[Q10-Q28] Easily To Pass New JN0-664 Premium Exam Updated [Jul 16, 2023]

Easily To Pass New JN0-664 Premium Exam Updated [Jul 16, 2023]

JN0-664 Certification All-in-One Exam Guide Jul-2023

The JN0-664 certification exam is designed to test the skills and knowledge required to configure and troubleshoot Junos-based service provider routing and switching networks. The exam covers a wide range of topics, including OSPF, BGP, IS-IS, MPLS, Layer 2 VPNs, Layer 3 VPNs, multicast, QoS, and security. The exam also tests candidates' knowledge of Junos automation and scripting tools.

 

NEW QUESTION # 10
You are configuring a BGP signaled Layer 2 VPN across your MPLS enabled core network. Your PE-2 device connects to two sites within the s VPN In this scenario, which statement is correct?

• A. You must create a unique Layer 2 VPN routing instance for each site on the PE-2 device.
• B. You must use separate physical interfaces to connect PE-2 to each site.
• C. By default on PE-2, the site's local ID is automatically assigned a value of 0 and must be configured to match the total number of attached sites.
• D. By default on PE-2, the remote site IDs are automatically assigned based on the order that you add the interfaces to the site configuration.

Answer: D

Explanation:
Explanation
BGP Layer 2 VPNs use BGP to distribute endpoint provisioning information and set up pseudowires between PE devices. BGP uses the Layer 2 VPN (L2VPN) Routing Information Base (RIB) to store endpoint provisioning information, which is updated each time any Layer 2 virtual forwarding instance (VFI) is configured. The prefix and path information is stored in the L2VPN database, which allows BGP to make decisions about the best path.
In BGP Layer 2 VPNs, each site has a unique site ID that identifies it within a VFI. The site ID can be manually configured or automatically assigned by the PE device. By default, the site ID is automatically assigned based on the order that you add the interfaces to the site configuration. The first interface added to a site configuration has a site ID of 1, the second interface added has a site ID of 2, and so on.
Option D is correct because by default on PE-2, the remote site IDs are automatically assigned based on the order that you add the interfaces to the site configuration. Option A is not correct because by default on PE-2, the site's local ID is automatically assigned a value of 0 and does not need to be configured to match the total number of attached sites. Option B is not correct because you do not need to create a unique Layer 2 VPN routing instance for each site on the PE-2 device. You can create one routing instance for all sites within a VFI. Option C is not correct because you do not need to use separate physical interfaces to connect PE-2 to each site. You can use subinterfaces or service instances on a single physical interface.

NEW QUESTION # 11
Exhibit

Referring to the exhibit, which three statements are correct about route 10 0 0.0/16 when using the default BGP advertisement rules'? (Choose three.)

• A. R2 will advertise 10.0.0.0/16 to R4 with 172.16.1.1 as the next hop
• B. R4 will advertise 10 0.0 0/16 to R6 with 172.16 1 1 as the next hop
• C. R2 will advertise 10.0.0.0/16 to R3 with 192.168.1 1 as the next hop
• D. R1 will prepend AS 65531 when advertising 10 0.0 0/16 to R2.
• E. R1 will advertise 10.0.0.0/16 to R2 with 192 168 1 1 as the next hop.

Answer: A,B,E

Explanation:
Explanation
The problem in this scenario is that R1 and R8 are not receiving each other's routes because of private AS numbers in the AS path. Private AS numbers are not globally unique and are not advertised to external BGP peers. To solve this problem, you need to do the following:
* Configure loops on routers in AS 65412 and advertise-peer-as on routers in AS 64498. This allows R5 and R6 to advertise their own AS number (65412) instead of their peer's AS number (64498) when sending updates to R7 and R8. This prevents a loop detection issue that would cause R7 and R8 to reject the routes from R5 and R62
* Configure remove-private on advertisements from AS 64497 toward AS 64498 and from AS 64500 toward AS 64499. This removes any private AS numbers from the AS path before sending updates to external BGP peers. This allows R2 and R3 to receive the routes from R1 and R4, respectively3.

NEW QUESTION # 12
Exhibit

Referring to the exhibit, which statement is correct?

• A. The vrf-target configuration will allow routes to be shared between CE-1 and CE-2.
• B. The route-distinguisher configuration will allow overlapping routes to be shared between CE-1 and CE-2.
• C. The route-diatinguisher configuration will stop routes from being shared between CE-1 and CE-2.
• D. The vrf-target configuration will stop routes from being shared between CE-1 and CE-2.

Answer: B

Explanation:
Explanation
The route distinguisher (RD) is a BGP attribute that is used to create unique VPN IPv4 prefixes for each VPN in an MPLS network. The RD is a 64-bit value that consists of two parts: an administrator field and an assigned number field. The administrator field can be an AS number or an IP address, and the assigned number field can be any arbitrary value chosen by the administrator. The RD is prepended to the IPv4 prefix to create a VPN IPv4 prefix that can be advertised across the MPLS network without causing any overlap or conflict with other VPNs. In this question, we have two PE routers (PE-1 and PE-2) that are connected to two CE devices (CE-1 and CE-2) respectively. PE-1 and PE-2 are configured with VRFs named Customer-A and Customer-B respectively.

NEW QUESTION # 13
Exhibit

Based on the configuration contents shown in the exhibit, which statement is true?

• A. Joins for group 224.7.7.7 are rejected if the source address is 192.168.100.10
• B. Joins for any group are accepted if the group count value is less than 25.
• C. Joins for group 224.7.7.7 are accepted if the group count is less than 25
• D. Joins for group 224.7.7.7 are always rejected, regardless of the group count.

Answer: C

Explanation:
Explanation
BGP policy framework is a set of tools that allows you to control the flow of routing information and apply routing policies based on various criteria. BGP policy framework consists of several components, such as route maps, prefix lists, community lists, AS path lists, and route filters. Route maps are used to define routing policies by matching certain conditions and applying certain actions. Prefix lists are used to filter routes based on their prefixes. Community lists are used to filter routes based on their community attributes. AS path lists are used to filter routes based on their AS path attributes. Route filters are used to filter routes based on their prefix length or range3. In this question, we have a route map named ISP-A that has two clauses: clause 10 and clause 20. Clause 10 matches any route with a prefix length between 8 and 24 bits and sets the local preference to 200. Clause 20 matches any route with a prefix of 224.7.7.7/32 and rejects it. The route map is applied inbound on the BGP neighborship with ISP-A. Based on this configuration, the correct statement is that joins for group 224.7.7.7 are always rejected, regardless of the group count. This is because clause 20 explicitly denies any route with a prefix of 224.7.7.7/32, which corresponds to the multicast group 224.7.7.7.

NEW QUESTION # 14
Exhibit

Referring to the exhibit, you must provide Internet access for VPN-A using CE-1 as the hub CE.
Which two statements are correct in this situation? (Choose two.)

• A. RIB groups are not needed to leak routes between the inet. 0 and VPN-A. inet. 0 tables,
• B. Internet traffic from Site 2 takes the path of PE-2 -> PE-1 -> GW-1.
• C. You must use RIB groups to leak routes between the inet. o and vpn-a. inet. o tables.
• D. Internet traffic from Site 2 takes the path of PE-2 -> PE-1 -> CE-1 -> PE-1 -> GW-1.

Answer: C,D

Explanation:
Explanation
To provide Internet access for VPN-A using CE-1 as the hub CE, you need to do the following:
* You must use RIB groups to leak routes between the inet.0 and vpn-a.inet.0 tables on PE-1 and CE-1.
RIB groups are routing options that allow you to import routes from one routing table into another routing table based on certain criteria. In this scenario, you need to configure RIB groups on PE-1 and CE-1 to import Internet routes from inet.0 into vpn-a.inet.0 and vice versa.
* Internet traffic from Site 2 takes the path of PE-2 -> PE-1 -> CE-1 -> PE-1 -> GW-1. This is because Site 2 does not have direct Internet access and needs to use CE-1 as its default gateway for Internet traffic. Site 2 sends its Internet traffic to PE-2, which forwards it to PE-1 based on VPN-A routes. PE-1 then sends it to CE-1 based on RIB group import policy. CE-1 then sends it back to PE-1 based on its default route pointing to GW-1. PE-1 then forwards it to GW-1 based on RIB group import policy again.

NEW QUESTION # 15
Which two statements about IS-IS are correct? (Choose two.)

• A. CSNPs contain only descriptions of LSPs.
• B. CSNPs are flooded periodically
• C. PSNPs contain only descriptions of LSPs.
• D. PSNPs are flooded periodically.

Answer: B,C

Explanation:
Explanation
IS-IS is an interior gateway protocol that uses link-state routing to exchange routing information among routers within a single autonomous system. IS-IS uses two types of packets to synchronize link-state databases among routers: Link State Packets (LSPs) and Partial Sequence Number Packets (PSNPs). LSPs contain information about the state and cost of links in the network, and are flooded periodically throughout the network. PSNPs are used to acknowledge receipt of LSPs and request retransmission of missing or corrupted LSPs. PSNPs contain only descriptions of LSPs, such as their sequence numbers and checksums3. IS-IS also uses another type of packet called Complete Sequence Number Packets (CSNPs), which are used to summarize the entire link-state database at regular intervals or when a new adjacency is formed. CSNPs are flooded periodically throughout the network and contain only descriptions of LSPs4. Therefore, PSNPs contain only descriptions of LSPs and CSNPs are flooded periodically.
References: 3:
https://www.juniper.net/documentation/us/en/software/junos/routing-policy/topics/concept/routing-policy-is-is-p
4:
https://www.juniper.net/documentation/us/en/software/junos/routing-policy/topics/concept/routing-policy-is-is-c

NEW QUESTION # 16
Exhibit

You are running a service provider network and must transport a customer's IPv6 traffic across your IPv4-based MPLS network using BGP You have already configured mpis ipv6-tunneling on your PE routers.
Which two statements are correct about the BGP configuration in this scenario? (Choose two.)

• A. You must configure family inet6 unicaat between PE and CE routers.
• B. You must configure family inet6 add-path between PE and CE routers.
• C. You must configure family inet6 labcled-unicast between PE routers.
• D. You must configure family inet6 unicast between PE routers

Answer: A,C

Explanation:
Explanation
To transport IPv6 traffic over an IPv4-based MPLS network using BGP, you need to configure two address families: family inet6 labeled-unicast and family inet6 unicast. The former is used to exchange IPv6 routes with MPLS labels between PE routers, and the latter is used to exchange IPv6 routes without labels between PE and CE routers. The mpis ipv6-tunneling command enables the PE routers to encapsulate the IPv6 packets with an MPLS label stack and an IPv4 header before sending them over the MPLS network.

NEW QUESTION # 17
Exhibit.

Referring to the exhibit; the 10.0.0.0/24 EBGP route is received on R5; however, the route is being hidden.
What are two solutions that will solve this problem? (Choose two.)

• A. Add the external interface prefix to the IGP routing tables
• B. On R4, create a policy to change the BGP next hop to itself and apply it to IBGP as an export policy
• C. On R4, create a policy to change the BGP next hop to 172.16.1.1 and apply it to IBGP as an export policy
• D. Add the internal interface prefix to the BGP routing tables.

Answer: A,B

Explanation:
Explanation
the default behavior for iBGP is to propagate EBGP-learned prefixes without changing the next-hop. This can cause issues if the next-hop is not reachable via the IGP. One solution is to use the next-hop self command on R4, which will change the next-hop attribute to its own loopback address. This way, R5 can reach the next-hop via the IGP and install the route in its routing table.
Another solution is to add the external interface prefix (120.0.4.16/30) to the IGP routing tables of R4 and R5.
This will also make the next-hop reachable via the IGP and allow R5 to use the route. According to 2, this is a possible workaround for a pure IP network, but it may not work well for an MPLS network.

NEW QUESTION # 18
Which two statements are correct regarding bootstrap messages that are forwarded within a PIM sparse mode domain? (Choose two.)

• A. Bootstrap messages are forwarded only to routers that explicitly requested the messages within the PIM sparse-mode domain
• B. Bootstrap messages are used to notify which router is the PIM RP
• C. Bootstrap messages are forwarded to all routers within a PIM sparse-mode domain.
• D. Bootstrap messages distribute RP information dynamically during an RP election.

Answer: C,D

Explanation:
Explanation
Bootstrap messages are PIM messages that are used to distribute rendezvous point (RP) information dynamically during an RP election. Bootstrap messages are sent by bootstrap routers (BSRs), which are routers that are elected to perform the RP discovery function for a PIM sparse-mode domain. Bootstrap messages contain information about candidate RPs and their multicast groups, as well as BSR priority and hash mask length. Bootstrap messages are forwarded to all routers within a PIM sparse-mode domain using hop-by-hop flooding.

NEW QUESTION # 19
Which two statements are correct about reflecting inet-vpn unicast prefixes in BGP route reflection? (Choose two.)

• A. Route reflectors add their cluster ID to the AS path when readvertising client routes.
• B. Route reflectors do not change any existing BGP attributes by default when advertising routes.
• C. Clients add their originator ID when advertising routes to their route reflector
• D. A BGP peer does not require any configuration changes to become a route reflector client.

Answer: B,D

Explanation:
Explanation
Route reflection is a BGP feature that allows a router to reflect routes learned from one IBGP peer to another IBGP peer, without requiring a full-mesh IBGP topology. Route reflectors do not change any existing BGP attributes by default when advertising routes, unless explicitly configured to do so. A BGP peer does not require any configuration changes to become a route reflector client, only the route reflector needs to be configured with the client parameter under [edit protocols bgp group group-name neighbor neighbor-address] hierarchy level.

NEW QUESTION # 20
Exhibit

CE-1 must advertise ten subnets to PE-1 using BGP Once CE-1 starts advertising the subnets to PE-1, the BGP peering state changes to Active.
Referring to the CLI output shown in the exhibit, which statement is correct?

• A. CE-1 is advertising its entire routing table.
• B. The prefix limit has been reached on PE-1
• C. CE-1 is unreachable
• D. CE-1 is configured with an incorrect peer AS

Answer: D

Explanation:
Explanation
The problem in this scenario is that CE-1 is configured with an incorrect peer AS number for its BGP session with PE-1. The CLI output shows that CE-1 is using AS 65531 as its local AS number and AS 65530 as its peer AS number. However, PE-1 is using AS 65530 as its local AS number and AS 65531 as its peer AS number. This causes a mismatch in the BGP OPEN messages and prevents the BGP session from being established. To solve this problem, CE-1 should configure its peer AS number as 65530 under [edit protocols bgp group external] hierarchy level.

NEW QUESTION # 21
Exhibit

Which two statements are true about the OSPF adjacency displayed in the exhibit? (Choose two.)

• A. There is a mismatch in the dead interval parameter between routers R1 and R2.
• B. There is a mismatch in the poll interval parameter between routers R1 and R2.
• C. There is a mismatch in the hello interval parameter between routers R1 and R2
• D. There is a mismatch in the OSPF hold timer parameter between routers R1 and R2.

Answer: A,C

Explanation:
Explanation
The hello interval is the time interval between two consecutive hello packets sent by an OSPF router on an interface. The dead interval is the time interval after which a neighbor is declared down if no hello packets are received from it. These parameters must match between two OSPF routers for them to form an adjacency. In the exhibit, router R1 has a hello interval of 10 seconds and a dead interval of 40 seconds, while router R2 has a hello interval of 30 seconds and a dead interval of 120 seconds. This causes a mismatch and prevents them from becoming neighbors23.

NEW QUESTION # 22
Exhibit

You want to implement the BGP Generalized TTL Security Mechanism (GTSM) on the network Which three statements are correct in this scenario? (Choose three)

• A. BGP GTSM requires a TTL of 255 to be configured between neighbors.
• B. You can implement BGP GTSM between R2 and R1.
• C. You can implement BGP GTSM between R2, R3, and R4
• D. BGP GTSM requires a TTL of 1 to be configured between neighbors.
• E. BGP GTSM requires a firewall filter to discard packets with incorrect TTL.

Answer: A,C,D

Explanation:
Explanation
BGP GTSM is a technique that protects a BGP session by comparing the TTL value in the IP header of incoming BGP packets against a valid TTL range. If the TTL value is within the valid TTL range, the packet is accepted. If not, the packet is discarded. The valid TTL range is from 255 - the configured hop count + 1 to
255. When GTSM is configured, the BGP packets sent by the device have a TTL of 255. GTSM provides best protection for directly connected EBGP sessions, but not for multihop EBGP or IBGP sessions because the TTL of packets might be modified by intermediate devices.
In the exhibit, we can see that R2, R3, and R4 are in the same AS (AS 20) and R1 is in a different AS (AS 10).
Based on this information, we can infer the following statements:
* You can implement BGP GTSM between R2, R3, and R4. This is not correct because R2, R3, and R4 are IBGP peers and GTSM does not provide effective protection for IBGP sessions. The TTL of packets between IBGP peers might be changed by intermediate devices or routing protocols.
* BGP GTSM requires a firewall filter to discard packets with incorrect TTL. This is not correct because BGP GTSM does not require a firewall filter to discard packets with incorrect TTL. BGP GTSM uses TCP option 19 to negotiate GTSM capability between peers and uses TCP option 20 to carry the expected TTL value in each packet. The receiver checks the expected TTL value against the actual TTL value and discards packets with incorrect TTL values.
* You can implement BGP GTSM between R2 and R1. This is correct because R2 and R1 are EBGP peers and GTSM provides effective protection for directly connected EBGP sessions. The TTL of packets between directly connected EBGP peers is not changed by intermediate devices or routing protocols.
* BGP GTSM requires a TTL of 1 to be configured between neighbors. This is not correct because BGP GTSM requires a TTL of 255 to be configured between neighbors. The sender sets the TTL of packets to 255 and the receiver expects the TTL of packets to be 255 minus the configured hop count.
* BGP GTSM requires a TTL of 255 to be configured between neighbors. This is correct because BGP GTSM requires a TTL of 255 to be configured between neighbors. The sender sets the TTL of packets to 255 and the receiver expects the TTL of packets to be 255 minus the configured hop count.

NEW QUESTION # 23
Exhibit

Which two statements about the configuration shown in the exhibit are correct? (Choose two.)

• A. A Layer 3 VPN is configured.
• B. This VPN connects customer sites that use different AS numbers.
• C. A Layer 2 VPN is configured.
• D. This VPN connects customer sites that use the same AS number

Answer: A,B

Explanation:
Explanation
The configuration shown in the exhibit is for a Layer 3 VPN that connects customer sites that use different AS numbers. A Layer 3 VPN is a type of VPN that uses MPLS labels to forward packets across a provider network and BGP to exchange routing information between PE routers and CE routers. A Layer 3 VPN allows customers to use different routing protocols and AS numbers at their sites, as long as they can peer with BGP at the PE-CE interface. In this example, CE-1 is using AS 65530 and CE-2 is using AS 65531, but they can still communicate through the VPN because they have BGP sessions with PE-1 and PE-2, respectively.

NEW QUESTION # 24
Exhibit

You have MAC addresses moving in your EVPN environment
Referring to the exhibit, which two statements are correct about the sequence number? (Choose two)

• A. It is advertised using a Type 2 message
• B. It helps the local PE to identify the latest advertisement.
• C. It resolves conflicting MAC address ownership claims.
• D. It identifies MAC addresses that should be discarded.

Answer: B,C

Explanation:
Explanation
The sequence number is a field in the MAC mobility extended community that is used to resolve conflicting MAC address ownership claims and to help the local PE to identify the latest advertisement. The sequence number is incremented by one for every MAC address mobility event, such as when a host moves from one Ethernet segment to another segment in the EVPN network. The PE device that receives multiple MAC advertisements for the same MAC address chooses the one with the highest sequence number as the most recent and valid advertisement.

NEW QUESTION # 25
When building an interprovider VPN, you notice on the PE router that you have hidden routes which are received from your BGP peer with family inet labeled-unica3t configured.
Which parameter must you configure to solve this problem?

• A. Under the family inet labeled-unicast hierarchy, add the resolve-vpn parameter.
• B. Under the protocols ospf hierarchy, add the traffic-engineering parameter.
• C. Under the protocols mpls hierarchy, add the traffic-engineering parameter
• D. Under the family inet labeled-unicast hierarchy, add the explicit null parameter.

Answer: A

Explanation:
Explanation
The resolve-vpn parameter is a BGP option that allows a router to resolve labeled VPN-IPv4 routes using unlabeled IPv4 routes received from another BGP peer with family inet labeled-unicast configured. This option enables interprovider VPNs without requiring MPLS labels between ASBRs or using VRF tables on ASBRs. In this scenario, you need to configure the resolve-vpn parameter under [edit protocols bgp group external family inet labeled-unicast] hierarchy level on both ASBRs.

