Excerpt |
---|
These diagrams show different routing options over the Cornell Direct Connect to AWS VPCs and corresponding design considerations. |
Table of Contents |
---|
...
Glossary
Term | Definition |
---|---|
Asymmetric Routing | Condition that presents itself when network traffic between a client and its destinationfollows different paths inbound and outbound. This results in the client sending packets to one IP address but receiving responses from a potentially different IP address, preventing client and server from properly establishing two-way communication. |
AWS Private Subnet | Subnet in an AWS VPC that has no direct access to the Internet. |
AWS Public Subnet | Subnet in an AWS VPC that has direct Internet access by way of a configured Internet gateway (IGW). |
Cornell Private Network | Private IPv4 address range 10.0.0.0/8, defined in RFC 1918 for use on private/internal networks. Addresses in this range are not allowed to leave the Cornell network and route directly over the Internet. |
Cornell Public Network | Cornell's publicly routable IPv4 address ranges. |
Direct Connect | Dedicated network connection between Cornell and Amazon Web Services via AWS peering partners. Direct Connect should be treated as if it were a campus network, including leveraging transport encryption for sensitive data. See also Cornell AWS Direct Connect for Cornell. |
Internet Gateway (IGW) | AWS-managed VPC routing device that provides inbound and outbound access from a subnet to the Internet. Allows use of public IP addresses (Elastic IP) on EC2 Instances. |
Virtual Gateway (VGW) | AWS-managed VPC routing device that allows attachment to Direct Connect or VPN. |
...