CCNA Sp Architecture Questions

61 of 136 questions · Page 2/2 · Sp Architecture topic · Answers revealed

76
Multi-Selectmedium

A service provider is designing a BGP-based network. Which TWO are characteristics of BGP within a service provider core?

Select 2 answers
A.IBGP sessions require a full mesh or route reflectors to avoid routing loops
B.BGP MED attribute is mandatory for all routes
C.BGP uses the AS path for loop prevention in iBGP
D.BGP route reflectors always modify the AS path
E.BGP relies on an IGP for next-hop reachability within the AS
AnswersA, E

iBGP does not advertise routes learned from another iBGP peer to prevent loops; thus full mesh or RR is needed.

Why this answer

In a service provider core, BGP typically uses IBGP full mesh or route reflectors, and integrates with IGP for next-hop reachability. BGP loop prevention via AS path is relevant for eBGP, not iBGP. MED is used for influencing inbound traffic, but it is an optional attribute.

Route reflectors are common.

77
MCQeasy

Which encapsulation technology is commonly used in service provider networks to separate subscriber traffic in an Ethernet aggregation network?

A.Q-in-Q (802.1ad)
B.VXLAN
C.802.1Q
D.MPLS
AnswerA

Double tagging separates subscriber from service VLAN.

Why this answer

Option B is correct because Q-in-Q (802.1ad) allows service providers to stack VLAN tags and separate subscriber traffic effectively. Option A is wrong because 802.1Q is a single VLAN tag. Option C is wrong because VXLAN is used in overlay networks, not typically in aggregation.

Option D is wrong because MPLS is not an encapsulation for Ethernet subscriber separation.

78
Multi-Selectmedium

Which two are requirements for deploying Segment Routing in a service provider network? (Choose two.)

Select 2 answers
A.TE tunnels must be configured
B.IGP supporting segment routing (OSPF or IS-IS)
C.LDP must be enabled
D.All routers must run BGP
E.MPLS forwarding
AnswersB, E

The IGP must support SR extensions.

Why this answer

Segment Routing requires MPLS forwarding and an IGP that supports segment routing (OSPF or IS-IS). LDP is not required, BGP is not required for core, and TE tunnels are not mandatory.

79
MCQmedium

An SP is deploying Inter-AS MPLS VPN option B. Which design characteristic is unique to Option B compared to Option A?

A.ASBRs exchange VPNv4 routes directly via MP-EBGP
B.Requires a full mesh of MP-IBGP sessions between all PEs
C.ASBRs maintain separate VRF for each VPN
D.Traffic is forwarded using IP, not MPLS
AnswerA

Option B uses MP-EBGP between ASBRs to exchange VPNv4 routes.

Why this answer

Option B uses VPNv4 exchange between ASBRs without VRF, while Option A uses VRF-to-VRF. Option D is correct. Option A is wrong because Option B does not require VRF on ASBR.

Option B is wrong because MPLS is required. Option C is wrong because full mesh is not required in Option B.

80
Multi-Selecteasy

A network engineer is designing a new MPLS core. Which three of the following are recommended best practices for MPLS LDP configuration? (Choose three.)

Select 3 answers
A.Use explicit null label for BGP prefixes
B.Set the LDP session holdtime to 180 seconds
C.Enable LDP authentication using MD5
D.Enable LDP on all core interfaces
E.Configure label filtering to limit label distribution
AnswersC, D, E

LDP authentication protects against spoofing and is a security best practice.

Why this answer

Enabling LDP on all core interfaces (A), configuring label filtering (C) for security, and enabling LDP authentication (D) are best practices. Explicit null (B) is not a default best practice; holdtime (E) is default 180 seconds and not a specific best practice.

81
MCQhard

In a Carrier Supporting Carrier (CSC) architecture, which condition is necessary for the customer carrier's BGP routes to be carried over the provider carrier's MPLS backbone?

A.The BGP next-hop on the customer carrier's routes must be reachable via IGP in the provider carrier.
B.The provider carrier's VRF must have the route-target matching the customer carrier's.
C.The provider carrier must be in the same AS as the customer carrier.
D.The customer carrier must use LDP for label distribution.
AnswerA

For the provider carrier to switch MPLS packets, the BGP next-hop must be reachable via the IGP and have a label binding.

Why this answer

Option D is correct because in CSC, the customer carrier's BGP next-hop must be reachable via the provider carrier's IGP for label switching to work. Option A is wrong because AS numbers can be different; the provider carrier treats the customer carrier as a VPN. Option B is wrong because LDP is used for label distribution in the customer carrier's network, but it's not a condition for the provider carrier.

Option C is wrong because the route-target is used for VPN route import/export, but CSC does not necessarily require a VRF on the provider carrier if using BGP-free core.

82
MCQmedium

A service provider is deploying EVPN-MPLS for L2VPN services. The customer requires that MAC addresses learned from one PE are not advertised to other PEs unless they are active. Which EVPN route type is used for MAC address withdrawal?

A.Route Type 5: IP Prefix
B.Route Type 1: Ethernet Auto-Discovery (A-D)
C.Route Type 2: MAC/IP Advertisement
D.Route Type 3: Inclusive Multicast Ethernet Tag
AnswerC

MAC addresses are advertised in Type 2 routes; withdrawal is done by withdrawing the route.

Why this answer

Option C is correct because EVPN Route Type 2 (MAC/IP Advertisement) carries both MAC addresses and their associated IP addresses, and it supports a 'sticky' or 'withdraw' mechanism via the BGP Withdraw message. When a MAC address becomes inactive on a PE, the PE sends a BGP Withdraw for the specific Route Type 2 route, effectively removing that MAC from the control plane of other PEs. This ensures that only active MAC addresses are advertised, meeting the customer requirement.

Exam trap

Cisco often tests the distinction between Route Type 2 for individual MAC withdrawal and Route Type 1 for mass Ethernet segment withdrawal, leading candidates to confuse the two when the question specifies 'MAC addresses learned from one PE' rather than a segment-level failure.

How to eliminate wrong answers

Option A is wrong because Route Type 5 (IP Prefix) is used for inter-subnet forwarding (EVPN-VPN) to advertise IP prefixes, not for MAC address withdrawal. Option B is wrong because Route Type 1 (Ethernet Auto-Discovery) is used for mass withdrawal of all MAC addresses associated with an Ethernet segment (e.g., during link failure) or for aliasing/backup paths, not for individual MAC address withdrawal. Option D is wrong because Route Type 3 (Inclusive Multicast Ethernet Tag) is used to advertise multicast tunnel endpoints for BUM traffic, not for MAC address withdrawal.

