AWS (BGP)
AWS (BGP)
WAN (OSPF/BGP)
WAN
(OSPF/BGP)
CORE (OSPF)
CORE (OSPF)
BACKBONE (OSPF / 0.0.0.0)
•
What to advertise to the VPC?
• The notorious asymmetric routing problems.
• Tw o flavors, one below.
• Somew here you have to NAT or ELB.
• TIP: Routing policy on campus MUST compliment AWS.
Ad v e r t i s e
Reply to
client.
Receive
RFC1918 +
Routable
<--------
RFC1918 +
Routable
------
Client
Request
From
Routable
Need ELB
Routing Design
•
Tethering To Campus
Campus Services
AD
LDAP
•
VPN / DC
AWS
VPC
Internet
Core VPC & DMZ VPC
Campus Services
AD
LDAP
VPN / DC
AWS Core
Campus Services
AD
LDAP
(replication)
VPC Peering
No transit to campus.
AWS DMZ
VPC
Internet