www.HadoopExam.com

HadoopExam Learning Resources

Question1. You have a website called QuickTechie.com which has their own datacenter in Geneva, And you webserver is deployed in AWS VPC. Now you wish to make a VPN connection between DataCenter and AWS VPC so that your technical team can connect with VPC

Q1. You have a website called QuickTechie.com which has their own datacenter in Geneva, And you webserver is deployed in AWS VPC. Now you wish to make a VPN connection between DataCenter and AWS VPC so that your technical team can connect with VPC So what you have to do ?

A. By using dedicated NAT instance in the public/private subnet.

B. You dont have to do other than installing VPN software on both side VPC subnet and Data Center

C. In the Amazon VPC Internet Gateway you have to assign a static Internet-routable IP address.

D. Change the security group of the all installed instances in VPC.

 

Ans : C

Exp : Your company has decided to use an optional Amazon VPC VPN connection that links your data center (or network) to your Amazon VPC virtual private cloud (VPC). A customer gateway is the anchor on your side of that connection. It can be a physical or software appliance. The anchor on the AWS side of the VPN connection is called a virtual private gateway.

The address of the external interface for your customer gateway must be a static address. We recommend that you don't put your customer gateway behind a device performing network address translation (NAT).

From time to time, AWS performs routine maintenance on the virtual private gateway. This maintenance may disable one of the two tunnels of your VPN connection for a brief period of time. Your VPN connection automatically fails over to the second tunnel while this maintenance is performed. To ensure uninterrupted service, it's important that you configure both tunnels.

When you create a VPN connection, the VPN tunnel comes up when traffic is generated from your side of the VPN connection. The virtual private gateway is not the initiator; your customer gateway must initiate the tunnels.

When you create multiple VPN connections, the virtual private gateway sends network traffic to the appropriate VPN connection using statically assigned routes or BGP route advertisements, depending upon how the VPN connection was configured. Statically assigned routes are preferred over BGP advertised routes in cases where identical routes exist in the virtual private gateway.

When you have customer gateways at multiple geographic locations, each customer gateway should advertise a unique set of IP ranges specific to the location. When you establish redundant customer gateways at a single location, both gateways should advertise the same IP ranges.

The virtual private gateway receives routing information from all customer gateways and calculates the set of preferred paths using the BGP best path selection algorithm. The rules of that algorithm, as it applies to VPC, are:

1.The most specific IP prefix is preferred (for example, 10.0.0.0/24 is preferable to 10.0.0.0/16)

2.When the prefixes are the same, statically configured VPN connections, if they exist, are preferred. For matching prefixes where each VPN connection uses BGP, the AS PATH is compared and the prefix with the shortest AS PATH is preferred. Alternatively, you can prepend AS_PATH, so that the path is less preferred.

3.When the AS PATHs are the same length, the path origin is compared. Prefixes with an Interior Gateway Protocol (IGP) origin are preferred to Exterior Gateway Protocol (EGP) origins, which are preferred to unknown origins.

4.When the origins are the same, the router IDs of the advertising routes are compared. The lowest router ID is preferred.

5.When the router IDs are the same, the BGP peer IP addresses are compared. The lowest peer IP address is preferred.

You have no rights to post comments

Comments   

0 # Amazon WebService Developer CertificationSameer 2015-04-28 16:55
Dear HadoopExam,

Please let me know, when will be AWS Developer Certification Simulator will be released.

Thanks
0 # RE: Amazon WebService Developer CertificationHadoopExam Learning 2015-04-28 16:57
Hi Sameer, AWS Developer Certification Additional Practice Questions will be available in next two weeks.
You are here: Home AWS (Amazon WebService) AWS Sol Architect Associate Question1. You have a website called QuickTechie.com which has their own datacenter in Geneva, And you webserver is deployed in AWS VPC. Now you wish to make a VPN connection between DataCenter and AWS VPC so that your technical team can connect with VPC