2. What are data packets?

Data packets are the encapsulation units that transmit information across a network. A data packet
contains the sender’s information, the recipient’s information, and the data contained. It also
contains the numeric identification number that defines the order and packet number. When you
send data across the network, that information segments into data packets. The recipient then puts
these packets together to be able to read the information. Basically, data packets contain the
information and routing configurations for your transferred message.

3. What is a node?
A node is a connection point on the network for transmitting data. As the name suggests, a node is the
connection point on the network for the transmission of data. The node can be a printer, computer, or
any device that can send and receive data over the network.

4. What is routing?
Fundamentally, routing is the movement or transfer of information across a network (intra or inter)
from a source to a destination. Routers do the routing. These network layer devices have a routing
table that sends network traffic from one location to another location or segment on the network.
Routers reduce network traffic compared to regular hubs. When a user sends network traffic across
the network, a hub broadcasts to all segments of the network. With a router, the device analyzes the
TCP/IP packet, sees the destination location, and then uses its lookup table to route the packet to the
right network segment and destination. Switches also route traffic in a similar fashion.
5. What does protocol mean?
A protocol is the rule used to connect two or more devices to transfer information from one device to
another. Protocols also define how data transfer from one network to another network.
11. How do unicast, multicast, and broadcast differ?
Unicast refers to one-to-one communication. Multicast refers to one-to-group (many) communication.
Broadcast refers to one-to-all communication.
12. What’s the difference between full duplex and half duplex?
In full duplex, the device that’s transmitting and the device that’s receiving can communicate
together. That is, communication can take place in both directions at the same time. In half duplex, a
device can’t transmit while it’s receiving and vice versa. Communication takes place in only one
direction.

13. What’s the difference between a hub, a router, and a switch?

A hub is a network hardware device that connects multiple Ethernet devices together, making them
act as a single network segment. A hub works at Layer 1 (physical layer) of the OSI model and
supports a single collision domain and a single broadcast domain.
A router is a networking gateway device that forwards data packets to computer networks. At least a
single LAN connects a router with its IP address or with LAN or WAN. It supports two broadcast
domains. Routers are sometimes confused with hubs, modems, or even switches; however, routers
can combine the functions of these components and connect with these devices to improve Internet
access or help create business networks.
the OSI model?
Seven layers comprise the OSI model:

Layer 1 Physical
Layer 2 Data Link
Layer 3 Network
Layer 4 Transport
Layer 5 Session
Layer 6 Presentation
Layer 7 Application
16. What’s the function of the application layer in the OSI model?
The application layer is what developers and engineers use to send traffic across the network. This
layer supports the communication components of applications and provides network services in the
application process. This layer is especially important for synchronizing software between servers and
client machines.

17. What’s the difference between user mode and privileged mode on a Cisco router?
When you’re using a Cisco router, user mode enables the user to perform routine tasks such as
viewing the router status and basic system information and connecting to remote devices. In
privileged mode, the user can perform all tasks enabled in user mode and a lot more; this includes
making router configuration changes, debugging, viewing all status messages and errors, and making
various tests. Network administrators use privileged mode.
24. What is subnetting?
A widely used practice in network management, subnetting involves breaking up a network into
sections through addressing. Several interconnected networks are created under a single address
space, viewing each section as a sub-network, or subnet, rather than a collection of independent
networks. Once the network splits up into sections, an IP address should allocate to each device in a
subnet. Your subnetting address allocation divides up the available range of addresses into a range
reserved for each subnet.

1. What is routing?
Example answer: "Routing is an essential networking concept that enables software professionals to
establish the routes of data packets to the destination. As an IT person, I have performed routing
many times and selected the most viable path to move data packets from the source to their
destination. Some organisations or projects may require routing to be done specifically and with a
particular network. I have worked on circuit-switched networks and computer networks. One can
achieve accuracy in routing by using the right quality of routers relevant for the successful completion
of the project."
2. What do you mean by data packets?
Example answer: "Data packets refer to data units that are made into a single package to enable
transmission over a network. Industry professionals may sometimes refer to these data packets as
network layer packages. Software developers also use data packets to access these packets' Internet
protocol or IP information. Since these data packets contain dynamic information, IT professionals can
also access other relevant information, such as email messages, website data and voice-over IP or
VoIP. One can identify specific data packets using the unique numeric identification number that
defines each packet."
3. Explain the essential functions of routers
Example answer: "While routers are essential to perform routing effectively, some of their crucial
functions include sending and receiving data on computer networks, creating local device networks
and helping users connect multiple devices to the Internet. Routers also enable users to configure a
particular port based on their requirements in the network. As a software professional, there are
often unexpected technical issues in the network, in which routers can help remove unwanted
interference and perform data encapsulation and decapsulation smoothly. One can also use them to
reduce excessive traffic from their computer networks."
4. Describe the various routes available in routers
type or its functions to make your answer more substantive.
Example answer: "There are three major types of routes: static route, default route and dynamic
route. The functionalities of each of these routes differ from each other. A static route or a non-
adaptive route refers to directly configuring on a functional interface of the router or adding to the
routing table manually. When developers use a default route, they configure the router to send all the
data packets to a single router. In this type of route, it does not matter if the router belongs to a
specific network.
The third type of route is the dynamic or adaptive route. This route makes automatic adjustments
depending on the route's state in the current routing table. A software developer or IT professional
may rely on this type of route to find various network destinations using routing protocols."
5. What do you mean by switching, and what are the advantages of switches in networking?
Example answer: "In the IT industry and networking domain, switching is an essential concept that
can help professionals streamline their data signals to a particular hardware destination. It refers to a
computer network process that interconnects links to create a more extensive network. One can
develop the resultant network based on specific organisational and project requirements. When we
perform switching, we use the hardware address or the mac address of devices on the local area
network or LAN to segregate a network smoothly.
While there are many advantages of switching in the networking industry, the biggest benefit is easy
data transmission compared to broadcasting data in all network ports. Switches can easily enable
professionals to create a frame out of the bits from the received signal. After frame creation, they can
gain access and interpret the destination address to send the frame to the relevant port."
6. Define the two ports of switches in computer networks
Example answer: "The two ports of switching include the access port and the trunk port that have
very different functionalities from each other. When one uses an access port, they can connect the
network hosts to a single virtual local area network or VLAN and only carry the traffic of one VLAN.
You can send the traffic and receive it in a native format without VLAN tagging when you use such a
switch port. As an IT professional, you can use these ports to connect switch ports with other
computers using a minimum speed of 10 Mbps.
The trunk port enables the connection to another switch and can interact with several other VLANs.
By default, this switch port is a member of all the VLANs in the VLAN database. You can use this port
to enable multiple connections between a switch and switch or a switch and a router."
7. What is the difference between the user and privileged modes?
.
Example: "IT professionals employ user mode to perform regular tasks on a CISCO router. For
example, you can use this mode to connect to remote devices and check a router's status. We may
use the privileged mode to perform high-level tasks on the router, including debugging or making
configurations."
CCNA Interview Questions and Answers for Freshers
1. Name any two ports of Switches.
Access Port: An access port is a kind of connection on a switch that can be used to connect a virtual
machine on VLAN unaware. This port delivers the virtual machine with connectivity by a switch that is
VLAN aware without requiring it to support VLAN tagging.
Combo Port: These ports are used to connect devices to the switch. Switches are connected to a port
that is called a combo port. These ports can be assigned to different combinations of devices. A device
combination is a group of one or more devices used to transmit or receive data. In other words, a
combo port can be a single interface with two front ends, such as an RJ45 connector and an SFP
module connector (also called MiniGBIC).
2. What are three possible ways of data transmission in CCNA?
Simplex Mode: Simplex mode is sort of a unidirectional path within the communication is one-way.
Only 1 of the 2 devices will send and the other will receive.
Half-Duplex Mode: Every station will broadcast and receive information in half-duplex mode,
however, it is not at the identical time. once the device transmits data.
Full-Duplex Mode: Each station will broadcast and receive information at an identical time in full-
duplex mode. Signals traveling in one direction share the link’s capability with signals traveling within
the different directions in full-duplex mode:
Either the connection or the receiver must have two physically independent transmission routes.
On the other hand, capacitance is divided by signals moving in both directions.
3. Name different IPX access lists.
There are three IPX Access lists:

Standard Access list: The access list is created using the source IP address. These ACLs allow or deny
the whole protocol suite. They do not differentiate between the IP traffic such as TCP, UDP, HTTPS,
etc. By using digits 1-99 or 1300-1999, the router will understand it as a standard ACL and set the
address as the source IP address.
Extended Access-list: It is a type of Access-list that is mainly used as it can differentiate IP traffic. the
whole traffic will not be permitted or denied like in the standard access list. ACL uses both source and
destination IP addresses and also port numbers to distinguish IP traffic. In this type of ACL, we can also
mention which IP traffic should be allowed or denied. These use range of numbers 100-199 and 2000-
2699.
Reflexive Access list: Reflexive Access-list can be defined as an access list that allows only the
responses of the packets on sessions created within the network from the outside network.

