Q40 — AWS ANS-C01 Ch.1

Question 40 of 100 | ← Chapter 1

A company has a single VPC in the us-east-1 Region. The company is planning to set up a new VPC in the us-east-2 Region. The existing VPC has An AWS Site-to-Site VPN connection to the company's on-premises environment and uses a virtual private gateway.A network engineer needs to implement a solution to establish connectivity between the existing VPC and the new VPC. The solution also must Implement support for IPv6 for the new VPC. The company has new on-premises resources that need to connect to VPC resources by using IPv6 Addresses. Which solution will meet these requirements?

Correct Answer: B. Create a transit gateway in us-east-1 and in us-east-2. Attach the existing VPC and the new VPC to each transit gateway. Create a new Siteto-Site VPN connection to each transit gateway with IPv4 and IPv6 support. Configure transit gateway peering. Configure routing between the VPCs and the on-premises environment.

Explanation

AWS的Transit Gateway用于跨区域连接多个VPC和本地网络。根据架构最佳实践,跨区域VPC互联需在每个区域部署Transit Gateway并通过Peering连接。新VPC需要IPv6支持,需在Site-to-Site VPN中启用IPv6。选项B通过在两个区域创建Transit Gateway并附加各VPC,利用VPN连接的双协议栈和Transit Gateway Peering实现跨区域通信及IPv6支持。其他选项的VPC Peering无法直接处理跨区域路由或同时集成VPN连接。AWS Transit Gateway文档和VPC互联方案推荐此架构。