Published 8月 29, 2021 by with 0 comment

AWS TGW Reference Architectures for Multi-VPC - 1/5 - Brief


The architecture will share 5 topics:
1. AWS TGW Reference Architectures for Multi-VPC - 1/5 - Brief
2. AWS TGW Reference Architectures for Multi-VPC - 2/5 - Inbound Traffic
3. AWS TGW Reference Architectures for Multi-VPC - 3/5 - Outbound Traffic
4. AWS TGW Reference Architectures for Multi-VPC - 4/5 - East-West Traffic
5. AWS TGW Reference Architectures for Multi-VPC - 5/5 - Backhaul to On-Premises Traffic




1. AWS TGW Reference Architectures for Multi-VPC - 1/5 - Brief

This architecture will include:
AWS Virtual Private Cloud (VPC),
AWS Elastic Compute Cloud (EC2),
AWS Internet gateways (IGW)
AWS Virtual Private Network (VPN)
AWS Transit Gateway (TGW),
AWS Application Load Balancer (ALB),

This architecture also called Centralized design model,
I segment the Web and APP resources across multiple VPCs and connect into a Hub-and-Spoke topology.
The hub of the topology, is the TGW.

There are two Firewalls (FW) in the Security VPC, the traffic between the Internet and VPCs or On-Premises will be filter and check by FW.
I will step by step to share my experience to explain the traffic different behavior when traffic flow go through different devices.
For example, When Traffic go out form ALB, the source IP and destination IP will be change.

In the design, FW need to do Source NAT (SNAT) or Destination NAT (DNAT) for symmetric routing.


Reference:


最初發表 / 最後更新: 2021.08.29 / 2021.10.03

0 comments:

張貼留言