AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 267

A company has two data centers that are interconnected with multiple redundant links from different suppliers. The company Uses IP addresses that are within the 172.16,0.0/16 CIDR block. The company is running iBGP between the two data centers by using a private Autonomous System Number (ASN) and IGP.

The company is moving toward a hybrid setup in which the company will initially use one VPC in the AWS Cloud. An AWS Direct Connect connection runs from the first data center to a Direct Connect gateway by using a private VIF. On the connection, the company advertises a summarized route for the 172.16.0.0/16 network. The company is planning to set up a second summarized route from the second data center to a different Direct Connect location.

The company needs to implement a solution to route traffic to and from AWS through the first Direct Connect connection. The solution must use the second Direct Connect connection for failover purposes only.

Which solution will meet these requirements?

Answer options

• A. Prepend the private ASN on the BGP announcements to AWS from the second data center. Add a second VIF in the first Direct Connect connection. Advertise the same network without any prepends from the first data center. Implement the same setup for the BGP announcement from AWS to the two data centers.
• B. Tag the BGP announcements with the local preference BGP community tags. Set the tag to high preference for the first data center. Set the tag to low preference for the second data center. Configure the second data center’s router to have a lower local preference for the direct AWS BGP advertisements than for the advertisement from the fist data center.
• C. Configure the Direct Connect gateway to prefer routing through the Direct Connect connection with the first data center. Configure the second data center’s router to have a lower local preference for the direct AWS BGP advertisements than for the advertisement from the first data center.
• D. Configure the focal AWS Region BGP community tag on the BGP route that is advertised from the fist data center. Configure AS_PATH prepends on the BGP announcements from the second data center.

Correct answer: B

Explanation

To influence traffic flow from AWS to the on-premises networks, AWS Direct Connect supports specific BGP community tags to set local preference (e.g., 7224:7300 for high preference and 7224:7100 for low preference). To manage traffic flowing from the on-premises networks to AWS, the second data center's router must be configured to prefer the path through the first data center (via iBGP) over its own direct Direct Connect path, which is accomplished by lowering the local preference of the direct AWS advertisements on the second data center's router.