VPC

Question 1

Whats the minimum CIDR block allowed and how many ips?

Answer 1

/28 (16 addresses)

Question 2

Whats the maximum CIDR block allowed and how many ips?

Answer 2

/16 (65,536)

Question 3

How can you get a single IPv6 assigned?

Answer 3

using a /56 CIDR block

Question 4

Do IPv6 have a private type of ip address?

Answer 4

NO, no concept of public/private

Question 5

what IP in a vpc is DNS available?

Answer 5

Base IP + 2 (10.0.0.1 is base, 10.0.0.3 will be dns)

Question 6

How can you make ec2s in a VPC get a public dns host nam?

Answer 6

enableDnsHostnames option

Question 7

How can you allow instances in the vpc to use the DNS ip address in the vpc?

Answer 7

enableDnsSupport option

Question 8

How can you make a subnet in multiple AZ’s

Answer 8

you cant

Question 9

⭐ can subnets’ ip CIDRs overlap with other subnets?

Answer 9

no, never

Question 10

Can a subnet have a IPv6 CIDR

Answer 10

yes, but ONLY if the VPC it’s in has IP6 enabled

Question 11

In subnet ip addressing, whats the network address?

Answer 11

The first IP (base ip) in the cidr

Question 12

whats the “network +1 address” in vpc subnet cidr and what is it?

Answer 12

it’s the base ip +1 and it’s what aws uses as the vpc router

Question 13

whats the “network +2 address” in the vpc subnet and whats is it?

Answer 13

ip address +2 above the base, and it’s used an the dns host

Question 14

whats the network +3 address in the vpc subnet and what is it?

Answer 14

ip address +3 from the base, and it’s “reserved for future aws use” (but nothing is on it)

Question 15

where is the broadcast ip in a vpc subnet and what is it for?

Answer 15

last ip address in the cidr range. It’s a network standard, but there’s no “broadcast” option in the vpc subnets.

Question 16

what does the vpc router do by default?

Answer 16

routes trafic between subnets

Question 17

what is the Main route table

Answer 17

it’s the default table associated with a subnet when no other route tables are associated

Question 18

how many route tables can be associated with a vpc

Answer 18

1

Question 19

when a destination matches mutiple destinations in a route table, which one is selected?

Answer 19

the more specific (i.e. higher /route in the cidr)

Question 20

Whats the resilliancy of IGW?

Answer 20

Region resillient, i.e. you only need 1 for a region (and not per availablity zone)

Question 21

when do NACLs intervieve?

Answer 21

whenever a request crosses the boundary of a subnet, but not

Question 22

what NaCL rule number is used for a catch-all rule?

Answer 22

*

Question 23

how many subnets can a NACL be associated with?

Answer 23

many (any!)

Question 24

how many NACL’s can be associated to a subnet/

Answer 24

1 only

Question 25

in vpc, what types of config(s) can you use to explicitly deny an ip address

Answer 25

NACL (but NOT security group)

Question 26

can security groups reference aws logical resources?

Answer 26

yes

Question 27

what are security groups attached to?

Answer 27

ENIs (network interfaces)

Question 28

Do NAT gateways support security groups?

Answer 28

no

Question 29

what kind of security can support NAT gateway?

Answer 29

NACLs

Question 30

Do NAT gateways work with ipv4

Answer 30

yes

Question 31

Do NAT gateways work with ipv6?

Answer 31

NO