Changes between Version 87 and Version 88 of clusterdvlan


Ignore:
Timestamp:
01/20/10 15:28:38 (14 years ago)
Author:
hmussman@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • clusterdvlan

    v87 v88  
    282282 a)  In order for EC2 instances to be part of a VLAN, the simplest solution is to run a VLAN software like OpenVPN in the EC2 instances. It is the responsibility of the user to setup that VLAN so that it can communicate with the rest of its GENI resources. There is no additional cost for such setup besides the network traffic charges described in Section 1.
    283283
    284  b)  Amazon Virtual Private Cloud service allows setting up a bridge to expand a VLAN with EC2 resources. Note that this can only be a layer 3 VLAN. Amazon VPC provides end-to-end network isolation by utilizing an IP address range that is specified by the user, and routing all network traffic between VPC and the user network through an encrypted IPsec VPN.
    285 The customer gateway can be either software or hardware. The current documentation only lists Cisco Integrated Services routers running Cisco IOS 12.4(or later) software and Juniper J-Series routers running JunOS 9.5 (or later) software as compatible devices.
     284 b)  Amazon Virtual Private Cloud service allows setting up a bridge to expand a VLAN with EC2 resources. Note that this can only be a layer 3 VLAN. Amazon VPC provides end-to-end network isolation by utilizing an IP address range that is specified by the user, and routing all network traffic between VPC and the user network through an encrypted IPsec VPN.  The customer gateway can be either software or hardware. The current documentation only lists Cisco Integrated Services routers running Cisco IOS 12.4(or later) software and Juniper J-Series routers running JunOS 9.5 (or later) software as compatible devices.
    286285
    287286 Note:  Providing the VPC functionality can only work for a single user (one VPC per AWS account only). This would not allow a broker to manage its resources globally and have multiple concurrent users using a pool of EC2 resources.  A workaround solution would consist in having the broker run the customer gateway and act as a bridge with the end-user resources. This option would still have the limitation that all users going through the same broker would be sharing the same VPN on the EC2 side.  (Having as many AWS accounts as GENI users does not seem practical and would make accounting and billing much more complex.)