Flow with respect to Networks in AWS

-

Flow with respect to Networks in AWS which need to be clear to expose any application on AWS and having some of services in on-premises. I will compare AWS services with on-prem technology, so it become ease to understand.


                                                          Building Block of AWS Networking


VPC: Consider it as a switch place in multiple Data center and all switches are connected with each other we can further have small subnets on it which can be part of all switches or only one depend upon the planning and requirements.
Route Tables: Each subnet we create in VPC can have each route table or all subnets have one, Route table is used to control the routing of subnets and how traffic will be routed for any workload on the subnets. Route table can be attached to few other services of AWS as per requirements.
NAT Gateway: It's a service which can translate a private IP to the public and only working for egress traffic (yes NAT session will be maintain for it) But it cannot be used as ingress to convert public IP to private. We use it when we have a private subnet which only have private IPs on it and use NAT GW for reaching internet.
Internet Gateway: It's a service which is connected with Internet, and we route our all-internet traffic towards it.
Customer Gateway: To define on-prem DC Firewall or any network device with which we want to create IPSEC tunnel and have a public IP we create a customer gateway for that and later on use it for IPSEC tunnel between AWS and on-prem/any other site.
IPSEC Tunnel: A site-to-site tunnel which can use IKEv1 and IKEv2 with all required configuration for phase1 and phase2, one important point is here that AWS only support single SA at a time so plan well.
ALB: As we have Application load balancer its same as that we can use AWS ALB service to off-load SSL(HTTPs) or HTTP and then balance the traffic among multiple EC2 instance or any cloud native solution manage by you or AWS like EKS.
WAF: As we have Web application firewall solution, we can use AWS WAF for the same and it can provide as control over Layer 7, and we can control how user can user our application/website and we can also implement OWASP rules by just few clicks.

These are few important concepts of AWS which can really help to understand the networking in AWS and how its work. Hope so this will help to clear some of public cloud concepts.

Raja Shajeel Ahmad
Enterprise DC Engineer
Happy Learning
The limit is the sky.
#AWS#NetworkSpecilality#HappyLearning

Comments

Mubashir said…
This comment has been removed by the author.
June 29, 2024 at 6:56 PM
Anonymous said…
what is ALB
June 29, 2024 at 6:56 PM
Anonymous said…
what is ALB
June 29, 2024 at 6:57 PM
Anonymous said…
what is ALB
June 29, 2024 at 6:58 PM
Anonymous said…
Application load balancer.
June 29, 2024 at 7:21 PM
Post a Comment

Popular posts from this blog

Important concepts in ACI Physical/Access polices Concepts

-
Image
I know Cisco ACI has been around for a long time. The first time I got into it was in 2021. It was not that hard to relate the legacy concepts with ACI but doing a job via CLI and doing it via GUI have a lot of differences. In this particular blog, I will discuss the key concepts without explaining the ACI core components like leaf switches, spine switches, and APIC. Cisco ACI is a policy-driven solution in which everything has an object assigned to it, and you need to connect all those dots to make your network work. In a legacy network, we have devices like bare metal servers, L2 switches, L3 switches, routers, and firewalls. We connect the networks using different protocols to make our network work, but sometimes there are physical requirements that need to be fulfilled to get the required topology. In Cisco ACI, we have all these kinds of devices, and they are connected to our fabric. However, in ACI, we have a term called "domains," which include four different types: Ph...
Read more

1 sec and Team work Story

-
Image
 I n the world of IT, a single second can be the difference between success and failure. Recently, I experienced this firsthand when a 1-second delay caused a critical application flow to shut down. Through intense troubleshooting, collaboration, and respect for diverse opinions, we identified and resolved the issue. This experience taught me the importance of: - Active listening among all stakeholders - Exploring all options and possibilities - Embracing the value of diverse perspectives - The power of collaboration and teamwork - The crucial role of TCP dumps in troubleshooting In IT, every problem requires a unique solution, and collaboration is key to finding it. Delay we Observe at Client end server end had no delay though Raja Shajeel Ahmad Enterprise DC Engineer Happy Learning The limit is the sky. #TeamWork#TCPDump#HappyLearning
Read more