Deploying Hybrid Connectivity for Enhanced User Performance
Question
An IT firm uses Hybrid Connectivity by deploying most of their servers in AWS VPC while retaining some of their IT infrastructure at the on-premises location.
Users access the data from servers hosted on EC2 instance in AWS VPC.
The IT team has categorized IT services into 3 different groups; critical, normal & best efforts.
To enhance user performance for accessing data over the cloud, the IT Head wants you as a Network Engineer to mark this traffic end to end between on-premises to AWS servers hosted on EC2 instance.
This should allocate guaranteed bandwidth to end-users accessing critical services over users accessing normal services& the least bandwidth should be allocated to best effort IT service.
Which of the following can be deployed to meet this requirement?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - D.
VGW does not support application QOS markings.
To support QOS, Software VPN can be used to terminate an EC2 instance.
This EC2 instance using any VPN software supports traffic prioritization while traffic sending traffic out to the AWS network.
Within AWS networks, QOS marking is not supported, but return traffic has QOS marking based on which traffic can be prioritized.
Option A is incorrect as this will partially meet the requirement.
This will prioritize traffic only on Service provider links & not in AWS, as VGW does not support QOS markings.
Options B & C are incorrect as VGW does not support QOS markings.
For more information on using QOS, refer to the following URLs.
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/qos_trafficmanagement/qos_markings_about_c.htmlTo meet the requirement of allocating guaranteed bandwidth to different categories of IT services, the company needs to use Quality of Service (QoS) marking on applications. QoS marking is a mechanism used to prioritize traffic based on its classification and to allocate bandwidth to the different categories of traffic. In this case, the IT team has categorized IT services into three different groups: critical, normal, and best efforts.
The next step is to determine how to apply QoS marking to the traffic between on-premises and AWS servers hosted on EC2 instances. The answer options suggest different methods to achieve this goal:
Option A: Use QoS Marking on applications & request the service provider to honor these markings on AWS Direct Connect links towards AWS.
In this option, QoS marking is applied to the traffic on the applications, and the service provider is requested to honor these markings on the AWS Direct Connect links towards AWS. AWS Direct Connect is a network service provided by AWS that enables users to establish dedicated network connections between their on-premises data centers and AWS.
This option requires coordination with the service provider to ensure that the QoS markings are honored. If the service provider does not honor the markings, the QoS policy will not be effective, and the traffic will not be prioritized as intended.
Option B: Use QoS Marking on applications & send all user traffic over hardware VPN links terminating on VGW.
In this option, QoS marking is applied to the traffic on the applications, and all user traffic is sent over hardware VPN links terminating on Virtual Private Gateway (VGW). VGW is a virtual router that provides a secure and private connection between the on-premises network and the AWS VPC.
This option allows the company to prioritize traffic using QoS marking, but it may not provide the desired level of performance, as VPN links may not provide the required bandwidth or low latency. Additionally, this option may require additional configuration on the on-premises network to support VPN links.
Option C: Use QoS Marking on applications & send over AWS Direct Connect links terminating on VGW.
In this option, QoS marking is applied to the traffic on the applications, and the traffic is sent over AWS Direct Connect links terminating on VGW. This option provides a dedicated network connection between the on-premises network and the AWS VPC, which can provide better performance than VPN links.
However, this option also requires coordination with the service provider to ensure that the QoS markings are honored. Additionally, AWS Direct Connect links may be more expensive than VPN links.
Option D: Use QoS Marking on applications & use QoS supporting Software VPN to terminate VPN on EC2 instance & prioritize traffic in EC2 OS level.
In this option, QoS marking is applied to the traffic on the applications, and a QoS supporting Software VPN is used to terminate VPN on the EC2 instance. The traffic is then prioritized in the EC2 OS level.
This option provides more control over the prioritization of traffic as it is done at the EC2 instance level. However, this option may require additional configuration on the EC2 instances and may not provide the desired level of performance for larger traffic volumes.
In conclusion, option C, "Use QoS Marking on applications & send over AWS Direct Connect links terminating on VGW," is the most suitable option for the company's requirements as it provides a dedicated network connection between the on-premises network and the AWS VPC, which can provide better performance than VPN links, and allows the company to prioritize traffic using QoS marking. However, it also requires coordination with the service provider to ensure that the QoS markings are honored.
