Huawei H12-891_V1.0 Dumps

256K bytes

48128 bytes

32K bytes

80128 bytes

Pipe mode. When an IP message passes through an MPLS network, the IPTTL minus l at the entry point is mapped to the MPLS TTL field

MPLS tags in the TTL, which mean the same as the TTL domain in the IP header. TTL prevents mpLS networks from creating routing loops

In Unifor mode, when an IP message passes through an MPLS network, the inbound IPTTL is minus 1. The MPLSTTL field is a fixed value

In MMLSVPI, if you need to hide the structure of the MPLS backbone network, you can use the Uniform mode on Ingress for private network messages

Routes match in order When a route matches to a clause, the relationship between

and is no longer matched downwards

or relationships

Routes match in order and routes need to match all sub-directions

True

False

The BPDU interval between switches is not configured

The Transition VLAN mapping between the handover machines is not configured to be caused

The Revislon Level configuration is inconsistent between switches

Inconsistent Registry Name configuration between text exchange machines

The router-LSA data area contains the Link-Local address

The router-LSA data area contains the Interface ID of the neighbor on this side

Similar to OSPFv2, the Option field exists in the header of LSA, not in the data area of Router-LSA

When LS type= Ox0001 in the head of LSA, the data area representing LSA is Router-LSA

root protection

PreventS TC-BPDU attacks

BPDU Protection

Loop Protection

7 ? LSA

1 ? LSA ? 2 ? LSA

I LSA,2 LSA 5 LSA

3 ? LSA ? 4 ? LSA

1 LSA,2 LSA 3 LSA

Out of the interface

MAC address

IP address

VLAN ID

300 4200

1234 1400

3100

100

The router queries a specific group

The router maintains a timeout timer for each group membership, refreshes the timer if the receiver host is received, and deletes the group membership if the timer times out

The router periodically sends a Query message, and after the receiver host receives the Query message, it reports a Report message

As soon as the leave message is received, the router immediately deletes the group membership

TRUE

FALSE

True

False

R2, as DIS, sends CSNP periodically.

R2 As DIS, Hello time is 3 times that of a normal router . C. R2 as DIS does not receive PSNP nouns for other routes.

RI and R3 maintain database consistency by periodically sending PSNP requests.

Both the G0/0/17 interface and the GO/0/18 interface enter the Forwarding state

Both the Go/0/17 interface and the G0/0/18 interface enter the Disccarding state

The Go/0/17 interface enters the Blocking state

The GO/0/18 interface will continuously change back and forth between the Listening state and the Learning state

GO/0/18 interface will enter the Disking state

FQDN

NS

PTR

MX

A

Directly discard the BPDU packet

Close the port

After parsing the BPDU message, the relevant information is obtained

Forward BPDU packets as required

which needs to be used in conjunction with route ingestion, acts as an external route sender neighbor that only partially introduces.

If you do not configure this command, the device will by default introduce the external routing protocol to the IS-IS route all outgoing

Restricts the external publication of route entries generated by the device itself

This command will filter the link status information released to the outside world

SSM multicast address, the multicast address segment is valid for the whole network

Any legitimate multicast traffic and multicast application can adopt this address C. Locally managed multicast address, which is valid only locally

Link-local multicast address, where traffic that uses that address includes network control messages and that address range is only the multicast address segment used by the E. routing protocol

cir 10000 pir 12000

cir 10o00 cbs 12000 pbd 12000

cir 8000 pir 12000

cir 10000 cbs 10000 pbs 12000

SNTP server address

IPv6 address/prefix

Gateway address

DNS server address

NAT64

IPv6 over IPv4

Dual Stack

ISATAP

There is no Type3 LsA flooding within Areal

There is no Type3 LSA flooding in Area2

There is Type5 LSA flooding within Areal

Area2 contains Type5 LSA generic adverb

BGP4+ carries the next hop address of the route through the Network Address of Next Hop in the NLRI properties MP_REACH

BGP4+ carries the next hop address of the IPv6 route through the NEXT_HOP attribute

The NEXT_HOP attribute does not exist in BGP4+

BGP4+ carries the prefix and mask length of the IPv6 route through the NLRI attribute

In the NSSA area where the OSPF neighbor sends hello packets, the N position 0, E within the option field Position 1

The NSSA zone must automatically generate a default LSA to access the external network

The NSSA zone generates a Category VII LSA to advertise external routing, and the FA address in the Category VII LSA acts to prevent loops

In the OSPF neighbor in the NSSA region sends hello packets, position 1 within the option field , position E

The downstream interface of the IGMP proxy device generates multicast relay table items

IGMP proxy can detect the link status with the linkage through the information of the member host joining/leaving the multicast group, and realize the rapid switching of the primary and standby device links

IGMP proxy is typically deployed on devices between hosts that are members of the access device

The

IGMP proxy device cannot send query messages to downstream member hosts in place of the IGMP queryer to maintain group membership

15

10

5

1

CIR=TC/BC

CIR=BE/TC

TC=CIR/BC

TC=BC/CIR

network-LSA

Router-LSA

Link-LSA

Inter-area-prefix-LSA

[Huawei]ospfv3 1 [Huawei-ospfv3-1J]area 1

[Huawel-ospfv3-1-area-0001]abr-summary fc00:0-0:48 cost 400

[Huawei] interface gigabitethernet 1/0/0

[Huawei-GigabitEthernet1/0/0]asbr-surmary fcO0-0:0:48 cost 20

[Huawei]ospfv3 1 [Huawei-ospfv3-1]asbr-surmary fcO0-0:0::48 3 cost 20 tag 100

[Huawei]ospfv3 1 [Huawei-ospfv3-1]abr-surmary fcO0:0:0:48 cost 400

(Huaweijospf3 1 Huawei-ospfv3-1Jarea 1

Huawei-ospfv3-1-area-0001]asbr-sumary fcO0:0:0: 48 cost 20 tag 100

Set up via a cluster card on the motherboard

Establish

through the cluster daughter card on the interface board. Establish

through the service interface on the interface board Established by switching the cluster card on the network board

When the public network tag is LDP only , for cross-domain VPN-optionC scenario 2, a three-layer tag is required in the packet forwarding process.

For the cross-domain VPN-OptionB approach, an MP-eBGP neighbor relationship needs to be established between the two ASBRs.

For the cross-domain VPN-OptionA mode, the route passed between the two ASBRs is a normal IPv4 route.

For the cross-domain VPN-OptionB approach, two ASBR-PEs are interconnected with multiple interfaces (including sub-interfaces), each associated with a VPN, each ASBR PE treats the peer as a CE.

Typel

Type2

Type3

Type4E. Type5

R2, you can use the filter po y export command to filter R3's loopback route

R2 you can make Ëfilter in Area 0 The import command to filter the loopback route for R3 on

RI can make Ëfilter-policy import filter the loopback route for R3

RI, you can use the Make Ëfilter export command in Area 1 to filter loopback routes for R3

SA is uniquely identified by a triple that includes the security parametric reference SPI (Security Parameter Inder), the source IP address, and the security protocol number (AH or ESP)

Use the display ipsec command to view the encryption algorithm used with another IPSec peer, the traffic of interest, and so on.

IPSec only supports encrypting data using symmetric encryption algorithms.

A two-way SA must exist between IPSec peers to establish an IPSec VPN connection

Special control message attacks

Scan Probe Attack

DDos Attack

Malformed Message Attack

MaxAge

Root cost

Forward delay

Hold time

Hello time

Without changing the current configuration, GigabitEthernet1/0/1 and GigabitEthernet1/0/2 can join the same aggregation group

Because of the different VLANs allowed, GigabitEthernet1/0/1 and GigabitEthernet1/0/2 cannot join the same aggregation group

After link clustering is configured on both SWA and SWB, if MSTP is enabled on the switches SWA and SWB Both GigabitEthernetl1/0/1 and GigabitEthernetl/O/2 are the forwarding status of MSTP

Only if the configuration of GigabitEthernet 1/0/2 is changed to match GigabitEthernet 1/0/1 can the two join the same aggregation group

A TTL that acts like an IP header and is used to prevent message loops

To control label distribution

Limit LSR

Control of upstream devices for label distribution

The outer destination IP address is the IP address of the VTEP at the far end of the VXLAN tunnel

The source UDP port number is 4789

The destination UDP port number is 4789

VNI has 24 T bits to distinguish the VIAN segment

The BGP route matches the above only if the BGP route carries a community attribute value of 100:1 or if the AS PATH is 100 route one policy. The AS-one PATH attribute that matches the route is changed to 200

The BGP route matches the above only if the BGP route carries a community attribute value of 100:1 and the AS-One PATH is 100 route policy? The AS-PATH nature of the matching route is changed to 200

Only if the BGP route carries an AS-PATH of 100, the BGP route matches the route one policy above. The AS-one PATH attribute that matches the route is changed to 200

As long as the BGP route carries a community attribute value of 100:1, the BGP route matches the route-policy above The AS-PATH attribute of the matching route is changed to 200

Layer 2 gateway: Used to solve the problem of tenant access to the VXLAN virtual network, and can also be used for subnet communication of the same VXLAN virtual network.

Layer 3 gateway: Used for cross-subnet communication of the VXLAN virtual network and access to external networks.

VXLAN Layer 3 gateways can be divided into centralized gateways and distributed gateways.

Layer 2 gateway and VPN instance binding.

Sub-VLAN is used to isolate broadcast domains

A Super VLAN can contain one or more Sub-VLANs

The super Sub-VLAN contains a physical interface that can establish a Layer 3 VLANIF interface

Sub-VLAN contains a physical interface that can establish a Layer 3 VLANIF interface

256K bytes

48128 bytes

32K bytes

80128 bytes

There must be both Router LSA and Network LSA in the OSPF network

Network LSA carries both topology and routing information

A router running OSPF must produce a Network LSA

A router running OSPF must produce a Router LSA

When the amount of information in the Link State Protocol data packet PDU to be released by ISIS is too large, the ISIS router will generate multiple LSP shards to carry more ISIS information.

ISIS can choose whether to authenticate incoming SNP and LSP packets

If there are other vendors' devices on the network and do not support the LSP sharding function, the sharding expansion mode must be configured as Model-1, otherwise the message will not be recognized by other vendors' devices.

After you enable the LSP shard extension feature of your router, you can use it without restarting the ISIS process.

LSUpdate message is sent only when an adjacency relationship is established

LSUpdate messages synchronize the link state database by sending detailed LSA information

The interface sends Hello packets as soon as it joins the OSPF area

When an LS Update packet is received, the router must send an LSAck to acknowledge

FALSE

TRUE

PIM routers with long interface masks are elected dr.

Compare the DR priority first; With the same priority, you need to compare the interface IP addresses of the PIM routers to elect dr

PIM routers with small IP addresses are elected DR. PIM routers with low D. DR priority values are elected DR.

True

False

Brutal mode can support NAT traversal, while main mode does not support NAT traversal.

The two routers establish IPSecVPN in main mode, and from the 5th message (included), the payload's data is often encrypted.

Two routers establish an IPSec VPN in brutal mode, so that the tunnel is built with a minimum of 4 messages interacting between the two devices.

The two routers can establish an OSPF neighbor relationship through the IPSec VPN (19) channel and exchange intranet devices by

By default, PE does not perform VPN-target filtering on received VPNv4 routes.

Local PE sets up An Export Target for these routes before releasing VPNv4 routes learned from sites that are directly connected to them to other PEEs attributes, and are published with routes as extended community attributes for BGP.

Carries the RD attribute when BGP publishes both reachable and unreachable VPNv4 routes.

The VPNv4 address has a total of 12 bytes, including an 8-byte route identifier RD (Route Distingulisher) and a 4-byte IPv4 Address prefix.

True

False

Memory that occupies the cache ton

Increases the power consumption of the power supply

Consumes a TCAM table entry

Consume the available bandwidth

Consume the MAC address table entry available in the system

Agile Controller-Campus

Agile Controller-WAN

Agile Controller-DCN

By default, devices support php features, and the ERAS node that supports PHP assigns a tag value of 3 to the penultimate hop node

When the tag value is 0, the tag must be ejected and the message must be forwarded based on IPv4

The MPLS tag is 4 bytes long and encapsulated between the link layer and the network layer.

If the bottom of the label identifies S=0, it indicates that the label is the bottom label and is directly forwarded to the IP.

Insufficient link bandwidth

The IP addresses on both ends are not on the same network segment

The link layer protocols on both ends are inconsistent

Subnet mask does not match the

WITH

Local-Preference

AS_PATH

Origin

Any change in BFD status is realized by detecting the BFD at the millisecond level, which correlates the OSPF state and realizes the purpose of OSPF rapid sensing link state

Does not affect OSPF neighbor status

BFD packet transmission interval can reach the 100-second level, which is slower than the OSPF induction link state

OSPF's hello send interval is seconds, which is faster than BFD inductive link state

Multicast

Known unicast

Broadcast

Unknown unicast

ORF

Route Control C. Route Aggregation

Set the same Cluster-ID

User data encryption

Data source authenticity verification

Integrity check

Controllability check

receives neighbor routing information

Introduce static routes

BGP routing for other AS is introduced

Introduced Direct Route

Both VRRPv2 and VRRPv3 support authentication

VRRPv3 does not support authentication, while VRRPV2 does

VRRPv2 only applies to IPv4 networks, and VRRPv3 only applies to IPv6 networks

The owner of the Master IP address has a VRP priority of 255, and all configurable priorities range from 0 to 254

Detection time for BFD packets for AR2 800ms

R1 Detection time for BFD packets for 1280ms

R1 Detection time for BFD packets The detection time for BFD packets for 660ms

R2 is 600ms

The routing policy configured on the ARO filters the System-ID of the default route

R2 from conflicting with R3

R and R4 Zone Planning Errors The System-ID of

R2 conflicts with R1

The router does not have an RPF route

PIM is not enabled on the RPF interface

The upstream router will receive the PIM Join message dropped

Multi-router egress network, this router is not DR

True

False

True

False

When fixed registration mode is selected, the interface cannot propagate dynamic VLANs

When the normal registration mode is selected, allow the interface to dynamically register and unregister the VLAN. Logout here includes deleting dynamically learned VLANs and VLANs created natively by the administrator

When the interface layer two operating mode must be hybird

GVRP when the register mode with forbidden is selected, there are four types of interface registration mode

Display alarm

Display current-configuration

Display interface brief

Display clock

MAC authentication does not require a username password, so you cannot use RADIUS to authenticate the user.

RADIUS supports both wired and wireless access modes.

SEPARATION OF RADIUS PROTOCOL AUTHENTICATION, AUTHORIZATION, AND AUDIT.

RADIUS authentication and Portal authentication cannot be used together because the Portal server can typically be used to authenticate users when portal authentication is deployed.

There is no change in the option field of the Hello message

Remove the Authentication, Auth Type fields

Hello messages no longer contain address information, carrying Interface lD

The OSPF version number changed from 2 to 3

Mac address spoofing attacks cause the switch to learn the wrong mapping of Mac addresses to IP addresses

A MAC address spoofing attack causes the data that the switch is sending to the correct destination to be sent to the attacker

MAC address spoofing attacks primarily exploit the switch Mac address learning mechanism

An attacker can perform a MAC address spoofing attack by sending a forged source Mac address data frame to the switch

True

False

By default, the DIS priority of broadcast network interfaces at Level-1 and Level-2 is 1 B In broadcast networks, the DIS priority for IPV4 and IPV6 can be set separately

In the same broadcast network. If each router supports both IPV4 and Pv6, the DISC of JPV4 and Pv6 must be the same device

IS-IS sient is configured under the finger port, this interface will not send ISIS packets, but will receive ISIS packet

The interconnect POS ports of R1 and R2 learn the 24-bit subnet route of each other's direct connection ports through IPCP

The interconnect POS ports of R1 and R2 learn the 32-bit host route for each other's direct connections through IPCP

The interconnect POS port of RI and R2, through LCP learns the MAC address of the opposite termination , does not need to use ARP to request the MAC address

The data packets of the interconnect POS ports of R1 and R2 do not need to encapsulate ethernet headers and do not need to use ARP to request MAC addresses

No configuration is required

Publish default routes only in the OSPF process for R2

In the OSPF process of R2 and the IS-IS process, the default routes are published separately

Publish the default route only in the IS-IS process of R2

Digital envelopes

Issued by

Digital signature

Public key information

Both R2 and Zone 0 generate Router LSA

R2 generates Router LSA only in Zone 0

R2 forwards the R1-generated Router LSA to R3

R2 Forwards the R3-generated Router LSA to R1

MASTER DOWN = (3*ADVER_ INTERVAL) + Skew_ time

Skew Time= (255-Priority)/255

By default, the time period for VRRP advertisement messages is 2 seconds

By default, the VRRP preemption delay is I seconds

The 8021D bridge only forwards BPDU packets received from the root bridge

8021D bridges do not forward BPDU packets

The 8021w bridge only forwards BPDU packets received from the root bridge

8021w Bridge does not forward BPDU packets

In the process of packet forwarding, the private network LSP of the VPN should be exchanged once on the two ASBRs An EBGP neighbor relationship.

Cross-domain VPN An Option

scheme is not limited by the number of interconnection links between ASBRs

The outer layer label is exchanged between two ASBRs to VPNv4 routes.

239000-239255255255

241.000-241.255255255

224000-224255255255

240000-254255255255 E. 226000-226255255255

The interface ID of the sending interface must be included in the A Hello packet

The LSACK message contains LSA header information to confirm the receipt of LSU packets

The LSR message contains the complete LSA header information for requesting an update to the LSA

Hello messages and the Option field for DD messages extends to 24-bit

The hello packet of OSPFv3 carries the IPV6 address prefix of the router interface

OSPFv3 uses the authentication field of the packet header to complete the packet authentication

OSPFv3 uses the link-local address as the source address for sending packets, which can be forwarded outside the range of the originating link

OSPFv3 sends OSPFv3 packet using the IPV6 multicast addresses FF02::5 and FF02

BGP4+ does not support route reflectors.

The next hop of a B. BGP4 route can use the Link-Local address.

BGP4 configures the reflector, the role positioning of the reflector and the client needs to be consistent with the configuration of BGP4

BGP4 specifies p

BGP4+? Router-ID ? BGP4 ? Router-ID—??

ASBR-Sunmary-LSA is allowed to be published to the NSSA region

AS-External-LSA is allowed to be published to the Stub region

Any OSPF zone can be configured as a special zone

Zone can be equipped with zhiyi

TRUE

False