|
|
本帖最后由 Lapot16 于 2019-11-15 08:28 编辑 $ T" Z: A9 l" ?: y F
5 X4 O. }) ~" X6 f
1 ***((( GRE tunnel missing configuration betwen R1 and R20 g# ]8 S; |8 q! q2 _0 O* B
R: below (the ip’s are others)
* p$ {3 e; I2 v- Y& ?* L; V5 `7 a3 C
R1
/ {/ |9 h2 S; ~( p5 Usource 10.1.1.18 |/ B+ S& z) o* T) @1 r" _
destination 10.1.2.1) ?6 J$ G5 ]( P* J: R Y
5 g) u8 k. t( M# |. kR2: K. m; X& ?5 e8 v$ w& p# N
source 10.1.2.16 |& C7 E& [. K2 i+ v% [6 A' \# S
destination 10.1.1.1
$ I. c5 c8 Q$ m; ]3 T, \! \& Q4 p2 \- U/ I" {2 w) W
2 ***((( ip telephone tshoot steps
. v' k; Q+ w) n8 c) m/ I1-poe% u+ C' j5 \6 @5 u/ A
2-vlan config4 ~: z; N+ X% S: V* t( u
3-dhcp config
7 k2 z3 D* Z4 a3 n1 P# n$ ]4-tftp server config
' S4 \. {4 @: @
+ q+ B2 O6 Y( H6 `>>>>>>>>> MCQ4 H5 O6 s: n- s9 g6 {
' K0 c0 y# ?. L- [1 i
1 ((( – G1/2 is the root port for SW4, please choose the command so G1/1 can be the new root port:, ?# |" ?* O; V. l" y/ ?2 h
R: spanning-tree cost 5 on interface gi1/2 (the cost from interface Gi1/2 is 1 on exam)
- V/ `+ H8 ?$ ?5 d: ~– spanning-tree cost 1 on interfca g1/1
6 e# ~( f+ [3 n- P– spannung-tree port prioity 0 on g1/1- i) v( A7 \) V' H
– spanning-tree port priotiry 0 on g1/2
& t/ J5 B6 l. O& i ~, }7 N% r2 |5 {- j- ^
2 ((( configuration to add an IPv6 ACL to an interface:0 C) n0 K( i% ~* O( x
R: ipv6 traffic-filter (in/out)) G+ @6 o1 L) |
-ipv6 access-class (in/out)
. }& E6 J) n8 s7 I: E-ip access-class (in/out)/ }) B# u( t8 @3 L+ ^
-ip accesss-group (in/out)6 T* x9 g) {# U# {, f- S4 s5 i( [# y
( n9 D9 A! E) ^3 l9 c7 A ]" ~
3 ((( Same output from deny tcp x:x::/64 host y:y::2 eq 22, but in this case they are asking for: which line needs to be placed at the top of the ACL in order to allow the traffic from R3 to R2.3 @$ a8 G: e7 t; a3 n7 P
## same as old but answer is both host from source and destination / -> permit tcp host z:z::/64 host y:y::2 eq 22
0 K' z2 o. O0 b5 pR: 606 S# A; M+ l7 z( i9 }/ p* l
– 20
* d( I8 m, Z$ H4 `; c– 30
+ j; {% W- F1 }: _! G– 40
4 d/ f, }7 t8 ~$ l8 l5 g& e– 50* t1 M8 D0 k+ j0 c# l$ p n. w4 G* A
3 x5 C% ~ |/ l; E8 v$ A0 \
4 ((( Commands to chose uRPF drops, r: i9 [8 _$ Q
R: sh ip interface
0 E$ ^0 _) ]1 Z9 R% A# O5 HR: sh ip traffic
4 \9 E3 w; [, v( r– sh interface
; |) I3 @8 ~9 \" P% E# K- P– sh ip ip cef
7 o8 V9 N5 z9 Z3 y% ]: j/ U% a– sh cef traffic) P0 `/ w9 ~+ X/ V/ A" i
# O0 p; K( l; u. M, }7 ]
5 ((( Console session is being closed by a network device, how can this be solved:; ^+ J* P1 F2 |; q: M
R: Apply exec-timeout 0 0 in line console 0
+ b. P! r7 ?6 Z! P" @– Modify exec-timeout in line vty 0 15' C. K7 \. c- J8 N. Q
– Change banner motd
# {6 U4 ]! L4 B0 A4 x0 F
8 @' N+ N% |0 a' y' V/ F6 ((( An output from debug ospf where you see the steps and some INIT process, the question is which one is the next and has been deleted from the output:9 w3 o4 n8 {' L! j& U+ T
R: EXSTART: J, E/ B# o$ a3 P2 _# N2 F
– EXCHANGE0 T! U' P! ~% M6 r
– LOADING" y, \# T! |* W. m) R# r
– FULL
% O9 L! H( ?- L! }+ |& R' C5 X4 B/ h ^" B8 j/ q5 C
7 ((( when is uRPF desired to be applied using loose-mode, please check how this works to answer your questions
7 N' t9 t& I5 _' o; kR: When Asynchronous route paths (for multihome connections important) – Something this7 p9 p( Z8 c' |
4 ~" ?3 e0 I6 ]+ n: K->loose-mode: reply traffic on all interfaces are accepted instead only of the exact outgoing ()
/ r, W* @! [5 T" U$ o& j) a0 M
; l& Z' G3 X" b% {, Y& T T* OThe Unicast Reverse Path Forwarding Loose Mode
1 F# s2 Y: u" \7 `+ H! i+ ?1 mProviding a scalable anti-spoofing mechanism suitable for use in multihome network scenarios.
# l0 ?* r( v% R$ z# M% g8 E3 ZThis mechanism is especially relevant for Internet Service Providers (ISPs), specifically on routers that have multiple links to multiple ISPs.
Q& o' g G" l' i3 oIn addition, Unicast RPF (strict or loose mode), when used in conjunction with a Border Gateway Protocol (BGP) “trigger,” provides an excellent quick reaction mechanism that allows network traffic to be dropped on the basis of either the source or destination IP address, giving network administrators an efficient tool for mitigating denial of service (DoS) and distributed denial of service (DDoS) attacks.
& j2 u1 Q6 o. n
/ Q; Y& b! v( [8 ((( Question about DTP. Why DTP is failed. Drawing with 2 different vtp domains connection with port fa->gi- @: k% n" j& K/ {( [
R: VTP Domains mismatch
8 }& J. ^" u6 `9 a! }6 @
' O9 ?' r0 B/ V2 m9 Gre tunnel question,
- h, K1 p0 m4 i0 uR: select the change the source ip which is wrong on R2
$ ^; C; R4 \" h, c9 G0 R% R
; c& r2 e. `1 ~) X3 ?____
) T# d1 Q: Q! A% a7 p; k6 P3 i
- W. h: q9 ~+ QThe SIM and Ticket are the same
' L% N0 e4 X, nMay be wrong answer- be carefully
, a5 b6 F) K- cGood luck |
评分
-
查看全部评分
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
发表于 2019-11-15 08:23:27
置顶卡
喧嚣卡
变色卡
千斤顶
