need help CCNP exam preparation

Unanswered Question
Feb 15th, 2008
User Badges:

Hi !

I'm currently studdying for my CCNP certification exam and I need somes helps to understanding some concept.

#1 I would like to understand "key chain". In my book when I had read it I had understand key chain is a list of key with index number like a tableau in which the the index is use to tell which string I want to use.

" Alternatively, you can define an MD5 key string as a key on a key chain. This method is more

flexible, enabling you to define more than one key on the switch. Any of the keys then can be

associated with HSRP on any interface. If a key needs to be changed, you simply add a new key

to the key chain and retire (delete) an old key.

First define the key chain globally with the key chain command; then add one key at a time

with the key and key-string commands. The key-number index is arbitrary, but keys are tried in

sequential order. Finally, associate the key chain with HSRP on an interface by referencing its

chain-name. You can use the following commands to configure HSRP MD5 authentication:

Switch(config)# key chain chain-name

Switch(config-keychain)# key key-number

Switch(config-keychain-key)# key-string [0 | 7] string

Switch(config)# interface type mod/num

Switch(config-if)# standby group authentication md5 key-chain chain-name


But in the last command where is the index number, where he's tell he want to use second key in his list of keys….

#2 With GLBP when a AVF "A" as failed and other AVF "B" as took is MAC address for provide service to A's clients. When B respond back to A's client is it response always with AVF A's MAC address or B's MAC address ? I understand if it response with B's MAC address client arp table will update there arp cache with the new MAC address for there gateway and when A come back those client will no more use A they will continue to use B. If continue to use A's MAC address when trafic cameback to local network how client will be able to continue to work after expiration of the timeout timer ? they should restart there computer ? (client are'nt able to clear manually there arp cache on there computer no right's)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion