JNCIP-ENT: Juniper Networks Certified Professional – Enterprise Routing (2024) — Question 29

Your enterprise network is running BGP VPNs to support multitenancy. Some of the devices with which you peer BGP do not support the VPN NLRI. You must ensure that you do not send BGP VPN routes to the remote peer.
Which two configuration steps will satisfy this requirement? (Choose two.)

Answer options

• A. Configure an import policy on the remote peer to reject the routes when they are received.
• B. Configure an export policy on the local BGP peer to reject the VPN routes being sent to the remote peer.
• C. Configure a route reflector for the VPN NLRI.
• D. Configure the apply-vpn-export feature on the local BGP peer.

Correct answer: B, D

Explanation

Option B is correct because configuring an export policy on the local BGP peer will prevent VPN routes from being sent to peers that do not support them. Option D is also correct as the apply-vpn-export feature on the local BGP peer ensures that VPN routes are not exported to incompatible peers. Options A and C are incorrect because they do not address the requirement of stopping the routes from being sent in the first place.