CCNA OSPF Questions

75 of 174 questions · Page 1/3 · OSPF topic · Answers revealed

1
Drag & Dropmedium

Drag and drop the following steps into the correct order to configure single-area OSPFv2 on a router and verify the neighbor state transitions from Down to Full.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

After configuring OSPF, clearing the process triggers neighbor state transitions from Down to Full, which can then be verified with the neighbor command.

Note: Clearing the OSPF process is a disruptive action that resets all adjacencies. In production, use 'clear ip ospf process' only when necessary. For normal configuration verification, 'show ip ospf neighbor' is sufficient without clearing.

Note: Clearing the OSPF process is a disruptive action that resets all adjacencies. In production, use 'clear ip ospf process' only when necessary. For normal configuration verification, 'show ip ospf neighbor' is sufficient without clearing.

Exam trap

Do not confuse the order of enabling OSPF and configuring networks; router ospf must come first. Also, remember that clearing the OSPF process is necessary to trigger neighbor state transitions for verification purposes.

2
PBQhard

You are connected to R1 via console. R1 and R2 are directly connected via their GigabitEthernet0/0 interfaces. Configure OSPFv3 for IPv6 on both routers so that the loopback0 interface on R2 (with IPv6 address 2001:db8:acad:2::1/64) is reachable from R1. Enable IPv6 unicast routing, enable OSPFv3 on the appropriate interfaces, and verify the neighbor adjacency and routing table. (Note: R2 already has OSPFv3 configured and is waiting for R1 to complete its configuration.)

Hints

  • OSPFv3 uses a separate process from OSPFv2; you must create the OSPFv3 process with 'ipv6 router ospf <process-id>'.
  • The router-id must be configured manually (e.g., 1.1.1.1) because there are no IPv4 addresses on R1.
  • OSPFv3 is enabled on an interface using 'ipv6 ospf <process-id> area <area-id>'.
A.Enable IPv6 unicast routing, configure OSPFv3 process with router-id, enable OSPFv3 on GigabitEthernet0/0 in area 0, and verify neighbor and route.
B.Enable IPv6 unicast routing, configure OSPFv2 process with router-id, enable OSPFv2 on GigabitEthernet0/0 in area 0, and verify neighbor and route.
C.Enable IPv6 unicast routing, configure OSPFv3 process without a router-id, enable OSPFv3 on GigabitEthernet0/0 in area 0, and verify neighbor and route.
D.Enable IPv6 unicast routing, configure OSPFv3 process with router-id, enable OSPFv3 on GigabitEthernet0/0 in area 0, but do not verify neighbor or route.
AnswerA
solution
! R1
ipv6 unicast-routing
ipv6 router ospf 1
router-id 1.1.1.1
exit
interface gigabitethernet0/0
ipv6 ospf 1 area 0
end

Why this answer

The issue is that OSPFv3 process is not enabled on R1. To fix, first ensure IPv6 unicast routing is enabled (already done). Then configure OSPFv3 routing process with a process ID (e.g., 1) and router-id using the `ipv6 router ospf 1` command and `router-id` command.

Then enable OSPFv3 on the GigabitEthernet0/0 interface with `ipv6 ospf 1 area 0`. Finally, verify with `show ospfv3 neighbor` to see R2's router ID (e.g., 2.2.2.2) and `show ipv6 route ospf` to see the route to 2001:db8:acad:2::/64.

Exam trap

A common trap is confusing OSPFv2 and OSPFv3. Remember that OSPFv3 is for IPv6 and requires a router-id. Also, do not skip verification steps; they are often required in exam scenarios.

Why the other options are wrong

B

OSPFv2 supports only IPv4; OSPFv3 is required for IPv6 routing.

C

OSPFv3 uses a 32-bit router-id, which must be manually configured or derived from an IPv4 address; without it, the process cannot operate.

D

Verification commands like 'show ospfv3 neighbor' and 'show ipv6 route ospf' are necessary to ensure OSPFv3 is functioning correctly.

3
Multi-Selectmedium

Which TWO statements correctly describe the behavior of the passive-interface command in single-area OSPFv2?

Select 2 answers
A.It prevents the router from sending Hello packets on the specified interface.
B.It prevents the router from advertising the network in OSPF LSAs.
C.The network associated with the passive interface is still advertised in OSPF LSAs.
D.It disables the interface for any OSPF traffic, including data traffic.
E.It removes the network from the OSPF routing table.
AnswersA, C

Passive-interface in OSPF suppresses Hello packets, preventing OSPF neighbor discovery.

Why this answer

The passive-interface command in OSPFv2 suppresses all OSPF protocol packets (Hello, DD, LSR, LSU, LSAck) on the specified interface, preventing neighbor adjacency formation. However, the network prefix of that interface is still included in the router LSA and advertised through active interfaces to the OSPF domain. Option A is correct because Hello packets are suppressed.

Option C is correct because the prefix is still advertised in LSAs. Option B is incorrect after rewording: it states that the network is not advertised, which is false. Option D is incorrect because passive-interface does not affect data traffic forwarding.

Option E is incorrect because the network remains in the OSPF routing table.

Exam trap

A common mistake is confusing passive-interface in OSPF with RIP or EIGRP; in OSPF, it suppresses all control packets on the interface, but the network is still advertised in LSAs via other interfaces.

Why the other options are wrong

B

This statement is false because passive-interface does not prevent the network from being advertised; the prefix is still injected into the OSPF LSAs.

D

Passive-interface only stops OSPF control packets; data traffic forwarding continues normally on the interface.

E

The passive-interface command does not remove the network from the OSPF routing table; the network is still reachable via other interfaces.

4
Multi-Selecthard

A router has learned route 172.16.50.0/24 from OSPF with cost 20 and also has a static route to the same prefix with administrative distance 5. Which two statements are correct about route selection?

Select 2 answers
A.The static route is installed because it has the lower administrative distance
B.The OSPF route is installed because cost 20 is lower than metric 0
C.If the static route is removed, OSPF can become the active route
D.Both routes are installed as equal-cost paths automatically
AnswersA, C

Administrative distance is compared before metric when routes come from different sources.

Why this answer

When the same prefix is learned from different routing sources, the router first compares administrative distance (AD). The static route with AD 5 wins over OSPF with AD 110, so option A is correct. Option C is correct because if the static route is removed, the OSPF route becomes the next best candidate and is installed.

Option B is wrong since AD is compared before metrics like OSPF cost; a lower cost does not override a lower AD. Option D is wrong because only one route is installed per destination based on AD, not both.

Exam trap

A common exam trap is to incorrectly assume that the OSPF route with a lower cost metric will be preferred over a static route. Many candidates mistakenly compare OSPF cost directly against the static route’s metric or ignore administrative distance entirely. This leads to the wrong conclusion that OSPF wins because 20 is less than 0 or some assumed static metric.

However, Cisco routers always compare administrative distance first when routes come from different sources. Ignoring this rule causes confusion and incorrect answers in routing questions involving multiple protocols.

Why the other options are wrong

B

Option B is incorrect because metrics like OSPF cost are only compared among routes from the same protocol; the router does not compare OSPF cost against static route administrative distance.

D

Option D is incorrect because routes from different sources with different administrative distances do not qualify for equal-cost multipath (ECMP), so both routes are not installed simultaneously.

5
MCQhard

A technician configures OSPF on R1 using the command network 10.0.0.0 0.0.0.255 area 0. R1's GigabitEthernet0/0 interface has IP address 10.0.0.1/30 and is included in the OSPF process. The technician confirms the interface is not passive using the show ip ospf interface GigabitEthernet0/0 command. However, R2 is not forming an OSPF adjacency with R1. What should the technician do next?

A.Check the OSPF hello and dead intervals on R1 and R2.
B.Verify the OSPF area ID configured on R2's interface.
C.Check whether R2's interface is configured as a passive interface.
D.Verify the subnet mask configured on R2's connecting interface.
AnswerD

OSPF on a broadcast network requires an exact subnet mask match; a mismatch will prevent neighbor relationships. Given that R1's interface is properly added to OSPF, is not passive, and is in the correct area, the most likely cause is a misconfigured subnet mask on R2. Checking this resolves a basic Layer 3 requirement before investigating any OSPF-specific parameters.

Why this answer

On broadcast multi-access networks like Ethernet, OSPF requires both neighbors to agree on the exact subnet mask; a mismatch causes the hello packets to be rejected. R1's interface is already confirmed to be in the correct area and not passive, so the next logical step is to check R2's interface configuration. Verifying the subnet mask on R2's connecting interface addresses a fundamental Layer 3 misconfiguration that would directly prevent adjacency formation, before investigating OSPF-specific parameters.

Exam trap

Many candidates jump to checking OSPF timer mismatches because hello/dead interval mismatches are a well-known cause of adjacency issues, but those are less common than simple subnet mask misconfigurations and should be investigated only after verifying basic IP addressing.

Why the other options are wrong

A

Skips the more likely and fundamental subnet mask check, which would render timer issues irrelevant until resolved.

B

Ignores the more foundational IP addressing check that could also cause the issue, and area troubleshooting would be misleading if the subnet mask is incorrect.

C

Jumps to an OSPF-specific command without first verifying the fundamental IP subnet configuration, which is a more direct cause of failed adjacencies on broadcast links.

6
MCQeasy

Which OSPF neighbor state indicates that the routers have already exchanged full link-state databases?

A.2-WAY
B.EXSTART
C.FULL
D.INIT
AnswerC

FULL indicates the neighbors are fully adjacent.

Why this answer

FULL means the adjacency is complete and database synchronization has finished. States such as INIT, 2-WAY, EXSTART, and EXCHANGE all occur earlier in the process.

Exam trap

A frequent exam trap is selecting the 2-WAY or EXSTART states as the answer because they represent important steps in OSPF neighbor formation. However, 2-WAY only confirms bidirectional hello packets without database exchange, and EXSTART is merely the negotiation phase for database synchronization. Choosing these states overlooks the fact that full link-state database exchange and adjacency completion only occur at the FULL state.

Misunderstanding this can lead to incorrect assumptions about OSPF neighbor readiness and routing stability.

Why the other options are wrong

A

The 2-WAY state confirms bidirectional communication between OSPF neighbors but does not indicate that the full link-state database has been exchanged. It is an intermediate step before full adjacency.

B

EXSTART is the initial phase of database exchange where routers negotiate master-slave roles and sequence numbers. It does not mean the databases are fully synchronized yet.

D

INIT state means a router has received a hello packet from a neighbor but has not confirmed bidirectional communication, so full database exchange has not started.

7
MCQhard

A route to 192.168.1.0/24 appears in the routing table from OSPF, but a more specific static route to 192.168.1.128/25 is also configured. Which route is used for traffic to 192.168.1.200?

A.The OSPF /24 route
B.The static /25 route
C.Both routes automatically load-balance
D.Neither route because the network overlaps
AnswerB

This is correct because 192.168.1.200 falls within 192.168.1.128/25.

Why this answer

The static /25 route is used because longest-prefix match prefers the most specific matching route. In plain language, even though the OSPF /24 route covers the destination, the /25 static route covers a narrower range and therefore wins for addresses inside that upper half of the subnet.

The router does not begin by asking which protocol is more trusted unless the prefix lengths are equal among the matching routes.

Exam trap

A common exam trap is assuming that the routing protocol with the lower administrative distance or higher trustworthiness automatically wins, regardless of prefix length. Candidates may incorrectly choose the OSPF /24 route because OSPF is a dynamic protocol and often trusted. However, the router always applies the longest-prefix match rule first, so the more specific static /25 route is preferred.

Overlapping routes are normal and do not cause routing conflicts; the router simply forwards packets based on the most specific match. Misunderstanding this can lead to selecting the wrong answer and missing the core routing principle tested here.

Why the other options are wrong

A

The OSPF /24 route is less specific than the static /25 route. Since longest-prefix match prefers the more specific route, the OSPF route is not used for 192.168.1.200.

C

Both routes do not automatically load-balance because they have different prefix lengths. Load balancing requires equal prefix length and equal cost routes, which is not the case here.

D

Neither route is incorrect because overlapping routes are common and resolved by longest-prefix match. The router uses the more specific static /25 route, so traffic is forwarded correctly.

8
MCQhard

An engineer is troubleshooting an OSPF adjacency issue between two Cisco routers, R1 and R2, connected via GigabitEthernet0/0 on both sides. Hosts on R1's LAN cannot ping hosts on R2's LAN. The engineer checks the OSPF neighbor state on R1 and sees the adjacency is stuck in EXSTART/EXCHANGE. The router IDs are 1.1.1.1 on R1 and 2.2.2.2 on R2, and both routers have a network statement for their directly connected subnet. What is the most likely cause of this problem?

A.The passive-interface default command is blocking OSPF Hellos on GigabitEthernet0/0.
B.There is an MTU mismatch between R1 and R2 on the GigabitEthernet0/0 interfaces.
C.The OSPF area configured on the interface does not match between R1 and R2.
D.The router IDs 1.1.1.1 and 2.2.2.2 are conflicting with each other.
AnswerB

An MTU mismatch causes OSPF DBD packets to be dropped, leading to the EXSTART/EXCHANGE state. Fixing the MTU on one side to match the other resolves the adjacency.

Why this answer

The EXSTART/EXCHANGE state indicates that OSPF neighbors have progressed past the 2-Way state and are attempting to exchange Database Description (DBD) packets. An MTU mismatch on the directly connected GigabitEthernet0/0 interfaces prevents successful DBD exchange because the interface with the smaller MTU drops the larger DBD packet, causing the adjacency to remain stuck in EXSTART/EXCHANGE. Options A and C are incorrect because passive-interface default and area mismatches prevent the adjacency from reaching EXSTART/EXCHANGE (they block Hello exchange), and option D is incorrect because conflicting router IDs would prevent adjacency formation entirely, not result in a stuck EXSTART/EXCHANGE state.

Exam trap

Cisco often tests the MTU mismatch scenario by presenting symptoms of a stuck adjacency in EXSTART/EXCHANGE, which candidates may confuse with other issues like mismatched areas or passive interfaces, but the key clue is the specific state where DBD exchange fails.

Why the other options are wrong

A

The passive-interface default command would block Hellos, preventing the adjacency from ever reaching the EXSTART/EXCHANGE state.

C

An OSPF area mismatch would cause Hellos to be ignored, so the adjacency would not progress past the Down or Init state.

D

Conflicting router IDs would prevent the routers from becoming neighbors at all, as OSPF requires unique router IDs within an area.

9
MCQhard

A router learns route 198.51.100.0/24 from OSPF with AD 110 and also has a static route to the same prefix configured with AD 150. Which route is installed?

A.The static route, because static routes always win
B.The OSPF route, because 110 is lower than 150
C.Both routes, because administrative distances are different
D.Neither route, because the static route is floating
AnswerB

Correct. OSPF is preferred here because AD 110 is lower than 150.

Why this answer

The route with the lower administrative distance is installed. A static route configured with a higher AD becomes a floating static route and remains as a backup until the preferred route disappears.

Exam trap

Don't assume static routes are always preferred; check the administrative distance.

Why the other options are wrong

A

Static routes do not always win; they have a default administrative distance of 1, but in this scenario the static route was configured with AD 150, which is higher than OSPF's AD 110. Therefore, the OSPF route is preferred.

C

A router installs only the best route (lowest AD) for a given prefix into the routing table. Different AD values do not cause both routes to be installed; the route with the lower AD is chosen.

D

A floating static route is a static route with a higher AD than the dynamic route, so it remains inactive as a backup. In this case, the static route is floating, but it is still valid and will be used if the OSPF route is lost. The question asks which route is installed, and the OSPF route is installed, not neither.

10
MCQhard

A network engineer configures OSPF on R1 and R2 over a point-to-point link. The interfaces are in the same OSPF area, with matching hello and dead timers, and are on the same IP subnet. However, the command show ip ospf neighbor on both routers shows no neighbors. A firewall sits between R1 and R2. What should the technician do next?

A.Check the firewall rules to verify that multicast address 224.0.0.5 is not being blocked.
B.Verify that the OSPF router IDs on R1 and R2 are unique.
C.Check the OSPF network type on the connecting interfaces.
D.Verify that the MTU on the connecting interfaces matches.
AnswerA

This is correct because OSPF multicast hellos (224.0.0.5) must be permitted through the firewall for neighbors to form. If blocked, routers will not see each other's hellos, resulting in an empty neighbor table.

Why this answer

OSPF uses multicast address 224.0.0.5 for hello packets on all OSPF network types except non-broadcast. With a firewall in the path, the most common reason for a complete lack of neighbor discovery, even when the interface-level OSPF parameters match, is that the firewall is blocking this multicast traffic. Checking the firewall rules directly addresses the most likely layer-3/layer-4 filtering issue and is a non-intrusive first step before examining deeper OSPF-specific settings.

Exam trap

Many candidates would jump to verifying the MTU, recalling that MTU mismatch is a classic OSPF issue. However, an MTU mismatch typically results in neighbors becoming stuck in the EXSTART or EXCHANGE state, not a complete absence of neighbors. The presence of a firewall and no neighbors at all strongly suggests the hellos are being dropped entirely, making the ACL check a higher priority.

Why the other options are wrong

B

Router ID duplication does not explain a completely empty neighbor table; neighbors would still be detected via hellos.

C

Network type mismatch would likely still result in hellos being received and a neighbor entry appearing, just not advancing to full adjacency. The complete absence of neighbors points to a transport issue.

D

Candidates often remember MTU mismatch as a frequent OSPF problem, but it manifests after neighbor discovery, not as a complete lack of neighbors.

11
MCQhard

R1 is not forming an OSPF adjacency with R2 on GigabitEthernet0/1. Which mismatch below is the most likely cause?

A.The routers are using different IP subnet masks on the shared link
B.OSPF cannot run on GigabitEthernet interfaces
C.Both routers are in area 0
D.The router IDs must match for adjacency to form
AnswerA

That mismatch can stop OSPF adjacency on the segment.

Why this answer

For OSPF neighbors to form, key settings on a shared segment must match. A subnet mask mismatch on a broadcast network often prevents proper neighbor formation because the routers do not agree on the local network.

Exam trap

A common exam trap is confusing the need for matching router IDs with adjacency formation. While router IDs must be unique within an OSPF domain, they do not need to match for adjacency to form. Another trap is assuming OSPF cannot run on GigabitEthernet interfaces, which is incorrect because OSPF supports all standard interface types.

The most tempting mistake is overlooking the subnet mask mismatch, which silently prevents adjacency by making routers believe they are on different networks, even if other parameters like area ID match. This subtle misconfiguration is often missed during troubleshooting.

Why the other options are wrong

B

Incorrect because OSPF fully supports GigabitEthernet interfaces. There is no restriction on running OSPF on these interfaces in Cisco IOS.

C

Incorrect because both routers being in area 0 is necessary for adjacency on that segment. Matching area IDs help form adjacency rather than prevent it.

D

Incorrect because router IDs must be unique, not identical. Matching router IDs do not cause adjacency to form; in fact, duplicate router IDs cause routing problems but not adjacency failure due to subnet mismatch.

12
MCQhard

A router has a static route for 172.16.10.128/25 and an OSPF-learned route for 172.16.10.0/24. When forwarding traffic to 172.16.10.130, why does the router use the static route instead of the OSPF route?

A.Because the static /25 route is more specific than the OSPF /24 route.
B.Because static routes always beat OSPF even when they are less specific.
C.Because OSPF routes cannot be used for Class B networks.
D.Because the OSPF metric is lower than the static administrative distance.
AnswerA

This is correct because longest-prefix match selects the /25 for 172.16.10.130.

Why this answer

The static route is used because it is the more specific match. In practical terms, route selection starts with prefix specificity. The destination 172.16.10.130 matches both routes shown, but the static /25 is more specific than the OSPF /24. Because longest-prefix match comes first, the static route is chosen regardless of the different route sources.

This is a classic route-selection interpretation question that tests whether you prioritize specificity correctly.

Exam trap

A common exam trap is to incorrectly assume that static routes always override OSPF routes due to their lower administrative distance, regardless of prefix length. Candidates might also believe that OSPF cannot handle Class B networks or that metrics alone determine route selection. The trap lies in ignoring the fundamental routing principle of longest-prefix match, which Cisco routers apply before considering administrative distance or metric.

This misunderstanding leads to incorrect answers and confusion about route selection behavior in Cisco routing tables.

Why the other options are wrong

B

Option B is incorrect because static routes do not always override OSPF routes regardless of specificity. Prefix length is evaluated before administrative distance, so a less specific static route would not override a more specific OSPF route.

C

Option C is incorrect because OSPF can route any IP address range, including Class B networks like 172.16.0.0/16. There is no limitation on OSPF routing based on IP class.

D

Option D is incorrect because the routing decision here is based on prefix length, not on comparing OSPF metric and static route administrative distance. The static route’s longer prefix length takes precedence.

13
MCQhard

A router receives a destination prefix from EIGRP with administrative distance 90 and also from OSPF with administrative distance 110. The prefix length is identical. Which route source is preferred?

C.Both equally
D.Neither, because route sources cannot overlap
AnswerA

This is correct because EIGRP’s default administrative distance of 90 is lower than OSPF’s 110.

Why this answer

The EIGRP route is preferred because its administrative distance is lower. In practical terms, once the prefix length is the same, the router compares the trustworthiness of the route source. Lower administrative distance wins. Since 90 is lower than 110, EIGRP is preferred over OSPF for that destination.

This is an administrative-distance comparison question, not a longest-prefix question. The key is that the prefix length is equal, so source preference becomes the deciding factor.

Exam trap

A frequent exam trap is to assume that OSPF routes might be preferred over EIGRP routes simply because OSPF is a widely used IGP or because of metric comparisons within OSPF. Candidates often confuse administrative distance with routing metrics, mistakenly thinking that the lower metric route is preferred regardless of protocol. However, administrative distance is the first criterion when routes come from different protocols.

Another trap is to think that routes from different protocols cannot overlap or that prefix length alone determines preference. The key is that when prefix lengths are equal, the router uses administrative distance to select the best route, so EIGRP’s lower AD of 90 always beats OSPF’s 110.

Why the other options are wrong

B

This option is incorrect because OSPF’s administrative distance of 110 is higher than EIGRP’s 90, so OSPF routes are less preferred when both advertise the same prefix length.

C

This option is incorrect because routers do not treat routes from different protocols with equal administrative distance; they prefer the route with the lower administrative distance, so both routes are not equally preferred.

D

This option is incorrect because routers can and often do receive overlapping routes from multiple routing protocols and must compare administrative distance to choose the best route.

14
MCQhard

A router learns the same destination prefix from OSPF and from a static route configured with administrative distance 90. Which route is preferred by default?

A.The static route with distance 90
B.The OSPF route, because dynamic routes always beat static routes
C.Both routes equally, because the prefix is identical
D.Neither route, because duplicate information is dropped
AnswerA

This is correct because 90 is lower than OSPF’s default administrative distance of 110.

Why this answer

The static route is preferred because its administrative distance of 90 is lower than OSPF’s default administrative distance of 110. In practical terms, when the prefix length is the same, the router compares route-source trust next. The lower administrative distance wins.

This question is important because many learners remember that static routes are often strong choices but forget that administrative distance can be tuned. Here, that tuning explicitly makes the static route more preferred than OSPF.

Exam trap

A frequent exam trap is believing that dynamic routing protocols like OSPF always take precedence over static routes. Many candidates mistakenly think that dynamic routes inherently override static routes regardless of administrative distance. However, Cisco routers use administrative distance as the primary factor in route selection, not the route source type.

Since the static route in this question has an AD of 90, which is lower than OSPF’s default 110, the static route is preferred. Misunderstanding this can lead to incorrect answers and confusion about route installation in the routing table.

Why the other options are wrong

B

This option is incorrect because route preference is determined by administrative distance, not by a blanket rule that dynamic routes always beat static routes.

C

This option is incorrect because identical prefix length alone does not guarantee equal route preference; administrative distance is the deciding factor.

D

This option is incorrect because routers do not drop duplicate routing information; instead, they choose the best route based on administrative distance.

15
MCQhard

An engineer is troubleshooting an OSPFv3 adjacency issue between two routers R1 and R2 connected over a serial link. The link is up/up on both sides, and IPv6 is enabled on the interfaces. However, the 'show ipv6 ospf neighbor' command shows no neighbors. The engineer checks the OSPFv3 configuration. What is the most likely cause of the missing adjacency?

A.The serial interface on R2 is administratively down.
B.OSPFv3 authentication is configured on R1 but not on R2.
C.The IPv6 address on R2 is in a different subnet than R1.
D.The OSPFv3 router-id is not configured on R2.
AnswerB

R1 has IPsec authentication under router ospfv3, but R2 does not. This mismatch prevents adjacency formation.

Why this answer

Option B is correct because OSPFv3 uses IPsec for authentication, unlike OSPFv2 which uses plaintext or MD5 authentication. If authentication is configured on one router but not the other, the OSPFv3 Hello packets will be dropped, preventing neighbor adjacency from forming. The 'show ipv6 ospf neighbor' command will show no neighbors because the routers cannot exchange Hello packets successfully.

Exam trap

Cisco often tests the misconception that OSPFv3 requires matching subnets (like OSPFv2) or that authentication is optional, when in fact OSPFv3 uses IPsec and any mismatch breaks adjacency silently.

Why the other options are wrong

A

The question states the serial link is up/up on both sides, meaning the interface is not administratively down. An administratively down interface would show as 'administratively down' in the interface status, not 'up/up'.

C

Both interfaces have IPv6 addresses in the 2001:DB8:1:1::/64 subnet, so the subnet matches. OSPFv3 does not require interfaces to be in the same subnet for adjacency, but it does require link-local addresses to be reachable. However, the given addresses are global unicast, and the subnet match is not the issue here.

D

The router-id is configured on R2 as 2.2.2.2, as stated in the existing explanation. OSPFv3 requires a router-id, and it is present, so this is not the cause.

16
MCQmedium

A network engineer wants a static route to be used only when the OSPF-learned route disappears. Which configuration approach meets that goal?

B.Use a static route with administrative distance higher than 110
C.Use a static route with metric 0
D.Redistribute the static route into OSPF
AnswerB

OSPF uses AD 110, so the backup static route must be higher.

Why this answer

That is a floating static route. You configure the static route with an administrative distance higher than the OSPF route so it stays in reserve until the dynamic path is lost.

Exam trap

A frequent exam trap is selecting a static route with a default or lower administrative distance than OSPF, such as AD 1, which causes the static route to be preferred immediately, overriding the OSPF route. Another common mistake is thinking that adjusting the metric of the static route or redistributing it into OSPF will create a backup route. Metrics influence path selection within routing protocols but do not affect route preference between static and OSPF routes.

Redistribution simply advertises the static route dynamically and does not provide failover control. These misunderstandings lead to incorrect configurations that do not meet the requirement of using the static route only when the OSPF route disappears.

Why the other options are wrong

A

Using a static route with administrative distance 1 makes it the most preferred route immediately, overriding the OSPF-learned route. This does not meet the requirement of using the static route only when the OSPF route disappears.

C

Setting a static route with metric 0 does not influence route preference between static and OSPF routes because metrics affect path selection within routing protocols, not across different route sources.

D

Redistributing the static route into OSPF advertises it dynamically but does not create a backup route that activates only when the OSPF route disappears. Redistribution is unnecessary for this backup behavior.

17
MCQhard

R1 and R2 are directly connected. Their interfaces are up/up and belong to the same subnet. R1's OSPF configuration places the interface in area 0, while R2's interface is in area 1. R1 does not show R2 as an OSPF neighbor. What is the most likely cause?

A.The area IDs do not match
B.R1 must use a loopback as the router ID
C.The subnet mask is too small for OSPF to work
D.R2 should be configured as the DR manually
AnswerA

An area mismatch prevents the neighbor relationship.

Why this answer

OSPF neighbors on the same link must agree on the area ID. Here, one side is in area 0 and the other is in area 1, so adjacency never forms even though the interfaces are up and in the same subnet.

Exam trap

A common trap is focusing on router ID or subnet mask instead of recognizing that mismatched area IDs prevent OSPF adjacency.

Why the other options are wrong

B

Incorrect. While using a loopback interface as the router ID is recommended for stability, it is not required for OSPF neighbor adjacency to form.

C

Incorrect. A /30 subnet mask is valid for point-to-point OSPF links and does not prevent neighbor relationships from forming.

D

Incorrect. The Designated Router (DR) election occurs after adjacency formation and does not prevent neighbors from forming if area IDs mismatch.

18
Drag & Dropmedium

Drag and drop the following OSPFv2 neighbor state transitions and DR/BDR election steps into the correct order for a multi-access network with default priority values.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

The correct OSPF neighbor state progression on a multi-access network is: Down, Init, 2-Way (with DR/BDR election), ExStart (master/slave negotiation), Exchange (DBD exchange), Loading (link-state request and update), and Full. Each option missing the Loading state or placing it incorrectly fails to represent the complete adjacency process.

Exam trap

Many learners forget the Loading state, thinking adjacency jumps directly from Exchange to Full; however, after exchanging database descriptors (DBDs), routers must request and load missing LSAs via Link State Request/Update packets, which occurs in the Loading state.

19
MCQmedium

When two routes to the same destination are learned by OSPF from different paths, what criterion does OSPF use to select the best path?

B.Lowest OSPF cost
C.Highest bandwidth of the first hop only
D.Lowest next-hop IP address
AnswerB

Correct choice.

Why this answer

Within OSPF, the router compares the total path cost to the destination. Lower cost is preferred. Administrative distance is used when comparing routes from different routing sources, not between two OSPF paths.

Exam trap

A common exam trap is selecting administrative distance as the criterion for OSPF route selection. While administrative distance determines route preference between different routing protocols, OSPF uses cost internally to choose the best path. Another trap is assuming OSPF chooses routes based on the highest bandwidth of the first hop only, ignoring the cumulative cost of the entire path.

Candidates may also mistakenly think OSPF uses the lowest next-hop IP address, which is incorrect. These misunderstandings can lead to incorrect answers on OSPF routing questions.

Why the other options are wrong

A

Lowest administrative distance is incorrect because administrative distance is used to compare routes from different routing protocols, not to select between multiple OSPF-learned routes. Within OSPF, all routes have the same administrative distance, so this criterion does not apply.

C

Highest bandwidth of the first hop only is incorrect because OSPF considers the cumulative cost of the entire path, not just the bandwidth of the first hop. Focusing only on the first hop bandwidth ignores the cost of subsequent links.

D

Lowest next-hop IP address is incorrect because OSPF does not use the next-hop IP address as a criterion for route selection. The protocol relies exclusively on the cost metric to determine the best path.

20
PBQhard

You are connected to R1 via console. Configure OSPFv3 for IPv6 on both R1 and R2 so that the loopback0 interface on R2 (IPv6 address 2001:db8:1:2::1/64) is reachable from R1. The link between R1 and R2 uses the subnet 2001:db8:1:1::/64 with R1's G0/0 having IPv6 address 2001:db8:1:1::1/64 and R2's G0/0 having 2001:db8:1:1::2/64. OSPFv3 process ID must be 100 and all interfaces must be in area 0. After configuration, verify OSPFv3 neighbors and the IPv6 route to the loopback0 network.

Hints

  • OSPFv3 uses the 'ipv6 ospf <process-id> area <area-id>' command under each interface.
  • The loopback0 interface on R2 must also be enabled for OSPFv3 to advertise its prefix.
  • A router-id is required for OSPFv3; if not configured explicitly, the router may not form adjacency.
A.On R1: ipv6 router ospf 100, router-id 1.1.1.1, interface g0/0: ipv6 ospf 100 area 0. On R2: ipv6 router ospf 100, router-id 2.2.2.2, interface g0/0: ipv6 ospf 100 area 0, interface loopback0: ipv6 ospf 100 area 0.
B.On R1: ipv6 router ospf 100, router-id 1.1.1.1, interface g0/0: ipv6 ospf 100 area 0. On R2: ipv6 router ospf 100, router-id 2.2.2.2, interface g0/0: ipv6 ospf 100 area 0. No configuration on loopback0.
C.On R1: ipv6 router ospf 100, router-id 1.1.1.1, interface g0/0: ipv6 ospf 100 area 0. On R2: ipv6 router ospf 100, router-id 2.2.2.2, interface g0/0: ipv6 ospf 100 area 0, interface loopback0: ipv6 ospf 100 area 0, and also configure 'network 2001:db8:1:2::/64 area 0' under the OSPFv3 process.
D.On R1: ipv6 router ospf 100, router-id 1.1.1.1, interface g0/0: ipv6 ospf 100 area 0. On R2: ipv6 router ospf 100, router-id 2.2.2.2, interface g0/0: ipv6 ospf 100 area 0, interface loopback0: ipv6 ospf 100 area 0, and also configure 'passive-interface GigabitEthernet0/0' under the OSPFv3 process.
AnswerA
solution
! R1
ipv6 router ospf 100
router-id 1.1.1.1
interface GigabitEthernet0/0
ipv6 ospf 100 area 0

! R2
ipv6 router ospf 100
router-id 2.2.2.2
interface GigabitEthernet0/0
ipv6 ospf 100 area 0
interface Loopback0
ipv6 ospf 100 area 0

Why this answer

To achieve reachability to R2's loopback, OSPFv3 must be enabled on R1's and R2's G0/0 interfaces in area 0, and on R2's loopback0 so its prefix is advertised. Option A shows the minimal correct configuration. Option B omits enabling OSPF on loopback0, so the route to 2001:db8:1:2::/64 is not advertised.

Option C incorrectly uses the 'network' command, which is not supported in OSPFv3; OSPFv3 relies on interface-level 'ipv6 ospf ... area' commands. Option D adds 'passive-interface GigabitEthernet0/0', which prevents OSPF from forming a neighbor adjacency on the link, breaking the required connectivity.

Exam trap

Do not confuse OSPFv2 and OSPFv3 configuration. OSPFv3 uses only interface-level commands, and while setting a loopback as passive is safe, applying 'passive-interface' on a transit link will block neighbor adjacency.

Why the other options are wrong

B

Loopback0 is not enabled for OSPF, so its prefix is not advertised into OSPF.

C

The 'network' command is invalid in OSPFv3 for IPv6; only interface-level 'ipv6 ospf ... area' commands are used.

D

Applying 'passive-interface GigabitEthernet0/0' prevents OSPF from forming a neighbor adjacency on the link, breaking the verification of neighbor state.

21
PBQmedium

You are connected to the console of R1. The network administrator reports that users cannot communicate with the server at 192.168.2.10. R1 is connected to R2 via a serial link (S0/0/0) with IP 10.0.0.1/30 on R1 and 10.0.0.2/30 on R2. The network uses OSPF for routing. You suspect an interface issue on the serial link.

Network Topology
S0/0/010.0.0.1/30S0/0/010.0.0.2/30SerialS0/0/010.0.0.2/30192.168.2.10G0/0 192.168.2.1/24R2R1Server

Hints

  • Check the interface status and line protocol.
  • Serial links require a clock rate on the DCE end.
  • Ensure the encapsulation matches on both ends.
A.Use the show interfaces serial0/0/0 command to verify the interface status and check for encapsulation mismatch.
B.Use the show ip route command to verify that the route to 192.168.2.0/24 is present in the routing table.
C.Use the ping 10.0.0.2 command to test Layer 3 connectivity to the neighbor router.
D.Use the show running-config interface serial0/0/0 command to check the configuration of the serial interface.
AnswerA
solution
! R1
interface Serial0/0/0
clock rate 64000
no shutdown
encapsulation ppp

Why this answer

The serial interface may be administratively down or have incorrect encapsulation. Setting the clock rate on the DCE side and ensuring PPP encapsulation matches the neighbor resolves the issue.

Exam trap

Do not confuse troubleshooting steps: when a specific interface issue is suspected, use interface-level commands like show interfaces, not routing or ping commands. The show interfaces command is the go-to for verifying interface status and encapsulation.

Why the other options are wrong

B

The show ip route command does not provide interface-level details such as encapsulation or clock rate; it only shows routing information.

C

Ping does not provide detailed interface status or configuration information; it only indicates whether the neighbor is reachable, not why it is not.

D

The running-config shows the intended configuration but not the current operational state; for example, it won't show if the interface is administratively down unless you check the shutdown command.

22
MCQhard

A technician is troubleshooting an OSPF adjacency problem: R1 and R2 are not forming a neighbor relationship. R1's OSPF configuration includes the command 'network 192.168.1.0 0.0.0.255 area 0'. R2's GigabitEthernet0/0 is configured with IP address 10.1.1.1/30 and is participating in OSPF area 0. The engineer verifies that physical connectivity is fine and OSPF is enabled on R2. What is the most likely cause?

A.The OSPF network type on R1's interface differs from the network type on R2's interface.
B.R1's network statement does not include the subnet of the link connecting R1 and R2.
C.R1's router ID is not manually set and duplicates the router ID of R2.
D.Mismatched OSPF hello and dead intervals between the routers.
AnswerB

The command 'network 192.168.1.0 0.0.0.255 area 0' only enables OSPF on interfaces with an IP address in the 192.168.1.0/24 range. The link uses the 10.1.1.0/30 subnet, so R1's interface (e.g., 10.1.1.2/30) is not matched. Consequently, OSPF is inactive on that interface, and no neighbor relationship can form.

Why this answer

R1's network statement uses a wildcard mask of 0.0.0.255, which exactly matches interfaces with IP addresses in the 192.168.1.0/24 range. The link between R1 and R2 uses the 10.1.1.0/30 subnet, so R1's interface on that link will have an IP address that does not fall within the network command. Because OSPF only activates on interfaces whose primary IP is covered by a network statement, OSPF is not running on R1's connecting interface; no Hello packets are sent, and the adjacency cannot form.

The other options describe possible causes but do not align with the given configuration: no explicit network type change is mentioned, duplicate router-IDs are not indicated, and no timer modification is described.

Exam trap

Many candidates mistakenly believe the OSPF network command is used solely to advertise routes and does not control which interfaces run OSPF. They may overlook the fact that the network command also enables OSPF on interfaces whose IP address falls within the specified range, leading them to choose an incorrect but plausible alternative such as a mismatched network type or duplicate router‑IDs.

Why the other options are wrong

A

Candidates assume that OSPF adjacency failures on Ethernet links are often due to network type mismatches, without considering that the default settings match.

C

Candidates may remember that duplicate router‑IDs break OSPF and jump to this conclusion without first analyzing the simpler configuration issue.

D

Many students learn that timer mismatches are a common OSPF problem and may incorrectly assume they are the cause when the real issue is a basic configuration oversight.

23
MCQhard

R1 and R2 are directly connected. Both are configured in OSPF area 0, and they can successfully ping each other. However, OSPF neighbor adjacency fails. R1's interface is configured with `ip ospf authentication message-digest` and a valid key, while R2's interface has no OSPF authentication configured. What is the most likely cause?

A.The routers are in different OSPF areas.
B.The OSPF authentication settings do not match.
C.The routers need identical hostnames before adjacency can form.
D.The subnet mask prevents OSPF multicast traffic.
AnswerB

This is correct because one side expects MD5 authentication and the other side is not shown with matching authentication.

Why this answer

The most likely cause is an OSPF authentication mismatch. Although the routers have IP connectivity and are in the same OSPF area, OSPF adjacency requires matching security parameters. R1 uses message-digest authentication whereas R2 has none configured, preventing neighbor formation.

The other options are incorrect: the stem confirms they are in the same area (A), OSPF does not require identical hostnames (C), and successful pings prove the subnet mask does not block multicast traffic (D).

Exam trap

A frequent exam trap is assuming that successful ping and matching OSPF areas guarantee neighbor adjacency. Candidates often overlook OSPF authentication mismatches, especially when one router uses message-digest authentication and the other does not. This leads to confusion because the link appears operational at Layer 3, but OSPF packets are discarded silently.

The trap exploits the misconception that IP connectivity alone is sufficient for OSPF adjacency, ignoring the protocol’s security requirements.

Why the other options are wrong

A

Both routers are explicitly in OSPF area 0, so they are not in different areas.

C

OSPF neighbor formation does not depend on matching hostnames; router IDs and interface parameters are what matter.

D

Since the routers can ping each other, IP reachability exists, indicating the subnet mask is not preventing OSPF multicast packets from being delivered.

24
MCQhard

A router has both an OSPF route and a static route to the same destination. The static route has an administrative distance of 200. What is the expected behavior while the OSPF route remains available?

A.The static route remains a backup and is used only if the OSPF route is lost.
B.The static route overrides OSPF immediately because static routes always win.
C.Both routes must be installed simultaneously because they point to the same destination.
D.The router removes the OSPF route because the static route has a manually configured distance.
AnswerA

This is correct because the static route’s administrative distance is higher than OSPF’s, so it floats in reserve.

Why this answer

The static route with an administrative distance of 200 behaves as a floating backup. In plain language, the router keeps it in reserve and prefers the OSPF route while OSPF is healthy, because OSPF’s default administrative distance of 110 is lower and therefore more trusted. The static route does not disappear from the configuration, but it stays out of the active routing table unless the better route is lost.

This is a very common CCNA concept because it shows how routing preference works between different route sources. The higher-distance static route is not useless; it is intentionally configured so that it becomes active only during a failure. That design provides backup routing without interfering with the normal dynamic path. The correct answer is the one describing the static route as a standby or floating route rather than as the preferred path.

Exam trap

Remember that lower administrative distance means higher preference, regardless of whether a route is static or dynamic.

Why the other options are wrong

B

Static routes do not always override dynamic routes; route selection is based on administrative distance. OSPF has a default AD of 110, which is lower than 200, so the OSPF route is preferred. The statement that static routes always win is incorrect because AD values determine preference.

C

Routers install only the best route (lowest AD) for a given destination in the routing table, unless equal-cost multipath (ECMP) is configured with identical metrics. Since OSPF and static routes have different ADs, they are not installed simultaneously; only the OSPF route is used.

D

The router does not remove the OSPF route because the static route has a manually configured distance. The OSPF route has a lower AD (110) than the static route's AD (200), so OSPF remains the preferred route and stays in the routing table.

25
MCQhard

An administrator configured a floating static default route on R1 as a backup to reach 10.10.10.0/24. The primary path is learned via OSPF, and the floating static route uses an administrative distance of 130. After the primary OSPF neighbor fails, traffic to 10.10.10.0/24 is dropped. According to the exhibit, why is the backup default route not being used?

A.The static route specifies an outgoing interface that is down; the next‑hop must be reachable for the route to be used.
B.The administrative distance of 130 is still less than the OSPF default of 110, so it will never be installed.
C.The static route is missing the permanent keyword, which is required for backup routes.
D.The metric of the static route is too high; it should be reduced to 0.
AnswerA

Because the static route uses only the outgoing interface (Serial0/0/0) without a next‑hop IP, the interface must be up/up for the route to be placed in the RIB. Since Serial0/0/0 is down, the entry is invalid.

Why this answer

The floating static default route is not used because the outgoing interface specified in the static route is down. For a static route with an outgoing interface to be considered valid and installed in the routing table, the interface must be in an up/up state. When the primary OSPF neighbor fails, the backup static route cannot be used because its next-hop is unreachable due to the interface being down, causing traffic to be dropped.

Exam trap

Cisco often tests the distinction between static routes with an outgoing interface versus a next-hop IP address, where candidates mistakenly assume a floating static route will automatically become active when the primary route fails, without considering the interface state.

Why the other options are wrong

B

This misinterprets AD: after the primary route is gone, any route with a higher AD (i.e., lower numeric value) is no longer present, so the floating static route should be installed if reachable.

C

Permanent is rarely needed and does not make a route usable when the interface is down; it only keeps the routing table entry present, but traffic cannot be forwarded.

D

Changing a static route metric is not possible, and even if it were, it would not change the fact that the specified interface is down.

26
MCQmedium

Exhibit: R1 shows an OSPF neighbor stuck in EXSTART with R2 on a serial link. What is the most likely cause?

A.An OSPF area mismatch
B.A duplicate router ID on R1 and R2
C.An interface MTU mismatch between the routers
D.A missing default route on R2
AnswerC

EXSTART or EXCHANGE problems commonly occur when the MTU values do not match.

Why this answer

When two OSPF routers stay in EXSTART, the first thing to suspect is an MTU mismatch. They can discover each other, but database exchange does not complete because the DBD packets do not agree on interface MTU.

Exam trap

Be aware that MTU mismatches cause EXSTART issues, while other mismatches prevent adjacency formation.

Why the other options are wrong

A

An OSPF area mismatch prevents routers from forming a full adjacency; they typically remain in the INIT or 2-WAY state, not EXSTART. The EXSTART state indicates that the routers have already exchanged Hello packets and are attempting to negotiate the master/slave relationship, which requires matching area IDs.

B

Duplicate router IDs cause OSPF to behave unpredictably, often resulting in flapping adjacencies or multiple neighbors with the same ID, but they do not typically cause a stuck EXSTART state on a single link. The routers would still progress through the states, but the adjacency may be unstable.

D

A missing default route on R2 does not affect OSPF adjacency formation. OSPF neighbors exchange routing information using multicast Hello and DD packets, which do not require a default route. The adjacency process is independent of the routing table content.

27
PBQhard

You are connected to R1 via the console. Configure OSPFv2 on R1 and R2 to establish a single-area OSPF adjacency in area 0. The link between R1 (G0/0) and R2 (G0/0) uses 10.0.0.0/30, and both routers must use an MTU of 1500. The current configuration has mismatched hello/dead timers and an area mismatch, preventing adjacency. Fix all issues so that R1 and R2 become fully adjacent.

Network Topology
G0/010.0.0.1/30G0/010.0.0.2/30linkR1R2

Hints

  • Check the OSPF area configured under the network statement on R1.
  • Compare the hello and dead intervals on both routers; they must match.
  • After fixing area and timers, verify the adjacency with show ip ospf neighbor.
A.On R1, change the network statement to area 0 and set the hello interval to 5 under interface G0/0.
B.On R2, change the network statement to area 1 and set the hello interval to 10 under interface G0/0.
C.On R1, change the network statement to area 0 and set the MTU to 1500 under interface G0/0.
D.On R2, change the network statement to area 0 and set the dead interval to 40 under interface G0/0.
AnswerA
solution
! R1
configure terminal
router ospf 1
no network 10.0.0.0 0.0.0.3 area 1
network 10.0.0.0 0.0.0.3 area 0
exit
interface GigabitEthernet0/0
ip ospf hello-interval 5
end

Why this answer

The adjacency fails because of two mismatches: the OSPF area on R1 is area 1 while R2 uses area 0, and the hello/dead timers differ (R1: 10/40, R2: 5/20). To fix, on R1 change the network statement to area 0 and adjust the hello interval to 5 (which also automatically sets dead to 20). Option B is wrong because it places the adjacency in area 1 (not area 0) and does not fix the timer mismatch on R2.

Option C is wrong because it does not address the hello/dead timer mismatch; the MTU is already correct at 1500. Option D is wrong because it leaves the hello interval mismatched (10 vs 5) and alters the dead interval unnecessarily; the dead interval is automatically derived from the hello interval.

Exam trap

Watch out for multiple mismatches: area ID and timers. Do not assume MTU is the issue when it is explicitly stated as matching. Also remember that changing the hello interval automatically adjusts the dead interval (4x hello).

Why the other options are wrong

B

This places the adjacency in area 1, not area 0 as required, and does not fix the timer mismatch on R2.

C

This does not fix the hello/dead timer mismatch; MTU is already matching at 1500.

D

This leaves the hello interval mismatched (10 vs 5) and alters the dead interval unnecessarily; R2 needs hello interval set to 5, not dead interval.

28
Drag & Dropmedium

Drag and drop the following steps into the correct order to configure OSPFv3 for IPv6 on a Cisco IOS-XE router.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

To configure OSPFv3 for IPv6, first enable IPv6 routing globally with 'ipv6 unicast-routing'. Next, enter OSPFv3 configuration mode using 'router ospfv3 1' to set process parameters. Then, apply OSPFv3 on each interface with 'ipv6 ospf <process-id> area <area-id>'.

Finally, verify adjacencies with 'show ipv6 ospf neighbor'.

Exam trap

Many learners assume OSPFv3 configuration is identical to OSPFv2; while the 'router ospfv3' command is valid and often needed for router-id assignment, the primary interface-level command 'ipv6 ospf area' is where adjacency parameters are applied.

29
MCQmedium

A router learns 10.10.10.0/24 from OSPF and EIGRP at the same time. OSPF reports a metric of 20, and EIGRP reports a metric of 30720. Which route is installed in the routing table by default?

A.The OSPF route, because 20 is lower than 30720
B.The EIGRP route, because its administrative distance is lower
C.Both routes, because they point to the same prefix
D.Neither route, because the metrics are not comparable
AnswerB

Correct. EIGRP wins because its default administrative distance is lower than OSPF.

Why this answer

When the same prefix is learned from different routing protocols, the router compares administrative distance first. EIGRP internal routes use AD 90, while OSPF uses AD 110, so the EIGRP route is preferred.

Exam trap

Remember, administrative distance is the first criterion for route selection between different protocols, not the metric.

Why the other options are wrong

A

Metrics from different routing protocols are not comparable because each protocol uses its own metric calculation (e.g., OSPF uses cost based on bandwidth, EIGRP uses composite metric based on bandwidth and delay). The router uses administrative distance to choose between routes from different protocols, not metric values.

C

A router installs only the best route to a destination in the routing table, unless equal-cost load balancing is configured. Since OSPF and EIGRP have different administrative distances, only the route with the lower AD is installed. Both routes cannot be installed simultaneously for the same prefix.

D

The router does compare routes from different protocols using administrative distance, not metrics. Since the metrics are from different protocols, they are not directly comparable, but the router still selects one route based on AD. Therefore, one route will be installed.

30
MCQhard

A router has a static default route with administrative distance 250 and also learns a default route through OSPF. What is the main design purpose of the static default route?

A.To serve as a backup default route if the OSPF default is lost.
B.To override the OSPF default route immediately.
C.To make the router ignore all default routes.
D.To turn the default route into a host route.
AnswerA

This is correct because the high administrative distance makes it a standby route.

Why this answer

The main purpose is to act as a backup route of last resort if the OSPF-learned default route disappears. In practical terms, the very high administrative distance keeps the static default out of the active table while the OSPF default is available. It remains in reserve only for failure conditions.

This is a classic floating-static-default design. It provides resilience without replacing the primary dynamic path.

Exam trap

A common exam trap is assuming that a static default route with a high administrative distance will override the OSPF default route immediately. Candidates might think the static route takes precedence because it is manually configured, but in reality, the administrative distance value controls route preference. Since 250 is much higher than OSPF’s 110, the static route remains inactive while OSPF’s route is available.

This misunderstanding can lead to incorrect answers about route selection and failover behavior in Cisco routing exams.

Why the other options are wrong

B

This option is incorrect because a static route with an administrative distance of 250 does not override the OSPF default route, which has a lower AD of 110. The high AD prevents immediate override.

C

This option is incorrect because the static default route does not cause the router to ignore all default routes. Instead, it remains as a backup and only becomes active if the OSPF route disappears.

D

This option is incorrect because administrative distance does not change the route prefix or convert a default route into a host route. It only influences route preference and selection.

31
MCQhard

A router learns 10.0.0.0/8 from OSPF and 10.10.0.0/16 from a static route. Which route is used for traffic to 10.10.20.1?

A.The OSPF 10.0.0.0/8 route
B.The static 10.10.0.0/16 route
C.The default route if present
D.Neither route, because the networks overlap
AnswerB

This is correct because it is the more specific matching route.

Why this answer

The static /16 route is used because it is more specific than the OSPF /8 route. In practical terms, even though both routes match the destination, the router chooses the one that narrows the destination range more precisely. Since 10.10.20.1 belongs to 10.10.0.0/16, that entry wins.

This question reinforces that longest-prefix match comes first. The broader OSPF route still matters for other destinations inside 10.0.0.0/8, but not for this one.

Exam trap

A frequent mistake is to assume that the OSPF route will be used simply because it is dynamically learned, or because it covers a larger network range. Candidates often overlook that the router applies longest-prefix match first, which means the more specific static route with a /16 mask takes precedence over the broader /8 OSPF route. This misunderstanding leads to incorrect answers, as the router does not ignore static routes in favor of OSPF when the static route is more specific.

Remember, overlapping routes are common, and the router always chooses the route with the most specific subnet mask matching the destination.

Why the other options are wrong

A

The OSPF 10.0.0.0/8 route is less specific than the static 10.10.0.0/16 route. Since the router uses longest-prefix match, the broader /8 route is not selected for traffic destined to 10.10.20.1.

C

The default route would only be used if no more specific matching routes exist. Since both OSPF and static routes match, and the static route is more specific, the default route is not used here.

D

Overlapping networks are common in routing tables and do not prevent route selection. The router resolves overlapping prefixes by choosing the longest-prefix match, so this option is incorrect.

32
Drag & Dropmedium

Drag and drop the following OSPFv2 DR/BDR election steps into the correct order for a multiaccess network where a new router is added after the DR and BDR have already been elected.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

When a new router joins a multiaccess network that already has DR/BDR, it goes through the ExStart state with both the DR and BDR, then forms full adjacencies with both, regardless of its OSPF priority. Options A, B, and C are incorrect because they either describe adjacencies with only the DR, or claim the new router becomes DR/BDR, which cannot happen when DR/BDR are already elected.

Exam trap

A router with OSPF priority 0 never becomes DR or BDR, but it still forms full adjacencies with both the existing DR and BDR.

33
Multi-Selecthard

R1 learns the route 192.0.2.0/24 via OSPF, RIP, and a static route configured with an administrative distance of 130. Based on this information, which two statements are correct?

Select 2 answers
A.The OSPF route is installed because its administrative distance is lower than RIP and the floating static route.
B.The static route will be preferred because static routes always beat dynamic routes.
C.The static route acts as a backup and can be installed if the OSPF route disappears.
D.RIP wins because its metric is lower than OSPF cost.
E.All three routes should load-balance because the prefix length is the same.
AnswersA, C

For the same /24 prefix, OSPF AD 110 beats RIP 120 and static 130.

Why this answer

The router installs the OSPF route because it has the lowest administrative distance among the routes shown. The static route with AD 130 is intentionally floating, and the RIP route has a higher AD than OSPF. Route selection first prefers longest match, then lower AD among routes to the same prefix length.

Exam trap

A frequent exam trap is assuming that static routes always take precedence over dynamic routes regardless of administrative distance. Many candidates incorrectly believe that static routes inherently override OSPF or RIP routes. However, Cisco routers use administrative distance first to select the best route when multiple protocols provide the same prefix.

If a static route has a higher AD (like 130 for a floating static), it will not be installed unless the primary route disappears. Another common mistake is to think RIP wins because it has a lower metric than OSPF cost, but metrics are only compared within the same routing protocol, not across different protocols. This misunderstanding leads to incorrect route selection assumptions.

Why the other options are wrong

B

This option is incorrect because static routes do not always beat dynamic routes; the static route must have a lower administrative distance to be preferred, which is not the case here due to the floating static’s higher AD.

D

This option is incorrect because routing protocols are compared first by administrative distance, not by their internal metrics; RIP’s metric does not override OSPF’s lower AD.

E

This option is incorrect because equal prefix length alone does not guarantee load balancing; routes must have matching attributes and equal administrative distances for equal-cost multipath (ECMP) to occur.

34
PBQhard

You are connected to R1. Configure OSPFv2 on R1 and R2 so that they form a full adjacency and can exchange routes. Currently, the adjacency is stuck in EXSTART state. Identify and fix the issue, then verify the adjacency becomes FULL.

Network Topology
G0/010.0.0.1/30G0/010.0.0.2/30R1R2

Hints

  • Check the hello and dead intervals on both routers using 'show ip ospf interface'.
  • The adjacency is stuck in EXSTART, often caused by mismatched MTU or timer values.
  • On R1, the timers are set to 10 and 40; on R2 they are 5 and 20. They must match.
A.On R1, configure 'ip ospf hello-interval 5' and 'ip ospf dead-interval 20' under interface GigabitEthernet0/0.
B.On R1, configure 'ip ospf network point-to-point' under interface GigabitEthernet0/0.
C.On R2, configure 'ip ospf hello-interval 10' and 'ip ospf dead-interval 40' under interface GigabitEthernet0/0.
D.On R1, configure 'ip ospf dead-interval 40' under interface GigabitEthernet0/0.
AnswerA
solution
! R1
interface GigabitEthernet0/0
ip ospf hello-interval 5
ip ospf dead-interval 20

Why this answer

The adjacency is stuck in EXSTART because the OSPF hello and dead timers are mismatched between R1 and R2. R1 has hello-interval 10 and dead-interval 40, while R2 has hello-interval 5 and dead-interval 20. OSPF requires these timers to match for adjacency formation.

To fix this, adjust the timers on R1 to match R2 (or vice versa). On R1, configure 'ip ospf hello-interval 5' and 'ip ospf dead-interval 20' under interface GigabitEthernet0/0. After correction, the adjacency should progress to FULL.

Exam trap

Be careful to identify which router you are configuring. The question states you are connected to R1, so changes should be made on R1. Also, remember that OSPF requires both hello and dead intervals to match, not just one.

Why the other options are wrong

B

The specific factual error is that the adjacency is stuck due to timer mismatch, not network type mismatch.

C

The specific factual error is that the configuration should be applied to R1, not R2, as per the question context.

D

The specific factual error is that both hello and dead intervals must match; changing only one leaves a mismatch.

35
PBQmedium

You are connected to R1 via console. R1 is connected to R2 via GigabitEthernet0/0 and to R3 via GigabitEthernet0/1. OSPF has been configured, but R1 is not forming a full adjacency with R2. You run `show ip ospf neighbor` on R1 and see R2 stuck in EXSTART state. You also run `show ip ospf interface GigabitEthernet0/0` and see the network type is broadcast. You need to identify and resolve the issue.

Network Topology
G0/010.0.0.1/30G0/010.0.0.2/30linkG0/110.0.1.1/30G0/110.0.1.2/30linkR1R2R3

Hints

  • Check the OSPF neighbor state with show ip ospf neighbor.
  • The issue may be related to the OSPF network type.
  • R1 and R2 are connected via a point-to-point link.
A.Change the OSPF network type on R1's GigabitEthernet0/0 interface to point-to-point.
B.Increase the OSPF hello interval on R1's GigabitEthernet0/0 interface to match R2's hello interval.
C.Configure the OSPF priority on R1's GigabitEthernet0/0 interface to 0 to prevent it from becoming the DR.
D.Add the 'ip ospf network broadcast' command on R1's GigabitEthernet0/0 interface.
AnswerA
solution
! R1
interface GigabitEthernet0/0
ip ospf network point-to-point
end

Why this answer

R1's Gi0/0 defaults to OSPF broadcast network type, while R2 is likely configured as point-to-point. This mismatch prevents the routers from forming a full adjacency, often leaving them stuck in EXSTART or 2-WAY state. Changing R1's interface to point-to-point aligns the network types, allowing adjacency to form.

The other options are incorrect because hello interval mismatches (B) or DR priority (C) are not the root cause, and adding the broadcast command (D) would not fix a point-to-point mismatch.

Exam trap

Candidates often forget that Ethernet interfaces default to broadcast OSPF network type, even on point-to-point links. They may focus on mismatched timers or priorities, but the key is to recognize that the broadcast network type introduces DR/BDR election, which is not needed on a direct link.

Why the other options are wrong

B

The specific factual error: Changing hello intervals is not the standard fix for a point-to-point link not forming adjacency; the network type is the primary issue.

C

The specific factual error: Setting priority to 0 does not eliminate the DR/BDR election process; it only ensures the router does not participate as DR/BDR.

D

The specific factual error: The broadcast network type is already the default on Ethernet; the command is redundant and does not address the need for a point-to-point network type.

36
Drag & Dropmedium

Drag and drop the following steps into the correct order to configure OSPFv3 for IPv6 on a Cisco router and verify basic neighbor relationships.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
6Step 6

Why this order

IPv6 unicast routing must be enabled first, as OSPFv3 relies on the router being IPv6 aware. Next, the OSPFv3 process is created globally. The interface must then be IPv6-enabled to auto-generate the link-local address used by OSPFv3 for forming adjacencies.

After that, the interface is added to OSPFv3 Area 0. Finally, the 'show ospfv3 neighbor' command is used to verify that an adjacency has formed.

37
Multi-Selectmedium

Which three options accurately describe characteristics of OSPFv2 in a single area? (Choose three.)

Select 3 answers
.OSPF uses cost as its metric, which is derived from the bandwidth of the interface.
.Hello packets are used to discover neighbors and maintain adjacencies.
.The designated router (DR) is elected on broadcast multiaccess networks to reduce LSAs flooding.
.OSPFv2 supports IPv6 routing natively without any additional configuration.
.Link-state advertisements (LSAs) are sent periodically every 30 seconds by default.
.OSPF routers in the same area must be configured with the same router ID.

Why this answer

OSPFv2 uses cost as its metric, derived from interface bandwidth using the formula cost = reference bandwidth / interface bandwidth (default reference bandwidth is 100 Mbps). Hello packets are used to discover neighbors, maintain adjacencies, and act as keepalives (default every 10 seconds on broadcast networks). The designated router (DR) is elected only on broadcast multiaccess networks (e.g., Ethernet) to reduce LSA flooding.

The incorrect options: OSPFv2 does not natively support IPv6 (OSPFv3 is needed for IPv6); LSAs are refreshed every 30 minutes, not 30 seconds; router IDs must be unique across the OSPF domain, not the same in an area.

Exam trap

Common mistakes include thinking OSPF uses hop count or bandwidth alone as metric, that the DR is elected on all network types, or that Hello packets are only for initial discovery rather than ongoing adjacency maintenance.

Why the other options are wrong

D

OSPFv2 does not natively support IPv6; OSPFv3 is required for IPv6 routing.

E

Link-state advertisements (LSAs) are refreshed every 30 minutes by default, not every 30 seconds.

F

OSPF router IDs must be unique throughout the OSPF domain; routers in the same area can have different router IDs.

38
MCQhard

Exhibit: A router has both an OSPF-learned default route and a floating static default route. Which route is currently active?

A.The static route, because static routes always override dynamic routes
B.The OSPF default route, because AD 110 beats the floating static AD 150
C.Both routes load-balance automatically
D.Neither route, because a default route cannot be learned by OSPF
AnswerB

That is exactly why the OSPF default is active.

Why this answer

A floating static route only takes over when its administrative distance is set higher than the preferred route and the preferred route disappears. The routing table shows the OSPF default because AD 110 is lower than the floating static AD 150.

Exam trap

A frequent exam trap is believing that static routes always override dynamic routes simply because they are manually configured. This misconception leads to selecting the static route as active regardless of administrative distance. In reality, Cisco routers use administrative distance to determine route preference, and a floating static route is deliberately configured with a higher AD to act as a backup.

The router prefers the OSPF route with AD 110 over the floating static route with AD 150, so the static route is inactive unless the OSPF route fails. Misunderstanding this can cause incorrect answers about route selection in routing tables.

Why the other options are wrong

A

This option incorrectly states that static routes always override dynamic routes. In Cisco routing, static routes only override dynamic routes if their administrative distance is lower. Since the floating static route has a higher AD (150) than OSPF (110), it is not preferred here.

C

This option is incorrect because load balancing only occurs between routes with equal administrative distances and metrics. Here, the OSPF and floating static routes have different ADs, so only the route with the lower AD is active.

D

This option is false because OSPF can advertise and learn default routes using the 'default-information originate' command. Therefore, OSPF can carry a default route, making this statement incorrect.

39
MCQhard

A junior network engineer configured a floating static route on Router R1 to provide backup connectivity to a remote network 10.10.10.0/24. The primary connection uses OSPF. However, after the primary link fails, hosts on R1 cannot reach the remote network. The OSPF adjacency is down, and the floating static route is not appearing in the routing table. Based on the exhibit, what is the most likely cause of the issue?

A.The floating static route is missing from the configuration.
B.The static route's next-hop becomes unreachable after the primary OSPF link fails.
C.The administrative distance of the static route is too high.
D.The default route is overriding the static route to 10.10.10.0/24.
AnswerB

The floating static route points to a next-hop that is only reachable via the OSPF-learned path. Once the primary link fails and OSPF is down, the router loses the route to that next-hop, preventing the static route from being installed.

Why this answer

Option B is correct because the floating static route's next-hop becomes unreachable after the primary OSPF link fails. In the exhibit, the next-hop IP is likely configured to an address that is only reachable via OSPF; when that adjacency drops, the router has no route to the next-hop, so it cannot recursively resolve the static route. As a result, the route does not appear in the routing table.

Option A is wrong because the route is present in the configuration (as a floating static route). Option C is wrong because the administrative distance of the floating static route is intentionally higher than OSPF's so that it only installs when OSPF fails; this is correct behavior. Option D is wrong because a default route would not override a more specific static route to 10.10.10.0/24.

Exam trap

Cisco often tests the misconception that a floating static route will automatically appear when the primary route fails, without considering that the next-hop must be directly connected or recursively resolvable via a remaining route.

Why the other options are wrong

A

The exhibit shows the static route is configured, so the issue is not that it is missing.

C

An administrative distance of 200 is appropriate for a floating static route to be less preferred than OSPF (AD 110) but still usable as a backup.

D

A default route (0.0.0.0/0) does not override a more specific route like 10.10.10.0/24; the longest prefix match rule ensures the specific route is preferred.

40
PBQhard

You are connected to R1. Configure OSPFv3 for IPv6 on R1 and R2 so that the loopback0 interface on R1 (IPv6 address 2001:db8:1::1/64) can ping the loopback0 interface on R2 (IPv6 address 2001:db8:2::1/64). The routers are connected via their GigabitEthernet0/0 interfaces using IPv6 addresses 2001:db8:12::1/64 (R1) and 2001:db8:12::2/64 (R2). OSPFv3 process ID 100 must be used, and all interfaces must be in area 0.

Network Topology
G0/02001:db8:12::1/64G0/02001:db8:12::2/64linkR1R2

Hints

  • OSPFv3 for IPv6 is configured under the 'ipv6 router ospf' process, not 'router ospf'.
  • Each interface that should participate in OSPFv3 must have the 'ipv6 ospf <process-id> area <area-id>' command.
  • Don't forget to set a router-id; otherwise the OSPFv3 process may not start.
A.R1(config)# ipv6 unicast-routing R1(config)# ipv6 router ospf 100 R1(config-rtr)# router-id 1.1.1.1 R1(config-rtr)# interface gigabitethernet0/0 R1(config-if)# ipv6 ospf 100 area 0 R1(config-if)# interface loopback0 R1(config-if)# ipv6 ospf 100 area 0 R2(config)# ipv6 unicast-routing R2(config)# ipv6 router ospf 100 R2(config-rtr)# router-id 2.2.2.2 R2(config-rtr)# interface gigabitethernet0/0 R2(config-if)# ipv6 ospf 100 area 0 R2(config-if)# interface loopback0 R2(config-if)# ipv6 ospf 100 area 0
B.R1(config)# ipv6 unicast-routing R1(config)# ipv6 router ospf 100 R1(config-rtr)# router-id 1.1.1.1 R1(config-rtr)# network 2001:db8:12::0/64 area 0 R1(config-rtr)# network 2001:db8:1::0/64 area 0 R2(config)# ipv6 unicast-routing R2(config)# ipv6 router ospf 100 R2(config-rtr)# router-id 2.2.2.2 R2(config-rtr)# network 2001:db8:12::0/64 area 0 R2(config-rtr)# network 2001:db8:2::0/64 area 0
C.R1(config)# ipv6 unicast-routing R1(config)# ipv6 router ospf 100 R1(config-rtr)# router-id 1.1.1.1 R1(config-rtr)# interface gigabitethernet0/0 R1(config-if)# ipv6 ospf 100 area 0 R2(config)# ipv6 unicast-routing R2(config)# ipv6 router ospf 100 R2(config-rtr)# router-id 2.2.2.2 R2(config-rtr)# interface gigabitethernet0/0 R2(config-if)# ipv6 ospf 100 area 0
D.R1(config)# ipv6 unicast-routing R1(config)# ipv6 router ospf 100 R1(config-rtr)# router-id 1.1.1.1 R1(config-rtr)# interface gigabitethernet0/0 R1(config-if)# ipv6 ospf 100 area 0 R1(config-if)# interface loopback0 R1(config-if)# ipv6 ospf 100 area 0 R2(config)# ipv6 unicast-routing R2(config)# ipv6 router ospf 100 R2(config-rtr)# router-id 1.1.1.1 R2(config-rtr)# interface gigabitethernet0/0 R2(config-if)# ipv6 ospf 100 area 0 R2(config-if)# interface loopback0 R2(config-if)# ipv6 ospf 100 area 0
AnswerA
solution
! R1
ipv6 router ospf 100
router-id 1.1.1.1
interface Loopback0
ipv6 ospf 100 area 0
interface GigabitEthernet0/0
ipv6 ospf 100 area 0

Why this answer

OSPFv3 for IPv6 requires enabling IPv6 unicast routing globally and configuring OSPFv3 on interfaces. The missing step was enabling OSPFv3 process 100 and assigning area 0 to the interfaces. On R1, the commands 'ipv6 router ospf 100' and 'router-id 1.1.1.1' create the OSPFv3 process, then 'ipv6 ospf 100 area 0' under each interface enables OSPFv3 on those interfaces.

Similar commands on R2 with a unique router-id complete the configuration. Verification with 'show ospfv3 neighbor' should show R2's router-id, and 'show ipv6 route ospf' should display the remote loopback network.

Exam trap

The most common trap is using OSPFv2-style 'network' commands for OSPFv3. Remember that OSPFv3 uses interface-level configuration. Also, ensure all interfaces that need to be advertised (including loopbacks) have OSPFv3 enabled, and that router-ids are unique.

Why the other options are wrong

B

The specific factual error is that OSPFv3 uses interface-level configuration, not network statements like OSPFv2 for IPv4.

C

The specific factual error is that OSPFv3 must be enabled on all interfaces that should participate in the routing process, including loopback interfaces.

D

The specific factual error is that OSPF router-ids must be unique. Using the same router-id on both routers prevents proper neighbor formation.

41
MCQhard

Two routers are directly connected and running OSPF. Their IP addresses and hello timers match, but they still do not become neighbors. One side is configured for area 0 and the other for area 1 on the shared link. What is the most likely cause?

A.The interfaces are in different OSPF areas on the shared link.
B.The routers need identical hostnames.
C.The link must be converted to a trunk.
D.The routers must use static routes first.
AnswerA

This is correct because OSPF neighbors on the same segment must agree on the area.

Why this answer

An OSPF area mismatch is the most likely cause. In plain language, the routers may be physically connected and able to exchange packets, but OSPF still requires that both sides agree on the area associated with the shared segment. If one interface belongs to area 0 and the other belongs to area 1, the routers do not view the segment in the same OSPF context and the adjacency fails.

This is a classic CCNA troubleshooting case because the addressing can look perfect while the protocol still refuses to form a neighbor relationship. OSPF is strict about several interface-level values, and the area assignment is one of the most important.

Exam trap

A frequent exam trap is assuming that matching IP addresses and hello timers alone guarantee OSPF adjacency. Candidates often overlook the OSPF area configuration, which must be identical on both sides of a shared link. This mistake leads to confusion because the routers appear connected and can exchange packets, but OSPF adjacency never forms.

The trap is focusing on interface parameters like timers or IP addressing while ignoring the fundamental requirement that both interfaces must belong to the same OSPF area to establish neighbor relationships.

Why the other options are wrong

B

This option is incorrect because router hostnames do not affect OSPF neighbor relationships. OSPF adjacency depends on interface-level parameters, not device names, so identical hostnames are not required.

C

This option is incorrect because converting the link to a trunk is irrelevant for OSPF adjacency on routed interfaces. OSPF operates on Layer 3 interfaces, and trunking is a Layer 2 concept used for VLAN tagging, not required for OSPF neighbor formation.

D

This option is incorrect because static routes are not necessary for OSPF adjacency. OSPF dynamically discovers neighbors and exchanges routing information without requiring preconfigured static routes.

42
Multi-Selectmedium

Which two statements about OSPF neighbor requirements on a shared Ethernet segment are correct? (Choose two.)

Select 2 answers
A.They must be in the same OSPF area on that link.
B.They must use the same subnet on the connected interfaces.
C.They must have identical router IDs.
D.They must use the same process ID number on both routers.
AnswersA, B

Correct. Area mismatch prevents adjacency.

Why this answer

Neighbors must agree on key parameters such as area ID and subnet, and they exchange Hello packets on the segment.

Exam trap

A frequent exam trap is confusing the OSPF process ID with the area ID or router ID requirements. Candidates often think the process ID must match between neighbors, but it is locally significant and does not affect adjacency. Another common mistake is assuming router IDs must be identical; in fact, router IDs must be unique within the OSPF domain to prevent routing conflicts.

Misunderstanding these distinctions can lead to selecting incorrect answers about neighbor requirements. The key is to focus on area ID and subnet matching for adjacency on shared Ethernet segments, not process ID or identical router IDs.

Why the other options are wrong

C

Incorrect because router IDs must be unique within the OSPF domain, not identical. Identical router IDs cause routing conflicts and prevent proper operation.

D

Incorrect because the OSPF process ID is locally significant to each router and does not need to match between neighbors for adjacency formation.

43
MCQhard

A router shows this output: R1#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 10.1.1.2 1 FULL/DR 00:00:34 192.168.12.2 GigabitEthernet0/0 10.1.1.3 1 2WAY/DROTHER 00:00:39 192.168.12.3 GigabitEthernet0/0 Which statement is correct?

A.R1 has failed to form adjacency with 10.1.1.3
B.This can be normal on a broadcast segment where DROTHER routers remain in 2-Way
C.R1 has a duplicate router ID with 10.1.1.3
D.The interface is passive
AnswerB

Correct. This is normal DR/DROTHER behavior on many multiaccess networks.

Why this answer

On broadcast OSPF networks, full adjacency is typically formed with the DR and BDR. DROTHER routers can remain in the 2-Way state with one another and still be operating normally.

Exam trap

Be cautious not to confuse the 2WAY state with being a BDR or DR. Understand the significance of FULL/DR and 2WAY/DROTHER states.

Why the other options are wrong

A

The 2-Way state is a normal OSPF neighbor state on broadcast multiaccess networks for non-DR/BDR routers (DROTHERs). It indicates that bidirectional communication has been established, but full adjacency is not required because they do not exchange LSAs directly. This is not a failure.

C

A duplicate router ID would cause OSPF neighbor state to oscillate or remain in EXSTART/EXCHANGE, not stabilize in 2-Way. The output shows a stable 2-Way state, which is normal for DROTHERs. Duplicate IDs would also generate error messages in the logs.

D

A passive interface in OSPF does not send Hello packets and therefore cannot form any neighbor adjacency. The output shows two neighbors in valid states (FULL and 2-Way), which proves the interface is active and sending Hellos.

44
Drag & Dropmedium

Drag and drop the following steps into the correct order to configure Router R1 with OSPFv2 process 1 to form neighbor adjacencies only on GigabitEthernet0/1 while preventing OSPF hello packets on all other OSPF-enabled interfaces.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

Why this order

First, enter OSPF router configuration mode. Then assign a Router ID (optional but good practice). Next, advertise the local subnet with a network statement to enable OSPF on interfaces.

Then apply passive-interface default to suppress hellos on all OSPF interfaces. Finally, use no passive-interface to allow adjacency on the specific interface.

45
MCQhard

A route to 10.10.10.0/24 is learned through two OSPF paths. Both have the same prefix length and the same administrative distance, but one path has a lower OSPF metric. Which path is preferred?

A.The path with the lower OSPF metric
B.The path with the higher OSPF metric
C.Both paths equally, because the administrative distance is the same
D.Neither path, because two OSPF routes to the same prefix are invalid
AnswerA

This is correct because within the same protocol and prefix, the lower metric is preferred.

Why this answer

The path with the lower OSPF metric is preferred. In practical terms, when the prefix and route source are the same, the router uses the routing protocol’s internal path-selection logic. For OSPF, the lower metric is the more attractive path.

This is a clean example of metric-based selection within one routing protocol. Administrative distance is not the deciding factor here because the source protocol is the same on both paths.

Exam trap

Remember, administrative distance only matters when comparing different routing protocols, not when choosing between paths within the same protocol.

Why the other options are wrong

B

A higher OSPF metric indicates a less desirable path, as OSPF uses cost as its metric where lower cost is preferred. Selecting a higher metric path would contradict the fundamental routing principle of choosing the best path based on lowest metric.

C

Equal administrative distance does not imply equal preference when metrics differ. The router compares metrics within the same routing protocol; if metrics are different, the lower metric path is chosen, not both.

D

OSPF can learn the same prefix via multiple paths; this is normal. The router selects the best path based on metric, and the other paths are kept in the routing table as backup or for equal-cost load balancing if metrics are equal.

46
MCQhard

A router learns the same destination prefix from OSPF and EIGRP. The prefix length is identical, and both routes are valid. Which route is preferred by default?

A.The EIGRP route
B.The OSPF route
C.Both routes are installed equally because the prefix length matches
D.Neither route is used because protocols cannot advertise the same prefix
AnswerA

This is correct because EIGRP's default administrative distance is lower than OSPF's.

Why this answer

The EIGRP route is preferred by default because EIGRP has a lower default administrative distance than OSPF. In practical terms, once the prefix length is the same, the router compares source trust. Lower administrative distance wins. EIGRP’s default of 90 beats OSPF’s default of 110.

This is not a longest-prefix question. The prefix is identical, so the decision is about source preference rather than specificity.

Exam trap

A frequent exam trap is believing that when two routing protocols advertise the same prefix with identical prefix lengths, the router installs both routes equally or performs load balancing. This misconception ignores the role of administrative distance, which is the primary factor in route preference when prefix lengths match. Another trap is thinking that OSPF is always preferred because it is a widely used IGP, but Cisco routers prioritize routes based on AD values, not protocol popularity.

Misunderstanding this can lead to incorrect answers about route selection in multi-protocol environments.

Why the other options are wrong

B

This option is incorrect because OSPF’s default administrative distance (110) is higher than EIGRP’s (90), making OSPF routes less preferred when both advertise the same prefix.

C

This option is incorrect because equal prefix length does not cause routers to install both routes equally; administrative distance determines which route is preferred and installed.

D

This option is incorrect because routers can receive and compare the same prefix from multiple routing protocols; they do not reject prefixes simply because they come from different sources.

47
Matchingmedium

Drag and drop the OSPFv2 neighbor states on the left to the correct descriptions on the right.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

No hello packets received from neighbor

Master/slave election and DBD sequence number negotiation

Bi-directional communication established (hello seen self)

Requesting and receiving missing LSAs via LSR/LSU

Neighbors are fully adjacent and databases synchronized

Why these pairings

OSPF neighbor states progress: Down (no Hello), Init (Hello seen), 2-Way (bidirectional), ExStart (master/slave election), Exchange (DBD packets), Loading (requesting missing LSAs via LSR/LSU), Full (LSDB synchronized). These states ensure proper adjacency formation and reliable database exchange.

Exam trap

Be careful not to confuse the order of OSPF states. The Down state is the very first state, not Init or 2-Way. Remember that Down means no Hello received at all.

48
Multi-Selectmedium

Which two statements accurately describe OSPF passive interfaces?

Select 2 answers
A.It prevents OSPF from sending hello packets on that interface.
B.It can still allow the connected network to be advertised into OSPF.
C.It changes OSPF into a static route on that interface.
D.It forces the interface to become the router ID.
E.It disables OSPF on every interface in the router automatically.
AnswersA, B

This is correct because passive interfaces suppress OSPF hello exchange locally.

Why this answer

An OSPF passive interface stops hello packet exchange on that interface while still allowing the connected network to be advertised into OSPF through other active adjacencies. In plain language, it tells the router not to try to form neighbors on that interface, but not to forget that the network exists. This is very useful on user-facing or stub-like interfaces where no routing neighbor should appear.

The wrong answers often treat passive as if it disables OSPF globally or removes the network completely. The two correct answers are the ones that preserve the suppression of adjacency on that interface and the continued advertisement of the connected network.

Exam trap

A common exam trap is to confuse the effect of the OSPF passive interface command with disabling OSPF entirely on that interface or converting OSPF routes into static routes. Some candidates mistakenly believe that passive interfaces stop all OSPF activity or remove the network from OSPF advertisements. In reality, passive interfaces only stop OSPF hello packets and adjacency formation but continue to advertise the connected network.

Misunderstanding this can lead to incorrect answers or network misconfigurations, especially when interpreting how OSPF maintains routing information despite passive interfaces.

Why the other options are wrong

C

This option is incorrect because passive interfaces do not convert OSPF routes into static routes; OSPF routing remains dynamic and active elsewhere.

D

This option is incorrect because the passive-interface command does not affect the router ID selection, which is determined by other OSPF rules.

E

This option is incorrect because passive-interface affects only the specified interface unless configured globally; it does not disable OSPF on all interfaces.

49
MCQmedium

Why does a passive interface in OSPF still matter even though it does not send hello packets?

A.The connected network can still be advertised into OSPF through other active adjacencies
B.The passive interface automatically becomes the OSPF router ID
C.The passive interface disables all OSPF operation on the router
D.The passive interface converts OSPF into EIGRP on that link
AnswerA

This is correct because passive-interface suppresses hello exchange on that interface while still allowing the network to be advertised.

Why this answer

A passive interface still matters because the connected network can still be advertised into OSPF even though the interface itself does not form neighbor relationships. In plain language, the router is saying, “This network is mine, and I want others to know about it, but I do not want to speak OSPF directly on this interface.” That is useful on user-facing or stub-like interfaces where no OSPF neighbor should exist.

This distinction is important because some engineers assume passive means “ignored entirely.” It does not. The connected network can still appear in routing updates sent through real neighbors on other interfaces. What changes is neighbor formation on the passive interface itself.

Exam trap

Don't assume 'passive' means the interface is ignored; it still advertises its network.

Why the other options are wrong

B

The OSPF router ID is determined by the highest IP address on a loopback interface or the highest active physical interface IP at the time of OSPF process startup, not by passive-interface configuration. A passive interface does not influence router ID selection.

C

The passive-interface command only suppresses OSPF hello packets on that specific interface; OSPF continues to operate normally on other interfaces, forming adjacencies and exchanging routing information. It does not disable OSPF globally.

D

The passive-interface command is specific to OSPF and does not change the routing protocol. OSPF remains OSPF; it simply stops sending hellos on that interface. EIGRP has its own passive-interface command with similar behavior but does not convert protocols.

50
PBQhard

You are troubleshooting connectivity from R1 to the 172.16.20.0/24 network. The network engineer configured a floating static route on R1 as a backup for the OSPF-learned route, but after the primary OSPF route fails, the backup does not take over. Examine the current routing table and partial configuration on R1, then fix the issue so that when the OSPF neighbor goes down, R1 can still reach 172.16.20.0/24 via R3.

Network Topology
G0/010.0.0.1/30G0/010.0.0.2/30G0/1203.0.113.1/30G0/0203.0.113.2/30R2OSPFR1static backupR3

Hints

  • Check if the next-hop address is reachable via a directly connected interface.
  • A static route with a next-hop that is not directly connected requires a valid route to that next-hop.
  • Configure the static route with an exit interface to make it directly connected.
A.Change the static route to use an exit interface: ip route 172.16.20.0 255.255.255.0 GigabitEthernet0/1 203.0.113.2
B.Change the administrative distance of the static route to 110
C.Remove the OSPF process from R1
D.Add a static route to 203.0.113.0/24 via R1's directly connected interface
AnswerA
solution
! R1
no ip route 172.16.20.0 255.255.255.0 203.0.113.2 130
ip route 172.16.20.0 255.255.255.0 GigabitEthernet0/1 203.0.113.2 130

Why this answer

The floating static route was configured with an administrative distance of 130, intended to be higher than OSPF's default AD of 110 so it would only be used as a backup. However, the static route's AD is set as 130 (the command uses the distance option), which is correct. The problem is that OSPF's AD is 110, which is lower, so the static route is not installed while OSPF is up.

But when OSPF fails, the static route should appear. The issue is that the static route is pointing to a next-hop (203.0.113.2) that is not directly connected; R1 has no route to 203.0.113.2, causing the static route to be inactive. To fix, you must either change the next-hop to a directly connected interface (e.g., GigabitEthernet0/1) or add a route to reach 203.0.113.2.

The simplest solution is to configure the static route with an exit interface: 'ip route 172.16.20.0 255.255.255.0 GigabitEthernet0/1 203.0.113.2'. This ensures the route is valid when the OSPF route disappears.

Exam trap

Trap: Candidates often focus on administrative distance values but forget that a static route must have a valid next-hop to be installed. Always verify that the next-hop is reachable (directly connected) or specify an exit interface for floating static routes.

Why the other options are wrong

B

The specific factual error is that a floating static route must have a higher AD than the dynamic protocol to act as a backup; setting it equal or lower would disrupt the primary route.

C

The specific factual error is that removing OSPF is an extreme measure that breaks connectivity, whereas a floating static route is meant to be a seamless backup.

D

The specific factual error is that adding an extra static route is not the standard solution; Cisco recommends using the exit interface for directly connected next-hops to ensure route validity.

51
PBQhard

You are connected to R1 via console. R1 and R2 are connected via a serial link. OSPFv2 has been configured, but the adjacency is stuck in EXSTART state. You suspect a mismatched MTU. On R1, the interface MTU is currently set to 1400, while R2 uses the default MTU of 1500. You need to verify and fix the issue.

Network Topology
S0/0/010.0.0.1/30S0/0/010.0.0.2/30serial linkR1R2

Hints

  • The issue is with MTU mismatch.
  • Check the MTU on R1's serial interface.
  • After fixing, reset the OSPF process to force adjacency.
A.On R1, configure the interface MTU to 1500 and then clear the OSPF process using 'clear ip ospf process'.
B.On R1, configure the interface MTU to 1500 and then reload the router to apply the change.
C.On R1, configure the interface MTU to 1500 and then change the OSPF network type to point-to-point.
D.On R1, configure the interface MTU to 1500 and then adjust the OSPF hello and dead timers to match R2.
AnswerA
solution
! R1
interface Serial0/0/0
ip mtu 1500
clear ip ospf process
end

Why this answer

OSPF requires matching MTU values on a link. The incorrect MTU on R1 (1400) caused the adjacency to stall in EXSTART. Setting MTU to 1500 and clearing the OSPF process allows proper adjacency formation.

Exam trap

Do not confuse the states of OSPF adjacency. EXSTART state is specifically related to DBD exchange and MTU mismatch, while INIT or 2-WAY states are more common with hello/dead timer mismatches. Always verify MTU when adjacency is stuck in EXSTART.

Why the other options are wrong

B

The specific factual error is that a reload is not required to apply MTU changes; the interface MTU is applied immediately, and the OSPF process can be cleared to re-establish adjacencies.

C

The specific factual error is that OSPF network type does not affect MTU requirements; MTU must match regardless of network type.

D

The specific factual error is that timer mismatches affect the INIT and 2-WAY states, while EXSTART is associated with MTU or database descriptor (DBD) packet issues.

52
PBQmedium

You are connected to R1 via the console. R1 and R2 are running OSPFv2 in area 0. R1's router ID is 1.1.1.1, and R2's router ID is 2.2.2.2. Both routers are connected via GigabitEthernet0/0 on the 192.168.12.0/30 subnet. You need to ensure that R1 does not send OSPF hello messages out of its Loopback0 interface, while still advertising the loopback network into OSPF.

Network Topology
Lo010.0.0.1/32G0/0192.168.12.2/30R1R2

Hints

  • The command is configured under the OSPF process.
  • Use the keyword 'passive-interface' followed by the interface name.
  • This prevents OSPF from sending hello messages on that interface.
A.Configure the passive-interface Loopback0 command under the OSPF process.
B.Remove the network 192.168.12.0 0.0.0.3 area 0 command from the OSPF configuration.
C.Configure the ip ospf passive-interface command on GigabitEthernet0/0.
D.Configure the network 192.168.12.0 0.0.0.3 area 0 command under the OSPF process.
AnswerA
solution
! R1
router ospf 1
passive-interface Loopback0

Why this answer

Configuring the Loopback0 interface as passive under the OSPF process suppresses the sending of hello messages on that interface, preventing unnecessary adjacencies. The network is still advertised because OSPF includes the subnet in its LSAs.

Exam trap

Trap: Candidates may confuse passive-interface with removing network statements or applying it to the wrong interface. Remember that passive-interface suppresses hellos but still advertises the network, and it should be applied to the interface that should not form adjacencies, not the transit link.

Why the other options are wrong

B

The specific factual error is that the network statement for the transit link is necessary for OSPF adjacency; removing it would break the OSPF neighbor relationship.

C

The specific factual error is that applying passive-interface to the transit link would prevent the OSPF neighbor relationship from forming, which is not the goal.

D

The specific factual error is that adding a network statement does not suppress hello messages; it only includes the interface in the OSPF process.

53
MCQhard

Two routers are directly connected over IPv6 and should form an OSPFv3 adjacency, but they do not. Link-local addressing is present on both interfaces. Which issue is most likely to prevent the adjacency?

A.The interfaces are assigned to different OSPFv3 areas.
B.The routers need matching hostnames before OSPFv3 can start.
C.IPv6 requires a /64 only for routing protocols to function.
D.OSPFv3 cannot run on directly connected interfaces.
AnswerA

This is correct because OSPF neighbors on the same segment must agree on the area for adjacency formation.

Why this answer

An area mismatch is a strong and direct explanation. In plain language, even though the routers can have valid IPv6 addressing and proper link-local communication on the interface, OSPFv3 still requires the two ends of the shared segment to agree on the area context for the adjacency. If one side places the interface in one area and the other side places it in another, the routers will not treat each other as valid neighbors.

This is very similar in principle to OSPF for IPv4. Link-local addressing matters in OSPFv3, but the protocol still enforces key neighbor-formation checks. The correct answer is the one that focuses on a required protocol match rather than on a vague issue like hostname or cable color.

Exam trap

Focus on OSPFv3 configuration requirements like area matching, not on distractors such as hostnames or prefix length.

Why the other options are wrong

B

OSPFv3 adjacency formation does not depend on hostnames; hostnames are only used for identification in show commands and have no impact on routing protocol operation.

C

OSPFv3 can use any valid IPv6 prefix length, including /64, /126, or /127, for the link between routers. The /64 requirement is for SLAAC, not for routing protocols.

D

OSPFv3 is specifically designed to run on directly connected interfaces, just like OSPFv2. It forms adjacencies over directly connected links to exchange routing information.

54
MCQhard

Two OSPF routers connected on an Ethernet link remain in the INIT state. Which issue is the most likely cause?

A.The routers have identical router IDs
B.The routers cannot exchange Hellos bidirectionally on the segment
C.The routers have already reached FULL and are waiting to install routes
D.The routers are using the same OSPF process ID
AnswerB

Correct. INIT often indicates one-way Hello communication.

Why this answer

INIT means a router is seeing Hellos from its neighbor but does not see its own router ID in the neighbor field of received Hellos. A common cause is one-way communication or a mismatched multicast/adjacency problem, often at Layer 2.

Exam trap

A common exam trap is to assume that duplicate router IDs cause routers to remain stuck in the INIT state. While duplicate router IDs do cause adjacency issues, they typically result in different neighbor states or error messages, not the INIT state specifically. Another trap is to think that using the same OSPF process ID on both routers causes adjacency failure; however, the process ID is locally significant and does not affect neighbor formation.

Misinterpreting the INIT state as a sign of routers already being fully adjacent or waiting to install routes is also incorrect, as FULL is a later state. The key is to recognize that INIT indicates one-way Hello communication, often due to Layer 2 or multicast issues.

Why the other options are wrong

A

Duplicate router IDs cause adjacency problems but usually result in neighbor states other than INIT or generate specific error messages. INIT state more commonly indicates one-way Hello communication rather than duplicate router ID issues.

C

Incorrect. FULL is the final OSPF neighbor state indicating full adjacency and route exchange completion. INIT is an early state and does not mean routers are waiting to install routes.

D

Incorrect. The OSPF process ID is locally significant and does not affect neighbor adjacency formation. Using the same or different process IDs on routers does not cause them to remain stuck in the INIT state.

55
Drag & Dropmedium

Drag and drop the following steps into the correct order to configure a single-area OSPFv2 network on two Cisco routers (R1 and R2) and observe the neighbor state transitions from Down to Full.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

First configure OSPF process and router-id on R1, then add the network; repeat on R2; ensure interfaces are up; finally verify neighbor states to see the full transition sequence.

Exam trap

The trap is that candidates might think interfaces must be up before OSPF configuration, or that verification can be done after configuring only one router. The correct sequence ensures both routers are configured before checking neighbor states.

56
Drag & Dropmedium

Drag and drop the following commands into the correct order to configure OSPFv3 for IPv6 on a Cisco router.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

Commands must be executed in order: global config, IPv6 routing, interface config, OSPFv3 on interface, then verification.

Exam trap

The most common trap is starting with the OSPFv3 router configuration command without first enabling IPv6 routing globally. Also, candidates may try to apply the interface-level OSPFv3 command before entering interface configuration mode.

57
MCQhard

R1 and R2 are directly connected and running OSPF. The IP addressing is correct and both routers are in area 0, but they do not form an adjacency. What is the most likely cause?

A.The OSPF MTU values do not match on the connected interfaces.
B.The routers must use identical hostnames before OSPF can form neighbors.
C.The routers must use VLAN 1 for OSPF to operate.
D.The interfaces need to be configured as trunks instead of routed ports.
AnswerA

This is correct because MTU mismatch is a known cause of OSPF adjacency problems during database exchange.

Why this answer

The most likely cause is an MTU mismatch between the two interfaces. During the OSPF database exchange process, neighbors must agree on the MTU value to successfully exchange DBD packets; a mismatch typically causes the adjacency to become stuck in the ExStart or Exchange state. Basic connectivity (e.g., ping) often still works because ICMP packets are small, but the OSPF adjacency fails due to the MTU discrepancy.

Exam trap

Don't overlook MTU settings when OSPF adjacency issues arise, especially when basic connectivity is confirmed.

Why the other options are wrong

B

OSPF neighbor formation does not depend on hostnames; it relies on matching parameters such as area ID, authentication, hello/dead intervals, and network type. Hostnames are only used for local identification and do not affect OSPF adjacency.

C

OSPF can operate over any VLAN or routed interface; there is no requirement to use VLAN 1. The adjacency issue is unrelated to VLAN numbering, and OSPF works independently of VLAN assignments on routed ports.

D

OSPF is designed to run on routed interfaces (Layer 3 interfaces) and does not require trunking. Trunk ports are used for carrying multiple VLANs between switches, not for OSPF adjacency between routers.

58
MCQhard

A router learns 192.168.30.0/24 from OSPF and also has a static route to 192.168.30.0/24 with administrative distance 200. Which route is installed in the routing table while both are available?

A.The OSPF route
C.Both routes equally for load balancing
D.Neither route, because they conflict
AnswerA

This is correct because OSPF's administrative distance is lower than 200.

Why this answer

The OSPF route is installed because its default administrative distance of 110 is lower than the static route’s configured administrative distance of 200. In practical terms, the static route has been intentionally made a backup. It is present in the configuration, but it does not become active while the lower-distance OSPF route is healthy.

This is a classic floating-static design question. The important point is that route-source preference depends on administrative distance when the prefix length is the same.

Exam trap

A common exam trap is assuming that static routes always take precedence over dynamic routes because their default administrative distance is 1. In this question, the static route’s administrative distance is manually set to 200, which is higher than OSPF’s default 110. Many candidates mistakenly select the static route, overlooking that a higher administrative distance means lower preference.

This trap tests your understanding that administrative distance values can be adjusted to create floating static routes that serve as backups rather than primary routes.

Why the other options are wrong

B

Incorrect because the static route has a higher administrative distance (200) than OSPF (110), making it less preferred and preventing it from being installed while the OSPF route is available.

C

Incorrect because routers do not install multiple routes with different administrative distances to the same prefix simultaneously; only the route with the lowest administrative distance is installed.

D

Incorrect because routers can and do choose one preferred route when multiple routes to the same prefix exist; conflicting routes do not cause both to be rejected.

59
MCQhard

A router receives two routes to 10.50.0.0/16: one from OSPF and one static route with an administrative distance of 90. Which route is installed by default?

A.The static route, because its administrative distance is lower than OSPF's
B.The OSPF route, because dynamic routes always override static routes
C.Both routes, because equal destination networks always load-balance
D.Neither route, because the destinations overlap
AnswerA

This is correct because an administrative distance of 90 is lower than OSPF’s default 110.

Why this answer

By default, the static route with administrative distance 90 is installed because it is preferred over the OSPF route with default administrative distance 110. In plain language, the router is being told that the manually configured route is more trustworthy than the OSPF-learned one, so it chooses the static path first. The protocol type alone does not decide the outcome. Administrative distance is the key comparison when two different route sources offer the same destination prefix length.

This is a classic routing-selection question because many learners incorrectly assume OSPF always wins over static routes unless the static route uses the default administrative distance. Once the static route is given a value lower than OSPF’s 110, it becomes the preferred path unless a more specific route exists elsewhere.

Exam trap

A frequent exam trap is assuming that dynamic routing protocols like OSPF always override static routes regardless of administrative distance. Many candidates mistakenly believe that static routes only win if they use the default AD of 1. However, if a static route is manually assigned an AD lower than OSPF's default 110, it becomes the preferred route.

This misunderstanding leads to incorrect answers because the exam tests knowledge of how administrative distance influences route selection, not just the routing protocol type. Remember, the router always chooses the route with the lowest administrative distance, even if it is a static route with a custom AD.

Why the other options are wrong

B

Incorrect. Dynamic routes do not always override static routes; route preference depends on administrative distance, not just whether a route is dynamic or static.

C

Incorrect. Equal destination networks do not automatically cause load balancing if the routes have different administrative distances; only routes with equal AD and metrics are load-balanced.

D

Incorrect. Overlapping destinations from different sources are common and do not prevent route installation; the router uses administrative distance to choose the preferred route.

60
PBQhard

You are connected to R1 via the console. R1 is a Cisco ISR 4321 router running IOS-XE. The network team has recently changed the routing protocol from EIGRP to OSPF, but some routes are missing from the routing table. You need to analyze the OSPF neighbor states and LSDB to identify the issue.

Network Topology
G0/010.0.1.1/30G0/010.0.1.2/30linkG0/1192.168.1.1/24linkR1R2SW1

Hints

  • Check if OSPF neighbors are in FULL state.
  • Look for mismatched OSPF network types or hello intervals.
  • Verify that both routers are in area 0.
A.Use 'show ip ospf neighbor' to check neighbor state; if not FULL, examine 'show ip ospf interface' for mismatched hello/dead intervals or network type.
B.Use 'show ip route ospf' to verify OSPF routes; if missing, re-enter the OSPF process and redistribute connected routes.
C.Use 'debug ip ospf events' to monitor OSPF packets; if no packets are seen, reconfigure OSPF router ID and clear the OSPF process.
D.Use 'show ip protocols' to verify OSPF process configuration; if incorrect, delete and recreate the OSPF process with the correct network statements.
AnswerA
solution
! R1
show ip ospf neighbor
show ip ospf interface gigabitethernet0/0
show ip route ospf

! R2
show ip ospf neighbor
show ip ospf interface

Why this answer

OSPF requires consistent hello/dead intervals and network types to form adjacency. If the neighbor is not in FULL state, routes will not be exchanged. Checking 'show ip ospf neighbor' reveals the state; mismatched parameters can be corrected by adjusting interface configuration.

Exam trap

The exam trap is that candidates may jump to reconfiguring the OSPF process or redistribution when routes are missing, but the root cause is often a simple mismatch in OSPF interface parameters. Always check neighbor states first.

Why the other options are wrong

B

The specific factual error is that 'show ip route ospf' shows only existing OSPF routes, not neighbor states. Redistribution is not needed for directly connected interfaces in the same OSPF area.

C

The specific factual error is that debugging is not the initial diagnostic step; it should be used after verifying neighbor states and interface parameters. Changing the router ID is unnecessary unless there is a duplicate router ID issue.

D

The specific factual error is that 'show ip protocols' does not display per-interface OSPF parameters. The problem is likely at the interface level, not the process level.

61
PBQhard

You are connected to R1. Configure OSPFv3 for IPv6 on R1 and R2 so that they can exchange IPv6 routes. R1's GigabitEthernet0/0 is connected to R2's GigabitEthernet0/0. R1 has a loopback0 with IPv6 address 2001:db8:1::1/32, and R2 has a loopback0 with IPv6 address 2001:db8:2::2/32. Ensure OSPFv3 is enabled on both routers, the link interfaces are in area 0, and R1 learns the loopback route from R2.

Network Topology
G0/02001:db8:abcd::1/64G0/02001:db8:abcd::2/64linkR1R2

Hints

  • OSPFv3 must be enabled on each interface that should participate in the routing process.
  • Use the 'ipv6 ospf <process-id> area <area-id>' command under the interface configuration.
  • Verify with 'show ospfv3 neighbor' and 'show ipv6 route ospf'.
A.Configure 'ipv6 ospf 1 area 0' under GigabitEthernet0/0 and Loopback0 on both routers.
B.Configure 'ipv6 router ospf 1' and then 'network 2001:db8:2::2/32 area 0' under the OSPFv3 process.
C.Configure 'ipv6 unicast-routing' and 'ipv6 ospf 1 area 0' under the global configuration.
D.Configure 'router ospf 1' and then 'ipv6 unicast-routing' under the OSPFv3 process.
AnswerA
solution
! R1
interface GigabitEthernet0/0
ipv6 ospf 1 area 0
exit
interface Loopback0
ipv6 ospf 1 area 0

Why this answer

The provided configuration enables OSPFv3 on the interfaces, which is necessary, but it does not set a router-id. OSPFv3 requires a router-id to form adjacencies. Without any IPv4 addresses configured, the router-id defaults to 0.0.0.0, preventing neighbor formation and route exchange.

Therefore, a valid solution must also include a router-id command under the OSPFv3 process (e.g., 'ipv6 router ospf 1' followed by 'router-id X.X.X.X').

Exam trap

Learners often forget that OSPFv3 requires a manually configured router-id when no IPv4 addresses are present on the router.

Why the other options are wrong

B

The specific factual error is that OSPFv3 uses interface-level commands ('ipv6 ospf area') rather than the network statement used in OSPFv2.

C

The specific factual error is that OSPFv3 interface configuration is required on each interface, not just globally.

D

The specific factual error is that 'router ospf' is for IPv4 OSPF; OSPFv3 requires 'ipv6 router ospf'.

62
MCQhard

An engineer is troubleshooting an OSPF adjacency between two directly connected routers, R1 and R2. R1 is configured with a passive-interface default under the OSPF process, and the interface connecting to R2 is not explicitly set to no passive-interface. The engineer runs a show ip ospf neighbor command on R1 and sees no neighbors. What is the most likely reason for the missing adjacency?

A.The network statement does not match the interface IP address.
B.The passive-interface default command is preventing OSPF hellos on the interface.
C.The router-id is not configured, so OSPF cannot form an adjacency.
D.There is an OSPF authentication mismatch between R1 and R2.
AnswerB

The passive-interface default makes all interfaces passive, and without a no passive-interface command for the specific interface, OSPF hellos are not sent, preventing neighbor discovery.

Why this answer

The `passive-interface default` command under the OSPF process makes all interfaces passive by default, meaning OSPF Hellos are not sent unless explicitly overridden with `no passive-interface`. Since the interface to R2 was not configured with `no passive-interface`, R1 does not send Hellos, preventing adjacency. Option A is less likely because even if the network statement is correct, a passive interface still blocks Hellos.

Option C is incorrect because OSPF automatically selects a router-id if not configured (highest loopback or interface IP), and a missing router-id does not prevent Hellos. Option D is unsupported by the scenario; no authentication mismatch is indicated.

Exam trap

Cisco often tests the nuance that `passive-interface default` suppresses Hellos on all interfaces unless overridden, leading candidates to overlook the fact that even directly connected routers cannot form an adjacency without Hellos being sent.

Why the other options are wrong

A

The network statement 10.0.0.0 0.255.255.255 area 0 matches any IP in the 10.0.0.0/8 range, which likely includes the interface IP. Therefore, the network statement is not the issue.

C

A router-id is automatically selected from the highest loopback or physical interface IP if not manually configured. Lack of manual configuration does not prevent adjacency formation; OSPF will still function.

D

The running-config does not show any authentication configuration, and the symptom (no neighbors) is consistent with passive interfaces, not authentication mismatches. An authentication mismatch would typically show neighbors in EXSTART/EXCHANGE state, not missing entirely.

63
MCQhard

An OSPF router learns a route with metric 20 and another OSPF route to the same destination with metric 30. The prefix length is the same. Which path is preferred?

A.The route with metric 20
B.The route with metric 30
C.Both routes are rejected because the metrics differ
D.The default route is preferred
AnswerA

This is correct because lower metric is preferred within the same routing protocol.

Why this answer

The OSPF path with metric 20 is preferred because, within the same routing protocol and for the same prefix length, the metric is used to compare candidate paths. In practical terms, the router is not comparing source trust here because both routes come from OSPF. It is comparing OSPF’s own internal path-cost values, and the lower metric wins.

This question is about separating administrative distance from metric. Since both routes come from the same protocol, metric is the deciding factor.

Exam trap

A common exam trap is confusing administrative distance with metric when comparing routes from the same protocol. Candidates might incorrectly think that a higher metric route is rejected or that administrative distance plays a role in choosing between two OSPF routes. In reality, OSPF always prefers the route with the lowest metric, and both routes remain valid candidates.

Misunderstanding this can lead to incorrect answers about route selection or route rejection, especially when multiple OSPF routes to the same prefix exist with different metrics.

Why the other options are wrong

B

This option is incorrect because a higher metric indicates a less preferred path in OSPF. The route with metric 30 is less optimal than the one with metric 20 and therefore not preferred.

C

This option is incorrect because OSPF does not reject routes simply because their metrics differ. Differing metrics are normal and help the router choose the best path rather than causing route rejection.

D

This option is incorrect because the router already has specific OSPF routes to the destination. A default route is not preferred when a more specific route with a valid metric exists.

64
Multi-Selectmedium

Which TWO statements correctly describe the configuration and verification of OSPFv3 for IPv6?

Select 2 answers
A.OSPFv3 uses link-local IPv6 addresses to form neighbor adjacencies.
B.OSPFv3 uses global unicast IPv6 addresses to form neighbor adjacencies.
C.OSPFv3 is automatically enabled on all IPv6-enabled interfaces when the routing process is configured.
D.The 'show ospfv3 neighbor' command displays neighbor state, neighbor ID, and interface information.
E.The 'show ospfv3 neighbor' command displays the IPv6 address of the neighbor's interface as the neighbor ID.
AnswersA, D

OSPFv3 routers use link-local addresses (FE80::/10) for neighbor discovery and hello packets, ensuring communication remains within the local link.

Why this answer

OSPFv3 for IPv6 uses link-local IPv6 addresses (FE80::/10) to form neighbor adjacencies, not global unicast addresses (so B is incorrect). OSPFv3 does not automatically enable on all IPv6 interfaces; each interface must be explicitly configured under the OSPFv3 process using the 'ipv6 ospf' command (so C is incorrect). The 'show ospfv3 neighbor' command displays the neighbor's Router ID (a 32-bit value), not the IPv6 address of the neighbor's interface (so E is incorrect).

Correct options A and D accurately describe OSPFv3 neighbor formation using link-local addresses and the information shown by the 'show ospfv3 neighbor' command, which includes neighbor state, neighbor ID, and interface.

Exam trap

Cisco often tests the misconception that OSPFv3 behaves like OSPFv2 by using global unicast addresses for neighbor formation, or that enabling the OSPFv3 process automatically activates it on all interfaces, when in fact each interface must be explicitly enabled under the OSPFv3 process.

Why the other options are wrong

B

OSPFv3 uses link-local addresses, not global unicast addresses, for neighbor formation.

C

OSPFv3 requires explicit interface configuration under the routing process; it is not automatically enabled.

E

The neighbor ID shown is the Router ID, not the IPv6 address of the neighbor's interface.

65
MCQhard

A router pair is directly connected, but they do not become OSPF neighbors. IP addressing and area assignment are correct. What is the most likely cause?

A.OSPF network type mismatch on the connected interfaces
B.Duplicate default routes on both routers
C.Missing VLAN trunking on the link
D.The OSPF process IDs are required to match
AnswerA

This is correct because one side is using point-to-point and the other is using broadcast, which can prevent a stable adjacency.

Why this answer

OSPF network type mismatch is a frequent reason for adjacency failure when basic IP and area settings are correct. If one side is configured as broadcast and the other as point-to-point, the hello timers, neighbor discovery behavior, and designated router election rules diverge, preventing neighbor formation. Unlike process IDs (which are locally significant), a mismatch in network type directly affects how OSPF hellos are processed.

This is a well-known L2/L3 misconfiguration that must be checked alongside router‑ID and authentication parameters.

Exam trap

A common exam trap is assuming that OSPF process IDs must match on both routers to form neighbors. Many candidates mistakenly believe process IDs are globally significant, but they are only locally important identifiers. Another tempting mistake is blaming IP addressing or area mismatches without checking the OSPF network type.

Since network type controls how OSPF hellos are sent and received, a mismatch between broadcast and point-to-point types can silently block adjacency formation even when IP and area configurations appear correct. This subtlety often leads to confusion during troubleshooting and exam scenarios.

Why the other options are wrong

B

Incorrect because duplicate default routes affect routing decisions but do not impact the OSPF neighbor formation process, which depends on hello packets and network type compatibility.

C

Incorrect since VLAN trunking applies to Layer 2 switch ports, not routed interfaces running OSPF. The problem described involves OSPF adjacency, not VLAN or trunk configuration.

D

Incorrect because OSPF process IDs are locally significant identifiers and do not need to match between routers for neighbor relationships to form. This does not cause adjacency failure.

66
PBQhard

You are connected to R1. Configure OSPFv3 for IPv6 so that R1 and R2 can exchange IPv6 routes over their directly connected link. Enable IPv6 routing, assign OSPFv3 process and area on the interface, and verify that the neighbor adjacency forms and routes appear in the IPv6 routing table.

Network Topology
G0/02001:DB8:1::1/64G0/0 2001:DB8:1::2/64R1R2

Hints

  • OSPFv3 requires IPv6 unicast routing to be enabled globally.
  • OSPFv3 is enabled on the interface, not under a router ospf process like OSPFv2.
  • Use 'ipv6 ospf <process-id> area <area-id>' on the interface.
A.Enable IPv6 routing with 'ipv6 unicast-routing', configure OSPFv3 on the interface with 'ipv6 ospf 1 area 0', and verify with 'show ospfv3 neighbor' and 'show ipv6 route ospf'.
B.Enable IPv6 routing with 'ipv6 unicast-routing', configure OSPFv3 globally with 'router ospfv3 1' and 'router-id 1.1.1.1', then assign the interface to area 0 with 'ipv6 ospf 1 area 0'.
C.Enable IPv6 routing with 'ipv6 unicast-routing', configure OSPFv3 on the interface with 'ipv6 ospf 1 area 0', and verify with 'show ip ospf neighbor' and 'show ip route ospf'.
D.Enable IPv6 routing with 'ipv6 unicast-routing', configure OSPFv3 on the interface with 'ipv6 ospf 1 area 0', and verify with 'show ospfv3 neighbor' and 'show ipv6 route'.
AnswerA
solution
! R1
configure terminal
ipv6 unicast-routing
interface GigabitEthernet0/0
ipv6 ospf 1 area 0
end

Why this answer

Option A is correct because it includes enabling IPv6 routing with 'ipv6 unicast-routing', applying OSPFv3 to the interface using 'ipv6 ospf 1 area 0', and verifying with the correct OSPFv3-specific commands 'show ospfv3 neighbor' and 'show ipv6 route ospf'. Option B is incorrect because it adds a global 'router ospfv3 1' command, which is unnecessary; OSPFv3 can be configured directly on the interface without a global process. Option C is incorrect because it uses IPv4 OSPF verification commands 'show ip ospf neighbor' and 'show ip route ospf', which are not valid for OSPFv3.

Option D is incorrect because although it uses the correct 'show ospfv3 neighbor', the 'show ipv6 route' command does not filter to OSPF-learned routes, so it displays all IPv6 routes rather than just OSPF routes.

Exam trap

Do not confuse OSPFv3 with OSPFv2. OSPFv3 uses 'ipv6 ospf' on the interface and 'show ospfv3 neighbor' for verification. Also, remember to enable IPv6 routing with 'ipv6 unicast-routing'.

Why the other options are wrong

B

Adding a global 'router ospfv3 1' command is unnecessary; OSPFv3 can be enabled directly on the interface without a separate global configuration.

C

Using 'show ip ospf neighbor' and 'show ip route ospf' are IPv4 OSPFv2 commands, not valid for OSPFv3 which requires 'show ospfv3 neighbor' and 'show ipv6 route ospf'.

D

The 'show ipv6 route' command displays all IPv6 routes, not just OSPF-learned ones; the filter 'ospf' is required to see OSPF routes specifically.

67
MCQhard

A network engineer adds a loopback interface Lo0 with IP address 172.16.0.1/32 to router R1. After restarting the OSPF process, the OSPF router-ID changes from 10.1.1.1 to 172.16.0.1, and the neighbor relationship with R2 resets. What should the technician do next to prevent this disruption the next time a loopback is added?

A.Configure passive-interface Lo0 under the OSPF process
B.Configure a static router-id using the router-id command under the OSPF process
C.Set a higher OSPF priority on the router’s interfaces
D.Configure the OSPF area as a stub area
AnswerB

Explicitly setting the OSPF router-ID prevents the process from dynamically re-electing a new router-ID based on interface IPs. This guarantees a stable router-ID regardless of added loopbacks, avoiding adjacency resets.

Why this answer

Configuring a static router-id under the OSPF process ensures the router-ID never changes due to interface IP changes or loopback additions. This directly addresses the root cause of the adjacency reset—dynamic router-ID re-election.

Exam trap

Candidates often mistake the passive-interface command as a way to prevent the loopback IP from being considered for router-ID selection, but OSPF router-ID election is independent of interface passive state; it always picks the highest loopback IP at process start.

Why the other options are wrong

A

Passive-interface does not influence router-ID selection, which is based solely on highest active loopback IP address at process initialization.

C

Confusing DR election parameters with router-ID election leads candidates to a parameter that is irrelevant to router-ID stability.

D

Changing area type does not address router-ID fluctuation; it targets LSDB optimization, which is unrelated to the dynamic router-ID re-election after loopback addition.

68
MCQhard

An OSPF-enabled router R1 fails to advertise the 192.168.50.0/24 network to neighbor R2, even though the neighbor relationship is up. Which misconfiguration on R1 would cause this?

A.The OSPF process must be process ID 50 to advertise 192.168.50.0/24
B.The wildcard network statement does not match 192.168.50.0/24
C.OSPF cannot advertise a directly connected LAN
D.R2 needs a default route before learning intra-area routes
AnswerB

Correct choice.

Why this answer

If the network statement on R1 does not match the interface connected to 192.168.50.0/24, OSPF will not enable on that interface and the subnet will not be advertised. The route stays absent from neighbors despite OSPF running elsewhere.

Exam trap

A frequent exam trap is believing that the OSPF process ID must match across routers to advertise specific networks or that OSPF cannot advertise directly connected LANs. Candidates may also incorrectly assume that a default route is required on a router before it can learn intra-area routes. These misconceptions lead to overlooking the actual cause: a mismatched wildcard mask in the network statement that prevents OSPF from activating on the interface.

This trap causes candidates to focus on irrelevant configuration elements instead of verifying the network statement accuracy.

Why the other options are wrong

A

The OSPF process ID is locally significant and does not affect which networks are advertised. Changing the process ID to 50 is unnecessary and does not solve the problem of missing routes.

C

OSPF can advertise directly connected LANs if their interfaces are included in the OSPF network statements. This option is incorrect because directly connected LANs are advertised when properly configured.

D

A default route is not required for a router to learn intra-area OSPF routes. OSPF routers exchange routing information through link-state advertisements without needing a default route first.

69
MCQhard

Exhibit: A router has the following routes in its routing table: - OSPF: 10.1.1.0/24 - Static: 10.1.1.128/25 - Default: 0.0.0.0/0 A packet is destined for 10.1.1.130. Which route does the router use?

A.The OSPF 10.1.1.0/24 route
B.The static 10.1.1.128/25 route
D.The router load-balances across all three
AnswerB

Longest-prefix match sends 10.1.1.130 to the /25.

Why this answer

Routers use longest-prefix match before they think about metrics. The /25 route for 10.1.1.128/25 is more specific than the /24 or the default route, so traffic for 10.1.1.130 follows that path.

Exam trap

A common exam trap is to select a route based solely on routing protocol preference or administrative distance without considering prefix length. Many candidates incorrectly choose the OSPF 10.1.1.0/24 route because OSPF is a dynamic protocol and might assume it is preferred over a static route. However, Cisco routers always apply longest-prefix match first, so the static 10.1.1.128/25 route is chosen because it is more specific.

Another trap is to think the router load-balances across all routes, but load balancing only occurs among routes with equal prefix length and metric, not across different subnet sizes.

Why the other options are wrong

A

The OSPF 10.1.1.0/24 route matches the destination IP but has a shorter prefix length than the static /25 route. Since longest-prefix match takes priority, this route is not used.

C

The default route is a last-resort route used only when no other specific routes match the destination IP. Since more specific routes exist, it is not selected here.

D

The router does not load-balance across routes with different prefix lengths because longest-prefix match selects a single best route, so this option is incorrect.

70
MCQhard

A route to 10.10.20.0/24 disappears when an OSPF adjacency fails. Which design would most directly provide an automatic backup without changing the primary OSPF path during normal operation?

B.A standard static route with the default administrative distance of 1
C.Removing OSPF entirely and using only a default route
D.Disabling the routing table on the router until failure occurs
AnswerA

This is correct because it provides a backup route without replacing OSPF under normal conditions.

Why this answer

The most direct design is a floating static route with a higher administrative distance than OSPF. In plain language, that means the router keeps a manually configured backup route in reserve but does not use it while the OSPF route remains healthy. If the OSPF path disappears, the backup static route becomes active automatically. This is a very common and practical way to add simple failover.

The key requirement in the question is that the primary OSPF path should remain unchanged under normal conditions. A normal static route with default distance would override OSPF and break that goal. A floating static route avoids that by staying less preferred until a failure occurs. That is why it is the correct design choice here.

Exam trap

Avoid assuming that static routes are always less preferred than dynamic routes without considering administrative distance.

Why the other options are wrong

B

A standard static route with the default administrative distance of 1 would override the OSPF route (AD 110) because a lower AD is preferred. This would replace the primary OSPF path with the static route, not provide a backup that only activates upon failure.

C

Removing OSPF entirely eliminates the primary dynamic routing protocol, which is not a backup solution. The question requires preserving OSPF as the normal path and only providing an automatic backup when OSPF fails.

D

Disabling the routing table is not a valid operational practice; routers require the routing table to forward packets. This option does not provide any automatic backup mechanism and would break connectivity entirely.

71
MCQmedium

Exhibit: R1 has a static default route to 192.0.2.2 and also learns a default route from OSPF. Which default route is installed in the routing table?

A.The OSPF default route because dynamic routes are preferred
B.The static default route because its administrative distance is lower
C.Both default routes because they have the same prefix length
D.Neither route until a floating static route is configured
AnswerB

Static AD 1 beats OSPF AD 110.

Why this answer

When two routes to the same prefix are learned from different sources, the router compares administrative distance first. A static route has AD 1 by default, while OSPF has AD 110, so the static default route wins unless its AD was changed manually.

Exam trap

A common exam trap is believing that OSPF default routes always override static default routes because dynamic routing protocols are 'more intelligent' or 'preferred.' This misconception leads to selecting the OSPF route as installed, ignoring the fundamental Cisco routing rule that administrative distance determines route preference. Since static routes have a default AD of 1 and OSPF routes have an AD of 110, the static route is preferred unless its AD is manually changed. Misunderstanding this can cause incorrect answers and confusion about route installation behavior.

Why the other options are wrong

A

This option is incorrect because dynamic routes like OSPF are not automatically preferred over static routes. Administrative distance determines preference, and static routes have a lower AD than OSPF by default.

C

This option is incorrect because having the same prefix length does not mean both routes are installed. The router uses administrative distance to choose a single best route.

D

This option is incorrect because a normal static default route is valid and installed immediately. A floating static route is only needed if you want a backup route with a higher AD.

72
MCQeasy

Which OSPF component is used to identify routers uniquely inside an OSPF domain?

A.Area ID
C.Hello timer
AnswerB

The router ID uniquely identifies an OSPF speaker.

Why this answer

The router ID is the unique identifier OSPF uses for each router. It is not the same thing as the process ID, which is locally significant only.

Exam trap

A frequent exam trap is mistaking the OSPF area ID for the router ID. While area IDs define logical groupings of routers within an OSPF domain, they do not uniquely identify individual routers. Another pitfall is confusing the router ID with the OSPF process ID, which is locally significant and does not uniquely identify routers.

Additionally, some candidates incorrectly select hello timers or wildcard masks, which serve different purposes such as neighbor keepalive intervals and network statement definitions, respectively. Understanding these distinctions is critical to avoid selecting incorrect options that sound related but serve different functions.

Why the other options are wrong

A

Area ID identifies OSPF areas, which are logical subdivisions within the OSPF domain, but it does not uniquely identify individual routers. Selecting area ID confuses the concept of router identification with area grouping.

C

Hello timer controls how often OSPF routers send hello packets to maintain neighbor adjacency. It does not serve as a unique identifier for routers.

D

Wildcard mask is used in OSPF network statements to specify which IP addresses belong to an OSPF area. It does not identify routers uniquely.

73
PBQhard

You are connected to R1. The network uses OSPF between R1 and R2. Configure an extended ACL on R1 so that hosts in VLAN 10 (192.168.10.0/24) can reach the web server at 203.0.113.100 only via HTTP/HTTPS, and hosts in VLAN 20 (192.168.20.0/24) can reach it via any TCP service except HTTP/HTTPS. All other traffic to the server must be denied. Apply the ACL outbound on the interface facing the server. Currently, the ACL is missing the permit for VLAN 20 traffic, causing connectivity loss.

Network Topology
G0/0192.0.2.1/30G0/0192.0.2.2/30linkG0/1203.0.113.1/24203.0.113.100/24linkR2R1Web Server

Hints

  • The current ACL blocks HTTP/HTTPS from all sources, but VLAN 20 should be allowed to use those ports.
  • Use the 'range' keyword to permit a contiguous set of ports for VLAN 20, excluding ports 80 and 443.
  • Remember to deny all other traffic to the server after the permits.
A.Remove the two deny statements and add: permit tcp 192.168.20.0 0.0.0.255 host 203.0.113.100 range 1 79, permit tcp 192.168.20.0 0.0.0.255 host 203.0.113.100 range 81 442, permit tcp 192.168.20.0 0.0.0.255 host 203.0.113.100 range 444 65535, then deny ip any any
B.Add a permit statement for VLAN 20 before the deny statements: permit tcp 192.168.20.0 0.0.0.255 host 203.0.113.100 range 1 65535
C.Remove the two deny statements and add: permit tcp 192.168.20.0 0.0.0.255 host 203.0.113.100 eq www, permit tcp 192.168.20.0 0.0.0.255 host 203.0.113.100 eq 443
D.Add a deny statement for VLAN 20 HTTP/HTTPS before the existing permit statements: deny tcp 192.168.20.0 0.0.0.255 host 203.0.113.100 eq www, deny tcp 192.168.20.0 0.0.0.255 host 203.0.113.100 eq 443, then add a permit tcp 192.168.20.0 0.0.0.255 host 203.0.113.100 range 1 65535
AnswerA
solution
! R1
configure terminal
no ip access-list extended BLOCK_HTTP
ip access-list extended BLOCK_HTTP
permit tcp 192.168.10.0 0.0.0.255 203.0.113.100 0.0.0.0 eq 80
permit tcp 192.168.10.0 0.0.0.255 203.0.113.100 0.0.0.0 eq 443
permit tcp 192.168.20.0 0.0.0.255 203.0.113.100 0.0.0.0 range 1 79
permit tcp 192.168.20.0 0.0.0.255 203.0.113.100 0.0.0.0 range 81 442
permit tcp 192.168.20.0 0.0.0.255 203.0.113.100 0.0.0.0 range 444 65535
deny ip any 203.0.113.100 0.0.0.0
end
clear access-list counters BLOCK_HTTP

Why this answer

The ACL BLOCK_HTTP is applied inbound on G0/0, which is the interface toward the server. The first two deny statements incorrectly block HTTP/HTTPS from any source, including VLAN 20 which should be allowed. The correct approach is to permit HTTP/HTTPS only for VLAN 10, and permit all other TCP services (except HTTP/HTTPS) for VLAN 20, then deny all other traffic.

The solution removes the overly broad deny statements and adds specific permits for VLAN 20 to reach the server on any TCP port except 80 and 443, followed by an explicit deny ip any any to enforce the implicit deny.

Exam trap

The trap is that the existing deny statements for HTTP/HTTPS are too broad; they block VLAN 20's required access. Candidates might think they need to add permits before the denies, but they must also ensure the permits for VLAN 20 exclude HTTP/HTTPS. Another trap is forgetting to add an explicit deny at the end, though the implicit deny exists, the question explicitly states 'All other traffic to the server must be denied' so an explicit deny is good practice.

Why the other options are wrong

B

The specific factual error is that the permit statement does not exclude ports 80 and 443. It allows all TCP ports, which is too permissive.

C

The specific factual error is that the permit statements allow the very ports that should be denied for VLAN 20. This misinterprets the requirement.

D

The specific factual error is that the permit statement is too broad and overrides the deny statements. The correct approach is to permit only non-HTTP/HTTPS ports, not all ports.

74
MCQhard

Based on the exhibit, why is traffic to host 198.51.100.70 using the OSPF route instead of the static route?

A.Because the OSPF /26 route is more specific than the static /24 route.
B.Because OSPF always overrides static routing, regardless of prefix length.
C.Because the static route must have an administrative distance of 255 to be considered.
D.Because the destination 198.51.100.70 is outside both listed routes.
AnswerA

This is correct because longest-prefix match causes the /26 route to be chosen for 198.51.100.70.

Why this answer

The traffic uses the OSPF route because it is the more specific match. In practical terms, the router evaluates destination-prefix specificity before comparing route source preference. The static route points to a broader /24, while the OSPF entry points to a narrower /26 that still contains the destination. Because longest-prefix match comes first, the /26 route wins.

This is a good reminder that static routes do not automatically beat dynamic routes when the prefixes are different. Specificity matters first, then source preference only when the prefix length is the same.

Exam trap

A frequent exam trap is believing that static routes always take precedence over OSPF routes because static routes have a lower administrative distance. This misconception ignores the fundamental routing principle of longest-prefix match, which prioritizes the most specific subnet mask regardless of route source. Candidates may incorrectly select the static route simply because it is static, missing that the OSPF route’s /26 mask is more specific than the static /24.

This leads to incorrect answers and confusion about route selection behavior in Cisco routers.

Why the other options are wrong

B

Incorrect because OSPF does not always override static routes. Administrative distance matters only when prefix lengths are equal, and longest-prefix match takes precedence over route source.

C

Incorrect because the static route does not have an administrative distance of 255; it is valid and installed in the routing table. The issue is the static route’s broader prefix, not its administrative distance.

D

Incorrect because the destination IP 198.51.100.70 falls within both the /24 static route and the /26 OSPF route. The router chooses based on prefix specificity, not exclusion from the routes.

75
MCQhard

What is the best explanation for why a router chooses the OSPF route to 10.50.0.0/16 instead of the RIP route?

A.Because OSPF has a lower administrative distance than RIP for the same prefix.
B.Because RIP routes are never installed when OSPF is running.
C.Because OSPF always has a longer prefix than RIP.
D.Because the RIP metric is lower than the OSPF metric.
AnswerA

This is correct because both routes are /16, so source trust becomes decisive and OSPF wins.

Why this answer

The router chooses the OSPF route because when the prefix length is the same, source preference is considered, and OSPF has a lower administrative distance than RIP. In practical terms, both routes describe the same destination size, so longest-prefix match does not separate them. The router then trusts the OSPF source more than RIP by default.

This is a classic administrative-distance comparison question and a very important route-selection concept.

Exam trap

A frequent exam trap is believing that RIP routes are never installed when OSPF is running or that the router always prefers the route with the lowest metric regardless of protocol. This is incorrect because RIP routes can remain in the routing table alongside OSPF routes. The router actually uses administrative distance, not metric, to choose between routes learned from different protocols.

Confusing metric with administrative distance leads to wrong answers, especially when both protocols advertise the same prefix length. Remember, cross-protocol route selection depends on administrative distance, not metric comparison.

Why the other options are wrong

B

Option B is incorrect because RIP routes can still be installed in the routing table even when OSPF is running; the router does not automatically suppress RIP routes.

C

Option C is wrong because both OSPF and RIP routes shown have the same prefix length (/16), so prefix length does not influence the choice here.

D

Option D is incorrect because cross-protocol route selection is based on administrative distance, not metric comparison; RIP's metric being lower does not make it preferred over OSPF.

Page 1 of 3 · 174 questions totalNext →

Ready to test yourself?

Try a timed practice session using only OSPF questions.