AWS Certified Advanced Networking - Specialty: Troubleshooting IPv6 Communication in VPC

Troubleshooting IPv6 Communication in VPC

Prev Question Next Question

Question

You currently have set up a VPC, route tables with routes defined for traffic and Subnets in AWS.

You just want to establish communication across all hosts.

But you notice that some applications are not working as desired.

These are Ipv6 based applications that are sitting across subnets in the VPC.

What must be done to alleviate this issue?

Answers

A. Ensure that the route of 0.0.0.0/0 is removed and a more specific route is placed.

B. Remove the route of 0.0.0.0/0 and add the route of ::/0 instead to allow all communication.

C. Add a route for ::/0 to the route table as well.

D. Add the default route of 172.132.0.0/16 to the Route table.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Answer - C.

The AWS Documentation mentions the following.

CIDR blocks for IPv4 and IPv6 are treated separately.

For example, a route with a destination CIDR of 0.0.0.0/0 (all IPv4 addresses) does not automatically include all IPv6 addresses.

You must create a route with a destination CIDR of ::/0 for all IPv6 addresses.

Options A and B are invalid since this would then stop communication for instances for Ipv4.

Option D is invalid because this CIDR block is not mentioned in the question.

For more information on Route propagation, one can visit the below URL.

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html

The correct answer is B. Remove the route of 0.0.0.0/0 and add the route of ::/0 instead to allow all communication.

Explanation: The issue is that the IPv6-based applications are not working as desired. This indicates that there is a problem with IPv6 communication between the subnets in the VPC. This problem can be resolved by ensuring that IPv6 traffic is allowed to flow between the subnets.

When communicating across subnets in the same VPC, the traffic is routed through the VPC's Internet Gateway (IGW) or VPC endpoint (in case of communicating with AWS services). To ensure that IPv6 traffic can flow between subnets, the route table must be updated to allow it.

In IPv6, the equivalent of the IPv4 default route (0.0.0.0/0) is the route ::/0. This route allows all traffic to flow to the IGW or VPC endpoint. Therefore, the correct solution is to remove the route of 0.0.0.0/0 and add the route of ::/0 instead to allow all communication.

Option A is incorrect because it suggests removing the default route and adding a more specific route. This would limit the traffic to that specific route, which may not be desirable in this case.

Option C is partially correct because it suggests adding a route for ::/0, but it does not mention removing the route of 0.0.0.0/0, which is also necessary.

Option D is incorrect because it suggests adding a specific route (172.132.0.0/16) to the route table, which may not be relevant to the problem at hand.

Prev Question Next Question