The Renew Guide To 400-101 braindumps

Answer: C 

Explanation: 

Here we are using route maps to change the route target for the 192.168.1.0/24 network from the default route target of 64512:100010051 to 64512:3002300. 

Answer: B,D 

Explanation: 

This document describes how Cisco Express Forwarding (CEF) polarization can cause suboptimal use of redundant paths to a destination network. CEF polarization is the effect when a hash algorithm chooses a particular path and the redundant paths remain completely unused. 

How to Avoid CEF Polarization 

. Alternate between default (SIP and DIP) and full (SIP + DIP + Layer4 ports) hashing inputs configuration at each layer of the network. 

. Alternate between an even and odd number of ECMP links at each layer of the network.The CEF load-balancing does not depend on how the protocol routes are inserted in the routing table. Therefore, the OSPF routes exhibit the same behavior as EIGRP. In a hierarchical network where there are several routers that perform load-sharing in a row, they all use same algorithm to load-share. 

The hash algorithm load-balances this way by default: 

1: 1 

2: 7-8 

3: 1-1-1 

4: 1-1-1-2 

5: 1-1-1-1-1 

6: 1-2-2-2-2-2 

7: 1-1-1-1-1-1-1 

8: 1-1-1-2-2-2-2-2 

The number before the colon represents the number of equal-cost paths. The number after the colon represents the proportion of traffic which is forwarded per path. 

This means that: 

For two equal cost paths, load-sharing is 46.666%-53.333%, not 50%-50%. 

For three equal cost paths, load-sharing is 33.33%-33.33%-33.33% (as expected). 

For four equal cost paths, load-sharing is 20%-20%-20%-40% and not 25%-25%-25%-25%. 

This illustrates that, when there is even number of ECMP links, the traffic is not load-balanced. 

.Cisco IOS introduced a concept called unique-ID/universal-ID which helps avoid CEF polarization. This algorithm, called the universal algorithm (the default in current Cisco IOS versions), adds a 32-bit router-specific value to the hash function (called the universal ID - this is a randomly generated value at the time of the switch boot up that can can be manually controlled). This seeds the hash function on each router with a unique ID, which ensures that the same source/destination pair hash into a different value on different routers along the path. This process provides a better network-wide load-sharing and circumvents the polarization issue. This unique -ID concept does not work for an even number of equal-cost paths due to a hardware limitation, but it works perfectly for an odd number of equal-cost paths. In order to overcome this problem, Cisco IOS adds one link to the hardware adjacency table when there is an even number of equal-cost paths in order to make the system believe that there is an odd number of equal-cost links. 

Reference: http://www.cisco.com/c/en/us/support/docs/ip/express-forwarding-cef/116376-technote-cef-00.html 

Answer: D 

Explanation: 

This command shows the TOS value in hex, which is 80 in this case. The following chart shows some common DSCP/PHB Class values: 

Service 

DSCP value 

TOS value 

Juniper Alias 

TOS hexadecimal 

DSCP - TOS Binary 

Premium IP 

46 

184 

ef 

B8 

101110 - 101110xx 

LBE 

8 

32 

cs1 

20 

001000 - 001000xx 

DWS 

32 

128 

cs4 

80 

100000 - 100000xx 

Network control 

48 

192 

cs6 

c0 

110000 - 110000xx 

Network control 2 

56 

224 

cs7 

e0 

111000 - 111000xx 

Reference: http://www.tucny.com/Home/dscp-tos 

Answer: A 

Explanation: 

mls qos queue-set output qset-idthreshold queue-id drop-threshold1 drop-threshold2 reserved-threshold maximum-threshold 

Configure the WTD thresholds, guarantee the availability of buffers, and configure the maximum memory allocation for the queue-set (four egress queues per port). 

By default, the WTD thresholds for queues 1, 3, and 4 are set to 100 percent. The thresholds for queue 2 are set to 200 percent. The reserved thresholds for queues 1, 2, 3, 

and 4 are set to 50 percent. The maximum thresholds for all queues are set to 400 percent. 

. For qset-id , enter the ID of the queue-set specified in Step 2. The range is 1 to 2. 

. For queue-id , enter the specific queue in the queue-set on which the command is performed. The range is 1 to 4. 

. For drop-threshold1 drop-threshold2 , specify the two WTD thresholds expressed as a percentage of the queue’s allocated memory. Th e range is 1 to 3200 percent. 

. For reserved-threshold , enter the amount of memory to be guaranteed (reserved) for the queue expressed as a percentage of the allocated memory. The range is 1 to 100 percent. 

. For maximum-threshold , enable a queue in the full condition to obtain more buffers than are reserved for it. This is the maximum memory the queue can have before the packets are dropped if the common pool is not empty. The range is 1 to 3200 percent 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/1 2-2_55_se/configuration/guide/3750xscg/swqos.html 

Answer: C 

Explanation: 

Example on how to deny all prefixes originated in Autonomous System 200 

router bgp 100 

neighbor 10.1.1.1 remote-as 65535 

neighbor 10.1.1.1 route-map map1 in 

! 

route-map map1 permit 10 

match as-path 1 

! 

ip as-path access-list 5 deny _200$ 

ip as-path access-list 5 permit .* 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/termserv/configuration/guide/12_4t/tsv_12_4t_bo ok/tsv_reg_express.html 

Answer: B 

Explanation: 

The OL bit is used to prevent unintentional blackholing of packets in BGP transit networks. Due to the nature of these protocols, IS-IS and OSPF converge must faster than BGP. Thus there is a possibility that while the IGP has converged, IBGP is still learning the routes. In that case if other IBGP routers start sending traffic towards this IBGP router that has not yet completely converged it will start dropping traffic. This is because it isnt yet aware of the complete BGP routes. OL bit comes handy in such situations. When a new IBGP neighbor is added or a router restarts, the IS-IS OL bit is set. Since directly connected (including loopbacks) addresses on an “overloaded” router are considered by other routers, IBGP can be bought up and can begin exchanging routes. Other routers will not use this router for transit traffic and will route the packets out through an alternate path. Once BGP has converged, the OL bit is cleared and this router can begin forwarding transit traffic. 

Reference: https://routingfreak.wordpress.com/category/ospf-vs-is-is/ 

Answer: B,C 

Answer: A 

Answer: A,B,C 

Explanation: 

An ALG may offer the following functions: 

. allowing client applications to use dynamic ephemeral TCP/ UDP ports to communicate with the known ports used by the server applications, even though a firewall configuration may allow only a limited number of known ports. In the absence of an ALG, either the ports would get blocked or the network administrator would need to explicitly open up a large number of ports in the firewall — rendering the network vulnerable to attacks on those ports. 

. converting the network layer address information found inside an application payload between the addresses acceptable by the hosts on either side of the firewall/NAT. This aspect introduces the term 'gateway' for an ALG. 

. recognizing application-specific commands and offering granular security controls over them 

. synchronizing between multiple streams/sessions of data between two hosts exchanging data. For example, an FTP application may use separate connections for passing control commands and for exchanging data between the client and a remote server. During large file transfers, the control connection may remain idle. An ALG can prevent the control connection getting timed out by network devices before the lengthy file transfer completes. 

Reference: http://en.wikipedia.org/wiki/Application-level_gateway 

Answer: A