Test ast 2

An ACI network environment with UCS components, showing networking equipment, servers, and configuration screens, vibrant design, modern technology theme

ACI and UCS Troubleshooting Quiz

Test your knowledge on ACI fabric, UCS integration, and various networking concepts with our comprehensive quiz. Designed for professionals in the field, this quiz covers real-world scenarios and technical challenges.

Challenge yourself with questions on:

  • Failure testing in ACI fabric
  • UCS server integration
  • NTP configurations
  • vPC and vPC+ troubleshooting
51 Questions13 MinutesCreated by TroubleshootingMaster247
1) Customer is failure-testing ACI fabric before going into production. During the failure testing some interesting and unexpected behaviour was seen. The issue is escalated to you now.
€ None expected behaviour on current version of customer software ISSU and hot standby came out later in version
€ Expected behaviour on current version of customer software ISSU and hot standby came out in earlier version
€ Expected behaviour on current version of customer software ISSU and hot standby came out in later version
€ Expected behaviour on old version of customer software ISSU and hot standby came out in later version
2) Why did both the spine supervisors show the (config)# prompt?
€ APIC spines have active/active supervisor and will store configuration regardless of APIC cluster status
€ APIC clusters determines which supervisor becomes active by round robin
€ ACI spines download configuration from previously active supervisor through EOBC
€ Since new active supervisor could not download configuration from degraded APIC Cluster
3) What is the proper sequent to power up ACI fabric?
€ Power up Spine >> Apic >> Leaf
€ Power up Leaf >> Spine >> APIC
€ Power up APIC >> Spine >> Leaf
€ Power up APIC >> Leaf >>Spine
4) Why did NTP being misconfigured on NTP cluster cause the APIC Cluster not to form? What command must be used to verify?
€ With NTP wrong, the APIC Certificates are not valid and services fail to start.
€ With NTP wrong, the APIC Certificates are valid and services start.
€ ‘acidiag verifyapic’ can be used to verify APIC Certificate date.
€ ‘acidiag verifyapic’ cannot be used to verify APIC Certificate date.
5) What happens when Spine failover
€ Leaf standby supervisor is warm standby and will need to download configuration from APIC after active goes down
€ Spine standby supervisor is warm standby and will need to download configuration from APIC after active goes down
€ Spine standby supervisor is warm standby and don’t need to download configuration from APIC after active goes down
€ Leaf standby supervisor is warm standby and will need to download configuration from APIC after active goes down
You are working in the ACME Corporation support team, and one of your responsibilities is to provide second-level support to the ACME helpdesk. The ACME helpdesk just opened a case with your team and needs help with UCS C series rack server integration with UCSM. Use the resources provided below and make a choice for each question.
 
