Embed Size (px)
Citation preview
Experience Day, MedellínNetworking Services
Agenda
• Amazon Virtual Private Cloud (VPC)• AWS Direct Connect• Amazon Route 53
Amazon Virtual Private Cloud (VPC)
• Logical isolation of the Amazon Web Services (AWS) Cloud
• Complete control of your virtual networking environment– Set your own IP address ranges– Create subnets– Configure routing tables and networking gateways
• Extend your corporate network and launch AWS resources in a virtual network that you define
Amazon Virtual Private Cloud (VPC)Amazon Management Console – Create VPC
Amazon Virtual Private Cloud (VPC)
• Syntax for specifying IP addresses and their associated routing prefix
• Examples of CIDR notation• 10.0.0.0/16 (represents 65,536 hosts)• 10.1.0.0/20 (represents 4,096 hosts)• 10.2.0.0/23 (represents 512 hosts)• 10.3.1.0/24 (represents 256 hosts)
Classless Inter-Domain Routing (CIDR) Notation
Amazon Virtual Private Cloud (VPC)Amazon Management Console - VPC Wizard
Amazon Virtual Private Cloud (VPC)
• Segment or partition of a VPC network
10.0.0.0/16
10.0.0.0/1810.0.64.0/1810.0.192.0/1910.0.224.0/19
Subnets
Amazon Virtual Private Cloud (VPC)
• Public or Private subnet• Web-tier instances
– Public subnet• App-tier instances
– Private subnet• Data-tier instances
– Private subnet• Batch-tier instances
– Private subnet
Subnets
Amazon Virtual Private Cloud (VPC)
• Virtual router that connects a VPC to the Internet• After an Internet Gateway is created, it is
attached to a VPC
Internet Gateways (IGW)
Amazon Virtual Private Cloud (VPC)
• Specify how packets are forwarded
Route Tables
Amazon Virtual Private Cloud (VPC)
• Amazon Elastic Compute Cloud(EC2) instance with routing softwarethat remaps network addressinformation to hide the privatesubnet from the Internet
• Provides outbound-only or egress access to the Internet for the privatesubnet via the public subnet
Network Address Translation (NAT)
Amazon Virtual Private Cloud (VPC)
• Virtual firewalls that control traffic for one or more instances
• Source can be a CIDR or Security Group
Security Group
Amazon Virtual Private Cloud (VPC)
• Virtual firewalls that control traffic in and out of a subnet
• Network ACLs are stateless rules that can allow or deny traffic
Network Address Control Lists (NACL)
Amazon Virtual Private Cloud (VPC)
• Three ways to connect to your VPC– Over the Internet– Hardware Virtual Private Network (VPN) using IPSec
• Configured in minutes
– AWS Direct Connect• Service provided by Amazon Partner Network (APN) Partners
Corporate Datacenter Connectivity
AWS Direct Connect
• Dedicated network connection to AWS• Consistent network performance• Speeds of 50-500Mbps, 1Gbps, and 10Gbps• Most hardware VPN solutions top at 4Gbps• Supports Active/Active and Active/Passive
Border Gateway Protocol (BGP) Multipath
Amazon Route 53
• Global Domain Name System (DNS)• Highly available and scalable – 100% availability SLA• Multiple routing types
– Simple Routing– Weighted Routing– Latency Routing– Failover Routing– Geolocation Routing
Thank You
