Networking & VPC

Advanced Networking and VPC Integration

VPC Integration

Subnets

Public and private subnet placement

Route Tables

Control traffic routing within VPC

Internet Gateway

Enable internet access for public subnets

NAT Gateway

Outbound internet for private instances

Security Controls

Security Groups

• Instance-level firewall
• Stateful rules
• Allow rules only
• Multiple groups per instance

Network ACLs

• Subnet-level firewall
• Stateless rules
• Allow and deny rules
• Numbered rule priority

Enhanced Networking

SR-IOV

Single Root I/O Virtualization for higher performance

• Higher bandwidth
• Lower latency
• Lower CPU utilization

Elastic Network Adapter

Custom network interface for enhanced networking

• Up to 100 Gbps
• Lower latency
• Available on newer instances

Elastic Fabric Adapter

Network interface for HPC applications

• Bypass kernel for HPC
• Lower latency
• MPI applications

Networking Best Practices

• Place instances in private subnets when possible
• Use security groups as the primary security control
• Enable enhanced networking for performance-critical applications
• Use placement groups for low-latency requirements
• Implement proper subnet design for multi-AZ deployments

Previous: Storage Deep Dive Next: Monitoring & Troubleshooting

Back to EC2 Topics Back to Home