[SAA + SAP] 26. VPC - 2

Direct Connect (DX)

  • Provides a dedicated private connection from a remote network to your VPC
  • Dedicated connection must be setup between your DC and AWS Direct connection locations
  • You need to setup a Virtual Private Gateway on your VPC
  • Access public resources (S3) and private (EC2) on same connection
  • Use cases:
    • Increase banwidth throughput - working with large data sets. - lower cost
    • More consistent network experience - applications using real-time data feeds
    • Hybrid Env (on prem + cloud)
  • Supports both IPv4 and IPv6

  • Between Corporate data center and VPC, there are AWS Direct connect location
  • Setup Private virtual interface connection between Corporate data center and AWS DC location
  • Public virtual interface for S3 connection

  • To connect multi VPC in different region
  • Direct Connect Gateway

  • Data is not encrypted
  • But can setup VPN for extra security

 

  • Because all IPv6 are public
  • Egree only Internet gateway only for IPv6
  • Only allow Out, but NOT in

  • Connect to multi Customer networks
  • Works with VPC only
  • Goes to public network

  • Option1: everything goes into public, not good
  • Option2: create many perring relations, open for the whole netowrk (all EC2 in one VPC become accessible to other appliation in VPC)

  • Need NLB and ENI

  • Point NLB to ALB

  • IP Multicast, only service support IP multicase is Transit gateway

  • Transit gateway, increate 2.5 Gbps/connection

  • Direct Connect Gateway to connect Transit Gateway

  • IPv4 cannot be disabled

  • If you are not able to access your EC2 instances
  • Then it might be because there is no available IPv4 in your subnet

 

  • Support Weighting

  • DC willl be the main route
  • VPN as failover

 

Answer: C,F,H

 

A: No such thing "enhancned peering"

B: Problem is slower but not "Not able to connect"

C: Correct

D: "Not able to connect"

E: No limit for Internet Gateway bandwidth, wrong

F: If routing all the way to the corporate network, not VPC peer network, then it will be limited by corporate network speed, possible to be slow

G: Not able to connect

H: Jubo Frames can slow down traffic

 

eCommerce site, which might relate to shopping cart, then it is related to sticky session.

Route 53-Multi-value, it does help with load balancing, but it might cause problem with sticky session.

CloudFront doesn't help to distribute traffic.

ALB is good answer since we need sticky session.

 

 

 

 

posted @ 2021-08-15 21:25  Zhentiw  阅读(116)  评论(0编辑  收藏  举报