Home > DMVPN Questions

DMVPN Questions

July 31st, 2017 in ROUTE 300-101 Go to comments

Note: If you are not sure about DMVPN, please read our DMVPN tutorial first.

Question 1

Explanation

From the output we learn that the logical address 10.2.1.2 is mapped to the NBMA address 10.12.1.2. Type “dynamic” means NBMA address was obtained from NHRP Request packet. Type “static” means NBMA address is statically configured. The “authoritative” flag means that the NHRP information was obtained from the Next Hop Server (NHS).

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_4/ip_addr/configuration/guide/hadnhrp.html

Question 2

Explanation

When DMVPN tunnels flap, check the neighborship between the routers as issues with neighborship formation between routers may cause the DMVPN tunnel to flap. In order to resolve this problem, make sure the neighborship between the routers is always up.

Reference: http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/29240-dcmvpn.html#Prblm1

Question 3

Explanation

DMVPN is not a protocol, it is the combination of the following technologies:

+ Multipoint GRE (mGRE)
+ Next-Hop Resolution Protocol (NHRP)
+ Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP…) (optional)
+ Dynamic IPsec encryption (optional)
+ Cisco Express Forwarding (CEF)

For more information about DMVPN, please read our DMVPN tutorial.

Question 4

Explanation

To allow communication to multiple sites using only one tunnel interface, we need to configure that tunnel in “multipoint” mode. Otherwise we have to create many tunnel interfaces, each can only communicate to one site.

DMVPN_Topo_mGRE.jpg

 

Question 5

Explanation

An mGRE tunnel inherits the concept of a classic GRE tunnel but an mGRE tunnel does not require a unique tunnel interface for each connection between Hub and spoke like traditional GRE. One mGRE can handle multiple GRE tunnels at the other ends. Unlike classic GRE tunnels, the tunnel destination for a mGRE tunnel does not have to be configured; and all tunnels on Spokes connecting to mGRE interface of the Hub can use the same subnet.

DMVPN_Topo_mGRE.jpg

For more information about DMVPN, please read our DMVPN tutorial.

Question 6

Explanation

GRE tunnels are the first thing we have to configure to create a DMVPN network so we should start troubleshooting from there. NHRP can only work properly with operating GRE tunnels.

Question 7

Question 8

Explanation

The “show crypto isakmp sa” command displays all current Internet Key Exchange (IKE) security associations (SAs) at a peer.

QM_IDLE state means this tunnel is UP and the IKE SA key exchange was successful, but is idle and may be used for subsequent quick mode exchanges. It is in a quiescent state (QM) -> Answers A, C, D are incorrect so answer B is the only suitable answer left.

Question 9

Explanation

The DMVPN is comprised of IPsec/GRE tunnels that connect branch offices to the data center. DMVPN troubleshooting requires the network engineer to verify neighbor links, routing and VPN peer connectivity. The GRE protocol is required to support routing advertisements. The VPN peer connection is comprised of IKE and IPsec security association exchanges.

The command “show crypto ipsec sa” is used to verify IPsec connectivity between branch office and data center router. We can also use this command to display the statistics of an active tunnel on a DMVPN network.

DMVPN_show_crypto_ipsec_sa.jpg

Note:
+ The command “show crypto isakmp sa” is used on DMVPN to verify IKE connectivity status to branch offices. The normal IKE state = QM IDLE for branch routers and data center routers.
+ The command “show crypto engine connection active” displays the total encrypts and decrypts per SA.

Reference: http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/29240-dcmvpn.html

Question 10

Question 11

Question 12

Explanation

Both DMVPN Phase 2 and phase 3 support spoke to spoke communications (spokes talk to each other directly). In this case there is only an option of phase 2 (not phase 3) so it is the only correct answer.

Question 13

Explanation

Some documents say RIPv2 also supports DMVPN but EIGPR, OSPF and BGP are the better choices so we should choose them.

Question 14

Explanation

DMVPN is not a protocol, it is the combination of the following technologies:
+ Multipoint GRE (mGRE)
+ Next-Hop Resolution Protocol (NHRP)
+ Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP…) (optional)
+ Dynamic IPsec encryption (optional)
+ Cisco Express Forwarding (CEF)

DMVPN combines multiple GRE (mGRE) Tunnels, IPSec encryption and NHRP (Next Hop Resolution Protocol) to perform its job and save the administrator the need to define multiple static crypto maps and dynamic discovery of tunnel endpoints.

Comments
  1. Anonymous
    May 1st, 2016

    Last dump please. {email not allowed}.

  2. Anonymous
    May 1st, 2016

    Last dump please. “estebanld” “@” “hotmail” “.” “com”

  3. tofe
    May 20th, 2016

    please can i got the last dump
    {email not allowed}
    thanks for your help

  4. tofe
    May 20th, 2016

    please can i got the last dump
    “mustafaaalfaroq” @”yahoo” . “com ”
    thanks for your help

  5. Nei
    May 28th, 2016

    Hello all,

    If you are looking for premium dumps, send an email @ premiumdumps@zoho(dot)com whit the exam code.

    Cheers

  6. Anonymous
    September 4th, 2016

    If someone has the latest pdf dumps please send it to me.
    info at anemosradio.com
    Thank you!!!

  7. Hit me
    October 4th, 2016

    I failed today with a 640. The ‘300-101: Implementing Cisco IP Routing’ exam is completely different then what is on this site. Not even close. There are maybe 10 questions that are the same… What happened???

  8. Digital Eagle
    October 9th, 2016

    Are there many questions on IPv6 now?

  9. tagwa ali
    October 10th, 2016

    for new dump 183q
    send to me in

    tagwatagelsir88 @ gmail . com
    i have it

  10. tagwa ali
    October 10th, 2016

    Hit me please i will ask u about exam please send me ur e-mail

  11. Digital Eagle
    October 11th, 2016

    Please email me
    skdf234 @ gmail

  12. pinimann
    October 13th, 2016

    please email me the new 183q
    pini2006-ccnp @ yahoo . de

  13. SwitchingPacketsRoutingFrames
    October 25th, 2016

    Don’t buy premium. Waste of money.

  14. Haana smith
    November 5th, 2016

    300-101 – I have download this one from https://www.braindumps4it.com/braindumps-300-101.html it has all the new questions , see below the new questions looks to me all are valid one that new are coming Perfect!!!!!!! This is the exact way of me understanding the problem. Thank you and god bless you.

  15. Muhammad Afzal
    November 7th, 2016

    haana smith,

    Please send me the latest dumps ? my exam is in this week. please help me.

    m_Afzal345 @ yahoo . com

  16. Io
    November 14th, 2016

    Everything you require to get ready and quickly pass the tough Cisco Certified Design Professional 300-101exam with 100% pass guarantee in first attempt. http://www.grades4sure.com/300-101-exam-questions.html

  17. Queen
    November 17th, 2016

    http://www.testmayor.com/300-101-test.html dumps is Valid. I took the test on Weds. 95% questions were from the Testmayor dumps. All questions and answers are valid, You’d better have to understand the technologies.

  18. Muhammad Afzal
    November 30th, 2016

    Hi, All,

    Passed yesterday, 149+40 Still valid, thanks to Tagwa.
    m _ afzal345 @ yahoo.com

  19. mourad
    December 2nd, 2016

    Q1: i The “authoritative” flag means that the NHS has learned about the NHRP mapping directly from a registration request (the NHS “serves” the particular NHC).
    i think the right respponse would be D

  20. Anonymous
    December 5th, 2016

    anyone have the ccda ?
    if so please email me teds2sscamaro at gmail dot com

  21. danny
    December 18th, 2016

    where r the questions?? i see Question 1 and then explanation. No options no questions same is with lab sims.. plz help !!!!

  22. JennYC
    January 9th, 2017

    Hi guys. I really need this exam badly, can anyone send the latest dumps including the simulations please. Thank you in advance :*
    {email not allowed}

  23. Anonymous
    January 15th, 2017

    Please send dumps to telgin1980 -at- gmail – dot – com

  24. Anonymous
    January 31st, 2017

    Please send dumps to mpl80766atgmaildotcom

  25. ExamOnFeb21st2017
    February 17th, 2017

    @Anonymous

    please tell me if the dumps in drive you shared are valid?

    i have exam on feb 21 2017
    really appreciate if you can confirm

    thanks a lot for sharing the dumps. thank you sincerely.
    you are like a life saviour

  26. Anonymous
    February 18th, 2017

    Everyone swears by the dumps, so I’d say they’re valid. That’s what I’m studying.

  27. Lost
    March 24th, 2017

    I just took test 24 March
    Half of the questions are not in the dumps
    Route test

  28. noname
    March 31st, 2017

    I took the exam 30 march my score 770 more than 15 questions are not in the dumps

  29. RocketRaccoon
    April 25th, 2017

    I was going through CCNP Route and Tshoot Book and i couldn’t find the configuration part. I just wanted to know if DMVPN, mGRE, IPSec is part of the exam? In exam syllabus it says, Describe only.

  30. Risa
    July 25th, 2017

    Dear Friend,

    Anybody have latest questions of 300-101, I failed the test yesterday(7-Jul-17) and my ccnp expiry within 10 days,
    Yesterday I scored only 700, all drag and drop questions are new also many new question , but lab is same

    Would someone help me…..pls
    my email id is “risaglobal at hotmail dot com”

  31. Anonymous
    August 25th, 2017

    Failed today with 760pts….although I cleared all my labs , loads of new questions ,don’t trust any dumps…study hard chaps….and loads of simlet ( IPV6 , ACL, NAT, NAT-PT ETC ETC )

    ACL very important ( IPV6 and IPV4 both)

    I was using my old 642-902 books :(, please get the new cert guide for CCNP route 300-101)

  32. Steffy
    August 28th, 2017

    Hello everyone, for latest valid dump with continuous update, please contact me at steffyshirls @ gmail .com

  33. Anonymous
    August 31st, 2017

    i failed today. i got 780. The questions are just not in the books i used cisco 300-101. i don’t understand cisco

  34. Lallas
    September 1st, 2017

    Juste fail today all new question but Sim is the same please can someone help with new question

  35. Anonymous
    September 6th, 2017

    @Lallas @Anonymous August 31st, 2017

    Which questions and answers did you use for the exam. From this website?

    I had the exam on 30/8/17 failed 700 points. I see many questions here on the website back, but it is certainly not complete.

  36. R101
    November 4th, 2017

    Which two commands must you configure on a DMVPN hub to enable phase 3? (Choose two)
    A. ip nhrp interest
    B. ip nhrp redirect
    D. ip network-id
    E. ip nhrp map
    F. ip redirects

    in it’me v1.3 dump, the answer is BC, but somewhere is DE, which is correct ?

  37. Billy
    November 9th, 2017

    Dose anyone have the full version for this dumps? https://drive.google.com/open?id=0B5mAFqgydmCzVWtzU09fYV9SZGc

  38. Lane
    November 9th, 2017

    Passed today, used the 440q dumps. you can find them on https://drive.google.com/open?id=0B5mAFqgydmCzd1duSE5uLVhkVFk

  39. Freddy
    November 9th, 2017
  40. durshen
    November 11th, 2017

    Hi guys, I have the valid dump with me and I’m wiling to share. Please contact me via durshen81 @ gmail .com

  41. Dwight
    November 14th, 2017

    Scored 9xx, used dumps from IT-Libraries. You can find them on the net for free or in the comments here.

  42. Leigh
    November 14th, 2017

    Dose anyone have the full version for this dumps? https://drive.google.com/open?id=0B5mAFqgydmCzVWtzU09fYV9SZGc

  43. Omer
    November 21st, 2017

    Passed, you can find part of the questions from the exam in this dumps https://drive.google.com/open?id=0B5mAFqgydmCzQUh0SUxOdE03VGc

  44. Lynwood
    November 28th, 2017

    Found this PDF with the TSHOOT questions, can anyone confirm if this are valid https://drive.google.com/open?id=0B5mAFqgydmCzVWtzU09fYV9SZGc

  45. Sean
    November 28th, 2017

    Passed, if you go the exam study the 440q dumps.

  46. conip
    December 2nd, 2017

    @R101

    Im strugling with this question and its a words play.

    Generaly
    on hub you don’t need “ip nhrp shortcut” – it is needed on spokes to enable phase 3
    hub also need np nhrp map ___dynamic____ and ip nhrp network-id but
    assuming its already in place for phase 2.

    What the hell the author had in mind ??? dunno

  1. No trackbacks yet.