Module Review
In this module, we climbed into the virtualized stratosphere to explore the foundations of modern cloud networks.
1. Key Takeaways
- Virtual Private Cloud (VPC): Isolated network environments in public clouds with subnets, route tables, and gateways.
- SDN (Software Defined Networking): The architectural shift of separating the Control Plane (centralized brain) from the Data Plane (forwarding hardware).
- NFV (Network Function Virtualization): Replacing expensive, proprietary hardware appliances with virtualized software (VNFs) running on standard servers.
- Load Balancing: Distributing traffic effectively at Layer 4 (Transport) or Layer 7 (Application) using strategies like Round Robin or Least Connections.
- CDN (Content Delivery Network): Reducing global latency by caching static content at Edge Locations geographically close to users.
2. Flashcards
What is the difference between a Security Group and a NACL?
A Security Group acts at the Instance level and is stateful; a NACL acts at the Subnet level and is stateless.
In SDN, which plane makes forwarding decisions?
The Control Plane, which is typically centralized in an SDN Controller.
What is a VNF in the context of NFV?
A Virtual Network Function: a software version of a network appliance like a firewall or load balancer.
Which load balancing algorithm provides Session Stickiness?
IP Hashing, which ensures a user with a specific IP always hits the same server.
3. Cheat Sheet
| Concept | Description | Key Component |
|---|---|---|
| VPC | Isolated cloud network | Subnets, IGW, Route Tables |
| SDN | Separation of Control/Data | Controller, OpenFlow |
| NFV | Software-based network appliances | VNF, Hypervisor, MANO |
| L4 Balancer | Routes by IP/Port | Network Load Balancer (NLB) |
| L7 Balancer | Routes by HTTP/Headers | Application Load Balancer (ALB) |
| CDN | Distributed edge caching | Origin Server, PoP (Edge) |
4. Quick Revision
- VPC Peering: Connects two VPCs using private IPs; not transitive.
- NAT Gateway: Allows private subnets to download from the internet without exposing instances to incoming traffic.
- SDN Controller: The central “brain” that programs flow tables in hardware switches.
- Service Chaining: A benefit of NFV, allowing network traffic to be steered through multiple VNFs sequentially.
- Health Checks: Necessary for load balancers to ensure they don’t route traffic to dead servers.
5. Next Steps
We have reached the home stretch! In the final module, we focus on the “Survival Skills” of a network engineer: Reliability, Quality of Service (QoS), and Monitoring/Troubleshooting.
- Next Module: Reliability & Performance
- Reference: Networks Glossary