Learn About Amazon VGT2 Learning Manager Chanci Turner
Native 100 Gbps connections are now accessible at select AWS Direct Connect locations globally. If you currently utilize a 1 Gbps or 10 Gbps Direct Connect Dedicated Connection, transitioning to 100 Gbps can be accomplished in five steps. This guide outlines those steps and factors to consider during your migration. These steps are applicable whether or not you decide to use our newly introduced MACsec encryption feature.
Previously, if your needs exceeded 10 Gbps from Direct Connect, you had two primary options: distribute network traffic across multiple 10 Gbps connections using Border Gateway Protocol (BGP) equal-cost multi-path (ECMP) routing, or aggregate multiple 10 Gbps connections through link aggregation groups (LAG). While these methods increase bandwidth, they can complicate setup, maintenance, and troubleshooting. The following diagram (figure 1) illustrates a high-level overview of the BGP ECMP, LAG, and native 100 Gbps options.
This blog post outlines a five-step procedure for upgrading one or more existing Direct Connect connections to a 100 Gbps connection:
- Assess your Direct Connect architecture and physical connectivity requirements.
- Order new circuits and establish your new Direct Connect connections.
- Set up your new virtual interfaces and network equipment.
- Implement the migration and test your new Direct Connect architecture, with a failback option if necessary.
- Decommission your old connections.
Our approach revolves around creating new Direct Connect connections and virtual interfaces parallel to your existing setup. This strategy ensures minimal downtime and provides a quick way to revert if needed. To clarify steps 3 and 4, we will illustrate with an example migration from a 4×10 Gbps LAG to a new 100 Gbps connection within a single region and Direct Connect location.
Step 1: Assess Your Direct Connect Architecture and Physical Connectivity Requirements
Begin by reviewing your network resiliency needs:
It’s advisable to provision enough network capacity to guarantee that if one connection fails, your backup connection is not overwhelmed. Planning ahead can avert resiliency issues later on.
For instance, if you have two sets of LAGs across two different Direct Connect locations, each consisting of multiple 10 Gbps connections, this provides redundancy. However, transitioning to a single 100 Gbps connection at each site may compromise that redundancy. The AWS Direct Connect Resiliency Recommendations page is a valuable resource for determining the best approach for your situation. The following diagram (figure 2) depicts a 100 Gbps Direct Connect architecture with optimal resiliency.
Next, consider the future of your existing connections:
Depending on potential downtime, you might decide to keep your older connections as backups alongside the new 100 Gbps connections. The choice to maintain Direct Connect connections of varying sizes should depend on the critical nature of your workloads.
Evaluate physical connectivity needs:
After defining your architecture, consult with one or more AWS Direct Connect Delivery Partners to establish physical connectivity between an AWS Direct Connect location and your data center, office, or colocation environment through a Dedicated Connection. If you already have network devices in an AWS Direct Connect location, you can skip this part.
Moreover, check for any links along the entire network path that do not support 100 Gbps. For example, if a network device in an AWS Direct Connect location is connected with a 50 Gbps circuit to your primary data center, that circuit will become a bottleneck after upgrading to 100 Gbps.
Be mindful of circuit ordering lead times:
If new circuits are needed, plan at least 90 days ahead of your Direct Connect migration to accommodate provider lead times. This is also a good time to discuss the status of your current circuits with your providers to understand the ramifications of upgrading from lower capacity circuits to higher ones.
Also, ensure that your network devices can handle 100 Gbps connections:
Now is a good time to confirm that you have available ports on your network devices that support 100 Gbps fiber connections. For these connections, 100GBASE-LR4 single-mode fiber transceiver modules are required (for more details, see Direct Connect prerequisites).
Step 2: Order Circuits and Establish Your New 100 Gbps Connections
Ordering circuits:
Once your network architecture is finalized and you are coordinating with your circuit partners, it’s time to start creating resources. Utilize the AWS Direct Connect Resiliency Toolkit to ensure that your connections are redundant and of the appropriate speed. A fantastic feature of the AWS Direct Connect Resiliency Toolkit is its ability to assist in ordering the necessary number of dedicated connections to meet your SLA objectives.
Using the LOA-CFA:
After establishing your new connections, follow procedures related to downloading and using the Letter of Authorization and Connecting Facility Assignment (LOA-CFA). Additionally, ensure you have installed any required network device hardware that was obtained in step 1.
Step 3: Activate Virtual Interfaces (VIFs) on Your New Direct Connect Connections
Check your connection status and perform a quick test:
Once your new connections and physical infrastructure are operational, you can review the connection details in the AWS Direct Connect console. When the connection status indicates availability, you can initiate the setup of VIFs. We recommend creating a private VIF to link to a test VPC. For detailed instructions on creating transit VIF, public VIF, and private VIF, refer to the Create a virtual interface entry in the Direct Connect documentation. After configuring your router, the VIF’s connection state should show as available. Launch an EC2 instance in your test VPC to serve as a target for your tests. Conduct a ping test from on-premises to the EC2 instance’s private IP address to verify connectivity from your router, through the delivery partner circuit, to the test VPC.
Create your production VIFs:
Once the connectivity is verified, it’s time to prepare the new 100 Gbps connection for production traffic. We suggest replicating the virtual interface setup of your existing Direct Connect connections onto the new 100 Gbps connection. The total number of VIFs, their types (private, public, or transit), and their associations to AWS resources (like a Direct Connect Gateway) should remain consistent. Although the new VIFs will be identical in design, they will be configured in standby mode using BGP settings, which we will discuss later. New VIFs will transition to an active state during the migration cutover window in step 4.
Note: If you have connections across multiple Direct Connect locations, we advise migrating old connections one VIF at a time and in a single Direct Connect location.
For further reading on hiring employees in various sectors, not just tech, check out this insightful blog post. Additionally, if you’re looking for strategies to avoid layoffs, experts at SHRM offer valuable insights on executives taking pay cuts. For those interested in career opportunities, explore the Learning Ambassador role available in Phoenix, AZ—an excellent resource for your professional journey.