Multi-VPC connectivity, AWS network infrastructure.(Part-1)

 Overview

Amazon Web Services (AWS) customers often rely on hundreds of accounts and virtual private clouds (VPCs) to segment their workloads and expand their footprint. When a VPC needs to communicate with another VPC present in the same or different region/account, there should be a connection established. As the number of VPCs increases in an account or in a region due to the expansion of workload, the communication between those VPCs and the VPCs present in different accounts or regions becomes cumbersome. There could be various use cases and problems to solve other than mentioned above. AWS provides us choices that we can opt, which best suits our network infrastructure requirements.

VPC to VPC connectivity

VPC Peering

  • AWS VPC peering is a point-to-point connectivity between VPCs.
  • No transitive connections can be leveraged.
  • Maximum of 125 peering connections per VPC.
  • For hybrid connectivity i.e. peering connection between AWS VPC and on-premises network, VPN or Direct connect is a pre-requisite.
  • Both intra-region and inter-region connections can be established.
  • VPCs can be in your own accounts as well as in different accounts to create peering connection.
  • Cost effective and direct connectivity requirement.  
AWS Transit Gateway


Source of above picture: AWS documentation
  • It is a hub and spoke model. The transit gateway is the hub and it routes traffic to different VPCs as per the routes in the transit gateway route table.
  • There can 1000s of transit gateway attachments per TGW enabling connections at scale.
  • Transit Gateway peering can be done to reduces blast radius.
  • Transit gateway attachment options include VPN attachment, VPC attachment, AWS Direct Connect Gateway attachment.
  • Supports both intra-region and inter-region connectivities.
  • BGP protocol enables dynamic routing.
  • Simplifies connectivity between VPCs at scale and also hybrid connectivity.
Transit VPC

Source of above picture : AWS documentation                                           
  • This connects VPCs via VPN connection, therefore VPN connection is a must.
  • A hub and spoke model with one specific VPC acting as hub, which contains the EC2 running a third party vendor software that routes traffic to different relevant VPCs.
  • Transitive routing is enabled using the overlay VPN network.
  • This model brings operational overhead, security challenges, higher costs for running third-party vendor virtual appliances on EC2 based on the instance size/family. However, if customers are using the same software on-premises, they benefit from a unified operational/monitoring experience.
  • When using third-party vendor software on the EC2 instance in the hub transit VPC, vendor functionality around advanced security can be used.
  • Customers are responsible for managing the HA and redundancy of EC2 instances running the third-party vendor virtual appliances. 
Conclusion

This blog gives information on three different options of establishing Multi-VPC connectivity. 
It provides key elements to understand the features of above mentioned options/services which helps to get an idea when to use which service/option that best meets your networking requirements.
Hope you found it helpful! Second part to this blog will be coming soon.
Please look forward for it.
Thank you for your time. %3CmxGraphModel%3E%3Croot%3E%3CmxCell%20id%3D%220%22%2F%3E%3CmxCell%20id%3D%221%22%20parent%3D%220%22%2F%3E%3CmxCell%20id%3D%222%22%20value%3D%22%26lt%3Bfont%20color%3D%26quot%3B%23ffffff%26quot%3B%26gt%3BAWS%20Cloud%26lt%3B%2Ffont%26gt%3B%22%20style%3D%22points%3D%5B%5B0%2C0%5D%2C%5B0.25%2C0%5D%2C%5B0.5%2C0%5D%2C%5B0.75%2C0%5D%2C%5B1%2C0%5D%2C%5B1%2C0.25%5D%2C%5B1%2C0.5%5D%2C%5B1%2C0.75%5D%2C%5B1%2C1%5D%2C%5B0.75%2C1%5D%2C%5B0.5%2C1%5D%2C%5B0.25%2C1%5D%2C%5B0%2C1%5D%2C%5B0%2C0.75%5D%2C%5B0%2C0.5%5D%2C%5B0%2C0.25%5D%5D%3BoutlineConnect%3D0%3BgradientColor%3Dnone%3Bhtml%3D1%3BwhiteSpace%3Dwrap%3BfontSize%3D12%3BfontStyle%3D0%3Bcontainer%3D1%3BpointerEvents%3D0%3Bcollapsible%3D0%3BrecursiveResize%3D0%3Bshape%3Dmxgraph.aws4.group%3BgrIcon%3Dmxgraph.aws4.group_aws_cloud_alt%3BstrokeColor%3D%23FFFFFF%3BfillColor%3Ddefault%3BverticalAlign%3Dtop%3Balign%3Dleft%3BspacingLeft%3D30%3BfontColor%3D%23232F3E%3Bdashed%3D0%3B%22%20vertex%3D%221%22%20parent%3D%221%22%3E%3CmxGeometry%20x%3D%22140%22%20y%3D%22240%22%20width%3D%22620%22%20height%3D%22360%22%20as%3D%22geometry%22%2F%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%223%22%20value%3D%22%26lt%3Bfont%20color%3D%26quot%3B%23ffffff%26quot%3B%26gt%3BVPC%20A%26lt%3B%2Ffont%26gt%3B%22%20style%3D%22points%3D%5B%5B0%2C0%5D%2C%5B0.25%2C0%5D%2C%5B0.5%2C0%5D%2C%5B0.75%2C0%5D%2C%5B1%2C0%5D%2C%5B1%2C0.25%5D%2C%5B1%2C0.5%5D%2C%5B1%2C0.75%5D%2C%5B1%2C1%5D%2C%5B0.75%2C1%5D%2C%5B0.5%2C1%5D%2C%5B0.25%2C1%5D%2C%5B0%2C1%5D%2C%5B0%2C0.75%5D%2C%5B0%2C0.5%5D%2C%5B0%2C0.25%5D%5D%3BoutlineConnect%3D0%3BgradientColor%3Dnone%3Bhtml%3D1%3BwhiteSpace%3Dwrap%3BfontSize%3D12%3BfontStyle%3D0%3Bcontainer%3D1%3BpointerEvents%3D0%3Bcollapsible%3D0%3BrecursiveResize%3D0%3Bshape%3Dmxgraph.aws4.group%3BgrIcon%3Dmxgraph.aws4.group_vpc%3BstrokeColor%3D%23248814%3BfillColor%3Dnone%3BverticalAlign%3Dtop%3Balign%3Dleft%3BspacingLeft%3D30%3BfontColor%3D%23AAB7B8%3Bdashed%3D0%3B%22%20vertex%3D%221%22%20parent%3D%222%22%3E%3CmxGeometry%20x%3D%2260%22%20y%3D%2270%22%20width%3D%22160%22%20height%3D%22250%22%20as%3D%22geometry%22%2F%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%224%22%20value%3D%22Private%20subnet%22%20style%3D%22points%3D%5B%5B0%2C0%5D%2C%5B0.25%2C0%5D%2C%5B0.5%2C0%5D%2C%5B0.75%2C0%5D%2C%5B1%2C0%5D%2C%5B1%2C0.25%5D%2C%5B1%2C0.5%5D%2C%5B1%2C0.75%5D%2C%5B1%2C1%5D%2C%5B0.75%2C1%5D%2C%5B0.5%2C1%5D%2C%5B0.25%2C1%5D%2C%5B0%2C1%5D%2C%5B0%2C0.75%5D%2C%5B0%2C0.5%5D%2C%5B0%2C0.25%5D%5D%3BoutlineConnect%3D0%3BgradientColor%3Dnone%3Bhtml%3D1%3BwhiteSpace%3Dwrap%3BfontSize%3D12%3BfontStyle%3D0%3Bcontainer%3D1%3BpointerEvents%3D0%3Bcollapsible%3D0%3BrecursiveResize%3D0%3Bshape%3Dmxgraph.aws4.group%3BgrIcon%3Dmxgraph.aws4.group_security_group%3BgrStroke%3D0%3BstrokeColor%3D%23147EBA%3BfillColor%3D%23E6F2F8%3BverticalAlign%3Dtop%3Balign%3Dleft%3BspacingLeft%3D30%3BfontColor%3D%23147EBA%3Bdashed%3D0%3B%22%20vertex%3D%221%22%20parent%3D%223%22%3E%3CmxGeometry%20x%3D%2215%22%20y%3D%2260%22%20width%3D%22130%22%20height%3D%22130%22%20as%3D%22geometry%22%2F%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%225%22%20value%3D%22%22%20style%3D%22outlineConnect%3D0%3Bdashed%3D0%3BverticalLabelPosition%3Dbottom%3BverticalAlign%3Dtop%3Balign%3Dcenter%3Bhtml%3D1%3Bshape%3Dmxgraph.aws3.instances%3BfillColor%3D%23F58534%3BgradientColor%3Dnone%3BfontColor%3D%23FFFFFF%3BstrokeColor%3D%23FFFFFF%3B%22%20vertex%3D%221%22%20parent%3D%224%22%3E%3CmxGeometry%20x%3D%2235%22%20y%3D%2238%22%20width%3D%2260%22%20height%3D%2263%22%20as%3D%22geometry%22%2F%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%226%22%20value%3D%22%26lt%3Bfont%20color%3D%26quot%3B%23ffffff%26quot%3B%26gt%3BVPC%20B%26amp%3Bnbsp%3B%26lt%3B%2Ffont%26gt%3B%22%20style%3D%22points%3D%5B%5B0%2C0%5D%2C%5B0.25%2C0%5D%2C%5B0.5%2C0%5D%2C%5B0.75%2C0%5D%2C%5B1%2C0%5D%2C%5B1%2C0.25%5D%2C%5B1%2C0.5%5D%2C%5B1%2C0.75%5D%2C%5B1%2C1%5D%2C%5B0.75%2C1%5D%2C%5B0.5%2C1%5D%2C%5B0.25%2C1%5D%2C%5B0%2C1%5D%2C%5B0%2C0.75%5D%2C%5B0%2C0.5%5D%2C%5B0%2C0.25%5D%5D%3BoutlineConnect%3D0%3BgradientColor%3Dnone%3Bhtml%3D1%3BwhiteSpace%3Dwrap%3BfontSize%3D12%3BfontStyle%3D0%3Bcontainer%3D1%3BpointerEvents%3D0%3Bcollapsible%3D0%3BrecursiveResize%3D0%3Bshape%3Dmxgraph.aws4.group%3BgrIcon%3Dmxgraph.aws4.group_vpc%3BstrokeColor%3D%23248814%3BfillColor%3Dnone%3BverticalAlign%3Dtop%3Balign%3Dleft%3BspacingLeft%3D30%3BfontColor%3D%23AAB7B8%3Bdashed%3D0%3B%22%20vertex%3D%221%22%20parent%3D%222%22%3E%3CmxGeometry%20x%3D%22410%22%20y%3D%2270%22%20width%3D%22160%22%20height%3D%22250%22%20as%3D%22geometry%22%2F%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%227%22%20value%3D%22%22%20style%3D%22outlineConnect%3D0%3Bdashed%3D0%3BverticalLabelPosition%3Dbottom%3BverticalAlign%3Dtop%3Balign%3Dcenter%3Bhtml%3D1%3Bshape%3Dmxgraph.aws3.instances%3BfillColor%3D%23F58534%3BgradientColor%3Dnone%3BfontColor%3D%23FFFFFF%3BstrokeColor%3D%23FFFFFF%3B%22%20vertex%3D%221%22%20parent%3D%226%22%3E%3CmxGeometry%20x%3D%2250%22%20y%3D%2278.5%22%20width%3D%2260%22%20height%3D%2263%22%20as%3D%22geometry%22%2F%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%228%22%20value%3D%22Private%20subnet%22%20style%3D%22points%3D%5B%5B0%2C0%5D%2C%5B0.25%2C0%5D%2C%5B0.5%2C0%5D%2C%5B0.75%2C0%5D%2C%5B1%2C0%5D%2C%5B1%2C0.25%5D%2C%5B1%2C0.5%5D%2C%5B1%2C0.75%5D%2C%5B1%2C1%5D%2C%5B0.75%2C1%5D%2C%5B0.5%2C1%5D%2C%5B0.25%2C1%5D%2C%5B0%2C1%5D%2C%5B0%2C0.75%5D%2C%5B0%2C0.5%5D%2C%5B0%2C0.25%5D%5D%3BoutlineConnect%3D0%3BgradientColor%3Dnone%3Bhtml%3D1%3BwhiteSpace%3Dwrap%3BfontSize%3D12%3BfontStyle%3D0%3Bcontainer%3D1%3BpointerEvents%3D0%3Bcollapsible%3D0%3BrecursiveResize%3D0%3Bshape%3Dmxgraph.aws4.group%3BgrIcon%3Dmxgraph.aws4.group_security_group%3BgrStroke%3D0%3BstrokeColor%3D%23147EBA%3BfillColor%3D%23E6F2F8%3BverticalAlign%3Dtop%3Balign%3Dleft%3BspacingLeft%3D30%3BfontColor%3D%23147EBA%3Bdashed%3D0%3B%22%20vertex%3D%221%22%20parent%3D%226%22%3E%3CmxGeometry%20x%3D%2215%22%20y%3D%2260%22%20width%3D%22130%22%20height%3D%22130%22%20as%3D%22geometry%22%2F%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%229%22%20value%3D%22%22%20style%3D%22outlineConnect%3D0%3Bdashed%3D0%3BverticalLabelPosition%3Dbottom%3BverticalAlign%3Dtop%3Balign%3Dcenter%3Bhtml%3D1%3Bshape%3Dmxgraph.aws3.instances%3BfillColor%3D%23F58534%3BgradientColor%3Dnone%3BfontColor%3D%23FFFFFF%3BstrokeColor%3D%23FFFFFF%3B%22%20vertex%3D%221%22%20parent%3D%228%22%3E%3CmxGeometry%20x%3D%2235%22%20y%3D%2238%22%20width%3D%2260%22%20height%3D%2263%22%20as%3D%22geometry%22%2F%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%2210%22%20value%3D%22%22%20style%3D%22outlineConnect%3D0%3Bdashed%3D0%3BverticalLabelPosition%3Dbottom%3BverticalAlign%3Dtop%3Balign%3Dcenter%3Bhtml%3D1%3Bshape%3Dmxgraph.aws3.vpc_peering%3BfillColor%3D%23F58534%3BgradientColor%3Dnone%3BfontColor%3D%23FFFFFF%3BstrokeColor%3D%23FFFFFF%3B%22%20vertex%3D%221%22%20parent%3D%222%22%3E%3CmxGeometry%20x%3D%22275.5%22%20y%3D%22159%22%20width%3D%2269%22%20height%3D%2272%22%20as%3D%22geometry%22%2F%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%2211%22%20value%3D%22%22%20style%3D%22endArrow%3Dclassic%3BstartArrow%3Dclassic%3Bhtml%3D1%3Brounded%3D0%3BfontColor%3D%23FFFFFF%3B%22%20edge%3D%221%22%20parent%3D%222%22%20source%3D%223%22%3E%3CmxGeometry%20width%3D%2250%22%20height%3D%2250%22%20relative%3D%221%22%20as%3D%22geometry%22%3E%3CmxPoint%20x%3D%22260%22%20y%3D%22220%22%20as%3D%22sourcePoint%22%2F%3E%3CmxPoint%20x%3D%22280%22%20y%3D%22195%22%20as%3D%22targetPoint%22%2F%3E%3C%2FmxGeometry%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%2212%22%20value%3D%22%22%20style%3D%22endArrow%3Dclassic%3BstartArrow%3Dclassic%3Bhtml%3D1%3Brounded%3D0%3BfontColor%3D%23FFFFFF%3B%22%20edge%3D%221%22%20parent%3D%222%22%3E%3CmxGeometry%20width%3D%2250%22%20height%3D%2250%22%20relative%3D%221%22%20as%3D%22geometry%22%3E%3CmxPoint%20x%3D%22344.5%22%20y%3D%22194.5%22%20as%3D%22sourcePoint%22%2F%3E%3CmxPoint%20x%3D%22404.5%22%20y%3D%22194.5%22%20as%3D%22targetPoint%22%2F%3E%3C%2FmxGeometry%3E%3C%2FmxCell%3E%3CmxCell%20id%3D%2213%22%20value%3D%22Peering%20Connection%22%20style%3D%22text%3Bhtml%3D1%3BstrokeColor%3Dnone%3BfillColor%3Dnone%3Balign%3Dcenter%3BverticalAlign%3Dmiddle%3BwhiteSpace%3Dwrap%3Brounded%3D0%3BfontColor%3D%23FFFFFF%3B%22%20vertex%3D%221%22%20parent%3D%222%22%3E%3CmxGeometry%20x%3D%22280%22%20y%3D%22240%22%20width%3D%2260%22%20height%3D%2230%22%20as%3D%22geometry%22%2F%3E%3C%2FmxCell%3E%3C%2Froot%3E%3C%2FmxGraphModel%

Comments

Post a Comment

Popular posts from this blog

Multi-Tier Architecture in AWS with Best Practices.

Image
 Hi! This is my very first blog on Amazon Web Services, the team creating an  ocean of services, to whose beach party; innovation, business transformation and sustainability in technology and many more are most welcomed. I am currently working as an AWS Cloud Engineer and I am glad to say that building business workloads on AWS is one of my passion. Fundamentals are very important for any project to be successful. So, I thought I will take a basic yet very important topic and share my knowledge and opinions about it. Grab a coffee and sit back, you are about to take a multi-informational tour. Multi-Tier Architecture in AWS with Best Practices. In multi-tier architecture, there can be, Two layers comprising of Application tier and Database tier. Three layers comprising of Web tier, Application tier and Database tier. Four layers comprising of Web Tier, Application Tier, Proxy Tier and  Database Tier. I will be talking about the components, end-to-end function and how faul...
Read more

Multi-VPC connectivity, AWS network infrastructure.(Part-2)

Image
 Hi! This blog is the continuation of part-1, which is about the multi-VPC networking infrastructure. If you have not checked it out, click on the link below  Multi-VPC connectivity, AWS network infrastructure.(Part-1) :  https://cloudcentralblogs.blogspot.com/2022/05/multi-vpc-connectivity-aws-network.html So lets get into it, shall we? VPC to VPC connectivity AWS PrivateLink Source of above picture: AWS documentation This service can be used to route traffic between different VPCs and access AWS services on a private network using VPC endpoint, as shown in the above figure. The consumer and the service are not required to be in the same VPC. If the VPC is different, the consumer and service provider VPCs can have overlapping IP address ranges. So this a good option when client and servers in the two VPCs have overlapping IP addresses, as the endpoint configuration in consumer VPC leads to the creation of an ENI in the subnet with a private IP address that...
Read more