Nokia SR Linux EVPN and Data Center Interconnect Questions and Answers
Consider the exhibit.

Leaf1 and Leaf2 have the Ethernet segment configured to use the default election algorithm while Leaf3 and Leaf4 are configured to use the preference-based algorithm with Leaf3 having the higher preference value. The DF candidate list is the same on all leaf routers.
Which of the following leafs is the DF for mac-vrf103?
Options:
Leaf1
Leaf2
Leaf3
Leaf4
Answer:
CExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
Designated Forwarder election determines which PE forwards BUM traffic from the EVPN overlay toward a multi-homed Ethernet Segment for a given service. In this scenario, all leaf routers share the same DF candidate list for mac-vrf103, but the election configuration is not identical. Leaf1 and Leaf2 use the default algorithm, while Leaf3 and Leaf4 use the preference-based algorithm. Under preference-based DF election, the candidate with the highest configured preference is selected over lower-preference candidates, assuming the candidate list is valid and consistent. The question states that Leaf3 has the higher preference value compared with Leaf4. Therefore, Leaf3 becomes the DF for mac-vrf103. This is the correct outcome because the preference-based election explicitly overrides simple default behavior by assigning operator-defined priority to a PE. In production designs, this is useful when the operator wants deterministic forwarding placement, maintenance control, or service-specific primary-path selection rather than relying only on the default modulo-based DF selection process. Reference: EVPN DF election, preference-based algorithm, MAC-VRF service forwarding.
================
Consider the exhibit.

All three leafs have an EVPN MP-BGP session with the route reflector in Spine-1. Leaf-2 and Leaf-3 have existing instances of an L2 EVPN named MAC VRF-1. Leaf-1 has just enabled a new instance of MAC VRF-1.
Which of the following steps is NOT taken when this new instance is enabled?
Options:
Leaf-1 generates an IMET route.
Leaf-1 advertises the IMET route in a BGP EVPN update directly to Leaf-2 and Leaf-3.
Leaf-2 and Leaf-3 auto-discover the new peer based on the route target in the received IMET route.
Leaf-2 and Leaf-3 add Leaf-1 to their existing flooding list for BUM traffic.
Answer:
BExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
When a new Layer 2 EVPN MAC-VRF instance is enabled, the PE advertises an Inclusive Multicast Ethernet Tag route, commonly called an IMET route or EVPN route type 3. The IMET route is used to auto-discover remote PEs that participate in the same EVPN service and to build the BUM flooding list for that MAC-VRF. In this topology, all leaf routers peer with the route reflector on Spine-1. Leaf-1 therefore advertises its IMET route to the route reflector, not directly to Leaf-2 and Leaf-3. The route reflector then reflects the EVPN update to the other client leaves. Leaf-2 and Leaf-3 import the route based on matching route-target policy and add Leaf-1 to the replication list for broadcast, unknown unicast, and multicast traffic. Option B is the step that is not taken because it incorrectly describes direct leaf-to-leaf EVPN advertisement. In a route-reflector design, the RR centralizes EVPN route distribution and avoids the need for a full mesh of MP-BGP EVPN sessions between leaves. Reference: EVPN RT-3 IMET route, route-reflector operation, BUM flooding-list auto-discovery.
================
Consider the exhibit.

The network is going to be designed to use interface-less symmetric routing.
Which of the following statements is TRUE?
Options:
An instance of each mac-vrf is required on each leaf.
The ingress PE will perform layer 2 and layer 3 lookups while the egress PE will perform layer 2 lookup.
The IRB configuration does not require anycast gateway configuration on the ip-vrf.
Forwarding information will be exchanged between the PEs using EVPN route-type 2 updates.
Answer:
DExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
In interface-less symmetric routing, the EVPN fabric exchanges host forwarding information using EVPN route type 2 MAC/IP advertisements. RT-2 carries the host MAC address and, when present, the associated host IP address, allowing remote PEs to build the forwarding state needed for distributed gateway operation. Unlike asymmetric routing, interface-less symmetric routing does not require every MAC-VRF to be instantiated on every PE. The design scales better because each leaf only needs the locally attached MAC-VRFs plus the shared IP-VRF/routed VXLAN construct for inter-subnet forwarding. Option B describes an asymmetric forwarding pattern more than a symmetric one; in symmetric routing, both ingress and egress PEs perform routed forwarding functions through the IP-VRF. Option C is also incorrect because anycast gateway is fundamental when multiple leaves provide the same default-gateway service for a subnet. Therefore, the true statement is that forwarding information is exchanged using EVPN route type 2 updates. Reference: interface-less symmetric routing, EVPN RT-2 host MAC/IP signaling, distributed IRB operation.
================
Which of the following GARP functions is FALSE?
Options:
A host sends a GARP to update its own IP/MAC mapping to the other hosts in the subnet.
All other hosts within the subnet will update their ARP tables.
The GARP is sent as a broadcast.
The other hosts in the subnet will acknowledge the receipt with a reply.
Answer:
DExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
A Gratuitous ARP is an ARP message a host sends to announce or refresh its own IP-to-MAC binding without waiting for another host to request it. In a traditional Ethernet subnet, the GARP is sent as a broadcast so that other hosts can update their ARP caches with the sender's current MAC address. This is useful after a host boots, changes NICs, moves to another attachment point, or takes over an IP address in a redundancy scenario. In EVPN environments, GARPs are also important because a leaf can snoop the ARP information and update local proxy ARP and EVPN MAC/IP state. Option D is false because recipients do not acknowledge a gratuitous ARP with a reply. GARP is an announcement mechanism, not a request/response transaction. If every receiving host acknowledged a broadcast GARP, the result would be unnecessary ARP traffic amplification. The correct behavior is passive update of ARP state by receiving systems and, in EVPN, potential control-plane propagation of the learned binding by the local PE. Reference: GARP behavior, proxy ARP learning, Layer 2 EVPN endpoint update procedures.
================
Which of the following four symmetric routing options does NOT require the use of an EVPN route-type 2?
Options:
Host routing
Prefix routing interface-less
Prefix routing interface-ful numbered
Prefix routing interface-ful unnumbered
Answer:
CExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
EVPN route type 2 carries MAC/IP advertisement information. It is central to host-based routing and to designs where the fabric must distribute host MAC-to-IP bindings for integrated routing and bridging. In host routing, RT-2 is required because individual host reachability is signaled through MAC/IP advertisements. In interface-less prefix routing, RT-2 is still needed because the system relies on host or gateway MAC/IP information associated with the IRB and distributed gateway behavior. Interface-ful unnumbered designs may also require RT-2-style information to resolve next-hop or adjacency behavior because the routed interface does not use a conventional numbered next-hop model. Prefix routing with interface-ful numbered operation is different. In that model, the routed interface has explicit IP addressing and prefix reachability can be carried with L3 prefix routes without requiring EVPN RT-2 host MAC/IP advertisement as a dependency. Therefore, the symmetric routing option that does not require EVPN route type 2 is prefix routing interface-ful numbered. Reference: symmetric L3 EVPN routing models, RT-2 MAC/IP advertisements, prefix routing behavior.
================
Which of the following is NOT part of the description of a BGP route-distinguisher?
Options:
The route-distinguisher is a unique identifier that is configured per PE and per EVI.
It is included in each EVPN route update advertisement.
It is used by MP-BGP to allow for overlapping addresses from multiple tenants.
It identifies the EVPN instance in the control plane.
Answer:
DExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
A route distinguisher is used in MP-BGP VPN and EVPN address families to make otherwise overlapping tenant routes unique in the BGP control plane. In EVPN, different tenants or EVPN instances may legitimately use the same MAC or IP values. The route distinguisher makes the NLRI globally unique by prepending a unique value to the tenant route. It is typically unique per PE and per EVI, and it is carried in EVPN route advertisements. However, the route distinguisher does not control route import, export, or service membership. That role belongs to the route target, which is a BGP extended community used by receiving PEs to decide which EVPN instance should import the route. Therefore, option D is not part of the correct description of a route distinguisher. Saying that the RD identifies the EVPN instance in the control plane confuses RD uniqueness with route-target membership. The RD makes routes unique; the route target associates those routes with the appropriate MAC-VRF or IP-VRF import policy. Reference: EVPN route distinguisher, overlapping tenant addresses, route target separation.
================
Which of the following statements about the gateway-less data center interconnect solution is FALSE?
Options:
The IP addresses of the leaf routers need to be re-distributed into the WAN.
The EVPN overlay is transparently carried over the WAN network.
The leaf routers are able to establish a full mesh of VXLAN tunnels across the WAN.
The data center gateway routers maintain a MP-BGP EVPN peering with the data center route reflector.
Answer:
DExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
In a gateway-less DCI design, there is no dedicated gateway device performing EVPN-to-WAN service interworking. Instead, the data center EVPN overlay is extended across the WAN more directly. Because leaf routers must establish overlay reachability across sites, the IP addresses of the leaf VTEPs need to be reachable through the WAN, commonly by redistributing or otherwise carrying the necessary loopback reachability. The WAN transparently carries the EVPN/VXLAN overlay, and leaf routers can establish VXLAN tunnels across the WAN to remote leaves. Option D is false because it introduces “data center gateway routers” maintaining MP-BGP EVPN peering with the data center route reflector. That is not the gateway-less model; it describes a gateway-based role that does not exist as a separate function in this architecture. In gateway-less DCI, the EVPN control-plane and VXLAN data-plane extension are handled by the fabric endpoints themselves, so the design trades demarcation and interworking control for a more direct overlay extension model. Reference: gateway-less DCI, WAN reachability for leaf VTEPs, transparent EVPN overlay carriage, VXLAN tunnel extension.
================
When configuring the EVPN MP-BGP route reflector sessions between the leaf and spine routers, which of the following statements is TRUE?
Options:
The local-AS number configured within the BGP group will override the AS number configured directly under the BGP protocol.
The cluster-id that uniquely identifies this route reflector session is configured on the route reflector and participating clients.
When redundant route reflectors are deployed, one route reflector will be the primary while the other one will assume a backup role.
Route reflectors can be used instead of a full mesh of eBGP sessions between the leaf and spine routers.
Answer:
AExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
In SR Linux BGP configuration, parameters defined at a more specific hierarchy level can override broader protocol-level settings. Therefore, if a `local-as` value is configured within the BGP group used for EVPN MP-BGP route-reflector sessions, that value overrides the AS number configured directly under the BGP protocol for that group's sessions. Option A is correct. Option B is false because the cluster ID is configured on the route reflector, not on every participating client. The cluster ID identifies the RR cluster and helps prevent route-reflection loops. Option C is false because redundant route reflectors normally operate in parallel rather than as strict primary/backup devices; clients can peer with both for resilience. Option D is misleading because EVPN route reflectors are used to avoid a full mesh of overlay MP-BGP EVPN sessions between leaves, not to replace ordinary underlay eBGP leaf-spine routing sessions. In a clean fabric design, the underlay provides IP reachability, while the EVPN overlay uses MP-BGP sessions, often via route reflectors, to distribute tenant reachability. Reference: SR Linux BGP hierarchy, EVPN route reflector sessions, local-AS override, cluster ID behavior.
================
Consider the exhibit.

All connected leaf routers have the same Ethernet segment configuration. The IP-VRF is configured properly and is operational.
Which of the following statements is FALSE?
Options:
This Ethernet segment is configured for Layer 3 multi-homing.
The EVI for the IP-VRF using this segment is 1000.
A LAG must be configured on the connected leaf routers and the host.
The redundancy mode for this Ethernet segment is all-active.
Answer:
CExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
The exhibit describes a Layer 3 multi-homing scenario where the Ethernet Segment is associated with an IP-VRF and the configuration references an EVI value of 1000. The segment is configured with all-active multi-homing, allowing multiple attached leaf routers to advertise reachability for the same external L3 next-hop or third-party prefix attachment. In this model, the Ethernet Segment represents the shared L3 attachment and is used by EVPN to associate remote prefix reachability with the multi-homed segment. The incorrect statement is that a LAG must be configured on the connected leaf routers and the host. That requirement is specific to many Layer 2 all-active host attachment designs, where the host commonly uses LACP toward multiple leaf routers and the leaf LAG subinterfaces are associated with the Ethernet Segment. In Layer 3 multi-homing, the attached device can be a router or VNF, and the EVPN ES association can be used for L3 prefix reachability without mandating that the host side be configured as a LAG. Reference: L3 EVPN multi-homing, EVI association, all-active Ethernet Segment behavior.
================
Consider the exhibit.

Which of the following is NOT configured on dcgw10 to support the Layer 3 VPN connectivity?
Options:
The base BGP instance to support vpn-ipv4 and evpn address families.
A routed VXLAN interface for the VPRN instance.
A binding of the VPRN instance to the MPLS tunnels towards dcgw20.
A vrf-target matching the vrf-target on dcgw20 in the VPRN instance.
Answer:
BExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics] :
In an integrated gateway-based data center interconnect design, the gateway must interwork between the data center EVPN/VXLAN domain and the WAN VPN transport domain. For Layer 3 VPN connectivity on a Nokia 7750 SR integrated gateway, the base BGP instance must support the relevant VPN address families, such as VPN-IPv4 and EVPN, because the gateway participates in control-plane exchange between the data center and WAN sides. The VPRN must also be associated with the WAN transport, normally through MPLS tunnel binding, and the VRF target must match the corresponding VPRN on the remote gateway so that VPN routes are imported and exported correctly. A routed VXLAN interface, however, is an SR Linux IP-VRF/VXLAN construct used for symmetric L3 EVPN forwarding inside a VXLAN-based data center fabric. In this question, dcgw10 is acting as the integrated WAN gateway for L3VPN connectivity, so a routed VXLAN interface is not the required configuration item on the VPRN instance. Reference: integrated gateway DCI, VPRN over MPLS, EVPN-to-VPN interworking.
