Networking Interview Question With Answer

I am share with Networking Interview Question and Answer. These question generally ask in interview.
What is the difference between osi and tcp/ip model? 
OSI(open system interconnection) Tcp/ip(transmission control protocol / internet protocol)
1. Osi is a generic, protocol independent standard, acting as a communication gateway between the network and end user.
2. Tcp/ip model is based on standard protocols around which the internet has developed. It is a communication protocol, which allows connection of hosts over a network.
3. In osi model the transport layer guarantees the delivery of packets.
4. In tcp/ip model the transport layer does not guarantees delivery of packets. Still the tcp/ip model is more reliable.
5. Follows vertical approach. 3. Follows horizontal approach.
6. Osi model has a separate presentation layer and session layer.
7. Tcp/ip does not have a separate presentation layer or session layer.
8. Osi is a reference model around which the networks are built. Generally it is used as a
9. Tcp/ip model is, in a way implementation of the osi
guidance tool. model.
10. Network layer of osi model provides both connection oriented and connectionless service.
11. The network layer in tcp/ip model provides connectionless service.
12. Osi model has a problem of fitting the protocols into the model.
13. Tcp/ip model does not fit any protocol
14. Protocols are hidden in osi model and are easily replaced as the technology changes.
15. In tcp/ip replacing protocol is not easy.
16. Osi model defines services, interfaces and protocols very clearly and makes clear distinction between them. It is protocol independent.
17. In tcp/ip, services, interfaces and protocols are not clearly separated. It is also protocol dependent.
18. It has 7 layers 10. It has 4 layers .

What is the size of ip address?
The number of unassigned internet addresses is running out, so a new classless scheme called cidr is gradually replacing the system based on classes a, b, and c and is tied to adoption of ipv6. In ipv6 the ip address size is increased from 32 bitsto 128 bits.
22. What is the range of class c address?
          C, 192 – 223
What is poe (power over ethernet)?
Power over ethernet (poe) is a technology for wired ethernet lans (local area networks) that allows the electrical current necessary for the operation of each device to be carried by the data cables rather than by power cords. Doing so minimizes the number of wires that must be strung in order to install the network.


What are the advantages of distributed processing?
Distributed data processing is a computer-networking method in which multiple computers across different locations share computer-processing capability. This is in contrast to a single, centralized server managing and providing processing capability to all connected systems. Computers that comprise the distributed data-processing network are located at different locations but interconnected by means of wireless or satellite links.
Advantage: lower cost, reliable, improved performance and reduced processing time, flexible.

25. When were osi model developed and why its standard called 802.xx and so on?
Osi model was developed in february1980 that why these also known as 802.xx standard (notice 80 means ==> 1980, 2means ==> february)

What is full form of ad?
Administrative distance 

What is a peer-peer process?
In its simplest form, a peer-to-peer (p2p) network is created when two or more pcs are connected and share resources without going through a separate server computer. A p2p network can be an ad hoc connection—a couple of computers connected via a universal serial bus to transfer files.

What is the difference between broadcast domain and collision domain?
Collision domain :A collision domain is, as the name implies, a part of a network where packet collisions can occur. Collision occurs when two devices send a packet at the same time on the shared network segment. The packets collide and both devices must send the packets again, which reduces network efficiency. Collisions are often in a hub environment, because each port on a hub is in the same collision domain. By contrast, each port on a bridge, a switch or a router is in a separate collision domain.
Tip – remember, each port on a hub is in the same collision domain. Each port on a bridge, a switch or router is in a separate collision domain.
Broadcast domain:A broadcast domain is a domain in which a broadcast is forwarded. A broadcast domain contains all devices that can reach each other at the data link layer (osi layer 2) by using broadcast. All ports on a hub or a switch are by default in the same broadcast domain. All ports on a router are in the different broadcast domains and routers don’t forward broadcasts from one broadcast domain to another. 

What is ping? Why you use ping?
Short for packet internet groper, ping is a utility used to verify whether or not a network data packet is capable of being distributed to an address without errors. The ping utility is commonly used to check for network errors.
Ping is a basic internet program that allows a user to verify that a particular ip address exists and can accept requests.
Ping is used diagnostically to ensure that a host computer the user is trying to reach is actually operating. Ping works by sending an internet control message protocol (icmp) echo request to a specified interface on the network and waiting for a reply. Ping can be used for troubleshooting to test connectivity and determine response time. 

 Define network?     
 A network is a collection of computers, servers, mainframes, network devices, peripherals, or other devices connected to one another allowing for data to be shared and used. A great example of a network is the internet, connecting millions of people all over the world together.                 

 What is a link?
The link is the physical and logical network component used to interconnect hosts or nodes in the network and a link protocol is a suite of methods and standards that operate only between adjacent network nodes of a local area network segment or a wide area network connection.

What is a node?
A node is a basic unit used in computer science. Nodes are devices or data points on a larger network. Devices such as a personal computer, cell phone, or printer are nodes. When defining nodes on the internet, a node is anything that has an ip address.


What is a gateway?
A gateway is a network point that acts as an entrance to another network. On the internet, a node or stopping point can be either a gateway node or a host (end-point) node. Both the computers of internet users and the computers that serve pages to users are host nodes.

What is point-point link?
In computer networking, point-to-point protocol (ppp) is a data link (layer 2) protocol used to establish a direct connection between two nodes. It can provide connection authentication, transmission encryption (using ecp, rfc 1968), and compression.

What is multiple access?
Multiple access is a radio transmission scheme that allows several earth stations to transmit in the same time span. This provides the way to network these stations together, either in a star or a mesh network.

What’s the benefit of sub netting?
 Ability to secure your resources by placing them into separate  sub networks.
 Ability to organize your resources within a network.
 Speedup your network.

What is bgp (border gateway protocol)?
Border gateway protocol (bgp) is a standardized exterior gateway protocol designed to exchange routing and reach ability information among autonomous systems (as) on the internet. The protocol is often classified as a path vector protocol but is sometimes also classed as a distance-vector routing protocol.

What is gateway-to-gateway protocol?
The gateway-to-gateway protocol (ggp) is an obsolete protocol defined for routing data grams between internet gateways. The gateway-to-gateway protocol was designed as an internet protocol (ip) data gram service similar to the transmission control protocol (tcp) and the user data gram protocol (udp).

What is a multi-homed host?
A multihomed host is physically connected to multiple data links that can be on the same or different networks. For example, a computer with a windows nt 4.0 server and multiple ip addresses can be referred to as "multi homed" and may serve as an ip router.

What is ospf?
Open shortest path first (ospf) is a routing protocol for internet protocol (ip) networks. It uses a link state routing (lsr) algorithm and falls into the group of interior routing protocols, operating within a single autonomous system (as). It is defined as ospf version 2 in rfc 2328 (1998) for ipv4.

What is routing?
Routing is the process of selecting best paths in a network. [a] routing is performed for many kinds of networks, including the public switched telephone network (circuit switching), electronic data networks (such as the internet), and transportation networks.

What is a protocol?
The tcp/ip internet protocols, a common example, consist of: transmission control protocol (tcp), which uses a set of rules to exchange messages with other internet points at the information packet level. Internet protocol (ip), which uses a set of rules to send and receive messages at the internet address level.

Explain difference between router, switch and hub?
 Router: A device that forwards data packets along networks. A router is connected to at least two networks, commonly two lans or wans or a lan and its isp.s network. Routers are located at gateways, the places where two or more networks connect. Routers use headers and forwarding tables to determine the best path for forwarding the packets, and they use protocols such as icmp to communicate with each other and configure the best route between any two hosts.

 Switch: In networks, a device that filters and forwards packets between lan segments. Switches operate at the data link layer (layer 2) and sometimes the network layer (layer 3) of the osi reference model and therefore support any packet protocol. LAN's that use switches to join segments are called switched LAN's or, in the case of ethernet networks, switched ethernet LAN's. 

 Hub: A common connection point for devices in a network. Hubs are commonly used to connect segments of alan. A hub contains multiple ports. When a packet arrives at one port, it is copied to the other ports so that all segments of the lan can see all packets.

What is checksum?
A checksum is a count of the number of bits in a transmission unit that is included with the unit so that the receiver can check to see whether the same number of bits arrived. If the counts match, it's assumed that the complete transmission was received. Both tcpand udp communication layers provide a checksum count and verification as one of their services.

What is redundancy?
Redundancy is a system design in which a component is duplicated so if it fails there will be a backup. Redundancy has a negative connotation when the duplication is unnecessary or is simply the result of poor planning.

 What are the criteria necessary for an effective and efficient network?
Criteria necessary for an effective and efficient network. It can be measured in many ways, including transmit time and response time. It is measured by frequency of failure, the time it takes a link to recover from a failure, and the network’s robustness.

What is the key advantage of using switches?
Advantages : 1)Reduces the number of broadcast domains 2) supports vlan's which can help in logical segmentation  of ports[physical ports].splitting up the broadcast domain. 3) intellegent device[compared to hub's] which can make use  of cam table for port to mac mapping 4) compared to bridges ,switches are more h/w oriented  therefore operations are less cpu intense[basic operations 5) the cost to number of ports ratio is best  for a  cheaper cost you get switches with more number of ports  available than routers.

