AWS Network and Content Delivery - Networking & Content Delivery Flashcards
How many bits is an IPv4 address, and what does an IPv4 address look like?
An IPv4 address is 32 bits long and is typically expressed in dotted-decimal notation, like “192.168.0.1”.
VPC-Private-Subnet-Diagram-With-VPC-Endpoints
AWS Virtual Private Cloud (VRF if you wish) is limited to a single region. It can have many subnets, each subnet limited to a single availability zone. AWS is obviously enforcing very strict fault isolation.
mermaid
AWS accounts can access resources in multiple regions.
Within each region, you can have multiple Virtual Private Clouds (VPCs).
Each VPC exists within a single region and cannot span multiple regions.
Within each VPC, you can create one or more subnets.
Each subnet is associated with a single Availability Zone and cannot span multiple Availability Zones.
A subnet is a range of IP addresses in your VPC where you can create AWS resources, such as EC2 instances.
When you create a subnet, you specify its IP addresses, depending on the configuration of the VPC.
The 4 types of subnets include Public subnet, Private subnet, VPN-only subnet, and Isolated subnet.
The minimum size of a subnet is a /28 (or 14 IP addresses) for IPv4.
In the context of AWS VPCs, the allowed block size is between a /16 netmask (65,536 IP addresses) and /28 netmask (16 IP addresses).
However, AWS reserves the first four IP addresses and the last IP address of each subnet for IP networking purposes.
For IPv6, the subnet size is fixed to be a /64. Only one IPv6 CIDR block can be allocated to a subnet.
A VPC in AWS has several attributes that are not specific to its subnets.
These include DNS attributes, Amazon DNS server, DHCP option sets, Flow Logs, IP Address Manager (IPAM), Ingress Routing, Network Access Analyzer, Network Manager, Reachability Analyzer.
connecting to s3 bucket over internet with nat gatewayreplace the NAT gateway with a VPC endpoint so that we can reach S3 (or any other AWS service) without connectivity to the outside
replace the NAT gateway with a VPC endpoint so that we can reach S3 (or any other AWS service) without connectivity to the outside
private connection vpc endpoint goes with card 3
private ways to connect to s3 bucket
POST SMART” Linkedin
Here’s how to associate each letter with a writing aspect:
P - Purposeful Topic: Start with a purposeful topic that aligns with your professional expertise or industry trends. Choose something that provides value or insights to your LinkedIn network.
O - Organized Structure: Ensure your article has a clear and organized structure. Use headings, subheadings, and bullet points to make it easy for readers to follow along.
S - Storytelling: Incorporate storytelling to make your article engaging and relatable. Share personal anecdotes or real-world examples to illustrate your points.
T - Target Audience: Keep your target audience in mind. Write with your LinkedIn connections in mind, addressing their interests, challenges, and needs.
S - Strategic Keywords: Use strategic keywords relevant to your industry or topic. This can improve the discoverability of your article on LinkedIn and through search engines.
M - Meaningful Content: Provide meaningful and valuable content. Offer insights, tips, or solutions that your readers can apply in their professional lives.
A - Authentic Voice: Write in an authentic voice that reflects your personality and expertise. Avoid overly formal language and aim for a conversational tone.
R - Relevant Visuals: Include relevant visuals such as images, infographics, or charts to enhance your article and make it visually appealing.
T - Thoughtful Conclusion: Conclude your article thoughtfully. Summarize key points, invite readers to share their thoughts in the comments, or encourage them to take a specific action.
C-EP-EAS-PAI-EMII-CII
CEPE ASP IMIICIICII
Cogently, Eloquently, Perspicaciously, Eruditely, Astutely, Sagaciously, Profoundly, Acutely, Incisively, Meticulously, Invariably, Ineffably, Conclusively, Incontrovertibly, Inherently, Inimitably, Ineffaceably, Inscrutably, Inexplicably, Inextricably.
How many bits is an IPv6 address, and what does an IPv6 address look like?
An IPv6 address is 128 bits long and is expressed in hexadecimal notation with colons, like “2001:0db8:85a3:0000:0000:8a2e:0370:7334”.
What does a CIDR notation show, and what does it look like?
IP_address/prefix_length
CIDR notation represents IP addresses and their associated routing prefix. It looks like “IP_address/prefix_length”, e.g., “192.168.0.0/24”.
What is the OSI model, how many layers are there, and which layers does Amazon handle, and which layers does the customer handle?
N/AP 3/57
The OSI model has seven layers. Amazon primarily handles the networking layers (Layer 3 and below , while customers are responsible for the application and presentation layers (Layers 5-7 .
OSI MMEMONIC
All (Application)
People (Presentation)
Seem (Session)
To (Transport)
Need (Network)
Data (Data Link)
Processing (Physical)
OSI MMEMONIC
USS TPFP
What is Amazon VPC?
