Your company plans to set up a VPN connection between a VPC hosted in AWS and its on-premises data center.
There is a need to ensure that on-prem to AWS connectivity remains highly available and at the same time to ensure cost is kept to a minimum.
What would you do to ensure these requirements are kept?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - A.
As per AWS Docs,
To enable redundancy/high availability, each VPN connection has two tunnels by default that can be configured for high availability.
The second tunnel can be used in case if the first tunnel fails.
Refer to page 120 on the below link:
https://docs.aws.amazon.com/vpn/latest/s2svpn/s2s-vpn-user-guide.pdf#VPC_VPN https://aws.amazon.com/answers/networking/aws-single-data-center-ha-network-connectivity/Option A is correct. By default, a VPN has two tunnels that are established over different physical devices to ensure high availability. If one tunnel becomes unavailable, the other tunnel can be used to maintain connectivity. This ensures that on-premises to AWS connectivity remains highly available without incurring additional costs.
Option B is not a suitable solution as Direct Connect is an expensive option and is not required for this scenario.
Option C is not applicable in this scenario as VPC peering is used to connect VPCs within the same region, and cannot be used to connect an on-premises data center to a VPC in AWS.
Option D is not required as a single VPN connection with two tunnels provides high availability, and creating additional VPN connections would unnecessarily increase costs.
In summary, to ensure high availability and cost-effective connectivity between an on-premises data center and a VPC hosted in AWS, it is recommended to use the default VPN configuration with two tunnels.