Exam AZ-700 topic 3 question 13 discussion

Correct. Evaluate if SNAT port exhaustion should be mitigated with additional IP addresses assigned to NAT gateway resource. https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/troubleshoot-nat#snat-exhaustion

B is Honey!! Just modify the IP address Prefixes CIDR ranges from /28 - /31 /28 = 16 IPs /29 = 8 IPs /30 = 4IPs and /31 (smallest possible) = 2IPs

The first scenario in the table at this link. https://learn.microsoft.com/en-us/azure/virtual-network/nat-gateway/troubleshoot-nat-connectivity#nat-gateway-not-scaled-out-enough Scenario You're experiencing contention for SNAT ports and SNAT port exhaustion during periods of high usage. Evidence: You run the following metrics in Azure Monitor: Total SNAT Connection Count: "Sum" aggregation shows high connection volume. For SNAT Connection Count, "Failed" connection state shows transient or persistent failures over time. Dropped Packets: "Sum" aggregation shows packets dropping consistent with high connection volume and connection failures. Mitigation: Add more public IP addresses or public IP prefixes as need (assign up to 16 IP addresses in total to your NAT gateway). This addition will provide more SNAT port inventory and allow you to scale your scenario further.

The answer is B

correct answer

https://learn.microsoft.com/en-us/azure/virtual-network/nat-gateway/troubleshoot-nat-connectivity Add more public IP addresses or public IP prefixes as need (assign up to 16 IP addresses in total to your NAT gateway). This addition will provide more SNAT port inventory and allow you to scale your scenario further.

Correct Answer is B

https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/troubleshoot-nat#outbound-connectivity-not-scaled-out-enough Determine if you can add more public IP addresses or public IP prefixes. This addition will allow for up to 16 IP addresses in total to your NAT gateway. This addition will provide more inventory for available SNAT ports (64,000 per IP address) and allow you to scale your scenario further.

on exam today, correct answer

B. Add a public IP address. > Do this first since 500 session hosts A. Bind the NAT gateway to another subnet.

B is the correct answer.

B is Correct Azure Firewall proporciona 2496 puertos SNAT por dirección IP pública configurada por instancia de conjunto de escalado de máquina virtual de back-end (mínimo de 2 instancias) y puede asociar hasta 250 direcciones IP públicas . Una mejor opción para escalar los puertos SNAT salientes es usar una NAT de Azure Virtual Network como puerta de enlace NAT. Proporciona 64 000 puertos SNAT por dirección IP pública y admite hasta 16 direcciones IP públicas, proporcionando efectivamente hasta 1 024 000 puertos SNAT salientes.

Answer is B Outbound connectivity not scaled out enough Each public IP address provides 64,512 SNAT ports to subnets attached to NAT gateway. From those available SNAT ports, NAT gateway can support up to 50,000 concurrent connections to the same destination endpoint. If outbound connections are dropping because SNAT ports are being exhausted, then NAT gateway may not be scaled out enough to handle the workload. More public IP addresses may need to be added to NAT gateway in order to provide more SNAT ports for outbound connectivity.

Hi all, I think answer is A, because of what is says here - https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-outbound-connections#:~:text=The%20frontend%20IPs%20of%20a,load%20balancer's%20public%20IP%20address. Basically answer A is saying assing to a subnet, meaning bigger subnet, to increase number of available IP addresses. Answer B says assing public IP address - not sure how this will help, as NAT gateway is already used and as such must have a public IP assigned.

This question was on the exam on 18th Feb 2022.

B. Add a public IP address

than out of ports