Which solution would improve the redundancy of the connection to AWS while meeting the cost requirements?
Provision another 1 Gbps Direct Connect connection and create new VIFs to each of the VPCs. Configure the VIFs in a load balancing fashion using BGP.
Set up VPN tunnels from the data center to each VPC. Terminate each VPN tunnel at the virtual private gateway (VGW) of the respective VPC and set up BGP for route management.
Set up a new point-to-point Multiprotocol Label Switching (MPLS) connection to the AWS Region that’s being used. Configure BGP to use this new circuit as passive, so that no traffic flows through this unless the AWS Direct Connect fails.
Create a public VIF on the Direct Connect connection and set up a VPN tunnel which will terminate on the virtual private gateway (VGW) of the respective VPC using the public VIF. Use BGP to handle the failover to the VPN connection.
Explanations:
Provisioning another Direct Connect connection would improve redundancy, but creating VIFs for each VPC and load balancing via BGP would complicate route management and potentially introduce issues with traffic distribution. Additionally, adding a second Direct Connect connection would increase costs.
Setting up VPN tunnels from the data center to each VPC provides redundancy while keeping costs relatively low. The VPN tunnels can serve as backup if the Direct Connect connection fails, and using BGP for route management ensures seamless failover.
MPLS connections are typically used for private networks and would add complexity and cost. Using MPLS as a passive connection would not be cost-effective or efficient for redundancy when compared to VPN tunnels.
A public VIF combined with a VPN tunnel would not meet the goal of improving redundancy for Direct Connect. The public VIF is intended for internet-facing services, not for VPN failover. The solution also introduces unnecessary complexity without providing optimal redundancy.