300-410 VRF-Lite • Complete Question Bank
Complete 300-410 VRF-Lite question bank — all 0 questions with answers and detailed explanations.
A network engineer runs the following command on Router R1:
R1# show ip vrf interfaces Interface VRF IP Address Protocol
GigabitEthernet0/0 BLUE 10.1.1.1 up GigabitEthernet0/1 BLUE 10.1.2.1 up GigabitEthernet0/2 RED 192.168.1.1 up Loopback0 BLUE 10.0.0.1 up Loopback1 RED 192.168.0.1 up
Based on this output, which statement is correct?
A network engineer runs the following command on Router R1:
R1# show ip route vrf BLUE
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks C 10.1.1.0/24 is directly connected, GigabitEthernet0/0 C 10.1.2.0/24 is directly connected, GigabitEthernet0/1 O 10.2.0.0/16 [110/20] via 10.1.1.2, 00:00:15, GigabitEthernet0/0
Based on this output, what is the problem?
A network engineer runs the following command on Router R1:
R1# show ip bgp vpnv4 vrf RED summary
BGP router identifier 192.168.0.1, local AS number 65001 BGP table version is 5, main routing table version 5 4 network entries using 576 bytes of memory 4 path entries using 320 bytes of memory 2/1 BGP path/bestpath attribute entries using 320 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 1216 total bytes of memory BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.1.1.2 4 65001 23 25 5 0 0 00:12:34 2 10.1.2.2 4 65002 18 20 5 0 0 00:10:15 1
Based on this output, which statement is correct?
A network engineer runs the following command on Router R1:
R1# show ip eigrp vrf RED neighbors
EIGRP-IPv4 Neighbors for AS(100) VRF RED H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 0 192.168.1.2 Gi0/2 13 00:15:30 12 200 0 45 1 192.168.2.2 Gi0/3 12 00:14:20 15 200 0 32
Based on this output, what is the problem?
A network engineer runs the following command on Router R1:
R1# show ip ospf neighbor vrf BLUE Neighbor ID Pri State Dead Time Address Interface 10.0.0.2 1 FULL/DR 00:00:32 10.1.1.2 GigabitEthernet0/0 10.0.0.3 1 2WAY/DROTHER 00:00:35 10.1.2.2 GigabitEthernet0/1
Based on this output, which statement is correct?
A network engineer runs the following command on Router R1:
R1# show route-map VRF_RED_MAP
route-map VRF_RED_MAP, permit, sequence 10 Match clauses:
ip address prefix-list RED_PREFIXES
Set clauses: tag 100 Policy routing matches: 0 packets, 0 bytes
Based on this output, what is the problem?
A network engineer runs the following command on Router R1:
R1# show ip vrf detail RED
VRF RED (VRF Id = 1); default RD <not set>
Interfaces:
GigabitEthernet0/2 Loopback1 Address family IPV4 (Table ID = 1):
No Export VPN route-target communities
No Import VPN route-target communities
No import route-map
No export route-mapVRF label distribution protocol: not configured Address family IPV6 (Table ID = 0x1E000001):
No Export VPN route-target communities
No Import VPN route-target communities
No import route-map
No export route-mapVRF label distribution protocol: not configured
Based on this output, which statement is correct?
A network engineer runs the following command on Router R1:
R1# show ip bgp vpnv4 vrf RED neighbors 10.1.1.2 advertised-routes
BGP table version is 5, local router ID is 192.168.0.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, L long-lived-stale, Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path *> 192.168.1.0/24 0.0.0.0 0 32768 i *> 192.168.2.0/24 0.0.0.0 0 32768 i
Total number of prefixes 2
Based on this output, what is the problem?
A network engineer runs the following command on Router R1:
R1# show ip route vrf RED 192.168.1.0
Routing entry for 192.168.1.0/24 Known via "connected", distance 0, metric 0 (connected, via interface) Routing Descriptor Blocks: * directly connected, via GigabitEthernet0/2 Route metric is 0, traffic share count is 1
Based on this output, which statement is correct?
Given the following partial configuration on router R1: ```
interface GigabitEthernet0/0 ip vrf forwarding CUSTOMER_A ip address 192.168.1.1 255.255.255.0
``` What is the effect of this configuration?
Consider this partial configuration: ```
ip vrf CUSTOMER_B
rd 65000:1 route-target export 65000:1 route-target import 65000:1 ``` What statement is true about this VRF configuration?
Examine the following configuration: ```
interface GigabitEthernet0/1 ip vrf forwarding CUSTOMER_C ip address 10.1.1.1 255.255.255.0 no shutdown
``` What is missing from this configuration to ensure that routes from VRF CUSTOMER_C are properly isolated?
Given this configuration on router R2: ```
ip vrf CUSTOMER_D
rd 100:1 !
interface GigabitEthernet0/0 ip vrf forwarding CUSTOMER_D ip address 192.168.2.1 255.255.255.0
!
router ospf 1 vrf CUSTOMER_D network 192.168.2.0 0.0.0.255 area 0
``` What will happen when this configuration is applied?
Consider the following configuration: ```
ip vrf CUSTOMER_E
rd 200:1 route-target export 200:1 route-target import 200:1 !
interface GigabitEthernet0/0 ip vrf forwarding CUSTOMER_E ip address 172.16.0.1 255.255.255.0
!
interface GigabitEthernet0/1 ip vrf forwarding CUSTOMER_E ip address 172.16.1.1 255.255.255.0
``` What is the effect of the route-target commands in this VRF-Lite scenario?
