Direct Connect
Introduction
A dedicated private connection from on-premise to AWS (bypass ISP, reduce network cost, increase bandwidth and stability)
Require time (over 1 month) and money to setup
Not redundant by default (must setup a failover DX or VPN)
Feature
Private access to AWS through Direct Connect Virtual Interfaces (VIF)
VIF types:
Public VIF
Connects to public AWS Endpoints (ex. S3)
Private VIF
Connects to resources in a VPC
PS. VPC Endpoint cannot be accessed through Private VIF (doesn't need it)
Transit Virtual Interface
Connects to resources in a VPC with a Transit Gateway
Connection Types
Dedicated Connections: 1 Gbps or 10 Gbps capacity
Physical Ethernet port dedicated to a customer
Request made to AWS first, then completed by AWS Direct Connect Partners
Hosted Connections: 50 Mbps / 500 Mbps, to 10 Gbps
Connection requests are made via AWS Direct Connect Partners
Capacity can be added or removed on demand
No encryption in transit
But can apply VPN IPSec for encryption
BGP dynamic routing (mandatory)
Like GPS navigator, the best route is determined by different factors, such as traffic congestion, roads temporarily closed for maintenance, etc. The path is calculated dynamically depending on the situation of the network nodes.
Direct Connect Link Aggregation Groups (LAG)
Get increased speed and failover by summing up existing Direct Connect connections into a logical one.
Can aggregate up to 4 (active active mode)
Can add connections over time to the LAG
All connections in the LAG must have the same bandwidth
All connections in the LAG must terminate at the same AWS Direct Connect Endpoint
Can set a minimum number of connections for the LAG to funciton
Direct Connect Gateways
Connects to one or more VPCs (same account or corss-account) over a private virtual interface in the same or different Regions.
Last updated
