www.HadoopExam.com

HadoopExam Learning Resources

Question 2. You have in total 15 offices, and all the employee related information is stored under AWS VPC instances. Now all the offices wants to connect the instances in VPC using VPN. What problem do you see in this scenerio ?

Q2. You have in total 15 offices, and all the employee related information is stored under AWS VPC instances. Now all the offices wants to connect the instances in VPC using VPN. What problem do you see in this scenerio ?

1. You can not create more than 1 VPN connections with single VPC

2. You can not create more than 10 VPN connections with single VPC

3. When you create multiple VPN connections, the virtual private gateway can not sends network traffic to the appropriate VPN connection using statically assigned routes.

4. Statically assigned routes can not be configured in case of more than 1 VPN with virtual private gateway.

5. None of above

 

Ans  : 2

Exp : Configuring Multiple VPN Connections to Your Amazon VPC

You can create up to ten VPN connections for your VPC. You can use multiple VPN connections to link your remote offices to the same VPC. For example, if you have offices in Los Angeles, Chicago, New York, and Miami, you can link each of these offices to your VPC. You can also use multiple VPN connections to establish redundant customer gateways from a single location.

Note

If you need more than ten VPN connections, complete the Request to Increase Amazon VPC Limits form to request an increased limit.

When you create multiple VPN connections, the virtual private gateway sends network traffic to the appropriate VPN connection using statically assigned routes or BGP route advertisements, depending upon how the VPN connection was configured. Statically assigned routes are preferred over BGP advertised routes in cases where identical routes exist in the virtual private gateway.

When you have customer gateways at multiple geographic locations, each customer gateway should advertise a unique set of IP ranges specific to the location. When you establish redundant customer gateways at a single location, both gateways should advertise the same IP ranges.

The virtual private gateway receives routing information from all customer gateways and calculates the set of preferred paths using the BGP best path selection algorithm. The rules of that algorithm, as it applies to VPC, are:

1.The most specific IP prefix is preferred (for example, 10.0.0.0/24 is preferable to 10.0.0.0/16)

2.When the prefixes are the same, statically configured VPN connections, if they exist, are preferred. For matching prefixes where each VPN connection uses BGP, the AS PATH is compared and the prefix with the shortest AS PATH is preferred. Alternatively, you can prepend AS_PATH, so that the path is less preferred.

3.When the AS PATHs are the same length, the path origin is compared. Prefixes with an Interior Gateway Protocol (IGP) origin are preferred to Exterior Gateway Protocol (EGP) origins, which are preferred to unknown origins.

4.When the origins are the same, the router IDs of the advertising routes are compared. The lowest router ID is preferred.

5.When the router IDs are the same, the BGP peer IP addresses are compared. The lowest peer IP address is preferred.

 

You have no rights to post comments

You are here: Home AWS (Amazon WebService) AWS Sol Architect Associate Question 2. You have in total 15 offices, and all the employee related information is stored under AWS VPC instances. Now all the offices wants to connect the instances in VPC using VPN. What problem do you see in this scenerio ?