Q171. Refer to the exhibit.
Which two commands are required on R3 in order for MPLS to function? (Choose two.)
A. mpls ip
B. ip cef
C. mpls label protocol tdp
D. mpls ip propagate-ttl
Q172. Refer to the exhibit.
Which statement is true about the downward bit?
A. It forces the CE router to use a backup link instead of sending traffic via MPLS VPN.
B. It informs the PE router that the LSA metric has been recently decreased to 1 and that partial SPF calculation cannot be delayed.
C. It forces the CE router to install the LSA with the downward bit set into its routing table as a discard route.
D. It informs the PE router that the LSA was already redistributed into BGP by another PE router and that the LSA must not be redistributed into BGP again.
From RFC 4577, specifically section 220.127.116.11
When a type 3 LSA is sent from a PE router to a CE router, the DN bit [OSPF-DN] in the LSA Options field MUST be set. This is used to ensure that if any CE router sends this type 3 LSA to a PE router, the PE router will not redistribute it further.
When a PE router needs to distribute to a CE router a route that comes from a site outside the latter’s OSPF domain, the PE router presents itself as an ASBR (Autonomous System Border Router), and distributes the route in a type 5 LSA. The DN bit [OSPF-DN] MUST be set in these LSAs to ensure that they will be ignored by any other PE routers that receive them.
Q173. Refer to the exhibit.
What is the meaning of the asterisk (*) in the output?
A. PIM neighbor 10.1.5.6 is the RPF neighbor for the group 18.104.22.168 for the shared tree.
B. PIM neighbor 10.1.5.6 is the one that is seen as the RPF neighbor when performing the command show ip rpf 10.1.4.7.
C. PIM neighbor 10.1.5.6 is the winner of an assert mechanism.
D. The RPF neighbor 10.1.5.6 is invalid.
show ip mroute
RPF neighbor or RPF nbr
IP address of the upstream router to the source. Tunneling indicates that this router is sending data to the RP encapsulated in register packets.
The hexadecimal number in parentheses indicates to which RP it is registering. Each bit indicates a different RP if multiple RPs per group are used. If an asterisk (*) appears after the IP address in this field, the RPF neighbor has been learned through an assert.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/ipmulti/command/reference/fiprmc_r/1rfmult 3.html
Q174. Which two statements about IPsec VTI implementation are true? (Choose two.)
A. The IKE SA can be bound to the VTI and the crypto map.
B. The transform set can be configured only in tunnel mode.
C. SVTIs support only a single IPsec SA.
D. SVTIs support IPv4 packets that carry IPv6 packets.
Q175. Which two options are the two main phases of PPPoE? (Choose two.)
A. Active Discovery Phase
B. IKE Phase
C. Main Mode Phase
D. PPP Session Phase
E. Aggressive Mode Phase
F. Negotiation Phase
PPPoE is composed of two main phases:
Active Discovery Phase — In this phase, the PPPoE client locates a PPPoE server, called an access concentrator. During this phase, a Session ID is assigned and the PPPoE layer is established.
PPP Session Phase — In this phase, PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred over the PPP link within PPPoE headers.
Q176. A GRE tunnel is down with the error message %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing error.
Which two options describe possible causes of the error? (Choose two.)
A. Incorrect destination IP addresses are configured on the tunnel.
B. There is link flapping on the tunnel.
C. There is instability in the network due to route flapping.
D. The tunnel mode and tunnel IP address are misconfigured.
E. The tunnel destination is being routed out of the tunnel interface.
The %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing error message means that the generic routing encapsulation (GRE) tunnel router has discovered a recursive routing problem. This condition is usually due to one of these causes:
. A misconfiguration that causes the router to try to route to the tunnel destination address using the tunnel interface itself (recursive routing)
. A temporary instability caused by route flapping elsewhere in the network
Q177. In a network where a Layer 2 switch interconnects several routers, which feature restricts multicast packets for each IP multicast group to only those mulicast router ports that have downstream receivers joined to that group?
A. PIM snooping
B. IGMP snooping
C. IGMP filter
D. IGMP proxy
In networks where a Layer 2 switch interconnects several routers, such as an Internet exchange point (IXP), the switch floods IP multicast packets on all multicast router ports by default, even if there are no multicast receivers downstream. With PIM snooping enabled, the switch restricts multicast packets for each IP multicast group to only those multicast router ports that have downstream receivers joined to that group. When you enable PIM snooping, the switch learns which multicast router ports need to receive the multicast traffic within a specific VLAN by listening to the PIM hello messages, PIM join and prune messages, and bidirectional PIM designated forwarder-election messages.
Q178. Which two statements about IPv4 and IPv6 networks are true? (Choose two.)
A. In IPv6, hosts perform fragmentation.
B. IPv6 uses a UDP checksum to verify packet integrity.
C. In IPv6, routers perform fragmentation.
D. In IPv4, fragmentation is performed by the source of the packet.
E. IPv4 uses an optional checksum at the transport layer.
F. IPv6 uses a required checksum at the network layer.
Q179. DRAG DROP
Drag and drop each PHB on the left to the functionality it performs on the right.
Q180. A company is multihomed to several Internet providers using EBGP. Which two measures guarantee that the network of the company does not become a transit AS for Internet traffic? (Choose two.)
A. Prepend three times the AS number of the company to the AS path list.
B. Add the community NO_EXPORT when sending updates to EBGP neighbors.
C. Write AS-path access-list which permits one AS long paths only and use it to filter updates sent to EBGP neighbors.
D. Add the community NO_EXPORT when receiving updates from EBGP neighbors.
By default BGP will advertise all prefixes to EBGP (External BGP) neighbors. This means that if you are multi-homed (connected to two or more ISPs) that you might become a transit AS. Let me show you an example:
R1 is connected to ISP1 and ISP2 and each router is in a different AS (Autonomous System). Since R1 is multi-homed it’s possible that the ISPs will use R1 to reach each other. In order to prevent this we’ll have to ensure that R1 only advertises prefixes from its own autonomous system. As far as I know there are 4 methods how you can prevent becoming a transit AS:
Filter-list with AS PATH access-list.
To know more about the 400-101, click here.