1. Question: Why does the SVI interface down use ACL that cannot take effect?
Answer: (1) Check ACL configuration
(2) Confirm the direction of the ACL call
(3) Confirm whether the physical interface for data communication has invoked the ACL rule
2. Question: Does the switch block message information such as port number 1194?
Answer: The switch does not block the message information of the port number identification by default unless the acl is set and the positioning switch filters the information to see if the acl is set.
3. Question: Policy route calls route-map, can match int-interface be used in the match field?
Answer: The route-map match and interface is called when the route is republished. The meaning of matching the interface and the route-mapmatch field is not a s-interface when the route-map field is called with a policy route.
4. Question: How does the switch do the source in and out?
Answer: Can be partially implemented in the pBR way, the switch itself cannot do the source out.
5. Problem: After the SVI interface is configured with PBR, the test ingress with the SVI interface address as the source address on the switch is not successful
Answer: The test of the policy route on the switch on which the policy route is configured is not successful because it does not pass a match for the policy route at this time. It is recommended that the connected PC under the device be tested for policy routing to take effect.
6. Question: Does the policy route do not take effect after the call?
Answer: Check the next hop configuration, set next-hop is the next hop to modify BGP . For IGP routes do not take effect and IGP routes are using set ip next-hop.
7. Question: Does the priority of calling policy routing in VRF come higher than normal static routing?
Answer: In VRF, policy routing has a lower priority than static/default routes as is the opposite of the global.
8. Question: How do dual exits detect routes?
Answer: When a switch has a dual exit, the configuration uses BFD detection to use a combination of floating routes to implement routing issues (floating routes are implemented by modifying AD values)
9. Question: Is the BFD configuration invalid?
Answer: When the customer deploys dual-export redundant backup using floating routing and BFD scheme because of the BFD scheme when two-way link detection. The customer will often ignore the other side of the BFD configuration when the detection of this side configuration is not a problem, it’s need to detect whether the other SIDE BFD configuration.
10. Question: Can ip source guard not be configured?
Answer: The ip source guard feature cannot be configured on the dhcp snooping trust port that there is a conflict that prompts for an error.
PASSHOT will often update some network engineers in the work of the difficult problems. If you feel good, please collect our website! Here can help you CCIE Written exam and CCIE Lab exam.
Commenti