4. What do you mean by 100BaseFX?

100BASE-FX is another variation of the 100Base-T normal with the exception that it is a quick LAN i.e
sending over fiber. Like various standards, 100Base uses two wires or in this case strings for data
transmission: one for reception (RX), while the other for transmission (TX).

5. Name the LAN Switching method that is mostly used in CISCO Catalyst 5000?
The store-and-forward switching technique is used by the CISCO Catalyst 5000 and therefore it stores
the entire frame in its buffers and performs a CRC (Cyclic Redundancy Check) before deciding whether
or not to transmit this information frame.
6. Name different memories that are used in CISCO routers.
The different memories that are used in Cisco routers are given below:
Flash Memory
RAM ( Random Access Memory )
ROM (Read Only Memory)
NVRAM (Non-Volatile Random Access Memory)
7. What is the difference between tracert and traceroute?
Traceroute is a feature or a utility that records the route (explicit passage PCs at each bounce) through
the organization between your PC and a predetermined objective PC and the Tracert tracking is a
quick scan that shows a lot of tracking information of any network or device that can be obtained in a
package from a PC or gadget.

8. What do you mean by DLCI?

DLCI (Data Link Connection Identifier) is the quantity of a personal or switched virtual circuit in a
frame relay network, situated within the frame header, the DLCI field identifies that logical circuit the
data travels over, and each DLCI includes a committed information rate (CIR) associated with it.

9 . Name router command that is used to display RAM content and NVRAM Content.
To Show, the components of NVRAM or point to the arrangement file assigned to the CONFIG_FILE
variable, we use the show startup-config command.
10. Define Frame relay?
Frame relay is a technology that provides fast and reliable data transmission in Internet networks. It is
a standards-based networking technology that provides a path for data packets from one point on the
network to another.

11. Difference between User mode and Privileged mode in Cisco?

User mode is only for viewing router configurations and Privileged mode is for viewing all router
configurations and also allows editing some less important configurations.
12. What is EIGRP? Mention some metrics of the EIGRP Protocol.
EIGRP determines the path value from 5 metrics: bandwidth, load, delay, reliability, and MTU. EIGRP
uses five different messages to communicate with neighboring routers. EIGRP Messages – Hello,
Update, Question, Answer and Confirm.

13 . What is CDP(Cisco Discovery Protocol)? Write its functions.

Cisco Discovery Protocol (CDP) is a network discovery tool that helps network administrators and
technicians identify nearby Cisco devices, especially those with a low-transparency protocol.

14. Difference between a broadcast domain and a collision domain?

Both broadcast and collision domains overlap. Broadcast domain refers to the transmission of
information over a wide area, such as television or radio broadcasting. The collision domain consists
of two or more objects that come into contact with each other suddenly, violently, or unexpectedly.
.

15. What do you mean by route poisoning?

Route poisoning is a way to control a router from transmitting packets through a path that has
become weak within computer networks. Distance-vector routing protocols in computer networks use
route poisoning to show other routers that a route is no longer reachable and should not be
considered from their routing tables. The split horizon with poison reverses the route poisoning and
delivers updates with unreachable hop counts directly to all the nodes in the network. When the
protocol catches an invalid route, all of the routers in the network are notified that the bad route has
an infinite (∞) route metric. This makes all nodes on the invalid route seem infinitely distant, stopping
any of the routers from sending packets over the invalid path.

16. What types of passwords can be used in CISCO routers?

There are three types of passwords that can be used in a Cisco router. These are
Administrative passwords: They are used to control access to the router. They are used to assign
permissions to users and to control the overall operation of the router.
User passwords: These are used to protect data stored on the router. They are used to log into the
router and control access to the router.
Password attributes: They are used to set a password limit, and to specify the amount of time that a
password must be used before it is automatically changed.
17. Write the difference between public IP and private IP.
A public IP address that identifies you on the Internet so that all the information you seek can find
you. Private IP addresses are used within a private network to securely connect to other devices in the
same network. Each device on the same network has a unique private IP address.

18. Explain PoE.

Power over Ethernet (PoE) is a measure that allows Ethernet cables to simultaneously transfer data
and power using a single network cable. This permits system integration and network installers to
establish powered appliances in areas that lack electrical circuitry. In addition, PoE stops the cost of
installing extra electrical wiring, requiring professional electrical installers to assure that strict conduit
regulations are followed. PoE technology transmits 10/100/1000 Mbps of data and 15W, 30W, 60W,
and up to 90W of power budget to appliances over Cat5e, Cat6, and Cat6a. Cat7 and Cat8 Ethernet
cables for the highest distance of 100m.

19. What is Round Trip Time?

RTT is also known as round-trip time is a crucial tool in defining the working condition of a network. It
is the time between a request and the response in any kind of server on the internet. A round-trip
time is measured in milliseconds. RTT can be examined and determined by pinging a specific address.
It refers to the time taken by a network request to reach a final point and to revert back to the initial
source.

20. What is DHCP scope?

The DHCP scope is a valid range of IP addresses that are known for assignment or lease to client
computers on an individual subnet. In a DHCP server, a scope is configured to determine the address
pool of IPs that the server can provide to DHCP clients. DHCP Scopes define IP addresses that are
provided to the clients. They should be determined and activated before DHCP clients use the DHCP
server for its dynamic IP configuration. Users can configure as many scopes on a DHCP server as
needed in the network environment.

21. what is NVRAM?

NVRAM (Non-volatile random-access memory) is a computer memory that can keep data when power
to the memory chips has been turned off. NVRAM is a part of the larger type of non-volatile memory
(NVM), which contains storage-class memory based on NAND flash. Flash memory chips are slow to
read to and write than RAM chips, making them less well fitted for active computational memory.

22. What is the use of “Service Password Encryption”?

Service Password Encryption Command on CISCO Router/Switch Permits you to encrypt all
passwords on your router so that they cannot be easily assumed from your running configuration. This
command uses very weak encryption because the router has to decrypt the password very quickly for
it to work.
For more details please refer to the Different Types of Passwords used in Securing Cisco Router article.

23. Explain different cable types?

There are commonly two types of cables used in networking, described below.

Coaxial cable: A coaxial cable is a kind of copper cable specially made with a metal guard and other
parts arranged to stop signal interference. It is mainly used by cable TV firms to connect their satellite
antenna installations to customers’ homes and businesses. It is also sometimes used by telephone
companies to secure central offices to telephone poles near customers. Some homes and offices use
coaxial cable, too, but its general use as an Ethernet connectivity medium in companies and data
centers has been replaced by the deployment of twisted pair cabling.
Twisted pair: Twisted pair Ethernet is an Ethernet in a computer network that uses twisted pairs of
insulated copper wires for the physical layer of the network, which is connected to the data link layer.
Twisted pair cable wires are turned around each other to reduce obstacles from other twisted pairs in
the cable. The two twisted wires help in reducing crosstalk that can disrupt signals and decrease
electromagnetic induction, which has a voltage across a conductor moving through a magnetic field.

For more details please refer to the Types of Ethernet Cable article.

24. What is the port number of DNS and Telnet?

The Port number of Telnet is 23 and the Port number of DNS is 53..

For more details please refer to the Various TCP and UDP ports article.

