JN0-650 Dumps With Exact Questions and Answers

Private VLANs (PVLANs) allow for granular port isolation within a single broadcast domain. When extending a PVLAN across multiple switches (S1 to S2), the secondary VLANs (Community or Isolated) must be preserved across the trunk links.

802.1Q Tagging (Option B): For traffic from a Community VLAN (RND) to reach members on a different switch, the Community VLAN must have its own 802.1Q VLAN tag (VLAN ID) associated with it. When a frame from a community port on S1 traverses the trunk to S2, it is tagged with this specific secondary VLAN ID. S2 receives the tagged frame, identifies it as belonging to the RND community, and forwards it to the appropriate community or promiscuous ports.

Why it fails without a tag: If the RND community is only defined locally on S1 without a global VLAN ID, the trunk port will not know how to distinguish that traffic from the Primary VLAN or other communities.

Incorrect Options: Option A is incorrect because the community VLAN must have a different tag than the parent (Primary) VLAN to maintain the internal PVLAN logic. Option C is incorrect because stripping tags would lead to the traffic being merged into the native VLAN or dropped. Option D is incorrect because RND is a community VLAN; changing it to an isolated VLAN would change its behavior (preventing communication between members of that same group).

In an EVPN-VXLAN architecture, the network is divided into two distinct planes: the Underlay and the Overlay.

Underlay (IP Fabric): The underlay's only job is to provide IP reachability between the loopback addresses of all VTEPs (Virtual Tunnel Endpoints). This is typically achieved using OSPF, IS-IS, or EBGP.

Overlay (EVPN Control Plane): The overlay is responsible for carrying Layer 2 MAC and Layer 3 IP reachability information between switches. EVPN signaling is the standard mechanism for this task.

Protocol Choice (Option D): EVPN uses MP-BGP (Multiprotocol BGP) as its control plane protocol. On Juniper EX Series and QFX Series switches, the most scalable and recommended design for the overlay is EBGP (External BGP).

In a 3-stage or 5-stage Clos architecture, EBGP is used in the overlay to exchange EVPN routes (Route Types 1-5) between Leaf and Spine switches.

EBGP simplifies configuration by avoiding the need for Route Reflectors (required for IBGP) and provides better control over route propagation through BGP community and policy management.

Incorrect Options:

Options A and B refer to the underlay protocols. While they provide the path for the VXLAN tunnels, they do not handle the EVPN signaling itself.

Option C (MPLS) is a different transport technology. While EVPN can run over MPLS (EVPN-MPLS), campus designs on EX series devices specifically use VXLAN as the data plane, making EBGP the standard signaling protocol for the EVPN-VXLAN overlay.

Junos OS 24.4 handles multicast traffic using two distinct models based on whether the source is known in advance.

Knowledge and Sources (Option A): PIM-ASM (Any Source Multicast) is designed for "many-to-many" communication where receivers join a group ($*,G$) and rely on a Rendezvous Point (RP) to discover active sources. In contrast, PIM-SSM (Source-Specific Multicast) is for "one-to-many" scenarios where receivers must already know the exact source IP ($S,G$) before joining.

Protocol and RP Logic (Option D): PIM-SSM bypasses the RP entirely. It relies on IGMPv3 messages from the host, which explicitly include both the source address and the group address. This allows the last-hop router to build a Shortest Path Tree (SPT) directly toward the source immediately.

Register Process (Option B): While PIM-ASM does use registers, it is the First-Hop Router (Designated Router on the source segment) that sends the register to the RP, not the receiver's DR.

RP Role (Option C): This is exactly backwards; PIM-ASM requires an RP for source discovery, whereas PIM-SSM does not use one at all.