H12-891_V1.0 Exam Dumps : HCIE-Datacom V1.0

In SR-MPLS (Segment Routing over MPLS), prefix SID conflicts may occur if multiple prefixes are assigned the same SID or vice versa.

Conflict resolution principle (Huawei standard):

When there are multiple SIDs for the same prefix, the SID with the lowest value wins.

When the same SID is assigned to multiple prefixes, the prefix with the smallest address wins.

Apply to this case:

Conflict: Two entries for 1.1.1.1/32 with SID 2 and SID 1.

SID 1 is lower, so 1.1.1.1/32 → SID 1 is selected.

Correct answer: D. 1.1.1.1/32 → SID 1

Huawei IPsec supports multiple modes for establishing Security Associations (SAs):

A. Template negotiation — Used in IPsec policy templates and dynamic VPNs.

B. IKE auto-negotiation mode — Automatically negotiates parameters via IKE Phase 1/2.

C. Certificate negotiation — IPsec peers can authenticate each other using certificates during IKE negotiation.

D. Manual mode — Static IPsec SAs can be manually configured without IKE, often used in simple or static topologies.

Exact Extract - Huawei Security Configuration Guide (USG Series):

“IPsec SAs can be established manually or dynamically through IKE, including using PSKs or certificates. Template-based approaches simplify large-scale deployment.”

The Protocol Trace function of iMaster NCE-CampusInsight allows O & M teams to analyze the full packet exchange process (e.g., DHCP, authentication, IP acquisition) between clients and the network. In this scenario, it helped pinpoint DHCP address pool exhaustion as the cause.

Exact Extract - Huawei iMaster NCE-CampusInsight Product Documentation:

“The Protocol Trace function visualizes packet-level interaction processes for DHCP, ARP, 802.1X, and others, allowing fast identification of root causes for network access issues.”