
- TOP
- ã¿ã°äžèЧ
- ãªã³ãã¬ãã¹
ãªã³ãã¬ãã¹
ã€ãã³ã
ãã¬ãžã³
æè¡ããã°
æ¬èšäºã¯ã2025 幎 6 æ 11 æ¥ã« Networking & Content Delivery ã§å
¬éããã VPC resource gateways: Implementation patterns and use cases ã翻蚳ãããã®ã§ãã Amazon Virtual Private Cloud (Amazon VPC) éã§ã¢ããªã±ãŒã·ã§ã³ãæ¥ç¶ããéãåŸæ¥ã® AWS PrivateLink ã®ãããã€ããŒã»ã³ã³ã·ã¥ãŒããŒã¢ãã«ã«é©åããªããµãŒãã¹ãžã®æ¥ç¶ãå¿
èŠã«ãªããšãVPC ãã¢ãªã³ã°ã AWS Transit Gateway ã ãã§ã¯ç°¡åã«è§£æ±ºã§ããªãè€éãªãããã¯ãŒã¯èª²é¡ã«çŽé¢ããŸããããã¯ç¹ã«ãIP ã¢ãã¬ã¹ç©ºéãéè€ããŠããå Žåã«é¡èã§ãã åŸæ¥ã® PrivateLink ã® Provider-Consumer Model ã«é©åããªããµãŒãã¹ãžã®æ¥ç¶ããVPC ãªãœãŒã¹ã²ãŒããŠã§ã€ã䜿çšããããšã§å®çŸã§ãããããã¯ãŒã¯ã¢ãŒããã¯ãã£ãç°¡çŽ åã§ããŸãããããã€ããŒããµãŒãã¹ã®å段㫠Network Load Balancer ãé
眮ããããšãæ±ãã VPC ãšã³ããã€ã³ããµãŒãã¹ãšã¯ç°ãªãããªãœãŒã¹ã²ãŒããŠã§ã€ã¯ããŒããã©ã³ãµãŒã€ã³ãã©ã¹ãã©ã¯ãã£ã®è¿œå ãªãŒããŒããããªãã«ãããå¹
åºãã¿ãŒã²ãããå
¬éã§ããŸãã ãããŸã§è€éãªè¿œå èšå®ãå¿
èŠã ã£ãã·ããªãªã§ãã远å ã€ã³ãã©ã¹ãã©ã¯ãã£ã®ç®¡çãªãŒããŒããããªãã«ãµãŒãã¹ã«ã¢ã¯ã»ã¹ã§ããããã«ãªããŸããããªãœãŒã¹ã²ãŒããŠã§ã€ã¯ãARNãDNSããŸã㯠IP ããŒã¹ã®ãµãŒãã¹ãžã®æ¥ç¶ãå¯èœã«ããªãããã»ãã¥ãªãã£ã®ç¶æãè€éãã®è»œæžãã³ã¹ãã®æé©åãå®çŸããŸãã ãªãœãŒã¹ã²ãŒããŠã§ã€ã«ã¯è€æ°ã®ã¢ã¯ã»ã¹æ¹æ³ããããŸãã ãªãœãŒã¹ãšã³ããã€ã³ã ã Amazon VPC Lattice ãµãŒãã¹ãããã¯ãŒã¯ã¢ãœã·ãšãŒã·ã§ã³ãããã³ VPC Lattice ãµãŒãã¹ãããã¯ãŒã¯ã«æ¥ç¶ããã ãµãŒãã¹ãããã¯ãŒã¯ãšã³ããã€ã³ã ã§ããæ¬èšäºã§ã¯ããªãœãŒã¹ãžã®ã¢ã¯ã»ã¹ãæäŸããããã«ããªãœãŒã¹ã²ãŒããŠã§ã€ãšãªãœãŒã¹ãšã³ããã€ã³ãã䜿çšããã¢ãŒããã¯ãã£ãã¿ãŒã³ã«çŠç¹ãåœãŠãŸããAmazon VPC Lattice ã®ãµãŒãã¹ãããã¯ãŒã¯ãšã³ããã€ã³ãã®ãŠãŒã¹ã±ãŒã¹ãšäœ¿ç𿹿³ã®è©³çްã«ã€ããŠã¯ã ãã¡ãã®ããã° ãåç
§ããŠãã ããã 以äžã®ãŠãŒã¹ã±ãŒã¹ãšãã©ãã£ãã¯ãããŒãã¿ãŒã³ãéããŠããªãœãŒã¹ã²ãŒããŠã§ã€ã®æ©èœãçè§£ããŠãããŸãããã ãŠãŒã¹ã±ãŒã¹ 1ïŒRDS ãªãœãŒã¹ãžã®ãã©ã€ããŒããã€ã»ãã¥ã¢ãªã¢ã¯ã»ã¹ ç°ãªãããžãã¹ãŠããããã¢ããªã±ãŒã·ã§ã³ã³ã³ããŒãã³ãéã§å³å¯ãªåé¢ãç¶æããããã«ããã«ã VPC ãŸãã¯ãã«ãã¢ã«ãŠã³ãæŠç¥ãæ¡çšããŠããå Žåãã¢ããªã±ãŒã·ã§ã³ãµãŒããŒãšããŒã¿ããŒã¹ãç°ãªã VPC ã AWS ã¢ã«ãŠã³ãã«é
眮ãããŸãããŸãããã®ã¢ãŒããã¯ãã£ãã¿ãŒã³ã®èŠä»¶ã¯ãå䜵ã»è²·åïŒM&AïŒã®éã«ãçºçããŸãã Amazon Relational Database Service (Amazon RDS) ã¯ã管çã¿ã¹ã¯ãèªååããããšã§åŸæ¥åããŒã¿ããŒã¹ã®ç®¡çãç°¡çŽ åããŸãã Amazon Aurora ã¯ãMySQL ããã³ PostgreSQL ãšã®å®å
šãªäºææ§ãæã€ã°ããŒãã«ã¹ã±ãŒã«ã®ãªã¬ãŒã·ã§ãã«ããŒã¿ããŒã¹ã§ãã Web/ã¢ããªã±ãŒã·ã§ã³ãµãŒããŒãš RDS/Aurora ããŒã¿ããŒã¹ãç°ãªã VPC ã«ååšããå ŽåãVPC ãã¢ãªã³ã°ã«ããçŽæ¥ç㪠VPC ééä¿¡ããAWS Transit Gateway / AWS Cloud WAN ã䜿çšãããããã¯ãŒã¯æ¥ç¶ã®ã»ããã¢ããã«ããæ¥ç¶ã確ç«ã§ããŸããããããã³ã³ã·ã¥ãŒããŒã®æ°ãæ¥éã«å¢å ãããšããããã® VPC ãã¢ãªã³ã°æ¥ç¶ã AWS Transit Gateway / AWS Cloud WAN ãçµç±ãããããã¯ãŒã¯ãããŒã®ç®¡çãªãŒããŒããããå¢å€§ããŸãã ãªãœãŒã¹ã²ãŒããŠã§ã€ãšãªãœãŒã¹ VPC ãšã³ããã€ã³ãã䜿çšããŠãã¢ããªã±ãŒã·ã§ã³ãã Amazon RDS ãªãœãŒã¹ãžã®æ¥ç¶ãå¯èœã«ã§ããŸããå³1ã¯ããã®ãŠãŒã¹ã±ãŒã¹ã®ãã€ã¬ãã«ã¢ãŒããã¯ãã£å³ã瀺ããŠããŸãïŒ å³1ïŒRDS ãªãœãŒã¹ãžã®ãã©ã€ããŒããã€ã»ãã¥ã¢ãªã¢ã¯ã»ã¹ RDS ãªãœãŒã¹ãžã®ãã©ã€ããŒããã€ã»ãã¥ã¢ãªã¢ã¯ã»ã¹ãå®çŸããããã«ã以äžã®æé ã§ãªãœãŒã¹ãšã³ããã€ã³ããšãªãœãŒã¹ã²ãŒããŠã§ã€ãæ§æã§ããŸãïŒ RDS ãªãœãŒã¹ãååšãã VPC ã«ãªãœãŒã¹ã²ãŒããŠã§ã€ãäœæããã ã¢ã¯ã»ã¹ãããå RDS ã¯ã©ã¹ã¿ãŒãŸãã¯ã€ã³ã¹ã¿ã³ã¹ã«å¯ŸããŠãARNãã¿ã€ãã® ãªãœãŒã¹èšå® ãäœæãããªãœãŒã¹ã²ãŒããŠã§ã€ã«é¢é£ä»ããã æ³šæ ïŒARN ããŒã¹ã®ãªãœãŒã¹ã¯çŸåšããããªãã¯ã§ãªã Amazon RDS ãªãœãŒã¹ã§ãµããŒããããŠããŸããARN ããŒã¹ã®ãªãœãŒã¹èšå®ã® åãªãœãŒã¹èšå® ã¯ãAWS ã«ãã£ãŠèªåçã«ç®¡çãããŸãã ïŒãªãã·ã§ã³ïŒ ã³ã³ã·ã¥ãŒã㌠VPC ãš RDS VPC ãç°ãªã AWS ã¢ã«ãŠã³ãã«ããå ŽåãRDS VPC ã¢ã«ãŠã³ãããã³ã³ã·ã¥ãŒã㌠VPC ã¢ã«ãŠã³ããž AWS RAM ãéããŠãªãœãŒã¹èšå®ãå
±æããããªãœãŒã¹èšå®ãå
±æãããåŸãã³ã³ã·ã¥ãŒã㌠VPC ã¢ã«ãŠã³ãã§ãªãœãŒã¹å
±æãæ¿èªããã ã³ã³ã·ã¥ãŒã㌠VPC ã« ãResourceãã¿ã€ãã® VPC ãšã³ããã€ã³ã ãäœæããARN ã¿ã€ãã®ãªãœãŒã¹èšå®ã«é¢é£ä»ãããVPC ãšã³ããã€ã³ãã®äœææã«ããªãã·ã§ã³ã§ãPrivate DNSããæå¹åãããPrivate DNS ãæå¹ã«ãããšããªãœãŒã¹ VPC ãšã³ããã€ã³ããéãããã©ã€ããŒãæ¥ç¶ã掻çšããªãããAWS ãµãŒãã¹ããªãœãŒã¹ã«å¯ŸããŠããããžã§ãã³ã°ãã DNS åã䜿çšããŠãªã¯ãšã¹ããç¶ããããšãã§ããŸãã æ³šæ ïŒPrivate DNS ã䜿çšããã«ã¯ãã³ã³ã·ã¥ãŒã㌠VPC ã® DNS ãã¹ãåããã³ DNS 解決ããæå¹ã ïŒenableDnsHostnames, enableDnsSupportïŒã«èšå®ãããŠããããšã確èªããŠãã ããã ãªãœãŒã¹ãšã³ããã€ã³ããšãªãœãŒã¹ã²ãŒããŠã§ã€ã«é¢é£ä»ããããã»ãã¥ãªãã£ã°ã«ãŒãã«ã«ãŒã«ã远å ããŠãå¿
èŠãªãã©ãã£ãã¯ãèš±å¯ããã VPC ãšã³ããã€ã³ãã® Private DNS ãæå¹æãšç¡å¹æã§ã®åäœã瀺ãïŒ æå¹ïŒæšå¥šïŒ ïŒRDS ãªãœãŒã¹ã® DNS åïŒã©ã€ã¿ãŒãšã³ããã€ã³ãããªãŒããŒãšã³ããã€ã³ãããŸãã¯ã€ã³ã¹ã¿ã³ã¹ãšã³ããã€ã³ãïŒã䜿çšããŠãªãœãŒã¹ã«ã¢ã¯ã»ã¹ã§ããŸãã ç¡å¹ ïŒãªãœãŒã¹ VPC ãšã³ããã€ã³ãã® DNS åã䜿çšã㊠RDS ãªãœãŒã¹ã«ã¢ã¯ã»ã¹ããŸãããã ããããã¯ããŒã¿ããŒã¹èšŒææžã®ã³ã¢ã³ããŒã ïŒCNïŒãæ€èšŒ ããŠããªã å Žåã«ã®ã¿æ©èœããŸããããã¯ããªãœãŒã¹ VPC ãšã³ããã€ã³ãã® DNS åã RDS/Aurora DB ã€ã³ã¹ã¿ã³ã¹ã®èšŒææžã®ãµããžã§ã¯ã代æ¿åïŒSANïŒã«å«ãŸããŠããªãããã§ãã ãŠãŒã¹ã±ãŒã¹ 2ïŒVPC IP CIDR ãéè€ããç°å¢ã§ã®æ¥ç¶ CIDR ãéè€ãã VPC ã«ã³ã³ã·ã¥ãŒããŒãšãªãœãŒã¹ã ååšããå Žåããããéã®çŽæ¥éä¿¡ãå°é£ã«ãªããŸãããã®ã·ããªãªã¯ãå䜵ã»è²·åæãããŒãããŒãããã¯ãŒã¯ãžã®æ¥ç¶æããŸã㯠CIDR ã®èšç»ã調æŽãããŠããªããã«ãã¢ã«ãŠã³ãç°å¢ã§äžè¬çã«çºçããŸãããã®åé¡ã«å¯ŸåŠããåŸæ¥ã®ãœãªã¥ãŒã·ã§ã³ã«ã¯ãNATïŒãããã¯ãŒã¯ã¢ãã¬ã¹å€æïŒãå®è¡ããã¢ãã©ã€ã¢ã³ã¹ã®èšå®ãNAT ã²ãŒããŠã§ã€ã®äœ¿çšããŸã㯠Network Load Balancer ã®äœæãš VPC ãšã³ããã€ã³ããµãŒãã¹ã䜿çšãããµãŒãã¹ã®å
¬éãå«ãŸããŸãããããã®è§£æ±ºçã¯æå¹ã§ããã远å ãªãœãŒã¹ã®äœæãå¿
èŠãªãããè€éããšã³ã¹ããå¢å ããŸãã VPC ãªãœãŒã¹ãšã³ããã€ã³ããšãªãœãŒã¹ã²ãŒããŠã§ã€ã¯ããã®ãããªç¶æ³ã§ã³ã³ã·ã¥ãŒããŒããªãœãŒã¹ã«ã¢ã¯ã»ã¹ã§ããããã«ãããããã·ã³ãã«ãªä»£æ¿ææ®µãæäŸããŸããå³2ã¯ããã®ãŠãŒã¹ã±ãŒã¹ã®ãã€ã¬ãã«ã¢ãŒããã¯ãã£å³ã瀺ããŠããŸãã å³2ïŒéè€ CIDR ãŠãŒã¹ã±ãŒã¹ã«ããããªãœãŒã¹ãšã³ããã€ã³ããšãªãœãŒã¹ã²ãŒããŠã§ã€ã®äœ¿çš ãã®ã±ãŒã¹ã§ã³ã³ã·ã¥ãŒããŒããªãœãŒã¹ã«ã¢ã¯ã»ã¹ã§ããããã«ããã«ã¯ã以äžãå®è¡ããŸãã ã¢ã¯ã»ã¹å¯Ÿè±¡ã®ãªãœãŒã¹ãååšãã VPC ã«ãªãœãŒã¹ã²ãŒããŠã§ã€ãäœæããã ãªãœãŒã¹ãŸãã¯ãªãœãŒã¹ã°ã«ãŒãã衚ããªãœãŒã¹èšå®ãäœæãããªãœãŒã¹ã²ãŒããŠã§ã€ã«é¢é£ä»ããã ïŒãªãã·ã§ã³ïŒã³ã³ã·ã¥ãŒã㌠VPC ãšãªãœãŒã¹ VPC ãç°ãªã AWS ã¢ã«ãŠã³ãã«ããå ŽåããªãœãŒã¹ VPC ã¢ã«ãŠã³ãããã³ã³ã·ã¥ãŒã㌠VPC ã¢ã«ãŠã³ããž AWS RAM ãéããŠãªãœãŒã¹èšå®ãå
±æããããªãœãŒã¹èšå®ãå
±æãããåŸãã³ã³ã·ã¥ãŒã㌠VPC ã¢ã«ãŠã³ãã§ãªãœãŒã¹å
±æãæ¿èªããã ã³ã³ã·ã¥ãŒã㌠VPC ã«ãåãªãœãŒã¹èšå®ã«å¯Ÿå¿ãããResourceãã¿ã€ãã® VPC ãšã³ããã€ã³ããäœæããã ãªãœãŒã¹ãšã³ããã€ã³ããšãªãœãŒã¹ã²ãŒããŠã§ã€ã«é¢é£ä»ããããã»ãã¥ãªãã£ã°ã«ãŒãã«ã«ãŒã«ã远å ããŠãå¿
èŠãªãã©ãã£ãã¯ãèš±å¯ããã ãªãœãŒã¹ VPC ãšã³ããã€ã³ãã® DNS åã䜿çšããŠããªãœãŒã¹ VPC å
ã®ãªãœãŒã¹ã«ã¢ã¯ã»ã¹ããããã¬ã³ããªãŒãªååã䜿çšããŠãªãœãŒã¹ã«ã¢ã¯ã»ã¹ãããå Žåã¯ããã³ã³ã·ã¥ãŒã㌠VPCãã«é¢é£ä»ãããããã©ã€ããŒããã¹ããŸãŒã³ãäœæãããã¬ã³ããªãŒ DNS åããªãœãŒã¹ VPC ãšã³ããã€ã³ãã® DNS åã«ãã€ã³ããã CNAME ã¬ã³ãŒãã远å ã§ããŸãããªãœãŒã¹ VPC ãšã³ããã€ã³ãã® DNS åã¯ãé¢é£ãããªãœãŒã¹ VPC ãšã³ããã€ã³ããéžæããéã®ãAssociationsãã®äžã§ç¢ºèªã§ããŸãã å³3ïŒãªãœãŒã¹ VPC ãšã³ããã€ã³ãã® DNS å ãŠãŒã¹ã±ãŒã¹ 3ïŒãããªãã¯ãã¡ã€ã³ãžã®æ¥ç¶ãããã· ãããªãã¯ãšã³ããã€ã³ãå®ãŠã®éä¿¡ã§ãã£ãŠããäžå
åãããVPCãçµç±ããããããããã¯ãã©ã€ããŒããã€å¶åŸ¡ããããããã¯ãŒã¯çµè·¯ã䜿çšããããšã矩åä»ãããããªå³æ Œãªããªã·ãŒãæ¡çšããå Žåãæ³å®ããŸãããããããããªãã¯ãšã³ããã€ã³ãã¯ãå€ãã®å Žå AWS å€ã® SaaS ãµãŒãã¹ããAWS äžã«ãããªãã PrivateLink çµç±ã§ã¯ãã©ã€ããŒãã«å
¬éãããŠããªããµãŒãã¹ã§ãã ãªãœãŒã¹ã²ãŒããŠã§ã€ã䜿çšããŠãéçŽ VPC çµç±ã§ããŸã㯠AWS VPN ã AWS Direct Connect ãVPC ãã¢ãªã³ã°ãªã©ã®ãã©ã€ããŒãæ¥ç¶ãªãã·ã§ã³ãä»ããã€ã³ã¯ã©ãŠãæ¥ç¶ãŠãŒã¹ã±ãŒã¹ãšããŠããããªãã¯ãšã³ããã€ã³ãïŒAWS ãŸãã¯ãµãŒãããŒãã£ïŒã«ã¢ã¯ã»ã¹ã§ããŸããå³4ã¯ãVPC å
ã®ã¯ã©ã€ã¢ã³ããéçŽ VPC ãšãªãœãŒã¹ã²ãŒããŠã§ã€ãéããŠãããªãã¯ãšã³ããã€ã³ãã«ã¢ã¯ã»ã¹ãããã€ã¬ãã«ã¢ãŒããã¯ãã£å³ã瀺ããŠããŸãã å³4ïŒéçŽ VPC ãšãªãœãŒã¹ã²ãŒããŠã§ã€ã«ãããããªãã¯ãšã³ããã€ã³ããžã®ã¢ã¯ã»ã¹ ãªãœãŒã¹ã²ãŒããŠã§ã€ã䜿çšããŠéçŽ VPC çµç±ã§ãããªãã¯ãšã³ããã€ã³ããžã®æ¥ç¶ã確ç«ããã«ã¯ã以äžã®ã¢ãããŒãã«åŸããŸãïŒ ãããªãã¯ãµãããããšãã©ã€ããŒããµãããããæã€ VPCïŒããªãœãŒã¹ VPCãïŒãäœæãããVPC ã«ãŒãã£ã³ã°ãèšå®ãããã©ã€ããŒããµããããããã€ã³ã¿ãŒããããžã®ãã©ãã£ãã¯ããããªãã¯ãµããããå
ã® NAT ã²ãŒããŠã§ã€ãçµç±ããŠã«ãŒãã£ã³ã°ãããããšã確èªããã ãªãœãŒã¹ VPC ã®ãã©ã€ããŒããµããããã«ãªãœãŒã¹ã²ãŒããŠã§ã€ãäœæããã ã³ã³ã·ã¥ãŒããŒã«ã¢ã¯ã»ã¹ããããåãã¡ã€ã³åã«å¯ŸããŠããDNSãã¿ã€ãã®ãªãœãŒã¹èšå®ãäœæãããå DNS ãªãœãŒã¹èšå®ã¯ãã³ã³ã·ã¥ãŒããŒã«ã¢ã¯ã»ã¹ããããåäžã®ãã¡ã€ã³åã«ãããã³ã°ãããŸããè€æ°ã®ãã¡ã€ã³åã«ã¢ã¯ã»ã¹ããããå Žåã¯ãè€æ°ã®ãªãœãŒã¹èšå®ãåäžã®ããªãœãŒã¹ã°ã«ãŒããã«ã°ã«ãŒãåããåäžã®ãªãœãŒã¹ VPC ãšã³ããã€ã³ãã§è€æ°ãã¡ã€ã³ã«ã¢ã¯ã»ã¹ã§ããããã«ã§ããŸãã ïŒãªãã·ã§ã³ïŒã³ã³ã·ã¥ãŒã㌠VPC ãšãªãœãŒã¹ VPC ãç°ãªã AWS ã¢ã«ãŠã³ãã«ããå ŽåããªãœãŒã¹ VPC ã¢ã«ãŠã³ãããã³ã³ã·ã¥ãŒã㌠VPC ã¢ã«ãŠã³ããž AWS Resource Access Manager(RAM) ãéããŠãªãœãŒã¹èšå®ãå
±æããããªãœãŒã¹èšå®ãå
±æãããåŸãã³ã³ã·ã¥ãŒã㌠VPC ã¢ã«ãŠã³ãã§ãªãœãŒã¹å
±æãæ¿èªããã ã³ã³ã·ã¥ãŒã㌠VPC ã«ãResourceãã¿ã€ãã® VPC ãšã³ããã€ã³ããäœæãããªãœãŒã¹èšå®ã«é¢é£ä»ããã ãªãœãŒã¹ãšã³ããã€ã³ããšãªãœãŒã¹ã²ãŒããŠã§ã€ã«é¢é£ä»ããããã»ãã¥ãªãã£ã°ã«ãŒãã«ã«ãŒã«ã远å ããŠãå¿
èŠãªãã©ãã£ãã¯ãèš±å¯ããã ãã©ã€ããŒããã¹ããŸãŒã³ïŒã³ã³ã·ã¥ãŒã㌠VPC ã«é¢é£ä»ãïŒãäœæããã¢ã¯ã»ã¹ãããããªã㯠FQDN ããªãœãŒã¹ãšã³ããã€ã³ãã®å¯Ÿå¿ãã DNS åã«ãããã³ã°ãã CNAME ã¿ã€ãã®ã¬ã³ãŒãã远å ããããªãœãŒã¹ãšã³ããã€ã³ãã® DNS åã®ç¢ºèªæ¹æ³ã«ã€ããŠã¯ãå³2ãåç
§ã ãã©ã€ããŒããã¹ããŸãŒã³ã§äœæããã¬ã³ãŒãã䜿çšããŠãã¢ããªã±ãŒã·ã§ã³ãããããªãã¯ãšã³ããã€ã³ãã«ã¢ã¯ã»ã¹ããã åæ§ã«ããªã³ãã¬ãã¹ãš AWS éã®ç¢ºç«æžã¿ãã©ã€ããŒãæ¥ç¶ãéããŠããããªãã¯ãšã³ããã€ã³ããžã®ãã©ãã£ãã¯ãã«ãŒãã£ã³ã°ããããšãã§ããŸããããã«ãããã¢ãŠãããŠã³ãã€ã³ã¿ãŒãããæ¥ç¶ãä¿¡é Œã§ãããšã³ããã€ã³ãã«å¶éãããªã³ãã¬ãã¹ã®ã¯ã©ã€ã¢ã³ãããããã¯ãŒã¯åé¢ãç¶æãã³ã³ãã©ã€ã¢ã³ã¹èŠä»¶ãæºãããªããããããªã㯠FQDN ãšã»ãã¥ã¢ã«éä¿¡ã§ããããã«ãªããŸããå³5ã¯ããªã³ãã¬ãã¹ã®ã¯ã©ã€ã¢ã³ãã AWS Site-to-Site VPN / AWS Direct Connect ãä»ããŠãªãœãŒã¹ã²ãŒããŠã§ã€çµç±ã§ãããªãã¯ãšã³ããã€ã³ãã«ã¢ã¯ã»ã¹ãããã€ã¬ãã«ã¢ãŒããã¯ãã£å³ã瀺ããŠããŸãã â»èš³è
泚ïŒéçŽ VPC ã® IGW ããã®ã¢ãŠãããŠã³ãé信㯠TGW ã§ã®æ¥ç¶ãåãããããäžè¬çã§ãããTGW ã®ããŒã¿åŠçæé㯠$0.02/GBããªãœãŒã¹ãšã³ããã€ã³ãã®ããŒã¿åŠçæé㯠$0.01/GB ã§ãããæ¬æ¹åŒã¯ç¹ã«ããŒã¿éãå§åçã§ããå Žåãã³ã¹ãåæžã«å€§ããå¯äžããŸãã å³5ïŒéçŽ VPC ãšãªãœãŒã¹ã²ãŒããŠã§ã€ã«ãããªã³ãã¬ãã¹ããã®ãããªãã¯ãšã³ããã€ã³ããžã®ã¢ã¯ã»ã¹ ãŠãŒã¹ã±ãŒã¹ 4ïŒTransit Gateway ã VPC ãã¢ãªã³ã°ãçµç±ããã« AWS ãµãŒãã¹ã®ã€ã³ã¿ãŒãã§ãŒã¹ãšã³ããã€ã³ããéçŽãã ã€ã³ã¿ãŒããããçµç±ããã« AWS ãµãŒãã¹ãžã®ãã©ã€ããŒãæ¥ç¶ãå®çŸããã«ã¯ãã€ã³ã¿ãŒãã§ãŒã¹ VPC ãšã³ããã€ã³ãã䜿çšã§ããŸããããããå VPC ã§ãµãŒãã¹ããšã«åå¥ã®ã€ã³ã¿ãŒãã§ãŒã¹ VPC ãšã³ããã€ã³ããäœæãããšã倧ããªã³ã¹ããšç®¡çã®è€éãã«ã€ãªããå¯èœæ§ããããŸãããã®ãããããå¹ççãªã¢ãããŒãã¯ãå¿
èŠãª ãã¹ãŠã®ã€ã³ã¿ãŒãã§ãŒã¹ãšã³ããã€ã³ãããã¹ãããéçŽ VPC ãçšæããAWS Transit Gateway ãŸã㯠AWS VPC ãã¢ãªã³ã°æ¥ç¶ã䜿çšããŠã³ã³ã·ã¥ãŒã㌠VPC ãšãªãœãŒã¹ VPC éã®æ¥ç¶ã確ç«ããéçŽ VPC ãšã³ããã€ã³ããžã®æ¥ç¶ãå®çŸããããšã§ãã ãªãœãŒã¹ã²ãŒããŠã§ã€ãšãªãœãŒã¹ãšã³ããã€ã³ãã¯ããã®ãŠãŒã¹ã±ãŒã¹ïŒç¹ã«å€§èŠæš¡ãããã¯ãŒã¯ïŒã«å¯ŸåŠããããã®ãããã·ã³ãã«ã§ã³ã¹ãå¹çã®é«ããªãã·ã§ã³ãæäŸããŸããTransit Gateway ã¢ã¿ããã¡ã³ããããäœãå
šäœã³ã¹ãïŒæéãããããã³ããŒã¿åŠçïŒã§ãåäžã®ãªãœãŒã¹ãšã³ããã€ã³ããäœæããŠè€æ°ã® AWS ãµãŒãã¹ãšã³ããã€ã³ãã«ã¢ã¯ã»ã¹ã§ããŸãïŒéçŽ VPC ãšã³ããã€ã³ããäž»ãªãŠãŒã¹ã±ãŒã¹ã§ããããšãåæïŒãå³6ã¯ããã®ãŠãŒã¹ã±ãŒã¹ã®ãã€ã¬ãã«ã¢ãŒããã¯ãã£å³ã瀺ããŠããŸãã å³6ïŒãªãœãŒã¹ã²ãŒããŠã§ã€ã䜿çšããéçŽ VPC ãšã³ããã€ã³ããžã®ã¢ã¯ã»ã¹ ãªãœãŒã¹ã²ãŒããŠã§ã€ã䜿çšããŠéçŽ VPC ãšã³ããã€ã³ããžã®ãã©ã€ããŒãæ¥ç¶ã確ç«ããæ¹æ³ã¯ä»¥äžã®ãšããã§ãã ãªãœãŒã¹ VPC ã«ãèŠä»¶ã«å¿ãã AWS ãµãŒãã¹ã®éçŽã€ã³ã¿ãŒãã§ãŒã¹ VPC ãšã³ããã€ã³ããäœæããã ãªãœãŒã¹ VPC ã«ãªãœãŒã¹ã²ãŒããŠã§ã€ãäœæããã å AWS ãµãŒãã¹ VPC ãšã³ããã€ã³ãã«å¯ŸããŠããDNSãã®ãªãœãŒã¹å®çŸ©ãæã€ãªãœãŒã¹èšå®ãäœæããããã¡ã€ã³åã«ã¯ãã€ã³ã¿ãŒãã§ãŒã¹ VPC ãšã³ããã€ã³ãã®ãªãŒãžã§ãã« DNS åã远å ããïŒäŸïŒ vpce-xxxx.ec2.<region>.vpce.amazonaws.com ïŒã 泚æ ïŒãªãœãŒã¹ã²ãŒããŠã§ã€ã§ã¯ããªãœãŒã¹èšå®ã® DNS åããããªãã¯ã«è§£æ±ºå¯èœã§ããå¿
èŠããããããã€ã³ã¿ãŒãã§ãŒã¹ VPC ãšã³ããã€ã³ãã®ãã©ã€ããŒã DNS åã¯æ©èœããŸããã å DNS ãªãœãŒã¹èšå®ãæã€ãªãœãŒã¹ã°ã«ãŒããäœæãããªãœãŒã¹ã°ã«ãŒãããªãœãŒã¹ã²ãŒããŠã§ã€ã«é¢é£ä»ããã ïŒãªãã·ã§ã³ïŒã³ã³ã·ã¥ãŒã㌠VPC ãšãªãœãŒã¹ VPC ãç°ãªã AWS ã¢ã«ãŠã³ãã«ããå ŽåããªãœãŒã¹ VPC ã¢ã«ãŠã³ãããã³ã³ã·ã¥ãŒã㌠VPC ã¢ã«ãŠã³ããž AWS RAM ãéããŠãªãœãŒã¹èšå®ãå
±æããããªãœãŒã¹èšå®ãå
±æãããåŸãã³ã³ã·ã¥ãŒã㌠VPC ã¢ã«ãŠã³ãã§ãªãœãŒã¹å
±æãæ¿èªããã ã³ã³ã·ã¥ãŒã㌠VPC ã«ãResourceãã¿ã€ãã® VPC ãšã³ããã€ã³ããäœæãããªãœãŒã¹èšå®ã«é¢é£ä»ããã ãªãœãŒã¹ãšã³ããã€ã³ããšãªãœãŒã¹ã²ãŒããŠã§ã€ã«é¢é£ä»ããããã»ãã¥ãªãã£ã°ã«ãŒãã«ã«ãŒã«ã远å ããŠãå¿