Disadvantages : 1) not as good as a router in limiting broadcasts 2) communication b/w vlan's need intervlan routing [router] ,but these days there are a number of multi layer switches  available in the market. 3) handling multicast packets needs quite a bit of  configuration & proper designing. 4) at times switches when in promiscuous mode is a opening  for security attacks [spoofing ip address or capturing  ethernet frames using ethereal.

When does network congestion occur?
Congestion, in the context of networks, refers to a network state where a node or link carries so much data that it may deteriorate network service quality, resulting in queuing delay, frame or data packet loss and the blocking of new connections. In a congested network, response time slows with reduced network throughput. Congestion occurs when bandwidth is insufficient and network data traffic exceeds capacity.

Does a bridge divide a network into smaller segments?
Not really. What a bridge actually does is to take the large network and filter it, without changing the size of the network.

What is the defference between cross cable and straight cable.
Now days, LAN card has intelligence, so that both cables can work.
They have a feature on lots of switches and hubs etc called "auto-mdix" or "auto mdi/mdix", that is the new thing where it doesn’t matter what kind of cable you use, it will just auto detect the proper connection type no matter which cable you use.
The cable can be categorized as cat 5, cat 5e, and cat 6 utp cable. Cat 5 utp cable can support 10/100 mbps ethernet network, whereas cat 5e and cat 6 utp cable can support ethernet network running at 10/100/1000 mbps. You might hear about cat 3 utp cable, it's not popular anymore since it can onl
Straight and crossover cable can be cat3, cat 5, cat 5e or cat 6 utp cable, the only difference is each type will have different wire arrangement in purposes.
Ethernet network cables are straight and crossover cable. This ethernet network cable is made of 4 pair high performance cable that consists of twisted pair conductors that used for data transmission. Both end of cable is called rj45 connector.
There are two types of network cables commonly used in pc networks - straight-through and cross-over.
Straight cable
Usually use straight cable to connect different type of devices. This type of cable will be used most of the time and can be
1) connect a computer to a switch/hub's normal port.
2) connect a computer to a cable/dsl modem's lan port.
3) connect a router's wan port to a cable/dsl modem's lan port.
4) connect a router's lan port to a switch/hub's uplink port. (normally used for expanding network)
5) connect two switches/hubs with one of the switch/hub using an uplink port and the other one using normal port.
If you need to check how straight cable looks like, it's easy. Both sides (side a and side b) of cable have wire arrangement.
Crossover cable
Sometimes you will use crossover cable, it's usually used to connect same type of devices. A crossover cable can be used to:
1) connect two computers directly.
2) connect a router's lan port to a switch/hub's normal port. (normally used for expanding network)
3) connect two switches/hubs by using normal port in both switches/hubs.
In you need to check how crossover cable looks like, both side (side a and side b) of cable have wire arrangement with follow
This cable (either straight cable or cross cable) has total 8 wires (or we can say lines), i.e. Four twisted pairs (4x2=8) with different color codes. Right now just forget codes. It doesn’t matter what color is given to the cable (but there is a standard).
Purpose of this cross cable is rx (receiving terminal) connects to tx (transmitting) of one pc to another pc and vice versa.
As we use two pcs (same devices), straight cable will connect tx to tx and rx to rx of two computers, so cross cable is requi because it has internal arrangement like cross cable. So note that use cross cable to connect two similar devices.
A straight cable will not work to connect two computers together.
Crossover used to connect to pcs directly together, also used for connecting networking devices together like switch to switch etc.
Straight cables connect two different types of devices. Whereas crossover cables connect two of the same type.

What is the difference between tracert and traceroute.
Traceroute:  1) you can find this utility in linux/unix based operating systems. 2) it relies over udp probe packet with destination port: 33434. 3) it uses random source port.

Tracert :  1)you can find this utility in windows based operating systems as well as servers. 2) it rely over icmp type 8(echo packet) & type 0(echo request).

What is round trip time?
In telecommunications, the round-trip delay time (rtd) or round-trip time (rtt) is the length of time it takes for a signal to be sent plus the length of time it takes for an acknowledgment of that signal to be received. This time delay therefore consists of the propagation times between the two points of a signal.
Define the terms unicasting, multicasting and broadcasting and any casting?
Unicast: A term used in communication to describe a piece of information to send from one point to another. There are only sender and receiver. All lans support unicast transfer mode and most applications that employ tcp transport protocol uses unicast messaging.

Broadcast: a term used for describing communication that is sent a piece of information from one point to all other points. There is one sender and multiple receivers. All lans support broadcast transmission. 

Multicast: a term described in communicating a piece of information sent from one or more points to a set of other points. The senders and receivers are one or more.
Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers, though it may be sent to several nodes, all identified by the same destination address.

How many pins do serial ports of routers have?
As a 9-pin d connector accessible from the exterior of the case,

What are the differences between static ip addressing and dynamic ip addressing?
Difference between static and dynamic ips. When a device is assigned a static ip address, it does not change. The device always has the same ip address. Most devices use dynamic ip addresses, which are assigned by the network when they connect.

Difference between csma/cd and csma/ca?
Carrier sense multiple access or csma is a media access control (mac) protocol that is used to control the flow of data in a transmission media so that packets do not get lost and data integrity is maintained.
There are two modifications to csma, the csma cd (collision detection) and csma ca (collision avoidance),each having its own strengths.
Csma operates by sensing the state of the medium in order to prevent or recover from a collision. A
collision happens when two transmitters transmit at the same time. The data gets scrambled, and the
receivers would not be able to discern one from the other thereby causing the information to get lost.
The lost information needs to be resent so that the receiver will get it.
Csma cd operates by detecting the occurrence of a collision. Once a collision is detected, csma cd
immediately terminates the transmission so that the transmitter does not have to waste a lot of time in
continuing. The last information can be retransmitted. In comparison, csma ca does not deal with the
recovery after a collision. What it does is to check whether the medium is in use. If it is busy, then the
transmitter waits until it is idle before it starts transmitting. This effectively minimizes the possibility of collisions and makes more efficient use of the medium.
Another difference between csma cd and csma ca is where they are typically used. Csma cd is used
mostly in wired installations because it is possible to detect whether a collision has occurred. With
wireless installations, it is not possible for the transmitter to detect whether a collision has occurred or
not. That is why wireless installations often use csma ca instead of csma cd.
1.Csma cd takes effect after a collision while csma ca takes effect before a collision.
2.Csma ca reduces the possibility of a collision while csma cd only minimizes the recovery time.
3.Csma cd is typically used in wired networks while csma ca is used in wireless networks.
4.Csma cd is used in wired lans and csma ca used in wireless lans and other types of wireless networks.
5. Csma cd is standardized in ieee 802.3 and csma ca is standardized in ieee 802.11.
6. Csma cd will not take steps to prevent transmission collision until it is taken place whilst csma ca will take actions not to take place any collision since the latter has no means of knowing whether a collision has taken place.

What is dhcp scope?
A dynamic host configuration protocol (dhcp) scope is the consecutive range of possible ip addresses that the dhcp server can lease to clients on a subnet.scopes typically define a single physical subnet on your network to which dhcp services are offered.

What are the different memories used in a cisco router?
  Rom, ram, nvram, flah memory

What are the different types of passwords used in securing a cisco router?
   The five main passwords of the cisco ios are: Console, aux , vty, enable password, enable secret 

What is the use of “service password encryption”?
The enable-secret option encrypts your password when you configure the router. When someone looks at your running config, it will not display your "enable" password. However, if you do not use the service password option, when someone views your running config, it will display all passwords except the
"enable secret". It will show what your password is for your console line, and vty (telnet). When you do use the service password-encryption, when someone views your running config, those passwords will not be displayed.

What is the range of class a address?
          Class a-   0-127
What is the range of class b address?
          Class b- 128-191
Differentiate logical topology from physical topology?
A logical topology is how devices appear connected to the user. A physical topology is how they are actually interconnected with wires and cables. For example, in a shared ethernet network that uses hubs rather than switches, the logical topology appears as if every node is connected to a common bus that runs from node to node. However, its physical topology is a star, in which every node on the network connects to a central hub

What is as (autonomous system)?
An autonomous system (as) is a network or a collection of networks that are all managed and supervised by a single entity or organization.  An as is a heterogeneous network typically governed by a large enterprise. An as has many different subnetworks with combined routing logic and common routing policies. Each subnetwork is assigned a globally unique 16 digit identification number (known as the as number or asn) by the internet assigned numbers authority (iana).

What is the difference between private ip and public ip?
A public (or external) IP address is the one that your ISP (Internet Service Provider) provides to identify your home network to the outside world. It is an IP address that is unique throughout the entire Internet.
Just as your network's public IP address is issued by your ISP, your router issues private (or internal) IP addresses to each network device inside your network. This provides unique identification for devices that are within your home network, such as your computer, your Slingbox, and so on.

Explain different cable types?
Coaxial cables: Invented back in the 1880s, "coax" was best known as the kind of cable that connected television sets to home antennas. Coaxial cable is also a standard for 10 mbps ethernet cables. When 10 mbps ethernet was most popular, during the 1980s and early 1990s, networks typically utilized one of two kinds of coax cable - thinnet (10base2 standard) or thicknet (10base5). These cables consist of an inner copper wire of varying thickness surrounded by insulation and other shielding. Their stiffness caused network administrators difficulty in installing and maintaining thinnet and thicknet.
Twisted pair cables: Twisted pair eventually emerged during the 1990s as the leading cabling standard for ethernet, starting with 10 mbps (10base-t, also known as category 3 or cat3), later followed by improved versions for 100 mbps (100base-tx, cat5 and cat5e) and successively higher speeds up to 10 gbps (10gbase-t).
Fiber optics:Instead of insulated metal wires transmitting electrical signals, fiber optic network cables work using strands of glass and pulses of light. These network cables are bendable despite being made of glass. They have proven especially useful in wide area network (wans) installations where long distance underground or outdoor cable runs are required and also in office buildings where a high volume of communication traffic is common.
Two primary types of fiber optic cable industry standards are defined – single-mode (100basebx standard) and multimode (100basesx standard). Long-distance telecommunications networks more
commonly use single-mode for its relatively higher bandwidth capacity, while local networks typically use multimode instead due to its lower cost.


How does rip differ from eigrp?

Rip stands for routing information protocol and eigrp stands for interior gateway routing protocol.

The major difference between both is that eigrp is cisco propriety that is it can be implemented only on cisco routers.while this is not the case with rip versions (rip,rip2) they are open standards.

Some internal differences between them are:

1.AD value :that is administrative distance which determines the trust worthiness of the routing protocol.static routing has the highest that is 1. For rip it is 120 for eigrp it is 90 internal / 170 external.
 2.RIP uses bellmen ford algorithm to calculate the path while eigrp use dual method to calculate the routes paths.
3.Maximum hop count for rip is 15 that is after 15 counts the packet is dropped while that of eigrp is 100 by default and upto 255 by configuration. 
4.There is difference between their refresh timers. 
5.There is difference between the ip address which they use to send periodic updates over the network. 
6.EIGRP uses an autonomous number to determine which domain it belongs to which is not the case with rip protocols. 
7.RIP is mostly used for smaller networks which eigrp is used for larger networks. 
8.RIP is a distance vector routing protocol while eigrp is an link state routing protocol.
9. RIP is classful protocol where as eigrp is classless protocol .
10.In rip full routing table exchanged, but in eigrp missing routes are exchanged .
11. For rip protocol, hello timers every 30 seconds but in eigrp hello timer every 5 seconds .
12. Rip sends full update whenever network change occurs whereas eigrp sends triggered updates.

Differentiate user mode from privileged mode
User mode (user exec mode)
User mode is the first mode a user has access to after logging into the router. The user mode can be identified by the > prompt following the router name. This mode allows the user to execute only the
basic commands, such as those that show the system's status. The router cannot be configured or restarted from this mode.
Privileged mode (privileged exec mode)
Privileged mode mode allows users to view the system configuration, restart the system, and enter router configuration mode. Privileged mode also allows all the commands that are available in user mode. Privileged mode can be identified by the # prompt following the router name. From the user mode, a user can change to privileged mode, by running the "enable" command. Also we can keep a enable password or enable secret to restrict access to privileged mode. An enable secret password uses stronger encryption when it is stored in the configuration file and it is safer.

What is 100basefx?
100base-fx is a version of fast ethernet over optical fiber. It uses a 1300 nm near-infrared (nir) light wavelength transmitted via two strands of optical fiber, one for receive (rx) and the other for transmit (tx).
 Differentiate Simplex, full-duplex and half-duplex?
Simplex:  simplex is one direction.  A good example would be your keyboard to your cpu.  The
cpu never needs to send characters to the keyboard but the keyboard always send characters to
the cpu.  In many cases, computers almost always send characters to printers, but printers
usually never send characters to computers (there are exceptions, some printers do talk
back).  Simplex requires only one lane (in the case of serial).
Half-duplex:  half-duplex data transmission means that data can be transmitted in both
directions on a signal carrier, but not at the same time.  For example, on a local area network
using a technology that has half-duplex transmission, one workstation can send data on the line
and then immediately receive data on the line from the same direction in which data was just
transmitted.
Full-duplex:  full-duplex data transmission means that data can be transmitted in both directions
on a signal carrier at the same time.  For example, on a local area network with a technology
that has full-duplex transmission, one workstation can be sending data on the line while another
workstation is receiving data.  A full-duplex link can only connect two devices, so many such
links are required if multiple devices are to be connected together.

 What does the show protocol display?
The show protocols command shows the global and interface-specific status of any configured level 3 protocol.
List the layers of OSI?
The layers are stacked this way:
7. Application. 6.Presentation. 5. Session. 4. Transport. 3.Network. 2.Data link. 1. Physical.

What are the responsibilities of data link layer?
The data link layer is also responsible for logical link control, media access control, hardware addressing, error detection and handling and defining physical layerstandards. It provides reliable data transfer by transmitting packets with the necessary synchronization, error control and flow control.
 What are the responsibilities of network layer?
The network layer is responsible for packet forwarding including routing through intermediate routers, since it knows the address of neighboring network nodes, and it also manages quality of service (qos), and recognizes and forwards local host domain messages to the transport layer (layer 4).

What are the responsibilities of transport layer?
Major duties of transport layer are:

1. Creating an end-to-end connection between hosts in different network,
2. Error recovery,
3. Flow control,
4. Ensuring complete data transfer in tcp.
5. Congestion avoidance Major transport layer protocols.
6. Tcp ( transmission control protocol).
7. Udp (user datagram protocol).
8. Dccp (datagram congestion control protocol).
9. Sctp (stream control transmission protocol).

Routers work at which osi layer?
Routers operate on the third layer of the osi model, the network-control layer. Rather than passing packets based on the media access control (mac) layeraddresses (as bridges do), a router examines the packet's data structure and determines whether or not to forward it.

Switches work at which osi layer?
A switch works at layer 2 of the osi model (data-link). It is a lan device that can also be called a multiport bridge. A switch switches ethernet frames between ethernet devices. Switches do not care about ip addresses nor do they even examine ip addresses as the frames flow through the switch.

What is a window in networking terms?
A window refers to the number of segments that is allowed to be sent from source to destination before an acknowledgement is sent back.

What is the role of the llc sublayer in datalink layer?
The logical link control (llc) data communication protocol layer is the upper sub-layer of the data link layer (which is itself layer 2, just above the physical layer) in the seven-layer osi reference model. It provides multiplexing mechanisms that make it possible for several network protocols (ip, ipx) to coexist within a multipoint network and to be transported over the same network media, and can also provide flow control mechanisms. The llc sub-layer acts as an interface between the media access control (mac) sublayer and the network layer. As the ethertype in an ethernet ii framing formatted frame is used to multiplex different protocols on top of the ethernet mac header it can be seen as llc identifier. Operation the llc sublayer is primarily concerned with:
1.Multiplexing protocols transmitted over the mac layer (when transmitting) and decoding them (when receiving). 
2.Providing flow and error control:The protocol used for llc in ieee 802 networks, such as ieee 802.3/ethernet (if the ethertype field isn't used), ieee 802.5, and ieee 802.11, and in some non-ieee 802 networks such as fddi, is specified by the ieee 802.2 standard. Some non-ieee 802 protocols can be thought of as being split into mac and llc layers. For example, while hdlc specifies both mac functions (framing of packets) and llc functions (protocol multiplexing, flow control, detection, and error control through a retransmission of dropped packets when indicated), some protocols such as cisco hdlc can use hdlc-like packet framing and their own llc protocol. Another example of a data link layer which is split between llc (for flow and error control) and mac (for multiple access) is the itu-t g.hn standard, which provides high-speed local area networking over existing home wiring (power lines, phone lines and coaxial cables). An llc header tells the data link layer what to do with a packet once a frame is received. It works like this: a host will receive a frame and look in the llc header to find out where the packet is destined for - for example, the ip protocol at the network layer or ipx. The gprs llc layer also does ciphering and deciphering of sn-pdu (sndcp) packets.

What is the function of the application layer in networking?
The application layer is a layer in the open systems interconnection (osi) seven-layer model and in the tcp/ip protocol suite. It consists of protocols that focus on process-to-process communication across an ip network and provides a firm communication interface and end-user services.

What are the difference between tcp and udp?
TCPand UDP: Transmission control protocol User datagram protocol or universal datagram protocol Connection Tcp is a connection-oriented protocol. Udp is a connection less protocol.Function As a message makes its way across the internet from one computer to another. This is connection based.Udp is also a protocol used in message transport or transfer. This is Tcp Udp not connection based which means that one program can send a load of packets to another and that would be the end of the relationship.Usage Tcp is suited for applications that require high reliability, and transmission time is relatively less critical.Udp is suitable for applications that need fast, efficient transmission, such as games. Udp's stateless nature is also useful for servers that answer small queries from huge numbers of clients.
Use by other protocols Http, https, ftp, smtp, telnet Dns, dhcp, tftp, snmp, rip, voip.
Ordering of data packets
Tcp rearranges data packets in the order specified. Udp has no inherent order as all packets are independent of each other. If ordering is required, it has to be managed by the application layer.

Udp is lightweight. There is no ordering of messages, no tracking connections, etc. It is a small transport layer designed on top of ip.
Data flow control Tcp does flow control. Tcp requires three packets to set up a socket connection, before any user data can be sent. Tcp handles reliability and congestion control.
Udp does not have an option for flow control.
Error checking Tcp does error checking and error recovery. Erroneous packets are retransmitted from the source to the destination.
Udp does error checking but simply discards erroneous packets. Error recovery is not attempted.
Fields 1. Sequence number, 2. Ack number, 3. Data offset, 4. Reserved, 5. Control bit, 6. Window, 7. Urgent pointer 8. Options, 9. Padding, 10. Check sum, 11. Source port, 12. Destination port
1. Length, 2. Source port, 3. Destination port, 4. Check sum Acknowledgement Acknowledgement  segments No acknowledgment Handshake Syn, syn-ack, ack No handshake (connectionless protocol).

What is the port no of dns and telnet?
20 ftp data (file transfer protocol)  21 ftp (file transfer protocol)  22 ssh (secure shell)  23 telnet  25 smtp (send mail transfer protocol)  53 dns (domain name service)  68 dhcp (dynamic host control protocol)  80 http (hypertext transfer protocol)  110 pop3 (post office protocol, version 3)  115 sftp (secure file transfer protocol)  119 nntp (network new transfer protocol)  123 ntp (network time protocol)  139 netbios  143 imap (internet message access protocol)  161 snmp (simple network management protocol)  220 imap3 (internet message access protocol 3)  389 ldap (lightweight directory access protocol)  443 ssl (secure socket layer) 


Which service use both tcp and udp?
Dns and some other services work on both the protocols. We will take an example of dns service. Two protocols are somewhat different from each other. Tcp is a connection-oriented protocol and it requires data to be consistent at the destination and udp is connection-less protocol and doesn't require data to be consistent or don't need a connection to be established with host for consistency of data.   Udp packets are smaller in size. Udp packets can not be greater then 512 bytes. So any application needs data to be transferred greater than 512 bytes require tcp in place. For example, dns uses both tcp and udp for valid reasons described below. Note that udp messages are not larger than 512 bytes and are truncated when greater than this size.  Dns uses tcp for zone transfer and udp for name queries either regular (primary) or reverse. Udp can be used to exchange small information whereas tcp must be used to exchange information larger than 512 bytes. If a client doesn't get response from dns it must re-transmit the data using tcp after 3-5 seconds of interval.   There should be consistency in dns zone database. To make this, dns always transfer zone data using tcp because tcp is reliable and make sure zone data is consistent by transferring the full zone to other dns servers who has requested the data.   The problem occurs when windows 2000 server and advanced server products uses dynamic ports for all above 1023. In this case your dns server should not be internet facing i.e.
Client machines on the network. The router (acl) must permitted all udp inbound traffic to access any high udp ports for it to work.   Ldap always uses tcp - this is true and why not udp because a secure connection is established between client and server to send the data and this can be done only using tcp not udp. Udp is only used when finding a domain controller (kerberos) for authentication. For example, a domain client finding a domain controller using dns.

 What is the port no of smtp and pop3?and In which layer term “frames” is used?
 Data link layer.

 In which layer term “packets” is used?
 Network layer.

 In which layer term “segments” is used?
Transport layer.

Give some example for protocols work at application layer?
Bgp,dhcp,dns ftp http imap ldap mgcp nntp ntp pop onc/rpc rtp rtsp rip sip smtp snmp ssh telnet tls/ssl xmpp.

What is crc? Which layer crc works?
A cyclic redundancy check (crc) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data. Blocks of data entering these systems get a short check value attached, based on the remainder of a polynomial division of their contents. On retrieval, the calculation is repeated and, in the event the check values do not match, corrective action can be taken against data corruption.it work on data link layer.

What is the purpose of the data link?
It makes sure the appropriate physical protocol is assigned to the data. The data link layer is the second layer in the osi model. The three main functions of the data link layer are to deal with transmission errors, regulate the flow of data, and provide a well-defined interface to the network layer.
Which one is reliable – tcp or udp?
Tcp.

Which layer provides logical addressing that routers will use for path determination?
Network layer.

Which layer specifies voltage, wire speed, and pinout cables and moves bits between devices?
Physical layer.

Which layer combines bits into bytes and bytes into frames, uses mac addressing, and provide error detection?
Data link layer.

Which layer is responsible for keeping the data from different applications separate on the network?
The session layer creates sessions between different hosts’ applications.

Which layer segments and resembles data into a data stream?
Transport layer.

Which layer provides the physical transmission of the data and handless error notification, network topology, and flow control?
Data link layer.

Which layer manages device addressing, tracks the location of devices on the network, and determines the best way to move data?
Network layer.

How data breaks down on each layer from top to bottom?
Table 1: pdu names on the layers of the osi model.
Osi layer .........Pdu name
Application..... Data
Presentation .....Data
Session .............Data
Transport.......... Segment
Network............ Packet
Data link............ Frame
Physical ...............Bits

Mac address works on which layer? What are the differences of mac sublayer and llc sublayer?
Data link layer.

Which layer is responsible for converting data packets from the data link layer into electrical signals?
Physical layer.

At which layer is routing implemented, enabling connections and path selection between two end systems. ?
Network layer.

Which layer defines how data is formatted, presented, encoded, and converted for use on the network?
Presentation layer .

Which layer is responsible for creating, managing and terminating sessions between applications?
The session layer sets up, maintains, and terminates sessions between applications.

Dns uses which protocol? Why?
Dns queries consist of a single udp request from the client followed by a single udp reply from the server. The transmission control protocol (tcp) is used when the response data size exceeds 512 bytes, or for tasks such as zone transfers. Some resolver implementations use tcp for all queries.

Which layer is closer to the user?
Application layer.

Differentiate between forward lookup and reverse lookup in dns?
Forward dns lookup is used to convert the human meaningful name (domain name) which is in easy to understand format to computer meaningful name (ip address), however reverse dns lookup works in reverse way to convert ip address to domain name.

What is ipsec?
Ipsec is an internet engineering task force (ietf) standard suite of protocols that provides data authentication, integrity, and confidentiality as data is transferred between communication points across ip networks. Ipsec provides data security at the ip packet level.

What is the way to establish a tcp connection?
The tcp three-way handshake intransmission control protocol (also called the tcp-handshake; three message handshake and/or syn-syn-ack) is the method used by tcp set up a tcp/ip connection over aninternet protocol based network. Tcp's three way handshaking technique is often referred to as "synsyn-ack" (or more accurately syn, syn-ack, ack) because there are three messages transmitted by tcp to negotiate and start a tcp session between twocomputers. The tcp handshaking mechanism is designed so that two computers attempting to communicate can negotiate the parameters of the network tcp socket connection before transmitting data such as ssh and http web browser requests.
This 3-way handshake process is also designed so that both ends can initiate and negotiate separate tcp socket connections at the same time. Being able to negotiate multiple tcp socket connections in both directions at the same time allows a single physical network interface, such as ethernet, to bemultiplexed to transfer multiple streams of tcp data simultaneously.

What is the difference between flow control and error control?
Flow control and error control are the control mechanism at data link layer and transport layer. Whenever the sends the data to the receiver these two mechanisms helps in proper delivering of the reliable data to the receiver. The main difference between the flow control and error control is that the flow control observes the proper flow of the data from sender to receiver, on the other hand, the error control observes that the data delivered to the receiver is error free and reliable.

What is route poisoning?
Route poisoning is a method that prevents a certain network from sending data packets to a path destination that has already became invalid. This is done when a distance vector routing protocol sees an invalid route or one with large routing loops. A route will be considered unreachable if it exceeds the maximum allowed. So the routing protocol simply informs all the routers connected in the network that a certain path is invalid by saying that it has a hop count that exceeds the maximum allowable.

What is split horizon?
Split horizon is a technique incorporated by distance vector routing protocols for avoiding routing loops by preventing the routing path to be sent/advertised back to the node from which the advertising router has received it.

Utilizing rip, what is the limit when it comes to number of hops?
                           15.
Multicast address of rip v2?
                224.0.0.9.
 Administristative distance of rip?
                             120.
Can we use rip in a scenario having more than 15 routers?
                           No .

What is the difference between rip and ripng?
Rip (routing information protocol) comes in two different versions ripv1 and ripv2. It is widely used in small and medium sized ipv4 networks due to ease of configuration, implementation and maintenance.
To route ipv6 packets, the internet engineering task force (ietf) developed ripng based on rip. Ripng has become a main routing protocol used on ipv6 networks.
Routing information protocol-ripv1: Ripv1 is a distance vector routing protocol. It uses local broadcasts ip address 255.255.255.255 to share routing information. These updates are periodic in nature, occurring by default and sent after every 30 seconds. To prevent packets from circulating around in a loop forever, rip places a hop count limit on packets of 15 hops. Packets that reach the sixteenth hop will be dropped. Ripv1 is a classful protocol. Classful routing protocols don’t send information of subnet mask with their routing table updates. In other words, if you have a subnetted network in your ripv1 routing domain, ripv1 will announce that network to other as un-subnetted network. Rip supports up to six equal-cost paths to a single destination. Equal-cost path are the paths where the metric is same (hop count).
Features of ripv1
Administrative distance:  120
Algorithm:   bellman-ford
Protocol type:   distance vector
Metric:   it supports maximum metric (hop count) value of 15. Any router farther than 15 hops away is considered as unreachable.
Routing updates:   it sends routing updates after every 30 second at broadcast ip address 255.255.255.255.
Supports: it supports only classful network.
Timer:  
Update time: 30 sec
Invalid time: 180 sec
Hold time: 180 sec
Flush time: 240 sec
Send/receive:  
Send update: ripv1
Receive update: ripv1 & ripv2.


Routing information protocol-ripv2
Ripv2 is a hybrid routing protocol with routing enhancements built into it. It uses multicasts ip address 224.0.0.9 instead of broadcasts for sending updates of routing information. Ripv2 supports triggered updates. When a change occurs in network, ripv2 router immediately propagates its routing information to its connected neighbours. Ripv2 is a classless protocol and it supports classful and variable-length subnet masking (vlsm). Ripv2 supports authentication of ripv2 update messages (md5 or plain-text). Authentication helps in confirming that the updates are coming from authorized sources.
Features of ripv2
Administrative distance:   120
Algorithm:   bellman-ford
Protocol type:  hybrid 
Metric:    ripv1 support maximum metric (hop count) value of 15. Any router farther than 15 hops away is considered as unreachable.
Routing updates:   ripv2 never broadcasts, it sends routing updates after every 30 second at multicasts ip address 224.0.0.9.
Supports: it supports classful, classless and vlsm network.
Timer
Update time: 30 sec
Invalid time: 180 sec
Hold time: 180 sec
Flush time: 240 sec
Send/receive:
 Send update: ripv2
Receive update: ripv2
Authentication: it supports authentication of ripv2 update messages (plain-text or md5). Authentication helps in confirming that the updates are coming from authorized sources.
Routing information protocol-next generation (ripng)
Ripng is a distance vector protocol and works basically the same way as rip but has some differences from rip to support ipv6 address format.
Ripng sends an update to its connected routers after every 30 seconds. It sends updates to the ipv6 multicast group ff02::9 using port 521 by default.
Features of ripng
Administrative distance:  120
Algorithm:   bellman-ford
Protocol type:   distance vector
Metric:   it supports maximum metric (hop count) value of 15. Any router farther than 15 hops away is considered as unreachable.
Routing updates: ripng multicasts routing updates and uses reserved ipv6 multicast address ff02::9 for multicasting.
Supports: it supports only classful network.
Timer:  
Update time: 30 sec
Invalid time: 180 sec
Hold time: 180 sec
Flush time: 240 sec

 What is the multicast address that rip v2 uses?

                224.0.0.9

What are the four timers in rip?
Timers basic, all in seconds: update: how often to send updates in seconds invalid: how many seconds, since seeing a valid update, to consider the route invalid, and placing the route into hold down hold down: once in hold down, how long (in seconds) to “not believe” any equal or less impressive (worse) route updates for routes that are in hold down flush: how many seconds, since the last valid update, until we throw that route in the trash (garbage collection for un-loved non-updated routes)
Update: 30 invalid: 180 hold down: 180 flush: 240

Explain load-balancing in rip?
The default variance is 1, which is equal-cost load balancing. With the maximum-paths command, the router uses up to six paths to share traffic across; to limit this number, use the maximum-paths command. The multiple paths that make up a single-hop transport to a common destination are called a load-sharing group.

Explain split horizon?
Route poisoning is a method that prevents a certain network from sending data packets to a path destination that has already became invalid. This is done when a distance vector routing protocol sees an invalid route or one with large routing loops. A route will be considered unreachable if it exceeds the maximum allowed. So the routing protocol simply informs all the routers connected in the network that a certain path is invalid by saying that it has a hop count that exceeds the maximum allowable.

What is route poisoning?
Route poisoning is a method that prevents a certain network from sending data packets to a path destination that has already became invalid. This is done when a distance vector routing protocol sees an invalid route or one with large routing loops.

How do you stop rip updates from propagating out an interface on a router?
               Passive interfaces
 What is the administrative distance of rip?
                                 120
How do we configure rip? Specify the commands.
                          Router rip

If a rip v2 router advertises its route, would it be received by all the devices on the network?
Rip v2 is multicast. So the route advertisement would be received only by devices which have rip v2 enabled. If the advertisement was rip v1, then it would be received by all devices on the network as rip v1 is broadcast.

Which transport layer protocol does rip use and the associated port number?
                          Udp – port 520
If a static route and a rip learnt route are available on a router which entry would be chosen by the router to forward the packet?
Static route would be chosen since it has lower administrative distance than rip.


What is the major benefit of dynamic routing protocol like rip over static route? 
In a static route, the route entries have to be manually configured on the router. Where as in a dynamic routing protocol like rip, routes are learnt automatically.

Can subnet mask information be stored in a rip v1 packet?
Rip v1 is a class full routing protocol. It does not understand classless concepts like subnets. So it is not possible.

Is a subnet mask field available in a rip v2 packet? 
Rip v2 is classless routing protocol. A rip v2 packet has a field to include the subnet mask information.

What is eigrp? 
Enhanced interior gateway routing protocol (eigrp) is an advanced distance-vector routing protocol that is used on a computer network for automating routing decisions and configuration. The protocol was designed by cisco systems as a proprietary protocol, available only on cisco routers.

What are the different tables in eigrp? 
Neighbor table: the neighbor relationships are tracked in this table which are the basis for eigrp routing and convergence activity. The address and the interface of a neighbor is discovered and recorded in a new entry of the neighbor table, whenever a new neighbor is discovered. These tables are used for reliable and sequenced delivery of packets.
Topology table: routers use topology table which route traffic in a network. All routing tables inside the autonomous system are available in this table, where the router is positioned. Each router uses routing protocol and maintains a topology table for each configured network protocol. The routes leading to a destination are found in the topology table.
Route table: the routes of particular destinations are stored in the routing tables. The         information contains the network topology that is immediately around it. The primary goal of routing protocols and routes is the construction of routing tables. Network id, cost of the packet path and next hop are the details are available in the routing table.

Why eigrp is called hybrid protocol?
Eigrp can be referred to as a hybrid protocol. It combines most of the characteristics of traditional distance vector protocols with some characteristics of link-state protocols. Specifically, eigrp is "enhanced" by using four routing technologies: neighbor discovery/recovery.

What are the different packets in eigrp? 
- Hello packets: eigrp neighbor ship is discovered and maintained by hello packets. If the router fails to receive a hello packet within the hold timer, the corresponding router will be declared dead.
- Update packets: at the time of discovering new neighbor, update packets are sent, so that the topology table can be built by the neighbor router. Update packets are unicast and always transmitted reliably.
- query packets: when the destination goes into active state, the query packets are sent. Query packets are multicast and replies are always sent in reply to the queries for indicating the originator that it does not need to go into active state.
- reply packets: when the destination goes into active state, the reply packets are sent. Reply packets are unicast to the originator of the query and transmission of reply packets are reliable.
- ack packets: ack packets use to know the transmission status. If a hello packet sent without data is also recognized as acknowledgement. Unicast address with non-zero acknowledgement number is always sent by acks.

 Conditions for eigrp neighbors ?
Both routers must be in the same primary subnet.
both routers must be configured to use the same k-values.
both routers must in the same as .
both routers must have the same authentication configuration (within reason) the interfaces facing each other must not be passive .

What is meant by active and passive states in eigrp?
A passive state indicates that a route is reachable, and that eigrp is fully Converged. A stable eigrp network will have all routes in a passive state. A route is placed in an active state when the successor and any feasible Successors fail, forcing the eigrp to send out query packets and reconverge. Multiple routes in an active state indicate an unstable eigrp Network. If a feasible successor exists, a route should never enter an active State.

 Routes will become stuck-in-active (sia) when a router sends out a query Packet, but does not receive a reply packet within three minutes. In other Words, a route will become sia if eigrp fails to re-converge. The local Router will clear the neighbor adjacency with any router(s) that has failed to Reply, and will place all routes from that neighbor(s) in an active state.

Does eigrp require an ip default-network command to propagate a default route?
Although eigrp can propagate a default route using the default network method, it is not required. Eigrp redistributes default routes directly.

What are the different k-values used in eigrp? 

1.Bandwidth (k1) 2. Load (k2) 3. Delay (k3) 4.Reliability (k4) 5.Mtu (k5).

What are the advantages of eigrp other routing protocol? 
-Advanced distance vector
-Routes ip, ipx, decnet, appletalk
- Routing advertisements: partial when route changes occur
- Metrics: bandwidth, delay, reliability, load, mtu size
- Hop count: 255
- Variable length subnet masks
- Summarization on network class address or subnet boundary
- Load balancing across 6 equal or unequal cost paths (ios 11.0)
- Hello timer: 1 second on ethernet / 60 seconds on non-broadcast
 - Holddown timer: 3 seconds on ethernet / 180 seconds on non-broadcast
- Metric calculation = destination path minimum bw * delay (msec) * 25
- Bidirectional forwarding detection (bfd) support
- Split horizon  Lsa multicast address: 224.0.0.10

What is advertised distance?
Advertised distance or reported distance. The advertised distance (ad) is the distance from a given neighbor to the destination router. Feasible distance. The feasible distance (fd) is the distance from the current router to the destination .

What is successor? 
A feasible successor is a path whose reported distance is less than the feasible distance, and it is considered a backup route. Eigrp will keep up to six feasiblesuccessors in the topology table. Only the one with the best metric (the successor) is placed in the routing table.

What is the multicast address used by eigrp to send hello packets? 
224.0.0.10
What types of authentication is supported by eigrp?
Eigrp route authentication provides md5 authentication of routing updates from the eigrp routing protocol. The md5 keyed digest in each eigrp packet prevents the introduction of unauthorized or false routing messages from unapproved sources.

What is “stuck in active”? 
When eigrp returns a stuck in active (sia) message, it means that it has not received a reply to a query. Eigrp sends a query when a route is lost and another feasible route does not exist in the topology table. The sia is caused by two sequential events: * the route reported by the sia has gone away.

What is the use of “variance” command in eigrp? 
Eigrp provides a mechanism to load balance over unequal cost paths throungh variance command. Variance is a number (1 to 128), multiplied by the local best metric then includes the routes with the lesser or equal metric. The default variance value is 1, which means equal-cost load balancing.

What is feasible successor?
 A feasible successor is a path whose reported distance is less than the feasibledistance, and it is considered a backup route. Eigrp will keep up to six feasible successors in the topology table. Only the one with the best metric (the successor) is placed in the routing table.

What is “graceful shutdown”?
This feature helps in faster convergence of networks. With graceful shutdown, a goodbye message is broadcast when an eigrp routing process is shutdown, to inform adjacent peers about the impending topology change.

How eigrp support unequal load balancing?
Eigrp supports up to six unequal-cost paths.
Router(config-router)#variance n

 What happen when we enable passive interface in eigrp? 
With eigrp running on a network, the passive-interface command stops both outgoing and incoming routing updates, since the effect of the command causes the router to stop sending and receiving hello packets over an interface.

Does eigrp support aggregation and variable length subnet masks? 
Yes, eigrp supports aggregation and variable length subnet masks (vlsm). Unlike open shortest path first (ospf), eigrp allows summarization and aggregation at any point in the network. Eigrp supports aggregation to any bit. This allows properly designed eigrp networks to scale exceptionally well without the use of areas. Eigrp also supports automatic summarization of network addresses at major network borders.
Can i configure more than one eigrp autonomous system on the same router?
Yes, you can configure more than one eigrp autonomous system on the same router. This is typically done at a redistribution point where two eigrp autonomous systems are interconnected. Individual router interfaces should only be included within a single eigrp autonomous system. Cisco does not recommend running multiple eigrp autonomous systems on the same set of interfaces on the router. If multiple eigrp autonomous systems are used with multiple points of mutual redistribution, it can cause discrepancies in the eigrp topology table if correct filtering is not performed at the redistribution points. If possible, cisco recommends you configure only one eigrp autonomous system in any single autonomous system. You can also use another protocol, such as border gateway protocol  (bgp), in order to connect the two eigrp autonomous systems.

What is the difference in metric calculation between eigrp and igrp?
1.Eigrp has totally replaced the obsolete igrp.
2. Eigrp is a classless routing protocol while igrp is a classful routing protocol.
3. Eigrp uses the dual while igrp does not.
4. Eigrp consumes much less bandwidth compared to igrp .
5. Eigrp expresses the metric as a 32 bit value while igrp uses a 24 bit value.

What is the eigrp stub routing feature? 
The enhanced interior gateway routing protocol (eigrp) stub routing feature improves network stability, reduces resource utilization, and simplifies stub router configuration. Stub routing is commonly used in a hub and spoke network topology.

How can i send a default route to the stub router from the hub? 
Do this under the outbound interface on the hub router with the ip summary-address eigrp x 0.0.0.0 0.0.0.0command. This command suppresses all the more specific routes and only sends the summary route. In the case of the 0.0.0.0 0.0.0.0, it means it suppresses everything, and the only route that is in the outbound update is 0.0.0.0/0. One drawback to this method is that eigrp installs a 0.0.0.0/0 route to null0 is the local routing table with an admin distance of 5.

What are the primary functions of the pdm? 
Eigrp supports 3 protocol suites: ip, ipv6, and ipx. Each of them has its own pdm. These are the primary functions of pdm:
- Maintaining the neighbor and topology tables of eigrp routers that belong to that protocol suite
- Building and translating protocol specific packets for dual .
- Interfacing dual to the protocol specific routing table.
 - Computing the metric and passing this information to dual; dual handles only the picking of the feasible successors (fss) .
- Implement filtering and access lists.
- Perform redistribution functions to/from other routing protocols.

What are the various load-balancing options available in eigrp? 
The offset-list can be used to modify the metrics of routes that eigrp learns through a particular interface, or pbr can be used.

Why are loopbacks advertised as /32 host routes in ospf? 
Loopbacks are considered host routes in ospf, and they are advertised as /32.

Which command in ospf shows the network lsa information? 
Show ip ospf 10 database network .

What command would you use to create a totally stubby area? 
Router ospf 10 Area 10.
stub no –summary

What are area types? Why there are different area concepts?
-Standard areas can contain lsas of type 1, 2, 3, 4, and 5, and may contain an asbr. The backbone is considered a standard area.
-Stub areas can contain type 1, 2, and 3 lsas. A default route is substituted for external routes.
 -Totally stubby areas can only contain type 1 and 2 lsas, and a single type 3 lsa. The type 3 lsa describes a default route, substituted for all external and inter-area routes.
- Not-so-stubby areas implement stub or totally stubby functionality yet contain an asbr. Type 7 lsas generated by the asbr are converted to type 5 by abrs to be flooded to the rest of the ospf domain.

What is the main importance of stub network? Why it is been developed in ospf?
A stub network is a somewhat casual term describing a computer network, or part of an internetwork, with no knowledge of other networks, that will typically send much or all of its non-local traffic out via a single path, with the network aware only of a default route to non-local destinations.

What will happen if we redistribute between different processes? 
There can be several reasons for redistribution between multiple processes. These are a few examples:
- Filter an ospf route from part of the domain .
-Separate different ospf domains .
-Migrate between separate domains

What are lsa types?
Lsa type 1 (router lsa): Router link state advertisments type 1 are generated by every router for each link that belongs to an area. They are flooded only inside of area to which they belong. Link id of this lsa is the router id of the router that generated it.

Lsa type 2 (network lsa) :Generated by designated router (dr) for multiaccess networks and describe the routers that are connected to that segment. They are sent inside the area to which the network segment belong. The link id is the interface ip address of the designated router which describe that particular segment.

Lsa type 3 (summary lsa) :Type 3 lsas are generated by area border routers (abrs). In type 3 lsas are advertised networks from an area to the rest of the areas in as. Advertised networks in type 4 lsa can be summarized or not. The linkstate id used by this lsa is the network number advertised.

Lsa type 4 (summary lsa):- Generated by abrs, this type os lsa contain routes to asbrs. Link id used is router id of the asbr described. Are not flooded in stub areas.

Lsa type 5 (external lsa) :-Autonomous system external lsas are generated by asbrs and contain routes to networks that are external to current as. Link-state id is network number advertised in lsa. Type 5 lsas are not flooded inside any stub areas.

Lsa type 6 (multicast lsa) :This type of lsa is used for multicast applications.

Lsa type 7 (nssa external lsa):Type 7 lsa allow injection of external routes throug not-so-stubby-areas (nssa). Generally external routes are advertised by type 5 lsa but they are not allowed inside any stub area. That’s why type 7 lsa is used, to trick ospf. Type 7 lsa is generated by nssa asbr and is translated into type 5 lsa as it leaves the area by nssa abr, which is then propagated throughout the network as type 5 lsa.
Lsa type 8 (external attributes lsa for border gateway protocol (bgp): Used to work with bgp.

Lsa type 9,10,11 (opaque lsas) :- For future use.

What is ospf’s metric? How is it identified in routing table? 
Does it support redistribution? Ospf uses a reference bandwidth of 100 mbps for cost calculation. The formula to calculate the cost is reference bandwidth divided by interface bandwidth. For example, in the case of ethernet, it is 100 mbps / 10 mbps = 10. Note: if ip ospf cost cost is used on the interface, it overrides this formulated cost.

What are the states used in ospf when forming neighbor ship? 
2-way. The 2-way state indicates that the local router has received a hello packet with its own router id in the neighbor field. Thus, bidirectional communication has been established and the peers are now ospf neighbors.

Types of ospf packets ?
1. The hello packet: the hello packets are sent over a period of time on all interfaces for the purpose of establishing and maintaining neighbor relationships. Hello packets are multicast on the networks having multicast capability, which enables discovery of neighboring routers dynamically. The inhabitance of differences among hello packets can form neighbor relationships by agreeing certain parameters.

2. The database description packet: at the time of adjacency is being initialized, these packets are exchanged. These packets describe topological database contents. The database may be described by using multiple packets. A pollresponse procedure is used for the description of multiple packets usage. Among the routers, one is designated to be master, and the other a slave. The database description packets are sent by the slave after sending the database description packets by the master.

3. The link state request packet: a router may find the parts of its topological database are out of date, after database description package exchange with a neighboring router. The link state request packet is utilized for requesting the pieces of the neighbor’s database which are more up to date. There may be a need to utilize multiple link state request packets.

4. The link state update packets: the flooding of link state advertisements is implemented by these packets. A collection of link state advertisements are carried by each link statement update packet, one hop further from its origin. A packed may be included by several link state advertisements.

 5. The link state acknowledge packets: the reliability of flooding link state advertisement is made by explicitly acknowledging flooded advertisements. The accomplishment of this acknowledgement is done through the sending and receiving of link sate acknowledgement packets. A single link state acknowledgement packet is used to acknowledge the multiple link state advertisements.

What is ospf router id and how is it elected? 
Router id is 32 bit number similar to ip address. It is elected as highest ip address of loopback interfaces or highest ip of the active physical interfaces if loopback is not present. It can also be set manually but it will take effect when ospf process is reset completely or device is reloaded. There should be only one router-id per device running ospf to avoid database issues.

What is the dr/bdr in ospf? How these are elected and in what scenario? 
Dr/bdr election happens in shared multi access network to avoid full mesh scenario. In shared environment, every ospf router will try to form neighbor ship with other router, so dr/bdr comes in to action and act as single point of contact. Neighborship will only form with dr and backup dr. Dr router will be the highest priority router and bdr will be second highest priority. If there is a tie, then highest router-id will be used to make the decision. Router id is elected as the highest numerical loopback ip or the highest physical active ip address or the interface ip which comes up first.

What is the multicast ips used by ospf? What multicast ip does dr/bdr router and non-dr use? 
Ospf routers use 224.0.0.5 multicast ip address. However, in dr/bdr it uses 224.0.0.5 and 224.0.0.6. Dr/bdr will use 224.0.0.6 while replying to ospf routers in broadcast multi access network.

How do i change the reference bandwidth in ospf? 
You can change the reference bandwidth in cisco ios software release 11.2 and later using the ospf autocost reference-bandwidth command under router ospf. By default, reference bandwidth is 100 mbps. The ospf link-cost is a 16-bit number. Therefore, the maximum value supported is 65,535.

How to generate default route in ospf? 
There are two ways to inject a default route into a normal area. If the asbr already has the default route in its routing table, you can advertise the existing 0.0.0.0/0 into the ospf domain with thedefaultinformation originate router configuration command.

What is ospf super backbone area?
 The idea is that this super backbone can override the default behavior of ospf and provide connectivity between customers without the need for crazy virtual-links or tunneling (can’t use vls across area 0 anyway).

What is the concept of auto-cost in ospf? 
The default reference bandwidth for OSPF is 10^8 bps or 100Mbit. Increasing the reference-bandwidth allows a more granular OSPF design. If changed it should be changed on all routers in the OSPF domain.The reason you would change the reference-bandwidth is that you may have link faster than 100M in your network. If you have Gigabit networks but are using the default reference-bandwidth, then Gigabit links are equal in cost to fast Ethernet.
device# configure
device(config)# router ospf
device(config-ospf-router)# auto-cost reference-bandwidth 500

How does ospf calculate it’s metric or cost? 
Ospf uses a reference bandwidth of 100 mbps for cost calculation. The formula to calculate the cost is reference bandwidth divided by interface bandwidth. For example, in the case of ethernet, it is 100 mbps / 10 mbps = 10. Note: if ip ospf cost cost is used on the interface, it overrides this formulated cost.
What algorithm is used by ospf if equal cost routes exist? 
If equal cost routes exist, ospf uses cef load balancing.

Are ospf routing protocol exchanges authenticated?
Yes, ospf can authenticate all packets exchanged between neighbors. Authentication may be through simple passwords or through md5 cryptographic checksums. To configure simple password authentication for an area, use the command ip ospf authentication-key to assign a password of up to eight octets to each interface attached to the area. Then, issue the area x authentication command to the ospf router configuration to enable authentication. (in the command, x is the area number.)

Can we have ospf run over a gre tunnel? 
Yes, refer to configuring a gre tunnel over ipsec with ospf.

What is the maximum number of ospf processes (vrf aware) on 7600/6500 platforms?
 Cisco ios has a limit of 32 routing processes. Two of these are saved for static and directly connected routes. The cisco 7600 router supports 28 ospf processes per vrf.

Which switching technology reduces the size of a broadcast domain?
By using vlan technology we can reduces the size of Broadcast domain.Vlan (virtual local area network) is a logical grouping or Segmenting the devices under a single broadcast domain.As a result provides security and flexibility.

Which protocols are used to configure trunking on a switch?
Vlan trunking protocol (vtp) is a cisco proprietary protocol that propagates the definition of virtual local area networks (vlan) on the whole local area network. To do this, vtp carries vlan information to all the switches in a vtp domain. Vtpadvertisements can be sent over 802.1q, and isl trunks.

What is svi ?
A switched virtual interface (svi) is a vlan of switch ports represented by one interface to a routing or bridging system. There is no physical interface for the vlan and the svi provides the layer 3 processing for packets from all switch ports associated with the vlan.

What is meant by “router on stick” ? 
Router-on-a-stick is a term frequently used to describe a setup up that consists of a router and switch connected using one ethernet link configured as an 802.1q trunk link. In this setup, the switch is configured with multiple vlans and the routerperforms all routing between the different networks/vlan.

Which are the two trunking protocols ? 
Difference between isl & 802.1q. A single communication link called trunk is usedbetween devices to carry traffic which may belong to multiple vlans.There are two main types of encapsulation protocols called isl (inter switch link) which is cisco proprietary protocol and 802.1q which is an ieee standard.

 Which protocol encapsulate etherframes ?
 Isl encapsulates ethernet frames while 802.1q tags ethernet frame.

Which is the vlan not tagged by 802.1q ?
Native vlan

How to delete vlan information from switch ?
Delet flash:vlan.dat

Difference between access and trunk mode ?
 Access mode is used to connect end devices(host) to switches while trunk mode is used to connect between switches.

Difference between dynamic auto and dynamic desirable ?
 Dynamic desirable: attempts to negotiate a trunk with the other end. Dynamic auto: forms a trunk only if requested by the other end .

What is the use of nonegociate command in switch ?
 Nonegociate command disables automatic formation of trunk links. It will be good to configure trunk manually and give non-negociate command for security reason.

Explain different switch port modes ? 
Trunk: forms an unconditional trunk
Dynamic desirable: attempts to negotiate a trunk with the far end
Dynamic auto : forms a trunk only if requested by the far end
Access: will never form a trunk

What is dtp? 
Dynamic trunking protocol is used to automatically establish trunks between capable ports (insecure method).

Which is the command used to see trunk interfaces ? 
Show interface trunk
Show interface fa1/0/13 trunk
Show interface fa1/0/13 switchport Show interface status | include trunk

What is the maximum number of vlans permitted in 802.1q and isl? 
Maximum vlan permitted in 802.1q is 4094 .
Maximum vlan permitted in isl is 1000.

What is the header size of 802.1q ?
 4 bytes

What is the difference between an access port and a trunk port? 
As for the difference between trunks and access ports, a trunk does add dot1q or isl tags directly to frames and can exist on all or multiple vlans. While an access port only passes traffic from a set vlan but does not modify the frame with a vlan tag.

What is frame tagging and different types of frame tagging? 
Vlan frame tagging is a technology which is used to identify the vlan that the packet belongs to. The vlan frame tag is placed on the ethernet frame when the ethernet frame reaches a switch from an access port, which is a member of a vlan.

What is a native vlan and what type of traffic will go through native vlan? 
The native vlan is the only vlan which is not tagged in a trunk, in other words,native vlan frames are transmitted unchanged. Per default the native vlan isvlan 1 but you can change that:
 #show interface fa0/8 trunk. Port mode encapsulation status native vlan. Fa0/8 on 802.1q.

What is inter-vlan routing? 
Virtual lans (vlans) divide one physical network into multiple broadcast domains. But, vlan-enabled switches cannot, by themselves, forward traffic across vlanboundaries. So you need to have routing between these vlans which is calledintervlan routing.

What is spanning tree aka stp ? 
Spanning tree protocol (stp) is a layer 2 protocol that runs on bridges and switches. The specification for stp is ieee 802.1d. The main purpose of stp is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network.

How does stp maintain a loop-free network? 
Spanning tree works by first using an algorithm to find redundant links in the lan and selecting the best paths. Its initial goal is to put all links in either forwarding or blocking. In the end, the links without a redundant link and the best links with a redundant link would be in forwarding state. The redundant links that weren’t as good as the selected links would be in blocking state.

 Spanning tree cannot use multiple links to the same destination. There is no load-sharing feature with spanning tree. Any redundant link that is not as preferred is blocked (essentially shut down) until the primary link goes down. Because the “best ports” are put into forwarding state and the other ports are put into blocking state, there are no loops in the network. When a new switch is introduced to the network, the algorithm and port states are recalculated to prevent a new loop.

What parameters can be tuned to influence the selection of a port as a root or designated port?
 -If a switch has multiple paths to reach the root bridge (root switch), it must select one path and the associated port as the root port. Following are the different steps for selecting the root bridge (switch).
- Spanning tree root port selection process in a non-root switch involves the following steps.

 - Select the port connected to the path with the lowest accumulated spanning tree path cost to theroot bridge (root switch) as the root port, when a non-root switch has multiple paths to reach the root switch.
- If multiple paths are available to reach the root bridge (root switch) with the same accumulatedspanning tree path cost in a non-root switch, select the port connected to the neighbor switch which has the lowest switch id value as the root port.

- If all the multiple paths go through the same neighboring switch to reach the root bridge (root switch), non-root switch will select the local port which receives the lowest port spanning tree port priority value from neighbor switch as the root port.

- If the received spanning tree port priority value values are the same between the connecting ports to reach the root bridge (root switch), non-root switch will select the port which receives the lowest physical port number from neighbor switch as the root port.

