Home > VLAN Questions

VLAN Questions

September 17th, 2017 in SWITCH 300-115 Go to comments

Question 1

Explanation

The Port Fast feature is automatically enabled when voice VLAN is configured. When you disable voice VLAN, the Port Fast feature is not automatically disabled.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swvoip.html

Question 2

Explanation

802.1Q VLAN frames are distinguished from ordinary Ethernet frames by the insertion of a 4-byte VLAN tag into the Ethernet header.

802.1q_header.png

Question 3

Explanation

Because the 802.1Q tunneling feature increases the frame size by 4 bytes when the metro tag is added, you must configure all switches in the service-provider network to be able to process maximum frames by increasing the switch system MTU size to at least 1504 bytes.

Question 4

Explanation

The VLAN ID field inside an 802.1q frame consists of 12 bits. Therefore we have 212 = 4096 VLAN IDs, theoretically.

802.1q_header.png

Question 5

Explanation

Each access port can be only assigned to one VLAN via the “switchport access vlan ” command.

Question 6

Explanation

This command is used to enable tagging of native VLAN frames on all 802.1Q trunk ports.

Answer A is not correct because even when the native VLAN is set to 1, all of the frames of the native VLAN are tagged.

Answer B is not correct because the control traffic still passes via the default VLAN (VLAN 1).

Answer C is not correct because all the frames are tagged with 4-byte dot1Q tag.

Answer D is not correct as “Control traffic continues to be accepted as untagged on the native VLAN on a trunked port, even when the vlan dot1q tag native command is enabled” according to this link: https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/nxos/commands/l2/vlan-dot1q-tag-native.html

Question 7

Explanation

When you delete a VLAN, any LAN ports configured as access ports assigned to that VLAN become inactive. The ports remain associated with the VLAN (and inactive) until you assign them to a new VLAN.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vlans.html

Question 8

Explanation

The PortFast feature is automatically enabled when voice VLAN is configured. When you disable voice VLAN, the PortFast feature is not automatically disabled.

Question 9

Question 10

Question 11

Explanation

First let’s review main characteristics of three layers in a campus network:

* Access layer:

+ Low cost per switch port
+ High port density
+ Scalable uplinks to higher layers
+ User access functions such as VLAN membership, traffic and protocol filtering, and quality of service (QoS)
+ Resiliency through multiple uplinks

* Distribution Layer:

+ Aggregation of multiple access-layer devices
+ High Layer 3 throughput for packet handling
+ Security and policy-based connectivity functions through access lists or packet filters
+ QoS features
+ Scalable and resilient high-speed links to the core and access layers

* Core layer:

+ Very high throughput at Layer 3
+ No costly or unnecessary packet manipulations (access lists, packet filtering)
+ Redundancy and resilience for high availability
+ Advanced QoS functions

We can see at Distribution and Core layers, Layer 3 throughput (routing) is very high -> B is correct.

Nowadays, end-to-end VLANs are not recommended in an enterprise network, unless there is a good reason. In an end-to-end VLAN, broadcast traffic is carried over from one end of the network to the other, creating the possibility for a broadcast storm or Layer 2 bridging
loop to spread across the whole extent of a VLAN. This can exhaust the bandwidth of distribution and core-layer links, as well as switch CPU resources. Now the storm or loop has disrupted users on the end-to-end VLAN, in addition to users on other VLANs that might
be crossing the core.

When such a problem occurs, troubleshooting becomes more difficult. In other words, the risks of end-to-end VLANs outweigh the convenience and benefits.

From that we can infer VLAN traffic should be local to the switch -> D is correct.

(Reference: CCNP SWITCH 642-813 Official Certification Guide)

Question 12

Explanation

Normal access port belongs to VLAN 1 by default but this question asks about dynamic-access port. This is a quote from Cisco website about dynamic-access port:

Dynamic-Access Port VLAN Membership

“A dynamic-access port can belong to only one VLAN with an ID from 1 to 4094. When the link comes up, the switch does not forward traffic to or from this port until the VMPS provides the VLAN assignment. The VMPS receives the source MAC address from the first packet of a new host connected to the dynamic-access port and attempts to match the MAC address to a VLAN in the VMPS database.

If there is a match, the VMPS sends the VLAN number for that port. If the client switch was not previously configured, it uses the domain name from the first VTP packet it receives on its trunk port from the VMPS. If the client switch was previously configured, it includes its domain name in the query packet to the VMPS to obtain its VLAN number. The VMPS verifies that the domain name in the packet matches its own domain name before accepting the request and responds to the client with the assigned VLAN number for the client. If there is no match, the VMPS either denies the request or shuts down the port (depending on the VMPS secure mode setting).”

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_55_se/configuration/guide/scg_2960/swvlan.html

So answer B is the best choice here.

Question 13

Question 14

Question 15

Explanation

Normal range VLANs are from 1 to 1005. Extended range VLANs are from 1006 to 4094.

In VTP version 1 and 2, extended-range VLANs are not saved in the VLAN database; they are saved in the switch running configuration file. You can save the extended-range VLAN configuration in the switch startup configuration file by using the copy running-config startup-config privileged EXEC command. VTP version 3 saves extended-range VLANs in the VLAN database.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_55_se/configuration/guide/scg3750/swvlan.html

Therefore answer B is correct, except that the extended range VLANs should be from 1006-4094 (not 4096).

Question 16

Explanation

When the native VLAN is tagged, all VLANs will be tagged.

Comments
Comment pages
1 2 790
  1. mikeSWE
    July 20th, 2017

    Can someone please confirm q12, different dump says A but AFAIK its called Native Vlan and not default Vlan so please confirm

  2. Anonymous
    July 28th, 2017

    HI MAY i KNOW WHERE ARE QUESTIONS FOR THESE ANSWERS..THANKS

  3. TT
    July 29th, 2017

    Please advise where is the latest questions dump please?

    Thank You!

  4. TypicalStudent
    August 4th, 2017

    Can someome please check if the correct answer is B? The 358q dump says it is D but I think that is wrong. Can someone please confirm?
    Question: A swtich has been configured wtih the “vlan dot1q tag native” command. Which statement describes what the switch does with untagged frames that it receives on a trunked interface?
    A. Untagged frames are forwarded via the default VLAN.
    B. It drops the untagged frames.
    C. The trunked port is put in err-disabled state.
    D. Untagged frames are forwarded via the native VLAN.

    Reference:
    http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/dot1qtnl.html

  5. TypicalStudent
    August 4th, 2017

    Never mind I see this same question was posted under the Vlan trunking 2 section of this webpage.

  6. BL
    August 8th, 2017

    This question come out today.

    A question about the behaviour of VLAN 1 BPDUs in a situation where the Native VLAN configured as VLAN 99 and the Native VLAN is Tagged
    A. VLAN 1 STP BPDU tagged through VLAN 1
    B. VLAN 1 STP BPDU untagged through VLAN 1
    C. VLAN 1 STP BPDU tagged through VLAN 99
    D. VLAN 1 STP BPDU untagged through VLAN 99
    E. VLAN 1 STP BPDU tagged through VLAN 1 and 99

    Answer: B and D

  7. NJ
    August 13th, 2017

    @ BL

    For the above question, it clearly says Native VLAN (99) is tagged. So how can option D be correct?

  8. Shk
    August 18th, 2017

    @ NJ – or anyone – i think the above answer is B E

  9. 1209 D day
    September 10th, 2017

    for q12 please refer to

    Dynamic Port VLAN Membership

    A dynamic (nontrunking) port can belong to only one VLAN. When the link comes up, the switch does not forward traffic to or from this port until the port is assigned to a VLAN. The source MAC address from the first packet of a new host on the dynamic port is sent to the VMPS, which attempts to match the MAC address to a VLAN in the VMPS database. If there is a match, the VMPS sends the VLAN number for that port. If there is no match, the VMPS either denies the request or shuts down the port (depending on the VMPS secure mode setting). See the “Understanding VMPS” section for a complete description of possible VMPS responses.

    Multiple hosts (MAC addresses) can be active on a dynamic port if they are all in the same VLAN. If the link goes down on a dynamic port, the port returns to an isolated state and does not belong to a VLAN. Any hosts that come online through the port are checked again with the VMPS before the port is assigned to a VLAN.

    So B should be OK

  10. Hank
    September 18th, 2017

    Question #3 is wrong!! The Vlan ID field is 12 bits, BUT the question is asking what the size of the Vlan FIELD…this is 32 bits.

    https://en.wikipedia.org/wiki/IEEE_802.1Q

  11. Hank
    September 18th, 2017

    I meant question #4…not 3 in previous post

  12. Anonymous
    September 23rd, 2017

    what’s the answer to this Q?

    ge . tt/7pFi7em2

  13. Anonymous
    September 26th, 2017
  14. certprepare
    September 28th, 2017

    @Anonymous: Yes, thanks for your detection. We updated Q.6.

  15. BatmanSA
    October 5th, 2017

    question 9:
    Understanding Voice VLAN:
    A. The voice VLAN feature is disabled by default;
    B. You should configure voice VLAN on switch access ports; voice VLAN is not supported on
    trunk ports.
    C. When the switch is connected to a Cisco 7960 IP Phone, the phone sends voice traffic with Layer 3 IP precedence and Layer 2 class of service (CoS) values, which are both set to 5 by default.
    D. Could refer to manually enabling #mls qos or about manually adding 3 addresses if applying port security.

    https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_40_se/configuration/guide/scg/swvoip.pdf

  16. Anonymous
    October 9th, 2017

    A question about the behaviour of VLAN 1 BPDUs in a situation where the Native VLAN configured as VLAN 99 and the Native VLAN is Tagged
    A. VLAN 1 STP BPDU tagged through VLAN 1
    B. VLAN 1 STP BPDU untagged through VLAN 1
    C. VLAN 1 STP BPDU tagged through VLAN 99
    D. VLAN 1 STP BPDU untagged through VLAN 99
    E. VLAN 1 STP BPDU tagged through VLAN 1 and 99

    what is the correct answer for the above question?

    Thanks

  17. Keu
    October 16th, 2017

    Passed 9xx, really easy the new dumps from IT-Libraries are valid.
    My advice go over the study guides from IT-Libraries, practice the labs from here and in the meantime look for the dumps on this forum, there is a good changes that someone will share for free.

  18. raja
    October 23rd, 2017

    anybody can help me for getting dumps?

  19. AANN
    October 26th, 2017

    Waht should be the correct answer to Q6?

  20. Paturuzú
    October 26th, 2017

    Hi team,

    Question about voice VLAN? (Q9) here and in the flash quiz dose not specify that two answers must provided.

  21. Dina
    November 1st, 2017

    what’s the correct answer for Q6?

  22. oval
    November 5th, 2017
  23. Anonymous
    November 23rd, 2017

    @certprepare, what’s the correct answer to Q6?

  24. tkasali
    December 1st, 2017

    In which two ways are IEEE STP BPDUs forwarded if VLAN 99 is configured as native? (Choose two)
    A. VLAN 1 STP BPDUs are sent untagged on VLAN 99
    B. VLAN 1 STP BPDUs are sent untagged on VLAN 1
    C. VLAN 1 STP BPDUs are sent tagged on VLAN 99
    D. VLAN 1 STP BPDUs are sent tagged on VLAN 1
    E. VLAN 1 and VLAN 99 BPDUs are sent tagged on VLAN 1
    F. VLAN 1 and VLAN 99 BPDUs are sent untagged on VLAN 1

    Answer: A D

  25. helpmeagain
    December 19th, 2017

    can pse anyone send me the lastest dump at {email not allowed}

  26. HiTmAn47
    December 19th, 2017

    Regarding Q6 ,
    in the explanation you stated that all four answers are not correct !!
    So what is the correct answer ?!!

  27. Odie007
    January 5th, 2018

    @MikeSWE
    You’re right. VLAN 1 is the default access vlan configured for any access port. It is somewhat confusing however in this question. In fact, it asks what access vlan is configured – by default(this is no reference to the concept of the native vlan whatsoever) – on any (dynamic) access port.
    To put it all together:
    Any Cisco switch access port has an administrative mode of dynamic desirable by default which means it will actively ask the other side to negotiate trunking using DTP. This is probably why the “dynamic” word is mentioned as this is also a default administrative mode configuration. And finally, the default vlan to which any access port belongs to, is VLAN 1. Again, this is no reference to the concept of the native vlan in any way.

    You can verify all of this in the official CERT guide book 300-115 (David Hucaby) p132 and onward – topic Configuring Static Vlans – Chapter 4 Vlans and trunks.

  28. Archangel
    March 1st, 2018

    Question-4 ans is (B) should be correct, because it asking “VLAN field inside an 802.1q frame”

  29. Sanjay
    March 3rd, 2018

    How many vlans can be assigned to a user access port configured for VoIP?
    A. 1
    B. 2
    C. 3
    D. Unlimited

    Isn’t it 2 vlans, I mean choice is B?

  30. Sanjay
    March 4th, 2018

    Is LACP is open standard or cisco proprietary? Ans to the q20 says cisco proprietary. incorrect.

  31. Ragnar
    March 30th, 2018

    Q9, with the COS 5 value.

    I re-read the chapters again, looking for info to confirm this but its really not mentioned at all. Also I found no hard proof that voice VLAN has COS value of 5 by default when browsing the web. Only that it can be configured to whatever you want.
    Also did two other questions simulators for this topic and no similar question came

  32. IT_KID
    April 22nd, 2018

    Hi..Certprepare where is question 13..14..15..16..Can you plz give us the link for the questions..Thanks In Advance..

  33. lalaversa
    May 12th, 2018

    Q9.
    The Question is “Which two statements about voice VLAN are true ?”
    Answers are A and C (A. Disable by default – C. CoS value of 5).

  34. lalaversa
    May 12th, 2018

    Q15. answers A is OK but E is wrong (if E was correct then D also would be the same).
    Correct answer are A and B.
    VLAN configuration for VLANs 1 to 1005 are always saved in the VLAN database. If the VTP mode is transparent, VTP and VLAN configuration are also written in the switch running configuration file and then stored in the startup configuration file.
    With VTP versions 1 and 2, the switch supports VLAN IDs 1006 through 4096 only in VTP transparent mode (VTP disabled). These are extended-range VLANs and configuration options are limited. Extended-range VLANs created in VTP transparent mode are not saved in the VLAN database and are not propagated. They work in running-config and stored in startup-config.
    Then, correct answer are A and B.

  35. nixas
    May 24th, 2018

    dot1q: VLANs are tagged in each frame using the IEEE 802.1Q standard protocol. The only
    exception is the native VLAN, which is sent normally and is not tagged

  36. Anonymous
    May 24th, 2018

    VLAN 1 STP BPDUs are sent to the PVST+ MAC address, tagged with a corresponding IEEE 802.1Q VLAN tag.

    VLAN 1 STP BPDUs are also sent to the IEEE STP MAC address on the Native VLAN of the IEEE 802.1Q trunk, untagged.

    Non-VLAN 1 STP BPDUs are sent to the PVST+ MAC address, tagged with a corresponding IEEE 802.1Q VLAN tag.

    Note: Native VLAN STP BPDUs are sent untagged.

  37. Anonymous
    May 24th, 2018

    This is when u configure a native vlan other than 1

  38. chadhsadasd1111111
    May 30th, 2018

    new 100% valid CCNP Exam Questions

    dumps
    pro
    dot
    com

  39. Reallyy nice
    June 2nd, 2018

    Really useful thing…
    https://ipcisco.com/ccnp-switch/
    Whole switch lessons…

  40. Raito
    June 7th, 2018

    Question 16:

    I think there is something wrong. In the INE CCIE videos they said that a good way to troubleshoot layer 2 connectivity of a VLAN is to perform “show spanning vlan X” and look if the root bridge is correct. Because spanning-tree BPDUs are send within the corresponding VLAN they belong to and if you see that for VLAN X the root bridge is correct, you instantly know that VLAN X reaches from the switch you are on to the root bridge.

    This is in contradiction to the answers of q12, which state that VLAN 1 BPDUs are sent via VLAN 99, just because VLAN 99 is the native VLAN.

  41. Anonymous
    June 10th, 2018

    Q15:

    No VTP protocol is specified, then shouldn’t the answer be A-E?
    Others are not valid due to incorrect range.

  42. CCNA-AZ
    July 25th, 2018

    Question 6:
    I think the answer here is A (May be I am wrong as I am not a Cisco expert)

    Since Control traffic always use VLAN 1 (regardless it is native or not) and stay untagged (I can not find any resource telling that “In these circumstances Control traffic will be tagged”), “vlan dot1q tag native” command will not tag control traffic inside VLAN 1. On the other hand, if native VLAN is not vlan 1, for example, VLAN 20, then all traffic inside the VLAN 20 will be tagged. Here Control traffic will still use VLAN 1.

  43. Dany1
    July 27th, 2018

    Question 6: Answer is D. Control traffic is tagged (GOOD).
    “Control traffic continues to be ACCEPTED as untagged on the native VLAN on a trunked port, even when the vlan dot1q tag native command is enabled.”
    In that document, CISCO talk about INGRESS TRAFIC.
    On GNS3 put that scenario : two switches, SW1 without “vlan dot1q tag native” activated, SW2 with “vlan dot1q tag native” . Link between them is trunk ( ON or DTP), start WIreSHARK.
    On both switches define switchport trunk native vlan 99
    Results:
    1. SW2 will ACCEPT UNtagged trafic form VLAN 99 ( example configure spanning-tree vlan 99 priority 20579 on SW1; SW1 will become root bridge), but SEND traffic for VLAN 99, tagged
    2. SW1 will accept tagged trafic for NATIVE VLAN
    3. SW1 interface is defined switchport trunk native vlan 99 and switchport mode dynamic desirable: DTP send by SW1 is send as IEEE 802.3 Ethernet frame
    SW2 is defined switchport trunk native vlan 99(default mode dynamic auto) and send DTP frame as 802.1 Q VLAN 99. DTP Control_TR status UP
    So, in summary: reference document indicated by Anonymous talk about INCOMING, INGRESS TRAFIC. Answer D for Question 6 is perfect.

  44. Dany1
    July 27th, 2018

    For CCNA-AZ:
    1. Native VLAN means that this VLAN will be untagged when it’s used over the trunk-ports, by default this will be VLAN 1.
    If Native VLAN you changed from VLAN 1 to VLAN99, meaning that any traffic in VLAN99 will never be tagged on trunk-ports, but VLAN 1 will be tagged. VLAN 99 wil be tagged when you configure globally “vlan dot1q tag native”. Using that command at level global, will impact over all native vlans defined on all trunks in that switch (example: 10 trunks with native vlan 1,2,3,4,5,6,7,8,9,10 will be tagged frame for VLAN 1-trunk 1, VLAN2-trunk2 …). Native VLAN has local (at trunk level) significance.
    2. CDP, VTP, and PAgP updates are always forwarded on trunks with a VLAN 1 tag. This is the case even if VLAN 1 has been cleared from the trunks and is not the native VLAN
    Summary:
    if Native VLAN is XXX, control traffic send through VLAN 1 it is TAGGED with VLAN 1 tag, with or without “vlan dot1q native” command That command is handle ONLY native vlan, which is not tagged by default.

  45. Dany1
    July 27th, 2018

    Question 16:
    if the native VLAN is VLAN1 then:

    VLAN1 standard STP BPDU is sent untagged (eth.dst == 01:80:c2:00:00:00 Wireshark)
    VLAN1 PVST+ BPDU is sent untagged (eth.dst == 01:00:0c:cc:cc:cd Wireshark)
    Other VLAN’s PVST+ BPDUs are sent tagged with their appropriate VLAN (802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 10, eth.dst == 01:00:0c:cc:cc:cd )

    If the native VLAN is different from VLAN1 then:

    VLAN1 standard STP BPDU is sent untagged (eth.dst == 01:80:c2:00:00:00 Wireshark)
    VLAN1 PVST+ BPDU is sent tagged with VLAN1 (802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1, eth.dst == 01:00:0c:cc:cc:cd )
    Other VLAN’s PVST+ BPDUs are sent tagged accordingly (the one for the native VLAN will be untagged)
    When native VLAN is tagged, every frame is tagged.
    Summary
    Answers:
    C. Normal STP VLAN 1 BPDU travel across VLAN 1 untagged ( more precisely “VLAN1 standard STP BPDU is sent untagged”)
    D. PVST+ VLAN 99 BPDU travel across VLAN 99 tagged (because of “native VLAN tagged”
    Check my answers with real switches or GNS3

  46. CCNA-AZ
    July 28th, 2018

    @Dany1

    Thanks a lot for your brief explanation.

  47. Anonymous
    August 30th, 2018

    You can go here and see that there is a lot of information inside, it is very comprehensive.
    ht tp:/
    /u 6.g g/d
    Akbs

  48. Angry Clown
    September 29th, 2018

    Hey guys, this question is bugging me…
    Question 5

    What is the maximum number of VLANs that can be assigned to an access switchport without a voice VLAN?
    A. 0
    B. 1
    C. 2
    D. 1024

    Answer: B
    Explanation
    Each access port can be only assigned to one VLAN via the “switchport access vlan ” command.

    Here it says only one vlan is allowed on an access port but on the quizes it says two which seems right, the voice vlan and data vlan. which one is the correct answer??? gggrrrr

  49. Remlin
    October 14th, 2018

    @Angry Clown

    It already states in the question with a voice vlan.

Comment pages
1 2 790
  1. No trackbacks yet.