Learn how AWS network engineers can aggregate CIDR blocks when adding VPCs to reduce transit gateway prefix list sizes.
Table of Contents
Question
A network engineer is designing hybrid connectivity with AWS Direct Connect and AWS Transit Gateway. A transit gateway is attached to a Direct Connect gateway and 19 VPCs across different AWS accounts. Two new VPCs are being attached to the transit gateway. The IP address administrator has assigned 10.0.32.0/21 to the first VPC and 10.0.40.0/21 to the second VPC. The prefix list has one CIDR block remaining before the prefix list reaches the quota for the maximum number of entries.
What should the network engineer do to advertise the routes from AWS to on premises to meet these requirements?
A. Add 10.0.32.0/21 and 10.0.40.0/21 to both AWS managed prefix lists.
B. Add 10.0.32.0/21 and 10.0.40.0/21 to the allowed prefix list.
C. Add 10.0.32.0/20 to both AWS managed prefix lists.
D. Add 10.0.32.0/20 to the allowed prefix list.
Answer
C. Add 10.0.32.0/20 to both AWS managed prefix lists.
Explanation
Option C is the correct solution. The network engineer should add the aggregated CIDR block 10.0.32.0/20 to both AWS managed prefix lists. This summarizes the two /21 subnets into one larger block, avoiding hitting the prefix list limit. The AWS managed prefix lists advertise VPC CIDRs to on-premises over Direct Connect.
Option A would add each /21 separately, hitting the limit. Option B configures the wrong prefix list type. Option D summarizes to the allowed list which may advertise too broadly.
AWS Certified Advanced Networking – Specialty ANS-C01 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the AWS Certified Advanced Networking – Specialty ANS-C01 exam and earn AWS Certified Advanced Networking – Specialty ANS-C01 certification.