AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 241

Your company has just deployed IPv6 in a VPC. All of the instances currently use a NAT, but once they configured the instances for IPv6 only, they were unable to access the resources on the instances via IPv6. What is the best option to fix this?

Answer options

• A. Configure the NAT for IPv6.
• B. Configure an egress-only internet gateway.
• C. Add a route for ::/0 to the NAT.
• D. Add an internet gateway.

Correct answer: B

Explanation

The correct option is B, as an egress-only internet gateway allows IPv6 instances to access the internet while preventing the internet from initiating connections to those instances. Option A is incorrect because NAT does not support IPv6. Option C is also wrong since adding a route to the NAT would not resolve the access issue for IPv6 traffic. Option D is incorrect, as an internet gateway would allow incoming traffic, which is not suitable for IPv6 instances that require secure outbound access only.