AWS Networking key concept

By


 
A Network is a way of communication between devices. AWS Networking allows creating a fast, reliable, and secure network. To understand AWS Networking better, it is important to get familiar with all the Amazon services that create a network.

  • IP — Address used to map requests to machines, can be public or private.
  • VPC — A slice of the AWS cloud infrastructure
  • Subnet – A portion of a larger network, usually a subnetwork of a VPC.
  • Netmask — A way of denoting a range of IP used to splice up a network into subnets.
  • Route Table — A set of rules that are assigned to a subnet which define how subnets communicate.
  • Internet Gateway — An AWS resource that gives a subnet access to the public internet.

Security group — Essentially a firewall that dictates which traffic (via protocols and ports) can access a resource.


Lets see a basic application example which needs internet access running on EC2. So basic networking for this will be to define a VPC -->create subnets(public :- destination will be 0.0.0.0 via route table & private:- destination will be some cidr block via route table)--> internet gate way-->adding ingress rule in security group of EC2 instance above will solve your basic networking issue to get access from internet.

Now Lets go little deeper in networking concept and learn some other services as below :

AWS Private Link

AWS Private Link provides private connectivity between various amazon services. The connectivity is done between Amazon VPC (Virtual Private Cloud), Amazon Web Services, and on-premises network without exposing traffic to the public internet.

AWS Direct Connect

AWS Direct Connect helps in establishing a dedicated network from your premises to AWS. It enables a private and secure connection between AWS and the data center. It is compatible with AWS services and supports a high bandwidth for a more consistent network and better speed. The starting speed is around 50 Mbps and supports scaling up to 100 Gbps.


VPC peering vs Transit gateway vs Private link:-

Now if we have requirement to talk between multiple VPCs and underlaying resources then we have 3 choices: VPC peering, Transit gateway and Private link. Confused which one to choose now :-

VPC Peering is an excellent choice when you need to connect a limited number of VPCs with minimal cost implications and management overhead.

AWS Private Link is the right option when you intend to selectively expose services to other VPCs, although it involves additional costs, extra networking components, and the associated management overhead and it provides unidirectional access from a consumer VPC to a single service in a provider VPC.

Transit Gateway can serve as an alternative to VPC Peering as you scale to a larger number of VPCs, simplifying network management at the expense of some additional costs. It’s also well-suited for connecting various network entities with anticipated scalability. Transit Gateway provides full bidirectional layer 3 connectivity between VPCs – allowing full access to/from all resources in the connected VPCs.

Hope you must have learned something today...happy networking!

Comments

Post a Comment

Popular posts from this blog

Do you know over logging can cost you most?

By
  Short description To identify your CloudWatch usage charges, review your  AWS Cost and Usage Reports . To reduce and prevent unnecessary charges, review the following CloudWatch services, and implement cost-effective methods: CloudWatch custom metrics CloudWatch metric API calls CloudWatch alarms CloudWatch dashboards CloudWatch Logs CloudWatch Contributor Insights CloudWatch Synthetics CloudWatch Internet Monitor CloudWatch Container Insights CloudWatch Application Signals CloudWatch RUM CloudWatch Evidently Note:  To monitor future AWS costs, it's a best practice to  turn on billing alerts . Resolution CloudWatch custom metrics All CloudWatch detailed monitoring and custom metrics are prorated by the hour and metered when metrics are sent to CloudWatch. To reduce CloudWatch metrics charges, take the following actions: Turn off detailed monitoring for instances, Auto Scaling group launch configurations, and API gateways. Turn off monitoring for custom metrics when...
Read more

Diagonal Scaling concept

By
Image
Diagonal scaling as it relates to a database and/or cloud computing is precisely what it sounds like - combining the best of both vertical and horizontal scaling to better suit the needs of the organization. When implemented correctly, diagonal scaling enables you to handle more data and more users, ultimately enhancing efficiency and reducing bottlenecks.. In the database world, scaling typically refers to the process of adding more resources (such as servers, storage, or processing power) to handle increased data and workload demands. Common approaches to scaling databases include vertical scaling (adding more resources to a single server) and horizontal scaling (distributing the database across multiple servers). ‍ Diagonal or hybrid scaling can be a game-changer, offering a dynamic solution to the challenges related to fluctuating workloads. Unlike traditional vertical and horizontal scaling approaches, diagonal scaling provides the flexibility to adapt to changing demands seamless...
Read more

Netflix on AWS

By
Image
  Netflix is one of the world’s leading entertainment services with over 260 million members in more than 190 countries. Netflix uses AWS for nearly all its computing and storage needs, including databases, analytics, recommendation engines, video transcoding, and more—hundreds of functions that in total use more than 100,000 server instances on AWS. Key highlights of Netflix in AWS : 1)  Netflix Connects with 100 Million Customers in 190 Countries Using Amazon Simple Email Service. 2) Netflix Realizes Multi-Region Resiliency on Amazon Route 53. 3) Netflix Uses NICE DCV on AWS to Build VFX Studio in the Cloud for Artists Globally. 4) Netflix Empowers Remote Artistry with Low-Latency Workstations Using AWS Local Zones. With the new Amazon EC2 G5 instances, we can provision higher-end graphics workstations that offer up to 3x higher performance compared to workstations with EC2 G4dn instances. With G5 instances, content creators have the freedom to create more complex ...
Read more