A. Host-facing interfaces must be configured using a service-provider style configuration.
D. The routing-instance service type can be VLAN-based.

Answer DescriptionExplanation:

Understanding the Scenario:

EVPN-VXLAN deployments often involve scenarios where multiple tenants or applications require overlapping VLAN IDs, which can be managed using the mac-vrf routing instance type. This allows you to segregate traffic within the same VLAN ID across different tenants.

Host-facing Interface Configuration:

A. Host-facing interfaces must be configured using a service-provider style configuration:This is correct. In mac-vrf configurations, host-facing interfaces (those connecting end devices) typically follow a service-provider style configuration, where each customer or tenant's traffic is isolated even if overlapping VLAN IDs are used.

B. Host-facing interfaces must be configured using enterprise-style configuration:This is incorrect for mac-vrf instances because enterprise-style configurations are more common in simpler, less segmented networks.

Routing Instance Service Type:

D. The routing-instance service type can be VLAN-based:This is correct. The service type in mac-vrf can indeed be VLAN-based, which is particularly useful in scenarios where VLAN ID overlap is needed between different tenants or services.

Data Center References:

The mac-vrf instance type is powerful for handling complex multi-tenant environments in EVPN-VXLAN, especially when dealing with overlapping VLAN IDs across different segments of the network.

C. Type 4

Answer DescriptionExplanation:

Understanding the Scenario:

In an EVPN-VXLAN environment, when using multi-homing in active/active scenarios, there's a risk that a multihomed server might receive duplicate copies of Broadcast, Unknown unicast, and Multicast (BUM) traffic. This is because multiple VTEPs might forward the same BUM traffic to the server.

EVPN Route Types:

Type 4 Route (Ethernet Segment Route):This route type is used to advertise the Ethernet Segment (ES) to which the device is connected. It is specifically used in multi-homing scenarios to signal the ES and its associated Ethernet Tag to all the remote VTEPs. The Type 4 route includes information that helps prevent BUM traffic duplication in active/active multi-homing by using a split-horizon mechanism, which ensures that traffic sent to a multihomed device does not get looped back.

Explanation:

The Type 4 route is crucial for ensuring that in a multi-homed setup, particularly in an active/active configuration, BUM traffic does not result in duplication at the server. The route helps coordinate which VTEP is responsible for forwarding the BUM traffic to the server, thereby preventing duplicate traffic.

Data Center References:

Type 4 routes are essential for managing multi-homing in EVPN to avoid the issues of BUM traffic duplication, which could otherwise lead to inefficiencies and potential network issues.

C. The oversubscription ratio increases when you remove leaf devices.
D. The oversubscription ratio remains the same when you add leaf devices.

Answer DescriptionUnderstanding Oversubscription Ratio in IP Fabrics:

The oversubscription ratio in an IP fabric typically refers to the ratio of the available bandwidth at the edge of the network (leaves) to the available bandwidth at the core or spine. A 3:1 oversubscription ratio means that for every 3 units of bandwidth at the leaves, there is 1 unit of bandwidth at the spine.

Impact of Adding or Removing Leaf Devices:

Removing Leaf Devices:When you remove leaf devices, the amount of total edge bandwidth decreases while the bandwidth in the spine remains constant. This causes the oversubscription ratio toincreasebecause there is now less total bandwidth to distribute across the same amount of spine bandwidth.

Adding Leaf Devices:Conversely, when you add leaf devices, the total edge bandwidth increases. Since the spine bandwidth remains the same, the oversubscription ratio would remain the same if the additional leaves consume their share of the available bandwidth proportionally.

Conclusion:

Option C:Correct—Removing leaf devices increases the oversubscription ratio.

Option D:Correct—Adding leaf devices typically maintains the oversubscription ratio assuming uniform bandwidth distribution.

C. show interfaces terse vtep.32770 statistics

Answer DescriptionVXLAN Traffic Verification:

To ensure VXLAN traffic from the xe-0/0/12 interface is correctly encapsulated by the logical vtep.32770 and sent to a remote leaf device, it is essential to monitor the relevant interface statistics.

The command show interfaces terse vtep.32770 statistics provides a concise overview of the traffic statistics for the specific VTEP interface, which can help verify whether traffic is being correctly encapsulated and transmitted.

Explanation:

This command is particularly useful for quickly checking the traffic counters and identifying any potential issues with VXLAN encapsulation or transmission.

It allows you to confirm that traffic is flowing as expected, by checking the transmitted and received packet counters.

Data Center References:

Monitoring interface statistics is a crucial step in troubleshooting and validating network traffic, particularly in complex overlay environments like EVPN-VXLAN.

B. Type 2 EVPN routes do not require a VXLAN tunnel to the protocol next hop.
D. Type 5 EVPN routes do not require a VXLAN tunnel to the protocol next hop.

Answer DescriptionType 2 EVPN Routes:

Type 2 routesadvertise MAC addresses within an EVPN instance and are used primarily for Layer 2 bridging. These routes do not require a VXLAN tunnel to the protocol next hop because they operate within the same Layer 2 domain.

Type 5 EVPN Routes:

Type 5 routesare used to advertise IP prefixes (Layer 3 routes) within EVPN. Similar to Type 2 routes, they do not require a VXLAN tunnel to the protocol next hop because they represent L3 routes, which are managed at the routing layer without the need for VXLAN encapsulation.

Conclusion:

Option B:Correct—Type 2 routes do not need a VXLAN tunnel to the next hop, as they are used for Layer 2.

Option D:Correct—Type 5 routes also do not need a VXLAN tunnel because they operate at Layer 3, handling IP prefixes.

B. You need to configure a next-hop self policy.
D. You need to configure multipath multiple-as.

Answer DescriptionExplanation:

Issue Overview:

The leaf devices in an IP fabric using eBGP are advertising and receiving all routes, but the routes are not being installed in the routing table and are marked as hidden. Thistypically indicates an issue with the BGP configuration, particularly with next-hop handling or AS path concerns.

Corrective Actions:

B. You need to configure a next-hop self policy:This action ensures that the leaf devices modify the next-hop attribute to their own IP address before advertising routes to their peers. This is particularly important in eBGP setups where the next-hop may not be directly reachable by other peers.

D. You need to configure multipath multiple-as:This setting allows the router to accept multiple paths from different autonomous systems (ASes) and use them for load balancing. Without this, the BGP process might consider only one path and mark others as hidden.

Incorrect Statements:

A. You need to configure as-override:AS-override is used to replace the AS number in the AS-path attribute to prevent loop detection issues in MPLS VPNs, not in a typical eBGP IP fabric setup.

C. You need to configure loops 2:There is no specific BGP command loops 2 relevant to resolving hidden routes in this context. It might be confused with allowas-in, which is used to allow AS path loops under certain conditions.

Data Center References:

Proper BGP configuration is crucial in IP fabrics to ensure route propagation and to prevent routes from being marked as hidden. Configuration parameters like next-hop self and multipath multiple-as are common solutions to ensure optimal route installation and load balancing in a multi-vendor environment.

C. Use IRB interfaces with the same IP and MAC address.

Answer DescriptionRedundant Gateways in EVPN-VXLAN:

In an EVPN-VXLAN environment, providing redundant gateway functionality typically involves the use of Anycast Gateway. This allows multiple PEs (Provider Edge devices) to use the same IP address and MAC address for the gateway, enabling seamless failover and redundancy without IP conflicts.

Conserving Address Space:

Using the same IP address across multiple PEs conserves address space because only one IP address is needed for the gateway function, regardless of the number of PEs. The shared MAC address ensures that ARP resolution and forwarding behavior are consistent across all the PEs.

Conclusion:

Option C:Correct—Using IRB interfaces with the same IP and MAC address across all PEs satisfies the need for redundancy while conserving address space.

OptionsA, B,andDintroduce unnecessary complexity or do not fully utilize the efficient Anycast Gateway approach, which is best practice for conserving IP space and providing redundancy.

B. Use filter-based forwarding.

Answer DescriptionExplanation:

Controlling Traffic Within a Tenant's Network:

The requirement is to limit access to specific traffic types within a tenant’s network without routing all tenant traffic through a firewall. This requires a selective method that can direct specific types of traffic to different paths based on the nature of the traffic.

Filter-Based Forwarding (FBF):

FBF is a technique that allows for routing decisions based on filters applied to the traffic, such as matching on source IP addresses, destination IP addresses, or even specific application types (like HTTP or FTP). This allows specific types of traffic to be forwardedto a specific next hop (e.g., a firewall) without affecting the entire traffic flow within the tenant's network.

Conclusion:

Option B:Correct—Filter-based forwarding allows for granular control of traffic, ensuring that only specific types of traffic within the tenant's network are redirected through a firewall, satisfying the requirement.