Google Cloud Professional Cloud Network Engineer — Question 100

Your company has provisioned 2000 virtual machines (VMs) in the private subnet of your Virtual Private Cloud (VPC) in the us-east1 region. You need to configure each VM to have a minimum of 128 TCP connections to a public repository so that users can download software updates and packages over the internet. You need to implement a Cloud NAT gateway so that the VMs are able to perform outbound NAT to the internet. You must ensure that all VMs can simultaneously connect to the public repository and download software updates and packages. Which two methods can you use to accomplish this? (Choose two.)

Answer options

• A. Configure the NAT gateway in manual allocation mode, allocate 2 NAT IP addresses, and update the minimum number of ports per VM to 256.
• B. Create a second Cloud NAT gateway with the default minimum number of ports configured per VM to 64.
• C. Use the default Cloud NAT gateway's NAT proxy to dynamically scale using a single NAT IP address.
• D. Use the default Cloud NAT gateway to automatically scale to the required number of NAT IP addresses, and update the minimum number of ports per VM to 128.
• E. Configure the NAT gateway in manual allocation mode, allocate 4 NAT IP addresses, and update the minimum number of ports per VM to 128.

Correct answer: D, E

Explanation

Option D is correct because it allows the default Cloud NAT gateway to scale automatically to meet the demand for NAT IP addresses while ensuring each VM has the required minimum of 128 ports. Option E is also valid as it provides sufficient NAT IP addresses and meets the port requirement, but it uses manual allocation which is less flexible than the automatic scaling in option D. The other options either under-provision the required ports or do not effectively utilize the NAT gateway's capabilities.