Sunday, March 28, 2010

Switching Interview Questions For CCNA and CCNP Engineers


After IGP, BGP and MPLS interview question, Now I am adding switching basic questions. Please read the below questions:-

1. Difference between hub, bridge and switch?
2. What is mac address and why it is required?
3. In layer 2 domain do we need ip address for communication?
4. What is arp and why it is required?
5. What is Spanning Tree Protocol aka STP?
6. What is the difference between STP, MSTP, PVST and RSTP?
7. Can we use the two same paths for same vlan?
8. What is the difference between broadcast and collision domain?
9. Define type of lan traffic.
10. What is destination address of broadcast frame?
11. Can we connect a switch to switch with straight cable?
12. Define functions of switch.
13. What is arp timeout?
14. What is aging process?
15. What is BPDU?
16. What is path cost?
17. Define selection criteria of STP root bridge.
18. How to non bridge decide which port will elect as root port?
19. If a nonroot bridge has two redundant ports with the same root path cost, how does the bridge choose which port will be the root port?
20. Port states of spanning tree protocol.
21. If the users face delay during initial login, what you will suggest to implement?
22. Why spanning tree BPDU filter is used?
23. Can I use BPDU filter on trunk ports?
24. What is port security?
25. I want to learn only a single mac from the port, what need to be configured?
26. Can we use spanning port-fast on trunk ports?
27. If management ip address is changed, will user’s traffic will be dropped?
28. Difference between trunk and access port?
29. What is UDLD and why it is required?
30. What is interface vlan on switch?
31. How to perform inter vlan routing without layer 3 device?
32. How to stop superior bpdu participating in switching domain?
33. How Vlan In Local Switching Domain is selected?
34. How to provide redundancy to MPLSVPN customer?


Click Here To Read Rest Of The Post...

Thursday, March 25, 2010

MPLS Interview Questions for CCNA and CCNP Engineers


After IGP and BGP questions, I prepared basic list of MPLS interview questions which could help you to clear your next level. In the up coming post, I will be covering switching. Below is the list of questions:-

1. What is the difference between VPN and MPLS?
2. What is MPLS and why it is being so popular in short time?
3. What is the protocol used by MPLS?
4. MPLS works on which layer?
5. What is the difference between P and PE router?
6. Can I make my PE router as P?
7. Two routers are having 4 equal cost links, how many ldp sessions will be established?
8. My LDP router id, OSPF router id and BGP router id is different, will it work to forward the traffic of customers or not?
9. What is Penultimate Hop Popping and why it is required? Which router performs the PHP function?
10. I am receiving aggregate label, what does it mean?
11. What are the different types of labels?
12. How to make customer route unique?
13. What is the difference between RD and RT?
14. Can I assign a same RD to two different customers?
15. Is RD travels in route update?
16. My customer is having three branches and all are attached to three different PEs, In this case can I use the different vrf names?
17. What is downstream on demand?
18. How to filter MPLS labels?
19. What is the default range of MPLS labels in Cisco routers? How to extend that range?
20. Without route reflector can I implement MPLS?
21. What is the difference between VPNv4 and IPv4 address family?
22. What is MP-iBGP? Can we use normal BGP in lieu of MP-iBGP?
23. What is LIB, LFIB?
24. What is CEF and without enabling CEF, can we make MPLS work?
25. I am receiving end to end customer routes on various PE but not able to ping those routes, what’s could be the problem?
26. What is explicit null and implicit null?
27. Default timers of LDP?
28. Does LDP require OSPF, IS-IS or BGP?
29. In neighbor discovery command, I am receiving only xmit, what does it mean?
30. What is transport address?
31. What is the RFC of MPLS?
32. Why MPLS is called multi protocol?
33. What is the difference between MPLS, SSL and IPSec?
34. I am using different vendor products and want to implement TDP, what type of challenges will you face?
35. Does MPLS support IPv6?
36. Can I use the existing IPv4 MPLS backbone for IPv6?
37. Define various troubleshooting commands in MPLS?
38. What is forward equivalence class aka FEC?
39. What is adjacency table?
40. Difference between MPLS IP and MPLS Label Protocol LDP command?
41. If MPLS get disable, will it harm my IGP or IPv4 traffic?
Click here for answers
42. What is MPLS-TP?
43. What is downstream and upstream router in MPLS? 44. Difference between MPLS and MPLS-TP?
45. How Does LDP Initializes?
46. What is Cell Mode MPLS Over ATM?
47. Difference Between VC Based Multiplexing And Logical Link Control Encapsulation in ATM?
48. Basics of ATM?
49. ATM is packet or circuit switching?
50. Is LDP Required for VPNv4 Labels?
51. What will happen if you see your PE loopback in vpnv4 table?
52. What is Bidirectional Forwarding Detection?
53. Different types of PseudoWire?
54. Modes of EoMPLS (Ethernet over MPLS)
55. What is L2VPN Over Metro Ethernet?
56. What is E-VPN(Ethernet VPN)?
57. what is FEC in traditional IP routing and MPLS?
58. How does CEF understand overlapping of ip addresses ?
59. What is the difference between Optimum, Fast and CEF Switching?
60. Advantages of MPLS.
61. Define CEF FIB table entries.


