Networking & Content Delivery

Category: Elastic Load Balancing

Dual-stack IPv6 architectures for AWS and hybrid networks – Part 2

In part one of our series on IPv6 for AWS and hybrid network architectures, we explored some of the most common dual stack designs: dual stack Amazon Virtual Private Cloud (Amazon VPC) and Amazon Elastic Compute Cloud (Amazon EC2) instances, Internet connectivity, Internet-facing Network Load Balancer and Application Load Balancer deployments, as well as VPC […]

Read More

Introduction to Traffic Mirroring to GWLB Endpoints as Target

Network architects need the ability to gain insights into real-time traffic between different resources within their VPCs. Since the announcement of VPC Traffic Mirroring in 2019, the VPC feature has provided this by copying network traffic from elastic networking interfaces (ENIs) on customer’s instances as source, and then sending the traffic to a destination target […]

Read More

AWS Networking and Content Delivery Recap of re:Invent 2021

Happy 2022 AWS Networking & Content Delivery enthusiasts! In December 2021, AWS hosted its 10th annual re:Invent conference. The Networking & Content Delivery team had 14 unique breakout sessions that were recorded and can be found on this playlist. In addition to these sessions, the Networking team had a leadership session presented by David Brown, […]

Read More

Implement a central ingress Application Load Balancer supporting private Amazon Elastic Kubernetes Service VPCs

Introduction Many organizations deploy Amazon Elastic Kubernetes Service (Amazon EKS) clusters into Amazon Virtual Private Cloud (VPC) environments with direct access to the internet and to other VPCs. Connectivity between the VPC hosting the Amazon EKS cluster and other VPCs is typically created using routed networking services, such as VPC Peering or AWS Transit Gateway. […]

Read More

Design your firewall deployment for Internet ingress traffic flows

Introduction Exposing Internet-facing applications requires careful consideration of what security controls are needed to protect against external threats and unwanted access. These security controls can vary depending on the type of application, size of the environment, operational constraints, or required inspection depth. For some scenarios, running Network Access Control Lists (NACL) and Security Groups (SG) […]

Read More

Target Group Load Shedding for Application Load Balancer

Load Shedding Load shedding is the practice of sacrificing enough application traffic to keep partial availability in the presence of an overload condition. Used in conjunction with strategies like load balancing, load shedding helps applications support service level agreements (SLAs) when increased traffic overwhelms available system resources. While the cloud’s elasticity reduces the need for […]

Read More

Application Load Balancer-type Target Group for Network Load Balancer

Application Load Balancer (ALB) is a fully managed layer 7 load balancing service that load balances incoming traffic across multiple targets, such as Amazon EC2 instances. ALB supports advanced request routing features based on parameters like HTTP headers and methods, query string, host and path based routing. ALB also offloads important capabilities including TLS termination, […]

Read More

Building an Open Source IDS IPS service for Gateway Load Balancer

The Gateway Load Balancer (GWLB) service launched with support from the partner network. These partners provide networking appliances that enable customers to perform varying levels of packet inspection on flows that pass through them, taking action as necessary and as defined within their configuration. For a list of partners that support GWLB, refer to the […]

Read More

Scale traffic using multiple Interface Endpoints

Introduction: AWS PrivateLink is a networking service that is used to connect to AWS services, your internal services, and third-party Software as a Service (SaaS) services–all over the private, secure, and scalable AWS network. AWS PrivateLink has two sides to it: Service provider: Responsible for offering the service. The service provider creates an Amazon Virtual […]

Read More

Using AWS Lambda to enable static IP addresses for Application Load Balancers

Update: On September 27th, 2021, we launched Application Load Balancer(ALB)-type target groups for Network Load Balancer (NLB). With this launch, you can register ALB as a target of NLB to forward traffic from NLB to ALB without needing to actively manage ALB IP address changes through Lambda. You can also use AWS Global Accelerator to […]

Read More