There's more...

Actually, there's a lot more. Despite the amount of code in this recipe, we've really only covered the basics of what's possible with VPCs and networking in AWS. Here are some of the main VPC topics you'll encounter as you progress with your VPC usage:

  • Direct Connect is a method of connecting DC to your VPC using a private, dedicated pipe. Doing this often provides better network performance, and may also be cheaper than a VPN connection over the internet.
  • You can configure your VPC to connect to your corporate DC over the internet via VPN. This requires that you run supported VPN hardware in your DC.
  • IPv6 is an advanced option that greatly expands the number of available addresses. We've left it out to keep things simple.
  • The VPC endpoints feature exposes AWS endpoints inside your VPC so that you don't have to route traffic over the public internet to consume them. 
  • In VPC peering, you can peer a VPC to one or more VPCs so that (unencrypted) traffic can flow between them. The IP ranges must not clash and, while the peering is free, you will still need to pay for traffic between VPCs. Transitive peering isn't supported, so if you need the traffic to traverse VPCs, you'll require a VPN/routing appliance of some kind. Alternatively, you can use the Transit Gateway service.
  • VPC sizing:
    • For IPv4, you can deploy networks between sizes /28 and /16.
    • For IPv6, your VPCs will be fixed in size at /56.
    • A VPC can be resized after creation.
  • Regarding VPC flow logs, you will want to enable VPC flow logs in order to monitor traffic and do any kind of network debugging.
  • Multicast traffic isn't supported.
  • Subnets must reside in a single AZ; they can't span AZs.
  • Elastic load balancers (ELBs) can scale out to use a lot of private IP addresses if you are sending a large amount of traffic through them. Keep this in mind when you're sizing your subnets.
  • The number of VPCs you can deploy is limited to five per region, per account. You can request to increase this limit if necessary. Internet gateways have the same limit, and increasing one limit increases the other.
  • The default VPC:
    • First and foremost, the default VPC is created automatically for you when you create your account. It has some different properties and behaviors to the VPCs you create for yourself.
    • If you try to launch an EC2 instance without specifying a subnet ID, AWS will attempt to launch it in your default VPC.
    • It consists of only public subnets. These subnets are configured to provide a public IP address to all instances by default.
    • It's possible to delete the default VPC in a region.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset