R2 is receiving a route from an EBGP neighbor and is advertising the route to R4. Referring to the exhibit, which configuration on R2 will solve the issue with the route on R4?
A.
Move the no-advertise export policy from group 65002 to a global BGP policy.
B.
Move the nhs policy from a global BGP export policy to an export policy under group 65002.
C.
Move the no-export policy from a global BGP import policy to an import policy under group 65001.
D.
Move the no-advertise export policy from group 65001 to a global BGP policy.
A is the correct answer.
B is not correct. If move NHS policy from global level to group 65002 level, this policy still not be considered because no-advertise policy is under neighbor 44.44.44.44 level and it is the most specific policy and it is only policy to be considered. If NHS policy is not considered, R2 will not change Next-hop of route when advertising to R4 >>> R4 show next-hop unusable.
As EBGP is established between R2 and R4, when R2 advertises routes to R4, R2 will change next-hop to its interface address without any policy. The NHS should be applied for IBGP and next hop address is loopback address. If NHS is applied to global, I wonder what is next hop address when R2 advertises routes to R4.
I missed both groups have export-policy. To enable NHS policy for group 65002, no-advertise must be moved from group 65002 neighbor 44.44.44.44 to the global in order not to prioritize no-advertise. A is the correct answer.
no-advertise means that R4 will not forward this prefix to another BGP neighbor, but it can use it and install it!
B is valid, because only the most explicit policy is applied (no advertise), so nhs never gets to be applied.
https://www.juniper.net/documentation/us/en/software/junos/routing-policy/bgp/topics/example/policy-bgp-levels.html
B is correct because there is a problem, next hop unusable. The problem of next hop resolution is being caused because the prefix is being advertised to iBGP peer without next-hop-self action on policy. It's necessary to move nhs policy to group to solve that problem.
I think the correct answer is C
As the router will not send it to it's peers.
If you apply the no-advertise on export, the router will send it to it's peer while requesting they do not advertise it internally and externally...
B seems more correct,
if we look at the output of show command, protocol next hop is 172.16.1.1 and this IP is of the neighbor in the AS 65001 (in different AS), i think the question is about solving nhs issue.
A is the correct answer.
B is not correct, if "nhs" policy move to group pilicey the is stil more specific policy under the neighbor 44.44.44.44
test on lab.
This route is not usable due to no NHS performed when advertising across the iBGP peer. This can be corrected by ether A or B. Considering NHS should only be done for IBGP peers, would choose B as best practice.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
minmon_6789
Highly Voted 3 years, 1 month agoHoangDinh
3 years, 1 month agonyanko
2 years, 9 months agonyanko
2 years, 8 months agomuch2furious
1 year, 10 months agoztw3587t
Most Recent 1 year, 5 months agomohdema
1 year, 12 months agoguesswho123
2 years agomanafo
2 years, 2 months agoPanadol
2 years, 4 months agodexjov
2 years, 7 months agoTomerd
2 years, 8 months agoSct38
2 years, 11 months agomanafo
2 years, 2 months ago