1. In HSRP configuration , preempt is configured for secondary router also. Is it required ?
In a 2 switch setup, preempt is never needed on the secondary switch for what we need to worry about. It would only come into play if we were doing tracking, which is too deep for the wireless lab in my opinion. 2. While configuring DHCP we split down the DHCP pool and configured in both switches. Is it required to split the DHCP pool or we can configure the complete pool in both switches. Since the HSRP is configured it will always take it from the active router ? It is not required to split the DHCP pool between the switches. But if you have the same range on both, you increase your chance of duplicate IPs. The switches do a check prior to handing out an IP, but it's not fool-proof. Any switch that receives the DHCP request should respond. So a broadcasted request would be received and responded to by both switches. A directed broadcast (maybe coming from a client through a WLC), would only be received by the switch that it was sent to. 3. In QOS section, dscp is configured in the trunk links as well. Is it a typing error? It doesn't explicitly say what to trust for any given port. It just says to trust layer2/3 markings where appropriate. On switch to switch links, you could trust either CoS or DSCP. I prefer DSCP myself if given the option. If you trust CoS, be careful about native VLANs. You will lose all QoS markings on a native VLAN when you trust CoS (since it doesn't have an 802.1q tag). 4. In QOS section the access list for marking is general. its for any any with ports. Is it fine or we need to be specific with the source and destination. It comes down to how the requirements are worded. It didn't actually say voice traffic from the voice subnet in the MO. Just generic voice traffic and no subnets or VLANs were mentioned. So in this instance, we can't really call out IP ranges in our ACLs. But one change that I would make is in the RTP ACL. It currently reads this. permit udp any any range 16384 32767 permit udp any range 16384 32767 any I would change it to this. permit udp any range 16384 32767 any range 16384 32767 You generally should try to be as specific as you can. If they mentions specific subnets/hosts, I would absolutely include those in my ACLs. 5. In Autonomous section why we have configured the other groups. We need only rad_group correct ? Those other groups get added automatically if you use the GUI to add in the RADIUS server. The only group needed for the solution was the rad_group one that you mentioned. Regards, Jeff Rensink : Sr Instructor : iPexpert <http://www.ipexpert.com/> CCIE # 24834 :: Wireless / R&S :: World-Class Cisco Certification Training Direct: +1.810.326.1444 :: Free Videos <http://www.youtube.com/ipexpertinc> :: Free Training / Product Offerings <http://www.facebook.com/ipexpert> :: CCIE Blog <http://blog.ipexpert.com/> :: Twitter <http://www.twitter.com/ipexpert> On Tue, Mar 4, 2014 at 11:31 AM, Sreejith Kuruppu <[email protected]>wrote: > Hi Team; > > I have some doubts while going through Lab1. Could you > please help in clearing those. > > 1. In HSRP configuration , preempt is configured for secondary router > also. Is it required ? > > 2. While configuring DHCP we split down the DHCP pool and configured in > both switches. Is it required to split the DHCP pool or we can configure > the complete pool in both switches. Since the HSRP is configured it will > always take it from the active router ? > > > 3. In QOS section, dscp is configured in the trunk links as well. Is it a > typing error? > > 4. In QOS section the access list for marking is general. its for any any > with ports. Is it fine or we need to be specific with the source and > destination. > > 5. In Autonomous section why we have configured the other groups. We need > only rad_group correct ? > > > Thanks & Regards > Sreejith R > > _______________________________________________ > Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > iPexpert on YouTube: www.youtube.com/ipexpertinc >
_______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc
