Act now and download your Cisco ccnp routing and switching route 300 101 test today! Do not waste time for the worthless Cisco ccnp routing and switching route 300 101 official cert guide tutorials. Download Up to date Cisco Implementing Cisco IP Routing exam with real questions and answers and begin to learn Cisco ccnp route 300 101 pdf with a classic professional.

Q1. Refer to the following access list. 

access-list 100 permit ip any any log 

After applying the access list on a Cisco router, the network engineer notices that the router CPU utilization has risen to 99 percent. What is the reason for this? 

A. A packet that matches access-list with the "log" keyword is Cisco Express Forwarding switched. 

B. A packet that matches access-list with the "log" keyword is fast switched. 

C. A packet that matches access-list with the "log" keyword is process switched. 

D. A large amount of IP traffic is being permitted on the router. 

Answer:

Explanation: 

Logging-enabled access control lists (ACLs) provide insight into traffic as it traverses the

network or is dropped by network devices. Unfortunately, ACL logging can be CPU intensive and can

negatively affect other functions of the network device. There are two primary factors that contribute to the

CPU load increase from ACL logging: process switching of packets that match log-enabled access control

entries (ACEs) and the generation and transmission of log messages. Reference: http://www.cisco.com/

web/about/security/intelligence/acl-logging.html#4


Q2. A router receives a routing advertisement for the same prefix and subnet from four different routing protocols. Which advertisement is installed in the routing table? 

A. RIP 

B. OSPF 

C. iBGP 

D. EIGRP 

Answer:

Explanation: 


Q3. The following configuration is applied to a router at a branch site: 

ipv6 dhcp pool dhcp-pool 

dns-server 2001:DB8:1:B::1 

dns-server 2001:DB8:3:307C::42 

domain-name example.com 

If IPv6 is configured with default settings on all interfaces on the router, which two dynamic IPv6 addressing mechanisms could you use on end hosts to provide end-to-end connectivity? (Choose two.) 

A. EUI-64 

B. SLAAC 

C. DHCPv6 

D. BOOTP 

Answer: A,B 

Explanation: 


Q4. A company's corporate policy has been updated to require that stateless, 1-to-1, and IPv6 to IPv6 translations at the Internet edge are performed. What is the best solution to ensure compliance with this new policy? 

A. NAT64 

B. NAT44 

C. NATv6 

D. NPTv4 

E. NPTv6 

Answer:

Explanation: 

NPTv6 provides a mechanism to translate the private internal organization prefixes to public globally

reachable addresses. The translation mechanism is stateless and provides a 1:1 relationship between the internal addresses and external addresses. The use cases for NPTv6 outlined in the RFC include peering with partner networks, multi homing, and redundancy and load sharing.

Reference:

http://www.cisco.com/c/dam/en/us/td/docs/solutions/SBA/August2012/Cisco_SBA_BN_IPv6AddressingGuide-Aug2012.pdf


Q5. For security purposes, an IPv6 traffic filter was configured under various interfaces on the local router. However, shortly after implementing the traffic filter, OSPFv3 neighbor adjacencies were lost. What caused this issue? 

A. The traffic filter is blocking all ICMPv6 traffic. 

B. The global anycast address must be added to the traffic filter to allow OSPFv3 to work properly. 

C. The link-local addresses that were used by OSPFv3 were explicitly denied, which caused the neighbor relationships to fail. 

D. IPv6 traffic filtering can be implemented only on SVIs. 

Answer:

Explanation: 

OSPFv3 uses link-local IPv6 addresses for neighbor discovery and other features, so if any IPv6 traffic

filters are implemented be sure to include the link local address so that it is permitted in the filter list.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx- os/unicast/configuration/

guide/l3_cli_nxos/l3_ospfv3.html


Q6. An organization decides to implement NetFlow on its network to monitor the fluctuation of traffic that is disrupting core services. After reviewing the output of NetFlow, the network engineer is unable to see OUT traffic on the interfaces. What can you determine based on this information? 

A. Cisco Express Forwarding has not been configured globally. 

B. NetFlow output has been filtered by default. 

C. Flow Export version 9 is in use. 

D. The command ip flow-capture fragment-offset has been enabled. 

Answer:

Explanation: 

We came across a recent issue where a user setup a router for NetFlow export but was unable to see the

OUT traffic for the interfaces in NetFlow Analyzer. Every NetFlow configuration aspect was checked and

nothing incorrect was found. That is when we noticed the `no ip cef' command on the router. CEF was

enabled at the global level and within seconds, NetFlow Analyzer started showing OUT traffic for the

interfaces. This is why this topic is about Cisco Express Forwarding.

What is switching?

A Router must make decisions about where to forward the packets passing through. This decision-making

process is called "switching". Switching is what a router does when it makes the following decisions:

1.Whether to forward or not forward the packets after checking that the destination for the packet is

reachable.

2.If the destination is reachable, what is the next hop of the router and which interface will the router use to

get to that destination.

What is CEF?

CEF is one of the available switching options for Cisco routers. Based on the routing table, CEF creates its

own table, called the Forwarding Information Base (FIB). The FIB is organized differently than the routing

table and CEF uses the FIB to decide which interface to send traffic from. CEF offers the following

benefits:

1.Better performance than fast-switching (the default) and takes less CPU to perform the same task.

2.When enabled, allows for advanced features like NBAR

3.Overall, CEF can switch traffic faster than route-caching using fast-switching

How to enable CEF?

CEF is disabled by default on all routers except the 7xxx series routers. Enabling and Disabling CEF is

easy. To enable CEF, go into global configuration mode and

enter the CEF command.

Router# config t

Router(config)# ip cef

Router(config)#

To disable CEF, simply use the `no' form of the command, ie. `no ip cef`.

Why CEF Needed when enabling NetFlow ?

CEF is a prerequisite to enable NetFlow on the router interfaces. CEF decides through which interface

traffic is exiting the router. Any NetFlow analyzer product will calculate the OUT traffic for an interface

based on the Destination Interface value present in the NetFlow packets exported from the router. If the

CEF is disabled on the router, the NetFlow packets exported from the router will have "Destination

interface" as "null" and this leads NetFlow Analyzer to show no OUT traffic for the interfaces. Without

enabling the CEF on the router, the NetFlow packets did not mark the destination interfaces and so

NetFlow Analyzer was not able to show the OUT traffic for the interfaces. Reference: https://

blogs.manageengine.com/network-2/netflowanalyzer/2010/05/19/need-for-cef- in-netflow-data-export.html


Q7. Refer to the exhibit. 

A network administrator checks this adjacency table on a router. What is a possible cause for the incomplete marking? 

A. incomplete ARP information 

B. incorrect ACL 

C. dynamic routing protocol failure 

D. serial link congestion 

Answer:

Explanation: 

To display information about the Cisco Express Forwarding adjacency table or the hardware Layer 3-

switching adjacency table, use the show adjacency command.

Reasons for Incomplete Adjacencies

There are two known reasons for an incomplete adjacency:

The router cannot use ARP successfully for the next-hop interface.

After a clear ip arp or a clear adjacency command, the router marks the adjacency as incomplete. Then it

fails to clear the entry.

In an MPLS environment, IP CEF should be enabeled for Label Switching. Interface level command ip

route-cache cef No ARP Entry When CEF cannot locate a valid adjacency for a destination prefix, it punts

the packets to the CPU for ARP resolution and, in turn, for completion of the adjacency.

Reference: http://www.cisco.com/c/en/us/support/docs/ip/express-forwarding-cef/17812-cefincomp.

html#t4


Q8. A network administrator uses IP SLA to measure UDP performance and notices that packets on one router have a higher one-way delay compared to the opposite direction. Which UDP characteristic does this scenario describe? 

A. latency 

B. starvation 

C. connectionless communication 

D. nonsequencing unordered packets 

E. jitter 

Answer:

Explanation: 

Cisco IOS IP SLAs provides a proactive notification feature with an SNMP trap. Each measurement

operation can monitor against a pre-set performance threshold.

Cisco IOS IP SLAs generates an SNMP trap to alert management applications if this threshold is crossed.

Several SNMP traps are available: round trip time, average jitter, one-way latency, jitter, packet loss, MOS, and connectivity tests.

Here is a partial sample output from the IP SLA statistics that can be seen:

router#show ip sla statistics 1

Round Trip Time (RTT) for Index 55

Latest RTT: 1 ms

Latest operation start time: *23:43:31.845 UTC Thu Feb 3 2005 Latest operation return code: OK

RTT Values:

Number Of RTT: 10 RTT Min/Avg/Max: 1/1/1 milliseconds Latency one-way time:

Number of Latency one-way Samples: 0

Source to Destination Latency one way Min/Avg/Max: 0/0/0 milliseconds Destination to Source Latency

one way Min/Avg/Max: 0/0/0 milliseconds 

Reference:

http://www.cisco.com/en/US/technologies/tk648/tk362/tk920/technologies_white_paper09186a0

0802d5efe.html


Q9. Which Cisco IOS VPN technology leverages IPsec, mGRE, dynamic routing protocol, NHRP, and Cisco Express Forwarding? 

A. FlexVPN 

B. DMVPN 

C. GETVPN 

D. Cisco Easy VPN 

Answer:

Explanation: Dynamic Multipoint Virtual Private Network (DMVPN) is a dynamic tunneling form of a virtual

private network (VPN) supported on Cisco IOS-based routers and Unix-like Operating Systems based on

the standard protocols, GRE, NHRP and IPsec. This DMVPN provides the capability for creating a

dynamic-mesh VPN network without having to pre-configure (static) all possible tunnel end-point peers,

including IPsec (Internet Protocol Security) and ISAKMP (Internet Security Association and Key

Management Protocol) peers. DMVPN is initially configured to build out a hub-and-spoke network by

statically configuring the hubs (VPN headends) on the spokes, no change in the configuration on the hub is

required to accept new spokes. Using this initial hub-and-spoke network, tunnels between spokes can be

dynamically built on demand (dynamic-mesh) without additional configuration on the hubs or spokes. This

dynamic-mesh capability alleviates the need for any load on the hub to route data between the spoke

networks. DMVPN is combination of the following technologies:

Multipoint GRE (mGRE)

Next-Hop Resolution Protocol (NHRP)

Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP)

Dynamic IPsec encryption

Cisco Express Forwarding (CEF)

Reference: http://en.wikipedia.org/wiki/Dynamic_Multipoint_Virtual_Private_Network

Topic 5, Infrastructure Security 

53. Which traffic does the following configuration allow? 

ipv6 access-list cisco 

permit ipv6 host 2001:DB8:0:4::32 any eq ssh 

line vty 0 4 

ipv6 access-class cisco in 

A. all traffic to vty 0 4 from source 2001:DB8:0:4::32 

B. only ssh traffic to vty 0 4 from source all 

C. only ssh traffic to vty 0 4 from source 2001:DB8:0:4::32 

D. all traffic to vty 0 4 from source all 

Answer:

Explanation: 

Here we see that the IPv6 access list called "cisco" is being applied to incoming VTY connections to the

router. IPv6 access list has just one entry, which allows only the single IPv6 IP address of 2001:DB8:0:4::32 to connect using SSH only.


Q10. Which statement about dual stack is true? 

A. Dual stack translates IPv6 addresses to IPv4 addresses. 

B. Dual stack means that devices are able to run IPv4 and IPv6 in parallel. 

C. Dual stack translates IPv4 addresses to IPv6 addresses. 

D. Dual stack changes the IP addresses on hosts from IPv4 to IPv6 automatically. 

Answer:

Explanation: