Home > Switching Basics

Switching Basics

October 12th, 2010 in CCIE Written Go to comments

Here you will find answers to Switching Basics Questions

Question 1

What two features in Cisco switches help prevent Layer 2 loops? (Choose two)

A. UniDirectional Link Detection
B. Hot Standby Router Protocol
C. Virtual Router Redundancy Protocol
D. PortFast
E. root guard
F. loop guard

Answer: A F


Both UniDirectional Link Detection (UDLD) and Loop Guard protect a switch trunk port from causing loops. Both features prevent switch ports from errantly moving from a blocking to a forwarding state when a unidirectional link exists in the network.

Unidirectional links are simply links for which one of the two transmission paths on the link has failed, but not both. This can happen as a result of miscabling, cutting one fiber cable, unplugging one fiber, GBIC problems, or other reasons

UDLD – Uses Layer 2 messaging to decide when a switch can no longer receive frames from a neighbor. The switch whose transmit interface did not fail is placed into an err-disabled state.

Loop Guard – When normal BPDUs are no longer received, the port does not go through normal STP convergence, but rather falls into an STP loop-inconsistent state.

(Reference: CCIE Routing and Switching Exam Certification Guide)

Question 2

Refer to the exhibit. Which switching feature is being tested?


aggregation-2 (enable) set spantree portfast 3/11 ena

Waning Spantree port fast start should only be enabled on ports connected to a single host.
Connecting hubs, concentrators, switches, bridges, etc. to a fast start port can cause temporary spannmg tree loops. Use with caution.
Spantree port 3/11 fast start enabled.
aggregation-2 (enable) set spantree portfast bpdu-filter ena
Spantree portfast bpdu-filter enabled on this switch.
2001 Feb 06 13:32:14 %SPANTREE-4-LOOPGUARDBLOCK: No BPDUs were received on port 3/21 m VLAN 99. Moved to loop inconsistent state

A. loop guard 
B. PortFast 
C. root guard 
D. BDPU guard

Answer: A

Question 3

Which three of these statements about Dynamic Trunking Protocol are correct? (Choose three)

A. It supports autonegotiation for both ISL and IEEE 802.1 Q trunks.
B. It must be disabled on an interface if you do not want the interface to work as a trunk or start negotiation to become a trunk.
C. It is a point-to-multipoint protocol.
D. It is a point-to-point protocol.
E. It is not supported on private VLAN ports or tunneling ports.

Answer: A B D

Question 4

You are designing your network to be able to use trunks. As part of this process you are comparing the ISL and 802.1 Q encapsulation options. All of these statements about the two encapsulation options are correct except which one?

A. Both support normal and extended VLAN ranges.
B. ISL is a Cisco proprietary encapsulation method and 802.1 Q is an IEEE standard.
C. ISL encapsulates the original frame.
D. Both support native VLANs.
E. 802.1 Q does not encapsulate the original frame.

Answer: D

Question 5

Refer to the exhibit. From the MAC addresses shown in the command output, to which two ports is the multicast stream being forwarded on this switch? (Choose two)

Switch#show mac-address-table multicast

vlan mac address type ports
—————–+ ——————————+ ———————+ —————————————————————–

A. Fa6/28
B. Fa7/20
C. Gi3/7
D. Fa4/2
E. Fa4/14
F. Fa4/38
G. Fa6/28
H. Fa5/7

Answer: C E

Question 6

You are about to migrate a customer network to use a VSS. Which of these statements is true about a VSS?

A. The VSS switch must be the root bridge for all VLANs and is automatically designated. 
B. The VSS switch is defined in RFC 4318 as a managed object.
C. The PAgP+ or LACP protocols are used to maintain the operational state of the VSS devices.
D. A VSS interoperates with a virtual port channel. 
E. The 802.1Q or ISL protocols are used to maintain the operational state of the VSS devices. 
F. A VSS increases the size of the spanning-tree domain.

Answer: C


Virtual switching system (VSS) is a network system virtualization technology that pools multiple Cisco Catalyst 6500 Series Switches into one virtual switch, increasing operational efficiency, boosting nonstop communications, and scaling system bandwidth capacity to 1.4 Tbps. At the initial phase, a VSS will allow two physical Cisco Catalyst 6500 Series Switches to operate as a single logical virtual switch called a virtual switching system 1440 (VSS1440)


Virtual Switching System 1440 Compared to Traditional Network Design

(Reference: http://www.cisco.com/en/US/products/ps9336/products_tech_note09186a0080a7c837.shtml)

C is the correct answer as in the recommendations of the above link, the author wrote:

Do not use on and off options with PAgP or LACP or Trunk protocol negotiation.

* PAgP — Run Desirable-Desirable with MEC links.
* LACP — Run Active-Active with MEC links.
* Trunk — Run Desirable-Desirable with MEC links.

Recommended link: http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9336/prod_qas0900aecd806ed74b.html

Question 7

An 802.1 Q trunk is not coming up between two switches. The ports on both switches are configured as “switchport mode desirable.” Assuming that there is no physical issue, choose two possible causes. (Choose two.)
A. Incorrect VTP domain
B. Incorrect VTP password
C. Incorrect VTP mode
D. Incorrect VTP configuration revision

Answer: A B

Question 8

Refer to the exhibit. Look at the command output. Assume that there is no other path, and the configuration is correct. What would be the consequences of this situation?

Switch1#show cdp neighbor
Capability Codes: R – Router, T- Trans Bridge, B – Source Route Bridge S – Switch, H – Host, I – IGMP, r- Repeater, P – Phone

Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch2 Gig 1/0/3 160 S I WS-C2955C Fas0/13

Switch2#show cdp neighbor

Capability Codes: R – Router, T- Trans Bridge, B – Source Route Bridge S – Switch, H – Host, I – IGMP, r- Repeater, P – Phone

Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch1 Fas0/13 173 R S I WS-C3750G Gig1/0/4

A. Users in SW1 can ping SW2 but not vice versa. 
B. Users in SW2 can ping SW1 but not vice versa. 
C. Users in SW1 and SW2 can ping each other. 
D. Users in SW1 and SW2 cannot ping each other.

Answer: D

Question 9

Refer to the exhibit. Look at the command output. What can you use to prevent this behavior?

Switch 1#show cdp neighbors
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge S – Switch, H – Host, I – IGMP, r – Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch2 Gig 1/0/3 160 S I WS-C2955C Fas0/13

Switch 1#

Switch2#show cdp neighbor

Capability Codes: R – Router, T- Trans Bridge, B – Source Route Bridge S – Switch, H – Host, I – IGMP, r- Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch1 Fas0/13 173 R S I WS-C3750G Gig1/0/4

B. spanning-tree loopguard 
C. VTP mode transparent 
D. switchport mode desirable

Answer: A

  1. claudio
    April 22nd, 2011

    Q5, IP will become MAC 0100.5ee6.39c7, so the interfaces G3/7,F6/28 and F7/20 will receive the traffic. Does this question have 3 correct answers (A, B,C)? Why you answered E?

  2. Bennet Eapen
    April 25th, 2011

    Mac address 0100.5e66.39c7 is accessible via Gi3/4,Gi3/7,Fa4/10,Fa4/14,Fa7/31,Fa7/40.
    So options C and E i.e., Gi3/7 & Fa4/14 are the correct answers.

  3. Das
    April 27th, 2011

    Can Someone please explain question no. 5 ??

  4. Ula
    May 1st, 2011

    Question 4. Answer D is incorrect. ISL is not support nativ Vlan. B is correct.

  5. Ula
    May 1st, 2011

    Bennet Eapen Why multicast IP address will be Mac address 0100.5e66.39c7?

  6. jimbob
    May 2nd, 2011

    Ula – Q4 D is correct the question asked what is “not” true…

    i.e. ISL does not support native VLAN thus answer D is correct

  7. jimbob
    May 2nd, 2011

    Ula Q5, this is a Layer 3 IP Multicast address to Layer 2 Multicast mapping question.

    first thing is to convert the IP address to binary so : in binary is

    11100001 11100110 00111001 11000111

    then put the first 6 hex charaters in front of the binary address and remove the first 4 bits (which are always 1110) this is the IEEE OUI for layer 2 multicast addressing

    0100.5e | 0001 11100110 00111001 11000111

    then we “always” change the next 5 bits to a binary 0 (which leaves us with 24 bits for the conversion to hex)

    0100.5e | 01100110 00111001 11000111

    this leaves you with 24 bits to convert into hex from binary


    01100110 00111001 11000111 = 66.39.c7

    and the question asks which interfaces listed are forwarding this group..

    All of the below are forwarding it,


    but only 2 are listed in the multiple choice :

    Gi3/7 & Fa4/14

  8. Anonymous
    May 2nd, 2011

    Can someone please explain Question 8 and 9 ? Why port ID is different then the one of the peer ?


  9. bill
    May 3rd, 2011

    Actually there is a question that asks that. This is a very fake thing that involves cabling the 2 fiber leads from a single port into 2 different ports on 2 different switches. It would be highly unlikely you would get lucky enough to get all the ports in a up status so they could even send/receive cdp neighbor.
    I guess they wanted a example where you could use UDLD even though in reality it is a very rare to get both ports in a up state but have a broken connection between them.

  10. lonsomeboy
    May 19th, 2011

    The DTP Trunking question answers are wrong. DTP is not supported on Private VLANs or tunnel ports which is verbatim from the Design Guides:


    Q3 is therefore, A D E and not B.

    B is wrong because you don’t need to disable DTP to stop trunking or the port attempting to negotiate. Auto won’t start the negotiation, nonegotitate doesn’t negotiatet and some combinations of DTP settings won’t from a trunk link.

  11. pOp
    May 26th, 2011

    “DTP is not supported on private-VLAN ports or tunnel ports.”

    Great find mate.Thanks.

  12. Maseghe
    June 17th, 2011

    Is the wording of Q4 right?

    If its is,D is not the correct answer..802.1Q does not actually encapsulate the original frame. Instead, for Ethernet II frames, it adds a 32-bit field between the source MAC address and the EtherType/Length fields of the original frame.

  13. dljerez
    June 18th, 2011


    I think that the right answer is D. A VSS interoperates with a virtual port channel.

    You can find the anwers in this link:

    vPC and VSS
    Mixed data centers consisting of both Cisco Catalyst and Cisco Nexus products can interoperate by using both vPC and VSS technologies.

    The PAgP+ or LACP protocols are not required in order to the VSL to function. The recomendation to use PAgP or LACP is to conect others equipments to the VSS Cluster by Multi Chassis Etherchannel MCE.

  14. Amit
    June 22nd, 2011

    Question 6: The correct answer is C (Matches with Rstut)

    Just deployed nexus 7000 series in the LAB. HSRP interoperates with virtual port channels (vPCs). Here is the link. Under the link, review the section vPC and HSRP


  15. jep
    December 28th, 2011

    Q6 answer is C (agree with rstut). believe me guys you’ll get your point.
    Q5 answer from rstut is also confirmed. its better to have knowledge about L3 multicast address mapping to L2 multicast address. But if you re-checked the question for a valid two choice, you will only ports from 0100.5e66.39c7 mac. other mac would give you less than two or more than two ports.

  16. Sirathan
    January 7th, 2012

    Q6: You can connect VSS with Nexus over vPC. So for me Answer D is correct.
    Cisco Catalyst 6500 VSS and Cisco Nexus 7000 vPC Interoperability and Best Practices:

    For the VSS link it does not use LACP or PAgP, see here: http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/VSS30dg/VSS-dg_ch2.html#wp1056015

  17. Matt
    January 15th, 2012

    Anyone have insight for 7?
    FTP affects DTP?

  18. Matt
    January 15th, 2012

    Sorry typo above should read:

    VTP affects DTP?

  19. choco
    January 17th, 2012

    Q6 After reading carefully the linkl Sirathan mentioned, I must agree with answer D.

  20. jep
    January 25th, 2012

    wow.. Q6 is indeed D. i’m lucky not having this question in my test.

  21. Cereso_di_Zona
    January 27th, 2012

    Question 3

    B is definitly wrong. If you do not want the interface to work as a trunk, put it in access mode.
    E. “It is not supported on private VLAN ports or tunneling ports” –> from cisco documents, so definitly correct.

    rstut, why don’t you correct this answer? It’s quite obvious…

    Answer: A D E

  22. choco
    February 15th, 2012

    Q3 for me answer is ADE

  23. Otto
    June 24th, 2012

    Q6 Answer C is correct.

    From Cisco documentation: “Virtual Switch Link (VSL)—A special port channel required to bundle two physical switches into one virtual switch.”


  24. bhuraque
    July 2nd, 2012

    Q6 answer is C

  25. Drop kerbs
    August 11th, 2012

    I will immediately grasp your rss feed as I can’t find your e-mail subscription hyperlink or newsletter service. Do you have any? Kindly allow me realize so that I may subscribe. Thanks.

  26. karim
    August 19th, 2012

    I think that the right answer is D.see the link below

    “Since VSL EtherChannel uses LMP per member link, the link-aggregation protocols, such as PAgP and LACP, are not required”

  27. nazty
    December 20th, 2012

    Can anyone please explain for Q8?

  28. Anonymous
    December 20th, 2012

    Can anyone please explain for Q8?

  29. @Helen
    January 21st, 2013

    Q8 is obvious as it is a uni-direction communication between 3 switches.

    A ping needs to be work in bidirectional.

  30. @Helen
    January 21st, 2013

    Q6 is a question about how we understand the English?

    I hate this kind of question.

  31. ravi
    August 4th, 2013

    Q3 RSTUT answer is correct. And its obvious answers. Ppl just confused with arguments. Cisco answers are the final. Look at the questions and answers before saying

  32. Uki
    November 14th, 2013

    Q6 is of course D. How can be LACP or PAgP+ used to maintain the operational state of the VSS devices??? 🙂 And vPC interoperates with VSS, so this answer is correct.

  33. Jos
    May 22nd, 2014

    Q3, E is right as well, it’s stated clearly here: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_55_se/configuration/guide/scg3750/swvlan.html
    “Note: DTP is not supported on private-VLAN ports or tunnel ports.”
    So 4 right answers here, choose 3.

    Cisco, you screwed up again!!!!

  34. Konan
    September 21st, 2015

    Q7: I agree that VTP domain name mismatch prevents trunking,but what is the reference that vtp password mismatch also prevents trunking to form?

    Q8: From what we can definitely say that users can not ping each other?

    Q9: Question says:”What can you use to prevent this behavior?” ,prevent what? CDP is working,what should be prevented??? :/

  35. Konan
    September 22nd, 2015

    Q8&9,a got them.Miscabling (it seems,fiber media is in use)
    But,Q7 still is unclear.Nowhere it says that mismatching password prevents trunking

  36. Freddie
    January 19th, 2016

    cheap jersey discount code cheap stitched jerseys [Freddie]

  37. prabhakara
    October 24th, 2016

    which three statements about dtp are true?

  1. No trackbacks yet.
Add a Comment

Reload Image