Your company previously configured a heavily used, dynamically routed VPN connection between your onpremises data center and AWS. You recently provisioned a DirectConnect connection and would like to start
using the new connection. After configuring DirectConnect settings in the AWS Console, which of the following
options win provide the most seamless transition for your users?
A.
Delete your existing VPN connection to avoid routing loops configure your DirectConnect router with the
appropriate settings and verity network traffic is leveraging DirectConnect.
B.
Configure your DirectConnect router with a higher 8GP priority man your VPN router, verify network traffic is
leveraging Directconnect and then delete your existing VPN connection.
C.
Update your VPC route tables to point to the DirectConnect connection configure your DirectConnect router
with the appropriate settings verify network traffic is leveraging DirectConnect and then delete the VPN
connection.
D.
Configure your DirectConnect router, update your VPC route tables to point to the DirectConnect
connection, configure your VPN connection with a higher BGP pointy. And verify network traffic is leveraging
the DirectConnect connection.
Explanation:
B is incorrect as you do not have insight into the public ip associated with a VPC Internet Gateways.
C is incorrect as ELB receives a public DNS name.
D would exceed the maximum of 4 whitelisting IP addresses.
c
0
0
Answer is C.
Explanation is for the previous question.
0
0
C
0
0
Correct answer is B.
https://acloud.guru/forums/aws-certified-solutions-architect-professional/discussion/-KWVDow4aXPEdVfmBcZD/after_configuring_directconnec?answer=-KEumOizxt7FB42WH8G5
0
0
Answer is C.
0
0
Chose B
Since we are already using a dynamic VPN, we can assume the VPC routing tables are already set to propagate routes, and Direct Connect propagated routes are always preferred over VPN dynamic routes. Therefore anything mentioning updating VPC route tables cannot be correct since traffic coming from AWS will already be correctly routed to prefer the Direct Connect connection. A is obviously also incorrect since it removes the VPN connection before the router is configured for Direct Connect. Therefore, the only answer remaining is B. My understanding from the Advanced Networking course is that changing BGP priority/weight is a configurable attribute to preference one path over another, but it is vendor specific.
0
0
B
0
0
The question is ‘the most seamless transition’ . ‘seamless’ means you can’t drop the VPN before you have confirmed all traffic has been on the new DirectConnect .
A is not correct because it Delete the existing VPN before making sure the cut over has been fine.
C , since there is no priority between both VPN and DirectConnect, the traffic maybe on both randomly. Some connection will be broken while delete VPN
0
0