老谢博客

一天至少理解5、60题吧！！好吧，今天开始开工了！！！

ps：本文除原英文题外，所有汉字部分，均为老谢原创，转载请注明！

本人英语很垃圾，只能解释大意，较真的朋友就完全没必要了

1. Refer to the exhibit. What could be possible causes for the "Serial0/0 is down" interface status? (Choose two.)

大意：如果所示s0/0的端口状态，可能的原因是什么

A. A Layer 1 problem exists. 第一层有问题，嗯。。。正确
B. The bandwidth is set too low. 带宽设置错误？坑爹啊！
C. A protocol mismatch exists. 协议不匹配？肯定不对。。
D. An incorrect cable is being used. 使用不匹配的线缆类型，对的。。
E. There is an incorrect IP address on the Serial 0/0 interface. IP地址？尼玛show int关你IP什么事

本题答案：AD

2. Before installing a new, upgraded version of the IOS, what should be checked on the router, and which
command should be used to gather this information? (Choose two.)

大意：升级IOS，应该检查什么

A. the amount of available ROM 检查ROM，那flash不检查了？
B. the amount of available flash and RAM memory ROM、flash都有了，正确
C. the version of the bootstrap software present on the router 看bootstrap版本？有必要么
D. show version 看目前IOS的版本，有必要，正确
E. show processes 管你进程什么事。
F. show running-config 看你妹的运行配置。。

本题答案：BD

3. Refer to the exhibit. Which two statements are true about interVLAN routing in the topology that is shown in the exhibit? (Choose two.)

大意：看拓扑，哪两种说法正确在这个vlan间路由

A. Host E and host F use the same IP gateway address. E去F用相同的网关，肯定不对了
B. Router1 and Switch2 should be connected via a crossover cable. 路由连接交换机用交叉线？错了！
C. Router1 will not play a role in communications between host A and host D. router1在A和D通信不起到任何作用？怎么可能呢。。
D. The FastEthernet 0/0 interface on Router1 must be configured with subinterfaces. 单臂路由，配置子接口，正确
E. Router1 needs more LAN interfaces to accommodate the VLANs that are shown in the exhibit.  route1需要更多lan来连接如图所示的vlan们，你们家接口不要钱吧！！配置子接口就行了！

F. The FastEthernet 0/0 interface on Router1 and Switch2 trunk ports must be configured using the same encapsulation type. 使用相同的封装类型，正确

本题答案：EF

4. Refer to the exhibit. Which two statements are true about the loopback address that is configured on RouterB? (Choose two.)

大意：选择两种关于loopback口的正确说法

A. It ensures that data will be forwarded by RouterB.  routerB为什么要转发数据。。。
B. It provides stability for the OSPF process on RouterB. 可以稳定OSPF进程，嗯，正确
C. It specifies that the router ID for RouterB should be 10.0.0.1. 嗯，routerB的路由ID是loopback口
D.It decreases the metric for routes that are advertised from RouterB. 可以改变度量值？怎么可能。。

E. It indicates that RouterB should be elected the DR for the LAN. routerB的路由ID最大？明显不是，怎么可能当选DR呢！！

答案：BC

5. A network administrator is explaining VTP configuration to a new technician. What should the network
administrator tell the new technician about VTP configuration? (Choose three.)

大意：新来的一个网管，告诉新网管VTP的配置
A switch in the VTP client mode cannot update its local VLAN database.

client不能更新自己的vlan，正确
B. A trunk link must be configured between the switches to forward VTP updates.

trunk链路必须转发更新VTP的信息，正确
A switch in the VTP server mode can update a switch in the VTP transparent mode.

尼玛人家都透明模式了，你server还更新你妹啊！不对！
D. A switch in the VTP transparent mode will forward updates that it receives to other switches.
透明模式可以转发vtp更新，正确，我不学习但是转发，我就是个传话的

E. A switch in the VTP server mode only updates switches in the VTP client mode that have a higher VTP
revision number.

server只能从client学更高版本的VTP？？显然不对。。
F. A switch in the VTP server mode will update switches in the VTP client mode regardless of the configured VTP domain membership.

