You are trying to help a customer figure out a puzzling issue they recently experienced during a Disaster Recovery Drill. They wanted to test the failover capability of their Multi-AZ RDS instance. They initiated a reboot with failover for the instance and expected only a short outage while the standby replica was promoted and the DNS path was updated. Unfortunately after the failover, they could not reach the database from their on-prem network despite the database being in an "Available" state. Only when they initiated a second reboot with failover were they again able to access the database. What is the most likely cause for this?
I have question regarding this from the exam simulator. The answer stated is:
The subnets in the subnet group did not have the same routing rules. The standby subnet did not have a valid route back to the on-prem network so the database could not be reached despite being available.
But why would rebooting it change the subnet group rules?
1 Answers
The standby replica is in a different subnet which hasn’t been utilized for connection until this test rebooting (routes don’t change; just get used for the first time).
A route like this is missing from the standby’s subnet:
Destination Target
14.23.0.0/16 vpg-ae342f23034521
(on premise CIDR) (virtual private gateway)