).
(Notice that the terms bridge and switch are used interchangeably when discussing STP)
DSW1#configure terminal
DSW1(config)#spanning-tree vlan 20 priority 61440
2) “Traffic for VLAN 30 should be forwarding over the gig 1/0/6 trunk port between DSW1 and DSW2.
However VLAN 30 is currently using gig 1/0/5″
DSW1 is the root bridge for VLAN 30 (you can re-check with the show spanning-tree command as above), so
all the ports are in forwarding state for VLAN 30. But the question said that VLAN 30 is currently using Gig1/0/5
so we can guess that port Gig1/0/6 on DSW2 is in blocking state (for VLAN 30 only), therefore all traffic for
VLAN 30 will go through port Gig1/0/5.
The root bridge for VLAN 30, DSW1, originates the Bridge Protocol Data Units (BPDUs) and switch DSW2
receives these BPDUS on both Gig1/0/5 and Gig1/0/6 ports. It compares the two BPDUs received, both have
the same bridge-id so it checks the port cost, which depends on the bandwidth of the link. In this case both
have the same bandwidth so it continues to check the sender’s port id (includes port priority and the port
number of the sending interface). The lower port-id value will be preferred so the interface which received this
port-id will be the root and the other interface (higher port-id value) will be blocked.
In this case port Gig1/0/6 of DSW2 received a Priority Number of 128.6 (means that port priority is 128 and port
number is 6) and it is greater than the value received on port Gig1/0/5 (with a Priority Number of 128.5) so port
Gig1/0/6 will be blocked. You can check again with the “show spanning-tree” command. Below is the output
(notice this command is issued on DSW1 – this is the value DSW2 received and used to compare).
Therefore, all we need to do is to change the priority of port Gig1/0/6 to a lower value so the neighboring port
will be in forwarding state. Notice that we only need to change this value for VLAN 30, not for all VLANs.
DSW1(config)#interface g1/0/6
DSW1(config-if)#spanning-tree vlan 30 port-priority 64
DSW1(config-if)#exit
3) “Traffic for VLAN 40 should be forwarding over the gig 1/0/5 trunk port between DSW1 and DSW2.
However VLAN 40 is currently using gig 1/0/6″
Next we need to make sure traffic for VLAN 40 should be forwarding over Gig1/0/5 ports. It is a similar job,
right? But wait, we are not allowed to make any configurations on DSW2, how can we change its port-priority
for VLAN 40? There is another solution for this…
Besides port-priority parameter, there is another value we can change: the Cost value (or Root Path Cost).
Although it depends on the bandwidth of the link but a network administrator can change the cost of a spanning
tree, if necessary, by altering the configuration parameter in such a way as to affect the choice of the root of the
spanning tree.
Notice that the Root Path Cost is the cost calculated by adding the cost in the received hello to the cost of the
interface the hello BPDU was received. Therefore if you change the cost on an interface of DSW1 then only
DSW1 will learn the change.
By default, the cost of a 100Mbps link is 19 but we can change this value to make sure that VLAN 40 will use
interface Gig1/0/5.
DSW1(config)#interface g1/0/5
DSW1(config-if)#spanning-tree vlan 40 cost 1
DSW1(config-if)#end
You should re-check to see if everything was configured correctly:
DSW1#show spanning-tree
Save the configuration:
DSW1#copy running-config startup-config
(Notice: Many reports said the copy running-config startup-config didn’t work but they still got the full mark)
Remember these facts about Spanning-tree:
Path Selection:
1) Prefer the neighbor advertising the lowest root ID
2) Prefer the neighbor advertising the lowest cost to root
3) Prefer the neighbor with the lowest bridge ID
4) Prefer the lowest sender port ID
Spanning-tree cost:
===========================================================
Summarized answer:
DSW1# conf t
DSW1(config)# spanning-tree vlan 20 priority 61440
DSW1(config)# int g1/0/5
DSW1(config-if)# spanning-tree vlan 40 cost 1
DSW1(config-if)# no shut
DSW1(config-if)# exit
DSW1(config)# int g1/0/6
DSW1(config-if)# spanning-tree vlan 30 port-priority 64
DSW1(config-if)# no shut
DSW1(config-if)# end
DSW1# copy running-config startup-config
Verification:
DSW1# show spanning-tree vlan 20
DSW1# show spanning-tree vlan 40
DSW2# show spanning-tree vlan 30
QUESTION 3
STP Lab Sim
Refer to the Exhibit.
The information of the question
You will configure FastEthernet ports 0/12 through 0/24 for users who belong to VLAN 20. Also, all VLAN and
VTP configurations are to be completed in global configuration mode as VLAN database mode is being
deprecated by Cisco. You are required to accomplish the following tasks:
1. Ensure the switch does not participate in VTP but forwards VTP advertisements received on trunk ports.
2. Ensure all non-trunking interfaces (Fa0/1 to Fa0/24) transition immediately to the forwarding state of
Spanning-Tree.
3. Ensure all FastEthernet interfaces are in a permanent non-trunking mode.
4. Place FastEthernet interfaces 0/12 through 0/24 in VLAN 20
A.
B.
C.
D.
Correct Answer:
Section: Module: Simmulation
Explanation
Explanation/Reference:
switch# conf t
switch(config)# vtp mode transparent
switch(config)# int range fa0/1 - 24
switch(config-if-range)# switchport mode access
switch(config-if-range)# spanning-tree portfast
switch(config)# int range fa0/12 - 24
switch(config-if-range)# switchport access vlan 20
switch(config-if-range)# end
switch# copy running-config startup-config
=====================================================================================
====0
VTP:
The role of the VLAN Trunking Protocol (VTP) is to maintain VLAN configuration consistency across the entire
network. VTP is a messaging protocol that uses Layer 2 trunk frames to manage the addition, deletion, and
renaming of VLANs on a network-wide basis from a centralized switch that is in the VTP server mode. VTP is
responsible for synchronizing VLAN information within a VTP domain. This reduces the need to configure the
same VLAN information on each switch. VTP minimizes the possible configuration inconsistencies that arise
when changes are made. These inconsistencies can result in security violations, because VLANs can
crossconnect when duplicate names are used. They also could become internally disconnected when they are
mapped from one LAN type to another, for example, Ethernet to ATM LANE ELANs or FDDI 802.10 VLANs.
VTP provides a mapping scheme that enables seamless trunking within a network employing mixed-media
technologies.
VTP provides the following benefits:
VLAN configuration consistency across the network
Mapping scheme that allows a VLAN to be trunked over mixed media Accurate tracking and monitoring of
VLANs
Dynamic reporting of added VLANs across the network
Plug-and-play configuration when adding new VLANs
There are three different VTP modes:
1. Server:
By default, a Catalyst switch is in the VTP server mode and in the "no management domain" state until the
switch receives an advertisement for a domain over a trunk link or a VLAN management domain is configured.
A switch that has been put in VTP server mode and had a domain name specified can create, modify, and
delete VLANs. VTP servers can also specify other configuration parameters such as VTP version and VTP
pruning for the entire VTP domain. VTP information is stored in NVRAM.
VTP servers advertise their VLAN configuration to other switches in the same VTP domain, and synchronize
the VLAN configuration with other switches based on advertisements received over trunk links. When a change
is made to the VLAN configuration on a VTP server, the change is propagated to all switches in the VTP
domain. VTP advertisements are transmitted out all trunk connections, including ISL, IEEE 802.1Q, IEEE
802.10, and ATM LANE trunks.
2. Client:
The VTP client maintains a full list of all VLANs within the VTP domain, but it does not store the information in
NVRAM. VTP clients behave the same way as VTP servers, but it is not possible to create, change, or delete
VLANs on a VTP client. Any changes made must be received from a VTP server advertisement.
3. Transparent
VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN
configuration, and does not synchronize its VLAN configuration based on received advertisements. However, in
VTP Version 2, transparent switches do forward VTP advertisements that the switches receive out their trunk
ports. VLANs can be configured on a switch in the VTP transparent mode, but the information is local to the
switch (VLAN information is not propagated to other switches) and is stored in NVRAM.
To change the VTP mode:
Switch(Config)# vtp mode <Mode>
Or
Switch#vlan database
Switch#vtp <mode>
PortFast
A prime reason for enabling PortFast is in cases where a PC boots in a period less than the 30 seconds it takes
a switch to put a port into forwarding mode from disconnected state. Some NICs do not enable a link until the
MAC layer software driver is actually loaded. Most operating systems try to use the network almost immediately
after loading the driver, as in the case of DHCP. This can create a problem because the 30 seconds of STP
delay from listening to Forwarding states begins right when the IOS begins trying to access the network. In the
case of DHCP, the PC will not obtain a valid IP address from the DHCP server. This problem is common with
PC Card (PCMCIA) NICs used in laptop computers. Additionally, there is a race between operating systems
and CPU manufacturers. CPU manufacturers keep making the chips faster, while at the same time, operating
systems keep slowing down, but the chips are speeding up at a greater rate than the operating systems are
slowing down. As a result, PCs are booting faster than ever. In fact, modern machines are often finished
booting and need to use the network before the STP 30- second delay is over.
Use the spanning-tree portfast global configuration command to globally enable the PortFast feature on all non-
trunking ports.
QUESTION 4
STP HOTSPOT Sim
Online Incorporated is an internet game provide. The game service network had recently added an additional
switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the
spanning-tree topology during configuration. For baseline purpose, you will be required to identify the spanning-
tree topology for the switch block. Using the output of “show spanning-tree” command on switch SW-C and the
provided physical topology, answer the following questions:
Beware: VLAN number can change.
Question 1:
Which spanning Tree Protocol has been implemented on SW-B?
A. STP/IEEE 802.1D
B. MSTP/IEEE 802.1s
C. PVST+
D. PVRST
E. None of the above
Question 2:
Which bridge ID belongs to SW-B?
A. 24623.000f.34f5.0138
B. 32768.000d.bd03.0380
C. 32768.000d.65db.0102
D. 32769.000d.65db.0102
E. 32874.000d.db03.0380
F. 32815.000d.db03.0380
Question 3:
Which port role has interface Fa0/2 of SW-A adopted for VLAN 47?
A. Root port
B. Nondesigned port
C. Designated port
D. Backup port
E. Alternate port
Question 4:
Which port state is interface Fa0/2 of SW-B in for VLANs 1 and 106?
A. Listening
B. Learning
C. Disabled
D. Blocking
E. Forwarding
F. Discarding
Question 5:
Which bridge ID belongs to SW-A?
A. 24623.000f.34f5.0138
B. 32768.000d.bd03.0380
C. 32768.000d.65db.0102
D. 32769.000d.65db.0102
E. 32874.000d.db03.0380
F. 32815.000d.db03.0380
A.
B.
C.
D.
Correct Answer: C
Section: Module: Simmulation
Explanation
Explanation/Reference:
Explanation: (source: http://www.certprepare.com/stp-hotspot)
Question 1:
Answer: C
On the Fa0/2 interface we can see the type of connection is P2p Peer (STP) and Cisco says that: “!— Type
P2p Peer(STP) represents that the neighbor switch runs PVST.”
Please visit this link to understand more http://www.cisco.com/en/US/products/hw/switches/ps708/
products_configuration_example09186a00807b0670.shtml
Question 2:
Answer: A
Have a look at the output at VLAN0047:
Notice there are two “Cost” value in the picture, the above “Cost” is the total cost from the current switch to the
root bridge while the second “Cost” refers to the cost on that interface (Fa0/2). Both these “Cost” are the same
so we can deduce that the root bridge is connectly directly to this switch on Fa0/2 interface -> the root bridge is
Switch B, and the “Address” field shows its MAC address 000f.34f5.0138. Notice Bridge ID = Bridge Priority +
MAC address.
Question 3:
Answer: C
We learned that Switch B is the root bridge for VLAN 47 so port Fa0/1 on SwitchA and Fa0/2 on SwitchC
should be the root ports, and from the output of SwitchC, we knew that port Fa0/1 of SwitchC is in blocking
state. Therefore its opposite port on SwitchA must be in designated state (forwarding).
So, can Fa0/2 of SW-A be in blocking state? The answer is no so that BPDU packets can be received on Fa0/1
of SW-C. It will remain in blocking state as long as a steady flow of BPDUs is received.
Question 4:
Answer: D
As explained in question 2, we can deduce SW-A is the root bridge for VLANs 1 and 106 so ports Fa0/1 on
SW-B and SW-C will be the root ports. From the output of SW-C for VLANs 1 and 106, port Fa0/2 of this switch
is designated (forwarding) so we can deduce interface Fa0/2 of SW-B is in blocking status.
Question 5:
Answer: D
SW-A is the root bridge for VLANs 1 and 106 and we can easily find the MAC address of this root bridge from
the output of SW-C, it is 000d.65db.0102. Notice that SW-A has 2 bridge IDs for VLANs 1 and 106, they are
32769.000d.65db.0102 and 24682.000d.65db.0102
QUESTION 5
AAAdot1x Lab Sim
Acme is a small shipping company that has an existing enterprise network comprised of 2 switches DSW1 and
ASW2. The topology diagram indicates their layer 2 mapping. VLAN 40 is a new VLAN that will be used to
provide the shipping personnel access to the server. For security reasons, it is necessary to restrict access to
VLAN 20 in the following manner:
- Users connecting to ASW1's port must be authenticate before they are given access to the network.
- Authentication is to be done via a Radius server:
- Radius server host: 172.120.39.46
- Radius key: rad123
- Authentication should be implemented as close to the host device possible.
- Devices on VLAN 20 are restricted to in the address range of 172.120.40.0/24.
- Packets from devices in the address range of 172.120.40.0/24 should be passed on VLAN 20.
- Packets from devices in any other address range should be dropped on VLAN 20.
- Filtering should be implemented as close to the server farm as possible.
The Radius server and application servers will be installed at a future date. You have been tasked with
implementing the above access control as a pre-condition to installing the servers.
You must use the available IOS switch features.
A.
B.
C.
D.
Correct Answer:
Section: Module: Simmulation
Explanation
Explanation/Reference:
Step1: Console to ASW1 from PC console 1
ASW1(config)# aaa new-model
ASW1(config)# radius-server host 172.120.39.46 key rad123
ASW1(config)# aaa authentication dot1x default group radius
ASW1(config)# dot1x system-auth-control
ASW1(config)# int fastEthernet 0/1
ASW1(config-if)# switchport mode access
ASW1(config-if)# dot1x port-control auto
ASW1(config-if)# end
ASW1# copy running-config startup-config
Step2: Console to DSW1 from PC console 2
DSW1(config)# ip access-list standard 10
DSW1(config-ext-nacl)# permit 172.120.40.0 0.0.0.255
DSW1(config-ext-nacl)# exit
DSW1(config)# vlan access-map PASS 10
DSW1(config-access-map)# match ip address 10
DSW1(config-access-map)# action forward
DSW1(config-access-map)# exit
DSW1(config)# vlan access-map PASS 20
DSW1(config-access-map)# action drop
DSW1(config-access-map)# exit
DSW1(config)# vlan filter PASS vlan-list 20
DSW1(config)# exit
DSW1# copy running-config startup-config
QUESTION 6
MLS and EIGRP Sim 1
Configure the Multilayer Switch so that PCs from VLAN 2 and VLAN 3 can communicate with the Server.