83
Multi-Selectmedium

A service provider is troubleshooting an L2VPN where a CE is unable to ping the remote CE. The PE-CE interfaces are up, and the pseudowire status shows 'up'. Which two actions should be taken to further isolate the issue? (Choose two.)

Select 2 answers
A.Check the MAC address table on the CE
B.Check the LDP session between PEs
C.Verify the VFI configuration on the PE
D.Verify the VC ID match on both PEs
E.Verify the MTU consistency on the pseudowire
AnswersD, E

Mismatched VC IDs can cause traffic to be dropped despite pseudowire being up.

Why this answer

VC ID mismatch (A) and MTU inconsistency (C) are common causes when pseudowire is up but traffic fails. LDP session (B) is already up because pseudowire is up. MAC address table (D) is not relevant for point-to-point L2VPN.

VFI (E) is for VPLS, not point-to-point.

84
MCQmedium

In Segment Routing, what is the role of the 'Prefix-SID'?

A.It identifies a specific adjacency
B.It is used for service chaining
C.It identifies a prefix in the IGP
D.It identifies a prefix in the IGP
AnswerD

Prefix-SID is assigned to a prefix and is globally unique.

Why this answer

The Prefix-SID is globally unique and identifies a prefix in the IGP. It is used for shortest path forwarding. Adjacency-SID identifies a link, service chaining uses other SIDs, and VPN label is separate.

85
MCQmedium

A customer reports that CE routers attached to PE1 and PE2 in the same VRF cannot ping each other. Based on the exhibit, what is the most likely cause?

A.Missing address-family ipv4 for BGP neighbor
B.LDP is not enabled on the core interfaces between PE1 and PE2
C.Mismatched route distinguisher (RD) values on PE1 and PE2
D.Route target (RT) import/export mismatch
AnswerB

LDP is required to distribute labels for BGP next-hop reachability; without it, MPLS forwarding fails.

Why this answer

B is correct because LDP must be enabled on the core interfaces between PE1 and PE2 to establish LDP sessions, which are required to exchange MPLS labels for the transport LSP. Without LDP, the MPLS forwarding path between the PEs is broken, preventing CE-to-CE ping even if BGP VPNv4 routes are correctly advertised.

Exam trap

Cisco often tests the distinction between control-plane issues (BGP VPNv4, RT, RD) and data-plane issues (LDP, MPLS forwarding), leading candidates to focus on route advertisement problems when the actual fault is at the MPLS transport layer.

How to eliminate wrong answers

Option A is wrong because the address-family ipv4 for BGP neighbor is not required for MPLS VPN; the VPNv4 address-family is used for PE-to-PE BGP sessions to exchange VPN routes. Option C is wrong because route distinguisher (RD) values can be different on PE1 and PE2; RD only needs to be unique per VRF within a single PE to maintain route uniqueness, not matched between PEs. Option D is wrong because an RT import/export mismatch would cause routes not to be imported into the VRF, but the question states the CE routers are in the same VRF and cannot ping each other, implying the VRF configuration is correct; the issue is at the MPLS transport layer.

86
MCQeasy

A service provider is designing a Layer 3 MPLS VPN for a customer with two sites. The customer requires fast convergence in case of a PE-CE link failure. Which routing protocol should be used between PE and CE to achieve the fastest convergence?

A.Static routing with object tracking
B.IS-IS with SPF tuning
D.EBGP with BFD
E.OSPF with fast hello timers
AnswerD

BFD provides sub-second failure detection independent of routing protocol, enabling fast convergence.

Why this answer

EBGP with BFD provides sub-second failure detection due to hardware-based BFD, which is faster than any routing protocol's hello timers. OSPF with fast hello can achieve sub-second detection but is not as reliable as BFD. EIGRP has fast convergence but is proprietary.

Static routing with object tracking requires additional configuration and is slower. IS-IS with SPF tuning does not address failure detection speed directly.

87
Multi-Selecthard

Which TWO statements about MPLS label operations in a service provider core are correct? (Choose two.)

Select 2 answers
A.The ingress router pushes a label stack onto the IP packet
B.The egress router receives an MPLS packet with two labels by default
C.The penultimate hop performs label swap for the top label
D.The penultimate hop pops the top label before forwarding to the egress router
E.The penultimate hop is disabled by default in MPLS networks
AnswersA, D

Ingress pushes the label stack to encapsulate the packet.

Why this answer

Option A is correct because the ingress router (LER) in an MPLS network performs a push operation, adding a label stack (typically one or more labels) onto the incoming IP packet. This label stack is used to direct the packet along a Label Switched Path (LSP) through the core, enabling MPLS forwarding based on labels rather than IP routing.

Exam trap

Cisco often tests the misconception that the penultimate hop performs a label swap, when in fact it performs a pop (PHP) by default, and that the egress router always receives two labels, which is only true in specific scenarios like MPLS VPNs with a transport label and a VPN label.

88
MCQhard

An SP is migrating from an MPLS LDP-based network to Segment Routing. They want to ensure that existing LDP LSPs continue to work alongside SR LSPs during the migration. Which mechanism should be configured?

A.SRGB
B.BGP-LU
C.LDP-SR interworking
D.MPLS TE
AnswerC

This enables coexistence of LDP and SR LSPs.

Why this answer

LDP-SR interworking allows both label distribution methods to coexist. SRGB is for SR label range, MPLS TE is for traffic engineering, and BGP-LU is for inter-AS labels.

89
MCQmedium

A service provider is experiencing suboptimal routing due to BGP route reflection. To improve path selection while maintaining IBGP scalability, which feature should be implemented?

A.BGP deterministic med
B.BGP next-hop-self
C.BGP optimal route reflection (ORR)
D.BGP add-path
AnswerC

ORR enables route reflectors to select the best path based on the client's IGP metric.

Why this answer

BGP optimal route reflection (ORR) allows the route reflector to select the best path based on the client's IGP distance, improving path selection. Option B (add-path) advertises multiple paths but doesn't select best path; Option C (deterministic med) affects MED comparison but is not specific to RR; Option D (next-hop-self) is for next-hop resolution. Thus A is correct.

90
Multi-Selecthard

An engineer is configuring LDP in an MPLS network. Which THREE are valid label distribution modes for LDP?

Select 3 answers
A.Downstream on Demand with Independent Label Distribution Control
B.Downstream Unsolicited with Conservative Label Retention
C.Downstream Unsolicited with Liberal Label Retention
D.Downstream Unsolicited with Ordered Label Distribution Control
E.Downstream on Demand with Liberal Label Retention
AnswersA, B, C

This is a valid combination.

Why this answer

LDP has two label distribution modes: DoD (Downstream-on-Demand) and DU (Downstream Unsolicited). DU can be either liberal or conservative label retention. Control mode can be ordered or independent.

The combination of distribution and retention/control defines the mode. Classic modes: DU liberal (default), DU conservative, DoD ordered, DoD independent. Options C, D, E are not valid combinations.

91
MCQhard

A large ISP is designing a multicast architecture to support IPTV, requiring high availability and minimal traffic convergence. Which RP placement design is most appropriate?

A.Single static RP placed on the core router
B.Auto-RP with one RP mapping agent
C.Anycast-RP with multiple RPs sharing same IP
D.BSR with one candidate RP
AnswerC

Provides load balancing and fast failover.

Why this answer

Option D is correct because Anycast-RP provides load sharing and fast failover without RP reconfiguration. Option A is wrong because a single static RP creates a single point of failure. Option B is wrong because Auto-RP relies on a single RP and has convergence delays.

Option C is wrong because BSR also has a single RP and slower convergence.

92
MCQhard

A service provider is implementing EVPN with MPLS data plane. Which encapsulation type is used in MPLS EVPN to carry Ethernet frames across the MPLS network?

A.Ethernet over MPLS (EoMPLS) with VLAN encapsulation
B.MPLS label stack with a control word for Ethernet frames
C.EVPN encapsulation defined by IETF RFC 7432
D.IP/MPLS tunnel with Ethernet frame inside
AnswerB

The control word is used to preserve the Ethernet frame integrity.

Why this answer

EVPN over MPLS uses the MPLS label encapsulation with a control word. Option C is correct. Option A is wrong because Ethernet VLAN tagging is part of the frame.

Option B is wrong because IP tunneling is used in EVPN with IP encapsulation. Option D is wrong because EVPN itself is the control plane.

93
Multi-Selecteasy

Which TWO are functions of the MPLS data plane?

Select 2 answers
A.Label push at ingress LSR
B.Label distribution via LDP
C.Label swap at transit LSR
D.Metric calculation for routing
E.Route exchange via BGP
AnswersA, C

Pushing a label is a data plane operation.

Why this answer

Label push, swap, pop are data plane operations. Options A and C are correct. Option B is wrong because LDP is control plane.

Option D is wrong because metric calculation is IGP. Option E is wrong because BGP is control plane.

94
Multi-Selectmedium

Which THREE are benefits of implementing MPLS-TE in a service provider core?

Select 3 answers
A.Reduction in BGP routing table size
B.Ability to guarantee bandwidth for specific traffic flows
C.Load balancing across multiple paths
D.Fast restoration using Fast Reroute (FRR)
E.Native support for multicast
AnswersB, C, D

TE tunnels can be provisioned with bandwidth reservations.

Why this answer

Options A, B, and C are correct. MPLS-TE allows bandwidth guarantees, fast restoration via FRR, and load balancing. Option D is wrong because it does not reduce BGP routes; BGP routes are independent.

Option E is wrong because MPLS-TE is not typically used for multicast.

95
MCQeasy

A service provider needs to offer L3VPN services to multiple customers, each with overlapping IP addresses. The provider plans to use MPLS VPNs with VRFs. Which statement is TRUE regarding the configuration of VRFs on the PE routers?

A.The VRF must run OSPF to exchange routes with the CE router
B.Route targets (RTs) are used to control the import and export of VPNv4 routes between VRFs
C.MPLS labels are assigned per prefix inside a VRF by manual configuration
D.Each VRF must have a unique route distinguisher across the entire provider network
AnswerB

RTs determine which VRFs receive which routes, allowing overlapping addresses.

Why this answer

Option D is correct because route targets (RTs) are used to control the import/export of VPNv4 routes between PE routers, ensuring proper segregation and connectivity. Option A is wrong because RD must match within a VPN to avoid route ambiguity, but it can differ if RTs are properly configured; however, the question asks for TRUE statement. Option B is wrong because MPLS label allocation per VRF is automatic.

Option C is wrong because OSPF is not required; any IGP or BGP can be used.

96
Matchingmedium

Match each MPLS VPN technology to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Uses BGP to distribute VPN routes between PE routers

Emulates Layer 2 services like Ethernet or ATM over MPLS

Multipoint Layer 2 VPN that simulates an Ethernet LAN

Point-to-point Layer 2 VPN providing pseudowire connectivity

Multicast VPN that supports IP multicast over MPLS

Why these pairings

These are key MPLS VPN service types in service provider networks.

97
Multi-Selectmedium

Which TWO of the following are advantages of segment routing over traditional LDP-based MPLS? (Choose two.)

Select 2 answers
A.Reduces the number of BGP peers required
B.Eliminates the need for the LDP protocol
C.Requires RSVP-TE for traffic engineering
D.Provides source routing capability
E.Eliminates the need for IGP
AnswersB, D

SR uses IGP extensions instead of LDP.

Why this answer

Option B is correct because segment routing (SR-MPLS) eliminates the need for the LDP protocol by encoding MPLS labels directly in the IGP (e.g., OSPF or IS-IS) using extensions like RFC 8665 and RFC 8667. This simplifies the control plane by removing an entire protocol (LDP) and its associated state, reducing operational complexity and convergence time.

Exam trap

Cisco often tests the misconception that segment routing eliminates the IGP entirely, but in reality, SR relies on the IGP to distribute SIDs, so the IGP is still required.

98
MCQmedium

A customer is experiencing intermittent packet loss in an MPLS L3VPN network. The PE routers show no errors on interfaces. Which tool can help isolate the issue by showing the complete path a packet takes through the MPLS network?

A.Traceroute
B.Ping
C.MPLS traceroute
D.MPLS ping
AnswerC

MPLS traceroute displays the label stack at each hop along the LSP.

Why this answer

MPLS traceroute shows the entire LSP path including labels at each hop. Traceroute does not show MPLS labels, MPLS ping tests connectivity but not detailed path, and ping only tests end-to-end.

99
MCQhard

A service provider is deploying Segment Routing Traffic Engineering (SR-TE) with a Path Computation Element (PCE). The PCE fails to compute a path for an SR-TE policy configured with constraint 'avoid nodes in affinity red'. The core network has red affinity assigned to several nodes. Which is the most likely cause?

A.The PCE does not have the updated link-state database with the affinity attributes
B.The headend router does not have the SR-TE policy configured with the correct path
C.The PCE is not reachable from the headend router
D.The SR-TE policy is configured with a strict explicit path that conflicts with the constraint
E.The red affinity is not properly configured in the network
AnswerA

PCE needs current IGP database to honor constraints; if not updated, it cannot compute paths with avoid conditions.

Why this answer

The most likely cause is that the PCE does not have the updated link-state database reflecting the affinities, so it cannot enforce the constraint. Other options: The PCE might be unable to compute due to other reasons, but affinity mismatches are common. SR-TE policy on the headend does not require explicit paths; it relies on the PCE.

