AWS Certified Advanced Networking - Specialty
Get started today
Ultimate access to all questions.
A network engineer must update a company's hybrid network to support IPv6 for a new application hosted in an AWS VPC. The existing AWS infrastructure includes VPCs connected via a transit gateway, which is linked to the on-premises network through AWS Direct Connect and AWS Site-to-Site VPN. The on-premises devices already support IPv6. The company has enabled IPv6 in the VPC by assigning an IPv6 CIDR block and configuring subnets for dual-stack support. New EC2 instances for the application have been launched in these updated subnets.
The network engineer must ensure the hybrid network supports IPv6 without altering the current infrastructure. Additionally, direct internet access to the instances' IPv6 addresses must be blocked, while allowing outbound internet access from the instances.
What is the MOST operationally efficient solution that meets these requirements?
A network engineer must update a company's hybrid network to support IPv6 for a new application hosted in an AWS VPC. The existing AWS infrastructure includes VPCs connected via a transit gateway, which is linked to the on-premises network through AWS Direct Connect and AWS Site-to-Site VPN. The on-premises devices already support IPv6. The company has enabled IPv6 in the VPC by assigning an IPv6 CIDR block and configuring subnets for dual-stack support. New EC2 instances for the application have been launched in these updated subnets.
The network engineer must ensure the hybrid network supports IPv6 without altering the current infrastructure. Additionally, direct internet access to the instances' IPv6 addresses must be blocked, while allowing outbound internet access from the instances.
What is the MOST operationally efficient solution that meets these requirements?