Juniper jn0-683 practice test
Data Center, Professional (JNCIP-DC)
Question 1
Exhibit.
A VXLAN tunnel has been created between leaf1 and Ieaf2 in your data center. Referring to the
exhibit, which statement is correct?
- A. Traffic sent from server1 to server2 will be dropped on Ieaf2.
- B. Traffic sent from server1 to server2 will be tagged with VLAN ID 100 on Ieaf2 and forwarded to server2.
- C. Traffic sent from server1 to server2 will be tagged with VLAN ID 200 on Ieaf2 and forwarded to server2.
- D. Traffic sent from server1 to server2 will be dropped on leaf1.
Answer:
C
Explanation:
Understanding VXLAN Tunneling:
VXLAN (Virtual Extensible LAN) is a network virtualization technology that addresses the scalability
issues associated with traditional VLANs. VXLAN encapsulates Ethernet frames in UDP, allowing Layer
2 connectivity to extend across Layer 3 networks.
Each VXLAN network is identified by a unique VXLAN Network Identifier (VNI). In this exhibit, we
have two VNIs, 5100 and 5200, assigned to the VXLAN tunnels between leaf1 and leaf2.
Network Setup Details:
Leaf1: Connected to Server1 with VLAN ID 100 and associated with VNI 5100.
Leaf2: Connected to Server2 with VLAN ID 200 and associated with VNI 5200.
Spine: Acts as the interconnect between leaf switches.
Traffic Flow Analysis:
When traffic is sent from Server1 to Server2, it is initially tagged with VLAN ID 100 on leaf1.
The traffic is encapsulated into a VXLAN packet with VNI 5100 on leaf1.
The packet is then sent across the network (via the spine) to leaf2.
On leaf2, the VXLAN header is removed, and the original Ethernet frame is decapsulated.
Leaf2 will then associate this traffic with VLAN ID 200 before forwarding it to Server2.
Correct Interpretation of the Exhibit:
The traffic originating from Server1, which is tagged with VLAN ID 100, will be encapsulated into
VXLAN and transmitted to leaf2.
Upon arrival at leaf2, it will be decapsulated, and since it is associated with VNI 5200 on leaf2, the
traffic will be retagged with VLAN ID 200.
Therefore, the traffic will reach Server2 tagged with VLAN ID 200, which matches the network
configuration shown in the exhibit.
Data Center Reference:
This configuration is typical in data centers using VXLAN for network virtualization. It allows isolated
Layer 2 segments (VLANs) to be stretched across Layer 3 boundaries while maintaining distinct VLAN
IDs at each site.
This approach is efficient for scaling large data center networks while avoiding VLAN ID exhaustion
and enabling easier segmentation.
In summary, the correct behavior, as per the exhibit and the detailed explanation, is that traffic sent
from Server1 will be tagged with VLAN ID 200 when it reaches Server2 via leaf2. This ensures proper
traffic segmentation and handling across the VXLAN-enabled data center network.
Question 2
Exhibit.
You have implemented an EVPN-VXLAN data center. Device served must be able to communicate
with device server2.
Referring to the exhibit, which two statements are correct? (Choose two.)
- A. An IRB interface must be configured on spinel and spine2.
- B. Traffic from server1 to server2 will transit a VXLAN tunnel to spinel or spine2. then a VXLAN tunnel from spinel or spine2 to Ieaf2.
- C. An IRB Interface must be configured on leaf1 and Ieaf2.
- D. Traffic from server! to server2 will transit the VXLAN tunnel between leaf1 and Ieaf2.
Answer:
CD
Explanation:
Understanding the Exhibit Setup:
The network diagram shows an EVPN-VXLAN setup, a common design for modern data centers
enabling Layer 2 and Layer 3 services over an IP fabric.
Leaf1 and Leaf2 are the leaf switches connected to Server1 and Server2, respectively, with each
server in a different subnet (172.16.1.0/24 and 172.16.2.0/24).
Spine1 and Spine2 are part of the IP fabric, interconnecting the leaf switches.
