350-401 Question #529: Real Exam Question with Answer & Explanation

Question

When the "deny" statement is used within a route map that is used for policy-based routing, how is the traffic that matches the deny route-map line treated?

Options

• ATraffic is routed to the null 0 interface of the router and discarded.
• BTraffic is returned to the normal forwarding behavior of the router.
• CAn additional sequential route-map line is needed to divert the traffic to the router's normal
• DAn additional sequential route-map line is needed to policy route this traffic.

Explanation

When a 'deny' statement is matched within a route map used for policy-based routing, the traffic is not policy routed by that statement and instead reverts to the router's normal forwarding behavior based on its routing table.

Common mistakes.

• A. Traffic matching a 'deny' statement in a PBR route-map is not discarded; it is merely excluded from policy routing and is then processed by normal routing mechanisms.
• C. While an additional line might be needed for different policy routing, the 'deny' action itself does not require a sequential line to revert to normal forwarding; it's the default behavior if no 'permit' match with 'set' action occurs.
• D. A 'deny' statement explicitly prevents policy routing for the matching traffic by that specific line, thus an additional line for policy routing would only apply if the traffic matched a 'permit' statement.

Concept tested. Policy-Based Routing (PBR) deny statement behavior

Reference. https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/23769-pbr.html

No community discussion yet for this question.