A nutanix user VPC called servers has three subnets called Tier1, tier2 and Darren-Tier3.
* Servers:10.0.0.0/16
* Tier1: 10.0.0.0/16
* Tier2: 10.0.0.0.128/25
* Darren-Tier3:10.0.4.0/24
An administrator wants to keep Darren-Tier3 isolated and not receive any outside traffic.
In order properly route for Tier1 and Tier2 coming from native subnets for Azure, what should the
ERP be set to?
D
Explanation:
ERP Configuration: ERP (External Route Prefix) settings determine how traffic is routed between
subnets and VPCs.
Objective: The goal is to isolate Darren-Tier3 while ensuring proper routing for Tier1 and Tier2.
Transit VPC ERP: Setting it to 10.0.0.0/16 ensures that it covers the entire VPC range, allowing traffic
within Tier1 and Tier2.
Servers ERP: Setting it to 10.0.4.0/24 ensures isolation for Darren-Tier3 by limiting traffic to that
specific subnet and preventing external traffic from reaching it.
Conclusion: This configuration achieves the isolation of Darren-Tier3 while allowing proper routing
for Tier1 and Tier2.
Reference:
Nutanix Networking Documentation
Azure Virtual Network Documentation
An administrator is planning to expand an NC2 on Azure cluster.
Which statement is true regarding prerequisites for expanding the cluster?
C
Explanation:
Cluster State Requirement: To expand a cluster, it must be operational and in a connected state to
ensure seamless integration of additional nodes.
Cluster Stopped State: If the cluster is stopped, it cannot perform expansion operations.
Minimum Nodes Requirement: There is no minimum node count prerequisite for expanding the
cluster as long as the cluster is connected.
Cluster Connected State: Ensuring the cluster is connected verifies that it is operational and can
communicate with additional nodes being added.
Conclusion: The cluster must be in a Cluster Connected state to expand successfully.
Reference:
Nutanix Clusters Expansion Guide
Azure NC2 Configuration Documentation
A company has just adopted Nutanix as their technology of choice and is preparing to deploy Nutanix
Cloud Clusters (NC@)
Which step must be taken first to gain access to the NC2 console?
C
Explanation:
Initial Access: To gain access to the NC2 console, users need to create an account on the Nutanix
platform.
My Nutanix Account: Creating a My Nutanix account provides access to the Nutanix console, support,
and other resources.
Free Trial and Billing Portal: Starting a free trial or accessing the billing portal can be subsequent
steps but require an initial account.
Support Case: Opening a support case is not necessary for initial access but might be needed for
specific issues later.
Conclusion: Creating a My Nutanix account is the first step to accessing the NC2 console and other
Nutanix services.
Reference:
Nutanix Account Creation Guide
Getting Started with Nutanix NC2
Which service enables the monitoring of key metrics on various Azure services, including virtual
networks, virtual machines, and bare metal hosts for an NC2 cluster?
A
Explanation:
Azure Monitor Overview: Azure Monitor is a comprehensive monitoring service that collects,
analyzes, and acts on telemetry data from Azure resources.
Key Metrics Monitoring: Azure Monitor enables the monitoring of various Azure services such as
virtual networks, virtual machines, and bare metal hosts, providing insights and visibility into their
performance and health.
Comparison of Services:
Resource Manager: Manages Azure resources but does not provide detailed monitoring capabilities.
Azure Service Health: Provides personalized alerts and guidance when Azure service issues affect you
but is not a comprehensive monitoring solution.
Azure Network Watcher: Focuses on network performance monitoring and diagnostics but does not
cover all resource types.
Conclusion: Azure Monitor is the most suitable service for monitoring key metrics across a wide
range of Azure services.
Reference:
Azure Monitor Documentation
Nutanix NC2 on Azure Monitoring Guide
An administrator wants to ensure that enough available bandwidth exits for workloads running in an
NC2 on Azure cluster environment.
What is the highest number of Flew Gateway VMs that can be deployed within this environment?
D
Explanation:
Flow Gateway VMs: Flow Gateway VMs are used to manage and route network traffic within an NC2
on Azure cluster, ensuring sufficient bandwidth for workloads.
Scalability: To ensure enough available bandwidth, multiple Flow Gateway VMs can be deployed.
Maximum Limit: The highest number of Flow Gateway VMs that can be deployed within an NC2 on
Azure environment is 6, providing the necessary capacity to handle high traffic volumes and ensure
optimal performance.
Conclusion: Deploying up to 6 Flow Gateway VMs ensures adequate bandwidth for NC2 workloads.
Reference:
Nutanix Clusters Networking Guide
Azure Network Performance Documentation
After creating a new Nutanix User VPC, what is needed to allow traffic to flow out of the Flow
gateway VM when using the NATed Path?
C
Explanation:
NATed Path Configuration: When using the NATed Path, it is essential to ensure that traffic can flow
out of the Flow gateway VM to external networks.
Default Route: Adding a default route on the Nutanix User VPC ensures that all outbound traffic is
directed to the appropriate network gateway.
Configuration Steps:
Navigate to the routing settings of the Nutanix User VPC.
Add a default route with the destination of 0.0.0.0/0, pointing to the External Overlay network.
Security Group Settings:
Ensure that the External Flow Gateway Security Group on the External NIC allows outbound traffic.
Ensure that the Internal Flow Gateway Security Group on the internal NIC allows outbound traffic (if
needed for internal network flows).
Conclusion: Properly configuring the default route on the Nutanix User VPC enables outbound traffic
flow via the NATed Path through the External Overlay network.
Reference:
Nutanix Flow Gateway Configuration Guide
Azure VPC Routing Documentation
Which entity should be contacted for cloud hardware support (EC2 instances, VPC, etc) related to
NC2?
B
Explanation:
Cloud Hardware Support: For issues related to cloud hardware, such as EC2 instances or VPC
configurations, the responsible entity is typically the public cloud vendor.
Nutanix Responsibility: Nutanix manages the software layer and integration aspects of the NC2
service, but the underlying hardware support is managed by the cloud provider (e.g., AWS, Azure).
Support Process:
Public Cloud Vendor: Contact the public cloud vendor for issues directly related to the hardware, as
they own and manage the physical infrastructure.
Nutanix: For software and configuration issues specific to the NC2 service, contact Nutanix support.
Conclusion: For cloud hardware-related support, the appropriate contact is the public cloud vendor.
Reference:
Nutanix Support Guide
Azure Support Documentation
When configuring permissions for an Azure subscription, which role is required to delegate minimum
permissions for the Azure AD App registration?
A
Explanation:
Azure AD App Registration: When setting up an application registration in Azure AD, specific
permissions are required to delegate access.
User Access Administrator Role: This role has the necessary permissions to manage user access to
Azure resources, including delegating permissions for app registrations.
Comparison of Roles:
Azure Reader Role: Grants read-only access, insufficient for managing app registrations.
Azure Contributor Role: Allows creation and management of resources but does not include
permissions to manage access.
Azure Custom Role: While it can be defined to meet specific needs, the User Access Administrator
role is predefined to handle access delegation.
Conclusion: The Azure User Access Administrator role is required to delegate minimum permissions
for Azure AD App registration.
Reference:
Azure Role-Based Access Control Documentation
Azure AD App Registration Guide
An administrator deploys an NC2 cluster in Azure and uses 10.100.0.0/16 for one of the VNets.
The cluster is configured as follows:
* 8 nodes
* Prism Central Deployed
* Files Deployed
Following the deployment, the administrator experiences network connectivity issues.
Which reason explains the connectivity issues?
B
Explanation:
Network Configuration: Using a specific IP range for a VNet can cause conflicts if that range is
reserved or already in use by the cluster’s internal operations.
Internal Usage: In NC2, certain IP ranges are reserved for internal cluster functions and should not be
used for VNets to avoid IP conflicts and connectivity issues.
Impact: If the 10.100.0.0/16 range is reserved for internal usage, using it for a VNet would lead to IP
conflicts, causing network connectivity issues.
Verification: It’s important to verify the reserved IP ranges in the NC2 documentation before
assigning them to VNets.
Conclusion: The connectivity issues are likely due to using the 10.100.0.0/16 range, which is reserved
for internal cluster usage.
Reference:
Nutanix Networking Guidelines
Azure Virtual Network Documentation
An administrator needs to open the following ports in the firewall between an on-premises cluster
and azure for disaster recovery:
* 22
* 2009
* 2020
* 2049
* 3260
* 9440
Which rile-type should be created on the firewall for communication to be appropriately
established?
B
Explanation:
Port Requirements: The specified ports (22, 2009, 2020, 2049, 3260, 9440) are commonly used for
various services and require TCP communication.
Port 22: SSH
Port 2009: Used for Nutanix internal communication
Port 2020: Nutanix services
Port 2049: NFS
Port 3260: iSCSI
Port 9440: Nutanix Prism management
Communication Type: To ensure proper disaster recovery setup, bi-directional communication is
needed to allow traffic to flow both from on-premises to Azure and vice versa.
TCP Protocol: These ports use the TCP protocol, which provides reliable communication between
devices.
Conclusion: Creating a bi-directional (TCP) rule on the firewall allows the necessary communication
for disaster recovery processes.
Reference:
Nutanix Networking and Security Documentation
Azure Networking Documentation