AWS Direct Connect

1.1. What is AWS Direct Connect

Linxdatacenter provides a direct dedicated Customer connection to Amazon Web Services (AWS) through a connection to the Cloud Exchange global software-defined network.

In Russia, connections are available through Linxdatacenter in Moscow and St. Petersburg, where all key carriers are present (see Appendix 1.1.) to arrange last mile connections to customer offices and data centers. On the AWS side, 28 locations are available worldwide (see Appendix 1.2.), including Europe, North America and Asia. The list of locations is constantly expanding.

DirectConnect has the following advantages:

  • flexible and scalable access speeds;
  • private access, independent of the public Internet;
  • high network performance and security;
  • improved security of data and transactions compared to using the public Internet.

Multiple virtual connections are available from a single location, providing the scalability and flexibility needed to meet business needs and create a clear cloud strategy.

Linxdatacenter Moscow Linxdatacenter Saint Petersburg 
AWS EU: Frankfurt 48 ms, 5 Mbit/s to 10 Gbit/s 38 ms, 5 Mbit/s to 10 Gbit/s
AWS EU: London 55 ms, 5 Mbit/s to 10 Gbit/s 44 ms, 5 Mbit/s to 10 Gbit/s
AWS US West: San Jose 199 ms, 5 Mbit/s to 10 Gbit/s 188 ms, 5 Mbit/s to 10 Gbit/s
AWS Asia Pacific: Singapore 273 ms, 5 Mbit/s to 10 Gbit/s 262 ms, 5 Mbit/s to 10 Gbit/s
AWS other locations By request By request

1.2 Features and Benefits
1.2.1 Working with big data:

Transferring large data sets to AWS over the Internet is time-consuming and can become costly: Internet bandwidth is divided between data and business-critical network traffic, web applications, and user access to web resources. To reduce the time it takes to transmit big data, you can increase bandwidth by turning to your existing ISP. In this case, you will need to replace or purchase expensive equipment, renew your contract, and sign a long-term commitment. Translated with www.DeepL.com/Translator (free version)

With Direct Connect, the client transmits data directly from the data center or office bypassing the Internet through a dedicated channel.

1.2.2 Real-time application data transfer

Applications that use Internet links to transmit real-time data, such as voice and video, work best with constant network performance. That said, network latency over the Internet varies because the global network consists of a large number of carriers and is constantly re-routing data from point A to point B.
Direct Connect controls data routing and ensures consistent bandwidth and network latency (jitter).

1.2.3 Hybrid environments

Direct Connect helps create hybrid environments that require private connections between distributed sites. Hybrid environments allow you to combine the flexibility and cost advantages of AWS with the Client's on-premises infrastructure.

1.3 How it works

The connection consists of a physical network connection from the customer's office or data center to Linxdatacenter's data center locations in Moscow (14, bldg. 1, 8th March street) and St. Petersburg (20a, Repischeva street), where the Cloud Exchange direct access ports are located.
Each AWS Direct Connect connection point has a high-speed fiber optic connection and API integration that simplifies ordering, provisioning and ongoing management.

1.4 Capacity

Bandwidth for the Client is scalable from 5 Mbit/s to 10 Gbit/s in 1 Mbit/s increments.

1.5 Connection options
1.5.1 Providing a direct connection to your VPC

VXC (Virtual Cross Connect) provides a direct connection to AWS VPC. A separate connection is provided for each client and each service, providing complete isolation and consistent network connectivity compared to a public Internet connection.
Direct Connect operates at Layer 3 of the OSI model (L3) and requires BGP for communication between the Client network and AWS VPC. The Customer must provide IP addressing information when ordering the connection.

1.5.2 Public virtual interface

A public virtual interface is used for guaranteed network connectivity to public AWS endpoints, such as Amazon S3, DynamoDB, and Glacier storage services.
Публичный виртуальный интерфейс позволяет подключаться ко всему пространству публичных IP-адресов AWS в глобальном масштабе и получения глобальных IP-маршрутов сетей Amazon.

Accessing AWS resources through a public virtual interface has the following requirements:

  • the public number of the autonomous system (ASN) owned by the customer;
  • agreed between the Client and Linxdatacenter VLAN_ID;
  • block of public IP addresses (/30) for BGP connection.

The connection process takes 48 hours or more, as AWS will check the allocated IP space.

1.5.3 Private Virtual Interface

A private virtual interface is used to connect to AWS private environments, such as the Amazon VPC virtual private cloud.

A private virtual interface allows you to connect to VPC resources (such as EC2 instances, load balancing, and RDS database instances) in a private address space. The private virtual interface connects to the AWS Direct Connect gateway and communicates with one or more virtual private gateways in any AWS regions. For a private virtual interface, AWS announces the entire VPC subnet over a BGP session. Translated with www.DeepL.com/Translator (free version)

Accessing AWS resources through a private virtual interface has the following requirements:

  • private number of the autonomous system (ASN);
  • supported private range ASN 64512-65535;
  • agreed between the Client and Linxdatacenter VLAN_ID;
  • block of private IP addresses (/30) in the range 169. x. x. x for the BGP session.

Depending on the Customer's requirements, several connection options to AWS are provided - single, redundant and redundant connections to achieve maximum SLA.

1.6 How to order

  • Develop a communications scheme in collaboration with Linxdatacenter network engineers.
  • Order Direct Connect through AWS.
  • Tell Linxdatacenter the Direct Connect service key.
  • Set up routing on the Client side of the network and start using it.

1.7 Tariffication

  • The customer pays for AWS services himself.
  • Linxdatacenter charges for:
    - channel bandwidth - according to the resources used;
    - services to technical support - for man-hours.
How can we help you?
Request Demo Access
client:

BEST, money transfer and payments operator

business challenge

The customer faced a technical issue with a persistent BGP session flag with Linxdatacenter hardware. We examined the problem and found out that one of customer’s hosts was under a DDoS attack.

Because of the distributed nature of the attack, traffic couldn’t be filtered effectively, and disconnecting the host from the external network wasn’t an option. The attack stopped after changes in the server configuration, but resumed the day after. A 5.5 Gbps attack overloaded the junctions with internet providers, affecting other Linx Cloud users. To mitigate the effects of the attack, we employed a dedicated DDoS protection service.

Solution

To ensure the continuous availability of resources hosted in Linx Cloud, we rerouted all the customer’s traffic through StormWall Anti-DDoS system. The attack was stopped within half an hour. To prevent future cyberattacks, we organized all connections to the customer’s resources through the StormWall network.

Thank you for your inquiry, we will get back to you shortly!