AWS VPC Notes

I would like to recommend IP explained before reading this.

How the internet is working

This is an introduction only 1. Take the name of the services and convert to physical locations on the internet.

URL

For example, http://ojitha.blogspot.com need to be read from right to the left. Is this case com in the domain and blog spot is the subdomain. There are 13 root services configured in these recursive servers such as .net.

The Anycast address is a simple IP address that represents a bunch of servers appear on same Ip address. you can find all the server addresses in the http://iana.org, but to find the locations of root servers visit http://root-servers.org,

If the domain doesn't exist, then resolve to NxDOMAIN in the authoritative server which will be cashed: this is called negative cache. The edge providers, content providers, provide recursive servers, transit providers, and public institutions.

Internet Exchange point

These are the most invisible part of the Internet. members can connect each other directly or peer throng the route servers, where traffic goes through the fabric.

AWS VCP

  • logically isolated
  • independent network no access to internet
  • Each region come with default VPC per account for region.
  • Limited to single region
  • Within the region all the availability zones can be used.
  • maximum for a region 5 VPCS
  • maximum of 200 subnets for a region
  • subnet created only for particular availability zone within the region.
  • When creating subnets, subnet range should be subset of the VPC IP range.
  • For each subnet, AWS keep 5 IP addresses.

Here the subnet calculator http://www.subnet-calculator.com

AWS reserves first 4 and last Ip address :
For VPC range 10.1.0.0/16 for the subnet 10.1.1.0./24 following addresses are a guinea by AWS:

  1. 10.1.0.0
  2. 10.1.0.1 (router)
  3. 10.1.0.2
  4. 10.1.0.3
  5. 10.1.0.255 ( Broadcast)

Subnet high availability can be gain as follows.. For example classic three the application

  1. Public tier with load balancing and proxy
  2. Application tier
  3. Database tier

then can achieve the following architectural attributes:

  • Isolation
  • High availability
  • Fault-Tolerance

Routing

Routing is communication channel between some network or different networks. Basically traffic can µw one place to another within the period of time. Route table will be created automatically when VPC is created, even communication channel not created yet.

Every VPC has to have at least one route table that is default route table: main route table. Default route table is important because if you create a new subnet, it falls to default router table automatically. Router can be used to connect to internet, another VPC or a VPN.

There are 6 things to access Internet

  1. Internet gateway
  2. Attach the IGW to the VPC
  3. Route table
  4. Route 0.0.0.0/0 → IGW
  5. Associate route table with Subnet
  6. Assign public IP

As a best practice keep the main route table private because, when new subnet created the default to this table.

Auto assign public IP v4

  • from Amazon pool
  • these are transient because when you terminate FC2 and restart again new IP v4 will be allocated.
  • can inherit from the subnet

Elastic IP

  • Allocated from Amazon pool.
  • static
  • re-assignable instance to instance.

Network address translation: (NAT) public IP address is mapped to the private address of the EC2 instance.

IPv6

  • all public.
  • Range is decide by the Amazon. (IPv6.::/56)

NAT Gateway

Test
Egress communication is only EC2 can access the internet but none from Internet side can access the EC2: One way communication.

Egress Internet Gateway

For the IPv6, need to create Egress internet gateway only. No need of NAT.

Access Amazon services

If your EC2 hosted application need to access the AWS managed services:

  • Mainly NAT Gateway (public IPs)
  • Only S3 and DynamoDB has VPC endpoints provided.

These are the notes created from the video tutorial2. This is one of the best in the market. I would like to recommend this for AWS beginners.


  1. How the Internet Really Works, by RUSS WHITE: O'REILLY, 2018. 

  2. Networking in Amazon Web Services AWS LiveLessons, by Richard A Jones Publisher: Addison-Wesley Professional, Release Date: December 2017, ISBN: 013485084X 

Comments

Popular posts from this blog

How To: GitHub projects in Spring Tool Suite

Spring 3 Part 7: Spring with Databases

Parse the namespace based XML using Python