AWS Certified Advanced Networking - Specialty
Get started today
Ultimate access to all questions.
A company's network engineer is designing an active-passive connection to AWS from two on-premises data centers using AWS Direct Connect. Each data center has a transit VIF connected to a Direct Connect gateway associated with a transit gateway. The engineer must ensure that traffic from AWS to the on-premises data centers is routed primarily to the primary data center, with failover to the secondary data center only in the event of an outage. What solution meets these requirements?
A company's network engineer is designing an active-passive connection to AWS from two on-premises data centers using AWS Direct Connect. Each data center has a transit VIF connected to a Direct Connect gateway associated with a transit gateway. The engineer must ensure that traffic from AWS to the on-premises data centers is routed primarily to the primary data center, with failover to the secondary data center only in the event of an outage. What solution meets these requirements?
Explanation:
To ensure that traffic from AWS to the data centers is routed first to the primary data center and only to the failover data center in case of an outage, the BGP community tags must be set appropriately. AWS uses specific BGP community values to influence the path selection for traffic leaving AWS. The community value 7224:7100 is used to indicate a higher preference (lower numerical value means higher preference) for the path, while 7224:7300 indicates a lower preference. Therefore, to prioritize the primary data center, its prefixes should be tagged with 7224:7100, and the failover data center's prefixes should be tagged with 7224:7300. This setup ensures that AWS will prefer the path to the primary data center under normal conditions and only route traffic to the failover data center if the primary path is unavailable.