ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam ANS-C00 All Questions

View all questions & answers for the ANS-C00 exam
Go to Exam

Exam ANS-C00 topic 1 question 168 discussion

Exam question from Amazon's ANS-C00
Question #: 168
Topic #: 1
[All ANS-C00 Questions]

Your company has a high-availability hybrid solution that utilizes a two Direct Connect connections and a backup VPN connection. For some reason, traffic is preferring the VPN connection instead of the direct connection. You have prepended a longer AS_PATH on the VPN connection, but AWS still prefers it over the
Direct Connect connections.
What might you be able to do to fix this issue?

  • A. Advertise a less specific prefix on the VPN.
  • B. Remove the prepended AS_PATH.
  • C. Reconfigure the VPN as a static VPN instead of dynamic.
  • D. Increase the MED on the VPN.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
The only reason a VPN would be preferred over Direct Connect is if it has a more specific prefix. This was not discussed in the question but is assumed since it is the only criteria in the path selection process that supersedes Direct Connect.
by Kentik at Nov. 20, 2020, 8:09 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Huntkey
Highly Voted 3 years, 7 months ago
If AS-Prepend doesn't work, it must be that on VPN the BGP is advertising a more specific prefix. AS-Path takes precedence over MED. MED is not going to help in this case. A is the answer.
upvoted 8 times
...
Sam198601
Most Recent 3 years, 5 months ago
why not B? if you remove AS PREPEND both will have same path and then AWS prefers DX over VPN
upvoted 1 times
...
ChauPhan
3 years, 7 months ago
A is right
upvoted 4 times
...
Vlan
3 years, 7 months ago
A is right, the most specific route is the most preferred route
upvoted 3 times
...
VEV
3 years, 8 months ago
Question says Incoming traffic from AWS which means increasing MED can also do the trick. A makes sense as "Most specific route" takes the priority. I will go with A
upvoted 1 times
Huy
3 years, 7 months ago
A is correct but nothing related to AS_PATH or MED. If you have same prefix then DX route always has higher priority.
upvoted 3 times
...
...
doski
3 years, 8 months ago
A is right, the most specific route is the most preferred route
upvoted 3 times
...
Kentik
3 years, 8 months ago
I would go with C here, you cannot advertise less specific from AWS to On-prem via a VPN. The VPN will advertise the individual subnets while the DX will advertise the VPC Range. The only way is to move the tunnel to static routing and let AWS prefer the DX routes and on-prem you can easily control what route to take
upvoted 1 times
Kentik
3 years, 8 months ago
i guess on the question they are asking AWS still prefers it over the Direct Connect, to fix that issue then yeah you can advertise less specific over the VPN and AWS will prefer the DX. I guess A is right
upvoted 1 times
...
jpvdham
3 years, 8 months ago
As far as I know, DX is always prefferd over an VPN when based on path_prepend, MED ect. Only a more specific prefix or local VPC routes can overrule this. So A seems right.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel