ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 75 - ANS-C01 discussion

Report
Export

All IP addresses within a 10.0.0.0/16 VPC are fully utilized with application servers across two Availability Zones. The application servers need to send frequent UDP probes to a single central authentication server on the Internet to confirm that is running up-to-date packages. The network is designed for application servers to use a single NAT gateway for internal access. Testing reveals that a few of the servers are unable to communicate with the authentication server.

A.
The NAT gateway does not support UDP traffic.
Answers
A.
The NAT gateway does not support UDP traffic.
B.
The authentication server is not accepting traffic.
Answers
B.
The authentication server is not accepting traffic.
C.
The NAT gateway cannot allocate more ports.
Answers
C.
The NAT gateway cannot allocate more ports.
D.
The NAT gateway is launched in a private subnet.
Answers
D.
The NAT gateway is launched in a private subnet.
Suggested answer: C

Explanation:

Ref: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html"A NAT gateway can support up to 55,000 simultaneous connections to each unique destination. Thislimit also applies if you create approximately 900 connections per second to a single destination (about 55,000 connections per minute). If the destination IP address, the destination port, or the protocol (TCP/UDP/ICMP) changes, you can create an additional 55,000 connections. For more than 55,000 connections, there is an increased chance of connection errors due to port allocation errors.

These errors can be monitored by viewing the ErrorPortAllocation CloudWatch metric for your NAT gateway. For more information, see Monitoring NAT Gateways Using Amazon CloudWatch."

asked 16/09/2024
Nika Longley
38 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first