Virtual Private Cloud. VPC Product Introduction
|
|
- Francis Chapman
- 6 years ago
- Views:
Transcription
1
2 Product overview This document contains the following topics: - VPC overview - Basic architecture - VPC benefits VPC overview The Alibaba Cloud Virtual Private Cloud (VPC) is a private network established in Alibaba Cloud. It is logically isolated from other virtual networks in Alibaba Cloud. Alibaba Cloud VPC enables you to launch and use the Alibaba Cloud resources in your own VPC. You have full control over your Alibaba Cloud VPC, for example, you can select its IP address range, further segment your VPC into subnets, as well as configure routing tables and network gateways. Additionally, you can connect your VPC to your on-premises network using a physical connection or a VPN to form an on-demand customizable network environment. This allows you to smoothly migrate your applications to Alibaba Cloud with little effort. 1
3 Basic architecture Based on the mainstream tunneling technology, the virtual private cloud isolates the virtual network. Each VPC has a unique tunnel ID and a tunnel ID corresponds to a virtual network. The data packets transmitted between ECS instances within a VPC are encapsulated with a unique tunnel ID and then sent to the physical network for transmission. The tunnel IDs for ECS instances in different VPCs are different, communication is impossible between the two tunnels, which achieves data isolation between the two networks. The Alibaba Cloud development team developed VSwitch, Software Defined Network (SDN) and hardware gateway independently based on the tunneling technology. It is the support of these software and hardware devices, the Alibaba Cloud Virtual Private Cloud is emerged. VSwitches, gateways, and controllers are three important components of a VPC. VSwitches and gateways are the main path for data transfer. The controller uses self-developed protocol to forward routing tables to VSwitches and gateways. The configuration channel and data channel are separated in the whole architecture. Alibaba Cloud VPC provides you with a separate VRouter and VSwitch for better VPC configuration and gives you more freedom. If you have high demand on intranet security, you can use security groups to manage the VPC access control in a finer granularity. By default, an ECS instance can only communicate with other ECS instances (or other cloud services) within the same VPC. You can use the Elastic IP address and ExpressConnect functions provided by Alibaba Cloud to connect your VPC to the Internet, to other VPCs, and to your own networks. 2
4 VPC benefits Security isolation The cloud servers of different users are located in the different VPCs. Different VPCs are isolated by tunnel IDs. Using VSwitches and VRouters, you can segment your VPC into subnets as you do in the traditional network environment. Different cloud servers in the same subnet use the VSwitch to communicate with each other, while cloud servers in different subnets within a VPC use VRouters to communicate with each other. The intranet between different VPCs are completely isolated and can only be interconnected by external mapping of IP (Elastic IP and NAT IP). Because the IP packets of cloud servers are encapsulated with the tunneling ID, the data link layer (two-layer MAC address) of the cloud server will not transfer to the physical network. Therefore, the two-layer network of different cloud servers are isolated. In another word, the two-layer networks between different VPCs are isolated. The ECS instances within a VPC uses a security group firewall to control the network access. This is the third layer isolation. Access control Security groups provide flexible access control rules. Compliant with security isolation rules of government and financial users. Software Defined Network (SDN) SDN provides customized network configurations. Management operations take effect in real time. Various network connection methods Software VPNs are supported. Lease line connection is supported. VPC and VSwitches This document contains the following topics: - VPC CIDR - VSwitch - Default VPC and VSwitch Note: In Alibaba Cloud VPC, you can segment a VPC into subnets by adding VSwitches. In general, 3
5 VSwitch and subnet are the same. VPC CIDR When creating a VPC, you must specify the IP address range for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block, for example, /16. CIDR is a method for allocating IP addresses and IP routing. For more information about CIDR, refer to RFC Only one CIDR block can be assigned to a VPC. The following are available CIDR blocks: / /12 (The IP address range used by the default VPC.) /16 If you want to use other CIDR blocks, you can submit a ticket. Alternatively, you can use the CreateVpc API to create a VPC, in this situation, you are allowed to use the subnet masks of these CIDR blocks as the IP address range. Note: You cannot change the size of a VPC after you create it. It is recommended that you use a large CIDR block to avoid resizing. The system will not create VRouters based on the CIDR block, therefore, a large CIDR block has no effect on usage. VSwitch A VSwitch is a basic network device of a VPC and used to connect different cloud product instances in a subnet with a VPC. After you create a VPC, you can further segment your VPC into subnets by adding one or more VSwitches. A VPC can have a maximum of 24 VSwitches. In a VPC, a VSwtich must reside in one Availability Zone and cannot span different Availability Zones. You can protect your applications from the failure of a single location by launching instances in separate Availability Zones. When creating a VSwitch, you also need to specify the IP address range for the VSwitch in the form of CIDR block. Adhere to the following rules when specifying a CIDR block: - The CIDR block of a VSwitch must belong to that of its VPC. - The CIDR block of a VSwitch can be same as that of the VPC that it belongs to. However, you can just have only one VSwitch in this situation. - The allowed size of a CIDR block assigned to a VSwitch is between a /16 netmask and /29 netmask. That is, the VSwitch can provide 8 ~ IP addresses. - The first IP address and the last three IP addresses in each VSwitch CIDR block are not available for you to use, and cannot be assigned to an instance. These IP addresses are reserved for system use. For example, in a VSwitch with CIDR block /24, the IP addresses , , and are reserved. - The CIDR block of a VSwitch and the destination CIDR block of the VPC's current route entry 4
6 cannot be the same. - The CIDR block of a VSwitch can be a subset of the destination CIDR block of the VPC's current route entry. - CIDR block cannot be modified after a VSwitch is created. Note: VSwitch does not support multicast and broadcast. Default VPC and VSwitch Alibaba Cloud provides you with a default VPC and VSwitch to use. When you create a cloud product instance, if you choose to use the VPC network type with the default settings as shown in the following figure, a default VPC and VSwitch are created by the system. Default VPC - The default VPC in each region is unique. - The CIDR block for a default VPC is always a /16 netmask ( /16), which provides up to private IP addresses. - The default VPC does not occupy the VPC quota that the Alibaba Cloud allocates to you. - The default VPC is created by the system, all the VPCs created by you are non-default VPCs. - The operations and limits between default and non-default VPCs are the same. Default VSwitch - The default VSwitch in each Availability Zone is unique. - The CIDR block for a default VSwitch is always a /20 netmask ( /20). This provides up to 4096 private IP addresses. - The default VSwitch does not occupy the VSwitch quota that the Alibaba Cloud allocates to you. - The default VSwitch is created by the system, all the VSwitches created by you are nondefault VSwitches. - The operations and limits between default and non-default VSwitches are the same. 5
7 VRouter and routing tables This document contains the following topics: - VRouter - Routing tables - Route entry - Routing rules VRouter A VRouter is a hub in the VPC that connects all VSwitches in the VPC and serves as a gateway device that connects the VPC to other networks. Each VRouter maintains a routing table that forwards network traffic based on the specific route entry settings. The system will automatically create a VRouter when you create a VPC. When a VPC is deleted, the corresponding VRouter is also deleted. Note: - Each VPC can only have one VRouter. - VRouter does not support dynamic routing protocols such as BGP and OSPF. - VRouter supports static routes but does not support the ECMP equal-cost routes. Routing table A routing table is a list of route entries on a VRouter. When creating a VPC, the system will automatically create a routing table. When a VPC is deleted, the corresponding routing table is also deleted. The routing table cannot be directly created or deleted. Note: - Each VRouter can only have one routing table. - Route entries in a routing table affect all the cloud product instances in the VPC. Currently, the source-address policy routing is not supported for routing a VSwitch or cloud product instance. Route entry 6
8 Each entry in a routing table is designated as a routing entry. A route entry defines the next hop address for the network traffic to be routed to the specified CIDR block destination. Route entries are categorized into system routes and custom routes. When a VPC is created, a system route is automatically created for the cloud product instances in the VPC to access cloud services outside the VPC. When a VSwitch is created, another corresponding system route is created. You can create and delete custom route entries. VPC IP addresses VPC IP addresses provide resources in a VPC with the capability to communicate with each other or to communicate with the other resources in the Internet. There are two types of IP addresses in Alibaba Cloud VPC, private IP addresses and Elastic IP addresses. Note: Refer to IP Addresses for Classic Network for information about IP addresses in the classic network. This document contains the following topics: - Private IP addresses - Elastic IP addresses Private IP addresses Private IP addresses are allocated to cloud product instances when they are created in VPC. Private IP address can be used for the intranet access for the VPC cloud product instances but cannot be used for the external Internet access. The VPC private IP addresses are different from the private IP address of the classic network: - The private IP address of an instance created in VPC is allocated from the VSwitch CIDR block that the instance belongs to and the instance's private IP address is unique within the VPC. The private IP address of an instance created in the classic network is uniformly allocated by Alibaba Cloud. 7
9 Elastic IP addresses An Elastic IP address is a NAT IP address. It resides in the public network gateway of the Alibaba Cloud and is mapped to the private network gateway of the bound ECS instance by NAT. Therefore, the ECS instance bound to an Elastic IP address can communicate with the Internet without disclosing its IP address in the network gateway. Elastic IP addresses are public IP address resources that you can buy separately. You can bind an Elastic IP address to any ECS instances in any VPC. With an Elastic IP address, the ECS instances can communicate with the Internet. Note: Currently only ECS instances support binding an Elastic IP address. Refer to Bind an Elastic IP address for more information on how to buy and bind an Elastic IP address. Elastic IP address features Independently purchased and possessed You can purchase an Elastic IP address independently instead of bundling with other computing resources or storage resources. You can possess an Elastic IP address as a separate resource in your account. Binding with computing resources You can bind an Elastic IP address with an ECS instance in any VPC as needed to make the instance accessible to the Internet, and release it when you do not need the communication with the Internet. Configurable network capabilities You can adjust the bandwidth of an Elastic IP address according to your needs. The bandwidth changes take effect immediately. Differences between EIP and ECS public IP The following table lists differences between Elastic IP addresses and ECS public IP addresses. Comparison Content Elastic IP addresses ECS public IP addresses Network environment type VPC Classic network Independently possessed Yes No Dynamically binding and unbinding with ECS Viewed on the network adapter of ECS instances Yes No No Yes 8
10 Limitation - An Elastic IP address can only be bound with an ECS instance in a VPC network. Instances in the classic network are not supported. - The ECS instance to be bound is not allocated with any public IP address. - One ECS instance can be bound with only one Elastic IP address, and conversely one Elastic IP address can be bound with only one ECS instance. - The Elastic IP address and the bound ECS instance must be in the same region. - A single account can possess a maximum of 20 Elastic IP addresses. VPC terminology Term Virtual Private Cloud (VPC) VSwitch VRouter Route table Route entry Description Virtual Private Cloud (VPC) is a private network established in Alibaba Cloud. It is logically isolated from other virtual networks in Alibaba Cloud. Alibaba Cloud VPC enables you to launch and use the Alibaba Cloud resources in your own VPC. A VSwitch is a basic network device of a VPC and used to connect different cloud product instances in a subnet with a VPC. A VRouter is a hub in the VPC that connects all VSwitches in the VPC and serves as a gateway device that connects the VPC to other networks. A route table is a list of route entries on a VRouter. Each entry in a route table is designated as a route entry. A route entry defines the next hop address for the network traffic to be routed to the specified CIDR block destination. Limits of Use VPC Restriction Restrictions on Normal Users Ticket submission permits exemption 9
11 Maximum VPCs for an account 5 Supported CIDR blocks available for VPCs /16, /12, /8, and their subnets Supported Maximum VRouters for a VPC Maximum VSwitches for a VPC Maximum routing tables for a VPC Maximum route entries for a routing table Maximum cloud products for a VPC 1 Unsupported 24 Unsupported 1 Unsupported 48 Supported 5000 Unsupported Note: VPC does not support broadcast or multicast for performance and security reasons. If you want to use broadcast and multicast functions, submit a ticket to Alibaba. Default VPC - The default VPC in each region is unique. - The CIDR block for a default VPC is always a /16 netmask ( /16), which provides up to private IP addresses. - The default VPC does not occupy the VPC quota that the Alibaba Cloud allocates to you. - The default VPC is created by the system, all the VPCs created by you are non-default VPCs. - The operations and limits between default and non-default VPCs are the same. VSwitch - The VSwitch of a VPC is a Layer 3 switch so it does not support Layer 2functions. - A VSwitch does not limit the quantity of cloud product instances. The quantity of instances that can be mounted to a VSwitch depends on the quantity of cloud product instances in the specified VPC. Currently, a maximum of 5000 cloud product instances can be created for a VPC. - VSwitch CIDR blocks cannot be modified. Default VSwitch - The default VSwitch in each Availability Zone is unique. - The CIDR block for a default VSwitch is always a /20 netmask ( /20). This provides up to 4096 private IP addresses. 10
12 - The default VSwitch does not occupy the VSwitch quota that the Alibaba Cloud allocates to you. - The default VSwitch is created by the system, all the VSwitches created by you are nondefault VSwitches. - The operations and limits between default and non-default VSwitches are the same. VRouter and routing table - Each VPC can only have one VRouter. - VRouter does not support dynamic routing protocols such as BGP or OSPF. - Each VRouter only have one routing table. - Route entries in a routing table affect all the cloud product instances in the VPC. Currently, the source-address policy routing is not supported for routing a VSwitch or a cloud product instance. ECS instance migration VPC allows you to migrate an ECS instance from one VSwitch to another through the same VRouter within a VPC. Note: The following operations are not supported: - ECS instance migration across VRouters. - ECS instance migration example from VPC to classic network. Release notes Release Date August 4, 2015 December 28, 2015 March 29, 2016 March 30, 2016 Changes Alibaba Cloud fully launched, providing the Virtual Private Cloud (VPC), VRouter, RouteTable, and VSwitch services. VPC supports Resource Access Management (RAM). Did an overall review. The function default VPC was released. 11
13 Related resources Forum To visit the forum, click here. Contact us Ticket: t/list/ Presales consultation: (5 8) Customer service: Cloud product (such as ECS, RDS and SLB) consultation: HiChina product (such as domain names, mailboxes, virtual machines) consultation: Filing assistance: (ext. 3) 12
Virtual Private Cloud. User Guide
Alibaba Cloud provides a default VPC and VSwitch for you in the situation that you do not have any existing VPC and VSwitch to use when creating a cloud product instance. A default VPC and VSwitch will
More informationVirtual Private Cloud. User Guide. Issue 03 Date
Issue 03 Date 2016-10-19 Change History Change History Release Date What's New 2016-10-19 This issue is the third official release. Modified the following content: Help Center URL 2016-07-15 This issue
More informationTop 30 AWS VPC Interview Questions and Answers Pdf
Top 30 AWS VPC Interview Questions and Answers Pdf Top 30 AWS VPC Interview Questions and Answers Pdf AWS Certified Solutions Architect Begins the 30 Top Funding IT Certifications. Surely, AWS Architect
More informationHow to set up a Virtual Private Cloud (VPC)
Date published: 15.06.2018 Estimated reading time: 20 minutes Authors: Editorial Team The bookmarks and navigation in this tutorial are optimized for Adobe Reader. How to set up a Virtual Private Cloud
More informationVirtual Private Cloud. User Guide. Issue 21 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 21 Date 2018-09-30 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationConnect to Alibaba Cloud. For partners
Connect to Alibaba Cloud For partners 1. Terms 5. Use Cases 2. Background 6. Setup Example 3. Customer Architecture 7. Other Info 4. Connec7on Process 8. Annex Terms VPC: Virtual Private Cloud Private
More informationEdgeConnect for Amazon Web Services (AWS)
Silver Peak Systems EdgeConnect for Amazon Web Services (AWS) Dinesh Fernando 2-22-2018 Contents EdgeConnect for Amazon Web Services (AWS) Overview... 1 Deploying EC-V Router Mode... 2 Topology... 2 Assumptions
More informationCreating your Virtual Data Centre
Creating your Virtual Data Centre VPC Fundamentals and Connectivity Options Paul Burne, Senior Technical Account Manager, Enterprise Support - 28 th June 2017 2016, Amazon Web Services, Inc. or its Affiliates.
More informationAmazon Virtual Private Cloud. User Guide API Version
Amazon Virtual Private Cloud User Guide Amazon Web Services Amazon Virtual Private Cloud: User Guide Amazon Web Services Copyright 2012 Amazon Web Services LLC or its affiliates. All rights reserved. The
More informationNetApp Cloud Volumes Service for AWS
NetApp Cloud Volumes Service for AWS AWS Account Setup Cloud Volumes Team, NetApp, Inc. March 29, 2019 Abstract This document provides instructions to set up the initial AWS environment for using the NetApp
More informationOverview. AWS networking services including: VPC Extend your network into a virtual private cloud. EIP Elastic IP
Networking in AWS 2017 Amazon Web Services, Inc. and its affiliates. All rights served. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon Web Services,
More informationAWS Networking Fundamentals
AWS Networking Fundamentals Tom Adamski Specialist Solutions Architect, AWS Traditional Network WAN VPN VPN Fiber Applications Applications AWS Network VPN WAN (AWS Direct Connect) VPN Fiber Applications
More informationData Center Configuration. 1. Configuring VXLAN
Data Center Configuration 1. 1 1.1 Overview Virtual Extensible Local Area Network (VXLAN) is a virtual Ethernet based on the physical IP (overlay) network. It is a technology that encapsulates layer 2
More informationAmazon Virtual Private Cloud. Getting Started Guide
Amazon Virtual Private Cloud Getting Started Guide Amazon Virtual Private Cloud: Getting Started Guide Copyright 2017 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks
More informationPexip Infinity and Amazon Web Services Deployment Guide
Pexip Infinity and Amazon Web Services Deployment Guide Contents Introduction 1 Deployment guidelines 2 Configuring AWS security groups 4 Deploying a Management Node in AWS 6 Deploying a Conferencing Node
More information2013 AWS Worldwide Public Sector Summit Washington, D.C.
Washington, D.C. VPC Construction Nathan McCourtney Senior Consultant, Professional Services What is a Amazon Virtual Private Cloud (VPC)? A virtual private cloud (VPC) is a virtual network that closely
More informationNetworking for the Cloud DBA. Arup Nanda Longtime Oracle DBA And Explorer of New Things
Networking for the Cloud DBA Arup Nanda Longtime Oracle DBA And Explorer of New Things Most Important Skill for a Cloud DBA 2 Netmask 3 Broadcast Address 4 Network ID IP Address 5 Most Important Skill
More informationChapter 18 and 22. IPv4 Address. Data Communications and Networking
University of Human Development College of Science and Technology Department of Information Technology Chapter 18 and 22 Data Communications and Networking IPv4 Address 1 Lecture Outline IPv4 Addressing
More information25 Best Practice Tips for architecting Amazon VPC
25 Best Practice Tips for architecting Amazon VPC 25 Best Practice Tips for architecting Amazon VPC Amazon VPC is one of the most important feature introduced by AWS. We have been using AWS from 2008 and
More informationWeb Cloud Solution. User Guide. Issue 01. Date
Issue 01 Date 2017-05-30 Contents Contents 1 Overview... 3 1.1 What Is Web (CCE+RDS)?... 3 1.2 Why You Should Choose Web (CCE+RDS)... 3 1.3 Concept and Principle... 4... 5 2.1 Required Services... 5 2.2
More informationvcloud Air - Virtual Private Cloud OnDemand Networking Guide
vcloud Air - Virtual Private Cloud OnDemand Networking Guide vcloud Air This document supports the version of each product listed and supports all subsequent versions until the document is replaced by
More informationHow to Install Forcepoint NGFW in Amazon AWS TECHNICAL DOCUMENT
How to Install Forcepoint NGFW in Amazon AWS TECHNICAL DOCUMENT Table of Contents TABLE OF CONTENTS... 1 TEST NETWORK DIAGRAM... 2 PREPARING YOUR VPC... 3 IP addressing... 3 Virtual Private Cloud (VPC)...
