Juniper Exam JN0-683 Topic 4 Question 7 Discussion

Actual exam question for Juniper's JN0-683 exam

Question #: 7
Topic #: 4

You are adding a server lo a tenant's network within your data center and must limit access to a specific traffic type within the tenant network without pushing all tenant traffic through a firewall.

What will satisfy this requirement?

AUse route leaking with EVPN and a routing policy.

BUse filter-based forwarding.

CPut the new server on a unique subnet within the tenant's network.

DUse a static route in the tenant VRF with a firewall as the next hop for traffic to the new server.

Show Suggested Answer

Suggested Answer: B, C, E

Understanding ERB Architecture:

ERB (Edge Routed Bridging) architecture is a network design where the routing occurs at the edge (leaf devices) rather than in the spine devices. In a VXLAN overlay network with EVPN as the control plane, leaf devices typically act as both Layer 2 (L2) and Layer 3 (L3) VXLAN gateways.

Placement of VXLAN Gateways:

Option B: All leaf devices will have L2 VXLAN gateways to handle the bridging of VLAN traffic into VXLAN tunnels.

Option C: All leaf devices will also have L3 VXLAN gateways to route traffic between different VXLAN segments (VNIs) and external networks.

Option E: Spine devices in an ERB architecture generally do not function as VXLAN gateways. They primarily focus on forwarding traffic between leaf nodes and do not handle VXLAN encapsulation/decapsulation.

Conclusion:

Option B: Correct---All leaf devices will have L2 VXLAN gateways.

Option C: Correct---All leaf devices will have L3 VXLAN gateways.

Option E: Correct---Spine devices will not act as VXLAN gateways

by Billye at Sep 15, 2024, 02:56 AM

Limited Time Offer

25%

14 days ago

I think option A) using route leaking with EVPN and a routing policy could work.

upvoted 0 times

...