A.
B.
C.
D.
Correct Answer:
Section: Module: Simmulation
Explanation
Explanation/Reference:
mls>enable
mls# conf t
mls(config)# int gi 0/1
mls(config-if)# no switchport
mls(config-if)# ip address 10.10.10.2 255.255.255.0
mls(config-if)# no shutdown
mls(config-if)# exit
mls(config)# int vlan 2
mls(config-if)# ip address 190.200.250.33 255.255.255.224
mls(config-if)# no shutdown
mls(config-if)# int vlan 3
mls(config-if)# ip address 190.200.250.65 255.255.255.224
mls(config-if)# no shutdown
mls(config-if)#exit
mls(config)# int gi 0/10
mls(config-if)# switchport mode access
mls(config-if)# switchport access vlan 2
mls(config-if)# no shutdown
mls(config-if)# exit
mls(config)# int gi 0/11
mls(config-if)# switchport mode access
mls(config-if)# switchport access vlan 3
mls(config-if)# no shutdown
mls(config-if)# exit
mls(config)# ip routing (Notice: MLS will not work without this command)
mls(config)# router eigrp 650
mls(config-router)# network 10.10.10.0 0.0.0.255
mls(config-router)# network 190.200.250.32 0.0.0.31
mls(config-router)# network 190.200.250.64 0.0.0.31
mls(config-router)# no auto-summary
mls(config-router)# end
mls# copy running-configuration startup-configuration
NOTE : THE ROUTER IS CORRECTLY CONFIGURED, so you will not miss within it in the exam , also don't
modify/delete any port just do the above configuration. in order to complete the lab , you should expect the ping
to SERVER to succeed from the MLS , and from the PCs as well.
If the above configuration does not work, you should configure EIGRP with "no auto-summary" command.
QUESTION 7
MLS and EIGRP Sim 2
You have been tasked with configuring multilayer SwitchC, which has a partial configuration and has been
attached to RouterC as shown in the topology diagram.
HOST 1:
HOST 2:
You need to configure SwitchC so that Hosts H1 and H2 can successful ping the server S1. Also SwitchC
needs to be able to ping server S1.
Due to administrative restrictions and requirements you should not add/delete vlans, changes VLAN port
assignments or create trunk links
Company policies forbid the use of static or default routing All routes must be learned via EIGRP 65010 routing
protocol.
You do not have access to RouteC, RouterC is correctly configured. No trunking has been configured on
RouterC.
Routed interfaces should use the lowest host on a subnet when possible. The following subnets are available to
implement this solution:
• 172.16.1.0/24
• 192.168.3.32/27
• 192.168.3.64/27
Hosts H1 and H2 are configured with the correct IP address and default gateway.
SwitchC uses Cisco as the enable password.
Routing must only be enabled for the specific subnets shown in the diagram.
A.
B.
C.
D.
Correct Answer:
Section: Module: Simmulation
Explanation
Explanation/Reference:
On switch C:
SwitchC> enable
SwitchC# conf t
SwitchC(config)# int gi 0/1
SwitchC(config-if)# no switchport -> without this the simulator does not let you assign IP address on Gi0/1
interface.
SwitchC(config-if)# ip address 172.16.1.1 255.255.255.0
SwitchC(config-if)# no shutdown
SwitchC(config-if)# exit
SwitchC(config)# int vlan 2
SwitchC(config-if)# ip address 192.168.3.33 255.255.255.224 (default gateway address)
SwitchC(config-if)# no shutdown
SwitchC(config-if)# exit
SwitchC(config-if)# int vlan 3
SwitchC(config-if)# ip address 192.168.3.65 255.255.255.224 (default gateway address)
SwitchC(config-if)# no shutdown
SwitchC(config-if)# exit
SwitchC(config)# ip routing
SwitchC(config-router)# router eigrp 65010
SwitchC(config-router)# network 172.16.1.0 0.0.0.255
SwitchC(config-router)# network 192.168.3.32 0.0.0.31
SwitchC(config-router)# network 192.168.3.64 0.0.0.31
SwitchC(config-router)# no auto-summary
SwitchC(config-router)# end
SwitchC# copy running-config startup-config
Verification: We should be able to ping from SWITCHC to the gateway called “Server S1” [208.77.188.166]
You must obtain subnets and IP ADDRESS by yourself and this will be done by clicking on each host icon, then
write ipconfig and you will obtain ip addresses of the host, default gateway & subnet mask. The default gateway
address & subnet mask should be configured as SwitchC respective vlan ip’s
QUESTION 8
LACP with STP Sim 1
Each of these vlans has one host each on its ports
SVI on vlan 1 - ip 192.168.1.11
Switch B -
Ports 3, 4 connected to ports 3 and 4 on Switch A
Port 15 connected to Port on Router.
Tasks to do:
1. Use non proprietary mode of aggregation with Switch B being the initiator
-- Use LACP with B being in Active mode
2. Use non proprietary trunking and no negotiation
-- Use switchport mode trunk and switchport trunk encapsulation dot1q
3. Restrict only to the VLANs needed
-- Use either VTP pruning or allowed VLAN list. The preferred method is using allowed VLAN list
4. SVI on VLAN 1 with some ip and subnet given
5. Configure switch A so that nodes other side of Router C are accessible
-- on switch A the default gateway has to be configured.
6. Make switch B the root
A.
B.
C.
D.
Correct Answer:
Section: Module: Simmulation
Explanation
Explanation/Reference:
SW-A: verify with show run if you need to create vlans 21-23 and verify trunk's native vlan (remove if not 99)
SW-A# int vlan 1
SW-A(config-if)# ip address 192.168.1.11 255.255.255.0
SW-A(config-if)# no shut
SW-A(config-if)# exit
SW-A(config)# int range fa 0/9 - 10
SW-A(config-if)# switchport mode access
SW-A(config-if)# switchport access vlan 21
SW-A(config-if)# spanning-tree portfast
SW-A(config-if)# no shut
SW-A(config-if)# exit
SW-A(config)# int range fa 0/13 - 14
SW-A(config-if)# switchport mode access
SW-A(config-if)# switchport access vlan 22
SW-A(config-if)# spanning-tree portfast
SW-A(config-if)# no shut
SW-A(config-if)# exit
SW-A(config)# int range fa 0/15 - 16
SW-A(config-if)# switchport mode access
SW-A(config-if)# switchport access vlan 23
SW-A(config-if)# spanning-tree portfast
SW-A(config-if)# no shut
SW-A(config-if)# exit
SW-A(config)# int range fa 0/3 - 4
SW-A(config-if)# channel-protocol lacp
SW-A(config-if)# channel group 1 mode passive
SW-A(config-if)# no shut
SW-A(config-if)# exit
SW-A(config)# int port-channel 1
SW-A(config-if)# switchport trunk encapsulation dot1q
SW-A(config-if)# switchport mode trunk
SW-A(config-if)# switchport trunk native vlan 99
SW-A(config-if)# switchport trunk allowed vlans 1,21-23
SW-A(config-if)# no shut
SW-A(config-if)# end
SW-A# copy running-configuration startup-configuration
SW B
SW-B# conf t
Create vlan:
SW-B(config)# vlan 21
SW-B(config-vlan)# vlan 22
SW-B(config-vlan)# vlan 23
SW-B(config-vlan)# exit
SW-B(config)# spanning-tree vlan 1,21-23,99 root primary
SW-B(config)# int range fa 0/3 - 4
SW-B(config-if)# channel-protocol lacp
SW-B(config-if)# channel-group 1 mode active
SW-B(config-if)# no shut
SW-B(config-if)# exit
SW-B(config)# int port-channel 1
SW-B(config-if)# switchport trunk encapsulation dot1q
SW-B(config-if)# switchport mode trunk
SW-B(config-if)# switchport trunk native vlan 99 (I did a sh vlan and saw vlan 99 named as “TrunkNative” so I
used this as the native VLAN for both switches)
SW-B(config-if)# switchport trunk allowed vlan 1,21-23
SW-B(config-if)# no shut
SW-B(config-if)# end
SW-B# copy running-configuration startup-configuration
QUESTION 9
LACP with STP Sim 2
Scenario:
You work for SWITCH.com. They have just added a new switch (SwitchB) to the existing network as shown in
the topology diagram.
RouterA is currently configured correctly and is providing the routing function for devices on SwitchA and
SwitchB. SwitchA is currently configured correctly, but will need to be modified to support the addition of
SwitchB. SwitchB has a minimal configuration. You have been tasked with competing the configuration of
SwitchA and SwitchB. SwitchA and SwitchB use Cisco as the enable password.
Configuration Requirements for SwitchA
The VTP and STP configuration modes on SwitchA should not be modified.
Steps
• SwitchA needs to be the root switch for vlans 11, 12, 13, 21, 22 and 23. All other vlans should be left are their
default values.
Configuration Requirements for SwitchB
- Vlan 21, Name: Marketing, will support two servers attached to fa0/9 and fa0/10
- Vlan 22, Name: Sales, will support two servers attached to fa0/13 and fa0/14
- Vlan 23, Name: Engineering, will support two servers attached to fa0/15 and fa0/16
• Access ports that connect to server should transition immediately transition to forwarding state upon detecting
the connection of a device.
