In the Juniper Apstra design phase, which object dictates port count, port speed, and how the ports would be used?
Answer(s): D
Interface maps are objects that map interfaces between logical devices and physical hardware devices in the Juniper Apstra design phase. They dictate port count, port speed, and how the ports would be used for achieving the intended network configuration rendering. Interface maps also allow you to select device ports, transformations, and interfaces, provision breakout ports, and disable unused ports. For more information, see Interface Maps (Datacenter Design).
Interface Maps (Datacenter Design)DesignInterface Maps Introduction
You want to keep virtual networks isolated from each other within the Juniper Apstra system. In this scenario, what are three ways to accomplish this task? (Choose three.)
Answer(s): B,D,E
To keep virtual networks isolated from each other within the Juniper Apstra system, you can use one or more of the following methods:Enable Security Policy for virtual networks in the same Routing Zone. This allows you to define rules that control the traffic flow between different virtual networks within the same routing zone. You can specify the source and destination virtual networks, the protocol, the port, and the action (allow or deny) for each rule. The security policy is applied on the ingress interface of the leaf devices1. Use Connectivity Templates to block access within the same Routing Zone. This allows you to customize the connectivity between different racks within the same routing zone. You can create templates that define the link type, the routing protocol, and the access control list (ACL) for each rack pair. The ACL can be used to filter the traffic based on the source and destination IP addresses, the protocol, and the port2.Put each network in different Routing Zones. This allows you to create logical boundaries between different virtual networks based on the route target (RT) values. A routing zone is a collection of virtual networks that share the same RT for importing and exporting routes. Virtual networks in different routing zones do not exchange routes with each other, unless you configure remote EVPN gateways to connect them3.
Security PolicyConnectivity TemplatesRouting Zones
Exhibit.The 10.100.0.0/16 route is being advertised into your BGP IP fabric. ECMP load balancing has been properly enabled on all devicesIn this scenario, how many routes will the leaf device in AS 65000 receive for the 10.100.0.0/16 prefix?
Answer(s): A
The leaf device in AS 65000 will receive three routes for the 10.100.0.0/16 prefix, one from each spine device in AS 65001, AS 65002, and AS 65003. Since ECMP load balancing is enabled, the leaf device will install all three routes in its routing table and distribute the traffic among them. The other options are incorrect because:B) 1 is wrong because the leaf device will not receive only one route for the prefix. It will receive multiple routes from different spine devices and use ECMP to load balance among them. C) 2 is wrong because the leaf device will not receive only two routes for the prefix. It will receive three routes from three spine devices, as explained above. D) 4 is wrong because the leaf device will not receive four routes for the prefix. It will receive three routes from three spine devices, as explained above. The fourth spine device in AS 65004 is not directly connected to the leaf device and will not advertise the prefix to it.
IP Fabric Underlay Network Design and ImplementationBGP Multipath load sharing iBGP and eBGPECMP Load Balancing
Using the Juniper Apstra multitenancy capabilities, which approach will allow a tenant to interconnect two different routing zones?
According to the Juniper documentation1, a routing zone is an L3 domain, the unit of tenancy in multi-tenant networks. You create routing zones for tenants to isolate their IP traffic from one another, thus enabling tenants to re-use IP subnets. In addition to being in its own VRF, each routing zone can be assigned its own DHCP relay server and external system connections. You can create one or more virtual networks within a routing zone, which means a tenant can stretch its L2 applications across multiple racks within its routing zone. For virtual networks with Layer 3 SVI, the SVI is associated with a Virtual Routing and Forwarding (VRF) instance for each routing zone isolating the virtual network SVI from other virtual network SVIs in other routing zones. If you're using multiple routing zones, external system connections must be from leaf switches in the fabric. Routing between routing zones must be accomplished with external systems. Therefore, the correct answer isD. Use interconnection through an external gateway.
Routing Zones
Exhibit.In the EVPN-VXLAN data center fabric bridged overlay architecture shown in the exhibit, the servers are connected to Lead and Leat6 using the same virtual network identifier (VNI). Which two statements are correct in this scenario? (Choose two.)
Answer(s): C,D
In the EVPN-VXLAN data center fabric bridged overlay architecture shown in the exhibit, the servers are connected to Leaf1 and Leaf6 using the same virtual network identifier (VNI). This means that the servers belong to the same Layer 2 domain and can communicate with each other using VXLANtunnels across the fabric. The underlay network provides the IP connectivity between the leaf and spine devices, and it uses EBGP as the routing protocol. Therefore, the following two statements are correct in this scenario:Loopback IPv4 addresses must be advertised into the EBGP underlay from leaf and spine devices. This is because the loopback addresses are used as the source and destination IP addresses for the VXLAN tunnels, and they must be reachable by all the devices in the fabric. The loopback addresses are also used as the router IDs and the BGP peer addresses for the EBGP sessions. The underlay EBGP peering's must be established between leaf and spine devices. This is because the EBGP sessions are used to exchange the underlay routing information and the EVPN routes for the overlay network. The EBGP sessions are established using the loopback addresses of the devices, and they follow a spine-and-leaf topology, where each leaf device peers with all the spine devices, and each spine device peers with all the leaf devices.The following two statements are incorrect in this scenario:The underlay must use IRB interfaces. This is not true, because the underlay network does not provide any Layer 3 gateway functionality for the overlay network. The IRB interfaces are used to provide inter-VXLAN routing within the fabric, which is not the case in the bridged overlay architecture. The IRB interfaces are used in the edge-routed bridging (ERB) or the centrally-routed bridging (CRB) architectures, which are different from the bridged overlay architecture. The underlay must be provisioned with PIMv2. This is not true, because the underlay network does not use multicast for the VXLAN tunnels. The VXLAN tunnels are established using EVPN, which uses BGP to distribute the MAC and IP addresses of the end hosts and the VTEP information of the devices. EVPN eliminates the need for multicast in the underlay network, and it provides optimal forwarding and fast convergence for the overlay network.
Exploring EVPN-VXLAN Overlay Architectures Bridged Overlay EVPN LAGs in EVPN-VXLAN Reference ArchitecturesEVPN-VXLAN Configuration Guide
Share your comments for Juniper JN0-480 exam with other users:
question 35 is incorrect, the correct answer is c, it even states so: explanation: when a vm is infected with ransomware, you should not restore the vm to the infected vm. this is because the ransomware will still be present on the vm, and it will encrypt the files again. you should also not restore the vm to any vm within the companys subscription. this is because the ransomware could spread to other vms in the subscription. the best way to restore a vm that is infected with ransomware is to restore it to a new azure vm. this will ensure that the ransomware is not present on the new vm.
i would like to take psm1 exam.
cbd and pdb are key to the database
the purchase and download process is very much streamlined. the xengine application is very nice and user-friendly but there is always room for improvement.
please upload p_sapea_2023
anyone use this? the question dont seem to follow other formats and terminology i have been studying im getting worried
good questions
hello are these questions valid for ms-102
some questions are wrongly answered but its good nonetheless
how to get system serial number using intune
is it really helpful to pass the exam
#229 in incorrect - all the customers require an annual review
kindy upload
fantastic assessment on psm 1
56 question correct answer a,b
thank you for providing the q bank
true quesstions
i can´t believe ms asks things like this, seems to be only marketing material.
hi, could you please add the last update of ns0-527
question #3 refers to vnet4 and vnet5. however, there is no vnet5 listed in the case study (testlet 2).
sometimes it may be good some times it may be
qs 4 answer seems wrong- please check
very detailed explanation !
the interactive nature of the test engine application makes the preparation process less boring.
very useful.
complete question dump should be made available for practice.
i just passed my first exam. i got 2 exam dumps as part of the 50% sale. my second exam is under work. once i write that exam i report my result. but so far i am confident.
nice create dewey stefen
i just wrote this exam and it is still valid. the questions are exactly the same but there are about 4 or 5 questions that are answered incorrectly. so watch out for those. best of luck with your exam.
passed my exam today. this is a good start to 2023.
great sharing
very helpful
thanks.. very helpful
i registered for 1z0-1047-23 but dumps qre available for 1z0-1047-22. help me with this...
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your JN0-480, please sign in or create a free account.