A company wants to implement a distributed architecture on AWS that uses a Gateway Load B…

Question

A company wants to implement a distributed architecture on AWS that uses a Gateway Load Balancer (GWLB) and GWLB endpoints. The company has chosen a hub-and-spoke model. The model includes a GWLB and virtual appliances that are deployed into a centralized appliance VPC and GWLB endpoints. The model also includes internet gateways that are configured in spoke VPCs. Which sequence of traffic flow to the internet from the spoke VPC is correct?

Accepted Answer

Correct answer: A. A. 1. An application in a spoke VPC sends traffic to the GWLB endpoint based on the VPC route table configuration.
2. Traffic is delivered securely and privately to the GWLB.
3. The GWLB sends the traffic to a virtual appliance for inspection.
4. Return traffic flows back to the GWLB endpoint and out to the internet through the internet gateway. — The correct sequence in option A describes how traffic is sent to the GWLB endpoint based on the route table, ensuring secure delivery to the GWLB. In contrast, option B incorrectly states that traffic is delivered to the GWLB endpoint instead of the GWLB itself. Options C and D have slight variations in how the traffic is sent, but both do not follow the correct path laid out in the hub-and-spoke model.

AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 225

Answer options

Correct answer: A

Explanation