25. Which service uses both TCP and UDP?

The Domain Name System (DNS) uses the TCP and UDP protocols for communication.UDP is used for
lower communications and is ideal for DNS queries.TCP is used for zone transfers and is suitable for
large response messages.

For more details please refer to the Various TCP and UDP ports article.

26. What is the port number of SMTP and POP3?

The Port number of SMTP is 587 and the Port number of POP3 is 110.

For more details please refer to the Difference between SMTP and POP3 article.

27. What is CRC? Which layer does CRC work on?

CRC stands for Cyclic Redundancy Check. It is a checksum algorithm used to detect errors in digital
data streams transmitted between two or more computers. The layer where CRC works depends on
the type of data being checked and how it needs to be processed by the system. In most cases, CRC is
applied at the lower layer of an OSI model stack (OSI Reference Model).

For more details please refer to the Cyclic Redundancy Check article.

28. Which one is reliable – TCP or UDP ? and why?

TCP is reliable because it guarantees the delivery of data to the destination router. The delivery of
data to the destination can not be secured in UDP.

For more details please refer to the Various TCP and UDP ports article.

29. What is the port number of FTP (data) and FTP?

The Port number of FTP (data) is 20 and the Port number of FTP is 21.

For more details please refer to the File Transfer Protocol (FTP) article.

30. Which layer provides the logical addressing that routers will use for path determination?
The Network layer provides logical addressing, typically IP addressing and routing.

For more details please refer to the Network Layer Services- Packetizing, Routing, and Forwarding
article.

31. DNS uses which protocol? Why?

The Domain Name System (DNS) uses Transmission Control Protocol (TCP) for zone transfers and User
Datagram Protocol (UDP) for name queries.UDP exchanges fewer data than TCP.

For more details please refer to the Why does DNS use UDP and not TCP article.

32. Differentiate between forwarding lookup and reverse lookup in DNS?

Forward DNS and reverse DNS lookups are two different methods of accessing the Internet. The
forward area is the DNS zone where the hostname is stored in the IP address relationship. Reverse
DNS is the query method for determining the domain name associated with an IP address.

For more details please refer to the How to Implement Reverse DNS Look Up Cache? article.
33. What is Split Horizon Cisco?
A split horizon is developed to stop routing loops. Routing loops happen when a loop is created
between two or more routers. For example, Router 1 has a network path to 192.168.1.0 via Router 2.
Router 2 has a path to the same network, but it is back via Router 1. Therefore, Router 1 sends
packets for 192.168.1.0 to Router 2, which then transmits the packets back to Router 1. This looping
continues until the TTL (Time to Live) on the packet expires.

For more details please refer to the Route Poisoning and Count to infinity problem in the Routing
article.

34. Why is RIP known as Distance Vector?

The Routing Information Protocol (RIP) is the oldest distance-vector routing protocol that uses the hop
count as a routing metric. RIP stops routing loops by executing a limit on the number of hops
authorized in a path from source to destination. The largest number of hops allowed for RIP is 15,
which limits the size of networks that RIP can support. RIP executes the split horizon, route poisoning,
and hold-down means to prevent the wrong routing information from being propagated. In RIPv1
routers broadcast updates with their routing table every 30 seconds. In the early deployments,
routing tables were short enough that the traffic was not important. As networks grew in size,
however, it became obvious there could be a huge traffic burst every 30 seconds, even if the routers
had been initialized at random times.

For more details please refer to the Routing Information Protocol (RIP) article.

35. What is the administrative distance of RIP?

By default, OSPF has a default management level of 110 and RIP has a default management level of
120.

For more details please refer to the Routing Information Protocol (RIP) article.

36. What is the limit of hop count in RIP?

The limit of hop count in RIP is 15. Networks with a hop count of 16 or more are unreachable.

For more details please refer to the Routing Information Protocol (RIP) article.

37. How is RIP select the best path to the remote network?
The main function of the router is to determine the best way to send the packets. To determine the
best route, a router searches its router table to find a network address similar to the destination IP
address of the package.
For more details please refer to the Routing Information Protocol (RIP) article.

38. What are the differences between RIPv1 and RIPv2?

RIPv1 uses a standard route. Occasional updates do not have subnet information and no support for
VLSM. This limitation makes it impossible to have subnets of different sizes within the same network
category. In other words, all subnets in the network class should be the same size. There is also no
router authentication support, wh
Skip to content
Guru99

Top 70 CCNA Interview Questions and Answers (PDF)

By :
Bryce Leo
July 8, 2024

Here are CCNA interview questions and answers for fresher as well experienced candidates to get
their dream job.

Table of Contents:

CCNA Interview Questions and Answers for Freshers

1) What is Routing?
Routing is the process of finding a path on which data can pass from source to destination. Routing is
done by a device called routers, which are network layer devices.

2) What is the purpose of the Data Link?

The job of the Data Link layer is to check messages are sent to the right device. Another function of
this layer is framing.

👉 Free PDF Download: CCNA Interview Questions & Answers

3) What is the key advantage of using switches?

When a switch receives a signal, it creates a frame out of the bits that were from that signal. With this
process, it gains access and reads the destination address, after which it forwards that frame to the
appropriate port. This is a very efficient means of data transmission, instead of broadcasting it on all
ports.

CCNA Interview Questions

4) When does network congestion occur?

Network congestion occurs when too many users are trying to use the same bandwidth. This is
especially true in big networks that do not resort to network segmentation.

5) What is a Window in networking terms?

A Window refers to the number of segments that are allowed to be sent from source to destination
before an acknowledgment is sent back.

6) Does a bridge divide a network into smaller sections?

Not really. What a bridge actually does is to take the large network and filter it, without changing the
size of the network.

7) Which LAN switching method is used in CISCO Catalyst 5000?

CISCO Catalyst 5000 uses the Store-and-forward switching method. It stores the entire frame to its
buffers and performs a CRC check before deciding whether or not to forward that data frame.

8 ) What is the role of the LLC sublayer?

The LLC sublayer stands for Logical Link Control. It can provide optional services to an application
developer. One option is to provide flow control to the Network layer by using stop/start codes. The
LLC can also provide error correction.

9) How does RIP differ from IGRP?

RIP relies on the number of hops in order to determine the best route to a network. On the other
hand, IGRP takes consideration many factors before it decides the best route to take, such as
bandwidth, reliability, MTU and hop count.

10) What are the different memories used in a CISCO router?

Different memories used in a CISCO router are:

– NVRAM stores the startup configuration file.

– DRAM stores the configuration file that is being executed.

– Flash Memory – stores the Cisco IOS.

11) What is BootP?

BootP is a protocol that is used to boot diskless workstations that are connected to the network. It is
short for Boot Program. Diskless workstations also use BootP in order to determine its own IP address
as well as the IP address of the server PC.

12) What is the function of the Application Layer in networking?

The Application Layer supports the communication components of an application and provides
network services to application processes that span beyond the OSI reference model specifications. It
also synchronizes applications on the server and client.

13) Differentiate User Mode from Privileged Mode

User Mode is used for regular task when using a CISCO router, such as to view system information,
connecting to remote devices, and checking the status of the router. On the other hand, privileged
mode includes all options that are available for User Mode, plus more. You can use this mode in order
to make configurations on the router, including making tests and debugging.
RELATED ARTICLES
FTP vs SFTP: Key Difference Between Them
TCP/IP Model: What are Layers & Protocol? TCP/IP Stack
Why is My Upload Speed Slow? How to Increase Upload Speed
What does PRI mean? Circuits, Networking, Definition
14) What is 100BaseFX?
This is Ethernet that makes use of fiber optic cable as the main transmission medium. The 100 stands
for 100Mbps, which is the data speed.

15) Differentiate full-duplex from half-duplex.

In full-duplex, both the transmitting device and the receiving device can communicate simultaneously,
that is, both can be transmitting and receiving at the same time. In the case of half-duplex, a device
cannot receive while it is transmitting, and vice versa.

16) What is MTU?

MTU stands for Maximum Transmission Unit. It refers to the maximum packet size that can be sent
out onto the data line without the need to fragment it.

17) How does cut-through LAN switching work?

In Cut-Through LAN switching, as soon as the router receives the data frame, it will immediately send
it out again and forward it to the next network segment after reading the destination address.

18) What is latency?

Latency is the amount of time delay that measures the point from which a network device receives a
data frame to the time it sends it out again towards another network segment.

19) Utilizing RIP, what is the limit when it comes to the number of hops?
The maximum limit is 15 hop counts. Anything higher than 15 indicates that the network is considered
unreachable.

20) What is a Frame Relay?

Frame Relay is a WAN protocol that provides connection-oriented communication by creating and
maintaining virtual circuits. It has a high-performance rating and operates at the Data Link and
Physical Layers.

21) How do you configure a Cisco router to route IPX?

The initial thing to do is to enable IPX routing by using the “IPX routing” command. Each interface that
is used in the IPX network is then configured with a network number and encapsulation method.

22) What are the different IPX access lists?

There are two types of IPX access lists

1. Standard.

2. Extended.

Standard Access List can only filter the source or destination IP address. An Extended Access List uses
the source and destination IP addresses, port, socket, and protocol when filtering a network.
23) Explain the benefits of VLANs.
VLANs allow the creation of collision domains by groups other than just physical location. Using
VLANs, it is possible to establish networks by different means, such as by function, type of hardware,
protocol, among others. This is a big advantage when compared to conventional LANs wherein
collision domains are always tied to physical location.

24) What is subnetting?

Subnetting is the process of creating smaller networks from a big parent network. As a part of a
network, each subnet is assigned some additional parameters or identifier to indicate its subnet
number.

CCNA Interview Questions and Answers for Experienced

25) What are the advantages of a layered model in the networking industry?
A layered network offers many advantages. It allows administrators to make changes in one layer
without the need to make changes in the other layers. Specialization is encouraged, allowing the
network industry to make progress faster. A layered model also lets administrators troubleshoot
problems more efficiently.

26) Why is UDP lease favored when compared to TCP?

It’s because UDP is unreliable and unsequenced. It is not capable of establishing virtual circuits and
acknowledgments.

27) What are some standards supported by the Presentation layer?

Presentation layer supports many standards, which ensures that data is presented correctly. These
include PICT, TIFF, and JPEG for graphics, MIDI, MPEG and QuickTime for Video/Audio.

28) What’s the easiest way to remotely configure a router?

In cases when you need to configure a router remotely, the most convenient is to use the Cisco
AutoInstall Procedure. However, the router must be connected to the WAN or LAN through one of the
interfaces.

29) What does the show protocol display?

– routed protocols that is configured on the router.

– the address assigned on each interface.

– the encapsulation method that was configured on each interface.

30) How do you depict an IP address?

It can be done in three possible ways:

– using Dotted-decimal. For example: 192.168.0.1

– using Binary. For example: 10000010.00111011.01110010.01110011

– using Hexadecimal. For example: 82 1E 10 A1

31) How do you go to privileged mode? How do you switch back to user mode?
To access privileged mode, you enter the command “enable” on the prompt. In order to get back to
user mode, enter the command “disable.”

32) What is HDLC?

HDLC stands for High-Level Data Link Control protocol. It is a propriety protocol of CISCO. It is the
default encapsulation operated within CISCO routers.

33) How are internetworks created?

Internetworks are created when networks are connected using routers. Specifically, the network
administrator assigns a logical address to every network that connects to the router.

34) What is Bandwidth?

Bandwidth refers to the transmission capacity of a medium. It is a measure of how much volume a
transmission channel can handle, and it is measured in Kbps.

35) How does Hold-downs work?

Hold-downs prevent regular update messages from reinstating a downed link by removing that link
from update messages. It uses triggered updates to reset the hold-down timer.

36) What are packets?

Packets are the results of data encapsulation. These are data that have been wrapped under the
different protocols of the OSI layers. Packets are also referred to as datagrams.

37) What are segments?

Segments are sections of a data stream that comes from the upper OSI layers and ready for
transmission towards the network. Segments are the logic units at the Transport Layer.

38) Give some benefits of LAN switching.

– allows full duplex data transmission and reception

– media rate adaption

– easy and efficient migration

39) What is Route Poisoning?

Route Poisoning is the process of inserting a table entry of 16 to a route, making it unreachable. This
technique is used in order to prevent problems caused by inconsistent updates on a route.

40) How do you find valid hosts in a subnet?

The best way to go about this is to use the equation 256 minus the subnet mask. The hosts that are
considered valid are those that can be found between the subnets.

41) What is DLCI?

DLCI, or Data Link Connection Identifiers, are normally assigned by a frame relay service provider in
order to uniquely identify each virtual circuit that exists on the network.

42) Briefly explain the conversion steps in data encapsulation.

From a data transmitter’s point of reference, data from the end user is converted to segments.
Segments are then passed on to the other layers and converted into packets or datagrams. These
packets are then converted into frames before passing on to the network interface. Finally, frames are
converted to bits prior to actual data transmission.

43) What are the different types of passwords used in securing a CISCO router?
There are actually five types of passwords that can be used. These enable secret, virtual terminal,
console, and auxiliary.

44) Why is network segmentation a good idea when managing a large network?
For a network administration, segmenting a network would help ease network traffic and ensures that
high bandwidth is made available at all times for all users. This translates to better performance,
especially for a growing network.

45) What are the things that can be accessed in a CISCO router’s identifying information?
The hostname and the Interfaces. The hostname is the name of your router. The Interfaces are fixed
configurations that refer to the router ports.

46) Differentiate Logical Topology from Physical Topology

Logical Topology refers to the signal path through the physical topology. Physical Topology is the
actual layout of the network medium.

47) What causes a triggered update to reset the router hold-down timer?
This may happen when the hold-down timer has already expired, or when the router received a
processing task that incidentally was proportional to the number of links in the internetwork.

48) In configuring a router, what command must be used if you want to delete the configuration data
that is stored in the NVRAM?
A. erase running-config

B. erase startup-config

C. erase NVRAM

D. delete NVRAM

Correct Answer: B. erase startup-config

49) Referring to the commands shown, what command must next be used on the branch router prior
to traffic being sent to the router?
Hostname: Branch Hostname: Remote

PH# 123-6000, 123-6001 PH# 123-8000, 123-8001

SPID1: 32055512360001 SPID1: 32055512380001

SPID2: 32055512360002 SPID2: 32055512380002

ISDN switch-type basic ni

username Remote password cisco

interface bri0

IP address 10.1.1.1 255.255.255.0

encapsulation PPP

PPP authentication chap

ISDN spid1 41055512360001

ISDN spid2 41055512360002

dialer map IP 10.1.1.2 name Remote 1238001

dialer-list 1 protocol IP permit

Correct Answer: (config-if)# dialer-group 1

50) When configuring a router utilizing both physical and logical interfaces, what factor must be
considered in determining the OSPF router ID?
The highest IP address of any physical interface.
The lowest IP address of any logical interface.
The middle IP address of any logical interface.
The lowest IP address of any physical interface.
The highest IP address of any interface.
The highest IP address of any logical interface.
The lowest IP address of any interface.
Correct Answer: A. The highest IP address of any physical interface.

51) What is the difference between the switch, hub, and router?
Hub Switch Router
Hub has a single broadcast domain and collision domain. Anything comes in one port is sent out to the
others. It is a device that filters and forwards packets between LAN segments. Switches have a single
broadcast domain and multiple collision domains. It supports any packet protocol, as such it operates
at the data link layer 2 and layer 3 Router is a device which transmits data packets along
networks.
52) What is the size of IP address?
Size of IP address is 32 bit for IPv4 and 128 bit for IPv6.

53) Mention what does data packets consist of?

A data packet consists of sender’s information, recipient’s information, and the data contained. It
also has the numeric identification number that defines the packet number and order. When data is
sent across the network, that information is segmented into data packets. In short, data packets carry
the information and routing configuration for your transferred message.

54) What is DHCP stand for?

DHCP stands for Dynamic Host Configuration Protocol. DHCP assigns an IP address automatically to a
given workstation client. You can also make static IPS for machines like printers, servers, routers, and
scanners.

55) Mention what BOOTP is?

BOOTP is a computer networking protocol used to deploy an IP address to network devices from a
configuration server.

56) Explain why UDP is lease favored when compared to TCP?

It is because UDP is un-sequenced and unreliable. It is not capable of creating virtual circuits and
acknowledgments.

57) State the difference between dynamic IP and static IP addressing?

Dynamically IP addresses are provided by DHCP server, and static IP addresses are given manually.

58) Mention the ranges for the private IP?

Ranges for private IP are

Class A: 10.0.0.0 – 10.0.0.255

Class B: 172.16.0.0 – 172.31.0.0
Class C: 192.168.0.0 – 192.168.0.255
59) In how many ways you can access the router?
You can access it in three ways

Telnet (IP)
AUX (Telephone)
Console (Cable)
60) What is EIGRP?
EIGRP stands for Enhanced Interior Gateway Routing Protocol it is a routing protocol designed by
Cisco Systems. It is availed on a router to share routes with other routers within the same
autonomous system. Unlike other routers like RIP, EIGRP only sends incremental updates, decreasing
the workload on the router and the amount of data that needs to be transferred.

61) Mention what is the matric of EIGRP protocol?

EIGRP protocol consists of

Bandwidth
Load
Delay
Reliability
MTU
Maximum Transmission Unit
62) Mention what does the clock rate do?
Clockrate enables the routers or DCE equipment to communicate appropriately.

63) Mention what command you must use if you want to delete or remove the configuration data that
is stored in the NVRAM?
Erase startup- coding is the command you must use if you want to delete the configuration data that
is stored in the NVRAM

64) What is the difference between TCP and UDP?

TCP and UDP both are protocols for sending files across computer networks.

TCP vs UDP

TCP (Transmission Control Protocol) UDP (User Datagram Protocol)

TCP is connection oriented protocol. When connection lost during transferring files, the server would
request the lost part. While transferring a message, there is no corruption while transferring a
message UDP is based on connectionless protocol. When you send data, there is no guarantee
whether your transferred message will reach there without any leakage
The message will deliver in the order it is sent The message you sent may not be in the same order
Data in TCP is read as a stream, where one packet ends, and another begins Packets are
transmitted individually and are guaranteed to be whole if they arrive
Example of TCP includes World Wide Web, file transfer protocol, e-mail, Example for UDP are
VOIP (Voice Over Internet Protocol) TFTP ( Trivial File Transfer Protocol),
65) Explain the difference between half-duplex and full-duplex?
Full duplex means that the communication can occur in both directions at the same time, while half-
duplex means that the communication can happen in one direction at a time.

66) What are the conversion steps of data encapsulation?

Conversion steps of data encapsulation includes

Layer one, two and Three ( Application/presentation/session) : Alphanumeric input from the user is
converted into Data
Layer Four (Transport): Data is converted into small segments
Layer Five (Network): Data converted into packets or datagrams and Network header is added
Layer Six (Data Link): Datagrams or packets are built into frames
Layer Seven (Physical): Frames are converted into bits
67) What command do we give if router IOS is stuck?
Cntrl+Shift+F6 and X is the command we give if router IOS is stuck.

68) What is route poisoning?

Route poisoning is a technique of preventing a network from transmitting packets through a route
that has become invalid.

69) What route entry will be assigned to dead or invalid route in case of RIP?
In the case of RIP table entry, 16 hops will be assigned to dead or invalid route making it unreachable.
Router protocols include:
Routing Information Protocol (RIP)
Interior Gateway Protocol (IGRP)
Open Shortest Path First (OSPF)
Exterior Gateway Protocol (EGP)
Enhanced Interior Gateway Routing Protocol (EIGRP)
Border Gateway Protocol (BGP)
Intermediate System-to-Intermediate System (IS-IS)
Before we get to looking at the routing protocols themselves, it is important to focus on the
categories of protocols.

All routing protocols can be classified into the following:

Distance Vector or Link State Protocols
Interior Gateway Protocols (IGP) or Exterior Gateway Protocols (EGP)
Classful or Classless Protocols
Distance Vector and Link State Protocols
Distance Vector Link State
Sends entire routing table during updates
Only provides link state information
Sends periodic updates every 30-90 seconds
Uses triggered updates
Broadcasts updates
Multi casts updates
Vulnerable to routing loops
No risk of routing loops
RIP, IGRP
OSPF, IS-IS
Distance vector routing protocols are protocols that use distance to work out the best routing path for
packets within a network.

These protocols measure the distance based on how many hops data has to pass to get to its
destination. The number of hops is essentially the number of routers it takes to reach the destination.

Generally, distance vector protocols send a routing table full of information to neighboring devices.
This approach makes them low investment for administrators as they can be deployed without much
need to be managed. The only issue is that they require more bandwidth to send on the routing tables
and can run into routing loops as well.

Link State Routing Protocols

Link state protocols take a different approach to finding the best routing path in that they share
information with other routers in proximity. The route is calculated based on the speed of the path to
the destination and the cost of resources.

Link state routing protocols use an algorithm to work this out. One of the key differences to a distance
vector protocol is that link state protocols don’t send out routing tables; instead, routers notify each
other when route changes are detected.

Routers using the link state protocol creates three types of tables; neighbor table, topology table, and
routing table. The neighbor table stores details of neighboring routers using the link state routing
protocol, the topology table stores the whole network topology, and the routing table stores the most
efficient routes.
IGP and EGPs
Routing protocols can also be categorized as Interior Gateway Protocols (IGPs) or Exterior Gateway
Protocols (EGPs).

IGPs
IGPs are routing protocols that exchange routing information with other routers within a single
autonomous system (AS). An AS is defined as one network or a collection of networks under the
control of one enterprise. The company AS is thus separate from the ISP AS.

Each of the following is classified as an IGP:

Open Shortest Path First (OSPF)
Routing Information Protocol (RIP)
Intermediate System to Intermediate System (IS-IS)
Enhanced Interior Gateway Routing Protocol (EIGRP)
EGPs
On the other hand, EGPs are routing protocols that are used to transfer routing information between
routers in different autonomous systems. These protocols are more complex and BGP is the only EGP
protocol that you’re likely to encounter. However, it is important to note that there is an EGP protocol
named EGP.

Examples of EGPs include:

Border Gateway Protocol (BGP)
Exterior Gateway Protocol (EGP)
The ISO’s InterDomain Routing Protocol (IDRP)
Types of Routing Protocol
Routing Protocols Timeline
1982 – EGP
1985 – IGRP
1988 – RIPv1
1990 – IS-IS
1991 – OSPFv2
1992 – EIGRP
1994 – RIPv2
1995 – BGP
1997 – RIPng
1999 – BGPv6 and OSPFv3
2000 – IS-ISv6
Routing Information Protocol (RIP)
Routing Information Protocol or RIP is one of the first routing protocols to be created. RIP is used in
both Local Area Networks (LANs) and Wide Area Networks (WANs), and also runs on the Application
layer of the OSI model. There are multiple versions of RIP including RIPv1 and RIPv2. The original
version or RIPv1 determines network paths based on the IP destination and the hop count of the
journey.

RIPv1 interacts with the network by broadcasting its IP table to all routers connected to the network.
RIPv2 is a little more sophisticated than this and sends its routing table on to a multicast address.
RIPv2 also uses authentication to keep data more secure and chooses a subnet mask and gateway for
future traffic. The main limitation of RIP is that it has a maximum hop count of 15 which makes it
unsuitable for larger networks.

Pros:
Historical Significance: RIP is one of the oldest and widely recognized routing protocols.
Operational Simplicity: It’s relatively straightforward to understand and implement.
Application Layer Operation: Operates on the application layer, making it easy to manage and
configure.
Multicast Capability (RIPv2): RIPv2 can multicast its routing table, providing a more efficient way to
communicate with other routers than broadcasting.
Enhanced Security (RIPv2): RIPv2 offers authentication measures to enhance data security.
Cons:
Maximum Hop Count: RIP’s maximum hop count of 15 restricts its use in larger networks.
Lack of Scalability: Due to its hop count limitation, it is not suited for modern expansive networks.
Broadcaster (RIPv1): RIPv1’s method of broadcasting its entire table can lead to increased traffic and
potential inefficiencies.
Limited Route Metric: RIP uses hop count as its sole metric, which may not always represent the best
path in complex networks.
Slower Convergence: RIP can be slower to adapt to network changes, leading to potential temporary
routing loops.
See also: LAN Monitoring tools

Interior Gateway Protocol (IGRP)

Interior Gateway Protocol or IGRP is a distance vector routing protocol produced by Cisco. IGRP was
designed to build on the foundations laid down on RIP to function more effectively within larger
connected networks and removed the 15 hop cap that was placed on RIP. IGRP uses metrics such as
bandwidth, delay, reliability, and load to compare the viability of routes within the network.
However, only bandwidth and delay are used under IGRP’s default settings.

IGRP is ideal for larger networks because it broadcasts updates every 90 seconds and has a maximum
hop count of 255. This allows it to sustain larger networks than a protocol like RIP. IGRP is also widely
used because it is resistant to routing loops because it updates itself automatically when route
changes occur within the network.

Pros:
Enhanced Scalability: IGRP addresses the shortcomings of RIP by allowing a maximum hop count of
255, making it suitable for larger networks.
Multiple Metrics: Uses a combination of metrics (bandwidth, delay, reliability, and load) for improved
routing decisions.
Frequent Updates: Broadcasts updates every 90 seconds, ensuring the network is well-informed and
up-to-date.
Loop Resistance: Built-in features that automatically update routes, making IGRP resistant to routing
loops.
Cisco Legacy: Developed by Cisco, it benefits from being backed by one of the industry leaders in
networking.
Cons:
Proprietary Protocol: Being a Cisco product, IGRP isn’t universally adaptable across all devices from
different manufacturers.
Limited Default Metrics: Even though it has multiple metrics, only bandwidth and delay are
considered under default settings, potentially overlooking other valuable information.
Superseded by EIGRP: IGRP has been replaced by Enhanced IGRP (EIGRP), which offers more
advantages, leading to its diminished use in modern networks.
Larger Overhead: Given its broader capabilities, IGRP can generate more network overhead compared
to simpler protocols like RIP.
Potential Complexity: The multiple metrics and larger hop count can make configuration and
troubleshooting more complex than simpler protocols.
Open Shortest Path First (OSPF)
Open Shortest Path First or OSPF protocol is a link-state IGP that was tailor-made for IP networks
using the Shortest Path First (SPF) algorithm. The SPF routing algorithm is used to calculate the
shortest path spanning-tree to ensure efficient data transmission of packets. OSPF routers maintain
databases detailing information about the surrounding topology of the network. This database is filled
with data taken from Link State Advertisements (LSAs) sent by other routers. LSAs are packets that
detail information about how many resources a given path would take.

OSPF also uses the Dijkstra algorithm to recalculate network paths when the topology changes. This
protocol is also relatively secure as it can authenticate protocol changes to keep data secure. It is used
by many organizations because it’s scalable to large environments. Topology changes are tracked and
OSPF can recalculate compromised packet routes if a previously-used route has been blocked.

Pros:
Efficient Routing: Utilizes the Shortest Path First (SPF) algorithm to ensure optimal data packet
transmission.
Detailed Network Insight: OSPF routers maintain a database on the network’s topology, offering a
detailed perspective on its structure.
Dynamic Adaptability: Employs the Dijkstra algorithm to dynamically adjust to network topology
changes, ensuring continuity in data transmission.
Security Features: Offers protocol change authentication to maintain data security, ensuring that only
authorized updates are made.
Highly Scalable: Suitable for both small and large-scale network environments, making it versatile for
various organizational sizes.
Cons:
Complex Configuration: Given its many features, OSPF can be complex to set up and maintain.
Higher Overhead: Maintaining detailed databases and frequently recalculating routes can generate
more network overhead.
Sensitive to Topology Changes: While OSPF can adapt to changes, frequent topology alterations can
cause performance dips as it recalculates routes.
Resource Intensive: OSPF routers require more memory and CPU resources due to their database
maintenance and route recalculations.
Potential for Large LSDB: In very large networks, the Link State Database (LSDB) can grow significantly,
necessitating careful design and segmenting.
Exterior Gateway Protocol (EGP)
Exterior Gateway Protocol or EGP is a protocol that is used to exchange data between gateway hosts
that neighbor each other within autonomous systems. In other words, EGP provides a forum for
routers to share information across different domains. The most high profile example of an EGP is the
internet itself. The routing table of the EGP protocol includes known routers, route costs, and network
addresses of neighboring devices. EGP was widely-used by larger organizations but has since been
replaced by BGP.

The reason why this protocol has fallen out of favor is that it doesn’t support multipath networking
environments. The EGP protocol works by keeping a database of nearby networks and the routing
paths it could take to reach them. This route information is sent on to connected routers. Once it
arrives, the devices can update their routing tables and undertake more informed path selection
throughout the network.

Pros:
Data Exchange Between Autonomous Systems: Allows gateway hosts to share information across
distinct network domains, effectively acting as a bridge.
Foundation of Early Internet: Served as a precursor and essential component to the modern internet’s
formation.
Routing Database: Contains comprehensive information, including known routers, route costs, and
the addresses of neighboring devices.
Path Information Sharing: Sends route data to neighboring routers, helping them update their tables
and make better routing decisions.
Cons:
Lack of Multipath Support: EGP isn’t suitable for modern multipath networking environments, limiting
its adaptability.
Obsolete: Has been largely phased out in favor of more advanced protocols, notably BGP.
Limited Scalability: As networks grew, EGP struggled with handling larger and more intricate systems.
Static Path Determination: While EGP keeps a database of nearby networks, its path determinations
are more static, making it less flexible than newer protocols.
Potential for Redundancy: EGP’s method of sharing all route data with neighboring routers can lead to
redundant data transmission and larger routing tables.
Enhanced Interior Gateway Routing Protocol (EIGRP)
Enhanced Interior Gateway Routing Protocol or EIGRP is a distance vector routing protocol that is used
for IP, AppleTalk, and NetWare networks. EIGRP is a Cisco proprietary protocol that was designed to
follow on from the original IGRP protocol. When using EIGRP, a router takes information from its
neighbors’ routing tables and records them. Neighbors are queried for a route and when a change
occurs the router notifies its neighbors about the change. This has the end result of making
neighboring routers aware of what is going on in nearby devices.

EIGRP is equipped with a number of features to maximize efficiency, including Reliable Transport
Protocol (RTP) and a Diffusing Update Algorithm (DUAL). Packet transmissions are made more
effective because routes are recalculated to speed up the convergence process.

Pros:
Versatility: Supports multiple network protocols, including IP, AppleTalk, and NetWare.
Advanced Design: A successor to the original IGRP, EIGRP incorporates more modern features for
routing.
Neighbor Information Exchange: By collecting data from neighbors’ routing tables, EIGRP maintains a
real-time understanding of the network environment.
Efficient Notification System: Routers promptly inform neighboring routers of any route changes,
fostering a responsive network environment.
Reliable Transport Protocol (RTP): Ensures the reliability of packet transmissions and acknowledges
receipt of routing updates.
Diffusing Update Algorithm (DUAL): Enhances route calculations and accelerates network
convergence, reducing the time the network takes to stabilize after a change.
Cons:
Proprietary Protocol: EIGRP is Cisco-specific, which can limit interoperability with equipment from
other manufacturers.
Overhead: The frequent exchange of routing updates and queries, especially in larger networks, can
consume bandwidth and processing resources.
Complex Configuration: While powerful, EIGRP’s array of features might pose a steeper learning curve
for those unfamiliar with its intricacies.
Potential for Routing Loops: As with many distance-vector protocols, there’s a risk of routing loops,
although measures like split horizon and route poisoning help mitigate this.
Lack of Wide Adoption: Being proprietary means EIGRP isn’t as universally adopted as open standard
protocols.
Border Gateway Protocol (BGP)
Border Gateway Protocol or BGP is the routing protocol of the internet that is classified as a distance
path vector protocol. BGP was designed to replace EGP with a decentralized approach to routing. The
BGP Best Path Selection Algorithm is used to select the best routes for data packet transfers. If you
don’t have any custom settings then BGP will select routes with the shortest path to the destination.