不管配没配vtp域，server都从client更新，又错了。。

答案：ABD

6. Which two locations can be configured as a source for the IOS image in the boot system command?
(Choose two.)

大意：可以启动IOS的位置

A. RAM
B. NVRAM
C. flash memory
D. HTTP server
E. TFTP server
F. Telnet

这题都要翻译的话。。没话说了

答案：CE

7. What are two reasons a network administrator would use CDP? (Choose two.)

大意：网管使用CDP的原因是什么

A. to verify the type of cable interconnecting two devices

验证线缆类型，CDP没这功能
B. to determine the status of network services on a remote deviceC. to obtain VLAN information from directly connected switches

看到network就不用看了，CDP只是本地生效
C. to obtain VLAN information from directly connected switches

CDP不能看到VLAN信息，就是这样

D. to verify Layer 2 connectivity between two devices when Layer 3 fails

可以验证2、3之间的设备，正确

E. to obtain the IP address of a connected device in order to telnet to the device

可以看到连接和telnet的设备，嗯，正确

F. to determine the status of the routing protocols between directly connected routers

可以看到路由协议的情况，这好像是show protocol的功能

答案：DE

8. Refer to the exhibit. Both switches are using a default configuration. Which two destination addresses will host 4 use to send data to host 1? (Choose two.)

A. the IP address of host 1
B. the IP address of host 4
C. the MAC address of host 1
D. the MAC address of host 4
E. the MAC address of the Fa0/0 interface of the R1 router
F. the MAC address of the Fa0/1 interface of the R1 router

大意：4和1都用默认网关，将用什么地址把数据发出去，这个简单的不用讲了

答案：AF

9. Refer to the exhibit. The router has been configured with these commands:

hostname Gateway
interface FastEthernet 0/0
ip address 198.133.219.14 255.255.255.248
no shutdown
interface FastEthernet 0/1
ip address 192.168.10.254 255.255.255.0
no shutdown
interface Serial 0/0
ip address 64.100.0.2 255.255.255.252
no shutdown
ip route 0.0.0.0 0.0.0.0 64.100.0.1
What are the two results of this configuration? (Choose two.)

大意：如图所示，这个路由的配置如下

A. The default route should have a next hop address of 64.100.0.3. 没任何一个地方说明有0.3这个网络
B. Hosts on the LAN that is connected to FastEthernet 0/1 are using public IP addressing. 自己去看配置，FA0/1是一个私网地址
C. The address of the subnet segment with the WWW server will support seven more servers. 这个子网支持超过7个服务器，/29 这样的话主机位就是3，2的3次幂=8，再减掉2=6，明显不对了。。。
D. The addressing scheme allows users on the Internet to access the WWW server. www服务器允许公网直接访问，嗯。。正确，它使用公网IP
E. Hosts on the LAN that is connected to FastEthernet 0/1 will not be able to access the Internet without
address translation.   在没有地址转换的情况下，fa0/1不能访问互联网，正确

答案：ED

10. A company is installing IP phones. The phones and office computers connect to the same device. To ensure maximum throughput for the phone data, the company needs to make sure that the phone traffic is on a different network from that of the office computer data traffic. What is the best network device to which to directly connect the phones and computers, and what technology should be implemented on this device?
(Choose two.)

大意：公司装IP电话，为了确保不同的流量，应该用什么设备和什么技术
A.hub
B. router
C. switch
D. STP
E. subinterfaces
F. VLAN

简单的题目我也就不浪费时间说了

答案：CF

11. What are two benefits of using VTP in a switching environment? (Choose two.)
大意：在交换网络中使用VTP的两个好处

A. It allows switches to read frame tags. 允许读取帧标签，不正确
B. It allows ports to be assigned to VLANs automatically. 端口被自动分配到对应vlan，肯定不对，要是正确就乱套了
C. It maintains VLAN consistency across a switched network. 保持整个网络的VLAN一致性，正确
D. It allows frames from multiple VLANs to use a single interface. 允许多个vlan使用单一接口，不对

E. It allows VLAN information to be automatically propagated throughout the switching environment. 允许VLAN信息自动传播到网络

答案：CE

12. Which two statements are true about the command ip route 172.16.3.0 255.255.255.0 192.168.2.4?
(Choose two.)

大意：下面哪两种关于这条命令正确的说法

A. It establishes a static route to the 172.16.3.0 network. 建立了3.0的静态路由，正确
B. It establishes a static route to the 192.168.2.0 network. 哪里有2.0这个网络，明显不对
C. It configures the router to send any traffic for an unknown destination to the 172.16.3.0 network. 一条未知的路由将发送到3.0这个网络，不能嘛，这又不是默认路由
D. It configures the router to send any traffic for an unknown destination out the interface with the address
192.168.2.4. 跟上个选项大意差不多
E. It uses the default administrative distance. 使用默认管理距离 正确
F. It is a route that would be used last if other routes to the same destination exist. 存在其他路由的时候，使用其他路由条目，不可能吧，默认路由的管理距离最高

答案：AE

13. What are two advantages of Layer 2 Ethernet switches over hubs? (Choose two.) 交换机比较集线器的两点优势

A. decreasing the number of collision domains 减少冲突域 错误
B. filtering frames based on MAC addresses 基于MAC过滤 正确
C. allowing simultaneous frame transmissions 允许帧同步发送 正确
D. increasing the size of broadcast domains 增加广播域，错误
E. increasing the maximum length of UTP cabling between devices 增加线缆长度？一毛钱关系都没

答案：BC

14. Refer to the exhibit. A network associate needs to configure the switches and router in the graphic so that the hosts in VLAN3 and VLAN4 can communicate with the enterprise server in VLAN2. Which two Ethernet segments would need to be configured as trunk links? (Choose two.)

大意：如图所示，哪两条线路需要配置trunk

A. A
B. B
C. C
D. D
E. E
F. F

答案：很明显是CF

15. Which two values are used by Spanning Tree Protocol to elect a root bridge? (Choose two.) 哪两种情况会当选成根网桥
A. amount of RAM
B. bridge priority
C. IOS version
D. IP address
E. MAC address
F. speed of the links

答案：BF

16. Refer to the exhibit. Assume that the routing protocol referenced in each choice below is configured with its default settings and the given routing protocol is running on all the routers. Which two conditional statements accurately state the path that will be chosen between networks 10.1.0.0 and 10.3.2.0 for the routing protocol mentioned? (Choose two.)

A. If OSPF is the routing protocol, the path will be from R1 to R3 to R4 to R5.
B. If OSPF is the routing protocol, the path will be from R1 to R2 to R5.
C. If OSPF is the routing protocol, the path will be from R1 to R5.
D. If RIPv2 is the routing protocol, the path will be from R1 to R3 to R4 to R5.
E. If RIPv2 is the routing protocol, the path will be from R1 to R5.

其实问的就是两种不同的路由协议，会如何选取最优路径

答案：AE

17. Refer to the exhibit. A network administrator is adding two new hosts to SwitchA. hich three values could be used for the configuration of these hosts? (Choose three.)

大意：在交换机A下面增加了两台主机，将用到什么配置

A. host A IP address: 192.168.1.79
B. host A IP address: 192.168.1.64
C. host A default gateway: 192.168.1.78
D. host B IP address: 192.168.1.128
E. host B default gateway: 192.168.1.129
F. host B IP address: 192.168.1.190

自己算吧

答案：ACF

18. A network administrator changes the configuration register to 0x2142 and reboots the router. What are two results of making this change? (Choose two.)

大意：网管改变了寄存器值为：0X2142，重启路由器后会有什么变化

A. The IOS image will be ignored. 忽略IOS？成仙了么……
B. The router will prompt to enter initial configuration mode.进去配置模式，嗯，正确
C. The router will boot to ROM. 寄存器跟ROM有什么关系。。
D. Any configuration entries in NVRAM will be ignored. 忽略NVRAM，正确
E. The configuration in flash memory will be booted. 跟flash没关系- –

答案：BD

19. Refer to the exhibit. The networks connected to router R2 have been summarized asa 192.168.176.0/21 route and sent to R1. Which two packet destination addresses will R1 forward to R2? Choose two.)

大意：连接到R2的路由汇总了192.168.176.0/21的路由发给R1 哪两个包R1将发给R2

A. 192.168.194.160
B. 192.168.183.41
C. 192.168.159.2
D. 192.168.183.255
E. 192.168.179.4
F. 192.168.184.45

192.168.10110 000.00000000~192.168.10110 111.11111111 176.1~183.254

答案：BE

20. Which three statements are typical characteristics of VLAN arrangements?(Choosethree.)

大意：关于VLAN的三种典型特征
A. A new switch has no VLANs configured. 默认VLAN1，所以错误

B. Connectivity between VLANs requires a Layer 3 device. VLAN间路由需要三层设备，正确
C. VLANs typically decrease the number of collision domains. VLAN减少冲突域，错误
D. Each VLAN uses a separate address space. 每一个VLAN使用单独的地址 正确
E. A switch maintains a separate bridging table for each VLAN. 每个VLAN都有一张表，正确
F. VLANs cannot span multiple switches. VLAN不能传播到其他交换机（用VLAN实现）

答案：BDE

21. Refer to the exhibit. Which three statements are true about how router JAX will choose a path to the 10.1.3.0/24 network when different routing protocols are configured? (Choose three.)

A. By default, if RIPv2 is the routing protocol, only the path JAX-ORL will be installed into the routing table.
B. The equal cost paths JAX-CHI-ORL and JAX-NY-ORL will be installed in the routing table if RIPv2 is the
routing protocol.
C. When EIGRP is the routing protocol, only the path JAX-ORL will be installed in the routing table by
default.
D. When EIGRP is the routing protocol, the equal cost paths JAX-CHI-ORL, and JAX-NY-ORL will be
installed in the routing table by default.
E. With EIGRP and OSPF both running on the network with their default configurations, the EIGRP paths
will be installed in the routing table.
F. The OSPF paths will be installed in the routing table, if EIGRP and OSPF are both running on the
network with their default configurations.

大意：两种路由协议，如何选择路径

答案：ADE

刚刚清理根目录的东西，发现老谢的数据库居然达到了10.8M

我的文章只有248，想想不可能占这么多的体积，于是找到了一款名为WP Cleaner的插件

安装完插件之后，发现我的修订版居然达到了705之多！！！

真是可怕，毫不犹豫的清理了修订版以后，请查看数据库已经降到了4M的水平

修订版：对WP帖子修改后，系统会生成一个历史修订版，比较占用数据库体积！

老谢建议大家：清理清理更健康

注意:清理前请备份数据库，以免导致数据损失

雷锋群号：50698844

感谢T恤作者野鹤，感谢老毕辛苦定制T恤，感谢活动发起人罗伊

相机被朋友借去用了，用手机凑活拍吧

PAP验证试验

在R1和R2上做相同的配置

R1(config)#int s 0/0
R1(config-if)#encapsulation ppp

在R1上配置用户名和密码和认证方式

R1(config)#username laoxie password 123

R1(config-if)#ppp authentication pap

被认证方上配置需要发送的密码

R2(config)#int s 0/0
R2(config-if)#ppp pap sent-username laoxie password 123

 认证经历两次握手，由被认证方发起请求

——————————————–

CHAP认证试验

R1(config-if)#ppp authentication chap
R1(config-if)#exit  
R1(config)#username user1 password 123
R1(config-if)#ppp chap hostname user2

R2(config)#username r2 password 123
R2(config)#int s 0/0
R2(config-if)#ppp chap hostname r1

PS：chap 如果没有指定发送用户名，发送路由器的名称

——————————————–

IP协商

R2(config-if)#ip add negotiated

R2在端口上配置协商模式

R1(config-if)#peer default ip address 192.168.1.10

——————————————–

压缩试验 | 命令如下

ip tcp header-compression //TCP头部压缩

compress stac //数据压缩

show一下效果

R1#show compress   
Serial0/0
         Software compression enabled
         uncompressed bytes xmt/rcv 817/817
         compressed bytes   xmt/rcv 405/413
         Compressed bytes sent:       405 bytes   0 Kbits/sec  ratio: 2.017
         Compressed bytes recv:       413 bytes   0 Kbits/sec  ratio: 1.978
         1  min avg ratio xmt/rcv 0.512/0.520
         5  min avg ratio xmt/rcv 0.512/0.520
         10 min avg ratio xmt/rcv 0.512/0.520
         no bufs xmt 0 no bufs rcv 0
         resyncs 0
         Additional Stac Stats:
         Transmit bytes:  Uncompressed =        0 Compressed =        405
         Received bytes:  Compressed =        419 Uncompressed =        0

在Corp配置，因为要求不能访问web服务器，所以要用扩展访问列表，下面开始配置

注意：特权模式密码是cisco

Router>en
Password: 
Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#access-list 100 permit tcp host 192.168.33.4 host 172.22.242.23 eq 80
Router(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80
Router(config)#access-list 100 permit ip any any 
Router(config)#do show ip int b
Interface              IP-Address      OK? Method Status                Protocol
 
FastEthernet0/0        192.168.33.254  YES manual up                    up
 
FastEthernet0/1        172.22.242.30   YES manual up                    up
 
Serial1/0              198.18.247.65   YES manual up                    up
 
Serial1/1              unassigned      YES unset  administratively down down
 
Serial1/2              unassigned      YES unset  administratively down down
 
Serial1/3              unassigned      YES unset  administratively down down
 
Vlan1                  unassigned      YES unset  administratively down down
Router(config)#int fa 0/1
Router(config-if)#ip access-group 100 out 
Router(config-if)#end
Router#
%SYS-5-CONFIG_I: Configured from console by console
Router#
Router#copy run start
Destination filename [startup-config]? 
Building configuration...
[OK]
Router#
Router#

测试一下ACL是否正常，最后记得保存，一定要保存

最后发泄一句：尼玛的ACL，尼玛的OSPF，尼玛的EIGRP，尼玛的cisco，尼玛的英文考卷，尼玛的….题库看的抓狂….

首先说一点吧，犯了一个很白痴的错误，刚搭好拓扑，R1无法与内网通信，老谢居然在R1上做了条默认路由

NAT的作用就是把内网IP转换成外网IP，我这样一来试验没有一点效果，而且在真实环境中，ISP不可能收到私网地址

PC0 IP：192.168.1.2

PC1 IP：192.168.1.3

静态NAT

R2(config)#ip nat inside source static 192.168.1.2 200.200.200.1
R2(config)#int fa0/0
R2(config-if)#ip nat inside 
R2(config-if)#ip nat outside 
R2(config-if)#end

动态NAT

注意：静态NAT配置clear不掉，必须no掉配置

步骤：定义ACL允许访问外网的地址、定义合法地址池、实现转换

R2(config)#access-list 1 permit 192.168.1.0 255.255.255.0
/*定义ACL*/
R2(config)#ip nat pool laoxie 200.200.200.1 200.200.200.1 netmask 255.255.255.0 
/*pool名称laoxie后面为范围*/
R2(config)#ip nat inside source list 1 pool laoxie
/*定义NAT使用list1的ACL和laoxie的pool*/
R2(config)#end

PAT

R2(config)#access-list 1 permit 192.168.1.0 0.0.0.255
R2(config)#ip nat pool laoxie 200.200.200.1 200.200.200.1 netmask 255.255.255.0
R2(config)#ip nat inside source list 1 pool laoxie overload

依旧是哥很雷人的拓扑

一、RIP是什么

RIP（Routing Information Protocols，路由信息协议）是使用最广泛的距离向量协议，它是由施乐（Xerox）在70年代开发的。当时，RIP是XNS（Xerox Network Service，施乐网络服务）协议簇的一部分。TCP/IP版本的RIP是施乐协议的改进版。RIP最大的特点是，无论实现原理还是配置方法，都非常简单。

度量方法

RIP的度量是基于跳数（hops count）的，每经过一台路由器，路径的跳数加一。如此一来，跳数越多，路径就越长，RIP算法会优先选择跳数少的路径。RIP支持的最大跳数是15，跳数为16的网络被认为不可达。

路由更新

RIP中路由的更新是通过定时广播实现的。缺省情况下，路由器每隔30秒向与它相连的网络广播自己的路由表，接到广播的路由器将收到的信息添加至自身的路由表中。每个路由器都如此广播，最终网络上所有的路由器都会得知全部的路由信息。正常情况下，每30秒路由器就可以收到一次路由信息确认，如果经过180秒，即6个更新周期，一个路由项都没有得到确认，路由器就认为它已失效了。如果经过240秒，即8个更新周期，路由项仍没有得到确认，它就被从路由表中删除。上面的30秒，180秒和240秒的延时都是由计时器控制的，它们分别是更新计时器（Update Timer）、无效计时器（Invalid Timer）和刷新计时器（Flush Timer）。

