Presentation is loading. Please wait.

Presentation is loading. Please wait.

Networking in AWS © 2017 Amazon Web Services, Inc. and its affiliates. All rights served. May not be copied, modified, or distributed in whole or in part.

Published byBrendan Bennett Modified over 6 years ago

Similar presentations

Presentation on theme: "Networking in AWS © 2017 Amazon Web Services, Inc. and its affiliates. All rights served. May not be copied, modified, or distributed in whole or in part."— Presentation transcript:

1 Networking in AWS © 2017 Amazon Web Services, Inc. and its affiliates. All rights served. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon Web Services, Inc.

2 Overview AWS networking services including:
VPC – Extend your network into a virtual private cloud EIP – Elastic IP Direct Connect – Physical cross connect into AWS ELB – Managed load balancer service Route53 – Managed DNS service

3 1 Amazon VPC

4 Amazon VPC Virtual network topology that you define
Your own logically isolated section of AWS Complete control of your networking environment IP ranges Subnets Routing tables Gateways Multiple Connectivity Options Advanced Security Features

5 Networking Building Blocks Amazon Virtual Private Cloud (VPC)
Bring your own network Your network goes here © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 Networking Building Blocks Amazon Virtual Private Cloud (VPC)
Bring your own network Create your own subnets VPC Subnet 1 VPC Subnet 2 VPC Subnet ‘n’ © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Networking Building Blocks Amazon Virtual Private Cloud (VPC)
Bring your own network Create your own subnets Configure custom routing rules VPC Subnet 1 VPC Subnet 2 © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 Plan your VPC IP space before creating it
Consider future AWS region expansion Consider future connectivity to corporate networks Consider subnet design VPC can be /16 between and /28 CIDR cannot be modified once created Overlapping IP spaces = future headache Think about what future expansion will do to your IP space If you are only initially deploying to 2 AZs, think about what it will look like with 3. Always have an even distribution of IP space across AZs Subnet design is also very important. I have some customers with very large, dynamic application workloads. In their case, single large subnets with 1000s and 1000s of hosts work best. And I have other customers where many smaller /24 subnets fit their application layers better. But the point is that unlike a physical switching network, you don’t have to worry about things like Spanning Tree Protocol or broadcast limits in VPC. So make sure your subnet space meets your requirements. Don’t Overlap = HEADACHE

9 Network Building Blocks Network Control
9/11/2018 3:05 AM Network Building Blocks Network Control Security Groups Web (HTTP) Security Group Firewall Load Balancer Security Group Firewall 8080 Web Server Web Server Security Group Firewall DB Server Security groups are instance based (instance ENI to be accurate) Security groups are stateful (outbound responses to inbound rules are allowed regardless of other outbound rules) Allow only (whitelist) Evaluative (rules are evaluated as a whole) © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Network Building Blocks Network Control
9/11/2018 3:05 AM Network Building Blocks Network Control Network Access Control Lists NACLs are stateless (need to define in and out) Applied to subnets (one per subnet) Allow & Deny (blacklist) Rules are processed in order (separate rules by 100 so you can add more later) Good for catchall/backstop (no SMTP or telnet ever!) Availability Zone ‘A’ Availability Zone ‘B’ © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Network Building Blocks Network Control
9/11/2018 3:05 AM Network Building Blocks Network Control Routing rules Availability Zone ‘A’ Availability Zone ‘B’ Because of main route table, all instances can route to other instances in VPC Routing tables in a VPC are not for intra-VPC communication, but rather to establish routes outside of the VPC. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Network Building Blocks VPC Gateways
9/11/2018 3:05 AM Network Building Blocks VPC Gateways Virtual Private Gateway (VGW) IPSec VPN One VGW allowed per VPC Customer Network © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 Network Building Blocks AWS Direct Connect
9/11/2018 3:05 AM Network Building Blocks AWS Direct Connect Virtual Private Gateway (VGW) AWS Direct Connect Customer WAN AWS Direct Connect Location VGW is where VPN’s and Direct Connect terminates Customer Network © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 Network Building Blocks VPC Gateways
9/11/2018 3:05 AM Network Building Blocks VPC Gateways Internet Gateway (IGW) Virtual Private Gateway (VGW) One IGW per VPC Customer Network © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Network Building Blocks Connecting to Instances
9/11/2018 3:05 AM Network Building Blocks Connecting to Instances IP Address Reassociating EIPs Elastic IP’s can be reassociated to other instance e.g. instance failure Customer Network © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Network Building Blocks Connecting to Instances
9/11/2018 3:05 AM Network Building Blocks Connecting to Instances Load Balancer Internet Elastic Load Balancing Mid-tier Elastic Load Balancing Customer Network © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 VPC NAT Gateway High availability – built-in redundancy
High bandwidth – up to 10Gbps Fully Managed by AWS Assign an EIP to each NAT Gateway View NAT gateways’ traffic using Flow Logs NAT gateways support TCP, UDP, and ICMP protocols Network ACLs apply to NAT gateway’s traffic CloudTrail Support Private Route Table Destination Target /16 Local /0 IGW Nat Gateway Private Route Table Destination Target /16 Local /0 NGW NAT Gateway is a highly available, high performance NAT service managed by Amazon. Customers can use NAT gateways to provide NAT in a VPC, or use NAT gateways to replace their NAT instances. Pricing: Customers are charged for each "NAT gateway hour" that a gateway is provisioned and available, and for each gigabyte data processed by a NAT gateway. No charge for the EIP on a NAT gateway. Data transfer charge applies as is. References: NAT Gateway documentation: James Hamilton blog: Compare of NAT Gateway and NAT instances:

18 VPC Endpoints: Amazon S3 access without an Internet Gateway
No IGW No NAT No public IPs Free Robust access control Amazon S3 Before VPC endpoints you needed to access s3 through an Internet gateway or perhaps a via your corporate network. Endpoint provides private connectivity between your VPC and S3. S3 is the first service to get an Endpoint more are coming. Robust access control via: 1. Route table association 2. VPCE policy 3. Bucket policy 4. Security groups with prefix list © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 Connecting to other VPCs - VPC peering
/16 /16 /16 VPC Peering Private Route Table Destination Target /16 Local /16 VPC Peer Private Route Table Destination Target /16 Local /16 VPC Peer No Gateways are required for peering to work – this is a completely private and isolated connection between VPCs 1 to 1 and only 1 between any 2 VPCs and IP Space CANNOT overlap between them. VPC Peering connectivity is also controlled via Route Tables referencing the Peering Connection as a target for routes. Like Endpoints, Peering connections are horizontally scaled and highly available. You don’t have to worry about bandwidth over the connection.

20 Default VPCs Default VPC Security of VPC Simplicity and Convenience
Automatically assigned network and subnets Security of VPC Customer may create additional subnets and change routing rules Additional network controls (Security Groups, NACLs, routing) Hardware VPN options between corporate networks Instances in default subnets have Security Group−controlled public and private IPs Brief overview of VPC with pointer to re:Invent VPC sessions and a more in-depth discussion of security groups coming in a couple of slides.

21 IP Addressing Default VPC Virtual Private Cloud Dynamic Private IP
Dynamic or Static Private IP Address Dynamic Public IP None by default (can be created with publicIP=true) Optional Static Public IP (EIP) AWS-provided DNS names Private DNS name Public DNS name AWS-provided public DNS lookup AWS-provided private DNS names Customer-controlled DNS options

22 Recap Create VPC Create Subnets – Across Multiple AZ’s
Configure Route Tables Create Gateways – IGW and VGW (VPC and DX) Configure Security – Security Groups and NACLs Create VPC Endpoints Create NAT Gateway Configure VPC Peering Create Instances

23 2 Direct Connect

24 AWS Direct Connect 1 Gbps or 10 Gbps fiber cross connect
9/11/2018 3:05 AM AWS Direct Connect 1 Gbps or 10 Gbps fiber cross connect 50M, 100M, 200M, 300M, 400M, & 500M available through APN Partners Single VIF per connection through APN Partners. To connect to more than 1 VPC, need additional connections. Consistent Network Performance Lower latency compared to a VPN connection Private connectivity into your VPC Reduced Bandwidth Charges Why does customer need DX? Internet is best effort and has no guarantees in terms of latency, performance so DX is attractive to these customers as it offers lower latency, consistent performance. Also some customers who prefer to run hybrid scenarios may not want to have the VPC exposed to the internet so they might decide to use DX to interconnect their VPC to their internal data center. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 AWS Direct Connect Cont’d
9/11/2018 3:05 AM AWS Direct Connect Cont’d Public & Private VIF available through DX Private VIF allows you to connect to your VPC. Private ASN can be used for BGP Public VIF allows you to connect to Public AWS services like S3, DynamoDB, etc through DX. Public ASN number is required for use with BGP. Site redundancy can be achieved by leveraging two DX cross connect locations. If you have multiple DX connections going to the same DX cross connect location, you can request that to be terminated on separate physical devices (router). © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 AWS Direct Connect Cross-Connect Details
9/11/2018 3:05 AM AWS Direct Connect Cross-Connect Details Decide on an AWS DX location and port size Use AWS Management Console  to create connection request(s) Sends Letter of Authorization – Connecting Facility Assignment (LOA-CFA) via Establish WAN connectivity to DX location* APN Partner or a network carrier of your choice Provide LOA-CFA to an APN Partner or your service provider to establish the connection at the DX location Use AWS Management Console  to configure one or more virtual interfaces AWS DX Locations * Can be done in parallel with remaining steps once the AWS DX location has been selected © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27 3 ELB

28 Elastic Load Balancing
Elastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances. Two Types: Classic & Application Load Balancer

29 Elastic Load Balancing
In-Region Load Balancing Service Distributes traffic across multiple Availability Zones HTTP/S, TCP/S Built-in Health Check Fully fault-tolerant Can span multiple AZs Web Server AZ-3 AZ-2 Region Elastic Load Balancer AZ-1

30 ELB Considerations ELB is a service, but runs on EC2
The IP Addresses will change over time Use CNAME records in DNS or Route 53 “Alias” records Never use an A record SSL is supported Client SSL Termination Backend ELB-to-Server mutual SSL Cross-Zone Load Balancing Sticky sessions Best Practices for Evaluating ELB

31 Classic Load Balancer Features:
High Availability Health Checks Security Features SSL Offloading Sticky Sessions IPv6 Support Layer 4 or 7 Load Balancing Operational Monitoring Logging High Availability - You can distribute incoming traffic across your Amazon EC2 instances in a single Availability Zone or multiple Availability Zones. Health Checks - The Classic Load Balancer can detect the health of Amazon EC2 instances. When it detects unhealthy Amazon EC2 instances, it no longer routes traffic to those instances and spreads the load across the remaining healthy instances. Security Features - When using Virtual Private Cloud (VPC), you can create and manage security groups associated with Classic Load Balancers to provide additional networking and security options. SSL Offloading - Classic Load Balancers support SSL termination, including offloading SSL decryption from application instances, centralized management of SSL certificates, and encryption to back-end instances with optional public key authentication. Sticky Sessions - Classic Load Balancers support the ability to stick user sessions to specific EC2 instances using cookies. Traffic will be routed to the same instances as the user continues to access your application. IPv6 Support - Classic Load Balancers support the use of both the Internet Protocol version 4 and 6 (IPv4 and IPv6). IPv6 support is currently unavailable for use in VPC. Layer 4 or Layer 7 Load Balancing - You can load balance HTTP/HTTPS applications and use layer 7-specific features, such as X-Forwarded and sticky sessions. You can also use strict layer 4 load balancing for applications that rely purely on the TCP protocol. Operational Monitoring - Classic Load Balancer metrics such as request count and request latency are reported by Amazon CloudWatch. Logging - Use the Access Logs feature to record all requests sent to your load balancer, and store the logs in Amazon S3 for later analysis. The logs are useful for diagnosing application failures and analyzing web traffic.

32 Application Load Balancer Features:
Content-Based Routing Containerized Application Support HTTP/2 Support WebSockets Support Layer-7 Load Balancing Delete Protection Request Tracing Web Application Firewall (WAF) Content-Based Routing - If your application is composed of individual services, an Application Load Balancer can route a request to a service based on the content of the request. Containerized Application Support - You can now configure an Application Load Balancer to load balance containers across multiple ports on a single EC2 instance. HTTP/2 Support - HTTP/2 is a new version of the HyperText Transfer Protocol (HTTP) that uses a single, multiplexed connection to allow multiple requests to be sent on the same connection. WebSockets Support - WebSockets allows a server to exchange real-time messages with end-users without the end users having to request (or poll) the server for an update. Layer-7 Load Balancing - You can load balance HTTP/HTTPS applications and use layer 7-specific features, such as X-Forwarded-For headers. Delete Protection - You can enable deletion protection on an Application Load Balancer to prevent it from being accidentally deleted. Request Tracing - The Application Load Balancer injects a new custom identifier “X-Amzn-Trace-Id” HTTP header on all requests coming into the load balancer. Web Application Firewall - You can now use AWS WAF to protect your web applications on your Application Load Balancers.

33 4 Route53

34 9/11/2018 3:05 AM Route53 Route53 is a highly available, scalable cloud-based DNS service Route 53’s SLA is 100% availability per month Route53 features: Latency Based Routing Geo Based Routing Weighted Round Robin DNS Failover Health Checks Private DNS for Amazon VPC Domain Registration Latency Based Routing – Route end-users to the AWS region that provides the lowest possible latency. Geo DNS – Route end-users to a particular endpoint that you specify based on the end user’s geographic location. Weighted Round Robin – Specify the frequency (“weights”) with which different DNS responses are returned to end users. DNS Failover – Route our website visitors to an alternate location to avoid site outages. Health Checks – Monitor the health and performance of your web resources. Private DNS for Amazon VPC - Manage custom domain names for your internal non-public AWS resources © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

35 Route53 Zone Apex integration Private DNS within VPC
9/11/2018 3:05 AM Route53 Zone Apex integration ELB, S3, CloudFront Private DNS within VPC Internal DNS names not exposed to Internet Supports split-horizon DNS Route 53 zone apex (example.com) can be mapped to ELB, S3, and CloudFront © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

36 Global Traffic Management Example:
This is a Global Traffic Management example using weighted round robin to mismatched production environments and DNS failover with health-checks In this diagram we use black to indicate healthy and red to indicate unhealthy Initial state: prod-1 is our main production and it is healthy. We have it weighted to 95 with prod-2 weighted as 5. No traffic goes to the fail whale since things are healthy. We want to run in an active-active configuration for experiment purposes Non-standard ‘primary/secondary’ failover setup and using WRR instead. Any routing policy – Route 53 prunes the unhealthy paths. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

37 Route53 Pricing Dimensions
9/11/2018 3:05 AM Route53 Pricing Dimensions Pay only for managing domains through the service the number of domains the number of queries that the service answers for each of your domains No minimum fees No minimum usage commitments No overage charges © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

38 9/11/2018 3:05 AM Route53 Getting Started Register DNS name with Route 53 or transfer from external registrar Create a Route53 hosted zone AWS Management Console or API Update your domain registrar (if transferred) Provide Route53 name servers associated with your hosted zone Create DNS resource records for your domain © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

39 Any Questions?

Download ppt "Networking in AWS © 2017 Amazon Web Services, Inc. and its affiliates. All rights served. May not be copied, modified, or distributed in whole or in part."

Similar presentations

Application Internet Azure Cloud Internet Azure Cloud LB TDS (tcp) Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, … Load balancer.

Application Internet Azure Cloud Internet Azure Cloud LB TDS (tcp) Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, … Load balancer.
Faith Allington Program Manager Microsoft Corporation Session Code: WSV304.

Faith Allington Program Manager Microsoft Corporation Session Code: WSV304.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Understanding Active Directory

Understanding Active Directory
Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation

Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation
Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.

Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.
Feature: Assign an Item to Multiple Sites © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

Feature: Assign an Item to Multiple Sites © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.
Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.

Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.
Feature: Customer Combiner and Modifier © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.

Feature: Customer Combiner and Modifier © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Sudarshan Yadav Sr. Program Manager, Microsoft

Sudarshan Yadav Sr. Program Manager, Microsoft
Cloud Computing is a Nebulous Subject Or how I learned to love VDF on Amazon.

Cloud Computing is a Nebulous Subject Or how I learned to love VDF on Amazon.
Architecting Enterprise Workloads on AWS Mike Pfeiffer.

Architecting Enterprise Workloads on AWS Mike Pfeiffer.
Understand IPv6 Part 2 LESSON 3.3_B Networking Fundamentals.

Understand IPv6 Part 2 LESSON 3.3_B Networking Fundamentals.
Mastering Azure Connectivity to the Microsoft Cloud

Mastering Azure Connectivity to the Microsoft Cloud
Microsoft Azure networking: Sve što trebate znati

Microsoft Azure networking: Sve što trebate znati
Lab A: Planning an Installation

Lab A: Planning an Installation
Office 365 is cloud-based productivity, hosted by Microsoft.

Office 365 is cloud-based productivity, hosted by Microsoft.
Office 365 SaaS Networking

Office 365 SaaS Networking

Similar presentations

Ads by Google