Label imposition is not affected by PCE failure. Red affinity should be configured correctly.

100
MCQeasy

An SP has configured MPLS TE tunnels for traffic engineering. To verify the status of the TE tunnels, which command provides the most relevant information?

A.show mpls forwarding-table
B.show mpls ldp tunnels
C.show mpls traffic-eng tunnels brief
D.show ip rsvp reservation
AnswerC

This command summarizes TE tunnel states and is the primary verification tool.

Why this answer

Option A is correct because 'show mpls traffic-eng tunnels brief' displays the status, state, and role of all TE tunnels. Option B is wrong because 'show mpls ldp tunnels' shows LDP tunnel statistics, not TE tunnels. Option C is wrong because 'show ip rsvp reservation' shows RSVP reservations, which are used by TE but do not list tunnels.

Option D is wrong because 'show mpls forwarding-table' shows the LFIB, not TE tunnel status.

101
MCQhard

In Segment Routing over IPv6 (SRv6), what is the function of the SRH (Segment Routing Header)?

A.It replaces the IPv6 header to reduce overhead
B.It contains the segment list (ordered list of SIDs)
C.It provides OAM capabilities for path monitoring
D.It uses the IPv6 flow label to encode the path
AnswerB

SRH contains a list of SIDs that define the forwarding path.

Why this answer

SRH carries a list of segment IDs (SIDs) that define the path. Option D is correct. Option A is wrong because SRH does not replace the IPv6 header.

Option B is wrong because OAM is separate. Option C is wrong because the flow label is not used for segment list.

102
MCQeasy

An SP is managing a large MPLS network and needs to verify the MPLS forwarding entries for a specific VRF. Which command provides the most complete information for the VRF?

A.show ip cef vrf <name>
B.show mpls forwarding-table vrf <name>
C.show mpls vrf <name>
D.show bgp vpnv4 unicast all labels
AnswerB

Shows the complete LFIB for the VRF with inbound and outbound labels.

Why this answer

Option D is correct because 'show mpls forwarding-table vrf <name>' displays the label forwarding table for the VRF, including inbound and outbound labels. Option A is wrong because 'show ip cef vrf' shows CEF table, not MPLS labels. Option B is wrong because 'show bgp vpnv4 unicast all labels' shows BGP label bindings, not the forwarding table.

Option C is wrong because 'show mpls vrf' is not a valid command.

103
Multi-Selecthard

Which TWO are essential components for deploying EVPN in a service provider network?

Select 2 answers
A.Overlay tunnel encapsulation such as VXLAN or MPLS
B.OSPF as the underlay routing protocol
C.BGP for MAC/VPN route advertisement
D.PIM-SM for multicast replication
E.RSVP-TE for path computation
AnswersA, C

EVPN requires an overlay for traffic forwarding.

Why this answer

Options B and E are correct. EVPN uses an overlay tunnel (VXLAN/MPLS) and BGP as control plane. Option A is wrong because OSPF is not used.

Option C is wrong because RSVP-TE is not required. Option D is wrong because PIM is for multicast, but EVPN can use other mechanisms.

104
MCQhard

An SP is using NETCONF with YANG to automate VRF provisioning. The engineer notices that the NETCONF session is established but configuration changes are not applied. Which issue is most likely?

A.The YANG model does not support the target configuration datastore
B.The NETCONF capability :candidate is not advertised
C.The device does not support :url capability
D.The user does not have write access to the candidate datastore
AnswerB

If :candidate is not advertised, the device does not support candidate datastore, and edit-config with candidate fails.

Why this answer

If the device does not advertise the :candidate capability, edit-config operations that use the candidate datastore will fail. Option A: YANG model support might be an issue but less likely if session established; Option B: write access is typically based on user permissions; Option D: :url capability is optional for loading configs. Thus C is correct.

105
Multi-Selectmedium

Which TWO of the following are characteristics of MPLS L3VPN architecture? (Choose two.)

Select 2 answers
A.All traffic is forwarded using MPLS label switching only
B.Each customer has a separate VRF on the PE router
C.LDP is required for label distribution in the core
D.The P routers maintain a full routing table for each VPN
E.Customer IP prefixes are exchanged using MP-BGP VPNv4 updates
AnswersB, E

VRF is essential for L3VPN isolation.

Why this answer

Option B is correct because in MPLS L3VPN, each customer is assigned a separate Virtual Routing and Forwarding (VRF) instance on the Provider Edge (PE) router. This VRF maintains a unique routing table and forwarding table per customer, ensuring complete isolation between different VPN customers on the same PE.

Exam trap

Cisco often tests the misconception that LDP is mandatory for MPLS L3VPN, but in reality, any label distribution protocol (LDP, RSVP-TE, or SR-MPLS) can be used in the core.

106
MCQeasy

An engineer is configuring QoS on a service provider edge router to prioritize real-time traffic. Which queuing mechanism provides the lowest latency and jitter for voice traffic?

A.FIFO
B.CBWFQ
C.WRED
D.LLQ
AnswerD

LLQ combines strict priority queue with CBWFQ for real-time traffic.

Why this answer

LLQ (Low Latency Queuing) is the correct choice because it combines a strict priority queue with CBWFQ, ensuring that voice traffic is always served before any other queue. This strict priority scheduling minimizes both latency and jitter for real-time traffic, which is critical for voice quality.

Exam trap

Cisco often tests the distinction between queuing mechanisms and congestion avoidance, so candidates may mistakenly choose WRED (a drop mechanism) or CBWFQ (which lacks strict priority) instead of LLQ for real-time traffic.

How to eliminate wrong answers

Option A is wrong because FIFO (First In, First Out) provides no traffic differentiation or priority, so voice packets can be delayed by large data packets, increasing latency and jitter. Option B is wrong because CBWFQ (Class-Based Weighted Fair Queuing) assigns bandwidth weights to classes but does not include a strict priority queue, so voice traffic may still experience queuing delays. Option C is wrong because WRED (Weighted Random Early Detection) is a congestion avoidance mechanism that drops packets to prevent tail drops, not a queuing mechanism, and it does not provide low latency or jitter for voice traffic.

107
MCQmedium

A service provider is troubleshooting BGP route selection for prefixes received from two different peers. The first peer prepends its AS path twice, making it longer than the second peer's path. However, the router still prefers the route with the longer AS path. Which additional attribute could cause this behavior?

A.The route has a lower MED
B.The route has a higher weight
C.The route has a lower origin type
D.The route has a higher local preference
E.The route has a lower neighbor router ID
AnswerD

Local preference is the first criterion in BGP path selection; a higher value will be chosen regardless of AS path length.

Why this answer

In BGP, the path with higher local preference is preferred regardless of AS path length. If both have same local preference, then shortest AS path wins. Here, the longer AS path is preferred, meaning the local preference must be higher on that route.

Weight is Cisco-proprietary and local to the router; if set, it can override local preference. MED is compared only if paths come from the same AS. Origin type is compared after AS path.

Community affects but does not directly override AS path length.

108
MCQeasy

An SP network uses NTP for synchronization. To secure NTP, which authentication mode should be used?

A.NTPv4 autokey
B.NTPv3 symmetric key
C.NTPv4 with SHA-1
D.NTPv4 with MD5
AnswerA

NTPv4 autokey provides strong cryptographic authentication.

Why this answer

NTPv4 autokey provides cryptographic authentication and is recommended. Option A: NTPv3 symmetric key is less secure; Option C: MD5 is outdated; Option D: SHA-1 is not standard for NTP. Thus B is correct.

109
MCQeasy

In an MPLS VPN environment, which address family is used to exchange VPNv4 routes between PE routers?

A.Route-target (RT)
B.IPv4 unicast
C.VPNv6 unicast
D.VPNv4 unicast
AnswerD

VPNv4 carries both IPv4 prefixes and route distinguishers.

Why this answer

BGP address family VPNv4 (AF 128) is used to carry IPv4 VPN routes between PEs. Option B is correct. Option A is wrong because IPv4 unicast is for global routes.

Option C is wrong because VPNv6 is for IPv6. Option D is wrong because RT is a community attribute, not an address family.

110
MCQhard

A service provider is building a new network slicing architecture to offer differentiated services to enterprise customers. The architecture uses SRv6 with network slices identified by slice IDs embedded in the SRv6 SID. The underlay is an IP network with ISIS. Each slice will have dedicated resources in the core, including guaranteed bandwidth and low latency. The plan is to use the SRv6 network programming concept to steer traffic into different slices. The provider wants to ensure that slice isolation is maintained end-to-end, including at the egress PE where traffic is handed off to the customer. However, during testing, they observe that traffic from one slice is incorrectly entering another slice's queue on an intermediate node, causing performance interference. The intermediate node is a transit router that does not terminate SRv6 but performs 'SID-based forwarding'. Which mechanism is most likely missing to ensure slice isolation on transit nodes?

A.The transit nodes are not configured to enforce per-slice QoS policies based on the slice ID in the SID.
B.The SRv6 SID does not carry the slice ID; it only carries the locator.
C.The egress PE is misconfigured to strip the slice ID before forwarding.
D.The ingress PE is not setting the slice ID correctly.
AnswerA

Correct. Transit nodes need to recognize the slice ID and apply appropriate queuing; otherwise, slices compete for resources.

Why this answer

Transit nodes must have per-slice QoS policies that map the slice ID (carried in the SID) to dedicated queue resources. Without such policies, all traffic may be mapped to a default queue, breaking isolation. The SID can indeed carry the slice ID; egress PE stripping or ingress PE misconfiguration would affect other nodes, not specifically transit.

111
MCQeasy

A network engineer is configuring MPLS LDP on a new router. After enabling LDP globally and on the interface, the LDP session does not establish. The IGP (OSPF) is fully operational. What should the engineer verify first?

A.The LDP password matches.
B.The router-id is a loopback.
C.The IGP metric is set.
D.The interface has 'mpls ip' enabled.
AnswerD

This is the most basic verification; if MPLS is not enabled on the interface, LDP will not form.

Why this answer

Option A is correct because the most basic check is whether the interface has 'mpls ip' enabled. Option B is wrong because LDP router-id can be any reachable IP, not necessarily a loopback. Option C is wrong because password mismatch would cause authentication failure, but the session might still attempt to establish.

Option D is wrong because IGP metric does not affect LDP session establishment.

112
MCQhard

A network engineer needs to design a multicast solution for IPTV distribution across a service provider network. Which protocol is best suited for building a shared distribution tree where the RP is dynamically elected?

A.PIM-DM
B.PIM-SM with Auto-RP
C.MSDP
D.PIM-SM with BSR
AnswerD

BSR provides dynamic RP election in a standards-based way.

Why this answer

PIM-SM with BSR (Bootstrap Router) is the correct choice because it provides a dynamic, automated mechanism for electing an RP (Rendezvous Point) within a PIM-SM domain. BSR uses a distributed election process where candidate BSRs exchange bootstrap messages to elect a single BSR, which then collects candidate-RP advertisements and distributes the RP-set to all routers, enabling shared distribution trees without manual RP configuration.

Exam trap

Cisco often tests the distinction between Auto-RP and BSR, where candidates mistakenly think Auto-RP dynamically elects the RP, but Auto-RP only advertises RP information from a statically configured RP or mapping agent, whereas BSR provides true dynamic RP election through a distributed bootstrap process.

How to eliminate wrong answers

Option A is wrong because PIM-DM (Dense Mode) uses a flood-and-prune approach to build source-based trees, not shared trees, and does not involve an RP or dynamic RP election. Option B is wrong because PIM-SM with Auto-RP uses a separate, statically configured RP (or a mapping agent) to advertise RP information, but it does not dynamically elect the RP itself; Auto-RP relies on a designated RP or a mapping agent, which is not a fully dynamic election mechanism like BSR. Option C is wrong because MSDP (Multicast Source Discovery Protocol) is used to interconnect multiple PIM-SM domains by sharing active source information between RPs, not for building a shared distribution tree or dynamically electing an RP within a single domain.

113
MCQmedium

An engineer notices that an MPLS LSP in the core is not establishing. Which troubleshooting step should be performed first?

A.Verify LDP neighbor adjacency
B.Ping the far-end loopback interface
C.Check BGP IPv4 unicast neighbors
D.Check OSPF neighbor adjacency on all links
AnswerA

LDP adjacency is essential for label exchange and LSP building.

Why this answer

Option B is correct because verifying LDP adjacency is the first step in troubleshooting MPLS LSP establishment. Option A is wrong because checking BGP is not directly relevant to MPLS LSP establishment. Option C is wrong because pinging the far-end loopback tests reachability but not LSP establishment.

Option D is wrong because checking OSPF neighbor adjacency is not specific to MPLS.

114
Drag & Dropmedium

Drag and drop the steps to configure OSPF on a Cisco IOS router into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

OSPF configuration requires entering global config mode, enabling the OSPF process, and then advertising networks under the OSPF process.

115
MCQeasy

Which QoS mechanism is most effective for preventing congestion on a service provider edge link when traffic exceeds the link capacity?

A.Priority queuing
B.Traffic policing
C.Traffic shaping
D.WRED
AnswerC

Shapes traffic to avoid line-rate bursts and drops.

Why this answer

Option D is correct because shaping buffers traffic at the edge to prevent drops. Option A is wrong because priority queuing starves other traffic. Option B is wrong because WRED drops packets before congestion, but shaping is better for link capacity.

Option C is wrong because policing drops excess traffic, which may be undesirable.

116
MCQeasy

Refer to the exhibit. This JSON policy is used for Segment Routing Traffic Engineering. What is the purpose of the 'color' attribute?

A.It sets the metric type for the path calculation
B.It defines the preference value for the candidate path
C.It identifies a specific SR-TE policy to be used for traffic steering
D.It specifies the link affinity constraint for the path
AnswerC

Color is used to match traffic via color-based forwarding.

Why this answer

The color attribute distinguishes between multiple paths to the same destination. Option B is correct. Option A is wrong because preference is separate.

Option C is wrong because affinity constraints are under constraints. Option D is wrong because color does not set metric type.

117
MCQhard

A service provider is deploying Segment Routing Traffic Engineering (SR-TE) to optimize traffic flows. Which mechanism is used to steer traffic into an SR-TE policy?

A.RSVP-TE tunnel interface
B.Color extended community on BGP routes
C.BGP prefix-independent convergence (PIC)
D.Manual static route pointing to the policy
E.LDP label distribution
AnswerB

The color community is the standard way to steer traffic into an SR-TE policy.

Why this answer

SR-TE policies can be steered using color-based forwarding where the color extended community is attached to BGP routes. The headend matches the color to an SR-TE policy with the same color and steers traffic accordingly. Other methods like next-hop labels or VRF selection are not standard.

118
MCQmedium

A service provider is designing a new MPLS L3VPN service. The customer requires that their VPN traffic be isolated from other customers and that the provider edge routers maintain separate routing tables for each VPN. Which architectural component is essential for this separation?

A.MPLS label stacking
B.VRF (Virtual Routing and Forwarding)
C.VLAN tagging on the customer-facing interfaces
D.BGP route reflectors
AnswerB

VRF creates separate routing tables per VPN instance, enabling isolation.

Why this answer

VRF (Virtual Routing and Forwarding) is the essential architectural component that enables a provider edge router to maintain separate, isolated routing tables for each VPN customer. Each VRF instance contains its own routing table, CEF (Cisco Express Forwarding) table, and associated interfaces, ensuring that traffic from one customer is never forwarded using another customer's routing information. This per-VPN isolation is fundamental to MPLS L3VPN services as defined in RFC 4364.

Exam trap

Cisco often tests the distinction between data-plane isolation (VLANs, MPLS labels) and control-plane isolation (VRF), and the trap here is that candidates confuse VLAN tagging (Layer 2) with the Layer 3 routing table separation provided by VRFs, assuming VLANs alone can achieve the required routing isolation.

How to eliminate wrong answers

Option A is wrong because MPLS label stacking is a forwarding mechanism used to separate transport labels from service labels in an MPLS network, but it does not create or maintain separate routing tables per VPN; it operates at the data plane, not the control plane. Option C is wrong because VLAN tagging on customer-facing interfaces provides Layer 2 segmentation (802.1Q) but does not create separate Layer 3 routing tables; a single VLAN can still be mapped to a single VRF, but VLANs alone cannot isolate routing information. Option D is wrong because BGP route reflectors are used to scale BGP route distribution within an MPLS VPN by reducing the number of iBGP sessions, but they do not provide per-VPN routing table isolation; they propagate VPNv4 routes that already carry the Route Distinguisher (RD) and Route Target (RT) attributes.

119
MCQhard

In an SR network, which configuration is required to activate TI-LFA for link protection?

A.metric delay interface configuration
B.label-preferred under the interface
C.fast-reroute per-prefix ti-lfa under the IGP process
D.mpls traffic-eng auto-tunnel primary
AnswerC

This command enables TI-LFA for all prefixes in the IGP domain.

Why this answer

Option C is correct because the command 'fast-reroute per-prefix ti-lfa' under the IGP process (IS-IS or OSPF) explicitly enables TI-LFA. Option A is wrong because 'mpls traffic-eng auto-tunnel primary' is for TE auto-tunnel, not TI-LFA. Option B is wrong because 'label-preferred' is not a valid command.

Option D is wrong because 'metric delay' is for IGP convergence, not TI-LFA.

120
MCQeasy

In an MPLS VPN, what label operation does the egress PE perform on the VPN packet before forwarding it to the CE?

A.Swap the top label
B.Impose a VPN label
C.Pop the label stack
D.Push a new label
E.Replace the transport label
AnswerC

The egress PE removes all labels and forwards the IP packet.

Why this answer

The egress PE pops both the VPN label and the transport label (if any) and forwards the IP packet to the CE. If the packet arrives with only the transport label (penultimate hop popping), the egress PE receives only the VPN label and pops it. In all cases, the egress PE removes the MPLS labels.

121
MCQhard

An operator notices that a new MPLS-TE tunnel is not being established. The tunnel configuration includes a dynamic path option and a bandwidth of 100 Mbps. The network uses RSVP-TE with CSPF. The link-state database shows sufficient reservable bandwidth on all links along the calculated path. What is the most likely cause of the tunnel establishment failure?

A.RSVP-TE is not enabled on the transit interfaces
B.The path option is misconfigured with a strict explicit path
C.MPLS LDP is not enabled on the core routers
D.The tunnel source interface is not configured with an IP address
AnswerA

RSVP-TE must be enabled on each interface along the path for signaling.

Why this answer

RSVP-TE must be explicitly enabled on every interface that will participate in MPLS-TE label-switched path (LSP) signaling. Even if the link-state database shows sufficient reservable bandwidth, without RSVP-TE enabled on transit interfaces, the PATH messages cannot be processed, and the tunnel will fail to establish. This is a common misconfiguration when deploying MPLS-TE.

Exam trap

Cisco often tests the distinction between having sufficient bandwidth in the link-state database (IGP) versus having RSVP-TE actually enabled on the interfaces, leading candidates to overlook the required interface-level RSVP configuration.

How to eliminate wrong answers

Option B is wrong because a dynamic path option does not use a strict explicit path; a strict explicit path would be configured under a different path option type, and the question states a dynamic path option is used. Option C is wrong because MPLS LDP is not required for MPLS-TE tunnels; RSVP-TE signals its own labels, and LDP is used for different label distribution purposes. Option D is wrong because if the tunnel source interface lacked an IP address, the tunnel would not even come up operationally, and the operator would likely notice that issue before attempting to establish the tunnel; the question focuses on RSVP-TE signaling failure.

122
MCQhard

A service provider is implementing IPv6 transition in its core. Which transition mechanism is recommended for carrying IPv6 over an existing MPLS/IPv4 backbone without dual-stacking all routers?

A.ISATAP
B.NAT64
C.6to4 tunneling
D.6PE (IPv6 Provider Edge)
AnswerD

6PE uses MPLS labels; only PEs need dual-stack.

Why this answer

Option B is correct because 6PE (IPv6 Provider Edge) allows IPv6 over MPLS with only PE routers dual-stacked. Option A is wrong because 6to4 requires encapsulation endpoints. Option C is wrong because NAT64 is for translation.

Option D is wrong because ISATAP is for intra-site.

123
MCQeasy

Which protocol is used to discover MPLS peers for LDP session establishment?

AnswerB

LDP hello messages are sent via UDP on port 646.

Why this answer

LDP uses UDP hello messages to discover neighbors. Option A is correct. Option B is wrong because TCP is used for session establishment, not discovery.

Option C is wrong because ICMP is not used. Option D is wrong because ARP is for Layer 2.

124
MCQmedium

An MPLS Traffic Engineering LSP fails to establish. The RSVP signaling shows 'PathErr: Admission Control Failure'. The link has sufficient bandwidth but the headend reports a lack of resources. What is the most likely cause?

A.The tunnel is requesting more bandwidth than available on any path
B.The MPLS forwarding table is corrupted
C.The headend router does not have the correct destination address
D.The RSVP bandwidth is not configured on the interface or is set to 0
E.The LSP is configured with a strict explicit path that is impossible
AnswerD

Without 'ip rsvp bandwidth' command on the interface, RSVP cannot allocate resources.

Why this answer

Admission control in RSVP-TE uses bandwidth constraints either per tunnel or per interface. A common misconfiguration is not reserving global pool bandwidth under the interface. The headend could be misconfiguring the bandwidth request, but the error is at the interface level under RSVP.

The most common fix is enabling bandwidth reservation under the interface.

125
MCQhard

A service provider offers IPTV services using multicast. The network uses Multicast VPN (MVPN) with Rosen GRE encapsulation (Profile 1) in an MPLS L3VPN environment. The Provider Edge (PE) routers participate in both the default MDT and data MDT for high-bandwidth streams. Recently, a new channel was added, and it uses a data MDT. The content server is attached to a PE that is acting as a multicast source. Other PEs are receivers. Upon adding the channel, some receivers report missing packets. The network engineer checks the PEs and notices that the data MDT group address is being advertised via BGP as an MDT SAFI route, but some PEs are not joining the data MDT. The source PE's multicast routing table shows that it believes data MDT is active. Which architecture issue is most likely preventing some PEs from joining the data MDT?

A.The source PE is not sending IGMP joins for the data MDT group.
B.The default MDT group is flapping.
C.The PIM sparse mode RP is not reachable.
D.The data MDT group is not within the configured data MDT group range on the receiving PEs.
AnswerD

Correct. If the group is outside the configured range, the PE will not participate in that data MDT.

Why this answer

The data MDT group must be within the configured data-MDT group range on each PE; if not, the PE will ignore the BGP MDT SAFI route and not join the data MDT. Source PE IGMP joins are not relevant; default MDT issues are separate; PIM RP reachability might affect default MDT but not data MDT join if using SSM.

126
MCQmedium

Refer to the exhibit. The router has an outgoing label of 'Pop' for prefix ***********. What does this imply?

A.The router has not learned a label for that prefix
B.The router will not forward traffic for that prefix
C.The router is the penultimate hop and will remove the label before forwarding
D.The router will push a new label for that prefix
AnswerC

Penultimate hop popping (PHP) removes the outermost label.

Why this answer

A 'Pop' outgoing label indicates that the router is the penultimate hop and advertises implicit null. Option D is correct. Option A is wrong because Pop means the label is removed.

Option B is wrong because the outgoing interface is still used. Option C is wrong because Pop is not a failure.

127
MCQeasy

A service provider wants to prioritize voice traffic over data traffic on a PE-CE link. Which QoS mechanism should be applied at the PE ingress to classify packets?

A.Policer
B.Class-based marking based on NBAR
C.WRED
D.Shaper
AnswerB

NBAR performs deep packet inspection to classify traffic by application.

Why this answer

Class-based marking using NBAR can classify traffic based on application. Options B, C, D are actions (policing, shaping, dropping) that occur after classification. Thus A is correct.

128
MCQeasy

A small service provider is deploying MPLS in its core network for the first time. They have a simple topology: three P routers in the core and two PE routers connecting customers. They have configured LDP on all interfaces and OSPF as the IGP. They also configured a basic L3VPN for a customer with a single CE attached to each PE. The customer reports that they can ping between CEs for a few minutes, but then the connectivity drops. After a few seconds, it returns. This pattern repeats every few minutes. The engineer checks the LDP neighbors and sees that all LDP sessions are up. The OSPF adjacencies are stable. The engineer also notices that the pings time out exactly when the LDP graceful restart timer is expiring on one of the P routers. What is the most likely cause?

A.The BGP session between the PEs is flapping due to a hold timer mismatch or connectivity issue.
B.The LDP graceful restart timer is causing periodic re-establishment of LDP sessions.
C.The OSPF network type on the core links is set to point-to-point, causing SPF recalculation every 5 minutes.
D.One of the core interfaces is flapping due to a hardware issue, triggering IGP and LDP convergence.
AnswerA

If the BGP session between PEs goes down, VPN routes are withdrawn, causing connectivity loss. When the session comes back, routes are re-advertised, restoring connectivity. The pattern matches.

Why this answer

Option D is correct because if the BGP session between PEs is going down (e.g., due to a hold timer issue or misconfiguration), the VPN routes would be withdrawn and re-advertised, causing intermittent connectivity. Option A is wrong because LDP graceful restart timer is for LDP session recovery, but LDP sessions are up. Option B is wrong because OSPF network type does not cause periodic drops.

Option C is wrong because interface flaps would cause more permanent outages.

129
MCQmedium

An engineer is troubleshooting a BGP route propagation issue. The customer is receiving a default route from upstream provider, but the route is not being installed in the routing table. The BGP table shows the route is valid but not best. What is the most likely cause?

A.The next-hop is unreachable
B.The route is filtered by an inbound route-map
C.The BGP session is not established
D.A static default route with lower administrative distance exists
AnswerD

Static route AD 1 < BGP AD 20, so BGP route is not best.

Why this answer

Option D is correct because a static default route with a lower administrative distance (e.g., 1) will be preferred over a BGP default route (AD 20 for eBGP). Even though the BGP route is valid in the BGP table, it is not installed in the routing table because the static route is more trustworthy. This is a common scenario where the routing table already has a better path, preventing the BGP route from becoming 'best' and being installed.

Exam trap

Cisco often tests the distinction between a route being 'valid' in the BGP table versus being 'best' and installed in the routing table, trapping candidates who assume a valid BGP route is automatically used for forwarding.

How to eliminate wrong answers

Option A is wrong because if the next-hop were unreachable, the BGP route would be marked as invalid in the BGP table, not 'valid but not best'. Option B is wrong because an inbound route-map filtering the route would prevent it from appearing in the BGP table at all, whereas the question states the route is present and valid. Option C is wrong because if the BGP session were not established, no routes would be received from the upstream provider, contradicting the fact that the route is in the BGP table.

130
MCQhard

An SP is deploying EVPN with VXLAN encapsulation in a data center interconnect. The design requires that the control plane for MAC/VTEP learning is based on BGP. Which BGP address family must be configured?

A.l2vpn evpn
B.l2vpn vpls-vpws
C.vpnv4
D.ipv4 unicast
AnswerA

The l2vpn evpn address family is used for EVPN control plane with BGP.

Why this answer

The l2vpn evpn address family is used for EVPN. Option A is vpnv4 for L3VPN, Option B is l2vpn vpls-vpws (legacy), Option C is ipv4 unicast. Thus D is correct.

131
MCQmedium

An engineer needs to ensure that a core router can forward MPLS packets without checking the IP header. Which forwarding mechanism should be enabled?

A.Link Fragmentation and Interleaving (LFI)
B.CEF switching
C.Per-packet load balancing
D.Penultimate Hop Popping (PHP)
AnswerD

PHP pops label at penultimate hop, so last hop forwards without IP check.

Why this answer

Option B is correct because Penultimate Hop Popping (PHP) removes the label before the final hop, allowing forwarding based on label only. Option A is wrong because CEF is IP-based. Option C is wrong because LFI is for link fragmentation and interleaving.

Option D is wrong because load balancing is distribution, not label-only.

132
MCQhard

Refer to the exhibit. An engineer configures MPLS LDP on a router. The router has two interfaces with IP addresses 10.0.0.1/30 and 10.0.0.5/30. The engineer notices that LDP sessions are not established. The OSPF neighbor adjacencies are up. What is the most likely cause?

A.The OSPF network statements do not cover the interfaces correctly
B.The MPLS MTU is set to 1500, which is too low
C.The label range is too small
D.LDP is not enabled on the interfaces
AnswerD

The 'mpls ip' command does not enable LDP; LDP requires 'mpls ldp' or explicit configuration.

Why this answer

D is correct because MPLS LDP requires explicit interface-level activation under the `mpls ip` command. Even if OSPF adjacencies are up and the global LDP process is configured, LDP will not form sessions on interfaces where `mpls ip` is missing. The engineer likely enabled LDP globally but forgot to enable it on the specific interfaces, which is a common oversight.

Exam trap

Cisco often tests the distinction between global LDP configuration and interface-level activation, leading candidates to assume that enabling LDP globally is sufficient for session establishment.

How to eliminate wrong answers

Option A is wrong because OSPF network statements are unrelated to LDP session establishment; OSPF adjacencies are already up, proving the interfaces are correctly covered. Option B is wrong because an MPLS MTU of 1500 is standard and does not prevent LDP session establishment; MTU issues typically cause label-switched path (LSP) problems, not LDP hello or session failures. Option C is wrong because a small label range would cause label allocation failures, not prevent LDP sessions from forming; LDP sessions use TCP port 646 and are independent of label range size.

133
Multi-Selecteasy

Which TWO are characteristics of Segment Routing?

Select 2 answers
A.Uses only IPv6 data plane
B.Source routing capability
C.Requires RSVP-like signaling for path setup
D.No per-flow state on transit routers
E.Requires a centralized SDN controller
AnswersB, D

SR specifies path in the packet header.

Why this answer

Options B and C are correct. Segment Routing uses source routing and does not require per-flow state. Option A is wrong because it does have a path selection mechanism.

Option D is wrong because it uses MPLS or IPv6 data plane. Option E is wrong because it works with distributed control plane.

134
MCQmedium

An SP engineer notices that BGP routes from a CE are not being installed in the VRF routing table, although the BGP session is established. The VRF configuration includes route-target import 100:1. The CE is sending routes with RT 100:1. What is the most likely cause?

A.The BGP route is suppressed due to route update delay
B.The route is not matching any import map
C.The VRF name does not match
D.The RD is not configured
AnswerB

If an import map is configured, only routes matching the map are imported.

Why this answer

Even with matching RT, an import map can block routes. If no import map is configured, routes with matching RT should be imported. However, if an import map is applied but doesn't permit the route, it will not be installed.

Option A is irrelevant; Option B: RD is required for VRF but usually configured; Option C: suppression due to delay is not typical; Option D is the most likely.

135
MCQeasy

A large service provider operates an MPLS L3VPN network with multiple Route Reflectors (RRs) in the core. The network uses BGP as the control plane for both IPv4 unicast and VPNv4 routes. Recently, one of the RRs started flapping, causing route withdrawals to many clients. The network architect wants to improve stability. The RRs are fully meshed with each other and clients are configured as route-reflector clients. The RRs have both IPv4 and VPNv4 address families enabled. Which action should be taken to minimize the impact of an RR failure?

A.Configure BGP prefix-independent convergence (PIC) on all PE routers.
B.Implement BGP add-paths capability on RRs to advertise multiple paths to clients.
C.Deploy redundant RRs with the same cluster ID and use the 'bgp cluster-id' command to ensure clients only accept routes from one RR at a time.
D.Configure client-to-client reflection on the RRs and ensure that each PE is a client of at least two RRs.
AnswerD

This provides redundancy; clients receive routes from multiple RRs, and if one RR fails, routes are still available via the other.

Why this answer

Configuring client-to-client reflection on the RRs and ensuring each PE is a client of at least two RRs provides redundancy; if one RR fails, routes are still available via the other RR. BGP PIC helps fast failover but does not prevent route withdrawal impact; add-paths increases paths but not redundancy; same cluster ID reduces redundancy.

136
MCQmedium

Refer to the exhibit. Based on the exhibit, what is the most likely reason for no label bindings?

A.The local router has disabled label advertisements
B.The IGP routes are not present in the routing table
C.The LDP session is not fully established
D.The remote peer has label filtering applied
AnswerD

Label filtering on the remote peer can prevent advertisement of labels.

Why this answer

The LDP session is operational, but no label bindings are received. A common cause is that the remote peer has label filtering configured, preventing label advertisement. Option B: local disabling would not show session up with label bindings none? Actually local disabling might prevent sending, but receiving? Option C: IGP routes present? Not directly indicated.

Option D: session is up, so not fully established is false.

← PreviousPage 2 of 2 · 136 questions total

Ready to test yourself?

Try a timed practice session using only Sp Architecture questions.