• SwitchB VTP mode needs to be the same as SwitchA.
• SwitchB must operate in the same spanning tree mode as SwitchA
• No routing is to be configured on SwitchB
• Only the SVI vlan 1 is to be configured and it is to use address 192.168.1.11/24
Inter-switch Connectivity Configuration Requirements:
• For operational and security reasons trunking should be unconditional and Vlans 1, 21, 22 and 23 should
tagged when traversing the trunk link.
• The two trunks between SwitchA and SwitchB need to be configured in a mode that allows for the maximum
use of their bandwidth for all vlans. This mode should be done with a non- proprietary protocol, with SwitchA
controlling activation.
• Propagation of unnecessary broadcasts should be limited using manual pruning on this trunk link.
A.
B.
C.
D.
Correct Answer:
Section: Module: Simmulation
Explanation
Explanation/Reference:
SwitchA
SwitchA# conf t
Create vlan:
SwitchA(config)# vlan 21
SwitchA(config-vlan)# name Marketing
SwitchA(config-vlan)# vlan 22
SwitchA(config-vlan)# name Sales
SwitchA(config-vlan)# vlan 23
SwitchA(config-vlan)# name Engineering
SwitchA(config-vlan)# exit
SwitchA(config)# spanning-tree vlan 1,11-13,21-23,99 root primary
SwitchA(config)# int range fa 0/3 - 4
SwitchA(config-if)# channel-protocol lacp
SwitchA(config-if)# channel-group 1 mode active
SwitchA(config-if)# no shut
SwitchA(config-if)# exit
SwitchA(config)# int port-channel 1
SwitchA(config-if)# switchport trunk encapsulation dot1q
SwitchA(config-if)# switchport mode trunk
SwitchA(config-if)# switchport trunk native vlan 99
SwitchA(config-if)# switchport trunk allowed vlan 1,21-23
SwitchA(config-if)# no shut
SwitchA(config-if)# end
SwitchA# copy running-configuration startup-configuration
SwitchB: verify with show run if you need to create vlans 21-23 and verify trunk's native vlan (remove the wrong
native if not 99)
SwitchB# conf t
SwitchB(config-if)# int vlan 1
SwitchB(config-if)# ip address 192.168.1.11 255.255.255.0
SwitchB(config-if)# no shut
SwitchB(config-if)# exit
SwitchB(config)# vtp mode transparent
SwitchB(config)# spanning-tree mode rapid-pvst
SwitchB(config)# int range fa 0/9 - 10
SwitchB(config-if)# switchport mode access
SwitchB(config-if)# switchport access vlan 21
SwitchB(config-if)# spanning-tree portfast
SwitchB(config-if)# no shut
SwitchB(config-if)# exit
SwitchB(config)# int range fa 0/13 - 14
SwitchB(config-if)# switchport mode access
SwitchB(config-if)# switchport access vlan 22
SwitchB(config-if)# spanning-tree portfast
SwitchB(config-if)# no shut
SwitchB(config-if)# exit
SwitchB(config)# int range fa 0/15 - 16
SwitchB(config-if)# switchport mode access
SwitchB(config-if)# switchport access vlan 23
SwitchB(config-if)# spanning-tree portfast
SwitchB(config-if)# no shut
SwitchB(config-if)# exit
SwitchB(config)# int range fa 0/3 - 4
SwitchB(config-if)# channel-protocol lacp
SwitchB(config-if)# channel group 1 mode passive
SwitchB(config-if)# no shut
SwitchB(config-if)# exit
SwitchB(config)# int port-channel 1
SwitchB(config-if)# switchport trunk encapsulation dot1q
SwitchB(config-if)# switchport mode trunk
SwitchB(config-if)# switchport trunk native vlan 99
SwitchB(config-if)# switchport trunk allowed vlans 1,21-23
SwitchB(config-if)# no shut
SwitchB(config-if)# end
SwitchB# copy running-configuration startup-configuration
QUESTION 10
HSRP HOTSPOT Sim
During routine maintenance, G1/0/1 on DSW1 was shutdown. All other interface were up. DSW2 became the
active HSRP device for Vlan101 as desired. However, after G1/0/1 on DSW1 was reactivated. DSW1 did not
become the active HSRP device as desired. What need to be done to make the group for Vlan101 function
properly?
Interface VLAN 101 exhibit:
A. Enable preempt on DS1's Vlan101 HSRP group
B. Disable preempt on DS1's Vlan101 HSRP group
C. Decrease DS1's priority value for Vlan101 HSRP group to a value that is less than priority value configured
on DS2's HSRP group for Vlan101
D. Decrease the decrement in the track command for DS1's Vlan 101 HSRP group to a value less than the
value in the track command for DS2's Vlan 101 HSRP group.
Correct Answer: A
Section: Module: HSRP Hotspot
Explanation
Explanation/Reference:
Explanation:
A is correct. All other answers is incorrect. Because Vlan101 on DS1 ( left ) disable preempt. We need enable
preempt to after it reactive , it will be active device. If not this command, it never become active device.
QUESTION 11
HSRP HOTSPOT Sim
During routine maintenance, it became necessary to shutdown G1/0/1 on DSW1. All other interface were up.
During this time, DSW1 remained the active device for Vlan 102′s HSRP group. You have determined that
there is an issue with the decrement value in the track command in Vlan 102′s HSRP group. What need to be
done to make the group function properly?
Interface VLAN 102 exhibit:
A. The DS1's decrement value should be configured with a value from 5 to 15
B. The DS1's decrement value should be configured with a value from 9 to 15
C. The DS1's decrement value should be configured with a value from 11 to 18
D. The DS1's decrement value should be configured with a value from 195 to less than 205
E. The DS1's decrement value should be configured with a value from 200 to less than 205
F. The DS1's decrement value should be greater than 190 and less 200
Correct Answer: C
Section: Module: HSRP Hotspot
Explanation
Explanation/Reference:
Explanation:
Use "show run" command to show. The left Vlan102 is console1 of DS1. Priority value is 200, we should
decrement value in the track command from 11 to 18. Because 200 11 = 189 < 190( priority of Vlan102 on DS2
).
QUESTION 12
HSRP HOTSPOT Sim
DSW2 has not become the active device for Vlan103′s HSRP group even though all interfaces are active. As
related to Vlan103′s HSRP group. What can be done to make the group function properly?
Interface VLAN 103 exhibit:
A. On DS1, disable preempt
B. On DS1, decrease the priority value to a value less than 190 and greater than 150
C. On DS2, increase the priority value to a value greater 241 and less than 249
D. On DS2, increase the decrement value in the track command to a value greater than 10 and less than 50.
Correct Answer: C
Section: Module: HSRP Hotspot
Explanation
Explanation/Reference:
Explanation:
The reason DSW2 has not become the active switch for Vlan103 is because the priority value of DSW1 is
higher than that of DSW2. In order to make DSW2 become the active switch, we need to increase DSW2′s
priority (to higher than 200) or decrease DSW1′s priority (to lower than 190).
QUESTION 13
HSRP HOTSPOT Sim
During routine maintenance, it became necessary to shutdown G1/0/1 on DSW1 and DSW2. All other interface
were up. During this time, DSW1 became the active device for Vlan104′s HSRP group. As related to Vlan104′s
HSRP group, what can be done to make the group function properly?
Interface VLAN 104 exhibit:
A. On DS1, disable preempt
B. On DS2, decrease the priority value to a value less than 150
C. On DS1, increase the decrement value in the track command to a value greater than 6
D. On DS1, disable track command.
Correct Answer: C
Section: Module: HSRP Hotspot
Explanation
Explanation/Reference:
Explanation:
We should NOT disable preempt on DS1. By do that, you will make Vlan104's HSRP group fail function.
Example: if we are disable preempt on DS1. It can not become active device when G1/0/1 on DS2 fail. In this
question, G0/1/0 on DS1 & DS2 is shutdown. Vlan104 (left) : 150 1 = 149. Vlan104 (right) : 200 155 = 145.
Result is priority 149 > 145 ( Vlan104 on DS1 is active). If increase the decrement in the track value to a value
greater than 6 ( > or = 6). Vlan104 (left) : 150 6 = 144. Result is priority 144 < 145 ( vlan104 on DS2 is active).
QUESTION 14
HSRP HOTSPOT Sim
If G1/0/1 on DSW1 is shutdown, what will be the current priority value of the Vlan105′s group on DSW1?
Interface VLAN 105 exhibit:
A. 95
B. 100
C. 150
D. 200
Correct Answer: A
Section: Module: HSRP Hotspot
Explanation
Explanation/Reference:
Explanation:
Priority is configured 150, Track is 55. So, if shutdown interface G1/0/1 > 150 55 = 95.
QUESTION 15
HSRP HOTSPOT Sim
What is the configured priority value of the Vlan105′s group on DSW2 ?
Interface VLAN 105 exhibit:
A. 50
B. 100
C. 150
D. 200
Correct Answer: B
Section: Module: HSRP Hotspot
Explanation
Explanation/Reference:
Explanation:
Use "show standby brief" command on console2 . Very easy to see priority of Vlan105 is 100.
QUESTION 16
STP HOTSPOT Sim
Online Incorporated is an internet game provide. The game service network had recently added an additional
switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the
spanning-tree topology during configuration. For baseline purpose, you will be required to identify the spanning-
tree topology for the switch block. Using the output of “show spanning-tree” command on switch SW-C and the
provided physical topology, answer the following questions:
Beware: VLAN number can change.
Question 1:
Which spanning Tree Protocol has been implemented on SW-B?
A. STP/IEEE 802.1D
B. MSTP/IEEE 802.1s
C. PVST+
D. PVRST
E. None of the above
A.
B.
C.
D.
E.
