Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Advanced Networking Configuration practice sets

LPIC-2 Advanced Networking Configuration • Complete Question Bank

LPIC-2 Advanced Networking Configuration — All Questions With Answers

Complete LPIC-2 Advanced Networking Configuration question bank — all 0 questions with answers and detailed explanations.

91
Questions
Free
No signup
Certifications/LPIC-2/Practice Test/Advanced Networking Configuration/All Questions
Question 1easymultiple choice
Read the full Advanced Networking Configuration explanation →

An administrator wants to configure a virtual IP address on interface eth0 with IP 192.168.1.100/24. Which command correctly adds the virtual IP as an alias?

Question 2mediummultiple choice
Read the full Advanced Networking Configuration explanation →

A system administrator notices that the default gateway is missing after a reboot. The network configuration uses ifup/ifdown scripts. Which file should be modified to ensure the default gateway is persistent?

Question 3hardmultiple choice
Read the full NAT/PAT explanation →

A server with IP 10.0.0.1 needs to forward packets from network 192.168.1.0/24 to 10.0.0.0/24. The administrator runs: 'iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d 10.0.0.0/24 -j MASQUERADE'. However, traffic from 192.168.1.0/24 cannot reach 10.0.0.0/24. What is the most likely missing configuration?

Question 4mediummultiple choice
Read the full wireless explanation →

An administrator needs to configure a wireless interface wlan0 with WPA2-PSK authentication and a static IP address 192.168.2.50/24. Which tool should be used to configure the wireless settings?

Question 5hardmultiple choice
Read the full Advanced Networking Configuration explanation →

After adding a new network interface, the system assigns it the name 'enp0s3' instead of 'eth0'. Which of the following best describes the reason for this change?

Question 6easymultiple choice
Read the full Advanced Networking Configuration explanation →

An administrator wants to check the ARP cache for a specific IP address 192.168.1.1. Which command will display the ARP entry for that address?

Question 7mediummultiple choice
Read the full Advanced Networking Configuration explanation →

A company has a server with two network interfaces: eth0 (public IP) and eth1 (private IP). The administrator wants to allow SSH from the public network only. Which iptables rule set achieves this?

Question 8mediummulti select
Review the full routing breakdown →

Which TWO commands can be used to display the routing table on a Linux system?

Question 9hardmulti select
Review the full routing breakdown →

Which THREE conditions must be met for a Linux system to act as a router between two networks?

Question 10easymulti select
Read the full Advanced Networking Configuration explanation →

Which TWO statements about the /etc/hosts file are true?

Question 11hardmultiple choice
Read the full Advanced Networking Configuration explanation →

Refer to the exhibit. A packet is sent from 192.168.1.100 to 10.0.0.5. Which interface will the packet exit?

Exhibit

Refer to the exhibit.

# ip route show
default via 192.168.1.1 dev eth0
10.0.0.0/8 via 192.168.2.1 dev eth1
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100
192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.100
Question 12mediummultiple choice
Read the full Advanced Networking Configuration explanation →

Refer to the exhibit. If a user on the local machine tries to SSH to a remote host on eth1, what will happen?

Network Topology
0 0 ACCEPT alllo * 0.0.0.0/0100 5000 ACCEPT tcp50 3000 DROP tcpRefer to the exhibit.# iptables -L -n -v
Question 13hardmultiple choice
Read the full NAT/PAT explanation →

You are a network administrator for a medium-sized company. The company has a Linux server acting as a router/firewall with three network interfaces: eth0 (public, 203.0.113.2/24, gateway 203.0.113.1), eth1 (DMZ, 10.0.1.1/24), and eth2 (internal, 192.168.1.1/24). The DMZ hosts a web server with IP 10.0.1.100, and the internal network has client machines. The firewall rules are currently set to default DROP on INPUT and FORWARD, ACCEPT on OUTPUT. The administrator wants to allow internal clients (192.168.1.0/24) to access the web server (10.0.1.100) on port 80. Additionally, the administrator wants to allow external users (from the internet) to access the web server's public IP (203.0.113.2) on port 80, which should be DNATed to 10.0.1.100. The administrator has enabled IP forwarding and added the following rules:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.0.1.100:80 iptables -A FORWARD -i eth0 -o eth1 -p tcp --dport 80 -j ACCEPT iptables -A FORWARD -i eth1 -o eth0 -p tcp --sport 80 -j ACCEPT

Internal clients cannot access the web server. External users are able to access the web server successfully. What is the most likely reason internal clients cannot access the web server?

Question 14mediummultiple choice
Review the full routing breakdown →

A network administrator notices that a Linux router with two network interfaces is not forwarding packets between them, despite having IP forwarding enabled in the kernel. The administrator has verified that the firewall rules are not blocking the traffic. What is the most likely cause of the issue?

Question 15hardmulti select
Read the full DNS explanation →

Which TWO of the following are valid methods to configure a Linux system to use a specific DNS server for name resolution?

Question 16hardmultiple choice
Review the full routing breakdown →

A client on the internet sends a TCP SYN packet to 10.0.1.10:8080. The router receives it on eth0. According to the exhibit, what will happen to the packet?

Network Topology
MASQUERADE all10.0.2.0/24DNAT tcpRefer to the exhibit.# ip route showdefault via 10.0.1.1 dev eth0# iptables -L -t natChain PREROUTING (policy ACCEPT)target prot opt source destinationChain POSTROUTING (policy ACCEPT)
Question 17easymultiple choice
Review the full routing breakdown →

An administrator needs to prioritize traffic for a VoIP application over other traffic on a Linux router. Which tool should be used to implement traffic shaping and prioritization?

Question 18mediummultiple choice
Read the full NAT/PAT explanation →

A company has a Linux server with two network interfaces: eth0 connected to the internal 192.168.1.0/24 network, and eth1 connected to the internet via a public IP of 203.0.113.10. The server runs a web server on port 80 and needs to allow internal clients to access the internet while hiding their private IPs (MASQUERADE). Additionally, external users should be able to reach the web server using the public IP. The administrator has enabled IP forwarding and configured iptables with the following rules:

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

However, internal clients can access the internet, but external users cannot reach the web server. What should the administrator do to fix the issue?

Question 19mediummultiple choice
Review the full subnetting walkthrough →

A company has multiple subnets and wants to implement policy-based routing to direct traffic from a specific development subnet (192.168.10.0/24) through a specialized firewall for content filtering, while all other traffic uses the default gateway. Which of the following steps is required to achieve this using iproute2 tools?

Question 20hardmulti select
Review the full subnetting walkthrough →

Which TWO network diagnostic steps should be performed to isolate a problem where a Linux server (IP 10.0.0.10/24) cannot reach a remote server (IP 192.168.1.50/24) while other hosts on the same subnet can reach it? Assume routing is properly configured.

Question 21easymultiple choice
Read the full NAT/PAT explanation →

Given the exhibited routing table and rules, what will happen to a packet originating from IP 192.168.10.50 destined to 8.8.8.8?

Exhibit

Refer to the exhibit.

```
# ip route show table 100
192.168.10.0/24 dev eth0 scope link
0.0.0.0/1 via 10.0.0.1 dev eth1
```

```
# ip rule show
0:	from all lookup local
32765:	from 192.168.10.0/24 lookup 100
32766:	from all lookup main
32767:	from all lookup default
```
Question 22mediumdrag order
Read the full DNS explanation →

Arrange the steps to configure a Linux system as a DNS server using BIND.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 23mediumdrag order
Read the full network assurance explanation →

Order the steps to configure a Linux system to send system logs to a remote syslog server.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 24mediummatching
Read the full Advanced Networking Configuration explanation →

Match each network service to its purpose.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Assigns IP addresses and network configuration automatically

Resolves hostnames to IP addresses

Synchronizes system time over a network

Provides directory services for authentication and authorization

Caching proxy for HTTP, HTTPS, and FTP

Question 25mediummatching
Read the full Advanced Networking Configuration explanation →

Match each system log to its typical content.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

General system messages (legacy)

System log on Debian-based systems

Authentication and security events

Kernel messages

Mail server logs

Question 26easymultiple choice
Read the full Advanced Networking Configuration explanation →

A company's network has a single switch connecting all devices. The IT manager wants to isolate the development team's traffic from the rest of the network without buying new hardware. Which configuration should the administrator implement on the switch ports connected to the development team's computers?

Question 27mediummultiple choice
Read the full Advanced Networking Configuration explanation →

A Linux server with two Ethernet interfaces (eth0 and eth1) has been set up as a transparent bridge using brctl. The bridge is up and shows both interfaces as members. However, hosts connected to eth0 cannot communicate with hosts on eth1. What is the most likely cause?

Question 28hardmultiple choice
Review the full routing breakdown →

A network administrator is configuring source-based routing. They have created a new routing table and added a default route. They then run: ip rule add to 10.0.0.0/24 lookup 100. Traffic from 10.0.0.0/24 still uses the main table. What is the problem?

Question 29easymultiple choice
Read the full Advanced Networking Configuration explanation →

A system administrator wants to combine two Gigabit Ethernet interfaces of a Linux server into a single logical interface to increase throughput and provide redundancy. Which kernel module should be loaded to support this? (Assume the interfaces are identical and are connected to the same switch.)

Question 30mediummultiple choice
Open the full VLAN trunking answer →

A DHCP server running on a Linux machine is not leasing IP addresses to clients on a particular VLAN. The server's configuration file includes a subnet declaration for that VLAN, but clients receive only link-local addresses. What is the most likely issue?

Question 31hardmultiple choice
Read the full VPN explanation →

A Linux administrator is setting up an IPsec VPN between two sites using strongSwan. The VPN established successfully, but traffic between the sites is not being encrypted. What is the most probable cause?

Question 32easymultiple choice
Read the full Advanced Networking Configuration explanation →

A system administrator wants to allow incoming SSH connections from only the 192.168.1.0/24 network on a Linux server. Which iptables rule accomplishes this?

Question 33mediummultiple choice
Read the full DNS explanation →

A Linux server is configured as a DNS resolver with BIND. Users report that they cannot resolve external hostnames. The server can resolve internal names. Which of the following is the most likely cause?

Question 34hardmultiple choice
Review the full routing breakdown →

A Linux router is experiencing packet loss for connections that should be forwarded. The router's IP forwarding is enabled, and the routing table is correct. Which kernel parameter is most likely causing the issue?

Question 35easymulti select
Read the full Advanced Networking Configuration explanation →

Which TWO of the following tools are used to capture and analyze network packets on a Linux system?

Question 36mediummulti select
Read the full Advanced Networking Configuration explanation →

Which TWO conditions must be met for a Linux bridge to forward traffic between its ports?

Question 37hardmulti select
Open the full VLAN trunking answer →

Which THREE actions are typically required to configure a VLAN interface on a Linux system?

Question 38easymultiple choice
Read the full Advanced Networking Configuration explanation →

The server is unable to communicate with hosts on the 192.168.2.0/24 network. Based on the exhibit, what is the most likely cause?

Exhibit

Refer to the exhibit.

# ip addr show eth0
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:1a:2b:3c:4d:5e brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.100/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::21a:2bff:fe3c:4d5e/64 scope link
       valid_lft forever preferred_lft forever
Question 39mediummultiple choice
Read the full Advanced Networking Configuration explanation →

Hosts connected to eth1 cannot communicate with hosts on eth0. Based on the exhibit, what is the most likely reason?

Exhibit

Refer to the exhibit.

# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.001122334455       yes             eth0
                                                        eth1
# brctl showstp br0
br0
 bridge id              8000.001122334455
 designated root        8000.001122334455
 root port              0                    path cost                  0
 max age                20.00
 hello time             2.00
 forward delay          15.00
 bridge hello time      2.00
 bridge max age         20.00
 bridge forward delay   15.00
 ageing time            300.00
hello timer            0.00
tcn timer              0.00
topology change timer  0.00
gc timer               0.00

eth0 (1)
 port id                8001                    state                   forwarding
 designated root        8000.001122334455       path cost               4
 designated bridge     8000.001122334455       message age timer       0.00
 designated port       8001                    forward delay timer     0.00
 designated cost        0                      hold timer              0.00

eth1 (2)
 port id                8002                    state                   blocking
 designated root        8000.001122334455       path cost               4
 designated bridge     8000.001122334455       message age timer       0.00
 designated port       8002                    forward delay timer     0.00
 designated cost        0                      hold timer              0.00
Question 40hardmultiple choice
Review the full subnetting walkthrough →

Traffic from the 10.1.1.0/24 subnet is seen leaving through eth1 as intended, but reply traffic from the internet never comes back. What is the most likely cause?

Exhibit

Refer to the exhibit.

# ip rule show
0:      from all lookup local
32766:  from all lookup main
32767:  from all lookup default
# ip route show table 100
default via 10.0.0.1 dev eth0
# ip route show table 200
default via 172.16.0.1 dev eth1
# ip rule add from 10.1.1.0/24 lookup 200
# ip rule add from 10.2.2.0/24 lookup 100
Question 41easymultiple choice
Read the full Advanced Networking Configuration explanation →

A system administrator wants to combine two 1 Gbps Ethernet interfaces into a single logical bonded interface to increase throughput and provide redundancy. Which mode of bonding will provide both load balancing and fault tolerance without requiring switch configuration?

Question 42mediummultiple choice
Open the full VLAN trunking answer →

A network administrator notices that VLAN tagging is not working on a Linux bridge. The bridge interface br0 has member ports eth0 and eth1. The administrator runs 'bridge vlan show' and sees that only the default VLAN 1 is present. What is the most likely cause?

Question 43hardmultiple choice
Review the full subnetting walkthrough →

A company has multiple internet connections and wants to route traffic from specific subnets to specific providers. They are using policy-based routing with ip rule and ip route. After adding the rules, the administrator finds that the traffic is not matching the intended routing table. Which command should be used to verify that the rules are being matched correctly?

Question 44easymultiple choice
Read the full Advanced Networking Configuration explanation →

To create a simple bridge interface that connects two Ethernet interfaces, which of the following commands should be used?

Question 45mediummultiple choice
Open the full VLAN trunking answer →

An administrator configures a DHCP relay agent using 'dhcrelay' in a network with multiple VLANs. The relay agent is on a Linux server with interfaces eth0 (VLAN 10) and eth1 (VLAN 20). The DHCP server is on VLAN 10. Which command correctly sets up the relay to forward requests from VLAN 20 to the DHCP server at 192.168.1.5?

Question 46hardmultiple choice
Study the full IPv6 explanation →

An administrator is troubleshooting IPv6 connectivity on a Linux host. The host has an IPv6 address configured on eth0, but cannot ping6 the default gateway. The output of 'ip -6 route show' shows a default route via fe80::1 dev eth0. Which tool should be used to verify that the neighbor discovery process is working?

Question 47easymultiple choice
Read the full Advanced Networking Configuration explanation →

Which of the following commands creates a new network namespace named 'test'?

Question 48mediummultiple choice
Read the full Advanced Networking Configuration explanation →

A security analyst wants to capture only TCP packets with the SYN flag set to identify connection attempts. Which tcpdump filter expression accomplishes this?

Question 49hardmultiple choice
Read the full NAT/PAT explanation →

To implement 802.1X port-based authentication on a Linux network interface, which combination of software components is typically required when the Linux system acts as the supplicant?

Question 50easymulti select
Read the full Advanced Networking Configuration explanation →

Which TWO conditions must be met for a Linux bridge to forward Ethernet frames between its ports?

Question 51mediummulti select
Read the full Advanced Networking Configuration explanation →

Which THREE of the following are valid bonding modes in Linux?

Question 52hardmulti select
Read the full Advanced Networking Configuration explanation →

An administrator is configuring netfilter rules to implement a stateful firewall. Which TWO of the following commands are necessary to allow the firewall to correctly forward TCP traffic from internal to external networks (assuming proper default policies)?

Question 53easymultiple choice
Review the full routing breakdown →

A packet destined to 192.168.1.100 is sent from this router. Which interface will be used to forward it?

Exhibit

Refer to the exhibit.
Output of 'ip route show' on a Linux router:
default via 10.0.0.1 dev eth0 metric 100
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.2 metric 100
192.168.1.0/24 via 10.0.0.254 dev eth0 metric 50
192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.1 metric 100
Question 54mediummultiple choice
Read the full Advanced Networking Configuration explanation →

Based on the capture, which of the following statements is correct about the communication between 10.0.0.1 and 10.0.0.3?

Exhibit

Refer to the exhibit.
Output of 'tcpdump -i eth0 -n' on a server:
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
18:34:22.123456 IP 10.0.0.1 > 10.0.0.2: ICMP echo request, id 1, seq 1, length 64
18:34:22.123789 IP 10.0.0.2 > 10.0.0.1: ICMP echo reply, id 1, seq 1, length 64
18:34:23.124456 IP 10.0.0.1.54321 > 10.0.0.3.80: Flags [S], seq 123456, win 65535, options [mss 1460], length 0
18:34:23.125001 IP 10.0.0.3.80 > 10.0.0.1.54321: Flags [S.], seq 654321, ack 123457, win 65535, options [mss 1460], length 0
18:34:23.125200 IP 10.0.0.1.54321 > 10.0.0.3.80: Flags [.], ack 654322, win 65535, length 0
Question 55hardmultiple choice
Read the full Advanced Networking Configuration explanation →

After rebooting, the bridge br0 does not forward traffic between eth0 and eth1. Which configuration is most likely missing?

Exhibit

Refer to the exhibit.
Contents of /etc/network/interfaces:
auto br0
iface br0 inet static
    address 192.168.1.1
    netmask 255.255.255.0
    bridge_ports eth0 eth1
auto eth0
iface eth0 inet manual
auto eth1
iface eth1 inet manual
Question 56easymultiple choice
Read the full Advanced Networking Configuration explanation →

A network administrator wants to improve network performance by bonding two gigabit Ethernet interfaces (eth0 and eth1) on a Linux server. The switch supports IEEE 802.3ad (LACP). Which bonding mode should be used to provide both load balancing and fault tolerance?

Question 57hardmultiple choice
Read the full NAT/PAT explanation →

A Linux router is experiencing asymmetric routing issues. The network has two internet connections (ISP1 and ISP2) with default routes. The administrator wants to ensure that traffic originating from a specific source IP uses ISP1 for both incoming and outgoing packets. Which ip rule configuration achieves this?

Question 58easymultiple choice
Open the full VLAN trunking answer →

Which command will display the current VLAN membership of interface eth1?

Question 59mediummultiple choice
Read the full Advanced Networking Configuration explanation →

An administrator wants to allow SSH access from the internal network (192.168.1.0/24) only, using nftables. Which rule should be added to the filter table input chain?

Question 60hardmultiple choice
Read the full Advanced Networking Configuration explanation →

A server reports packet loss on a bonded interface (mode 4). The switch configuration is verified correct. Running ethtool shows all slaves are connected at 1 Gbps full duplex. Which command should be used to check if the LACP negotiation is successful?

Question 61mediummultiple choice
Review the full routing breakdown →

A company's Linux router uses iptables. The administrator needs to log all dropped packets (by default policy) before they are dropped. Where should the LOG rule be placed?

Question 62easymultiple choice
Study the full IPv6 explanation →

Which of the following is the correct command to add an IPv6 address 2001:db8::1/64 to interface eth0?

Question 63easymultiple choice
Read the full Advanced Networking Configuration explanation →

An administrator configures a bridge br0 with two ports (eth0 and eth1). The network uses STP. After configuration, packets from a host on eth0 to a host on eth1 are not forwarded. The bridge shows blocking state for one of the ports. What is the most likely cause?

Question 64hardmultiple choice
Read the full VPN explanation →

A system administrator needs to configure a VPN tunnel using WireGuard. The private key of the local peer is stored in /etc/wireguard/private.key. Which command should be used to set the private key via wg-quick?

Question 65mediummulti select
Open the full VLAN trunking answer →

Which TWO statements about VLAN tagging are correct?

Question 66mediummulti select
Review the full routing breakdown →

Which THREE commands can be used to display routing information?

Question 67hardmulti select
Read the full Advanced Networking Configuration explanation →

Which TWO steps are required to enable IP forwarding on a Linux system permanently?

Question 68mediummultiple choice
Read the full Advanced Networking Configuration explanation →

Based on the exhibit, what is the configuration of the network interfaces?

Exhibit

Refer to the exhibit.

# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 00:11:22:33:44:55 brd ff:ff:ff:ff:ff:ff
3: eth0.10@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 00:11:22:33:44:55 brd ff:ff:ff:ff:ff:ff
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 00:11:22:33:44:55 brd ff:ff:ff:ff:ff:ff

# bridge vlan show
port    vlan ids
eth0     1 PVID Egress Untagged
br0      1 PVID Egress Untagged
eth0.10  10
Question 69hardmultiple choice
Read the full Advanced Networking Configuration explanation →

A host on 192.168.2.100 tries to SSH to the firewall's IP address (192.168.1.1). The firewall's input chain policy is drop. Will the SSH connection be allowed?

Exhibit

Refer to the exhibit.

# nft list ruleset
table ip filter {
    chain input {
        type filter hook input priority 0; policy drop;
        ct state established,related accept
        iifname lo accept
        ip saddr 192.168.1.0/24 tcp dport { 22, 80, 443 } accept
        ip saddr 192.168.2.0/24 tcp dport 22 accept
    }
    chain forward {
        type filter hook forward priority 0; policy drop;
        ip saddr 192.168.1.0/24 oifname eth0 accept
        oifname eth0 ip daddr 192.168.1.0/24 accept
    }
}
Question 70easymultiple choice
Read the full Advanced Networking Configuration explanation →

Which command would add the default gateway 192.168.1.1 to this interface?

Exhibit

Refer to the exhibit.

# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:11:22:33:44:55 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.100/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::211:22ff:fe33:4455/64 scope link
       valid_lft forever preferred_lft forever
Question 71mediummultiple choice
Read the full Advanced Networking Configuration explanation →

A system administrator recently configured two NICs in a bonding interface (bond0) using mode 1 (active-backup). Although both links appear up, traffic never fails over when the primary link goes down. Which command should the administrator use to diagnose the bonding status and determine the root cause?

Question 72easymultiple choice
Read the full Advanced Networking Configuration explanation →

An administrator needs to create a Linux bridge (br0) and add an Ethernet interface (eth1) to it for KVM virtual machine networking. Which set of commands accomplishes this task?

Question 73hardmultiple choice
Review the full subnetting walkthrough →

A Linux router running multiple routing tables is misconfigured. The administrator wants to add a policy routing rule that sends all traffic from subnet 10.10.0.0/16 to routing table 200. Which command should be used?

Question 74mediummultiple choice
Open the full VLAN trunking answer →

A Linux server requires several VLAN interfaces on eth0. The network switch expects 802.1Q tagged frames for VLAN 10. Which command correctly creates the VLAN interface?

Question 75easymultiple choice
Read the full Advanced Networking Configuration explanation →

A company requires link aggregation between a Linux server and a switch to increase throughput and provide redundancy. The switch supports only standard 802.3ad (LACP). Which bonding mode should be configured on the Linux server?

Question 76hardmultiple choice
Read the full Advanced Networking Configuration explanation →

An administrator is troubleshooting network isolation in a Linux container environment. The container should have its own network stack, but it appears to be using the host's interfaces. Which command correctly runs a command inside a network namespace named 'ns1' to verify its network configuration?

Question 77mediummultiple choice
Read the full DHCP explanation →

A Linux router needs to forward DHCP broadcasts from clients on subnet 192.168.1.0/24 (eth0) to a DHCP server at 10.0.0.5. Which command starts a DHCP relay agent?

Question 78easymultiple choice
Study the full IPv6 explanation →

An administrator is troubleshooting IPv6 connectivity on an interface with link-local address fe80::1. Which command correctly pings that address from the local host, ensuring the packet uses the correct interface?

Question 79hardmultiple choice
Review the full OSPF breakdown →

A Linux router running FRR (Free Range Routing) needs to participate in OSPF with adjacent Cisco routers. Which configuration file should be modified to enable OSPF?

Question 80mediummulti select
Review the full routing breakdown →

Which TWO commands display the current kernel routing table? (Choose two.)

Question 81mediummulti select
Read the full Advanced Networking Configuration explanation →

Which THREE of the following are valid Linux bonding modes? (Choose three.)

Question 82hardmulti select
Study the full QoS explanation →

Which TWO tools are commonly used for traffic shaping and QoS on Linux? (Choose two.)

Question 83hardmultiple choice
Open the full VLAN trunking answer →

Your company has a Linux server acting as a router with three VLAN interfaces: eth0.10 (192.168.10.1/24), eth0.20 (192.168.20.1/24), and eth0.30 (192.168.30.1/24). The server has a default route via eth0 (native VLAN) to the internet gateway at 10.0.0.1. Internal hosts can communicate between VLANs, but cannot reach the internet. You have verified that the default route is present and that the gateway is reachable from the router itself. The iptables FORWARD chain policy is ACCEPT, and no filtering rules are defined. However, you notice that ip_forward is enabled. What is the most likely missing configuration?

Question 84mediummultiple choice
Read the full Advanced Networking Configuration explanation →

A Linux server with two NICs bonded in mode 1 (active-backup) was working correctly until a switch was replaced. Now, although both interfaces are up, the bond always shows only one active slave, and if that slave fails, traffic does not fail over. The bonding configuration uses miimon=100 and neither arp_interval nor arp_ip_target is set. You run 'cat /proc/net/bonding/bond0' and see that the MII status of both slaves is 'up' but the link failures count is 0 for the backup slave. What is the most likely cause, and which parameter should be adjusted?

Question 85mediummultiple choice
Read the full Advanced Networking Configuration explanation →

A system administrator notices that the network bond interface bond0 is not operational. The bond is configured using mode 1 (active-backup). The physical interfaces eth0 and eth1 are both up but bond0 shows 'DOWN'. Which of the following is the most likely cause?

Question 86easymulti select
Read the full NAT/PAT explanation →

An administrator needs to add a static route to the destination network 192.168.100.0/24 via gateway 10.0.0.1. Which TWO of the following commands accomplish this? (Choose two.)

Question 87hardmultiple choice
Read the full DHCP explanation →

A medium-sized company uses a Linux server as its internet gateway. The server runs Ubuntu 20.04 and has two network interfaces: eth0 (IP 192.168.1.1/24) connected to the internal LAN, and eth1 (DHCP client, obtains IP 203.0.113.10/24, gateway 203.0.113.1) connected to the ISP modem. The server uses iptables for NAT with the rule 'iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE'. IP forwarding is enabled (net.ipv4.ip_forward=1). Firewalld is running with the default zone set to 'public'. For the past week, internal clients on 192.168.1.0/24 have reported intermittent connectivity to external websites. The administrator notices that during the failures, packets sent to external websites leave the internal network (tcpdump on eth1 shows SYN), but the response SYN-ACK never reaches the client. The administrator checks that the iptables FORWARD chain has a default policy of ACCEPT and no restrictive rules. Which of the following is the most likely cause?

Question 88mediummultiple choice
Open the full VLAN trunking answer →

A sysadmin is configuring VLAN tagging on a Linux server that will act as a router-on-a-stick for multiple VLANs (10, 20, 30). The server has a single physical interface enp0s3 connected to a switch trunk port that allows VLANs 10, 20, and 30. The administrator uses systemd-networkd and creates VLAN interfaces enp0s3.10, enp0s3.20, enp0s3.30 with IP addresses 10.0.10.1/24, 10.0.20.1/24, and 10.0.30.1/24 respectively. They enable IP forwarding and, for security, set the iptables FORWARD chain default policy to DROP, but they add no specific rules. Clients in VLAN 10 can ping their gateway (10.0.10.1) but cannot ping clients in VLAN 20 (10.0.20.2). The switch confirms correct configuration. Which of the following is the most likely cause?

Question 89easymultiple choice
Read the full Advanced Networking Configuration explanation →

An administrator wants to implement network bonding for redundancy on a Linux server running RHEL 8. The server has two physical interfaces em1 and em2. The administrator creates a bond interface bond0 with mode active-backup (mode 1) and adds the slaves em1 and em2. They assign IP address 192.168.50.10/24 to bond0 and bring up the bond. The bond appears to work initially, with one slave active. However, when they disconnect the cable from the active slave, the bond does not fail over to the other slave. The administrator checks /proc/net/bonding/bond0 and sees that the link status for both slaves shows 'up' even after the disconnection. They confirm the bonding module is loaded and the mode is correct. Which of the following is the most likely missing configuration?

Question 90mediummultiple choice
Read the full DHCP explanation →

A small office network uses a Linux server running dnsmasq to provide DHCP and DNS services. The server runs Ubuntu with dnsmasq version 2.80. The configuration file /etc/dnsmasq.conf includes: 'interface=eth0', 'dhcp-range=192.168.1.100,192.168.1.200,12h', and no other DNS-related options. Clients receive IP addresses from the DHCP server and can access the internet. However, clients cannot ping other clients by hostname (e.g., 'ping workstation1' fails with NXDOMAIN). The dnsmasq logs show that DHCP requests are handled and the client hostnames are recorded. The administrator verifies that /etc/hosts contains only the localhost entry. Which of the following is the most likely cause?

Question 91hardmultiple choice
Read the full wireless explanation →

A company wants to set up a Linux bridge to connect a wireless interface (wlan0) to a wired interface (eth0) to allow devices on the wired network to access the internet through the wireless uplink. The Linux server runs Debian with hostapd to create an access point on wlan0. The administrator creates a bridge br0 using brctl and adds eth0 and wlan0 as ports. They assign IP 192.168.10.1/24 to br0 and start hostapd. Clients on the wired network can access the internet, but cannot ping clients on the wireless network, and vice versa. The administrator verifies that both interfaces are enslaved to br0 (brctl show shows both). They also confirm that IP forwarding is enabled and there are no iptables rules blocking anything. Which of the following is the most likely cause?

Practice tests

Scored 10-question sessions with instant feedback and explanations.

LPIC-2 Practice Test 1 — 10 Questions→LPIC-2 Practice Test 2 — 10 Questions→LPIC-2 Practice Test 3 — 10 Questions→LPIC-2 Practice Test 4 — 10 Questions→LPIC-2 Practice Test 5 — 10 Questions→LPIC-2 Practice Exam 1 — 20 Questions→LPIC-2 Practice Exam 2 — 20 Questions→LPIC-2 Practice Exam 3 — 20 Questions→LPIC-2 Practice Exam 4 — 20 Questions→Free LPIC-2 Practice Test 1 — 30 Questions→Free LPIC-2 Practice Test 2 — 30 Questions→Free LPIC-2 Practice Test 3 — 30 Questions→LPIC-2 Practice Questions 1 — 50 Questions→LPIC-2 Practice Questions 2 — 50 Questions→LPIC-2 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Linux Kernel and System StartupBlock Devices, Filesystems and Advanced StorageAdvanced Networking ConfigurationDNS, Web and Mail ServicesFile Sharing and SambaSystem SecurityNetwork Client Management

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Advanced Networking Configuration setsAll Advanced Networking Configuration questionsLPIC-2 Practice Hub