Start-up Company has 3 VPC created for a test setup.
VPC A is peering with VPC B & VPC C.
VPC B& VPC C have the same CIDR block.
There is a single instance in VPC B & 100+ instance in VPC C.
Instance in VPC A needs to communicate with an instance in VPC B & all instances in VPC C.
Which of the following routing can be used to meet this requirement?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: B.
VPC Route table selects routes based upon the longest prefix match.
In the above case, VPC B & C have the same subnet.
So, from VPC A to communicate with an instance in VPC B, a more specific route is added in the route table so that it will be preferred.
For communication with instances in VPC C, less specific routes will be added.
So communication can be established between instances in VPC A & all instances in VPC.
C.Option A is incorrect as Since VPC B & VPC C share the same subnet, routing entry for a more specific instance in VPC B should be made in VPC A routing table & not in the VPC B routing table.
Also, if VPC B is only peering with VPC A, more specific or less specific will not matter.
But a routing entry should be added for all instances in VPC A.Option C is incorrect as Creating a new VPC with different subnets is not required as communication between instances in VPC B & VPC A can be achieved by routing changes.
Option D is incorrect as adding less specific routes for instance in VPC B will make VPC A prefer routes in VPC C over VPC.
B.For more information on VPC Peering, refer to the following URL-
https://docs.aws.amazon.com/vpc/latest/peering/peering-configurations-partial-access.htmlTo allow communication between instances in VPC A, VPC B, and VPC C, a routing solution needs to be implemented.
Option A suggests adding a more specific routing entry for the instance in VPC A in the routing table of VPC B pointing to the target as VPC peering connection between VPC A and VPC B. This solution allows VPC B to know the route for the instance in VPC A through the VPC peering connection. However, this solution does not provide connectivity for VPC C, which also needs to communicate with the instance in VPC A.
Option B suggests adding a more specific routing entry for the instance in VPC B in the routing table of VPC A pointing to the target as VPC peering connection between VPC A and VPC B. This solution allows VPC A to know the route for the instance in VPC B through the VPC peering connection. However, this solution does not provide connectivity for instances in VPC C, which also need to communicate with the instance in VPC A.
Option C suggests creating a new VPC with separate subnets between VPC A and VPC B. This solution requires significant changes to the current network architecture and is not necessary to achieve the desired outcome.
Option D suggests adding a less specific routing entry for the instance in VPC A in the routing table of VPC B pointing to the target as VPC peering connection between VPC A and VPC B. This solution allows VPC B to know the route for the instance in VPC A through the VPC peering connection. Additionally, it provides connectivity for instances in VPC C to communicate with the instance in VPC A. However, this solution may result in routing conflicts if there are multiple routes for the same destination.
Therefore, the best solution for allowing communication between the instance in VPC A, the instance in VPC B, and all instances in VPC C is to choose option D, which involves adding a less specific routing entry for the instance in VPC A in the routing table of VPC B pointing to the target as VPC peering connection between VPC A and VPC B.