300-415 Question #182: Real Exam Question with Answer & Explanation

Question

Options

• Avpn-list VPN10 sequence 1 match app-list youtube action accept set policer App-police
• Bpolicy data-policy policy-name vpn-list 10 sequence 1 action accept set policer App-police
• Cvpn 10 interface ge0/0 set policer App-police in default action accept
• Dpolicy action accept set policer App-police

Explanation

The provided configuration snippets are incomplete, but choice B outlines the correct structural approach to applying a QoS policer, named "App-police," within a centralized data policy for specific VPN traffic. A centralized data policy is used to define and apply policing actions across the SD-WAN fabric.

Common mistakes.

• A. This snippet applies a policer within a centralized data policy for traffic matching an app-list. While conceptually correct for applying a policer, it's less general than B for meeting the stated requirements that just mention "App-police" without an app-list match in the policer definition itself.
• C. This snippet shows a localized policer applied on a specific interface (ge0/0) within a VPN, which is a localized policy application. The question implies a QoS policy to be deployed, and centralized data policies are the primary way to deploy traffic policies across the fabric based on criteria like application or VPN, not just a single interface.
• D. This snippet is too generic and lacks the context of a data policy or its application to specific VPNs or traffic flows. A policer needs to be defined and then applied within a broader policy framework, typically a data policy.

Concept tested. Cisco SD-WAN centralized data policy with policer

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/sdwan-xe-gs-book_chapter_0110.html#id_62516

No community discussion yet for this question.