More informationVirtual Private Network. Network User Guide. Issue 05 Date
Issue 05 Date 2018-03-30 Contents Contents 1 Overview... 1 1.1 Concepts... 1 1.1.1 VPN... 1 1.1.2 IPsec VPN...1 1.2 Application Scenarios...2 1.3 Billing Standards... 3 1.4 VPN Reference Standards and
More informationHow to Configure BGP over IKEv2 IPsec Site-to- Site VPN to an Google Cloud VPN Gateway
How to Configure BGP over IKEv2 IPsec Site-to- Site VPN to an Google Cloud VPN Gateway To connect to the Google Cloud VPN gateway, create an IPsec IKEv2 site-to-site VPN tunnel on your F-Series Firewall
More informationvcloud Director Tenant Portal Guide vcloud Director 8.20
vcloud Director Tenant Portal Guide vcloud Director 8.20 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation,
More informationChapter 3 - Implement an IP Addressing Scheme and IP Services to Meet Network Requirements for a Small Branch Office
ExamForce.com 640-822 CCNA ICND Study Guide 31 Chapter 3 - Implement an IP Addressing Scheme and IP Services to Meet Network Requirements for a Small Branch Office Describe the need and role of addressing
More information1. Click on "IaaS" to advance to the Windows Azure Scenario. 2. Click to configure the "CloudNet" Virtual Network
Introduction to the Virtual Network Lab Scenario Steps Description 1. Click on "IaaS" to advance to the Windows Azure Scenario Windows Azure Infrastructure Services ( IaaS ) provides us with the capability
More informationBrief Notes on Networks
IP ADDRESS "IP" stands for Internet Protocol, so an IP address is an Internet Protocol address. What does that mean? An Internet Protocol is a set of rules that govern Internet activity and facilitate
More informationEnterprise. Nexus 1000V. L2/L3 Fabric WAN/PE. Customer VRF. MPLS Backbone. Service Provider Data Center-1 Customer VRF WAN/PE OTV OTV.
2 CHAPTER Cisco's Disaster Recovery as a Service (DRaaS) architecture supports virtual data centers that consist of a collection of geographically-dispersed data center locations. Since data centers are
More informationAWS_SOA-C00 Exam. Volume: 758 Questions
Volume: 758 Questions Question: 1 A user has created photo editing software and hosted it on EC2. The software accepts requests from the user about the photo format and resolution and sends a message to
More information25 Best Practice Tips for architecting Amazon VPC. 25 Best Practice Tips for architecting Amazon VPC. Harish Ganesan- CTO- 8KMiles
25 Best Practice Tips for architecting Amazon VPC 25 Best Practice Tips for architecting Amazon VPC Amazon VPC is one of the most important feature introduced by AWS. We have been using AWS from 2008 and
More informationKillTest *KIJGT 3WCNKV[ $GVVGT 5GTXKEG Q&A NZZV ]]] QORRZKYZ IUS =K ULLKX LXKK [VJGZK YKX\OIK LUX UTK _KGX
KillTest Q&A Exam : AWS-SysOps Title : AWS Certified SysOps Administrator Associate Version : Demo 1 / 4 1.A user has created photo editing software and hosted it on EC2. The software accepts requests
More informationSecurely Access Services Over AWS PrivateLink. January 2019
Securely Access Services Over AWS PrivateLink January 2019 Notices This document is provided for informational purposes only. It represents AWS s current product offerings and practices as of the date
More informationDeploy the Firepower Management Center Virtual On the AWS Cloud
Deploy the Firepower Management Center Virtual On the AWS Cloud Amazon Virtual Private Cloud (Amazon VPC) enables you to launch Amazon Web Services (AWS) resources into a virtual network that you define.
More informationNGF0502 AWS Student Slides
NextGen Firewall AWS Use Cases Barracuda NextGen Firewall F Implementation Guide Architectures and Deployments Based on four use cases Edge Firewall Secure Remote Access Office to Cloud / Hybrid Cloud
More informationIntroducing AWS Transit Gateway
Introducing AWS Transit Gateway Nick Matthews Principal Solutions Architect AWS @nickpowpow Mohamed Hassan Senior Product Manager EC2 Networking, AWS @mohnader What is Transit Gateway? Introducing AWS
More informationJStorm Based Network Analytics Platform. Alibaba Cloud Senior Technical Manager, Biao Lyu
JStorm Based Network Analytics Platform Alibaba Cloud Senior Technical Manager, Biao Lyu Overview of Alibaba Cloud 18 Regions 150+ Products 1Million+ Customers Comprehensive Networking Product Family 12
More informationDeploy ERSPAN with the ExtraHop Discover Appliance and Brocade 5600 vrouter in AWS
Deploy ERSPAN with the ExtraHop Discover Appliance and Brocade 5600 vrouter in AWS Published: 2018-07-06 This guide explains how to install and con#gure an example environment within Amazon Web Services
More informationPexip Infinity and Amazon Web Services Deployment Guide
Pexip Infinity and Amazon Web Services Deployment Guide Contents Introduction 1 Deployment guidelines 2 Configuring AWS security groups 4 Deploying a Management Node in AWS 6 Deploying a Conferencing Node
More informationResizing your AWS VPC NAT Instance to a Lower Cost Instance Type
Resizing your AWS VPC NAT Instance to a Lower Cost Instance Type Let s say that you wanted to run a lab using AWS and you need to set up a VPC. Thats a very common design that takes advantage of creating
More informationWhite Paper. Huawei Campus Switches VXLAN Technology. White Paper