Click Here To Read Rest Of The Post...

Upgrade IOS:TCP Packet Denial of Service Vulnerability


Cisco has raised a alarm about denial of services vulnerability that may allow remote unauthenticated attacker to cause an affected device to reload. Only IOS XR and IOS XE are not affected. According to Cisco no other products are currently known to be affected. So a best is to save your downtime by fixing the issues with the help of patches. Being its friendly nature make CISCO more popular. See the list given below:-

Vulnerable devices are running an affected version of Cisco IOS Software, and are configured for any of the following:
1. A specific TCP window size
2. TCP path MTU discovery (PMTUD)
3. Stateful Network Address Translation (SNAT) with TCP as the transport protocol
For detailed information refer this link.



Click Here To Read Rest Of The Post...

Wednesday, March 24, 2010

BGP Interview Questions For CCNA and CCNP Engineers


After IGP interview questions, I am posting BGP interview questions for CCNA and CCNP engineers. These questions are very basic and easy but during interview time no one knows how these will be asked by interviewer. So a good practice is to read it as much as we can so that we could provide the best answer to interviewer. Next post will cover about the basic questions of ip access-lists and prefix list. Read the questions below and in case any problem feel free to contact me.

1. BGP is IGP or EGP?
2. BGP is link state or distance vector protocol?
3. BGP uses which port?
4. When to use BGP?
5. Can I use BGP instead of any IGP?
6. Can I run two BGP process on single router?
7. What is Autonomous System?
8. Types of BGP routing table?
9. What is the BGP path selection criteria?
10. Define various BGP path attributes.
11. Why weight doesn’t fall under path attribute category?
12. What is confederation?
13. What is route reflector and why it is required?
14. What is no-synchronization rule?
15. Default BGP timers.
16. When does BGP use 0.0.0.0 router id?
17. Does route reflector come in actual path during traffic forwarding?
18. What is Site of origin aka SOO?
19. What is the cost of external and internal BGP routes?
20. Can we use local preference outside the autonomous system?
21. Does it require that BGP router-id should reachable in cloud?
22. What is recursive lookup in BGP and how it works?
23. What is the meaning of update source loopback?
24. If a static route is advertised in BGP without using update source what will be the next hop address in update?
25. Define various types of communities and why they are used?
26. If BGP neighbor state is showing idle what does it mean?
27. In Multihoming scenario if primary link gets fail, after how long traffic will be shifted to secondary link.
28. I am having two routes for remote destination but only single route is installing in routing table, what’s the reason for this?
29. How many links can be assigned for load balancing or sharing?
30. In eBGP I am establishing my neighbourship with loopback address but it’s not coming up. Please specify different reasons for not coming up.
31. Can we redistribute BGP in IGP? Please explain your answers.
32. What is cluster id?
33. I am receiving updates from eBGP peer, will the next hop change or not?
34. I am receiving updates from iBGP peer, will the next hop change or not?
35. A router is receiving same route from two different eBGP peers. The AS information contains in peer 1 is {65500, 65550, 65555} and in peer 2 is {65501, 65501}. But I want to make peer 1 preferred.
36. What is the difference between next-hop-self and update source loopback?
37. Define loop prevention mechanism in BGP.
38. What will happen if route reflector is not getting proper updates?
39. What will happen if route reflectors does not synchronize?
40. What is the advantage of using BGP AS Prepend?
41. Can we use BGP as backdoor link for customers instead of OSPF? If yes, please let us know what could the issues BGP create?
42. What is BGP PIC?
43. Use BGP as Link Protection in case of Dual PoP?
44. How to achieve Inter-AS Communication-MP-eBGP?
45. What can happen if Route Reflector(RR) is not getting proper route updates?
46. What is route reflector synchronization?
47. How to use BGP as PE-CE backdoor link?
48. What is Hierarchical FIB - BGP-PIC?
49. BGP Graceful Restart, NSR and NSF
50. BGP Redistribution Vs MPLS, which one you will select?
51. Best practices to define BGP Communities as per RFC 1998.
52. What is BGP RFC 3107 or What is BGP Label Update in IPv4?

Click Here To Read Rest Of The Post...

Tuesday, March 23, 2010

IGP Interview Questions For CCNA and CCNP Engineers


Market is on boom and almost every company has opened its door for new positions and everyone is looking for change to grab new positions with new challenges. So make sure that you have prepared the answers for the below questions before your interview. The questions are generic and will make very good impression on interviewer if you answer them in organised and structured manner. The depicted IGP interview questions are for CCNA and CCNP engineers.

1. Difference between RIPv1 and RIPv2?
2. How many number of routes carried by RIP packet?
3. Is OSPF link state or distance vector or path vector protocol?
4. What is the difference between OSPF and IS-IS and which one is preferred?
5. Can we use BGP instead of any IGP?
6. How many network types available in OSPF?
7. Different type of Link State Advertisements aka LSA?
8. LSA 3 and LSA 4 are generated by which router?
9. When to use Stub and Not So Stubby Area?
10. How to get the external routes without making area Not So Stubby?
11. What is the different type of route summarization available in OSPF?
12. What is the requirement of doing summarization?
13. A major network is advertised as summary in one area and few of the routes from that network is configured in another area. What will happen in that case?
14. If any of the OSPF area is not stabilized, does it impact another area?
15. What is the use of forwarding address in LSA 5 and LSA 7?
16. External routes are available in OSPF database but not installing in routing table?
17. If loopback is not configured, what will be the router-id selected by OSPF process?
18. Can we run multiple OSPF process in single router and what is the advantage of using it?
19. What are timers of OSPF?
20. Multicast address of used by OSPF.
21. OSPF works on which layer?
22. What is backbone area in OSPF?
23. Can we use OSPF without backbone area?
24. Is it required that OSPF router-id must reachable in IGP cloud?
25. After configuring new router-id, automatically it will be used or do we need to use some type of command to get it operational.
26. Why the secondary ip address of interface is not advertising in IGP cloud?
27. OSPF neighbourship is not coming up. Please tell the various steps to troubleshoot it.
28. One side MTU is 1500 and another side MTU is 1600. Does it affect neighbourship?
29. Provide process of DR and BDR election.
30. If DR is down and no BDR is configured what will happen?
31. What is the difference between a neighbor and adjacent neighbor?
32. My OSPF neighbourship is showing 2-way, what does it mean?
33. Define different type of OSPF neighbor states?
34. OSPF external routes are not redistributing?
35. What is Layer 3 routing loop?
36. OSPF LSA and Packet Format
37. How does OSPF Sham Link in different area work?
38. What is Link State Advertisement (LSA) - 1?
39. What is Link State Advertisement (LSA) - 2?
40. What is Link State Advertisement (LSA) - 3?
41. What is Link State Advertisement (LSA) - 4?
42. How to design OSPF Network or OSPF Design Consideration?
43. What to ask from customer if he demands OSPF as PE - CE Routing Protocol?
44. What is C and R in OSPF debug?
45. How does CPE Area 0 & PE Super backbone Communicate?
46. Why OSPF VPNv4 Routes Look As External Routes Instead Of Inter Area Routes?
47. How does ISP hack by using OSPF as PE-CE routing protocol?
48. OSPF High Availability with SSO,NSF and NSR
49. How does OSPF behave with SSO,NSF and NSR? 50. How does CISCO EIGRP DUAL Algorithm works for selecting successor?
51. Define various tools which participates in OSPF fast convergence
52. How does event propagation tool help OSPF to converge fast?
53. How does OSPF Fast Convergence Tools - Event Processing helps to reduce convergence time?
54. OSPF Fast Convergence Tools - Updating RIB 55. What is Discard Route or Null0 Route?
56. How does static routing behaves?
57. What are the fundamentals of route redistribution?
58. Which routing protocol is best between OSPF and EIGRP?

Click Here To Read Rest Of The Post...

Monday, March 22, 2010

Troubleshooting Command Difference Between VPNv4 and VPNv6



Few last posts (IPv6 Internet In VRF Over MPLS Cloud, IPv6 Addresing Architecture, IPv6 From MPLS But Not In VRF) are almost describing about IPv6 deployment. But currently most of the service providers are providing vpnv4 and every network operation engineer is well known to the troubleshooting and provisioning process. In this post, I am depicting about the basic command line difference between the configuration and troubleshooting of VPNv4 and VPNv6. Except vrf configuration rest all commands are same, only we need to use IPv6 instead if IPv4.



IPv4 aVpnv4 Commands
Ipv6 and VPNv6 Commands
Global Commands
Ip routing
Ipv6 unicat-routing
Ip cef
Ipv6 cef
Interface Specific Commands
Ip address

Ipv6 address

Ip vrf forwarding MPLSVPN
Vrf forwarding MPLSVPN
VRF Specific Commands
Ip vrf MPLSVPN
Rd 1:1
Route-target both 1:1
vrf definition ABC
 rd 1:1
 route-target export 1:1
 route-target import 1:1
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
router bgp 1
 address-family vpnv4
 exit-address-family
!
 address-family ipv4
 exit-address-family
!
address-family ipv4 vrf MPLSVPN
 exit-address-family
router bgp 1
 address-family vpnv6
 exit-address-family
!
 address-family ipv6
 exit-address-family
!
address-family ipv6 vrf MPLSVPN
 exit-address-family

Static Vrf Route
Ip route vrf MPLSVPN
ipv6 route vrf MPLSVPN /
Show vrf commands
Show ip vrf interface
Show vrf ipv6 interface
Show ip interface brief
Show ipv6 interface brief
Troubleshooting Command
Show ip bgp vpnv4 all summary
Show bgp vpnv4 all summary
Show ip bgp vpnv6 unicast all summary
Show bgp vpnv6 unicast all summary
Show bgp vpnv4 all
Show bgp vpnv6 unicast all
Show ip bgp vpnv4 vrf MPLSVPN
Show bgp vpnv6 unicast vrf MPLSVPN  
Show mpls forwarding-table vrf MPLSVPN detail
Show mpls forwarding-table vrf MPLSVPN detail
Show ip cef vrf MPLSVPN
Show ipv6 cef vrf MPLSVPN
Ping vrf MPLSVPN
Ping vrf MPLSVPN ipv6
Traceroute vrf MPLSVPN
Traceroute vrf MPLSVPN ipv6



Click Here To Read Rest Of The Post...

Friday, March 19, 2010

IPv6 Internet in VRF Over IPv4 MPLS Cloud


In my recent post of IPv6 over MPLS, I have shown the high level design of serving IPv6 internet from existing MPLS cloud. The crucial advantage of using this type of design is to bypass IGP for IPv6. Definitely this design is having its own limitations and challenges but we are parallelly working on those problems also. Before moving ahead make sure you have better understanding of Penultimate Hop Popping (PHP) and basic concept of accessing internet in vrf.
I have added a document with full configuration and results of serving IPv6 internet in VRF Over IPv4 MPLS cloud.

