Direct Connect and VPN Connections - Exam Question Answer

Answer - B.

AWS uses the most specific route in your route table that matches the traffic to determine how to route the traffic (longest prefix match)

Hence the one that matches this is Site.

B.Options A, C and D are all incorrect since the shortest prefix would be chosen.

For more information on route table priority, please visit the below URL:

To determine which connection will be chosen to reach the IP address of 10.1.0.254, we need to look at the routing tables of each site and determine the path with the most specific match.

Site A has a VPN connection with a CIDR block of 10.1.0.0/24 and an AS number of 65000. This means that any traffic destined for 10.1.0.0/24 will be sent over the VPN connection.

Site B has a VPN connection with a CIDR block of 10.1.0.252/30 and an AS number of 65000. This means that any traffic destined for 10.1.0.252/30 will be sent over the VPN connection.

Site C has a Direct Connect connection with a CIDR block of 10.0.0.0/8 and an AS number of 65000. This means that any traffic destined for 10.0.0.0/8 will be sent over the Direct Connect connection.

Site D has a Direct Connect connection with a CIDR block of 10.0.0.0/16 and an AS path of 65000 65000 65000. This means that any traffic destined for 10.0.0.0/16 will be sent over the Direct Connect connection, and the AS path will be advertised to the peer.

Based on this information, we can determine that the most specific match for the IP address of 10.1.0.254 is Site B, as the VPN connection has a CIDR block of 10.1.0.252/30, which encompasses the IP address of 10.1.0.254. Therefore, the answer is B. Site B.