Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud Connectivity: Methods and Myths

  • Companies today can be so enamored of cloud that it becomes a rallying cry even if business executives aren't quite sure what it really involves. For IT infrastructure pros, it's a trend that's all too familiar. "We need more clouds!" was the only feedback Eyvonne Sharp, a network architect, recalled hearing after a colleague presented a diagram to business management.

    "For those of us in infrastructure, we hear that a lot," she said.

    In an environment where cloud is the mantra, enterprise IT infrastructure pros are faced with a raft of new challenges. Namely, they have to figure out how to make this cloud thing work for their business. While the cloud is a big abstraction that hides some complexity of the underlying technology and offers benefits like rapid development and innovation, that abstraction also has consequences, Sharp explained at Interop ITX last month.

    Cloud "brings about leaky abstractions," she said. "At some point, the complexity we're hiding will leak out. We'll have performance issues or a problem."

    When it comes to cloud connectivity, cloud abstractions lead to several misconceptions. While cloud infrastructure abstracts a lot of the things IT infrastructure pros are accustomed to doing, "We've moved complexity, we haven't solved it," said Sharp, who also is co-founder of the Network Collective podcast.

    A top myth is that it's easy. "What we find is once we start building out cloud infrastructure, we need to connect back to on-premises infrastructure," Sharp said. "There's all kinds of infrastructure in the cloud that will need to talk back to data in your infrastructure."

    Another misconception is that cloud infrastructure should mirror on-premises infrastructure, Sharp said. Cloud providers like Amazon Web Services and Microsoft Azure build networks to meet their own requirements, use technologies enterprise engineers may not be familiar with, and the services don't mix well for hybrid cloud. "It's a problem we have to solve," she said.

    Then there's the idea that cloud shouldn't impact IT culture and operations, which is "patently false," Sharp said. Cloud feature velocity is very fast compared to what IT teams are used to, and cloud deployment challenges break down traditional IT organizational silos.

    "When we get into cloud deployments, what's the role of the network engineer, storage engineer and Active Directory folks? They can't stay divided. They have to work together," she said.

    IT infrastructure leaders need to make people and process changes in order to deal with the challenges of cloud connectivity, including addressing the skills gap by providing cloud-native training, breaking down organizational silos, and communicating clearly why the cloud matters, she said.

    "We have met the enemy and he is us," Sharp said. "We'll have to take a hard look at ourselves to meet the challenges."

    On the next few pages, read about the cloud connectivity options organizations have, which Sharp outlined along with their pros and cons.

    (Image: deepadesigns/Shutterstock)

  • Public internet

    According to Sharp, the public internet is a good place to start for public-facing cloud services like AWS and Azure. From a networking perspective, it's much simpler than other cloud connectivity options and doesn't require the purchase of infrastructure. However, the internet has its shortcomings, she said. Service providers charge differently, so companies need to perform a billing analysis of data transfer costs. There also can be bandwidth limitations when using the internet. Moreover, there's no way to apply QoS.

    (Image: Have a nice day Photo/Shutterstock)

  • VPN

    Cloud services like AWS support IPSec VPN tunnels – a familiar technology for most enterprise IT teams. But these tunnels can run into problems with resiliency and throughput and have limited flexibility, Sharp said.

    (Image: freeGraphicToday/Pixabay)

  • Private peering

    Organizations can get a direct circuit to use between their data centers and the cloud service provider. While this is simpler than public peering to route with your private network, there are some caveats, Sharp said. Cloud service providers do things their own ways, and an enterprise will need to perform engineering to ensure traffic is handled the way it prefers.

    AWS Virtual Private Cloud (VPC) supports 100 routes/prefixes; Azure private peering supports 4,000 or 10,000 prefixes, depending on service tier; and Google Cloud supports 100 routes/prefixes. However, cloud service providers frequently change feature support, so organizations should check the documentation regularly, Sharp said.

    (Image source: Eyvonne Sharp)

  • Public peering

    Some cloud services only support public IP addressing, which often requires some complex routing configurations, Sharp said. This involves using a direct circuit, but IP services have to be routed. "You will need to have NAT," she said.

    Currently, for public peering, AWS VPC supports 100 routes/prefixes; Azure supports 200 prefixes, and Google Cloud supports 100 routes/prefixes.

    (Image source: Eyvonne Sharp)

  • MPLS

    Most MPLS providers offer cloud connectivity services, however, there are routing and security limitations with this option, Sharp said. "You really need to understand the traffic you're going to send across this connection," she warned. "You need to understand how much data you'll send to the cloud. If you're sending a bunch of analytics data to Google, you're going to stomp on your MPLS network and no matter of QoS will save you."

    Organizations also have fewer traffic engineering options if they choose an MPLS provider for cloud connectivity, she said.

    (Image source: Eyvonne Sharp)

  • Co-location provider

    An enterprise could also install equipment at a co-location facility for cloud connectivity. This option requires a significant equipment investment, but instead of having a circuit to each cloud provider, an enterprise can have one large circuit from their infrastructure to the colo. Companies can add security services and software-defined WAN gear in order to have regional connectivity.

    (Image: Funtap/Shutterstock)