What is bdpu ?What is the basics function of bpdu? 
The spanning tree protocol (stp) enabled switches in a redundant local area network (lan) need to exchange information between each other for spanning tree protocol (stp) to work properly. Bridge protocol data units (bpdus) are messages exchanged between the switches inside an interconnected redundant local area network (lan). Bridge protocol data units (bpdus) frames contain information regarding the switch id, originating switch port, mac address, switch port priority, switch port cost etc.
Bridge protocol data units (bpdus) frames are sent out as multicast messages regularly at multicast destination mac address 01:80:c2:00:00:00. When bridge protocol data units (bpdus) are received, the switch uses a mathematical formula called the spanning tree algorithm (sta) to know when there is a layer 2 switch loop in network and determines which of the redundant ports needs to be shut down.

Three types of bridge protocol data units (bpdus) are configuration bpdu (cbpdu), topology change notification (tcn) bpdu and topology change notification acknowledgment (tca). The basic purpose of the bridge protocol data units (bpdus) and the spanning tree algorithm (sta) is to avoid layer 2 switching loops and broadcast storms.

What is the stp listening state? 
The ports on a switch with enabled spanning tree protocol (stp) are in one of the following five port states.
• blocking
• listening
• learning
• forwarding
• disabled
A switch does not enter any of these port states immediately except the blocking state. When the spanning tree protocol (stp) is enabled, every switch in the network starts in the blocking state and later changes to the listening and learning states.

Which command enables rstp on a switch?
Spanning-tree mode rapid-pvst

What is per-vlan spanning tree protocol (pvst).
 A single spanning tree lacks flexibility in how the links are used in the network topology. Cisco implements a protocol known as per-vlan spanning tree plus (pvst+) that is compatible with 802.1q cst but allows a separate spanning tree to be constructed for each vlan.

What is the default bridge priority in a bridge id for all cisco switches?
Bridge id priority 32769 (priority 32768 sys-id-ext 1)

Which stp version run default on cisco switches ?
Pvst+

What is the purpose of spanning tree protocol in a switched lan?
 The spanning tree protocol (stp) was designed to stop layer 2 loops. All ciscoswitches have the stp on by default. ... Convergence occurs when all ports on bridges and switches have transitioned to either the forwarding or blocking states. No data is forwarded until convergence is complete.

Difference between root port and designated port? 
The differences between root port and designated port are listed below.
 root port is a single selected port on a switch, other than root switch, with least path cost to reach the root bridge. The designated port is the port that has the lowest spanning tree path cost on a particular local area network (lan) segment.The root port is the port on the bridge (switch) with the least spanning tree path cost from the switch to theroot bridge.

 A designated port is the port on a local area network (lan) segment with the least spanning tree path cost to the root bridge (root switch).there can be only one root port on a bridge (switch). There may be multiple designated ports on a bridge (switch).All the ports on a root bridge (root switch) are designated port and there is no root port on a root bridge (root switch).a root port can never be a designated port.if one end of a local area network (lan) segment is a designated port, other end is called as non designated port (marked as ndp), if it is not a root port. Non designated port will be always in blocking state, to avoid layer 2 switching loops.

What is the difference between path cost and root path cost? 
Spanning tree uses costs associated to ingress ports to calculate the best path to the root bridge. The root path cost is the cumulative cost from the root to any given switch. Each port has a cost associated to it. On a cisco switch, the port cost can be altered using .

Sw1 (config-if)# spanning-tree [vlan vlan-id] cost cost 
A third term exists which causes a little confusion: path cost. The path cost is the same thing as the port cost, just a different name for it.

What is the difference between stp, mstp, pvst and rstp? 
 Stp. Spanning tree protocol (ieee 802.1d). Forms a loop free graph (tree) in an arbitrary topology of switches. Gives you tools to set preferred location of a root and link costs for determining links to block.
Pvstp. Per-vlan spanning tree protocol . Cisco proprietary protocol that allows each vlan in a network to run an independent spanning tree with an independent root rather than forcing a single topology for all vlans.
 Rstp. Rapid spanning tree protocol (ieee 802.1w). An evolution of the spanning tree protocol with faster convergence time, relying one some more advanced switch capabilities.
 Mst. Multiple spanning tree protocol (ieee 802.1s). A standarized and evolved form of pvstp.
 Etherchannel. A cisco technique that provides the ability to negotiate to bundle multiple physical links into a single, logical, higher speed link. (the standardized form is is ieee 802.3ad link aggregation) .

What is path cost? 
Ports that are determined to have the lowest cost path to the root bridge are called designated ports. Switches or bridges running stp uses bpdu to exchange information.the bridge id is use to determine the root bridge and to determine the root port.

Define selection criteria of stp root bridge. 
Spanning tree protocol (stp) is a layer 2 protocol that runs on bridges and switches. The specification for stp is ieee 802.1d. The main purpose of stp is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network.

Why spanning tree bpdu filter is used? 
The bpdu filter feature effectively disables stp on the selected ports by preventing them from sending or receiving any bpdus. Bpdu filtering supports the ability to prevent switches from sending bpdus on portfast-enabled interfaces. Ports configured for the portfast feature typically connect to host devices.

Can i use bpdu filter on trunk ports?
If a bpdu is received inbound when bpdu filter is applied globally then the portstops filtering and it will lose its portfast status. The bpdu guard default commandwill only apply to ports that are in a portfast operational state.

Which port state is introduced by rapid-pvst? 
Which port state is introduced by rapid-pvst? Pvst+ is based on ieee802.1dspanning tree protocol (stp). But pvst+ has only 3 port states (discarding, learning and forwarding) while stp has 5 port states (blocking, listening, learning, forwarding and disabled).

What is spanning tree protocol (stp) portfast? 
Spanning tree protocol (stp) convergence (layer 2 convergence) happens when bridges and switches have transitioned to either the forwarding or blocking state. ...portfast feature should be used only to connect a single workstation to a switch port to avoid layer 2 switching loop.

What does stp do when it detects a topology change in the network due to a bridge or link failure?
 If spanning tree detects a change in the network due to a bridge or link failure, at least one bridge interface changes from the blocking state to the forwarding state, or vice versa.

How many root bridges can be available on a stp configured network ?
Only one.

If the priority value of the two switches are same, which switch would be elected as the root bridge 
Lowest mac address value

What is the basic purpose of the bpdus and stp?
To avoid the loop

What is configuration bpdu? 
The default bpdu advertisement time of 2 seconds allows changes to be quickly shared with all the other switches in the network, reducing the amount of time any disruption would create. There are three kinds of bpdus: configuration bpdu, used by spanning tree protocol to provide information to all switches.

 What is the destination mac address used by bridge protocol data units (bpdus)? 
Bridge protocol data units (bpdus) are frames that contain information about the spanning tree protocol (stp). Switches send bpdus using a unique mac addressfrom its origin port and a multicast address as destination mac(01:80:c2:00:00:00, or 01:00:0c:cc:cc:cd for per vlan spanning tree).

What is tcn bpdu?
The root switch (bridge) bridge broadcasts the topology change information into the whole network. When a switch (bridge) discovers topology change, it generates atcn (topology change notification) bpdu (bridge protocol data unit) and sends the tcn bpdu on its root port.

 What is tca bpdu? 
The upstream switch (bridge) responds back the sender with tca (topology change acknowledgment) bpdu (bridge protocol data unit) and tca (topology change acknowledgment) bpdu (bridge protocol data unit) The process continues until the root switch (root bridge) receives the tcn bpdu.

What is bridge protocol data unit (bpdu) frame format?
Bridge protocol data units (bpdus) are frames that contain information about the spanning tree protocol (stp). Switches send bpdus using a unique mac address from its origin port and a multicast address as destination mac (01:80:c2:00:00:00, or 01:00:0c:cc:cc:cd for per vlan spanning tree).

What is root port? 
The root port is the port on the bridge (switch) with the least spanning tree path cost from the switch to the root bridge. A designated port is the port on a local area network (lan) segment with the least spanning tree path cost to the rootbridge (root switch).

What is pvst or pvst+?
 Overview of pvst and pvst+ per vlan spanning tree (pvst) is a cisco proprietary protocol that allows a cisco device to have multiple spanning trees. pvst+ is an extension of pvst that allows a cisco device to also interoperate with devices that are running a single spanning tree (ieee 802.1q).

What is extended system id? 
The bridge priority value and the extended system id extension together make up a 16 bit (2-byte) value. The bridge priority making up the left most bits, is a value of 0 to 61440. The extended system id is a value of 1 to 4095 corresponding to the respective vlan participating in stp.

What are stp timers and explain different types of stp timers? 
Important spanning tree protocol (stp) timers are hello timer, forward delay timer and max age timer and their default values are listed below.

Hello timer The hello timer is the time interval between each bridge protocol data unit (bpdu) that is sent on a port. Defaut spanning tree protocol (stp) hello timer is 2 seconds. You can adjust spanning tree protocol (stp) hello timer to any value between 1 and 10 sec. Click the following link to learn how to change the default spanning tree protocol (stp) hello timer.

Forward delay timer The forward delay timer is the time interval that is spent in the listening and learning state. Default spanning tree protocol (stp) forward delay timer is 15 seconds. You can adjust the spanning tree protocol (stp) forward delay timer to any value between 4 and 30 seconds.

Max age timer The max age timer controls the maximum length of time interval that a spanning tree protocol (stp) switch port saves its configuration bridge protocol data unit (bpdu) information. Default max age timer is 20 seconds. You can tune the spanning tree protocol (stp) max age timer to any value between 6 and 40 sec.