Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • AWS Certified Advanced Networking – Specialty (ANS-C01) Certification Guide
  • Toc
  • feedback
AWS Certified Advanced Networking – Specialty (ANS-C01) Certification Guide

AWS Certified Advanced Networking – Specialty (ANS-C01) Certification Guide

By : Tim McConnaughy, Steve McNutt, Christopher Miles
close
AWS Certified Advanced Networking – Specialty (ANS-C01) Certification Guide

AWS Certified Advanced Networking – Specialty (ANS-C01) Certification Guide

By: Tim McConnaughy, Steve McNutt, Christopher Miles

Overview of this book

The AWS Certified Advanced Networking – Specialty certification exam focuses on leveraging AWS services alongside industry standards to create secure, resilient, and scalable cloud networks. Written by industry experts with decades of experience in the field, this comprehensive exam guide will enable you to transform into an AWS networking expert, going beyond the ANS-C01 exam blueprint to maximize your impact in the field. You’ll learn all about intricate AWS networking options and services with clear explanations, detailed diagrams, and practice questions in each chapter. The chapters help you gain hands-on experience with essential components, such as VPC networking, AWS Direct Connect, Route 53, security frameworks, and infrastructure as code. With access to mock exams, interactive flashcards, and invaluable exam tips, you have everything you need to excel in the AWS ANS-C01 exam. This book not only prepares you to confidently take the exam, but also deepens your understanding and provides practical insights that are vital for a successful career in AWS cloud networking. By the end of this exam guide, you’ll be thoroughly trained to take the AWS ANS-C01 exam and efficiently design and maintain network architectures across a wide range of AWS services.
Table of Contents (22 chapters)
close
close
Preface
Preface
Who This Book Is For
Networking and AWS Constructs You Should Already Know
AWS Certified Advanced Networking – Specialty Exam Outline
What This Book Covers
Authors’ Assumptions
Use of Example Organization: Trailcats
Online Practice Resources
Conventions Used
Accessing the Code Files and Colored Images
Get in Touch
Share Your Thoughts
Download a Free PDF Copy of This Book
Free Chapter
1
Chapter 1: Advanced VPC Networking
chevron up
Chapter 1: Advanced VPC Networking
Making the Most of This Book – Your Certification and Beyond
Elastic Network Interfaces (ENIs)
Elastic IP Addresses
Subnet Configuration and Optimization
Prefix Lists
Connectivity between AWS VPCs
IP Address Overlap Management
Service Quotas Quick Reference
Summary
Exam Readiness Drill – Chapter Review Questions
2
Chapter 2: VPC Traffic and Performance Monitoring
Chapter 2: VPC Traffic and Performance Monitoring
Potential Cloud Network Problems
Metrics and Logging
AWS Performance Monitoring Services
Monitoring and Troubleshooting
Troubleshooting Packet Size Issues
Summary
Exam Readiness Drill – Chapter Review Questions
3
Chapter 3: Networking Across Multiple AWS Accounts
Chapter 3: Networking Across Multiple AWS Accounts
AWS Organizations
AWS Resource Access Manager
AWS PrivateLink
Third-Party Network Appliance Connectivity
Summary
Exam Readiness Drill – Chapter Review Questions
4
Chapter 4: AWS Direct Connect
Chapter 4: AWS Direct Connect
Direct Connect Overview
Creating a DX Connection
Layer 2 and Direct Connect
Direct Connect Gateways
Border Gateway Protocol
Summary
Exam Readiness Drill – Chapter Review Questions
5
Chapter 5: Hybrid Networking with AWS Transit Gateway
Chapter 5: Hybrid Networking with AWS Transit Gateway
AWS TGW Basics
AWS TGW Components
TGW Attachment Types
TGW Route Table Overview
TGW and DX Gateway Design
TGW Inspection VPC Design
Summary
Exam Readiness Drill – Chapter Review Questions
6
Chapter 6: Connecting Third-Party Networks to AWS
Chapter 6: Connecting Third-Party Networks to AWS
Defining Third-Party Networks
Third-Party Connectivity Options
Redundant Connectivity to Third-Party Networks
Route Optimization for Redundant Connections
Summary
Exam Readiness Drill – Chapter Review Questions
7
Chapter 7: AWS Route 53: Basics
Chapter 7: AWS Route 53: Basics
History of DNS
DNS Fundamentals
Amazon Route 53
Domain Registration
Routing Traffic to Your Domain
Route 53 Resolver
Conditional Forwarding
Health Checks
Summary
Exam Readiness Drill – Chapter Review Questions
8
Chapter 8: AWS Route 53: Advanced
Chapter 8: AWS Route 53: Advanced
Conditional Forwarding
Route 53 Routing Policies
Sharing DNS Services between Accounts
DNSSEC
Summary
Exam Readiness Drill – Chapter Review Questions
9
Chapter 9: AWS Elastic Load Balancing
Chapter 9: AWS Elastic Load Balancing
Load Balancing Fundamentals
Load Balancing in AWS
AWS Load Balancer Types
Summary
Exam Readiness Drill – Chapter Review Questions
10
Chapter 10: AWS CDN and Global Traffic Management
Chapter 10: AWS CDN and Global Traffic Management
Amazon CloudFront
AWS Global Accelerator
Service Quotas
Summary
Exam Readiness Drill – Chapter Review Questions
11
Chapter 11: Security Framework
Chapter 11: Security Framework
The Cloud Shared Responsibility Model
Network Segmentation
Threat Modeling
Common Attacks
Encryption Methods for Data in Transit
Security Methods for DNS Communications
Summary
Exam Readiness Drill – Chapter Review Questions
12
Chapter 12: AWS Security Services
Chapter 12: AWS Security Services
Controlling Traffic
Observability and Monitoring
Securing Traffic
Managing and Auditing Security Configurations
Summary
Exam Readiness Drill – Chapter Review Questions
13
Chapter 13: Infrastructure as Code
Chapter 13: Infrastructure as Code
DevOps
Infrastructure as Code
AWS CloudFormation
AWS Cloud Development Kit
Summary
Exam Readiness Drill – Chapter Review Questions
14
Chapter 14: Data Analytics and Optimization
Chapter 14: Data Analytics and Optimization
Optimizing AWS Networks via Traffic Reduction
Choosing Network Services by Requirements
Network Topology Mapping
CloudWatch Configuration
Log Ingestion and Delivery
Correlating and Analyzing Multiple Data Sources in Network Troubleshooting
Summary
Exam Readiness Drill – Chapter Review Questions
15
Chapter 15: Conclusion
Chapter 15: Conclusion
Registering for the Exam
Reviewing for the Exam
Revising the Review Plan
Passing the Exam
Summary
16
Chapter 16: Accessing the Online Practice Resources
Chapter 16: Accessing the Online Practice Resources
How to Access These Materials
Troubleshooting Tips
Back to the Book
17
Other Books You May Enjoy
Other Books You May Enjoy
Share Your Thoughts
Download a Free PDF Copy of This Book
Appendix 1: Network Fundamentals
Appendix 1: Network Fundamentals
The OSI Model
IP Addressing
Classless Inter-Domain Routing
Basic Subnetting
IPv6
Summary
Appendix 2: IP Routing Fundamentals
Appendix 2: IP Routing Fundamentals
Routing Concepts
Basic BGP
Summary
Appendix 3: VPC Networking Basics
Appendix 3: VPC Networking Basics
VPC Basics
IP Addressing in VPCs
Subnets in VPCs
Route Tables
Summary
Appendix 4: VPC Security and External Connectivity
Appendix 4: VPC Security and External Connectivity
Network Security in Amazon VPC
Internet, NAT, and Egress-Only Gateways
Summary
Why Subscribe?

IP Address Overlap Management

During AWS cloud deployment, you may need to provide connectivity between resources that have overlapping IP address ranges. This could be for several reasons, such as a developer configuring a VPC without checking whether the IP address range was available within their IP address manager (IPAM) solution or even a merger/acquisition between two companies. Nonetheless, from a networking perspective, you may be tasked with making connectivity happen. This short section will touch on how to accomplish this with AWS NAT gateways, but there is another method using AWS PrivateLink covered later, in Chapter 3, Networking Across Multiple AWS Accounts.

Using Private NAT Gateways for IP Overlaps

As mentioned in the previous chapters, AWS NAT gateways can be used to allow private subnets to talk to resources on the public internet or even other private resources within the AWS cloud or on-premises. Allowing communication between resources with overlapping IP address space can be one of those particular use cases. Refer to the following example.

Trailcats has acquired another company called Mountain Felines (MF), which also uses the AWS cloud for its applications. An MF VPC needs to communicate with some Trailcats resources, but it is using an IPv4 CIDR that is already in use by a Trailcats VPC, 10.100.0.0/16. Trailcats has attached the acquired MF VPC to their existing AWS TGW but cannot have two routes to the same destination. To allow the two VPCs to communicate with other resources, a secondary CIDR is used within the VPC to house an AWS NAT gateway. The NAT gateway can then be used as the next hop for traffic from the overlapping subnets to any other resources. This (in addition to some DNS adjustments) would allow for the VPC to initiate and establish connectivity. This is shown in Figure 1.21:

Figure 1.21: Overlapping IP space with NAT gateways

Figure 1.21: Overlapping IP space with NAT gateways

The use of a private NAT gateway allows workloads with overlapping IPs to communicate; the nature of a NAT gateway requires that the workload using the NAT gateway is the one to initiate the communication. This is why if both sides initiate communication, a NAT gateway is needed for each subnet.

Note

This same behavior could not be achieved with VPC peering because two VPCs cannot be peered together if they have overlapping CIDR ranges.

End of Section 8
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete