Examtopics

AWS Certified Advanced Networking - Specialty

  • Topic 1 Question 244

    A company is planning to migrate to AWS and use multiple VPCs in multiple AWS Regions. A network engineer must connect the eu-west-1 and eu-central-1 Regions to the company headquarters and branch office, respectively.

    The network engineer created a production VPC, named Prod A, with a CIDR block of 10.0.0.0/16. Prod A runs in an account in eu-west-1. The network engineer then created another production VPC, named Prod B, with a CIDR block of 10.1.0.0/16. Prod В runs in a different account in eu-central-1.

    The network engineer performed the following steps to try to achieve the required connectivity:

    1. Created one transit gateway in each Region
    2. Shared and accepted the transit gateways with the production accounts in both Regions
    3. Configured the peering attachment between both transit gateways
    4. Attached both VPCs to the respective Region transit gateway
    5. Created both transit gateway route tables and associated the attachments with the route tables
    6. Configured a static route in both transit gateway route tables to send traffic to the remote VPC in the other Region
    7. Activated route propagation on the VPC route tables in each Region

    After the configuration, the network engineer tried to connect from Prod A to Prod B. However, the connection was unsuccessful.

    What should the network engineer do to achieve the required connectivity?

    • Modify the IP address of the peering attachment to a wider range.

    • Delete the static routes that were in the transit gateway route table to send traffic to the remote VPC and enable route propagation instead.

    • Create a new route destined to 10.0.0.0/8 in both production VPC route tables with the Region transit gateway as the target.

    • Modify the transit gateway route tables from the production accounts to propagate routes dynamically between the production VPCs.

    シャッフルモード