AWS Certified Advanced Networking - Specialty Exam: Adding Routes to a Static VPN Connection
Question
You have a static VPN connecting your data center and your VPC.
You currently have 50 routes added to your route table.
There is a requirement to add more routes.
What should be done in this case.
Choose 2 answers from the options given below.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B and C.
This is clearly given as the limits in the AWS documentation where there is a limit of static routes for 50 routes.
Hence the best option is to use dynamic routing.
For more information on the limits , please visit the below URL:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Appendix_Limits.html#vpc-limits-route-tables
Sure, I'd be happy to provide a detailed explanation for your question.
When you have a static VPN connecting your data center and your VPC, you typically use a virtual private gateway (VGW) to establish the connection. The VGW is associated with a route table, which is used to route traffic between the VPC and the data center.
Now, coming to the question of what to do when you need to add more routes to your route table. You have a few options:
Option A: Increase the limit on the route table
By default, the maximum number of routes that you can add to a route table is 100. If you have already added 50 routes, you can increase the limit on the route table to allow for more routes to be added.
To do this, you can submit a support request to AWS to increase the limit on your route table. Once the limit is increased, you can add the additional routes to your route table as needed.
Option B: Delete static VPN and create a dynamic VPN
Another option is to delete the static VPN and create a dynamic VPN instead. A dynamic VPN uses BGP (Border Gateway Protocol) to automatically learn and advertise routes between the VPC and the data center. With BGP, you don't need to manually add routes to the route table - the routes are learned and advertised automatically.
To create a dynamic VPN, you would need to configure BGP on both the VGW and the router in your data center. You can then create a new VPN connection and associate it with the same VGW that was used for the static VPN.
Option C: Use BGP for routing
If you want to continue using a static VPN, another option is to use BGP for routing instead of manually adding routes to the route table. With BGP, you can advertise routes from your data center to the VGW, and the VGW will automatically add those routes to the route table.
To use BGP for routing, you would need to configure BGP on both the VGW and the router in your data center. Once BGP is configured, you can advertise routes from your data center to the VGW using BGP.
Option D: Add the route to the route table
If you don't want to use BGP for routing and don't want to increase the limit on the route table, you can simply add the additional routes to the route table manually. To do this, you would need to go to the route table in the VPC console and add the route(s) using the "Add route" button.
In summary, when you need to add more routes to your route table when using a static VPN connection between your data center and your VPC, you have several options to consider. You can increase the limit on the route table, create a dynamic VPN using BGP, use BGP for routing, or manually add the routes to the route table.