Traffic Filtering

8.2 - the question asks to filter BGP sessions that attempt connections via GRE and IPIP tunnels. How can the answer is to filter the whole GRE and IPIP?

In my humble opinion, this is a bad question and should be rewritten.

I waste an hour trying to find a solution to this vague question...


  • It's implied. As you can't really see the GRE / IPIP payload on transit routers, it is suggesting to also block GRE and IPIP.

    However, the solution is incorrect. it's blocking all BGP flows and we need to add a permit for the BGP session between R8 and R5.


Sign In or Register to comment.