Answer-first summary for fast verification
Answer: Create a new flow log that includes the pkt-dstaddr field to capture the original destination IP address of the traffic.
To capture traffic for the second IP address of the EC2 instance, the network engineer needs to ensure that the flow logs are capturing the destination IP address of the traffic. The 'pkt-dstaddr' field in VPC flow logs captures the original destination IP address of the traffic, which would include traffic destined for both the primary and secondary IP addresses of the EC2 instance. The 'dstaddr' field captures the destination IP address after any NAT translation, which may not be useful in this scenario since the traffic is directly destined for the EC2 instance's IP addresses. The 'pkt-srcaddr' and 'srcaddr' fields capture source IP addresses, which are not relevant for identifying traffic destined for the second IP address of the EC2 instance. Therefore, the correct action is to create a new flow log that includes the 'pkt-dstaddr' field.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can the network engineer identify traffic directed to the secondary IP address of an Amazon EC2 instance, given that VPC flow logs are enabled but only capturing traffic for the primary IP address?
A
Create a new flow log that includes the pkt-dstaddr field to capture the original destination IP address of the traffic.
B
Create a new flow log that includes the dstaddr field to capture the original destination IP address of the traffic.
C
Create a new flow log that includes the pkt-srcaddr field to capture the original destination IP address of the traffic.
D
Create a new flow log that includes the srcaddr field to capture the original destination IP address of the traffic.
No comments yet.