Topic 1 Question 27

Professional Cloud Architect

Topic 1 Question 27
Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?
- Google Cloud Dedicated Interconnect
- Google Cloud VPN connected to the data center network
- A NAT and TLS translation gateway installed on-premises
- A Google Compute Engine instance with a VPN server installed connected to the data center network
解説
Google Cloud Dedicated Interconnect provides direct physical connections and RFC 1918 communication between your on-premises network and Google's network. Dedicated Interconnect enables you to transfer large amounts of data between networks, which can be more cost effective than purchasing additional bandwidth over the public Internet or using VPN tunnels. Benefits: ✑ Traffic between your on-premises network and your VPC network doesn't traverse the public Internet. Traffic traverses a dedicated connection with fewer hops, meaning there are less points of failure where traffic might get dropped or disrupted. ✑ Your VPC network's internal (RFC 1918) IP addresses are directly accessible from your on-premises network. You don't need to use a NAT device or VPN tunnel to reach internal IP addresses. Currently, you can only reach internal IP addresses over a dedicated connection. To reach Google external IP addresses, you must use a separate connection. ✑ You can scale your connection to Google based on your needs. Connection capacity is delivered over one or more 10 Gbps Ethernet connections, with a maximum of eight connections (80 Gbps total per interconnect). ✑ The cost of egress traffic from your VPC network to your on-premises network is reduced. A dedicated connection is generally the least expensive method if you have a high-volume of traffic to and from Google's network. Reference: https://cloud.google.com/interconnect/docs/details/dedicated

ユーザの投票
コメント(17)
- A is the one
  
  👍 24
  AWS562020/01/11
- Let's go with option elimination A. Google Cloud Dedicated Interconnect >> Secured, fast connection, hence the choice. This will allow private connection from GCP to the data centre with a fast connection. Cost is not mentioned in the requirement to eliminate this option. B. Google Cloud VPN connected to the data centre network >> We have to think about data flowing on the internet and the requirement talks about private connect. Also not sure how well you connect VPN with Data Center until you use the hybrid option. https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview hence eliminate C. A NAT and TLS translation gateway installed on-premises >>This is a VM option to reach outside won't for this requirement hence eliminate D. A Google Compute Engine instance with a VPN server installed connected to the data centre network >>This is a slow option hence eliminate
  
  Hence A
  
  👍 15
  amxexam2021/08/24
- Challenge me but this is answer B. I have 4TB DB, frequent update would be what ? 50% daily change means 2TB daily means ~25Mbps. With VPN I can easily achieved that. It is typical ingress to cloud free ....It would be madness to pay 5k montly only for Directo Connect...
  
  👍 5
  hibi6x2021/12/16
シャッフルモード

解説

ユーザの投票

コメント(17)