Review Questions

Exercises Written Labs Written Lab 6.1: Simulate Creating a Direct Connection Written Lab 6.2: Simulate Creating a Site-to-Site VPN Connection Review Questions The following questions are designed to test your understanding of this chapter’s material. For more information on how to obtain additional questions, please see this book’s introduction.

Summary Hybrid networking and the underlying technologies that are used were the focus of this chapter. We covered the basics of the two lower layers of the OSI model. You learned about the optical connections at layer 1, and for layer 2 we covered link aggregation, VLANs, and jumbo frames. There are several different types […]

VPN CloudHub The AWS VPN CloudHub is an architecture for the AWS site-to-site VPN service. However, it’s not an actual service that you can find in the console. CloudHub uses a VPG in a VPC to connect multiple remote sites each using a site-to-site VPN connection. Building on the AWS managed VPN options described previously, […]

Virtual Private Gateway The AWS virtual private gateway is a virtual VPN endpoint that terminates a site-to-site VPN connection that attaches to a single VPC. A maximum of 10 external VPN tunnels that are not VPC networking locations per virtual private gateway are supported, and each of the tunnels connects using the IPSec protocol. A […]

Direct Connect Gateway The AWS Direct Connect gateway simplifies your Direct Connect architecture. Traditionally with Direct Connect, a separate connection would need to be established from your data center to each AWS region you wanted to connect to. If you needed to connect to two different regions, for example, since DX is a regional service, […]

Direct Connect Direct Connect (DX) allows you to bypass the public Internet to connect directly between your data center and an AWS region. This is a private connection that gives you the benefit of security with a consistent speed at low latency. If you have large volumes of data to transfer, you may achieve lower […]

Dynamic Routing Dynamic routing records all topology changes, updates automatically, and adjusts to changing networking conditions. Dynamic routing uses well-defined protocols such as OSPF internally or BGP between companies to exchange the routing information without ongoing administrative intervention. Internal routing methods used inside of a company’s network are referred to as Internal Gateway Protocols (IGPs) […]

GENEVE The GENEVE protocol was covered in Chapter 4, “Load Balancing,” as part of the gateway load balancer. In this section, we will do a brief refresher of this standardized encapsulation protocol. The GENEVE protocol preserves the original packet by providing an encapsulation protocol that supports transparent routing. To make sure that the original packet […]

IPSec IPSec provides encapsulation of packets that are encrypted in transit between endpoint devices. IPSec is actually a family of protocols that work together for end-to-end encryption of data flows. IPSec will encrypt the packets and can authenticate the source of where the packets came from. It is the most common method used on networks […]