Which of the following statements is incorrect in relation to VPC peering?

Your company has multiple IT departments, each with their own VPC. Some VPCs are located within the same AWS account, and others in a different AWS account. You want to peer together all VPCs to enable the IT departments to have full access to each others’ resources. There are certain limitations placed on VPC peering.

Which of the following statements is incorrect in relation to VPC peering?
A .  Private DNS values cannot be resolved between instances in peered VPCs.
B .  You can have up to 3 VPC peering connections between the same two VPCs at the same time.
C .  You cannot create a VPC peering connection between VPCs in different regions.
D .  You have a limit on the number active and pending VPC peering connections that you can have per VP

Answer: B

Explanation:

To create a VPC peering connection with another VPC, you need to be aware of the following limitations and rules:

You cannot create a VPC peering connection between VPCs that have matching or overlapping CIDR blocks.

You cannot create a VPC peering connection between VPCs in different regions.

You have a limit on the number active and pending VPC peering connections that you can have per VPC.

VPC peering does not support transitive peering relationships; in a VPC peering connection, your VPC will not have access to any other VPCs that the peer VPC may be peered with. This includes VPC peering connections that are established entirely within your own AWS account.

You cannot have more than one VPC peering connection between the same two VPCs at the same time.

The Maximum Transmission Unit (MTU) across a VPC peering connection is 1500 bytes.

A placement group can span peered VPCs; however, you will not get full-bisection bandwidth between instances in peered VPCs.

Unicast reverse path forwarding in VPC peering connections is not supported.

You cannot reference a security group from the peer VPC as a source or destination for ingress or egress rules in your security group. Instead, reference CIDR blocks of the peer VPC as the source or destination of your security group’s ingress or egress rules.

Private DNS values cannot be resolved between instances in peered VPCs.

Reference: http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/vpc-peering-overview.html#vpc-peering-limitations

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments