Tag - Remote Access

Which implementations support or require the broadcast flag

The broadcast flag is an optional element of DHCP, but a client which sets it works only with a server or relay that supports it.

  • Client

Microsoft Windows NT

DHCP client support added with version 3.5 sets the broadcast flag. Version 3.51 and later no longer set it. The exception is in the remote access support: it sets the flag when it uses DHCP to acquire addresses to hand out to its PPP clients.

tcp/ip-32 for Microsoft Windows for Workgroups (WFW)

Version 3.11a sets it, but version 3.11B doesn’t.

Microsoft Windows 95

Does not set the broadcast flag.

Back DHCP FAQ

Can DHCP support remote access

26. Can DHCP support remote access?

PPP has its own non-DHCP way in which communications servers can hand clients an IP address called IPCP (IP Control Protocol) but doesn’t have the same flexibility as DHCP or BOOTP in handing out other parameters. Such a communications server may support the use of DHCP to acquire the IP addresses it gives out. This is sometimes called doing DHCP by proxy for the client. I know that Windows NT’s remote access support does this.

A feature of DHCP under development (DHCPinform) is a method by which a DHCP server can supply parameters to a client that already has an IP number. With this, a PPP client could get its IP number using IPCP, then get the rest of its parameters using this feature of DHCP.

SLIP has no standard way in which a server can hand a client an IP address, but many communications servers support non-standard ways of doing this that can be utilized by scripts, etc. Thus, like communications servers supporting PPP, such communications servers could also support the use of DHCP to acquire the IP addressees to give out.

The DHCP protocol is capable of allocating an IP address to a device without an IEEE-style MAC address, such as a computer attached through SLIP or PPP, but to do so, it makes use of a feature which may or may not be supported by the DHCP server: the ability of the server to use something other than the MAC address to identify the client. Communications servers that acquire IP numbers for their clients via DHCP run into the same roadblock in that they have just one MAC address, but need to acquire more than one IP address. One way such a communications server can get around this problem is through the use of a set of unique pseudo-MAC addresses for the purposes of its communications with the DHCP server. Another way (used by Shiva) is to use a different “client ID type” for your hardware address. Client ID type 1 means you’re using MAC addresses. However, client ID type 0 means an ASCII string.

Back DHCP FAQ

CCNA Switching Dumps

Question 1

Refer to the exhibit. The following commands are executed on interface fa0/1 of 2950Switch.

2950Switch(config-if)#switchport port-security
2950Switch(config-if)#switchport port-security mac-address sticky
2950Switch(config-if)#switchport port-security maximum 1

The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur when this frame is received by 2950Switch? (Choose two)

 

 

 

 

 

 

 

 

 

 

 

A. The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.
B. Only host A will be allowed to transmit frames on fa0/1.
C. This frame will be discarded when it is received by 2950Switch.
D. All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out fa0/1.
E. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be forwarded out fa0/1.
F. Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be forwarded out fa0/1.

Answer: B D

Explanation

Please read the explanation at http://www.9tut.net/icnd2/icnd2-operations

Question 2

Which Cisco Catalyst feature automatically disables the port in an operational PortFast upon receipt of a BPDU?

A. BackboneFast
B. UplinkFast
C. Root Guard
D. BPDU Guard
E. BPDU Filter

 

Answer: D

Explanation

We only enable PortFast feature on access ports (ports connected to end stations). But if someone does not know he can accidentally plug that port to another switch and a loop may occur when BPDUs are being transmitted and received on these ports.

With BPDU Guard, when a PortFast receives a BPDU, it will be shut down to prevent a loop -> D is correct.

Question 3

Why will a switch never learn a broadcast address?

A. Broadcast frames are never sent to switches.
B. Broadcast addresses use an incorrect format for the switching table.
C. A broadcast address will never be the source address of a frame.
D. Broadcasts only use network layer addressing.
E. A broadcast frame is never forwarded by a switch.

 

Answer: C

Question 4

Which three statements accurately describe layer 2 Ethernet switches? (choose three)

A. Microsegmentation decreases the number of collisions on the network.
B. If a switch receives a frame for an unknown destination.it uses ARP to resolve the address.
C. Spanning Tree Protocol allows switches to automatically share vlan information.
D. In a property functioning network with redundant switched paths, each switched segment will contain one root bridge with all its ports in the forwarding state. All other switches in that broadcast domain will have only one root port.
E. Establishing vlans increases the number of broadcast domains.
F. Switches that are configured with vlans make forwarding decisions based on both layer 2 and layer 3 address information.

 

Answer: A D E

Question 5

Switch ports operating in which two roles will forward traffic according to the IEEE 802.1w standard? (Choose two)

A. alternate
B. backup
C. designated
D. disabled
E. root

 

Answer: C E

Explanation

IEEE 802.1w is the standard of Rapid Spanning Tree Protocol (RSTP). There are 5 port roles in this standard: Root port, Designated port, Alternative port, Backup port and Disabled port. In these 5 port roles, only Root port and Designated port can forward traffic.

Question 6

Select the action that results from executing these commands:

Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security mac-address sticky

A. A dynamically learned MAC address is saved in the startup-configuration file.
B. A dynamically learned MAC address is saved in the running-configuration file.
C. A dynamically learned MAC address is saved in the VLAN database.
D. Statically configured MAC addresses are saved in the startup-configuration file if frames from that address are received.
E. Statically configured MAC addresses are saved in the running-configuration file if frames from that address are received.

 

Answer: B

Explanation

The full syntax of the second command is:

switchport port-security mac-address sticky [MAC]

If we don’t specify the MAC address (like in this question) then the switch will dynamically learn the attached MAC Address and place it into your running-configuration -> B is correct.

Question 7

What is valid reason for a switch to deny port access to new devices when port security is enabled?

A. The denied MAC addresses have already been learned or configured on another secure interface in the same VLAN.
B. The denied MAC address are statically configured on the port.
C. The minimum MAC threshold has been reached.
D. The absolute aging times for the denied MAC addresses have expired.

 

Answer: A

Explanation

A security violation occurs in either of these situations:

* When the maximum number of secure MAC addresses is reached on a secure port and the source MAC address of the ingress traffic is different from any of the identified secure MAC addresses, port security applies the configured violation mode.

* If traffic with a secure MAC address that is configured or learned on one secure port attempts to access another secure port in the same VLAN, applies the configured violation mode.

From the second statement we can figure out A is the correct answer. But for your information we will discuss other answers as well.

Answer B is not correct because we can’t configured which MAC address will be denied. We can only configure which MAC is allowed.

We can only configure the maximum MAC threshold, not the minimum threshold -> C is not correct.

The aging times are only configured for allowed MAC addresses, not for denied MAC -> D is correct.

For your information about aging time:

When the aging type is configured with the absolute keyword, all the dynamically learned secure addresses age out when the aging time expires

This is how to configure the secure MAC address aging type on the port:

Router(config-if)# switchport port-security aging type absolute

and configure the aging time (aging time = 120 minutes)

Router(config-if)# switchport port-security aging time 120

When this command is used, all the dynamically learned secure addresses age out when the aging time expires

(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/port_sec.html)

 

Copyright ©2010 -  2019 Ciscoforall.com | Privacy Policy

Mersin bayan escort

*

Eskişehir çıtır escortlar

*

Kapalı escort

*

Mersin eve gelen escort

*

Mersin Akdeniz bayan escort

*

Adanada bayan escort

*

Adanada escort bayan

*

şişman escort adana

*

adana tesettürlü escort

*

adana escort numaralari

*

pubg mobile hileleri