300-540 Question #11: Real Exam Question with Answer & Explanation

Question

Exhibit

Options

• Aneighbor 172.16.1.1 filter-list 300 out
• Bneighbor 172.16.2.1 filter-list 400 out
• Cneighbor 172.16.1.1 filter-list 1 out
• Dneighbor 172.16.2.1 filter-list 1 out
• Eneighbor 172.16.1.1 filter-list 200

Explanation

R1 (AS 200) is multihomed to: SP-1 in AS 300 via neighbor 172.16.1.1 SP-2 in AS 400 via neighbor 172.16.2.1 Advertise only locally originated prefixes (its own network 10.10.0.0/24). NOT become a transit AS--i.e., R1 must not advertise routes learned from one provider to the The configuration includes AS-path access-lists: ip as-path access-list 1 permit ^$ ip as-path access-list 200 permit ^200 ip as-path access-list 300 permit ^300 ip as-path access-list 400 permit ^400 ^$ in AS-path ACL 1 matches locally originated routes (empty AS-path). ACLs 200, 300, and 400 match routes whose first AS in the path is 200, 300, or 400 respectively (used if we needed to match those provider or customer routes). To ensure each upstream provider only receives locally originated routes, we apply AS-path ACL 1 as an outbound filter-list on each external BGP neighbor 172.16.1.1 remote-as 300 neighbor 172.16.1.1 filter-list 1 out only advertise local prefixes to SP-1 neighbor 172.16.2.1 neighbor 172.16.2.1 filter-list 1 out only advertise local prefixes to SP-2 Routes learned from SP-1 (AS 300) will not be advertised to SP-2 (AS 400) because their AS- path will begin with 300, not empty, so they fail ACL 1. Similarly, routes from SP-2 will not be sent to SP-1. Only R1's own prefixes are exported, preventing AS 200 from becoming a transit network.

No community discussion yet for this question.