Category Archives: AWS

AWS re:Invent 2019 Networking updates and a bit key notes


  • Transit gateway multicast
  • Transit gateway inter regions peering
  • VPC ingress routing (good for bump-in-the-wire/in-line designs)
  • Routing domains concept also very good if we leverage  properly , will be more benefited for hybrid connectivity models.
  • Direct GW can connect upto three transit GW’s
  • AWS transit GW manager
  • VPC Route table hold upto 1000 routes
  • Transit GW holds upto 5000 routes
  • Certification based authentication for VPN
  • Traffic mirroring (similar to span)
  • VPN connectivity , with ECMP scale upto 50g with transit GW
  • New partner connection speeds 1,2,5 and 10g
  • Client- site vpn supports split tunneling
  • VPC endpoint interface services increased and introduced policies
  • 41 services supported on aws private link
  • Aws outposts enhancements( infra and services) on- prem
  • Aws local zones(avail in LA)
  • AWS accelerated site-site VPN

Key Notes:

  • Hypervisor with nitro system
  • Nitro enclaves
  • Chip innovations – Amazon graviton 2 -processors
  • M6g, r6g, c6g (64 vcpu, 25 gps networking
  • 40% over rice/performance over intel
  • Inf1 instance 
  • 84% of kubernetes runs on aws cloud
  • Amazon fargate for amazon eks

Simple Reference Architecture with New feature

For more info., please go through below URL which has very good data.

What is Vmware on AWS in my own words!!

Off course, majority of my network guys are already aware of this concept, just I am posting from my prospective by adding network info because end of the day application performance  not only depends on code, infrastructure also plays a key role!

In simple manner – AWS is COLO for Vmware cloud and top of that, vmware does not have datacenters across the world so, they are leveraging  AWS datacenters and calling it as “VMWARE Cloud on AWS”

My prospective, both are two different public cloud entities which means, who is expert on AWS can`t work on Vmware cloud and vice-versa !

      1) VMWare has placed their infrastructure in AWS and built public cloud with Vspehre,VSAN and NSX

    2) You cannot consume any of AWS services (EC2/ on) and also, terminology  in vmware is completely different.

  3)  Just you create SDDC on vmware cloud (public cloud) and extend to your        vsphere on-prem.

  4)  Once you create SDDC on vmware cloud automatically VPC gets created to AWS and you will get access to AWS work loads

  5)  Latency between Vmware and AWS cloud is less than 1 ms(I was told by one the expert, I suggest we should try this before conculde)

  6)  How the AZ(Availability Zone)  concepts works, just placing their infra in different AZ`s in same location and extend VSAN and NSX

  7) As of now, they have foot prints in couple of regions in USA and ASIA(Australia) – I don’t have complete data.

8) What is AWS RDS on Vmware – Well I did the lab on the same,  here is the interesting thing,  just create RDS in AWS and add a DB strings of application servers which sits in VMware cloud and it communicates over VPC 🙂 .

     Still I am not why they call it AMS RDS on Vmware… might be they are coming up with      some more options on this, take RDS OVA and deploy on Vmware on-prem something like that but not sure how it works if that is the case then we can call it AWS RDS on VMware

AWS limitations

Good to know the limitations of AWS, will be handy when you architect  solution on AWS and also very useful for AWS solution architect preparation.

  1. Two hundred subnets per Amazon VPC
  2. One Internet Gateway per VPC
  3. Five Virtual Private Gateways per AWS account per Region
  4. Fifty Customer Gateways per AWS account per Region
  5. Ten IPsec VPN Connections per Virtual Private Gateway
  6. EC2 Instance – Default Limit: 20 per region
  7. EBS Volume – Default Limit: 5000 volumes or an aggregate size of 20 TiB
  8. Elastic IP – Default Limit: 5 per region
  9. Elastic Load Balancer – Default Limit: 10
  10. High I/O Instance – Default Limit: 2
  11. Virtual Private Cloud – Default Limit: 5
  12. EC2 Security Groups (EC2 Classic)- Max: 500 in each region for each account, and each Security Group can have a maximum of 100 rules/permissions.
  13. EC2 Security Groups (EC2-VPC) – Up to 100 security groups per VPC

Source :  —> Added Missed stuff.