White Paper Huawei Campus Switches VXLAN Technology White Paper 1 Terms Abbreviation VXLAN NVo3 BUM VNI VM VTEP SDN Full English Name Virtual Extensible Local Area Network Network Virtualization over L3
More information1. VPC and Subnet Layout
1. VPC and Subnet Layout A Virtual Private Cloud (VPC) is an on demand configurable pool of shared computing resources allocated within a public cloud environment, providing a certain level of isolation
More informationCCNA. Course Catalog
CCNA Course Catalog 2012-2013 This course is intended for the following audience: Network Administrator Network Engineer Systems Engineer CCNA Exam Candidates Cisco Certified Network Associate (CCNA 640-802)
More informationCCNA-A Scope and Sequence (March 2007-Draft)
CCNA-A Scope and Sequence (March 2007-Draft) This document is a preliminary overview of the new CCNA-A curriculum and is subject to change since the courses are still under development. The English versions
More informationExercise Sheet 4. Exercise 1 (Routers, Layer-3-Switches, Gateways)
Exercise Sheet 4 Exercise 1 (Routers, Layer-3-Switches, Gateways) 1. What is the purpose of Routers in computer networks? (Also explain the difference to Layer-3-Switches.) 2. What is the purpose of Layer-3-Switches
More informationIBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture
IBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture Date: 2017-03-29 Version: 1.0 Copyright IBM Corporation 2017 Page 1 of 16 Table of Contents 1 Introduction... 4 1.1 About
More informationQUESTION: 1 You have been asked to establish a design that will allow your company to migrate from a WAN service to a Layer 3 VPN service. In your des
Vendor: Cisco Exam Code: 352-001 Exam Name: ADVDESIGN Version: Demo www.dumpspdf.com QUESTION: 1 You have been asked to establish a design that will allow your company to migrate from a WAN service to
More informationInternet Routing Protocols, DHCP, and NAT
Internet Routing Protocols, DHCP, and NAT Hwajung Lee Modified from Slides Courtesy of Cisco Networking Academy and the book titled Communication Networks by Leon-Garcia Contents Basic Routing Single Area
More informationFirewall Mode Overview
CHAPTER 16 This chapter describes how to set the firewall mode, as well as how the firewall works in each firewall mode. You can set the firewall mode independently for each context in multiple context
More informationConfiguring NAT for IP Address Conservation
This module describes how to configure Network Address Translation (NAT) for IP address conservation and how to configure inside and outside source addresses. This module also provides information about
More informationIP Addresses McGraw-Hill The McGraw-Hill Companies, Inc., 2000
IP Addresses The IP addresses are unique. An IPv4 address is a 32-bit address. An IPv6 address is a 128-bit address. The address space of IPv4 is 2 32 or 4,294,967,296. The address space of IPv6 is 2 128
More informationVMware vcloud Air Key Concepts
vcloud Air This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document,
More informationExam Name: VMware Certified Associate Network Virtualization
Vendor: VMware Exam Code: VCAN610 Exam Name: VMware Certified Associate Network Virtualization Version: DEMO QUESTION 1 What is determined when an NSX Administrator creates a Segment ID Pool? A. The range
More informationVXLAN Design with Cisco Nexus 9300 Platform Switches
Guide VXLAN Design with Cisco Nexus 9300 Platform Switches Guide October 2014 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 39 Contents What
More informationAmazon AWS-Solutions-Architect-Professional Exam
Volume: 392 Questions Question: 1 By default, Amazon Cognito maintains the last-written version of the data. You can override this behavior and resolve data conflicts programmatically. In addition, push
More informationMPLS VPN Inter-AS Option AB
First Published: December 17, 2007 Last Updated: September 21, 2011 The feature combines the best functionality of an Inter-AS Option (10) A and Inter-AS Option (10) B network to allow a Multiprotocol
More informationFinding Feature Information
This module describes how to configure Network Address Translation (NAT) for IP address conservation and how to configure inside and outside source addresses. This module also provides information about
More informationBuilding a Modular and Scalable Virtual Network Architecture with Amazon VPC
Building a Modular and Scalable Virtual Network Architecture with Amazon VPC Quick Start Reference Deployment Santiago Cardenas Solutions Architect, AWS Quick Start Reference Team August 2016 (revisions)
More informationCloudEdge Deployment Guide
Hillstone Networks, Inc. CloudEdge Deployment Guide Version 5.5R3P1 Copyright 2016Hillstone Networks, Inc.. All rights reserved. Information in this document is subject to change without notice. The software
More informationA+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 8 Networking Essentials
A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e Chapter 8 Networking Essentials Objectives Learn about the protocols and standards Windows uses for networking Learn how to connect
More informationHP 5920 & 5900 Switch Series
HP 5920 & 5900 Switch Series MCE Configuration Guide Part number: 5998-2896 Software version: Release2207 Document version: 6W100-20121130 Legal and notice information Copyright 2012 Hewlett-Packard Development
More informationTEN ESSENTIAL NETWORK VIRTUALIZATION DEFINITIONS
E-Guide TEN ESSENTIAL NETWORK VIRTUALIZATION DEFINITIONS SearchSDN T here is some confusion surrounding as there is no one definition. In this exclusive guide, you ll find ten to help you better understand
More informationMPLS VPN--Inter-AS Option AB
The feature combines the best functionality of an Inter-AS Option (10) A and Inter-AS Option (10) B network to allow a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) service provider
More informationCompTIA Exam JK0-023 CompTIA Network+ certification Version: 5.0 [ Total Questions: 1112 ]
s@lm@n CompTIA Exam JK0-023 CompTIA Network+ certification Version: 5.0 [ Total Questions: 1112 ] Topic break down Topic No. of Questions Topic 1: Network Architecture 183 Topic 3: Troubleshooting 140
More informationOperation Manual MCE H3C S3610&S5510 Series Ethernet Switches. Table of Contents
Table of Contents Table of Contents Chapter 1 MCE Overview... 1-1 1.1 MCE Overview... 1-1 1.1.1 Introduction to BGP/MPLS VPN... 1-1 1.1.2 BGP/MPLS VPN Concepts... 1-2 1.1.3 Introduction to MCE... 1-5 1.1.4
More informationIP Addressing Week 6. Module : Computer Networks Lecturer: Lucy White Office : 324
IP Addressing Week 6 Module : Computer Networks Lecturer: Lucy White lbwhite@wit.ie Office : 324 1 Addressing: Network & Host Network address help to identify route through the network cloud Network address
More informationGRE and DM VPNs. Understanding the GRE Modes Page CHAPTER
CHAPTER 23 You can configure Generic Routing Encapsulation (GRE) and Dynamic Multipoint (DM) VPNs that include GRE mode configurations. You can configure IPsec GRE VPNs for hub-and-spoke, point-to-point,
More informationFortiMail AWS Deployment Guide
FortiMail AWS Deployment Guide FORTINET DOCUMENT LIBRARY http://docs.fortinet.com FORTINET VIDEO GUIDE http://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com
More informationCross-Site Virtual Network Provisioning in Cloud and Fog Computing
This paper was accepted for publication in the IEEE Cloud Computing. The copyright was transferred to IEEE. The final version of the paper will be made available on IEEE Xplore via http://dx.doi.org/10.1109/mcc.2017.28
More informationTransparent or Routed Firewall Mode
This chapter describes how to set the firewall mode to routed or transparent, as well as how the firewall works in each firewall mode. You can set the firewall mode independently for each context in multiple
More informationA Reference Design. VPN user access and VPC networking. Version Copyright Aviatrix Systems, Inc. All rights reserved.
A Reference Design VPN user access and VPC networking Version 08-16-2016 Copyright 2014-2016 Aviatrix Systems, Inc. All rights reserved. This reference design helps you build an end to end secure cloud
More informationOPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT
OPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT sdn-and-nfv-technical---georgia-tech---sep-2013---v2 Bruno Rijsman, Distinguished Engineer 24 September 2013 Use Cases 2 Copyright 2013 Juniper Networks,
More informationVoIP / RoIP for Technicians
Phase 4 Design, Inc VoIP / RoIP for Technicians Presented by Dave Grant Phase 4 Design, Inc dave@phase4.org 2017 Phase 4 Design, Inc Notes 2 2017, Phase 4 Design, Inc. Table of Contents What are we going
More informationSection 1. General Networking Theory
Section 1 General Networking Theory This chapter ensures you are prepared for questions in the Cisco Certified Internetwork Expert (CCIE) written exam that deal with general networking theories. General
More informationCreating Your Virtual Data Center
NET201 Creating Your Virtual Data Center VPC Fundamentals and Connectivity Options Becky Weiss, Principal Engineer, EC2 Networking October 2015 2015, Amazon Web Services, Inc. or its Affiliates. All rights
More informationTransit Network VPC. AWS Reference Deployment Guide. Last updated: May 10, Aviatrix Systems, Inc. 411 High Street Palo Alto, CA USA
Transit Network VPC AWS Reference Deployment Guide Last updated: May 10, 2017 Aviatrix Systems, Inc. 411 High Street Palo Alto, CA 94301 USA http://www.aviatrix.com Tel: +1 844.262.3100 TABLE OF CONTENTS
More informationCreating Your Virtual Data Center
Creating Your Virtual Data Center VPC Fundamentals and Connectivity Options Giulio Soro, Sr. Solutions Architect AWS Antonio Sglavo, Head of Data Center Transformation - ENEL AWS Summit, 2016 2016, Amazon
More informationTop-Down Network Design
Top-Down Network Design Chapter Six Designing Models for Addressing and Naming Copyright 2010 Cisco Press & Priscilla Oppenheimer Guidelines for Addressing and Naming Use a structured model for addressing
More informationF5 BIG-IQ Centralized Management and Amazon Web Services: Setup. Version 5.4
F5 BIG-IQ Centralized Management and Amazon Web Services: Setup Version 5.4 Table of Contents Table of Contents Getting Started with BIG-IQ Virtual Edition...5 What is BIG-IQ Virtual Edition?...5 About
More informationL3VPN Configuration. L3VPN Overview. Introduction to L3VPN
Table of Contents L3VPN Configuration 1 L3VPN Overview 1 Introduction to L3VPN 1 L3VPN Concepts 2 L3VPN Networking Schemes 3 OSPF VPN Extension 6 L3VPN Configuration Task List 8 Configuring VPN Instances
More informationIntegrated Services. Integrated Services. RSVP Resource reservation Protocol. Expedited Forwarding. Assured Forwarding.
Integrated Services An architecture for streaming multimedia Aimed at both unicast and multicast applications An example of unicast: a single user streaming a video clip from a news site An example of
More informationThe Interconnection Structure of. The Internet. EECC694 - Shaaban
The Internet Evolved from the ARPANET (the Advanced Research Projects Agency Network), a project funded by The U.S. Department of Defense (DOD) in 1969. ARPANET's purpose was to provide the U.S. Defense
More informationBest Practices for Extending the WAN into AWS (IaaS) with SD-WAN
Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN Ariful Huq Product Management @arifulhuq & Rob McBride Marketing @digitalmcb Industry trends impacting networking Cloud Mobile Social 2
More informationHow to Deploy the Barracuda NG Firewall in an Amazon Virtual Private Cloud
How to Deploy the Barracuda NG Firewall in an Amazon Virtual Private Cloud The Barracuda NG Firewall can run as a virtual appliance in the Amazon cloud as a gateway device for Amazon EC2 instances in an
More informationComputer Network Architectures and Multimedia. Guy Leduc. Chapter 2 MPLS networks. Chapter 2: MPLS
Computer Network Architectures and Multimedia Guy Leduc Chapter 2 MPLS networks Chapter based on Section 5.5 of Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley,
More informationHands-On TCP/IP Networking
Hands-On Course Description In this Hands-On TCP/IP course, the student will work on a live TCP/IP network, reinforcing the discussed subject material. TCP/IP is the communications protocol suite on which
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : SAA-C01 Title : AWS Certified Solutions Architect - Associate (Released February 2018)
More informationVNS3 Configuration. Quick Launch for first time VNS3 users in Azure
VNS3 Configuration Quick Launch for first time VNS3 users in Azure Table of Contents Setup 3 Notes 9 Create a Static IP 12 Create a Network Security Group 14 Launch VNS3 from Marketplace 19 VNS3 Unencrypted
More informationCPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer
1 CPSC 826 Intering The Network Layer: Routing & Addressing Outline The Network Layer Michele Weigle Department of Computer Science Clemson University mweigle@cs.clemson.edu November 10, 2004 Network layer
More informationAmazon Virtual Private Cloud. VPC Peering
Amazon Virtual Private Cloud VPC Peering Amazon Virtual Private Cloud: VPC Peering Table of Contents What is VPC Peering?... 1 VPC Peering Basics... 1 VPC Peering Connection Lifecycle... 2 Multiple VPC
More informationContents. EVPN overview 1
Contents EVPN overview 1 EVPN network model 1 MP-BGP extension for EVPN 2 Configuration automation 3 Assignment of traffic to VXLANs 3 Traffic from the local site to a remote site 3 Traffic from a remote
More informationUnified Load Balance. User Guide. Issue 04 Date
Issue 04 Date 2017-09-06 Contents Contents 1 Overview... 1 1.1 Basic Concepts... 1 1.1.1 Unified Load Balance...1 1.1.2 Listener... 1 1.1.3 Health Check... 2 1.1.4 Region...2 1.1.5 Project...2 1.2 Functions...
More informationAT&T NetBond for SoftLayer
NetBond for Service Activation Overview 2016 Intellectual Property. All rights reserved., Globe logo and other marks are trademarks and service marks of Intellectual Property and/or affiliated companies.
More informationConfiguring multicast VPN
Contents Configuring multicast VPN 1 Multicast VPN overview 1 Multicast VPN overview 1 MD-VPN overview 3 Protocols and standards 6 How MD-VPN works 6 Share-MDT establishment 6 Share-MDT-based delivery
More informationFull file at
ch02 True/False Indicate whether the statement is true or false. 1. IP addresses have links to domain names to make it possible for users to identify and access resources on a network. 2. As a frame moves
More informationSolution of Exercise Sheet 4. Exercise 1 (Routers, Layer-3-Switches, Gateways)
Solution of Exercise Sheet 4 Exercise 1 (Routers, Layer-3-Switches, Gateways) 1. What is the purpose of Routers in computer networks? (Also explain the difference to Layer-3-Switches.) They forward packets
More informationElastic Load Balance. User Guide. Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 01 Date 2018-04-30 HUAWEI TECHNOLOGIES CO., LTD. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationSAM 8.0 SP2 Deployment at AWS. Version 1.0
SAM 8.0 SP2 Deployment at AWS Version 1.0 Publication Date July 2011 Copyright 2011 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and
More informationHP FlexFabric 5930 Switch Series
HP FlexFabric 5930 Switch Series MCE Configuration Guide Part number: 5998-4625 Software version: Release 2406 & Release 2407P01 Document version: 6W101-20140404 Legal and notice information Copyright
More informationTopGlobal MB8000 VPN Solution
TopGlobal Solution Top Global MobileBridge connects 3G and Ethernet network, as well as WiFi network. MB8000 is a product of MobileBridge serials. MB8000 provides a gateway service for its LAN (including
More information