Module 5 (Networking & Content Delivery)

Question 1

What is a network?

Answer 1

2 or more machines, connected & can communicate, this requires a network device (router)

Question 2

What are the two types of IP addresses?

Answer 2

• IPv4 (32bit address)

- IPv6 (128bit address m)

Question 3

What is an OSI model?

Answer 3

Open System Interconnection = to explain how data travels over a network
- consists of seven layers

Question 4

What are the 7 layers of an OSI model?

Answer 4

1) physical (uses bluetooth, DSL or ISDN)
2) data link (uses ethernet, vlan or wifi)
3) network (uses IP, ICMP or EIGRP)
4) transport (uses TCP, UDP, ESP)
5) session (uses SCP, NetBIOS, PAP)
6) presentation (uses JPEG, MPEG, TLS, LPP)
7) application (uses FTP Telnet, SSH, HTTP)

Remember: Please Do Not Throw Sausage Pizza Away)

Question 5

What is a CIDR?

Answer 5

way to express a group of IP addresses that are consecutive to each other

= Classless Inter-Domain Routing

use case: Subnet of VPC requires own CIDR block, for each CIDR block AWS reserves 5 IP addresses: (reserved IP addresses)

1) network address
2) VPC local router (internal communication)
3) DNS resolution
4) future use
5) network broadcast address

Question 6

What is an elastic network interface?

Answer 6

= virtual network interface that you can attach to an instance or detach from the instance & attach it to a new one
-> to redirect traffic

Question 7

What is a route table?

Answer 7

= set of rules (=routes) to direct network traffic to and from subnet

-> each subnet must be associated with route table

Question 8

What is an internet gateway?

Answer 8

= VPC component to communicate between instances in your VPC & the public internet

Why?
To provide target in VPC route tables for internet traffic, to perform network address translation for instances assigned to public IPv4 addresses

Question 9

What is a NAT gateway?

Answer 9

Network Address Translation = so that instances in a private subnet can connect to the internet and other AWS services (without the public internet!)

Question 10

VPC sharing vs. VPC peering

Answer 10

Sharing = share subnets with other AWS accounts in same org
Peering = privately route traffic between two VPCs (even between regions and different AWS accounts)

Question 11

How can you connect a remote corporate data center to the VPC?

Answer 11

• attach virtual private gateway to the VPC
• create AWS site-to-site VPN conection
• configure routing to pass traffic through connection

Question 12

What do you do if performance is negatively affected because remote data center is located away from region?

Answer 12

AWS direct connect establishes a private network connection to customer gateway and data center

Question 13

How can you connect 100s of VPCs together?

Answer 13

AWS transit gateway

Question 14

How can you build in security in VPC?

Answer 14

• security groups: virtual firewall at instance level, filter traffic, allow
• ACLs: subnet level, control in & outbound traffic, deny or allow

Question 15

What is Amazon Route53?

Answer 15

DNS resolution, translate internet name to corresponding IP address

Question 16

Is Route53 deployed across regions?

Answer 16

Yes by using Elastic Load Balancer

Question 17

What is Amazon CloudFront?

Answer 17

Content Delivery Service using global network of edge locations, relying on Route53 geolocation routing

-> why? Performance decreases if request is routed through too manu different networks)

Question 18

What is the smallest size subnet in VPC?

Answer 18

/28 in CIDR

Question 19

What is the max. Size IP address range in VPC?

Answer 19

/16 in IP