Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS CSAA 2019 > VPC - Peering > Flashcards

VPC - Peering Flashcards

1
Q

What is VPC Peering?

A

A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Is it possible to have redundant VPC Peering connection if one fails?

A

No.
AWS uses the existing infrastructure of a VPC to create a VPC peering connection; it is neither a gateway nor a VPN connection, and does not rely on a separate piece of physical hardware. There is no single point of failure for communication or a bandwidth bottleneck.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Classic use case for VPC Peering

A

A VPC peering connection helps you to facilitate the transfer of data. For example, if you have more than one AWS account, you can peer the VPCs across those accounts to create a file sharing network. You can also use a VPC peering connection to allow other VPCs to access resources you have in one of your VPCs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

VPC Peering Connection Lifecycle

A

Initiating-request: A request for a VPC peering connection has been initiated. At this stage, the peering connection may fail or may go to pending-acceptance.

Failed: The request for the VPC peering connection has failed. During this state, it cannot be accepted, rejected, or deleted. The failed VPC peering connection remains visible to the requester for 2 hours.

Pending-acceptance: The VPC peering connection request is awaiting acceptance from the owner of the accepter VPC. During this state, the owner of the requester VPC can delete the request, and the owner of the accepter VPC can accept or reject the request. If no action is taken on the request, it expires after 7 days.

Expired: The VPC peering connection request has expired, and no action can be taken on it by either VPC owner. The expired VPC peering connection remains visible to both VPC owners for 2 days.

Rejected: The owner of the accepter VPC has rejected a pending-acceptance VPC peering connection request. During this state, the request cannot be accepted. The rejected VPC peering connection remains visible to the owner of the requester VPC for 2 days, and visible to the owner of the accepter VPC for 2 hours. If the request was created within the same AWS account, the rejected request remains visible for 2 hours.

Provisioning: The VPC peering connection request has been accepted, and will soon be in the active state.

Active: The VPC peering connection is active, and traffic can flow between the VPCs (provided that your security groups and route tables allow the flow of traffic). During this state, either of the VPC owners can delete the VPC peering connection, but cannot reject it.

Note

If an event in a region in which a VPC resides prevents the flow of traffic, the status of the VPC peering connection remains Active.

Deleting: Applies to an inter-region VPC peering connection that is in the process of being deleted. The owner of either VPC has submitted a request to delete an active VPC peering connection, or the owner of the requester VPC has submitted a request to delete a pending-acceptance VPC peering connection request.

Deleted: An active VPC peering connection has been deleted by either of the VPC owners, or a pending-acceptance VPC peering connection request has been deleted by the owner of the requester VPC. During this state, the VPC peering connection cannot be accepted or rejected. The VPC peering connection remains visible to the party that deleted it for 2 hours, and visible to the other party for 2 days. If the VPC peering connection was created within the same AWS account, the deleted request remains visible for 2 hours.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

In VPC Peering transitive peering relationships are not supported. (T/F)

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

3 scenarios where VPC peering is NOT valid

A

Invalid Configurations

  • Overlapping CIDR Blocks
    • If the VPCs have multiple IPv4 CIDR blocks, you cannot create a VPC peering connection if any of the CIDR blocks overlap
  • Transitive Peering
  • Edge to Edge Routing Through a Gateway or Private Connection
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Transitive Peering?

A

You have a VPC peering connection between VPC A and VPC B (pcx-aaaabbbb), and between VPC A and VPC C (pcx-aaaacccc). There is no VPC peering connection between VPC B and VPC C. You cannot route packets directly from VPC B to VPC C through VPC A.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Longest prefix match

A

Route Table uses Longest Prefix match when there is overlapping destination address. The rule is to find the entry in table which has the longest prefix matching with incoming packet’s destination IP, and forward the packet to corresponding next hope.

https://www.geeksforgeeks.org/computer-networks-longest-prefix-matching-in-routers/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

You cannot create a security group rule that references a peer VPC security group. (T/F)

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS CSAA 2019 (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions