Hello everyone, This is Aayush from AWS Business Unit
I got a chance to attend an amazing session on Network Consideration at the AWS Summit India online, I will write a small report about it bellow,
Avanish Yadav(Senior Networking Specialist Solutions Architect, AWS India)
Swapnil Tiwari(Associate Solutions Architect, AWS India)
With the launch of the new AWS Asia Pacific (Hyderabad) Region, customers have started deploying their application infrastructure in both the AWS Regions, for different use cases - disaster recovery (DR), global application presence, and lower latency.
In this session, we discuss the networking considerations customers should keep in mind for multi-region application deployment.
- Network Connectivity Patterns
SD WAN Integartion with AWS Cloud.
Simplifying the multi Region with Cloud WAN
DNS & Endpoint Failover
How do you plan your Network Topology
Global Scope Services : are services that we do not need to create in every region. Regional Scope : has boundaries defined by the region
Key consideration's VPC Connectivity
- Assign Unique Ip address for avoiding Ip wasteage
VPC Peering for less number of vpc and TGW for More Number of VPC
Create nat gateway and route for all the region
if ip whitlist is a requirement do it for each new region
Hybrid Connectivity Option
Hybrid Connectivity Direct Connect
We can connect to DC to AWS using the nearest AWS Direct Connect location and then using virtual interfaces.
Type of VIfs
- Transit VIFs: Used to connect 1 or more VPC's Associated with Transit Gateway
- Private VIfs Used to Connect to VPC resources over Private Ip addresse
- Public Vifs: Used to access all public aws Services over Public IP address like DynamoDB
Site to Site VPN: If you have less number of VPC
Site to Site VPN with TGW: More number of VPC's
Site to Site SDWAN
Site-to-site SDWAN is a type of SDWAN that is used to connect two or more sites together. It uses a variety of technologies, including IPsec, to create a secure and reliable connection between the sites. Site-to-site SDWAN can be used to connect a variety of sites, including branch offices, data centers, and cloud-based resources
AWS Cloud WAN: global connectivity
AWS Cloud WAN is a managed wide area networking (WAN) service that makes it easy for you to build, manage, and monitor a global network that connects resources running across your cloud and on-premises environments. AWS Cloud WAN provides a central dashboard from which you can connect on-premises branch offices, data centers, and Amazon Virtual Private Clouds (VPCs) across the AWS global network.
Amazon DNS Resolution in Hybrid Architecture
Amazon Route 53 Resolver is a fully managed DNS service that makes it easy to use Route 53 to resolve DNS queries for resources in your on-premises network and in the AWS Cloud. Route 53 Resolver can be used to resolve DNS queries for both public and private hosted zones.
To use Route 53 Resolver in a hybrid architecture, you need to create a Route 53 Resolver endpoint in your on-premises network. You can then create a conditional forwarding rule in your Route 53 Hosted Zone to forward DNS queries for a specific domain to the Route 53 Resolver endpoint.
When a client in your on-premises network sends a DNS query for a domain that is configured for conditional forwarding, the query is sent to the Route 53 Resolver endpoint. The Route 53 Resolver endpoint then resolves the query and returns the IP address of the resource.
Amazon Route 53 Applicarion Recovery Controller
Amazon Route 53 Application Recovery Controller (ARC) is a service that helps you build and maintain highly available applications across multiple AWS Availability Zones (AZs) and Regions. ARC provides a centralized way to monitor your applications and resources, and to coordinate failover in the event of an outage.
The session delivered a lot of information in a very short period of time. if you are an engineer and confused in writing network architecture this session will surely help.