Home > TCP UDP Questions 2

TCP UDP Questions 2

July 30th, 2017 in ROUTE 300-101 Go to comments

Question 1


Unlike TCP which uses the sequence numbers to rearrange the segments when they arrive out of order, UDP just passes the received datagrams to the next OSI layer (the Session Layer) in the order in which they arrived.

Question 2

Question 3


In Asymmetric routing, a packet traverses from a source to a destination in one path and takes a different path when it returns to the source. This is commonly seen in Layer-3 routed networks.

Issues to Consider with Asymmetric Routing

Asymmetric routing is not a problem by itself, but will cause problems when Network Address Translation (NAT) or firewalls are used in the routed path. For example, in firewalls, state information is built when the packets flow from a higher security domain to a lower security domain. The firewall will be an exit point from one security domain to the other. If the return path passes through another firewall, the packet will not be allowed to traverse the firewall from the lower to higher security domain because the firewall in the return path will not have any state information. The state information exists in the first firewall.

Reference: http://www.cisco.com/web/services/news/ts_newsletter/tech/chalktalk/archives/200903.html

Specifically for TCP-based connections, disabling stateful TCP checks can help mitigate asymmetric routing. When TCP state checks are disabled, the ASA can allow packets in a TCP connection even if the ASA didn’t see the entire TCP 3-way handshake. This feature is called TCP State Bypass.

Reference: https://supportforums.cisco.com/document/55536/asa-asymmetric-routing-troubleshooting-and-mitigation

Note: The active/active firewall topology uses two firewalls that are both actively providing firewall services.

Question 4


A device that sends UDP packets assumes that they reach the destination. There is no mechanism to alert senders that the packet has arrived -> Answer A is not correct.

UDP throughput is not impacted by latency because the sender does not have to wait for the ACK to be sent back -> Answer B is not correct.

UDP does not negotiate how the connection will work, UDP just transmits and hopes for the best -> D is not correct.

Therefore only answer C is left.

Question 5


The command “show tcp brief numeric” displays a concise description of TCP connection endpoints.

Question 6

Question 7


TCP starvation/UDP dominance likely occurs if TCP-based applications is assigned to the same service-provider class as UDP-based applications and the class experiences sustained congestion.

TFTP (run on UDP port 69) and SNMP (runs on UDP port 161/162) are two protocols which run on UDP so they can cause TCP starvation.

Note: SMTP runs on TCP port 25; HTTPS runs on TCP port 443; FTP runs on TCP port 20/21


  1. Mike
    October 25th, 2017

    Don’t agree with Q4. I think the correct is C

  2. Mike
    October 25th, 2017

    Sorry, I think the correct is B)

  3. Paco
    October 29th, 2017

    Question 4
    I agree with you, B is the correct one to me, C does not make any sense for UDP

  4. Corner
    November 20th, 2017

    Question 4. Correct answer is C.

  5. salman
    March 10th, 2018

    Question 5, i tried the BGP practical following was the observation:-
    1) Using command ” Show tcp brief” :- i can see the same output as seen in the command “Show tcp brief numeric” also both shows the state field as “ESTAB”

    2) Using command ” Show tcp brief All” :- i can see both state field i. e. “ESTAB” as well as “LISTEN”

    In question its stating both field “ESTAB & LISTEN” so answer will be ” Show Tcp Brief All ”

    Please some one clarify or correct me

  6. Marcus
    March 14th, 2018

    I agree the answer C is most better in Q4, but I have a misunderstanding with it. The term ‘latency’ have a meaning between TWO events. But from the point of view of receiver there is only ONE event – recieving the packets. The receiver just gets these packets immediately by each other. The receiver doesn’t aware about the sending time. So, why it should hold the data in the buffer? It should just pass the received datagrams to the next OSI layer, as explained above in Q1. Isn’t it?

  7. Marcus
    March 14th, 2018

    I agree with @salman about Q5. The most better answer is B (show tcp brief all).

    March 20th, 2018

    Hi All,

    Q5.. What show command is used here?

    TCB Local Address Foreign Address (state)
    6523A4FC ESTAB
    65239A84 ESTAB
    653FCBBC *.1723 *.* LISTEN

    A. show tcp brief
    B. show tcp brief all
    C. show tcp brief numeric
    D. show tcp brief ip

    I’ve used real equipment and many simulators and the commands
    sh tcp brief ip & sh tcp brief numeric don’t show up as an option.
    I’ve also checked the | section part also with nothing.

    @Digitaltut Can you please update this question if incorrect?

  9. Marcus
    April 4th, 2018

    It turns out, Q5 is a tricky question. The documentation says “Without this keyword [all], endpoints in the LISTEN state are NOT shown.” But we can see the LISTEN state in the output of “show tcp brief numeric” command (without “all”) below. May be because there is no endpoints. Anyway, this question was made to confuse us, but now I think C is correct. Thanks to Rukia24.

  10. CiscoKid
    May 19th, 2018

    Back to Question 4. If C is the and answer then the answer for Question 6 is both B and C since 4 C is a result of latency then in 6 If the answer is C then the answer is also B based on the answer in 4.
    So perhaps the answer in 4 really is B

  11. Anonymous
    May 19th, 2018

    It looks like the all is the only option that shows the listeners

    r1#sh tcp brief ?
    all All end-points (even listeners)
    numeric Numeric Display
    | Output modifiers

    r1#sh tcp brief numeric
    TCB Local Address Foreign Address (state)
    7F660477F5C8 ESTAB
    7F65EF949D40 ESTAB
    7F6606B590E0 ESTAB
    7F6606938F60 ESTAB
    r1#sh tcp brief ?
    all All end-points (even listeners)
    numeric Numeric Display
    | Output modifiers

    r1#sh tcp brief all
    TCB Local Address Foreign Address (state)
    7F660477F5C8 ESTAB
    7F65EF949D40 ESTAB
    7F6606B590E0 ESTAB
    7F6606938F60 ESTAB
    7F6605D7EB18* LISTEN
    7F6605D7E198* LISTEN
    7F6605D6FD00* LISTEN

  12. york hong
    May 28th, 2018

    I tried serval router in real sitsuations(c881/c2911)

    ” show tcp all bri “would be only one answer that show “Listen”~

    I also saw example in cisco web,”https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp/command/iap-cr-book/iap-s3.html#wp4294670608” , it shows the answer is C.
    But I think it is wrong printed in web browser.

    We should choose the right answer without getting right scores.

  13. dsadas6666845
    May 30th, 2018

    Latest update 100% valid CCNP Exam questions


  14. Q5 Wrong
    August 6th, 2018

    I think that Q5 should be B not C
    show tcp brief numeric will not show listening ports
    show tcp brief all will show listening ports.

    Therefor the answer must be B

    R1#sh tcp brief numeric
    TCB Local Address Foreign Address (state)
    0F22C2D8 ESTAB
    R1#sh tcp brief all
    TCB Local Address Foreign Address (state)
    0F22C2D8 ESTAB
    0F0488D0* LISTEN
    0F047A58* LISTEN
    0F040FE0* LISTEN

  1. No trackbacks yet.