After configuring Cloud VPN with dynamic routing (BGP), you notice that on-premises routes are not appearing in Google Cloud. BGP sessions are established but no prefixes are exchanged. Cloud Router logs show: 'No route advertisement received'. On-premises BGP configuration shows 'network 10.0.0.0/8' and 'neighbor 10.1.1.1 remote-as 65000'. What is the most likely cause?
BGP requires the network to be in the routing table, and 'activate' is needed to start sending updates.
Why this answer
Option A is correct because the on-premises BGP configuration uses the 'network 10.0.0.0/8' command, which requires an exact match in the local routing table to be advertised. Without a route for 10.0.0.0/8 (e.g., a connected or static route), BGP will not advertise it. Additionally, the 'neighbor 10.1.1.1 activate' command is missing under BGP, which is required to enable the exchange of prefixes with that neighbor.
These two issues together prevent route advertisement to Google Cloud.
Exam trap
Google Cloud often tests the misconception that an established BGP session automatically implies route exchange, but candidates must remember that the 'network' command requires an exact routing table match and that 'neighbor activate' is needed under the address family to actually send prefixes.
How to eliminate wrong answers
Option B is wrong because BGP peers do not need to be in the same subnet; they only need Layer 3 reachability, which is confirmed by the established BGP session. Option C is wrong because the BGP session is already established, indicating that the Cloud Router's BGP peer IP is reachable from the on-premises router. Option D is wrong because an incorrect MD5 password would prevent the BGP session from establishing, but the session is up, so authentication is not the issue.