ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam ANS-C00 All Questions

View all questions & answers for the ANS-C00 exam
Go to Exam

Exam ANS-C00 topic 1 question 250 discussion

Exam question from Amazon's ANS-C00
Question #: 250
Topic #: 1
[All ANS-C00 Questions]

You have configured a dynamic VPN between your datacenter and your VPC. Your router says the tunnel is up and BGP is active, but for some reason, you are not seeing your routes propagate.
What is most likely the issue?

  • A. You need to configure the firewall for BGP.
  • B. Your router does not support BFD.
  • C. You need to obtain a new BGP MD5 key.
  • D. You forgot to set route propagation to "yes" in the route table.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
You forgot to set route propagation to "yes" in the route table. If the route table says BGP is active and the tunnel is up, then you do not have a firewall issue. BFD has nothing to do with route propagation. You do not need a BGP MD5 key for VPN.
by JamesTR at Jan. 29, 2021, 6:45 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sapien45
3 years, 3 months ago
As someone who made the mistake several times : D
upvoted 3 times
...
wahlbergusa
3 years, 7 months ago
I'd assume the person/team who prepared this question does not know BGP states at all yet given the work of preparing questions for this kind of an important exam. Horrible wording again ! If "BGP Active" refers to BGP state then answer is A. If "BGP Active" means BGP is up and running (ie Established) then answer is D.
upvoted 4 times
...
ptpho
3 years, 7 months ago
This is an ACTIVE BGP -> routing table issue -> ans is D
upvoted 3 times
...
zenfox
3 years, 7 months ago
the only possible answer for this bad question is D.
upvoted 2 times
...
ChauPhan
3 years, 8 months ago
Guess: D. You forgot to set route propagation to "yes" in the route table.
upvoted 1 times
...
JamesTR
3 years, 8 months ago
D is a wrong answer. If router says that BGP is active, then there is a problem. Active means that router is TRYING to establish a BGP session with other BGP router. BGP state ESTABLISHED means that BGP routers are communicating correctly. BGP peers communicate on TCP port 179 and if port 179 is blocked then BGP will not work. Explanation that “route table” says that BGP is active makes no sense. Route table does not say that. On Cisco, the command “show ip bgp summary” tells the state of BGP peering. I believe that A is the best answer, am I right ?.
upvoted 3 times
Huntkey
3 years, 8 months ago
I completely agree. "Established" is the good state, not "active", in the Cisco world at least. However, we would have to assume "active" means good in the context here. Maybe other VPN vendors use "active" to indicate a good state. The firewall can't intercept the traffic because it is all encrypted in the IPSec.
upvoted 2 times
...
Nimolee
3 years, 8 months ago
If they meant active as in BGP STATE context, then both A and C would have been correct. Since only one answer can be chosen, i ll go with D
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel