AWS Certified Advanced Networking - Specialty Exam: Solution for VPC Reachability

Effective Solution for Reachability between VPC A Web-Servers and Vendors in VPC B & VPC C

Prev Question Next Question

Question

An IT organization has deployed two web servers in VPC A created in the us-west-1 region.Each of these web servers is managed by 2 external vendors having their infrastructure built in VPC B & VPC C, respectively, in the same CIDR range.

As an AWS Consultant, you need to provide an effective solution to have reachability between VPC A web-servers with vendor instance in VPC B & VPC C.

Which of the following solution will you provide to meet this requirement?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F. G. A. . . D. B. .

Correct Answer - C.

Since VPC B & VPC C use the same CIDR range while creating Peering between VPC A & VPC B, VPC A & VPC C, routing should be done with the peering IDs present in each of the VPCs: VPC B & VPC.

C.Option A is incorrect since VPC B & VPC C are using the same CIDR range, VPC A will not have the same prefixes in the route table to different VPC peers.

Options B & D are incorrect as Transitive VPC peering is not supported.

For more information on VPC Peering with Specific routes, refer to the following URL.

https://docs.aws.amazon.com/vpc/latest/peering/peering-configurations-partial-access.html

The correct answer to this question is option D: Create VPC Peering between VPC A & VPC B along with VPC B & VPC C.

Explanation: VPC peering is a technique to connect two VPCs in the same or different regions using the private IP addresses. By creating a VPC peering connection, instances in one VPC can communicate with instances in the other VPC using private IP addresses.

In this scenario, VPC A contains web servers that need to communicate with vendor instances in VPC B and VPC C. However, VPC B and VPC C have the same CIDR range, which means that their IP addresses may overlap. To solve this problem, we need to create VPC peering connections between VPC A and VPC B and between VPC B and VPC C. This will allow the web servers in VPC A to communicate with vendor instances in VPC B and VPC C without any IP address conflicts.

Option A, Create VPC Peering between VPC A & VPC B along with VPC A & VPC is incorrect because it only creates a peering connection between VPC A and VPC B, but not between VPC B and VPC C.

Option B, Create a route in VPC A route table pointing to the CIDR block in VPC B & VPC is incorrect because it assumes that VPC B and VPC C have non-overlapping IP addresses, which is not the case in this scenario.

Option C, In VPC B & VPC C, add a specific route pointing to the CIDR block in VPC, is incorrect because it also assumes that VPC B and VPC C have non-overlapping IP addresses, which is not the case in this scenario.

Option E, Create a route in VPC A route table pointing to VPC B for CIDR range in VPC B & VPC is incorrect because it also assumes that VPC B and VPC C have non-overlapping IP addresses, which is not the case in this scenario.

Option F, In VPC B route table, create a route for VPC A CIDR range pointing to VPC A & VPC C CIDR range pointing to VPC, is incorrect because it assumes that VPC A and VPC C have non-overlapping IP addresses, which is not the case in this scenario.

Option G, In VPC C route table, create a route for VPC A & VPC B CIDR range pointing to VPC, is incorrect because it assumes that VPC B and VPC C have non-overlapping IP addresses, which is not the case in this scenario.

Therefore, the correct solution is to create VPC peering connections between VPC A and VPC B and between VPC B and VPC C.