However many administrators choose to change routing decisions to criteria in line with their needs.
The best routing path selection algorithm can be customized by changing the BGP cost community
attribute. BGP can make routing decisions based Factors such as weight, local preference, locally
generated, AS_Path length, origin type, multi-exit discriminator, eBGP over iBGP, IGP metric, router
ID, cluster list and neighbor IP address.

BGP only sends updated router table data when something changes. As a result, there is no auto-
discovery of topology changes which means that the user has to configure BGP manually. In terms of
security, BGP protocol can be authenticated so that only approved routers can exchange data with
each other.

Pros:
Internet Backbone: As the primary routing protocol of the internet, BGP plays a pivotal role in global
data exchanges.
Decentralized Design: Unlike its predecessor EGP, BGP’s decentralized nature ensures more robust
and adaptable network operations.
Customizable Path Selection: BGP’s Best Path Selection Algorithm can be tailored to meet unique
network demands by adjusting attributes.
Efficient Updates: Only transmitting updates when there’s a change, BGP reduces unnecessary
network traffic.
Granular Routing Decisions: Administrators have a plethora of factors like weight, AS_Path length,
and IGP metric to inform routing decisions, allowing for a high degree of routing precision.
Authentication: BGP provides security measures allowing only authorized routers to participate in
data exchanges, enhancing the security of routing updates.
Cons:
Complex Configuration: BGP requires meticulous manual configuration since it doesn’t auto-discover
topology changes.
Potential Instability: Mistakes or malicious actions in BGP configurations can inadvertently or
intentionally divert internet traffic, potentially leading to large-scale outages.
Scalability Concerns: As the internet grows, BGP’s scalability, in its current form, might pose
challenges.
Vulnerabilities: Despite authentication measures, BGP is historically susceptible to certain security
issues, like prefix hijacking.
Learning Curve: Given its complexity and significance, mastering BGP can be challenging for many
network administrators.
Convergence Time: BGP can sometimes take longer to converge after a network change compared to
some other protocols.
Intermediate System-to-Intermediate System (IS-IS)
Intermediate System-to-Intermediate System (IS-IS) is a link-state, IP routing protocol and IGPP
protocol used on the internet to send IP routing information. IS-IS uses a modified version of the
Dijkstra algorithm. An IS-IS network consists of a range of components including end systems, (user
devices), intermediate systems (routers), areas, and domains.

Under IS-IS routers are organized into groups called areas and multiple areas are grouped together to
make up a domain. Routers within the area are placed with Layer 1 and routers that connect
segments together are classified as Layer 2. There are two types of network addresses used by IS-IS;
Network Service Access Point (NSAP) and Network Entity Title (NET).

Pros:
Hierarchical Design: Organizing routers into areas and domains simplifies management and optimizes
routing within large networks.
Scalability: The division into areas and domains allows for efficient operation in large-scale networks,
avoiding unnecessary routing overhead.
Flexibility: The protocol is not tied exclusively to IP, making it adaptable to various network
architectures.
Efficient Path Selection: Utilizes a modified version of the Dijkstra algorithm for optimal path
determination.
Distinct Addressing Mechanism: With unique addresses like NSAP and NET, IS-IS provides granularity
in addressing which can assist in network troubleshooting and management.
Dual-Level Operation: Layer 1 and Layer 2 classification enables segregation of intra-area routing from
inter-area routing, ensuring efficiency and simplifying router roles.
Cons:
Learning Curve: Given its unique terminology and addressing mechanism, mastering IS-IS might pose a
challenge for network engineers unfamiliar with it.
Address Length: NSAP addresses can be lengthy, which may complicate manual configuration and
troubleshooting.
Lesser Adoption: IS-IS is less commonly used in certain segments of the internet when compared to
OSPF, potentially leading to compatibility considerations.
Complex Configuration: Its hierarchical structure, while providing scalability benefits, might
complicate the initial configuration.
Interoperability: As a protocol with roots in the ISO OSI model, there may be issues when trying to
interoperate with purely IP-based protocols.
Protocol Evolution: While IS-IS has been adapted for IP, its origins in the OSI model mean it might not
be as naturally suited to some IP-centric tasks as newer p
A large number of commands are available on Cisco routers, as well as many different protocols and
features that can be used to establish a network. Navigating through Cisco IOS® Software can be
confusing and intimidating for someone new to Cisco routers. This section will familiarize you with
some of the basic router commands that are commonly used, as well as some typical router
management tasks in the included labs.

The following commands are used to gather information on a Cisco IOS Software-based router when
attempting to learn basic information about a router, or possibly troubleshooting protocol-
independent problems:

show version
show running-config
show interfaces
show logging
show tech-support
Let's examine these commands further to see how they can be used to obtain valuable information.

show version

You will use the show version command in the simulation environment. This command displays the
configuration of the system hardware, the software version, and the names and sources of
configuration files and the boot images. This command also displays information about how the
system was last started and how long the router has been running since that start. Sample output
from the show version command follows:

System Image Version and ROM Version

This information indicates the running version of the Cisco IOS Software. This software has many
different versions of the Cisco IOS Software, each of which supports a variety of features. The version
of Cisco IOS Software on the router plays a major role in dictating the capabilities and services of the
router.

Router Uptime and System Restart

The router uptime can be checked to make sure the router has been in continuous operation since it
was last restarted. If the uptime is inconsistent with the last known router maintenance, the router
may have restarted because of problems with the electrical circuit it is connected to, or because of
problems with the router itself. The "System restarted by" line displays a log of how the system was
last booted, whether by normal system startup or because of a system error. The following display is
an example of a system error that is generally the result of an attempt by the router to access a
nonexistent address:

System restarted by bus error at PC 0xC4CA, address 0x210C0C0

Interface Hardware Inventory
The interface hardware inventory should include all interface processors installed in the router. If any
interfaces that are installed in the router do not show up in the inventory, there may be hardware
problems with the interface processor itself, or the router may be running a version of the Cisco IOS
Software that does not support that interface type.

Shared Memory

This is the memory the interface processors use for buffering packets. As the name suggests, all the
interface processors in a router share this memory, and performance problems can result if there is
not enough. It may be necessary to upgrade the memory if such an issue occurs.

Main Memory

This memory is used to store the running configuration and all routing tables. In extremely large
networks, it is possible for the routing tables to get so large they exceed the main memory capacity.
When this happens, the router will crash. It may be necessary to upgrade the memory if such an issue
occurs.

show running-config

All the commands that are entered on a router are stored in the current running configuration that is
maintained in RAM. This command can be very useful when gathering basic information or
troubleshooting because it allows the user to verify the commands that have been administered on
the router. You will use the show running-config command in the simulation labs.

show interfaces
You will use the show interfaces command in the practice labs. This command displays statistics for
the network interfaces. Sample output from the show interfaces command is shown below. Because
your display will depend on the type and number of interface cards in your router, only a portion of
the display is shown, in this case for a serial interface.

Click on the Netbit icon to the right to view an animation about Cyclic Redundancy Check (CRC).

Interface and Line Protocol Status

The interface and line protocol status output gives information related to the physical state of the
interface (the first part of the output) and shows the state of messages at the data link level (the
second part of the output, following the comma).

When an interface is operating and communicating correctly, there is only one possible status output:

Serial x is up, line protocol is up

Remember that this output is meant to correspond to the serial interface output shown above. If an
Ethernet interface were being examined, the output would obviously change accordingly to "Ethernet
x is up, line protocol is up."

You can identify five possible problem states in the interface status line of the show interfaces serial
display:

Serial x is down, line protocol is down

This state indicates a cable or interface problem. The remote end may be administratively shut down,
a situation that could cause both ends to go down. To bring an interface up, use the no form of the
shutdown command under the interface configuration mode.
Serial x is up, line protocol is down
This state is often attributed to a clocking or framing problem. Check to make sure that clocking has
been set on the correct end, keepalives are being sent correctly, and the encapsulation type on both
ends match.
Serial x is up, line protocol is up (looped)
This state indicates that a loop exists in the circuit. This problem could be associated with an existing
loopback interface.
Serial x is up, line protocol is down (disabled)
This state often indicates a hardware problem and may be associated with a telephone company
service problem.
Serial x is administratively down, line protocol is down
This state indicates that the shutdown command has been administered on the interface. To bring the
interface up, use the no shutdown command under interface configuration mode.
Output Drops

Output drops appear in the output of the show interfaces serial command when the system is
attempting to hand off a packet to a transmit buffer but no buffers are available.

