AWS re:Invent 2023
Improve Web Application Performance Using Aws Global Accelerator Net327

Title

AWS re:Invent 2023 - Improve web application performance using AWS Global Accelerator (NET327)

Summary

  • AWS Global Accelerator (AGA) is a network service designed to enhance the performance, availability, and security of applications accessed by globally distributed users.
  • AGA operates at the network layer, routing user traffic through AWS's global network backbone, bypassing much of the public internet.
  • AGA provides two static IP addresses for each accelerator, which correspond to two network zones for redundancy.
  • The service supports TCP and UDP traffic and can route to various AWS endpoints like ALBs, NLBs, EC2 instances, and EIPs.
  • AGA's POPs are located closer to users, reducing latency and jitter, and it uses techniques like TCP termination to improve connection times.
  • AGA offers security benefits by reducing the public surface area of applications and integrating with AWS Shield for DDoS mitigation.
  • The service includes features like automatic health checks, failover, and traffic dials for managing traffic distribution.
  • AGA has been updated with IPv6 support, client IP address preservation for NLBs, and cross-account support.
  • The Trade Desk uses AGA to handle high request volumes and maintain a 100ms SLA for ad bidding, benefiting from AGA's traffic handling and health checks.

Insights

  • AGA's architecture is designed for high availability, with redundancy built into every level, from network zones to cells within zones, and shuffle sharding to isolate customer impact.
  • Anycast routing allows AGA to announce the same IP from all POPs, enabling traffic to flow to the nearest POP and reroute automatically in case of POP failure.
  • AGA's security features include rate limiting, always-on DDoS mitigations, and the ability to use private IP addresses in AWS regions, reducing the attack surface.
  • Performance improvements are achieved through AGA's proximity to users, AWS's backbone, and TCP optimizations like parallel three-way handshakes and TCP extensions.
  • The Trade Desk's use case illustrates AGA's ability to handle traffic spikes and provide seamless failover, which is critical for their high-throughput, low-latency requirements.
  • AGA's new features, such as IPv6 support and cross-account support, demonstrate AWS's commitment to evolving the service to meet diverse customer needs.
  • The session highlighted the importance of considering network performance and security in application deployment, especially for services with global user bases.
Improve Saas Application Security Observability with Aws Appfabric Biz213Improve Your Mobile and Web App Quality Using Aws Device Farm Fwm202