A user has created a VPC with CIDR 20.0.0.0/16 using the wizard. The user has created a public subnet CIDR (20.0.0.0/24) and VPN only subnets CIDR (20.0.1.0/24) along with the VPN gateway (vgw-123456) to connect to the user's data centre. The user's data centre has CIDR 172.28.0.0/12. The user has also setup a NAT instance (i-123456) to allow traffic to the internet from the VPN subnet. Which of the below mentioned options is not a valid entry for the main route table in this scenario?
A) Destination: 20.0.0.0/16 and Target: local
B) Destination: 0.0.0.0/0 and Target: i-123456
C) Destination: 172.28.0.0/12 and Target: vgw-123456
D) Destination: 20.0.1.0/24 and Target: i-123456

Question

Quizplus · Accepted Answer

The main route table should not have a route with the destination of the VPN subnet (20.0.1.0/24) pointing to the NAT instance (i-123456) because the NAT instance is used for internet-bound traffic, not for routing within the VPC.

A User Has Created a VPC with CIDR 20