Examine this partial configuration: ```
interface GigabitEthernet0/0 ip vrf forwarding CUSTOMER_F ip address 10.10.10.1 255.255.255.0
!
interface GigabitEthernet0/1 ip vrf forwarding CUSTOMER_G ip address 10.10.20.1 255.255.255.0
``` What is required to enable communication between VRF CUSTOMER_F and VRF CUSTOMER_G?
Router R1 has an ACL applied to interface Gig0/0 in VRF-A that permits only specific management traffic. The ACL is: access-list 100 permit udp any any eq snmp, access-list 100 permit tcp any any eq ssh, access-list 100 deny ip any any. The router's SNMP and SSH services are configured globally. Management stations in the global table cannot reach the router's VRF interface IP. What is the root cause?
A network engineer runs the following command to troubleshoot a VRF-Lite issue:
R1# show ip route vrf CUSTOMER_A summary
Output:
IP routing table name: CUSTOMER_A (0x00000001) IP routing table maximum-paths: 32
Route Source Networks Subnets Replicates Overhead Memory (bytes) connected 2 0 0 0 576 static 1 0 0 0 288 eigrp 100 3 0 0 0 864 Internal 3 0 0 0 864 External 0 0 0 0 0 ospf 200 0 0 0 0 0 Intra-area 0 0 0 0 0 Inter-area 0 0 0 0 0 External-1 0 0 0 0 0 External-2 0 0 0 0 0 NSSA-1 0 0 0 0 0 NSSA-2 0 0 0 0 0 bgp 65000 0 0 0 0 0 Internal 0 0 0 0 0 External 0 0 0 0 0 Total 6 0 0 0 1728
What does this output indicate?
A network engineer runs the following command to troubleshoot a VRF-Lite issue:
R1# show ip eigrp vrf CUSTOMER_B topology 10.1.1.0/24
Output: IP-EIGRP (AS 100): Topology entry for 10.1.1.0/24 for VRF CUSTOMER_B State is Passive, Query origin flag is 1, 1 Successor(s), FD is 131072 Routing Descriptor Blocks:
10.1.1.1 (GigabitEthernet0/1), from 10.1.1.1, Send flag is 0x0
Composite metric is (131072/128256), Route is Internal Vector metric: Minimum bandwidth is 100000 Kbit Total delay is 100 microseconds Reliability is 255/255 Load is 1/255 Minimum MTU is 1500 Hop count is 1
What does this output indicate?
A network engineer runs the following command to troubleshoot a VRF-Lite OSPF adjacency issue:
R1# debug ip ospf adj vrf CUSTOMER_C
Output: OSPF: 2 Way state received from 10.1.1.2 on interface GigabitEthernet0/1, address 10.1.1.2 OSPF: Neighbor 10.1.1.2 is eligible for DR election on interface GigabitEthernet0/1 OSPF: DR election: 10.1.1.1 (pri 1) is DR, 10.1.1.2 (pri 1) is BDR OSPF: Build router LSA for area 0, router ID 1.1.1.1, seq 0x80000001 OSPF: Neighbor 10.1.1.2 is FULL, state changed from LOADING to FULL
What does this output indicate?
A network engineer runs the following command to troubleshoot a VRF-Lite BGP route advertisement issue:
R1# show bgp vpnv4 vrf CUSTOMER_D 10.2.2.0/24
Output: BGP routing table entry for 10.2.2.0/24, version 5 Paths: (1 available, best #1, table CUSTOMER_D) Advertised to update-groups: 1 Refresh Epoch 1 Local
10.1.1.2 (metric 20) from 10.1.1.2 (2.2.2.2)
Origin incomplete, metric 0, localpref 100, valid, internal, best Extended Community: RT:100:200 mpls labels in/out nolabel/20
What does this output indicate?
A network engineer runs the following command to troubleshoot a VRF-Lite redistribution issue:
R1# debug ip routing vrf CUSTOMER_E
Output: RT: add 10.3.3.0/24 via 10.1.1.2, ospf 200 metric [110/20] RT: add 10.3.3.0/24 via 10.1.1.2, eigrp 100 metric [90/131072] tag 0 RT: closer admin distance for 10.3.3.0/24, adding via eigrp 100 RT: add 10.3.3.0/24 to routing table, via eigrp 100
What does this output indicate?
A network engineer runs the following command to troubleshoot a VRF-Lite MPLS LDP issue:
R1# show mpls ldp bindings vrf CUSTOMER_F
Output: lib entry: 10.4.4.0/24, rev 2 local binding: label: 16 remote binding: lsr: 2.2.2.2:0, label: 20 lib entry: 10.5.5.0/24, rev 3 local binding: label: 17 remote binding: lsr: 2.2.2.2:0, label: 21
What does this output indicate?
A network engineer runs the following command to troubleshoot a VRF-Lite DMVPN issue:
R1# show ip nhrp vrf CUSTOMER_G detail
Output:
10.6.6.1/32 via 10.6.6.1, Tunnel0 created 00:01:00, expire 01:59:00
Type: dynamic, Flags: used NBMA address: 192.168.1.1 (no-socket) Registration handle: 0x00000001 Cache entries: 1
What does this output indicate?
A network engineer runs the following command to troubleshoot a VRF-Lite IPsec issue:
R1# show crypto ipsec transform-set vrf CUSTOMER_H
Output: Transform set combined: { esp-aes 256 esp-sha-hmac } will negotiate = { Tunnel, }
What does this output indicate?
A network engineer runs the following command to troubleshoot a VRF-Lite CoPP issue:
R1# show policy-map control-plane input class CoPP-ACL vrf CUSTOMER_I
Output: Class-map: CoPP-ACL (match-all) 0 packets, 0 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: access-group 100 police: cir 8000 bps, bc 1500 bytes, be 1500 bytes conformed 0 packets, 0 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop
What does this output indicate?