================
Consider the exhibit.

Which of the following statements about the configuration and operation of this setup is TRUE?
Options:
The MAC-VRF on Leaf1 and Leaf2 is configured with multi-homing-mode all-active.
The MAC-VRF on Leaf3 will need to be configured with ECMP to be able to load balance between Leaf1 and Leaf2.
The host will be required to be configured with a LAG.
The Ethernet segment ES-1 will be associated to the ports that connect to the host.
Answer:
DExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
This setup represents a Layer 2 EVPN multi-homing attachment where the host is connected to Leaf1 and Leaf2 through an Ethernet Segment named ES-1. In SR Linux EVPN multi-homing, the Ethernet Segment must be associated with the physical or logical attachment interfaces facing the host. This allows the PEs to advertise Ethernet Segment information into EVPN, participate in DF election, and apply the appropriate forwarding behavior for single-active or all-active redundancy. Option D is therefore correct. Option A is not necessarily true because the exhibit indicates an active/standby style attachment, not all-active operation. Option B is also incorrect because ECMP on the remote MAC-VRF is not the mechanism that defines the local ES association or single-active behavior. Option C is wrong in this setup because a host LAG is required for common all-active L2 multi-homing with LACP, but the shown design uses an active/standby-style attachment where the Ethernet Segment is bound to the host-facing ports. The technical anchor is that ES-1 must be associated to the access ports connecting the host into the multi-homed MAC-VRF service. Reference: L2 EVPN multi-homing, Ethernet Segment interface association, DF behavior.
================
Consider the exhibit.

All IP-VRFs are configured properly and are operational.
Which of the following statements is FALSE?
Options:
One of the leaf routers will be elected DF.
All connected leaf routers will use single active redundancy.
The AD per EVI update will be used to identify which connected leaf is primary.
All traffic destined to 40.40.40.0/24 will be forwarded through Leaf3 due to the BGP connection to the CE VNF.
Answer:
BExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
The scenario describes Layer 3 EVPN multi-homing with an IP-VRF service and an external CE VNF advertising the 40.40.40.0/24 prefix through BGP. A DF election can occur among the leaf routers participating in the Ethernet Segment, and the active/primary forwarding node is used for the relevant service behavior. The AD per EVI route can participate in identifying service-level reachability for the Ethernet Segment, and the prefix traffic follows the valid advertised path toward the CE VNF. Because Leaf3 has the BGP connection to the CE VNF, traffic for 40.40.40.0/24 is forwarded through Leaf3. Option B is false because it incorrectly states that all connected leaf routers will use single-active redundancy. The exhibit and answer context indicate a more specific forwarding/primary selection for the service, not a blanket statement that every connected leaf operates using single-active redundancy. In L3 multi-homing, redundancy behavior depends on the ES mode, prefix advertisement, next-hop association, and CE connectivity. The forwarding decision for the customer prefix is tied to the active/valid route advertisement, not to every leaf uniformly acting as single-active. Reference: L3 EVPN multi-homing, DF election, AD per EVI role, PE-CE BGP prefix forwarding.
================
Which of the following statements about a L3 EVPN network using symmetric routing is FALSE?
Options:
Each participating PE must support the use of EVPN route-type 5.
Ingress and egress PEs perform MAC and IP forwarding.
A routed-VXLAN interface is required on a per IP-VRF basis.
Each MAC-VRF used in the L3 EVPN network must exist on each PE.
Answer:
DExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
Symmetric L3 EVPN routing uses an IP-VRF-based overlay model in which both ingress and egress PEs participate in routed forwarding. The ingress PE receives the frame from the local MAC-VRF, routes it into the IP-VRF, and sends it across the VXLAN routed interface. The egress PE receives the routed overlay packet, performs the corresponding IP-VRF lookup, and then forwards it into the locally attached destination MAC-VRF. Because the routed overlay is built per IP-VRF, a routed-VXLAN interface is required for that IP-VRF. EVPN route type 5 support is also required because RT-5 carries IP prefix reachability across the EVPN control plane. The false statement is option D. Symmetric routing specifically removes the requirement for every MAC-VRF to exist on every PE. A PE only needs the MAC-VRFs for locally attached subnets, plus the shared IP-VRF and routed overlay state. This is the major scaling advantage of symmetric routing compared with designs that require broad MAC-VRF instantiation across the fabric. Reference: symmetric L3 EVPN routing, routed VXLAN interface, RT-5 prefix reachability, MAC-VRF scaling.
================
Which EVPN route-type (RT) is used in multi-homing scenarios to support aliasing and fast convergence?
Options:
RT-1 Ethernet Auto-Discovery
RT-2 MAC/IP Advertisement
RT-3 Inclusive Multicast Ethernet Tag
RT-4 Ethernet Segment
Answer:
AExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
The EVPN route type used for aliasing and fast convergence in multi-homing is RT-1, the Ethernet Auto-Discovery route. RT-1 has two important forms: Ethernet A-D per Ethernet Segment and Ethernet A-D per EVI. These routes advertise reachability to a multi-homed Ethernet Segment and to a specific EVPN instance on that segment. Remote PEs use this information for aliasing, meaning they can forward traffic toward any eligible PE attached to the same Ethernet Segment, even when a specific MAC was advertised by only one PE. RT-1 also supports fast convergence because withdrawal of Ethernet A-D routes quickly informs remote PEs that an attachment path or PE is no longer valid, avoiding slow MAC aging as the primary failure-detection mechanism. RT-4 Ethernet Segment routes are related to multi-homing, but their main function is Ethernet Segment discovery and Designated Forwarder election. RT-2 advertises host MAC/IP reachability, and RT-3 builds multicast/BUM replication lists. Therefore, RT-1 is the precise answer for aliasing and fast convergence. Reference: EVPN multi-homing route types, Ethernet Auto-Discovery, aliasing and convergence behavior.
================
Consider the exhibit.

Based upon the information in the screen captures, which of the following statements is FALSE?
Options:
Leaf-1 will not generate any EVPN route-type 5 updates for IP-VRF-100.
The IRB interface will snoop all ARP and GARP messages received on IRB sub-interface 100.100.
Leaf-1 will advertise EVPN route-type 2 updates with host IP and MAC information for MAC-VRF100.
The ARP cache for ip-vrf 100 is only required to contain host prefixes for the local subnets.
Answer:
BExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
The exhibit describes an EVPN IRB environment where MAC-VRF100 and IP-VRF-100 exchange host reachability through local learning and EVPN advertisements. Leaf-1 can advertise EVPN route type 2 updates containing host MAC/IP information for MAC-VRF100. This is the normal mechanism used to distribute endpoint bindings learned from local hosts. If IP-VRF-100 is not configured for prefix advertisement, Leaf-1 will not generate EVPN route type 5 updates for that IP-VRF, so option A is consistent. The ARP cache in the IP-VRF is normally required for local subnet host resolution; remote host reachability can be learned through EVPN rather than requiring every remote ARP entry to be learned by local data-plane ARP. Option B is false because ARP/GARP snooping is not performed by the IRB interface in the manner stated. ARP/GARP learning for proxy ARP and MAC/IP advertisement is associated with the MAC-VRF bridge-domain behavior and the local access side, not with the IRB subinterface indiscriminately snooping all ARP/GARP messages as described. Reference: EVPN IRB operation, RT-2 host MAC/IP advertisement, RT-5 behavior, ARP/GARP learning scope.
================
Which of the following statements about the decoupled gateway-based data center interconnect solution is TRUE?
Options:
The IP addresses of all the leaf routers and route-reflectors must be reachable by the routers in the WAN.
There is a clear demarcation for security and QoS between the data center border leaf and the WAN PE.
The WAN PE maintains a peering session with the data center route reflector.
VXLAN tunnels are established between the leaf routers in the different data centers.
Answer:
BExplanation:
Comprehensive and Detailed 150 to 250 words of Explanation From [SR Linux EVPN and Data Center Interconnect/Course Guide/topics]:
A decoupled gateway-based DCI model separates the data center border-leaf function from the WAN PE function. This separation is the key design point. The border leaf remains part of the data center EVPN/VXLAN environment, while the WAN PE participates in WAN VPN transport and policy enforcement. Because the roles are split across two devices, the handoff between the border leaf and WAN PE provides a clean administrative and operational boundary. That boundary is useful for security policy, QoS marking, traffic classification, and troubleshooting ownership. The WAN does not need direct reachability to every leaf and route reflector as in a gateway-less model. The WAN PE also does not peer directly with the data center route reflector in a decoupled model; route exchange occurs through the border-leaf/WAN-PE handoff. VXLAN tunnels between leaf routers across different data centers are characteristic of gateway-less extension, not decoupled gateway operation. Therefore, the statement about clear demarcation between the data center border leaf and WAN PE is the accurate description. Reference: decoupled gateway-based DCI, security/QoS demarcation, WAN PE separation.
================