Your company has an AWS Direct Connect connection from a VPC to an on-premise location.
Which of the following can be used as a backup incase the Direct Connect connection fails for any reason.
Choose 2 answers from the options given below.
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B and C.
The AWS Documentation mentions the following.
If you have established a second AWS Direct Connect connection, traffic will failover to the second link automatically.
We recommend enabling Bidirectional Forwarding Detection (BFD) when configuring your connections to ensure fast detection and failover.
If you have configured a back-up IPsec VPN connection instead, all VPC traffic will failover to the VPN connection automatically.
Traffic to/from public resources such as Amazon S3 will be routed over the Internet.
For more information on Direct Connect please see the below link:
https://aws.amazon.com/directconnect/faqs/In case of a Direct Connect connection failure, you can use the following options as a backup:
B. Setup a secondary Direct Connect connection: You can configure a secondary Direct Connect connection as a backup to your primary Direct Connect connection. You can create a second Direct Connect connection in a different physical location, and ensure that the Direct Connect location is not a single point of failure. You can then use Direct Connect Gateway to route traffic to the on-premises location via the secondary Direct Connect connection.
C. Setup a VPN connection: You can configure a VPN connection as a backup to your Direct Connect connection. You can use the VPN to provide a secure and encrypted tunnel between your VPC and the on-premises location. You can create a VPN connection using AWS Virtual Private Gateway and a customer gateway located on the on-premises side.
D. Setup a peering connection: You can configure a VPC peering connection as a backup to your Direct Connect connection. You can establish a VPC peering connection between the VPC and an on-premises network to route traffic between them. You can then use the peering connection to route traffic to the on-premises location if the Direct Connect connection fails.
A. There is no need to configure this as AWS will fall back to a secondary Direct Connect connection as per their SL: This option is not correct as there is no automatic failover provided by AWS in case of Direct Connect connection failure. It is the customer's responsibility to configure a backup solution.