AWS Direct Connect is a feature by the AWS that helps connect to the environment of AWS directly through the environment in which the user is currently in. This connection is established with the help of a standard Ethernet fiber-optic cable. Since a direct connection is established, time and cost-effective nature is a highlight of this feature, in addition to bypassing the internet service providers in the path. This connection can be used to create a virtual private cloud (VPC). A single connection can be used to access the public services of AWS in the public regions or availability zones.
Usage of virtual interfaces helps in accessing public and private resources. Public resources access here refers to objects which are stored in Amazon S3 that could be accessed. On the other hand, private resources access refers to limited-access features such as Virtual Private Cloud.
There is a concise bifurcation between the public and the private interfaces. AWS direct greatly helps in the reduction of network costs, improves the throughput of the bandwidth and helps in delivering a better network experience to the users in comparison to other network-based connections. AWS Direct Connect can be conveniently used with AWS Management console.
Below is a snip that depicts how the AWS Direct Connect establishes a connection with private and public interfaces:
Terminologies associated with AWS Direct Connect
- Connection: A connection refers to an association that occurs between an AWS Direct Connect location and the user’s premise in an AWS region, to establish a network connection.
- Virtual Interfaces: A virtual interface helps in providing access to the AWS service. A public virtual interface can be used to access the public services (like Amazon S3), whereas a private virtual interface can be used to access the VPC.
- Network needs: When AWS Direct Connect is used in a location, the network must meet one of the below mentioned conditions:
- User is working with an independent internet service provider (ISP) to connect to AWS Direct Connect.
- User is working directly with an AWS Direct Connect partner, who is also a member of the AWS Partner Network (APN).
- The user network and the AWS Direct Connect’s location are the same.
The network must meet all the below mentioned conditions:
- The user network should use a single-mode fiber that has a 1000BASE-LX transceiver for 1 GB Ethernet or 10GBASE-LR for 10 GB Ethernet.
- The user device should support BGP (Border Gateway Protocol) and the BGP MD5 authentication method.
- Port must be disabled for the auto-negotiation part. The port-speed and full-duplex mode have to be configured manually.
- 802.1Q VLAN encapsulation should support the connection wholly, which also includes the intermediate devices.
There are 2 kinds of network connections that the AWS Direct Connect enables the user to connect to.
- Dedicated Connection: It associates a 1G or 10G physical Ethernet connection to a single user. The user has the freedom to request for a dedicated connection through any of the options namely- AWS DirectConnect Console or CLI or API.
An AWS direct connection’s port speed could be 1 Gbps or 10 Gbps, and this value can’t be changed once a connection request has been created. Once the connection has been requested, AWS creates a Letter of Authorization and Connecting Facility Assignment (LOA-CFA) which can be downloaded by the user. This letter is an authorization that helps connect to AWS and is necessary so that the user’s network provider can provide permission to connect to the user.
- Hosted Connection: It associates a 1G or 10G physical Ethernet connection to the AWS Direct Connect Partner, on behalf of the user. The user requests the connection host by communicating with the Direct Connect Partner in the AWS Direct Connect Partner Program, which facilitates the connection. Similar to a dedicated connection, the port speed can’t be changed once the request for creation is done.
Features of AWS Direct Connect
- It supports IPV4 and IPV6 communication protocols.
- IPV6 address that is provided by the public services of AWS can be accessed with the help of AWS Direct Connect virtual public interfaces.
- It supports an Ethernet frame size of 1522 bytes or 9023 bytes at the link layer.
- It helps reduce costs.
AWS Direct Connect is priced based on two criteria:
- Port hours: This is determined based on the capacity and the type of connection (It could be dedicated or hosted connection).
- Outbound data transfer: The outbound charges are calculated for private virtual interfaces and transit virtual interfaces. This refers to the data which is transferred over the AWS Direct Connect in terms of GB. No additional charges are inferred when a multi-account Direct Connect gateway is used.
In this post, we understood the significance of AWS Direct Connect and how it helps establish network connections.