Exam Associate Cloud Engineer topic 1 question 195 discussion

we need custom mode vpc so subnets are not created automatically (the ip range is mentioned in the question) also we will need active/passive HA VPN (as it is not mentioned we will have to use more than one HA VPN gateway). Links : https://cloud.google.com/network-connectivity/docs/vpn/concepts/best-practices https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview#active https://cloud.google.com/vpc/docs/vpc#subnet-ranges

C . Choose a Cloud VPN gateway that uses dynamic routing and the Border Gateway Protocol (BGP). Google recommends using HA VPN and deploying on-premises devices that support BGP. Choose the appropriate tunnel configuration Choose the appropriate tunnel configuration based on the number of HA VPN gateways: If you have a single HA VPN gateway, use an active/passive tunnel configuration. If you have more than one HA VPN gateway, use an active/active tunnel configuration. https://cloud.google.com/network-connectivity/docs/vpn/concepts/best-practices

The best option is:C. Use a custom mode VPC network, use Cloud Router border gateway protocol (BGP) routes, and use active/passive routing. Reason: • Custom mode VPC network: Provides granular control over IP address ranges and subnets, essential for handling the shared address space of 10.19.0.1/22. • Cloud Router with BGP: Enables dynamic routing, ensuring efficient route updates and avoiding manual intervention when changes occur. • Active/passive routing: Ensures no overprovisioning of tunnels during failover events, meeting the key requirement of robust connectivity.

C is correct.

C is the correct answer as we need to make sure that the subnets are not being created automatically

c is the correct one

Google Cloud Router On Google Cloud, dynamic routing can be established using Cloud Router. It exchanges network topology information through Border Gateway Protocol (BGP). Cloud Router advertises subnets from its VPC network to another router or gateway via BGP. This is great for setting up VPN between the cloud and on-prem, as topology changes automatically propagate with no manual intervention and higher redundancy for your systems. You now have: Discovery of remote networks Maintaining up-to-date routing information Choosing the best path to destination networks Ability to find a new best path if the current path is no longer available And a great side effect can be lower latency because Cloud Router learns routes through BGP which allows for optimal data paths to reach its destination, whether that be another network or a VPN gateway to on-premise. Cloud Router is also how Dedicated Interconnect can give you 10 gbp/s bandwidth between your cloud VPC and your peered on-premise data center.

C might be right

I think it should be C as there is too much customisation.