Click Here To Read Rest Of The Post...

Wednesday, March 17, 2010

OSPF External Routes Not Redistributing


I have seen many cases where external routes are not redistributing in OSPF or not getting install in the routing table. This happens when the next hop address is not reachable in the IGP. But the next question comes in mind that next hop address only plays role in BGP not in IGP. In IGP the next hop address of redistributed route is always ASBR address. We might be wrong this time; the immediate step is to check the “show ip ospf database external ”.

Output of show ip ospf database external 10.134.31.90
show ip ospf database external
OSPF Router with ID (10.10.10.1) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 298
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 10.134.31.90 (External Network Number )
Advertising Router: 10.10.10.2
LS Seq Number: 80003B51
Checksum: 0xF86
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 10.10.2.7

See the above output and value of forward address which 10.10.2.7. (See previous post which states the reason for non zero forward address). In normal condition this values must be 0.0.0.0 but we are receiving 10.10.2.7.

According to RFC 2328 section 16.4 which clearly states that “If the forwarding address is non-zero, look up the forwarding address in the routing table. The matching routing table entry must specify an intra-area or inter-area path; if no such path exists, do nothing with the LSA and consider the next in the list”.

This means if either the forward address is not reachable in the IGP or it is coming via external route also. This is the reason for not installing the static route in IGP.


Click Here To Read Rest Of The Post...

Tuesday, March 16, 2010

Non Zero Forwarding Address In LSA 5


Forwarding Address is used in OSPF to avoid extra hop count when traffic is routed to an external ASBR. The value of forwarding address in LSA 5 can either be zero or non zero. The forwarding address sets to 0.0.0.0 when the ASBR redistributes the external routes and OSPF is not enabled on next hop interface. The forwarding address sets to non zero when any of the following condition occurs:-
1.OSPF is enabled on the ASBR’s next hop interface.
2.ASBRs next hop interface is not point to point and point to multipoint.
3.ASBRs next hop interface falls under the network range specified in the router OSPF.

Click Here To Read Rest Of The Post...

Monday, March 8, 2010

Winners of 2010 Oscars


Main 2010 Oscar Winners:
Best Picture - The Hurt Locker
Best Director - Kathryn Bigelow - The Hurt Locker
Best Actor - Jeff Bridges - Crazy Heart
Best Actress - Sandra Bullock - The Blind Side
Best Supporting Actress - Mo'Nique - Precious...
Best Supporting Actor - Christoph Waltz - Inglourious Basterds
Best Original Screenplay - Mark Boal - The Hurt Locker
Best Animation - Up

Click Here To Read Rest Of The Post...

Technorati Claim Token


Technorati has started with new claim process of blog. Blogger has to advertise the claim token by adding a post in the blog.
Finally I got my Technorati claim token 26DC33AXBVX7

Click Here To Read Rest Of The Post...

Sunday, March 7, 2010

IPv6 Internet In VRF Over MPLS



In the previous post, I have used 6PE concept to access the IPv6 Internet over IPv4 MPLS VPN cloud through global routing table. But this post is little bit different from the previous one. In this post, I will be using IPv6 Internet VRF to serve the IPv6 internet over IPv4 MPLS cloud. The main advantage of using this model is that the entire IPv6 internet route will be a part of vrf but in IPv6 from MPLS post entire ipv6 traffic was a part of global route table. Provisioning of serving IPv6 internet will remain same as it happens in IPv4. For IPv4 internet provisioning in vrf please refer to post Provisioning Internet with Internet VRF. The only difference is that in IPv6 we need to use the address family VPNv6 and IPv6. Given depicted images shows the graphical flow of serving IPv6 internet in VRF over IPv4 MPLS cloud.

Figure 1 is depicted about the default route announcement in IPv6 Internet VRF and the same route is being forwarded by label 100 to the remote PE.

