AWS re:Invent 2022
Advanced Vpc Design and New Amazon Vpc Capabilities Net302

Title

AWS re:Invent 2022 - Advanced VPC Design and New Amazon VPC Capabilities (NET302)

Summary

  • Presenters: Matt Lewis and Alex Huydisch, both Solutions Architects at AWS.
  • Topics Covered:
    • Introduction to Amazon VPC and its foundational features.
    • New capabilities and updates for Amazon VPC, focusing on IPv6 enhancements, ENA Express for improved network performance, and VPC size limits.
    • VPC peering and Transit Gateway for scalable VPC connectivity.
    • AWS Cloud WAN for dynamic, global network connectivity and simplified WAN deployments.
    • Amazon VPC Lattice for simplified application layer networking without the need for sidecar proxies.
    • AWS Network Manager updates for comprehensive network operations, including infrastructure performance insights and CloudWatch Internet Monitoring.
    • AWS Verified Access (AVA) for enhanced security posture, simplified operations, and increased workforce mobility.

Insights

  • IPv6 Enhancements: AWS has been expanding IPv6 support across services due to the exhaustion of IPv4 addresses. In 2021, IPv6-only subnets were introduced, and by 2022, around 27 AWS services supported IPv6. AWS also provided DNS 6-4 and NAT 6-4 for backward compatibility with IPv4.

  • ENA Express: This new feature allows for 25 Gbps flows between EC2 instances in the same availability zone, improving network performance and reducing latency for traffic over the AWS network.

  • VPC Size and Architecture: AWS now supports up to 256,000 in-use IPs per VPC and 512,000 IPs for a peered group of VPCs. The presenters emphasized both vertical and horizontal scaling of VPCs for better design and management.

  • AWS Cloud WAN: This service simplifies global network connectivity by using the AWS global backbone, eliminating the need for manual peering connections between regions and enabling dynamic route advertisements.

  • Amazon VPC Lattice: A new service that simplifies application layer networking across compute options, without requiring sidecar proxies or extensive networking knowledge. It supports overlapping IP addresses and accommodates existing network configurations.

  • AWS Network Manager Enhancements: The service now offers a unified view of network operations, including new infrastructure performance insights for the AWS global backbone and CloudWatch Internet Monitoring for public-facing endpoints.

  • AWS Verified Access: A new service that improves security posture by evaluating user access policies and integrating with trust providers. It aims to simplify operations and increase workforce mobility by allowing browser-based access to applications within AWS.

The session highlighted AWS's commitment to continuous innovation in networking and security, addressing the evolving needs of customers for scalability, performance, and ease of use.

Advanced Serverless Workflow Patterns and Best Practices Api309Advances in Machine Learning That Make Alexa Sound Human like Alx202