|
本帖最后由 Lapot16 于 2019-11-15 08:28 编辑 ) e4 o( p8 w" _* \- z% ~" A1 X
6 J. i7 G0 ?# O# O2 A
1 ***((( GRE tunnel missing configuration betwen R1 and R2
( `: ~3 R3 N! DR: below (the ip’s are others)
! T0 y* O0 F+ a$ k) ?7 J$ P$ ]! y2 s) b- I, z8 \
R1
$ O9 Z- ?" n' n# ^% e psource 10.1.1.1
: ^- Y/ ^! j, ]/ Z# e, zdestination 10.1.2.1
: M2 J! X6 I R( M( A# z9 L
. w. }4 z% b) x" F1 `9 N7 |R2* M& w2 c0 U3 V6 A
source 10.1.2.1) ]/ N* @4 e! @+ a/ I4 n1 _
destination 10.1.1.17 P0 O G9 P" `* @$ q8 w: d
, U8 l8 j: {# W" `: d- y2 ***((( ip telephone tshoot steps0 H5 j/ h* r& y( o
1-poe: E" L, ~8 m# Q& N
2-vlan config, D( v) I; V O2 c
3-dhcp config* d( i7 {0 `4 @) _0 b
4-tftp server config
0 X% n4 }7 r0 q2 T/ V) m3 i0 w# D# \# O# F: z% @
>>>>>>>>> MCQ
. U# I# I, e0 f
- g7 ~& s& w6 K0 y) q# c, A1 ((( – G1/2 is the root port for SW4, please choose the command so G1/1 can be the new root port:6 Z" V/ ?2 R/ l
R: spanning-tree cost 5 on interface gi1/2 (the cost from interface Gi1/2 is 1 on exam)0 ]* H% Y9 b9 k6 u: }$ P4 A
– spanning-tree cost 1 on interfca g1/1$ v5 Z- e" d1 o5 \+ h" H5 T+ U
– spannung-tree port prioity 0 on g1/1' _+ [) |4 _$ w3 e0 y
– spanning-tree port priotiry 0 on g1/2
2 X9 d" {2 o( D& W6 x) n: `; \9 v9 f3 ~* ^3 `% ^ N) p. ^, N# }; Q, F
2 ((( configuration to add an IPv6 ACL to an interface:
+ ?/ l" l1 Y3 `: \) }" FR: ipv6 traffic-filter (in/out)4 @& D3 T8 |$ Z1 h% b0 Z
-ipv6 access-class (in/out)# @" k+ N4 f3 S U# ?* Q, K1 P/ e
-ip access-class (in/out)3 h6 D% Z2 \# G
-ip accesss-group (in/out): K/ ~' y- p# q' X; z& S! U5 h: |
% b7 w5 t) i5 ]) \; R3 ((( Same output from deny tcp x:x::/64 host y:y::2 eq 22, but in this case they are asking for: which line needs to be placed at the top of the ACL in order to allow the traffic from R3 to R2.
* K7 T3 O! ~8 K## same as old but answer is both host from source and destination / -> permit tcp host z:z::/64 host y:y::2 eq 22
. H- }: U C+ o7 `; ]/ dR: 60% ]$ Y* T: I8 S) F' G
– 20
0 A/ ]9 A0 C5 \– 30
, }' M+ l% e; D+ i+ k– 40$ ]* _3 _4 w1 l v8 s& ~8 v8 q) k
– 50
2 `& @3 Z. y# m8 n2 Z8 Q
5 X4 s, P9 D* N6 ]: F4 ((( Commands to chose uRPF drops7 S8 L( C, K7 y7 m. Y! |3 B g P
R: sh ip interface0 S* u. I) W, v+ Y- H
R: sh ip traffic- b8 G/ p8 s, f" o
– sh interface [" z$ v. |* p/ d! ?9 Q: N2 L
– sh ip ip cef
$ V+ {4 F; I* Q6 o+ K– sh cef traffic! N9 R5 F% y7 A% ~8 p9 {" E' X( }
V# R& V4 [/ _+ x0 m3 s1 g; \" F
5 ((( Console session is being closed by a network device, how can this be solved:
$ F% V/ `2 p, U" u& a J8 |8 R" \R: Apply exec-timeout 0 0 in line console 0
4 Y$ w2 k4 F" A8 T3 p6 N– Modify exec-timeout in line vty 0 15
% l0 v# S! N: W4 r ?! H– Change banner motd/ L; @9 H! L0 c
7 ^. D. m1 g% R B% {, f" G# V6 ((( An output from debug ospf where you see the steps and some INIT process, the question is which one is the next and has been deleted from the output:; X, h0 Z/ R" m2 K& o4 s
R: EXSTART
- q: D" X" w2 U, c: }– EXCHANGE
. `9 P0 D- q3 z– LOADING$ P/ T) W7 V6 I& w1 t
– FULL- q; a* T' P0 T4 e
# i' M( p+ @1 f
7 ((( when is uRPF desired to be applied using loose-mode, please check how this works to answer your questions
8 c! @( e5 X4 MR: When Asynchronous route paths (for multihome connections important) – Something this; n& j ]/ H6 B y4 |
2 {% C) y) X" j1 A->loose-mode: reply traffic on all interfaces are accepted instead only of the exact outgoing ()6 @7 S( j/ \) p# [. {% x0 {
3 x: E! W2 m' N$ h$ V R; s
The Unicast Reverse Path Forwarding Loose Mode" t1 }, F3 h) O$ W2 E- \
Providing a scalable anti-spoofing mechanism suitable for use in multihome network scenarios.* _1 ?* u% a8 J- j/ }7 U
This mechanism is especially relevant for Internet Service Providers (ISPs), specifically on routers that have multiple links to multiple ISPs.
2 t8 _- K% M& D; P6 b1 l R# aIn addition, Unicast RPF (strict or loose mode), when used in conjunction with a Border Gateway Protocol (BGP) “trigger,” provides an excellent quick reaction mechanism that allows network traffic to be dropped on the basis of either the source or destination IP address, giving network administrators an efficient tool for mitigating denial of service (DoS) and distributed denial of service (DDoS) attacks. N3 J2 V4 ]( W2 n( `
k" l* B- k( t# _8 ((( Question about DTP. Why DTP is failed. Drawing with 2 different vtp domains connection with port fa->gi
f/ B. }5 Q& [, yR: VTP Domains mismatch9 X0 e- h/ T3 q7 Z5 T
$ ]9 W: B2 w" {# H: @, i9 Gre tunnel question,; O& l# t) g; j
R: select the change the source ip which is wrong on R24 x2 W( S' H; k- I1 {
2 r. f" [, i' O0 M9 L- n, f____% K/ a! Y- ~$ Y1 Z
8 l; ^4 d0 S4 `( C$ Q% b# J0 }
The SIM and Ticket are the same, g! e% C. [9 H2 u
May be wrong answer- be carefully
* W' P+ @& z: W# j% YGood luck |
评分
-
查看全部评分
|