Sold to

[email protected]

Page |1

NETWORKER INTERVIEW |
 Page |2

Preface
CCNA stands for Cisco Certified Network Associate. CCNA certification is an
associate-level ideal certification program for entry-level network engineers to
maximize their foundational networking knowledge. It is one of the most respected
and reputed certification in the networking industry. This EBook is ideal for
candidates who have completed or pursuing CCNA certification and intending to
go for interviews. This EBook will help you to prepare for interviews and to revise
your concepts which you have learned during your CCNA certification.

Copyright
Copyright © 2016. All rights reserved. No part of this book may be reproduced or
transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or by any information storage and retrieval system,
without written permission from the publisher.

NETWORKER INTERVIEW |
 Page |3

Warning and Disclaimer

This book is designed to help candidates prepare for CCNA interviews. Every
effort has been made to make this book as complete and as accurate as possible,
but no warranty or fitness is implied.

The publisher and the author make no representations or warranties with respect to
the accuracy or completeness of the contents of this work and specifically disclaim
all warranties, including without limitation warranties of fitness for a particular
purpose. The advice and strategies contained herein may not be suitable for every
situation. Neither the publisher nor the author shall be liable for damages arising
here from.

To Our Readers
Thank you for looking to Networker Interview for your CCNA interview
preparation needs. We at Networker Interview are proud of our reputation for
providing candidates with the knowledge needed to succeed in the highly
competitive interviews.

As always, your feedback is important to us. If you believe you’ve identified an

error in the Book or if you have general comments or suggestions, feel free to
contact us through email at [email protected]

Website
For CCNA, CCNP, CCIE and more visit http://networkerinterview.net

NETWORKER INTERVIEW |
 Page |4

List the Layers of OSI Model?

Application Layer, Presentation Layer, Session Layer, Transport Layer,
Network Layer, Data Link Layer, Physical Layer.

What are the Functions of Transport, Network and Data Link Layer?
Transport layer
1. On the sending device, the Transport layer is responsible for breaking
the data into smaller packets, so that if any packet is lost during
transmission, it will be sent again. At the receiving device, the transport
layer will be responsible for opening all of the packets and reconstructing
the original message.
2. It provides end-to-end data transport services.
3. Establishes logical connection between the sending host and destination
host on an internetwork.
4. Transport layer also performs sequencing. Sequencing is a connection-
oriented service that places TCP segments in right order if they are
received out of order.

Network layer
1.The Network layer (layer 3) manages device addressing.
2. It tracks the location of devices on the network.
3. It determines the best way to move data between devices that are not
locally attached.
4. Routers functions at the Network layer to provide the routing services
within an internetwork.

Data link layer

1.The Data Link layer is responsible for physical transmission of the data.
2. It handles error notification, flow control.
3. Data Link layer ensures that messages are delivered to the proper
device on a LAN using MAC addresses.
4. It translates messages from the Network layer into bits for the Physical
layer to transmit.
5. The Data Link layer formats the message into data frame by adding the
customized header containing the hardware destination and source
address.

NETWORKER INTERVIEW |
 Page |5

Which Layer is responsible for reliable connection?

Transport Layer

Which Layer is responsible for error detection?

Data Link Layer performs error detection not error correction.

Which Layer is responsible for error correction?

Transport layer performs error correction.

What are the functions of Application Layer, Presentation Layer &

Session Layer?
Application Layer – The Application layer of the OSI model is the layer
where users actually communicate to the computer. The Application layer
is also responsible for identifying and establishing the availability of the
communication partner and determines whether sufficient resources for the
communication exist or not. Services that take place at application layer are
E-Mail, File Transfers, Remote Access etc.

Presentation Layer – It is responsible for data translation and code

formatting. When the presentation layer receives data from the application
layer, to be sent over the network, it makes sure that the data is in the
proper format. If it is not, the presentation layer converts the data to the
proper format. On the other side of communication, when the presentation
layer receives network data from the session layer, it makes sure that the
data is in the proper format and once again converts it if it is not.
Formatting functions at the presentation layer may include compression,
decompression, encryption, and decryption.

Session Layer – The Session layer is responsible for setting up, managing,
and tearing down sessions between applications running on
communicating stations. Session layer also synchronizes dialogue between
the presentation layers of the two hosts and manages their data exchange.

What are the different protocols works at each of the layers of OSI
Model?
Physical Layer
ISDN (Integrated Services Digital Network), ADSL (Asymmetric Digital
Subscriber Line), Universal Serial Bus, Bluetooth, Controller Area Network,
Ethernet.

NETWORKER INTERVIEW |
 Page |6

Data Link layer

Spanning Tree Protocol, VLanTrunking Protocol, Dynamic Trunking
Protocol, HDLC, PPP, Frame Relay, Token Ring.

Network Layer
ICMP, IGMP, IPV4, IPV6, IPSEC, OSPF, EIGRP, RIP, BGP.

Transport Layer
TCP, UDP, GRE.

Session Layer
NFS (Network File System).

Presentation Layer
Data encryption/decryption, Data compression, Data Conversion Protocols

Application Layer
DNS, DHCP, FTP, HTTP, NTP, SNMP, SMP, TELNET, TFTP, SSH.

Define Unicast, Multicast and Broadcast?

Broadcast is the term used to describe communication where a piece of
information is sent to all devices on the network segment.
Multicast is the term used to describe communication where a piece of
information is sent from a single source and transmitted to many devices
but not all devices.
Unicast is the term used to describe communication where a piece of
information is sent to a single destination host.

What is the range Of Port Numbers?

Well Known Ports - 0 to 1023
Registered Ports -1024 to 49151
Open Ports - 49152 to 65535

What is the difference between Simplex, Half-duplex and Full-duplex?

Simplex - Data can travel in one direction only.
Half Duplex - Data can travel in both directions but not simultaneously. At a
time Data can flow only in one direction. Example: - HUB.
Full Duplex - Data can travel in both directions simultaneously. Example: -
Switch.

NETWORKER INTERVIEW |
 Page |7

What is a port number and give some examples?

TCP & UDP must use port numbers to communicate with upper layers
because these are what keep track of different conversations crossing the
network simultaneously.

PROTOCOLS PORT NUMBERS

FTP 20, 21

TELNET 23

SMTP 25

DNS 53

67 (DHCP Server)
DHCP
68 (DHCP Client)

TFTP 69

HTTP 80

POP3 110

NTP 123

IMAP4 143

SNMP 161

BGP 179

HTTPS 443

RIP 520

NETWORKER INTERVIEW |
 Page |8

What is a Protocol Number and give some examples?

In IPV4 There is a Field called Protocol to identify the Next Level Protocol.
In IPV6 this Field is called "Next Header" Field.

PROTOCOL PROTOCOL NUMBER

ICMP 1

IGMP 2

IPV4 4

TCP 6

EGP 8

IGP 9

UDP 17

IPV6 41

GRE 47

EIGRP 88

OSPF 89

VRRP 112

What is the MAC Address format?

It is a 12 Digit, 48 Bit (6 Byte) Hardware address written in hexadecimal
format.
It consists of two parts: -
The first 24 Bits OUI (Organizationally Unique Identifier) is assigned by
IEEE to an organization.

NETWORKER INTERVIEW |
 Page |9

The Last 24 Bits is Manufacturer-assigned code. This portion commonly

starts with 24 0s for the first card made and continues in order until there
are 24 1s for the last card made.

What is a Frame?
The Data Link layer formats the message into pieces, each called a data
frame and adds a customized header containing the source and destination
hardware address.

What is TCP/IP Model?

TCP/IP is four layer standard model. It is robust to failures and flexible to
diverse networks. Most widely used protocol for interconnecting computers
and it is the protocol of the internet.
The four layers of TCP/IP model are Application layer, Transport layer,
Internet layer, Network access layer

What are the protocols that are included by each layer of TCP/IP
model?

Layers of TCP/IP
Protocols
model

DNS, DHCP, FTP, TFTP, SMTP, HTTP, Telnet,

Application Layer
SSH

Transport Layer TCP, UDP

Internet Layer IP, ICMP, ARP

Ethernet, Token Ring, FDDI, X.25, Frame Relay,

Network access layer
ARP, RARP

NETWORKER INTERVIEW |
 P a g e | 10

Explain the differences between TCP and UDP?

TCP UDP
Transmission Control Protocol User Datagram Protocol

TCP is a connection-oriented UDP is a connectionless protocol

protocol

It is reliable It is unreliable
It is sequenced (TCP packets are It is unsequenced
sent in a sequence and are received
in the same sequence.)
Lost packets are retransmitted No retransmission
Acknowledgement (received packets No Acknowledgement
are acknowledged)
TCP is heavy-weight. UDP is lightweight
The speed for TCP is slower than UDP is faster.
UDP.

Low overhead but higher than UDP Low overhead than TCP
TCP uses Windowing and Flow No Windowing or Flow Control
Control
TCP is used for application that UDP is used for application that
requires high reliability but not high requires faster operation but not
speed. reliability.

Explain Different Types of cables?

Straight-through cable - The straight-through cable is used to connect
dissimilar devices such as Host to switch or hub, Router to switch or hub. In
this only pins 1, 2, 3 and 6 are used. We connect 1 to 1, 2 to 2, 3 to 3, and
6 to 6 to make a straight through cable

NETWORKER INTERVIEW |
 P a g e | 11

Crossover cables - These are very similar to straight-through cables,

except that in crossover cables the pairs of wires are crisscross which
allows two devices to communicate at the same time. Unlike straight-
through cables, we use crossover cables to connect similar devices. It is
used to connect router to a router, switch to switch, host to host, hub to
hub, hub to switch, router direct to host. In crossover cable 4 pins are used
(1, 2, 3, and 6) here we connect pins 1 to 3 and 2 to 6 on each side of the
cable.

Rollover Cable - Although it is not used to connect any Ethernet

connections but we can use a Rollover cable to connect a computer to the
console port or auxiliary port of the router for administration purposes. Eight
wires are used in this cable to connect serial devices and the order of the
wires from one end of the cable to the other are totally reversed, or rolled
over. A rollover cable is also known as a console cable.

What is Ethernet?
Ethernet is a data link and physical layer specification that allows all hosts
on a network to share the same bandwidth of a link. It is dominating
technology used in LAN networking for controlling access to a shared
network medium.

NETWORKER INTERVIEW |
 P a g e | 12

Explain CSMA/CD?
Carrier Sense Multiple Access with Collision Detection (CSMA/CD), is a
protocol used to prevent collisions by enabling devices share the bandwidth
evenly without allowing two devices transmit at the same time on the
network.

What is ARP?
Address Resolution Protocol (ARP) is a network protocol, which is used to
map a network layer protocol address (IP Address) to a data link layer
hardware address (MAC Address). In short, ARP resolves IP address to
the corresponding MAC address of the device.

Explain the use of ARP?

If a host in a network wants to communicate with another host, it can
communicate only if it knows the MAC address of other host. ARP is used
to get the Mac address of a host from its IP address.

What is an ARP Table (cache)?

ARP maintains a table that contains the mappings between IP address and
MAC address. This table is called ARP Table.

What is the Source & Destination IP address in ARP Request and ARP
Reply packet?
ARP Request
Source - Mac address of host sending the ARP request. (Senders MAC
address)
Destination - FF:FF:FF:FF:FF:FF (Broadcast)

ARP Reply
Source - Mac address of host replying for ARP Request.
Destination - Mac address of host which generated the ARP request initially
(unicast).

How can we differentiate between an ARP Request packet and ARP

Reply packet?
We can differentiate ARP request packet from an ARP reply packet using
the 'operation' field in the ARP packet. For ARP Request it is 1 and for ARP
Reply it is 2.

NETWORKER INTERVIEW |
 P a g e | 13

What is the size of an ARP Request and ARP Reply packet?

The size of an ARP request or ARP reply packet is 28 bytes.

What is Proxy ARP?

Proxy ARP is the process in which one device responds to the ARP
request for another device.
Example - Host A sends an ARP request to resolve the IP address of Host
B. Instead of Host B, Host C responds to this ARP request.

What is Gratuitous ARP? Why it is used?

When a host sends an ARP request to resolve its own IP address, it is
called Gratuitous ARP. In the ARP request packet, the source IP address
and destination IP address are filled with the same source IP address itself.
The destination MAC address is the broadcast address
(FF:FF:FF:FF:FF:FF).
Gratuitous ARP is used by the host after it is assigned an IP address by
DHCP Server to check whether another host in the network does not have
the same IP address. If the host does not get ARP reply for a gratuitous
ARP request, it means there is no another host which is configured with the
same IP address. If the Host gets ARP reply than it means another host is
also configured with the same IP address.

What is Reverse ARP?

Reverse ARP is used to obtain device's IP address when its MAC address
is already known.

What is Inverse ARP?

Inverse ARP dynamically maps local DLCIs to remote IP addresses when
Frame Relay is configured.

What is IP address and it's format?

An IP address is a software address assigned to each machine on an IP
network. It specifies the location of a device on the network. It allows hosts
on one network to communicate with the host on a different network.
It is 32 bits of information. These 32 bits are divided into four sections
referred to as octets or bytes. Each octet contains 1 byte (8 bits).
An IP address can be depicted using one of three methods: -

NETWORKER INTERVIEW |
 P a g e | 14

1. Dotted - decimal, example - 172.16.30.56

2. Binary - 10101100.00010000.00011110.00111000
3. Hexadecimal - AC.10.1E.38

What are the different Classes of IP address and give the range of
each class?
There are five classes of IP addresses: -
Class A - 0 to 127 (0 & 127 cannot be used)
Class B - 128 to 191
Class C - 192 to 223
Class D - 224 to 239 (MULTICAST ADDRESSES)
Class E - 240 to 255 (RESEARCH & DEVELOPMENT)

Class A addresses 127.0.0.0 to 127.255.255.255 are reserved for loopback

addresses.

What are Private addresses and Give range of Private Addresses?

These addresses can be used only on private network. They cannot be
routed through the internet. Private IP addresses are designed for security
and they also save valuable IP address space.
Class A - 10.0.0.0 to 10.255.255.255
Class B - 172.16.0.0 to 172.31.255.255
Class C - 192.168.0.0 to 192.168.255.255

What is subnet mask?

A subnet mask is a 32-bit value that allows the recipient of an IP packet to
distinguish the network ID portion of the IP address from the host ID portion
of the IP address.

What is the Internet Control Message Protocol?

ICMP is basically a management protocol and messaging service provider
for IP. It can provide hosts with information about network problems.

ICMP works at which layer?

It works at Network Layer.

NETWORKER INTERVIEW |
 P a g e | 15

What are various ICMP messages?

1. Destination Unreachable.
2. Buffer Full.
3. Hops/Time Exceeded.
4. Ping.
5. Traceroute.

How Traceroute works?

1. Firstly, Traceroute creates a UDP packet from the source to destination
with a TTL value of 1.
2. Packet reaches the first router where the router decrements the value of
TTL by 1, making packet’s TTL value 0 because of which the packet gets
dropped.
3. As the packet gets dropped, it sends an ICMP message [Hop/Time
exceeded] back to the source.
4. This is how Traceroute comes to know the first router’s address and the
time taken for the round-trip.
5. It sends two more packets in the same way to get average round-trip
time. First round-trip takes longer than the other two due to the delay in
ARP finding the physical address, the address stays in the ARP cache
during the second and the third time and hence the process speeds up.
6. These steps takes place again and again until the destination has been
reached. The only change that happens is that the TTL value is
incremented by 1 when the UDP packet is to be sent to next router/host.
7. Once the destination is reached, Time exceeded ICMP message is not
sent back this time because the destination has already been reached.
8. But, the UDP packet used by Traceroute specifies the destination port
number that is not usually used for UDP. So, when the destination verifies
the headers of the UDP packet, the packet gets dropped because of
improper port being used and an ICMP message [Destination Unreachable]
is sent back to the source.
9. When Traceroute encounters destination unreachable message, it
understands that the destination is reached. Also, destination is reached 3
times to get the average round-trip time.

NETWORKER INTERVIEW |
 P a g e | 16

Which two fields in the ICMP header is used to identify the intent of
ICMP message?
Type and Code.

Which ICMP message confirms the traceroute is completed?

Destination unreachable message.

Which is the importance of identification field in the IP packet?

This is used to identify each fragmented packet so that destination device
can rearrange the whole communication in order.

Which device can reassemble the packet?

This is done only by the ultimate destination.

What is IP datagram?
IP datagram can be used to describe a portion of IP data. Each IP
datagram has set of fields arranged in order. IP datagram has following
fields Version, Header length, Type of service, Total length, Checksum,
Flag, Protocol, Time to live, Identification, Source IP Address and
Destination IP Address, Padding, Options and Payload.

What is Fragmentation?
Fragmentation is a process of breaking the IP packets into smaller pieces
(fragments). Fragmentation is required when the datagram size is larger
than the MTU. Each fragment than becomes a datagram in itself and
transmitted independently from source. These datagrams are reassembled
by the destination.

How the packet is reassembled?

1. When a host receives an IP fragment, it stores this fragment in a
reassembly buffer based on its fragment offset field.
2. Once all the fragments of the original IP datagram are received, the
datagram is processed.
3. On receiving the first fragment, a reassembly timer is started.
4. If this reassembly timer expires before all the fragments are received
than datagram is discarded.

NETWORKER INTERVIEW |
 P a g e | 17

What is MTU (Maximum Transmission Unit)?

The maximum transmission unit (MTU) of an interface tells Cisco IOS the
largest IP packet that can be forwarded out on that interface.

What is the importance of DF, MF flag?

Don’t fragment bit
If DF bit is set, fragmentation is not allowed.
When a router needs to forward a packet larger than the outgoing
interface’s MTU, the router either fragments the packet or discards it. If the
IP header’s Do Not Fragment (DF) bit is set, means fragmentation is not
allowed and the router discards the packet. If the DF bit is not set, means
fragmentation is allowed and the router can perform fragmentation on the
packet.

More fragment bit

If MF bit is set to 1 means more fragments are coming. If it is set to 0
means this is the Last Fragment.
All fragments that belong to an IP datagram will have more fragments bit
set except for the final fragment. The final fragment does not have the more
fragment bit set indicating that this is the last fragment. This is how the
destination device comes to know that it has collected all the fragments of
the IP datagram.

What is the purpose of fragment offset?

It is used to define the size of each fragmented packet.

What is the importance of TTL value?

It defines how long a packet can travel in the network. It is the number of
hops that the IP datagram will go through before being discarded. At every
hop TTL value is decremented by 1. When this field becomes zero, the
packet is discarded. This behavior helps prevent routing loops.

What does the protocol field determines in the IP packet?

The Protocol field is an 8-bit field that identifies the next level protocol. It
indicates to which upper-layer protocol this datagram should be delivered,
Example: - ICMP, TCP, UDP.

NETWORKER INTERVIEW |
 P a g e | 18

What is TCP?
Transmission Control Protocol is a connection oriented protocol. This
means that before any data transfer can take place, certain parameters has
to be negotiated in order to establish the connection.

Explain TCP Three Way Handshake process?

For Reliable connection the Transmitting device first establishes a
connection-oriented (reliable) session with its peer system, which is called
three way handshake. Data is then transferred. When the data transfer is
finished, connection is terminated and virtual circuit is teared down.
1. The initiating host sends a TCP SYN segment indicating the desire to
open the connection. This TCP segment contains the initiating host’s initial
sequence number X.
—————————————————
2. When destination (target host) receives TCP SYN, It acknowledges this
with Ack (X+1) as well as its own SYN Y (It informs source what sequence
number it will start its data with and will use in further messages). This
response is called SYN/ACK.
—————————————————
3. The initiating host sends an ACK (ACK = Y+1) segment indicating that
the connection is set up. Data transfer can then begin.
During this 3 way Handshake, devices are negotiating parameters like
Window Size etc.

What does Window Size indicate?

It is 16-bit window field which indicates the number of bytes a sender will
send before receiving an acknowledgment from the receiver.

What is the purpose of RST bit?

When the connection is not allowed by destination, connection is reset.
RST bit is used to reset the connection.

NETWORKER INTERVIEW |
 P a g e | 19

What are TCP Flags?

TCP Flags are used to influence the flow of data across a TCP Connection.
1. PUSH (PSH) - It pushes the buffered data to the receiver’s application. If
data is to be send on immediate basis we will push it.
2. Reset (RST) - It resets the connection.
3. Finish (FIN) - It finishes the session. It means no more data from the
sender.
4. Urgent (URG) - It is use to set the priority to tell the receiver that this
data is important for you.
5. Acknowledgement (ACK) - All packets after SYN packet sent by client
should have this flag set. ACK=10 means Host has received 0 through 9
and is expecting byte 10 Next.
6. Synchronize (SYN) - SYN is the first message to be sent. It initiates the
connection and synchronizes the sequence number.

What is the difference between PUSH and URG flag?

The PSH flag in the TCP header informs the receiving host that the data
should be pushed up to the receiving application immediately. The URG
flag is used to inform a receiving station that certain data within a segment
is urgent and should be prioritized.

What is the importance of Sequence Number and Acknowledgement

Number?
Sequence Number is a 32-bit field which indicates the amount of data that
is sent during a TCP session. By Sequence Number sender can be
assured that the receiver received the data because the receiver uses this
sequence number as the acknowledgment number in the next segment it
sends to acknowledge the received data. When the TCP session starts, the
initial sequence number can be any number in the range 0–4,294,967,295.
Acknowledgment number is used to acknowledge the received data and is
equal to the received sequence number plus 1.

What is ACL?
Access Control List is a packet filtering method that filters the IP packets
based on source and destination address. It is a set of rules and conditions
that permit or deny IP packets to exercise control over network traffic.

NETWORKER INTERVIEW |
 P a g e | 20

What are different Types of ACL?

There are two main types of Access lists: -
1. Standard Access List.
2. Extended Access List.

Explain Standard Access List?

Standard Access List examines only the source IP address in an IP packet
to permit or deny that packet. It cannot match other field in the IP packet.
Standard Access List can be created using the access-list numbers 1-99 or
in the expanded range of 1300-1999. Standard Access List must be applied
close to destination. As we are filtering based only on source address, if we
put the standard access-list close to the source host or network than
nothing would be forwarded from source.

Configuration
R1(config)# access-list 10 deny host 192.168.1.1
R1(config)# interface fa0/0
R1(config-if)# ip access-group 10 in

Explain Extended Access List?

Extended Access List filters the network traffic based on the Source IP
address, Destination IP address, Protocol Field in the Network layer, Port
number field at the Transport layer. Extended Access List ranges from 100
to 199, in expanded range 2000-2699. Extended Access List should be
placed as close to source as possible. Since extended access list filters the
traffic based on specific addresses (source IP, destination IP) and
protocols, we don’t want our traffic to traverse the entire network just to be
denied wasting the bandwidth.

Configuration
R1(config)# access-list 110 deny tcp any host 192.168.1.1 eq 23
R1(config)# interface fa0/0
R1(config-if)# ip access-group 110 in

NETWORKER INTERVIEW |
 P a g e | 21

Explain Named ACL and its advantages over Number ACL?

It is just another way of creating standard and extended ACL. In named
ACL names are given to identify access-list.
It has following advantage over number ACL: -

In name ACL we can give sequence number which means we can insert a
new statement in middle of ACL.
Configuration
R1(config)# ip access-list extended CCNA
R1(config)# 15 permit tcp host 10.1.1.1 host 20.1.1.1 eq 23
R1(config)# exit
This will insert above statement at Line 15.
R1(config)# interface fa0/0
R1(config-if)# ip access-group ccna in

What is Wildcard Mask?

Wildcard mask is used with ACL to specify an individual hosts, a network,
or a range of network. Whenever a zero is present, it indicates that octet in
the address must match the corresponding reference exactly. Whenever a
255 is present, it indicates that octet needs not to be evaluated.
Wildcard mask is completely opposite to subnet mask.
Example- For /24
Subnet Mask - 255.255.255.0
Wildcard Mask - 0.0.0.255

How to permit or deny specific Host in ACL?

1. Using a wildcard mask "0.0.0.0"
Example - 192.168.1.1 0.0.0.0 or
2.Using keyword "Host"
Example - Host 192.168.1.1

In which directions we can apply an Access List?

We can apply access list in two directions:-
IN - ip access-group 10 in
OUT - ip access-group 10 out

NETWORKER INTERVIEW |
 P a g e | 22

Difference between inbound access-list and outbound access-list?

When an access-list is applied to inbound packets on interface, those
packets are first processed through ACL and then routed. Any packets that
are denied won’t be routed. When an access-list is applied to outbound
packets on interface, those packets are first routed to outbound interface
and then processed through ACL.

Difference between #sh access-list command and #sh run access-list

command?
# sh access-list shows number of hit counts.
# sh run access-list does not show number of hit counts.

How many Access Lists can be applied to an interface on a Cisco

router?
We can assign only one access list per interface per protocol per direction
which means that when creating an IP access lists, we can have only one
inbound access list and one outbound access list per interface. Multiple
access lists are permitted per interface, but they must be for a different
protocol.

How Access Lists are processed?

Access lists are processed in sequential order, evaluating packets from top
to down, one statement at a time. As soon as a match is made, the permit
or deny option is applied, and the packet is not evaluated against any more
access list statements. Because of this, the order of the statements within
any access list is significant. There is an implicit ―deny‖ at the end of each
access list which means that if a packet doesn’t match the condition on any
of the lines in the access list, the packet will be discarded.

What is at the end of each Access List?

At the end of each access list, there is an implicit deny statement denying
any packet for which the match has not been found in the access list.

NETWORKER INTERVIEW |
 P a g e | 23

Key Information

 Any access list applied to an interface without an access list being

created will not filter traffic.

 Access lists only filters traffic that is going through the router. They
will not filter the traffic that has originated from the router.

 If we will remove one line from an access list, entire access-list will be
removed.

 Every Access list should have at least one permit statement or it will
deny all traffic.

What is NAT?
Network Address Translation translates the private addresses into public
addresses before packets are routed to public network. It allows a network
device such as router to translate addresses between the private and
public network.

What are the Situations where NAT is required?

1. When we need to connect to internet and our hosts doesn't have globally
unique IP addresses.
2. When we want to hide internal IP addresses from outside for security
purpose.
3. A company is going to merge in another company which uses same
address space.

What are the advantages of Nat?

1. It conserves legally registered IP addresses.
2. It prevents address overlapping.
3. Provides security by hiding internal (private) IP addresses.
4. Eliminates address renumbering as a network evolves.

NETWORKER INTERVIEW |
 P a g e | 24

What are different types of NAT?

There are mainly three types of NAT: -
1. Static NAT
2. Dynamic NAT
3. Port Address Translation (Overloading)

What is Static NAT?

Static NAT allows for one to one mapping that is it translates one Private IP
address to one Public IP address.
R1(config)# ip nat inside source static 10.1.1.1 15.36.2.1
R1(config)# interface fa0/0
R1(config-if)# ip nat inside (It identifies this interface as inside interface)
R1(config)# interface fa0/1
R1(config-if)# ip nat outside (It identifies this interface as outside interface)

In ip nat inside source command, we can see that the command is

referencing the inside interface as source or starting point of the translation.

What is Dynamic NAT?

It maps a private IP address to a public IP address from out of a pool of
public IP addresses.
R1(config)# ip nat pool CCNA 190.1.1.5 190.1.1.254 netmask
255.255.255.0
R1(config)# ip nat inside source list 10 pool CCNA
R1(config)# interface fa0/0
R1(config-if)# ip nat inside (It identifies this interface as inside interface)
R1(config)# interface fa0/1
R1(config-if)# ip nat outside (It identifies this interface as outside interface)
R1(config)# access-list 10 permit 192.168.1.0 0.0.0.255 (To specify which
Private addresses needs to be translated)

What is Port Address Translation (Overloading)?

It maps multiple private IP address to single public IP address using
different port numbers. PAT allows thousands of users to connect to
internet using one public address only.
R1(config)# ip nat pool CCNA 190.1.1.5 190.1.1.254 netmask

NETWORKER INTERVIEW |
 P a g e | 25

255.255.255.0
R1(config)# ip nat inside source list 10 pool CCNA overload
R1(config)# interface fa0/0
R1(config-if)# ip nat inside (It identifies this interface as inside interface)
R1(config)# interface fa0/1
R1(config-if)# ip nat outside (It identifies this interface as outside
interface)
R1(config)# access-list 10 permit 192.168.1.0 0.0.0.255 (To specify which
private addresses needs to be translated)

What are Inside Local, Inside Global, Outside Local, Outside Global
address?
Inside local address is an IP address of host before translation.
Inside Global address is the public IP address of host after translation.
Outside Local address is the address of router interface connected to ISP.
Outside Global address is the address of outside destination (ultimate
destination).

What is Routing?
The function of routing is to route packets between networks that are not
locally attached.

What is a Router?
A Router is a networking device that performs routing i.e. it routes packets
between devices that are on different networks.
Router is a Layer 3 device.

What is a Protocol?
Protocols are set of rules that govern how devices communicate and share
information across a network. Examples of protocols include:
• IP – Internet Protocol.
• HTTP – Hyper Text Transfer Protocol.
• SMTP – Simple Mail Transfer Protocol.

What is the difference between physical topology & logical topology?

The physical topology is what the network looks like and how all the cables
and devices are connected to each other. The logical topology is the path
that the data takes through the physical topology.

NETWORKER INTERVIEW |
 P a g e | 26

What are the different types of memory in router?

RAM - Running configuration file, routing table, MAC address table is
stored in RAM.
NVRAM - Start up configuration file is stored in NVRAM.
Flash Memory - The flash memory is used to store the Cisco IOS.
ROM - Instructions for POST, Bootstrap program, Mini-IOS is stored in
ROM.

What are the possible locations of IOS image?

FLASH and TFTP Server.

What is ROM Monitor?

If the Bootstrap program is not able to find a valid IOS image, it will act as
ROM Monitor.
ROM Monitor is capable of performing certain configuration task such as:-
1. Recovering a lost password.
2. Changing the configuration register value etc.
3. Downloading IOS image using TFTP

What are the different modes in Router?

1. User Exec mode- In User Exec mode, we can only view the configuration
settings on the device but cannot make any changes to the device
configuration. IOS prompt in user exec mode is Router>

2. Privilege mode - In Privilege mode we can both view and make changes
to the configuration of a router. IOS prompt in Privilege Mode is Router#
Command to navigate to privilege mode from user exec mode:-
Router>enable
Router#

3. Global Configuration mode - In Global Configuration mode we can make

global changes. Global changes are the changes which affects the router
(device) as a whole such as changing the hostname of a device. IOS
prompt in Privilege Mode is Router(config)#
Command to navigate to Global Configuration mode from Privilege mode:-
Router# configure terminal
Router(config)#

NETWORKER INTERVIEW |
 P a g e | 27

4. Specific Configuration mode - We can navigate to a number of sub

prompt from global configuration, such as the interface prompts to
configure the properties of a specific interface and the router mode to
configure routing protocols.
Example:-
Router(config)# interface fa0/0
Router(config-if)#

What is the command to enter privilege mode from user mode?

> enable

What is the command to enter Global configuration mode from

privilege Mode?
# configure terminal

What is the command to reboot a Router?

# reload

What is the command to backup IOS to TFTP server?

# copy flash tftp

What is the command to copy running-config to startup config?

# copy running-config startup-config

Which command is used to enable the interface?

# no shutdown

Which command is used to see date and time on router?

# show clock

What is the command to display the current running configuration?

# show running-config

Define static routing?

In Static routing, routes are manually configured on the router by a network
administrator.
Static routing has the following advantages: -
1. There is no overhead on the router CPU.
2. There is no bandwidth usage between routers.

NETWORKER INTERVIEW |
 P a g e | 28

3. It is secure as the administrator can choose to allow routing access to

certain networks only.
Static routing has the following disadvantages: -
1.The administrator must really understand the internetwork and how each
router is connected in order to configure routes correctly.
2. It is not feasible in large networks because maintaining it is a full-time
job.

What is Default Route?

A default route specifies a path that the router should take if the destination
is unknown. All the IP packets with unknown destination address are sent
to the default route.

What is a Dynamic Routing?

In dynamic routing, routes are learned by using a routing protocol. Routing
protocols will learn about routes from other neighboring routers running the
same routing protocol. Example: - OSPF, EIGRP, RIP.

What is a Routed Protocol?

A routed protocol carries data from one network to another network.
Routed protocol carries user traffic such as file transfers, web traffic, e-
mails etc.
Example: - IP (Internet Protocol), IPX (Internetwork Packet Exchange) and
AppleTalk.

What is Routing Protocol?

Routing Protocols learn the routes and provide the best routes from one
network to another network.
Example: - RIP (Routing Information Protocol), EIGRP (Enhanced Interior
Gateway Routing Protocol) and OSPF (Open Shortest Path First).

What is IGP?
An Interior Gateway Protocol refers to a routing protocol that handles
routing within a single autonomous system. Example: - RIP, IGRP, EIGRP,
and OSPF.

NETWORKER INTERVIEW |
 P a g e | 29

What is EGP?
An Exterior Gateway Protocol refers to a routing protocol that handles
routing between different Autonomous Systems (AS). Example: - Border
Gateway Protocol (BGP).

What is an Autonomous System?

An Autonomous System (AS) is a group of networks under a single
administrative control.

What is Administrative Distance (AD)?

Administrative Distance is the trustworthiness of a routing protocol or route.
Routers use AD value to select the best route when there are two or more
routes to the destination learned through two or more different routing
protocols.

What are the Range of AD values?

0 to 255, where 0 is the best and 255 is the worst.
Routing Protocol Administrative Distance Value
Directly Connected 0
Static route 1
EIGRP 90
OSPF 110
RIP 120

What is Distance-Vector Routing Protocol?

Distance vector routing protocols use the distance or hops as metric to find
paths to destinations.
Example: - Routing Information Protocol (RIP), Interior Gateway Routing
Protocol (IGRP)

What is Link-State Routing Protocol?

Each router running a link state routing protocol originates information
about the router, its directly connected links, and the state of those links.
This information is sent to all the routers in the network as multicast
messages. Link-state routing always try to maintain full networks topology
by updating itself incrementally only when network topology changes.
Example: - Open Shortest Path First (OSPF).

NETWORKER INTERVIEW |
 P a g e | 30

What is Hybrid Routing Protocol?

A Hybrid Routing protocol takes the advantages of both Distance Vector
and Link State Routing protocols.
1. It sends traditional distance vector updates.
2. It has link state characteristics also, which means it synchronizes routing
tables between neighbors at startup, and then it sends specific updates
when network topology changes.
Example: - Enhanced Interior Gateway Routing Protocol (EIGRP)

What is a Route metric?

Routing Protocol uses Route Metric value to find the best path when there
are two or more different routes to the same destination.
Different routing protocols use Route Metric to compute the distance to
destination.
RIP - Hop Count; OSPF – Cost; EIGRP - Bandwidth, Delay, Reliability,
Load, MTU.

What is Hop Count?

Hop count is the number of routers from the source through which data
must pass to reach the destination network.

What are Bandwidth, Delay, Reliability, and Load?

1. Bandwidth - It is the data capacity of a link in Kbps.
2. Delay - It is the time takes to reach the destination.
3. Reliability - The path with the least amount of errors or downtime.
4. Load - It is the amount of utilization of a path.
5. MTU - Maximum transmission unit (MTU) defines the maximum size of
packet that can be sent over a medium.

Define Bandwidth and Latency?

Bandwidth (throughput) and Latency (Delay) are used to measure network
performance. Bandwidth of a network is the number of bits that can be
transmitted over the network in a certain period of time. Latency is the time
taken for a message to travel from one end of a network to the other end. It
is measured in terms of time.

NETWORKER INTERVIEW |
 P a g e | 31

What is Cost?
Cost is the inverse proportion of bandwidth of the links.

What is CDP?
Cisco Discovery Protocol is a CISCO proprietary protocol to help
administrators in collecting information about both locally attached and
remote devices.

What is RIP?
RIP is a Distance-Vector Routing protocol. It is a classful routing protocol
(classful routing protocols do not send subnet mask information in their
routing updates). It does not support VLSM (Variable Length Subnet
Masking). RIP uses Hop count as it’s metric to determine the best path to a
remote network and it supports maximum hop count of 15. Any route
farther than 15 hops away is considered as unreachable. It sends its
complete routing table out of all active interfaces every 30 seconds.

What are the four timers in RIP?

Route update timer (30 seconds) - It is the time interval between periodic
routing updates in which the router sends a complete copy of its routing
table out to all neighbors.
Route invalid timer (180 seconds) - It is the time interval before a router
determines that a route has become invalid. Route will become invalid if it
hasn’t heard any updates about a particular route for that period.
Hold down timer (180 seconds) - It is the amount of time during which
routing information is suppressed. Routes will enter into the holddown state
when an update packet is received that indicated the route is unreachable.
This continues either until an update packet is received with a better metric
or until the holddown timer expires.
Route flush timer (240 seconds) - It is the time between a route becoming
invalid and its removal from the routing table. Before it's removed from the
table, the router notifies its neighbors of that invalid route. The value of the
route invalid timer must be less than that of the route flush timer.

NETWORKER INTERVIEW |
 P a g e | 32

What is the difference between RIPV1 & RIPV2?

RIPV1 RIPV2

RIPV1 is a classful protocol. RIPV2 is a classless protocol.

RIPV1 use broadcasts for

RIPv2 uses multicasts for updates.
updates.

RIPV1 broadcasts updates every RIPv2 support triggered updates (when

30 seconds. a change occurs).

RIPV1 does not support variable

RIPV2 support VLSM.
VLSM.

RIPV1 does not support

RIPV2 support authentication.
authentication.

Explain Load-Balancing in RIP?

RIP can perform load balancing over upto six equal-cost paths.

Explain Split Horizon?

The split horizon feature prevents a route learned on one interface from
being advertised back out of that same interface.

What is Route Poisoning?

With route poisoning, when a distance vector routing protocol notices that a
route is no longer valid, the route is advertised with an infinite metric,
signifying that the route is bad. In RIP, a metric of 16 is used to signify
infinity.

How do you stop RIP updates from propagating out an interface on a

router?
Sometimes we don’t want RIP updates to propagate across the network,
wasting valuable bandwidth. For this purpose, we can use passive-
interface command to stop RIP updates from propagating out an interface.

NETWORKER INTERVIEW |
 P a g e | 33

Which port number and protocol RIP use?

RIP uses UDP port number 520.

What is the administrative distance of RIP?

RIP has an administrative distance of 120.

What is the multicast address of RIP?

224.0.0.9

How do we configure RIP?

Router(config)# router rip
Router(config-router)# network 192.168.1.0
Router(config-router)# version 2 (to convert it into RIPV2)

What is the difference between RIPng and RIP?

RIPng is for IPv6 and RIP is for IPv4

Explain EIGRP Routing Protocol?

Enhanced Interior Gateway Routing Protocol (EIGRP) is an enhanced
distance vector routing protocol which uses Diffused Update Algorithm
(DUAL) to calculate the shortest path. It is also considered as a Hybrid
Routing Protocol because it has characteristics of both Distance Vector and
Link State Routing Protocols.
EIGRP supports classless routing and VLSM, route summarization,
incremental updates, load balancing and other features.

What are the requirements for neighborship in EIGRP?

The following fields in a hello packet must match for routers to become
neighbors: -
1.Autonomous System number.
2. K-values.
3. Authentication.
4. Primary address should be used.
5. If static neighborship than should be defined on both sides.

What metric does EIGRP use?

EIGRP calculates it’s metric by using Bandwidth, Load, Delay, Reliability
and MTU.

NETWORKER INTERVIEW |
 P a g e | 34

What tables do EIGRP routers maintain?

EIGRP router stores routing and topology information in three tables: -
1. Neighbor table - stores information about EIGRP neighbors.
2. Topology table - stores routing information which is learned from
neighbor routers.
3. Routing table - stores the best paths to all networks.

Why no auto-summary command is used in EIGRP?

By default, EIGRP behaves like a classful routing protocol which means it
does not advertises the subnet mask information along with the routing
information. No auto-summary command will ensure that EIGRP sends the
subnet mask information along with the routing information.

What are the EIGRP Hello and Hold timer?

Hello Time - This defines how often EIGRP router will send the hello packet
to other EIGRP router.
Hold Time - If an EIGRP router does not receive hello for Hold time than it
will assume that link is down and it will drop the neighborship.

What are the default values EIGRP Hello and Hold timer?
Hello Time - 5 seconds
Hold Time - 15 seconds

What is Successor?
Successor is the best path to reach to a destination in the topology table.

What is feasible successor?

Feasible successor is the second best path to reach a destination after
successor. It acts as backup for the successor.

What is feasible distance?

Feasible distance is the lowest distance (metric) to reach destination
network. The route with this metric will be in routing table as it is the best
route to reach a remote (destination) network.

What is Advertised Distance/Reported Distance?

Advertised distance is the distance (Metric) of a neighbor router to reach

NETWORKER INTERVIEW |
 P a g e | 35

destination network. This is the metric to reach destination network as

reported by a neighbor.

What Authentication does EIGRP supports?

EIGRP supports Only MD5.

Give the Formula EIGRP uses to calculate Metric?

((10^7/least bandwidth) + cumulative delay)*256

What is the Different Administrative Distance that EIGRP use?

1. Internal - 90
2. External - 170
3. Summary - 5

What multicast address does EIGRP use?

EIGRP routers use the multicast address of 224.0.0.10

How we configure EIGRP?

Router(config)# router eigrp 100
Router(config-router)# network 12.1.1.0 0.0.0.255
Router(config-router)# network 23.1.1.0 0.0.0.255
Router(config-router)# no auto-summary

Give some commands to troubleshoot EIGRP?

# show ip route - It shows full Routing Table.
# show ip route eigrp - It only shows those routes that are learned through
EIGRP protocol in the routing table.
# show ip eigrp neighbors - It shows EIGRP Neighbor Table.
# show ip eigrp topology - It shows EIGRP Topology Table.

What is OSPF Routing protocol?

Open shortest path first is an Open Standard Link State routing protocol
which works by using Dijkastra algorithm to initially construct the shortest
paths and follows that by populating the routing table with resulting best
paths.

NETWORKER INTERVIEW |
 P a g e | 36

Mention some characteristics of OSPF?

1. OSPF is a classless routing protocol that supports VLSM and CIDR.
2. It allows for creation of areas and autonomous system.
3. OSPF uses cost as its metric, which is computed based on the
bandwidth of the link.
4. It has no hop-count limit. It supports unlimited Hop count.
5. OSPF supports both IPV4 & IPV6.
6. OSPF routes have an administrative distance of 110.

What is the need for dividing the autonomous system into various
areas?
We would divide the autonomous system into various areas to keep route
updates to a minimum to conserve resources and to keep problems from
propagating throughout the network.

What is the benefit of dividing the entire network into areas?

The following are benefits of dividing the entire network into areas: -
1. Decrease routing overhead.
2. Speed up convergence.
3. Confine network instability to single areas of the network.

What is Backbone Area?

While configuring multi-area OSPF, one area must be called area 0,
referred to as backbone area. All other areas must connect to backbone
area as inter-area traffic is send through the backbone area.

Explain Area Border Router (ABR)?

It is the router that connects other areas to the backbone area within an
autonomous system. ABR can have its interfaces in more than one area.

What is Autonomous System Border Router (ASBR)?

It is the router that connects different Autonomous Systems.

NETWORKER INTERVIEW |
 P a g e | 37

What is OSPF Router ID?

Router Id is used to identify the router. Highest IP address of the router's
loopback interfaces is chosen as the Router ID, if no loopback is present
than highest IP address of the router's physical interfaces will be chosen as
Router ID

What Parameters must match for two routers to become neighbors?

The following parameters must be the same on both routers in order for
routers to become neighbors: -
1. Subnet
2. Area id
3. Hello and Dead interval time
4. Authentication

How OSPF DR & BDR is elected?

• The router with the highest priority becomes the DR and router with
second highest priority becomes the BDR. If there is a tie in priority, router
with the highest Router ID will become DR.
• By default priority on Cisco routers is 1. We can manually change it.
• If the router priority is set to 0 (Zero), that router will not participate in
DR/BDR election.
• DR election process is not preemptive. If a router with a higher priority is
added to the network, it will not become DR until we clear OSPF process
and DR/BDR election takes place again.
Command to change the priority on an interface
router(config)# interface fa0/0
router(config-if)# ip ospf priority 100

Why DR and BDR are elected in OSPF?

All OSPF routers will form adjacencies with the DR and BDR. If link-state
changes, the update will be sent only to the DR, which then forwards it to
all other routers. This greatly reduces the flooding of LSAs therefore
conserving the bandwidth.

NETWORKER INTERVIEW |
 P a g e | 38

Explain the various OSPF states?

OSPF routers need to go through several states before establishing a
neighbor relationship: -
1. Down – No Hello packets have been received on the interface.
2. Attempt – In Attempt state neighbors must be configured manually. It
applies only to nonbroadcast multi-access (NBMA) networks.
3. Init – Router has received a hello message from the other OSFP router.
4. 2way state – The neighbor has received the hello message and replied
with a hello message of his own. Bidirectional communication has been
established. In Broadcast network DR-BDR election can occur after this
point.
5. Exstart state – DR & BDR establish adjacencies with each router in the
network. Master-slave election will take place (Master will send its DBD
first).
6. Exchange state – Routing information is exchanged using DBD
(Database Descriptor) packets, Link-State Request (LSR). Link-State
Update packets may also be sent.
7. Loading state – LSRs (Link State Requests) are send to neighbors for
every network it doesn't know about. The Neighbor replies with the LSUs
(Link State Updates) which contain information about requested networks.
The requested information has been received, other neighbor goes through
the same process
8. Full state – All neighbor routers have the synchronized database and
adjacencies have been established.

Explain OSPF LSA, LSU and LSR?

The Link-State Advertisements (LSA) are used by OSPF routers to
exchange routing and topology information. When two neighbors decide to
exchange routes, they send each other a list of all LSA in their respective
topology database. Each router then checks its topology database and
sends Link State Request (LSR) message requesting all LSAs that was not
found in its topology table. Other router responds with the Link State
Update (LSU) that contains all LSAs requested by the neighbor.

NETWORKER INTERVIEW |
 P a g e | 39

Explain OSPF timers?

Hello interval - This defines how often OSPF router will send the hello
packet to other OSPF router.
Dead interval - This defines how long a router will wait for hello packets
before it declares the neighbor dead.

What is the default Hello Interval?

The default Hello Interval for OSPF is 10 seconds.

What is the default Dead Interval?

The Dead Interval is four times the Hello Interval. By default it is 40
seconds.

What multicast address does OSPF use?

OSPF use the multicast address of 224.0.0.5 & 224.0.0.6.

Tables maintained by OSPF?

Router participating in OSPF routing protocol maintains three OSPF
tables:-
1. Neighbor table - stores information about OSPF neighbors.
Command to see # show ip ospf neighbor
2. Topology table - stores the topology structure of a network.
Command to see # show ip ospf topology
3. Routing table - stores the best routes to all known networks.
Command to see # show ip route ospf

What are different OSPF LSA types?

1. Router LSA (Type1) - Each router generates a Type 1 LSA that lists its
active interfaces, IP addresses, neighbors and the cost. LSA Type 1 is
flooded only within an area.
2. Network LSA (Type2) - Type 2 LSA is sent out by the designated router
(DR) and lists all the routers on the segment it is adjacent to. Type 2 LSA is
flooded only within an area. It contains the information about DR's.
3. Summary LSA (Type3) - Type 3 LSA is generated by Area Border
Routers (ABRs) to advertise networks from one area to the rest of the
areas in Autonomous System. It contains the information about inter-area
routes.

NETWORKER INTERVIEW |
 P a g e | 40

4. Summary ASBR LSA (Type4) - It is generated by the ABR and contains

route to reach ASBR.
5. External LSA (Type5) - External LSAs are generated by ASBRs and
contain routes to networks that are external to current AS (external routes).
6. Not-So-Stubby Area LSA (Type7) - Stub areas do not allow Type 5
LSAs. A Not So Stubby Area (NSSA) allows advertisement of Type 5 LSA
as Type 7 LSAs. Type 7 LSA is generated by an ASBR inside a Not So
Stubby Area (NSSA) to describe routes redistributed into the NSSA.

How do we configure OSPF Routing Protocol?

router(config)# router ospf 10
router(config-router)# network 12.1.1.0 0.0.0.255 area 0
router(config-router)# network 23.1.0.0 0.0.255.255 area 1
router(config-router)# exit
• Router ospf 10 command enables the OSPF process. Here ―10‖ indicates
the OSPF process ID and can be different on neighbor routers. Process ID
allows multiple OSPF processes to run on the same router.
• Second command configures 12.1.1.0/24 network in area 0.
• Third command configures 23.1.0.0/16 network in area 1.

Explain Switching?
The function of Switching is to switch data packets between devices on the
same network.

What is a Switch?
A Switch is a device which is used to connect multiple devices inside Local
Area Network (LAN). Unlike hubs, switch examines each packet and
processes it accordingly rather than simply repeating the signal to all ports.
Switch operates at layer 2 (Data Link Layer) of the OSI model.

What is the difference between a Hub, Switch & Router?

Hub – It is designed to connect hosts to each other with no understanding
of what it is transferring. When a Hub receives a packet of data from a
connected device, it broadcasts that data packet to all other ports
regardless of destination port. HUB operates at Layer 1 (Physical Layer).
Switch – It also connects hosts to each other like a hub. Switch differs from

NETWORKER INTERVIEW |
 P a g e | 41

a hub in the way it handles packets. When a switch receives a packet, it

determines what hosts the packet is intended for and sends it to that hosts
only. It does not broadcast the packet to all the hosts as a hub does which
means bandwidth is not shared and makes the network more efficient.
Switch operates at Layer 2 (Data Link Layer).
Router– It is different from a switch or hub since its function is to route data
packets to other networks, instead of just the local network. Routers
operate at Layer 3 (Network Layer).

What are the functions of a Switch?

The Switch performs three major functions: -
1. Address learning.
2. Packet forwarding/filtering.
3. Loop avoidance by Spanning Tree Protocol.

What is a Broadcast Domain and a Collision Domain?

Broadcast Domain– Broadcast is a type of communication, where the
sending device send a single copy of data and that copy of data will be
delivered to every other device in the network segment. A Broadcast
Domain consists of all the devices that will receive every broadcast packet
originating from any device within the network segment. All ports on a hub
or a switch are by default in the same broadcast domain. All ports on a
router are in the different broadcast domains and routers don't forward
broadcast.
Collision Domain– It is a network scenario where one particular device
sends a packet on a network segment forcing every other device on that
same segment to pay attention to it. At the same time, if a different device
tries to transmit simultaneously, it will lead to a collision after which both
devices must retransmit, one at a time. This situation is often in a hub
environment, because each port on a hub is in the same collision domain.
By contrast, each port on a bridge, a switch or router is in a separate
collision domain.

NETWORKER INTERVIEW |
 P a g e | 42

Compare HUB and switch with respect to broadcast and collision

domain?
In Hub there is one collision domain and one broadcast domain.
In Switch there is multiple collision domain and one broadcast domain.

What is a MAC address table and how a switch will build a MAC table?
Switch maintains an address table called MAC address Table or CAM
Table (Content Addressable Memory Table). When the switch receives a
frame, source MAC address is learned and recorded in the MAC address
table along with the port of arrival, VLAN and time stamp. The switch
dynamically builds the MAC address table by using the source MAC
address of the frames received. This table is then used by switch to
determine where to forward traffic on a LAN.

How switch Learns Mac Address?

When a frame reaches to the port of a switch, the switch reads the MAC
address of the source device from frame and compares it to its MAC
address table. If the switch does not find a corresponding entry in MAC
address table, the switch will add the address to the table with the port
number at which the Ethernet frame is received.
If the MAC address is already available in the MAC address table, the
switch compares the incoming port with the port already available in the
MAC table. If the port numbers are different, the switch updates the MAC
address table with the new port number.

How does switch perform Forwarding function?

When a Layer2 Ethernet frame reaches a port on the Switch, it not only
reads the source MAC address of the Ethernet frame as a part of learning
function, but also reads the destination MAC address as a part of
forwarding function. The destination MAC address is important to
determine the port which the destination device is connected to.
As the destination MAC address is found on the MAC address table, the
switch forwards the frame on that corresponding port.

Explain Flooding?
If the destination MAC address is not found in the MAC address table, the

NETWORKER INTERVIEW |
 P a g e | 43

switch forwards the frame out all of its ports except the port on which the
frame was received. This is known as flooding.

What is a VLAN and how it will reduce the broadcast traffic?

A VLAN is a logical grouping of network users and resources connected to
administratively defined ports on a switch. VLAN divides the broadcast
domain so that the broadcast frames are sent only on those ports that are
grouped within the same VLAN.

What is the difference between an access port and a trunk port?

Access port - Access Port belongs to and carries the traffic of only one
VLAN. Anything arriving on an access port is simply assumed to belong to
the VLAN assigned to the port. Any device attached to an access link is
unaware of a VLAN membership as switches remove any VLAN
information from the frame before it’s forwarded out to an access-link
device. Access-link devices can’t communicate with devices outside their
VLAN unless the packet is routed.
Trunk Ports - Trunk Port can carry the traffic of multiple VLANs from 1 to
4094 at a time. Normally Trunk link is used to connect switches to other
switches or to routers. Trunk ports support tagged and untagged traffic
simultaneously.

What is Frame Tagging and different types of Frame Tagging?

Frame tagging method uniquely assigns a VLAN ID to each frame. It is
used to identify the VLAN that the Frame belongs to.
There are mainly two types of Frame Tagging Method: -
1. Inter-Switch Link (ISL)
2. 802.1Q
These are also known as Frame Encapsulation Protocols.

Explain difference between 802.1Q and ISL?

802.1Q - It is an open standard created by the Institute of Electrical and
Electronics Engineers (IEEE). To identify to which VLAN a frame belongs
to, a field is inserted into the frame's header. It is a Light Weighted Protocol
& adds only 4 Bytes within Frame's Header.
ISL (Inter-Switch Link) - This protocol is Cisco proprietary which means

NETWORKER INTERVIEW |
 P a g e | 44

unlike 802.1Q, it can be used only between Cisco switches. ISL works by
adding Header (26 Bytes) and Trailer (4 Bytes) with Original Ethernet
Frame.

What is a Native VLAN and What type of traffic will go through Native
VLAN?
The Trunk port is assigned a default VLAN ID for a VLAN that all untagged
traffic will travel on. This VLAN is called the Native VLAN and is always
VLAN 1 by default (but can be changed to any VLAN number). Any
untagged or tagged traffic with unassigned VLAN ID is assumed to belong
to the Native VLAN.

What is Inter-VLAN Routing?

VLANs divide broadcast domains in a LAN environment so, by default only
hosts that are members of the same VLAN can communicate. Whenever
hosts in one VLAN need to communicate with hosts in another VLAN, the
traffic must be routed between them. This is known as Inter-VLAN routing.
This can be done by two methods - Router-On-Stick & Switch Virtual
Interfaces (SVI)

Give the commands to create VLAN?

Switch(config)# vlan 10
Switch(config-vlan)# name sales
Switch(config-vlan)# exit

How can we add an interface to a VLAN?

Switch(config)# interface fastethernet0/0
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10

How to configure trunk link?

Switch(config)# interface fa0/24
Switch(config-if)# switchport trunk encapsulation <dot1q/isl>
Switch(config-if)# switchport mode trunk

NETWORKER INTERVIEW |
 P a g e | 45

How can we change Native Vlan?

Switch(config)# interface fa0/0
Switch(config-if)# switchport trunk native vlan 100

Which command is used to see trunk interfaces?

Switch# show interface trunk

Which command is used to see all VLANs information?

Switch# show vlan

What is VTP?
VTP (VLAN Trunking Protocol) is a Cisco proprietary protocol used by
Cisco switches to exchange VLAN information. VTP is used to synchronize
VLAN information (Example:-VLAN ID or VLAN Name) with switches inside
the same VTP domain.

What are different VTP modes?

VTP Server mode - By default every switch is in server mode. Switch in
VTP Server Mode can create, delete VLANs and will propagate VLAN
changes.
VTP Client mode - Switch in VTP client mode cannot create or delete
VLANs. VTP client mode switches listen to VTP advertisements from other
switches and modify their VLAN configurations accordingly. It listens and
forwards updates.
VTP Transparent mode - Switch in VTP Transparent mode does not share
its VLAN database but it forwards received VTP advertisements. We can
create and delete VLANs on a VTP transparent switch but these changes
are not sent to other switches.

What are the requirements to exchange VTP messages between two

switches?
1. Switch should be configured as either a VTP server or VTP client.
2. VTP domain name must be same on both switches.
3. VTP versions must match.
4. Link between the switches should be a trunk link.

NETWORKER INTERVIEW |
 P a g e | 46

What is VTP Pruning?

VLAN Trunking Protocol (VTP) pruning is a feature in Cisco switches,
which stops VLAN update information traffic from being sent down trunk
links if the updates are not needed. Broadcast frames, multicast frames or
unicast frames for which the destination MAC address is unknown are
forwarded over a trunk link only if the switch on the receiving end of the
trunk link has ports in the source VLAN. This avoids unnecessary flooding.
VLAN 1 can never prune because it’s an administrative VLAN.

Explain Dynamic Trunking Protocol (DTP)?

Dynamic Trunking Protocol (DTP) is a Cisco proprietary trunking protocol
used for negotiating trunking on a link between two Cisco Switches.
Dynamic Trunking Protocol (DTP) can also be used for negotiating the
encapsulation type of either 802.1q or Cisco ISL (Inter-Switch Link).

Explain dynamic desirable & dynamic auto?

Dynamic Desirable - It Initiates negotiation. Switch port configured as DTP
dynamic desirable mode will actively try to convert the link to a trunk link if
the port connected to other port is capable to form a trunk.
Dynamic Auto - It does not Initiates negotiation but can respond to
negotiation. Switch port configured as DTP dynamic auto is capable to form
trunk link if the other side switch interface is configured to form a trunk
interface and can negotiate with trunk using DTP.

What is STP and Redundant Links?

Spanning Tree Protocol (STP) is a protocol which prevents layer 2 loops.
STP enables switches to become aware of each other so that they can
negotiate a Loop-Free path through network.
In practical Scenario, Redundant links are created to avoid complete
network failure in an event of failure of one link.

How STP works?

STP chooses a Reference point (Root Bridge) in the network and
calculates all the redundant paths to that reference point. Than it picks one
path which to forward frames and blocks other redundant paths. When
blocking happens, Loops are prevented.

NETWORKER INTERVIEW |
 P a g e | 47

What are the different port states?

1. Disabled - A port in the disabled state does not participate in the STP.
2. Blocking - A blocked port does not forward frames. It only listens to
BPDUs. The purpose of the blocking state is to prevent the use of looped
paths.
3. Listening - A port in listening state prepares to forward data frames
without populating the MAC address table. The port sends and listens to
BPDUs to make sure no loops occur on the network.
4. Learning - A port in learning state populates the MAC address table but
doesn’t forward data frames. The port still sends and receives BPDUs as
before.
5. Forwarding - The port now can send and receive data frames, collect
MAC addresses in its address table, send and receive BPDUs. The port is
now a fully functioning switch port within the spanning-tree topology.

What are STP Timers and Explain different types of STP Timers?
STP uses three timers to make sure that a network converges properly
before a bridging loop can form.
Hello timer - The time interval between Configuration BPDUs sent by the
root bridge. It is 2 seconds by default.
Forward Delay timer - The time interval that a switch port spends in both
the Listening and Learning states. The default value is 15 seconds.
Max (Maximum) Age timer - Maximum length of time a BPDU can be
stored without receiving an update. It can also be define as a time interval
that a switch stores a BPDU before discarding it. It is 20 seconds by
default.

Explain types of STP Port Roles?

Root port - The root port is always the link directly connected to the root
bridge, or the shortest path to the root bridge. It is always on Non-Root
Bridge.
Designated port - A designated port is one that has been determined as
having the best (lowest) cost. A designated port will be marked as a
forwarding port. It can be on both Root Bridge & Non Root Bridge. All ports
of Root Bridge are Designated Port.
Forwarding port - A forwarding port forwards frames.

NETWORKER INTERVIEW |
 P a g e | 48

Blocked port - A blocked port is the port that is used to prevent loops. It
only listens to BPDUs. Any port other than Root port & Designated port is a
Block Port.

What is BPDU?
All the switches exchange information to select Root Bridge as well as for
configuration of the network. This is done through Bridge Protocol Data
Unit (BPDU). Each switch compares the parameters in the BPDU that it
sends to one neighbor with the one that it receives from another neighbor.

What is the destination MAC address used by Bridge Protocol Data

Units (BPDUs)?
Bridge Protocol Data Units (BPDUs) frames are sent out as at multicast
destination MAC address 01:80:c2:00:00:00.

What are Types of BPDU?

Two types of BPDU exist:-
Configuration BPDU - used for spanning-tree computation.
Topology Change Notification (TCN) BPDU - used to announce changes in
the network topology.

How Root Bridge is elected?

The bridge ID is used to elect the root bridge in the STP domain. This ID is
8 bytes long and includes both the priority and the MAC address of the
device.
Switch with the lowest bridge ID is elected as the Root Bridge which means
switch with the lowest priority will become Root Bridge if two or more
switches have same priority than switch with lowest MAC address will
become Root Bridge.

What is Root Port?

Once the root switch is elected, every other switch in the network must
select a single port on itself to reach the root switch. The port with the
lowest root path cost (lowest cumulative cost to reach root switch) is
elected as the root port and is placed in the forwarding state. Root Bridge
will never have a Root Port.

NETWORKER INTERVIEW |
 P a g e | 49

What is Path Cost or Spanning Tree Path Cost value?

The Path Cost Value is inversely proportional to the bandwidth of the link
and therefore a path with a low cost value is more preferable than a path
with high cost value.
Link Bandwidth Cost Value
10 Gbps 2
1 Gbps 4
100 Mbps 19
10 Mbps 100

What is Extended System ID?

The Extended System ID is utilized by spanning-tree to include the VLAN
ID information inside 16-bit STP Bridge Priority value. Extended System ID
is the least significant 12-bits in 16-bit STP Bridge Priority value.

What is DHCP?
Dynamic Host Configuration Protocol (DHCP) assigns IP addresses to
hosts dynamically. It allows easier administration and works well in small as
well as very large network environments. All types of hardware can be used
as a DHCP server including a Cisco router.

What information a DHCP server can provide to a host?

DHCP server can provide following information: -
IP address
Subnet mask
Default gateway
Domain Name Server
WINS information

How DHCP Works?

DHCP works on DORA Process (DISCOVER - OFFER - REQUEST -
ACKNOWLEDGEMENT).

1. When a client needs an IP address, it tries to locate a DHCP server by

sending a broadcast called a DHCP DISCOVER. This message will have a
destination IP of 255.255.255.255 and destination MAC of ff:ff:ff:ff:ff:ff.
[source IPaddress- 0.0.0.0 , destination IP address- 255.255.255.255,

NETWORKER INTERVIEW |
 P a g e | 50

source Mac address- Mac address of host, destination Mac address-

FF:FF:FF:FF:FF:FF]
————————————————
2. On receiving DHCP Discover, server sends a DHCP OFFER message to
the client. The DHCPOFFER is a proposed configuration that may include
IP address, DNS server address, and lease time. This message will be a
unicast.
[source Mac address- Mac address of DHCP Server, destination Mac
address- Mac address of Host]
————————————————
3. If the client finds the offer agreeable, it sends DHCP REQUEST
message requesting those particular IP parameters. This message will be a
Broadcast message.
[source Mac address- Mac address of Host, destination Mac address-
FF:FF:FF:FF:FF:FF]
————————————————
4. The Server on receiving the DHCP REQUEST makes the configuration
official by sending a unicast DHCP ACK acknowledgment.
[source Mac address- Mac address of Server, destination Mac address-
Mac address of Host]

What is the reason for getting APIPA address?

With APIPA, DHCP clients can automatically self-configure an IP address
and subnet mask, if DHCP server is not available. A client uses the self-
configured IP address until a DHCP server becomes available. The APIPA
service also checks regularly for the presence of a DHCP server. If it
detects a DHCP server on the network, APIPA stops and the DHCP server
replaces the APIPA networking addresses with dynamically assigned
addresses.

What is the range of APIPA address?

The IP address range is 169.254.0.1 through 169.254.255.254. The client
also configures itself with a default class B subnet mask of 255.255.0.0.

What is the purpose of relay agent?

A DHCP relay agent is any host that forwards DHCP packets between

NETWORKER INTERVIEW |
 P a g e | 51

clients and servers if they are not on the same physical subnet. Relay
agents are used to forward requests and replies between clients and DHCP
servers when they are not on the same physical subnet.
DHCP relay agent can be configured using the ip helper-address
command.

What is DHCP decline message?

It is sent by client to server indicating that IP address is already in use by
another device (already assigned to another device).

What is DHCPNAK message?

If the server is unable to satisfy the DHCPREQUEST message (The
requested IP address has already been allocated to other device) the
server should send DHCPNAK message to client. It can also be sent if
client's notion of network address is incorrect (client has moved to new
subnet) or client's lease expired.

What is SNMP?
The Simple Network Management Protocol (SNMP) enables a network
device to share information about itself and its activities. It uses the User
Datagram Protocol (UDP) as the transport protocol for passing data
between managers and agents.

What are the Components of SNMP?

A complete SNMP system consists of the following parts: -
SNMP Manager - A network management system that uses SNMP to poll
and receive data from any number of network devices. The SNMP
manager usually is an application that runs in a central location.
SNMP Agent - A process that runs on the network device being monitored.
All types of data are gathered by the device itself and stored in a local
database. The agent can then respond to SNMP polls and queries with
information from the database, and it can send unsolicited alerts or ―traps‖
to an SNMP manager.

Which Ports are used in SNMP?

SNMP uses the UDP port 161 for sending and receiving requests, and port
162 for receiving traps from managed devices.

NETWORKER INTERVIEW |
 P a g e | 52

Explain MIB?
MIB is a hierarchical Database Structure for information on the device.
Example - Serial numbers are in a specific location, NIC Statistics etc.

What are different SNMP versions?

There are different versions of SNMP - SNMP V1, SNMP V2c, and SNMP
V3.
SNMP version 1 - It is the oldest flavor. It is easy to set up – only requires
a plaintext community.
SNMP version 2c - It is identical to Version 1, except that it adds support
for 64 bit counters.
SNMP version 3 - It adds security to the 64 bit counters. SNMP version 3
adds both Encryption and Authentication, which can be used together or
separately.

Explain HSRP?
HSRP is a Cisco proprietary protocol that provides a redundant gateway for
hosts on the same subnet. It does not support load balancing i.e. only one
router is active and two or more routers just sit there in standby mode and
does not pass traffic unless active router failed.

Explain HSRP Timers?

Hello timer - It is the time interval during which each of the routers send out
Hello messages to identify the state that each router is in. Its default value
is 3 seconds
Hold timer - It specifies the interval the standby router uses to determine
whether the active router is active or not. By default, the hold timer is 10
seconds, roughly three times the default for the hello timer.
Active timer - This timer monitors the state of the active router. The timer
resets each time a router in the standby group receives a Hello packet from
the active router.
Standby timer - This timer is used to monitor the state of the standby
router. The timer resets each time a router in the standby group receives a
Hello packet from the standby router.

How election takes place in HSRP?

The router with the highest priority value becomes the active router for the
group. If one or more router have equal priority, the router with the highest
IP address on the HSRP interface becomes the active router.

NETWORKER INTERVIEW |
 P a g e | 53

What are the different router roles in HSRP?

Active router - The active router is the router that receives data sent to the
virtual address and passes the traffic to destination.
Standby router - The standby router is the backup to the active router. It
monitors the state of active router and if the active router fails than the
standby router take over as the active router and starts passing traffic.

By default, preemption is enabled or disabled in HSRP?

Preemption is disabled by default in HSRP. When the active router (highest
priority) fails and the standby becomes active, the original active router
cannot immediately become active again when it comes back even if it has
a higher priority i.e. if a router is not already active, it cannot become active
again until the current active router fails.

Which port number HSRP use?

HSRP works on UDP port 1985.

What multicast address does HSRP use?

224.0.0.2

How to configure HSRP?

Router(config)# interface Fa0/0
Router(config-if)# ip address 10.0.1.2 255.255.255.0
Router(config-if)# standby 1 ip 10.0.1.1
Router(config-if)# standby 1 preempt
Router(config-if)# standby version ?
<1-2> Version number
Router(config-if)# standby 1 timers ?
<1-254> Hello interval in seconds
Msec Specify hello interval in milliseconds
Router(config-if)# standby 1 timers 10 ?
<11-255> Hold time in seconds
Router(config-if)# standby 1 priority ?
<0-255> Priority value
Router(config-if)# standby 1 authentication md5 key-string ?
0 Specifies an UNENCRYPTED key string will follow
7 Specifies a HIDDEN key string will follow
WORD Key string (64 chars max)

NETWORKER INTERVIEW |
 P a g e | 54

Explain VRRP?
Virtual Router Redundancy Protocol (VRRP) is an open standard protocol
that provides a redundant gateway for hosts on a local subnet. It functions
similar to HSRP with slight differences. It does not support load balancing.
VRRP provides one redundant gateway address from a group of routers.
The active router in VRRP is called the master router and all other routers
are called the backup routers. The master router is the one with the highest
priority in the VRRP group.

How to configure VRRP?

Router(config)# interface Fa0/0
Router(config-if)# ip address 10.0.1.2 255.255.255.0
Router(config-if)# vrrp 1 ip 10.0.1.1
Router(config-if)# vrrp 1 timers ?
advertise Set the Advertisement timer
learn Learn timer values from current Master
Router(config-if)# vrrp 1 timers advertise ?
<1-255> Advertisement interval in seconds
msec Specify time in milliseconds
Router(config-if)# vrrp 1 priority ?
<1-254> Priority level
Router(config-if)# vrrp 1 preempt
Router(config-if)# vrrp 1 auth md5 key-string ?
0 Specifies an UNENCRYPTED key string will follow
7 Specifies a HIDDEN key string will follow
WORD Key string (64 chars max)

Explain GLBP?
Gateway Load Balancing Protocol (GLBP) is a Cisco proprietary protocol
that provides a redundant gateway for hosts on a local subnet. It also
provides load balancing which is the advantage of GLBP over HSRP and
VRRP.

How to configure GLBP?

Router(config)# interface Fa0/0
Router(config-if)# ip address 10.0.1.2 255.255.255.0
Router(config-if)# glbp 1 ip 10.0.1.1
Router(config-if)# glbp 1 timers ?
<1-60> Hello interval in seconds
msec Specify hello interval in milliseconds

NETWORKER INTERVIEW |
 P a g e | 55

redirect Specify timeout values for failed forwarders

Router(config-if)# glbp 1 timers 1 ?
<2-180> Hold time in seconds
msec Specify hold time in milliseconds
Router(config-if)# glbp 1 timers redirect ?
<0-3600> Interval in seconds to redirect to failed forwarders
Router(config-if)# glbp 1 timers redirect 10 ?
<610-64800> Timeout interval in seconds for failed forwarders
Router(config-if)# glbp 1 priority ?
<1-255> Priority value
Router(config-if)# glbp 1 preempt
Router(config-if)# glbp 1 forwarder preempt
Router(config-if)# glbp 1 auth md5 key-string ?
0 Specifies an UNENCRYPTED key string will follow
7 Specifies a HIDDEN key string will follow
WORD Key string (64 chars max)

Difference between HSRP, VRRP & GLBP?

HSRP VRRP GLBP

Load Balancing No No Yes
Port/Protocol UDP 1985 IP 112 UDP 3222
No
Multicast 224.0.0.2 224.0.0.18 224.0.0.102
address
Router Role One Active One Master One Active
Router, One Router, Virtual Gateway,
Standby Router, Other Backup upto Four Active
Other Routers Virtual
Listening Routers Forwarders
Preemption (by Disabled Enabled Disabled
default)
IPv6 support Yes No Yes

NETWORKER INTERVIEW |
 P a g e | 56

EIGRP Troubleshooting Commands

1. # Show ip eigrp interface

It shows the interfaces which are participating in EIGRP.

2. # Show ip eigrp neighbor

It shows all the EIGRP neighbors. The H field indicates the order in which the
neighbor was discovered. Address is the IP address of neighbor. Interface is the
interface on which neighborship has been established. The hold time is how long
this router will wait for a Hello packet to arrive from a specific neighbor. The
uptime indicates how long the neighborship has been established.

NETWORKER INTERVIEW |
 P a g e | 57

3. # Show ip route eigrp

It shows all the routes which are learned through EIGRP routing protocol. Notice
that EIGRP routes are indicated with D symbol and that the default AD of these
routes is 90.

4. # Show ip eigrp topology

It shows the successor and feasible successor. Each entry has two numbers in
parentheses. The first indicates the feasible distance, and the second indicates
advertised distance to a remote network.

NETWORKER INTERVIEW |
 P a g e | 58

5. # Show ip route

It shows the routing table i.e. all the routes that are learned through different
routing protocols.

6. # Show ip protocols

This command shows all the routing protocols that are running on router. It also
shows the additional information about routing protocol like EIGRP autonomous
system number, EIGRP metric or K values etc.

NETWORKER INTERVIEW |
 P a g e | 59

OSPF Troubleshooting Commands

1. # Show ip ospf interface brief

Show ip ospf interface brief command shows the interfaces on which OSPF is
enabled.

2. # Show ip ospf neighbor

The show ip ospf neighbor command shows the information about all OSPF
neighbors and the adjacency state. If a DR or BDR exists, that information will also
be shown. It also shows the dead interval.

NETWORKER INTERVIEW |
 P a g e | 60

3. # Show ip route ospf

This command shows the routes that are learned through OSPF routing protocol.
O symbol represents the routes that are learned through OSPF. IA represents the
OSPF inter area routes.

4. # Show ip ospf database

This command shows all types of LSA. It gives information about the number of
routers in the internetwork plus their router IDs.

NETWORKER INTERVIEW |
 P a g e | 61

5. # Show ip protocols

This command provides information about all currently running protocols. For
OSPF, it shows the OSPF processes that are currently running on the router plus it
shows the ODPF router ID.

6. # Show ip route

Show ip route command shows the routing table of router. It shows all the routes
that are learned through different routing protocols. O represents the routes that
are learned through OSPF. C represents directly connected routes.

NETWORKER INTERVIEW |
 P a g e | 62

7. # Show ip ospf

This command display OSPF information all OSPF processes running on the router.
Information includes the Router ID, area information, SPF statistics, and LSA timer
information.

NETWORKER INTERVIEW |
 P a g e | 63

Scenario Questions

In above diagram two PC’s with IP address 192.168.1.1 and

192.168.1.2 are connected to a layer 2 switch. Explain how PC1 will
communicate with PC2?

Answer

PC1 first compares its IP address and subnet mask to the IP address
of PC2 and decides that PC2 is in same subnet.

1. Before PC1 can communicate with PC2, PC1 needs to know the
hardware (MAC) address of the destination host (PC2).
2. Next, PC1 checks its ARP cache to see if the hardware address of
PC2 has already been resolved and is present in its ARP cache.

NETWORKER INTERVIEW |
 P a g e | 64

 If PC1 already have the MAC (hardware) address of PC2 in its

ARP table, PC1 will send the data directly to PC2.
 If PC1 does not have the MAC (hardware) address of PC2,
than PC1 will send an ARP request to learn PC2’S MAC
address.
3. In this ARP request, source IP will be 192.168.1.1, destination IP
will be 192.168.1.2, source MAC address will be PC1’s MAC
address, destination MAC address will be broadcast address
(FFFF.FFFF.FFFF). This ARP request will go to switch.
4. When the switch sees PC1’s ARP request enter port fa0/0. SW1
will add the MAC address of PC1 in its MAC address table and
associate it with port fa0/0.
5. As the destination address in ARP request is broadcast so this
ARP request will be flooded on all ports (in this case fa0/1) except
the port on which it was arrived (fa0/0). This ARP request will
reach to PC2.
6. On receiving the ARP request, PC2 updates its ARP cache with
the mapping of the IP and MAC address of PC1.
7. After updating the ARP cache, PC2 will respond with ARP reply.
ARP reply is not a broadcast frame; it is a unicast frame. In ARP
reply, source IP will be 192.168.1.2, destination IP will be
192.168.1.1, source MAC address will be PC2’s MAC address,
and destination MAC address will be PC1’s MAC address.
8. Now, this ARP Reply will go to switch. On receiving this ARP reply,
switch will add the MAC address of PC2 to its MAC address table.
As the ARP reply packet is unicast and switch already have the
destination address (PC1’s MAC address) in its MAC address
table associated with port fa0/0. So, switch will forward the frame
on its fa0/0 port.
9. As a result PC1 will receive the ARP reply. PC1 updates its ARP
cache with the mapping of the IP and MAC address of PC2.
10. Now, both PC1 and PC2 have learned the hardware (MAC)
address of each other. So, they can communicate directly.

NETWORKER INTERVIEW |
 P a g e | 65

In the above diagram two PC’s with IP address 192.168.1.1,

192.168.2.1 and subnet mask 255.255.255.0 are connected to a layer 2
switch. Can PC1 ping PC2?

Answer

No, since both the PC’s belong to different networks, communication

between them is possible only through a layer three device or a router. As
we can clearly see, there is no layer three device or router present in our
topology, so these two PC’s cannot communicate with each other. As a
result ping will fail.

NETWORKER INTERVIEW |
 P a g e | 66

In above diagram PC1 ping PC2. Explain end to end communication

between them?

1. When PC1 pings PC2, the destination IP address will be 192.168.2.1.

2. PC1 determines that the destination IP address is on different
network. Therefore to communicate with PC2, it needs to send data
to its default gateway. Gateway for PC1 is router’s eo interface.
3. For the packet to be sent to the gateway, PC1 must know the MAC
address of router’s e0 interface.
4. Next, PC1 checks its ARP cache to see if the hardware address of
default gateway has already been resolved and is present in its ARP
cache or not.
 If PC1 already have the MAC (hardware) address of default
gateway in its ARP table, PC1 will send the data directly to
default gateway (router).
 If PC1 does not have the MAC (hardware) address of default
gateway, than PC1 will send an ARP request to learn the MAC
address of 192.168.1.10.

NETWORKER INTERVIEW |
 P a g e | 67

5. In ARP Request packet, source IP address will be 192.168.1.1

(PC1’s IP address), destination IP address will be 192.168.1.10
(router’s eo interface), source Mac address will be PC1’s Mac
address, destination Mac address will be Broadcast address
(FF:FF:FF:FF:FF:FF)
6. When the router receives the ARP request, first it records the MAC
address of PC1 in its ARP table.
7. After updating the ARP cache, router will respond with ARP reply.
ARP reply is not a broadcast frame; it is a unicast frame. In ARP
Reply, source IP address will be 192.168.1.10, destination IP address
will be 192.168.1.1, source Mac address will Router’s eo interface
Mac address, destination Mac address will be PC1’s MAC address.
8. On receiving the ARP reply packet, PC1 will record the MAC address
of router in its ARP table.
9. Than PC1 will make the IP header with source IP 192.168.1.1 and
destination IP 192.168.2.1. PC1 encapsulates this IP header within
Ethernet frame with source MAC address as PC1’s MAC address and
destination MAC address as router’s eo interface MAC address.
10. PC1 will send the packet to gateway (router).
11. On receiving this packet, Router will check its routing table for
destination IP address. Router has the route for destination address
192.168.2.1 in its routing table. To send the packet to PC2, router
needs to know the Mac address of PC2. Router will check its ARP
cache to see if the MAC address of PC2 has already been resolved
and is present in its ARP cache or not.
 If router already has the MAC (hardware) address of PC2 in its
ARP table, router will send the packet directly to PC2.
 If router does not have the MAC (hardware) address of default
gateway, router will send an ARP request to learn the MAC
address of 192.168.2.1.
12. In ARP Request packet, source IP address will be 192.168.2.10,
destination IP address will be 192.168.2.1, source Mac address will
be router’s e1 interface Mac address, destination Mac address will be
broadcast address (FF:FF:FF:FF:FF:FF)

NETWORKER INTERVIEW |
 P a g e | 68

13. When PC2 receives this ARP request, first it records the MAC
address of router’s e1 interface in its ARP table.
14. After updating the ARP cache, PC2 will respond with ARP reply. ARP
reply is not a broadcast frame; it is a unicast frame. In ARP Reply,
source IP address will be 192.168.2.1, destination IP address will be
192.168.2.10, source Mac address will PC2’s Mac address,
destination Mac address will be router’s e1 interface MAC address.
15. On receiving the ARP reply packet, router will record the MAC
address of PC2 in its ARP table.
16. Than router will make the IP header with source IP 192.168.1.1 and
destination IP 192.168.2.1. Router encapsulates this IP header within
Ethernet frame with source MAC address as router’s MAC address
and destination MAC address as PC2’s MAC address.
17. Router will send this packet to PC2.
18. Now PC2 on receiving the ICMP echo request packet, will prepare to
send the echo reply to PC1.
19. PC2 knows that PC1 is on different subnet. Therefore to
communicate with PC1, it needs to send this packet to its default
gateway i.e. router.
20. PC2 already have the MAC address of router’s e1 interface resolved
in its ARP table.
21. PC2 will now make the IP header with source IP 192.168.2.1 and
destination IP 192.168.1.1. PC2 encapsulates this IP header within
Ethernet frame with source MAC address as PC2’s MAC address and
destination MAC address as router’s e1 interface MAC address. PC2
will send this packet to its default gateway i.e. router.
22. On receiving this packet router will check destination MAC address
which is its MAC address, than it will check destination IP address
which is not router’s IP address. So, it will come to know that this
packet is not destined for it.
23. Now router will check its routing table for destination IP address.
Router has the route for destination address 192.168.1.1 in its routing
table. To send the packet to PC1, router needs to know the Mac
address of PC1. Router already has the MAC address of PC1
resolved in its ARP table.

NETWORKER INTERVIEW |
 P a g e | 69

24. Than router will make the IP header with source IP 192.168.2.1 and
destination IP 192.168.1.1. Router encapsulates this IP header within
Ethernet frame with source MAC address as router’s eo interface
MAC address and destination MAC address as PC1’s MAC address.
25. Router will send this packet to PC1.
26. PC1 will receive this packet successfully.

In above diagram, a default route is given on R1 towards R2. One

default route is given on R2 towards R3. One default route is given on
R3 towards R2. Can PC1 ping PC2?

Answer - No

1. When PC1 ping PC2, it will reach to R1. R1 will check its routing table
for the route to destination address (172.16.30.1). R1 does not have

NETWORKER INTERVIEW |
 P a g e | 70

route to 172.16.30.1 in its routing table but due to the default route
towards R2, packet will be forwarded out on port fa0/1 towards R2.
2. On receiving this packet, R2 will check its routing table for the route to
172.16.30.1. R2 does not have route for destination address. Due to
default route on R2 towards R3, R2 will forward the packet to R3.
3. On receiving this packet, R3 will check its routing table for the route to
172.16.30.1. R3 have route for destination address in its routing table.
So, it will forward the ICMP packet on port fa0/1 to PC2.
4. Now PC2 on receiving the ICMP echo request will prepare to send the
echo reply to PC1.
5. PC2 will send the echo reply with the source IP 172.16.30.1 and
destination IP 192.168.1.1 which will reach to R3. On receiving this, R3
will check its routing table for a route to PC1. R3 does not have route to
PC1, but due to default route towards R2, packet will be forwarded out
on port fa0/0 to R2.
6. R2 will check its routing table for a route to PC1. R2 does not have route
to PC1, but due to default route towards R3, packet will be forwarded
out on port fa0/1 to R3.
7. R3 will receive this packet again and due to default route towards R2, it
will send this packet again to R2.
8. These steps will take place repeatedly and the packet will keep on
transmitting between R2 and R3. So, PC1 cannot ping successfully to
PC2 in above scenario.

What will happen with the packet finally?

When the TTL value of packet becomes zero, packet will be discarded.

NETWORKER INTERVIEW |
 P a g e | 71

1. If PC1 wants to communicate with PC2, what is needed by PC1?

To communicate successfully with PC2, PC1 must know the MAC

address of PC2.

2. If a router is needed for PC1 to communicate with PC2?

No, a router is not needed as both PC1 and PC2 are in the same
network.

3. Does the switch need an IP address for PC1 to communicate

with PC2?

Both the PC’s are in same network and can communicate directly. So,
an IP address is not needed for the communication between PC1 and
PC2.

NETWORKER INTERVIEW |
 P a g e | 72

4. What would be the MAC address learned by the switch on port

Fa0/0 and Fa0/1?

Switch will learn the MAC address of PC1 on its port Fa0/0 and MAC
address of PC2 on its port Fa0/1.

5. How many MAC addresses will be present in the MAC address

table of the switch after PC1 communicates with PC2?

After PC1 communicates with PC2, there will be two MAC addresses
present in the MAC address table of the switch. Those two MAC
addresses will be of PC1 and PC2.

----------------------------------------------------------------------------------------------------
End of Document

If you have any suggestions, demands, feedback or if you have any problem with
the content of this book, please send a mail to [email protected].
Alternatively you can also comment on the website. We will surely work on it.

Copyright © 2016 By Networkerinterview.net

NETWORKER INTERVIEW |