Juniper JN0-480 Practice Test - Questions Answers, Page 4

Juniper Apstra supports three deploy modes for devices:Deploy,Drain, andReady.These modes determine the configuration and state of the devices in the data center fabric12.

Deploy: This mode applies the full Apstra-rendered configuration to the device, according to the Apstra Reference Design.The device state becomesIS-ACTIVEand the device is ready to carry traffic in the fabric12.

Drain: This mode adds a ''drain'' configuration to the device, which prevents any new traffic from entering the device.The device state becomesIS-READYand the device is prepared for maintenance or decommissioning12.

Ready: This mode removes the Apstra-rendered configuration from the device, leaving only the basic configuration such as device hostname, interface descriptions, and port speed/breakout.The device state becomesIS-READYand the device is not part of the fabric12.Reference:

Device Configuration Lifecycle

Set Deploy Mode (Datacenter)

To configure a static route for traffic to exit a configured routing zone, you need to use the Connectivity Templates feature in the Juniper Apstra UI. A Connectivity Template is a set of configuration parameters that can be applied to a device or a group of devices in a blueprint. You can use Connectivity Templates to configure static routes, BGP, OSPF, and other network services. To create a Connectivity Template, you need to go to the Staged tab and select Connectivity Templates from the left menu. Then, you can click on the + icon to create a new template. You can specify the name, description, and scope of the template. The scope determines which devices or device groups the template will be applied to. You can also specify the order of the template, which determines the priority of the template when multiple templates are applied to the same device. After creating the template, you can add configuration items to the template. To add a static route, you need to select Static Route from the drop-down menu and enter the destination network, subnet mask, and next-hop IP address. You can also specify the administrative distance and the track object for the static route. After adding the configuration items, you need to save the template and commit the changes to the blueprint. The other options are incorrect because:

A) under Active -> Virtual -> Routing Zones is wrong because this option allows you to view and modify the existing routing zones, but not to configure static routes for them.

B) under Staged -> Virtual -> Routing Zones is wrong because this option allows you to create and delete routing zones, but not to configure static routes for them.

C) under Active -> Connectivity Templates is wrong because this option allows you to view the existing connectivity templates, but not to create or modify them.Reference:

Connectivity Templates

Data Center Automation Using Juniper Apstra

According to the Juniper documentation1, a five-stage Clos architecture allows for large-scale topologies with an additional aggregation layer that interconnects multiple pods into a single fabric. A pod is a group of racks that share the same spine devices. A rack is a group of leaf devices that connect to the same servers. To create a five-stage Clos network using Juniper Apstra, you need to choose the pod-based fabric type in the template creation wizard. This will allow you to specify the number of pods, planes, spines, and leaves for your network design. Therefore, the correct answer is D. pod-based.Reference:5-Stage Clos Architecture | Apstra 4.1 | Juniper Networks

Referring to the exhibit, the image shows a user interface of the Juniper Apstra software application, which is used for network management and configuration. The image shows the Virtual Networks table under the Resources menu, which displays the details of the VLANs and VXLANs in the network. The table has 11 columns, but only 9 are visible in the image. The other two columns are IPv6 Connectivity and IPv6 Subnet, which are hidden by default. To display the IPv6 subnets for all of the listed VXLANs, the user needs to select Columns, then select IPv6 Subnet. This will show the IPv6 Subnet column in the table, which will display the IPv6 addresses assigned to the VXLANs from the IPv6 pools. For more information, seeVirtual Networks (Resources).Reference:

Virtual Networks (Resources)

IPv6 Pools (Resources)

Apstra User Guide

Juniper Apstra provides four system-defined user roles that are available in the Apstra GUI environment.They are:administrator,device_ztp,viewer, anduser1. Based on the web search results, we can infer the following statements:

viewer: This role includes permissions to only view various elements in the Apstra system, such as blueprints, devices, design, resources, external systems, platform, and others.Users with this role cannot create, edit, or delete any element12.

user: This role includes permissions to view and edit various elements in the Apstra system, such as blueprints, devices, design, resources, external systems, platform, and others.Users with this role cannot create or delete any element12.

authorized: This is not a system-defined user role in Juniper Apstra.It is a term used to describe users who have been authenticated by an external system, such as LDAP, Active Directory, TACACS+, or RADIUS3.

root: This is not a system-defined user role in Juniper Apstra. It is a term used to describe the superuser account on a Linux system, which has full access to all commands and files. Creating a user in the Apstra GUI does not provide that user access to the Apstra platform via SSH.To access the Apstra platform via SSH, you must create a local Linux system user4.Reference:

User / Role Management Introduction

User/Role Management (Platform)

AAA Providers

User Profile Management

The cabling map is a graphical representation of the physical connections between the devices in the data center fabric. It shows the status of the cables, interfaces, and BGP sessions for each device. You can use the cabling map to verify and repair the cabling before deploying your blueprint. Based on the web search results, we can infer the following statements:

Apstra can use LLDP data from the spine-to-leaf fabric devices to update the connections in the cabling map.This is true because Apstra can collect LLDP data from the devices using the Generic Graph Collector processor and use it to update the cabling map automatically.LLDP is a protocol that allows devices to exchange information about their identity, capabilities, and neighbors12.

Apstra can use LLDP data from the leaf devices to update the leaf-to-generic connections in the cabling map.This is true because Apstra can also collect LLDP data from the leaf devices and use it to update the connections to the generic devices, such as routers, firewalls, or servers.Generic devices are devices that are not managed by Apstra but are part of the data center fabric23.

You must manually change the cabling map to update spine-to-leaf fabric links.This is false because Apstra can use LLDP data to update the spine-to-leaf fabric links automatically, as explained above.However, you can also manually change the cabling map to override the Apstra-generated cabling, if needed24.

You must manually change the cabling map to update leaf-to-generic links.This is false because Apstra can use LLDP data to update the leaf-to-generic links automatically, as explained above.However, you can also manually change the cabling map to override the Apstra-generated cabling, if needed24.Reference:

LLDP Overview

Edit Cabling Map (Datacenter)

Generic Devices

Import / Export Cabling Map (Datacenter)

To implement ECMP in IP fabric using EBGP, you need to enable BGP to install multiple equal-cost paths in the routing table and to advertise them to the peers. The following actions are required to achieve this:

B) Use a load balancing policy applied to BGP as an export policy. This is true because you need to apply a load balancing policy to BGP as an export policy to allow BGP to advertise multiple paths to the same destination to the peers. By default, BGP only advertises the best path to the peers, which prevents ECMP. A load balancing policy can be configured to match the desired routes and set the multipath attribute to true. This will enable BGP to advertise up to the maximum number of paths configured by the maximum-paths command. For example, the following configuration applies a load balancing policy to BGP as an export policy for the neighbor 10.10.10.1:

policy-statement load-balance { term 1 { from { route-filter 192.168.0.0/16 exact; } then { multipath; accept; } } } protocols { bgp { group ebgp { type external; neighbor 10.10.10.1 { export load-balance; } } } }

C) Use the multipath multiple-as BGP parameter. This is true because you need to enable the multipath multiple-as BGP parameter to allow BGP to install multiple paths from different autonomous systems in the routing table. By default, BGP only installs multiple paths from the same autonomous system, which limits ECMP. The multipath multiple-as parameter can be configured under the BGP group or neighbor level. This will enable BGP to install up to the maximum number of paths configured by the maximum-paths command. For example, the following configuration enables the multipath multiple-as parameter for the BGP group ebgp:

protocols { bgp { group ebgp { type external; multipath multiple-as; } } }

The following options are incorrect because:

A) Use a load balancing policy applied to the forwarding table as an export policy is wrong because applying a load balancing policy to the forwarding table does not affect the BGP advertisement or installation of multiple paths. A load balancing policy applied to the forwarding table only affects how the traffic is distributed among the multiple paths in the forwarding table. It does not enable ECMP in BGP.

D) Use a load balancing policy applied to BGP as an import policy is wrong because applying a load balancing policy to BGP as an import policy does not affect the BGP advertisement of multiple paths. A load balancing policy applied to BGP as an import policy only affects how the BGP routes are accepted or rejected from the peers. It does not enable ECMP in BGP.Reference:

IP Fabric Underlay Network Design and Implementation

Use ECMP to distribute traffic between two paths, one learned by eBGP and one learned by iBGP on a Cisco NX-OS switch

Example: Configure an EVPN-VXLAN Centrally-Routed Bridging Fabric Using EBGP

According to the Juniper documentation1, a routing zone is an L3 domain, the unit of tenancy in multi-tenant networks. You create routing zones for tenants to isolate their IP traffic from one another, thus enabling tenants to re-use IP subnets. In addition to being in its own VRF, each routing zone can be assigned its own DHCP relay server and external system connections. You can create one or more virtual networks within a routing zone, which means a tenant can stretch its L2 applications across multiple racks within its routing zone. For virtual networks with Layer 3 SVI, the SVI is associated with a Virtual Routing and Forwarding (VRF) instance for each routing zone isolating the virtual network SVI from other virtual network SVIs in other routing zones. Therefore, the correct answer is D. A routing zone is used to enable the communication between two VNIs within a VRF. A routing zone is not used for L4-L7 inspection, securing routing protocols, or requiring firewalls. Those are not the purposes of a routing zone in Juniper Apstra software.Reference:Routing Zones

Referring to the exhibit, the image shows the Racks table under the Staged menu in the Juniper Apstra UI. The Racks table displays the details of the racks that are used in the blueprint, such as the name, rack type, and date.The rack type is a resource that defines the type and number of leaf devices, access switches, and/or generic systems that are used in rack builds1. The image shows seven racks in the table, but only two rack types: BorderLeaf and ServerRack. Therefore, the statement D is correct in this scenario.

The following three statements are incorrect in this scenario:

A) six. This is not true, because there are not six rack types in the table, but only two. The number six corresponds to the number of racks that have the same rack type: ServerRack.

B) three. This is not true, because there are not three rack types in the table, but only two. The number three does not correspond to any relevant information in the table or the image.

C) seven. This is not true, because there are not seven rack types in the table, but only two. The number seven corresponds to the total number of racks in the table, not the rack types.

Rack Types (Datacenter Design)

Racks (Staged)