AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 245

A company has multiple VPCs with subnets that use IPv4. Traffic from the VPCs to the internet uses a NAT gateway. The company wants to transition to IPv6.

A network engineer creates multiple IPv6-only subnets in an existing testing VPC. The network engineer deploys a new Amazon EC2 instance that has an IPv6 address into one of the subnets. During testing, the network engineer discovers that the new EC2 instance is not able to communicate with an IPv4-only service through the internet. The network engineer needs to enable the IPv6 EC2 instance to communicate with the IPv4-only service.

Which solution will meet this requirement?

Answer options

• A. Enable DNS64 for the IPv6-only subnets. Update the route tables for the IPv6-only subnets to send traffic through the NAT gateway.
• B. Enable NAT64 for the testing VPC. Reconfigure the existing NAT gateway to support IPv6.
• C. Enable DNS64 for the new EC2 instance. Create a new egress-only internet gateway that supports IPv6.
• D. Enable NAT64 for each route table. Create a new NAT gateway that supports both IPv4 and IPv6.

Correct answer: A

Explanation

The correct answer is A because enabling DNS64 allows the IPv6-only EC2 instance to resolve IPv4 addresses and communicate with the IPv4-only service by translating the addresses. Options B and D are incorrect as they don't address the DNS resolution needed for IPv6 to IPv4 communication, and option C does not solve the routing issue as it focuses only on the instance rather than the subnet routing.