Card Set Information
Questions for CCNP Routing Exam
RIP Protocol Type
RIP Update freq
RIP update size
RIP Convergence Size
Slow convergence, Hold-down Timer
RIP Message Protocol (v6)
Authentication Plain, MD5 (IPSec)
RIP Multicast (v6)
OSPF Protocol Type
Variety of cost factors (RTT, Throughput, reliability)
OSPF Update freq
Requested with LSA and triggered
OSPF update size
OSPF Message Protocol
Plain, MD5 (AH)
Multicast 188.8.131.52-6 (FF02::5, 6)
EIGRP Protocol Type
Advanced Distance Vector
Diffusing Update Algroithm - DUAL
AD 90 (170 External, 5 Summary)
Bandwidth/Delay + Optionals (MTU, Reliability, Load)
EIGRP Update freq
EIGRP Update size
EIGRP Message Protocol
IP/88 (Supports non-IP L3 protocols)
Multicast 184.108.40.206 (FF02::A)
BGP Protocol Type
BGP AD (e and iBGP)
AD eBGP = 20, iBGP = 200
BGP Update freq
BGP update size
BGP Message Protocol
Explain TCP Slowstart
Window size increases exponentially
Segment Size reduced to 1
Window increased exponentially until x0.5 of previous max window (Congestion window size)
(Weighted Random Early Detection)
To prevent TCP window sizing for multiple streams coming into sync WRED selectively drops packets before max throughput is reached. Considers QoS and queue size
What are the two types of VRF?
VRF-lite - Typical installation
Cisco EVN - New method. Trunks VRF traffic in a VNET encapsulation between trunk links
EIGRP Summary AD
EIGRP (Internal) AD
EIGRP (ext) AD
Describe the two types of Access List and numbering ranges
: 1 to 99 and 1300 to 1999. Source only
: 100 to 199 and 2000 to 2699. Source, Destination, Port
What are the problems with NBMA networks and distance vector protocols?
Split Horizon when same interface is used to talk to multiple routers
DR Election may not happen in a Hub-Spoke topology
What precaution should be taken when using FHRP?
When using FHRP adjust ARP timer < CAM Table timer so MAC record doesn't time out before ARP. ARP messages are send out when MAC is unknown, CAM table floods when destination port is not known.
- Used to prevent ip spoofing
- Must have CEF enabled
- Strict - Packet dropped if source ip doesn't enter interface as matched in the FIB table (used by CEF)
- Loose - Source must be reachable, not tied to interface
- VRF - Like loose but applied to vrf
List router security accounts
Global username - username xxxxx privledge 15 password xxxxx
Line password - service password-encryption
Secret password (4= SHA-256, 5 = MD5)
What remote site tunnel options are available?
DMVPN (mGRE, NHRP, IPSEC)
Describe the 3 technologies used by DMVPN
mGRE, NHRP, IPSEC
What is NHRP?
? Client/Server model of address assignment
§ Converts Tunnel int ip > Physical interface id
? Each spoke advertises it's info back to server
What is IPSec Phase 1?
§ ISAKMP session
§ Sets up Management tunnel for secure key exchange
§ Bidirectional encryption (same key each way)
§ Transform Sets exchanged to form a SA
What is IPSec Phase 2?
§ Sets up Bi-directional tunnel for traffic
§ Unidirectional encryption (Different key each way)
What does AH provide?
Integrity and data origin authentication
What does ESP provide?
Integrity, data origin authentication and encryption
Describe the difference between Transport and tunnel mode
Original IP or encapsulated with diff IP
What is the main advantage of GRE?
Van be encapsulated within any L3 protocol (IPSEC(GRE(PAYLOAD)))
What is an advantage of IPSec?
Scalable, on demand mesh
What is the IPv6 Multicast address for All Nodes?
What is the IPv6 Multicast address for All Routers?
What is the prefix for IPv6 Unique local?
What is the prefix for IPv6 Link local?
What is the prefix for IPv6 Global Unicast?
What must you do when creating a EUI-64 derived IPv6 Address
Flip the 7th most significant bit (OUI) and insert FFFE in the middle
What does IOS do when a serial link uses EUI-64?
Takes the MAC of the lowest numbered eth interface
What are the type of address assignment in IPv6? And how are default router/dns communicated?
Stateful DHCP (Server provides IP, DNS. Default router provided by NS messages)
Stateless Autoconfig (NDP to discover subnet, default router, Stateless DHCP to learn DNS)
What are the uses for NDP?
L2 Mapping (IPv6 > L2)
Inverse Neighbor Discovery (L2 > IPv6)
Duplicate Address Detection
What is the solicited node multicast?
Asks for a response from all nodes on the link with last 24 bits
: FF02::1:FF00:0 /104
What is noAuthNoPriv (SNMP)
No auth, No encryption, community-string (username for v3)
What is authNoPriv (SNMP)
HMAC (MD5, SHA-1), no encryption
What is authPriv (SNMP)
HMAC (MD5, SHA-1), Encryption (DES, 3DES, AES)
How does TACACS Compare to RADIUS?
TCP > UDP
Full Packet Encryption > Password Encryption
Basic Accounting > Robust Accounting