Understanding and Configuring VPC Peering, VPN, and Direct Connect
V P C 2 V P C 3
V P C1
Region
No transitive Peering
S i n g l e Re g i o n Inter -VPC rout ing
S a m e or different A W S account
N o over lapping network addresses
5 0 V P C peers perV P C , u p to 125 b yrequest
VPC Peering
D N S is suppor t e d
Use route tables to conf igure rout ing
Up d a t e the inbound or ou t b ou n d rules for your V P C secur i ty g r o u p s to reference secur i ty g r o u p s in the peered V P C
VPC Peering
V P C
Demo
C onf i gu r i n g V P C Peer ing
N. V i r g i n i a R e g i o n
Av a i l a b i l i t y Z o n e A Av a i l a b i l i t y Z o n e A
Z
D B 01
Private subnet
192.168.2.0/24
W e b
Publ ic subnet
19 2 .16 8 .1. 0 / 2 4
F S 01
Private subnet
172.31.0.0/20
192.168.0.0/16 172.31.0.0/16
Customer
Gateway
(CG)
Virtual
Private
Gateway
Internet Gateway
(IGW)
GatewaysVPN
AWS VPC Access
Hardware-
based VPN
Direct
Connect
VPN
CloudHub
S oftware
VPN
VPN Types
Corporate D atac enter
Internet
R e m o te A c c e s s
S ite to S ite
B ran ch Off ice
B ran ch Off ice
C S P
C S P
AWS VPC Access
C o rp o rateDatacenter
InternetSite to S ite
B ran ch Off ice
B ran ch
C S P
H a r d w a r e - b a s e dV P N
Customer Gateway
V irtua lP r i v a t e Off ice
G a t e w a y
InternetG a t e w ay
AW S
AW SC S P
VPN Connection
R e m o te A c c e s s
S o f t wa re V P N
Direct Connect can be partitioned into multiple virtual interfaces (VIFS)
Support for VLAN Trunking (802.1Q)
Less than 1Gbps though AWS Partner
Network (APN)
1Gbps or 10GbpsPredictable
performance / consistentnetwork experience
Predictable bandwidth
AWS Direct Connect
AWS Direct Connect
Corporate D atac enter
AW SPrivate Con n ec t ion D i re c t C o n n e c t
AWS Direct Connect
Corporate D atac enter
Internet
P rivateC o nne c tion AW S
C o lo
D ire c tC o n n ec t
V P N
Private connect iv i ty to V P CPubl i c connect iv i ty to S3, E C 2
a nd D y n a m o D B
Virtual Interfaces
Direct C o nnect can b e part it ioned into multiple virtual interfaces ( V I F )
Direct Connect Location
Virtual Private Cloud
DynamoDBAmazon
S3
Amazon EC2
Public IPsVLAN 1
VLAN 2
Amazon EC2
Private IPs
Customer
RouterDirect
Connect
Router
Direct Connect
and VPNs:Deep Dive - AWS Direct Connect
https://youtu.be/SMvom9QjkPk
AWS Direct Connect:
https://aws.amazon.com/directconnect/
AWS VPN CloudHub
B ran ch Off ice
B ran ch Off ice
B ran ch Off ice
B ran ch Off ice
Corporate D atac enter
V P C
Hardware-b a s e d V P N
AWS VPN CloudHub
B ran ch Off ice
B ran ch Off ice
B ran ch Off ice
B ran ch Off ice
Corporate D atac enter
Hardware-b a s e d V P N
V P C
V P C peer ing
V P N a c c e s s t y p e s
Direct connect
Summary
Top Related