Ultimate access to all questions.
Answer-first summary for fast verification
Answer: 1. Modify the VPC Network Peering connection used for Cloud SQL, and enable the import and export of routes. 2. Create a custom route advertisement in your Cloud Router to advertise the Cloud SQL IP address range.
The issue arises because the private services access connection (VPC peering) does not automatically export routes to on-premises. By default, VPC Network Peering does not enable route import/export for service peerings. To resolve this: 1. **Modify the VPC Network Peering connection** to enable route import/export, ensuring the Cloud SQL IP range is imported into the Shared VPC. 2. **Create a custom route advertisement** on the Cloud Router to explicitly advertise the Cloud SQL IP range over BGP via the Dedicated Interconnect. This ensures on-premises knows how to route traffic to the Cloud SQL instance. Options B, C, and D are incorrect because: - Changing the VPC routing mode to global (B, D) is not applicable here, as Shared VPC routing modes cannot be modified after creation. - Creating additional Cloud Routers or BGP peerings (C) is unnecessary since the existing Cloud Router in us-west1 is sufficient once properly configured.
Author: LeetQuiz Editorial Team
As a network administrator managing hybrid connectivity, your team needs to access a Cloud SQL instance in the us-west1 region within a Shared VPC. You've set up a Dedicated Interconnect connection and a Cloud Router in us-west1, confirming successful connectivity between the Shared VPC and on-premises data center. After establishing a private services access connection for Cloud SQL using the reserved IP range with default settings, on-premises users still cannot reach the instance. How do you troubleshoot and resolve this issue?
A
B
C
D
No comments yet.