Cisco network engineer interview questions
23 Cisco Network interview questions for Cisco senior after-sales network engineers
1. In the current 6509 and 7609, The sup720 switched bandwidth to 720 GB. Can it be said that 7609/6509 can replace part of the GSR status?
A: Some functions are acceptable. Previously, GSR was mainly located in the company's enterprise LAN core switch, while gsr was located in the WAN high-speed Core routing device. The 7609 sup720 can provide 7600G high-speed switching capability, msfc3 and pfc3 provide high-speed routing processing capability and a large number of feature, coupled with the new sip + spa high-speed line speed board on the current series, it is fully competent for Core routing equipment and is best suited for aggregation and service provision of routers. With the development of technology, the emergence of CRS-1, GSR gradually from the core to the backbone convergence development, as a variety of high and low speed line convergence, in this aspect 7609 and GSR can be. However, 7609 and GSR are fundamentally different in architecture. 7609 is developed from switches, and GSR internally splits data into standard cell exchanges, in terms of queue and scheduling, GSR is better as a pure core router because it has been tested for many years. In terms of price, 7609 is still relatively expensive, while GSR is cheaper in some cases.
2. Which route table of ISIS level1 includes? When there are multiple levels-1-2 exits, Where do other routes learn from and how do I select routes?
A: Isis level1 and level2 maintain LSD and SPF. level1's route table is calculated by level1 LSD through SPF, only the detailed routes of the local area and the default routes from level-1-2 connected to the area are included. When there are multiple level12, each level12 indicates that it has a route to other areas by assigning the ATT position 1 in the sent LSP package, when the level1 router receives this LSP, it selects the latest level12 router forwarding traffic.
3. MPLS L3 VPN. What should I do if I want to allow one-way mutual access between two different VPNs?
A: If two VPNs are interconnected, You can output the routing information of the two VPNs to the same RT and import them to achieve interconnection. To achieve one-way access, you can create a public VPN, export the RT of the two VPNs, and both VPNs can access the public VPN.
4. Can I talk about the concept of cross-origin MPLS L3 VPN?
A: Both rfc2547bis and the latest rfc4364 have definitions. There are three main types of definitions. Option a B C:
Option A: Back to Back v ** interconnect. Two * s are connected through the back-to-back connection between VRF, and the routing can be static or dynamic. This method is simple and practical and suitable for connections between different carriers.
Option B: mebgp vpnv4 is used to establish mebgp vpnv4 between two as instances. The VPN route is carried by mbgp, which is highly scalable.
Option C: multi-hop mebgp between RR and the establishment of mebgp between the two as, but not on the ASBR, but between the two as their respective RR, this has better scalability and flexibility. But it is complicated. There is a tag problem to solve the next hop problem.
5. How can an MPLS L3 VPN user meet the Internet requirements? What are the implementation methods? What are the characteristics?
A: There are three types.
1. access the Internet through VPN. the traditional method is to set up a centralized firewall to implement Internet access through NAT, which is simple and easy to implement, but cannot distinguish between Internet traffic and VPN traffic. There is a security problem. Or configure the pack leaking implementation on the PE router.
2. independent Internet Access provides an independent Internet connection line for each VPN site. The CE router implements Nat to the Internet. The PE router must provide an independent line or virtual circuit to CE. The PE router must have the ability to access interne. The advantage is that VPN traffic and Internet traffic can be separated.
3. Use a separate VPN to connect to the Internet, establish a separate VPN, inject the default Internet route and some routes, and implement VPN intercommunication on the PE router that needs Internet access to the SIET connection, to access the internet. Complex, but supports various Internet access requirements.
6. What are the characteristics of L3 VPN and L2 VPN? Which of the following modes do you think is promising?
A: The PE router of the L3 VPN needs to maintain the route information of the customer's VPN. To achieve route selection and maintenance of each VPN, the L2 VPN only establishes a transparent layer 2 channel between customers, no layer-3 information is maintained, which is relatively less complex than L3 VPN. L3 VPN has been used in the real environment for many years and is relatively mature and suitable for complex users with multiple sites. MPLS L2 VPN is used to replace traditional L2 FR and ATM technologies, suitable for point-to-point interconnection or a small number of site connections. L2 VPN is easy to maintain and cost-effective, and should develop rapidly in recent years, while traditional L3 VPN will not be eliminated in a short time.
7. Let's talk about the differences between ISIs and OSPF in various aspects.
A: There are many similarities between them. They are all link status routing protocols. SPF algorithms are used for fast convergence of vslm. There is no difference in purpose. In terms of protocol implementation, OSPF is deployed on the TCP/IP protocol cluster, runs on the IP layer, and the port number is 89. based on ISO clns, ISIS is designed to implement ISO clnp routing, later, we added support for IP routing. For details:
1: different regions are designed. OSPF uses a backbone area0 and a non-backbone region. Non-backbone areas must be connected to areao. Isis is a hierarchical structure composed of L1 L2 L12 routers. It uses a lot less LSP and has better scalability in the same region than OSPF.
2 OSPF has many LSA types, which are complex and resource-consuming, while ISIS has fewer LSP types. Therefore, ISIS is better at CPU usage and route update processing.
3. The Isis Timer allows finer adjustment than OSPF to increase the convergence speed. Cisco Network Technology Forum
4. The OSPF data format is not easy to add new things. To add new things, a new LSA is required, while Isis can easily expand by adding TLV, including IPv6 support.
5. In terms of selection, ISIS is more suitable for carrier-level networks, while OSPF is very suitable for enterprise-level networks.
8. What are the reasons for selecting Isis and OSPF for a backbone network or man?
A: in terms of availability, both IGP protocols are acceptable. However, after analysis, it is possible to determine which protocol is better:
L from the perspective of stability and reliability: the backbone network requires high stability and reliability of the routing protocol, and fast convergence. The OSPF protocol is based on the IP layer, so it can only support IP networks, and some IP-based attacks on the network will affect the normal operation of OSPF. Isis runs directly on the link layer. It can carry multiple network types and has some natural advantages in preventing network attacks.
L from the perspective of the supported network scale: OSPF and ISIS both have the concept of network layering and regional. OSPF has the backbone area 0 and branch areas, ISIS has the level2 and level1 concepts. OSPF is a simplified version of OSPF, only level2 and stub (level1) are implemented. Because level1 uses the nearest L1/L2 router to access networks in other regions, it is easy to cause routing optimization problems, in this way, some functions need to be implemented through other methods. For example, route penetration is required during the construction of mpls vpn, resulting in complicated implementation and maintenance. Because PRC is used for route computing by ISIS, the IP prefix is used as the leaf node of the shortest Spanning Tree, and OSPF is built around the link, in the same size area, isis is more stable than OSPF and consumes less resources. It supports a larger network scale than OSPF.
L from the perspective of flexibility: The OSPF protocol is flexible, the protocol is based on interfaces, supports a comprehensive network type, and the technology is mature. In man, IGP is used to spread user routes, network devices are complex and focus on the flexibility and compatibility of the Protocol, and whether the protocol can meet the complex routing control requirements of a large number of users. These are the strong items of OSPF. We recommend that you use OSPF. OSPF protocol has been widely used in man for new maintenance, especially for earlier network maintenance personnel who are quite familiar with OSPF protocol;
L in terms of scalability: the is-is router is strictly structured and runs stably. It can only belong to one region and does not provide direct support for nbma and p2mp interfaces. ISIS has better scalability: Isis can support multiple network layer protocols (OSPF only supports IP protocols); Isis can smoothly translate, split, and merge, without interrupting traffic; Isis is based on TLV, the Protocol itself is easy to expand. In recent years, the ISIS protocol has been widely used in backbone networks of major operators. When selecting the protocol, you need to consider what protocol is running in the original network, for example, some operators currently use Isis at the backbone layer and OSPF within the metropolitan area network. To ensure network continuity, we need to consider the protocol type selection. If all devices support Isis, consider ISIS.
9. What are common BGP routing principles? How can I work with backbone networks and man networks?
Answer: BGP has many attributes. There are about 9 routing choices. lcal preference, as-path, Med, metric, and community are commonly used. In the connection between the backbone network and the Metropolitan Area Network, the backbone network sends the default route or some detailed routes to the Metropolitan Network. The Metropolitan Network sends the local route information to the backbone network. The receiving route mainly controls the uplink traffic sharing by setting the lcoal preference. If the detailed route sent from the backbone network has med, you can also control it by the med value. The released route uses the med as path to control the balance of the returned traffic. You can set community to indicate the origin of the route. Use BGP to share traffic when multiple egress links exist.
