Q1. - (Topic 12)
The implementations group has been using the test bed to do a ‘proof-of-concept' that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?
A. In Configuration mode, using the interface range Fa 1/0/1 – 2, then no switchport port-security interface configuration commands. Then in exec mode clear errdisable interface fa 1/01 – 2 vlan 10 command
B. In Configuration mode, using the interface range Fa 1/0/1 – 2, then no switchport port-security, followed by shutdown, no shutdown interface configuration commands.
C. In Configuration mode, using the interface range Fa 1/0/1 – 2, then no switchport port-security interface configuration commands.
D. In Configuration mode, using the interface range Fa 1/0/1 – 2, then no switchport port-security interface configuration commands. Then in exec mode clear errdisable interface fa 1/0/1, then clear errdisable interface fa 1/0/2 commands.
Answer: B
Explanation:
On ASW1, we need to remove port-security under interface fa1/0/1 & fa1/0/2.
Reference: http://www.cisco.com/en/US/tech/ABC389/ABC621/technologies_tech_note09186a00806c d87b.shtml
Q2. - (Topic 21)
The implementation group has been using the test bed to do an IPv6 'proof-of-concept1. After several changes to the network addressing and routing schemes, a trouble ticket has been opened indicating that the loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2 (2026::102:1).
The fault condition is related to which technology?
A. NTP
B. IPv4 OSPF Routing
C. IPv6 OSPF Routing
D. IPV4 and IPV6 Interoperability
E. IPv4 layer 3 security
Answer: D
Explanation:
Q3. - (Topic 13)
The implementations group has been using the test bed to do a ‘proof-of-concept' that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
Which is the solution to the fault condition?
A. Under the EIGRP process, delete the redistribute ospf 1 route-map OSPF_ to_ EIGRP command and enter the redistribute ospf 1 route-map OSPF - > EIGRP command.
B. Under the EIGRP process, delete the redistribute ospf 1 route-map OSPF_ to_ EIGRP command and enter the redistribute ospf 6 metric route-map OSPF - > EIGRP command.
C. Under the OSPF process, delete the redistribute eigrp10 subnets route-map EIGPR ->OSPF command and enter the redistribute eigrp10 subnets route-map OSPF - > EIGRP command.
D. Under the OSPF process, delete the redistribute eigrp10 subnets route-map EIGPR ->OSPF command and enter the redistribute eigrp10 subnets route-map EIGPR - > OSPF command.
E. Under the EIGRP process, delete the redistribute ospf 1 route-map OSPF _to_ EIGRP command and enter redistribute ospf 1 metric 100000 100 100 1 15000 route_ map OSPF _to _EIGRP command
Answer: A
Explanation:
On R4, in the redistribution of EIGRP routing protocol, we need to change name of route-map to resolve the issue. It references route-map OSPF_to_EIGRP but the actual route map is called OSPF->EIGRP.
Topic 14, Ticket 9 : EIGRP AS number
Topology Overview (Actual Troubleshooting lab design is for below network design)
. Client Should have IP 10.2.1.3
. EIGRP 100 is running between switch DSW1 & DSW2
. OSPF (Process ID 1) is running between R1, R2, R3, R4
. Network of OSPF is redistributed in EIGRP
. BGP 65001 is configured on R1 with Webserver cloud AS 65002
. HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP's network. Because the company's address space is in the private range.
R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside (209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4's DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a ‘proof-of-concept' on several implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
Client is unable to ping IP 209.65.200.241
Solution
Steps need to follow as below:-
. When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4
ipconfig ----- Client will be receiving IP address 10.2.1.3
. From Client PC we can ping 10.2.1.254
. But IP 10.2.1.3 is not able to ping from R4, R3, R2, R1 .
. This clearly shows problem at R4 Kindly check routes in EIGRP there are no routes of eigrp.
. Check the neighborship of EIGRP on R4; there are no neighbor seen from DSW1 & DSW2 check the running config of EIGRP protocol it shows EIGRP AS 1 process…. Now check on DSW1 & DSW2
On DSW1 only one Eigrp neighbour is there with DSW2 but its not with R4…
. From above snapshot & since R4 has EIGRP AS number 1 due to which neighbour is not happening.
. Change required: On R4, IPV4 EIGRP Routing, need to change the EIGRP AS number from 1 to 10 since DSW1 & DSW2 is configured to be in EIGRP AS number 10.
Q4. - (Topic 6)
The implementations group has been using the test bed to do a ‘proof-of-concept' that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, and FHRP services, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?
A. In Configuration mode, using the interface port-channel 13 command, then configure switchport trunk allowed vlan none followed by switchport trunk allowed vlan 20,200 commands.
B. In Configuration mode, using the interface port-channel 13, port-channel 23, then configure switchport trunk none allowed vlan none followed by switchport trunk allowed vlan 10,200 commands.
C. In Configuration mode, using the interface port-channel 23 command, then configure switchport trunk allowed vlan none followed by switchport trunk allowed vlan 20,200 commands.
D. In Configuration mode, using the interface port-channel 23, port-channel, then configure switchport trunk allowed vlan none followed by switchport trunk allowed vlan 10,20,200 commands.
Answer: B
Explanation:
We need to allow VLANs 10 and 200 on the trunks to restore full connectivity. This can be accomplished by issuing the "switchport trunk allowed vlan 10,200" command on the port channels used as trunks in DSW1.
Q5. - (Topic 16)
The implementations group has been using the test bed to do a ‘proof-of-concept'. After several changes to the network addressing, routing schemes, a trouble ticket has been opened indicating that the loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2(2026::102:1).
Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located?
A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Answer: B
Explanation:
R2 is missing the needed IPV6 OSPF for interface s0/0/0.23
Topic 17, Ticket 12 : HSRP Issue
Topology Overview (Actual Troubleshooting lab design is for below network design)
. Client Should have IP 10.2.1.3
. EIGRP 100 is running between switch DSW1 & DSW2
. OSPF (Process ID 1) is running between R1, R2, R3, R4
. Network of OSPF is redistributed in EIGRP
. BGP 65001 is configured on R1 with Webserver cloud AS 65002
. HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP's network. Because the company's address space is in the private range.
R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside (209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4's DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a ‘proof-of-concept' on several implementations. This involved changing the configuration on one or more of the
devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
Solution
Steps need to follow as below:-
. Since the problem is raised that DSW1 will not become active router for HSRP group 10
. we will check for the HSRP configuration…
. From snapshot we see that the track command given needs to be changed under active VLAN10 router
. Change Required: On DSW1, related to HSRP, under vlan 10 change the given track 1 command to instead use the track 10 command.
Q6. - (Topic 15)
The implementations group has been using the test bed to do a ‘proof-of-concept' that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology?
A. NTP
B. IP DHCP Helper
C. IPv4 EIGRP Routing
D. IPv6 RIP Routing
E. IPv4 layer 3 security
F. Switch-to-Switch Connectivity
G. Loop Prevention
H. Access Vlans
I. Port Security
J. VLAN ACL / Port ACL
K. Switch Virtual Interface
Answer: J
Explanation:
On DSW1, VALN ACL, Need to delete the VLAN access-map test1 whose action is to drop access-list 10; specifically 10.2.1.3
Q7. - (Topic 5)
Scenario:
A customer network engineer has edited their OSPF network configuration and now your customer is experiencing network issues. They have contacted you to resolve the issues and return the network to full functionality.
The OSPF neighbour relationship has been lost between R1 and R3. What is causing this problem?
A. The serial interface in R1 should be taken out of the shutdown state.
B. A neighbor statement needs to be configured in R1 and R3 pointing at each other.
C. The R1 network type should be changed to point-to-multipoint non-broadcast.
D. The hello, dead and wait timers on R1 need to be reconfigured to match the values on R3.
Answer: C
Explanation:
In order for two OSPF routers to become neighbors, they must have matching network types across the links. In this case, we see that R1 has been configured as non-broadcast and R3 is using point to point non-broadcast.
This can be seen by issuing the "show running-config" command on each router, or the "show ip ospf interface" command:
Topic 6, Ticket 1: Switch Port Trunk
Topology Overview (Actual Troubleshooting lab design is for below network design)
. Client Should have IP 10.2.1.3
. EIGRP 100 is running between switch DSW1 & DSW2
. OSPF (Process ID 1) is running between R1, R2, R3, R4
. Network of OSPF is redistributed in EIGRP
. BGP 65001 is configured on R1 with Webserver cloud AS 65002
. HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP's network. Because the company's address space is in the private range.
R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside (209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4's DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running
over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a ‘proof-of-concept' on several implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
Client is unable to ping IP 209.65.200.241
Solution
Steps need to follow as below:-
. When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4
Ipconfig ----- Client will be getting 169.X.X.X
. On ASW1 port Fa1/0/ 1 & Fa1/0/2 access port VLAN 10 was assigned which is using IP address 10.2.1.0/24
Sh run ------- & check for running config of int fa1/0/1 & fa1/0/2
====================================================
interface FastEthernet1/0/1switchport mode accessswitchport access vlan 10interface
FastEthernet1/0/2switchport mode accessswitchport access vlan 10
====================================================
. We need to check on ASW 1 trunk port the trunk Po13 & Po23 were receiving VLAN 20 & 200 but not VLAN 10 so that switch could not get DHCP IP address and was failing to reach IP address of Internet
. Change required: On ASW1 below change is required for switch-to-switch Connectivity..
int range portchannel13,portchannel23 switchport trunk allowed vlan none switchport trunk allowed vlan 10,200
Q8. - (Topic 2)
A customer network engineer has made configuration changes that have resulted in some loss of connectivity. You have been called in to evaluate a switch network and suggest resolutions to the problems.
You have configured PVST+ load balancing between SW1 and the New_Switch in such a way that both the links E2/2 and E2/3 are utilized for traffic flow, which component of the configuration is preventing PVST+ load balancing between SW1 and SW2 links
A. Port priority configuration on SW1
B. Port priority configuration on the New_Switch
C. Path cost configuration on SW1
D. Path cost configuration on the New_Switch
Answer: D
Explanation:
Here is the configuration found on the New_Switch:
This causes the port cost for link eth 1/3 to increase the path cost to 250 for all VLANs, making that link less preferred so that only eth 1/2 will be used.
Topic 3, Troubleshooting EIGRP
11. - (Topic 3)
Scenario:
You have been brought in to troubleshoot an EIGRP network. You have resolved the initial issue between routers R2 and R4, but another issue remains. You are to locate the problem and suggest solution to resolve the issue.
The customer has disabled access to the show running-config command.
The network segment between R2 and R4 has become disconnected from the remainder of the network. How should this issue be resolved?
A. Change the autonomous system number in the remainder of the network to be consistent with R2 and R4.
B. Move the 192.168.24.0 network to the EIGRP 1 routing process in R2 and R4.
C. Enable the R2 and R4 router interfaces connected to the 192.168.24.0 network.
D. Remove the distribute-list command from the EIGRP 200 routing process in R2.
E. Remove the distribute-list command from the EIGRP 100 routing process in R2.
Q9. - (Topic 8)
The implementations group has been using the test bed to do a ‘proof-of-concept' that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241
address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology?
A. BGP
B. NTP
C. IP NAT
D. IPv4 OSPF Routing
E. IPv4 OSPF Redistribution
F. IPv6 OSPF Routing
G. IPv4 layer 3 security
Answer: D
Explanation:
On R1, for IPV4 authentication of OSPF the command is missing and required to configure------ ip ospf authentication message-digest
Q10. - (Topic 12)
The implementations group has been using the test bed to do a ‘proof-of-concept' that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology?
A. NTP
B. Switch-to-Switch Connectivity
C. Access Vlans
D. Port Security
E. VLAN ACL / Port ACL
F. Switch Virtual Interface
Answer: D
Explanation: Port security is causing the connectivity issues. On ASW1, we need to remove port-security under interface fa1/0/1 & fa1/0/2.
Topic 13, Ticket 8 : Redistribution of EIGRP to OSPF
Topology Overview (Actual Troubleshooting lab design is for below network design)
. Client Should have IP 10.2.1.3
. EIGRP 100 is running between switch DSW1 & DSW2
. OSPF (Process ID 1) is running between R1, R2, R3, R4
. Network of OSPF is redistributed in EIGRP
. BGP 65001 is configured on R1 with Webserver cloud AS 65002
. HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP's network. Because the company's address space is in the private range.
R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside (209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4's DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a ‘proof-of-concept' on several implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
Client is unable to ping IP 209.65.200.241
Solution
Steps need to follow as below:-
. When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4
ipconfig ----- Client will be receiving IP address 10.2.1.3
. IP 10.2.1.3 will be able to ping from R4 , but cannot ping from R3, R2, R1
. This clearly shows problem at R4 since EIGRP is between DSW1, DSW2 & R4 and OSPF protocol is running between R4, R3, R2, R1 so routes from R4 are not propagated to R3, R2, R1
. Since R4 is able to ping 10.2.1.3 it means that routes are received in EIGRP & same needs to be advertised in OSPF to ping from R3, R2, R1.
. Need to check the routes are being advertised properly or not in OSPF & EIGRP vice-versa.
. From above snap shot it clearly indicates that redistribution done in EIGRP is having problem & by default all routes are denied from ospf to EIGRP… so need to change route-map name.
. Change required: On R4, in the redistribution of EIGRP routing protocol, we need to change name of route-map to resolve the issue. It references route-map OSPF_to_EIGRP but the actual route map is called OSPF->EIGRP.