Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 183 discussion

Move from static to dynamic routing to remove administrative overhead

D is correct. A for sure is wrong. The on-premises could expand it's network with a different RFC1918 subnet. For C, you need to build another connection.

Here's why: Option C: This solution involves creating a dynamically routed VPN connection on the transit gateway and connecting it to the branch office. It then creates a propagation for the VPN attachment to the transit gateway route table. After that, it removes the existing static VPN connection.

A: Using a supernet (aggregate route) can work if the branch office subnets fit neatly within a single supernet. However, if future expansions include subnets outside the supernet, manual updates will still be required. This does not fully solve the problem of minimizing administrative overhead. B: While AWS Direct Connect offers high bandwidth and low latency, it is unnecessary for addressing the root cause (static route updates). It also involves additional costs and complexity. D: A prefix list simplifies management compared to individual static routes, but it still requires manual updates whenever new subnets are added or existing ones change. This does not eliminate administrative overhead as effectively as dynamic routing.

C - Let dynamic routing do the work. Static routes are operational overhead.

The solution that provides the LEAST administrative overhead for future expansion efforts is Option A. By determining a supernet and using an aggregate route, you can significantly reduce the need for future updates to the Transit Gateway route table as the branch office network expands. This approach ensures that as long as the expansion stays within the defined supernet, no further route updates will be necessary.

Why not C? Site-to-Site VPN config lets use BGP. As a traditional network engineer I'd always prefer dynamic routing.

it is A.

You can reference a prefix list in your transit gateway route table. A prefix list is a set of one or more CIDR block entries that you define and manage. You can use a prefix list to simplify the management of the IP addresses that you reference in your resources to route network traffic. For example, if you frequently specify the same destination CIDRs across multiple transit gateway route tables, you can manage those CIDRs in a single prefix list, instead of repeatedly referencing the same CIDRs in each route table. If you need to remove a destination CIDR block, you can remove its entry from the prefix list instead of removing the route from every affected route table. When you create a prefix list reference in your transit gateway route table, each entry in the prefix list is represented as a route in your transit gateway route table.

A - Correct

I vote C