ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-401 All Questions

View all questions & answers for the 350-401 exam
Go to Exam

Exam 350-401 topic 1 question 1032 discussion

Actual exam question from Cisco's 350-401
Question #: 1032
Topic #: 1
[All 350-401 Questions]

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary pre-configurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked, the lab closes and cannot be reopened.


Topology
-




Tasks
-

EIGRP is preconfigured on all routers. Configure R10 and R20 to complete these tasks.

Task 1:

Modify the existing ACL on R10 so that EIGRP routes are received from R20 and R30.

• The modification should only allow EIGRP routes to pass.
• Do not remove any configuration from R10 to achieve this task.

Task 2:

Configure CoPP on R20 to achieve these results:

• Permit ICMP traffic from 192.168.24.0/24.
• Limit traffic to 8,000 bps.
• Discard additional packets.

Show Suggested Answer Hide Answer
Suggested Answer:
by Rfvaz at Sept. 26, 2024, 2:14 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Rfvaz
Highly Voted 3 months, 2 weeks ago
What I think about task 2: # Step 1 ip access-list extended ICMP-ACL permit icmp 192.168.24.0 0.0.0.255 any # Step 2 class-map CoPP match access-group name ICMP-ACL exit # Step 3 (policy-map depends on class-map) policy-map CoPP-Policy class CoPP police 8000 conform-action transmit exceed-action drop violate-action drop exit #Step 4 control-plane service-policy input CoPP-Policy
upvoted 5 times
TacoGrande
1 month, 2 weeks ago
I'm unable to use the police command in the policy-map using Packet Tracer (4321 router). What device is required to use the police feature? What device types matche the devices used in labs?
upvoted 1 times
TacoGrande
1 month, 2 weeks ago
I tried GNS3 and the police command is supported on the 3600 router with IOS 12.4.
upvoted 1 times
...
...
...
Taskmaster79
Most Recent 1 month, 3 weeks ago
Task 1 EIGRP uses IP protocol number 88 in the IP header, and it uses multicast packets where possible and unicast packets when necessary. Communication between routers is done with multicast, using the group address 224.0.0.10 when possible. ip access-list extended 150 31 permit eigrp host 192.168.123.30 host 224.0.0.10 32 permit eigrp host 192.168.123.20 host 224.0.0.10
upvoted 1 times
...
cjoyce1980
2 months, 3 weeks ago
What I've found that working in GN3 TASK1 ! (They must before the "deny ip any any", it doesn't matter where really.) ! R10 ip access-list extended 150 5 permit eigrp host 192.168.123.20 any 6 permit eigrp host 192.168.123.30 any ! TASK2 ! ! ACL > CLASS MAP > POLICY MAP > APPLY TO CONTROL PLANE ! R20 ip access-list extended acl.icmp permit icmp 192.168.24.0 0.0.0.255 any ! ! (any does the same here, as "all" is logical AND and "any" is Logical OR). class-map match-all CoPP match access-group name acl.icmp ! policy-map CoPP class CoPP police 8000 conform-action transmit exceed-action drop violate-action drop ! control-plane service-policy input CoPP !
upvoted 3 times
...
Calinserban
3 months ago
I suppose there is use an ACL used under EIGRP process as distribute-list, not an ACL used under interface. router eigrp [AS-number] distribute-list [ACL-number or name] [in | out] [interface-name]
upvoted 1 times
...
wemustpass
3 months, 2 weeks ago
Shouldn't we place the acl permitting eigrp in the sequence before the "deny ip any any"? It looks like from this output that eigrp never stops disconnecting. I don't think it was done right.
upvoted 3 times
acook0411
3 months, 1 week ago
yes you are right, eigrp uses ip protocol 88 so the deny ip any any will block eigrp traffic. Therefore the permit eigrp host lines should be above line 40 e.g.: ip access-list extended 150 5 permit eigrp host 192.168.123.20 any 6 permit eigrp host 192.168.120.30 any
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago