Exam 300-410 topic 1 question 80 discussion

It looks like nobody has read the question :-) The answer is B

CCNP is more of English exam vs networking :P

B for sure it says less which mean le

If you want to improve convergence instead of sending /24 prefixes or even more specific prefixes you send a less /23 specific route this will improve convergence, because you do not need to learn all the specific routes. For me is A for this reason

The correct answer is B. We need the "le" since it means less or equal". A is incorrect because it would block everything with a mask of /23 or HIGHER, not lower.

Answer is B, but to prevent Masks lower than 23 you should write le 22 (less equal), isn't it?

B is correct

1. **172.16.0.0/16 major network**: This indicates a network with an IP range from 172.16.0.0 to 172.16.255.255. The "/16" signifies that the first 16 bits of the IP address are used for the network portion, leaving the remaining bits for host addresses. 2. **Mask lower than 23**: The term "mask" refers to the subnet mask, which determines how many bits are used for the network portion of an IP address. A mask lower than 23 means subnets that have more than 9 bits (32 - 23 = 9) for host addresses. In other words, subnets with a subnet mask such as /17, /18, /19, /20, /21, or /22. These subnets would be larger than those with a /23 subnet mask. 3. **Blocking from coming in**: This indicates setting up a rule to prevent these subnets from accessing the network or resource.

We have to block all subnets of 172.16.0.0/16 with mask less that 23 and from the list we have just two subnets to correspond to the subnet. 172.16.16.0/20 and 172.16.0.0/16 Why to choose to block from ge 23 and beyond which means to allow what we actually have to block as per task?

A is the correct answer “Blocking all subnets of 172.16.0.0/16 major network with a mask lower than 23 from coming in” would block 172.16.16.0/20. The first prefix-list “ip prefix-list PL-1 deny 172.16.0.0/16 le 23” means “all networks that fall within the 172.16.0.0/16 range AND that have a subnet mask of /23 or less” are denied. The second prefix-list “ip prefix-list PL-1 permit 0.0.0.0/0 le 32” means allows all other prefixes.

In summary, any subnet mask with a number higher than 23 (like /24, /25, /26, etc.)

Block subnets smaller than 23, meaning 24,25, etc. https://www.ciscozine.com/cisco-prefix-lists/

The best configuration to block all subnets of the 172.16.0.0/16 major network with a mask lower than /23 from being advertised by R2 to R1 is option B: B. ip prefix-list PL-1 deny 172.16.0.0/16 le 23 ip prefix-list PL-1 permit 0.0.0.0/0 le 32 ! router bgp 100 neighbor 192.168.100.2 remote-as 200 neighbor 192.168.100.2 prefix-list PL-1 in This configuration uses a prefix-list (PL-1) to deny routes with a prefix length less than or equal to /23 from the 172.16.0.0/16 major network. It then permits all other routes. The prefix-list PL-1 is applied to the BGP neighbor 192.168.100.2 in the inbound direction using the prefix-list PL-1 in command. Option A, C, and D either don't specify the correct prefix-list filtering criteria or use access-lists, which are not the most appropriate for this task. Option B aligns with the requirement to block subnets with a mask lower than /23 from the major network.

Ge 23 Le 32 means 23-32. when it states lower than a subnet, it means lower number. i encourage all to research what that means. https://learningnetwork.cisco.com/s/question/0D53i00000Kt3t5CAB/ge-le

To block all subnets of 172.16.0.0/16 with a mask lower than 23 from coming in on R1, you can use either a prefix-list or an access list. Let's evaluate the provided options: A. This option uses a prefix-list and denies subnets of 172.16.0.0/16 with a mask greater than or equal to 23. This is incorrect because you want to block subnets with a mask lower than 23. B. This option uses a prefix-list and denies subnets of 172.16.0.0/16 with a mask less than or equal to 23. This is the correct option because it matches the requirement. C. This option uses a prefix-list but doesn't specify the mask length in the deny statement, so it would not block any specific subnets within 172.16.0.0/16. D. This option uses an access list but denies subnets of 172.16.0.0/16 with a mask of 0.0.254.255, which is not the correct mask to block subnets with a mask lower than 23. So, the correct configuration is option B

The answer is B

How can it be A when it says pemit 172.16.0.0/16 with a subnet mask greater than or equal to 23...It's B.