路由循环

距离向量类的算法容易产生路由循环，RIP是距离向量算法的一种，所以它也不例外。如果网络上有路由循环，信息就会循环传递，永远不能到达目的地。为了避免这个问题，RIP等距离向量算法实现了下面4个机制。

水平分割（split horizon）。水平分割保证路由器记住每一条路由信息的来源，并且不在收到这条信息的端口上再次发送它。这是保证不产生路由循环的最基本措施。

————————————————

基础实验：

R1上配置：

R1(config)#int s 0/0
R1(config-if)#ip add 192.168.1.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#router rip
R1(config-router)#network 192.168.1.0

R2上配置：

R2(config)#int s 0/0
R2(config-if)#ip add 192.168.1.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#int s 0/01
Serial0/0, changed state to up
R2(config-if)#int s 0/1 
R2(config-if)#ip add 192.168.2.1 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#R2 rip
R2(config-R2)#Serial0/1, changed state to up
R2(config-R2)#net 192.168.1.0
R2(config-R2)#net 192.168.2.0
R2(config-R2)#end

R3上配置：

R3(config)#int s 0/1
R3(config-if)#ip add 192.168.2.2 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#R3 rip
R3(config-R3)#
Serial0/1, changed state to up
R3(config-R3)#net 192.168.2.0
R3(config-R3)#end

最后用ping检查连通性，基础实验结束

6.27补充部分

被动接口
passive-interface 0/0  只接收rip更新，但不发送更新
---------------------------------------
rip v1和rip v2兼容性试验
no auto-summary 运行v2要关闭自动汇总 否则在边界自动汇总成有类
ip rip reveive version 1 2 同时支持v1和v2

RIP的防环机制

1.定义最大跳数 Maximum Hop Count （15跳）

2.水平分割 Split Horizon （默认所有接口开启，除了Frame-Relay的物理接口，可用sh ip interface 查看开启还是关闭）

3.毒化路由 Poizoned Route

4.毒性反转 Poison Reverse （RIP基于UDP，UDP和IP都不可靠，不知道对方收到毒化路由没有；类似于对毒化路由的Ack机制）

5.保持计时器 hold­-down Timer （防止路由表频繁翻动）

6.闪式更新 Flash Update

7.触发更新 Triggered Update （需手工启动，且两边都要开 Router (config-if)# ip rip triggered ）

当启用触发更新后，RIP不再遵循30s的周期性更新时间，这也是与闪式更新的区别所在。

RIP的4个计时器：

（ 一个“└┘”代表30s）

更新计时器（update）： └┘30

无效计时器（invalid）：└┴┴┴┴┴┘180 （180s没收到更新，则置为possible down状态）

保持计时器（holddown）： └┴╋┴┴┴┴┘180 （真正起作用的只有60s）

刷新计时器（flush）： └┴┴┴┴┴┴┴┘ 240 （240s没收到更新，则删除这条路由）

如果路由变成possible down后，这条路由跳数将变成16跳，标记为不可达；这时holddown计时器开始计时。

在holddown时间内即使收到更优的路由，不加入路由表；这样做是为了防止路由频繁翻动。

什么时候启用holddown计时器： “当收到一条路由更新的跳数大于路由表中已记录的该条路由的跳数”

首先感谢@蓝色轨迹

教程非常简单，我在这里也发一篇教程，凑一个博文吧

首先下载到需要使用到的文件，然后上传到根目录下某个目录

然后去box.net注册一个ID，注册过程很简单，不废话了

重点来了，在box.net建一个文件夹，并获取分享链接

蓝色轨迹的文件名好像是中文，使用正常，我尝试几次中文名获取不到文件，最后换成英文名解决了问题

然后修改index.html文件，其他的不需要做任何改动

把链接换成获取到的分享链接即可，后面的文字换成你需要的文件夹名

ok，万事大吉了

补充：页面的框架调用代码

<iframe src="网盘绝对路径/index.html" height="1000px" width="650px" style="overflow:hidden" frameborder="0"></iframe>