Sidebar

Amazon Web Services Networking

Home » Webinars » Cloud Computing and Networking » Amazon Web Services Networking

This webinar will help demystify the networking aspects of Amazon Web Services. We'll start with the high-level concepts, cover security aspects, and conclude with inter-VPC routing and hybrid cloud implementations.

Last modified on 2020-01-16 (release notes)

ARF PDF MP4 ZIP

37:27 AWS Concepts

We'll start with high-level concepts:

  • What AWS services are relevant to a networking engineer?
  • What are regions and availability zones?
  • How do you implement high availability in AWS environment?
AWS Services and Components 11:03 2019-05-25
Regions and Availability Zones 10:14 2019-05-25
High Availability in AWS 16:10 2019-05-25

New AWS Features

AWS Outposts

Examples

VPC Scenarios and Examples

28:29 Virtual Private Cloud (VPC)

Virtual Private Cloud (VPC) service is the foundation of AWS networking. This section describes VPC concepts, subnets within VPCs, and VPC/subnet addressing.

Virtual Private Cloud 10:43 2019-05-25
VPC Subnets 5:03 2019-05-25
VPC and Subnet Addressing 12:43 2019-05-25

New AWS Features

AWS VPC can be shared across AWS accounts
IP Multicast implemented in Transit Gateway

Examples

User Guide: Working with VPCs
Testing IP Multicast in AWS by Thomas Edwards

36:48 Interfaces and Addresses

Subnets are useless without servers connected to them. In this section we'll focus on AWS implementation of VM network interfaces, network interface addressing, and supporting services like DNS and DHCP.

The section also covers advanced concepts like public and private IP addresses, elastic IP addresses, and elastic network interfaces.

Network Interfaces 7:45 2019-05-25
Interface Addressing 11:53 2019-05-25
DNS and DHCP 4:03 2019-05-25
Sample Deployments 13:07 2019-06-14

Examples

Working with IP Addresses
Working with IP Addresses for Your EC2 Instance
Working with Network Interfaces
Working with Elastic IP Addresses
Viewing DNS Hostnames for Your EC2 Instance
Working with DHCP Option Sets

39:59 Network Security

AWS offeres several layers of network security:

  • Stateful security groups applied to VM interfaces;
  • Stateless network ACLs applied to subnets;
  • Validation of source and destination IP addresses.

All these mechanisms (and the logging functionality available with flow logs) are described in this section.

Network Security 11:19 2019-06-14
Security Groups 12:53 2019-06-14
Network ACLs 8:41 2019-06-14
VPC Flow Logs 2:45 2019-06-14
Security Summary 4:21 2019-06-14

Examples

Working with Security Groups
Working with Network ACLs
Example: Controlling Access to Instances in a Subnet
Working with Flow Logs

23:07 Route Tables

VPC Route Tables are almost like VRFs with a few significant differences:

  • Route tables are applied to subnets;
  • All route tables share the entry for local VPC CIDR block.

This section describes the route tables and details of packet forwarding within VPC.

Route Tables Overview 9:12 2019-06-14
Working with Route Tables 7:47 2019-06-14
VPC Forwarding Behind the Scenes 6:08 2019-06-14

New AWS Features

Ingress VPC Routing

Examples

Working with Route Tables

13:46 Internet Connectivity

VPC Internet connectivity is usually provided through an Internet gateway. IPv6 hosts that don't provide services to outside clients can use egress-only gateway; similar IPv4 hosts can access Internet through NAT gateway or NAT instance.

This section describes all three mechanisms, and the adjustments to route tables that have to be made to support them.

Internet Connectivity 7:29 2019-12-11
NAT Gateways and Instances 6:17 2019-06-14

New AWS Features

Bring Your Own IP Addresses
Ingress VPC Routing

Examples

Creating a VPC with an Internet Gateway
Working with Egress-Only Internet Gateways
Working with NAT Gateways

1:07:56 External Connectivity

This section describes other external connectivity options available in AWS VPC - IPsec VPN connections, router-to-router VLAN connections (Direct Connect), inter-VPC peering, and Transit Gateways.

VPN Connectivity 19:55 2019-06-17
Direct Connect 20:30 2019-06-14
VPC Peering 9:43 2019-06-14
Transit Gateway 17:48 2019-06-14

More Information

Building a Scalable and Secure Multi-VPC Network Infrastructure
AWS Transit Gateway and Multi-VPC Design Options for Hybrid Cloud Architecture

New AWS Features

AWS Site-to-Site VPN supports IKEv2
Multi-account support for Direct Connect gateway
AWS Private Link supports VPC peering
AWS Transit Gateway supports Direct Connect
Inter-region VPC peering with Transit Gateways
AWS Transit Gateway Network Manager
VPN connections using AWS Global Accelerator

Examples

Site-to-Site VPN Single and Multiple Connection Examples
VPC Peering Scenarios
Working with VPC Peering Connections
Getting Started with AWS Direct Connect
Working with Transit Gateways

54:39 Load Balancing

AWS provides a variety of load balancing mechanisms, from local L4 load balancing (Network Load Balancing) and HTTP load balancing to global load balancing with DNS and anycast IP addresses.

Elastic Load Balancing 11:46 2019-06-14
Network Load Balancer 10:10 2019-06-14
Application Load Balancer 6:33 2019-06-14
Route 53 and CloudFront 15:42 2019-06-14
Global Accelerator 10:28 2019-06-14

New AWS Features

Network Load Balancer supports cross-zone load balancing
Application Load Balancer supports advanced request routing
CloudFront supports origin failover

Sample Solutions

Building a high available Anycast service using AWS Global Accelerator

Examples

Create an Application Load Balancer
Create a Network Load Balancer
Getting Started with Global Accelerator

1:44:54 Automating AWS Deployments

AWS API has numerous idiosyncrasies: it's a strict Create/Read/Update/Delete API, you need multiple API calls to create an object, objects can be referenced by IDs, but not by names...

This section explains the peculiarities of AWS API, and describes how to use bash scripts, Ansible playbooks, CloudFormation templates, and Terraform configuration files to create, update, or delete anything from a single AWS object to a full-blown application stack.

AWS Automation Principles 20:15 2020-01-16
Creating and Updating a Single Object 21:36 2020-01-16
Example: Create a Single Object with Multiple Automation Tools 13:09 2020-01-16
Creating an Object Hierarchy 20:46 2020-01-16
Using Ansible AWS Modules 12:57 2020-01-16
Example: Use Automation Tools to Create an Object Hierarchy 16:11 2020-01-16

More Information

This section contains links to interesting third-party blog posts, articles or presentations.

Understanding Data Transfer in AWS

5:56 Summary

Summary 5:56 2019-06-14

Slide Deck

Amazon Web Services Networking 30M 2019-12-11
Automating AWS Deployments 12M 2020-01-12
%arc%
%arc%
%arc%
You started this section on %started% Mark completed