AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 340

A network engineer needs to create a public virtual interface on the company's AWS Direct Connect connection and only import routes which originated from the same region as the Direct Connect location.
What action should accomplish this?

Answer options

• A. Configure a prefix list on the customer router containing the AWS IP address ranges for the specific Region.
• B. Configure a filter on the company's router to only import routes with the 7224:8100 BGP community tag.
• C. Configure a filter on the company's router to only import routes without a BGP community tag and a maximum path length of 3.
• D. Configure a filter in the AWS console and only allow routes advertised by AWS without a BGP community tag and a maximum path length of 3.

Correct answer: B

Explanation

AWS utilizes specific BGP community tags to denote the origin of routes advertised over Direct Connect public virtual interfaces. The community tag 7224:8100 specifically represents routes originating from the same AWS Region as the Direct Connect location. Applying a filter for this tag on the customer router ensures only local region routes are imported, whereas other communities represent wider scopes like the continent or global routes.