In Juniper Apstra, a widget is a graphical element that displays data from an intent-based analytics (IBA) probe. A widget can be used to monitor different aspects of the network and raise alerts to any anomalies. A widget can be viewed by itself or added to an analytics dashboard.  A dashboard is a collection of widgets that can be customized and organized according to the user’s preference 1 .

The main dashboard in Juniper Apstra is the blueprint dashboard, which is the default view that shows the network information and configuration for the active blueprint. A blueprint is a logical representation of the network design and intent.  The blueprint dashboard can display the system-generated dashboards, the user-generated dashboards, and the individual widgets that are relevant to the network 2 .

To make a widget appear on the main dashboard in Juniper Apstra, the user needs to set the Default toggle switch to On for the desired widget. This will add the widget to the blueprint dashboard, where it can be viewed along with other network information.  The user can also remove the widget from the blueprint dashboard by setting the Default toggle switch to Off for the widget 3 . Therefore, the statement D is correct in this scenario.

The following three statements are incorrect in this scenario:

When creating the widget, select the Add to Blueprint Dashboard option. This is not true, because there is no such option when creating a widget in Juniper Apstra.  The user can only select the widget type, the probe, and the display mode when creating a widget 4 .  To add the widget to the blueprint dashboard, the user needs to set the Default toggle switch to On for the widget after creating it 3 .

On the blueprint dashboard, click on the Add Widget option. This is not true, because there is no such option on the blueprint dashboard in Juniper Apstra.  The user can only view, edit, or delete the existing widgets and dashboards on the blueprint dashboard 2 .  To add a widget to the blueprint dashboard, the user needs to set the Default toggle switch to On for the widget from the widgets table view 3 .

Widgets automatically appear on the blueprint dashboard. This is not true, because widgets do not automatically appear on the blueprint dashboard in Juniper Apstra.  The user needs to manually add the widgets to the blueprint dashboard by setting the Default toggle switch to On for the widgets that they want to see on the blueprint dashboard 3 .  The only exception is the widgets that are part of the system-generated dashboards, which are automatically created and added to the blueprint dashboard based on the state of the active blueprint 2 .

References :

Widgets Overview

Blueprint Summaries and Dashboard

Widgets Introduction

Create Widget

A configlet is a small piece of configuration that can be applied to a device or a group of devices to make persistent changes that are not overwritten by Apstra. Configlets can be used to install manual changes that are not part of the Apstra rendered configuration, such as custom commands, scripts, or features.  Configlets can be created, edited, and deleted from the Apstra GUI or CLI 1 2 .  References :

Configlets Overview

Configlets User Guide

In the Juniper Apstra UI, the Resources menu allows you to create and manage global and local resources that are used for various elements of the network design and configuration. The Resources menu includes the following three types of resources that can be assigned to the network devices and virtual networks:

ASN pools: These are pools of autonomous system numbers (ASNs) that are used for the underlay routing protocol (EBGP) between the leaf and spine devices. You can create ASN pools with either 2-byte or 4-byte ASNs, and assign them to the logical devices in the blueprint.

VNI pools: These are pools of virtual network identifiers (VNIs) that are used for the overlay network (VXLAN) between the end hosts. You can create VNI pools with a range of VNIs, and assign them to the virtual networks in the blueprint.

IP address pools: These are pools of IPv4 or IPv6 addresses that are used for various purposes in the network, such as the loopback addresses for the devices, the IP prefixes for the virtual networks, the host IP addresses for the end hosts, and the gateway IP addresses for the IRB interfaces. You can create IP address pools with a range of IP addresses, and assign them to the logical devices and virtual networks in the blueprint.

The following two types of resources are not assigned under the Resources menu:

VTEP pools: These are not resources that can be created or assigned by the user. VTEPs are VXLAN tunnel endpoints that are automatically generated by the Apstra server based on the loopback IP addresses of the devices. VTEPs are used as the source and destination IP addresses for the VXLAN tunnels in the overlay network.

Logical device pools: These are not resources that can be created or assigned by the user. Logical device pools are groups of logical devices that share the same role, interface map, and resource assignments in the blueprint. Logical device pools are used to simplify the network design and configuration by applying the same settings to multiple devices.

References :

Resources Introduction

ASN Pools (Resources)

VNI Pools (Resources)

IP Address Pools (Resources)

A Juniper Apstra rack is a physical entity that contains one or more network devices, such as leaf nodes, access switches, or generic systems. A rack is used to organize and manage the network devices in the Apstra software application. A rack has the following characteristics:

It stores information on how leaf nodes connect to generic devices. This is because a rack can include generic systems, which are devices that are not managed by Juniper Apstra, but are connected to the network. A generic system can be a server, a firewall, a load balancer, or any other device that has a network interface.  A rack stores the information on how the leaf nodes, which are the devices that provide access to the end hosts, connect to the generic devices, such as the port number, the link speed, the LAG mode, and the roles 1 .

It has a rack type, which defines the type and number of leaf devices, access switches, and/or generic systems that are used in the rack. A rack type is a resource that is created in the data center design phase, and it does not specify the vendor or the model of the devices.  A rack type can be predefined or custom-made, and it can be used to create multiple racks with the same structure and configuration 2 .

It has a rack build, which assigns the specific vendor and model of the devices to the rack. A rack build is created in the staged phase, and it uses the rack type as a template.  A rack build can also assign the resources, such as the IP addresses, the ASNs, and the VNIs, to the devices in the rack 3 .

It has a rack deployment, which applies the network configuration and services to the devices in the rack. A rack deployment is performed in the active phase, and it uses the rack build as a reference.  A rack deployment can also monitor the network performance and compliance of the devices in the rack 4 .

The following three statements are incorrect in this scenario:

It stores information on how pods connect to super spines. This is not true, because a rack does not store any information on the pod or the super spine level of the network. A pod is a cluster of leaf and spine devices that form a 3-stage Clos topology, and a super spine is a device that connects multiple pods in a 5-stage Clos topology.  A rack only stores information on the leaf and the access level of the network 1 .

It stores IP address and ASN pool information. This is not true, because a rack does not store any information on the IP address and ASN pools. IP address and ASN pools are resources that are created in the data center design phase, and they contain a range of IP addresses and ASNs that can be assigned to the devices and the virtual networks.  A rack only uses the IP address and ASN pools to assign the resources to the devices in the rack build 2 .

It stores device port data rates and vendor information. This is not true, because a rack does not store any information on the device port data rates and vendor information. The device port data rates and vendor information are specified in the rack build, which assigns the specific vendor and model of the devices to the rack.  A rack only uses the rack build to apply the network configuration and services to the devices in the rack deployment 3 .

References :

Racks (Staged)

Rack Types (Datacenter Design)

Rack Builds (Staged)

Racks (Active)

To configure a static route for traffic to exit a configured routing zone, you need to use the Connectivity Templates feature in the Juniper Apstra UI. A Connectivity Template is a set of configuration parameters that can be applied to a device or a group of devices in a blueprint. You can use Connectivity Templates to configure static routes, BGP, OSPF, and other network services. To create a Connectivity Template, you need to go to the Staged tab and select Connectivity Templates from the left menu. Then, you can click on the + icon to create a new template. You can specify the name, description, and scope of the template. The scope determines which devices or device groups the template will be applied to. You can also specify the order of the template, which determines the priority of the template when multiple templates are applied to the same device. After creating the template, you can add configuration items to the template. To add a static route, you need to select Static Route from the drop-down menu and enter the destination network, subnet mask, and next-hop IP address. You can also specify the administrative distance and the track object for the static route. After adding the configuration items, you need to save the template and commit the changes to the blueprint. The other options are incorrect because:

A. under Active - > Virtual - > Routing Zones is wrong because this option allows you to view and modify the existing routing zones, but not to configure static routes for them.

B. under Staged - > Virtual - > Routing Zones is wrong because this option allows you to create and delete routing zones, but not to configure static routes for them.

C. under Active - > Connectivity Templates is wrong because this option allows you to view the existing connectivity templates, but not to create or modify them.  References :

Connectivity Templates

Data Center Automation Using Juniper Apstra

The cabling map is a graphical representation of the physical connections between the devices in the data center fabric. It shows the status of the cables, interfaces, and BGP sessions for each device. You can use the cabling map to verify and repair the cabling before deploying your blueprint. Based on the web search results, we can infer the following statements:

Apstra can use LLDP data from the spine-to-leaf fabric devices to update the connections in the cabling map.  This is true because Apstra can collect LLDP data from the devices using the Generic Graph Collector processor and use it to update the cabling map automatically.  LLDP is a protocol that allows devices to exchange information about their identity, capabilities, and neighbors 1 2 .

Apstra can use LLDP data from the leaf devices to update the leaf-to-generic connections in the cabling map.  This is true because Apstra can also collect LLDP data from the leaf devices and use it to update the connections to the generic devices, such as routers, firewalls, or servers.  Generic devices are devices that are not managed by Apstra but are part of the data center fabric 2 3 .

