☁️
AWS Solutions Architect Associate SAA-C03 Study Notes/
🔶
AWS Direct Connect (DX)/
🔷
Site-to-Site VPN Connection as a Backup for Direct Connect
🔷

Site-to-Site VPN Connection as a Backup for Direct Connect

Purpose

  • Provides a redundant failover path if the primary Direct Connect connection becomes unavailable.
  • Ensures continuous connectivity between on-premises infrastructure and AWS during outages.

Redundancy Options

  1. Backup Direct Connect Connection
      • Maintains high availability and consistent performance
      • Higher cost due to additional dedicated infrastructure
  1. Site-to-Site VPN Connection
      • Cost-effective backup solution
      • Uses the public internet with IPsec encryption
      • Can automatically handle traffic during Direct Connect failures

Architecture Overview

  • Primary Path: Direct Connect from corporate data center to AWS VPC
  • Backup Path: Site-to-Site VPN that activates on Direct Connect failure

Best Practice

  • Implement dynamic routing (commonly with BGP) to enable seamless and automated failover between Direct Connect and VPN.