Exam AZ-304 topic 5 question 41 discussion

is Correct. Explanation (for people that don`t know about network) 1) The range for the new subnet can't overlap the on-premise subnet range. The on-premise network is 172.16.0.0/16, that is from 172.16.0.1 to 172.16.255.255, so the answers 172.16.0.0/16 and 172.16.1.0/28 are not valid (overlap with on-pemise subnet) 2) the range 192.168.1.0/28 is from 192.168.1.1 to 192.168.1.15, only 16 ips and we need 25 IPs, so the only valid answer for subnet1 is 192.168.0.0/24 3) the range for the gateway can't ovelap with on-premise, and Microsoft recommend that would be /27 or /28, so the answer valid for gateway is 192.168.1.0/28 Check the example: https://docs.microsoft.com/es-es/azure/vpn-gateway/tutorial-site-to-site-portal

Example calculation for 192.168.1.0/28 network. An ip-address can be 32 bits max. Each octet contains 8 bits. SO: 11111111(8).11111111(8).11111111(8).11111111(8) The CIDR contains the bits for the network part. A /28 network has 28 bits. In binary that means: 11111111(8).11111111(8).11111111(8).11110000(4) Remaining 32-28 = 4 bits. You can see that above. The remaining bits are for the host addresses. Now convert those 4 bits to decimal numbers to get the host address range. 128 64 32 16 8 4 2 1 1 1 1 1 1+2+4+8= 15 Available ip-addresses 192.118.1.0 to 192.168.1.15 Available usable ip-addressess 192.168.1.1 to 192.168.1.14 because the network address and the broadcast address are not used as host ip-addresses. - A broadcast IP address is only assigned once in each network. It is always the last IP address of the subnet. (192.168.1.15) - In a network, the first address field is reserved for the network. The network address is the ip-adress with the /28 notation. (192.168.1.0)

On exam 24.12.2021

Appere on exam 23-dec-2021

The address space for the Virtual Network should not conflict with the address space for the on-premise network. So, in this case the ideal option to choose as the address space is 192.168.0.0/24 The address space for the Virtual Network should not conflict with the address space for the on-premise network. So, in this case the ideal option to choose as the address space is 192.168.0.0/24 for the subnet in the virtual network. And then use 192.168.1.0/28 as the address space for the gateway subnet

on exam (7-19-2021). passed 304

Ok, but first is necessary add an address space of 192.168.0.0/16

Correct answer, but I just want to add that Microsoft and John Savill recommends /27 mask for GW subnet https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings

Answer is perfectly correct. " /28" is for the gateway subnet (recommended by Microsoft) and VMs are NOT INSTALLED in gateway subnet because in that case they don't remain VMs, they become VPN Gateway Instances. On-premise subnet range is 172.16.0.0/16 hence this address space CAN'T be used for VMs so remaining is 192.168.0.0/24 subnet range for VMs and 192.168.1.0/28 for gateway subnet. Hence answer is correct.

correct