You must manually change the cabling map to update spine-to-leaf fabric links.  This is false because Apstra can use LLDP data to update the spine-to-leaf fabric links automatically, as explained above.  However, you can also manually change the cabling map to override the Apstra-generated cabling, if needed 2 4 .

You must manually change the cabling map to update leaf-to-generic links.  This is false because Apstra can use LLDP data to update the leaf-to-generic links automatically, as explained above.  However, you can also manually change the cabling map to override the Apstra-generated cabling, if needed 2 4 .  References :

LLDP Overview

Edit Cabling Map (Datacenter)

Generic Devices

Import / Export Cabling Map (Datacenter)

A cabling anomaly is an issue that occurs when the physical connections between the devices in the data center fabric do not match the expected connections based on the Apstra Reference Design. A cabling anomaly can cause problems such as incorrect routing, suboptimal traffic flow, or device isolation. To remediate the issue, you can use one or both of the following methods:

Manually edit the cabling map.  This allows you to override the Apstra-generated cabling and specify the correct connections between the devices.  You can use the Apstra UI or the Apstra CLI to edit the cabling map and apply the changes to the fabric 1 2 .

Have Apstra autoremediate the cabling map using LLDP.  This allows Apstra to collect LLDP data from the devices and use it to update the cabling map automatically. LLDP is a protocol that allows devices to exchange information about their identity, capabilities, and neighbors.  Apstra can use the LLDP data to detect and correct any cabling errors in the fabric 3 4 .  References :

Edit Cabling Map (Datacenter)

Import / Export Cabling Map (Datacenter)

LLDP Overview

Anomalies (Service)

According to the Juniper documentation 1 , an ESI-LAG is a link aggregation group (LAG) that spans two or more devices and is identified by an Ethernet segment identifier (ESI). An ESI-LAG provides redundancy and load balancing for a multihomed server in an EVPN-VXLAN network. To configure an ESI-LAG, you need to ensure that the following requirements are met:

The LACP system ID on both devices must be the same. This ensures that the LACP protocol can negotiate the LAG parameters and form a single logical interface for the server.

The ESI ID on both devices must be the same. This ensures that the EVPN control plane can advertise the ESI-LAG as a single Ethernet segment and synchronize the MAC and IP addresses of the server across the devices.

The VLAN ID and VNI on both devices must be the same. This ensures that the server can communicate with other hosts in the same virtual network and that the VXLAN encapsulation and decapsulation can work properly.

In the exhibit, the LACP system ID and the ESI ID on both devices are different, which prevents the ESI-LAG from coming up as multihomed. Therefore, the correct answer is B and D. The LACP system ID on both devices must be the same and the ESI ID on both devices must be the same.  References :  ESI-LAG Made Easier with EZ-LAG ,  Example: Configuring an ESI on a Logical Interface With EVPN-MPLS Multihoming ,  Introduction to EVPN LAG Multihoming

To create a new routing zone, you must specify the VRF Name, VLAN ID, and VNI for the routing zone. These are the mandatory fields in the user interface shown in the exhibit. The VRF Name is the name of the L3 domain that isolates the IP traffic of the routing zone from other routing zones. The VLAN ID is the identifier for the VLAN tagged Layer 3 links on external connections. The VNI is the VxLAN Network Identifier associated with the routing zone. The Routing Policies are optional fields that allow you to configure import and export route targets for the routing zone. These are only applicable for EVPN routing zones, which use MP-EBGP as the overlay control protocol. The other options are incorrect because:

A. VRF Name only is wrong because you also need to specify the VLAN ID and VNI for the routing zone.

B. VRF Name and Routing policies is wrong because you also need to specify the VLAN ID and VNI for the routing zone. Routing policies are optional and only relevant for EVPN routing zones.

D. VRF Name, VLAN ID, VNI, Routing Policies is wrong because Routing Policies are optional and not required to create a new routing zone.  References :

Routing Zones (Virtual)

Data Center Automation Using Juniper Apstra

When a new switch is added to Juniper Apstra software, it initially shows the “0 OS-Quarantined” status, which means that the device is not yet managed by Apstra and has not been assigned to any blueprint. The proper next step to make the device ready for use in a blueprint is to acknowledge the device, which is a manual action that confirms the device identity and ownership.  Acknowledging the device changes its status to “OOS-Ready”, which means that the device is ready to be assigned to a blueprint and deployed 1 2 .  References :

Managing Devices

AOS Device Configuration Lifecycle