Exam ANS-C00 topic 1 question 40 discussion

Correct Answer D

Answer C 624 corporate prefixes, BGP on Pvif can only advertise 100 prefixes. Sending 0/0 from Onprem to AWS will bring up the session

Aggregate your routes advertised from on-premises! C

A is the answer. https://docs.aws.amazon.com/directconnect/latest/UserGuide/virtualgateways.html A virtual private gateway that you associate with a Direct Connect gateway must be attached to a VPC.

There must be a reason for ''At the moment, the virtual private gateway is not connected to a VPC'', dont you need to connect it first? I will go with A

I will go with C

correct answer is C-- https://aws.amazon.com/premiumsupport/knowledge-center/troubleshoot-bgp-dx/

The answer must be C This is something I have experienced practically that if the amount of advertised prefixes exceed 100, virtual interface goes down.

The BGP will come up in full even without propagation. It just that your VPC's route-tables won't learn the on-prem routes until the propagation is enabled. I will go with B

Answer is C. https://aws.amazon.com/premiumsupport/knowledge-center/virtual-interface-bgp-down/

Option B. I Agree with Kentik. With more then 100 routes AWS will take down the session.

Routes per Border Gateway Protocol (BGP) session on a private virtual interface is 100 max. Beyond that BGP will not be established. I will chose C so that only default route is passed via the BGP to VGW

I would go with option A As far as I know, change or filter the advertised routes would have no effect on the VIF state. And letter D is just pointless

A. Attach the virtual private gateway to a VPC and enable route propagation. B. This is valid, if you advertise more then 100 routes AWS will take down the session C. No, sending a default route to AWS wont make the BGP come up. D. No. A Virtual Private Gateway can only be attached to a single VPC, so creating another VGW and attaching it to the same VPC wont be possible. Also found this on the AWS page, which doesnt deny the option of assigning multiple VIF to the same VGW. Q: I’m attaching multiple private VIFs to a single virtual gateway. Can each VIF have a separate Amazon side ASN? A: No, you can assign/configure separate Amazon side ASN for each virtual gateway, not each VIF. Amazon side ASN for VIF is inherited from the Amazon side ASN of the attached virtual gateway. https://aws.amazon.com/vpn/faqs/ I would go with A since it says on AWS the interfaces shows as Down and i believe is because is waiting to be attached to something.

Change the BGP advertisements from the corporate network to only be a default route.