nerdexam
Exams350-501Questions#567
CiscoCisco

350-501 · Question #567

350-501 Question #567: Real Exam Question with Answer & Explanation

The correct answer is B: Add a continue clause within sequence 10 to jump to sequence 30. To ensure all traffic not explicitly matched by permit statements in a route map is dropped, which is the default implicit deny behavior, an engineer might need to bypass problematic permit statements. Adding a continue clause allows for precise control flow to achieve this goal.

Networking

Question

Refer to the exhibit. The network administrator must implement a new requirement that all traffic on the network that does not match a configured route map sequence should be dropped. An engineer is updating the route map for a BGP neighbor. Which task should the engineer perform to meet the administrators requirement?

Options

  • AChange sequence 20 to a permit statement
  • BAdd a continue clause within sequence 10 to jump to sequence 30
  • CAdd another route map sequence higher than 30 and set it to deny
  • DAdd a specific set of traffic to match in sequence 30

Explanation

To ensure all traffic not explicitly matched by permit statements in a route map is dropped, which is the default implicit deny behavior, an engineer might need to bypass problematic permit statements. Adding a continue clause allows for precise control flow to achieve this goal.

Approach. Adding a continue clause in sequence 10 to jump to sequence 30 allows traffic matching sequence 10 to bypass sequence 20 entirely. This is crucial if sequence 20 is a broad permit statement that allows unwanted traffic, ensuring that traffic matching 10 is permitted and then processing can proceed to sequence 30 or the implicit deny, effectively dropping traffic that would otherwise be inappropriately permitted by sequence 20.

Common mistakes.

  • A. Changing sequence 20 to a permit statement would likely increase the amount of permitted traffic, directly contradicting the goal of dropping unmatched traffic.
  • C. Adding a new deny sequence higher than 30 would only apply to traffic that has not matched or been processed by sequences 10, 20, and 30, and would be redundant if an implicit deny is already effective or if a broad permit statement exists earlier.
  • D. Adding a specific set of traffic to match in sequence 30 only refines what sequence 30 processes but does not inherently address the issue of dropping unmatched traffic overall if a broader permit statement is problematic.

Concept tested. Route map control flow and implicit deny

Reference. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-3s/iri-xe-3s-book/iri-rm-cfg.html

Topics

#BGP#Route Maps#Traffic Filtering#Policy Enforcement

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 350-501 PracticeBrowse All 350-501 Questions