Question 3 - Oracle 1Z0-1124-25 Real Exam Questions [Jan 2026 Update]

Q: 3

You are troubleshooting a connectivity issue between two compute instances within the same VCN. Both instances are in different subnets. Instance A (IPv4: 10.0.1.10, IPv6: fc00:1:1::10) can ping its subnet gateway (10.0.1.1) and can ping the IPv6 address of Instance B (fc00:1:2::20), but cannot ping Instance B's IPv4 address (10.0.2.20). The security lists and network security groups (NSGs) are configured to allow all traffic between the subnets. The route table for Instance A’s subnet has a rule to route all traffic destined to 10.0.2.0/24 subnet to the VCN Local Peering Gateway. What is the most probable cause?

Options

Correct Answer:

Explanation

Analyze Connectivity Successes: Instance A can ping its subnet gateway (10.0.1.1), indicating that

local subnet routing and security rules are functioning for IPv4. It can also ping Instance B’s IPv6

address (fc00:1:2::20), confirming that IPv6 routing and security rules between subnets are

operational.

Identify the Failure: Instance A cannot ping Instance B’s IPv4 address (10.0.2.20). Since security lists

and NSGs allow all traffic, the issue is unlikely to be a security configuration problem.

Examine Routing for Instance A: The route table for Instance A’s subnet (10.0.1.0/24) has a rule

directing traffic to 10.0.2.0/24 via the VCN Local Peering Gateway (LPG). In OCI, LPGs are used for

intra-region VCN peering, but here, both instances are in the same VCN, so this rule is likely a

misconfiguration or irrelevant unless peering is involved. However, the successful IPv6 ping suggests

basic connectivity exists.

Check Return Path from Instance B: For a ping to succeed, Instance B must send ICMP replies back to

Instance A (10.0.1.10). Instance B’s subnet (10.0.2.0/24) needs a route table entry to send traffic to

10.0.1.0/24. Without this, replies are dropped, causing the IPv4 ping to fail. The IPv6 success

indicates that IPv6 routing is correctly configured both ways, possibly via SLAAC or default routes.

Evaluate Options:

A: Incorrect. IPv6 is enabled, as Instance A pings Instance B’s IPv6 address.

B: Correct. Missing route for 10.0.1.0/24 in Instance B’s subnet prevents IPv4 replies.

C: Incorrect. Security lists and NSGs can filter IPv6 traffic in OCI.

D: Incorrect. Ping supports IPv6, as evidenced by the successful IPv6 ping.

The most probable cause is a missing route in Instance B’s subnet route table. In OCI, each subnet

has its own route table, and for instances in different subnets within the same VCN to communicate,

both subnets must have appropriate routes. The successful IPv6 ping suggests that IPv6 routing is

intact (likely due to default behavior or SLAAC), but IPv4 requires explicit routing. Per the Oracle

Networking Professional study guide, "Route tables must be configured to direct traffic to the

appropriate next hop for inter-subnet communication within a VCN" (OCI Networking

Documentation, Section: Virtual Cloud Networks).

Reference: Oracle Cloud Infrastructure Documentation - Networking Overview, Route Tables.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE