VLAN Questions 2

Here you will find answers to VLAN Questions – Part 2

Question 1

Refer to the exhibit. Based upon the output of show vlan on switch CAT2, what can we conclude about interfaces Fa0/13 and Fa0/14?

A. That interfaces Fa0/13 and Fa0/14 are in VLAN 1
B. That interfaces Fa0/13 and Fa0/14 are down
C. That interfaces Fa0/13 and Fa0/14 are trunk interfaces
D. That interfaces Fa0/13 and Fa0/14 have a domain mismatch with another switch
E. That interfaces Fa0/13 and Fa0/14 have a duplex mismatch with another switch

Answer: C

Explanation

Trunk ports are part of multiple VLANs, not of just a single VLAN so they never show up in the show vlan command. You can check the trunk port with the show interfaces trunk or show interface {port} switchport command. You can find an example output of this command in Question 8.

Note: Trunk ports that are not connected appear by default in vlan 1 and also appear in the output of the show vlan command.

Question 2

What two pieces of information will the show vlan id 5 command display? (Choose two)

A. Ports in VLAN 5
B. Utilization
C. VLAN information on port 0/5
D. Filters
E. MTU and type

Answer: A E

Explanation

The show vlan id vlan-id command display information about a particular VLAN. But notice that this command will also list trunk ports that allow this VLAN to run on. An example of the “show vlan id” command is shown below:

Question 3

What are some virtues of implementing end-to-end VLANs? (Choose two)

A. End-to-end VLANs are easy to manage.
B. Users are grouped into VLANs independent of a physical location.
C. Each VLAN has a common set of security and resource requirements for all members.
D. Resources are restricted to a single location.

Answer: B C

Explanation

There are two kinds of VLANs:

* End-to-end VLANs: also called campuswide VLANs, span the entire switch fabric of a network. They are positioned to support maximum flexibility and mobility of end devices. Users can be assigned to VLANs regardless of their physical location. As a user moves around the campus, that user’s VLAN membership stays the same. End-to-end VLANs should group users according to common requirements. All users in a VLAN should have roughly the same traffic flow patterns

* Local VLANs: based on geographic locations by demarcation at a hierarchical boundary (core, distribution, access)

(Reference: CCNP SWITCH 642-813 Official Certification Guide)

Question 4

Which two statements are true about a switched virtual interface (SVI)? (Choose two)

A. An SVI is created by entering the no switchport command in interface configuration mode.
B. An SVI is normally created for the default VLAN (VLAN1) to permit remote switch administration.
C. An SVI provides a default gateway for a VLAN.
D. Multiple SVIs can be associated with a VLAN.
E. SVI is another name for a routed port.

Answer: B C

Explanation

Catalyst L2 fixed configuration switches that run Cisco IOS Software have only one configurable IP management interface, which by default is interface VLAN 1. Pure layer 2 switches can have only one interface VLAN up at the time. This is called the management VLAN (in IOS) or the sc0 interface (in CatOS). The main purpose of this interface is management (telnet, SNMP, etc). If the switch is a Layer 3 switch, you can configure multiple VLANs and route between them. An L3 switch can handle multiple IPs, so there is no specific management VLAN on the switch.

(Reference: http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a008010e9ca.shtml)

Question 5

You have just created a new VLAN on your network. What is one step that you should include in your VLAN based implementation and verification plan?

A. Verify that trunked links are configured to allow the VLAN traffic.
B. Verify that the switch is configured to allow for trunking on the switch ports.
C. Verify that each switch port has the correct IP address space assigned to it for the new VLAN.
D. Verify that different native VLANs exist between two switches for security purposes.

Answer: A

Explanation

A VLAN-based implementation and verification plan should include:

* Verification that trunked links are configured to allow the newly created VLANs.
* Verification that the SVI has already been created and that it shows up on all required switches using the show vlan command.

Question 6

You have just created a new VLAN on your network for inter-VLAN routing. What is one step that you should include in your VLAN-based implementation and verification plan?

A. Verify that different native VLANs exist between two switches for security purposes.
B. Verify that the switch is configured to allow for trunking on the switch ports.
C. Verify that each switch port has the proper IP address space assigned to it for the new VLAN.
D. Verify that the VLAN virtual interface has been correctly created and enabled.

Answer: D

Explanation

Same as Question 5.

Question 7

Under what circumstances should an administrator prefer local VLANs over end-to-end VLANs?

A. Eighty percent of traffic on the network is destined for Internet sites.
B. There are common sets of traffic filtering requirements for workgroups located in multiple buildings.
C. Eighty percent of a workgroup’s traffic is to the workgroup’s own local server.
D. Users are grouped into VLANs independent of physical location.

Answer: A

Explanation

End-to-end VLAN follows the 80/20 rule in which 80 percent of user traffic stays within the local workgroup, whereas 20 percent is destined for a remote resource in the campus network (like Internet…).

In contrast to end-to-end-VLAN, local VLAN follows the 20/80 rule: only 20 percent of traffic is local, whereas 80 percent is destined to a remote re-source across the core layer -> A is correct.

(Reference: CCNP SWITCH 642-813 Official Certification Guide)

Question 8

Which of the following statements is true about the 80/20 rule (Choose two)?

A. 20 percent of the traffic on a network segment should be local.
B. no more than 20 percent of the network traffic should be able to move across a backbone.
C. no more than 80 percent of the network traffic should be able to move across a backbone.
D. 80 percent of the traffic on a network segment should be local.

Answer: B D

Explanation

The 80/20 rule states that 80 percent of user traffic stays within the local workgroup, whereas 20 percent is destined for a remote resource in the campus network

Question 9

Which two statements are true about best practices in VLAN design? (Choose two.)

A. Routing should occur at the access layer if voice VLANs are utilized. Otherwise, routing should occur at the distribution layer.
B. Routing may be performed at all layers but is most commonly done at the core and distribution layers.
C. Routing should not be performed between VLANs located on separate switches.
D. VLANs should be local to a switch.
E. VLANs should be localized to a single switch unless voice VLANs are being utilized.

Answer: B D

Explanation

First let’s review main characteristics of three layers in a campus network:

* Access layer:

+ Low cost per switch port
+ High port density
+ Scalable uplinks to higher layers
+ User access functions such as VLAN membership, traffic and protocol filtering, and quality of service (QoS)
+ Resiliency through multiple uplinks

* Distribution Layer:

+ Aggregation of multiple access-layer devices
+ High Layer 3 throughput for packet handling
+ Security and policy-based connectivity functions through access lists or packet filters
+ QoS features
+ Scalable and resilient high-speed links to the core and access layers

* Core layer:

+ Very high throughput at Layer 3
+ No costly or unnecessary packet manipulations (access lists, packet filtering)
+ Redundancy and resilience for high availability
+ Advanced QoS functions

We can see at Distribution and Core layers, Layer 3 throughput (routing) is very high -> B is correct.

Nowadays, end-to-end VLANs are not recommended in an enterprise network, unless there is a good reason. In an end-to-end VLAN, broadcast traffic is carried over from one end of the network to the other, creating the possibility for a broadcast storm or Layer 2 bridging
loop to spread across the whole extent of a VLAN. This can exhaust the bandwidth of distribution and core-layer links, as well as switch CPU resources. Now the storm or loop has disrupted users on the end-to-end VLAN, in addition to users on other VLANs that might
be crossing the core.

When such a problem occurs, troubleshooting becomes more difficult. In other words, the risks of end-to-end VLANs outweigh the convenience and benefits.

From that we can infer VLAN traffic should be local to the switch -> D is correct.

(Reference: CCNP SWITCH 642-813 Official Certification Guide)

Question 10

Refer to the exhibit. The user who is connected to interface FastEthernet 0/1 is on VLAN 10 and cannot access network resources. On the basis of the information in the exhibit, which command sequence would correct the problem?

A. SW1(config)# vlan 10
SW1(config-vlan)# no shut

B. SW1(config)# interface fastethernet 0/1
SW1(config-if)# switchport mode access
SW1(config-if)# switchport access vlan 10

C. SW1(config)# interface fastethernet 0/1
SW1(config-if)# switchport mode access

D. SW1(config)# vlan 10
SW1(config-vlan)# state active

E. SW1(config)# interface fastethernet 0/1
SW1(config-if)# no shut

Answer: E