Output drops are acceptable under certain conditions. For instance, if a link is known to be overused
(with no way to remedy the situation), it is often considered preferable to drop packets rather than
holding them, particularly for protocols that support flow control and can retransmit data, such as
TCP/IP.

Click on the Netbit icon to the right to view an animation about buffering.

Input Drops

Input drops appear in the output of the show interfaces serial EXEC command when too many packets
from that interface are still being processed in the system.

Input Errors

If input errors appear in the show interfaces serial output, they have several possible sources. The
most likely sources are related to physical layer issues, including bad hardware, a noisy line, a bad
connection, or incorrect equipment. Other potential causes include noisy lines and incorrect data
conversion.

Any input error value for cyclic redundancy check (CRC) errors, framing errors, or aborts above one
percent of the total interface traffic suggests some kind of link problem that should be isolated and
repaired.

Interface Resets

Interface resets that appear in the output of the show interfaces serial EXEC command are the result
of missed keepalive packets. Interface resets may occur because of issues such as congestion on the
line, a bad line, or faulty equipment.

Carrier Transitions

Carrier transitions appear in the output of the show interfaces serial EXEC command whenever there
is an interruption in the carrier signal (such as an interface reset at the remote end of a link). Carrier
transitions may be caused by physical changes to the line (cable unplugged or damaged) or by faulty
equipment.

show logging

This command displays the state of syslog error and event logging, including host addresses, and
whether console logging is enabled. This command also displays Simple Network Management
Protocol (SNMP) configuration parameters and protocol activity.

Router# show logging

Syslog logging: enabled
Console logging: disabled
Monitor logging: level debugging, 266 messages logged.
Trap logging: level informational, 266 messages logged.
Logging to 192.180.2.238
SNMP logging: disabled, retransmission after 30 seconds
0 messages logged
The following table describes significant fields shown in the command display.

Field Description
Syslog Logging When enabled, system logging messages are sent to a UNIX host that acts as a syslog
server; that is, it captures and saves the messages.
Console Logging If enabled, this field states the level; otherwise, it displays disabled.
Monitor Logging This shows the minimum level of severity required for a log message to be
sent to a monitor terminal (not the console).
Trap Logging This field gives the minimum level of severity required for a log message to be sent to
a syslog server.
SNMP Logging This field shows whether SNMP logging is enabled and the number of messages
logged, and the retransmission interval.
show tech-support

Use this command to help collect general information about the router when you are reporting a
problem to the Cisco Technical Assistance Center (TAC). This command displays the equivalent of the
following show commands:

show version
show running-config
show controllers
show stacks
show interfaces
show buffers
show processes memory
show processes cpu
The output of most of these commands is of use only to your technical support representative.

Although most configurations on a Cisco Router will probably occur when a network is initially being
set up or an upgrade or enhancement is being performed, you may encounter some basic
maintenance tasks during routine interaction with a router. A list of some of the common router
management tasks are below. The simulation labs that follow will reinforce your understanding of
these tasks by walking you through each of these procedures.

Providing a router hostname

Setting up passwords
Disabling DNS lookup
Setting up logging
Setting timestamps for logging and debugging
Defining console, auxiliary, and virtual terminal settings
Setting up a Comm Server to access your routers more easily
Handling password recovery
Downloading a software image from a TFTP server
File management tasks
Cisco Discovery Protocol

For security purposes, passwords are often configured on Cisco routers to restrict access. This
password can be forgotten or lost and it may need to be recovered to gain access to the router. The
process for recovering a lost password varies from platform to platform, because there are many
different types of Cisco products. Several password recovery techniques for different Cisco products
can be found on Cisco.com by searching on the words "password recovery."
Though the actual password-recovery processes for different routers may vary, each procedure
follows the following basic steps:

Configure the router to boot up without reading the configuration memory (nonvolatile RAM, or
NVRAM). This is sometimes called the "test system mode."
Reboot the system.
Access enable mode (this can be done without a password if you are in test system mode).
View or change the password, or erase the configuration.
Reconfigure the router to boot up and read the NVRAM as it normally does.
Reboot the system.
Some password recovery requires a terminal to issue a BREAK signal; you must be familiar with how
your terminal or PC terminal emulator issues this signal. Several break sequences for different
platforms and setups are provided on Cisco.com by searching on the words "break sequence."

To view a NetBit on how to complete password recovery on a Cisco 2600 Router, click on the NetBit
icon to the right.

The Cisco Discovery Protocol (formerly known as CDP) is a proprietary, media- and protocol-
independent protocol that runs on all Cisco manufactured equipment, including routers, bridges,
access servers, and switches. With Cisco Discovery Protocol, network management applications can
learn the device type and the Simple Network Management Protocol (SNMP) agent address of
neighboring devices. This enables applications to send SNMP queries to neighboring devices.

Cisco Discovery Protocol essentially allows administrators to gain basic information about all other
devices attached to a Cisco device. The type of information that can be obtained using Cisco Discovery
Protocol includes the hostname, platform (type of device), and capabilities of attached devices. Cisco
Discovery Protocol can also be used to obtain the network address of the interface of an attached
device.

Cisco Discovery Protocol runs on all media that support Subnetwork Access Protocol (SNAP), LAN,
Frame Relay, and ATM media. Cisco Discovery Protocol runs over the data link layer only. Therefore,
two systems that support different network-layer protocols can learn about each other.

Each device configured for Cisco Discovery Protocol sends periodic messages to a multicast address.
Each device advertises at least one address at which it can receive SNMP messages. The
advertisements also contain time-to-live, or holdtime, information, which indicates the length of time
a receiving device should hold Cisco Discovery Protocol information before discarding it.

The section that follows outlines some of the basic Cisco IOS® commands related to Cisco Discovery
Protocol. A lab is provided, later in this module, to give you some experience configuring and using
Cisco Discovery Protocol in a network environment.

Basic Cisco IOS Commands Related to Cisco Discovery Protocol

To set the frequency of Cisco Discovery Protocol transmissions and the hold time for Cisco Discovery
Protocol packets, perform the following tasks in global configuration mode:

Task Command
Specify frequency of transmission of Cisco Discovery Protocol updates. cdp timer seconds
Specify the amount of time a receiving device should hold the information sent by your device before
discarding it. cdp holdtime seconds

Cisco Discovery Protocol is enabled by default. To disable Cisco Discovery Protocol and later reenable
it, perform the following tasks in global configuration mode:

Task Command
Disable Cisco Discovery Protocol. no cdp run
Enable Cisco Discovery Protocol. cdp run

Cisco Discovery Protocol is enabled by default on the router and is also enabled by default on all
supported interfaces to send and receive Cisco Discovery Protocol information. To disable and later
reenable Cisco Discovery Protocol on an interface, perform the following tasks in interface
configuration mode:

Task Command
Disable Cisco Discovery Protocol on an interface. no cdp enable
Enable Cisco Discovery Protocol on an interface. cdp enable

To monitor and maintain CDP on your device, perform the following tasks in privileged EXEC mode:

Task Command
Reset the traffic counters to zero. clear cdp counters
Delete the Cisco Discovery Protocol table of information about neighbors. clear cdp table
Display global information such as frequency of transmissions and the hold time for packets being
transmitted. show cdp
Display information about a specific neighbor. Display can be limited to protocol or version
information. show cdp entry entry-name [protocol | version]
Display information about interfaces on which Cisco Discovery Protocol is enabled. show cdp
interface [type number]
Display information about neighbors. The display can be limited to neighbors on a specific interface,
and expanded to provide more-detailed information. show cdp neighbors [type number] [detail]
Display Cisco Discovery Protocol counters, including the number of packets sent and received and
checksum errors. show cdp traffic
Display information about the types of debugging that are enabled for your router. show
debugging