Oracle Cloud Infrastructure 2019 Developer Associate — Question 29

A customer has established an Oracle Cloud Infrastructure (OCI) FastConnect connection to OCI. The virtual circuit is up and routes are being advertised from the customer's end, however the customer is unable to ping from compute instances inside the virtual cloud network (VCN) to servers residing in their on-premises data center.
Which two options on OCI would remedy this situation? (Choose two.)

Answer options

• A. Modify the route table associated with the VCN subnet in which the instance resides. Add a route to the customer's on-premises network via the Dynamic Routing Gateway (DRG).
• B. Modify the security list associated with the VCN subnet in which the instance resides. Add a stateful egress rule to allow ICMP traffic to the customer's on- premises network.
• C. Modify the security list associated with the VCN subnet in which the instance resides. Add a stateful ingress rule to allow ICMP traffic from anywhere.
• D. Modify the default VCN route table to add a route back to the customer's on-premises network via the DRG.

Correct answer: C, D

Explanation

The correct answers, C and D, address the need for proper ingress and routing configurations for ICMP traffic. Option C allows incoming ICMP traffic from any source, which is necessary for ping responses, while option D ensures that responses can route back to the on-premises network. Options A and B do not resolve the issue since they either modify outbound rules or routes incorrectly.