Cisco
352-001 · Question #191
352-001 Question #191: Real Exam Question with Answer & Explanation
The correct answer is B: IP packets with identical source and destination IP addresses. BFD echo mode sends packets with identical source and destination IP addresses; an IPS must forward these or BFD echo sessions will fail, because the IPS may treat them as LAND attack packets.
Question
A company plans to use BFD between its routers to detect a connectivity problem inside the switched network. An IPS is transparently installed between the switches. Which packets should the IPS forward for BFD to work under all circumstances?
Options
- AIP packets with broadcast IP source addresses
- BIP packets with identical source and destination IP addresses
- Cfragmented packets with the do-not-fragment bit set
- DIP packets with the multicast IP source address
- EIP packets with the multicast IP destination address
- FIP packets with the destination IP address 0.0.0.0
Explanation
BFD echo mode sends packets with identical source and destination IP addresses; an IPS must forward these or BFD echo sessions will fail, because the IPS may treat them as LAND attack packets.
Common mistakes.
- A. BFD control packets use unicast source addresses of the local router, never broadcast source addresses.
- C. BFD control packets are small fixed-size PDUs and are never fragmented; the DF bit scenario is irrelevant to BFD operation.
- D. BFD does not use multicast source addresses; all BFD packets use the unicast IP of the sending router as the source.
- E. BFD does not use multicast destination addresses in standard implementations; control packets are sent unicast to the peer's IP address.
- F. BFD does not send packets to destination 0.0.0.0; that address is associated with default route contexts, not BFD session packets.
Concept tested. BFD echo mode identical source and destination IP addressing
Reference. https://www.rfc-editor.org/rfc/rfc5880
Community Discussion
No community discussion yet for this question.