Q17 — AWS ANS-C01 Ch.1

Question 17 of 100 | ← Chapter 1

A company has multiple VPCs with subnets that use IPv4. Traffic from the VPCs to the internet uses a NAT gateway. The company wants to Transition to IPv6.A network engineer creates multiple IPv6-only subnets in an existing testing VPC. The network engineer deploys a new Amazon EC2 instance that Has an IPv6 address into one of the subnets. During testing, the network engineer discovers that the new EC2 instance is not able to communicate With an IPv4-only service through the internet. The network engineer needs to enable the IPv6 EC2 instance to communicate with the IPv4-only Service. Which solution will meet this requirement?

Correct Answer: A. Enable DNS64 for the IPv6-only subnets. Update the route tables for the IPv6-only subnets to send traffic through the NAT gateway.

Explanation

IPv6-only子网中的EC2实例访问IPv4服务需依赖DNS64和NAT64机制。AWS官方文档说明,DNS64将IPv4地址转换为IPv6格式,而NAT64处理协议转换。若子网未配置DNS64,无法解析IPv4服务的AAAA记录。答案选项A提及启用DNS64并通过NAT网关路由,可能基于NAT网关处理IPv4出站流量(尽管AWS NAT网关仅支持IPv4)。正确配置需确保DNS64合成地址后,IPv6流量路由至支持NAT64的设备,但根据答案,选项A符合题干设定。