Ends in
00
days
00
hrs
00
mins
00
secs
SHOP NOW

Get $3 OFF ALL CCP, SAA, CDA, and SysOps Video Courses!

Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Advanced Networking – Specialty Question on Transit GW and Transit VPC

  • Question on Transit GW and Transit VPC

  • Rafa314

    Member
    January 4, 2021 at 7:03 pm

    Hi

    Thanks for these review exams. Definitely the best resou I have found to prepare for ANS-C00 !

    I think the question stated below has several problems, both in the question and the proposed answer. It covers what for me is one of the more complex architectural solutions.

    ====================

    61. QUESTION

    Category: ANS – Design and Implement Hybrid IT Network Architectures at Scale

    A company has a hybrid network architecture that consists of multiple regional on-premises data centers and hundreds of AWS VPCs in various AWS Regions. The Network Administrator has been tasked to connect all of the company’s VPCs, on-premises networks, and VPN connections into a single gateway. The solution should also support inter-region peering across multiple AWS regions.

    What’s the MOST suitable solution that the Administrator should implement to build the requested network architecture?

    – Enable inter-region VPC peering and use AWS Managed VPN that supports static routes and dynamic Border Gateway Protocol (BGP) peering and routing policies.

    – Launch an AWS Transit Gateway to connect the geographically disperse VPCs and remote networks in order to create a global network transit center.

    – Use an AWS Direct Connect Gateway to achieve inter-region VPC access to all of the AWS resources and on-premises data centers.

    – Set up AWS VPN CloudHub to achieve inter-region VPC access to all of the AWS resources and on-premises data centers.

    =====================

    The correct answer is said to be “Launch an AWS Transit Gateway…”. Then the discussion gives a brief intro to Transit Gateway BUT it shows a figure of a Transit VPC (see attachment) (which as you know is a very different but related beast).

    – In my (definitely not expert) opinion, the “best” architecture based on current features could be a combination of a single Direct Connect Gateway (Global construct) and multiple Transit Gateways (regional construct). I am not so sure about the cost/pricing aspect of that solution.

    – Failing that I think a “Transit VPC” (not Transit GW) solution may be indeed the best solution. In fact I suspect this question was initially meant for Transit VPC, but was “upgraded” to Transit Gateway creating a bit of a mixup.

    In summary I think this question needs a thorough revision. Otherwise it risks confusing your customers.

    I would suggest referring also to this AWS Whitepaper (June 2020) that is helping me navigate the maze of solutions (I am still rather confused)

    https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/introduction.html


    Best regards and happy new year

    Rafa

Viewing 1 of 1 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now