AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 74

A company is connecting to a VPC over an AWS Direct Connect using a private VIF, and a dynamic VPN connection as a backup. The company's Reliability
Engineering team has been running failover and resiliency tests on the network and the existing VPC by simulating an outage situation on the Direct Connect connection. During the resiliency tests, traffic failed to switch over to the backup VPN connection.
How can this failure be troubleshot?

Answer options

• A. Ensure that Bidirectional Forwarding Detection is enabled on the Direct Connect connection
• B. Confirm that the same routes are being advertised over both the VPN and Direct Connect.
• C. Reconfigure the Direct Connect session from static routes to Border Gateway Protocol (BGP) peering.
• D. Configure a virtual private gateway for the VPN and another virtual private gateway for Direct Connect.

Correct answer: C

Explanation

The correct answer is C because using BGP peering allows for dynamic route updates and better failover capabilities, which is essential for maintaining connectivity during an outage. Options A and B do not address the need for dynamic routing, and option D suggests adding additional complexity without resolving the core issue of route advertisement and failover.