December 29, 2011

Cisco Interview Questions

What is carrier sense multiple access collision detect (CSMA/CD)?

CSMA/CD describes the Ethernet access method. In CSMA/CD, many stations can
transmit on the same cable, and no station has priority over any other. Before a
station transmits, it listens on the wire to make sure no other station is transmitting.
If no other station is transmitting, the station transmits across the wire. CSMA/CD is
all about devices taking turns using the wire.

What are MAC addresses?
For computers to identify each other on the data link layer, they need a MAC address
(hardware address). All devices on a LAN must have a unique MAC address. A MAC
address is a 48-bit (six octet) address burned into a network interface card. The first
three octets (24 bits) of the MAC address indicate the vendor that manufactured the
card. This is called the Organization Unique Identifier (OUI). The last three octets of
the MAC address are the unique host address. An example of a MAC address is 00-80-
C6-E7-9C-EF.

What are the three types of LAN traffic?
The three types of LAN traffic are:
Unicasts
Broadcasts
Multicasts

What are unicast frames?
Unicast frames are the most common type of LAN traffic. A unicast frame is a frame
intended for only one host. In unicast frames, the only station that processes the
frame is the station that has its own MAC address in the destination portion of the
packet.

What are broadcast frames?
Broadcast frames are frames intended for everyone. Stations view broadcast frames
as public service announcements. All stations receive and process broadcast frames.
In large networks, broadcasts can bring the network to a crawl, because every
computer must process them.

What is the destination address of broadcast frames?
The destination address of broadcast frames (Layer 2 broadcast addresses) is FF-FFFF-
FF-FF-FF, or all 1s in binary.

What are multicast frames?
Multicast frames address a group of devices that have a common interest. These
frames allow the source to send only one copy of the frame on the network even
though it is intended for several stations. Only stations that have a card that is
configured to receive multicast frames process them. All other stations discard
multicast frames.

What devices can you use to segment a LAN at Layer 1, Layer 2, and Layer 3?
Three devices you can use to segment a LAN are:
Hubs/repeaters (Layer 1)
Bridges/switches (Layer 2) - physical addresses
Routers (Layer 3) - logical addresses

What happens when you segment the network with hubs/repeaters?
Because hubs and repeaters operate at the physical layer of the OSI model,
segmenting a network with these devices appears as an extension to the physical
cable. Hubs and repeaters are transparent to devices. They are unintelligent devices.
All devices that connect to a hub/repeater share the same bandwidth. Hubs/repeaters
create a single broadcast and collision domain.

What is the advantage of segmenting a network with bridges/switches?
Bridges/switches operate at Layer 2 of the OSI model and filter by MAC address. Each
port on a bridge/switch provides full-dedicated bandwidth and creates a single
collision domain. Because bridges/switches operate at Layer 2 of the OSI model, they
cannot filter broadcasts, and they create a single broadcast domain. For the CCNA
test, remember that switches create more collision domains and fewer collisions.

What is the difference between bridges and switches?
Bridges and switches function the same way; the only difference is in how they are
implemented. Bridges are implemented by software and usually have a couple of
network ports. Switches are implemented in hardware by ASIC chips and have many
ports.

What are the advantages and disadvantages of segmenting the LAN with routers?
An advantage of segmenting the LAN with routers is that each interface on a router
creates a single broadcast and collision domain. Routers operate at Layer 3 of the OSI
model and do not propagate broadcasts. Some disadvantages are that routers are not
transparent and are implemented in software, thus introducing latency in the network.

What is the Maximum Transmission Unit (MTU) for an Ethernet frame?
1500 bytes is the MTU for an Ethernet frame. You will notice that some publications
state that the MTU for Ethernet is 1518 bytes. This is correct also. But what is the
true answer? The MTU for Ethernet, including the header, source and destination
address, data, and CRC is 1518 bytes. The MTU for the data portion of the frame is
1500 bytes.

What three major functions do Layer 2 switches provide?
The three major functions that Layer 2 switches provide are
Address learning
Packet forwarding/filtering
Loop avoidance by spanning tree

What are some advantages of switches?
Some advantages of switches are as follows:
They increase available network bandwidth.
They reduce the number of users per segment.
They provide dedicated bandwidth to each segment.
Transparent bridging (switching) provides five bridging functions to determine what
to do when it receives a frame.

What are these five processes in transparent bridging?
The five processes are:
Learning
Flooding
Filtering
Forwarding
Aging

In transparent bridging, what is the learning process?
The first process a bridge goes through when it is powered on is the learning process.
The MAC address table on the bridge contains no entries, and the bridge goes through
the learning process to record all workstations on every interface. In the learning
process, the bridge records the source MAC address and source port number in the
MAC address table every time it sees a frame.

In transparent bridging, what is the flooding process?
When a bridge is first turned on, it has no MAC address in its table. When a switch
receives a unicast frame, it knows the source address and port from which the unicast
frame came, but no entry exists in its table for the destination address. This is called
an unknown unicast frame. When a switch receives an unknown unicast frame, it
sends the frame out all forwarding interfaces on the bridge except the interface that
received the frame. This process is the flooding process.

In transparent bridging, what is the filtering process?
The filtering process occurs when the source and destination addresses reside on the
same interface on the bridge. Because the bridge does not need to forward a frame in
which the destination and source addresses reside on the same interface, it filters the
frame and discards it.

In transparent bridging, what is the forwarding process?
The forwarding process occurs when a switch receives a unicast frame and has an
entry of the destination address in its MAC table. The switch then forwards the frame
to the interface where that destination address resides.

In transparent bridging, what occurs during the aging process?
Every time a bridge learns a source address, it time-stamps the entry. When the
bridge sees a frame from this source, it updates the time stamp. If the bridge does
not hear from the source for a specific amount of time (called the aging timer), the
bridge deletes the entry from its MAC address table. This process is the aging
process.

What is the default aging time in transparent bridges?
The default aging timer is 5 minutes.

What is the Spanning-Tree Protocol (STP)?
STP is a loop-prevention bridge-to-bridge protocol. Its main purpose is to dynamically
maintain a loop-free network. It does this by sending out Bridge Protocol Data Units
(BPDUs), discovering any loops in the topology, and blocking one or more redundant
links.

How does STP maintain a loop-free network?
STP maintains a loop-free network by
Electing a root bridge
Electing a root port on each nonroot bridge
Electing designated ports
Putting in the blocking state any port that is not a root port or designated port

In spanning tree, what is a Bridge ID (BID)?
A BID is an 8-byte field that is composed of the bridge's 6-byte MAC address and a 2-
byte bridge priority.

What is the default bridge priority in a Bridge ID for all Cisco switches?
32,768

In spanning tree, what is path cost?
Path cost is a calculation to determine the link's bandwidth. It is a value assigned to
each port that is based on the port's speed.

What is the spanning tree path cost for each of the following?
10 Mbps
100 Mbps
1 Gbps
The path costs are as follows:
10 Mbps - 100
100 Mbps - 19
1 Gbps - 4

When calculating a loop-free environment, what four-step decision sequence does
spanning tree use to determine what will be the root bridge and which ports will
forward or block?

The four-step decision sequence that spanning tree uses to determine the root bridge
and which port will forward is as follows:
Step 1. The lowest root BID
Step 2. The lowest path cost to the root bridge
Step 3. The lowest sender BID
Step 4. The lowest port ID

How do bridges pass spanning tree information between themselves?
Bridges pass STP information using special frame called Bridge Protocol Data Units
(BPDUs).

How often do bridges send BPDUs out active ports?
The default time that bridges send BPDUs out active ports is 2 seconds.
Note: All ports on a switch listen for BPDUs in case there is a topology change.

In STP, how is a root bridge elected?
In STP, the bridge with the lowest BID is elected the root bridge. All ports on the root
bridge are placed in the forwarding state and are called designated ports.
Note: The BID is a 6-byte field that is composed of a default priority (32,768) and a
MAC address. Because all Cisco switches use the default priority, the switch with the
lowest MAC address is elected the root bridge. As a rule of thumb, lower will always
win in spanning tree.

What is the difference between path cost and root path cost?
Path cost is the value assigned to each port. It is added to BPDUs received on that
port to calculate the root path cost. Root path cost is defined as the cumulative cost
to the root bridge. In a BPDU, this is the value transmitted in the cost field. In a
bridge, this value is calculated by adding the receiving port's path cost to the value
contained in the BPDU.

What are the four spanning tree port states?
The four spanning tree port states are
Blocking
Listening
Learning
Forwarding
Remember that root and designated ports forward traffic and that nondesignated
ports block traffic but still listen for BPDUs.
Important note: There is another port state - Disabled - (No frames forwarded, no
BPDUs heard). If it shows up in the answer options - select it along with the others.

What is the STP blocking state?
When a switch starts, all ports are in the blocking state. This is to prevent any loops
in the network. If there is a better path to the root bridge, the port remains in the
blocked state. Ports in the blocked state cannot send or receive traffic, but they can
receive BPDUs.

What is the STP listening state?
Ports transition from a blocked state to a listening state. In this state, no user data is
passed. The port only listens for BPDUs. After listening for 15 seconds (if the bridge
does not find a better path), the port moves to the next state, the learning state.

What is the STP learning state?
In the STP learning state, no user data is being passed. The port quietly builds its
bridging table. The default time in the learning state is 15 seconds.

What is the STP forwarding state?
After the default time in the learning state is up, the port moves to the forwarding
state. In the forwarding state, the port sends and receives data.

What is STP forward delay?
The forward delay is the time it takes for a port to move from the listening state to
the learning state or from the learning state to the forwarding state. The default time
is 30 seconds.

What is the hello time in STP timers?
The hello time is the time interval between the sending of BPDUs. The default time is
2 seconds.

What is the Max Age timer?
The Max Age timer is how long a bridge stores a BPDU before discarding it. The
default time is 20 seconds (ten missed hello intervals).

What is the default time a port takes to transition from the blocking state to the
forwarding state?

The default time a port takes to transition from the blocking state to the forwarding
state is 50 seconds: 20 seconds for Max Age, 15 seconds for listening, and 15 seconds
for learning.

What does STP do when it detects a topology change in the network due to a bridge or
link failure?

If spanning tree detects a change in the network due to a bridge or link failure, at
least one bridge interface changes from the blocking state to the forwarding state, or
vice versa.

Describe the central office (CO).
The CO is the telco switching facility that connects the customer to the provider's
switching network. The CO is sometimes referred to as a point of presence. It is the
point where the local loop gains access to the service provider's access lines.

What is the toll network?
All the telco switches, COs, and trunk lines inside the WAN provider's network are the
toll network.

What are synchronous links?
Synchronous links have identical frequencies and contain individual characters
encapsulated in control bits, called start/stop bits, that designate the beginning and
end of each character. Synchronous links try to use the same speed as the other end
of a serial link.

What are Asynchronous links?
Asynchronous links send digital signals without timing. Asynchronous links agree on
the same speed, but there is no check or adjustment of the rates if they are slightly
different. Only 1 byte per transfer is sent.

What is the Point-to-Point Protocol (PPP)?
PPP is an industry-standard protocol that provides router-to-router or router-to-host
connections over synchronous and asynchronous links. It can be used to connect to
other vendors' equipment. It works with several network-layer protocols, such as IP
and IPX. PPP provides authentication through PAP or CHAP.

Describe X.25/LAPB.
X.25/LAPB is an ITU-T standard that has a tremendous amount of overhead because
of its strict timeout and windowing techniques. LAPB is the connection-oriented
protocol used with X.25. It uses the ABM (Asynchronous Balance Mode) transfer mode.
X.25/LAPB was used in the 1980s when WAN links were not as error-free as they are
today. X.25 is a predecessor of Frame Relay. X.25 supports both switched and
permanent virtual circuits.

What is Frame Relay?
An industry standard, Frame Relay is a switched data link layer protocol that uses
virtual circuits to identify the traffic that belongs to certain routers. It provides
dynamic bandwidth allocation and congestion control.

What are the three layers of the Cisco Hierarchical Model?
The three layers of the Cisco Hierarchical Model are:
The access layer
The distribution layer
The core layer

What are collision domains?
In Ethernet segments, devices connect to the same physical medium. Because of this,
all devices receive all signals sent across the wire. If two devices send a packet at the
same time, a collision occurs. In the event of a collision, the two devices run a
backoff algorithm and resend the packet. The devices retransmit up to 15 times. The
first station to detect a collision issues a jam signal. When a jam signal is sent from a
workstation, it affects all of the machines on the segment, not just the two that
collided; when the jam signal is on the wire, no workstations can transmit data. The
more collisions that occur in a network, the slower it will be, because the devices will
have to resend the packet. A collision domain defines a group of devices connected to
the same physical medium.

What are broadcast domains?
A broadcast domain defines a group of devices that receive each others' broadcast
messages. As with collisions, the more broadcasts that occur on the network, the
slower your network will be. This is because every device that receives a broadcast
must process it to see if the broadcast is intended for it.

What devices are used to break up collision and broadcast domains?
Switches and bridges are used to break up collision domains. They create more
collision domains and fewer collisions. Routers are used to break up broadcast
domains. They create more broadcast domains and smaller broadcast areas.

What is the difference between a routing protocol and a routed protocol?
Routing protocols determine how to route traffic to the best location of a routed
protocol. Examples of routing protocols are RIP, EIGRP, OSFP, and BGP. Examples of
routed protocols are IP and IPX.

What 3 devices are used to segment a LAN?
Router
Switch
Bridge

What is the maximum cable length for each of the following?
The maximum cable lengths are as follows:
10Base2 (thinnet) 185 meters
10Base5 (thicknet) 500 meters
10BaseT 100 meters
10BaseFL 2000 meters (400 meters in a shared environment and 2000 meters in a
point-to-point environment)
100BaseT 100 meters

What does Base stand for in 10BaseT and 100BaseT?
Base in 10BaseT and 100BaseT stands for baseband. Baseband is a network technology
in which only one carrier frequency (signal) is used.

What is the difference between baseband and broadband?
Baseband is a network technology in which only one carrier frequency is used (such as
Ethernet). Broadband is a network technology in which several independent channels
are multiplexed into one cable (for example, a T1 line).

How are access lists processed?
Access lists are processed in sequential, logical order, evaluating packets from the top
down, one statement at a time. As soon as a match is made, the permit or deny
option is applied, and the packet is not applied to any more access list statements.
Because of this, the order of the statements within any access list is significant.

What is the difference between switched virtual circuits (SVCs) and permanent virtual
circuits (PVCs)?

SVCs are virtual circuits that are dynamically established when data needs to be
transferred and that are terminated when data transmission is complete. SVCs consist
of four states: call setup, data transfer, idle, and call termination. PVCs are
permanently established virtual circuits that operate in one of two states: idle or data
transfer. When the PVC is idle, the connection between the DTE devices is still active.

What is a Data Link Connection Identifier (DLCI)?
A DLCI is a number that identifies the logical circuit between the router and the Frame
Relay switch. It is the Frame Relay Layer 2 address. The Frame Relay switch maps
DLCIs between each pair of routers to create a PVC. For IP devices at the end of each
virtual circuit to communicate, their IP addresses need to be mapped to DLCIs. If you
are running Cisco IOS 11.2 or later, mapping is done automatically using Inverse ARP.
DLCIs have local significance. Think of DLCIs as the MAC address of the Frame Relay
network.

What is the committed information rate (CIR)?
The CIR is the committed information rate, by the service provider, in bits per
second, at which data will be transferred. The service provider sends any data in
excess of this rate if its network has capacity at that time.

How does Frame Relay use Inverse ARP?
Frame Relay uses Inverse ARP as a way to dynamically map a network layer address to
a DLCI. With Inverse ARP, the router can discover the network address of a device
associated with a VC.

What is the Local Management Interface (LMI)?
The LMI is a signaling standard between a CPE device (a router) and the Frame Relay
switch that is responsible for managing and maintaining status between the devices.
It is autosensed with Cisco IOS Release 11.2 and later.

In Frame Relay, what is Forward Explicit Congestion Notification (FECN)?
The FECN is the bit in the Frame Relay header that signals to anyone receiving the
frame (switches and DTEs) that congestion is occurring in the same direction as the
frame. Switches and DTEs can react by slowing the rate at which data is sent in that
direction.

What is Backward Explicit Congestion Notification (BECN)?
The BECN is the bit in the Frame Relay header that signals to switches and DTEs
receiving the frame that congestion is occurring in the direction opposite (backward)
that of the frame. If switches and DTE devices detect that the BECN bit in the Frame
Relay header is set to 1, they slow the rate at which data is sent in that direction.

How do you enable Frame Relay on a Cisco router?
To enable Frame Relay on a Cisco router, you must first enable the serial interface for
Frame Relay encapsulation with the encapsulation frame-relay interface command:
RouterB(config)#int s 0
RouterB(config-if)#ip address 192.168.1.1 255.255.255.0
RouterB(config-if)#encapsulation frame-relay

What are LSAs (link-state advertisements)?
LSAs are sent out all OSPF-enabled router interfaces describing the state of the
router's links. They are also packets that OSPF uses to advertise changes in the
condition of a link or other OSPF routers.

Name two LSA (link-state advertisement) types?
Type 1 LSAs are router LSAs and are generated by each router for the area to which
the router belongs. These LSAs describe the states of the router'links to the area
(area 0 for example) and are flooded within a single area (area 0 for example).
Type 2 LSAs are network LSAs and are generated by the DR (Designated Router) and
the BDR (Backup Designated Router). They describe the routers attached to a
particular network and are flooded within a single area (area 0 for example).

What is routing?
Routing is the process in which items are forwarded from one location to another.
Routing is a hop-by-hop paradigm.
A Cisco router performs routing and switching functions. Describe what each function
does.
Routing is a way to learn and maintain awareness of the network topology. Each router
maintains a routing table in which it looks up the destination Layer 3 address to get
the packet one step closer to its destination.
The switching function is the actual movement of temporary traffic through the
router, from an inbound interface to an outbound interface.

What are the three types of routes you can use in a Cisco router?
The three types of routes are static routes, dynamic routes, and default routes.

What is the difference between static and dynamic routes?
Static routes are routes that an administrator manually enters into a router. Dynamic
routes are routes that a router learns automatically through a routing protocol.

What is a default route?
Also known as the gateway of last resort, a default route is a special type of static
route with an all-zeros network and network mask. The default route is used to route
any packets to a network that a router does not directly know about to a next-hop
router. By default, if a router receives a packet to a destination network that is not in
its routing table, it drops the packet. When a default route is specified, the router
does not drop the packet. Instead, it forwards the packet to the IP address specified
in the default route.

What is a routing protocol?
A routing protocol defines the set of rules used by a router when it communicates with
neighboring routers. Routing protocols listens for packets from other participants in
order to learn and maintain a routing table.

What is administrative distance?
Administrative distance (AD) is an integer from 0 to 255 that rates the
trustworthiness of routing information received on a router from a neighboring router.
The AD is used as the tiebreaker when a router has multiple paths from different
routing protocols to the same destination. The path with the lower AD is the one given
priority.

What are the three classes of routing protocols?
1) Distance vector 2) Link-state 3) Balanced hybrid
What is the AD for each of the following?
Directly connected interface 0
Static route 1
EIGRP 90
IGRP 100
OSPF 110
RIP 120
External EIGRP 170
Unknown 255

What is split horizon?
The rule of split horizon is that it is never useful to send information about a route
back in the direction from which the original update came.

What is convergence?
Convergence is when all routers have consistent knowledge and correct routing tables.

What is route poisoning?
With route poisoning, when a distance vector routing protocol notices that a route is
no longer valid, the route is advertised with an infinite metric, signifying that the
route is bad. In RIP, a metric of 16 is used to signify infinity. Route poisoning is used
with holddowns.

What are hold-down timers?
Hold-down timers prevent regular update messages from reinstating a route that
might have gone bad. Hold-down timers also tell routers to hold for a period of time
any changes that might affect routes.

What are triggered updates?
When a router notices that a directly connected subnet has changed state, it
immediately sends another routing update out its other interfaces rather than waiting
for the routing update timer to expire. Triggered updates are also known as Flash
updates.

What is IP RIP?
IP RIP is a true distance vector routing protocol that sends its complete routing table
out all active interfaces every 30 seconds. IP RIP uses a hop count as its metric to
determine the best path to a remote network. The maximum allowable hop count is
15, meaning that 16 is unreachable. There are two versions of RIP. Version 1 is
classful, and version 2 is classless. IP RIP can load-balance over as many as six equalcost
paths.


How do you enable IGRP on a Cisco router?
The way you enable IGRP on a Cisco router is similar to the way you enable RIP, except
you specify IGRP as the protocol and add an autonomous system number. For example:
RouterA(config)#router igrp 10 (10 is the AS number)
RouterA(config-router)#network 192.168.0.0
RouterA(config-router)#network 192.168.1.0
RouterA(config-router)#network 192.168.2.0

What are three types of LAN traffic?
Unicasts - intended for one host.
Broadcasts - intended for everyone.
Multicasts - intended for a only a subset or group within an entire network.

What are unicast frames?
Unicast frames are the most common type of network traffic. A unicast frame is a
frame intended for only one host. The only station that processes this frame is one
station that has its own MAC address in the destination portion of packet.

What are broadcast frames?
Broadcast frames are frames intended for everyone. Stations view broadcast frames
as public service announcements. All stations receive and process broadcast frames.
In large networks, broadcasts can cause serious performance degradation in network
hosts - (broadcast storm).
The destination address of broadcast frames (Data Link / Layer 2 broadcast addresses
is FF-FF-FF-FF-FF-FF or alternatively all 1s in binary (11111111).

What are multicast frames?
Multicast frames address a group of devices that have a common interest. These
frames allow the source to send only one copy of the frame on the network even
though it is intended for several stations. Only stations that have a card that is
configured by software to receive multicast frames for a particular multicast group
can process a frame to that multicast address - all other stations discard multicast
frames

What three major functions do Data Link Layer / Layer 2 Switches perform?
Address learning
Packet forwarding/filtering
Loop avoidance by spanning tree

What is the Cisco Catalyst store-and-forward switching method?
In the store-and-forward switching method, the switch receives the entire frame
before it forwards it. The switch reads the cyclic redundancy check (CRC) to make
sure the frame is not bad. If the frame is good, the switch forwards it. Because the
switch stores the frame before forwarding it, latency is introduced in the switch.
Latency through the switch varies with the size of the frame.

What is the Cisco Catalyst cut-through switching method?
In cut-through switching mode, the switch only checks the frame's destination address
and immediately begins forwarding the frame out the appropriate port. Because the
switch checks the destination address in only the header and not the entire frame, the
switch forwards a collision frame or a frame that has a bad CRC.

What is the Cisco Catalyst fragment-free switching method?
Also known as modified cut-through, fragment-free switching checks the first 64 bytes
before forwarding the frame. Ethernet specifications state that collisions should be
detected during the first 64 bytes of the frame. By reading the first 64 bytes of the
frame, the switch can filter most collisions, although late collisions are still possible.

What is the default switching mode in Cisco Catalyst 1900 switches?
The default switching mode for the Catalyst 1900 is fragment-free.

What is half-duplex transmission mode?
Half-duplex transmission is the default mode that Ethernet functions in. In half-duplex
transmission, a device can only send or receive--not do both at once. In half-duplex
mode, stations are susceptible to collisions, and efficiency is rated at 50 to 60
percent.

What is full-duplex transmission mode?
In full-duplex mode, a station can send and receive at the same time. In full-duplex
mode, collision detection is disabled. This mode offers 100 percent efficiency in both
directions.

What are permanent MAC addresses on a Catalyst switch?
Permanent MAC addresses are entered manually by the administrator and are not aged
out.

No comments :