Skip to main content

On Prem Networks 





  • Follow an architecture 



  • On Prem was slow/applications needed to be deployed faster 



  • DevOps moved to cloud 





Reinventing Network and Security Architecture for Cloud 





  • VMware was able to virtualize servers, and run applications on a virtual machine, however this was still On Prem 



  • People moved to public cloud but there was an architectural gap 



  • Aviatrix provides the architecture, MCNA, to help deploy applications  





IaaS, PaaS, SaaS 



On Prem (physical/virtual) 





  •  Underlay, hardware, software, day0, day1 and day 2, everything is the user’s responsibility 





Infrastructure as a Service





  • CSP’s manage hardware, software, storage, and networking 



  • Users are responsible for running the virtual machines and patching the O/S 





Platform as a Service 





  • Users only consume as a platform 



  • CSP’s manage everything, you only manage applications and data 





Software as a Service 





  • Users consume the service 



  • All aspects managed by CSP’s 





 



What is Hybrid Cloud? 





  • Cloud connectivity with On-Prem DC 





Public Cloud Basics 





  • Known to be resilient, highly available, multiple regions 



  • Just as data centers have issues, the CSP’s data centers have issues as well 



  • Users however have no control/visibility of these issues 





Data Center 





  • Cloud service providers use data centers to house cloud services and cloud-based resources 





Region 





  • Data centers are grouped in regions and geographic areas to provide regional service availability 





Availability Zone 





  • Distinct locations within the cloud provider’s network that are engineered to be isolated from failures  





 



Public Cloud Network vs. On-Prem DC 





  • Public Cloud Network tries to provide the same services as the On-Prem DC 



  • Provides concept of VPC (virtual private cloud) 



  • The most important part of the VPC is the application/virtual machine 



  • Virtual machines are sitting on different subnets, so they need a routing entity 



  • Some security constructs are provided but are often very primitive 



  • VPC required connectivity to internet (sends traffic to internet) 



  • Users coming in/trying to get access to virtual machines 



  • Private link to connect to data center needed 



  • Limitations 





    • 100 BGP route limit in AWS-TGW 



    • No routing controls 



    • No service insertion 



    • Poor visibility 





good explanation

Very Clear

Well explained!

Great

Alizah Nauman said:


100 BGP route limit in AWS-TGW 



Refer to https://docs.aws.amazon.com/directconnect/latest/UserGuide/limits.html for details of the limits applicable on AWS

Reply


Terms & Conditions