According to the Juniper documentation1, a routing zone is an L3 domain, the unit of tenancy in multi-tenant networks. You create routing zones for tenants to isolate their IP traffic from one another, thus enabling tenants to re-use IP subnets. In addition to being in its own VRF, each routing zone can be assigned its own DHCP relay server and external system connections. You can create one or more virtual networks within a routing zone, which means a tenant can stretch its L2 applications across multiple racks within its routing zone. For virtual networks with Layer 3 SVI, the SVI is associated with a Virtual Routing and Forwarding (VRF) instance for each routing zone isolating the virtual network SVI from other virtual network SVIs in other routing zones. Therefore, the correct answer is D. A routing zone is used to enable the communication between two VNIs within a VRF. A routing zone is not used for L4-L7 inspection, securing routing protocols, or requiring firewalls. Those are not the purposes of a routing zone in Juniper Apstra software.Reference:Routing Zones

Probes are the basic unit of abstraction in Intent-Based Analytics (IBA). They are used to collect, process, and analyze data from the network and raise anomalies based on specified conditions. Probes are composed of processors and stages that form a directed acyclic graph (DAG) of data flow. The following statements are correct about probes:

A) Default probes can be cloned, modified, and saved. This is true because Apstra provides a set of default probes that cover common use cases and scenarios. These probes can be cloned and modified to suit the specific needs of the user. The modified probes can be saved as new probes with different names and descriptions. This allows the user to customize and extend the functionality of the default probes.

D) Default probes are enabled, based on the intent for a blueprint. This is true because Apstra enables or disables the default probes automatically based on the intent of the blueprint. The intent of the blueprint is the high-level description of the desired state and behavior of the network. Apstra uses the intent to determine which default probes are relevant and applicable for the blueprint and enables them accordingly. For example, if the intent of the blueprint is to deploy an EVPN-VXLAN fabric, Apstra will enable the default probes related to EVPN-VXLAN, such as EVPN-VXLAN Anomaly Detection, EVPN-VXLAN Fabric Health, and EVPN-VXLAN Fabric Validation. The following statements are incorrect about probes:

B) Only the variable parameters for default probes can be edited and saved. This is false because the user can edit and save any parameters for the default probes, not just the variable ones. The variable parameters are the ones that depend on the network topology, devices, or configuration, such as device names, interface names, IP addresses, VLAN IDs, etc. The user can also edit and save the fixed parameters, such as the duration, threshold, condition, etc. However, the user cannot edit and save the default probes directly. The user must clone the default probes first and then edit and save the cloned probes as new probes.

C) All default probes are enabled for all blueprints. This is false because Apstra does not enable all default probes for all blueprints. Apstra enables the default probes based on the intent of the blueprint, as explained above. This means that only the default probes that are relevant and applicable for the blueprint are enabled. For example, if the intent of the blueprint is to deploy a BGP IP fabric, Apstra will not enable the default probes related to EVPN-VXLAN, since they are not relevant for the blueprint. The user can also manually enable or disable the default probes as needed.Reference:

Probes

Create Probe

Intent-Based Analytics Overview

The graph query output shown in the exhibit is a JSON representation of an interface node and its properties in the Apstra graph database. Based on the output, we can infer the following statements:

The output shows a LAG connection.This is true because the interface node has a property calledlag_modewhich is set tolacp_active, indicating that the interface is part of a link aggregation group (LAG) that uses the Link Aggregation Control Protocol (LACP) to negotiate the link state and parameters12.

The switch in the output is a Juniper device.This is true because the interface node has a property calledif_namewhich is set toae2, indicating that the interface name follows the Juniper naming convention for aggregated Ethernet interfaces34.

The interface has an IP address assigned to it.This is false because the interface node has properties calledipv4_addrandipv6_addrwhich are both set tonull, indicating that the interface does not have any IPv4 or IPv6 address configured2.

The interface has tags assigned to it.This is false because the interface node has a property calledtagswhich is set tonull, indicating that the interface does not have any tags associated with it2.Reference:

Link Aggregation Overview

Processor: Generic Graph Collector

Understanding Aggregated Ethernet Interfaces and LACP

Graph

According to the Juniper documentation1, a predefined device profile is a configuration template that is shipped with Apstra software and supports most qualified Juniper devices. A predefined device profile cannot be changed, since any changes would be discarded and overwritten when you upgrade the Apstra server version. If you want to customize a predefined device profile, you can clone and edit it instead. Therefore, the correct answer is A. The changes you make to a predefined device profile will be discarded and overwritten when upgrading the Apstra server version.Reference:Edit Device Profile | Apstra 4.2 | Juniper Networks

The leaf device in AS 65000 will receive three routes for the 10.100.0.0/16 prefix, one from each spine device in AS 65001, AS 65002, and AS 65003. Since ECMP load balancing is enabled, the leaf device will install all three routes in its routing table and distribute the traffic among them. The other options are incorrect because:

B) 1 is wrong because the leaf device will not receive only one route for the prefix. It will receive multiple routes from different spine devices and use ECMP to load balance among them.

C) 2 is wrong because the leaf device will not receive only two routes for the prefix. It will receive three routes from three spine devices, as explained above.

D) 4 is wrong because the leaf device will not receive four routes for the prefix. It will receive three routes from three spine devices, as explained above. The fourth spine device in AS 65004 is not directly connected to the leaf device and will not advertise the prefix to it.Reference:

IP Fabric Underlay Network Design and Implementation

BGP Multipath load sharing iBGP and eBGP

ECMP Load Balancing