10. If max path is added to BGP, which BGP routing attribute will this option be applied before?
A: Before the last BGP router ID.
11. Why does the pop and man egress of the backbone network need to be set to next-hop-self?
A: The backbone network and the Metropolitan Area Network are connected through ebgp. When the backbone network route received by the Metropolitan Area Network is sent to an internal ibgp neighbor, the next hop address is the IP address of the backbone network device, the ibgp internal router does not have its route information, and the next hop of all routes cannot be reached. Only when the RR of the Metropolitan Area Network sends the route to the ibgp neighbor must add next-hop-self, change the next hop of the route to make the route accessible.
12. There are four router interfaces between the two as instances. One of the routers learns one network from ebgp and the other from ibgp to the same network. Which one is the route? Which of the following attributes has an impact? Which one should I choose if I add med below ebgp in ibgp? Why?
A: select the ebgp. If Med is added, select the lower med.
13. What is the difference between local-Pre and weight?
A: weight is Cisco proprietary, and LOCAL-PRE is recognized as a BGP attribute. Weight is useful only on the local router and cannot be passed; while the LOCAL-PRE is used within an as and can be passed across the. They are all selected with a large number of routes, and the weight decision in the Cisco router is prior to the LOCAL-PRE.
14. Can BGP achieve load balancing? If yes, what are the methods?
A: Yes. For ebgp, you can achieve this by setting the EBGP-MULTIHOP through equal IGP metric. For ibgp, you can configure muximum-paths to implement it on the equivalent IGP metric link.
15. Can I compare med among multiple as instances? If yes, do you need any prerequisites? If so, what are the prerequisites?
A: By default, the MED values of routes from different as are not compared. However, you can set BGP always-compare-Med to compare the MED values of routes from different.
16. Can med be combined with the IGP metric value in? If yes, how can this problem be solved?
A: Set metric internal for the route-map configuration of med.
17. there are still 10 minutes to limit for the cutover and the cutover is not successful. The Bureau has urged you to roll back. However, if you try to solve these problems for another 5 minutes, what is your choice?
A: Roll back immediately.
18. How to deploy the QoS of the backbone network? What kind of backbone network do you think is congested?
Answer: for a carrier-level backbone network, light load is the best way to achieve QoS on the backbone network. Keep the traffic below 50% of the bandwidth and increase the bandwidth as needed, in addition, the access traffic is controlled within a stable range. We can also classify the traffic and implement QoS for different traffic through DIFF-SERV. For complicated QoS requirements, we can use te. For enterprise backbone networks, the WAN link is low speed, QoS can be achieved through the DIFF-SERV, but if the traffic has reached 90% before, the implementation of QoS for the entire network quality cannot be improved. Generally, when the network device can provide full-line speeds and buffer capacity, the backbone network generally uses the POS interface. If the backbone network traffic reaches 50% or more, it should be planned to increase the bandwidth. When it reaches 60%, it will be relatively tight, 70% the network quality may begin to drop, and 80% of the network may be congested. It can be tested by latency and latency jitter.
19. Which of the following do you think is better for engineering and maintenance?
A: The L2 network is simple for engineering implementation. For network management, L3 must be controllable.
20. What are the mechanisms used by L3 networks and L2 Networks to process loops?
A: L3 networks use the running routing protocol algorithm to ensure a ring-free topology. L2 is implemented through STP
21. How many trees are generated by L2 switches in general?
Answer: 2950 supports 64 pvst + instances 16 MST, 3550 is wh pvst + instances 65 MST
22. What is the spanning tree mode of 3550? What is the number of spanning trees?
A: it supports 128 pvst + and 65 MST, both of which support pvst and MSTP.
23. According to your experience, when the traffic on the GE port reaches, you can think of congestion as a problem? When the traffic reaches 2.5g POS port, you can think of congestion?
A: For the GE port, congestion may occur when the traffic reaches M. For the POs port, if the hardware board is of a line speed and the buffer is sufficient, when the traffic reaches about 2 GB, congestion may occur ..