[Session Report] Network Consideration for Scalable Architetcture #AWSSummit India 2023

[Session Report] Network Consideration for Scalable Architetcture #AWSSummit India 2023

Clock Icon2023.05.29

この記事は公開されてから1年以上経過しています。情報が古い可能性がありますので、ご注意ください。

Hello everyone, This is Aayush from AWS Business Unit

I got a chance to attend an amazing session on Network Consideration at the AWS Summit India online, I will write a small report about it bellow,

Session Detail:

Speaker Name:
Avanish Yadav(Senior Networking Specialist Solutions Architect, AWS India)
Swapnil Tiwari(Associate Solutions Architect, AWS India)

Discription:

With the launch of the new AWS Asia Pacific (Hyderabad) Region, customers have started deploying their application infrastructure in both the AWS Regions, for different use cases - disaster recovery (DR), global application presence, and lower latency.

In this session, we discuss the networking considerations customers should keep in mind for multi-region application deployment.

Agenda:

  1. Network Connectivity Patterns

  2. SD WAN Integartion with AWS Cloud.

  3. Simplifying the multi Region with Cloud WAN

  4. DNS & Endpoint Failover

Session Report

How do you plan your Network Topology

Global Scope Services : are services that we do not need to create in every region. Regional Scope : has boundaries defined by the region

Key consideration's VPC Connectivity

  1. Assign Unique Ip address for avoiding Ip wasteage

  2. VPC Peering for less number of vpc and TGW for More Number of VPC

  3. Create nat gateway and route for all the region

  4. if ip whitlist is a requirement do it for each new region

Hybrid Connectivity Option

Hybrid Connectivity Direct Connect

We can connect to DC to AWS using the nearest AWS Direct Connect location and then using virtual interfaces.

Type of VIfs

  1. Transit VIFs: Used to connect 1 or more VPC's Associated with Transit Gateway

  1. Private VIfs Used to Connect to VPC resources over Private Ip addresse

  1. Public Vifs: Used to access all public aws Services over Public IP address like DynamoDB

Site to Site VPN: If you have less number of VPC

Site to Site VPN with TGW: More number of VPC's

Site to Site SDWAN

Site-to-site SDWAN is a type of SDWAN that is used to connect two or more sites together. It uses a variety of technologies, including IPsec, to create a secure and reliable connection between the sites. Site-to-site SDWAN can be used to connect a variety of sites, including branch offices, data centers, and cloud-based resources

AWS Cloud WAN: global connectivity

AWS Cloud WAN is a managed wide area networking (WAN) service that makes it easy for you to build, manage, and monitor a global network that connects resources running across your cloud and on-premises environments. AWS Cloud WAN provides a central dashboard from which you can connect on-premises branch offices, data centers, and Amazon Virtual Private Clouds (VPCs) across the AWS global network.

Amazon DNS Resolution in Hybrid Architecture

Amazon Route 53 Resolver is a fully managed DNS service that makes it easy to use Route 53 to resolve DNS queries for resources in your on-premises network and in the AWS Cloud. Route 53 Resolver can be used to resolve DNS queries for both public and private hosted zones.

To use Route 53 Resolver in a hybrid architecture, you need to create a Route 53 Resolver endpoint in your on-premises network. You can then create a conditional forwarding rule in your Route 53 Hosted Zone to forward DNS queries for a specific domain to the Route 53 Resolver endpoint.

When a client in your on-premises network sends a DNS query for a domain that is configured for conditional forwarding, the query is sent to the Route 53 Resolver endpoint. The Route 53 Resolver endpoint then resolves the query and returns the IP address of the resource.

Amazon Route 53 Applicarion Recovery Controller

Amazon Route 53 Application Recovery Controller (ARC) is a service that helps you build and maintain highly available applications across multiple AWS Availability Zones (AZs) and Regions. ARC provides a centralized way to monitor your applications and resources, and to coordinate failover in the event of an outage.

My view

The session delivered a lot of information in a very short period of time. if you are an engineer and confused in writing network architecture this session will surely help.

この記事をシェアする

facebook logohatena logotwitter logo

© Classmethod, Inc. All rights reserved.