CCIE Pursuit Blog

August 7, 2009

Core Knowledge Question of the Day: 07 August 2009

If a TCP connection does not complete the three-way handshake within a particular time period, TCP intercept sends a TCP reset to the server, cleaning up the connection.

Which TCP intercept mode does this statement best describe?

Highlight for answer: Watch mode.

August 6, 2009

Core Knowledge Question of the Day: 06 August 2009

By default, when does a Cisco router switch over from the root-path-tree to the source-specific SPT?

Highlight for answer: When the first packet is received from the shared tree.  You can change this with the ‘ip pim spt-threshold’ command.

July 15, 2009

Core Knowledge Question of the Day: 15 July 2009

A port in the Spanning Tree state of ‘blocking’ does not allow any type of traffic – true or false?

Highlight for answer: False – BPDUs are still allowed over the link.

July 14, 2009

Core Knowledge Question of the Day: 14 July 2009

Does an OSFP stub explicitly filter Type-4 LSAs, or is their absence in an OSPF stub area simply due to being unnecessary because the Type-5 LSAs have been filtered?

Highlight for answer: Actually, I don’t know the answer to this question.  I was thinking about it today.  In an OSFP stub area Type-5 LSAs are explicitly filtered.  There are no Type-4 LSAs present either.  I don’t know if they are explicitly filtered, or they are just never generated because the Type 5 LSA is filtered/never created?  It’s my understanding (possibly a misunderstanding) that the ASBR generates the Type-4 LSA, so…it must be explicity filtered at the ABR, right? <–This is WRONG! 🙂


Thank you for the comments (big ups to Ivan P, Zeeshan, and Pavel Sefanov).  I think that I have this cleared up in my head now:

The ABR generates the Type-4 LSA. If the area is configured as a stub area, the ABR filters the Type-5 LSAs(generated by the ASBR) and does not generate a Type-4 LSA. So, technically, an OSPF stub configuration only explicitly filters Type-5 LSAs, but it implicitly filters Type-4 LSAs as well as there is no need for the ABR to generate a Type-4 LSA.

So if you were to tell a co-worker that both Type-5 and Type-4 LSAs are filtered, you would be technically wrong.  😦

Ivan Pepelnjak from Cisco IOS Hints and Tricks wrapped it up nicely:

To make it more explicit: the type-4 LSA is the glue that ties together a type-5 LSA originated by an out-of-area ASBR with the ABR flooding type-5 into the area. If there are no type-5 LSAs, type-4 LSAs are not needed (you will also not see them for ASBRs in the same area).

July 13, 2009

Core Knowledge Question of the Day: 13 July 2009

What are the two tables that CEF utilizes to switch packets?

Highlight for answer: Forwarding Information Base(FIB) and [CEF] adjacency table.

July 12, 2009

Core Knowledge Question of the Day: 12 July 2009

What are the three tables that EIGRP uses?

Highlight for answer: EIGRP neighbor table, EIGRP topology table, and the IP routing table.

July 11, 2009

Core Knowledge Question of the Day: 11 July 2009

Which Spanning Tree convergence improvement utilizes Root Link Query (RLQ) BPDUs to detect indirect link failures?

Highlight for answer: BackboneFast

June 15, 2009

Core Knowledge Question of the Day: 15 June 2009

Which two commands can be used to disable the executive timeout feature?

Highlight for answer: no exec-timeout or exec-timeout 0 0

June 8, 2009

Core Knowledge Question of the Day: 08 June 2009

Given the output below, how long will it take for a MAC address to age out?

Rack1SW1(config-if)#do sh port-security int f0/4
Port Security              : Enabled
Port Status                : Secure-down
Violation Mode             : Shutdown
Aging Time                 : 0 mins
Aging Type                 : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses      : 1
Total MAC Addresses        : 0
Configured MAC Addresses   : 0
Sticky MAC Addresses       : 0
Last Source Address:Vlan   : aaaa.bbbb.cccc:1
Security Violation Count   : 0

Highlight for answer: By setting ‘switchport port-security aging’ to 0(the default), aging is disabled and the MAC address will never age out.

June 5, 2009

Core Knowledge Question of the Day: 05 June 2009

Filed under: Cisco,Cisco Certification,IOS,Question Of The Day — cciepursuit @ 8:29 am

When applied outbound to a neighbor in BGP, what is the order of preference between prefix-lists, filter-lists, distribute-lists, and route-maps?

Highlight for answer:  1) *prefix-list, *distribute-list, 2) filter-list, 3) route-map

*The attributes prefix-list and distribute-list are mutually exclusive, and only one command (neighbor prefix-list or neighbor distribute-list) can be applied to each inbound or outbound direction for a particular neighbor.

Next Page »

Blog at