QUESTION 251
Refer to the exhibit.R1 has two eBGP sessions to ISP1 and ISP2 (one to each ISP router), and R1 receives the same prefixes through both links.
Which configuration should be applied for the link between R1 and ISP2 to be preferred for incoming traffic (ISP2 to R1)?
A. increase local preference on R1 for sent routes
B. decrease local preference on R1 for sent routes
C. increase MED on ISP2 for sent routes
D. decrease MED on ISP2 for sent routes
Answer: D
Explanation:
http://books.google.com.pk/books?id=V7MIJorqe_kC&pg=PA344&lpg=PA344&dq=decrease+MED+on+ISP2+for+sent+routes&source=bl&ots=pJvKb3dxua&sig=43gSTo8fhtMwu6DET75T3fJw9cU&hl=en&sa=X&ei=mFDLUZDzAcS47AbU3ICgCQ&ved=0CGgQ6AEwCA#v=onepage&q=decrease%20MED%20 on%20ISP2%20for%20sent%20routes&f=false
QUESTION 252
Which two statements are true about bandwidth guarantee? (Choose two.)
A. When congestion is present, the priority command doesn’t allow exceeding the allocated rate
B. When congestion isn’t present, the priority command doesn’t allow exceeding the allocated rate
C. When congestion is present, the priority command allows exceeding the allocated rate
D. When congestion isn’t present, the priority command allows exceeding the allocated rate
Answer: AD
Explanation:
During congestion conditions, the traffic class is guaranteed bandwidth equal to the specified rate. (Recall that bandwidth guarantees are only an issue when an interface is congested.) In other words, the priority command provides a minimum bandwidth guarantee. In addition, the priority command implements a maximum bandwidth guarantee. Internally, the priority queue uses a token bucket that measures the offered load and ensures that the traffic stream conforms to the configured rate. Only traffic that conforms to the token bucket is guaranteed low latency. Any excess traffic is sent if the link is not congested or is dropped if the link is congested.
“The purpose of the built-in policer is to ensure that the other queues are serviced by the queueing scheduler. In the original Cisco priority queueing feature, which uses the priority-group and priority-list commands, the scheduler always serviced the highest priority queue first. In extreme cases, the lower priority queues rarely were serviced and effectively were starved of bandwidth. The real benefit of the priority command–and its major difference from the bandwidth command– is how it provides a strict de-queueing priority to provide a bound on latency. Here is how the Cisco IOS Configuration Guide describes this benefit: “A strict priority queue (PQ) allows delay-sensitive data such as voice to be de-queued and sent before packets in other queues are de-queued…..”
QUESTION 253
For a router connected to two ISPs for redundancy, using IPSLA and static routing, how would you configure uRPF on the uplink interface?
A. ip verify unicast source reachable-via any
B. ip verify unicast reverse-path
C. ip verify unicast reverse-path loose
D. ip verify unicast reverse-path strict
Answer: A
Explanation:
Unicast RPF Examples
Cisco IOS Devices
An important consideration for deployment is that Cisco Express Forwarding switching must be enabled for Unicast RPF to function. This command has been enabled by default as of IOS version 12.2. If it is not enabled, administrators can enable it with the following global configuration command: ip cef Unicast RPF is enabled on a per-interface basis. The ip verify unicast source reachable-via rx command enables Unicast RPF in strict mode. To enable loose mode, administrators can use the any option to enforce the requirement that the source IP address for a packet must appear in the routing table. The allow-default option may be used with either therx or any option to include IP addresses not specifically contained in the routing table. The allow-self-ping option should not be used because it could create a denial of service condition. An access list such as the one that follows may also be configured to specifically permit or deny a list of addresses through Unicast RPF:
interface FastEthernet 0/0
ip verify unicast source reachable-via {rx | any} [allow-default] [allow-self-ping] [list]
Addresses that should never appear on a network can be dropped by entering a route to a null interface. The following command will cause all traffic received from the 10.0.0.0/8 network to be dropped even if Unicast RPF is enabled in loose mode with the allow-default option: ip route 10.0.0.0 255.0.0.0 Null0
http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html
QUESTION 254
The EtherChannel between your LAN switch and the Internet router is not load-balancing
efficiently. On the switch, there are several workstations with valid IP ranges. Which load-balance algorithms can you use in the switch in order to optimize this load balancing? (Choose four.)
A. source IP address
B. destination IP address
C. per-packet load balance
D. destination MAC address
E. source MAC address
Answer: ABDE
Explanation:
EtherChannel load balancing can use MAC addresses, IP addresses, or Layer 4 port numbers with a Policy Feature Card 2 (PFC2) and either source mode, destination mode, or both. The mode you select applies to all EtherChannels that you configure on the switch. Use the option that provides the greatest variety in your configuration. For example, if the traffic on a channel only goes to a single MAC address, use of the destination MAC address results in the choice of the same link in the channel each time. Use of source addresses or IP addresses can result in a better load balance. Issue the port-channel load- balance {src-mac | dst-mac | srcdst-mac | src-ip | dst-ip | src-dst-ip | src-port | dst-port | src-dst-port | mpls} global configuration command in order to configure the load balancing.