Figure 1



Figure 2 is depicting about the CPE IPv6 prefixes in IPv6 Internet VRF with label 200.
Figure 2



Figure 3 is depicting about the forwarding traffic in IPv6 Internet VRF from CPE to PE.
Figure 3


Figure 4 is depicting about the reverse traffic from IPv6 Internet cloud to IPv6 Internet VRF.


Figure 4
26DC33AXBVX7


Click Here To Read Rest Of The Post...

Thursday, March 4, 2010

IPv6 Addressing Architecture For Service Providers



ARIN has given IPv6 addressing plan for service providers. The points of IPv6 allocation is given below:-

1. Separate address block for infrastructure from other uses (enterprise, loopbacks),it may be two /48s per PoP.
2. Each individual site should receive a /48 assignment which 65536 subnets (2^16).
3. Any prefixes shorter than /48 will only be assigned when there is written justification to show that this prefix will meet the RIR HD ratio guidelines within 5 years.
4. Each PoP is a site therefore assign a /48 for infrastructure.
5. No subnets will use prefixes longer than /64.
6. Assign a /64 per LAN / VLAN / subnet.
7. The enterprise network should receive a prefix sufficient to provide a /48 allocation for each site (office/campus/PoP) at which the company has employees or systems.
8. If you need private addresses, generate a ULA prefix as defined in RFC 4193.
Source:- ARIN WIki

Click Here To Read Rest Of The Post...

Wednesday, March 3, 2010

IPv6 From MPLS

If the service provider is having MPLSVPN backbone and would like to serve IPv6 internet; In that case with the help of MP-iBGP this objective can be achieved with no infrastructure changes. This technique is also known as 6PE. Given depicted figure 1 shows the MPLS VPN ip4 cloud with ldp as label distribution protocol and OSPF is implemented as IGP. Edge routers PE1 and PE2 are configured as dual stack router which supports both IPv4 as well as IPv6 addressing. Both edge routers are configured with IPv6 - MP-iBGP with route reflector router. A default IPv6 route is configured on PE2 towards IPv6 Internet Cloud. PE2 is advertising default IPv6 route to RR with label 100 as next hop PE2 ipv4 BGP router id. The same default IPv6 route is installed on PE1 with outgoing IPv6 label 200 with PE2 BGP IPv4 router-id as next hop address.


Figure 1


In the given depicted figure 2, 6CE is wants to access the IPv6 Internet backbone. So a static point to point peering is configured with PE1. 6CE is having a default route towards PE1 and PE1 is having IPv6 route of 6CE loopback which is 2001::ABCD::1/64. The 6CE static route is advertised by PE1 to RR with label 200 as PE1 BGP IPv4 address as next hop address. The same route is being received by PE2.




Figure 2

In the given depicted figure 3,
Figure 3


It shows the pictorial view of forwarding traffic from 6CE to IPv6 Internet cloud. The traffic is first forwarded towards PE 1 which appends the IPv6 label 100 for destination 2001::1::1 and label 20 for the next hop address which is PE2 BGP router id. Then the traffic next moves to IPv4-P1 router which only swaps the topmost 20 label to 21 and forwards towards IPv4-P4/RR router. RR swaps the topmost label 21 to 22 and forwards to the next hop which is IPv4-P2. IPv4 performs the PHP (Penultimate Hop Popping) function and forwards the traffic with IPv6 label towards PE2. PE2 removes the all label and forwards the traffic to IPv6 internet cloud. The main advantage of using MP-iBGP is that the 6CE customers can access the IPv6 internet cloud by using the existing IPv4 cloud. By using LDP IPv6 route becomes hide as in legacy VPNv4, so the core routers doesn’t know about the IPv6 route and only look for the next hop address which is reachable by IGP.

Figure 4 shows the reverse traffic from IPv6 Internet cloud to 6CE.



Figure 4


By using the above mentioned technique, service provider need to use OSPF or IS-IS for IPv6. Also refer to my previous post about the selection of IGP protocol.
Click Here To Read Rest Of The Post...