Q86 — AWS ANS-C01 Ch.1
Question 86 of 100 | ← Chapter 1
A company has a highly available application that is hosted in multiple VPCs and in two on-premises data centers. All the VPCs reside in the same AWS Region. All the VPCs require access to each other and to the on-premises data centers for the transfer of files that are multiple gigabytes in Size.A network engineer is designing an AWS Direct Connect solution to connect the on-premises data centers to each VPC. Which architecture will meet the company's requirements with the LEAST operational overhead?
- A. Configure a virtual private gateway and a private VIF in each VPC in the Region. Configure a Direct Connect gateway. Associate the VIF of Every VPC with the Direct Connect gateway. Create a new private VIF that connects the Direct Connect gateway to each on-premises data Center. Configure the new private VIF to exchange BGP routes with the on-premises data centers and to have an MTU of 9001. Use VPC Peering between each VPC. Configure static routing in each VPC to provide inter-VPC routing.
- B. Configure a virtual private gateway and a private VIF in each VPC in the Region. Configure a Direct Connect gateway. Associate the VIF of Every VPC with the Direct Connect gateway. Create a new private VIF that connects the Direct Connect gateway to each on-premises data Center. Configure the new private VIF to exchange BGP routes with the on-premises data centers and to have an MTU of 8500. Use VPC Peering between each VPC. Configure static routing in each VPC to provide inter-VPC routing.
- C. Configure a transit gateway in the same Region of each VPAttach each VPC to the transit gateway. Configure a Direct Connect gateway. Associate the Direct Connect gateway with the transit gateway. Associate a new transit VIF with each Direct Connect connection. Configure The new transit VIF to exchange BGP routes and to have an MTU of 9001. Configure route propagation between each VPC and the transit Gateway.
- D. Configure a transit gateway in the same Region of each VPC. Attach each VPC to the transit gateway. Configure a Direct Connect gateway. Associate the Direct Connect gateway with the transit gateway. Associate a new transit VIF with each Direct Connect connection. Configure The new transit VIF to exchange BGP routes and to have an MTU of 8500. Configure route propagation between each VPC and the transit Gateway. ✓
Correct Answer: D. Configure a transit gateway in the same Region of each VPC. Attach each VPC to the transit gateway. Configure a Direct Connect gateway. Associate the Direct Connect gateway with the transit gateway. Associate a new transit VIF with each Direct Connect connection. Configure The new transit VIF to exchange BGP routes and to have an MTU of 8500. Configure route propagation between each VPC and the transit Gateway.
Explanation
AWS Direct Connect连接多个VPC和本地数据中心时,最佳实践采用Transit Gateway简化架构。Transit Gateway集中管理VPC和本地网络连接,替代多个VPC对等连接,降低维护复杂度。AWS文档指出Transit VIF最大MTU为8500(非9001),大文件传输需要启用Jumbo Frames需在VPC内额外配置。选项D正确结合Transit Gateway与Direct Connect Gateway,MTU设置为8500符合规范,路由传播自动处理避免静态路由维护。其他选项使用VPC Peering会导致全互联架构,静态路由增加管理负担;MTU设置9001在Transit VIF场景不适用。