ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 162 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 162
Topic #: 1
[All Professional Cloud Network Engineer Questions]

You are a network administrator at your company planning a migration to Google Cloud and you need to finish the migration as quickly as possible. To ease the transition, you decided to use the same architecture as your on-premises network: a hub-and-spoke model. Your on-premises architecture consists of over 50 spokes. Each spoke does not have connectivity to the other spokes, and all traffic is sent through the hub for security reasons. You need to ensure that the Google Cloud architecture matches your on-premises architecture. You want to implement a solution that minimizes management overhead and cost, and uses default networking quotas and limits. What should you do?

  • A. Connect all the spokes to the hub with Cloud VPN.
  • B. Connect all the spokes to the hub with VPC Network Peering.
  • C. Connect all the spokes to the hub with Cloud VPN. Use a third-party network appliance as a default gateway to prevent connectivity between the spokes.
  • D. Connect all the spokes to the hub with VPC Network Peering. Use a third-party network appliance as a default gateway to prevent connectivity between the spokes.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by [deleted] at Feb. 7, 2024, 9:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ian_gcpca
3 months, 2 weeks ago
Selected Answer: C
I considered D, since best answer if you think about latency, ha, setup complexity. But with the non-transitive routing point and the number of spokes (50) beyond vpc peering limit (25), and they just want to keep the same archi of on-prem, the best answer is using VPN then use 3rd party network appliance (can be in marketplace) to address the other requirement to prevent other spokes to communicate
upvoted 2 times
...
3fd692e
6 months, 2 weeks ago
Selected Answer: C
Correct answer is C. Forget the points about non-transitive routing that folks are making. The key point is in the question that they want to stay within the GCP quotas and limits. VPC peering max is 25. The customer has 50 spokes in their on-premises hub-n-spoke design and the want to "replicate" that design in the cloud. VPC peering won't work as 50 is beyond the limit. Answer is C.
upvoted 4 times
...
netmaster81
7 months, 2 weeks ago
Selected Answer: B
VPC Network Peering has the non-transitivity constraint, but it supports the full bandwidth defined by the machine type of the VMs and other factors that determine network bandwidth. However, you can add transitive routing by adding VPN tunnels. https://cloud.google.com/architecture/deploy-hub-spoke-vpc-network-topology VPC peering can't provide interconnection between spokes
upvoted 1 times
...
hamish88
11 months, 2 weeks ago
Selected Answer: A
As per the following link, we should use a third-party network appliance or an NGFW as a default gateway in providing inter-spoke communications, not to prevent connectivity between spokes https://cloud.google.com/architecture/deploy-hub-spoke-vpc-network-topology
upvoted 1 times
Positron75
10 months, 1 week ago
As I understand it, that refers to the architecture using VPC Peering. Because VPC Peering is not transitive, you need a 3rd party solution to enable inter-spoke communication. However, the same documentation states that using VPN does allow transitive routing, which we do not want in this case according to the question. Therefore I think the correct answer here would be C, as otherwise by default the spokes will be able to connect to each other.
upvoted 1 times
...
...
desertlotus1211
1 year, 1 month ago
It either A or C
upvoted 2 times
...
gonlafer
1 year, 2 months ago
Selected Answer: C
VPC Network Peering connections are limited to 25 connections per VPC network.
upvoted 3 times
...
PeppaPig
1 year, 2 months ago
Can't be VPC peering. Google VPC supports up to 25 peering connections per VPC, here we need to connect 50 spokes. C is correct
upvoted 2 times
...
[Removed]
1 year, 2 months ago
Selected Answer: D
VPC Network Peering is a simple and a low cost way to connect VPC networks without using any external IP addresses or VPN gateways. It does not consume any quota or limit for VPN tunnels, external IP addresses, or forwarding rules. So, use it to conect the spokes to the hub. To fully prevent connectivity between the spokes, use a third-party network appliance as a default gateway (also if by default spokes can't communicate with the hub)
upvoted 1 times
desertlotus1211
1 year, 1 month ago
quota is 25, wrong answer.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago