AWS Direct Connect – Connectivity Matters!

I had some discussion about AWS (Amazon Web Services) and how to connect to their services, specifically when you run production workloads on virtual machines in AWS. Bringing workloads to public clouds means that your business and/or your customers are more dependent on their (internet) connectivity to be able to reach the workloads running on a public cloud environment.

Connectivity matters

There are multiple solutions out there to make your internet-facing connections highly available. Bandwidth-wise there aren’t any challenges, aside from the costs… in the Netherlands at least. It is easy to get a 1GbE or better connection from your data center or office location(s).

The thing we were discussing, is the latency between you and your public cloud services. Even though it strongly depends on what workloads you are planning to run in AWS, you want a decent user experience. Thus the lowest possible network latency towards that workload. That brings us to www.cloudping.info. A nifty web tool to give you an idea of what your latency is to the regions from where AWS offers its services. Its output looks like this:

awscloudping

Since I’m in the Netherlands, the EU Frankfurt site in Germany is the closest AWS site for me. So an average ping time of 23ms… Note: This number depends strongly on how your internet provider or your data center is connected to AWS via peering on various Internet Exchanges or via transits.

It is interesting to discuss how ‘good’ or bad 23ms really is.

But if the latency is not up to par, and you are planning to offload some serious workloads in AWS, you do have another option! You are able to connect to AWS via AWS Direct Connect rather that over the internet using VPN.amazon-aws

What is it?

So AWS Direct Connect is what it says it is. It is a direct connection from your internal network(s) to the AWS services either over a direct 1GbE or 10GbE connection(s).

Lower latency is cool, but there are more advantages using Direct Connect. Think about:

  • Savings on bandwidth on your internet feed.
  • More predictable network performance and capacity towards your workloads.
  • Private connection instead off traversing the internet.
  • No need for slow(er) and perhaps more complex VPN constructions.
  • Ability to configure multiple virtual interfaces using VLANs. It is even a requirement that your terminating device supports 802.1Q VLANs.

Needless to say, there will be costs involved. You will be charged for a port-per-hour rate and per GB of data transfer Out of AWS. Data transfers In are free of charge.

The sites on where to direct connect with AWS are scarce. Looking at my situation, I will be able to order a Direct Connection from the Equinix AM3 site to and from the EU Central (Frankfurt) region. That still means I need to have connectivity from my datacenter/office to the Equinix AM3.

Even if your network is not present at an AWS Direct Connect location, you are still able to use the so called AWS APN Partners. These partners will help you connect your network to a AWS Direct Connect location.

Check the following links for more information:

To conclude

It makes perfect sense to me to have a dedicated, direct connection to your public cloud provider of choice if you are planning on running serious production workloads there. It is good to understand what the impact of the latency is for your business and/or customer. So keep this topic in check when architecting your infrastructure when it incorporates public clouds!

I’m pretty curious to see who out there is currently using AWS Direct Connect or it’s Google and Azure equivalent Google Direct Cloud or Azure ExpressRoute. Please let me know if you use any of these!!

Leave a Comment

Comments

No comments yet. Why don’t you start the discussion?

    Leave a Reply

    Your email address will not be published. Required fields are marked *

     

    This site uses Akismet to reduce spam. Learn how your comment data is processed.