Correct Answer: C
Section: Module: STP Hotspot
Explanation
Explanation/Reference:
Answer: C
On the Fa0/2 interface we can see the type of connection is P2p Peer (STP) and Cisco says that: “!— Type
P2p Peer(STP) represents that the neighbor switch runs PVST.”
Please visit this link to understand more http://www.cisco.com/en/US/products/hw/switches/ps708/
products_configuration_example09186a00807b0670.shtml
QUESTION 17
STP HOTSPOT Sim
Online Incorporated is an internet game provide. The game service network had recently added an additional
switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the
spanning-tree topology during configuration. For baseline purpose, you will be required to identify the spanning-
tree topology for the switch block. Using the output of “show spanning-tree” command on switch SW-C and the
provided physical topology, answer the following questions:
Beware: VLAN number can change.
Which bridge ID belongs to SW-B?
A. 24623.000f.34f5.0138
B. 32768.000d.bd03.0380
C. 32768.000d.65db.0102
D. 32769.000d.65db.0102
E. 32874.000d.db03.0380
F. 32815.000d.db03.0380
A.
B.
C.
D.
E.
F.
Correct Answer: A
Section: Module: STP Hotspot
Explanation
Explanation/Reference:
Answer: A
Have a look at the output at VLAN0047:
Notice there are two “Cost” value in the picture, the above “Cost” is the total cost from the current switch to the
root bridge while the second “Cost” refers to the cost on that interface (Fa0/2). Both these “Cost” are the same
so we can deduce that the root bridge is connectly directly to this switch on Fa0/2 interface -> the root bridge is
Switch B, and the “Address” field shows its MAC address 000f.34f5.0138. Notice Bridge ID = Bridge Priority +
MAC address.
QUESTION 18
STP HOTSPOT Sim
Online Incorporated is an internet game provide. The game service network had recently added an additional
switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the
spanning-tree topology during configuration. For baseline purpose, you will be required to identify the spanning-
tree topology for the switch block. Using the output of “show spanning-tree” command on switch SW-C and the
provided physical topology, answer the following questions:
Beware: VLAN number can change.
Which port role has interface Fa0/2 of SW-A adopted for VLAN 47?
A. Root port
B. Nondesigned port
C. Designated port
D. Backup port
E. Alternate port
A.
B.
C.
D.
E.
Correct Answer: C
Section: Module: STP Hotspot
Explanation
Explanation/Reference:
Answer: C
We learned that Switch B is the root bridge for VLAN 47 so port Fa0/1 on SwitchA and Fa0/2 on SwitchC
should be the root ports, and from the output of SwitchC, we knew that port Fa0/1 of SwitchC is in blocking
state. Therefore its opposite port on SwitchA must be in designated state (forwarding).
So, can Fa0/2 of SW-A be in blocking state? The answer is no so that BPDU packets can be received on Fa0/1
of SW-C. It will remain in blocking state as long as a steady flow of BPDUs is received.
QUESTION 19
STP HOTSPOT Sim
Online Incorporated is an internet game provide. The game service network had recently added an additional
switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the
spanning-tree topology during configuration. For baseline purpose, you will be required to identify the spanning-
tree topology for the switch block. Using the output of “show spanning-tree” command on switch SW-C and the
provided physical topology, answer the following questions:
Beware: VLAN number can change.
Which port state is interface Fa0/2 of SW-B in for VLANs 1 and 106?
A. Listening
B. Learning
C. Disabled
D. Blocking
E. Forwarding
F. Discarding
A.
B.
C.
D.
E.
F.
Correct Answer: D
Section: Module: STP Hotspot
Explanation
Explanation/Reference:
Answer: D
As explained in question 2, we can deduce SW-A is the root bridge for VLANs 1 and 106 so ports Fa0/1 on
SW-B and SW-C will be the root ports. From the output of SW-C for VLANs 1 and 106, port Fa0/2 of this switch
is designated (forwarding) so we can deduce interface Fa0/2 of SW-B is in blocking status.
QUESTION 20
STP HOTSPOT Sim
Online Incorporated is an internet game provide. The game service network had recently added an additional
switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the
spanning-tree topology during configuration. For baseline purpose, you will be required to identify the spanning-
tree topology for the switch block. Using the output of “show spanning-tree” command on switch SW-C and the
provided physical topology, answer the following questions:
Beware: VLAN number can change.
Which bridge ID belongs to SW-A?
A. 24623.000f.34f5.0138
B. 32768.000d.bd03.0380
C. 32768.000d.65db.0102
D. 32769.000d.65db.0102
E. 32874.000d.db03.0380
F. 32815.000d.db03.0380
A.
B.
C.
D.
E.
F.
Correct Answer: D
Section: Module: STP Hotspot
Explanation
Explanation/Reference:
Answer: D
SW-A is the root bridge for VLANs 1 and 106 and we can easily find the MAC address of this root bridge from
the output of SW-C, it is 000d.65db.0102. Notice that SW-A has 2 bridge IDs for VLANs 1 and 106, they are
32769.000d.65db.0102 and 24682.000d.65db.0102
-->
