AWS Networking 101 Virtual Private Cloud (VPC) • Define and launch AWS resources in a logically isolated virtual network • VPC in AWS is R egional Resources • Each region have default VPC • Limits : https:// docs.aws.amazon.com/vpc/latest/userguide/amazon - vpc - limits.html IP Addressing • Avoid ranges that overlap with other networks to which you might connect • Recommended : RFC 1918 Range • Size : / 16 (Maximum) to / 28 (Minimum) • Can have a dual - stack VPC by adding an IPv 6 CIDR • Fixed sizes for VPC and subnets : / 56 for VPC CIDR and / 64 for subnets Subnets • A subnet is a range of IP addresses in our VPC We can launch AWS resources, such as EC 2 instances, into a specific subnet • When we create a subnet, we specify the IPv 4 /IPv 6 CIDR block for the subnet, which is a subset of the VPC CIDR block • Each subnet must reside entirely within one Availability Zone and cannot span cross zones VPC Routing • Route tables contain rules for which path packets go to reach the destination • Our VPC has a default route table • But , we can create and assign different route tables to different subnets DNS in VPC DNS – Route53 Hybrid DNS Resolution https://aws.amazon.com/ar chitecture/reference - architecture - diagrams/ Security • Security Groups • Network ACL • Network Firewall • VPC Flow Logs • Traffic Mirroring Security Groups and Network ACL Security Groups vs Network ACL Network Firewall – Example Use Case https://aws.amazon.com/architecture/ reference - architecture - diagrams/ VPC Connectivity Options • Internet Connectivity or NOT • Connecting to other VPCs : VPC Peering and Transit Gateway • Connecting to on premise networks : Site to Site VPN, Direct Connect, Client VPN Public vs Private Subnet Connecting VPCs : VPC Peering Connecting VPCs : VPC Peering and TGW AWS Site to Site VPN AWS Direct Connect