From the corporate network, your business needs to resolve DNS records stored in an Amazon Route 53 private zone 'awscloud:internal'. AWS Direct Connect is setup with a private virtual interface to allow access to a virtual private cloud (VPC) using the CIDR block 192.168.0.0/16. On an Amazon Elastic Compute Cloud (EC2) instance with the IP address 192.168.10.5 inside the VPC, a DNS Resolver (BIND) is setup. The DNS Resolver is configured with conventional root server hints and conditional forwarding for 'awscloud.internal' to 192.168.0.2.
You ask the DNS server at 192.168.10.5 for www.amazon.com from your workplace network PC. The query succeeds and delivers the expected result. The query for'server.awscloud.internal' timed out. You will not get a response.
How should successful queries for'server.awscloud.internal' be enabled?
A. Attach an internet gateway to the VPC and create a default route.
B. Configure the VPC settings for enableDnsHostnames and enableDnsSupport as True
C. Relocate the BIND DNS Resolver to the corporate network.
D. Update the security group for the EC2 instance at 192.168.10.5 to allow UDP Port 53 outbound.
From the corporate network, your business needs to resolve DNS records stored in an Amazon Route 53 private zone 'awsclo
-
answerhappygod
- Site Admin
- Posts: 899604
- Joined: Mon Aug 02, 2021 8:13 am
From the corporate network, your business needs to resolve DNS records stored in an Amazon Route 53 private zone 'awsclo
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!