H12-891_V1.0 Exam Dumps : HCIE-Datacom V1.0

The incorrect statement is Option C, which says “A site can only belong to only one VPN.” This is false because a single site can belong to multiple VPNs if needed. For example, in some enterprise designs, a site may be part of both the Finance VPN and the Management VPN by configuring multiple routing instances (VRFs) and policies accordingly.

Exact Extract - HCIE-Datacom VPN Technologies Chapter:

“A site may be associated with one or more VPNs, depending on business requirements. This is achieved through VRF and route-target configurations.”

Comprehensive and Detailed In-Depth Explanation:

The diagram shows a WAN network where Segment Routing (SR) is used in conjunction with the iMaster NCE controller. The network consists of Data Centers (DCs), Branches, Provider Edge (PE) routers, and Route Reflectors (RR) within AS 65600. Let ' s analyze each network technology and its placement in the scenario.

1. BGP-LS (Border Gateway Protocol - Link State):

Application Location: 1 (PE to RR)

Explanation:

BGP-LS is used to collect and distribute network topology information from the IGP (Interior Gateway Protocol) domain.

It enables the iMaster NCE (controller) to learn about the network topology and SR information from PE routers.

The PE routers send their link-state information to the RR using BGP-LS.

Why Location 1:

The RR collects topology data from PEs and forwards it to the controller for path computation.

2. BGP (Border Gateway Protocol):

Application Location: 2 (RR to iMaster NCE)

Explanation:

Standard BGP is used for route distribution and network connectivity.

The RR uses BGP to exchange route information with the controller (iMaster NCE).

Why Location 2:

The RR aggregates routes and exchanges them with the iMaster NCE for centralized management.

3. MP-IBGP (Multiprotocol Internal BGP):

Application Location: 3 (PE to PE)

Explanation:

MP-IBGP is used to exchange VPNv4 and VPNv6 routes between PE routers within the same AS.

It allows PEs to advertise VPN routes across the backbone network.

Why Location 3:

PEs need to communicate VPN-related information within the AS, ensuring end-to-end connectivity between DCs and branches.

4. BGP SR-Policy/PCEP (Path Computation Element Protocol):

Application Location: 4 (iMaster NCE to PE)

Explanation:

BGP SR-Policy and PCEP are used by the controller to distribute SR policies to the PE routers.

The iMaster NCE calculates optimal paths and sends the SR policies to PEs via BGP SR-Policy or PCEP.

Why Location 4:

The controller programs the Segment Routing paths directly to the PEs for optimal traffic engineering.

Why This Mapping Is Correct:

The mapping is based on the roles and functions of each protocol within the SR-based WAN architecture. The controller uses BGP-LS to learn topology, BGP for route reflection, MP-IBGP for VPN route exchange, and BGP SR-Policy/PCEP for path computation and distribution.