0% found this document useful (0 votes)

34 views41 pages

Giu 2724 62 15996 2024-02-19T17 40 13

The document provides an overview of Virtual Private Cloud (VPC) in cloud computing, detailing its structure, including subnets, access control lists (ACL), and security groups. It also discusses the use of CIDR notation for IP addressing and the configuration of VPNs for connecting on-premises resources with AWS. Key components such as route tables and the importance of security groups for EC2 instances are highlighted throughout the content.

Uploaded by

ayakhodeir2

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

34 views41 pages

Giu 2724 62 15996 2024-02-19T17 40 13

Uploaded by

ayakhodeir2

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 41

ICS608

Cloud
Computing
VPC

Dr. JOHN ZAKI 1

TABLE OF CONTENTS
01 RECALL

02 VPC

03 SUBNETS
ACL & SECURITY
04 GROUPS

05 VPN
Dr. JOHN ZAKI 2
IPv4 RECALL….
1. 32-bit addressing scheme for the internet, allowing almost 4.3
billion unique addresses
OCTET
If expressed in binary

If converted to decimal

Dr. JOHN ZAKI 3

CIDR NOTATION RECALL….
CLASSLESS INTER-DOMAIN ROUTING

HOW TO REPRESENT A RANGE OF IPs FROM 192.168.1.0 – 192.168.1.255?

NETWORK HOST

Dr. JOHN ZAKI 4

CIDR NOTATION RECALL….
FIRST IP OF THE RANGE IS BOOKED FOR THE SUBNET (network address)
LAST IP OF THE RANGE IS BOOKED FOR THE BROADCAST

EXAMPLE
192.168.1.0/24
 24 BITS OF THE IP ADDRESS ARE FIXED
 32-24 = 8 BITS CAN CHANGE , RANGE OF IPS = 28= 256 IPS
 1ST IP BOOKED FOR THE SUBNET (192.168.1.0)
 LAST IP BOOKED FOR THE BROADCAST (192.168.1.255)

 THE RANGE CONTAINS 254 IPS

STARTING WITH
192.168.1.1
ENDING WITH
192.168.1.254

Dr. JOHN ZAKI 5

Dr. JOHN ZAKI 6
CIDR IN AWS
1. Using CIDR in AWS books 5 addresses

A VPC with 4 subnets 10.0.0.0/24

Dr. JOHN ZAKI 7

VPC

IT IS YOUR PRIVATE CLOUD

INSIDE THE PUBLIC CLOUD

Dr. JOHN ZAKI 8

RECALL FROM PREVIOUS
LECTURE….

Dr. JOHN ZAKI 9

VPC
User

AWS Cloud

Corporate Region
data center Availability Zone A Availability Zone B
Access Control List Access Control List
VPC
Public subnet Internet gateway Public subnet
Security group Security group
VPN

Virtual private
gateway
EC2 Instance EC2 Instance

Private subnet Private subnet

AWS Direct
Amazon RDS instance Amazon RDS instance
Connect

Dr. JOHN ZAKI 10

VPC

Main route table

Destination Target

10.1.0.0/16 Local

Custom route table

Destination Target

10.1.0.0/16 Local

0.0.0.0/0 Igw-id

Dr. JOHN ZAKI 11

VPC
Region

VPC

Region: Say N.
Virginia
IP range:
10.1.0.0/16
Dr. JOHN ZAKI 12
SUBNET
Region
Availability Zone A
VPC
Public subnet

1. VPC: Say N.
10.1.1.0/
VIRGINIA
24
2. AZ: SAY ZONE A
Private subnet

10.1.3.0/2 3. IP range:
4 NON-
OVERLAPPING
SUBSET OF VPC
Dr. JOHN ZAKI 13
VPC
AWS Cloud

Region
Availability Zone A
VPC
Public subnet
10.1.0.0/16
10.1.1.0/24
EC2 Instance

Private subnet

10.1.3.0/24
Amazon RDS instance

Dr. JOHN ZAKI 14

CREATE
VPC
Dr. JOHN ZAKI 15
Dr. JOHN ZAKI 16
Dr. JOHN ZAKI 17
Dr. JOHN ZAKI 18
Dr. JOHN ZAKI 19
Dr. JOHN ZAKI 20
Dr. JOHN ZAKI 21
Dr. JOHN ZAKI 22
CUSTOM root
table
connected to
the public
subnets.

Route to IGW

Associated with
the two public
subnets

Dr. JOHN ZAKI 23

Custom root
table
connected to
the public
subnets.

Private subnet is
connected to
route table
connecting it to
S3 service as we
chose it during
creation.

Dr. JOHN ZAKI 24

TASK

CREATE THE SAME

PREVIOUS
ARCHITECTURE BY
CREATING INDIVIDUAL
ELEMENTS.

