ICND2 – VLAN & Trunking
[am4show have=’p2;’]
Premium Member: You can test your knowledge with these questions first via this link.
[/am4show]
Question 1
[am4show have=’p2;’]Which three of these statements regarding 802.1Q trunking are correct? (Choose three)
A. 802.1Q native VLAN frames are untagged by default.
B. 802.1Q trunking ports can also be secure ports.
C. 802.1Q trunks can use 10 Mb/s Ethernet interfaces.
D. 802.1Q trunks require full-duplex, point-to-point connectivity.
E. 802.1Q trunks should have native VLANs that are the same at both ends.
Answer: A C E[/am4show]
Explanation
Native VLAN frames are carried over the trunk link untagged -> A is correct.
802.1Q trunking ports carry all the traffic of all VLANs so it cannot be the secure ports. A secure port should be only configured to connect with terminal devices (hosts, printers, servers…) -> B is not correct.
The Inter-Switch Link (ISL) encapsulation requires FastEthernet or greater to operate but 802.1q supports 10Mb/s Ethernet interfaces. -> C is correct.
802.1Q supports point-to-multipoint connectivity. Although in Cisco implementation, a “trunk” is considered a point-to-point link but 802.1q encapsulation can be used on an Ethernet segment shared by more than two devices. Such a configuration is seldom needed but is still possible with the disablement of DTP negotiation. -> D is not correct (Reference: http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008012ecf3.shtml)
The native VLAN that is configured on each end of an 802.1Q trunk must be the same. This is because when a switch receives an untagged frame, it will assign that frame to the native VLAN. If one end is configured VLAN1 as the native VLAN while the other end is configured VLAN2 as the native VLAN, a frame sent in VLAN1 on one side will be received on VLAN2 on the other side -> E is correct.
Question 2
[am4show have=’p2;’]Refer to the exhibit. A technician has configured the FastEthernet 0/1 interface on Sw11 as an access link in VLAN 1. Based on the output from the show vlan brief command issued on Sw12, what will be the result of making this change on Sw11?
A. Only the hosts in VLAN 1 on the two switches will be able to communicate with each other.
B. The hosts in all VLANs on the two switches will be able to communicate with each other.
C. Only the hosts in VLAN 10 and VLAN 15 on the two switches will be able to communicate with each other.
D. Hosts will not be able to communicate between the two switches.
Answer: D[/am4show]
Explanation
Fa0/1 of Switch11 is configured as an access link of VLAN1 so only frames in VLAN1 can communicate through the two switches. But from the output above we see there is no interface belongs to VLAN1 on Switch12 -> no hosts can communicate between the two switches.
Question 3
[am4show have=’p2;’]Refer to the exhibit:
What can be determined about the interfaces of the Main_Campus router from the output shown?
A. The LAN interfaces are configured on different subnets.
B. Interface FastEthernet 0/0 is configured as a trunk.
C. The Layer 2 protocol of interface Serial 0/1 is NOT operational.
D. The router is a modular router with five FastEthernet interfaces.
E. Interface FastEthernet 0/0 is administratively deactivated.
Answer: B[/am4show]
Explanation
We can’t confirm answer B is totally correct but all other answers are wrong so B is the best choice.
+ We only have 1 LAN interface on Main_Campus router with 4 subinterfaces -> answer A is not correct (although it is a bit unclear).
+ The “protocol” column of interface Serial0/1 is up so its Layer 2 is operating correctly -> answer C is not correct.
+ This router has only 1 FastEthernet interface -> answer D is not correct.
+ The “status” column of Fa0/0 is currently “up” so it is operating -> answer E is not correct.
Q-1: There is no Fa0/1 port listed in any of the vlans.
Saivivek as I understand it, the result shown from show vlan brief, only shows access links, which would mean the missing port (Fa0/1) is set to trunk (show interface trunk will show the missing interface). Since the switches have a mismatch (one is set as a trunk while the other is set an access link), they cannot communicate. You can test this in your lab.
anonymous..I agree with you. That is not the only possible explanation why VLANs on sw11 can not communicate with sw12.
I think Q3 answer is wrong, since a router doesn’t know about trunking. When we want to configure trunking between a router and a switch, we configure the switch ONLY to trunk (switchport mode trunk) and just configure LAN subinterfaces on the router each with its own ip address (interface fa0/0.1 for example). Am I right that A is the answer?
@prenicule, you’re wrong.
There is only 1 LAN interface so A is not correct.
This is router-on-a-stick with few subinterfaces configured so it’s obvious that int fe0/0 is a trunk.
Besides, answers C, D, and E are incorrect so B is only correct answer.
@happy, it is a router in a stick, it means that is is connected to different subnets by using vlans. presence of a trunk further strenghtens this argument.
@happy, it is a router in a stick, it means that is is connected to different subnets by using vlans. presence of a trunk further strenghtens this argument. A and B are correct.
For the question 3, this answer is true but confuse because the port FastEthernet 0/0 mustn’t be in trunk port but in access port.
In fact, only the port at the switch which is connected to the interface FastEthernet 0/0 on the router should be in trunking but not unlike.
Question 1 answer E.
Your explanation is “Must” which I agree. If you do not have the exact same Vlan as Native. The switch is going to give you the “Native VLAN MisMatch”. The answer says “should”, should means that If you dont have the Native VlAN ID’s match than it is ok also. NOT TRUE.
In terms of the ICDN2 Answer D is way out of scope.
ok Guys about the Q3, in the Student Guide of ICND1, Said textually ‘The configuration between a router and switch is sometimes referred to as a router on a stick. the “Router interface is configured to operate as a trunk link” and is connected to a switch port that is configured in trunk mode’
I think the answer is B for that
other thing is Remenber that, you need configure each subinterface on a router with the encapsulation dot1q, the router have the trunk encapsulation for can work
Are you sure VLANS, trunking, inter VLAN Routing and switch security are on the new ICND2 exam?
the cisco website lists them as topics under ICND1 and not ICND2:
http://www.cisco.com/web/learning/exams/list/icnd1b.html#~Topics
http://www.cisco.com/web/learning/exams/list/icnd2b.html#~Topics
Q2: My opinion is that the answer is correct(D),but the real reason is that the interfaces Fa0/1 in both switches should be configured as a trunk and not as an access port between the endpoint a of the link .
I just realized that bobby made the same comment earlier.Sorry.
Why do you think that trunk can’t support port-security in Q1?
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/port_sec.html#wp1071035
See: “Enabling Port Security on a Trunk”
http://www.ciscopress.com/articles/article.asp?p=1722561
on Q3..answer A states “The LAN **interfaces** are configured on different subnets”…surely we don’t see the LAN interfaces…just the LAN *sub*interfaces.
i think B is the only correct answer there.
Took ICND2 earlier today, 986 / 1000.
Questions 2, 3, from this page were on there.
Re my above note, answer B was the only answer you need for question3.
Hi Justin. see my note towards the bottom of the “share your ICND2 experiences” page.
basically this site is hugely helpful, but you will definitely also need a book and i would recommend downloading some past exam questions using examcollection.com. You will need to pay £20 for the s/w to view those exams but it’s well worth it imho.
2,3 were there
Passed today 1000. Got different configuration of the Eigrp & frame Relay labs where there were different DLCIs and IP addresses, but same process was used to get answers (show commands, show ip protocols, show ip interface brief ).
A question about GLBP and a question about netflow were on my test. You can find them here: http://www.examtut.com/2013/09/new-questions-in-ccna-200-120-hsrp-vrrp.html
Study 9tut and this guy i found him really helpful. He has unique way of teaching http://www.danscourses.com If you can do all his videos again and again. Trust me you will get the concept. Also one thing i learned today is if you don’t know the concept it’ll be hard for you in the exam.
All the best to every one in their path. Keep me in your good wishes.
Took the exam today. Pass 986/1000. Q2, Q3 were on there.
Thanks 9tut.
All the Qs was in there
Passed ICND2 today with 933/1000 , Three sims Frame relay, EIGRP and OSPF from here. Some questions were not from here relating to RSTP.
Tested today, 8/20. #3 was on there.
Im still confused by Q3…. The router will be configured with “Sub interfaces”, it will not be configured as a trunk… the SWITCH will have its port configured as a trunk.
My guess would be A… but i suppose without the Mask you cannot say for sure if the sub interfaces are in different subnets…. Horrible question!
Q3- because there are subinterfaces configured, which you can see in the output, means that there has to be a trunk link.
you see the fastethernet ports are configured as .1, .2,.3,.4- they are subinterfaces that are part of 802.1Q frame relay, the link therefore has to be a trunk to carry the information.
took the exam today and pass with 907. Question 3 was on there, the others weren’t. location United States Florida.
test ICND 2
Thanks 9tut
Took ICND2 today 986/100. 3 was on there. Thanks 9TUT
Regarding Q3. Configuration of Router on the stick includes on on each subinterface to enter command encapsulation dot1q vlan-id … and DOT1Q is trunking protocol. So answer B seems legit.
Q3 try and configure an Ethernet sub interface with an IP address without configuring the encapsulation dot1q command.. see what happens… error… why… that command specifies the trunk encapsulation used on the interface and the vlan associated with the sub interface… routers cannot negotiate trunking.. you have to manually configure trunking using that command… so if u see an fa0/or g ethernet sub interface with an ip address in a show command then trunking is in effect…
I dunno. Fair enough that the interface is using a trunking protocol, but that’s not the same as it being configured as a trunk. To me, it’s perfectly legitimate to refer to a sub-interface as an interface. It’s a type of interface; a logical interface. Referring to 4 sub interfaces as ‘interfaces’ doesn’t, to me, invalidate the question, whereas no amount of “running dot1q” is going to make that interface configured as a trunk. That’s something you do to switchports, not routed ports.
But, I’m not a CCIE, so go with what you feel I guess.
for question 3 b is correct because the meaning of trunk links is a ppp or 802.1q link between two network devices that carries more than one VLAN or subinterface.
Hi all.
Im preparing on ICND 1 test but now i see that Vlans and trunking is not an part of ICND 1 , but they are in book for icnd 1 .
Could somebody confirm that if its part of ICND 1 or not ?
Thanks
no plan and trunking were not on the ICND1 i take the ICND 2 tomorrow i will let you all know what was on it!!
Question 1
I believe answers A,C,E are correct. Answer B should read 802.1Q trunking ports CANNOT also be secure ports. Trunking ports can be configured with port security and that is why the wording CANNOT makes answer B wrong.
@Coop
How was your exam?
question 3 is silly……I kept looking for any option that pointed out that this scenario is IMPOSSIBLE….the router IOS won’t let you put four ips from the same subnet on four separate sub-int anymore then it’d allow you to put the same ip on them.
Guy above me is right, in question 3 all the subinterfaces have to be in different subnets, you can try it in packet tracer.
As for the port being trunk – you don’t configure trunking on routers on CCNA level.
You do configure trunking on routers at CCNA level…its a critical part of Router on a Stick. In the real world really both A and B are correct; you would have several different VLANs which will have their own subnet AND trunking is needed to allow multiple VLANs to share the same physical interface
Assume here we have VLAN 10,20,30 and 40 corresponding to each of the sub-interfaces
The config on the router would be like this:
Main_Campus# configure terminal
Main_Campus(config)# interface fa0/0.1
Main_Campus(config-subif)# encapsulation dot1q 10
Main_Campus(config-subif)# ip address 192.168.1.254 255.255.255.0
Main_Campus(config-subif)# interface fa0/0.2
Main_Campus(config-subif)# encapsulation dot1q 20
Main_Campus(config-subif)# ip address 192.168.2.254 255.255.255.0
Main_Campus(config-subif)# interface fa0/0.3
Main_Campus(config-subif)# encapsulation dot1q 20
Main_Campus(config-subif)# ip address 192.168.3.254 255.255.255.0
Main_Campus(config-subif)# interface fa0/0.4
Main_Campus(config-subif)# encapsulation dot1q 20
Main_Campus(config-subif)# ip address 192.168.4.254 255.255.255.0
dot1q defines the trunking protocol followed by the VLAN ID
I don’t really like the question, but I would stick with answer B as there is no ambiguity based on the information available. To say for sure that the interfaces were on different subnets (even though we know they would be), we would need the masks. Keep in mind that it says “from the output SHOWN”
And….there is only one physical LAN interface…we all know how Cisco like to be tricky with funny wording. B is the only way to go, it’s the best answer based on the output shown.
Question 1
Which three of these statements regarding 802.1Q trunking are correct? (Choose three)
A. 802.1Q native VLAN frames are untagged by default.
this ending touch “by default” is confusing, so it possible to override this behavior and tag native vlan frames on a trunk?
Yeah… possible answer…
B. 802.1Q trunking ports can also be secure ports.
There is a document on Cisco somewhere that stated some old hardware does not support port security on trunks but recent do
(there gotta be a weird reason to have port security on trunks, but still possible)
https://learningnetwork.cisco.com/thread/63028
Yeah, possible answer….
C. 802.1Q trunks can use 10 Mb/s Ethernet interfaces.
some old version of IOS only supported trunks on Fast Ethernet and Gigabit Ethernet
But after an upgrade to a certain IOS, trunks can be implemented on Ethernet ports
http://www.cisco.com/en/US/products/hw/routers/ps259/prod_bulletin09186a00800921e4.html
Yeah, possibly correct answer….
D. 802.1Q trunks require full-duplex, point-to-point connectivity.
“A trunk is a single transmission channel between two points” from wiki so trunks are point-to-point and they could work with both half duplex and full duplex but why in the hell half duplex
Yeah, possibly possibly
CISCO, are you frikking testing for CCIE or CCND?
okay, ICND… whatever.
passed on 3/13. questions 2 and 3 on there. tks 9tut
For anyone struggling with question 3, i would agree with stevy0.
They are configured in different subnets, but the word here is not subinterface, its interface. The physical interface is configured with no ip address. Being in different subnets CAN BE ASSUMED from the output provided. IOS immediately tells you when you have an subnet overlap on a subinterface. I’m not sure about ethernet interfaces, but for serial interfaces, if you admin down the physical port, you can assign ip addresses in the same subnet on multiple subinterface. As soon as you no shut the physical interface, the subinterface and the physical interface will appear to be in UP/UP but after a short time, the line protocol will go down on all of your subinterface that have ip address in overlapping subnet.
On ethernet interfaces, IOS requires that you assign the encapsulation and vlan information to the subinterfaces before an ip address can be configured. Although we don’t have a show command that specifically states that the operational/administrative mode is trunk for routed interfaces, since we have to configure the encapsulation and the operational status of the switchport would be trunk on the switch, we can assume that they are wanting B to be the answer. The definition of a trunk is carrying traffic for multiple vlans, not some show command that says its a trunk. The 4bit field in the header carries the vlan tag information provided from trunking interfaces. Just because its a layer 3 device does not mean it is not capable of being a trunk.
I got Q3 today in the ICND2 exam.
Thanks 9tut.
Q3 today ICND2
Q2 & Q3 got today.
For Q 3, B is indeed correct. Because if you try to configure a sub-interface on a router without first specifying the encapsulation type, you will get an error. Therefore, the created sub-interfaces imply that the link is configured to trunk, although we don’t see the switch configuration.
get dumps with nuggets free from this following link
wurl. cc/dumps
Just took the test today – 980/1000 Questions 1 and 2 were from this page. Thanks 9tuts! Also got Frame Relay, EIGRP and OSPF labs- a lot of OSPF & quite a few EIGRP questions! You guys ROCK!!
THERE IS NO NEED FOR ANY DUMPS – just study one book (Wendel or Todd) and the you tube lessons along with 9tuts itself are enough
@all: We had to move all the questions and answers out of 9tut. We can only keep the explanation. You can download the questions and answers at: https://mega.co.nz/#!oIdESYbD!yyu33vygrfKPy4rcmcbV6qW2fxINNoTokuDM3CjA_og
What was the reason why you had to move your stuff out? Why not move domains or change web address, if pass4sure and etc can get away with it then why not 9tut
https://mega.co.nz/#!oIdESYbD!yyu33vygrfKPy4rcmcbV6qW2fxINNoTokuDM3CjA_og this reference does not work. Why?
And where can i get this answers and questions?
@Ivan: I uploaded that file here: http://www.mediafire.com/view/686kvdms48m67k7/ICND1_2_Questions_July_2015.pdf
Q2. Why answer 1 is no correct? if both ports of the switches are in access mode then the native vlan will pass through. The answer 1 is correct despite that there aren’t any host in vlan 1 for now. If there are in the future the will talk. Do you agree?
There are a few things that can explain why 1 is not correct. The biggest thing is the question states that on sw11 the port is configured as an access port, not a trunk port so other vlan traffic cannot pass through it making D correct.
I HAD Q.3 AT MY EXAM TODAY … IT COULD BE A OR B
A.The LAN interfaces are configured on different subnets.
B. Interface FastEthernet 0/0 is configured as a trunk.
I CHOOSED B …CAUSE AT A HE MENTION LAN INTRFACES…BUT WHEN WE TALK ABOUT ROUTER ON STICK ..WE SHOULD SAY LAN SUBINTERFACES…SO I GUESS A IS WRONG…SO I HAVE B ITS MORE SENSE THROUGH APPLYING ENCAPSULATION DOT1Q AT SUBINTERFACE
Hello Mike ,
I m quite confused on Q.3 may i ask you that how did it go with your answer “B” id thats what you have choosen ?
regards
Hi All is this questions are still valid as I am going to appear for this exam in 1-2 weeks? Please tell me? else please send valid dumps/link at {email not allowed}
Hi All is this questions are still valid as I am going to appear for this exam in 1-2 weeks? Please tell me? else please send valid dumps/link at parmpreet.sandhu1 at gmail dot com