Exam AWS Certified Solutions Architect - Professional topic 1 question 68 discussion

Answer is B We can have only 1 VGW on VPC, so no need to configure route in VPC anymore https://acloud.guru/forums/aws-certified-solutions-architect-professional/discussion/-KWVDow4aXPEdVfmBcZD/after-configuring-directconnect-settings-in-the-aws-console-which-of-the-followi

Definitely not C. This is a common test trap. You cant point to a DC connection, only the VGW. Who sets the answers on this site?

B. Configure your DirectConnect router with a higher BGP priority man your VPN router, verify network traffic is leveraging Directconnect and then delete your existing VPN connection.

AWS prefers DX, but return traffic from outside AWS needs to set a higher BGP priority to use DX

B. Updating VPC routing table is useless here because AWS will always use DC over VPN when sending traffic to on-premise. But changing DC router and vpn router (both on-prem) will affect return traffic from on-prem to AWS. Higher BGP priority really means high BGP local preference. https://docs.aws.amazon.com/whitepapers/latest/hybrid-connectivity/vpn-connection-as-a-backup-to-aws-dx-connection-example.html

I will go for C. Still super confused. Networking specialty

Answer: C Explanation: Direct Connect takes priority over Dynamically configured VPN connections.

Your company previously configured a heavily used, dynamically routed VPN connection between your on-premises data center and AWS. You recently provisioned a DirectConnect connection and would like to start using the new connection. After configuring DirectConnect settings in the AWS Console, which of the following options win provide the most seamless transition for your users?

Not sure on high BGP Priority, as BGP Priority numbers got different meaning. But option C. for sure, will work. Also need not delete VPN as it can be used alternative if direct link goes down

B is missing 'update the VPC route table', so C is correct

B is right. Becuase only BGP makes priorities in Direct Connect

Answer is B

C is correct, you don't need to care BGP.

Keyword in question is " After Configuring DirectConnect settings,". So, we don't need to configure DirectConnect again. I go with C.

Answer is B "Important: Be sure that Direct Connect is the preferred route from your end, and not over VPN when the Direct Connect virtual interface is up in order to avoid asymmetric routing; this might cause traffic to be dropped. We always prefer a Direct Connect connection over VPN routes" Quoted from AWS. On the client side, the client's router must prefer DX to avoid traffix going in through VPC while going out through DX

Agree with B

Answer is B You don't need to make any change in the routing table, because BGP will automatically handle any needed changes in the route tables