Dr. JOHN ZAKI 25

ACL &
SECURIT
Y
GROUPS
Dr. JOHN ZAKI 26
ACL
AWS Cloud

Region Availability Zone A Availability Zone B

VPC ACL ACL

Public subnet Public subnet

ACL ACL
Private subnet Private subnet

Dr. JOHN ZAKI 27

Dr. JOHN ZAKI 28
ACL
1. The default network ACL does not allow traffic in and out of your subnet.

Dr. JOHN ZAKI 29

EXAMPLE
If you allow HTTPS inbound traffic through port 443,
You need to allow the outbound traffic as well.
Otherwise, your server will not be able to send the response.

Dr. JOHN ZAKI 30

TASK
CREATE THE
OUTBOUD
RULES AND
THE
ASSOCIATION
Dr. JOHN ZAKI 31
SECURITY GROUPS
1. These are firewalls that exist at the EC2 instance level.

2. Security groups are not optional, so anytime you create an EC2 instance,
you need to place that EC2 instance inside of a security group that allows
the appropriate kinds of traffic to flow to your application.

RECALL
FROM
PREVIO
US
LECTUR Dr. JOHN ZAKI 32
SECURITY GROUPS
AWS Cloud

Region Availability Zone A Availability Zone B

VPC ACL ACL

Public subnet Public subnet
Security group Security group

EC2 Instance EC2 Instance

ACL ACL

Private subnet Private subnet

DEFAULT
NO INBOUND
ALL OUTBOUND.

Dr. JOHN ZAKI 34

VPN

Dr. JOHN ZAKI 35

VPN
SITE TO SITE VPN
Allows resources sitting in your data center to connect to your AWS resources

CLIENT VPN
Allows your administrators to connect to your AWS resources.

Dr. JOHN ZAKI 36

Dr. JOHN ZAKI 37
TASK

CREATE
A SITE-SITE
VPN
Dr. JOHN ZAKI 38
TASK

EXPLORE AWS
DIRECT
CONNECT
Dr. JOHN ZAKI 39
SUMMARY
0
VPC
1
0
SUBNET
2
0
INTERNET GATEWAY
3
0 ACL & SECURITY
4 GROUPS
0
VPN
5
Dr. JOHN ZAKI 40
THAN
K YOU
Dr. JOHN ZAKI 41

Module - 05 - Networking and Content Delivery
No ratings yet
Module - 05 - Networking and Content Delivery
71 pages
AcademyCloudFoundations Module 05
No ratings yet
AcademyCloudFoundations Module 05
69 pages
AWS Networking Presentation
100% (1)
AWS Networking Presentation
16 pages
AWS CSAA Hands-On Labs Slides
No ratings yet
AWS CSAA Hands-On Labs Slides
142 pages
Virtual Private Cloud (VPC) : by Bhupinder Rajput
100% (1)
Virtual Private Cloud (VPC) : by Bhupinder Rajput
17 pages
VPC and Networking
No ratings yet
VPC and Networking
113 pages
5 ABL Module 05 06
No ratings yet
5 ABL Module 05 06
91 pages
AWS Certified Solutions Architect PDF
No ratings yet
AWS Certified Solutions Architect PDF
138 pages
Amazon Web Services - Practical Scenarios: C.V.Udayasankar
No ratings yet
Amazon Web Services - Practical Scenarios: C.V.Udayasankar
402 pages
Lab-Day3 - Lab5&6
No ratings yet
Lab-Day3 - Lab5&6
16 pages
Network Foundations On AWS
No ratings yet
Network Foundations On AWS
60 pages
Aws Networking Detailed Overview
No ratings yet
Aws Networking Detailed Overview
25 pages
Exam 1
No ratings yet
Exam 1
14 pages
AWS - VPC Notes
No ratings yet
AWS - VPC Notes
9 pages
Update 300-730
No ratings yet
Update 300-730
61 pages
4-Networking & Content Delivery - 241022 - 203735
No ratings yet
4-Networking & Content Delivery - 241022 - 203735
88 pages
AcademyCloudFoundations Module 05
No ratings yet
AcademyCloudFoundations Module 05
70 pages
Aws VPC
No ratings yet
Aws VPC
75 pages
Aws Slides
No ratings yet
Aws Slides
99 pages
AWS+Slides+Ch+03 Finalized
No ratings yet
AWS+Slides+Ch+03 Finalized
80 pages
Aws Networking Fundamentals 1735045471 190422171830
No ratings yet
Aws Networking Fundamentals 1735045471 190422171830
97 pages
Exploring The Fundamentals of AWS Networking SVC205
No ratings yet
Exploring The Fundamentals of AWS Networking SVC205
94 pages
1.1 VPC - Course - Slides
No ratings yet
1.1 VPC - Course - Slides
89 pages
CLC-CCIE EI-Real Lab v1.0 Module 1 - Demo 1 (20210303)
No ratings yet
CLC-CCIE EI-Real Lab v1.0 Module 1 - Demo 1 (20210303)
12 pages
Giu 2724 62 15996 2024-02-19T17 40 13
No ratings yet
Giu 2724 62 15996 2024-02-19T17 40 13
41 pages
Introduction To Cloud Computing - IV
No ratings yet
Introduction To Cloud Computing - IV
50 pages
VPC (Virtual Private Cloud)
No ratings yet
VPC (Virtual Private Cloud)
59 pages
AcademyCloudFoundations Module 05
No ratings yet
AcademyCloudFoundations Module 05
69 pages
AWS Solution Architect Associate Exam Notes
No ratings yet
AWS Solution Architect Associate Exam Notes
80 pages
ENARSI 300-410 September 2020-v1
No ratings yet
ENARSI 300-410 September 2020-v1
71 pages
Module 2 - Networking On AWS - Animated
No ratings yet
Module 2 - Networking On AWS - Animated
36 pages
Aws VPC
No ratings yet
Aws VPC
53 pages
01module15 230110 190214
No ratings yet
01module15 230110 190214
48 pages
VPC
No ratings yet
VPC
27 pages
AWS Classes Notes
No ratings yet
AWS Classes Notes
31 pages
Mod 3 Networking 1
No ratings yet
Mod 3 Networking 1
45 pages
Lesson 2 EC2 and IAM
No ratings yet
Lesson 2 EC2 and IAM
65 pages
AWS-Intro and Networking DataCamp2024
No ratings yet
AWS-Intro and Networking DataCamp2024
36 pages
Networking in AWS - Part 1
No ratings yet
Networking in AWS - Part 1
39 pages
FCJ - Week 2 - Networking On AWS
No ratings yet
FCJ - Week 2 - Networking On AWS
27 pages
Practice Test #2 (AWS Certified Developer Associate - DVA-C01)
No ratings yet
Practice Test #2 (AWS Certified Developer Associate - DVA-C01)
67 pages
4
No ratings yet
4
115 pages
Week 6 - Webinar
No ratings yet
Week 6 - Webinar
26 pages
VPC New
No ratings yet
VPC New
36 pages
VPC Section
No ratings yet
VPC Section
21 pages
Virtual Private Cloud (VPC) : by Bhupinder Rajput
No ratings yet
Virtual Private Cloud (VPC) : by Bhupinder Rajput
17 pages
Aws VPC
No ratings yet
Aws VPC
21 pages
Webinar 1530 Slides
No ratings yet
Webinar 1530 Slides
24 pages
Amazon VPC
No ratings yet
Amazon VPC
14 pages
Cheat Sheets - 2
No ratings yet
Cheat Sheets - 2
10 pages
VPC Document
No ratings yet
VPC Document
13 pages
Cisco Ccna 200-301 Exam Q&A PDF
No ratings yet
Cisco Ccna 200-301 Exam Q&A PDF
72 pages
Cyberkraft Security Ports and Protocols Reference Sheet SY0 701
No ratings yet
Cyberkraft Security Ports and Protocols Reference Sheet SY0 701
3 pages
Virtual Private Cloud (VPC) : Data Center
No ratings yet
Virtual Private Cloud (VPC) : Data Center
12 pages
AWS FAT Module 3
No ratings yet
AWS FAT Module 3
7 pages
AWS Networking Terms - DevopsRitiks
No ratings yet
AWS Networking Terms - DevopsRitiks
6 pages
VPC (Virtual Private Cloud)
No ratings yet
VPC (Virtual Private Cloud)
5 pages
VPC AWS AWS AWS Amazon VPC
No ratings yet
VPC AWS AWS AWS Amazon VPC
10 pages
VPC (Virtual Private Cloud)
No ratings yet
VPC (Virtual Private Cloud)
11 pages
Aws VPC
No ratings yet
Aws VPC
6 pages
Amazon Virtual Private Cloud (Amazon VPC)
No ratings yet
Amazon Virtual Private Cloud (Amazon VPC)
11 pages
VPC Architecture
No ratings yet
VPC Architecture
10 pages
VPC by Cloud MadeEasy
No ratings yet
VPC by Cloud MadeEasy
5 pages
VPC Cantrill
No ratings yet
VPC Cantrill
3 pages
K SCHEME ACN CH 1 Internet Architecture and Network Layer 12M
No ratings yet
K SCHEME ACN CH 1 Internet Architecture and Network Layer 12M
11 pages
Route Tables Subnets Cidr Virtual Private Clouds: Your Logically in The Cloud Isolated Network
No ratings yet
Route Tables Subnets Cidr Virtual Private Clouds: Your Logically in The Cloud Isolated Network
1 page
VPC Dark
No ratings yet
VPC Dark
1 page
Cisco ACI Create L3 OUT
No ratings yet
Cisco ACI Create L3 OUT
8 pages
HackCloud - OCI Explorer
No ratings yet
HackCloud - OCI Explorer
51 pages
H3C Network Management and Monitoring Configuration Guide-Book
No ratings yet
H3C Network Management and Monitoring Configuration Guide-Book
597 pages
BRKMPL 3333
No ratings yet
BRKMPL 3333
171 pages
Lecture #4 THR
No ratings yet
Lecture #4 THR
80 pages
Cisco 7600 Technical Details
No ratings yet
Cisco 7600 Technical Details
38 pages
5G System End To End MTU Allocation
No ratings yet
5G System End To End MTU Allocation
6 pages
ArubaOS-CX 10.00.0010 Release Notes For The Aruba 8400 Switch Series-A00041872en - Us
No ratings yet
ArubaOS-CX 10.00.0010 Release Notes For The Aruba 8400 Switch Series-A00041872en - Us
34 pages
01-EPON Configuration - 1302698 - 294551 - 0
No ratings yet
01-EPON Configuration - 1302698 - 294551 - 0
73 pages
Switch 01 Configuration
No ratings yet
Switch 01 Configuration
14 pages
BRKNMS 3043 PDF
No ratings yet
BRKNMS 3043 PDF
105 pages
Computer Networking: Exercises
No ratings yet
Computer Networking: Exercises
69 pages
Chapter 8 Switching
No ratings yet
Chapter 8 Switching
19 pages
FortiOS 7.4 Ports
No ratings yet
FortiOS 7.4 Ports
8 pages
Cloudflare 1.1.1.1 Public Resolver Report - 03302020 2
No ratings yet
Cloudflare 1.1.1.1 Public Resolver Report - 03302020 2
6 pages
Iwan-Eigrp 400 Tunnel20 (Summary Network) (Summary Mask) : Procedure 10 Configure IP Multicast Routing
No ratings yet
Iwan-Eigrp 400 Tunnel20 (Summary Network) (Summary Mask) : Procedure 10 Configure IP Multicast Routing
20 pages
Pruebas Facebook 1748 12022024
No ratings yet
Pruebas Facebook 1748 12022024
4 pages
Quiz 7 Jaringan Komputer
No ratings yet
Quiz 7 Jaringan Komputer
10 pages
AX250 Counter UAS Radar Datasheet REV011 WEB
No ratings yet
AX250 Counter UAS Radar Datasheet REV011 WEB
2 pages
Concordia University: ELEC463/6851 - Telecommunication Networks
No ratings yet
Concordia University: ELEC463/6851 - Telecommunication Networks
2 pages
BSNL
No ratings yet
BSNL
2 pages
Set Up Your Own IPsec VPN, OpenVPN and WireGuard Server: Build Your Own VPN
From Everand
Set Up Your Own IPsec VPN, OpenVPN and WireGuard Server: Build Your Own VPN
Lin Song
5/5 (1)
CISA EXAM-Testing Concept-Firewall
From Everand
CISA EXAM-Testing Concept-Firewall
Hemang Doshi
2.5/5 (2)

Giu 2724 62 15996 2024-02-19T17 40 13

Uploaded by

Giu 2724 62 15996 2024-02-19T17 40 13

Uploaded by

ICS608

Dr. JOHN ZAKI 1

Dr. JOHN ZAKI 3

HOW TO REPRESENT A RANGE OF IPs FROM 192.168.1.0 – 192.168.1.255?

Dr. JOHN ZAKI 4

 THE RANGE CONTAINS 254 IPS

Dr. JOHN ZAKI 5

A VPC with 4 subnets 10.0.0.0/24

Dr. JOHN ZAKI 7

IT IS YOUR PRIVATE CLOUD

INSIDE THE PUBLIC CLOUD

Dr. JOHN ZAKI 8

Dr. JOHN ZAKI 9

Private subnet Private subnet

Dr. JOHN ZAKI 10

Main route table

Custom route table

Dr. JOHN ZAKI 11

Dr. JOHN ZAKI 14

Dr. JOHN ZAKI 23

Dr. JOHN ZAKI 24

CREATE THE SAME

Dr. JOHN ZAKI 25

Region Availability Zone A Availability Zone B

VPC ACL ACL

Dr. JOHN ZAKI 27

Dr. JOHN ZAKI 29

Dr. JOHN ZAKI 30

Region Availability Zone A Availability Zone B

VPC ACL ACL

EC2 Instance EC2 Instance

Private subnet Private subnet

Dr. JOHN ZAKI 34

Dr. JOHN ZAKI 35

Dr. JOHN ZAKI 36

You might also like