Ensurepass

QUESTION 31

In policy-based routing, which action is taken for packets that do not match any of the route-map statements?

 

A.

forwarded after the egress queue empties on the outbound interface

B.

forwarded using the last statement in the route map

C.

forwarded using the closest matching route-map statement

D.

forwarded using destination-based routing

 

Correct Answer: D

Explanation:

Each entry in a route map contains a combination of match and set statements. The match statements define the criteria for whether appropriate packets meet the particular policy (that is, the conditions to be met). The set clauses explain how the packets should be routed once they have met the match criteria.

 

You can mark the route-map statements as permit or deny. You can interpret the statements as follows:

 

clip_image002If the statement is marked as permit and the packets meet the match criteria, the set clause is applied. One of these actions involves choosing the next hop.

clip_image002[1]If a statement is marked as deny, the packets that meet the match criteria are sent back through the normal forwarding channels, and destination-based routing is performed.

clip_image002[2]If the statement is marked as permit and the packets do not match any route-map statements, the packets are sent back through the normal forwarding channels, and destination-based routing is performed.

 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/unicast/configuration/guide/l3_cli_nxos/l3pbr.pdf

 

 

QUESTION 32

Refer to the exhibit. What is the consequence of configuring peer-gateway on the two vPC peers N7K-1 and N7K-2?

 

clip_image004

 

A.

Nothing, this is the standard vPC configuration to make the feature work.

B.

The downstream device detects only one of the vPC peers as its gateway.

C.

The downstream device can use DMAC of N7K-1 on the link to N7K-2, and N7K-2 forwards the packet.

D.

This configuration enables the downstream device to use DHCP to obtain its default gateway.

 

Correct Answer: C

Explanation:

Beginning with Cisco NX-OS 4.2(1), you can configure vPC peer devices to act as the gateway even for packets that are destined to the vPC peer device’s MAC address. Use the peer-gateway command to configure this feature. Some network-attached storage (NAS) devices or load-balancers may have features aimed to optimize the performances of particular applications. Essentially these features avoid performing a routing-table lookup when responding to a request that originated form a host not locally attached to the same subnet. Such devices may reply to traffic using the MAC address of the sender Cisco Nexus 7000 device rather than the common HSRP gateway. Such behavior is non-complaint with some basic Ethernet RFC standards. Packets reaching a vPC device for the non-local router MAC address are sent across the peer-link and could be dropped by the built in vPC loop avoidance mechanism if the final destination is behind another vPC.

The vPC peer-gateway capability allows a vPC switch to act as the active gateway for packets that are addressed to the router MAC address of the vPC peer. This feature enables local forwarding of such packets without the need to cross the vPC peer-link. In this scenario, the feature optimizes use of the peer-link and avoids potential traffic loss. Configuring the peer-gateway feature needs to be done on both primary and secondary vPC peers and is non-disruptive to the operations of the device or to the vPC traffic. The vPC peer-gateway feature can be configured globally under the vPC domain submode. When enabling this feature it is also required to disable IP redirects on all interface VLANs mapped over a vPC VLAN to avoid generation of IP redirect messages fo
r packets switched through the peer gateway router. When the feature is enabled in the vPC domain, the user is notified of such a requirement through an appropriate message. Packets arriving at the peer-gateway vPC device will have their TTL decremented, so packets carrying TTL = 1 may be dropped in transit due to TTL expire. This needs to be taken into account when the peer-gateway feature is enabled and particular network protocols sourcing packets with TTL = 1 operate on a vPC VLAN.

 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_2/nx-os/interfaces/configuration/guide/if_nxos/if_vPC.html

 

 

QUESTION 33

Which two types of traffic are carried over a vPC peer link when no failure scenarios are present? (Choose two.)

 

A.

multicast data traffic

B.

unicast data traffic

C.

broadcast data traffic

D.

vPC keep-alive messages

 

Correct Answer: AC

Explanation:

The vPC peer link is the link used to synchronize states between the vPC peer devices. The vPC peer link carries control traffic between two vPC switches and also multicast, broadcast data traffic. In some link failure scenarios, it also carries unicast traffic. You should have at least two 10 Gigabit Ethernet interfaces for peer links.

 

Reference: http://www.cisco.com/c/en/us/products/collateral/switches/nexus-5000-series-switches/configuration_guide_c07-543563.html

 

 

QUESTION 34

A Cisco Nexus 2000 Series Fabric Extender is connected to two Cisco Nexus 5000 Series switches via a vPC link. After both Cisco Nexus 5000 Series switches lose power, only one switch is able to power back up. At this time, the Cisco Nexus 2000 Series Fabric Extender is not active and the vPC ports are unavailable to the network. Which action will get the Cisco Nexus 2000 Series Fabric Extender active when only one Cisco Nexus 5000 Series switch is up and active?

 

A.

Move the line from the failed Cisco Nexus 5000 Series switch to the switch that is powered on, so the port channel forms automatically on the switch that is powered on.

B.

Shut down the peer link on the Cisco Nexus 5000 Series switch that is powered on.

C.

Configure reload restore or auto-recovery reload-delay on the Cisco Nexus 5000 Series switch that is powered on.

D.

Power off and on the Cisco Nexus 2000 Series Fabric Extender so that it can detect only one Cisco Nexus 5000 Series switch at power up.

 

Correct Answer: C

Explanation:

The vPC consistency check message is sent by the vPC peer link. The vPC consistency check cannot be performed when the peer link is lost. When the vPC peer link is lost, the operational secondary switch suspends all of its vPC member ports while the vPC member ports remain on the operational primary switch. If the vPC member ports on the primary switch flaps afterwards (for example, when the switch or server that connects to the vPC primary switch is reloaded), the ports remain down due to the vPC consistency check and you cannot add or bring up more vPCs.

 

Beginning with Cisco NX-OS Release 5.0(2)N2(1), the auto-recovery feature brings up the vPC links when one peer is down. This feature performs two operations:

 

clip_image006

clip_image002[3]If both switches reload, and only one switch boots up, auto-recovery allows that switch to assume the role of the primary switch. The vPC links come up after a configurable period of time if the vPC peer-link and the peer-keepalive fail to become operational within that time. If the peer-link comes up but the peer-keepalive does not come up, both peer switches keep the vPC links down. This feature is similar to the reload restore feature in Cisco NX- OS Release 5.0(2)N1(1) and earlier releases. The reload delay period can range from 240

clip_image002[4]When you disable vPCs on a secondary vPC switch because of a peer-link failure and then the primary vPC switch fails, the secondary switch reenables the vPCs. In this scenario, the vPC waits for three consecutive keepalive failures before recovering the vPC links.

 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/operations/n5k_v pc_ops.html

 

 

QUESTION 35

What is the grace period in a graceful restart situation?

 

A.

how long the supervisor waits for NSF replies

B.

how often graceful restart messages are sent after a switchover

C.

how long NSF-aware neighbors should wait after a graceful restart has started before tearing down adjacencies

D.

how long the NSF-capable switches should wait after detecting that a graceful restart has started, before verifying that adjacencies are still valid

 

Correct Answer: C

Explanation:

Graceful restart (GR) refers to the capability of the control plane to delay advertising the absence of a peer (going through control-plane switchover) for a “grace period,” and thus help minimize disruption during that time (assuming the standby control plane comes up). GR is based on extensions per routing protocol, which are interoperable across vendors. The downside of the grace period is huge when the peer completely fails and never comes up, because that slows down the overall network convergence, which brings us to the final concept: nonstop routing (NSR).

NSR is an internal (vendor-specific) mechanism to extend the awareness of routing to the standby routing plane so that in case of failover, the newly active routing plane can take charge of the already established sessions.

 

Reference: http://www.ciscopress.com/articles/article.asp?p=1395746&seqNum=2

 

 

QUESTION 36

Refer to the exhibit. Which three statements about the Cisco Nexus 7000 switch are true? (Choose three.)

 

clip_image008

 

A.

An emulated switch ID must be unique when the vPC+ feature is used.

B.

Switches with FabricPath and vPC+ consume two switch IDs.

