www.HadoopExam.com

HadoopExam Learning Resources

Question 1 : QuickTechie.com has three different datacenters in Mumbai, Geneva and Navada. Which is planning to extend their data center by connecting their DC with the AWS VPC using the VPN gateway. QuickTechie.com is setting up a dynamically routed VPN

Question 1 : QuickTechie.com has three different datacenters in Mumbai, Geneva and Navada. Which is planning to extend their data center by connecting their DC with the AWS VPC using the VPN gateway. QuickTechie.com is setting up a dynamically routed VPN connection. Select the information which is not required to setup this configuration?

1.  The type of customer gateway, such as Cisco ASA, Juniper J-Series, Juniper SSG, Yamaha.

2.  Internet-routable IP address (static) of the customer gateway's external interface.

3.  Elastic IP ranges that the organization wants to advertise over the VPN connection to the VPC.

4.  Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the customer gateway.

5.  None of the above

Correct Answer 3 : Exp : When you create a VPN connection, you must specify the type of routing that you plan to use. The type of routing that you select can depend on the make and model of your VPN devices. If your VPN device supports Border Gateway Protocol (BGP), specify dynamic routing when you configure your VPN connection. If your device does not support BGP, specify static routing. For a list of static and dynamic routing devices that have been tested with Amazon VPC, see the Amazon Virtual Private Cloud FAQs. When you use a BGP device, you don't need to specify static routes to the VPN connection because the device uses BGP to advertise its routes to the virtual private gateway. If you use a device that doesn't support BGP, you must select static routing and enter the routes (IP prefixes) for your network that should be communicated to the virtual private gateway. Only IP prefixes that are known to the virtual private gateway, whether through BGP advertisement or static route entry, can receive traffic from your VPC. We recommend that you use BGP-capable devices, when available, because the BGP protocol offers robust liveness detection checks that can assist failover to the second VPN tunnel if the first tunnel goes down. Devices that don't support BGP may also perform health checks to assist failover to the second tunnel when needed. 

 

To use Amazon VPC with a VPN connection, you or your network administrator must designate a physical appliance as your customer gateway and configure it. We provide you with the required configuration information, including the VPN preshared key and other parameters related to setting up the VPN connection. Your network administrator typically performs this configuration. For information about the customer gateway requirements and configuration, see the Amazon VPC Network Administrator Guide. The following table lists the information that you need to have so that we can establish your VPN connection.

The type of customer gateway (for example, Cisco ASA, Juniper J-Series, Juniper SSG, Yamaha)

Specifies how to format the returned information that you use to configure the customer gateway.

For information about the specific devices that we've tested, see What customer gateway devices are known to work with Amazon VPC? in the Amazon VPC FAQ.

 

Internet-routable IP address (static) of the customer gateway's external interface.

Used to create and configure your customer gateway (it's referred to as YOUR_UPLINK_?ADDRESS)

The value must be static and can't be behind a device performing network address translation (NAT).

 

(Optional) Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the customer gateway, if you are creating a dynamically routed VPN connection.

Used to create and configure your customer gateway (referred to as YOUR_BGP_ASN).

 

If you use the wizard in the console to set up your VPC, we automatically use 65000 as the ASN.

You can use an existing ASN assigned to your network. If you don't have one, you can use a private ASN (in the 64512-65534 range). For more information about ASNs, see the Wikipedia article.

Amazon VPC supports 2-byte ASN numbers.

Internal network IP ranges that you want advertised over the VPN connection to the VPC.

Used to specify static routes.

You have no rights to post comments

Comments   

0 # Cleared AWS Solutions Architect : Associate LevelKrishna Desai 2015-04-28 17:00
Thanks you very much to the HadoopExam Team for so many practice questions. I have cleared my Amazon Solution Architect Exam : Associate Level. Now, i will prepare for Professional Level exam. Great work.. :-)
You are here: Home AWS (Amazon WebService) AWS Architect : Professional Question 1 : QuickTechie.com has three different datacenters in Mumbai, Geneva and Navada. Which is planning to extend their data center by connecting their DC with the AWS VPC using the VPN gateway. QuickTechie.com is setting up a dynamically routed VPN