Home > VLAN Questions 4

VLAN Questions 4

November 24th, 2018 in SWITCH 300-115 Go to comments

Question 1

Question 2

Question 3

Explanation

Normal range VLANs are from 1 to 1005 (in which VLANs 1002 to 1005 are Cisco defaults for FDDI and Token Ring. You cannot delete these VLANs). Extended range VLANs are from 1006 to 4094.

Question 4

Question 5

Explanation

If VLAN 20 has not been created in the switch then the command “switchport access vlan 20” will automatically create this VLAN.

Question 6

Question 7

Explanation

You can configure an access port with an attached Cisco IP Phone to use one VLAN for voice traffic and another VLAN for data traffic from a device attached to the phone -> Therefore we can configure two VLANs in total.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_40_se/configuration/guide/scg/swvoip.pdf

Question 8

Explanation

Normal range VLANs are from 1 to 1005 (in which VLANs 1002 to 1005 are Cisco defaults for FDDI and Token Ring. You cannot delete these VLANs). Extended range VLANs are from 1006 to 4094. When you configure VLANs in VLAN database mode, the VLAN configuration is saved in the vlan.dat file, not the running-config or startup-config files.

When the switch is in VTP server or transparent mode, you can configure VLANs in the VLAN database mode.

Question 9

Explanation

VTPv3 supports for extended VLAN range (VLANs 1006 to 4094). VTP versions 1 and 2 only supports VLANs 1 to 1005. If extended VLANs are configured, we cannot convert from VTP version 3 to version 1 or 2. VTP version 3 saves extended-range VLANs in the VLAN database.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_52_se/configuration/guide/3560scg/swvtp.html

If you configure extended VLANs, you must also enable the spanning-tree extended system-ID feature (with the command “spanning-tree extend system-id”).

Reference: https://users.iit.uni-miskolc.hu/~szkovacs/HaloII/VLAN/ht_xvlan.pdf

Question 10

Question 11

Question 12

Explanation

CDP and VTP are always use VLAN 1 even if we change the native VLAN to another VLAN.

Comments
  1. ugurdy
    February 3rd, 2019

    Q1 is not correct. There is only one vlan.dat file on the switch and voice vlan in it. And also “B” could be correct, but it is not a MUST.

    B and D should be the correct answers.

  2. Renko
    February 27th, 2019

    @ugurdy

    I agree, you are right.

  3. Lik
    March 6th, 2019

    Q10
    B and C correct

    Untagged frames are tagged with the native VLAN ID of the trunk port before further processing. Only those egress frames whose VLAN tags are inside the allowed range for that 802.1Q trunk port are received. If the VLAN tag on a frame happens to match that of the native VLAN on the trunk port, the tag is stripped off and the frame is sent untagged.
    https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/layer2/503_U2_1/b_Cisco_n3k_layer2_config_guide_503_U2_1/b_Cisco_n3k_layer2_config_gd_503_U2_1_chapter_0110.html

  4. NIC
    April 1st, 2019

    @ugurdy

    Did you get Q1 on the exam?

  5. ugurdy
    May 31st, 2019

    @NIC

    No, I didn’t take the exam yet, but the answer doesn’t make any sense. There is a single vlan database and it includes both voice vlan as well as data vlans.

  6. Z-A-M
    June 12th, 2019

    @ugurdy

    Agree with you.

  7. Anynomous CS
    June 29th, 2019

    My understanding for conclusion of tagging vs native VLAN:
    Normally, native isn’t tagged over trunk
    Unless the following command is set:
    Globally ( vlan dot1q tag native )
    Please confirm

  8. sasuke
    August 29th, 2019

    @Lik

    I agree.

  9. blacksword
    September 10th, 2019

    guys regarding Q1:
    It must be untrusted port because this is a feature in dhcp snooping to consider if the port is allowed to give IP addresses. so there’s no chance that a port that is connected to an IP phone has Dhcp server as well.
    regarding the second point, of course there is only 1 database so must be on the same vlan database.hope this is useful

  10. tom
    September 13th, 2019

    @blacksword
    Agree,
    A trusted port is a port that is connected to a DHCP server (or to other network devices) and is allowed to assign DHCP addresses. DHCP messages received on trusted ports are allowed to pass through the device.

    In a service provider environment, any device that is not in the service provider network is an untrusted source (such as a customer switch). Host ports are untrusted sources.

    Voice vlan configured on end users port’s so its untrusted ports.

    https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_2/security/configuration/guide/n1000v_security/n1000v_security_12dhcpsnoop.pdf

  11. Efiko
    September 21st, 2019

    @Lik. I’m with you on that one. Q10 should be “B” and “C”!

  12. CJ
    September 21st, 2019

    @Efiko

    Which two statements about native VLANs are true? (Choose two)

    A. All outgoing traffic without a VLAN tag is tagged with the native VLAN.
    B. All untagged traffic that arrives on the device is placed into the native VLAN.
    C. The VLAN tag is stripped from all incoming traffic that matches the native VLAN.
    D. They are propagated through VTP.
    E. The default native VLAN is VLAN 11.
    F. All incoming traffic that matches the native VLAN is dropped at the switch.

    I’m not sure about B.
    Let’s assume that Host-A is connected to switch on Port Fa0/1 with following config:
    switchport mode access
    switchport access vlan 2

    Host-A is sending untagged frames, but switch will NOT place them into native VLAN. (Will place them into VLAN 2).

    In my opinion C and D is correct answer.

  13. Efiko
    September 22nd, 2019

    @CJ, you may have a point… I guess I was thinking more traffic arriving at the trunk.

    But I don’t know about “D”. Have you got any Cisco documentation/link that supports that option?

  14. CJ
    September 22nd, 2019

    @Efiko

    D is kinda strange answer, because it depends.
    VTP [ver 1-2] propagates VLANs 1-1005 so if native VLAN is within this range it will be propagated like every other VLAN in this range.
    VTP [ver 3] propagates standard VLANs (1-1005) and extended VLANs (1006-4094).

  15. CJ
    September 22nd, 2019

    But VTP will not propagate native vlan, per se. Native VLAN is significant per 802.1q link only, not for every link.
    So VTP will not say to other switch “hey, this VLAN is a native VLAN”. VTP does not understand concept of native VLAN; it propagates just VLANs regardless of “native status”.

    So maybe answer D is not correct.

  16. JM
    October 11th, 2019

    Q4. Which command enable you to determine VLAN. show running-config was not one of the options.

  17. CSC
    October 15th, 2019

    @JM
    When you did the commad #show run. Show all configuration set in interface including “switchport trunk allowed native XX”.

  18. CSC
    October 15th, 2019

    Hi Guys, Look the complete and correct question “Q6”

    Refer to the exhibit.

    Switch# configure terminal
    Switch(config)# vlan 3
    Switch(config-vlan)# end

    You have applied this configuration to Switches A, B, C and D, and the switches are connected to one another on access ports. Which two additional actions must you take to enable the hosts on VLAN 3 to communicate with one another considering future growth with hosts on additional VLANs? (Choose two.)

    A. Assign VLAN 3 to the ports connecting to the hosts.
    B. Reconfigure the access ports connecting the switches as trunk ports.
    C. Configure VLAN 3 as an SVI with a working IP address.
    D. Configure VTP transparent mode to allow hosts with additional VLANs.
    E. Configure VLAN 3 in VLAN database mode.

    Correct Answer: AB

  1. No trackbacks yet.