1

00:00:03,310  -->  00:00:09,650
welcome back to Backspace Academy in
this lecture on AWS Direct Connect which

2

00:00:09,650  -->  00:00:15,890
is AWS is service for creating a
physical connection between your

3

00:00:15,890  -->  00:00:21,860
on-premises network and AWS I'll talk
about the networking concepts involved

4

00:00:21,860  -->  00:00:26,900
in doing a direct connect connection
I'll talk about an example the

5

00:00:26,900  -->  00:00:31,310
connection process that is involved to
setup a connection and also the concept

6

00:00:31,310  -->  00:00:38,749
of virtual interfaces so AWS Direct
Connect is a dedicated network

7

00:00:38,749  -->  00:00:43,789
connection between your on-premise
network and AWS this is something to

8

00:00:43,789  -->  00:00:48,979
consider if you are a medium to large
organization or even if you are a small

9

00:00:48,979  -->  00:00:56,420
organization that requires high-speed
access to your AWS infrastructure from

10

00:00:56,420  -->  00:01:02,179
your on-premises network you do that
through connecting to an AWS Direct

11

00:01:02,179  -->  00:01:08,060
Connect location or you can use an AWS
partner and you do that over a standard

12

00:01:08,060  -->  00:01:13,790
one gigabit or 10 gigabit ethernet
fiber-optic cable there are sub 1g

13

00:01:13,790  -->  00:01:18,800
connections available but they are only
available through AWS partners and it

14

00:01:18,800  -->  00:01:31,010
uses industry standard 802.11 n
high-level talk about networking we're

15

00:01:31,010  -->  00:01:37,910
not going to go into route tables we're
not going to go into bgp protocol or

16

00:01:37,910  -->  00:01:42,230
anything like that that's really the
domain of a professional level

17

00:01:42,230  -->  00:01:45,740
certification and we're just looking at
an associate level certification it's

18

00:01:45,740  -->  00:01:51,170
going to be very high level very simple
so of the basic things we need to

19

00:01:51,170  -->  00:01:55,250
understand that there is a Virtual
Private gateway will be required at your

20

00:01:55,250  -->  00:02:02,170
VPC and there will be a customer router
required at your premises

21

00:02:02,170  -->  00:02:07,030
this connection can be partitioned into
multiple virtual interfaces and this

22

00:02:07,030  -->  00:02:11,970
allows the separation of public and
private traffic so we can have a public

23

00:02:11,970  -->  00:02:18,459
virtual interface which would allow
access to our public IP address space

24

00:02:18,459  -->  00:02:25,989
that is used by for example an Amazon s3
bucket or we can have or and or we can

25

00:02:25,989  -->  00:02:32,380
have a private virtual interface that
can allow access to our private IP space

26

00:02:32,380  -->  00:02:38,980
inside our virtual private cloud we
should also consider having redundancy

27

00:02:38,980  -->  00:02:47,170
set up by having failover to a standard
VPN connection here we have a very

28

00:02:47,170  -->  00:02:52,030
high-level example of what direct
connect looks like if it's connected to

29

00:02:52,030  -->  00:02:58,299
our customer network here we can see we
have in the blue our private virtual

30

00:02:58,299  -->  00:03:02,350
interface and in the red we have our
public virtual interface looking at our

31

00:03:02,350  -->  00:03:06,280
public virtual interface here in the red
it's going to connect our customer DMZ

32

00:03:06,280  -->  00:03:13,329
through to our customer router and then
on to our partner router or on to our

33

00:03:13,329  -->  00:03:19,720
direct AWS direct connect router out to
our public IP address space within that

34

00:03:19,720  -->  00:03:26,140
AWS infrastructure and on the private
virtual interface in blue we can see

35

00:03:26,140  -->  00:03:31,510
that's going to connect our on-premise
private network through again through

36

00:03:31,510  -->  00:03:38,170
our customer router on through to the
AWS connect router to our private IP

37

00:03:38,170  -->  00:03:45,519
space in our virtual product cloud so
that's a very high-level overview

38

00:03:45,519  -->  00:03:53,620
of AWS direct connect the connection
process for establishing a direct

39

00:03:53,620  -->  00:03:59,079
connect connection involves first going
to the AWS management console and

40

00:03:59,079  -->  00:04:06,819
creating a connection request once that
request is confirmed you will then be

41

00:04:06,819  -->  00:04:12,239
able to download your letter of
authorization from the AWS management

42

00:04:12,239  -->  00:04:19,150
console once you have that letter of
authorization you can then provide that

43

00:04:19,150  -->  00:04:23,650
to your APN partner or service provider
who will then establish that connection

44

00:04:23,650  -->  00:04:31,270
for you then once that connection is up
and running you can use the management

45

00:04:31,270  -->  00:04:36,400
console to then configure one or more
virtual interfaces to establish network

46

00:04:36,400  -->  00:04:43,120
and connectivity between your on-premise
and your AWS infrastructure so once you

47

00:04:43,120  -->  00:04:49,360
have your direct connection ation up and
running you can then create public or

48

00:04:49,360  -->  00:04:53,860
private virtual interfaces so this is
the process that you would go through

49

00:04:53,860  -->  00:04:58,660
from a reasonably high level perspective
which is all you would need to know for

50

00:04:58,660  -->  00:05:04,090
the associate level certification the
first part of that process is to go to

51

00:05:04,090  -->  00:05:09,940
the management console and then create a
virtual interface within the from the

52

00:05:09,940  -->  00:05:14,860
management console and you select either
public or private in that process you'll

53

00:05:14,860  -->  00:05:20,470
then be asked to fill out the connection
details and the BGP parameters we're not

54

00:05:20,470  -->  00:05:25,840
going to talk about BGP parameters here
you won't be asked a question on that in

55

00:05:25,840  -->  00:05:31,360
the associate level exam it's beyond an
associate level certification we're just

56

00:05:31,360  -->  00:05:34,210
talking high level here so you would
fill out those connected connection

57

00:05:34,210  -->  00:05:39,599
details the BGP parameters then you can
download your configuration file for

58

00:05:39,599  -->  00:05:47,560
your own router once you've done that
and you have configured your router you

59

00:05:47,560  -->  00:05:55,930
think can create a route to the virtual
private to your VPC on AWS and you need

60

00:05:55,930  -->  00:06:01,270
that to establish connection between the
two so so that involves first going into

61

00:06:01,270  -->  00:06:08,289
again the management console and
enabling route propagation to the

62

00:06:08,289  -->  00:06:14,349
virtual private gateway and then you can
create a route in your subnet route

63

00:06:14,349  -->  00:06:21,789
tables for each individual subnet to
your virtual private gateway so that

64

00:06:21,789  -->  00:06:27,010
brings us to the end of this lecture on
Direct Connect I'll see you in the next

65

00:06:27,010  -->  00:06:29,669
lesson