Juniper Enterprise Routing and Switching, Specialist JN0-351 Exam Questions

Answer : B, D

A tunnel is a connection between two computer networks, in which data is sent from one network to another through an encrypted link. Tunnels are commonly used to secure data communications between two networks or to connect two networks that use different protocols.

Option B is correct, because tunnel endpoints must have a valid route to the remote tunnel endpoint. A tunnel endpoint is the device that initiates or terminates a tunnel connection. For a tunnel to be established, both endpoints must be able to reach each other over the underlying network.This means that they must have a valid route to the IP address of the remote endpoint1.

Option D is correct, because tunnels add additional overhead to packet size. Tunnels work by encapsulating packets: wrapping packets inside of other packets. This means that the original packet becomes the payload of the surrounding packet, and the surrounding packet has its own header and trailer. The header and trailer of the surrounding packet add extra bytes to the packet size, which is called overhead.Overhead can reduce the efficiency and performance of a network, as it consumes more bandwidth and processing power2.

Option A is incorrect, because BFD can be used to monitor tunnels. BFD is a protocol that can be used to quickly detect failures in the forwarding path between two adjacent routers or switches. BFD can be integrated with various routing protocols and link aggregation protocols to provide faster convergence and fault recovery. BFD can also be used to monitor the connectivity of tunnels, such as GRE, IPsec, or MPLS.

Option C is incorrect, because IP-IP tunnels are stateless. IP-IP tunnels are a type of tunnels that use IP as both the encapsulating and encapsulated protocol. IP-IP tunnels are simple and easy to configure, but they do not provide any security or authentication features. IP-IP tunnels are stateless, which means that they do not keep track of the state or status of the tunnel connection. Stateless tunnels do not require any signaling or negotiation between the endpoints, but they also do not provide any error detection or recovery mechanisms.

1:What is Tunneling? | Tunneling in Networking2:What Is Tunnel In Networking, Its Types, And Its Benefits?: [Configuring Bidirectional Forwarding Detection] : [IP-IP Tunneling]

Answer : A, B, C

Ais correct because you need to configure BGP multihop to enable redundancy for the EBGP peering between the two routers.BGP multihop is a feature that allows BGP peers to establish a session over multiple hops, instead of requiring them to be directly connected1.By default, EBGP peers use a time-to-live (TTL) value of 1 for their packets, which means that they can only reach adjacent neighbors1.However, if you configure BGP multihop with a higher TTL value, you can allow EBGP peers to communicate over multiple routers in between1. This can provide redundancy in case of a link failure or a router failure between the EBGP peers.

Bis correct because you need to configure loopback interface peering to enable redundancy for the EBGP peering between the two routers.Loopback interface peering is a technique that uses loopback interfaces as the source and destination addresses for BGP sessions, instead of physical interfaces2.Loopback interfaces are virtual interfaces that are always up and reachable as long as the router is operational2.By using loopback interface peering, you can avoid the dependency on a single physical interface or link for the BGP session, and use multiple paths to reach the loopback address of the peer2. This can provide redundancy and load balancing for the EBGP peering.

Cis correct because you need to configure routes for the peer loopback interface IP addresses to enable redundancy for the EBGP peering between the two routers.Routes for the peer loopback interface IP addresses are necessary to ensure that the routers can reach each other's loopback addresses over multiple hops2.You can use static routes or dynamic routing protocols to advertise and learn the routes for the peer loopback interface IP addresses2. Without these routes, the routers will not be able to establish or maintain the BGP session using their loopback interfaces.

Answer : D

A keepalive OAM probe is a mechanism that can be used to monitor the state of a GRE tunnel and detect any failures in the tunnel path. A keepalive OAM probe consists of sending periodic packets from one end of the tunnel to the other and expecting a reply.If no reply is received within a specified time, the tunnel is considered down and the line protocol of the tunnel interface is changed to down1.

To configure a keepalive OAM probe for a GRE tunnel, you need to specify two parameters: the keepalive-time and the hold-time. The keepalive-time is the interval between each keepalive packet sent by the local router.The hold-time is the maximum time that the local router waits for a reply from the remote router before declaring the tunnel down2.

According to the Juniper Networks documentation, the hold-time value must be two times the keepalive-time value for a GRE tunnel2. This is because the hold-time value must account for both the round-trip time of the keepalive packet and the processing time of the remote router. If the hold-time value is too small, it may cause false positives and unnecessary tunnel flaps.

In the exhibit, the configuration shows that the keepalive-time is set to 10 seconds and the hold-time is set to 15 seconds for the gr-1/1/10.1 interface. This means that the local router will send a keepalive packet every 10 seconds and will wait for 15 seconds for a reply from the remote router. However, this hold-time value is not two times the keepalive-time value, which violates the recommended configuration. This may cause traffic drops if the remote router takes longer than 15 seconds to reply.

Therefore, option D is correct, because the hold-time value must be two times the keepalive-time value for a GRE tunnel.Option A is incorrect, because BFD is not required for GRE tunnels; BFD is another protocol that can be used to monitor tunnels, but it is not compatible with GRE keepalives3.Option B is incorrect, because the ''event link-adjacency-loss'' option is not related to GRE tunnels; it is an option that can be used to trigger an action when a link goes down4.Option C is incorrect, because LLDP does not need to be removed from the gr-1/1/10.1 interface; LLDP is a protocol that can be used to discover neighboring devices and their capabilities, but it does not interfere with GRE tunnels5.

1:Configuring Keepalive Time and Hold time for a GRE Tunnel Interface2: keepalive | Junos OS | Juniper Networks3: Configuring Bidirectional Forwarding Detection4: event link-adjacency-loss | Junos OS | Juniper Networks5: Understanding Link Layer Discovery Protocol

Answer : B

A broadcast storm is a network condition where a large number of broadcast packets are sent and received by multiple devices, causing congestion and performance degradation1.A broadcast storm can occur when there are loops in the network topology, meaning that there are multiple paths between two devices2.

A spanning tree protocol is a network protocol that prevents loops from being formed when switches or bridges are interconnected via multiple paths.It does this by creating a logical tree structure that spans all the devices in the network, and disabling or blocking the links that are not part of the tree, leaving a single active path between any two devices3.

By eliminating loops, a spanning tree protocol also eliminates broadcast storms, as broadcast packets will not be forwarded endlessly along the looped paths.Instead, broadcast packets will be sent only along the tree structure, reaching each device once and avoiding congestion3.

Answer : B, D

The two reasons for the failure to form an adjacency in a network running IS-IS could be:

B) There is no configured ISO address on any IS-IS interface.IS-IS requires each router interface to have an ISO address configured.Without this address, the routers cannot form an adjacency1.

D) The family iso configuration is missing from the adjacency interface.The 'family iso' configuration is essential for IS-IS to function correctly.If this configuration is missing from the adjacency interface, it could prevent the formation of an adjacency1.

These explanations are based on the Enterprise Routing and Switching Specialist (JNCIS-ENT) documents and learning resources available at Juniper Networks23.

Answer : A

OSPF DR/BDR election is a process that occurs on multi-access data links. It is intended to select two OSPF nodes: one to be acting as the Designated Router (DR), and another to be acting as the Backup Designated Router (BDR). The DR and BDR are responsible for generating network LSAs for the multi-access network and synchronizing the LSDB with other routers on the same network1.

The DR/BDR election is based on two criteria: the OSPF priority and the router ID. The OSPF priority is a value between 0 and 255 that can be configured on each interface participating in OSPF. The default priority is 1. A priority of 0 means that the router will not participate in the election and will never become a DR or BDR. The router with the highest priority will become the DR, and the router with the second highest priority will become the BDR. If there is a tie in priority, then the router ID is used as a tie-breaker. The router ID is a 32-bit number that uniquely identifies each router in an OSPF domain. It can be manually configured or automatically derived from the highest IP address on a loopback interface or any active interface2.

In this scenario, all routers have the same priority of 1, so the router ID will determine the outcome of the election. The router IDs are shown in the exhibit as RID values. The highest RID belongs to R4 (10.10.10.4), so R4 will become the DR. The second highest RID belongs to R3 (10.10.10.3), so R3 will become the BDR.

1: OSPF DR/BDR Election: Process, Configuration, and Tuning 2: OSPF Designated Router (DR) and Backup Designated Router (BDR)

Answer : A, C

Ais correct because RSTP alternate ports block traffic while receiving superior BPDUs from a neighboring switch.An alternate port is a backup port for a root port, which means it receives better BPDUs from another bridge than the current root port1.However, an alternate port does not forward any traffic, as it is in a discarding state2. It only listens to BPDUs and waits for the root port to fail.If the root port fails, the alternate port can immediately transition to a forwarding state and become the new root port1.

Cis correct because RSTP alternate ports provide an alternate higher cost path to the root bridge.An alternate port is selected based on the same criteria as the root port, which are the lowest bridge ID, the lowest path cost, the lowest sender port ID, and the lowest receiver port ID3.However, an alternate port receives a higher cost BPDU than the root port, otherwise it would be the root port itself1. Therefore, an alternate port provides an alternate higher cost path to the root bridge than the root port.