EVPN-VXLAN Basics:
EVPN (Ethernet VPN) provides Layer 2 and Layer 3 VPN services using MP-BGP.
VXLAN (Virtual Extensible LAN) encapsulates Layer 2 frames into Layer 3 packets for transmission
across an IP network.
VTEP (VXLAN Tunnel Endpoint) interfaces on leaf devices handle VXLAN encapsulation and
decapsulation.
Integrated Routing and Bridging (IRB):
IRB interfaces are required on leaf1 and leaf2 (where the endpoints are directly connected) to route
between different subnets (in this case, between 172.16.1.0/24 and 172.16.2.0/24).
The IRB interfaces provide the necessary L3 gateway functions for inter-subnet communication.
Traffic Flow Analysis:
Traffic from Server1 (172.16.1.1) destined for Server2 (172.16.2.1) must traverse from leaf1 to leaf2.
The traffic will be VXLAN encapsulated on leaf1, sent over the IP fabric, and decapsulated on leaf2.
Since the communication is between different subnets, the IRB interfaces on leaf1 and leaf2 are
crucial for routing the traffic correctly.
Correct Statements:
C . An IRB Interface must be configured on leaf1 and leaf2: This is necessary to perform the inter-
subnet routing for traffic between Server1 and Server2.
D . Traffic from server1 to server2 will transit the VXLAN tunnel between leaf1 and leaf2: This
describes the correct VXLAN operation where the traffic is encapsulated by leaf1 and decapsulated
by leaf2.
Data Center Reference:
In EVPN-VXLAN architectures, the leaf switches often handle both Layer 2 switching and Layer 3
routing via IRB interfaces. This allows for efficient routing within the data center fabric without the
need to involve the spine switches for every routing decision.
The described traffic flow aligns with standard EVPN-VXLAN designs, where direct VXLAN tunnels
between leaf switches enable seamless and scalable communication across a data center network.
Question 3
Which statement is correct about a collapsed fabric EVPN-VXLAN architecture?
- A. Fully meshed back-to-back links are needed between the spine devices.
- B. It supports multiple vendors in the fabric as long as all the spine devices are Juniper devices deployed with L2 VTEPs
- C. Using Virtual Chassis at the leaf layer increases resiliency.
- D. Border gateway functions occur on border leaf devices.
Answer:
D
Explanation:
Collapsed Fabric Architecture:
A collapsed fabric refers to a simplified architecture where the spine and leaf roles are combined,
often reducing the number of devices and links required.
In this architecture, the spine typically handles core switching, while leaf switches handle both access
and distribution roles.
Understanding Border Gateway Functionality:
Border gateway functions include connecting the data center to external networks or other data
centers.
In a collapsed fabric, these functions are usually handled at the leaf level, particularly on border leaf
devices that manage the ingress and egress of traffic to and from the data center fabric.
Correct Statement:
D . Border gateway functions occur on border leaf devices: This is accurate in collapsed fabric
architectures, where the border leaf devices take on the role of managing external connections and
handling routes to other data centers or the internet.
Data Center Reference:
The collapsed fabric model is advantageous in smaller deployments or scenarios where simplicity
and cost-effectiveness are prioritized. It reduces complexity by consolidating functions into fewer
devices, and the border leaf handles the critical task of interfacing with external networks.
In conclusion, border gateway functions are effectively managed at the leaf layer in collapsed fabric
architectures, ensuring that the data center can communicate with external networks seamlessly.
Question 4
You are deploying an EVPN-VXLAN overlay. You must ensure that Layer 3 routing happens on the
spine devices. In this scenario, which deployment architecture should you use?
- A. ERB
- B. CRB
- C. bridged overlay
- D. distributed symmetric routing
Answer:
B
Explanation:
Understanding EVPN-VXLAN Architectures:
EVPN-VXLAN overlays allow for scalable Layer 2 and Layer 3 services in modern data centers.
