AWS Direct Connect Gateway

• Direct Connect Gateway is a global network device that helps establish connectivity that spans multiple VPCs spread across multiple AWS Regions.
• is a globally available resource that can be created in any Region and accessed from all other Regions.
• supports Private VIF only and does not support Public VIF.
• DX Gateway and Private VIF should be in the same AWS account, whereas the connected VPCs can be in different AWS accounts and regions.
• can be associated with
  • a Virtual Private Gateway in any VPC, Region, or Account.
  • a Transit Gateway for multiple VPCs in the same region
• allows scaling a Direct Connection to 500 VPCs as
  • a single Direct Connection supports 50 VIFs
  • a single private VIF can connect to a single Direct Connect Gateway
  • a single Direct Connect Gateway can connect to 10 VGWs

Direct Connect Gateway Limitations

• supports 10 VGWs (VPC) connections.
• supports a Single Transit VIF per Direct Connect.
• does not support overlapping CIDRs.
• does not support transitive routing i.e. does not allow gateway associations to send traffic to each other (for example, a VGW to another VGW or VPC to VPC)
• allows a maximum of 100 prefixes. You can summarize the prefixes into a larger range to reduce the number of prefixes.

Direct Connect Gateway + Transit Gateway

• AWS Direct Connect Gateway does not support transitive routing and has limits on the number of VGWs that can be connected.
• AWS DX Gateway can be combined with AWS Transit Gateway using transit VIF attachment which enables your network to connect up to three regional centralized routers over a private dedicated connection
• Each AWS Transit Gateway is a regional resource and acts as a network transit hub to interconnect VPCs in the same region, consolidating VPC routing configuration in one place.
• This solution simplifies the management of connections between a VPC and the on-premises networks over a private connection that can reduce network costs, increase bandwidth throughput, and provide a more consistent network experience than internet-based connections.
• With AWS Transit Gateway connected to VPCs, full or partial mesh connectivity can be achieved between the VPCs.
• Cross-VPC and Cross-Region VPC communication facilitated by AWS Transit Gateway peering.

AWS Certification Exam Practice Questions

• Questions are collected from Internet and the answers are marked as per my knowledge and understanding (which might differ with yours).
• AWS services are updated everyday and both the answers and questions might be outdated soon, so research accordingly.
• AWS exam questions are not updated to keep up the pace with AWS updates, so even if the underlying feature has changed the question might not be updated
• Open to further feedback, discussion and correction.

1. Your company currently has set up an AWS Direct Connect connection between their on-premise data center and a VPC in the us-east-1 region. They now want to connect their data center to a VPC in the us-west-1 region. They need to ensure latency is low and maximum bandwidth for the connection. How could they accomplish this in a cost-effective manner?
   1. Create an AWS Direct Connect connection between the VPC in the us-west-1 region and the on-premise data center
   2. Setup an AWS Direct Connect Gateway
   3. Create an AWS VPN managed connection between the VPC in the us-west-1 region and the on-premise data center
   4. Use VPC peering

References

AWS_Direct_Connect_Gateway