...
What is the Cornell Standard VPC?
See The Cornell “Standard” AWS VPC.
Why can't I connect to my EC2 instance?
...
Code Block |
---|
$ traceroute -T -p 389 ad10.cornell.edu traceroute to ad10.cornell.edu (10.92.36.80), 30 hops max, 60 byte packets 1 ip-10-92-36-80.ec2.internal (10.92.36.80) 7.740 ms 7.711 ms 9.136 ms |
Do I need multiple NAT Gateways?
VPCs created by the Cloud Team for Cornell AWS customers generally contain only a single NAT Gateway. This NAT Gateway provides access to the public internet for private subnets in the VPC. All private subnets in the VPC are configured to use the same NAT Gateway, regardless of the Availability Zone of the private subnet. This means that the NAT Gateway is a single point of failure because the resources in your private subnets may not be able to reach the internet if the AZ where the NAT Gateway resides experiences network issues.
If you require high availability and resiliency for the deployments in your private subnets, you may want to consider adding additional NAT Gateways to your VPC. You would want one NAT Gateway in each Availability Zone where your private subnets reside.
The downside of multiple NAT Gateways is that each one costs about $1/day to run, and some Cornell AWS customers do not consider the high availability worth that cost.
Email cloud-support@cornell.edu if you'd like help setting up additional NAT Gateways in your Cornell AWS account.
Working with Data
When should I use Direct Connect and when should I use the public internet to transfer data?
...