Which policy blocks TLOCs from remotes and allows TLOCs from the data center to form hub-and-spoke peering?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
In Cisco SD-WAN, TLOCs (Transport Locators) represent the physical or virtual interfaces of the SD-WAN edge devices (e.g., routers, firewalls) that are used to establish connectivity with other sites. TLOCs are grouped into TLOCs lists that define how traffic flows between sites, and they are used to form hub-and-spoke or mesh topologies.
To answer the question, we need to identify the policy that blocks TLOCs from remotes and allows TLOCs from the data center to form hub-and-spoke peering. Based on the options provided, there are two types of policies that can be used in Cisco SD-WAN: centralized and localized policies, and each of them can be either a control policy or a data policy.
Control policies are used to control how the SD-WAN edge devices operate, including routing, security, and other functions that are centralized or distributed across the network. Control policies can be centralized or localized.
Data policies are used to control how data is processed and forwarded across the SD-WAN network. Data policies can also be centralized or localized.
Based on this information, we can eliminate options A and D because they are both data policies, and the question is asking for a policy that controls TLOCs, which is a control function. This leaves us with options B and C, which are both control policies.
Localized control policy: This policy is configured on the SD-WAN edge device and controls the device's behavior based on the local conditions, such as the quality of the WAN link or the available resources. Localized control policies are useful when the SD-WAN network has a distributed architecture with multiple edge devices.
Centralized control policy: This policy is configured on the SD-WAN controller and controls the behavior of all SD-WAN edge devices in the network. Centralized control policies are useful when the SD-WAN network has a centralized architecture with a single or a few controllers.
Based on the above descriptions, option B (localized control policy) seems unlikely to be the correct answer because it is focused on local conditions rather than network-wide peering. Therefore, the most likely answer is option C (centralized control policy).
A centralized control policy can be used to define the TLOC lists and specify which TLOCs are allowed to form hub-and-spoke peering. For example, the policy could include a whitelist of TLOCs from the data center that are allowed to participate in hub-and-spoke peering, while all other TLOCs (i.e., from remote sites) are blocked. This would ensure that only the data center TLOCs are used as hubs, while remote TLOCs can only connect to the hubs.