·Frontier FiberOp..
|
Another head scratcher.... for me anywayThis is what I can remember from taking the CCNA security test the previous time, so the wording isn't exactly what it is on the actual exam. But one of my weak points surprisingly appears to be layer 2. I don't know if I'm answering it right or wrong since that's never disclosed, but here it goes: L2 host #1 connected to switch 1 on VLAN A needs to communicate to L2 host #2
connected to switch 1 on VLAN B. How can you accomplish this?
A. Enable inter-VLAN routing
B. Enable SVI interfaces
C. Connect the hosts directly through a hub
D. Connect the hosts directly through a router
Last night I finally decided to fire up a 3550 I have sitting around and followed a Cisco whitepaper for enabling inter-VLAN routing on it, and I was able to get it going without issue. And based on that lab exercise, I think the right answers are B and D since A is really summarizing answers B and D; which is turning VLANs into SVIs, converting an L2 port into a L3 port, and connecting my router into said port so that the switch forwards traffic through for it for routes it doesn't know about. I humbly seek your thoughts on this. I really want to pass the test this time. TIA |
|
|
Hmmmm... I would say enabling an SVI ADDS layer 3 to a layer 2 construct rather than converts one to the other as both later 2 and layer 3 co-exist. I'd put A as my answer if the question is a single answer option as router (ASA) on a stick is still enabling inter-vlan routing. If the answer is "choose 2" or more then I agree B and D. It would help if the question specified if the switch was Layer 3 capable although it is specific at saying "L2 host" so maybe multiple SVI's are out, even though base level 2960S's now support basic layer 3 functionality. But that last line is the difference between an exam question and real world experience! So answer A = router on a stick as all you need is a trunk link and sub-if's / encapsulation config on the router, and EVERY layer 2 switch can do that regardless of IOS version or hardware platform. |
|
|
to tired_runner
...was going to ask as well whether they were looking for multiple answer or single answer.
I'd also apply the Cisco Exam mindset of selecting the LEAST INCORRECT answer; C and D, IMO, completely changes the topology / available devices from what you were given initially. B is a bit more of a grey area as the question IMPLIES a layer2 only switch, but we all know the Real World(TM) doesn't work that way.
My 00000010bits
Regards |
|
·Frontier FiberOp..
|
to markysharkey
The question doesn't mention if it's a L2 or L3 switch. It's a 2-choice question.
I figured it would be maybe A and D, but after playing with the 3550 and seeing what's involved, enabling inter-VLAN routing isn't a one-step option or even a single choice. It requires that you tell a L3-capable switch configured for L2 by default to behave like a router to accomplish the goal by doing at least B and D.
If one of the answers were to enable an interface as a trunk, then that takes out having to configure the switch as a L3 altogether.
This test is purposely confusing at best. I don't remember the CCNA being this puzzling. The material isn't that difficult. |
|
|
|
to tired_runner
I would reply A and B. In order for 2 vlans to communicate, you need a device to route between them. Since both devices are connecting to a switch, the switch requires SVI interfaces to act as a default gateway for the hosts. |
|
|
to tired_runner
Maybe head for 9tut on this one. I am NOT advocating brain dumps as I think they are a bad thing, but stupidly worded questions like this can be the difference between an otherwise competent person passing or failing. |
|
|
to tired_runner
It would be A & B if you have to supply 2 answers.
C & D imply doing things to the host rather than making the network do what it's supposed to do.
If you connect the 2 hosts by a hub, that implies you either disconnected them from the switches and Re-IP'd them to communicate or they had more than 1 interface, both with an IP in the same network. If they don't tell you the hosts have more than one interface, then it can't be C.
And the same goes for D. If you connect them, DIRECTLY, through a router, that implies that you either disconnect them from the switches and re-IP the hosts and plug them into a router or that they have more than 1 interface, and that you also have to IP that separately from their VLAN A and VLAN B addresses.
Basically, no one uses hubs for such a thing when you have switches with VLANs, and no one is wasting ethernet ports on a single router to have 2 hosts talk. |
|
|
I guess you're implying not to think beyond the switch in terms of L3, and assume A means enabling routing on the switch, and B means doing so via VLAN interfaces? |
|
|
to tired_runner
Yeah, those 2 answers are completely valid.
The other 2 answers require you to pull in other hardware and interfaces and neither being good network practice. |
|
chandom join:2001-05-23 Tallahassee, FL |
to tired_runner
Thoughts on A and B are correct.
A: enable ip routing This will enable routing on the layer 3 switch B: int vlan "A" configure an appropriate ip and subnet mask int vlan "B" configure an appropriate ip and subnet mask (ip ad.dr.e.ss sub.net.ma.sk)
Hint: If this was a simlet, check the PCS for the gateway and subnet mask. Use the gateway IP for the SVI IP. |
|
|
Thanks for your help guys. I passed the test. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
to tired_runner
I'd say A.
its the simplest answer.
it could be a low end L2 switch that can't do SVI's and SVI would just be a way of doing inter-vlan routing. |
|
DarkLogix |
to tired_runner
said by tired_runner:I guess you're implying not to think beyond the switch in terms of L3, and assume A means enabling routing on the switch, and B means doing so via VLAN interfaces? I'd think A=enable inter-vlan routing in some way (there are many ways, router on a stick linked via a trunk port, using a L3 switch, using multiple routers that somehow link the vlans at L3, and many more increasingly convoluted ways) if it is single answer then A if its 2 answer then A&B B assumes its a L3 switch where as A is more conceptual |
|
|
It was a 2-answer question. I chose the same A and B discussed here, but the order of the answers was changed around.
I passed the test this afternoon. Woo yay.
Time to start preparing for my CCNP. Fun times ahead. |
|
chandom join:2001-05-23 Tallahassee, FL |
Congrats on the CCNA, CCNP will be a fun world of mental hurt.
Passed my CCNP switch test last month. Real fun stuff.
Spanning tree is so much fun. Plus HSRP and a few other things. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
to tired_runner
my biggest issue with the CCNA exam is (or was as they changed it since then) just slowing down to think through the diagram to find what was wrong.
I was sitting there thinking about the time limit and rushed through it. |
|
|
to chandom
Thanks.
I'm not sure if I wanna take the security route or the R&S route. First I want to build up the lab with more recent stuff.
I poke around with STP and HSRP at work from time to time. It does look like a pain in the ass. |
|
tired_runner |
to DarkLogix
The biggest pain in the ass with the CCNA Security was the lab.
There were two; one where I was asked to implement an ACL, the other I was asked to answer questions about ZBFW using information in CCP that didn't make sense.
This time around I finished the test with 35 minutes to spare, and I felt that I took my time through a handful of the questions.
I'm just glad it's behind me now. |
|