What is the reason why a third -party virtual router is active on AWS?: Flapping!Network engineer (45)

This article is limited to members.You can see everything by registering (free).

Series: flapping!Network engineer

The information research group sponsored by the author invited Mr. Kazuhiro Yamaha Satoyoshi Kazuhiro on September 25, 2021 to talk about virtual routers used on Amazon Web Services (AWS).Participants were interested, and it took an hour to exchange questions and opinions for more than an hour of lectures.A third -party virtual router is active on AWS.This time, I will introduce the merits of virtual routers and the future use.

I was interested in Yamaha's virtual router "VRX" (AWS version) 5G networks at Makino Milling Works ("What are the 5Gs required by companies? Why did Makino Fried Works choose" KDDI 5G + AWS Wavelength "?This is because it is used in "AWS Wavelength" used by).It was Jun Shizuri, a specialist, the information system department of the Makino Makino Fried Manufacturing Division, who decided to adopt the VRX.AWS does not provide VPNs that can be used in AWS Wavelength, so if you try to use VPN, the user needs to prepare it.Shizuri chose VRX among multiple options, including "OpenVPN", because it is stable, expandable and secure.

Knowing VRX, as the future corporate network is in the cloud, I thought that virtual routers would be even more important in the future, so I asked Mr. Satoshi to give a lecture.Let's look at what AWS can do with the virtual router and what you can do with VRX.

AWS has a site between sites using VGW (Virtual Private Gateway) and a client VPN that uses a client VPN endpoint as shown in Fig. 1.

VPN between sites can connect up to 50 locations using IPsec.These 50 numbers are the neck of expandability and cannot be used for multi -base networks.In addition, the specifications of protocol IKE (Internet Key Exchange), which exchanges information to establish SA (Security Association) on IPsec, will be changed quite frequently.Suddenly, the connected router cannot be connected.

The client VPN allows us to connect up to 2000 clients using OpenVPN.It can be said that there is considerable expandability.However, OpenVPN is not supported by iOS or Android, and needs to install an application for OpenVPN.

VRX is installed in the subnet as an instance as "Amazon Elastic Compute Cloud" (AWS EC2) instance as shown in Fig. 2.