Home › Forums › AWS › AWS Certified Advanced Networking – Specialty › Question on Transit GW and Transit VPC
-
Hi
Thanks for these review exams. Definitely the best resou I have found to prepare for ANS-C00 !
I think the question stated below has several problems, both in the question and the proposed answer. It covers what for me is one of the more complex architectural solutions.
====================
61. QUESTION
Category: ANS – Design and Implement Hybrid IT Network Architectures at Scale
A company has a hybrid network architecture that consists of multiple regional on-premises data centers and hundreds of AWS VPCs in various AWS Regions. The Network Administrator has been tasked to connect all of the company’s VPCs, on-premises networks, and VPN connections into a single gateway. The solution should also support inter-region peering across multiple AWS regions.
What’s the MOST suitable solution that the Administrator should implement to build the requested network architecture?
– Enable inter-region VPC peering and use AWS Managed VPN that supports static routes and dynamic Border Gateway Protocol (BGP) peering and routing policies.
– Launch an AWS Transit Gateway to connect the geographically disperse VPCs and remote networks in order to create a global network transit center.
– Use an AWS Direct Connect Gateway to achieve inter-region VPC access to all of the AWS resources and on-premises data centers.
– Set up AWS VPN CloudHub to achieve inter-region VPC access to all of the AWS resources and on-premises data centers.
=====================
The correct answer is said to be “Launch an AWS Transit Gateway…”. Then the discussion gives a brief intro to Transit Gateway BUT it shows a figure of a Transit VPC (see attachment) (which as you know is a very different but related beast).
– In my (definitely not expert) opinion, the “best” architecture based on current features could be a combination of a single Direct Connect Gateway (Global construct) and multiple Transit Gateways (regional construct). I am not so sure about the cost/pricing aspect of that solution.
– Failing that I think a “Transit VPC” (not Transit GW) solution may be indeed the best solution. In fact I suspect this question was initially meant for Transit VPC, but was “upgraded” to Transit Gateway creating a bit of a mixup.
In summary I think this question needs a thorough revision. Otherwise it risks confusing your customers.
I would suggest referring also to this AWS Whitepaper (June 2020) that is helping me navigate the maze of solutions (I am still rather confused)
Best regards and happy new year
Rafa
Log in to reply.