Configuring R1 as a route reflector server  and configuring R4 as a client is not possible.

R1 does not have a neighbor relationship with R4, if it did we wouldn't have a  problem.

Since there is no neighbor relationship between R1 and R4, it is impossible to enter the command.

R1(config-router)# neighbor <R4> router-reflector-client

Where is the distribute list seq 10 rule? Do you mean route-map seq 10?

I believe this question is misworded.  Should be IPv6 DHCP Guard. I am unable to find any reference to IPv4 DHCP Guard.


https://www.examtopics.com/discussions/c...iscussion/

https://www.cisco.com/c/en/us/td/docs/io...-guard.pdf

Correct answer is to configure to permit TCP ports higher than 1023.

Passive FTP is an FTP mode that can be requested by a client to alleviate the issues caused by client-side firewalls. Both the server and the client must support passive FTP for this process to work. When passive FTP is used, the client will initiate the connection to the server. This process is effective because most firewalls allow inbound traffic from sessions initiated by the client.   A passive FTP connection follows the following process:

1. The client sends the PASV command to an FTP server on port 21. The source port is a random, high-numbered port. The destination port is 21.
   
2. The server responds with the PORT command. The port command specifies a random, high-numbered (ephemeral) port that the client can connect to.
   
3. The client initiates a connection to the server on this ephemeral port.
   
4. The server responds with an ACK. The FTP session has now been established
   

The command 'ip dhcp relay information enable' does not exist

service dhcp enables dhcp server AND RELAY AGENT

You cannot configure multiple vrfs on an ospf instance  you need a separate instance for each VRF.

If it was possible to configure multiple VRF's on an ospf instance,  using separate instances would not be wrong.

P2#sh run | section router
P2#
P2#
P2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
P2(config)#router ospf 10 vrf Site-A
P2(config-router)#
*Feb 24 07:16:28.883: %OSPF-4-NORTRID: OSPF process 10 failed to allocate unique router-id and cannot start
P2(config-router)#router-id 10.10.10.10
P2(config-router)#exit
P2(config)#
P2(config)#router ospf 10 vrf SharedSites
%VRF specified does not match existing router
P2(config)#
P2(config)#
P2(config)#
P2(config)#router ospf 20 vrf SharedSites
P2(config-router)#
*Feb 24 07:17:31.696: %OSPF-4-NORTRID: OSPF process 20 failed to allocate unique router-id and cannot start
P2(config-router)#router-id 20.20.20.20
P2(config-router)#exit
P2(config)#
P2(config)#

I built this in GNS3.  The ACL only prohibits TCP 179 and I was still getting  this debug
ICMP: dst (10.255.255.1) administratively prohibited unreachable rcv from 10.0.12.2

I used wireshark and realized that i was getting a notification via ICMP that the TCP attempt was prohibited by R2.  In short, the ACL blocks TCP 179, P2 uses ICMP to Notify PE1 of the prohibited TCP 179 traffic.  Thus the ICMP Unreachable.

https://drive.google.com/file/d/1JdEY_gy...sp=sharing


PE1#
PE1#debug ip tcp trans
TCP special event debugging is on
PE1#debug ip icmp
ICMP packet debugging is on
PE1#clear ip bgp *
PE1#
PE1#
PE1#
*Feb 24 05:28:02.013: %BGP-3-NOTIFICATION_MANY: sent to 1 sessions 6/4 (Administrative Reset) for all peers
PE1#
*Feb 24 05:28:07.362: TCBF7660230 created
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_VRFTABLEID (20) F7656CC4
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_MD5KEY (4) 0
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_ACK_RATE (37) F784127C
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_TOS (11) F7841290
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_PMTU (45) F7841248
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_RTRANSTMO (36) F7841278
*Feb 24 05:28:07.362:  tcp_uniqueport: using ephemeral max 65535
*Feb 24 05:28:07.362: TCP: Random local port generated 49575, network 1
*Feb 24 05:28:07.362: TCBF7660230 bound to 10.255.255.1.49575
*Feb 24 05:28:07.362: Reserved port 49575 in Transport Port Agent for TCP IP type 1
*Feb 24 05:28:07.362: TCBF7660230 getting property TCP_STRICT_ADDR_BIND (19)
*Feb 24 05:28:07.362: TCP: pmtu enabled,mss is now set to 1460
*Feb 24 05:28:07.362: TCP: sending SYN, seq 1784972807, ack 0
*Feb 24 05:28:07.362: TCP0: Connection to 10.255.255.3:179, advertising MSS 1460
*Feb 24 05:28:07.362: TCP0: state was CLOSED -> SYNSENT [49575 -> 10.255.255.3(179)]
*Feb 24 05:28:07.364: ICMP: dst (10.255.255.1) administratively prohibited unreachable rcv from 10.0.12.2
PE1#
*Feb 24 05:28:07.364: TCP0: ICMP destination unreachable received
*Feb 24 05:28:07.364: Released port 49575 in Transport Port Agent for TCP IP type 1 delay 240000
*Feb 24 05:28:07.364: TCP0: state was SYNSENT -> CLOSED [49575 -> 10.255.255.3(179)]
*Feb 24 05:28:07.364: TCB 0xF7660230 destroyed
PE1#und all

correct answer should be VRF, not VFP.

Correct answer is to Add a static router to the 8.8.8.8/32 destination through next hop 203.0.113.1


Ethernet 0/0 is used for the ISP1 default route.
Ethernet 0/1 is used for the ISP2 default route.


The default route named ISP1 will not come up unless 8.8.8.8 is reachable.  8.8.8.8 is not reachable without a default route.

Adding a static route to 8.8.8.8 tells the router how to reach SLA1's target so the default route can come up without the need for the other static route (ISP2).

Correct answer is to configure ebgp multihop on RB. the output of RD shows that ebgp-multihop is configured on RD.  See below example of how ebgp multihop is shown in the command output for bpg neighbors.

IOU2(config-router)#do sh run | section router bgp
router bgp 200
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
IOU2(config-router)#
IOU2(config-router)#do show ip bgp neigh | inc External BGP neighbor
  External BGP neighbor not directly connected. <-- multihop not configured
  External BGP neighbor configured for connected checks (single-hop no-disable-connected-check)
IOU2(config-router)#
IOU2(config-router)#
IOU2(config-router)#neigh 1.1.1.1 ebgp-multihop 3 <-- Configure Multihop
IOU2(config-router)#
IOU2(config-router)#do show ip bgp neigh | inc External BGP neighbor
  External BGP neighbor may be up to 3 hops away. <-- output showing multihop is configured.
  External BGP neighbor NOT configured for connected checks (multi-hop no-disable-connected-check)
IOU2(config-router)#
IOU2(config-router)#
IOU2(config-router)#neigh 1.1.1.1 ebgp-multihop 10
IOU2(config-router)#do show ip bgp neigh | inc External BGP neighbor
  External BGP neighbor may be up to 10 hops away.
  External BGP neighbor NOT configured for connected checks (multi-hop no-disable-connected-check)
IOU2(config-router)#


###example once ebgp multihop is configured on opposite router.
IOU2#sh ip bgp neigh | inc remote router ID
  BGP version 4, remote router ID 1.1.1.1