Version 2 (2023) Direct Connect Architecture
Cornell migrated to this architecture in January 2023.
Internet 2 Cloud Connect Architecture
Cornell uses the Internet2 Cloud Connect (I2CC) service to private private connectivity of Cornell networks to Azure and AWS. Cornell has multiple 100Gbps connections to Internet2. In turn I2CC has multiple 5Gbps (as of ) connections to the major cloud vendors.
The I2CC service offers several benefits:
- Consolidating and simplifying configuration and management of Direct Connect for Cornell AWS accounts (compared to the previous on-campus Direct Connect architecture)
- Improving flexibility and bandwidth of Direct Connect connectivity
- Allowing private Cornell network traffic in AWS and Azure to flow between those clouds without transiting campus
Direct Connect + Transit Gateway Architecture
The architecture used to provide Direct Connect service to Cornell AWS accounts utilizes AWS Transit Gateways (one per AWS region) in a central AWS account (cu-cit-network) to which VPCs in Cornell AWS accounts are attached. Multiple VPCs in a single AWS account can be attached to Direct Connect in this way.
Each VPC connected to this architecture has full connectivity to all other VPCs connected to the architecture, without need for VPC-to-VPC peering.
For details of Direct Connect network architecture within a single account, see 2023 Cornell AWS Direct Connect Architecture Migration.