CRB (Centralized Routing and Bridging): In this architecture, the Layer 3 routing is centralized on
spine devices, while the leaf devices focus on Layer 2 switching and VXLAN tunneling. This setup is
optimal when the goal is to centralize routing for ease of management and to avoid complex routing
at the leaf level.
ERB (Edge Routing and Bridging): This architecture places routing functions on the leaf devices,
making it a distributed model where each leaf handles routing for its connected hosts.
Architecture Choice for Spine Routing:
Given the requirement to ensure Layer 3 routing happens on the spine devices, the CRB (Centralized
Routing and Bridging) architecture is the correct choice. This configuration offloads routing tasks to
the spine, centralizing control and potentially simplifying the overall design.
Explanation:
With CRB, the spine devices perform all routing between VXLAN segments. Leaf switches handle
local switching and VXLAN encapsulation, but routing decisions are centralized at the spine level.
This model is particularly advantageous in scenarios where centralized management and routing
control are desired, reducing the complexity and configuration burden on the leaf switches.
Data Center Reference:
The CRB architecture is commonly used in data centers where centralized control and simplified
management are key design considerations. It allows the spines to act as the primary routing
engines, ensuring that routing is handled in a consistent and scalable manner across the fabric.
Question 5
You want to ensure that VXLAN traffic from the xe-0/0/12 interlace is being encapsulated by logical
vlep.32770 and sent to a remote leaf device in this scenario, which command would you use to verify
that traffic is flowing?
- A. monitor traffic interface xe-0/0/12
- B. show interface terse vtep.32770
- C. show interfaces terse vtep.32770 statistics
- D. show interfaces vtep.32770 detail
Answer:
C
Explanation:
VXLAN Traffic Verification:
To ensure VXLAN traffic from the xe-0/0/12 interface is correctly encapsulated by the logical
vtep.32770 and sent to a remote leaf device, it is essential to monitor the relevant interface
statistics.
The command show interfaces terse vtep.32770 statistics provides a concise overview of the traffic
statistics for the specific VTEP interface, which can help verify whether traffic is being correctly
encapsulated and transmitted.
Explanation:
This command is particularly useful for quickly checking the traffic counters and identifying any
potential issues with VXLAN encapsulation or transmission.
It allows you to confirm that traffic is flowing as expected, by checking the transmitted and received
packet counters.
Data Center Reference:
Monitoring interface statistics is a crucial step in troubleshooting and validating network traffic,
particularly in complex overlay environments like EVPN-VXLAN.
Question 6
Exhibit.
Connections between hosts connected to Leaf-1 and Leaf-2 are not working correctly.
- A. Referring to the exhibit, which two configuration changes are required to solve the problem? (Choose two.)
- B. Configure the set switch-options vtep-source-interface irb.0 parameter on Leaf-1.
- C. Configure the set switch-options vrf-target target:65000:l parameteron Leaf-2.
- D. Configure the set switch-options route-distinguisher i92.168.100.50:i parameter on Leaf-1.
- E. Configure the set switch-options service-id 1 parameter on Leaf-2.
Answer:
CE
Explanation:
Issue Analysis:
The problem in the exhibit suggests a mismatch in configuration parameters between Leaf-1 and
Leaf-2, leading to communication issues between hosts connected to these leaf devices.
Configuration Mismatches:
Service-ID: Leaf-1 has service-id 1 configured, while Leaf-2 does not have this parameter. For
consistency and proper operation, the service-id should be the same across both leaf devices.
VRF Target: Leaf-1 is configured with vrf-target target:65000:1, while Leaf-2 is configured with vrf-
target target:65000:2. To allow proper VRF import/export between the two leafs, these should
match.
Corrective Actions:
C . Configure the set switch-options vrf-target target:65000:1 parameter on Leaf-2: This aligns the
VRF targets between the two leaf devices, ensuring they can correctly import and export routes.
E . Configure the set switch-options service-id 1 parameter on Leaf-2: This ensures that both Leaf-1
and Leaf-2 use the same service ID, which is necessary for consistency in the EVPN-VXLAN setup.
Data Center Reference:
Correct configuration of VRF targets and service IDs is critical in EVPN-VXLAN setups to ensure that
routes and services are correctly shared and recognized between different devices in the network
fabric.
Question 7
What are three actions available tor MAC move limiting? (Choose three.)
- A. drop
- B. filter
- C. enable
- D. log
- E. shutdown
Answer:
ADE
Explanation:
MAC Move Limiting:
MAC move limiting is a security feature used in network switches to detect and mitigate rapid
changes in MAC address locations, which could indicate a network issue or an attack such as MAC
flapping or spoofing.
When a MAC address is learned on a different interface than it was previously learned, the switch
can take various actions to prevent potential issues.
Available Actions:
A . drop: This action drops packets from the MAC address if it violates the move limit, effectively
blocking communication from the offending MAC address.
D . log: This action logs the MAC move event without disrupting traffic, allowing network
administrators to monitor and investigate the event.
E . shutdown: This action shuts down the interface on which the MAC address violation occurred,
effectively stopping all traffic on that interface to prevent further issues.
Other Actions (Not Correct):
B . filter: Filtering is not typically associated with MAC move limiting; it generally refers to applying
ACLs or other mechanisms to filter traffic.
C . enable: This is not an action related to MAC move limiting, as it does not represent a specific
reaction to a MAC move event.
Data Center Reference:
MAC move limiting is crucial for maintaining network stability and security, particularly in
environments with dynamic or large-scale Layer 2 networks where MAC addresses might frequently
change locations.
Question 8
Exhibit.
Referring to the exhibit, the spinel device has an underlay BGP group that is configured to peer with
its neighbors' directly connected interfaces. Which two statements are true in this scenario? (Choose
two.)
- A. The multihop statement is not required to establish the underlay BGP sessions.
- B. Load balancing for the underlay is not configured correctly.
- C. The multihop statement is required to establish the underlay BGP sessions.
- D. Load balancing for the underlay is configured correctly.
Answer:
AD
Explanation:
Understanding BGP Configuration in the Exhibit:
The exhibit shows a BGP configuration on spine1 with a group named underlay, configured to peer
with directly connected interfaces of other devices in the network.
Multipath multiple-as: This statement allows the router to install multiple paths in the routing table
for routes learned from different ASes, facilitating load balancing.
Key Statements:
A . The multihop statement is not required to establish the underlay BGP sessions: In this case, the
BGP peers are directly connected (as indicated by their neighbor IP addresses), so the multihop
statement is unnecessary. Multihop is typically used when BGP peers are not directly connected and
packets need to traverse multiple hops.
D . Load balancing for the underlay is configured correctly: The multipath { multiple-as; } statement in
the configuration enables load balancing across multiple paths from different autonomous systems,
which is appropriate for underlay networks in data center fabrics.
Incorrect Statements:
C . The multihop statement is required to establish the underlay BGP sessions: This is incorrect
because the peers are directly connected, making the multihop statement unnecessary.
B . Load balancing for the underlay is not configured correctly: This is incorrect because the
configuration includes the necessary multipath settings for load balancing.
Data Center Reference:
BGP configurations in EVPN-VXLAN underlay networks are crucial for ensuring redundancy, load
balancing, and efficient route propagation across the data center fabric.
Question 9
You want to provide a OCI that keeps each data center routing domain isolated, while also supporting
translation of VNIs. Which DCI scheme allows these features?
- A. MPLS DCI label exchange
- B. over the top (OTT) with VNI translation enabled
- C. VXLAN stitching
- D. over the top (OTT) with proxy gateways
Answer:
C
Explanation:
Understanding DCI (Data Center Interconnect) Schemes:
DCI schemes are used to connect multiple data centers, enabling seamless communication and
resource sharing between them. The choice of DCI depends on the specific requirements, such as
isolation, VNI translation, or routing domain separation.
VXLAN Stitching:
VXLAN stitching involves connecting multiple VXLAN segments, allowing VNIs (VXLAN Network
Identifiers) from different segments to communicate with each other while maintaining separate
routing domains.
This approach is particularly effective for keeping routing domains isolated while supporting VNI
translation, making it ideal for scenarios where you need to connect different data centers or
networks without merging their control planes.
Other Options:
A . MPLS DCI label exchange: This option typically focuses on MPLS-based interconnections and does
not inherently support VNI translation or isolation in the context of VXLAN.
B . Over the top (OTT) with VNI translation enabled: This could support VNI translation but does not
inherently ensure routing domain isolation.
D . Over the top (OTT) with proxy gateways: This typically involves using external gateways for traffic
routing and may not directly support VNI translation or isolation in the same way as VXLAN stitching.
Data Center Reference:
VXLAN stitching is a powerful method in multi-data center environments, allowing for flexibility in
connecting various VXLAN segments while preserving network isolation and supporting complex
interconnect requirements.
Question 10
Exhibit.
Given the configuration shown in the exhibit, why has the next hop remained the same for the EVPN
routes advertised to the peer 203.0.113.2?
- A. EVPN routes cannot have the next hop changed.
- B. The export policy is incorrectly configured.
- C. The vrf-export parameter must be applied.
- D. The vpn-apply-export parameter must be applied to this peer.
Answer:
D
Explanation:
Understanding the Configuration:
The configuration shown in the exhibit involves an EVPN (Ethernet VPN) setup using BGP as the
routing protocol. The export policy named CHANGE_NH is applied to the BGP group evpn-peer,
which includes a rule to change the next hop for routes that match the policy.
Issue with Next Hop Not Changing:
The policy CHANGE_NH is correctly configured to change the next hop to 203.0.113.10 for the
matching routes. However, the next hop remains unchanged when advertising EVPN routes to the
peer 203.0.113.2.
Reason for the Issue:
In Junos OS, when exporting routes for VPNs (including EVPN), the next-hop change defined in a
policy will not take effect unless the vpn-apply-export parameter is used in the BGP configuration.
This parameter ensures that the export policy is applied specifically to VPN routes.
The vpn-apply-export parameter must be included to apply the next-hop change to EVPN routes.
Correct Answer Explanation:
D . The vpn-apply-export parameter must be applied to this peer: This is the correct solution because
the next hop in EVPN routes won't be altered without this parameter in the BGP configuration. It
instructs the BGP process to apply the export policy to the EVPN routes.
Data Center Reference:
This behavior is standard in EVPN deployments with Juniper Networks devices, where the export
policies applied to VPN routes require explicit invocation using vpn-apply-export to take effect.
Question 11
What are two ways in which an EVPN-signaled VXLAN is different from a multicast-signaled VXLAN?
(Choose two.)
- A. An EVPN-signaled VXLAN can perform autodiscovery of VTEPs using IS-IS.
- B. An EVPN-signaled VXLAN can perform autodiscovery of VTEPs using BGP.
- C. An EVPN-signaled VXLAN is less resource intensive.
- D. An EVPN-signaled VXLAN features slower and more complete convergence.
Answer:
BC
Explanation:
Multicast-Signaled VXLAN:
In traditional multicast-signaled VXLAN, VTEPs (VXLAN Tunnel Endpoints) use multicast to flood and
learn about remote VTEPs. This method relies on multicast in the underlay network to distribute
BUM (Broadcast, Unknown unicast, and Multicast) traffic.
This approach can be resource-intensive due to the need for multicast group management and
increased network traffic, especially in large deployments.
EVPN-Signaled VXLAN:
EVPN-signaled VXLAN uses BGP (Border Gateway Protocol) to signal the presence of VTEPs and
distribute MAC address information. BGP is used for VTEP autodiscovery and the distribution of
endpoint information.
This method is more efficient because it reduces the reliance on multicast, instead using BGP control-
plane signaling to handle VTEP discovery and MAC learning, which reduces the overhead on the
network and improves scalability.
Correct Statements:
B . An EVPN-signaled VXLAN can perform autodiscovery of VTEPs using BGP: This is correct because
EVPN uses BGP for VTEP autodiscovery, making it more efficient and scalable compared to multicast-
based methods.
C . An EVPN-signaled VXLAN is less resource-intensive: This is correct because it eliminates the need
for multicast flooding in the underlay, instead using BGP for signaling, which is less demanding on
network resources.
Incorrect Statements:
A . An EVPN-signaled VXLAN can perform autodiscovery of VTEPs using IS-IS: This is incorrect
because EVPN relies on BGP, not IS-IS, for VTEP discovery and signaling.
D . An EVPN-signaled VXLAN features slower and more complete convergence: This is incorrect;
EVPN with BGP typically provides faster convergence due to its use of a control plane rather than
relying on data plane learning.
Data Center Reference:
EVPN-VXLAN is widely adopted in modern data center designs due to its scalability, efficiency, and
reduced resource consumption compared to multicast-based VXLAN solutions. It leverages the
strengths of BGP for control-plane-driven operations, resulting in more efficient and scalable
networks.
Question 12
You are implementing VXLAN broadcast domains in your data center environment. Which two
statements are correct in this scenario? (Choose two.)
- A. A VXLAN packet does not contain a VLAN ID.
- B. The VNI must match the VLAN tag to ensure that the remote VTEP can decapsulate VXLAN packets.
- C. Layer 2 frames are encapsulated by the source VTEP.
- D. The VNI is a 16-bit value and can range from 0 through 16.777.215.
Answer:
AC
Explanation:
VXLAN Overview:
VXLAN (Virtual Extensible LAN) is a network virtualization technology that encapsulates Layer 2
Ethernet frames into Layer 3 UDP packets for transmission over an IP network. It allows the creation
of Layer 2 overlay networks across a Layer 3 infrastructure.
Understanding VXLAN Components:
VTEP (VXLAN Tunnel Endpoint): A VTEP is responsible for encapsulating and decapsulating Ethernet
frames into and from VXLAN packets.
VNI (VXLAN Network Identifier): A 24-bit identifier used to distinguish different VXLAN segments,
allowing for up to 16 million unique segments.
Correct Statements:
C . Layer 2 frames are encapsulated by the source VTEP: This is correct. In a VXLAN deployment, the
source VTEP encapsulates the original Layer 2 Ethernet frame into a VXLAN packet before
transmitting it over the IP network to the destination VTEP, which then decapsulates it.
A . A VXLAN packet does not contain a VLAN ID: This is correct. The VXLAN header does not carry the
original VLAN ID; instead, it uses the VNI to identify the network segment. The VLAN ID is local to the
switch and does not traverse the VXLAN tunnel.
Incorrect Statements:
B . The VNI must match the VLAN tag to ensure that the remote VTEP can decapsulate VXLAN
packets: This is incorrect. The VNI is independent of the VLAN tag, and the VLAN ID does not need to
match the VNI. The VNI is what the remote VTEP uses to identify the correct VXLAN segment.
D . The VNI is a 16-bit value and can range from 0 through 16,777,215: This is incorrect because the
VNI is a 24-bit value, allowing for a range of 0 to 16,777,215.
Data Center Reference:
VXLAN technology is critical for modern data centers as it enables scalability and efficient
segmentation without the constraints of traditional VLAN limits.
Question 13
You are deploying an IP fabric using EBGP and notice that your leaf devices are advertising and
receiving all the routes. However, the routes are not installed in the routing table and are marked as
hidden.
Which two statements describe how to solve the issue? (Choose two.)
- A. You need to configure as-override.
- B. You need to configure a next-hop self policy.
- C. You need to configure loops 2.
- D. You need to configure multipath multiple-as.
Answer:
BD
Explanation:
Issue Overview:
The leaf devices in an IP fabric using eBGP are advertising and receiving all routes, but the routes are
not being installed in the routing table and are marked as hidden. This typically indicates an issue
with the BGP configuration, particularly with next-hop handling or AS path concerns.
Corrective Actions:
B . You need to configure a next-hop self policy: This action ensures that the leaf devices modify the
next-hop attribute to their own IP address before advertising routes to their peers. This is particularly
important in eBGP setups where the next-hop may not be directly reachable by other peers.
