NotionNext BLOGEnglish Learning
AWS SAA 学习笔记
无麸质饮食记录
09-VPC
type
status
date
slug
summary
tags
category
icon
password
- VPC: Virtual Private Cloud
- virtual data center
- network diagram
- one subnet only exit in one availiablity zone
- cidr: Classless Inter-Domain Routing
- range
- /16 to /28
- 192.168.0.0/24 host/subnet
- build a self VPC
- add vpc
- add subnet
- add internet gateway
- attach to vpc
- add route tables
- add to internet gateway
- add public sublnet to explicit subnet associations
- NAT
- Network Address Translation Gateway
- safely request the outside without export port
- security groups
- Responses to allowed inbound traffic are allowed to flow out, regardless of outbound rules.
- stateful
- network acls
- a subnet can be associated with only 1 network acl at a time
- stateless
- default will allows all traffic
- custom network acls denies all traffic
- use acls to block ips
- rules started at lowest number rule
- vpc endpoints
- like nat gateways
- communicate with internal gateways
- virtual divices
- types
- interface endpoints
- private ip address
- gateway endpoints
- similar to NAT
- can use gateway endpoints to connect to s3 from ec2
- vpc peering
- allow connect 1 vpc with another route using private ip
- private link
- peering vpcs to 10 100 or 1000 of customer vpcs, use this
- requires a network load balancer on the service vpc and an eni on the custmer vpc
- vpc cloudhub
- aggregate from all your different customer sites all over the world
- direct connect
- establish a dedicated network connection from your premises to AWS
- types
- dedicated connection
- hosted connection
- from partner
- direct connect to aws
- useful for high-throughput workloads
- helpful when you need a stable and reliable secure connection
- transit gateway
- can simplify your network topology
- not support vpc peering connection configuration
- 5g networking with aws wavelength
Last update: 2024-04-04