 
1) What is the type of C series integration customer is implementing?
€ Single Connect (1 wire from UCS-C to FEX)
€ Single wire to FEX and dual wire management to FI
€ Dual wire management
€ Direct connect
2) What is the next action plan you will propose so the server completes discovery? Or which option to choose to resolve the connection issue?
€ Reset server CIMC and reconnect to UCSM
€ Unconfigure port and reconfigure as server port
€ Unseat the server CIMC and reconnect to UCSM
€ Reconfigure port then unconfigure as server port
3) Which log file on UCS would you refer to check when CIMC is assigned an IP address?
€ /isan/etc/ipaddr
€ /CIMC/dhcp.leases
€ /san/etc/cimc/ipaddr
€ /isan/etc/dhcp.leases
4) Which SAM process log would you look into to find if DHCP request is received from the CIMC/BMC of the reck server?
€ svc_sam_bladeAG.log
€ svc_sam_nicAG.log
€ svc_sam_rsdAG.log
€ svc_sam_portAG.log
2) What is the next action plan you will propose so the server completes discovery? Or which option to choose to resolve the connection issue?
Reset the vic card or re-seat the card on the ucs c 240M4
Reset the vic card or re-seat the card on the ucs c 240M4
€ Unseat the server CIMC and reconnect to UCSM
€ Reconfigure port then unconfigure as server port
5) The customer can’t find the UCSM when he attached 3rd party fc card to the UCS-C server.
€ 3rd party FC cards are not supported with UCS-C series integrated with UCSM.
€ Connect the FC card directly to SAN outside the UCS
€ Connect the FC card to FEX for SAN connectivity
€ Connect the FC card to fabric interconnect for SAN connectivity
€ Use the cisco vic and create vHBA for SAN connectivity through FI.
1) Based on provided information what could be the possible reason for connection failure?
€ HTTP proxy required to reach Internet but is not configured
€ DNS is not configured
€ NTP is not configured
€ NO valid CA-Signed certificate
2) Based on given information, UCSM firmware version is NOT supported for Device Connection Intersight.
€ True
€ False
3) If you use an HTTP proxy to route traffic out of your premises and if you have made changes to HTTP proxy servers configuration, Intersight will automatically detect HTTP proxy server?
€ True
€ False
4) What are the 4 necessary things (and steps) when starting implementing Intersight?
€ Resolve svc.ucs-connect.cisco.com >>> (look for these key word in your answer) aka the Browser
€ Cisco Account (Cisco ID)
€ Use required license
€ Single account for all platform
€ Have connectivity with devices
€ Not necessary license
€ server with correct instalation
€ use browser supported
Based on given information, UCSM firmware version is supported for Device Connection Intersight.
€ True
€ False
1) ‘show nve peer data-plane’ command. Which would be shown on VTEP’s?
€ Output will be empty
€ Output will be full
€ Nothing will be shown
€ Output will have BGP configs
2) Question
€ Admin PC in vlan 401 won’t be able to reach any networks connected to remote VTEP.
€ Admin PC in vlan 301 won’t be able to reach any networks connected to remote VTEP.
€ Admin PC in vlan 601 won’t be able to reach any networks connected to remote VTEP.
€ Admin PC in vlan 501 won’t be able to reach any networks connected to remote VTEP.
3) Which command to see all learned hosts addresess information on VTEP (MAC, IP, Next-hop VTEP)
€ Show l2route evpn all
€ show mac l2route evpn all
€ show evpn l2route all
€ show l2route evpn mac-ip all
€ show l2route evpn mac all
4) Which command on VTEPs would be the best to help TAC engineer confirm his findings from the collected captures?
€ Debug nve error
€ show nve vxlan-params
€ show vxlan interface
€ show nve vni interface nve1 detail
5) Which VTEP device should be fixed to add new users in the future (one is not working)
€ N9K4
€ N7K2
€ N7K4
€ N9K3
1. When Looking at the “Show npv flogi-table’ output on both fabric interconnects we see that the tables are empty. This behaviour is consistent while the service profile is booting and we seem to be unable to perform a flogi. What is the cause of this?
€ The NPV feature is not enabled on the bdsol-n5548-51 and bdsol-n5548-52 switch.
€ VSAN 1 is configured with an incorrect fcoe-vlan
€ We need to enable FC Uplink Trunking
€ When using FCoE no flogies are used, this is only seen when doing FC.
2. After Correcting the Previous Question, the Customer is seeing flogies on bdsol-n5548-02. What is the cause of this?
€ We are using interface 1/4 on FI-B where we should be using interface 1/3.
€ Int vrf 112 on bdsol-n5548-02 should be configured with vsan 980
€ Bdsol-n5548-02 eth 1/12 is not configured with vlan 980
€ Interface 1/4 should be using FCoE VLAN 80
3. After correctly the previous question, we can see the correct flogies happening but now we are unable to discover the targets. What is causing this?
€ The SAN administer forgot to activate the zoneset, the provide output is not from “show zoneset activate” but from “show zoneset”
€ There is mistake in the boot policy, we should be using wwn 56:69:CE:90:4F:A6:B7:02 and 56:C9:CE:90:4F:A6:B7:04
€ There is a mistake in the device-alias database on bdsol-n5548-02, we should be using 56:69:CE:90:4F:A6:B7:01 and 56:C9:CE:90:4F:A6:B7:03
€ The storage device is not logged into the fabric and hence it cannot be discovered by the blades
4. After having booted the first two blades with service profiles, the customer now would like to install 6 more blades in the UCS chassis. Although he can see these blades booting by checking the flogi tables on the switches, he cannot connect to the KVMs. How can he correct the KVM connection issue?
€ The customer should shut down the first 2 blades which will allow the UCSM to re-use these IPs on the new blades.
€ The customer should move the IP addresss used for the DVMs by modifying the ext-mgmt ip pool.
€ The customer needs to enable in band management by creating an inband IP Pool, VLAN, VLAN group, inband profiles and then enable this on the CIMC of the blade.
€ The KVM IP space is only a /29 and hence has no space left. He should add 1 more /29 or bigger network to the UCS management interface.
5. The customer has added 2 different uplinks to the UCSM system (1 going to the legacy network and 1 going to the production network) and is using VLAN-groups to properly manage which VLAN is configured where (L2 disjoint). The morning however he received the error “ENM source pinning Failed” on all his service-profiles and he has lost all connectivity towards his production system. What is causing the “ENM source Pinning Failed” fault.
€ An administrator has deleted a VLAN on an uplink interface in the VLAN group hence causing the linked vnic-templates which was using this VLAN to go into “ENM source pinning failed”.
€ The switches managing the legacy network have been brought down and due to the “Action on uplink fail: linkdown” configured on the service-profile through the network control policy; the vnics go into “ENM source pinning failed”.
€ Not all the VLANs which are a member of the VLAN group legacy have been added on the Legacy vNIC on the Service profiles.
€ FI-6234-A failed hence causing the vNICs to loose the uplink connectivity which trigger the “ENM source pinning failed”.
You are working in the ACME corporate support team and one of your responsibilities is to provide second-level support to the ACME helpdesk. The ACME helpdesk just opened a case with your team and needs help with vPC and vPC+. Use the resources provided below and make a choice for each question that follows:
 
1. What did the TAC engineer spot on the ethanalyzer capture?
€ The ping request destination MAC address is not standard
€ The ping reply source MAC address is not standard
€ The data is wrong and the switch drop the packet cdab0000cdab000cdat000cdab000cdab000
€ The pcket has the wrong protocol in the frame eth ip icmp data
€ The ping request source MAC address is not standard
€ The packet destination MAC address is not standard
2. What is the source of the problem is how can the problem be fixed?
€ Configure the system mac to be different one
€ Routing issue configure a static ip route on the Nexus7k1 and Nexus7k2
€ Configure the feature peer gateway on both nexus 7000
€ Configure the feature peer switch on both nexus 7000
€ Replace the cable on the non working Nexus 7000
3. By looking at the configuration of the two nexus 7000 there is a security concern?
€ vPC Auto recovery sstatus needs to be disabled
€ Nexus7k1 has a Control Plane Policing simple profile
€ Control Plane Policing is not configured on Nexus7k2
€ vPC keepalive is wrongly configured and currently not working
4. Why the connection between the Nexus 7000 and the storage device were broken after enabling vPC+
€ The vPC+ switch id cannot be the same as the vPC domain id
€ There is a unidirectional link that caused the spanning tree interface to go into blocking
€ The Nexus7k1 and the Nexus7k2 are not the STP root for VLAN 10
€ The connection will go into forwarding soon because the spanning-tree output we see this bridge is the root
€ There is a protocol mismatch rSTP cannot be used with vPC+
5. After Fixing the issue what will happen with the link from the Spanning Tree point of view and how loops between the STP domain and the FP domain will be prevented
€ One link will be forwarding and one blocking this will prevent loops. The device with the lower MAC will put the link into forwarding
€ Both links will be forwarding but only Nexus7k1 will forwarding Broadcast Multicast Unknown Unicast
€ One link will be forwarding and one blocking this will prevent loops. The device with the Higher MAC will put the link into forwarding.
€ Both links will be forwarding fabricpath will take care of loops.
€ Both links will be forwarding but only Nexus7k2 will forward broadcast/multicast/unknown unicast
You are working in ACME corporate support team, and one of your representatives’ second level supports to the ACME helpdesk. The helpdesk just opened the case with your team and needs help to boot host from iSCI. Use the resources provided below and make a choice for each question that following.
 

1. Where is the configuration problem most likely to be.

A. Other UCS configuration not in the service profile.
B. Server adapter does not support iSCI.
C. Service profile configuration
D. Additional licenses required to use iSCI or UCS.
E. Upstream network configuration.
2.Assigning MAC address to iSCI vNIC. What needs to be done to receive the configuration error?
A. There are no mac-address remaining in the pool.
B. The iSCI vNIC should not have a mac address assigned to it.
C. The overlay MAC address is using the wrong mac pool.
D. The mac address is already in use for another server.
3. What is causing the native vlan fault in the output. What was the cause of this configuration error?
A. The overlay vNIC does not have the same native vlans as the vNIC
B. The iSCI vNIC placement is wrong
C. There are multiple native vlans defined
D. There is an iSCI vNIC for each side of the fabric
4. What is the port iscsi uses to connect
A. UDP 2300
B. TCP 3260
C. TCP 2360
D. UDP 3260
5. What is cause for the failing to boot after installation. Why isn't the iscsi boot working
A. Wrong destination TCP port
B. Boot orders is not properly configured
C. LUN id is wrong
D. Authentication is not configured
You are working in ACME corporate support team, and one of your representatives is to provide second level support to the Acme Helpdesk. The ACME helpdesk just opened the case with your team and needs help with a Nexus 1000v. Use the resources provided below and make a choice for each question that follows.
 

1. Which device will provide the most information about why the VEMs cannot communicate with the VSM.

A. VSM
B. N5K-A
C. VEM
D. N5K-B
Which two profiles would most likely to have wrong configuration causing the problems (choose two answers).
A. ## Port Profiles
B. L2 Management Port Profile
D. – Ethernet Uplink
C. – Control L3 Port Profile
E. L2 ## port Profile
3. What is missing from the L3 control profile?
A. ## port-group
B. No shut command
C. Capacity L3 control
D. The VLAN is not added
E. Capacity L3 control not present
4. What is wrong with the ethernet uplink profile?
A. The L2 control, packet, management VLANs are not system VLANs.
B. Capability L3 controls is not enabled.
C. The L3 control VLAN is not system VLAN.
D. The L3 control VLAN isn't allowed on the uplink.
5. What are the best options to troubleshoot the 1000v. Which commands will help the most in finding the cause of problem?
A. ~vemcmd show port vlan
Vemcmd
C. Show vem cmd module
D. Show port profiles
You are working in the Layer 2/Layer 3 TAC support team for Cisco Nexus Support. The ACME helpdesk just opened a case with your team and needs help with OTV Connectivity problem between 2 sites. Use the resources provided below and make a choice for each question that follows:
 

1. What is possible solution for this problem?

€ Configure otv flood mac 0022:90d4:717f vlan 700
€ Configure the mac aging timer to the higher than the arp timer
€ Configure otv selective flood mac 0022:90d4.717f vlan 600
€ Configure otv selective flood mac 0022:90d4.717f vlan 700
€ Configure otv flood mac 0022:90d4.717f vlan 600
The customer is trying to configure two SVIs on the OTV device. One for vlan 650 and one for vlan 700, the svi for vlan 650 is fine, but the vlan 700 but he gets the following error.
OTV-West(config)# interface vlan 700

Error: invalid range Vlan 700

What is the reason for this error
€ The feature interface-vlan is not configured
€ The OTV implementation on the Nexus 7000 enforces the separation between SVI routing and OTV encapsulation for a given VLAN.
€ The vlan is not created yet
€ The range is invalid
€ The SVI is not allowed because customer must specify a range.
3. What needs to be changed to bring up OTV at the South Site?
€ Add the multicast control group
€ Change site-identifer
€ Configured use-adjacency-server
€ Add the multicast data group
€ Change site-vlan
4. The new South site has a different VLAN numbering scheme. What command can be used to fix this issue?
€ OTV-South(config if-overlay)# otv vlan mapping [add | remove ] (vlan-range)
€ OTV-South(config)# otv vlan mapping [add | remove ] (vlan-range)
€ OTV-South(config-overlay)# otv vlan mapping [add | remove ] (vlan-range)
€ OTV-South(Config)# otv vlan translation [add | remove ] (vlan-range)
€ OTV-South(Config if-overlay)# otv vlan transition [add | remove ] (vlan-range)
HSRP can be configured at the West, East and South Site, but this can lead to suboptimal routing. FHRP isolation can be used in this case. The steps involved filtering the FHRP helloes filter and OTV mac advertisement and suppress possible the Gratuitous ARP (GARP). What is wrong with the configuration (output 4 FHRP).
€ Configure feature arp
€ Configure a different mac-list
€ Configure feature dhcp
€ The vlan filter is not correct
€ Configure feature arp-inspection.
You are working in the ACME corporate support team, the one of your responsibilities is to provide second-level support to the ACME helpdesk. The helpdesk just opened a case with your team and needs help with ACI performance issue. Uses the resources provided below and make a choice for each question that follows.
 
Question 1: Given the provided data what is the most likely cause performance issue for the directly attached server.
€ There is a mismatch between the load balancing use between the leaves and the ESXi host
€ No CDP policy has been configured on the DVS causing the ESXi ACI discovery to not properly function hence causing traffic drops
€ CDP has to be enabled on the ACI side as we are connecting to an ESXi server
€ The customer has duplicate IPs in the network causing a continuous flap of the related linked MAC addresses
Question 2: In the provided topology you can see the customer is also using a USB with 2 fabric interconnects. The customer is unable to perform dynamic learning on the ESXi server installed on the UCS B Blades. When the configures static paths the connectivity works perfect. Given the provided data what is the most likely cause causing dynamic learning is failing.
€ The QOS policy linked to the service profile does not have LLDP configured
€ With UCS B connectivity you have a use AVS to enable dynamic learning
€ For UCS B we only support CDP as a discovery protocol
€ FI A and FI B have an incorrect configured network control policy
Question 3: After getting connectivity working the customer implemented multiple EPGs with contracts in place. Between EPG A consumer and EPG B provider the customer has a contract, contract A in place with Subject with the option Apply both direction checded. The filter used is source 4915265535 and Dest 22 after configuring this the customer is unable to connect from a VM running window 2008R2 in EPG A to a VM running RHEL 7 in EPG B, why is the traffic now allowed.
€ You always need to create an extra consumer provider relationship for the return traffic
€ The source port needs to be defined as any
€ The filter needs to be configured with option stateful in order for SSH filter to work
€ Reverse filter ports should be checked when creating such a subject
Question 4: The customer is using an NFS based filter from NetApp and has configured as per the design advice in a FlexPOD all MTUs to be set to MTU 9000 to have the best performance. After migrating the vmk from DVS to AV. He sees however that the datastore disconnects when he powers on a VM. What is the cause of this disconnect.
€ There is most likely an issue with the Netapp filterand a support case needs to be urgently opened
€ NFS datastore traffic cannot run on vmk interface that is connected to an AVS DVS
€ The AVS tunnel generates and overhead and hence the maximum MTU that needs to be configured on the vmk interface is 8950
€ ACI does not support MTU 9000 and you need to decrease the MTU to 1500
Question 5: The customer has switched to fully inband management with his VC running a VM in the infrastructure and all ESXi server connected to EPGs with dynamic learning enabled. However he is unable to ping the VC and the ESXi servers and has lost all connectivity towards his VMs. What would be a potential fix to resolve this issue.
€ When using inband all EPGs used for the VMM integration need to be linked as a static path to all the servers
€ The ESXi servers management vmk0 needs to be connected to a port group that is linked to an EPG with a static path on the servers uplink port
€ The VC needs to run on a separate ESXi servers on a dedicated bare metal system with a static path configured
€ The ESXi server management vmk0 and the VC VM need to be connected to a port group that is linked to an EPG with a static path on the Servers uplink port
{"name":"Test ast 2", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your knowledge on ACI fabric, UCS integration, and various networking concepts with our comprehensive quiz. Designed for professionals in the field, this quiz covers real-world scenarios and technical challenges.Challenge yourself with questions on:Failure testing in ACI fabricUCS server integrationNTP configurationsvPC and vPC+ troubleshooting","img":"https:/images/course6.png"}
Powered by: Quiz Maker