Static anycast IP addresses
AWS Global Accelerator provides you with static IP addresses that serve as a fixed entry point to your applications hosted in one or more AWS Regions. These IP addresses are anycast from AWS edge locations, so they’re announced from multiple AWS edge locations at the same time. This enables traffic to ingress onto the AWS global network as close to your users as possible. You can associate these addresses to regional AWS resources or endpoints, such as Application Load Balancers, Network Load Balancers, EC2 instances, and Elastic IP addresses. AWS Global Accelerator’s IP addresses serve as the frontend interface of your applications. By using these static IP addresses, you don’t need to make any client-facing changes or update DNS records as you modify or replace endpoints. The addresses are assigned to your accelerator for as long as it exists, even if you disable the accelerator and it no longer accepts or routes traffic.
Fault tolerance using network zones
AWS Global Accelerator has a fault-isolating design that increases the availability of your applications. When you create an accelerator, AWS Global Accelerator allocates two IPv4 static addresses for you that are serviced by independent network zones. Similar to Availability Zones, these network zones are isolated units with their own set of physical infrastructure and service IP addresses from a unique IP subnet. If one IP address from a network zone becomes unavailable, due to network disruptions or IP address blocking by certain client networks, your client applications can retry using the healthy static IP address from the other isolated network zone.
Global performance-based routing
AWS Global Accelerator uses the vast, congestion-free AWS global network to route TCP and UDP traffic to a healthy application endpoint in the closest AWS Region to the user. If there’s an application failure, AWS Global Accelerator provides instant failover to the next best endpoint. You can test the performance benefits from your location with a speed comparison tool.
TCP Termination at the Edge
Normally, a TCP connection is established via a three-way handshake (i.e., three messages) between the client on the internet and the application endpoint in the AWS Region. With TCP termination at the edge, AWS Global Accelerator reduces the initial setup time by establishing a TCP connection between the client and the AWS edge location closest to the client. Almost concurrently, a second TCP connection is made between the edge location and the application endpoint in the AWS Region. Because of this process, the client gets a faster response from the Global Accelerator edge location, and the upstream connection from the edge location to the application endpoint in the Region is optimized to run over the AWS global network.
Bring your own IP (BYOIP)
AWS Global Accelerator allows you to bring your own IP addresses (BYOIP) and use them as a fixed entry point to your application endpoints. You can bring up to two /24 IPv4 address ranges and choose which /32 IP addresses to use when you create your accelerator. If you only bring one /24 IP address range, when you create an accelerator, Global Accelerator will assign a second /32 IP address from the Amazon IP address pool as the other static IP for your accelerator.
Fine-grained traffic control
AWS Global Accelerator gives you the option to dial up or dial down traffic to a specific AWS Region by using traffic dials. For each Region (or endpoint group), you can set a traffic dial to control the percentage of traffic that is directed to that Region. The percentage is applied only to traffic that is already directed to that Region, based on proximity and health of the endpoints. The traffic dial lets you easily do performance testing or blue/green deployment testing for new releases across different AWS Regions, for example. If an endpoint fails, AWS Global Accelerator assigns your user traffic to the other endpoints, to maintain high availability. By default, traffic dials are set to 100% across all endpoint groups so that AWS Global Accelerator can select the best endpoint for your applications.
Continuous availability monitoring
AWS Global Accelerator continuously monitors the health of your application endpoints by using TCP, HTTP, and HTTPS health checks. It instantly reacts to changes in the health or configuration of your endpoints, and redirects user traffic to healthy endpoints that deliver the best performance and availability to your users.
AWS Global Accelerator enables you to build applications that require maintaining state. For stateful applications where you need to consistently route users to the same endpoint, you can choose to direct all requests from a user to the same endpoint, regardless of the port and protocol.
Distributed denial of service (DDoS) resiliency at the edge
By default, AWS Global Accelerator is protected by AWS Shield Standard, which minimizes application downtime and latency from denial of service attacks by using always-on network flow monitoring and automated in-line mitigation. You can also enable AWS Shield Advanced for automated resource-specific enhanced detection and mitigation, as well as 24x7 access to the AWS DDoS Response Team (DRT) for manual mitigations of sophisticated DDoS attacks. AWS Shield Advanced also provides complete visibility into DDoS attacks and DDoS cost protection for scaling. This ensures scalable, reliable, and cost-efficient DDoS protection at the edge for your applications.
Custom routing accelerator
Custom routing accelerators are a new type of accelerator in AWS Global Accelerator. This new accelerator lets you use your own application logic to route user traffic to a specific Amazon EC2 instance destination in a single or multiple AWS Regions. Because the traffic is routed over the AWS global network, you get all the performance improvements of going through Global Accelerator. A custom routing accelerator is an alternative to the standard accelerator, which automatically routes traffic to a healthy endpoint that is nearest to your users. Because standard accelerators are designed to load balance traffic, you can't use them to route users to a specific EC2 instance destination behind your accelerator. Being able to deterministically route traffic is required for some interactive applications such as multi-player gaming, EdTech, social media, and real-time communications.
With a custom routing accelerator, you direct multiple users to a unique port on your accelerator. The accelerator maps each port on your accelerator to a specific destination, an EC2 instance private IP address and port, so it can route your traffic there. This mapping makes it easier for you to integrate Global Accelerator with your application logic, such as matchmaking servers or session border controllers (network elements that protect and regulate IP traffic flows for real-time communication workflows). With custom routing accelerators, you can leverage Global Accelerator as the single point of entry for your application while deterministically sending your user traffic to specific EC2 destinations in any AWS Region.