AWS VPC Peering Rules Quiz

Questions and Answers

What is the purpose of a route table in a VPC?

To control the flow of network traffic in and out of a subnet (correct)

To define the IP address range for a subnet

To configure the default gateway for instances in a VPC

To manage the network interfaces of instances in a VPC

What is the purpose of the local route in a route table?

To allow communication between instances in different VPCs

To allow communication between instances in different subnets

To allow communication between instances in different Availability Zones

To allow communication between instances within the same VPC (correct)

What is the purpose of an Elastic network interface in a VPC?

To provide both a private and a public IP address for an instance

To provide a DHCP server for instances in a VPC

To provide a private IP address for an instance (correct)

To provide a public IP address for an instance

Which of the following is a key characteristic of a VPC?

A VPC belongs to one Region

What is the purpose of VPC peering?

To connect two VPCs in the same Region

Which AWS service can be used to connect a VPC to an on-premises network?

AWS Site-to-Site VPN

What is the purpose of a VPC peering connection in AWS?

To connect two VPCs in the same region.

In AWS, what is the function of a Customer Gateway?

To establish VPN connections between an on-premises network and a VPC.

What is the purpose of a Site-to-Site VPN connection in AWS?

To establish encrypted communication between an on-premises network and a VPC.

Which type of endpoint is used for Interface endpoints powered by AWS PrivateLink?

Interface endpoints

What is the significance of adding routes to route tables in VPC networking?

To control the flow of network traffic within the VPC and between VPCs.

What restriction exists regarding peering resources between the same two VPCs in AWS?

Only one peering resource can exist between the same two VPCs.

Which of the following is true about VPC peering?

It allows you to connect VPCs across different AWS accounts and regions.

What is the purpose of a NAT gateway in a VPC?

To allow private subnet instances to access the internet.

In the diagram, what is the purpose of the Internet Gateway (igw-id)?

To allow instances in the public subnet to access the internet.

In the context of VPC subnetting, what is the purpose of the $10.0.1.0/24$ subnet?

It is a public subnet for hosting internet-facing applications.

In the context of VPC routing tables, what is the purpose of the entry 0.0.0.0/0 igw-id in the public subnet route table?

To route all internet-bound traffic from the public subnet to the internet gateway.

What is the purpose of the 10.0.0.0/16 local entry in the VPC route tables?

To route all local VPC traffic within the VPC CIDR block.

Study Notes

VPC Route Table

• A route table in a VPC (Virtual Private Cloud) defines the routes for network traffic directing how packets are routed within the VPC and to external networks.
• Local routes allow communication between subnets within the same VPC without the need for internet access or other external connections.

Elastic Network Interface

• An Elastic Network Interface (ENI) is a virtual network interface that can attach to an instance in a VPC, allowing it to communicate within the VPC and with external resources.

Key Characteristics of a VPC

• A VPC provides a private, isolated network environment in the AWS cloud where you can define IP address ranges, create subnets, and configure route tables.

VPC Peering

• VPC peering enables direct communication between two VPCs, allowing resources in different VPCs to communicate as if they are part of the same network.

Connecting VPC to On-Premises Network

• AWS Direct Connect can be used to connect a VPC to an on-premises network, offering a dedicated private connection.

Customer Gateway Function

• A Customer Gateway serves as a physical device or software application on the customer side of a Site-to-Site VPN connection, enabling communication between the on-premises network and the VPC.

Site-to-Site VPN Connection

• A Site-to-Site VPN connection allows secure communication between AWS VPCs and on-premises networks over public internet infrastructure.

Interface Endpoints and AWS PrivateLink

• Interface endpoints powered by AWS PrivateLink are utilized to connect privately to services hosted on AWS while avoiding exposure to public IPs.

Route Table Significance

• Adding routes to route tables is significant for guiding traffic to different network destinations, enabling proper resource access within and outside the VPC.

Peering Restrictions

• Peering resources between the same two VPCs is limited by the fact that AWS does not allow transitive peering; one VPC cannot route traffic through another VPC.

NAT Gateway Purpose

• A NAT gateway allows instances in a private subnet to initiate outbound traffic to the internet while preventing unsolicited inbound traffic from the internet.

Internet Gateway

• An Internet Gateway (igw-id) enables communication between the VPC and the internet, allowing resources within the public subnet to send and receive traffic from external sources.

VPC Subnetting Purpose

• The subnet $10.0.1.0/24$ provides a range of IP addresses for resources deployed in that subnet, allowing them to communicate with each other and with resources in other subnets.

Route Table Entry 0.0.0.0/0 igw-id

• The entry 0.0.0.0/0 igw-id in the public subnet route table directs all outbound traffic destined for the internet through the associated Internet Gateway.

Local Route Table Entry

• The 10.0.0.0/16 local entry in VPC route tables ensures that all traffic for the local VPC is routed directly to instances within the VPC without needing an Internet Gateway.

Description

Test your knowledge on AWS Virtual Private Cloud (VPC) peering rules and limitations with this quiz. Learn about the restrictions, such as the allowance of only one peering resource between the same two VPCs, to enhance your understanding of AWS networking concepts.