C.

Emulated switch IDs must be numbered from 1 to 99.

D.

Each switch ID must be unique in the FabricPath topology.

E.

Switch IDs must be configured manually.

 

Correct Answer: BDE

Explanation:

To understand this feature, please refer to the link given below.

 

Reference: http://www.cisco.com/c/en/us/products/collateral/switches/nexus-5000-series-switches/guide_c07-690079.html#wp9000065

 

QUESTION 37

Which statement about electronic programmable logic device image upgrades is true?

 

A.

EPLD and ISSU image upgrades are nondisruptive.

B.

An EPLD upgrade must be performed during an ISSU system or kickstart upgrade.

C.

Whether the module being upgraded is online or offline, only the EPLD images that have different current and new versions are upgraded.

D.

You can execute an upgrade or downgrade only from the active supervisor module.

 

Correct Answer: D

Explanation:

You can upgrade (or downgrade) EPLDs using CLI commands on the Nexus 7000 Series device. Follow these guidelines when you upgrade or downgrade EPLDs:

 

clip_image006[1]

You can execute an upgrade from the active supervisor module only. All the modules, including the active supervisor module, can be updated individually.

You can individually update each module whether it is online or offline as follows:

 

If you upgrade EPLD images on a
n online module, only the EPLD images with version numbers that differ from the new EPLD images are upgraded.

If you upgrade EPLD images on an offline module, all of the EPLD images are upgraded.

On a system that has two supervisor modules, upgrade the EPLDs for the standby supervisor and then switch the active supervisor to standby mode to upgrade its EPLDs. On a system that has only one supervisor module, you can upgrade the active supervisor, but this will disrupt its operations during the upgrade.

If you interrupt an upgrade, you must upgrade the module that is being upgraded again.

The upgrade process disrupts traffic on the targeted module.

Do not insert or remove any modules while an EPLD upgrade is in progress.

 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_0/epld/release/notes/epld_ rn.html

 

 

QUESTION 38

Which statement about Cisco FabricPath is true?

 

A.

It is the best solution for interconnecting multiple data centers.

B.

It optimizes STP throughout the Layer 2 network.

C.

It is a simplified extension of Layer 3 networks across a single data center.

D.

The Cisco FabricPath domain appears as a single STP bridge, where each edge port uses the same MAC address.

 

Correct Answer: D

Explanation:

To have a loop-free topology for the CE/FabricPath hybrid network, the FabricPath network automatically displays as a single bridge to all connected CE devices. The STP domains do not cross into the FabricPath network. If multiple STP domains are defined, BPDUs and topology change notifications (TCNs) are localized to the domain. If a connected STP domain is multihomed to the FabricPath domain, a TCN must be able to reach to all devices in the STP domain through the FabricPath domain. As a result, the TCN is sent to the FabricPath domain through the IS-IS protocol data unit (PDU) by default.

 

Reference: http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/mkt_ops_guides/513_n1_1/n5k_ops_fabricpath.html

 

 

QUESTION 39

Refer to the exhibit. Which statement based on these two outputs that were collected 24 hours apart is true?

 

clip_image010

 

A.

The Site 2 OTV edge device has gone down.

B.

The MAC address cannot be discovered on two separate port channel interfaces.

C.

The MAC address that ends in 020a moved to the local site 23 hours ago.

D.

The Overlay1 IP address should be a multicast IP address.

 

Correct Answer: C

 

 

QUESTION 40

What mode is required on a Cisco Nexus 7000 32-port 10-GB module port group to allow equal access to the 10-GB port controller?

 

A.

dedicated

B.

assigned

C.

shared

D.

community

 

Correct Answer: C

Explanation:

You can share 10 Gb of bandwidth among a group of ports (four ports) on a 32-port 10- Gigabit Ethernet module. To share the bandwidth, you must bring the dedicated port administratively down, specify the ports that are to share the bandwidth, change the rate mode to shared, and then bring the ports administratively up.

 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/interfaces/configuration/guide/if_cli/if_basic.html#70242

 

Free VCE & PDF File for Cisco 642-997 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …

Comments are closed.