Networking Interview Question With Answer

What is the difference between osi and tcp/ip model?

OSI(open system interconnection) Tcp/ip(transmission control protocol / internet protocol)
1. Osi is a generic, protocol independent standard, acting as a communication gateway between
the network and end user.
2. Tcp/ip model is based on standard protocols around which the internet has developed. It is a
communication protocol, which allows connection of hosts over a network.
3. In osi model the transport layer guarantees the delivery of packets.
4. In tcp/ip model the transport layer does not guarantees delivery of packets. Still the tcp/ip
model is more reliable.
5. Follows vertical approach. 3. Follows horizontal approach.
6. Osi model has a separate presentation layer and session layer.
7. Tcp/ip does not have a separate presentation layer or session layer.
8. Osi is a reference model around which the networks are built. Generally it is used as a
9. Tcp/ip model is, in a way implementation of the osi
guidance tool. model.
10. Network layer of osi model provides both connection oriented and connectionless service.
11. The network layer in tcp/ip model provides connectionless service.
12. Osi model has a problem of fitting the protocols into the model.
13. Tcp/ip model does not fit any protocol
14. Protocols are hidden in osi model and are easily replaced as the technology changes.
15. In tcp/ip replacing protocol is not easy.
16. Osi model defines services, interfaces and protocols very clearly and makes clear distinction
between them. It is protocol independent.
17. In tcp/ip, services, interfaces and protocols are not clearly separated. It is also protocol
dependent.
18. It has 7 layers 10. It has 4 layers .

What is the size of ip address?

The number of unassigned internet addresses is running out, so a new classless scheme called
cidr is gradually replacing the system based on classes a, b, and c and is tied to adoption of ipv6.
In ipv6 the ip address size is increased from 32 bitsto 128 bits.
22. What is the range of class c address?
C, 192 – 223
What is poe (power over ethernet)?
Power over ethernet (poe) is a technology for wired ethernet lans (local area networks) that
allows the electrical current necessary for the operation of each device to be carried by the data
cables rather than by power cords. Doing so minimizes the number of wires that must be strung
in order to install the network.

What are the advantages of distributed processing?

Distributed data processing is a computer-networking method in which multiple computers
across different locations share computer-processing capability. This is in contrast to a single,
centralized server managing and providing processing capability to all connected systems.
Computers that comprise the distributed data-processing network are located at different
locations but interconnected by means of wireless or satellite links.
Advantage: lower cost, reliable, improved performance and reduced processing time, flexible.

25. When were osi model developed and why its standard called 802.xx and so on?
Osi model was developed in february1980 that why these also known as 802.xx standard (notice
80 means ==> 1980, 2means ==> february)

What is full form of ad?

Administrative distance

What is a peer-peer process?

In its simplest form, a peer-to-peer (p2p) network is created when two or more pcs are connected
and share resources without going through a separate server computer. A p2p network can be an
ad hoc connection—a couple of computers connected via a universal serial bus to transfer files.

What is the difference between broadcast domain and collision domain?

Collision domain :A collision domain is, as the name implies, a part of a network where packet
collisions can occur. Collision occurs when two devices send a packet at the same time on the
shared network segment. The packets collide and both devices must send the packets again,
which reduces network efficiency. Collisions are often in a hub environment, because each port
on a hub is in the same collision domain. By contrast, each port on a bridge, a switch or a router
is in a separate collision domain.
Tip – remember, each port on a hub is in the same collision domain. Each port on a bridge, a
switch or router is in a separate collision domain.
Broadcast domain:A broadcast domain is a domain in which a broadcast is forwarded. A
broadcast domain contains all devices that can reach each other at the data link layer (osi layer
2) by using broadcast. All ports on a hub or a switch are by default in the same broadcast
domain. All ports on a router are in the different broadcast domains and routers don’t forward
broadcasts from one broadcast domain to another.

What is ping? Why you use ping?

Short for packet internet groper, ping is a utility used to verify whether or not a network data
packet is capable of being distributed to an address without errors. The ping utility is commonly
used to check for network errors.
Ping is a basic internet program that allows a user to verify that a particular ip address exists and
can accept requests.
Ping is used diagnostically to ensure that a host computer the user is trying to reach is actually
operating. Ping works by sending an internet control message protocol (icmp) echo request to a
specified interface on the network and waiting for a reply. Ping can be used for troubleshooting to test
connectivity and determine response time.

Define network?
A network is a collection of computers, servers, mainframes, network devices, peripherals, or
other devices connected to one another allowing for data to be shared and used. A great example
of a network is the internet, connecting millions of people all over the world together.
 What is a link?
The link is the physical and logical network component used to interconnect hosts or nodes in the
network and a link protocol is a suite of methods and standards that operate only between
adjacent network nodes of a local area network segment or a wide area network connection.

What is a node?
A node is a basic unit used in computer science. Nodes are devices or data points on a larger
network. Devices such as a personal computer, cell phone, or printer are nodes. When defining
nodes on the internet, a node is anything that has an ip address.

What is a gateway?
A gateway is a network point that acts as an entrance to another network. On the internet, a node
or stopping point can be either a gateway node or a host (end-point) node. Both the computers of
internet users and the computers that serve pages to users are host nodes.

What is point-point link?

In computer networking, point-to-point protocol (ppp) is a data link (layer 2) protocol used to
establish a direct connection between two nodes. It can provide connection authentication,
transmission encryption (using ecp, rfc 1968), and compression.

What is multiple access?

Multiple access is a radio transmission scheme that allows several earth stations to transmit in
the same time span. This provides the way to network these stations together, either in a star or a
mesh network.

What’s the benefit of sub netting?

Ability to secure your resources by placing them into separate sub networks.
Ability to organize your resources within a network.
Speedup your network.

What is bgp (border gateway protocol)?

Border gateway protocol (bgp) is a standardized exterior gateway protocol designed to exchange
routing and reach ability information among autonomous systems (as) on the internet. The
protocol is often classified as a path vector protocol but is sometimes also classed as a distance-
vector routing protocol.

What is gateway-to-gateway protocol?

The gateway-to-gateway protocol (ggp) is an obsolete protocol defined for routing data grams
between internet gateways. The gateway-to-gateway protocol was designed as an internet
protocol (ip) data gram service similar to the transmission control protocol (tcp) and the user data
gram protocol (udp).

What is a multi-homed host?

A multihomed host is physically connected to multiple data links that can be on the same or
different networks. For example, a computer with a windows nt 4.0 server and multiple ip
addresses can be referred to as "multi homed" and may serve as an ip router.

What is ospf?
Open shortest path first (ospf) is a routing protocol for internet protocol (ip) networks. It uses a
link state routing (lsr) algorithm and falls into the group of interior routing protocols, operating
within a single autonomous system (as). It is defined as ospf version 2 in rfc 2328 (1998) for
ipv4.

What is routing?
Routing is the process of selecting best paths in a network. [a] routing is performed for many
kinds of networks, including the public switched telephone network (circuit switching),
electronic data networks (such as the internet), and transportation networks.

What is a protocol?
The tcp/ip internet protocols, a common example, consist of: transmission control protocol (tcp),
which uses a set of rules to exchange messages with other internet points at the information
packet level. Internet protocol (ip), which uses a set of rules to send and receive messages at the
internet address level.

Explain difference between router, switch and hub?

Router: A device that forwards data packets along networks. A router is connected to at least
two networks, commonly two lans or wans or a lan and its isp.s network. Routers are located at
gateways, the places where two or more networks connect. Routers use headers and forwarding
tables to determine the best path for forwarding the packets, and they use protocols such as icmp
to communicate with each other and configure the best route between any two hosts.

Switch: In networks, a device that filters and forwards packets between lan segments. Switches
operate at the data link layer (layer 2) and sometimes the network layer (layer 3) of the osi
reference model and therefore support any packet protocol. LAN's that use switches to join
segments are called switched LAN's or, in the case of ethernet networks, switched ethernet
LAN's.

Hub: A common connection point for devices in a network. Hubs are commonly used to
connect segments of alan. A hub contains multiple ports. When a packet arrives at one port, it is
copied to the other ports so that all segments of the lan can see all packets.

What is checksum?
A checksum is a count of the number of bits in a transmission unit that is included with the unit
so that the receiver can check to see whether the same number of bits arrived. If the counts
match, it's assumed that the complete transmission was received. Both tcpand udp
communication layers provide a checksum count and verification as one of their services.

What is redundancy?
Redundancy is a system design in which a component is duplicated so if it fails there will be a
backup. Redundancy has a negative connotation when the duplication is unnecessary or is simply
the result of poor planning.

What are the criteria necessary for an effective and efficient network?
Criteria necessary for an effective and efficient network. It can be measured in many ways,
including transmit time and response time. It is measured by frequency of failure, the time it
takes a link to recover from a failure, and the network’s robustness.

What is the key advantage of using switches?

Advantages : 1)Reduces the number of broadcast domains 2) supports vlan's which can help in
logical segmentation of ports[physical ports].splitting up the broadcast domain. 3) intellegent
device[compared to hub's] which can make use of cam table for port to mac mapping 4)
compared to bridges ,switches are more h/w oriented therefore operations are less cpu
intense[basic operations 5) the cost to number of ports ratio is best for a cheaper cost you get
switches with more number of ports available than routers.

Disadvantages : 1) not as good as a router in limiting broadcasts 2) communication b/w vlan's

need intervlan routing [router] ,but these days there are a number of multi layer switches
available in the market. 3) handling multicast packets needs quite a bit of configuration &
proper designing. 4) at times switches when in promiscuous mode is a opening for security
attacks [spoofing ip address or capturing ethernet frames using ethereal.

When does network congestion occur?

Congestion, in the context of networks, refers to a network state where a node or link carries so
much data that it may deteriorate network service quality, resulting in queuing delay, frame or
data packet loss and the blocking of new connections. In a congested network, response time
slows with reduced network throughput. Congestion occurs when bandwidth is insufficient and
network data traffic exceeds capacity.

Does a bridge divide a network into smaller segments?

Not really. What a bridge actually does is to take the large network and filter it, without changing
the size of the network.

What is the defference between cross cable and straight cable.

Now days, LAN card has intelligence, so that both cables can work.
They have a feature on lots of switches and hubs etc called "auto-mdix" or "auto mdi/mdix", that
is the new thing where it doesn’t matter what kind of cable you use, it will just auto detect the
proper connection type no matter which cable you use.
The cable can be categorized as cat 5, cat 5e, and cat 6 utp cable. Cat 5 utp cable can support
10/100 mbps ethernet network, whereas cat 5e and cat 6 utp cable can support ethernet network
running at 10/100/1000 mbps. You might hear about cat 3 utp cable, it's not popular anymore
since it can onl
Straight and crossover cable can be cat3, cat 5, cat 5e or cat 6 utp cable, the only difference is
each type will have different wire arrangement in purposes.
Ethernet network cables are straight and crossover cable. This ethernet network cable is made of
4 pair high performance cable that consists of twisted pair conductors that used for data
transmission. Both end of cable is called rj45 connector.
There are two types of network cables commonly used in pc networks - straight-through and
cross-over.
Straight cable
Usually use straight cable to connect different type of devices. This type of cable will be used
most of the time and can be
1) connect a computer to a switch/hub's normal port.
2) connect a computer to a cable/dsl modem's lan port.
3) connect a router's wan port to a cable/dsl modem's lan port.
4) connect a router's lan port to a switch/hub's uplink port. (normally used for expanding
network)
5) connect two switches/hubs with one of the switch/hub using an uplink port and the other one
using normal port.
If you need to check how straight cable looks like, it's easy. Both sides (side a and side b) of
cable have wire arrangement.
Crossover cable
Sometimes you will use crossover cable, it's usually used to connect same type of devices. A
crossover cable can be used to:
1) connect two computers directly.
2) connect a router's lan port to a switch/hub's normal port. (normally used for expanding
network)
3) connect two switches/hubs by using normal port in both switches/hubs.
In you need to check how crossover cable looks like, both side (side a and side b) of cable have
wire arrangement with follow
This cable (either straight cable or cross cable) has total 8 wires (or we can say lines), i.e. Four
twisted pairs (4x2=8) with different color codes. Right now just forget codes. It doesn’t matter
what color is given to the cable (but there is a standard).
Purpose of this cross cable is rx (receiving terminal) connects to tx (transmitting) of one pc to
another pc and vice versa.
As we use two pcs (same devices), straight cable will connect tx to tx and rx to rx of two
computers, so cross cable is requi because it has internal arrangement like cross cable. So note
that use cross cable to connect two similar devices.
A straight cable will not work to connect two computers together.
Crossover used to connect to pcs directly together, also used for connecting networking devices
together like switch to switch etc.
Straight cables connect two different types of devices. Whereas crossover cables connect two of
the same type.

What is the difference between tracert and traceroute.

Traceroute: 1) you can find this utility in linux/unix based operating systems. 2) it relies over
udp probe packet with destination port: 33434. 3) it uses random source port.

Tracert : 1)you can find this utility in windows based operating systems as well as servers. 2) it
rely over icmp type 8(echo packet) & type 0(echo request).
What is round trip time?
In telecommunications, the round-trip delay time (rtd) or round-trip time (rtt) is the length of
time it takes for a signal to be sent plus the length of time it takes for an acknowledgment of that
signal to be received. This time delay therefore consists of the propagation times between the
two points of a signal.
Define the terms unicasting, multicasting and broadcasting and any casting?
Unicast: A term used in communication to describe a piece of information to send from one
point to another. There are only sender and receiver. All lans support unicast transfer mode and
most applications that employ tcp transport protocol uses unicast messaging.

Broadcast: a term used for describing communication that is sent a piece of information from
one point to all other points. There is one sender and multiple receivers. All lans support
broadcast transmission.

Multicast: a term described in communicating a piece of information sent from one or more
points to a set of other points. The senders and receivers are one or more.
Anycast is a network addressing and routing methodology in which datagrams from a single
sender are routed to the topologically nearest node in a group of potential receivers, though it
may be sent to several nodes, all identified by the same destination address.

How many pins do serial ports of routers have?

As a 9-pin d connector accessible from the exterior of the case,

What are the differences between static ip addressing and dynamic ip addressing?
Difference between static and dynamic ips. When a device is assigned a static ip address, it does
not change. The device always has the same ip address. Most devices use dynamic ip addresses,
which are assigned by the network when they connect.

Difference between csma/cd and csma/ca?

Carrier sense multiple access or csma is a media access control (mac) protocol that is used to
control the flow of data in a transmission media so that packets do not get lost and data integrity
is maintained.
There are two modifications to csma, the csma cd (collision detection) and csma ca (collision
avoidance),each having its own strengths.
Csma operates by sensing the state of the medium in order to prevent or recover from a collision.
A
collision happens when two transmitters transmit at the same time. The data gets scrambled, and
the
receivers would not be able to discern one from the other thereby causing the information to get
lost.
The lost information needs to be resent so that the receiver will get it.
Csma cd operates by detecting the occurrence of a collision. Once a collision is detected, csma
cd
immediately terminates the transmission so that the transmitter does not have to waste a lot of
time in
continuing. The last information can be retransmitted. In comparison, csma ca does not deal with
the
recovery after a collision. What it does is to check whether the medium is in use. If it is busy,
then the
transmitter waits until it is idle before it starts transmitting. This effectively minimizes the
possibility of collisions and makes more efficient use of the medium.
Another difference between csma cd and csma ca is where they are typically used. Csma cd is
used
mostly in wired installations because it is possible to detect whether a collision has occurred.
With
wireless installations, it is not possible for the transmitter to detect whether a collision has
occurred or
not. That is why wireless installations often use csma ca instead of csma cd.
1.Csma cd takes effect after a collision while csma ca takes effect before a collision.
2.Csma ca reduces the possibility of a collision while csma cd only minimizes the recovery time.
3.Csma cd is typically used in wired networks while csma ca is used in wireless networks.
4.Csma cd is used in wired lans and csma ca used in wireless lans and other types of wireless
networks.
5. Csma cd is standardized in ieee 802.3 and csma ca is standardized in ieee 802.11.
6. Csma cd will not take steps to prevent transmission collision until it is taken place whilst csma
ca will take actions not to take place any collision since the latter has no means of knowing
whether a collision has taken place.

What is dhcp scope?

A dynamic host configuration protocol (dhcp) scope is the consecutive range of possible ip
addresses that the dhcp server can lease to clients on a subnet.scopes typically define a single
physical subnet on your network to which dhcp services are offered.

What are the different memories used in a cisco router?

Rom, ram, nvram, flah memory

What are the different types of passwords used in securing a cisco router?
The five main passwords of the cisco ios are: Console, aux , vty, enable password, enable
secret

What is the use of “service password encryption”?

The enable-secret option encrypts your password when you configure the router. When someone
looks at your running config, it will not display your "enable" password. However, if you do not
use the service password option, when someone views your running config, it will display all
passwords except the
"enable secret". It will show what your password is for your console line, and vty (telnet). When
you do use the service password-encryption, when someone views your running config, those
passwords will not be displayed.

What is the range of class a address?

Class a- 0-127
What is the range of class b address?
Class b- 128-191
Differentiate logical topology from physical topology?
A logical topology is how devices appear connected to the user. A physical topology is how they
are actually interconnected with wires and cables. For example, in a shared ethernet network that
uses hubs rather than switches, the logical topology appears as if every node is connected to a
common bus that runs from node to node. However, its physical topology is a star, in which
every node on the network connects to a central hub

What is as (autonomous system)?

An autonomous system (as) is a network or a collection of networks that are all managed and
supervised by a single entity or organization. An as is a heterogeneous network typically
governed by a large enterprise. An as has many different subnetworks with combined routing
logic and common routing policies. Each subnetwork is assigned a globally unique 16 digit
identification number (known as the as number or asn) by the internet assigned numbers
authority (iana).

What is the difference between private ip and public ip?

A public (or external) IP address is the one that your ISP (Internet Service Provider) provides to
identify your home network to the outside world. It is an IP address that is unique throughout the
entire Internet.
Just as your network's public IP address is issued by your ISP, your router issues private (or
internal) IP addresses to each network device inside your network. This provides unique
identification for devices that are within your home network, such as your computer, your
Slingbox, and so on.

Explain different cable types?

