1.1.c Flash Cards

Here is the ANKI package for the flash cards:
https://upw.io/u4/&1.1.C_Network_Challenges.apkg

If you prefer the text, please read below.

What is unicast flooding, in simple terms. Unicast flooding is when a switche receives a unicast frame but has no entry in its CAM table for the destination MAC adress, thus treats the frame as broadcast.

Simply name 3 casues of unicast flooding.
1. Asymmetric routing
2. CAM table overflow attacks
3. Spanning Tree TCN BPDU floods

How would you defend against CAM table overflows causing unicast flooding in your VLAN?
The defense against CAM table overflows is configuring port security on access ports such that a port does not use more than its alloted entries.

How would you defend against unicast flooding caused by flooding of TCN BPDUs?
To defend against this you would most likely need to make sure portfast is configured on whatever port was flapping up and down. Or fix the port flapping issue on the uplink.

What is the default ARP table aging time in Cisco IOS?
4 hours

What is the default CAM aging time in Cisco IOS?
300 sec or 5 min

Which type of traffic is asymmetrical routing unicast flooding most detrimental towards?
One way UDP traffic because of not acking, thus never refreshing the CAM table where the flooding is happening.

What is asymmetric routing?
Asymmetric routing is when a packet takes one path to the destination, but another coming back.

How is asymmetric routing bad with firewalls?
Firewalls are stateful and they expect to see a state of a packet. If a firewall gets a TCP packet in the middle of a stream on its outside interface and has no state for it, it will be dropped. The packet not taking the same symmetrical routing path directly caused this.

How can asymmetric routing make troubleshooting difficult?
A packet or an ICMP troubleshooting method may be having issues only on one path and it could be causing you to look in the wrong direction.

How do protocols like TCP AND UDP deal with microburts?
TCP has built in retransmission however UDP relies on the application layer to decide or track packets. UDP does not handle microbursts well because they usually result in output queue drops.

What is caused by buffering packets for too long?
Buffer bloat

Name two reasons why out of order packets bad for a TCP flow?
1.They waste bandwidth because they can cause retransmits, and lowering of the window size.
2. The CPU needs to spend more time reordering the packets.

Can UDP cope with out of order packets?
No UDP cannot

What is more sensitive to packet-loss voice or video?
Video