CCNA Sp Architecture Questions

75 of 136 questions · Page 1/2 · Sp Architecture topic · Answers revealed

1
MCQhard

A service provider is deploying Segment Routing (SR) with TI-LFA for fast convergence. Which mechanism does TI-LFA use to repair a link failure in a node segment path?

A.Precomputes a backup path using a segment list (label stack) that avoids the failed link
B.Uses loop-free alternate (LFA) as defined in IPFRR
C.Uses RSVP-TE to signal a protected LSP
D.Relies on BFD to trigger a backup path in the forwarding table
AnswerA

TI-LFA precomputes a backup path by inserting a segment list to steer traffic around the failure.

Why this answer

TI-LFA uses a post-convergence path and pushes additional segment IDs (SIDs) for the repair path. Option A is correct because TI-LFA relies on MPLS label stacking to steer traffic around the failure. Option B is wrong because RSVP-TE is different.

Option C is wrong because BFD only detects failure. Option D is wrong because LFA alone does not use segment routing.

2
MCQhard

A service provider is implementing MPLS-TE with FRR (Fast Reroute) using one-to-one backup tunnels. After activation, they notice that the number of labels in the forwarding table has increased significantly. What is the most likely reason for this increase?

A.One-to-one backup creates a unique backup tunnel for each protected LSP
B.RSVP-TE signaling is not properly aggregating labels
C.Penultimate Hop Popping (PHP) is disabled
D.Facility backup is being used instead of one-to-one
AnswerA

Each protected LSP gets its own backup tunnel, increasing label count linearly.

Why this answer

One-to-one backup tunnels in MPLS-TE FRR create a dedicated backup LSP for each protected primary LSP. This means every primary LSP gets its own unique set of labels for the backup path, leading to a significant increase in the number of labels in the forwarding table. In contrast, facility backup shares a single bypass tunnel among multiple protected LSPs, which conserves labels.

Exam trap

Cisco often tests the distinction between one-to-one and facility backup, where candidates may confuse the label increase with a signaling or PHP issue, rather than recognizing it as a direct consequence of the one-to-one backup design.

How to eliminate wrong answers

Option B is wrong because RSVP-TE signaling does aggregate labels for the primary LSP, but the label increase is a direct consequence of the one-to-one backup design, not a signaling failure. Option C is wrong because disabling PHP would affect label imposition at the penultimate hop, but it does not cause a significant increase in the number of labels; PHP affects label stack depth, not the count of unique backup labels. Option D is wrong because facility backup (bypass tunnels) actually reduces label usage by sharing a single backup tunnel among multiple LSPs, which is the opposite of the observed increase.

3
MCQmedium

Refer to the exhibit. A PE router is showing a VRF route. What does the [200/0] indicate?

B.Local preference 200 and MED 0
C.Label value 200 and metric 0
D.AS path length 200 and weight 0
AnswerA

BGP external routes have AD 200.

Why this answer

In BGP, the bracket notation shows [administrative distance/metric]. [200/0] means AD 200 (BGP external) and metric 0. AS path length, local preference, and label values are not shown in this format.

4
MCQeasy

A service provider wants to offer Layer 2 VPN services using MPLS. Which technology should be used to transport Ethernet frames across the MPLS core?

A.Pseudowire
B.LDP
C.VPLS
D.L3VPN
AnswerA

Pseudowire provides point-to-point Layer 2 transport over MPLS.

Why this answer

Pseudowire (A) is the correct technology because it provides a point-to-point Layer 2 circuit over an MPLS core, allowing Ethernet frames to be encapsulated and transported transparently. This is defined in RFC 4448 (Ethernet over MPLS) and enables service providers to offer E-Line services. Pseudowire uses MPLS labels to forward frames across the core without requiring the core routers to participate in the customer's Layer 2 control plane.

Exam trap

Cisco often tests the distinction between point-to-point (Pseudowire) and multipoint (VPLS) Layer 2 services, so the trap here is that candidates may confuse VPLS as the answer because it also transports Ethernet frames, but the question specifies 'Layer 2 VPN services' without mentioning multipoint, making Pseudowire the correct choice.

How to eliminate wrong answers

Option B (LDP) is wrong because LDP is a label distribution protocol used to distribute MPLS labels for building LSPs, not a technology for transporting Ethernet frames. Option C (VPLS) is wrong because VPLS provides multipoint-to-multipoint Layer 2 connectivity (E-LAN), not the point-to-point Ethernet transport described in the question. Option D (L3VPN) is wrong because L3VPN operates at Layer 3, routing IP packets based on customer VPN routes, and does not transport raw Ethernet frames across the MPLS core.

5
MCQhard

A service provider is deploying multicast over MPLS L3VPN. Which mechanism is used to provide multicast in the core between PE routers?

A.IGMP
B.PIM-SM
C.PIM-DM
D.mLDP
AnswerD

mLDP is the multicast label distribution protocol for MPLS.

Why this answer

mLDP is used for multicast label distribution in the MPLS core. PIM-SM and PIM-DM are protocol independent multicast modes, but not specifically for MPLS core multicast. IGMP is for host registration.

6
MCQmedium

A service provider is redesigning its MPLS core to support both L3VPN and L2VPN services. They want to minimize the number of labels in the forwarding table while maintaining per-VRF label allocation. Which label allocation mode should be used for the L3VPN service?

A.Per-VRF label allocation
B.Per-CE label allocation
C.Per-prefix label allocation
D.Per-instance label allocation
AnswerA

Per-VRF assigns a single label per VRF, minimizing labels while allowing per-VRF forwarding.

Why this answer

Per-VRF label allocation assigns a single MPLS label per VRF, meaning all routes within a VRF share the same label. This minimizes the number of labels in the forwarding table compared to per-prefix allocation, while still maintaining per-VRF isolation for L3VPN services. It is the recommended mode when the goal is to reduce label consumption without sacrificing VPN separation.

Exam trap

Cisco often tests the distinction between per-VRF and per-prefix label allocation, where candidates mistakenly choose per-prefix because they think it offers finer granularity, but the question explicitly asks for minimizing labels, which per-VRF achieves.

How to eliminate wrong answers

Option B (Per-CE label allocation) is wrong because it assigns a label per customer edge (CE) router, which does not directly minimize labels in the core and is not a standard L3VPN label mode; it is more relevant to Carrier Supporting Carrier (CSC) or inter-AS scenarios. Option C (Per-prefix label allocation) is wrong because it assigns a unique label for each prefix in the VRF, which maximizes label usage and contradicts the goal of minimizing labels in the forwarding table. Option D (Per-instance label allocation) is wrong because it is not a recognized label allocation mode in MPLS L3VPN; the correct terms are per-VRF, per-prefix, or per-CE, and 'per-instance' is a distractor.

7
MCQhard

A service provider is deploying an MPLS L3VPN solution for a customer with two sites. The PE routers are running OSPF as the IGP and LDP for label distribution. The provider wants to ensure that customer traffic is load-balanced across two equal-cost paths between the PEs. The network team notices that all traffic is taking only one path despite the IGP showing equal-cost routes. The team has verified that the MPLS forwarding table on the P router shows only one label entry for the BGP next-hop. The team suspects a load-balancing issue. Which action best resolves the problem?

A.Increase the OSPF maximum-paths value to 4
B.Enable per-flow load balancing on all routers with 'load-balance per-flow'
C.Enable BGP additional-paths on the PE routers
D.Configure LDP to use the 'mpls ldp igp sync' command
AnswerB

This enables load balancing based on flow, which is required for MPLS to use multiple equal-cost paths.

Why this answer

Option B is correct because the issue is that MPLS L3VPN traffic is not being load-balanced despite equal-cost IGP paths. This typically occurs when the MPLS forwarding table on the P router has only one label entry for the BGP next-hop, indicating that per-flow load balancing is not enabled. Enabling 'load-balance per-flow' on all routers ensures that the CEF (Cisco Express Forwarding) uses per-flow hashing to distribute traffic across multiple equal-cost LSPs (Label Switched Paths), rather than per-packet or default behavior that may favor a single path.

Exam trap

Cisco often tests the misconception that IGP equal-cost routes automatically guarantee MPLS load balancing, but the trap here is that MPLS forwarding uses the label entry for the BGP next-hop, and without per-flow load balancing, the router may install only one label entry in the LFIB (Label Forwarding Information Base) for that next-hop, causing all traffic to follow a single path.

How to eliminate wrong answers

Option A is wrong because increasing OSPF maximum-paths to 4 does not address the MPLS label-level load-balancing issue; the IGP already shows equal-cost routes, so the problem lies in how MPLS forwards traffic across those paths, not in route selection. Option C is wrong because BGP additional-paths is used to advertise multiple paths for a prefix to avoid path-hiding in BGP, but it does not affect how the MPLS forwarding table load-balances traffic across existing equal-cost LSPs; the issue is on the P router, not BGP path advertisement. Option D is wrong because 'mpls ldp igp sync' ensures LDP and IGP are synchronized to prevent blackholing during convergence, but it does not enable load balancing across multiple LSPs; the problem is not synchronization but the lack of per-flow hashing in the forwarding plane.

8
MCQhard

A large SP network uses Segment Routing (SR) with MPLS data plane. They want to enforce a strict path for certain traffic flows across the core while using shortest-path for others. Which technique should be used?

A.SR-TE with explicit path using segment list
B.Using TI-LFA
C.Configuring bandwidth reservation on all links
D.Using SR policies with color extended community based on BGP
AnswerA

SR-TE with a segment list defines the exact path through the network.

Why this answer

SR-TE with explicit path using segment lists allows defining a strict path. Option B (TI-LFA) is for fast reroute, not path enforcement. Option C is not SR-related.

Option D uses color for service mapping but relies on underlying IGP routing; it doesn't enforce a strict path. Thus A is correct.

9
Multi-Selecteasy

Which two protocols are commonly used for label exchange in an MPLS network? (Choose two.)

Select 2 answers
B.PIM
C.LDP
D.BGP
E.IS-IS
AnswersC, D

LDP exchanges labels for IGP prefixes.

Why this answer

LDP and BGP are commonly used for label exchange. LDP for IGP labels, BGP for VPN labels. OSPF, IS-IS, and PIM do not exchange MPLS labels.

10
MCQmedium

A service provider is troubleshooting a BGP route advertisement issue. Routes from a customer are not being advertised to the upstream provider. The PE router is configured with 'neighbor 10.0.0.1 route-map RMAP out'. The route-map RMAP permits the customer prefix. However, the BGP table on the PE shows the prefix as valid but not advertised. What is a likely cause?

A.The next-hop is not reachable from the upstream provider
B.The BGP session to the upstream provider is flapping
C.The prefix is not in the global routing table
D.The route-map is applied inbound instead of outbound
AnswerA

If next-hop-self is not used, the next-hop might be a customer-facing interface not reachable upstream.

Why this answer

The BGP table shows the prefix as valid but not advertised, which indicates that BGP has the route but is not sending it to the upstream neighbor. A common cause is that the next-hop for the customer prefix is not reachable from the PE router via the interface used to reach the upstream provider. BGP will not advertise a route if the next-hop is not reachable in the routing table (unless 'neighbor x.x.x.x next-hop-self' is configured), because the upstream router would be unable to forward traffic to that next-hop.

Exam trap

Cisco often tests the subtle distinction between a prefix being 'valid' (next-hop reachable in the global routing table) and 'advertised' (next-hop reachable from the specific neighbor's perspective), leading candidates to overlook next-hop reachability as the root cause.

How to eliminate wrong answers

Option B is wrong because a flapping BGP session would cause the session to go up and down, resulting in prefixes being withdrawn and re-advertised, not a stable 'valid but not advertised' state. Option C is wrong because if the prefix were not in the global routing table, it would not appear as valid in the BGP table; BGP requires the prefix to be in the routing table (or have a valid route) to be considered valid. Option D is wrong because the question states the route-map is applied outbound, and if it were mistakenly applied inbound, the prefix would still be advertised (the outbound filter would not exist), and the issue would be with receiving routes, not advertising them.

11
Multi-Selecthard

A service provider is implementing Segment Routing (SR) with MPLS. Which three statements are true regarding SR-MPLS? (Choose three.)

Select 3 answers
A.SR-MPLS supports traffic engineering only with a central controller
B.SR-MPLS does not require LDP or RSVP-TE
C.The SRGB must be globally unique across the domain
D.Adjacency SIDs are advertised via BGP-LS
E.Prefix-SIDs are bound to node loopbacks
AnswersB, C, E

SR uses IGP to distribute labels, eliminating the need for LDP or RSVP-TE.

Why this answer

SR-MPLS does not require LDP or RSVP-TE (A). The SRGB should be globally unique (B). Prefix-SIDs are typically bound to node loopbacks (D).

Option C is false: Adjacency SIDs are advertised via IGP, not BGP-LS exclusively. Option E is false: SR supports distributed TE via TI-LFA and explicit paths without a central controller.

12
MCQmedium

A service provider is deploying EVPN-VPWS for point-to-point services. They have set up an EVPN instance with Ethernet Segment Identifier (ESI) and EVI. After configuration, the pseudowire is not coming up. Which misconfiguration is most likely?

A.The same EVI is used on both PEs.
B.The ESI is all-zeros.
C.The MTU mismatch on the attachment circuits.
D.The BGP EVPN address-family is not activated.
AnswerA

In EVPN-VPWS, the EVI must match on both endpoints; otherwise, the pseudowire cannot be established.

Why this answer

Option B is correct because for EVPN-VPWS, the same EVI must be used on both PEs to establish the pseudowire. Option A is wrong because a non-zero ESI is required, but all-zeros is invalid. Option C is wrong because BGP EVPN address-family is needed but its absence would affect all EVPN services, not just VPWS.

Option D is wrong because MTU mismatch causes issues but is less likely than EVI mismatch.

13
MCQmedium

A service provider has deployed QoS on its MPLS backbone to offer different classes of service. The provider notices that EF (Expedited Forwarding) traffic sometimes experiences high jitter during congestion. Following recommended practices, which action is MOST likely to reduce jitter for EF traffic?

A.Use priority queuing (LLQ) for EF traffic with a policer
B.Apply traffic shaping on all EF packets at the edge
C.Change the DSCP value of EF traffic to AF41 to reduce drops
D.Apply weighted random early detection (WRED) on the EF queue
AnswerA

LLQ gives strict priority, minimizing jitter by servicing EF first.

Why this answer

Option B is correct because priority queuing ensures EF traffic is served before other queues, reducing jitter. Option A is wrong because shaping reduces bandwidth but does not eliminate jitter if congestion exists. Option C is wrong because WRED is for congestion avoidance and can drop EF packets if not excluded.

Option D is wrong because changing DSCP does not improve jitter directly; proper queuing is key.

14
MCQhard

An ISP is deploying EVPN-VXLAN for its data center interconnect. Which statement about control-plane learning is correct?

A.MAC addresses are learned via IRB
B.MAC addresses are learned via OSPF
C.MAC addresses are learned via BGP MP-BGP EVPN address family
D.MAC addresses are learned via VXLAN data plane
AnswerC

EVPN uses BGP for MAC route advertisement.

Why this answer

Option A is correct because EVPN uses BGP as the control plane to advertise MAC/VPN routes. Option B is wrong because IRB is for integrated routing and bridging, not control-plane learning. Option C is wrong because MP-BGP is used, not OSPF.

Option D is wrong because VXLAN is data-plane encapsulation.

15
MCQhard

You are a network architect for a large service provider. The network consists of multiple core routers (P routers) and edge routers (PE routers) supporting both L3VPN and L2VPN services. The network currently uses LDP for label distribution and has a flat IGP (OSPF) design. Recently, there have been scalability issues: the IGP convergence time has increased significantly, and the OSPF link-state database (LSDB) has grown large, causing high CPU utilization on core routers. Additionally, the LDP sessions are taking longer to establish after a router reboot. You are tasked with redesigning the network to improve scalability and convergence. The budget allows for significant changes but cannot replace all hardware. Which approach best addresses the scalability issues while minimizing disruption?

A.Upgrade OSPF to OSPFv3 to support IPv6 and improve performance
B.Implement Segment Routing (SR-MPLS) to replace LDP and reduce IGP overhead
C.Introduce IS-IS as a second IGP to offload traffic from OSPF, and use route redistribution between the two protocols
D.Replace OSPF with BGP as the core IGP to reduce link-state overhead
AnswerB

SR-MPLS eliminates LDP and reduces IGP LSDB size because SIDs are advertised as TLV extensions, reducing the number of LSA types.

Why this answer

Segment Routing (SR-MPLS) eliminates the need for LDP by encoding MPLS labels directly in the IGP (OSPF or IS-IS) using extensions, which reduces control-plane overhead and speeds up convergence. This directly addresses the large OSPF LSDB and slow LDP session establishment because SR-MPLS does not require a separate label distribution protocol and can leverage a single IGP for both routing and label information, improving scalability without hardware replacement.

Exam trap

Cisco often tests the misconception that adding a second IGP or upgrading to OSPFv3 will improve scalability, when in fact the real issue is the overhead of a separate label distribution protocol (LDP) and the LSDB size, which Segment Routing directly addresses by integrating label distribution into the IGP.

How to eliminate wrong answers

Option A is wrong because OSPFv3 is an IPv6 routing protocol that does not inherently reduce LSDB size or improve convergence; it would add IPv6 overhead without solving the core LDP and IGP scalability issues. Option C is wrong because introducing IS-IS as a second IGP with route redistribution would increase complexity, LSDB size, and convergence time due to mutual redistribution loops and administrative overhead, making scalability worse. Option D is wrong because BGP is not designed as an IGP; it lacks fast convergence and link-state awareness, and using it as a core IGP would introduce path-vector convergence delays and require full-mesh or route reflectors, increasing rather than reducing overhead.

16
MCQmedium

Refer to the exhibit. The router is configured as a PE router in an MPLS VPN network. Which option correctly identifies a configuration error that would prevent proper operation?

A.The neighbor remote-as should be the same AS number for iBGP
B.The interface lacks the 'mpls ip' command
C.The OSPF network statement uses an incorrect wildcard mask
D.The BGP network statement does not match the interface prefix
AnswerC

The wildcard mask 0.255.255.255 is too broad and does not match the /30 prefix correctly.

Why this answer

Option C is correct because the OSPF network statement uses a wildcard mask of 0.0.0.0, which matches only the exact IP address 10.1.1.1, but the interface has a /30 prefix (255.255.255.252), so the correct wildcard mask should be 0.0.0.3 to include the entire subnet. This misconfiguration prevents OSPF from advertising the correct network, breaking MPLS VPN CE-to-PE routing.

Exam trap

Cisco often tests the distinction between OSPF wildcard masks and subnet masks, where candidates mistakenly think any wildcard mask that includes the interface IP is sufficient, but the mask must match the subnet exactly for OSPF to advertise the correct network.

How to eliminate wrong answers

Option A is wrong because the neighbor remote-as for iBGP should be the same AS number as the router's own BGP AS, and the exhibit shows neighbor 10.1.1.2 remote-as 65000, which matches the router's BGP AS 65000, so this is correct. Option B is wrong because the interface configuration includes 'mpls ip' under interface GigabitEthernet0/0, so MPLS is enabled on that interface. Option D is wrong because the BGP network statement uses 'network 10.1.1.0 mask 255.255.255.252', which exactly matches the /30 prefix on the interface, so it is correctly configured.

17
Multi-Selectmedium

A service provider is designing an MPLS L3VPN network to provide Layer 3 VPN services to multiple customers. Which two statements correctly describe the roles of the Provider Edge (PE) and Customer Edge (CE) routers in this architecture?

Select 2 answers
A.P routers store all customer VPN routes in their global routing table.
B.CE routers perform MPLS label switching between PE routers.
C.PE routers advertise customer routes via MP-BGP with route distinguishers and route targets.
D.CE routers participate in the service provider's IGP to exchange loopback addresses.
E.PE routers maintain separate VRF tables for each customer VPN.
AnswersC, E

Correct. MP-BGP is used to distribute VPNv4 routes with RD and RT.

Why this answer

PE routers maintain separate VRF tables for each customer VPN and advertise customer routes via MP-BGP with route distinguishers and route targets. CE routers do not participate in the service provider's IGP.

18
MCQeasy

An SP is deploying a Quality of Service (QoS) architecture in its core network to support multiple services: voice, video, and data. The core routers use MPLS and implement QoS based on the MPLS EXP bits. The architecture must ensure that voice packets are never dropped, even during congestion, while allowing video to have higher priority than data. The current design marks voice with EXP 4, video with EXP 3, and data with EXP 0. During a traffic burst, voice traffic is being dropped, which should not happen. The core routers have the following queue configuration: (1) a priority queue (PQ) for EXP 4+5, (2) a bandwidth queue for EXP 2-3, (3) a default queue for EXP 0-1. What is most likely the cause of voice drops?

A.Voice traffic is being marked with EXP 4 but the priority queue also includes EXP 5, which may cause policing.
B.The bandwidth queue for video is configured to borrow from the priority queue.
C.The priority queue is not strictly priority; it shares bandwidth with other queues.
D.The priority queue is rate-limited by a policer that shapes traffic to a certain bandwidth.
AnswerD

Correct. Many implementations use a policer on the priority queue to prevent starvation; if the police rate is too low, voice packets are dropped.

Why this answer

Voice drops occur because the priority queue is often rate-limited by a policer to prevent starvation of other queues. If the policer rate is set too low, voice packets are dropped during bursts. Strict priority without policing does not drop, but policing is common in SP core to protect other queues.

The bandwidth queue and default queue are not the issue.

19
Multi-Selecthard

Which THREE are requirements for deploying MPLS Traffic Engineering with RSVP-TE?

Select 3 answers
A.OSPFv3 must be the IGP
B.LDP must be enabled on all routers
C.Links must have reservable bandwidth advertised
D.CSPF (Constrained SPF) must be implemented for path calculation
E.RSVP-TE signaling protocol must be configured
AnswersC, D, E

Bandwidth reservations require links to advertise available bandwidth.

Why this answer

RSVP-TE signaling, CSPF computation, and reservable bandwidth are key. Options B, D, and E are correct. Option A is wrong because LDP is not required.

Option C is wrong because OSPFv3 is for IPv6; RSVP-TE works with IS-IS or OSPFv2.

20
MCQeasy

Refer to the exhibit. A PE router configuration for VRF CUST1 is shown. What is the most likely result when a CE sends a route with RT 100:100?

A.The route causes a BGP session reset
B.The route is imported and installed in VRF
C.The route is imported but not advertised to other CEs
D.The route is received but not imported into VRF
AnswerD

Only routes with matching RT import are imported; RT 100:100 does not match.

Why this answer

The VRF only imports routes with RT 100:1. Routes with RT 100:100 are received in the BGP table but not imported into the VRF. Option B is incorrect because import depends on RT matching.

C and D are not typical outcomes.

21
MCQeasy

A service provider is implementing MPLS L3VPN for a customer. The customer requires that routes from two different VPNs be imported into a single VRF. Which feature should be used?

A.Route Reflector
B.Route Target (RT) import/export
C.Route Distinguisher (RD)
D.BGP extended community
AnswerB

RT import/export is used to control which routes are imported into a VRF.

Why this answer

Route Target (RT) import/export controls which routes are imported into a VRF. By configuring multiple RT import statements, routes from different VPNs can be imported. Option A refers to Route Reflector for BGP scalability, not VRF import.

Option B is Route Distinguisher, which uniquifies prefixes but doesn't control import. Option D is a component of RT but not the feature itself.

22
Multi-Selecteasy

Which THREE protocols are used for label distribution in an MPLS network?

Select 3 answers
B.LDP
C.IS-IS
D.BGP
E.RSVP
AnswersB, D, E

LDP is the most common label distribution protocol for MPLS.

Why this answer

Options A, B, and C are correct. LDP, BGP, and RSVP are standard label distribution protocols. OSPF and ISIS are IGPs and do not distribute labels, although they can be used for SR, but SR still relies on IGP to advertise prefix-SIDs, not as a label distribution protocol per se.

23
MCQmedium

A service provider offers Carrier Ethernet services using MPLS-TP in the access and aggregation layers. The network uses MPLS-TP tunnels with static LSPs and protection via 1:1 linear protection with APS. One customer reports intermittent connectivity issues on their E-LINE service. The operations team observes that the protection switchover is occurring frequently due to apparent signal failures on the working path. However, the physical layer shows no errors. The protection switching is configured with revertive mode. The working LSP has an RDI (Remote Defect Indication) configured. Upon further investigation, the team finds that the working LSP's OAM continuity check messages (CCMs) are being lost occasionally, triggering a protection switch. What is the most likely misconfiguration?

A.The CCM interval is too long, causing delayed detection.
B.The working path uses a higher MPLS-TP OAM rate than the protection path.
C.The protection path has a lower priority than the working path.
D.The CCM interval is too short, causing frequent false failures due to transient congestion.
AnswerD

Correct. A short interval makes the system overly sensitive, leading to false failure detection.

Why this answer

A short CCM interval makes the system sensitive to minor delays, causing false failures and frequent protection switches. A longer interval would reduce sensitivity but increase detection time. Priority and OAM rate differences are not typical causes.

24
MCQmedium

A service provider wants to implement Segment Routing in its MPLS core to simplify traffic engineering. What is the primary advantage of Segment Routing over traditional RSVP-TE?

A.No per-flow state on transit routers
B.Improved ECMP load balancing
C.Better support for Fast Reroute
D.Requires a central controller for path calculation
AnswerA

SR uses source routing; transit routers only need label forwarding.

Why this answer

Option C is correct because Segment Routing eliminates per-flow state on intermediate routers by encoding the path in the packet header. Option A is wrong because both can support fast-reroute. Option B is wrong because ECMP is supported by both.

Option D is wrong because SR doesn't necessarily require a central controller.

25
MCQhard

In a carrier's network, MPLS-TE tunnels are used to steer traffic away from congested links. The operator configures a tunnel with a bandwidth of 200 Mbps and a dynamic path. The CSPF computation shows a path with sufficient bandwidth, but the tunnel fails to come up. The RSVP neighbor is established. What is the most likely cause?

A.The tunnel destination is not reachable via IGP
B.The path message is rejected due to resource reservation failure
C.The tunnel interface is down
D.MPLS LDP is not configured
AnswerB

RSVP-TE reserves bandwidth; if not available, tunnel fails.

Why this answer

The tunnel fails to come up because the CSPF-computed path cannot reserve the requested 200 Mbps bandwidth. Even though the path has sufficient bandwidth on paper, the RSVP resource reservation process may fail due to a lack of available bandwidth at the exact time of reservation, or due to a mismatch in bandwidth pool configuration (e.g., global vs. subpool). Since the RSVP neighbor is established, the issue is specifically with the reservation step, not with reachability or LDP.

Exam trap

Cisco often tests the distinction between CSPF path computation (which only checks link metrics and TE attributes) and RSVP resource reservation (which performs actual bandwidth admission control), leading candidates to incorrectly assume that a successful CSPF computation guarantees the tunnel will come up.

How to eliminate wrong answers

Option A is wrong because the RSVP neighbor is already established, which implies IGP reachability to the tunnel destination is present; RSVP relies on IGP routes to send Path messages. Option C is wrong because the tunnel interface being down would prevent any RSVP signaling, but the RSVP neighbor is established, indicating the interface is operationally up. Option D is wrong because MPLS LDP is not required for MPLS-TE tunnels; RSVP-TE handles label distribution for TE tunnels, and LDP is used for non-TE LSPs.

26
MCQhard

Refer to the exhibit. An engineer has configured an SR-TE policy. What is required for this policy to be used for traffic steering?

A.Static routing
B.IGP with segment routing
C.BGP with color extended community
D.OSPF with opaque LSA
AnswerC

BGP routes with a color community matching the policy's color will steer traffic onto that policy.

Why this answer

For an SR-TE policy to be used, traffic must be steered via BGP with a color extended community matching the policy's color. Without a match, the policy is not activated. Option B: IGP with SR is already configured; Option C: static routing is not relevant; Option D: OSPF opaque LSA is for OSPF extensions, not SR-TE policy activation.

27
MCQmedium

A service provider is deploying EVPN-VXLAN in its data center to provide Layer 2 and Layer 3 overlay services. The underlay uses an eBGP-based CLOS fabric with spine and leaf switches. The leaf switches act as VTEPs and run EVPN for MAC/VXLAN advertisement. One of the tenants, a financial customer, requires that their traffic between two leaf-connected servers is always forwarded through a firewall for inspection, even when the servers are on the same leaf. The firewall is connected to a service leaf. The architect proposes using EVPN integrated routing and bridging (IRB) with asymmetric IRB. However, traffic between two VMs on the same leaf is bypassing the firewall. Which architectural change ensures that all inter-VM traffic within the same leaf goes through the firewall?

A.Implement a VXLAN tunnel from each leaf to the firewall and use policy-based forwarding (PBF) on the leaf to redirect inter-VM traffic to the firewall via the tunnel.
B.Configure a gateway on the firewall and use static routes on the leaf to forward traffic to the firewall.
C.Use EVPN symmetric IRB and ensure the firewall is attached as a Layer 2 extension.
D.Enable 'split-horizon' on the leaf switches to prevent direct forwarding.
AnswerA

Correct. PBF can redirect traffic to the firewall even for local traffic, ensuring inspection.

Why this answer

Implement a VXLAN tunnel from each leaf to the firewall and use policy-based forwarding (PBF) on the leaf to redirect inter-VM traffic to the firewall via the tunnel. This forces traffic to the firewall even for local traffic. Split-horizon prevents loops, not service insertion; static routes are not scalable; symmetric IRB still allows local bridging.

28
MCQhard

A service provider uses BGP communities to influence routing policies. An administrator wants to prevent a specific prefix from being advertised to any external AS. Which BGP community should be applied?

A.NO_ADVERTISE
B.INTERNET
C.LOCAL_AS
D.NONE
E.NO_EXPORT
AnswerE

NO_EXPORT prevents advertisement to any eBGP peer, which is exactly what is needed.

Why this answer

The well-known community NO_EXPORT (0xFFFFFF01 or 0xFFFFFF01) tells the router not to advertise the prefix to any eBGP peers. The community NO_ADVERTISE prevents advertisement to any peer (including iBGP), which is too restrictive. Local-AS (0xFFFFFF03) prevents advertisement to external AS but allows advertisement to confederation sub-AS.

To prevent advertisement to any external AS, NO_EXPORT is correct.

29
MCQmedium

You are a network engineer at a service provider that offers L3VPN services. A customer complains that their VPN traffic is intermittently dropping. The network uses OSPF as the IGP, LDP for label distribution, and MP-BGP for VPNv4 route exchange. The PE routers are connected to two core routers (P1 and P2) in a redundant design. Upon investigation, you find that the BGP next-hop for some VPN prefixes is set to the loopback interface of the remote PE, but the route to that loopback is sometimes unreachable due to a flapping link between P1 and P2. The IGP converges, but the BGP prefixes take longer to recover. What is the most likely cause of the intermittent drops?

A.The OSPF network type is incorrectly set to point-to-point
B.The BGP timers are set too low, causing premature route withdrawal
C.BGP next-hop tracking is not enabled, causing BGP to rely on IGP convergence only
D.The LDP session between the PEs is down
AnswerC

NHT allows BGP to react quickly to IGP next-hop changes.

Why this answer

The intermittent drops occur because BGP next-hop tracking (NHT) is not enabled. Without NHT, BGP relies solely on IGP convergence to detect reachability changes for the BGP next-hop (the remote PE loopback). When the link between P1 and P2 flaps, OSPF converges quickly, but BGP does not immediately re-evaluate its next-hop reachability; it waits for the next BGP scan interval (default 60 seconds) or until a BGP update is received.

This delay causes the VPN prefixes to remain installed with an unreachable next-hop, leading to traffic drops until BGP eventually withdraws or re-advertises the routes.

Exam trap

Cisco often tests the misconception that BGP automatically reacts to IGP changes instantly, when in fact without NHT, BGP relies on periodic scanning, causing a delay that leads to traffic drops during transient IGP failures.

How to eliminate wrong answers

Option A is wrong because OSPF network type set to point-to-point would affect adjacency formation and LSA flooding, but it does not directly cause BGP to delay recovery after IGP convergence; the issue is about BGP next-hop reachability timing, not OSPF network type. Option B is wrong because setting BGP timers too low (e.g., keepalive/hold timers) would cause premature session resets, not intermittent drops tied to a flapping IGP link; the problem is BGP not reacting to IGP changes, not BGP session instability. Option D is wrong because the LDP session between PEs is not required for VPNv4 route exchange; LDP is used for label distribution within the MPLS core, and the PE-to-PE LDP session is not a standard design—LDP runs between directly connected LSRs, not between PEs across the core.

30
MCQeasy

A service provider is designing a new MPLS core network and needs to choose a routing protocol that supports traffic engineering and fast convergence. Which protocol should be used?

A.RIP
D.IS-IS
AnswerD

IS-IS supports MPLS TE and provides fast convergence, making it ideal for SP core.

Why this answer

IS-IS is the correct choice because it natively supports MPLS Traffic Engineering (TE) via IS-IS TE extensions (RFC 5305) and offers fast convergence through mechanisms like IS-IS Fast Flooding and LSP throttling. Unlike OSPF, IS-IS operates directly over Layer 2, making it more scalable and robust in large service provider core networks, and it avoids the need for a separate flooding domain for TE.

Exam trap

Cisco often tests the misconception that OSPF is the only link-state protocol suitable for MPLS TE, but the trap is that IS-IS is actually the more common choice in service provider cores due to its native TE support and superior scalability in hierarchical designs.

How to eliminate wrong answers

Option A is wrong because RIP is a distance-vector protocol with slow convergence and no support for traffic engineering or MPLS TE extensions. Option B is wrong because EIGRP is a Cisco-proprietary protocol that lacks native MPLS TE support and is not designed for the hierarchical, scalable core networks required by service providers. Option C is wrong because while OSPF supports MPLS TE via OSPF TE extensions (RFC 3630), it requires a separate opaque LSA type 10 flooding domain and has higher CPU overhead for TE link-state advertisements compared to IS-IS, making IS-IS the preferred choice in many service provider designs.

31
MCQhard

A network engineer is designing a Layer 2 VPN using EVPN with MPLS data plane. The customer requires all-hub multipoint connectivity with optimal multicast replication. Which EVPN route type is used to advertise multicast group membership?

A.Route Type 3 (Inclusive Multicast Ethernet Tag)
B.Route Type 2 (MAC/IP Advertisement)
C.Route Type 4 (Ethernet Segment)
D.Route Type 6 (Selective Multicast Ethernet Tag)
AnswerD

Used to advertise multicast group membership for selective replication.

Why this answer

Route Type 6 (Selective Multicast Ethernet Tag) is used in EVPN to advertise multicast group membership for selective multicast replication. This allows the provider edge (PE) routers to build optimal multicast trees for specific groups, enabling efficient all-hub multipoint connectivity with EVPN-MPLS data plane.

Exam trap

Cisco often tests the distinction between inclusive (Route Type 3) and selective (Route Type 6) multicast, and the trap here is assuming that Route Type 3 is used for all multicast scenarios, when in fact Route Type 6 is required for optimal group-specific replication.

How to eliminate wrong answers

Option A is wrong because Route Type 3 (Inclusive Multicast Ethernet Tag) advertises an inclusive multicast service, meaning all traffic is flooded to all PEs in the broadcast domain, which does not support selective or optimal multicast replication. Option B is wrong because Route Type 2 (MAC/IP Advertisement) is used to advertise MAC and IP addresses for host reachability, not multicast group membership. Option C is wrong because Route Type 4 (Ethernet Segment) is used for multi-homing scenarios to advertise Ethernet segment identifiers and redundancy group information, not multicast group membership.

32
MCQeasy

Which network architecture model separates the control plane and data plane in a way that allows for centralized control and distributed forwarding?

A.SDN architecture
B.MPLS architecture
C.VPN architecture
D.QoS architecture
AnswerA

SDN centralizes control while keeping forwarding distributed.

Why this answer

Software-Defined Networking (SDN) architecture explicitly separates the control plane from the data plane, centralizing network intelligence in a controller while leaving packet forwarding to distributed switches and routers. This decoupling enables programmatic, centralized control of the network, with the controller (e.g., OpenDaylight, Cisco APIC) making forwarding decisions and pushing flow entries to devices via protocols like OpenFlow or OpFlex. The result is a logically centralized brain with physically distributed forwarding, which is the defining characteristic of SDN.

Exam trap

Cisco often tests the misconception that MPLS or VPN architectures inherently separate control and data planes, but they do not centralize control—they still rely on distributed protocols like LDP or MP-BGP, which is the key distinction from SDN.

How to eliminate wrong answers

Option B is wrong because MPLS architecture does not separate the control and data planes for centralized control; instead, it uses a distributed control plane (e.g., LDP, RSVP-TE) where each router independently builds its label forwarding table, and forwarding is still distributed. Option C is wrong because VPN architecture (e.g., MPLS Layer 3 VPN) relies on a distributed control plane using MP-BGP to exchange VPN routes, with each PE router making independent forwarding decisions; it does not centralize control. Option D is wrong because QoS architecture is a set of mechanisms (e.g., classification, policing, shaping) that operate within the data plane and control plane of existing devices, but it does not fundamentally separate the two planes for centralized control.

33
Multi-Selectmedium

Which THREE of the following are required components for implementing MPLS Layer 3 VPN (L3VPN) in a service provider network? (Choose three.)

Select 3 answers
A.MP-BGP between PE routers to exchange VPNv4 routes
B.VRF configuration on PE routers to separate customer routes
C.MPLS forwarding enabled on all core routers
D.IBGP between PE and P routers for label distribution
E.VRF configuration on P routers
AnswersA, B, C

MP-BGP carries VPNv4 routes with route distinguishers and route targets.

Why this answer

Option A is correct because MP-BGP (Multiprotocol BGP) is essential for carrying VPNv4 routes between PE routers. It uses address family VPNv4 to transport customer IPv4 prefixes along with their Route Distinguisher (RD) and Route Target (RT) attributes, enabling the separation and distribution of multiple customer VPNs across the MPLS core.

Exam trap

Cisco often tests the misconception that P routers require VRF configuration or that IBGP is used for label distribution between PE and P routers, when in fact P routers only need MPLS forwarding and LDP for label exchange.

34
Multi-Selecthard

A multicast service provider is designing an IPv4 PIM Sparse Mode (PIM-SM) network with multiple RPs. The network must support Anycast RP using MSDP. Which THREE statements are correct regarding this design?

