Networking & Content Delivery
Category: AWS Transit Gateway
Best Practices to Optimize Failover Times for Overlay Tunnels on AWS Direct Connect
Introduction Optimized failover times in hybrid connectivity are critical for meeting availability Key Performance Indicators (KPIs) in modern enterprise workloads. This is particularly important when implementing overlay tunnels over Amazon Web Services (AWS) Direct Connect, such as AWS Site-to-Site VPN using IPSec tunnels, or Connect Attachments using Generic Routing Encapsulation (GRE) tunnels. Proper configuration can […]
Using CloudWatch Alarms and Lambda to catch exceptional traffic
Have you ever wondered, “Why did I have this sudden increase in network traffic?” AWS Transit Gateway Flow Logs are a great resource for answering this, but running them continuously can incur processing and storage costs that you don’t need. However, if Flow Logs are run on demand, the traffic anomaly may have already passed […]
Using generative AI for building AWS networks
In today’s rapidly evolving cloud landscape, network architects, engineers, and cloud teams need to move faster to design, deploy, and manage complex Amazon Web Services (AWS) networking infrastructure at scale. The emergence of generative AI capabilities, particularly Amazon Bedrock and Amazon Q, offers unprecedented opportunities to transform how we approach these challenges and solve them […]
Performance and metrics enhancements for AWS Transit Gateway and AWS Cloud WAN
In late 2024 we launched several enhancements to AWS Transit Gateway and AWS Cloud WAN services: Path MTU Discovery (PMTUD) support for Transit Gateway and AWS Cloud WAN Appliance Mode Routing Enhancement for improved Availability Zone (AZ) awareness Per-AZ Amazon CloudWatch Metrics AWS Cloud WAN: Service Insertion Operational Enhancement In this post, we explain how […]
Building Resilient IPv6 Network with SD-WANs and AWS Cloud WAN Connect with GRE
In this post we explore how you can use AWS Cloud WAN Connect with Generic Routing Encapsulation (GRE) Tunnels and Multi-protocol BGP (MP-BGP) for Equal Cost Multi-Path (ECMP) routing of IPv6 networks. We also cover route verification and failover testing best practices. Many Amazon Web Services (AWS) users are increasingly adopting IPv6 and Software-Defined Wide […]
Network latency concepts and best practices for a resilient architecture
Network incidents can occur at times that may impact latency in AWS Regions , Availability Zones (AZs), and individual infrastructure components, such as server hardware. Users can also experience more latency because of the introduction of network appliances in their traffic path. This post explains some of the best practices that allow you to identify […]
Analyzing AWS Transit Gateway Data Processing charges with cost allocation tags
Introduction AWS recently announced the general availability of support for cost allocation tags for AWS Transit Gateway. With cost allocation tags, you can tag your AWS resources and see cost breakouts on a per-tag basis. Previously, Transit Gateway supported cost allocation tags for categorizing and allocating Attachment Hours charges only. With this announcement, you can […]
Encrypt DNS queries using DNS-over-HTTPS (DoH) with Amazon Route 53 Resolver Endpoints
Customers frequently use on-premises DNS infrastructure to resolve DNS queries for internal domains. In 2018, we announced Amazon Route 53 Resolver endpoints, which enable customers to integrate Route 53 with their on-premises DNS infrastructure for hybrid DNS resolution. In 2023, we improved this integration by providing customers the ability to encrypt DNS queries and responses […]
Unlock self-service, enterprise-grade VPC capabilities with seamless integrations
Introduction Defining and provisioning standardized virtual private cloud (VPC) patterns across an enterprise poses several challenges for many customers. These challenges include ensuring self-service capabilities, meeting security and compliance requirements, and maintaining adherence to those requirements. Traditionally, when an application team wants to provision a VPC in their workload account, it is requested through a […]
Introducing security group referencing for AWS Transit Gateway
Today, we are introducing support for security group referencing on AWS Transit Gateway. This new feature allows you to create inbound security rules that reference security groups defined in other Amazon Virtual Private Clouds (Amazon VPCs) attached to a transit gateway within the same Amazon Web Services (AWS) Region. Outbound security rules referencing over Transit […]