1 / 16

AWS Hybrid Cloud Connectivity

We believe in architecting application centric IT infrastructure that is focused on building business efficiency and scalability utilizing hybrid cloud and converged models of IT service delivery. <br>

cloudsyntrix
Download Presentation

AWS Hybrid Cloud Connectivity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AWS Networking &  Hybrid Cloud Connectivity

  2. AWS Networking &  Hybrid Cloud Connectivity 1.The concepts and building blocks 2.Connectivity options  3.Routing and AWS. Why and how BGP is  used 4.Redundancy & real life examples

  3. AWS Networking &  Hybrid Cloud Connectivity 1.The concepts and building blocks 2.Connectivity options 3.Routing and AWS. Why and how BGP is  used 4.Redundancy & real life examples

  4. Public Cloud Solutions RDS DB RDS DB • Typical Internet facing web app S3 S3 EC2 EC2 • Internet – well connected, high  EL B EL B speed AZ1 AZ2 • Low establishment cost Cloud Front CDN • Network performance non  guaranteed  Route53 DNS • Public Internet Internet • Globally scalable via Cloud Front Internet Router performing NAT 192.168.1.0/24 office/home network

  5. Virtual Private Cloud (VPC)  Solutions IGW VPC CIDR 10.1.0.0/16 • Your own private, isolated  section of the AWS cloud • Corporate DC extension into  AWS • Grouping of EC2 instances and  other services within a private  IP address range i.e.  10.1.0.0/16 • Subnets are local per AZ (layer  3 DC­DC design) • Failover is via SLB or DNS – no  VMotion like failover • Complete control over  networking & security Instance B 10.1.2.22 /24 Instance A 10.1.1.11 /24 Public Subnet Public Subnet 10.1.1.0/16 10.1.2.0/16 10.1.3.0/16 Instance D 10.1.4.44 /24 Instance C 10.1.3.33 /24 Private Subnet Private Subnet Availability Zone A Availability Zone B VGW Direct Connect Hardware VPN (IPSec Internet) Corpora te Office Corpora te Office

  6. VPC Components IGW VPC CIDR 10.1.0.0/16 • IGW ­ Internet Gateway • VGW ­ Virtual Private  Gateway Instance B 10.1.2.22 /24 Instance A 10.1.1.11 /24 • CGW – Customer Gateway Public Subnet Public Subnet • Subnets 10.1.1.0/16 10.1.2.0/16 10.1.3.0/16 Instance D 10.1.4.44 /24 Instance C 10.1.3.33 /24 • Route tables Private Subnet • Direct Connect Private Subnet Availability Zone A Availability Zone B • Hardware VPN • Security Groups & ACLs CGW CGW VGW Direct Connect Hardware VPN (IPSec Internet) Corpora te Office Corpora te Office

  7. AWS Networking &  Hybrid Cloud Connectivity 1.The concepts and building blocks 2.Connectivity options  3.Routing and AWS. Why and how BGP is  used 4.Redundancy & real life examples

  8. Hardware VPN – IPSec via  Internet • Provides an extension of the onsite corporate  network  • Can use your existing private IP addressing 10.x  etc • IPSec tunnel to secure traffic over the Internet  (128­bit AES) • Static or dynamic routing (BGP) • 2 x termination points per region. Default is a  tunnel to each

  9. Hardware VPN – IPSec via  Internet Internet links xDSL, EoC, Fibre Console builds  config 2 x tunnels to each edge  site (for VPG  redundancy) CGW’s Cisco, Juniper or  Windows Server

  10. AWS Direct Connect ­ Features • High speed, dedicated, private pipe into AWS  (VPC) • Consistent network performance compared to  Internet • Metered outbound traffic (~1/3 cost of Internet) • 1 or more network connection points per region  (Syd x 2) • Supports redundancy (BGP routing) • Allows QoS  • End to end support by single network provider

  11. AWS Direct Connect ­ Benefits • Reduced network transfer costs (out of AWS) • Improved & consistent application performance • Flexible – initial seed data typically very large • Less downtime ­ end to end support  • Security and compliance • Enabler for the Hybrid Cloud Architecture

  12. AWS Direct Connect ­ Anatomy Co-location rack within same DC ie Equinix Sydney AWS Direct Connect POP Customer Datacenter Private Virtual Interface dot1q VLAN 666 Colocation Facility - e.g. Equinix SV1 Customer DC Instance A 10.1.1.11 /24 Instance B 10.1.2.22 /24 Customer Subnet Public Subnet Public Subnet 10.1.1.0/16 192.168.0.0/16 AS65442 10.1.2.0/16 .18 10.1.3.0/16 .17 Instance D 10.1.4.44 /24 Instance C 10.1.3.33 /24 Private Subnet Private Subnet AWS Direct Connect Point of Presence Availability Zone A Availability Zone B Customer Gateway VPC CIDR 10.1.0.0/16 AS7224 Service Provider (MPLS L3 IP VPN or VPLS) VGW Cross Connect Customer or partner device CGW 169.254.247.16/30 BGP over /30 routed subnet VLAN on dot1q trunk BGP via managed Service Provider Network

  13. AWS Networking &  Hybrid Cloud Connectivity 1.The concepts and building blocks 2.Connectivity options  3.Routing and AWS. Why and how BGP is  used 4.Redundancy & real life examples

  14. BGP • Border Gateway Protocol • Needed to implement network redundancy • Standards based protocol used to connect the global  Internet • Exchanges routes ‘prefixes’ between ‘neighbours’ • Uses AS numbers ie AS 65001 AS_PATH measure of network distance • Local Preference – means to override AS_PATH locally  • Used by AWS to connect to customers and advertise  routes. –Direct Connect (mandatory) –IPSec VPN (optional) • Bi­Directional Forwarding Detection (BFD) – speeds up  failover to as low a 150ms. Standard BGP can be 180 sec.

  15. AWS Networking &  Hybrid Cloud Connectivity 1.The concepts and building blocks 2.Connectivity options 3.Routing and AWS. Why and how BGP is  used 4.Redundancy & real life examples

  16. Questions or follow­up? 79 Madison Ave, New York, NY 10016  www.cloudsyntrix.com 646­873­6945

More Related