AWS Certified Advanced Networking - Specialty Exam: Not Captured Traffic Types in VPC Flow Logs | Provider: Amazon

Traffic Types Not Captured by VPC Flow Logs

Q: Which of the following are traffic types which are not captured by VPC flow logs.Choose 3 answers from the options given below.

DHCP trafficTraffic to and from 169.254.169.254Traffic generated by instances when they contact the Amazon DNS server.

Prev Question Next Question

Question

Which of the following are traffic types which are not captured by VPC flow logs.

Choose 3 answers from the options given below.

Answers

A. DHCP traffic

B. IP traffic going to and from network interfaces

C. Traffic to and from 169.254.169.254

D. Traffic generated by instances when they contact the Amazon DNS server.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Answer - A, C and D.

The AWS documentation mentions the following on the types of traffic not captured by VPC flow logs.

Traffic generated by instances when they contact the Amazon DNS server.

If you use your own DNS server, then all traffic to that DNS server is logged.

Traffic generated by a Windows instance for Amazon Windows license activation.

Traffic to and from 169.254.169.254 for instance metadata.

DHCP traffic.

Traffic to the reserved IP address for the default VPC router.

For more information on VPC flow logs captured traffic , please refer to the below link:

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-logs-basics

VPC flow logs provide visibility into the traffic flow in your VPC network. They capture metadata about IP traffic flows, such as source and destination IP addresses, ports, and protocols, and publish this data to an Amazon S3 bucket or CloudWatch Logs for analysis.

However, there are certain types of traffic that VPC flow logs do not capture. The correct answers to this question are A, C, and D.

A. DHCP traffic: VPC flow logs do not capture DHCP traffic, which is used for assigning IP addresses to instances in your VPC network.

C. Traffic to and from 169.254.169.254: This is the local metadata service in AWS, which provides information about your instance. VPC flow logs do not capture traffic to and from this address.

D. Traffic generated by instances when they contact the Amazon DNS server: Instances in your VPC network use the Amazon DNS server to resolve domain names to IP addresses. VPC flow logs do not capture traffic generated by instances when they contact the Amazon DNS server.

B. IP traffic going to and from network interfaces: This option is incorrect. VPC flow logs capture all IP traffic going to and from network interfaces in your VPC network, including traffic within subnets and between subnets.

In summary, VPC flow logs do not capture DHCP traffic, traffic to and from 169.254.169.254, and traffic generated by instances when they contact the Amazon DNS server.

Prev Question Next Question