Explore solutions for scaling VPN throughput between on-premises systems and AWS. Learn how leveraging dynamic BGP-based VPN connections with ECMP enhances data transfer capacity and scalability securely.
Table of Contents
Question
A company is growing rapidly. Data transfers between the company’s on-premises systems and Amazon EC2 instances that run in VPCs are limited by the throughput of a single AWS Site-to-Site VPN connection between the company’s on-premises data center firewall and an AWS Transit Gateway.
A network engineer must resolve the throttling by designing a solution that is highly available and secure. The solution also must scale the VPN throughput from on premises to the VPC resources to support the increase in traffic.
Which solution will meet these requirements?
A. Configure multiple dynamic BGP-based Site-to-Site VPN connections to the transit gateway. Configure equal-cost multi-path routing (ECMP).
B. Configure multiple static routing-based Site-to-Site VPN connections to the transit gateway. Configure equal-cost multi-path routing (ECMP).
C. Configure a new Site-to-Site VPN connection to the transit gateway. Enable acceleration for the Site-to-Site VPN connection.
D. Configure a software appliance-based VPN connection over the internet from the on-premises firewall to an EC2 instance that has a large instance size and networking capabilities.
Answer
A. Configure multiple dynamic BGP-based Site-to-Site VPN connections to the transit gateway. Configure equal-cost multi-path routing (ECMP).
Explanation
To address the throughput limitation and enable scalability for data transfers between the on-premises systems and AWS EC2 instances via VPN:
Option A: Configure multiple dynamic BGP-based Site-to-Site VPN connections to the transit gateway and employ equal-cost multi-path routing (ECMP).
This solution leverages dynamic BGP-based VPN connections, allowing for multiple VPN connections between the on-premises data center and the AWS Transit Gateway. By utilizing ECMP, the traffic gets distributed across these connections, enhancing throughput and scalability while ensuring high availability and security.
AWS Certified Advanced Networking – Specialty ANS-C01 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the AWS Certified Advanced Networking – Specialty ANS-C01 exam and earn AWS Certified Advanced Networking – Specialty ANS-C01 certification.