I built this in GNS3.  The ACL only prohibits TCP 179 and I was still getting  this debug
ICMP: dst (10.255.255.1) administratively prohibited unreachable rcv from 10.0.12.2

I used wireshark and realized that i was getting a notification via ICMP that the TCP attempt was prohibited by R2.  In short, the ACL blocks TCP 179, P2 uses ICMP to Notify PE1 of the prohibited TCP 179 traffic.  Thus the ICMP Unreachable.

https://drive.google.com/file/d/1JdEY_gy...sp=sharing


PE1#
PE1#debug ip tcp trans
TCP special event debugging is on
PE1#debug ip icmp
ICMP packet debugging is on
PE1#clear ip bgp *
PE1#
PE1#
PE1#
*Feb 24 05:28:02.013: %BGP-3-NOTIFICATION_MANY: sent to 1 sessions 6/4 (Administrative Reset) for all peers
PE1#
*Feb 24 05:28:07.362: TCBF7660230 created
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_VRFTABLEID (20) F7656CC4
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_MD5KEY (4) 0
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_ACK_RATE (37) F784127C
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_TOS (11) F7841290
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_PMTU (45) F7841248
*Feb 24 05:28:07.362: TCBF7660230 setting property TCP_RTRANSTMO (36) F7841278
*Feb 24 05:28:07.362:  tcp_uniqueport: using ephemeral max 65535
*Feb 24 05:28:07.362: TCP: Random local port generated 49575, network 1
*Feb 24 05:28:07.362: TCBF7660230 bound to 10.255.255.1.49575
*Feb 24 05:28:07.362: Reserved port 49575 in Transport Port Agent for TCP IP type 1
*Feb 24 05:28:07.362: TCBF7660230 getting property TCP_STRICT_ADDR_BIND (19)
*Feb 24 05:28:07.362: TCP: pmtu enabled,mss is now set to 1460
*Feb 24 05:28:07.362: TCP: sending SYN, seq 1784972807, ack 0
*Feb 24 05:28:07.362: TCP0: Connection to 10.255.255.3:179, advertising MSS 1460
*Feb 24 05:28:07.362: TCP0: state was CLOSED -> SYNSENT [49575 -> 10.255.255.3(179)]
*Feb 24 05:28:07.364: ICMP: dst (10.255.255.1) administratively prohibited unreachable rcv from 10.0.12.2
PE1#
*Feb 24 05:28:07.364: TCP0: ICMP destination unreachable received
*Feb 24 05:28:07.364: Released port 49575 in Transport Port Agent for TCP IP type 1 delay 240000
*Feb 24 05:28:07.364: TCP0: state was SYNSENT -> CLOSED [49575 -> 10.255.255.3(179)]
*Feb 24 05:28:07.364: TCB 0xF7660230 destroyed
PE1#und all

correct answer should be VRF, not VFP.

Correct answer is to Add a static router to the 8.8.8.8/32 destination through next hop 203.0.113.1


Ethernet 0/0 is used for the ISP1 default route.
Ethernet 0/1 is used for the ISP2 default route.


The default route named ISP1 will not come up unless 8.8.8.8 is reachable.  8.8.8.8 is not reachable without a default route.

Adding a static route to 8.8.8.8 tells the router how to reach SLA1's target so the default route can come up without the need for the other static route (ISP2).

Correct answer is to configure ebgp multihop on RB. the output of RD shows that ebgp-multihop is configured on RD.  See below example of how ebgp multihop is shown in the command output for bpg neighbors.

IOU2(config-router)#do sh run | section router bgp
router bgp 200
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
IOU2(config-router)#
IOU2(config-router)#do show ip bgp neigh | inc External BGP neighbor
  External BGP neighbor not directly connected. <-- multihop not configured
  External BGP neighbor configured for connected checks (single-hop no-disable-connected-check)
IOU2(config-router)#
IOU2(config-router)#
IOU2(config-router)#neigh 1.1.1.1 ebgp-multihop 3 <-- Configure Multihop
IOU2(config-router)#
IOU2(config-router)#do show ip bgp neigh | inc External BGP neighbor
  External BGP neighbor may be up to 3 hops away. <-- output showing multihop is configured.
  External BGP neighbor NOT configured for connected checks (multi-hop no-disable-connected-check)
IOU2(config-router)#
IOU2(config-router)#
IOU2(config-router)#neigh 1.1.1.1 ebgp-multihop 10
IOU2(config-router)#do show ip bgp neigh | inc External BGP neighbor
  External BGP neighbor may be up to 10 hops away.
  External BGP neighbor NOT configured for connected checks (multi-hop no-disable-connected-check)
IOU2(config-router)#


###example once ebgp multihop is configured on opposite router.
IOU2#sh ip bgp neigh | inc remote router ID
  BGP version 4, remote router ID 1.1.1.1

remaining part of this quesiton.

After this configuration, ISP-1 and ISP-2 continue to receive the specific routes and the summary route.
Which configuration resolves the issue?

https://www.examtopics.com/discussions/c...iscussion/

Per the link in the explanation.

"The weight is assigned locally to the router. The value only makes sense to the specific router."



"Unlike the weight attribute, which is only relevant to the local router, local preference is an attribute that routers exchange in the same AS."

Changing the weight on another router will not impact forwarding decisions made by this router.

Exhibit is wrong.

question references AS64501 exhibit uses AS100,AS200, AS300.

https://www.examtopics.com/discussions/c...iscussion/

Missing Diagram Portion of exhibit


https://www.scribd.com/document/65704362...-2023-v1-2

Exhibit is incorrect 

Table shows device id's as ASBR 2,3,4

Diagram shows ASBR 1,2,3

Who is to say the misconfiguration isn't on e0/1 of Cape Town?

CapeTown#sh ip route | inc 192.168.1.0
D    192.168.1.0/24 [90/665600] via 192.168.12.1, 00:00:05, Ethernet0/0
CapeTown#
CapeTown#

CapeTown#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
CapeTown(config)#int e 0/1
CapeTown(config-if)#band 10000
CapeTown(config-if)#end
CapeTown#
CapeTown#
CapeTown#
*Feb 18 04:29:55.827: %SYS-5-CONFIG_I: Configured from console by console
CapeTown#
CapeTown#
CapeTown#sh ip route | inc 192.168.1.0
D    192.168.1.0/24 [90/435200] via 192.168.13.2, 00:00:05, Ethernet0/1
CapeTown#