LOGICAL PRIVATE CLOUD TO LAUNCH
Amazon VPC Virtual Private Cloud is a service that lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.
What does Amazon VPC allow you to select or enable?
I Create Cool SBNT TABLE Networks GATEWAY Really!”
Now, let’s break it down:
I (IP Address Range): This reminds you of the initial step, defining the IP address range for your network.
Create (Create Subnets): This represents the next step, where you create subnets based on the defined IP address range.
Cool (Configure Route Tables): This part reminds you to configure route tables to manage the traffic flow within your network.
Networks (Set Up Network Gateways): The last part of the phrase reminds you of setting up network gateways, which is crucial for connecting your network to the external world.
Amazon VPC allows you to select your own IP address range, create subnets, configure route tables, and set up network gateways.
What does Amazon VPC allow you to select or enable? 2
“Ninja SDV EV”
“Ninja SVD EV”
Network Access Control Lists (NACLs)
Security Groups
Direct Connect
Virtual Private Network (VPN) Connections
Direct Connect
ELASTIC Load Balancers
VPC Peering
How many regions and how many availability zones can a VPC span?
VPC NO MAZ ACROSS DIFFERENT REGIONS . SBNT WI VPC SBNT W SPECIFICE AZ WI
A VPC can span all AWS regions and multiple availability zones within each region.
However, a single VPC cannot span multiple availability zones across different regions. When you create subnets within a VPC, those subnets can be associated with specific availability zones within the chosen region.
What is a subnet, and how can they be classified?
IP RANGE IN VPC/PUB AND PRIV
A subnet is a range of IP addresses in your VPC. Subnets can be classified as public or private, depending on whether the instances in the subnet are exposed to the internet.
How many availability zones can a subnet span?
VPC MULTIPLE SBNT =1AZ
SBNT SPAN MAZ WI 1 REGION RESOURCE EC2 1 SBNT AT A TIME
In AWS (Amazon Web Services), a subnet can span multiple availability zones (AZs) within a single AWS region. Each subnet is associated with a specific availability zone. By spanning subnets across multiple availability zones, you can design your infrastructure to be more resilient to failures in a single availability zone.
Keep in mind that while a subnet can span multiple availability zones, a resource (e.g., an EC2 instance) can only be associated with one subnet at a time. When designing for high availability, you distribute your resources across multiple subnets, each in a different availability zone, and use features like Elastic Load Balancers, Auto Scaling Groups, and Route 53 for effective load balancing and failover.
Can you change an IP address range after you create the VPC?
No, you cannot change the IP address range of an existing VPC after it has been created.
What is the difference between a public subnet and a private subnet?
ROUTE TO
A public subnet has a route to the internet, while a private subnet does not have a direct route to the internet.
What is the smallest and what is the largest IPv4 CIDR block that you may use?
28/16 16/65536
The smallest IPv4 CIDR block is a /28 (16 IPv4 addresses , and the largest is a /16 (65,536 IPv4 addresses .
How many IP addresses within a CIDR block are reserved for AWS use and not available to the customer?
NA VPC ROUTER DNS FU NBA
The first four and the last IP address in a CIDR block are reserved for AWS use and are not available to customers0.1: Reserved by AWS for the VPC router.
0.0: Network address.
0.2: Reserved by AWS. The IP address of the DNS server is the base of the VPC network range plus two. …
0.3: Reserved by AWS for future use.
0.255: Network broadcast address..
What are the reserved addresses, and what are they used for?
NA VPC ROUTER IPDNS SERVER FUTURE NETWORK BROADCST ADDRESS
What are 5 reserved IP addresses in AWS?
0.0/24 , the following five IP addresses are reserved:
0.0: Network address.
0.1: Reserved by AWS for the VPC router.
0.2: Reserved by AWS. The IP address of the DNS server is the base of the VPC network range plus two. …
0.3: Reserved by AWS for future use.
0.255: Network broadcast address.
What are 5 reserved IP addresses in AWS?
0.0/24 , the following five IP addresses are reserved:
0.0: Network address.
0.1: Reserved by AWS for the VPC router.
0.2: Reserved by AWS. The IP address of the DNS server is the base of the VPC network range plus two. …
0.3: Reserved by AWS for future use.
0.255: Network broadcast address.
What is an elastic IP address, and what is the benefit of using an elastic IP address?
NATG OR VMI DIS OR TERM
STATIC IPv4 DYNAMIC CLOUD COMPUTING CONSITENT IP TO MASK FAILURE OF VMI
NATG OR VMI Disaccociate or Terminate
What is an elastic IP address, and what is the benefit of using an elastic IP address?
STATIC IPv4 DYNAMIC CLOUD COMPUTING CONSITENT IP TO MASK FAILURE OF VMI
An Elastic IP address is a static IPv4 address designed for dynamic cloud computing. The benefit is that it provides a consistent IP address that you can use to mask the failure of an instance or to ensure that traffic is routed to the proper instance in your VPC.