ネットワーキング

AWS Direct Connect

A service that provides a dedicated network connection between on-premises environments and AWS, delivering stable, low-latency connectivity that bypasses the public internet

About 5 min read

Overview

AWS Direct Connect is a service that establishes a dedicated network connection between your on-premises data center or office and the AWS cloud. Because it bypasses the public internet, it delivers consistent network bandwidth and low latency, making it ideal for large data transfers and latency-sensitive workloads. Connection bandwidth ranges from 50 Mbps to 100 Gbps, and a single connection can access multiple VPCs and on-premises networks through virtual interfaces (VIFs). Direct Connect Gateway enables access to VPCs across multiple regions from a single Direct Connect connection. Data transfer pricing is lower than internet-based transfer, providing cost benefits for workloads with sustained high-volume data transfer. For redundancy, connections from two different locations or a VPN backup are recommended.

Choosing Between Dedicated and Hosted Connections

Direct Connect offers two connection types suited to different scales and timelines. Dedicated connections provide bandwidth of 1 Gbps, 10 Gbps, or 100 Gbps with a physical port reserved at an AWS Direct Connect location (data center). They are designed for enterprises requiring large, sustained data transfers and typically take several weeks to months to provision due to physical cross-connect installation. Hosted connections are provided through AWS Direct Connect Partners, offering bandwidth from 50 Mbps to 10 Gbps. Since they leverage the partner's existing infrastructure, they can be provisioned faster than dedicated connections and allow you to start with smaller bandwidth that can be upgraded as needs grow. The choice between the two depends on bandwidth requirements, budget, and urgency. For most organizations starting with Direct Connect, a hosted connection provides a lower barrier to entry, while dedicated connections are justified when sustained throughput exceeds 1 Gbps or when you need full control over the physical port.

Virtual Interfaces and Direct Connect Gateway

A single Direct Connect connection supports multiple virtual interfaces (VIFs), each serving a different purpose. Private VIFs provide access to VPCs via private IP addresses, transit VIFs connect through Transit Gateway to reach multiple VPCs, and public VIFs access AWS public services (S3, DynamoDB, etc.) without traversing the internet. Direct Connect Gateway extends this further by enabling access to VPCs across multiple regions from a single Direct Connect connection, eliminating the need for separate connections in each region. By comparison, Azure ExpressRoute uses a two-peering model - Microsoft Peering for public services and Private Peering for VNets - while Direct Connect's three VIF types offer more granular routing control. On pricing, a Direct Connect 1 Gbps port costs approximately $220/month (Tokyo) plus data transfer charges, which is more affordable than ExpressRoute's comparable 1 Gbps circuit at approximately $436/month (Tokyo). Related books (Amazon) can also be helpful for deeper understanding.

Redundancy Design and VPN Backup

For production use of Direct Connect, a redundant configuration that eliminates single points of failure is essential. At minimum, establish connections from two different Direct Connect locations and configure BGP routing for active/passive or active/active failover. If one location experiences an outage, traffic automatically reroutes through the surviving connection. For organizations that need redundancy but cannot justify the cost of two dedicated connections, a failover configuration combining Direct Connect with Site-to-Site VPN is highly effective - Direct Connect serves as the primary path with VPN as a backup that activates automatically when the dedicated connection fails. Link Aggregation Groups (LAGs) let you bundle multiple connections at the same location to increase throughput while maintaining connectivity through the remaining connections if one member fails. Combining with Transit Gateway enables access to multiple VPCs from a single Direct Connect connection, simplifying the network topology. Direct Connect's SiteLink feature enables direct communication between Direct Connect locations, which is useful for inter-site traffic that would otherwise need to traverse the AWS backbone.

共有するXB!

Related Terms

Amazon VPCElastic Load BalancingAmazon Route 53

Related Services

Amazon VPC

Related Articles

The Fastest Container Deployment with AWS App Runner - From Source Code to Production in MinutesJust specify source code or a container image to get an HTTPS endpoint up and running. Learn the differences from ECS/Fargate and how to connect to private resources using VPC connectors.AWS Availability Zone Design - How Physical Separation and Fault Isolation Create a Reliability AdvantageExamine the design philosophy behind AWS AZs as physically independent data center clusters, compare them with Azure and GCP availability zones, and analyze the differences in fault isolation maturity through real-world incident examples.AWS First-Mover Advantage and Economies of Scale - What 18 Years of Accumulation Since 2006 Really MeansExamine the first-mover advantage AWS has built since creating the public cloud market in 2006, comparing service breadth, API stability, and ecosystem depth against Azure and GCP.AWS Global Network Backbone - How Private Submarine Cables and 600+ PoPs Deliver Superior ConnectivityExplore the advantages of AWS's global network built on private submarine cables, dedicated fiber, and 600+ edge locations, compared with GCP's Premium Tier and Azure's network design.The Depth of AWS Networking Services - Enterprise Network Design with VPC, Transit Gateway, and PrivateLinkThis article examines AWS networking services centered on VPC, Transit Gateway, PrivateLink, Direct Connect, and Network Firewall, comparing them with Azure VNet/ExpressRoute and GCP VPC/Cloud Interconnect to explain the flexibility advantages in enterprise network design.

Similar Terms and Articles

Dedicated Connection Design - Achieving Stable Private Network Connectivity with Direct ConnectLearn about dedicated connection design with AWS Direct Connect, including choosing between dedicated and hosted connections, redundancy configurations, and achieving stable private network connectivity through VPC integration.AWS Direct ConnectA service that provides a dedicated network connection between on-premises and AWS for stable, low-latency connectivityBuilding Dedicated Connections with AWS Direct Connect - Redundancy Design and Traffic ControlDesign redundant dedicated connections and connect to VPCs across multiple regions with Direct Connect Gateway. This article also covers bandwidth aggregation with LAG and MACsec encryption.AWS Network ManagerA service for centrally managing global networks and visualizing Transit Gateway and SD-WAN connectivityThe Depth of AWS Networking Services - Enterprise Network Design with VPC, Transit Gateway, and PrivateLinkThis article examines AWS networking services centered on VPC, Transit Gateway, PrivateLink, Direct Connect, and Network Firewall, comparing them with Azure VNet/ExpressRoute and GCP VPC/Cloud Interconnect to explain the flexibility advantages in enterprise network design.