D . You need to configure multipath multiple-as: This setting allows the router to accept multiple
paths from different autonomous systems (ASes) and use them for load balancing. Without this, the
BGP process might consider only one path and mark others as hidden.
Incorrect Statements:
A . You need to configure as-override: AS-override is used to replace the AS number in the AS-path
attribute to prevent loop detection issues in MPLS VPNs, not in a typical eBGP IP fabric setup.
C . You need to configure loops 2: There is no specific BGP command loops 2 relevant to resolving
hidden routes in this context. It might be confused with allowas-in, which is used to allow AS path
loops under certain conditions.
Data Center Reference:
Proper BGP configuration is crucial in IP fabrics to ensure route propagation and to prevent routes
from being marked as hidden. Configuration parameters like next-hop self and multipath multiple-as
are common solutions to ensure optimal route installation and load balancing in a multi-vendor
environment.
Question 14
In your EVPN-VXAN environment, you want to prevent a multihomed server from receiving multiple
copies of BUM traffic in active/active scenarios. Which EVPN route type would satisfy this
requirement?
- A. Type 8
- B. Type 7
- C. Type 4
- D. Type 5
Answer:
C
Explanation:
Understanding the Scenario:
In an EVPN-VXLAN environment, when using multi-homing in active/active scenarios, there's a risk
that a multihomed server might receive duplicate copies of Broadcast, Unknown unicast, and
Multicast (BUM) traffic. This is because multiple VTEPs might forward the same BUM traffic to the
server.
EVPN Route Types:
Type 4 Route (Ethernet Segment Route): This route type is used to advertise the Ethernet Segment
(ES) to which the device is connected. It is specifically used in multi-homing scenarios to signal the ES
and its associated Ethernet Tag to all the remote VTEPs. The Type 4 route includes information that
helps prevent BUM traffic duplication in active/active multi-homing by using a split-horizon
mechanism, which ensures that traffic sent to a multihomed device does not get looped back.
Explanation:
The Type 4 route is crucial for ensuring that in a multi-homed setup, particularly in an active/active
configuration, BUM traffic does not result in duplication at the server. The route helps coordinate
which VTEP is responsible for forwarding the BUM traffic to the server, thereby preventing duplicate
traffic.
Data Center Reference:
Type 4 routes are essential for managing multi-homing in EVPN to avoid the issues of BUM traffic
duplication, which could otherwise lead to inefficiencies and potential network issues.
Question 15
You want to convert an MX Series router from a VXLAN Layer 2 gateway to a VXLAN Layer 3 gateway
for VNI 100. You have already configured an IRB interface. In this scenario, which command would
you use to accomplish this task?
- A. set protocols isis interface irb.100 passive
- B. set vlans VLAN-100 13-interface irb.100
- C. set bridge-domains VLAN-100 routing-interface irb.100
- D. set protocols ospf area 0.0.0.0 interface irb.100 passive
Answer:
C
Explanation:
Scenario Overview:
Converting an MX Series router from a VXLAN Layer 2 gateway to a VXLAN Layer 3 gateway involves
transitioning the router's functionality from simply bridging traffic within a VXLAN segment to
routing traffic between different segments.
Key Configuration Requirement:
IRB (Integrated Routing and Bridging) Interface: An IRB interface allows for both Layer 2 switching
and Layer 3 routing. To enable routing for a specific VNI (VXLAN Network Identifier), the IRB interface
must be associated with the routing function in the corresponding bridge domain.
Correct Command:
C . set bridge-domains VLAN-100 routing-interface irb.100: This command correctly binds the IRB
interface to the bridge domain, enabling Layer 3 routing functionality within the VXLAN for VNI 100.
This effectively transitions the device from operating solely as a Layer 2 gateway to a Layer 3
gateway.
Data Center Reference:
This configuration step is essential when converting a Layer 2 VXLAN gateway to a Layer 3 gateway,
enabling the MX Series router to route between VXLAN segments.