NEW QUESTION # 26
Exhibit

A network is using IS-IS for routing.
In this scenario, why are there two TLVs shown in the exhibit?

• A. The interface specified a metric of 100 for L2.
• B. Both IPv4 and IPv6 are being used in the topology
• C. There are both narrow and wide metric devices in the topology
• D. Wide metrics have specifically been requested

Answer: C

Explanation:
Explanation
TLVs are tuples of (Type, Length, Value) that can be advertised in IS-IS packets. TLVs can carry different kinds of information in the Link State Packets (LSPs). IS-IS supports both narrow and wide metrics for link costs. Narrow metrics use a single octet to encode the link cost, while wide metrics use three octets. Narrow metrics have a maximum value of 63, while wide metrics have a maximum value of 16777215. If there are both narrow and wide metric devices in the topology, IS-IS will advertise two TLVs for each link: one with the narrow metric and one with the wide metric. This allows backward compatibility with older devices that only support narrow metrics12.

NEW QUESTION # 27
Exhibit
user@Rl show configuration interpolated-profile { interpolate {
fill-level [ 50 75 drop-probability [ > }
class-of-service drop-profiles
];
20 60 ];
Which two statements are correct about the class-of-service configuration shown in the exhibit? (Choose two.)

• A. To use this drop profile, you reference it in a scheduler.
• B. The drop probability jumps immediately from 20% to 60% when the queue level reaches 75% full.
• C. To use this drop profile, you apply it directly to an interface.
• D. The drop probability gradually increases from 20% to 60% as the queue level increases from 50% full to
  75% full

Answer: A,D

Explanation:
Explanation
class-of-service (CoS) is a feature that allows you to prioritize and manage network traffic based on various criteria, such as application type, user group, or packet loss priority. CoS uses different components to classify, mark, queue, schedule, shape, and drop traffic according to the configured policies.
One of the components of CoS is drop profiles, which define how packets are dropped when a queue is congested. Drop profiles use random early detection (RED) algorithm to drop packets randomly before the queue is full, which helps to avoid global synchronization and improve network performance. Drop profiles can be discrete or interpolated. A discrete drop profile maps a specific fill level of a queue to a specific drop probability. An interpolated drop profile maps a range of fill levels of a queue to a range of drop probabilities and interpolates the values in between.
In the exhibit, we can see that the class-of-service configuration shows an interpolated drop profile with two fill levels (50 and 75) and two drop probabilities (20 and 60). Based on this configuration, we can infer the following statements:
* The drop probability jumps immediately from 20% to 60% when the queue level reaches 75% full. This is not correct because the drop profile is interpolated, not discrete. This means that the drop probability gradually increases from 20% to 60% as the queue level increases from 50% full to 75% full. The drop probability for any fill level between 50% and 75% can be calculated by using linear interpolation formula.
* The drop probability gradually increases from 20% to 60% as the queue level increases from 50% full to
75% full. This is correct because the drop profile is interpolated and uses linear interpolation formula to calculate the drop probability for any fill level between 50% and 75%. For example, if the fill level is
60%, the drop probability is 28%, which is calculated by using the formula: (60 - 50) / (75 - 50) * (60 -
20) + 20 = 28.
* To use this drop profile, you reference it in a scheduler. This is correct because a scheduler is a component of CoS that determines how packets are dequeued from different queues and transmitted on an interface. A scheduler can reference a drop profile by using the random-detect statement under the
[edit class-of-service schedulers] hierarchy level. For example: scheduler test { transmit-rate percent 10; buffer-size percent 10; random-detect test-profile; }
* To use this drop profile, you apply it directly to an interface. This is not correct because a drop profile cannot be applied directly to an interface. A drop profile can only be referenced by a scheduler, which can be applied to an interface by using the scheduler-map statement under the [edit class-of-service interfaces] hierarchy level. For example: interfaces ge-0/0/0 { unit 0 { scheduler-map test-map; } }

NEW QUESTION # 28
......

Last JN0-664 practice test reviews: Practice Test Juniper dumps: https://www.freepdfdump.top/JN0-664-valid-torrent.html

Get Real JN0-664 Exam Dumps [Jul-2023] Practice Tests: https://drive.google.com/open?id=1Jf-BK7QoZjMyn2hMlHzdHfI2WRHY7uBb