Select 3 answers
A.Anycast RP allows multiple RPs to share the same IP address, providing redundancy and load balancing
B.Auto-RP must be used to distribute the RP information to all routers
C.MSDP peering is required between the anycast RP routers to exchange active source information
D.MSDP is only required if the network uses Source-Specific Multicast (SSM)
E.IGMPv3 is needed on the last-hop routers to support SSM if used together with Anycast RP
AnswersA, C, E

The same IP is configured as RP on multiple routers; MSDP ensures consistency.

Why this answer

Options A, C, and E are correct. Option A: MSDP is used to exchange active source information between anycast RPs. Option C: Anycast RP provides load balancing and redundancy automatically.

Option E: Source-specific multicast (SSM) can be used with PIM-SM and Anycast RP if IGMPv3 is supported. Option B is wrong: Anycast RP works with both static and dynamic RP assignments, but Auto-RP is not required. Option D is wrong: MSDP is not needed for SSM because SSM uses (S,G) channels and does not rely on an RP.

35
MCQeasy

A network engineer is troubleshooting an OSPF issue in a service provider network. The network uses OSPFv2 with multiple areas. Routers in area 0 are able to ping each other, but routers in area 1 cannot reach routers in area 2. All routers are OSPF-enabled and have correct network type configurations. What is the most likely cause?

A.Missing or misconfigured ABRs between area 1 and area 0, or area 2 and area 0
B.Mismatched OSPF area IDs on routers in area 1 and area 2
C.Lack of BGP peering between ABRs
D.OSPF network type mismatch preventing adjacency formation
AnswerA

Inter-area routing must go through area 0; without proper ABRs, areas cannot exchange routes.

Why this answer

In OSPFv2, inter-area communication must traverse area 0 (the backbone). Routers in area 1 and area 2 can only reach each other if Area Border Routers (ABRs) exist between each non-backbone area and area 0, and those ABRs are correctly configured and have full adjacencies. Since area 0 routers can ping each other but area 1 and area 2 cannot, the most likely cause is a missing or misconfigured ABR on either side, preventing the exchange of Type 3 summary LSAs between the areas.

Exam trap

Cisco often tests the misconception that OSPF areas can communicate directly without the backbone, leading candidates to overlook the mandatory role of ABRs and area 0 in inter-area routing.

How to eliminate wrong answers

Option B is wrong because mismatched OSPF area IDs on routers within area 1 and area 2 would prevent them from forming adjacencies with each other, but the issue is about inter-area reachability, not intra-area connectivity; area IDs are locally significant per interface and do not need to match across different areas. Option C is wrong because BGP peering between ABRs is not required for OSPF inter-area routing; OSPF uses its own LSAs (Type 3) to propagate routes between areas, and BGP is a separate routing protocol typically used for external route exchange, not for OSPF inter-area connectivity. Option D is wrong because the question explicitly states that all routers have correct network type configurations, and a network type mismatch would prevent adjacency formation locally, not specifically cause a failure only between area 1 and area 2 while area 0 remains functional.

36
MCQhard

Refer to the exhibit. What is the significance of the entry with 'Pop Label'?

A.It indicates a merge operation
B.It indicates the penultimate hop popping (PHP)
C.It indicates the label is removed at this router
D.It indicates an error
AnswerB

PHP removes the label before sending to the egress.

Why this answer

The 'Pop Label' in the outgoing label column indicates that the router will pop the top label before forwarding (penultimate hop popping, PHP). This is typical for PHP in MPLS.

37
Multi-Selecthard

When configuring EVPN VPWS, which TWO parameters must match between the two endpoints of the pseudowire?

Select 2 answers
A.EVI (Ethernet VPN Instance)
B.Route-target
C.ESI (Ethernet Segment Identifier)
D.VLAN ID of the attachment circuit
E.IMET group address
AnswersA, C

The EVI must be identical on both PEs to associate the pseudowire with the same EVPN instance.

Why this answer

Options A and B are correct. EVI and ESI must match to form a pseudowire. Option C (IMET) is used for multicast but not for VPWS.

Option D is not required to match; VLAN IDs can differ. Option E (route-target) is used for route import/export but not mandatory for VPWS endpoint matching.

38
MCQhard

A network architect is designing a Segment Routing (SR) network for a service provider with a requirement for fast convergence upon node failure. The network uses IS-IS as the IGP with segment routing extensions. Which design choice BEST ensures that the network can achieve sub-50ms convergence without relying on any signaling protocol beyond the IGP?

A.Deploy BFD with static routes for fast detection
B.Configure RSVP-TE with Fast Reroute on all label-switched paths
C.Enable TI-LFA (Topology Independent Loop-Free Alternate) on all ISIS interfaces
D.Use LDP with LDP FRR and path protection
AnswerC

TI-LFA provides fast reroute without additional protocols, using SR-MPLS data plane.

Why this answer

Option A is correct because TI-LFA (Topology Independent Loop-Free Alternate) calculates backup paths based solely on IGP and does not require additional signaling. Option B is wrong because RSVP-TE requires TE tunnels and signaling. Option C is wrong because LDP is a separate signaling protocol.

Option D is wrong because BFD can be used for fast detection but does not provide a backup path itself; it must be combined with a protection mechanism.

39
MCQmedium

In an IS-IS segment routing network, after the global 'segment-routing mpls' configuration, which IS-IS configuration is mandatory for label allocation?

A.mpls label protocol sr
B.segment-routing mpls under router isis
C.prefix-sid under the loopback interface
D.is-type level-1-2
AnswerB

This command is required to enable segment routing label allocation within the IS-IS process.

Why this answer

Option C is correct because the 'segment-routing mpls' command must be enabled under the IS-IS router configuration to activate label allocation for segment routing. Option A is wrong because 'mpls label protocol sr' is not an IS-IS command; it is a global command. Option B is wrong because IS type does not affect segment routing directly.

Option D is wrong because prefix-SID under the interface is for specific prefix assignments, not for enabling label allocation globally.

40
MCQeasy

What is the purpose of the 'mpls ldp autoconfig' command on an interface?

A.Enable MPLS forwarding
B.Enable LDP on all interfaces
C.Disable LDP on the interface
D.Automatically configure LDP on the interface
AnswerD

This command enables LDP automatically on the interface.

Why this answer

The 'mpls ldp autoconfig' command enables LDP on the interface automatically when MPLS is configured globally. It does not enable on all interfaces, nor disable LDP or enable MPLS forwarding.

41
MCQmedium

In a carrier network using VRF-lite for customer isolation, which issue arises if route-target values are not correctly configured?

A.Customer routes are not installed in the global table.
B.BGP sessions between PEs flap.
C.The PE-CE routing protocol fails.
D.Customer routes leak into other VRFs.
AnswerD

Mismatched route-targets can cause unintended import/export, leading to route leakage between VRFs.

Why this answer

Option B is correct because incorrect route-target configuration can cause routes from one VRF to be imported into another VRF, leading to route leakage. Option A is wrong because routes would still be installed in the VRF, but they might leak. Option C is wrong because PE-CE routing protocols are independent of route-target.

Option D is wrong because BGP sessions between PEs are not directly affected by VRF route-targets.

42
MCQeasy

Which MPLS label is used to identify the egress PE in a Layer 3 MPLS VPN?

A.Transport label
B.VPN label
C.LDP label
D.IGP label
AnswerB

The VPN label is used by the egress PE to identify the correct VRF.

Why this answer

The VPN label is allocated by the egress PE and carried in MP-BGP updates to identify the egress PE. The transport label is for LSP, IGP label is not a standard term, and LDP label is for LDP.

43
MCQmedium

In a multicast environment, a PE router is not receiving multicast traffic from a source behind a CE. The PIM neighbors are established. The RP is reachable. What is the most likely issue?

A.The CE is not sending IGMP joins
B.The source address is not in the VRF
C.The PE does not have the multicast VRF enabled
D.The RP is not configured in the VRF
AnswerC

Without multicast VRF, the PE cannot forward multicast traffic in the VRF.

Why this answer

For MVPN, the PE must have multicast VRF (MVRF) enabled to forward multicast traffic. Without it, traffic is not accepted. Option A: IGMP joins are sent by hosts, not CE; Option C: source address in VRF is handled by MVRF; Option D: RP is configured per VRF, but if reachable, it's likely configured.

So B is correct.

44
MCQeasy

A service provider wants to provide Layer 3 VPN services to customers using MPLS. Which technology is used to distribute VPNv4 routes between PE routers?

A.MP-BGP
B.IS-IS
AnswerA

MP-BGP is the correct protocol for distributing VPNv4 routes.

Why this answer

MP-BGP is used to carry VPNv4 routes between PE routers. OSPF, EIGRP, and IS-IS are IGPs and do not carry VPNv4 routes.

45
Multi-Selecthard

Which three are benefits of using MPLS Layer 3 VPNs over traditional VPNs? (Choose three.)

Select 3 answers
A.Scalability
B.Support for multiple services
C.Lower cost
D.Reduced security
E.Simplified routing
AnswersA, B, E

MPLS L3VPNs can scale to thousands of VPNs.

Why this answer

MPLS L3VPNs offer scalability, simplified customer routing (no customer IGP), and support for multiple services (multicast, QoS). Cost is not necessarily lower, and security is not reduced.

46
MCQeasy

Based on the exhibit, which label operation will occur when a packet destined to 10.2.2.1 enters PE1 with label 17?

A.Forward with no label (Untagged)
B.Pop the label and forward as IP
C.Push label 17 onto the packet
D.Swap label 17 to label 18
AnswerD

The forwarding table shows outgoing label 18 for this prefix.

Why this answer

The correct answer is D because the exhibit shows an MPLS VPN scenario where PE1 receives a labeled packet destined for 10.2.2.1. The incoming label 17 corresponds to the VPNv4 route for 10.2.2.1/32, and the LFIB on PE1 indicates a swap operation to label 18, which is the transport label used to forward the packet across the MPLS core toward the next-hop PE.

Exam trap

Cisco often tests the distinction between label operations (push, swap, pop) in MPLS VPN scenarios, and the trap here is that candidates mistakenly think the incoming label is a VPN label that must be popped or pushed, rather than recognizing that the LFIB dictates a swap when the packet is transiting the MPLS core.

How to eliminate wrong answers

Option A is wrong because the packet arrives with an MPLS label (17), and in an MPLS VPN, the ingress PE must forward the packet with a label stack, not as an untagged packet. Option B is wrong because popping the label and forwarding as IP would only occur at the penultimate hop (PHP) or if the packet were destined to the PE itself, but here the destination is a remote VPN prefix. Option C is wrong because pushing label 17 would imply the packet arrived unlabeled, but the question states the packet enters with label 17 already present; pushing a new label 17 would be incorrect as the operation is a swap, not a push.

47
MCQeasy

A service provider is deploying Segment Routing in the MPLS core using IS-IS. Which extension is required in IS-IS to advertise the prefix-SID?

A.TLV 22 (Extended IS Reachability)
B.TLV 242 (Router Capability)
C.Sub-TLV 3 (Prefix-SID)
D.TLV 135 (Extended IP Reachability)
AnswerC

Sub-TLV 3 is used within TLV 135 or 242 to carry prefix-SID.

Why this answer

In IS-IS, the Prefix-SID is advertised using Sub-TLV 3, which is carried within TLV 135 (Extended IP Reachability). This sub-TLV contains the SID value and flags, enabling Segment Routing in the MPLS core. Without Sub-TLV 3, the prefix-SID cannot be signaled, making it the required extension.

Exam trap

Cisco often tests the distinction between the TLV that carries the prefix (TLV 135) and the sub-TLV that carries the SID (Sub-TLV 3), leading candidates to incorrectly select TLV 135 as the answer.

How to eliminate wrong answers

Option A is wrong because TLV 22 (Extended IS Reachability) is used to advertise IS-IS neighbor information and link attributes, not prefix-SIDs. Option B is wrong because TLV 242 (Router Capability) is used to advertise router capabilities such as SRGB or node-SID, but it does not carry prefix-SIDs. Option D is wrong because TLV 135 (Extended IP Reachability) carries the prefix itself, but the prefix-SID is advertised via Sub-TLV 3 within TLV 135, not by TLV 135 alone.

48
MCQhard

A large service provider operates a national MPLS backbone with over 200 P routers and 500 PE routers. They use IS-IS as the IGP with segment routing and have deployed TI-LFA for link and node protection. Recently, a core router (P1) suffered a complete failure, and during the failure, traffic for some prefixes was dropped for over 200ms. After the failure, the network recovered within seconds. The engineer suspects that TI-LFA did not provide the expected sub-50ms protection for some destinations. Further analysis reveals that the affected prefixes have their BGP next-hop on a router that is multiple hops away, and the P1 failure impacted both the primary path and the backup path computed by TI-LFA. The engineer reviews the TI-LFA configuration and finds that 'fast-reroute per-prefix ti-lfa' is enabled under router isis. The engineer also notes that P1 was not a protecting node for those prefixes. Which action should the engineer take to improve convergence time for these prefixes?

A.Configure TI-LFA on all interfaces using 'fast-reroute per-prefix ti-lfa interface'
B.Add the 'sr-protect' option under the fast-reroute configuration to enable node protection
C.Reduce the IGP timers and enable incremental SPF to accelerate convergence
D.Deploy LDP as a fallback label distribution protocol to provide additional backup paths
AnswerB

The 'sr-protect' option ensures that the node acts as a protecting node for transit traffic, providing node protection even if the node itself is the failure point.

Why this answer

Option B is correct because for TI-LFA to provide node protection, the 'sr-protect' option should be configured, which forces the node to attempt to provide protection even for traffic that transits through the node. Option A is wrong because interface-level TI-LFA would not help; the issue is node-level. Option C is wrong because increasing IGP timers may cause slower convergence.

Option D is wrong because there is no need for an additional LDP backup.

49
MCQmedium

A service provider is implementing MPLS TE to optimize bandwidth utilization. The engineer notices that tunnels are not using the explicitly configured path. What is the most likely reason?

A.The explicit path contains a link that is down
B.RSVP is not enabled on the headend
C.The tunnel destination is not reachable via IGP
D.The tunnel is configured with 'autoroute announce'
AnswerA

Causes path to be invalid, tunnel may use dynamic or stay down.

Why this answer

When an MPLS TE tunnel is configured with an explicit path, the headend router uses RSVP to signal the path and verify that all links in the path are operational. If any link in the explicit path is down, RSVP signaling fails for that path, and the tunnel may fall back to dynamic path computation or remain down, rather than using the explicitly configured path. This is the most common reason for a tunnel not using its explicit path.

Exam trap

Cisco often tests the misconception that 'autoroute announce' or IGP reachability issues cause path selection problems, when in fact the explicit path failure is due to a down link in the path itself, which is a fundamental RSVP signaling constraint.

How to eliminate wrong answers

Option B is wrong because if RSVP were not enabled on the headend, MPLS TE tunnels would not be able to signal at all, and the tunnel would not come up, not just fail to use an explicit path. Option C is wrong because the tunnel destination being unreachable via IGP would prevent the tunnel from establishing at all, but the question states tunnels are not using the explicit path, implying they may be using a dynamic path instead. Option D is wrong because 'autoroute announce' causes the headend to install the tunnel as a next-hop for IGP destinations, but it does not affect which path the tunnel itself uses; the tunnel path is determined by the explicit or dynamic path configuration.

50
MCQeasy

A service provider is deploying MPLS in its core network. The core routers are all configured with LDP. Which label operation does an ingress PE perform on the first packet of a new flow?

A.Push a new label onto the packet
B.Remove the label stack entirely
C.Pop the label (PHP)
D.Swap the incoming label for an outgoing label
AnswerA

The ingress PE pushes the label corresponding to the FEC for the destination.

Why this answer

The ingress PE pushes a new label onto the packet. Option B is correct because LDP assigns labels for each FEC, and the ingress PE pushes an outer label. Option A is wrong because swapping is done at transit LSRs.

Option C is wrong because PHP results in label removal at the penultimate hop. Option D is wrong because pop is the same as removal.

51
Multi-Selecteasy

In IS-IS, which TWO are types of Link State PDUs (LSPs)?

Select 2 answers
A.Partial Sequence Numbers PDU (PSNP)
B.Level 2 LSP
C.Hello LSP
D.Complete Sequence Numbers PDU (CSNP)
E.Level 1 LSP
AnswersB, E

Originated by Level 2 routers for inter-area reachability.

Why this answer

IS-IS has three LSP types: Level 1 LSP (by routers within an area), Level 2 LSP (by Level 2 routers), and Level 1-2 LSPs (by routers that are both). However, the standard types are Level 1 and Level 2. There is also a separate pseudonode LSP for broadcast networks, but it is not a different type number.

Options C, D, E are not actual LSP types in IS-IS.

52
MCQhard

In a carrier-supporting carrier (CSC) architecture, the customer carrier runs MPLS in its network. Which technology is used to exchange VPN routes between the provider carrier and the customer carrier?

B.MP-BGP with VPNv4 address family
D.IPv4 BGP
AnswerB

MP-BGP carries VPNv4 routes with labels.

Why this answer

MP-BGP with VPNv4 address family is used to exchange VPN routes between provider and customer carriers. IPv4 BGP does not carry VPN routes, OSPF and EIGRP are IGPs.

53
MCQeasy

A service provider is designing its core network to carry both IPv4 and IPv6 traffic. Which BGP approach best minimizes routing table size on core routers while maintaining full reachability?

A.Use iBGP with route reflectors
B.Use eBGP between all core routers
C.Use static routing for all prefixes
D.Rely on OSPF for external routes
AnswerA

Reduces BGP sessions and maintains full reachability efficiently.

Why this answer

Option C is correct because using an iBGP full mesh with route reflectors reduces the number of BGP sessions and allows efficient prefix propagation. Option A is wrong because eBGP between all core routers creates a full mesh with high session count and administrative overhead. Option B is wrong because static routing cannot scale for the full internet table.

Option D is wrong because OSPF is not designed to carry external BGP routes efficiently.

54
Multi-Selectmedium

Which THREE of the following are key components of an MPLS L3VPN architecture? (Choose three.)

Select 3 answers
A.RSVP-TE for traffic engineering
B.VRF on PE routers
C.LDP for label distribution in the core
D.P routers with full VPN routing tables
E.MP-BGP for VPNv4 route exchange
AnswersB, C, E

VRF provides per-VPN routing.

Why this answer

VRF (Virtual Routing and Forwarding) on PE routers is a key component because it isolates customer routing tables and forwarding planes within the provider edge, allowing multiple customers to share the same physical infrastructure while maintaining separate routing domains. Each VRF maintains its own routing table, CEF (Cisco Express Forwarding) table, and associated interfaces, which is fundamental to L3VPN separation.

Exam trap

Cisco often tests the misconception that P routers must hold VPN routing information, but in reality P routers only perform label switching and have no awareness of customer VPN prefixes.

55
MCQmedium

Refer to the exhibit. A network engineer configures a BGP route-map to set communities on routes advertised to a neighbor. After applying the configuration, the engineer checks the BGP table on the neighbor router and does not see the communities. What is the most likely reason?

A.The prefix-list does not match the exact prefix
B.The community values are not in the format 'AA:NN'
C.The neighbor is missing the 'send-community' command
D.The route-map needs to be applied inbound
AnswerC

Without 'send-community', communities are not advertised.

Why this answer

C is correct because BGP communities are not sent to a neighbor by default. Even if a route-map sets the community values correctly, the neighbor will not receive them unless the 'send-community' command is configured under the neighbor statement. This command enables the advertisement of the community attribute in BGP updates.

Exam trap

Cisco often tests the fact that BGP attributes like communities are not sent by default, and candidates mistakenly focus on route-map logic or prefix matching rather than the explicit neighbor command required to propagate the attribute.

How to eliminate wrong answers

Option A is wrong because the prefix-list is used to match routes for the route-map; if it does not match the exact prefix, the route-map would not apply, but the question states the route-map is configured and the engineer checks the BGP table on the neighbor—the issue is that communities are missing, not that the route is missing. Option B is wrong because while 'AA:NN' is the standard format for BGP communities, the route-map would still set the community value; if the format were incorrect, the router would typically reject the configuration or produce an error, not silently omit the community. Option D is wrong because the route-map is applied to outbound updates to set communities on routes advertised to the neighbor; applying it inbound would affect routes received from the neighbor, not the communities being sent.

56
MCQmedium

A service provider offers L3VPN services to multiple enterprise customers. One customer reports that they cannot reach some remote sites intermittently. The network uses MPLS L3VPN with MP-BGP for VPN route exchange. The PE routers are configured with route-target import and export. The customer's CE router is dual-homed to two different PEs in the same point of presence. The engineer checks the BGP table on both PEs and sees the customer routes with the correct route-target. However, pings from the CE to a remote site fail about 50% of the time, and the flapping pattern suggests load balancing issues. The engineer discovers that the remote site's network prefix is being advertised from both PEs with the same route-target but with different next-hops. The CE has equal-cost paths via both PEs. What is the most likely cause of the intermittent connectivity?

A.The route-target import on the remote PE is missing the customer's route-target.
B.The CE is performing per-packet load balancing across the two PEs, causing asymmetric routing.
C.The BGP timers are misconfigured, causing the session to flap.
D.The MTU on the CE-PE links is mismatched.
AnswerB

Per-packet load balancing can lead to packets being sent to different PEs, potentially exiting via different remote PEs and causing return packets to arrive out of order or be dropped due to stateful inspection.

Why this answer

Option C is correct because when a CE receives two equal-cost paths from two PEs, the CE may perform per-packet load balancing, which can cause out-of-order packets and asymmetric routing, leading to failures. Option A is wrong because BGP timers would cause immediate session drops, not 50% failure. Option B is wrong because MTU mismatch would cause consistent failures, not intermittent.

Option D is wrong because route-target mismatch would prevent routes from being learned, not cause intermittent connectivity.

57
Multi-Selecthard

An SP is migrating its core network to Segment Routing (SR-MPLS). The network uses IS-IS as the IGP with SR extensions. Which three statements about SR-MPLS architecture are correct?

Select 3 answers
A.The OSPF protocol cannot be used for SR-MPLS because it does not support SR extensions.
B.Adjacency SIDs are local to a router and indicate a specific link.
C.A prefix SID is a global label that identifies a specific prefix in the network.
D.The SRGB must be identical across all routers in the domain to ensure global uniqueness.
E.Segment IDs (SIDs) are allocated from the SRGB (Segment Routing Global Block) and advertised via IS-IS.
AnswersB, C, E

Correct. Adjacency SIDs are locally significant and represent a specific interface or link.

Why this answer

Segment IDs (SIDs) are allocated from the SRGB and advertised via IS-IS; a prefix SID is a global label identifying a specific prefix; adjacency SIDs are local to a router. The SRGB does not have to be identical across all routers, and OSPF also supports SR.

58
MCQhard

A network operator is deploying segment routing in an MPLS network. They want to use a centralized controller to compute paths based on traffic demand and network constraints. Which architecture is being used?

A.LDP-based MPLS
B.Segment Routing Traffic Engineering (SR-TE)
C.Segment Routing Path Computation Element (SR-PCE)
D.Segment Routing Best Effort (SR-BE)
AnswerC

SR-PCE is a centralized controller for path computation.

Why this answer

The scenario describes a centralized controller computing paths based on traffic demand and network constraints, which is the definition of a Path Computation Element (PCE) architecture. In Segment Routing, the SR-PCE (Segment Routing Path Computation Element) is the centralized controller that calculates optimal paths using traffic engineering constraints and then communicates the path information (via PCEP) to the headend router. This is distinct from distributed control plane approaches like LDP or SR-BE, and from SR-TE which is the overall traffic engineering mechanism but not the specific centralized controller architecture.

Exam trap

Cisco often tests the distinction between the overall traffic engineering mechanism (SR-TE) and the specific centralized controller architecture (SR-PCE), leading candidates to pick SR-TE when the question explicitly mentions a 'centralized controller' for path computation.

How to eliminate wrong answers

Option A is wrong because LDP-based MPLS is a distributed label distribution protocol that does not use a centralized controller for path computation; it relies on IGP shortest-path routing. Option B is wrong because Segment Routing Traffic Engineering (SR-TE) is the overall framework for steering traffic over explicit paths, but it does not inherently require a centralized controller; paths can be configured manually or via a PCE. Option D is wrong because Segment Routing Best Effort (SR-BE) uses IGP-computed shortest paths without any centralized controller or traffic engineering constraints.

59
MCQmedium

In Inter-AS MPLS Option B, which routers exchange labeled VPNv4 prefixes directly?

A.ASBR routers
B.PE routers
C.P routers
D.CE routers
E.Route reflectors
AnswerA

ASBRs exchange labeled VPNv4 prefixes via MP-eBGP in Option B.

Why this answer

In Option B, ASBRs are directly connected and exchange labeled VPNv4 prefixes via MP-eBGP. They do not require an MPLS LSP between them because they are directly connected. The labels are allocated by each ASBR and advertised to the other.

60
MCQeasy

When deploying IS-IS in a large service provider core, what is the recommended network type on Ethernet interfaces to improve scalability?

A.loopback
B.point-to-point
C.point-to-multipoint
D.non-broadcast
E.broadcast
AnswerB

Point-to-point avoids DIS election and simplifies flooding, enhancing scalability.

Why this answer

Setting IS-IS network type to point-to-point on Ethernet interfaces prevents the election of a designated intermediate system (DIS) and reduces LSP flooding overhead, improving scalability. Other options are less effective or incorrect.

61
MCQmedium

A service provider is implementing EVPN for its VPLS replacement. They have configured BGP EVPN on all PEs and have set up an EVPN instance for a customer requiring broadcast, unknown unicast, and multicast (BUM) traffic. The customer reports that broadcast traffic from one site is not being received at another site. The engineer checks the EVPN configuration and finds that the EVI is configured correctly, the route-target matches, and the BGP sessions are established. The engineer also checks the MAC address table on the receiving PE and sees that the source MAC of the broadcast frame is learned on the local interface, but not from the remote VTEP. The engineer suspects an issue with the IMET (Inclusive Multicast Ethernet Tag) route. Which action should the engineer take to verify the IMET route?

A.Use 'show evpn instance detail' to check the EVI configuration.
B.Check the BGP EVPN route table for IMET (route-type 3) routes using 'show bgp l2vpn evpn route-type 3'.
C.Use 'show bgp l2vpn evpn route-type 2' to verify MAC/IP routes.
D.Use 'show l2vpn vfi' to verify the VPLS forwarding instance.
AnswerB

IMET routes are route-type 3 in EVPN; checking their presence and reachability is essential for BUM traffic.

Why this answer

Option A is correct because the 'show bgp l2vpn evpn route-type 3' command displays IMET routes, which are needed for BUM traffic forwarding. Option B is wrong because route-type 2 is for MAC/IP advertisement. Option C is wrong because 'show evpn instance detail' shows local configuration but not remote routes.

Option D is wrong because 'show l2vpn vfi' is for VPLS, not EVPN.

62
MCQmedium

A service provider is troubleshooting an MPLS L3VPN where customers behind CE-A cannot reach CE-B. The PE routers are Cisco ASR 9000 series. On PE-A, the show cef vrf CUSTOMER prefix 10.1.1.0/24 command displays 'punt' as the forwarding path. What is the most likely cause?

A.The IP prefix is not resolved via an MPLS label in the LFIB
B.The MPLS MTU on the interface is too small
C.The VRF is missing the route-target import statement
D.The CE is not running OSPF with the PE
AnswerA

Punt indicates the CEF cannot find a label for the next hop; likely missing LDP adjacency.

Why this answer

Option C is correct because when VRF routes are punted to the CPU, it typically indicates that the label for the next hop is missing or that the FIB resolution failed, often due to missing MPLS label binding. Option A is wrong because BGP VPNv4 routes are not required for local VRF forwarding. Option B is wrong because MTU would cause drop, not punt.

Option D is wrong because CE-PE routing is usually static or BGP, not OSPF in most designs.

63
Matchingmedium

Match each MPLS protection mechanism to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Fast Reroute to bypass a failed link or node locally

End-to-end path protection for MPLS TE tunnels

Graceful restart for LDP to preserve forwarding during control plane restart

Prefix Independent Convergence for fast BGP failover

Fast Reroute for RSVP-TE tunnels using backup paths

Why these pairings

These are high-availability features in service provider MPLS networks.

64
MCQeasy

Refer to the exhibit. Which statement is true about this configuration?

A.LDP is manually configured
B.MPLS VPN is enabled
C.LDP is automatically enabled on the interface
D.MPLS forwarding is disabled
AnswerC

The autocfg command enables LDP automatically.

Why this answer

The command 'mpls ldp autocfg' enables LDP automatically on the interface. MPLS forwarding is enabled by 'mpls ip'. LDP is not manually configured, and MPLS VPN is not specifically enabled by these commands.

65
MCQmedium

A network engineer is troubleshooting QoS in a service provider environment. Customer traffic is marked with DSCP AF31 (011010) at the CE. On the PE router, the policy maps trust DSCP and sets the CoS to 4. However, core routers remark the DSCP to 0. What is the most likely cause?

A.A policer on the core router is marking down out-of-contract traffic
B.The core routers use LDP labels and ignore DSCP
C.The ingress PE did not set MPLS EXP bits
D.The MPLS EXP bits are not copied from DSCP
AnswerA

Policers can re-mark DSCP to 0 for excess traffic.

Why this answer

The core routers likely have a policy that marks down packets exceeding their contracted rate. Option D is correct because a policer could mark down the DSCP. Option A is wrong because MPLS EXP is separate from DSCP.

Option B is wrong because MPLS EXP is not involved. Option C is wrong because re-marking on core is not typical if configured correctly.

66
Multi-Selectmedium

Which TWO are benefits of using Segment Routing over LDP in a service provider core?

Select 2 answers
A.Reduces the number of labels in the control plane.
B.Label allocation is per-prefix, not per-interface.
C.Eliminates the need for IGP convergence for label distribution.
D.Simplifies MPLS TE tunnel configuration.
E.Supports TI-LFA for fast reroute with full topology protection.
AnswersB, E

SR assigns a single label per prefix independent of the outgoing interface, simplifying label management.

Why this answer

Options A and C are correct. SR supports TI-LFA for fast reroute, and native per-prefix label allocation. Option B is wrong because SR still requires IGP convergence for label distribution.

Option D is wrong because SR can be used with TE, but LDP also supports TE. Option E is wrong because SR may actually increase the number of labels due to SID stack.

67
MCQhard

Based on the exhibit, why is the route 10.10.10.0/24 from remote PE not installed in the VRF Customer-A on PE1?

A.The localpref is too low (100)
B.The VRF imports route-target 200:200, but the route has RT 100:100
C.The MPLS label allocation failed on the remote PE
D.The route distinguisher on the VRF (100:1) does not match the remote RD
AnswerB

Route-target import filter must match the route's RT for installation.

Why this answer

Option B is correct: The route has RT 100:100, but VRF Customer-A imports RT 200:200. Thus, the route is not imported. Option A is wrong because the localpref is 100, which is default and not an issue.

Option C is wrong because the RD mismatch is between VRFs, but RD does not affect import; RT does. Option D is wrong because label allocation is working fine (vpn-label:24000).

68
MCQmedium

An engineer is designing an MPLS L3VPN solution and must ensure that the provider edge (PE) routers can handle routing updates for multiple customers without interfering with each other. Which mechanism should be used on the PE routers?

A.Route distinguishers
B.Route reflectors
C.MPLS-TE
D.VRF-Lite
AnswerD

VRF-Lite creates separate routing tables for each customer.

Why this answer

VRF-Lite (Virtual Routing and Forwarding) is the correct mechanism because it allows a single PE router to maintain multiple separate routing tables (VRFs), each dedicated to a different customer. This ensures that routing updates for one customer are isolated from another, preventing interference. VRF-Lite achieves this without MPLS, using only IP forwarding and per-VRF routing instances.

Exam trap

Cisco often tests the distinction between VRF-Lite (which provides routing isolation without MPLS) and full MPLS L3VPN (which uses RDs and route targets for VPNv4 prefix uniqueness and distribution), leading candidates to mistakenly choose route distinguishers as the isolation mechanism.

How to eliminate wrong answers

Option A is wrong because route distinguishers (RDs) are used to make IPv4 prefixes unique across VRFs in an MPLS L3VPN, but they do not provide routing isolation; they are just a prefix-extension mechanism. Option B is wrong because route reflectors are used to scale BGP route distribution within an MPLS L3VPN core, not to isolate customer routing updates on the PE. Option C is wrong because MPLS-TE (Traffic Engineering) controls the path of MPLS LSPs for optimization, not the separation of customer routing tables.

69
MCQhard

A service provider is deploying Segment Routing over IPv6 (SRv6) and needs to ensure that the forwarding plane can support SRv6 encapsulated packets. Which hardware capability is most critical for SRv6 at the line rate?

A.MPLS label swap capability
B.VXLAN tunnel termination
C.IPv6 extension header processing
D.NAT64 translation support
AnswerC

SRv6 uses the SRH, an IPv6 extension header, requiring line-rate processing.

Why this answer

SRv6 (Segment Routing over IPv6) encapsulates packets with an IPv6 header containing a Segment Routing Header (SRH), which is a type of IPv6 extension header. For line-rate forwarding, the hardware must natively process IPv6 extension headers in the forwarding plane without punting to the CPU, as software processing would cause performance degradation. Option C is correct because this capability is the most critical for SRv6 at line rate.

Exam trap

Cisco often tests the misconception that SRv6 is MPLS-based, leading candidates to incorrectly select MPLS label swap capability, but SRv6 is an IPv6-native technology that relies on IPv6 extension header processing.

How to eliminate wrong answers

Option A is wrong because MPLS label swap capability is irrelevant to SRv6, which uses IPv6 encapsulation and the SRH, not MPLS labels; SRv6 does not rely on MPLS forwarding. Option B is wrong because VXLAN tunnel termination is a separate overlay technology for network virtualization and does not directly support SRv6's IPv6-based segment routing. Option D is wrong because NAT64 translation support is used for IPv6-to-IPv4 translation and has no role in SRv6 packet forwarding or segment processing.

70
MCQeasy

A service provider operates an MPLS-TE network using RSVP-TE with a full mesh of tunnels between core routers. The network uses OSPF as IGP with traffic engineering extensions. Recently, a new headend router PE-New was added and configured with several TE tunnels to remote destinations. However, some tunnels repeatedly go down after a few minutes and show in the 'down' state with the error 'Tunnel path option 0: no path to destination (TEDB lookup failed)'. The TE tunnels that remain up are those to destinations that are directly connected to the same OSPF area. The network has multiple OSPF areas (area 0, 1, 2) with inter-area routes redistributed. The operator suspects the issue is related to the TEDB (Traffic Engineering Database) not having complete information. Which action is MOST likely to resolve the issue?

A.Increase the tunnel hold-priority and setup-priority values
B.Add the remote loopbacks to OSPF using network statements in area 0
C.Change the IGP to IS-IS with wide metrics and enable MPLS-TE on all IS-IS levels
D.Configure static routes for the remote destinations on PE-New
AnswerC

IS-IS natively propagates TE information across all levels, ensuring TEDB completeness for inter-area tunnels.

Why this answer

Option D is correct: In multi-area OSPF, the TEDB is not flooded across area boundaries by default. To have TE information for inter-area destinations, IS-IS is preferred; but if OSPF is used, enabling 'flooding' of TE LSAs across areas requires configuring 'mpls traffic-eng inter-area' or similar (on Cisco IOS XR, the command is 'mpls traffic-eng inter-area [level-2]' but for OSPF, it's 'mpls traffic-eng area X' with redistribution; however, the simplest fix is to use a single area or IS-IS. Option A: Static routes do not provide TE information.

Option B: Adding IP routes does not populate the TEDB. Option C: Increasing hold-priority does not fix missing TEDB entries.

71
Drag & Dropmedium

Drag and drop the steps to configure EIGRP on a Cisco router into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

EIGRP configuration requires entering the EIGRP process, advertising networks, and optionally disabling auto-summary.

72
MCQmedium

A service provider is designing a core network with IS-IS as the IGP. To support MPLS traffic engineering, which IS-IS extensions are required?

A.IS-IS multi-topology (MT)
B.IS-IS TE extensions (RFC 5305)
C.IS-IS wide metrics
D.IS-IS L1/L2 routing
AnswerB

TE extensions advertise link bandwidth, admin-group, etc.

Why this answer

IS-IS TE extensions (as per RFC 5305) carry link attributes like bandwidth. Option B is correct. Option A is wrong because wide metrics are for scalability.

Option C is wrong because multi-topology is for multiple SPFs. Option D is wrong because L1/L2 routing is standard.

73
Multi-Selectmedium

Which TWO statements about EVPN Route Type 2 (MAC/IP advertisement) are correct?

Select 2 answers
A.It is used for MAC learning and ARP suppression
B.It advertises both MAC and IP addresses of hosts
C.It provides load balancing via aliasing
D.It includes the Ethernet Segment Identifier (ESI)
E.It is not used for host mobility
AnswersA, B

RT2 is used to populate MAC tables and suppress ARP.

Why this answer

EVPN Route Type 2 advertises MAC and IP addresses. Options A and C are correct. Option B is wrong because RT2 does not include ESI.

Option D is wrong because RT2 is not used for aliasing. Option E is wrong because it is used for host mobility.

74
MCQhard

Refer to the exhibit. The router is configured as a route reflector for VPNv4. What is the requirement for the route reflector to propagate VPNv4 routes received from a client to other clients?

A.The route reflector must filter routes based on route-target communities
B.The route reflector must use the same cluster ID for all clients
C.The route reflector must include the originator ID attribute to prevent loops
D.The route reflector must set the next-hop to itself for all reflected routes
AnswerC

The originator ID identifies the original advertiser; the route reflector must not modify it.

Why this answer

The route reflector must have the originator ID and cluster ID set appropriately to avoid loops. Option A is correct because the originator ID ensures that routes from different clients are reflected correctly. Option B is wrong because the route reflector does not modify next-hop by default.

Option C is wrong because the RT is used for import/export, not propagation. Option D is wrong because the cluster ID prevents loops, but the originator ID is required for proper reflection.

75
MCQmedium

Which protocol is used to exchange label binding information in a classic MPLS network without Segment Routing?

A.LDP
C.BGP
D.IS-IS
AnswerA

LDP is used for label distribution in classic MPLS.

Why this answer

LDP is the standard protocol for label distribution in classic MPLS. BGP can carry labels for inter-AS, but not primarily for IGP label binding. OSPF and IS-IS are IGPs.

Page 1 of 2 · 136 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Sp Architecture questions.