Оффлайн
- Регистрация
- 1 Мар 2015
- Сообщения
- 1,481
- Баллы
- 155
Introduction
Thank you for always reading our articles!
I was curious about VPC Reachability Analyzer, so I would like to do a simple technical investigation. I will write this article as easy to understand as possible, so I would appreciate it if you would read it.
Target audience
This feature was released in December 2020. The official AWS blog states the following
To put it very simply, it might be easier to understand if you think of it as a tool for analyzing the reachability of communication between resources.
The usage fee is $0.10 per use.
Therefore, running it frequently can result in unexpected increases in costs.
In addition, as stated in the official documentation, there are also some points to note regarding load balancers and firewalls.
Verification details
There are four things I would like to verify this time:
Verification
We will not go into the details of the preparations that were made prior to the verification, but we did set up the VPC and peering settings.
After setting up, we set up the VPC Reachability Analyzer from TEST-A to each peering connection.
The results are as follows:
1. VPC Peering in the same region (same account)
2: VPC Peering between different regions (same account)
3. VPC Peering in the same region (different accounts)
4: VPC Peering between different regions (different accounts)
Impressions
In my personal opinion, as an analysis tool it is expensive and provides little information, so I don't feel there is much value in using VPC Reachability Analyzer alone.
However, I think that combining it with Amazon Q will help speed up the process of troubleshooting communication problems.
(However, I would like to see improvements made to the inability to troubleshoot BGP issues and check the health of the load balancer.)
Since the scope of this verification was limited to AWS resources, I would like to verify whether it is possible to perform analysis that takes into account on-premises environments.
Thank you for reading this article to the end!!
Digression
There were six updates to the VPC Reachability Analyzer.
Thank you for always reading our articles!
I was curious about VPC Reachability Analyzer, so I would like to do a simple technical investigation. I will write this article as easy to understand as possible, so I would appreciate it if you would read it.
Target audience
- Those who want to know about the behavior of VPC Reachability Analyzer.
- Want to know more about usage scenarios
This feature was released in December 2020. The official AWS blog states the following
To put it very simply, it might be easier to understand if you think of it as a tool for analyzing the reachability of communication between resources.
The usage fee is $0.10 per use.
Therefore, running it frequently can result in unexpected increases in costs.
In addition, as stated in the official documentation, there are also some points to note regarding load balancers and firewalls.
Verification details
There are four things I would like to verify this time:
- 1. VPC Peering in the same region (same account)
- 2: VPC Peering between different regions (same account)
- 3. VPC Peering in the same region (different accounts)
- 4: VPC Peering between different regions (different accounts)
Verification
We will not go into the details of the preparations that were made prior to the verification, but we did set up the VPC and peering settings.
After setting up, we set up the VPC Reachability Analyzer from TEST-A to each peering connection.
The results are as follows:
1. VPC Peering in the same region (same account)
2: VPC Peering between different regions (same account)
3. VPC Peering in the same region (different accounts)
4: VPC Peering between different regions (different accounts)
Impressions
- You can check in different regions or in the same region.
- Analysis costs $0.10 (per session), but the amount of information obtained is limited
- It is unclear which protocol is used by default (probably UDP)
In my personal opinion, as an analysis tool it is expensive and provides little information, so I don't feel there is much value in using VPC Reachability Analyzer alone.
However, I think that combining it with Amazon Q will help speed up the process of troubleshooting communication problems.
(However, I would like to see improvements made to the inability to troubleshoot BGP issues and check the health of the load balancer.)
Since the scope of this verification was limited to AWS resources, I would like to verify whether it is possible to perform analysis that takes into account on-premises environments.
Thank you for reading this article to the end!!
Digression
There were six updates to the VPC Reachability Analyzer.