AWS Certified Solutions Architect – Professional — Question 661

A user has created a VPC with public and private subnets using the VPC Wizard. The VPC has CIDR 20.0.0.0/16. The private subnet uses CIDR 20.0.0.0/24.
Which of the below mentioned entries are required in the main route table to allow the instances in VPC to communicate with each other?

Answer options

• A. Destination : 20.0.0.0/0 and Target : ALL
• B. Destination : 20.0.0.0/16 and Target : Local
• C. Destination : 20.0.0.0/24 and Target : Local
• D. Destination : 20.0.0.0/16 and Target : ALL

Correct answer: B

Explanation

Every AWS VPC automatically creates a default local route that matches the entire CIDR block of the VPC, which in this scenario is 20.0.0.0/16. This 'local' target route cannot be modified or deleted and is what allows all resources inside the VPC to communicate with each other. Other options, such as targeting 'ALL' or specifying only the subnet CIDR 20.0.0.0/24, are incorrect and invalid for default VPC routing.