Please enable JavaScript.
Coggle requires JavaScript to display documents.
How to give Private Instance Access To Internet. (Direct Connecct…
How to give Private Instance Access To Internet.
VPC NAT Bottleneck
When too much traffic flow through the NAT on the public network then there is a congestion due to bottleneck
Use the NAT Gateway instead
You can scale up by adding more instance
Choose instance that support advanced network features (use ssriov)
You can scale out by adding NAT and Subnet and offload
Each subnet can route to a single nat
Failover to another
NAT Instance Vs Gateway
NAT Instance
Use script to manage failover between instances
Bandwidth depends on the type of instance
Managed by user
Generic Amazon Linux AMI to perform NAT
Manual port forwarding
Basion Server supported
View Cloud Watch Supported
NAT Gateway
Highly Available. NAT Gateway in each AZ are redundant.
Supports upto 10 Gbps
Managed by Amazon
S/W is optimized to handle NAT traffic
Port Forwarding is not supported
Bastion Server is not supported
No Support for traffic metrics
Endpoint gives access to AWS resource access to other AWS resource throught internal network access rather than going through internet.
VPC Peering:
Connect one VPC to another
There is not transitive peer
VPN Hardware
Give access to multi port access by default from aws side
Direct Connecct
Predictable Performance
Consistent Network Experience
< 1 Gbps though AWS Partner Network
Can be partitioned in multiple virtual interfaces.
Can be used of we have a network service provider and will get a consistent speed depending on the network provider and bandwidth available.
Does not support redundancy out-of-the-box.
Multiple Virtural Interface
Can have public connection to internet (S3/Dynamo DB)and
private connection to VPC so yu
Cloud Hub
Branch Offices -> Corporate Datacenter -> AWS
instead
Branch Offices -> H/W Based(VPN) -> AWS