èŠãªãã©ãã£ãã¯ãèš±å¯ããã ïŒãªãã·ã§ã³ïŒç°ãªããã¡ã€ã³åã䜿çšããŠãµãŒãã¹ãšã³ããã€ã³ãã«ã¢ã¯ã»ã¹ãããå Žåã¯ããã¡ã€ã³å <region>.amazonaws.com ã®ãã©ã€ããŒããã¹ããŸãŒã³ãäœæããã³ã³ã·ã¥ãŒã㌠VPC ã«é¢é£ä»ãããã¢ã¯ã»ã¹ããåãµãŒãã¹ã«å¯ŸããŠãã¬ãã£ãã¯ã¹ä»ãã® CNAME ã¿ã€ãã®ã¬ã³ãŒãã远å ãïŒäŸïŒ <prefix>.ec2.<region>.vpce.amazonaws.com ïŒããªãœãŒã¹ãšã³ããã€ã³ãã®å¯Ÿå¿ãã DNS åã«ãã€ã³ããããTLS æ€èšŒãæ£åžžã«è¡ãããããã«ããããããã©ã€ããŒããã¹ããŸãŒã³ãšã¬ã³ãŒãã¯äžèšã®åœ¢åŒã§ããå¿
èŠãããã ãã©ã€ããŒããã¹ããŸãŒã³ã§äœæããã¬ã³ãŒãïŒäŸïŒ <prefix>.<region>.vpce.amazonaws.com ïŒããŸãã¯ãªãœãŒã¹ãšã³ããã€ã³ãã® DNS åã䜿çšããŠãã¢ããªã±ãŒã·ã§ã³ããã€ã³ã¿ãŒãã§ãŒã¹ãšã³ããã€ã³ãã«ã¢ã¯ã»ã¹ããã ãŸãšã æ¬èšäºã§ã¯ãVPC ãªãœãŒã¹ã²ãŒããŠã§ã€ã䜿çšã㊠AWS ç°å¢ã«ãããè€éãªãããã¯ãŒã¯èª²é¡ãç°¡çŽ åããæ¹æ³ã説æããŸããããã©ã€ããŒããªããŒã¿ããŒã¹æ¥ç¶ã®ç¢ºç«ãIP ã¢ãã¬ã¹ãç«¶åãããããã¯ãŒã¯éã®éä¿¡ã®å®çŸãã»ãã¥ã¢ãªã€ã³ã¿ãŒãããã¢ã¯ã»ã¹ã®äœæãAWS ãµãŒãã¹ã¢ã¯ã»ã¹ã®åçåã«ã€ããŠè§£èª¬ããŸããããããã®ãœãªã¥ãŒã·ã§ã³ã¯ãVPC ãªãœãŒã¹ã²ãŒããŠã§ã€ã匷åºãªã»ãã¥ãªãã£ãç¶æããªããäžè¬çãªãããã¯ãŒã¯èª²é¡ã«å¯ŸåŠããæ¹æ³ã瀺ããŠãããæé·ã«åãããã¯ã©ãŠãã¢ãŒããã¯ãã£ã®æ§ç¯ã«æçšãªããŒã«ãšãªããŸãã AWS ãããã¯ãŒã¯æ§æãç°¡çŽ åããæºåã¯ã§ããŸãããïŒ VPC ãªãœãŒã¹ã²ãŒããŠã§ã€ ã®ããã¥ã¡ã³ããåç
§ããŠãä»ãããªãœãŒã¹ã²ãŒããŠã§ã€ã®å®è£
ãéå§ãããèªèº«ã® AWS ç°å¢ã§ãããã®ãã¿ãŒã³ã詊ããŠã¿ãŠãã ããã 翻蚳ã¯ãœãªã¥ãŒã·ã§ã³ã¢ãŒããã¯ãã®é·å±ãæ
åœããŸããã
ããã«ã¡ã¯ãã¢ããŸã³ ãŠã§ã ãµãŒãã¹ ãžã£ãã³ååäŒç€Ÿ ããŒãããŒãœãªã¥ãŒã·ã§ã³ã¢ãŒããã¯ãã®æ·±äº 宣ä¹ã§ãã 2026 幎 6 æ 5 æ¥ã« AWS å
Œ
±ããŒãããŒãããã¯ãŒã¯ïŒPSNïŒã»ãããŒãšããŠãIT åºç€ã®ç°å¢å€åã«å¯Ÿå¿ãã AWS ãã€ã°ã¬ãŒã·ã§ã³ããšé¡ãã Webinar ãéå¬ããŸãããæ¬ããã°ã§ã¯éå¬å
容ã«ã€ã㊠Blog ã«ãŸãšãããã®ã«ãªããŸããæåœ±è³æãããŠã³ããŒãããããšãå¯èœã§ãã æ¬ã»ãããŒã§ã¯ãã¢ããŸã³ ãŠã§ã ãµãŒãã¹ ãžã£ãã³ååäŒç€Ÿ ãããªãã¯ã»ã¯ã¿ãŒçµ±æ¬æ¬éš ããŒãããŒã¢ã«ãŠã³ããããŒãžã£ãŒã®åå£ éäžéãšãå ãããªãã¯ã»ã¯ã¿ãŒæè¡çµ±æ¬æ¬éš ããŒãããŒãœãªã¥ãŒã·ã§ã³ã¢ãŒããã¯ãã®æ·±äº 宣ä¹ãç»å£ããããŒããŠã§ã¢ã®äŸ¡æ Œé«éš°ãçŽæé
å»¶ãä»®æ³åãœãããŠã§ã¢ã®ã©ã€ã»ã³ã¹äœç³»å€æŽãšãã£ã IT åºç€ãåãå·»ãç°å¢å€åãèžãŸããAWS ãã€ã°ã¬ãŒã·ã§ã³ã®å
šäœåãã玹ä»ããŸãããåçŽã¬ãã«ã®å
容ãšããŠãAWS ãã¯ã©ãŠãã®ç¥èããªãæ¹ã«ããåå ããã ããæ§æãšããŠããŸãã è³æïŒPDFïŒã® ããŠã³ããŒãã¯ãã¡ã ããå¯èœã§ãã IT åºç€ãåãå·»ãç°å¢å€å è¿å¹Žããšã³ã¿ãŒãã©ã€ãºãµãŒããŒãã¡ã¢ãªãSSD ã¹ãã¬ãŒãžãªã©ããŒããŠã§ã¢ã®äŸ¡æ Œé«éš°ãç¶ããŠããããªãŒãã¿ã€ã ãå»¶é·ããŠããŸããå€ãã®çŸå Žã§ã¯çŽæãèªãããå
¥æã調éèšç»ã«åœ±é¿ãåºãŠããã®ã宿
ã§ãã å ããŠãä»®æ³åãœãããŠã§ã¢ã®ã©ã€ã»ã³ã¹äœç³»å€æŽã«ãããæ¢åã® IT åºç€ãåŸæ¥ãšåãã³ã¹ãã§ç¶æããããšãå°é£ã«ãªãã±ãŒã¹ãå¢ããŠããŸãã ã»ãã¥ãªãã£é¢ã§ã¯ãAI ãæªçšãããµã€ããŒæ»æãé«åºŠåããŠãããClaude Mythos ã«è±¡åŸŽããããã㪠AI æä»£ã®ã»ãã¥ãªãã£è
åšãçŸå®ã®ãã®ãšãªã£ãŠããŸããäžæ¹ã§ãæ¥æ¬æ¿åºã¯è¡æ¿æ©é¢ã§ã® AI 培åºå©æŽ»çšãåºæ¬æ¹éãšããŠæ±ºå®ããŠãããå®ããšæ»ãã®äž¡é¢ã§ã®å¯Ÿå¿ãæ±ããããŠããŸãã AWS ãéžã°ããçç± ããããç°å¢å€åãèžãŸãããã€ã°ã¬ãŒã·ã§ã³å
ã® IT åºç€ãšã㊠AWS ãéžã°ãã 7 ã€ã®çç±ã玹ä»ããŸããã IT ãªãœãŒã¹èª¿éæéã®ççž® â ãªã³ããã³ãã§å³åº§ã«ãªãœãŒã¹ã確ä¿ã§ããæ°ãæã®èª¿éãªãŒãã¿ã€ã ããè§£æŸ ã³ã¹ãæé©å â åŸé課éã¢ãã«ã«ããã䜿ã£ãåã ãã®æ¯æããå¯èœ ç¶ç¶çãªå€äžã â AWS ã¯ãããŸã§ 161 å (2026幎 5ææç¹) ã®å€äžãã宿œ èé害æ§ãšé«å¯çšæ§ â ã°ããŒãã«ã€ã³ãã©ã¹ãã©ã¯ãã£ã«ããããã«ã AZ æ§æã§ã®é«å¯çšæ§ãå®çŸ AI æä»£ã«å¯Ÿå¿ããã»ãã¥ãªã㣠â AWS ã¯äž»èŠãªã³ã³ãã©ã€ã¢ã³ã¹ã«æºæ ããŠãããã®äžã§ ISMAP èªå®ãååŸãAWS ã§ã¯åŸåãã AI ãæŽ»çšããã»ãã¥ãªãã£ã®é«åºŠåã«åãçµã ææ° AI ãµãŒãã¹ãžã®ã¢ã¯ã»ã¹ â Amazon Bedrock ãã¯ãããšãã AI ãµãŒãã¹ããAnthropic 瀟ãšã®æŠç¥çææºã«ããææ°ã¢ãã«ãžã®ã¢ã¯ã»ã¹ãå¯èœ ç§»è¡ãæåã«å°ãããã®ãœãªã¥ãŒã·ã§ã³ â ç§»è¡ããŒã«ãããã°ã©ã ãå
å® AWS ãã€ã°ã¬ãŒã·ã§ã³ã®é²ãæ¹ ç§»è¡ãã¹ AWS ã§ã¯ç§»è¡æŠç¥ãšã㊠7 ã€ã®ãã¹ïŒ7RïŒãå®çŸ©ããŠããŸããå€ãã®ã±ãŒã¹ã§ã¯ãªãã¹ãïŒLift-and-shiftïŒã§ç§»è¡ãããŸã AWS ã«ç§»è¡ããããšã§ããŒããŠã§ã¢ä¿å®ããè§£æŸããã空ããå·¥æ°ã§ã¢ããã€ãŒãŒã·ã§ã³ã«æ³šåããæ®µéçã¢ãããŒããäžè¬çã§ãã ãªãã±ãŒã: Amazon Elastic VMware Service (Amazon EVS) VMware ç°å¢ããã®ãŸãŸ AWS ã«ç§»è¡ããå Žåã¯ãAmazon Elastic VMware ServiceïŒAmazon EVSïŒã掻çšã§ããŸããæ±äº¬ãªãŒãžã§ã³ã§æ¢ã«å©çšå¯èœã§ãã ãªãã¹ã: AWS Application Migration ServiceïŒAWS MGNïŒ OS ãã¢ããªã±ãŒã·ã§ã³ããã®ãŸãŸç§»è¡ãããªãã¹ãã«ã¯ AWS MGN ãå©çšã§ããŸããç¶ç¶çã«ããŒã¿ãã¬ããªã±ãŒã·ã§ã³ããããŠã³ã¿ã€ã ãæå°åããŸãããšãŒãžã§ã³ãåãšãšãŒãžã§ã³ãã¬ã¹åã® 2 ã€ã®æ¹åŒããããŸãã ããŒã¿ããŒã¹ç§»è¡: AWS Database Migration Service (AWS DMS) ãš AWS Schema Conversion Tool (AWS SCT) ããŒã¿ããŒã¹ã®ç§»è¡ã«ã¯ AWS DMS ãå©çšã§ããŸããç°ãªããšã³ãžã³éã®ç§»è¡ã§ã¯ AWS SCT ã䜵çšããŸãã ã¢ããã€ãŒãŒã·ã§ã³: AWS Transform AWS Transform ã¯å€§èŠæš¡ãªç§»è¡ãšã¢ããã€ãŒãŒã·ã§ã³ã®ããã®åã®ãšãŒãžã§ã³ãå AI ãµãŒãã¹ã§ãã ã³ã¹ãææ¡: Migration Evaluator ç§»è¡åŸã³ã¹ããäºåã«ææ¡ããç¡æãµãŒãã¹ã§ããçŽ 1 é±éã®ããŒã¿åéåŸã«è©äŸ¡ã¬ããŒããæç€ºããŸãã MAPïŒMigration Acceleration ProgramïŒ MAP ã¯ç§»è¡æã®äºéæè³è² è·ã軜æžãããããã¯ã¬ãžãããçŸééå
ãæäŸããããã°ã©ã ã§ããMAP ã®è©³çŽ°ã¯ AWS Partner Central ããåç
§ãã ããã ã客æ§äºäŸ æ±äº¬éœäžå€®åº â Amazon WorkSpaces ã«ãã VDI å·æ° ãªã³ãã¬ãã¹ VDI ã®ã¬ã¹ãã³ã¹äœäžã Amazon WorkSpaces ã§è§£æ¶ãåºå¹¹ç³»ã»å
éšäºåç³»ã®äž¡ã»ã°ã¡ã³ãã§å©çšããŠããŸãã 岩æçæè²å§å¡äŒ â å
±åå©çšåæ ¡åæ¯æŽã·ã¹ãã å
š 33 åžçºæãå
±åå©çšããæ ¡åæ¯æŽã·ã¹ãã ã®åºç€ãšã㊠AWS ãæ¡çšãæ ¡åæ¯æŽã·ã¹ãã ãå«ãåŠæ ¡é¢é£ã®ITåºç€ã§ã¯ãé·åŽçãæ°åº§åžãåå€å±åžãçŠå²¡åžã§ãå®çžŸããããŸãã åå¿ç€Ÿå€§åŠ â æ
å ±ã€ã³ãã©ã®å
šäœæé©å 4 ç³»çµ±ã®æ
å ±ã€ã³ãã©ã AWS ã«ç§»è¡ãAWS MGN ãæŽ»çšããããŠã³ã¿ã€ã åæžãšã³ã¹ãæé©åãå®çŸããŸããã ãããã« IT åºç€ãåãå·»ãç°å¢ã¯å€§ããå€åããŠããŸããAWS ã¯ããããç°å¢å€åãžã®å¯Ÿå¿ãæ¯æŽããŸãããèå³ããæã¡ã®æ¹ã¯åŸ¡ç€Ÿæ
åœã® Partner Account Manager ã«ãæ°è»œã«ãé£çµ¡ãã ããã ãã®ããã°ã¯ãã¢ããŸã³ ãŠã§ã ãµãŒãã¹ ãžã£ãã³ååäŒç€Ÿ ããŒãããŒãœãªã¥ãŒã·ã§ã³ã¢ãŒããã¯ã æ·±äº å®£ä¹ãå·çããŸããã
æ¬æã¯ 2026幎6æ26æ¥ ã«å
¬éããã AWS Cloud WAN Routing Policy: Real-World Global Network Scenarios (Part 2) ã翻蚳ãããã®ã§ãã Part 1 ã§ã¯ã AWS Cloud WAN ã®ã«ãŒãã£ã³ã°ããªã·ãŒã玹ä»ããã°ããŒãã«ãããã¯ãŒã¯å
šäœã§ã«ãŒãäŒæãšãã¹éžæã«åœ±é¿ãäžããããã®ãã现ããªå¶åŸ¡ãã©ã®ããã«äœ¿çšã§ãããã瀺ããŸãããåã«ãŒãã£ã³ã°ããªã·ãŒã¯ã3ã€ã®äž»èŠã³ã³ããŒãã³ãã§æ§æãããŸãã1) ãããæ¡ä»¶ïŒã«ãŒããã¬ãã£ãã¯ã¹ãŸã㯠BGP 屿§ãè©äŸ¡ããŸãã2) ã¢ã¯ã·ã§ã³ïŒãããããã«ãŒãã®åŠçæ¹æ³ã決å®ããŸãã3) æ¹åæ§ïŒããªã·ãŒãã€ã³ããŠã³ããšã¢ãŠãããŠã³ãã®ã©ã¡ãã®ã«ãŒãäŒæã«é©çšããããæå®ããŸãããããã®æ§æèŠçŽ ã¯ãã¢ã¿ããã¡ã³ããã»ã°ã¡ã³ãããŸãã¯ãªãŒãžã§ã³ã®ã¬ãã«ã§é©çšã§ããŸãã æ¬èšäºã§ã¯ããããã®æŠå¿µãèžãŸãããã€ããªããç°å¢ããã«ããµã€ãç°å¢ã§äžè¬çã«èŠããã3ã€ã®å®éçšã·ããªãªãåãäžããŸããAWS Cloud WAN ã®ã«ãŒãã£ã³ã°ããªã·ãŒã䜿çšããŠã AWS Transit Gateway ç°å¢ããã®ç§»è¡äžã«ã«ãŒãã£ã³ã°ãå¶åŸ¡ããæ¹æ³ãããŒã«ã«ããªãã¡ã¬ã³ã¹ã䜿çšããŠè€æ°ã® AWS Direct Connect ãã±ãŒã·ã§ã³éã®ãã¹éžæãæ¹åããæ¹æ³ããããŠåäžã® BGP èªåŸã·ã¹ãã çªå·ïŒASNïŒãæã€ãããã¯ãŒã¯éã®æ¥ç¶ãèš±å¯ããæ¹æ³ãåŠã³ãŸãã ãããã®ãã¿ãŒã³ã¯ãAWS Cloud WAN ãéäžåã®ããªã·ãŒé©çšãã€ã³ããšããŠäœ¿çšããã°ããŒãã«ãããã¯ãŒã¯å
šäœã®ã«ãŒãã£ã³ã°å¶åŸ¡ãç°¡çŽ åããæ¹æ³ã瀺ããŠããŸãã æ¬èšäºã§èª¬æããã·ããªãªã¯ãç¶²çŸ
çãªãªã¹ãã§ã¯ãããŸãããAWS Cloud WAN ã®ã«ãŒãã£ã³ã°ããªã·ãŒã¯ãããã§æ±ã以å€ã«ã远å ã®ãããæ¡ä»¶ãšã¢ã¯ã·ã§ã³ããµããŒãããŠãããããã客æ§ã®ç°å¢åºæã®ã«ãŒãã£ã³ã°èª²é¡ã«å¯Ÿå¿ã§ããŸããå©çšå¯èœãªãããæ¡ä»¶ãšã¢ã¯ã·ã§ã³ã®å®å
šãªãªã¹ãã«ã€ããŠã¯ã AWS Cloud WAN ã«ãŒãã£ã³ã°ããªã·ãŒã®ããã¥ã¡ã³ã ãåç
§ããŠãã ããã åææ¡ä»¶ æ¬èšäºã¯ã2éšæ§æã®ã·ãªãŒãºã®ç¬¬2åã§ãããããæ¡ä»¶ãã¢ã¯ã·ã§ã³ãæ¹åæ§ãåºæ¬çãªèšå®ã¯ãŒã¯ãããŒãªã©ãã«ãŒãã£ã³ã°ããªã·ãŒã®åºç€ãæ±ã£ã Part 1: AWS Cloud WAN Routing Policy â Fine-grained controls for your global network ãæ¢ã«èªãŸããŠããããšãåæãšããŸãããŸãã Amazon Virtual Private CloudïŒAmazon VPCïŒ ãAWS Cloud WANãAWS Direct Connectã AWS Site-to-Site VPN ãªã©ã®äž»èŠãª AWS ãããã¯ãŒã¯ãµãŒãã¹ãããã³ AS-pathãããŒã«ã«ããªãã¡ã¬ã³ã¹ãã³ãã¥ããã£å±æ§ãšãã£ãæŠå¿µãå«ã Border Gateway ProtocolïŒBGPïŒ ã®åºç€ãçè§£ããŠããããšãåæãšããŸããAWS Cloud WAN ã®ãã€ããªããæ¥ç¶ãã¿ãŒã³ã«é¢ããè£è¶³çãªèæ¯æ
å ±ã«ã€ããŠã¯ã Simplify global hybrid connectivity with AWS Cloud WAN and AWS Direct Connect integration ãåç
§ããããšãæšå¥šããŸãã è£è¶³ïŒAWS Cloud WAN ã®ã«ãŒãã£ã³ã°ããªã·ãŒã«ã¯ãã³ã¢ãããã¯ãŒã¯ããªã·ãŒããŒãžã§ã³ 2025.11 以éãå¿
èŠã§ããæ¬èšäºã§èª¬æããèšå®ãå®è£
ããåã«ãã³ã¢ãããã¯ãŒã¯ããã®ããŒãžã§ã³ã§åäœããŠããããšã確èªããŠãã ããã ã·ããªãª1ïŒæ¢åã® Transit Gateway ç°å¢ããã®ã«ãŒãäŒæã®å¶åŸ¡ AWS Cloud WAN ãæ¡çšããå Žåãæ¢ã« AWS Transit Gateway äžã«æ§ç¯ãããæ¢åç°å¢ãéçšããŠãããããããŸãããç§»è¡äžã¯ããããã®ç°å¢ã AWS Cloud WAN ã«æ¥ç¶ããããšã§ãäžåºŠããã®ã«ãããªãŒããŒã§ã¯ãªããæ®µéçãªç§»è¡ãå¯èœã«ãªããŸãã ããããã¢ãŒããã¯ãã£ã§ããããèŠä»¶ã¯ãAWS Cloud WAN ã Transit Gateway ããåŠç¿ããã«ãŒããããããã¯ãŒã¯ã®ä»ã®éšåãç¹ã« AWS Direct Connect ã AWS Site-to-Site VPN ãéããŠæ¥ç¶ããããªã³ãã¬ãã¹ç°å¢ã«ã©ã®ããã«äŒæããããå¶åŸ¡ããããšã§ãã æ¬¡ã®å³ïŒå³1ïŒã¯ãã«ãŒãã£ã³ã°ããªã·ãŒãé©çšãããŠããªãå Žåã«ãAWS Cloud WAN å
ã§ã«ãŒããã©ã®ããã«åŠç¿ãããäŒæããããã瀺ããŠããŸãããã®äŸã§ã¯ãap-southeast-2 ãªãŒãžã§ã³ã® Transit Gateway ããAWS Direct Connect ãéããŠãªã³ãã¬ãã¹ã®ããŒã¿ã»ã³ã¿ãŒïŒDC1ïŒã«æ¥ç¶ãããŠããŸãããã® Transit Gateway ã AWS Cloud WAN ã«ã¢ã¿ããããããšãDC1 ã¯éè€ããã«ãŒããåä¿¡ãå§ããŸãã1ã€ç®ã®ã«ãŒãã»ããã¯ãTransit Gateway ããçŽæ¥äŒæãããŸãã2ã€ç®ã®ã»ãã㯠AWS Cloud WAN èªäœããæ¥ããã®ã§ãAWS Cloud WAN 㯠Transit Gateway ã«ãŒãããŒãã«ã®ã¢ã¿ããã¡ã³ãããåãã«ãŒããåŠç¿ãããããã Direct Connect çµç±ã§ DC1 ã«åé
åžããŸããã«ãŒãã£ã³ã°ããªã·ãŒããªãå Žåããã®ã«ãŒãã®éè€ã¯ãéå¹ççãŸãã¯äºæž¬äžå¯èœãªã«ãŒãã£ã³ã°åäœã«ã€ãªããå¯èœæ§ããããŸãã å³1ïŒã«ãŒãã£ã³ã°ããªã·ãŒããªãå Žåã®ã«ãŒãäŒæåäœ AWS Cloud WAN ã®ã«ãŒãã£ã³ã°ããªã·ãŒã¯ãBGP ã³ãã¥ããã£ã®ã¿ã°ä»ããšãã£ã«ã¿ãªã³ã°ã«ãã£ãŠãã®åé¡ã解決ããã©ã®ã«ãŒãããªã³ãã¬ãã¹ç°å¢ã«ã¢ããã¿ã€ãºããããæ£ç¢ºã«å¶åŸ¡ã§ããããã«ããŸãã å³2ïŒã«ãŒãã£ã³ã°ããªã·ãŒé©çšåŸã®ã«ãŒãäŒæåäœ å³2ã«ç€ºãããã«ãTransit Gateway ã¯èªèº«ã® production ã«ãŒãããŒãã«ã AWS Cloud WAN ã® production ã»ã°ã¡ã³ãã«æ¥ç¶ããŸããã«ãŒãã£ã³ã°ããªã·ãŒã¯2ã€ã®ã¹ãããã§åäœããŸãã第1ã«ãTransit Gateway ã«ãŒãããŒãã«ã®ã¢ã¿ããã¡ã³ãããåŠç¿ããã«ãŒãã«ãBGP ã³ãã¥ããã£å€ïŒ65000:1 ãªã©ïŒãã¿ã°ä»ãããŸãã第2ã«ããã®ã³ãã¥ããã£ã¿ã°ããproduction ã»ã°ã¡ã³ããã hybrid ã»ã°ã¡ã³ããžã«ãŒããå
±æããéã®ãã£ã«ã¿ãšããŠäœ¿çšããŸããã¿ã°ä»ããããã«ãŒãã¯ãhybrid ã»ã°ã¡ã³ãã® Direct Connect ã²ãŒããŠã§ã€ïŒDXGWïŒãžã¯ãã以äžã¢ããã¿ã€ãºïŒäŒæïŒãããŸããã ãã®çµæããªã³ãã¬ãã¹ã®ããŒã¿ã»ã³ã¿ãŒã¯ Transit Gateway ããçŽæ¥ã«ãŒãã®ã¿ãåä¿¡ããããšã«ãªããéè€ããã¢ããã¿ã€ãºãæé€ãããTransit Gateway ãåãããŒã¿ã»ã³ã¿ãŒã«æ¥ç¶ããããŸãŸã®ã¢ãŒããã¯ãã£ã«ãããã«ãŒãã£ã³ã°ã®ç«¶åãåé¿ã§ããŸãã è£è¶³ïŒAWS Cloud WAN ã«çŽæ¥ã¢ã¿ãããããæ°ãã VPC ã¯ãTransit Gateway ã®èåŸã«ããæ¢åã® VPC ã AWS Cloud WAN äžã® VPC ãšéä¿¡ã§ããããã«ãèªèº«ã® Classless Inter-Domain RoutingïŒCIDRïŒãããã¯ã Transit Gateway ã«ã¢ããã¿ã€ãºããŸãããã ãããããã® CIDR ãããã¯ã¯ããã®é¢é£ä»ãã® èš±å¯ãã¬ãã£ãã¯ã¹ãªã¹ã ã«å«ãŸããŠããªãéããTransit Gateway ã® Direct Connect ã²ãŒããŠã§ã€ã®é¢é£ä»ããéããŠãªã³ãã¬ãã¹ã«ã¯ã¢ããã¿ã€ãºãããŸãããããã«ãããCloud WAN ã® VPC ã«ãŒãã Transit Gateway ãã¹çµç±ã§ DC1 ã«ã¢ããã¿ã€ãºãããã®ãé²ããAWS Cloud WAN ã® Direct Connect ã²ãŒããŠã§ã€ããªã³ãã¬ãã¹ãžã®å¯äžã®ãã¹ãšããŠæ®ããŸãã ä»çµã¿ æ¢åã® Transit Gateway ããåŠç¿ããã«ãŒã㯠production ã»ã°ã¡ã³ãã«å
¥ããã¢ã¿ããã¡ã³ãã®ã€ã³ããŠã³ãããªã·ãŒã«ãã£ãŠã³ãã¥ãã㣠65000:1 ã§ã¿ã°ä»ããããŸããproduction ã® VPC ãš AWS Cloud WAN ã®ãªãœãŒã¹ã¯ãTransit Gateway ã®ã¯ãŒã¯ããŒãã«éåžžã©ããå°éã§ããŸããäžæ¹ãproduction ã®ã«ãŒãã hybrid ã»ã°ã¡ã³ããšå
±æãããéãã¢ãŠãããŠã³ãã®ã»ã°ã¡ã³ããã£ã«ã¿ãªã³ã°ããªã·ãŒãã³ãã¥ããã£ã¿ã° 65000:1 ã«ããããããããã®ã«ãŒããããããããŸãããã®ä»ãã¹ãŠã® production ã«ãŒãïŒVPC ããã®ã«ãŒãïŒã¯ hybrid ã»ã°ã¡ã³ãã«ééããDirect Connect çµç±ã§ãªã³ãã¬ãã¹ã«ã¢ããã¿ã€ãºãããŸããããã«ãããåã Transit Gateway ã«äŸç¶ãšããŠçŽæ¥æ¥ç¶ãããŠããããŒã¿ã»ã³ã¿ãŒãžã®éè€ããã«ãŒãã¢ããã¿ã€ãºãé²ããŸãã ã¹ããã1ïŒTransit Gateway ã®ã«ãŒãã«ã³ãã¥ããã£ãã¿ã°ä»ãããïŒTransit Gateway ã«ãŒãããŒãã«ã¢ã¿ããã¡ã³ãã§ã€ã³ããŠã³ãïŒ ãã®ã€ã³ããŠã³ãããªã·ãŒããAWS Cloud WAN ã® Transit Gateway ã«ãŒãããŒãã«ã¢ã¿ããã¡ã³ãã«é©çšããŸãããã®ããªã·ãŒã¯ãTransit Gateway ããåŠç¿ãããã¹ãŠã®ã«ãŒãã«ãããããã³ãã¥ãã㣠65000:1 ã§ã¿ã°ä»ãããŸãã { "routing-policies": [ { "routing-policy-number": 100, "routing-policy-name": "tagTgwRoutes", "routing-policy-description": "Tag routes learned from existing TGW with community 65000:1", "routing-policy-direction": "inbound", "routing-policy-rules": [ { "rule-number": 10, "rule-definition": { "match-conditions": [ { "type": "prefix-in-cidr", "value": "0.0.0.0/0" } ], "condition-logic": "and", "action": { "type": "add-community", "value": "65000:1" } } } ] } ] } ã¹ããã2ïŒã»ã°ã¡ã³ãå
±ææã«ã¿ã°ä»ããããã«ãŒãããã£ã«ã¿ãªã³ã°ããïŒprod â hybridïŒ ãã®ã¢ãŠãããŠã³ãããªã·ãŒããproduction ã»ã°ã¡ã³ããã hybrid ã»ã°ã¡ã³ããžã«ãŒããå
±æããéã«é©çšããŸãããã®ããªã·ãŒã¯ãã³ãã¥ãã㣠65000:1 ãæã€ã«ãŒãã«ãããããŠããããããTransit Gateway ç±æ¥ã®ã«ãŒãã hybrid ã»ã°ã¡ã³ãããã³ Direct Connect çµç±ã§ãªã³ãã¬ãã¹ã® DC ã«äŒæãããã®ãé²ããŸããã³ãã¥ããã£å€ 65000:1 ã«ãããããªãã«ãŒãã¯æé»çã«èš±å¯ãããéåžžã©ããäŒæãç¶ããŸããAWS Cloud WAN ã®ã«ãŒãã£ã³ã°ããªã·ãŒã«ãŒã«ã¯ããã©ã«ãèš±å¯ïŒdefault-allowïŒãåºæ¬ãšããŠåäœããããããã«ãŒã«ã«ãã£ãŠæç€ºçã«ãããããã«ãŒãã®ã¿ããã£ã«ã¿ãªã³ã°ãããŸãã { "routing-policies": [ { "routing-policy-number": 200, "routing-policy-name": "filterRoutesToHybrid", "routing-policy-description": "Drop TGW-originated routes (community 65000:1) when sharing prod to hybrid", "routing-policy-direction": "outbound", "routing-policy-rules": [ { "rule-number": 10, "rule-definition": { "match-conditions": [ { "type": "community-in-list", "value": "65000:1" } ], "condition-logic": "and", "action": { "type": "drop" } } } ] } ] } ã¹ããã3ïŒããªã·ãŒãé
åžãã€ã³ãã«é¢é£ä»ãã 3.1 ã«ãŒãã£ã³ã°ããªã·ãŒã©ãã«ã䜿çšããŠãã¿ã°ä»ãããªã·ãŒã Transit Gateway ã«ãŒãããŒãã«ã¢ã¿ããã¡ã³ãã«é©çšããŸãã { "attachment-routing-policy-rules": [ { "rule-number": 100, "conditions": [ { "type": "routing-policy-label", "value": "TgwInbound" } ], "action": { "associate-routing-policies": [ "tagTgwRoutes" ] } } ] } é¢é£ä»ããå®äºããã«ã¯ãrouting-policy-label ã Transit Gateway ã«ãŒãããŒãã«ã¢ã¿ããã¡ã³ãã«å²ãåœãŠãŸããããã¯ãã¢ã¿ããã¡ã³ãã®äœææã« routing-policy-label ãã©ã¡ãŒã¿ã䜿çšããããAWS Cloud WAN ã³ã³ãœãŒã«ã§æ¢åã®ã¢ã¿ããã¡ã³ããç·šéããããšã§å®è¡ã§ããŸãããã®ã·ããªãªã§ã¯ãã©ãã« TgwInbound ã Transit Gateway ã«ãŒãããŒãã«ã¢ã¿ããã¡ã³ãã«å²ãåœãŠãŸãã 3.2 ã»ã°ã¡ã³ãå
±æã®ã¬ãã«ã§ãã£ã«ã¿ãªã³ã°ããªã·ãŒãé©çšããŸãã { "segment-actions": [ { "action": "share", "mode": "attachment-route", "segment": "production", "share-with": [ "hybrid" ], "routing-policy-names": [ "filterRoutesToHybrid" ] } ] } ã·ããªãª2ïŒè€æ°ã® Direct Connect ãã±ãŒã·ã§ã³éã§ã®ãã¹éžæã®æ¹å è€æ°ã®ãªã³ãã¬ãã¹ãã±ãŒã·ã§ã³ãããå Žåãèé害æ§ã®ããã«è€æ°ã®ãµã€ãããåããã¬ãã£ãã¯ã¹ãã¢ããã¿ã€ãºããŠããããšãå€ãã§ããããããã¯å¯çšæ§ãåäžãããŸãããAWS Cloud WAN ãè€æ°ã®ãã±ãŒã·ã§ã³ããåºæã®åªå
床ãªãã«åäžã®ã«ãŒããåä¿¡ãããšããã«ãŒãã£ã³ã°ã®ææ§ããçã¿åºããŸãã远å ã®å¶åŸ¡ããªããã°ããã©ãã£ãã¯ãé©åã«èªå°ãããªãå Žåã«éå¹ççãªã«ãŒãã£ã³ã°æ±ºå®ã«ã€ãªããå¯èœæ§ããããŸãã ã«ãŒãã£ã³ã°ããªã·ãŒãé©çšãããŠããªãå ŽåãAWS Cloud WAN ã¯ããã©ã«ãã®ã«ãŒãã£ã³ã°åäœïŒãã³ã²ã¹ããã¬ãã£ãã¯ã¹ãããïŒã«äŸåããããŒã«ã«ããªãã¡ã¬ã³ã¹ããã¹ã¹ãã¢ãªã³ã°ã¯è¡ãããŸãããå³3ã«ç€ºãããã«ãAWS Cloud WAN ãåããã¬ãã£ãã¯ã¹ïŒäŸãã° DC2 ããçºä¿¡ããã 10.2.0.0/16ïŒã3ã€ã® DXGW ãšãµã€ããã¹ãŠããåæã«åŠç¿ããå ŽåãDC2 ãéãçŽæ¥ãã¹ãåªå
ããã¡ã«ããºã ããããŸããããã®çµæãDC2 å®ãŠã®ãã©ãã£ãã¯ã代ããã« DC1 ã DC3 ãçµç±ããŠåºãŠããããšããããäžèŠãªããã¯ããŒã³ã®ééãã¬ã€ãã³ã·ãŒã®å¢å ãã³ã¹ãã®å¢å ãæããŸãã è£è¶³ïŒãã®ã·ããªãªã§ã¯ããªã³ãã¬ãã¹ã®ããŒã¿ã»ã³ã¿ãŒã MPLS ã AWS Direct Connect SiteLink ãªã©ã®ããã¯ããŒã³ãããã¯ãŒã¯ãéããŠçžäºæ¥ç¶ãããŠããããã§ã€ã«ãªãŒããŒæã«ãµã€ãéã§ãã©ãã£ãã¯ãééãããããããšãåæãšããŠããŸãã å³3ïŒã«ãŒãã£ã³ã°ããªã·ãŒããªãå Žåã®ã«ãŒããã¹éžæ AWS Cloud WAN ã®ã«ãŒãã£ã³ã°ããªã·ãŒã¯ãããŒã«ã«ããªãã¡ã¬ã³ã¹ãªã©ã® BGP 屿§ã䜿çšããŠããã¹éžæãéäžçã«å¶åŸ¡ããŸããå³4ã«ç€ºãããã«ãå DXGW ã¢ã¿ããã¡ã³ãã«é©çšãããã€ã³ããŠã³ãã«ãŒãã£ã³ã°ããªã·ãŒãããŒã«ã«ããªãã¡ã¬ã³ã¹å€ãå²ãåœãŠããã©ãã£ãã¯ãçºä¿¡å
ã®ããŒã¿ã»ã³ã¿ãŒãžèªå°ããããšã§ãæãçŽæ¥çãªãã¹ãåªå
ãããããã«ããŸãã å³4ïŒã«ãŒãã£ã³ã°ããªã·ãŒé©çšåŸã®ã«ãŒããã¹éžæ ãã®ã·ããªãªã§ã¯ãåããŒã¿ã»ã³ã¿ãŒãç¹å®ã®ãã¬ãã£ãã¯ã¹ã®ã»ãããä¿æããŠããŸããDC1 㯠10.1.0.0/16 ããDC2 㯠10.2.0.0/16 ããDC3 㯠10.3.0.0/16 ãçºä¿¡ããŸããèé害æ§ã®ããã3ã€ã® DC ã¯ãããããèªèº«ã® Direct Connect ãã±ãŒã·ã§ã³ãã3ã€ãã¹ãŠã®ãã¬ãã£ãã¯ã¹ãã¢ããã¿ã€ãºããŸããå DC ã¯å°çšã® DXGW ãéããŠæ¥ç¶ãããŠãããDC1 㯠ASN 65010ãDC2 㯠65011ãDC3 㯠65012 ã䜿çšããŸããAWS Cloud WAN ã¯3ã€ã® DXGW ãã¹ãŠããåãã«ãŒããåŠç¿ããããŒã«ã«ããªãã¡ã¬ã³ã¹ã䜿çšããŠåãã¬ãã£ãã¯ã¹ã®ãã©ãã£ãã¯ããã®ä¿æå
DC ãžèªå°ããŸããä»ã® DC ã¯ãã»ã«ã³ããªããã³ç¬¬3ïŒã¿ãŒã·ã£ãªïŒã®ãã§ã€ã«ãªãŒããŒãã¹ãšããŠæ©èœããŸãã AWS Cloud WAN ã®èгç¹ããèŠããšããã®ã·ããªãªã®ãã¹åªå
床ãããªãã¯ã¹ã¯æ¬¡ã®ãšããã§ãã ãã¬ãã£ãã¯ã¹ 1çªç®ïŒããŒã«ã«ããªãã¡ã¬ã³ã¹ 300ïŒ 2çªç®ïŒLP 200ïŒ 3çªç®ïŒLP 100ïŒ DC1: 10.1.0.0/16 DXGW 65010 DXGW 65011 DXGW 65012 DC2: 10.2.0.0/16 DXGW 65011 DXGW 65012 DXGW 65010 DC3: 10.3.0.0/16 DXGW 65012 DXGW 65011 DXGW 65010 ä»çµã¿ 3ã€ã® DC ã¯ããããèé害æ§ã®ããã«3ã€ãã¹ãŠã®ãã¬ãã£ãã¯ã¹ãã¢ããã¿ã€ãºããŸãããåãã¬ãã£ãã¯ã¹ã¯ç¹å®ã® DC ã«å±ããŸããAWS Cloud WAN ã 10.1.0.0/16 ã3ã€ã® DXGW ãã¹ãŠããåŠç¿ãããšãã«ãŒãã£ã³ã°ããªã·ãŒã¯ãDXGW 65010ïŒä¿æå
ã§ãã DC1ïŒãã 300ãDXGW 65011ïŒDC2ïŒãã 200ãDXGW 65012ïŒDC3ïŒãã 100 ã®ããŒã«ã«ããªãã¡ã¬ã³ã¹ãå²ãåœãŠãŸããAWS Cloud WAN ã¯æãé«ãããŒã«ã«ããªãã¡ã¬ã³ã¹ãæã€ãã¹ãéžæãã10.1.0.0/16 ã®ãã©ãã£ãã¯ã DC1 çµç±ã§èªå°ããŸããDC1 ã® Direct Connect ãã¹ã«é害ãçºçããå Žåããã©ãã£ãã¯ã¯èªåçã« DC2ïŒããŒã«ã«ããªãã¡ã¬ã³ã¹ 200ïŒã次ãã§ DC3ïŒããŒã«ã«ããªãã¡ã¬ã³ã¹ 100ïŒãžãã©ãŒã«ããã¯ããŸããåãããžãã¯ããDC2 ä¿æã®ãã¬ãã£ãã¯ã¹ïŒãã©ã€ããªã¯ DXGW 65011ãã»ã«ã³ããªã¯ 65012ã第3çµè·¯ã¯ 65010 çµç±ïŒããã³ DC3 ä¿æã®ãã¬ãã£ãã¯ã¹ïŒãã©ã€ããªã¯ DXGW 65012ãã»ã«ã³ããªã¯ 65011ã第3çµè·¯ã¯ 65010 çµç±ïŒã«ãé©çšãããŸãã DXGW ã®ã¬ãã«ã§ã¯ãVIF äžã® BGP ã³ãã¥ãã㣠ãéããŠã远å ã®ãã¹å¶åŸ¡ã¬ã€ã€ãŒãå©çšã§ããŸããå DXGW ã«ã¯ãã©ã€ããªãšã»ã«ã³ããªã®2ã€ã® VIF ããããã³ãã¥ããã£ã¿ã°ã«ãã£ãŠã¢ãŠãããŠã³ããã©ãã£ãã¯ã«ã©ã¡ãã® VIF ãåªå
ãããããæ±ºãŸããŸããé«åªå
床ã«ã¯ 7224:7300ãäœåªå
床ã«ã¯ 7224:7100 ã䜿çšããŸãããããã¯ãã¢ã¯ãã£ãã»ã¢ã¯ãã£ãã® ECMP ããŒããã©ã³ã·ã³ã°ã®ããã«ãäž¡æ¹ã® VIF ã« 7224:7200 ãé©çšããããšãã§ããŸãã ãã®èšå®ã«ãããAWS Cloud WAN ãš DXGW ã¯ãã€ã³ããŠã³ãã®ã«ãŒãåªå
èšå®ã䜿çšããŠã¢ãŠãããŠã³ããã©ãã£ãã¯ããªã³ãã¬ãã¹ãžèªå°ããŸãã察称ã«ãŒãã£ã³ã°ãå®çŸããã«ã¯ããªã³ãã¬ãã¹ãã AWS ãžæµãããã©ãã£ãã¯ã«ã€ããŠãããªã³ãã¬ãã¹ã®ããã€ã¹ãåããã¹ãåªå
ããããã«èšå®ããå¿
èŠããããŸãã è£è¶³ïŒå®çŸ©ããã3ã€ã®ãã¬ãã£ãã¯ã¹ãªã¹ãã®ãããã«ããããããªããã¬ãã£ãã¯ã¹ã¯ãæç€ºçãªããŒã«ã«ããªãã¡ã¬ã³ã¹ãèšå®ãããªããŸãŸééãã3ã€ã® DXGW ãã¹ãŠã«ããã£ãŠé決å®çãªãã¹éžæãšãªããŸãããªã³ãã¬ãã¹ããæ°ãããã¬ãã£ãã¯ã¹ãã¢ããã¿ã€ãºãããã®ã«åãããŠããã¬ãã£ãã¯ã¹ãªã¹ããææ°ã®ç¶æ
ã«ä¿ã€ããã«ããŠãã ããã ã¹ããã1ïŒåããŒã¿ã»ã³ã¿ãŒçšã®ãã¬ãã£ãã¯ã¹ãªã¹ããå®çŸ©ãã ããŒã¿ã»ã³ã¿ãŒããšã«åå¥ã®ãã¬ãã£ãã¯ã¹ãªã¹ããäœæãããã®ãµã€ãããçºä¿¡ããã CIDR ãã°ã«ãŒãåããŸãããã¬ãã£ãã¯ã¹ãªã¹ã㯠Amazon VPC ãããŒãžããã¬ãã£ãã¯ã¹ãªã¹ãïŒã«ã¹ã¿ããŒãããŒãžããã¬ãã£ãã¯ã¹ãªã¹ãïŒãšããŠäœæããããã®åŸãã¬ãã£ãã¯ã¹ãªã¹ããšã€ãªã¢ã¹ã䜿çšããŠã³ã¢ãããã¯ãŒã¯ã«é¢é£ä»ããããŸããã«ãŒãã£ã³ã°ããªã·ãŒããã¬ãã£ãã¯ã¹ããããããéã«åç
§ããã®ã¯ããã®ãšã€ãªã¢ã¹ã§ããäŸãã°ã10.1.0.0/16ã10.2.0.0/16ã10.3.0.0/16 ãããããå«ã3ã€ã® ãããŒãžããã¬ãã£ãã¯ã¹ãªã¹ã ãäœæãããšã€ãªã¢ã¹ dc1Prefixesãdc2Prefixesãdc3Prefixes ã䜿çšããŠã³ã¢ãããã¯ãŒã¯ã«é¢é£ä»ããŸãã è£è¶³ïŒâmax-entries ãã©ã¡ãŒã¿ã¯å¿
é ã§ããã¬ãã£ãã¯ã¹ãªã¹ããä¿æã§ãããšã³ããªã®æå€§æ°ãå®çŸ©ããŸããããã§äœ¿çšããŠããå€ 5 ã¯ä»»æã®ãã®ã§ãããå«ããäºå®ã®ãã¬ãã£ãã¯ã¹æ°ã«å¿ããŠèª¿æŽã§ããŸãã aws ec2 create-managed-prefix-list --prefix-list-name dc1Prefixes --max-entries 5 --address-family IPv4 --entries Cidr=10.1.0.0/16 aws ec2 create-managed-prefix-list --prefix-list-name dc2Prefixes --max-entries 5 --address-family IPv4 --entries Cidr=10.2.0.0/16 aws ec2 create-managed-prefix-list --prefix-list-name dc3Prefixes --max-entries 5 --address-family IPv4 --entries Cidr=10.3.0.0/16 aws networkmanager create-core-network-prefix-list-association --core-network-id <core-network-id> --prefix-list-arn <dc1-prefix-list-arn> --prefix-list-alias dc1Prefixes aws networkmanager create-core-network-prefix-list-association --core-network-id <core-network-id> --prefix-list-arn <dc2-prefix-list-arn> --prefix-list-alias dc2Prefixes aws networkmanager create-core-network-prefix-list-association --core-network-id <core-network-id> --prefix-list-arn <dc3-prefix-list-arn> --prefix-list-alias dc3Prefixes ã¹ããã2ïŒDXGW ã¢ã¿ããã¡ã³ãããšã«ã«ãŒãã£ã³ã°ããªã·ãŒãå®çŸ©ãã å DXGW ã¯ãããããç¬èªã®ã€ã³ããŠã³ãã«ãŒãã£ã³ã°ããªã·ãŒãæã¡ãŸãããã®ããªã·ãŒã¯ããã¹åªå
床ãããªãã¯ã¹ã«åºã¥ããŠåãã¬ãã£ãã¯ã¹ã«ããŒã«ã«ããªãã¡ã¬ã³ã¹å€ãå²ãåœãŠãåãã¬ãã£ãã¯ã¹ãçºä¿¡å
DC ãžã決å®çãªãã§ã€ã«ãªãŒããŒé åºã§èªå°ããŸãã DXGW 65010ïŒDC1ïŒã®ããªã·ãŒãDC1 ã®ãã©ã€ããªãDC2 ãš DC3 ã®ç¬¬3çµè·¯ïŒ { "routing-policies": [ { "routing-policy-number": 100, "routing-policy-name": "pathPreferenceDxgw65010", "routing-policy-description": "DXGW 65010 (DC1): primary for DC1, tertiary for DC2, tertiary for DC3", "routing-policy-direction": "inbound", "routing-policy-rules": [ {"rule-number": 10, "rule-definition": {"match-conditions": [{"type": "prefix-in-prefix-list", "value": "dc1Prefixes"}], "condition-logic": "and", "action": {"type": "set-local-preference", "value": "300"}}}, {"rule-number": 20, "rule-definition": {"match-conditions": [{"type": "prefix-in-prefix-list", "value": "dc2Prefixes"}], "condition-logic": "and", "action": {"type": "set-local-preference", "value": "100"}}}, {"rule-number": 30, "rule-definition": {"match-conditions": [{"type": "prefix-in-prefix-list", "value": "dc3Prefixes"}], "condition-logic": "and", "action": {"type": "set-local-preference", "value": "100"}}} ] } ] } DXGW 65011ïŒDC2ïŒã®ããªã·ãŒãDC2 ã®ãã©ã€ããªãDC1 ãš DC3 ã®ã»ã«ã³ããªïŒ { "routing-policies": [ { "routing-policy-number": 200, "routing-policy-name": "pathPreferenceDxgw65011", "routing-policy-description": "DXGW 65011 (DC2): secondary for DC1, primary for DC2, secondary for DC3", "routing-policy-direction": "inbound", "routing-policy-rules": [ {"rule-number": 10, "rule-definition": {"match-conditions": [{"type": "prefix-in-prefix-list", "value": "dc1Prefixes"}], "condition-logic": "and", "action": {"type": "set-local-preference", "value": "200"}}}, {"rule-number": 20, "rule-definition": {"match-conditions": [{"type": "prefix-in-prefix-list", "value": "dc2Prefixes"}], "condition-logic": "and", "action": {"type": "set-local-preference", "value": "300"}}}, {"rule-number": 30, "rule-definition": {"match-conditions": [{"type": "prefix-in-prefix-list", "value": "dc3Prefixes"}], "condition-logic": "and", "action": {"type": "set-local-preference", "value": "200"}}} ] } ] } DXGW 65012ïŒDC3ïŒã®ããªã·ãŒãDC3 ã®ãã©ã€ããªãDC2 ã®ã»ã«ã³ããªãDC1 ã®ç¬¬3çµè·¯ïŒ { "routing-policies": [ { "routing-policy-number": 300, "routing-policy-name": "pathPreferenceDxgw65012", "routing-policy-description": "DXGW 65012 (DC3): tertiary for DC1, secondary for DC2, primary for DC3", "routing-policy-direction": "inbound", "routing-policy-rules": [ {"rule-number": 10, "rule-definition": {"match-conditions": [{"type": "prefix-in-prefix-list", "value": "dc1Prefixes"}], "condition-logic": "and", "action": {"type": "set-local-preference", "value": "100"}}}, {"rule-number": 20, "rule-definition": {"match-conditions": [{"type": "prefix-in-prefix-list", "value": "dc2Prefixes"}], "condition-logic": "and", "action": {"type": "set-local-preference", "value": "200"}}}, {"rule-number": 30, "rule-definition": {"match-conditions": [{"type": "prefix-in-prefix-list", "value": "dc3Prefixes"}], "condition-logic": "and", "action": {"type": "set-local-preference", "value": "300"}}} ] } ] } ã¹ããã3ïŒããªã·ãŒã DXGW ã¢ã¿ããã¡ã³ãã«é¢é£ä»ãã åã«ãŒãã£ã³ã°ããªã·ãŒã routing-policy-label ã«ãããã³ã°ããæ¬¡ã«ã©ãã«ã«ãã£ãŠã¢ã¿ããã¡ã³ããããããã察å¿ããã«ãŒãã£ã³ã°ããªã·ãŒãé¢é£ä»ãã attachment-routing-policy-rules ãå®çŸ©ããŸããrouting-policy-label ãåã¢ã¿ããã¡ã³ãã«å²ãåœãŠãŸãã { "attachment-routing-policy-rules": [ {"rule-number": 100, "conditions": [{"type": "routing-policy-label", "value": "dxgw65010inbound"}], "action": {"associate-routing-policies": ["pathPreferenceDxgw65010"]}}, {"rule-number": 200, "conditions": [{"type": "routing-policy-label", "value": "dxgw65011inbound"}], "action": {"associate-routing-policies": ["pathPreferenceDxgw65011"]}}, {"rule-number": 300, "conditions": [{"type": "routing-policy-label", "value": "dxgw65012inbound"}], "action": {"associate-routing-policies": ["pathPreferenceDxgw65012"]}} ] } 次ã«ãrouting-policy-label ãã©ã¡ãŒã¿ãŸãã¯ã³ã³ãœãŒã«ã䜿çšããŠã察å¿ãã routing-policy-label ãå DXGW ã¢ã¿ããã¡ã³ãã«é©çšããŸãããã®ã·ããªãªã§ã¯ãã©ãã« dxgw65010inbound ã DXGW 65010 ã¢ã¿ããã¡ã³ãã«ãdxgw65011inbound ã DXGW 65011 ã¢ã¿ããã¡ã³ãã«ãdxgw65012inbound ã DXGW 65012 ã¢ã¿ããã¡ã³ãã«å²ãåœãŠãŸãã ã·ããªãª3ïŒåäž ASN ãæã€ãããã¯ãŒã¯éã®éä¿¡ã®èš±å¯ Wide Area NetworkïŒWANïŒãæ§ç¯ããäŒæ¥ã¯ãã°ããŒãã«æ¥ç¶ã®ããã« AWS ã®ããã¯ããŒã³ã€ã³ãã©ã¹ãã©ã¯ãã£ããŸããŸã掻çšããŠããŸãããè²·åãææ©çãªæé·ããŸãã¯äžè¬çãªããã©ã«ã ASN å€ã䜿çšãããã«ããµã€ãå±éãªã©ã«ããããã©ã€ããŒã ASN ã®éè€ã«çŽé¢ããããšããããããŸããè€æ°ã®ãµã€ããåäžã® ASN ã䜿çšããŠããå ŽåãBGP ã®ã«ãŒã鲿¢æ©èœããAS-path ã«ãã®ãµã€ãèªèº«ã® ASN ãå«ãã«ãŒããæåŠããWAN å
šäœã®ãšã³ãããŒãšã³ãã®éä¿¡ã劚ããŸãã ãã®ã·ããªãªã§ã¯ã2ã€ã® ASN ã®ç«¶åããšã³ãããŒãšã³ãã®éä¿¡ã劚ããŠããŸããå³5ã«ç€ºãããã«ãDC1 ãš DC2ïŒAïŒã¯ã©ã¡ãã ASN 65000 ã䜿çšããŠããŸããAWS Cloud WAN ããããã®éã§ã«ãŒããäŒæãããšãåãµã€ã㯠AS-path ã«èªèº«ã® ASN ãæ€åºãããããçžæã®ã«ãŒããæåŠããŸããããã BGP ã®ã«ãŒã鲿¢æ©èœãåŒãèµ·ãããŸãã å³5ïŒDC1 ãš DC2 éã§ BGP ã«ãŒã鲿¢æ©èœãåŒãèµ·ãã ASN ã®ç«¶å 2ã€ç®ã®ç«¶åïŒBïŒã¯ãå³6ã«ç€ºãããã«ãASN 64512 ã䜿çšãã DC3 ããap-southeast-2 ã® AWS Cloud WAN ã³ã¢ãããã¯ãŒã¯ãšããžïŒCNEïŒã® ASN ãšç«¶åãããšãããã®ã§ããããã«ãããDC3 ã®ã«ãŒã㯠ap-southeast-2 ã® CNE ã«ãã£ãŠãããããããDC3 ããã® CNE ããã®ã«ãŒããããããããŸãã å³6ïŒDC3 ãš AWS Cloud WAN CNE éã® ASN ã®ç«¶åã«ããã«ãŒãäŒæã®ããã㯠ããã2ã€ã®ç«¶åãçµã¿åãããããšã§ã3ã€ã®ããŒã¿ã»ã³ã¿ãŒãã¹ãŠã«ããã£ãŠå°éæ§ãå®å
šã«å€±ãããçµæãšãªããŸãã AWS Cloud WAN ã®ã«ãŒãã£ã³ã°ããªã·ãŒã¯ãreplace-asn-list ã¢ã¯ã·ã§ã³ã«ãã£ãŠãã®åé¡ã«å¯ŸåŠããŸãããã®ã¢ã¯ã·ã§ã³ã¯ãAS-path å
šäœãæå®ãã ASN ã®ã»ããã§çœ®ãæããã«ãŒã鲿¢æ©èœãåŒãèµ·ããç«¶åãåãé€ãããªã³ãã¬ãã¹ã® BGP ã®çªå·ãæ¯ãçŽãããšãªãæ¥ç¶ã埩å
ããŸãã å³7ã«ç€ºãããã«ã3ã€ã®ããŒã¿ã»ã³ã¿ãŒã¯ AWS Cloud WAN ãäžå€®ã®ã°ããŒãã«ããã¯ããŒã³ãšããŠäœ¿çšããŸããDC1 㯠ap-southeast-2 ãªãŒãžã§ã³ã® Direct Connect ãéããŠæ¥ç¶ããDC2 㯠us-west-2 ãªãŒãžã§ã³ã® Site-to-Site VPN ãéããŠæ¥ç¶ããDC3 ã¯ã¡ãããã¡ã€ããŒçµç±ã§ DC2 ãéã㊠AWS Cloud WAN ã«å°éããŸããã€ã³ããŠã³ãã«ãŒãã£ã³ã°ããªã·ãŒã¯ã2ã€ã®ã¢ã¿ããã¡ã³ããã€ã³ãã«é©çšãããŸãã(1) DC1 çšã® Direct Connect ã²ãŒããŠã§ã€ã¢ã¿ããã¡ã³ããããã³ (2) DC2 çšã® VPN ã¢ã¿ããã¡ã³ãã§ããDC3 ã®ã«ãŒã㯠DC2 ã® VPN ã¢ã¿ããã¡ã³ããçµç±ããŠééããããããã®ã¢ã¿ããã¡ã³ãã®ã€ã³ããŠã³ãããªã·ãŒã DC2 ãš DC3 ã®äž¡æ¹ã® ASN 眮æãåŠçããŸãã å³7ïŒ3ã€ã®ããŒã¿ã»ã³ã¿ãŒãã¹ãŠã®æ¥ç¶ã埩å
ãã ASN 眮æã«ãŒãã£ã³ã°ããªã·ãŒ 次ã®è¡šã¯ãASN ã®çœ®æããŸãšãããã®ã§ãã ãœãŒã¹ å
ã® ASN 眮æåŸã® ASN çç± DC1ïŒDirect ConnectïŒ 65000 65550 DC2 ã§ã®ã«ãŒãæ€åºãåé¿ DC2ïŒSite-to-Site VPNïŒ 65000 65551 DC1 ã§ã®ã«ãŒãæ€åºãåé¿ DC3ïŒDC2 ã®ã¡ãããã¡ã€ããŒçµç±ïŒ 64512 65552 ap-southeast-2 ã® CNE ASN ãšã®ç«¶åãåé¿ éèŠïŒAWS Cloud WAN ã®ã³ã¢ãããã¯ãŒã¯ãšããžïŒCNEïŒã¯ãã€ã³ããŠã³ãã«ãŒãã£ã³ã°ããªã·ãŒãè©äŸ¡ãããåã«ãBGP AS-path ã®ã«ãŒãæ€åºãå®è¡ããŸããCNE ãèªèº«ã® ASN ãšäžèŽãã ASN ãæã€ã«ãŒããåä¿¡ããå Žåãreplace-asn-list ã¢ã¯ã·ã§ã³ãå®è¡ãããåã«ãã®ã«ãŒããããããããŸããããããžãŒãèšç»ããéã¯ããªã³ãã¬ãã¹ã®ã«ãŒãããåä¿¡åŽã® CNE ã® ASN ãšäžèŽãã ASN ãæããªãããã«ããŠãã ããã ä»çµã¿ ãã®ã¢ãããŒãã¯ãåãµã€ãã«åºæã§ç«¶åããªã眮æ ASN ãå²ãåœãŠãããšã§ãã©ã®ãµã€ããäŒæãããã«ãŒãã®äžã«èªèº«ã® ASN ãèŠãããšããªãããŸããã©ã®ã«ãŒããããããžãŒå
ã® CNE ãšç«¶åãã ASN ãæããªãããã«ãããã®ã§ããDC1 ã AWS Cloud WAN ã«ã«ãŒããã¢ããã¿ã€ãºãããšãDirect Connect ã²ãŒããŠã§ã€ã¢ã¿ããã¡ã³ãã®ã€ã³ããŠã³ãããªã·ãŒããAS-path å
šäœã ASN 65550 ã§çœ®ãæããŸãããããã®ã«ãŒã㯠AWS Cloud WAN ãéããŠäŒæããAS-path ã« 65000 ã§ã¯ãªã 65550 ãå«ãã ç¶æ
ã§ DC2 ã«å°éãããããDC2 ã®ã«ãŒã¿ãŒã¯ã«ãŒãæ€åºãåŒãèµ·ããããšãªãããããåãå
¥ããŸãã DC2 ãã«ãŒããã¢ããã¿ã€ãºãããšãVPN ã¢ã¿ããã¡ã³ãã®ã€ã³ããŠã³ãããªã·ãŒã AS-path å
šäœã ASN 65551 ã§çœ®ãæããŸããããã«ãã DC1 ã¯ãAS-path ã« 65000 ã§ã¯ãªã 65551 ãå«ãã ç¶æ
ã§ãããã®ã«ãŒããåä¿¡ãããããBGP ã®ã«ãŒãæ€åºãé²ããDC1 ãš DC2 éã®åæ¹åéä¿¡ã埩å
ããŸãã DC3 ã«ã€ããŠã¯ãã«ãŒã㯠ASN 64512ïŒDC3ïŒãš ASN 65000ïŒDC2ïŒã®äž¡æ¹ãæã£ãç¶æ
ã§ãDC2 ã® VPN ã¢ã¿ããã¡ã³ããéã㊠AWS Cloud WAN ã«å
¥ããŸããã€ã³ããŠã³ãããªã·ãŒã¯ AS-path å
šäœãåäžã®å°çš ASNïŒ65552ïŒã§çœ®ãæããç«¶åãã2ã€ã®å€ã1åã®æäœã§åãé€ããŸããããã«ãããDC3 ã®ãã¬ãã£ãã¯ã¹ã AWS Cloud WAN ã®ã«ãŒãããŒãã«ã«åãå
¥ããããDC1 ããã³ã¯ã©ãŠããªãœãŒã¹ã«ã¢ããã¿ã€ãºãããããã«ãªããŸãã ãã¹ãŠã®çœ®æ ASNïŒ65550ã65551ã65552ïŒã¯ãã³ã¢ãããã¯ãŒã¯ãšããžçšã«èšå®ããã ASN ç¯å²ã®å€ããéžæãããŠããŸããã«ãŒãã£ã³ã°ããªã·ãŒã®çœ®æå€ã¯ãAWS Cloud WAN ã® CNE ã® ASN ç¯å²ãšéè€ã§ããªãããã§ãã ã¹ããã1ïŒDC1 ã® Direct Connect ã²ãŒããŠã§ã€ã¢ã¿ããã¡ã³ãã«ã€ã³ããŠã³ãããªã·ãŒãå®çŸ©ãã ãã®ããªã·ãŒã¯ãDC1 ããå°çãã AS-path ã« ASN 65000 ãå«ãã«ãŒãã«ãããããããã 65550 ã«çœ®ãæããŸãããããã®ã«ãŒãã DC2 ã«äŒæããããšããAS-path ã«ã¯ 65000 ãå«ãŸããªããªããããDC2 ã®ã«ãŒã¿ãŒã¯ããããåãå
¥ããŸãã { "routing-policies": [ { "routing-policy-name": "replaceasndc1", "routing-policy-description": "Replace ASN 65000 from DC1 with 65550 to avoid loop detection at DC2", "routing-policy-direction": "inbound", "routing-policy-number": 100, "routing-policy-rules": [ {"rule-number": 10, "rule-definition": {"match-conditions": [{"type": "asn-in-as-path", "value": 65000}], "condition-logic": "and", "action": {"type": "replace-asn-list", "value": [65550]}}} ] } ] } ã¹ããã2ïŒDC2 ã® VPN ã¢ã¿ããã¡ã³ãã«ã€ã³ããŠã³ãããªã·ãŒãå®çŸ©ãã ãã®ããªã·ãŒã¯ã2ã€ã®ã«ãŒãã£ã³ã°ã«ãŒã«ã䜿çšã㊠ASN ã®ç«¶åã解決ããŸãã ã«ãŒã«10 ïŒDC3 ã® ASNïŒ64512ïŒã 65552 ã«çœ®ãæããŸãã ã«ãŒã«20 ïŒDC2 ã® ASNïŒ65000ïŒã 65551 ã«çœ®ãæããŸãã DC3 ããã®ã«ãŒã㯠DC2 ãçµç±ããŠééãããããAS-path ã«äž¡æ¹ã® ASN ãå«ã¿ãŸãããã®ãããé åºãéèŠã§ããreplace-asn-list 㯠AS-path å
šäœãäžæžããããããDC3 ã®ã«ãŒããå°çšã®çœ®æ ASNïŒ65552ïŒãåãåããããã«ãã«ãŒã«10 ãå
ã«å®è¡ããå¿
èŠããããŸãã ããã«ãŒã«20 ãå
ã«å®è¡ããããšãDC2 ã® ASN ã«ãããã㊠AS-path å
šäœã 65551 ã§çœ®ãæããŠããŸããŸããDC3 ã®ã«ãŒãã¯äŸç¶ãšããŠåãå
¥ããããæ¥ç¶ã¯æ©èœããŸãããDC2 ã®ã«ãŒããšåºå¥ãã€ããªããªããã«ãŒãã®è¿œè·¡ããã©ãã«ã·ã¥ãŒãã£ã³ã°ãé£ãããªããŸãã { "routing-policies": [ { "routing-policy-name": "replaceasndc2", "routing-policy-description": "Replace ASN 65000 from DC2 with 65551 and ASN 64512 from DC3 with 65552", "routing-policy-direction": "inbound", "routing-policy-number": 200, "routing-policy-rules": [ {"rule-number": 10, "rule-definition": {"match-conditions": [{"type": "asn-in-as-path", "value": 64512}], "condition-logic": "and", "action": {"type": "replace-asn-list", "value": [65552]}}}, {"rule-number": 20, "rule-definition": {"match-conditions": [{"type": "asn-in-as-path", "value": 65000}], "condition-logic": "and", "action": {"type": "replace-asn-list", "value": [65551]}}} ] } ] } ã¹ããã3ïŒããªã·ãŒãã¢ã¿ããã¡ã³ãã«é¢é£ä»ãã routing-policy-label ã«ããããã attachment-routing-policy-rules ãå®çŸ©ããããšã§ãåã«ãŒãã£ã³ã°ããªã·ãŒãã¢ã¿ããã¡ã³ãã«é¢é£ä»ããŸããrouting-policy-label ãã©ã¡ãŒã¿ãŸãã¯ã³ã³ãœãŒã«ã䜿çšããŠãåã¢ã¿ããã¡ã³ãã«æå®ã® routing-policy-label ãã¿ã°ä»ãããŸãã { "attachment-routing-policy-rules": [ {"rule-number": 100, "conditions": [{"type": "routing-policy-label", "value": "dc1inbound"}], "action": {"associate-routing-policies": ["replaceasndc1"]}}, {"rule-number": 200, "conditions": [{"type": "routing-policy-label", "value": "dc2inbound"}], "action": {"associate-routing-policies": ["replaceasndc2"]}} ] } æåŸã«ãrouting-policy-label ãã©ã¡ãŒã¿ãŸãã¯ã³ã³ãœãŒã«ã䜿çšããŠãåã¢ã¿ããã¡ã³ãã«æå®ã® routing-policy-label ãã¿ã°ä»ãããŸãããã®ã·ããªãªã§ã¯ãã©ãã« dc1inbound ã DC1 ã® Direct Connect ã²ãŒããŠã§ã€ã¢ã¿ããã¡ã³ãã«ãdc2inbound ã DC2 ã® VPN ã¢ã¿ããã¡ã³ãã«å²ãåœãŠãŸãã ç¥ã£ãŠããã¹ãããš AWS Cloud WAN ãžã® Direct Connect ã²ãŒããŠã§ã€ã¢ã¿ããã¡ã³ããäœæããéãDXGW ãæ¥ç¶ãã CNE ãéžæã§ããŸããå CNE ã¯èªèº«ã®ããŒã«ã«ãªãŒãžã§ã³ã® VPC ã«ãŒãã®ã¿ã DXGW ã«ã¢ããã¿ã€ãºãããããé¢é£ä»ããå¶éããç¹å¥ãªçç±ããªãéããã·ããªãª2ã«ç€ºãããã«ãã¹ãŠã® CNE ãéžæããããšãæšå¥šããŸãã IPv6 ããµããŒããããŠããŸããåããããæ¡ä»¶ãã¢ã¯ã·ã§ã³ãããªã·ãŒæ§é ã IPv6 ãã¬ãã£ãã¯ã¹ã«ãé©çšãããŸãïŒã¯ã€ã«ãã«ãŒãããããšã㊠::/0 ã䜿çšïŒãæ¬èšäºã§èª¬æãããã¹ãŠã®ã·ããªãªã«ãããŠãIPv6 ã®ã«ãŒãäŒæã«åäžã®ã«ãŒãã£ã³ã°ããªã·ãŒãã¿ãŒã³ãé©çšã§ããŸãã ã·ããªãª2ã«ç€ºãããã«è€æ°ã® Direct Connect ã²ãŒããŠã§ã€ããããã€ãããšãåäžã® Direct Connect ã²ãŒããŠã§ã€ïŒDXGWïŒã䜿çšããå Žåãããããã现ããªã«ãŒãã£ã³ã°å¶åŸ¡ãå¯èœã«ãªããŸããAWS Cloud WAN ã®ã«ãŒãã£ã³ã°ããªã·ãŒã¯ãVIF ã DXGW ã®ã¬ãã«ã§å©çšã§ãããã®ãããå¹
åºã BGP 屿§ã®å¶åŸ¡ãæäŸããŸãããªã³ãã¬ãã¹æ¥ç¶ãè€æ°ã® DXGW ã«åæ£ãããããšã§ãã«ãŒãã£ã³ã°ã®æ±ºå®ã AWS Cloud WAN ã«ç§»ãããã©ãã£ãã¯ãšã³ãžãã¢ãªã³ã°ã®ããã®ããè±å¯ãªããªã·ãŒå¶åŸ¡ãå©çšã§ããããã«ãªããŸãã ã«ãŒãã£ã³ã°ããªã·ãŒå
ã®ã«ãŒã«ã¯ãrule-number ã®é ã«è©äŸ¡ãããŸããè©äŸ¡ã忢ããçµç«¯ã¢ã¯ã·ã§ã³ã¯ drop ãš allow ã®ã¿ã§ããreplace-asn-listãset-local-preferenceãadd-community ãªã©ã®ãã®ä»ã®ã¢ã¯ã·ã§ã³ã¯éçµç«¯ã§ãããè©äŸ¡ã¯æ®ãã®ã«ãŒã«ãžãšç¶ããå倿ŽãåŒãç¶ãããŠãããŸããreplace-asn-list ã¢ã¯ã·ã§ã³ã¯ãåã
ã® ASN ã眮æããã®ã§ã¯ãªããAS-path å
šäœãäžæžãããŸãããã®çµæãå
ã®ã«ãŒã«ã«ãã£ãŠå€æŽãããã«ãŒãã¯ãåŸã®ã«ãŒã«ããããããããã®å
ã® ASN ããã¯ãæã¡ãŸãããã·ããªãª3ã® DC2 ãçµç±ãã DC3 ã®ã«ãŒãã®ããã«ãã«ãŒããè€æ°ã® ASN ãæã¡ããå Žåã¯ãæãå
·äœçãªããããæåã«é©çšãããããã«ã«ãŒã«ãé åºä»ããŠãã ããã AWS Cloud WAN ã¯ãCNE ããšã« BGP AS-path ã®ã«ãŒãæ€åºãå®è¡ãããã®ãã§ãã¯ã¯ã€ã³ããŠã³ãã«ãŒãã£ã³ã°ããªã·ãŒãé©çšãããåã«å®è¡ãããŸããåä¿¡ã«ãŒãã® AS-path ã«ããã®ã¢ã¿ããã¡ã³ããæ¥ç¶ãã CNE ã® ASN ãå«ãŸããŠããå Žåãreplace-asn-list ããªã·ãŒã倿Žãå ããåã«ãã®ã«ãŒãã¯æåŠãããŸãïŒè©³çްãªäŸã«ã€ããŠã¯ã·ããªãª3ãåç
§ããŠãã ããïŒã ã¯ãªãŒã³ã¢ãã æ¬èšäºã§èª¬æããã«ãŒãã£ã³ã°ããªã·ãŒã¯ãAWS Cloud WAN ã®ã³ã¢ãããã¯ãŒã¯ããªã·ãŒããã¥ã¡ã³ãå
ã§å®çŸ©ããããã®ã§ãããåç¬ã§èª²é察象ãšãªããªãœãŒã¹ãäœæããããšã¯ãããŸããããããã®èšå®ãåé€ããã«ã¯ãæ¬¡ã®æé ãå®è¡ããŸãã AWS Cloud WAN ã³ã³ãœãŒã«ã§ã¢ã¿ããã¡ã³ããç·šéããããAWS CLI ã䜿çšããŠãåã¢ã¿ããã¡ã³ããã routing-policy-label ãåé€ããŸãã ããªã·ãŒãåç
§ããŠãã attachment-routing-policy-rules ãšããã¹ãŠã® segment-actions ãåé€ããŸãã ã³ã¢ãããã¯ãŒã¯ããªã·ãŒã® routing-policies ã»ã¯ã·ã§ã³ãããã«ãŒãã£ã³ã°ããªã·ãŒã®å®çŸ©ïŒtagTgwRoutesãfilterRoutesToHybridãpathPreferenceDxgw*ãreplaceasn*ïŒãåé€ããŸãã 倿Žãé©çšããããã«ãã³ã¢ãããã¯ãŒã¯ããªã·ãŒã®ããŒãžã§ã³æŽæ°ãéä¿¡ããŸãã ã·ããªãª2ã§ãããŒãžããã¬ãã£ãã¯ã¹ãªã¹ããäœæããããããäžèŠã«ãªã£ãå Žåã¯ãAWS CLI ãŸã㯠AWS ãããžã¡ã³ãã³ã³ãœãŒã«ã䜿çšããŠåé€ããŸãã ãŸãšã æ¬èšäºã§ã¯ãAWS Cloud WAN ã®ã«ãŒãã£ã³ã°ããªã·ãŒãããã€ããªããç°å¢ããã«ããµã€ãç°å¢ã«ãããäžè¬çãªã«ãŒãã£ã³ã°ã®èª²é¡ãã©ã®ããã«è§£æ±ºã§ãããã瀺ãã3ã€ã®å®éçšã·ããªãªãåãäžããŸãããã³ãã¥ããã£ã®ã¿ã°ä»ããšãã£ã«ã¿ãªã³ã°ã䜿çšã㊠Transit Gateway ç°å¢ããã®ã«ãŒãäŒæãå¶åŸ¡ããæ¹æ³ãããŒã«ã«ããªãã¡ã¬ã³ã¹ã䜿çšããŠè€æ°ã® DXGW ãš Direct Connect ãã±ãŒã·ã§ã³éã®ãã¹éžæãæ¹åããæ¹æ³ããã㊠AS-path ã®çœ®æã䜿çšã㊠BGP ã® ASN ã®ç«¶åã解決ããæ¹æ³ã玹ä»ããŸãããã«ãŒãã£ã³ã°ããªã·ãŒèšå®ã®åºç€ãæ±ã£ã Part 1 ãšåãããŠããããã®ã·ããªãªã¯ãAWS Cloud WAN ãã°ããŒãã«ãããã¯ãŒã¯ã®çµ±åçãªã«ãŒãã£ã³ã°å¶åŸ¡ã¬ã€ã€ãŒãšããŠã©ã®ããã«äœ¿çšã§ãããã瀺ããŠããŸããå§ããã«ã¯ã AWS Cloud WAN ã®ããã¥ã¡ã³ã ãåç
§ããŠãã ããã èè
ã«ã€ã㊠Jordan Rojas Garcia Jordan ã¯ãAWS ã® Worldwide Specialist Organization ã«æå±ããã·ãã¢ãããã¯ãŒã¯ã¹ãã·ã£ãªã¹ããœãªã¥ãŒã·ã§ã³ã¢ãŒããã¯ãã§ããåŸæ¥åã®ããŒã¿ã»ã³ã¿ãŒãããã¯ãŒã¯ã®åéã§ãã£ãªã¢ãã¹ã¿ãŒããã2018幎㫠AWS ã«å
¥ç€ŸããŸãããAWS ã§ã¯ãã¯ã©ãŠããããã¯ãŒãã³ã°ãœãªã¥ãŒã·ã§ã³ã®èšèšã«æ³šåããAWS ã¯ã©ãŠãã§ãããã¯ãŒã¯ãæ§ç¯ããããã®ã¬ã€ãã³ã¹ãšãã¹ããã©ã¯ãã£ã¹ãæäŸããŠããŸããä»äºä»¥å€ã§ã¯ãæ
è¡ãæ°ããæçã®éæããã€ãã³ã°ã楜ãã¿ãäºèŒªè»ãšå茪è»ã®é転ãžã®æ
ç±ãçãããŠããŸãã Akeef Khan Akeef Khan ã¯ããªãŒã¹ãã©ãªã¢ã®ã·ãããŒãæ ç¹ãšãã Amazon Web Services ã®ãœãªã¥ãŒã·ã§ã³ã¢ãŒããã¯ãã§ããCross-Industries ã»ã°ã¡ã³ãã®ã客æ§ãæ
åœããå°å£²æ¥ã QSRïŒã¯ã€ãã¯ãµãŒãã¹ã¬ã¹ãã©ã³ïŒã®çµç¹ã AWS ãæ¡çšãéçšãã¹ã±ãŒã«ã§ããããæ¯æŽããŠããŸãã圌ã®å°éåéã¯ãããã¯ãŒãã³ã°ã§ãããAWS ã®ãµãŒãã¹ã䜿ã£ãŠã客æ§ã®ã°ããŒãã«ãªãããã¯ãŒã¯æ¥ç¶ãã·ã³ãã«ã«ããããšã«æ
ç±ã泚ãã§ããŸããä»äºä»¥å€ã§ã¯ãæ°ãããã¯ãããžãŒã®æ¢æ±ãšç¶ç¶çãªåŠç¿ã楜ããã§ããŸãã 翻蚳㯠Solutions Architect ã®ç°æ 倧å°ãæ
åœããŸãããåæã¯ ãã¡ã ã§ãã















