Designing Cisco Enterprise Networks (ENSLD) — Question 29

A branch office has a primary L3VPN MPLS connection back to the main office and an IPSEC VPN tunnel that serves as backup. Which design ensures that data is sent over the backup connection only if the primary MPLS circuit is down?

Answer options

• A. Use EIGRP to establish a neighbor relationship with the main office via L3VPN MPLS and the IPSEC VPN tunnel.
• B. Use BGP with the multipath feature enabled to force traffic via the primary path when available.
• C. Use static routes tied to an IP SLA to prefer the primary path while a floating static route points to the backup connection.
• D. Use OSPF with a passive-interface command on the backup connection.

Correct answer: C

Explanation

The correct answer is C because using static routes with IP SLA allows for active monitoring of the primary path and only switches to the backup when the primary fails. Option A does not provide a mechanism for failover, B would still send traffic through the primary but does not ensure a backup route, and D would not allow the backup connection to actively route traffic when the primary is up.