Issue the show etherchannel load-balance command in order to check the frame distribution policy. You can determine which interface in the EtherChannel forwards traffic, with the frame distribution policy as a basis.
Issue the remote login switch command to log in remotely to the Switch Processor (SP) console in order to make this determination. Then, issue the test etherchannel load-balance interface port- channel number {ip |
l4port | mac} [source_ip_add | source_mac_add | source_l4_port] [dest_ip_add | dest_mac_add | dest_l4_port] command.
QUESTION 255
Before inserting a new switch in the network, the network administrator checks that the VTP
domain name is correct, the VTP mode is set to server, and revision is lower than the switches in the network. The administrator then configures interfaces and trunks, erases existing VLANs, and connects the switch to the network. Following that procedure, there is no connectivity in the
network. What is a possible cause of this problem?
A. Because the configuration revision of the new switches is lower than the rest of the network, it can
change the VLAN database of the other switches.
B. As a VTP server, the new switch deleted all VLANs of the network.
C. Erasing VLANs increases the VTP configuration revision.
D. Since the configuration revision of the network is higher than the new switch, the VLAN database
was automatically synchronized.
Answer: C
Explanation:
Reset the Configuration Revision Number
You can easily reset the configuration revision number by either of the two procedures provided in this section.
Reset the Configuration Revision using Domain Name Complete these steps in order to reset the configuration revision number with the change of the domain name:
1. Issue “show vtp domain ” in order to see that the configuration is empty
2. Configure the VTP Domain name
3. Change the VTP Domain back
4. Change the VTP Domain to what it was in step 2
Reset the Configuration Revision using VTP Mode
Complete these steps in order to reset the configuration revision number with the change of the domain name:
1. Issue “show vtp domain ” in order to see that the configuration is empty
2. Configure the VTP Domain name
3. Change the VTP mode from server to transparent
4. Change the VTP mode from transparent to server or client.
http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080890613.shtml# topic9
QUESTION 256
The network administrator wants to enable an EtherChannel between two switches in “on” mode.
The administrator connects the cables and enables the interfaces, but while configuring the
EtherChannel in the first switch, a spanning-tree loop was detected. Which two of these
procedures can avoid this problem? (Choose two.)
A. Configure the EtherChannel as “desirable” first.
B. Assign all interfaces to the same VLAN.
C. Disable PortFast on the interfaces in the EtherChannels.
D. Disable all interfaces first.
E. Fast Ethernet and Gigabit Ethernet ports cannot be assigned to the same EtherChannel.
F. Fix cabling problems.
Answer: AD
Explanation:
If a workstation or a server is connected with a single Network Interface Card (NIC) to a switch port, this connection cannot create a physical loop. These connections are considered leaf nodes. There is no reason to make the workstation wait 30 seconds while the switch checks for loops when the workstation cannot cause a loop. With the addition of the PortFast or fast-start feature, the STP for this port assumes that the port is not part of a loop. In this case, the port immediately moves to the forwarding state, and skips the blocking, listening, or learning states. This command does not turn STP off. This command makes STP skip a few steps in the beginning on the selected port, although unnecessary in this circumstance.
Note:
The PortFast feature must never be used on switch ports that connect to other switches, hubs, or routers. These connections can cause physical loops, and it is very important that Spanning Tree go through the full initialization procedure in these situations. A Spanning Tree loop can bring the network down. If the PortFast feature is turned on for a port that is part of a physical loop, it can cause packets to be continuously forwarded and even multiply in such a way that the network cannot recover.
https://supportforums.cisco.com/docs/DOC-4897
QUESTION 257
Customer X has a hub-and-spoke Frame Relay network, with a central office and two branch
offices (RemoteA and RemoteB). Each location has only one physical link to the Frame Relay
cloud and RemoteB has a router that is not a Cisco router. Since the installation, there is no
connectivity between RemoteB and the central office. What is a possible solution to this issue?
A. Because Frame Relay IETF encapsulation is only configurable at interface level, you must use
IETF encapsulation on all routers.
B. This is not a possible scenario. A dedicated Frame Relay link to RemoteB is mandatory at the
central office.
C. The router at RemoteB must be replaced by a Cisco router.
D. Use Frame Relay IETF encapsulation on a per-VC basis on the central office router.
E. There is a problem in the Frame Relay cloud, because Cisco routers are compatible with IETF
Frame Relay.
Answer: D
QUESTION 258
You are deploying two core switches, one in each building, 50 km away from each other. The
cross-connection between them will be a Layer 2 2-gigabit EtherChannel with an 802.1Q trunk.
You configured it correctly but the link does not come up. The port is in the “admin up” state, and the line protocol is in the “down” state. The fiber link is OK. What would be the most likely reason for the link not to come up?
A. The switches are not the same model.
B. You are not using the correct SFP.
C. You are not using correct optical media converters.
D. Configuration should be modified, because the distance is longer.
Answer: B
Explanation:
Verifying the Line Protocol Is Up
In the output from the show interfaces fastethernet, show interfaces gigabitethernet or show interfaces tengigabitethernet command, verify that the line protocol is up. If the line protocol is down, the line protocol software processes have determined that the line is unusable.
Perform the following corrective actions:
Replace the cable.
Check the local and remote interface for misconfiguration. Verify that a hardware failure has not occurred. Observe the LEDs to confirm the failure. See the other troubleshooting sections of this chapter, and refer to the Cisco 7600 Series Router SIP, SSC, and SPA Hardware Installation Guide. If the hardware has failed, replace the SPA as necessary.
http://www.cisco.com/en/US/products/hw/routers/ps368/module_installation_and_configuration_ guides_chapter09186a0080523f70.html#wp1038764
QUESTION 259
You are configuring an 802.1Q trunk between a Layer 2 switch and a firewall. You read in the
documentation that the best way to set up a trunk is to set the port as dynamic desirable. The trunk is not coming up. Which one of these options would be a valid explanation?
A. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode ON.
B. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode to OFF.
C. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode as auto.
D. The firewall does not support DTP. You should set the switchport trunk mode to ON.
Answer: D
Explanation:
PortFast, Channeling, and Trunking
By default, many switches, such as Cisco switches that run the Catalyst operating system (OS), are designed to be plug-and-play devices. As such, many of the default port parameters are not desirable when a PIX is plugged into the switch. For example, on a switch that runs the Catalyst OS, default channeling is set to Auto, trunking is set to Auto, and PortFast is disabled. If you connect a PIX to a switch that runs the Catalyst OS, disable channeling, disable trunking, and enable PortFast. Channeling, also known as Fast EtherChannel or Giga EtherChannel, is used to bind two or more physical ports in a logical group in order to increase the overall throughput across the link. When a port is configured for automatic channeling, it sends out Port Aggregation Protocol (PAgP) frames as the link becomes active in order to determine if it is part of a channel. These frames can cause problems if the other device tries to autonegotiate the speed and duplex of the link. If channeling on the port is set to Auto, it also results in an additional delay of about 3 seconds before the port starts to forward traffic after the link is up.
Note: On the Catalyst XL Series Switches, channeling is not set to Auto by default. For this reason, you should disable channeling on any switch port that connects to a PIX. Trunking, also known by the common trunking protocols Inter-Switch Link (ISL) or Dot1q, combines multiple virtual LANs (VLANs) on a single port (or link). Trunking is typically used between two switches when both switches have more than one VLAN defined on them. When a port is configured for automatic trunking, it sends out Dynamic Trunking Protocol (DTP) frames as the link comes up in order to determine if the port that it connects to wants to trunk. These DTP frames can cause problems with autonegotiation of the link. If trunking is set to Auto on a switch port, it adds an additional delay of about 15 seconds before the port starts to forward traffic after the link is up. PortFast, also known as Fast Start, is an option that informs the switch that a Layer 3 device is connected out of a switch port. The port does not wait the default 30 seconds (15 seconds to listen and 15 seconds to learn); instead, this action causes the switch to put the port into forwarding state immediately after the link comes up. It is important to understand that when you enable PortFast, spanning tree is not disabled. Spanning tree is still active on that port. When you enable PortFast, the switch is informed only that there is not another switch or hub (Layer 2-only device) connected at the other end of the link. The switch bypasses the normal 30-second delay while it attempts to determine if a Layer 2 loop results if it brings up that port. After the link is brought up, it still participates in spanning tree. The port sends out bridge packet data units (BPDUs), and the switch still listens for BPDUs on that port. For these reasons, it is recommended that you enable PortFast on any switch port that connects to a PIX. Note: Catalyst OS releases 5.4 and later include the set port host <mod>/<port> command that allows you to use a single command to disable channeling, disable trunking, and enable PortFast.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009491 c.shtml#portfastchanneltrunk
QUESTION 260
If you have overlapping IP address between two different networks or routing domains, what two commands do you need to globally configure NAT to get this to work?
A. ip nat outside source list 1 interface x and ip nat inside source list 1 interface x
B. ip nat outside source static x.x.x.x y.y.y.y and ip nat inside source static x.x.x.x y.y.y.y
C. ip nat outside source static udp x.x.x.x y.y.y.y and ip nat inside source udp x.x.x.x y.y.y.y
D. ip nat outside source static tcp x.x.x.x y.y.y.y and ip nat outside source tcp x.x.x.x y.y.y.y
Answer: B
If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.