Coaxial cables: Invented back in the 1880s, "coax" was best known as the kind of cable that
connected television sets to home antennas. Coaxial cable is also a standard for 10 mbps ethernet
cables. When 10 mbps ethernet was most popular, during the 1980s and early 1990s, networks
typically utilized one of two kinds of coax cable - thinnet (10base2 standard) or thicknet
(10base5). These cables consist of an inner copper wire of varying thickness surrounded by
insulation and other shielding. Their stiffness caused network administrators difficulty in
installing and maintaining thinnet and thicknet.
Twisted pair cables: Twisted pair eventually emerged during the 1990s as the leading cabling
standard for ethernet, starting with 10 mbps (10base-t, also known as category 3 or cat3), later
followed by improved versions for 100 mbps (100base-tx, cat5 and cat5e) and successively
higher speeds up to 10 gbps (10gbase-t).
Fiber optics:Instead of insulated metal wires transmitting electrical signals, fiber optic network
cables work using strands of glass and pulses of light. These network cables are bendable despite
being made of glass. They have proven especially useful in wide area network (wans)
installations where long distance underground or outdoor cable runs are required and also in
office buildings where a high volume of communication traffic is common.
Two primary types of fiber optic cable industry standards are defined – single-mode (100basebx
standard) and multimode (100basesx standard). Long-distance telecommunications networks
more
commonly use single-mode for its relatively higher bandwidth capacity, while local networks
typically use multimode instead due to its lower cost.

How does rip differ from eigrp?

Rip stands for routing information protocol and eigrp stands for interior gateway routing
protocol.

The major difference between both is that eigrp is cisco propriety that is it can be implemented
only on cisco routers.while this is not the case with rip versions (rip,rip2) they are open
standards.

Some internal differences between them are:

1.AD value :that is administrative distance which determines the trust worthiness of the routing
protocol.static routing has the highest that is 1. For rip it is 120 for eigrp it is 90 internal / 170
external.
2.RIP uses bellmen ford algorithm to calculate the path while eigrp use dual method to calculate
the routes paths.
3.Maximum hop count for rip is 15 that is after 15 counts the packet is dropped while that of
eigrp is 100 by default and upto 255 by configuration.
4.There is difference between their refresh timers.
5.There is difference between the ip address which they use to send periodic updates over the
network.
6.EIGRP uses an autonomous number to determine which domain it belongs to which is not the
case with rip protocols.
7.RIP is mostly used for smaller networks which eigrp is used for larger networks.
8.RIP is a distance vector routing protocol while eigrp is an link state routing protocol.
9. RIP is classful protocol where as eigrp is classless protocol .
10.In rip full routing table exchanged, but in eigrp missing routes are exchanged .
11. For rip protocol, hello timers every 30 seconds but in eigrp hello timer every 5 seconds .
12. Rip sends full update whenever network change occurs whereas eigrp sends triggered
updates.

Differentiate user mode from privileged mode

User mode (user exec mode)
User mode is the first mode a user has access to after logging into the router. The user mode can
be identified by the > prompt following the router name. This mode allows the user to execute
only the
basic commands, such as those that show the system's status. The router cannot be configured or
restarted from this mode.
Privileged mode (privileged exec mode)
Privileged mode mode allows users to view the system configuration, restart the system, and
enter router configuration mode. Privileged mode also allows all the commands that are available
in user mode. Privileged mode can be identified by the # prompt following the router name.
From the user mode, a user can change to privileged mode, by running the "enable" command.
Also we can keep a enable password or enable secret to restrict access to privileged mode. An
enable secret password uses stronger encryption when it is stored in the configuration file and it
is safer.

What is 100basefx?
100base-fx is a version of fast ethernet over optical fiber. It uses a 1300 nm near-infrared (nir)
light wavelength transmitted via two strands of optical fiber, one for receive (rx) and the other
for transmit (tx).
Differentiate Simplex, full-duplex and half-duplex?
Simplex: simplex is one direction. A good example would be your keyboard to your cpu. The
cpu never needs to send characters to the keyboard but the keyboard always send characters to
the cpu. In many cases, computers almost always send characters to printers, but printers
usually never send characters to computers (there are exceptions, some printers do talk
back). Simplex requires only one lane (in the case of serial).
Half-duplex: half-duplex data transmission means that data can be transmitted in both
directions on a signal carrier, but not at the same time. For example, on a local area network
using a technology that has half-duplex transmission, one workstation can send data on the line
and then immediately receive data on the line from the same direction in which data was just
transmitted.
Full-duplex: full-duplex data transmission means that data can be transmitted in both directions
on a signal carrier at the same time. For example, on a local area network with a technology
that has full-duplex transmission, one workstation can be sending data on the line while another
workstation is receiving data. A full-duplex link can only connect two devices, so many such
links are required if multiple devices are to be connected together.

What does the show protocol display?

The show protocols command shows the global and interface-specific status of any configured
level 3 protocol.
List the layers of OSI?
The layers are stacked this way:
7. Application. 6.Presentation. 5. Session. 4. Transport. 3.Network. 2.Data link. 1. Physical.

What are the responsibilities of data link layer?

The data link layer is also responsible for logical link control, media access control, hardware
addressing, error detection and handling and defining physical layerstandards. It provides
reliable data transfer by transmitting packets with the necessary synchronization, error control
and flow control.
What are the responsibilities of network layer?
The network layer is responsible for packet forwarding including routing through intermediate
routers, since it knows the address of neighboring network nodes, and it also manages quality of
service (qos), and recognizes and forwards local host domain messages to the transport layer
(layer 4).

What are the responsibilities of transport layer?

Major duties of transport layer are:
1. Creating an end-to-end connection between hosts in different network,
2. Error recovery,
3. Flow control,
4. Ensuring complete data transfer in tcp.
5. Congestion avoidance Major transport layer protocols.
6. Tcp ( transmission control protocol).
7. Udp (user datagram protocol).
8. Dccp (datagram congestion control protocol).
9. Sctp (stream control transmission protocol).

Routers work at which osi layer?

Routers operate on the third layer of the osi model, the network-control layer. Rather than
passing packets based on the media access control (mac) layeraddresses (as bridges do), a router
examines the packet's data structure and determines whether or not to forward it.

Switches work at which osi layer?

A switch works at layer 2 of the osi model (data-link). It is a lan device that can also be called a
multiport bridge. A switch switches ethernet frames between ethernet devices. Switches do not
care about ip addresses nor do they even examine ip addresses as the frames flow through the
switch.

What is a window in networking terms?

A window refers to the number of segments that is allowed to be sent from source to destination
before an acknowledgement is sent back.

What is the role of the llc sublayer in datalink layer?

The logical link control (llc) data communication protocol layer is the upper sub-layer of the data
link layer (which is itself layer 2, just above the physical layer) in the seven-layer osi reference
model. It provides multiplexing mechanisms that make it possible for several network protocols
(ip, ipx) to coexist within a multipoint network and to be transported over the same network
media, and can also provide flow control mechanisms. The llc sub-layer acts as an interface
between the media access control (mac) sublayer and the network layer. As the ethertype in an
ethernet ii framing formatted frame is used to multiplex different protocols on top of the ethernet
mac header it can be seen as llc identifier. Operation the llc sublayer is primarily concerned with:
1.Multiplexing protocols transmitted over the mac layer (when transmitting) and decoding them
(when receiving).
2.Providing flow and error control:The protocol used for llc in ieee 802 networks, such as ieee
802.3/ethernet (if the ethertype field isn't used), ieee 802.5, and ieee 802.11, and in some non-
ieee 802 networks such as fddi, is specified by the ieee 802.2 standard. Some non-ieee 802
protocols can be thought of as being split into mac and llc layers. For example, while hdlc
specifies both mac functions (framing of packets) and llc functions (protocol multiplexing, flow
control, detection, and error control through a retransmission of dropped packets when
indicated), some protocols such as cisco hdlc can use hdlc-like packet framing and their own llc
protocol. Another example of a data link layer which is split between llc (for flow and error
control) and mac (for multiple access) is the itu-t g.hn standard, which provides high-speed local
area networking over existing home wiring (power lines, phone lines and coaxial cables). An llc
header tells the data link layer what to do with a packet once a frame is received. It works like
this: a host will receive a frame and look in the llc header to find out where the packet is destined
for - for example, the ip protocol at the network layer or ipx. The gprs llc layer also does
ciphering and deciphering of sn-pdu (sndcp) packets.

What is the function of the application layer in networking?

The application layer is a layer in the open systems interconnection (osi) seven-layer model and
in the tcp/ip protocol suite. It consists of protocols that focus on process-to-process
communication across an ip network and provides a firm communication interface and end-user
services.

What are the difference between tcp and udp?

TCPand UDP: Transmission control protocol User datagram protocol or universal datagram
protocol Connection Tcp is a connection-oriented protocol. Udp is a connection less
protocol.Function As a message makes its way across the internet from one computer to another.
This is connection based.Udp is also a protocol used in message transport or transfer. This is Tcp
Udp not connection based which means that one program can send a load of packets to another
and that would be the end of the relationship.Usage Tcp is suited for applications that require
high reliability, and transmission time is relatively less critical.Udp is suitable for applications
that need fast, efficient transmission, such as games. Udp's stateless nature is also useful for
servers that answer small queries from huge numbers of clients.
Use by other protocols Http, https, ftp, smtp, telnet Dns, dhcp, tftp, snmp, rip, voip.
Ordering of data packets
Tcp rearranges data packets in the order specified. Udp has no inherent order as all packets are
independent of each other. If ordering is required, it has to be managed by the application layer.

Udp is lightweight. There is no ordering of messages, no tracking connections, etc. It is a small

transport layer designed on top of ip.
Data flow control Tcp does flow control. Tcp requires three packets to set up a socket
connection, before any user data can be sent. Tcp handles reliability and congestion control.
Udp does not have an option for flow control.
Error checking Tcp does error checking and error recovery. Erroneous packets are retransmitted
from the source to the destination.
Udp does error checking but simply discards erroneous packets. Error recovery is not attempted.
Fields 1. Sequence number, 2. Ack number, 3. Data offset, 4. Reserved, 5. Control bit, 6.
Window, 7. Urgent pointer 8. Options, 9. Padding, 10. Check sum, 11. Source port, 12.
Destination port
1. Length, 2. Source port, 3. Destination port, 4. Check sum Acknowledgement
Acknowledgement segments No acknowledgment Handshake Syn, syn-ack, ack No handshake
(connectionless protocol).

What is the port no of dns and telnet?

20 ftp data (file transfer protocol) 21 ftp (file transfer protocol) 22 ssh (secure shell) 23 telnet
25 smtp (send mail transfer protocol) 53 dns (domain name service) 68 dhcp (dynamic host
control protocol) 80 http (hypertext transfer protocol) 110 pop3 (post office protocol, version
3) 115 sftp (secure file transfer protocol) 119 nntp (network new transfer protocol) 123 ntp
(network time protocol) 139 netbios 143 imap (internet message access protocol) 161 snmp
(simple network management protocol) 220 imap3 (internet message access protocol 3) 389
ldap (lightweight directory access protocol) 443 ssl (secure socket layer)

Which service use both tcp and udp?

Dns and some other services work on both the protocols. We will take an example of dns service.
Two protocols are somewhat different from each other. Tcp is a connection-oriented protocol
and it requires data to be consistent at the destination and udp is connection-less protocol and
doesn't require data to be consistent or don't need a connection to be established with host for
consistency of data. Udp packets are smaller in size. Udp packets can not be greater then 512
bytes. So any application needs data to be transferred greater than 512 bytes require tcp in place.
For example, dns uses both tcp and udp for valid reasons described below. Note that udp
messages are not larger than 512 bytes and are truncated when greater than this size. Dns uses
tcp for zone transfer and udp for name queries either regular (primary) or reverse. Udp can be
used to exchange small information whereas tcp must be used to exchange information larger
than 512 bytes. If a client doesn't get response from dns it must re-transmit the data using tcp
after 3-5 seconds of interval. There should be consistency in dns zone database. To make this,
dns always transfer zone data using tcp because tcp is reliable and make sure zone data is
consistent by transferring the full zone to other dns servers who has requested the data. The
problem occurs when windows 2000 server and advanced server products uses dynamic ports for
all above 1023. In this case your dns server should not be internet facing i.e.
Client machines on the network. The router (acl) must permitted all udp inbound traffic to access
any high udp ports for it to work. Ldap always uses tcp - this is true and why not udp because a
secure connection is established between client and server to send the data and this can be done
only using tcp not udp. Udp is only used when finding a domain controller (kerberos) for
authentication. For example, a domain client finding a domain controller using dns.

What is the port no of smtp and pop3?and In which layer term “frames” is used?
Data link layer.

In which layer term “packets” is used?

Network layer.

In which layer term “segments” is used?

Transport layer.

Give some example for protocols work at application layer?

Bgp,dhcp,dns ftp http imap ldap mgcp nntp ntp pop onc/rpc rtp rtsp rip sip smtp snmp ssh telnet
tls/ssl xmpp.

What is crc? Which layer crc works?

A cyclic redundancy check (crc) is an error-detecting code commonly used in digital networks
and storage devices to detect accidental changes to raw data. Blocks of data entering these
systems get a short check value attached, based on the remainder of a polynomial division of
their contents. On retrieval, the calculation is repeated and, in the event the check values do not
match, corrective action can be taken against data corruption.it work on data link layer.
What is the purpose of the data link?
It makes sure the appropriate physical protocol is assigned to the data. The data link layer is the
second layer in the osi model. The three main functions of the data link layer are to deal with
transmission errors, regulate the flow of data, and provide a well-defined interface to the network
layer.
Which one is reliable – tcp or udp?
Tcp.

Which layer provides logical addressing that routers will use for path determination?
Network layer.

Which layer specifies voltage, wire speed, and pinout cables and moves bits between
devices?
Physical layer.

Which layer combines bits into bytes and bytes into frames, uses mac addressing, and
provide error detection?
Data link layer.

Which layer is responsible for keeping the data from different applications separate on the
network?
The session layer creates sessions between different hosts’ applications.

Which layer segments and resembles data into a data stream?

Transport layer.

Which layer provides the physical transmission of the data and handless error notification,
network topology, and flow control?
Data link layer.

Which layer manages device addressing, tracks the location of devices on the network, and
determines the best way to move data?
Network layer.

How data breaks down on each layer from top to bottom?

Table 1: pdu names on the layers of the osi model.
Osi layer .........Pdu name
Application..... Data
Presentation .....Data
Session .............Data
Transport.......... Segment
Network............ Packet
Data link............ Frame
Physical ...............Bits

Mac address works on which layer? What are the differences of mac sublayer and llc
sublayer?
Data link layer.
Which layer is responsible for converting data packets from the data link layer into
electrical signals?
Physical layer.

At which layer is routing implemented, enabling connections and path selection between
two end systems. ?
Network layer.

Which layer defines how data is formatted, presented, encoded, and converted for use on
the network?
Presentation layer .

Which layer is responsible for creating, managing and terminating sessions between
applications?
The session layer sets up, maintains, and terminates sessions between applications.

Dns uses which protocol? Why?

Dns queries consist of a single udp request from the client followed by a single udp reply from
the server. The transmission control protocol (tcp) is used when the response data size exceeds
512 bytes, or for tasks such as zone transfers. Some resolver implementations use tcp for all
queries.

Which layer is closer to the user?

Application layer.

Differentiate between forward lookup and reverse lookup in dns?

Forward dns lookup is used to convert the human meaningful name (domain name) which is in
easy to understand format to computer meaningful name (ip address), however reverse dns
lookup works in reverse way to convert ip address to domain name.

What is ipsec?
Ipsec is an internet engineering task force (ietf) standard suite of protocols that provides data
authentication, integrity, and confidentiality as data is transferred between communication points
across ip networks. Ipsec provides data security at the ip packet level.

What is the way to establish a tcp connection?

The tcp three-way handshake intransmission control protocol (also called the tcp-handshake;
three message handshake and/or syn-syn-ack) is the method used by tcp set up a tcp/ip
connection over aninternet protocol based network. Tcp's three way handshaking technique is
often referred to as "synsyn-ack" (or more accurately syn, syn-ack, ack) because there are three
messages transmitted by tcp to negotiate and start a tcp session between twocomputers. The tcp
handshaking mechanism is designed so that two computers attempting to communicate can
negotiate the parameters of the network tcp socket connection before transmitting data such as
ssh and http web browser requests.
This 3-way handshake process is also designed so that both ends can initiate and negotiate
separate tcp socket connections at the same time. Being able to negotiate multiple tcp socket
connections in both directions at the same time allows a single physical network interface, such
as ethernet, to bemultiplexed to transfer multiple streams of tcp data simultaneously.
What is the difference between flow control and error control?
Flow control and error control are the control mechanism at data link layer and transport layer.
Whenever the sends the data to the receiver these two mechanisms helps in proper delivering of
the reliable data to the receiver. The main difference between the flow control and error control
is that the flow control observes the proper flow of the data from sender to receiver, on the other
hand, the error control observes that the data delivered to the receiver is error free and reliable.

What is route poisoning?

Route poisoning is a method that prevents a certain network from sending data packets to a path
destination that has already became invalid. This is done when a distance vector routing protocol
sees an invalid route or one with large routing loops. A route will be considered unreachable if it
exceeds the maximum allowed. So the routing protocol simply informs all the routers connected
in the network that a certain path is invalid by saying that it has a hop count that exceeds the
maximum allowable.

What is split horizon?

Split horizon is a technique incorporated by distance vector routing protocols for avoiding
routing loops by preventing the routing path to be sent/advertised back to the node from which
the advertising router has received it.

Utilizing rip, what is the limit when it comes to number of hops?

15.
Multicast address of rip v2?
224.0.0.9.
Administristative distance of rip?
120.
Can we use rip in a scenario having more than 15 routers?
No .

What is the difference between rip and ripng?

Rip (routing information protocol) comes in two different versions ripv1 and ripv2. It is widely
used in small and medium sized ipv4 networks due to ease of configuration, implementation and
maintenance.
To route ipv6 packets, the internet engineering task force (ietf) developed ripng based on rip.
Ripng has become a main routing protocol used on ipv6 networks.
Routing information protocol-ripv1: Ripv1 is a distance vector routing protocol. It uses local
broadcasts ip address 255.255.255.255 to share routing information. These updates are periodic
in nature, occurring by default and sent after every 30 seconds. To prevent packets from
circulating around in a loop forever, rip places a hop count limit on packets of 15 hops. Packets
that reach the sixteenth hop will be dropped. Ripv1 is a classful protocol. Classful routing
protocols don’t send information of subnet mask with their routing table updates. In other words,
if you have a subnetted network in your ripv1 routing domain, ripv1 will announce that network
to other as un-subnetted network. Rip supports up to six equal-cost paths to a single destination.
Equal-cost path are the paths where the metric is same (hop count).
Features of ripv1
Administrative distance: 120
Algorithm: bellman-ford
Protocol type: distance vector
Metric: it supports maximum metric (hop count) value of 15. Any router farther than 15 hops
away is considered as unreachable.
Routing updates: it sends routing updates after every 30 second at broadcast ip address
255.255.255.255.
Supports: it supports only classful network.
Timer:
Update time: 30 sec
Invalid time: 180 sec
Hold time: 180 sec
Flush time: 240 sec
Send/receive:
Send update: ripv1
Receive update: ripv1 & ripv2.

Routing information protocol-ripv2

Ripv2 is a hybrid routing protocol with routing enhancements built into it. It uses multicasts ip
address 224.0.0.9 instead of broadcasts for sending updates of routing information. Ripv2
supports triggered updates. When a change occurs in network, ripv2 router immediately
propagates its routing information to its connected neighbours. Ripv2 is a classless protocol and
it supports classful and variable-length subnet masking (vlsm). Ripv2 supports authentication of
ripv2 update messages (md5 or plain-text). Authentication helps in confirming that the updates
are coming from authorized sources.
Features of ripv2
Administrative distance: 120
Algorithm: bellman-ford
Protocol type: hybrid
Metric: ripv1 support maximum metric (hop count) value of 15. Any router farther than 15
hops away is considered as unreachable.
Routing updates: ripv2 never broadcasts, it sends routing updates after every 30 second at
multicasts ip address 224.0.0.9.
Supports: it supports classful, classless and vlsm network.
Timer:
Update time: 30 sec
Invalid time: 180 sec
Hold time: 180 sec
Flush time: 240 sec
Send/receive:
Send update: ripv2
Receive update: ripv2
Authentication: it supports authentication of ripv2 update messages (plain-text or md5).
Authentication helps in confirming that the updates are coming from authorized sources.
Routing information protocol-next generation (ripng)
Ripng is a distance vector protocol and works basically the same way as rip but has some
differences from rip to support ipv6 address format.
Ripng sends an update to its connected routers after every 30 seconds. It sends updates to the
ipv6 multicast group ff02::9 using port 521 by default.
Features of ripng
Administrative distance: 120
Algorithm: bellman-ford
Protocol type: distance vector
Metric: it supports maximum metric (hop count) value of 15. Any router farther than 15 hops
away is considered as unreachable.
Routing updates: ripng multicasts routing updates and uses reserved ipv6 multicast address
ff02::9 for multicasting.
Supports: it supports only classful network.
Timer:
Update time: 30 sec
Invalid time: 180 sec
Hold time: 180 sec
Flush time: 240 sec

What is the multicast address that rip v2 uses?

224.0.0.9

What are the four timers in rip?

Timers basic, all in seconds: update: how often to send updates in seconds invalid: how many
seconds, since seeing a valid update, to consider the route invalid, and placing the route into hold
down hold down: once in hold down, how long (in seconds) to “not believe” any equal or less
impressive (worse) route updates for routes that are in hold down flush: how many seconds,
since the last valid update, until we throw that route in the trash (garbage collection for un-loved
non-updated routes)
Update: 30 invalid: 180 hold down: 180 flush: 240

Explain load-balancing in rip?

The default variance is 1, which is equal-cost load balancing. With the maximum-paths
command, the router uses up to six paths to share traffic across; to limit this number, use the
maximum-paths command. The multiple paths that make up a single-hop transport to a common
destination are called a load-sharing group.

Explain split horizon?

Route poisoning is a method that prevents a certain network from sending data packets to a path
destination that has already became invalid. This is done when a distance vector routing protocol
sees an invalid route or one with large routing loops. A route will be considered unreachable if it
exceeds the maximum allowed. So the routing protocol simply informs all the routers connected
in the network that a certain path is invalid by saying that it has a hop count that exceeds the
maximum allowable.

What is route poisoning?

Route poisoning is a method that prevents a certain network from sending data packets to a path
destination that has already became invalid. This is done when a distance vector routing protocol
sees an invalid route or one with large routing loops.

How do you stop rip updates from propagating out an interface on a router?
Passive interfaces
What is the administrative distance of rip?
120
How do we configure rip? Specify the commands.
Router rip

If a rip v2 router advertises its route, would it be received by all the devices on the
network?
Rip v2 is multicast. So the route advertisement would be received only by devices which have
rip v2 enabled. If the advertisement was rip v1, then it would be received by all devices on the
network as rip v1 is broadcast.

Which transport layer protocol does rip use and the associated port number?
Udp – port 520
If a static route and a rip learnt route are available on a router which entry would be
chosen by the router to forward the packet?
Static route would be chosen since it has lower administrative distance than rip.

What is the major benefit of dynamic routing protocol like rip over static route?
In a static route, the route entries have to be manually configured on the router. Where as in a dynamic
routing protocol like rip, routes are learnt automatically.

Can subnet mask information be stored in a rip v1 packet?

Rip v1 is a class full routing protocol. It does not understand classless concepts like subnets. So
it is not possible.

Is a subnet mask field available in a rip v2 packet?

Rip v2 is classless routing protocol. A rip v2 packet has a field to include the subnet mask
information.

What is eigrp?
Enhanced interior gateway routing protocol (eigrp) is an advanced distance-vector routing
protocol that is used on a computer network for automating routing decisions and configuration.
The protocol was designed by cisco systems as a proprietary protocol, available only on cisco
routers.

What are the different tables in eigrp?

Neighbor table: the neighbor relationships are tracked in this table which are the basis for eigrp
routing and convergence activity. The address and the interface of a neighbor is discovered and
recorded in a new entry of the neighbor table, whenever a new neighbor is discovered. These
tables are used for reliable and sequenced delivery of packets.
Topology table: routers use topology table which route traffic in a network. All routing tables
inside the autonomous system are available in this table, where the router is positioned. Each
router uses routing protocol and maintains a topology table for each configured network
protocol. The routes leading to a destination are found in the topology table.
Route table: the routes of particular destinations are stored in the routing tables. The
information contains the network topology that is immediately around it. The primary goal of
routing protocols and routes is the construction of routing tables. Network id, cost of the packet
path and next hop are the details are available in the routing table.

Why eigrp is called hybrid protocol?

Eigrp can be referred to as a hybrid protocol. It combines most of the characteristics of
traditional distance vector protocols with some characteristics of link-state protocols.
Specifically, eigrp is "enhanced" by using four routing technologies: neighbor
discovery/recovery.

What are the different packets in eigrp?

- Hello packets: eigrp neighbor ship is discovered and maintained by hello packets. If the router
fails to receive a hello packet within the hold timer, the corresponding router will be declared
dead.
- Update packets: at the time of discovering new neighbor, update packets are sent, so that the
topology table can be built by the neighbor router. Update packets are unicast and always
transmitted reliably.
- query packets: when the destination goes into active state, the query packets are sent. Query
packets are multicast and replies are always sent in reply to the queries for indicating the
originator that it does not need to go into active state.
- reply packets: when the destination goes into active state, the reply packets are sent. Reply
packets are unicast to the originator of the query and transmission of reply packets are reliable.
- ack packets: ack packets use to know the transmission status. If a hello packet sent without
data is also recognized as acknowledgement. Unicast address with non-zero acknowledgement
number is always sent by acks.

Conditions for eigrp neighbors ?

Both routers must be in the same primary subnet.
both routers must be configured to use the same k-values.
both routers must in the same as .
both routers must have the same authentication configuration (within reason) the interfaces
facing each other must not be passive .

What is meant by active and passive states in eigrp?

A passive state indicates that a route is reachable, and that eigrp is fully Converged. A stable
eigrp network will have all routes in a passive state. A route is placed in an active state when the
successor and any feasible Successors fail, forcing the eigrp to send out query packets and
reconverge. Multiple routes in an active state indicate an unstable eigrp Network. If a feasible
successor exists, a route should never enter an active State.

Routes will become stuck-in-active (sia) when a router sends out a query Packet, but does not
receive a reply packet within three minutes. In other Words, a route will become sia if eigrp fails
to re-converge. The local Router will clear the neighbor adjacency with any router(s) that has
failed to Reply, and will place all routes from that neighbor(s) in an active state.

Does eigrp require an ip default-network command to propagate a default route?

Although eigrp can propagate a default route using the default network method, it is not required.
Eigrp redistributes default routes directly.

What are the different k-values used in eigrp?

1.Bandwidth (k1) 2. Load (k2) 3. Delay (k3) 4.Reliability (k4) 5.Mtu (k5).

What are the advantages of eigrp other routing protocol?

-Advanced distance vector
-Routes ip, ipx, decnet, appletalk
- Routing advertisements: partial when route changes occur
- Metrics: bandwidth, delay, reliability, load, mtu size
- Hop count: 255
- Variable length subnet masks
- Summarization on network class address or subnet boundary
- Load balancing across 6 equal or unequal cost paths (ios 11.0)
- Hello timer: 1 second on ethernet / 60 seconds on non-broadcast
- Holddown timer: 3 seconds on ethernet / 180 seconds on non-broadcast
- Metric calculation = destination path minimum bw * delay (msec) * 25
- Bidirectional forwarding detection (bfd) support
- Split horizon Lsa multicast address: 224.0.0.10

What is advertised distance?

Advertised distance or reported distance. The advertised distance (ad) is the distance from a
given neighbor to the destination router. Feasible distance. The feasible distance (fd) is the
distance from the current router to the destination .

What is successor?
A feasible successor is a path whose reported distance is less than the feasible distance, and it is
considered a backup route. Eigrp will keep up to six feasiblesuccessors in the topology table.
Only the one with the best metric (the successor) is placed in the routing table.

What is the multicast address used by eigrp to send hello packets?

224.0.0.10
What types of authentication is supported by eigrp?
Eigrp route authentication provides md5 authentication of routing updates from the eigrp routing
protocol. The md5 keyed digest in each eigrp packet prevents the introduction of unauthorized or
false routing messages from unapproved sources.

What is “stuck in active”?

When eigrp returns a stuck in active (sia) message, it means that it has not received a reply to a
query. Eigrp sends a query when a route is lost and another feasible route does not exist in the
topology table. The sia is caused by two sequential events: * the route reported by the sia has
gone away.

What is the use of “variance” command in eigrp?

Eigrp provides a mechanism to load balance over unequal cost paths throungh variance
command. Variance is a number (1 to 128), multiplied by the local best metric then includes the
routes with the lesser or equal metric. The default variance value is 1, which means equal-cost
load balancing.

What is feasible successor?

A feasible successor is a path whose reported distance is less than the feasibledistance, and it is
considered a backup route. Eigrp will keep up to six feasible successors in the topology table.
Only the one with the best metric (the successor) is placed in the routing table.

What is “graceful shutdown”?

This feature helps in faster convergence of networks. With graceful shutdown, a goodbye
message is broadcast when an eigrp routing process is shutdown, to inform adjacent peers about
the impending topology change.

How eigrp support unequal load balancing?

Eigrp supports up to six unequal-cost paths.
Router(config-router)#variance n

What happen when we enable passive interface in eigrp?

With eigrp running on a network, the passive-interface command stops both outgoing and
incoming routing updates, since the effect of the command causes the router to stop sending and
receiving hello packets over an interface.

Does eigrp support aggregation and variable length subnet masks?

Yes, eigrp supports aggregation and variable length subnet masks (vlsm). Unlike open shortest
path first (ospf), eigrp allows summarization and aggregation at any point in the network. Eigrp
supports aggregation to any bit. This allows properly designed eigrp networks to scale
exceptionally well without the use of areas. Eigrp also supports automatic summarization of
network addresses at major network borders.
Can i configure more than one eigrp autonomous system on the same router?
Yes, you can configure more than one eigrp autonomous system on the same router. This is
typically done at a redistribution point where two eigrp autonomous systems are interconnected.
Individual router interfaces should only be included within a single eigrp autonomous system.
Cisco does not recommend running multiple eigrp autonomous systems on the same set of
interfaces on the router. If multiple eigrp autonomous systems are used with multiple points of
mutual redistribution, it can cause discrepancies in the eigrp topology table if correct filtering is
not performed at the redistribution points. If possible, cisco recommends you configure only one
eigrp autonomous system in any single autonomous system. You can also use another protocol,
such as border gateway protocol (bgp), in order to connect the two eigrp autonomous systems.
What is the difference in metric calculation between eigrp and igrp?
1.Eigrp has totally replaced the obsolete igrp.
2. Eigrp is a classless routing protocol while igrp is a classful routing protocol.
3. Eigrp uses the dual while igrp does not.
4. Eigrp consumes much less bandwidth compared to igrp .
5. Eigrp expresses the metric as a 32 bit value while igrp uses a 24 bit value.

What is the eigrp stub routing feature?

The enhanced interior gateway routing protocol (eigrp) stub routing feature improves network
stability, reduces resource utilization, and simplifies stub router configuration. Stub routing is
commonly used in a hub and spoke network topology.

How can i send a default route to the stub router from the hub?
Do this under the outbound interface on the hub router with the ip summary-address eigrp x
0.0.0.0 0.0.0.0command. This command suppresses all the more specific routes and only sends
the summary route. In the case of the 0.0.0.0 0.0.0.0, it means it suppresses everything, and the
only route that is in the outbound update is 0.0.0.0/0. One drawback to this method is that eigrp
installs a 0.0.0.0/0 route to null0 is the local routing table with an admin distance of 5.

What are the primary functions of the pdm?

Eigrp supports 3 protocol suites: ip, ipv6, and ipx. Each of them has its own pdm. These are the
primary functions of pdm:
- Maintaining the neighbor and topology tables of eigrp routers that belong to that protocol suite
- Building and translating protocol specific packets for dual .
- Interfacing dual to the protocol specific routing table.
- Computing the metric and passing this information to dual; dual handles only the picking of
the feasible successors (fss) .
- Implement filtering and access lists.
- Perform redistribution functions to/from other routing protocols.

What are the various load-balancing options available in eigrp?

The offset-list can be used to modify the metrics of routes that eigrp learns through a particular
interface, or pbr can be used.

Why are loopbacks advertised as /32 host routes in ospf?

Loopbacks are considered host routes in ospf, and they are advertised as /32.

Which command in ospf shows the network lsa information?

Show ip ospf 10 database network .

What command would you use to create a totally stubby area?

Router ospf 10 Area 10.
stub no –summary

What are area types? Why there are different area concepts?
-Standard areas can contain lsas of type 1, 2, 3, 4, and 5, and may contain an asbr. The backbone
is considered a standard area.
-Stub areas can contain type 1, 2, and 3 lsas. A default route is substituted for external routes.
-Totally stubby areas can only contain type 1 and 2 lsas, and a single type 3 lsa. The type 3 lsa
describes a default route, substituted for all external and inter-area routes.
- Not-so-stubby areas implement stub or totally stubby functionality yet contain an asbr. Type 7
lsas generated by the asbr are converted to type 5 by abrs to be flooded to the rest of the ospf
domain.

What is the main importance of stub network? Why it is been developed in ospf?
A stub network is a somewhat casual term describing a computer network, or part of an
internetwork, with no knowledge of other networks, that will typically send much or all of its
non-local traffic out via a single path, with the network aware only of a default route to non-local
destinations.

What will happen if we redistribute between different processes?

There can be several reasons for redistribution between multiple processes. These are a few
examples:
- Filter an ospf route from part of the domain .
-Separate different ospf domains .
-Migrate between separate domains

What are lsa types?

Lsa type 1 (router lsa): Router link state advertisments type 1 are generated by every router for
each link that belongs to an area. They are flooded only inside of area to which they belong. Link
id of this lsa is the router id of the router that generated it.

Lsa type 2 (network lsa) :Generated by designated router (dr) for multiaccess networks and
describe the routers that are connected to that segment. They are sent inside the area to which the
network segment belong. The link id is the interface ip address of the designated router which
describe that particular segment.

Lsa type 3 (summary lsa) :Type 3 lsas are generated by area border routers (abrs). In type 3 lsas
are advertised networks from an area to the rest of the areas in as. Advertised networks in type 4
lsa can be summarized or not. The linkstate id used by this lsa is the network number advertised.

Lsa type 4 (summary lsa):- Generated by abrs, this type os lsa contain routes to asbrs. Link id
used is router id of the asbr described. Are not flooded in stub areas.

Lsa type 5 (external lsa) :-Autonomous system external lsas are generated by asbrs and contain
routes to networks that are external to current as. Link-state id is network number advertised in
lsa. Type 5 lsas are not flooded inside any stub areas.

Lsa type 6 (multicast lsa) :This type of lsa is used for multicast applications.

Lsa type 7 (nssa external lsa):Type 7 lsa allow injection of external routes throug not-so-
stubby-areas (nssa). Generally external routes are advertised by type 5 lsa but they are not
allowed inside any stub area. That’s why type 7 lsa is used, to trick ospf. Type 7 lsa is generated
by nssa asbr and is translated into type 5 lsa as it leaves the area by nssa abr, which is then
propagated throughout the network as type 5 lsa.
Lsa type 8 (external attributes lsa for border gateway protocol (bgp): Used to work with
bgp.

Lsa type 9,10,11 (opaque lsas) :- For future use.

What is ospf’s metric? How is it identified in routing table?

Does it support redistribution? Ospf uses a reference bandwidth of 100 mbps for cost calculation.
The formula to calculate the cost is reference bandwidth divided by interface bandwidth. For
example, in the case of ethernet, it is 100 mbps / 10 mbps = 10. Note: if ip ospf cost cost is used
on the interface, it overrides this formulated cost.

What are the states used in ospf when forming neighbor ship?
2-way. The 2-way state indicates that the local router has received a hello packet with its own
router id in the neighbor field. Thus, bidirectional communication has been established and the
peers are now ospf neighbors.

Types of ospf packets ?

1. The hello packet: the hello packets are sent over a period of time on all interfaces for the
purpose of establishing and maintaining neighbor relationships. Hello packets are multicast on
the networks having multicast capability, which enables discovery of neighboring routers
dynamically. The inhabitance of differences among hello packets can form neighbor
relationships by agreeing certain parameters.

2. The database description packet: at the time of adjacency is being initialized, these packets are
exchanged. These packets describe topological database contents. The database may be
described by using multiple packets. A pollresponse procedure is used for the description of
multiple packets usage. Among the routers, one is designated to be master, and the other a slave.
The database description packets are sent by the slave after sending the database description
packets by the master.

3. The link state request packet: a router may find the parts of its topological database are out of
date, after database description package exchange with a neighboring router. The link state
request packet is utilized for requesting the pieces of the neighbor’s database which are more up
to date. There may be a need to utilize multiple link state request packets.

4. The link state update packets: the flooding of link state advertisements is implemented by
these packets. A collection of link state advertisements are carried by each link statement update
packet, one hop further from its origin. A packed may be included by several link state
advertisements.

5. The link state acknowledge packets: the reliability of flooding link state advertisement is
made by explicitly acknowledging flooded advertisements. The accomplishment of this
acknowledgement is done through the sending and receiving of link sate acknowledgement
packets. A single link state acknowledgement packet is used to acknowledge the multiple link
state advertisements.

What is ospf router id and how is it elected?

Router id is 32 bit number similar to ip address. It is elected as highest ip address of loopback
interfaces or highest ip of the active physical interfaces if loopback is not present. It can also be
set manually but it will take effect when ospf process is reset completely or device is reloaded.
There should be only one router-id per device running ospf to avoid database issues.

What is the dr/bdr in ospf? How these are elected and in what scenario?
Dr/bdr election happens in shared multi access network to avoid full mesh scenario. In shared
environment, every ospf router will try to form neighbor ship with other router, so dr/bdr comes
in to action and act as single point of contact. Neighborship will only form with dr and backup
dr. Dr router will be the highest priority router and bdr will be second highest priority. If there is
a tie, then highest router-id will be used to make the decision. Router id is elected as the highest
numerical loopback ip or the highest physical active ip address or the interface ip which comes
up first.

What is the multicast ips used by ospf? What multicast ip does dr/bdr router and non-dr
use?
Ospf routers use 224.0.0.5 multicast ip address. However, in dr/bdr it uses 224.0.0.5 and
224.0.0.6. Dr/bdr will use 224.0.0.6 while replying to ospf routers in broadcast multi access
network.

How do i change the reference bandwidth in ospf?

You can change the reference bandwidth in cisco ios software release 11.2 and later using the
ospf autocost reference-bandwidth command under router ospf. By default, reference bandwidth
is 100 mbps. The ospf link-cost is a 16-bit number. Therefore, the maximum value supported is
65,535.

How to generate default route in ospf?

There are two ways to inject a default route into a normal area. If the asbr already has the default
route in its routing table, you can advertise the existing 0.0.0.0/0 into the ospf domain with
thedefaultinformation originate router configuration command.

What is ospf super backbone area?

The idea is that this super backbone can override the default behavior of ospf and provide
connectivity between customers without the need for crazy virtual-links or tunneling (can’t use
vls across area 0 anyway).

What is the concept of auto-cost in ospf?

The default reference bandwidth for OSPF is 10^8 bps or 100Mbit. Increasing the reference-
bandwidth allows a more granular OSPF design. If changed it should be changed on all routers in
the OSPF domain.The reason you would change the reference-bandwidth is that you may have
link faster than 100M in your network. If you have Gigabit networks but are using the default
reference-bandwidth, then Gigabit links are equal in cost to fast Ethernet.
device# configure
device(config)# router ospf
device(config-ospf-router)# auto-cost reference-bandwidth 500

How does ospf calculate it’s metric or cost?

Ospf uses a reference bandwidth of 100 mbps for cost calculation. The formula to calculate the
cost is reference bandwidth divided by interface bandwidth. For example, in the case of ethernet,
it is 100 mbps / 10 mbps = 10. Note: if ip ospf cost cost is used on the interface, it overrides this
formulated cost.
What algorithm is used by ospf if equal cost routes exist?
If equal cost routes exist, ospf uses cef load balancing.

Are ospf routing protocol exchanges authenticated?

Yes, ospf can authenticate all packets exchanged between neighbors. Authentication may be
through simple passwords or through md5 cryptographic checksums. To configure simple
password authentication for an area, use the command ip ospf authentication-key to assign a
password of up to eight octets to each interface attached to the area. Then, issue the area x
authentication command to the ospf router configuration to enable authentication. (in the
command, x is the area number.)

Can we have ospf run over a gre tunnel?

Yes, refer to configuring a gre tunnel over ipsec with ospf.

What is the maximum number of ospf processes (vrf aware) on 7600/6500 platforms?
Cisco ios has a limit of 32 routing processes. Two of these are saved for static and directly
connected routes. The cisco 7600 router supports 28 ospf processes per vrf.

Which switching technology reduces the size of a broadcast domain?

By using vlan technology we can reduces the size of Broadcast domain.Vlan (virtual local area
network) is a logical grouping or Segmenting the devices under a single broadcast domain.As a
result provides security and flexibility.

Which protocols are used to configure trunking on a switch?

Vlan trunking protocol (vtp) is a cisco proprietary protocol that propagates the definition of
virtual local area networks (vlan) on the whole local area network. To do this, vtp carries vlan
information to all the switches in a vtp domain. Vtpadvertisements can be sent over 802.1q, and
isl trunks.

What is svi ?
A switched virtual interface (svi) is a vlan of switch ports represented by one interface to a
routing or bridging system. There is no physical interface for the vlan and the svi provides the
layer 3 processing for packets from all switch ports associated with the vlan.

What is meant by “router on stick” ?

Router-on-a-stick is a term frequently used to describe a setup up that consists of a router and
switch connected using one ethernet link configured as an 802.1q trunk link. In this setup, the
switch is configured with multiple vlans and the routerperforms all routing between the different
networks/vlan.

Which are the two trunking protocols ?

Difference between isl & 802.1q. A single communication link called trunk is usedbetween
devices to carry traffic which may belong to multiple vlans.There are two main types of
encapsulation protocols called isl (inter switch link) which is cisco proprietary protocol and
802.1q which is an ieee standard.

Which protocol encapsulate etherframes ?

Isl encapsulates ethernet frames while 802.1q tags ethernet frame.

Which is the vlan not tagged by 802.1q ?

Native vlan

How to delete vlan information from switch ?

Delet flash:vlan.dat

Difference between access and trunk mode ?

Access mode is used to connect end devices(host) to switches while trunk mode is used to
connect between switches.

Difference between dynamic auto and dynamic desirable ?

Dynamic desirable: attempts to negotiate a trunk with the other end. Dynamic auto: forms a
trunk only if requested by the other end .

What is the use of nonegociate command in switch ?

Nonegociate command disables automatic formation of trunk links. It will be good to configure
trunk manually and give non-negociate command for security reason.

Explain different switch port modes ?

Trunk: forms an unconditional trunk
Dynamic desirable: attempts to negotiate a trunk with the far end
Dynamic auto : forms a trunk only if requested by the far end
Access: will never form a trunk

What is dtp?
Dynamic trunking protocol is used to automatically establish trunks between capable ports
(insecure method).

Which is the command used to see trunk interfaces ?

Show interface trunk
Show interface fa1/0/13 trunk
Show interface fa1/0/13 switchport Show interface status | include trunk

What is the maximum number of vlans permitted in 802.1q and isl?

Maximum vlan permitted in 802.1q is 4094 .
Maximum vlan permitted in isl is 1000.

What is the header size of 802.1q ?

4 bytes

What is the difference between an access port and a trunk port?

As for the difference between trunks and access ports, a trunk does add dot1q or isl tags directly
to frames and can exist on all or multiple vlans. While an access port only passes traffic from a
set vlan but does not modify the frame with a vlan tag.

What is frame tagging and different types of frame tagging?

Vlan frame tagging is a technology which is used to identify the vlan that the packet belongs to.
The vlan frame tag is placed on the ethernet frame when the ethernet frame reaches a switch
from an access port, which is a member of a vlan.

What is a native vlan and what type of traffic will go through native vlan?
The native vlan is the only vlan which is not tagged in a trunk, in other words,native vlan frames
are transmitted unchanged. Per default the native vlan isvlan 1 but you can change that:
#show interface fa0/8 trunk. Port mode encapsulation status native vlan. Fa0/8 on 802.1q.

What is inter-vlan routing?

Virtual lans (vlans) divide one physical network into multiple broadcast domains. But, vlan-
enabled switches cannot, by themselves, forward traffic across vlanboundaries. So you need to
have routing between these vlans which is calledintervlan routing.

What is spanning tree aka stp ?

Spanning tree protocol (stp) is a layer 2 protocol that runs on bridges and switches. The
specification for stp is ieee 802.1d. The main purpose of stp is to ensure that you do not create
loops when you have redundant paths in your network. Loops are deadly to a network.

How does stp maintain a loop-free network?

Spanning tree works by first using an algorithm to find redundant links in the lan and selecting
the best paths. Its initial goal is to put all links in either forwarding or blocking. In the end, the
links without a redundant link and the best links with a redundant link would be in forwarding
state. The redundant links that weren’t as good as the selected links would be in blocking state.

Spanning tree cannot use multiple links to the same destination. There is no load-sharing feature
with spanning tree. Any redundant link that is not as preferred is blocked (essentially shut down)
until the primary link goes down. Because the “best ports” are put into forwarding state and the
other ports are put into blocking state, there are no loops in the network. When a new switch is
introduced to the network, the algorithm and port states are recalculated to prevent a new loop.

What parameters can be tuned to influence the selection of a port as a root or designated
port?
-If a switch has multiple paths to reach the root bridge (root switch), it must select one path and
the associated port as the root port. Following are the different steps for selecting the root bridge
(switch).
- Spanning tree root port selection process in a non-root switch involves the following steps.

- Select the port connected to the path with the lowest accumulated spanning tree path cost to
theroot bridge (root switch) as the root port, when a non-root switch has multiple paths to reach
the root switch.
- If multiple paths are available to reach the root bridge (root switch) with the same
accumulatedspanning tree path cost in a non-root switch, select the port connected to the
neighbor switch which has the lowest switch id value as the root port.

- If all the multiple paths go through the same neighboring switch to reach the root bridge (root
switch), non-root switch will select the local port which receives the lowest port spanning tree
port priority value from neighbor switch as the root port.

- If the received spanning tree port priority value values are the same between the connecting
ports to reach the root bridge (root switch), non-root switch will select the port which receives
the lowest physical port number from neighbor switch as the root port.

What is bdpu ?What is the basics function of bpdu?

The spanning tree protocol (stp) enabled switches in a redundant local area network (lan) need to
exchange information between each other for spanning tree protocol (stp) to work properly.
Bridge protocol data units (bpdus) are messages exchanged between the switches inside an
interconnected redundant local area network (lan). Bridge protocol data units (bpdus) frames
contain information regarding the switch id, originating switch port, mac address, switch port
priority, switch port cost etc.
Bridge protocol data units (bpdus) frames are sent out as multicast messages regularly at
multicast destination mac address 01:80:c2:00:00:00. When bridge protocol data units (bpdus)
are received, the switch uses a mathematical formula called the spanning tree algorithm (sta) to
know when there is a layer 2 switch loop in network and determines which of the redundant
ports needs to be shut down.

Three types of bridge protocol data units (bpdus) are configuration bpdu (cbpdu), topology
change notification (tcn) bpdu and topology change notification acknowledgment (tca). The
basic purpose of the bridge protocol data units (bpdus) and the spanning tree algorithm (sta) is to
avoid layer 2 switching loops and broadcast storms.

What is the stp listening state?

The ports on a switch with enabled spanning tree protocol (stp) are in one of the following five
port states.
• blocking
• listening
• learning
• forwarding
• disabled
A switch does not enter any of these port states immediately except the blocking state. When the
spanning tree protocol (stp) is enabled, every switch in the network starts in the blocking state
and later changes to the listening and learning states.

Which command enables rstp on a switch?

Spanning-tree mode rapid-pvst

What is per-vlan spanning tree protocol (pvst).

A single spanning tree lacks flexibility in how the links are used in the network topology. Cisco
implements a protocol known as per-vlan spanning tree plus (pvst+) that is compatible with
802.1q cst but allows a separate spanning tree to be constructed for each vlan.

What is the default bridge priority in a bridge id for all cisco switches?
Bridge id priority 32769 (priority 32768 sys-id-ext 1)

Which stp version run default on cisco switches ?

Pvst+

What is the purpose of spanning tree protocol in a switched lan?

The spanning tree protocol (stp) was designed to stop layer 2 loops. All ciscoswitches have the
stp on by default. ... Convergence occurs when all ports on bridges and switches have
transitioned to either the forwarding or blocking states. No data is forwarded until convergence is
complete.

Difference between root port and designated port?

The differences between root port and designated port are listed below.
root port is a single selected port on a switch, other than root switch, with least path cost to reach
the root bridge. The designated port is the port that has the lowest spanning tree path cost on a
particular local area network (lan) segment.The root port is the port on the bridge (switch) with
the least spanning tree path cost from the switch to theroot bridge.

A designated port is the port on a local area network (lan) segment with the least spanning tree
path cost to the root bridge (root switch).there can be only one root port on a bridge (switch).
There may be multiple designated ports on a bridge (switch).All the ports on a root bridge (root
switch) are designated port and there is no root port on a root bridge (root switch).a root port can
never be a designated port.if one end of a local area network (lan) segment is a designated port,
other end is called as non designated port (marked as ndp), if it is not a root port. Non designated
port will be always in blocking state, to avoid layer 2 switching loops.

What is the difference between path cost and root path cost?
Spanning tree uses costs associated to ingress ports to calculate the best path to the root bridge.
The root path cost is the cumulative cost from the root to any given switch. Each port has a cost
associated to it. On a cisco switch, the port cost can be altered using .

Sw1 (config-if)# spanning-tree [vlan vlan-id] cost cost

A third term exists which causes a little confusion: path cost. The path cost is the same thing as
the port cost, just a different name for it.
What is the difference between stp, mstp, pvst and rstp?
Stp. Spanning tree protocol (ieee 802.1d). Forms a loop free graph (tree) in an arbitrary topology
of switches. Gives you tools to set preferred location of a root and link costs for determining
links to block.
Pvstp. Per-vlan spanning tree protocol . Cisco proprietary protocol that allows each vlan in a
network to run an independent spanning tree with an independent root rather than forcing a
single topology for all vlans.
Rstp. Rapid spanning tree protocol (ieee 802.1w). An evolution of the spanning tree protocol
with faster convergence time, relying one some more advanced switch capabilities.
Mst. Multiple spanning tree protocol (ieee 802.1s). A standarized and evolved form of pvstp.
Etherchannel. A cisco technique that provides the ability to negotiate to bundle multiple
physical links into a single, logical, higher speed link. (the standardized form is is ieee 802.3ad
link aggregation) .

What is path cost?

Ports that are determined to have the lowest cost path to the root bridge are called designated
ports. Switches or bridges running stp uses bpdu to exchange information.the bridge id is use to
determine the root bridge and to determine the root port.

Define selection criteria of stp root bridge.

Spanning tree protocol (stp) is a layer 2 protocol that runs on bridges and switches. The
specification for stp is ieee 802.1d. The main purpose of stp is to ensure that you do not create
loops when you have redundant paths in your network. Loops are deadly to a network.

Why spanning tree bpdu filter is used?

The bpdu filter feature effectively disables stp on the selected ports by preventing them from
sending or receiving any bpdus. Bpdu filtering supports the ability to prevent switches from
sending bpdus on portfast-enabled interfaces. Ports configured for the portfast feature typically
connect to host devices.

Can i use bpdu filter on trunk ports?

If a bpdu is received inbound when bpdu filter is applied globally then the portstops filtering and
it will lose its portfast status. The bpdu guard default commandwill only apply to ports that are in
a portfast operational state.

Which port state is introduced by rapid-pvst?

Which port state is introduced by rapid-pvst? Pvst+ is based on ieee802.1dspanning tree protocol
(stp). But pvst+ has only 3 port states (discarding, learning and forwarding) while stp has 5 port
states (blocking, listening, learning, forwarding and disabled).

What is spanning tree protocol (stp) portfast?

Spanning tree protocol (stp) convergence (layer 2 convergence) happens when bridges and
switches have transitioned to either the forwarding or blocking state. ...portfast feature should be
used only to connect a single workstation to a switch port to avoid layer 2 switching loop.
What does stp do when it detects a topology change in the network due to a bridge or link
failure?
If spanning tree detects a change in the network due to a bridge or link failure, at least one
bridge interface changes from the blocking state to the forwarding state, or vice versa.

How many root bridges can be available on a stp configured network ?

Only one.

If the priority value of the two switches are same, which switch would be elected as the root
bridge
Lowest mac address value

What is the basic purpose of the bpdus and stp?

To avoid the loop

What is configuration bpdu?

The default bpdu advertisement time of 2 seconds allows changes to be quickly shared with all
the other switches in the network, reducing the amount of time any disruption would create.
There are three kinds of bpdus: configuration bpdu, used by spanning tree protocol to provide
information to all switches.

What is the destination mac address used by bridge protocol data units (bpdus)?
Bridge protocol data units (bpdus) are frames that contain information about the spanning tree
protocol (stp). Switches send bpdus using a unique mac addressfrom its origin port and a
multicast address as destination mac(01:80:c2:00:00:00, or 01:00:0c:cc:cc:cd for per vlan
spanning tree).

What is tcn bpdu?

The root switch (bridge) bridge broadcasts the topology change information into the whole
network. When a switch (bridge) discovers topology change, it generates atcn (topology change
notification) bpdu (bridge protocol data unit) and sends the tcn bpdu on its root port.

What is tca bpdu?

The upstream switch (bridge) responds back the sender with tca (topology change
acknowledgment) bpdu (bridge protocol data unit) and tca (topology change acknowledgment)
bpdu (bridge protocol data unit) The process continues until the root switch (root bridge)
receives the tcn bpdu.

What is bridge protocol data unit (bpdu) frame format?

Bridge protocol data units (bpdus) are frames that contain information about the spanning tree
protocol (stp). Switches send bpdus using a unique mac address from its origin port and a
multicast address as destination mac (01:80:c2:00:00:00, or 01:00:0c:cc:cc:cd for per vlan
spanning tree).

What is root port?

The root port is the port on the bridge (switch) with the least spanning tree path cost from the
switch to the root bridge. A designated port is the port on a local area network (lan) segment with
the least spanning tree path cost to the rootbridge (root switch).

What is pvst or pvst+?

Overview of pvst and pvst+ per vlan spanning tree (pvst) is a cisco proprietary protocol that
allows a cisco device to have multiple spanning trees. pvst+ is an extension of pvst that allows a
cisco device to also interoperate with devices that are running a single spanning tree (ieee
802.1q).

What is extended system id?

The bridge priority value and the extended system id extension together make up a 16 bit (2-
byte) value. The bridge priority making up the left most bits, is a value of 0 to 61440. The
extended system id is a value of 1 to 4095 corresponding to the respective vlan participating in
stp.

What are stp timers and explain different types of stp timers?
Important spanning tree protocol (stp) timers are hello timer, forward delay timer and max age
timer and their default values are listed below.

Hello timer The hello timer is the time interval between each bridge protocol data unit (bpdu)
that is sent on a port. Defaut spanning tree protocol (stp) hello timer is 2 seconds. You can adjust
spanning tree protocol (stp) hello timer to any value between 1 and 10 sec. Click the following
link to learn how to change the default spanning tree protocol (stp) hello timer.

Forward delay timer The forward delay timer is the time interval that is spent in the listening and
learning state. Default spanning tree protocol (stp) forward delay timer is 15 seconds. You can
adjust the spanning tree protocol (stp) forward delay timer to any value between 4 and 30
seconds.

Max age timer The max age timer controls the maximum length of time interval that a spanning
tree protocol (stp) switch port saves its configuration bridge protocol data unit (bpdu)
information. Default max age timer is 20 seconds. You can tune the spanning tree protocol (stp)
max age timer to any value between 6 and 40 sec.