AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 118

You have two VPCs that you've peered. You created a route for VPC A to get to an instance in VPC. You are unable to ping the instance. You have double checked your security groups and NACLs.
Why might this be?

Answer options

• A. You forgot to add a return route.
• B. ICMP is not supported over peering connections.
• C. You have to enable Source/Destination check in the VPCs.
• D. You have to configure the peering connection to allow two way traffic.

Correct answer: A

Explanation

The correct answer is A because if a return route is missing, packets sent from VPC A won't be able to return from VPC B, preventing successful communication. Option B is incorrect as ICMP is supported over peering connections. Option C is not relevant to this issue, as Source/Destination checks are typically not a factor in peering configurations. Option D is also incorrect since the default peering connection allows two-way traffic unless specifically restricted.