AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 155

A company has a new AWS Direct Connect connection between its on-premises data center and the AWS Cloud. The company has created a new private VIF on this connection. However, the VIF status is DOWN.

A network engineer verifies that the physical connection status is UP and RUNNING based on information from the AWS Management Console. The network engineer checks the customer Direct Connect router and can see the ARP entry for the VLAN interface created for the private VIF at AWS.

What could be causing the private VIF to have a DOWN status?

Answer options

• A. ICMP is blocked on the customer Direct Connect router.
• B. TCP port 179 is blocked on the customer Direct Connect router.
• C. The IEEE 802.1Q VLAN identifier is misconfigured on the customer Direct Connect router.
• D. The company has configured IEEE 802.1ad instead of 802.1Q on the customer Direct Connect router.

Correct answer: B

Explanation

The correct answer is B because TCP port 179 is used for BGP (Border Gateway Protocol), which is necessary for establishing the private VIF. If this port is blocked, BGP cannot establish a session, resulting in a DOWN status. The other options, while they may indicate issues, do not directly impact the establishment of the private VIF in the same way that blocking TCP port 179 does.