Module 5: Networking and Content Delivery

AWS Academy Cloud Foundations

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Welcome to Module 5: Networking and Content Delivery

This module covers three fundamental Amazon Web Services (AWS) for networking and
content delivery: Amazon Virtual Private Cloud (Amazon VPC), Amazon Route 53, and
Amazon CloudFront.
 Module overview
Topics Activities
• Label a network diagram
• Networking basics
• Design a basic VPC architecture
• Amazon VPC
Demo
• VPC networking
• VPC demonstration
• VPC security
Lab
• Amazon Route 53
• Build your VPC and launch a web server
• Amazon CloudFront

Knowledge check
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 2

This module addresses the following topics:

• Networking basics
• Amazon Virtual Private Cloud (Amazon VPC)
• VPC networking
• VPC security
• Amazon Route 53
• Amazon CloudFront

This module includes some activities that challenge you to label a network diagram and
design a basic VPC architecture.

You will watch a recorded demonstration to learn how to use the VPC Wizard to create a
VPC with public and private subnets.

You then get a chance to apply what you have learned in a hands-on lab where you use the
VPC Wizard to build a VPC and launch a web server.

Finally, you will be asked to complete a knowledge check that test your understanding of
key concepts that are covered in this module.
 Module objectives
After completing this module, you should be able to:
• Recognize the basics of networking
• Describe virtual networking in the cloud with Amazon VPC
• Label a network diagram
• Design a basic VPC architecture
• Indicate the steps to build a VPC
• Identify security groups
• Create your own VPC and add additional components to it to produce a customized network
• Identify the fundamentals of Amazon Route 53
• Recognize the benefits of Amazon CloudFront

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 3

After completing this module, you should be able to:

• Recognize the basics of networking
• Describe virtual networking in the cloud with Amazon VPC
• Label a network diagram
• Design a basic VPC architecture
• Indicate the steps to build a VPC
• Identify security groups
• Create your own VPC and add additional components to it to produce a customized
network
• Identify the fundamentals of Amazon Route 53
• Recognize the benefits of Amazon CloudFront
 Section 1: Networking basics
Module 5: Networking and Content Delivery

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Section 1: Networking basics

In this section, you will review a few basic networking concepts that provide the necessary
foundation to your understanding of the AWS networking service, Amazon Virtual Private
Cloud (Amazon VPC).
 Networks

Subnet 1 Subnet 2

Router

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 5

A computer network is two or more client machines that are connected together to share
resources. A network can be logically partitioned into subnets. Networking requires a
networking device (such as a router or switch) to connect all the clients together and
enable communication between them.
 IP addresses

192 . 0 . 2 . 0

11000000 00000000 00000010 00000000

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 6

Each client machine in a network has a unique Internet Protocol (IP) address that identifies
it. An IP address is a numerical label in decimal format. Machines convert that decimal
number to a binary format.

In this example, the IP address is 192.0.2.0. Each of the four dot (.)-separated numbers of
the IP address represents 8 bits in octal number format. That means each of the four
numbers can be anything from 0 to 255. The combined total of the four numbers for an IP
address is 32 bits in binary format.
 IPv4 and IPv6 addresses

IPv4 (32-bit) address: 192.0.2.0

IPv6 (128-bit) address: 2600:1f18:22ba:8c00:ba86:a05e:a5ba:00FF

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 7

A 32-bit IP address is called an IPv4 address.

IPv6 addresses, which are 128 bits, are also available. IPv6 addresses can accommodate
more user devices.

An IPv6 address is composed of eight groups of four letters and numbers that are separated
by colons (:). In this example, the IPv6 address is
2600:1f18:22ba:8c00:ba86:a05e:a5ba:00FF. Each of the eight colon-separated groups of
the IPv6 address represents 16 bits in hexadecimal number format. That means each of the
eight groups can be anything from 0 to FFFF. The combined total of the eight groups for an
IPv6 address is 128 bits in binary format.
 Classless Inter-Domain Routing (CIDR)

Network identifier (routing prefix) Host identifier

192 . 0 . 2 . 0 / 24

Tells you how

many bits are
fixed
11000000 00000000 00000010 00000000
to 11111111
Fixed Fixed Fixed Flexible

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 8

A common method to describe networks is Classless Inter-Domain Routing (CIDR). The CIDR
address is expressed as follows:
• An IP address (which is the first address of the network)
• Next, a slash character (/)
• Finally, a number that tells you how many bits of the routing prefix must be fixed or
allocated for the network identifier

The bits that are not fixed are allowed to change. CIDR is a way to express a group of IP
addresses that are consecutive to each other.

In this example, the CIDR address is 192.0.2.0/24. The last number (24) tells you that the
first 24 bits must be fixed. The last 8 bits are flexible, which means that 28 (or 256) IP
addresses are available for the network, which range from 192.0.2.0 to 192.0.2.255. The
fourth decimal digit is allowed to change from 0 to 255.

If the CIDR was 192.0.2.0/16, the last number (16) tells you that the first 16 bits must be
fixed. The last 16 bits are flexible, which means that 216 (or 65,536) IP addresses are
available for the network, ranging from 192.0.0.0 to 192.0.255.255. The third and fourth
decimal digits can each change from 0 to 255.

There are two special cases:

• Fixed IP addresses, in which every bit is fixed, represent a single IP address (for example,
192.0.2.0/32). This type of address is helpful when you want to set up a firewall rule and
give access to a specific host.
• The internet, in which every bit is flexible, is represented as 0.0.0.0/0

8
 Open Systems Interconnection (OSI) model

Layer Number Function Protocol/Address

HTTP(S), FTP, DHCP,
Application 7 Means for an application to access a computer network
LDAP

• Ensures that the application layer can read the data

Presentation 6 ASCI, ICA
• Encryption

Session 5 Enables orderly exchange of data NetBIOS, RPC

Transport 4 Provides protocols to support host-to-host communication TCP, UDP

Network 3 Routing and packet forwarding (routers) IP

Data link 2 Transfer data in the same LAN network (hubs and switches) MAC

Physical 1 Transmission and reception of raw bitstreams over a physical medium Signals (1s and 0s)

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 9

The Open Systems Interconnection (OSI) model is a conceptual model that is used to
explain how data travels over a network. It consists of seven layers and shows the common
protocols and addresses that are used to send data at each layer. For example, hubs and
switches work at layer 2 (the data link layer). Routers work at layer 3 (the network layer).
The OSI model can also be used to understand how communication takes place in a virtual
private cloud (VPC), which you will learn about in the next section.