You need to configure the default route on Vnet2 and Vnet3. The solution must meet the virtual networking requirements. What should you use to configure the default route?
A.
route filters
B.
BGP route exchange
C.
a user-defined route assigned to GatewaySubnet in Vnet1
D.
a user-defined route assigned to GatewaySubnet in Vnet2 and Vnet3
B. BGP route exchange
Virtual Networking Requirements
Direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the Boston datacenter over an ExpressRoute circuit.
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview#border-gateway-protocol
Border gateway protocol
An on-premises network gateway can exchange routes with an Azure virtual network gateway using the border gateway protocol (BGP). Using BGP with an Azure virtual network gateway is dependent on the type you selected when you created the gateway. If the type you selected were:
• ExpressRoute: You must use BGP to advertise on-premises routes to the Microsoft Edge router. You can't create user-defined routes to force traffic to the ExpressRoute virtual network gateway if you deploy a virtual network gateway deployed as type: ExpressRoute. You can use user-defined routes for forcing traffic from the Express Route to, for example, a Network Virtual Appliance.
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview#user-defined
Virtual network gateway: Specify when you want traffic destined for specific address prefixes routed to a virtual network gateway. The virtual network gateway must be created with type VPN. You can't specify a virtual network gateway created as type ExpressRoute in a user-defined route because with ExpressRoute, you must use BGP for custom routes. You can't specify Virtual Network Gateways if you have VPN and ExpressRoute coexisting connections either. You can define a route that directs traffic destined for the 0.0.0.0/0 address prefix to a route-based virtual network gateway. On your premises, you might have a device that inspects the traffic and determines whether to forward or drop the traffic. If you intend to create a user-defined route for the 0.0.0.0/0 address prefix, read 0.0.0.0/0 address prefix first. Instead of configuring a user-defined route for the 0.0.0.0/0 address prefix, you can advertise a route with the 0.0.0.0/0 prefix via BGP, if you've enabled BGP for a VPN virtual network gateway.
To configure the default route on Vnet2 and Vnet3, we can use BGP route exchange. This would allow us to advertise the default route of 0.0.0.0/0 from the Boston datacenter over an ExpressRoute circuit to Vnet2 and Vnet3. This meets the requirement to direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the Boston datacenter over an ExpressRoute circuit.
Option A, route filters, are used to allow or deny routes based on a set of defined rules. They are not used to configure the default route.
Option C, a user-defined route assigned to GatewaySubnet in Vnet1, would only affect traffic within Vnet1, and not traffic from Vnet2 and Vnet3 to the Boston datacenter.
Option D, a user-defined route assigned to GatewaySubnet in Vnet2 and Vnet3, would only affect traffic within Vnet2 and Vnet3, and not traffic from Vnet2 and Vnet3 to the Boston datacenter.
Therefore, the correct answer is B. BGP route exchange.
BGP is learning and exchanging the routes dynamically. Virtual Networking Requirements are asking us to direct all traffic (default route) from 2 VNETs to on premises. It is a forced tunnelling which requires UDR and default site (Boston).
Well, this is tricky question
With Vnet-to-Vnet connections the answer would have been B, but we have peerings between VNets, in this case we need a user-defined route assigned to GatewaySubnet in Vnet2 and Vnet3 RTs to route the traffic from spoke VNets to On-prem via GW.
Summary you can NOT direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 using BGP Exchange over peering connections.
Answer Should be D
B is only correct if vnet2 and vnet3 are connecting directly to express route on Boston DC.
if not, then UDR assigned to GS in VNET 1 , given vnet2 and 3 are peered and they have UDRs 0.0.0.0/0 to VNET1
sorry, this is wrong as VNEt1 would have to have NVA to forward traffic to gateway.
As long as VNETs are peered, BGP should be able to propagate routes from ERGW
hey honey, could you explain why is B please?
Besides, what is the exact connection between "BGP route exchange" and the link about the peering networks overview you have shared?
I think D is Ans.
If you enable BGP and 0.0.0.0/0 is propagated from on-premises,
Works like a request.
However, this question does not have information that confirms that it is propagated from on-premises.
No.
https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-forced-tunneling
There is also a method of setting a forced tunnel with UDR without using BGP as follows,
There is a possibility that D is the correct answer
In that case, the nexthop will be the gateway.
All answers are wrong :) BGP will not help to propagate default route? VNet2 and VNet3 don't know that they have to send default traffic (0.0.0.0/0) to Vnet1
https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-bgp-resource-manager-ps?toc=%2Fazure%2Fvirtual-network%2Ftoc.json#part-3---establish-a-vnet-to-vnet-connection-with-bgp
VNet2 and VNet3 will exchange route informations though vnet to vnet connection via bgp with vnet1
You are wrong homie.
BGP enables multiple gateways to learn and propagate prefixes from different networks, whether they are directly or indirectly connected. This can enable transit routing with Azure VPN gateways between your on-premises sites or across multiple Azure Virtual Networks.
https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-bgp-overview#transitrouting
It's correct.
You can create custom routes by either creating user-defined routes, or by exchanging border gateway protocol (BGP) routes between your on-premises network gateway and an Azure virtual network gateway.
As it's mentionned "Direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the Boston datacenter over an ExpressRoute circuit." then UDR doesn't match, we need BGP protocol
the action on vnet 1 is c, but the question is what needs to be done on vnet2 &3, so i guess enabling bgp is required.
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.AZ-700 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Fearless90
Highly Voted 2 years, 10 months agoFearless90
2 years, 10 months agoFearless90
2 years, 10 months agoFearless90
2 years, 10 months agoFearless90
2 years, 10 months ago[Removed]
Highly Voted 2 years agoSergovladi
Most Recent 2 months, 2 weeks agoAndrewwfw
9 months agocerifyme85
1 year, 2 months agocerifyme85
1 year, 2 months agoLazylinux
1 year, 5 months agomanhattan
3 months, 2 weeks agoKalzonee3611
1 year, 1 month agoJennyHuang36
2 years, 2 months agomhmyz
2 years, 3 months agocypher9
2 years, 9 months agoPayday123
2 years, 9 months agosapien45
2 years, 6 months agosapien45
2 years, 6 months agounclegrandfather
2 years, 10 months agowsrudmen
2 years, 11 months agoKay04
2 years, 12 months agoRVR
2 years, 11 months ago