[AusNOG] AWS Direct Connect - Connectivity to SaaS app for customers

Shah Hardik shah.hardik at techflow.com.au
Mon Feb 3 10:58:46 EST 2020 

Hi Rhys,



We might be able to assist.



We’ve worked with may providers and end users in similar scenarios and
focus on Dedicated Connect product which AWS recommended to you (which is
covered by AWS SLAs).

Ref: http://techflow.com.au/cloudedge/



Ping me at below number and we can discuss further.



Best regards,

Shah Hardik

Mobile: 0433 90 6366

Suite 17, Level 3, 55 Pyrmont Bridge Road, Pyrmont - 2009

Email: shah.hardik at techflow.com.au | www.techflow.com.au
<https://t.sidekickopen79.com/s1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJN7t5XZsd7g2vW6442zv2BF-FPW7fRL1x56dRC4d5gLDT02?te=W3R5hFj26QkHmW4mKDtb3K2y_-W3ZZpwW3Fbt5R4mMD31&si=5046652182331392&pi=3c95b42c-47df-4fe4-a50f-0f63edbda7ff>



*From:* AusNOG <ausnog-bounces at lists.ausnog.net> *On Behalf Of *Rhys
Hanrahan
*Sent:* Monday, 3 February 2020 10:48 AM
*To:* ausnog at lists.ausnog.net
*Subject:* [AusNOG] AWS Direct Connect - Connectivity to SaaS app for
customers



Hi Everyone,



We are looking to position ourselves to be a recommended connectivity
provider to a major SaaS platform in Australia as part of a larger
strategy. They host all of their cloud platform on AWS, so I am looking at
ways we can differentiate ourselves from “normal” connectivity by providing
some level of superior connectivity to this platform in terms of
performance and being able to provide a higher level of support of the
connectivity from our customer to the SaaS app. For a lot of customers
using the app, it would be mission-critical for them.



Obviously a part of this will be to try and partner with the SaaS provider
themselves and see what we can work out, but I wanted to see if anyone else
has attempted something like this, and if there’s a middle-ground we can
reasonably achieve, and hopefully provide a tangibly better experience. And
also get feedback on what the outcomes were of undertaking something like
this – is it worth it?



We don’t use AWS currently, so I am starting from scratch and will likely
need to get in touch with AWS to confirm this approach.



We would be starting with just the cross-connects and a public interface to
reach the SaaS platform – my main concerns here are:



   - Anyone who’s done this – do you actually a notice tangible performance
   benefit on your AWS app? I feel like any latency benefits would be minimal
   for an average application.



   - Is there any solid real-world benefits you can point to? To me the
   main thing would be having a clearly defined support path more than
   anything actually technical – but a clear technical benefit to point to
   would be great.



   - Does anyone know any stats in terms of latency differences of being on
   AWS Direct connect dedicated connections vs. transit (bonus: vs. just
   peering on an IX) to paint a picture of network performance differences.



   - In terms of getting an official SLA with AWS this seems to require a
   min $15K USD/month enterprise support contract, so realistically we’re not
   going to have that in place for some time (maybe ever) because we’ll just
   be using AWS for the connectivity component. So without this SLA actually
   in place, what has the reliability of direct connect been like, and how
   hard is it to get AWS themselves to work with you in the event there is
   some kind of issue that requires their support? While we can provide a high
   level of support, AWS is part of the equation and would need to make sure
   this is solid too.



   - With Direct Connect in place - are there any issues with just shutting
   down the AWS Direct connect BGP session and falling back to transit in the
   event of an issue? I imagine this would be fine. (I am assuming traffic is
   public but otherwise would need a fallback IPSec tunnel).



My plan would be:



   - Setup 2x dedicated cross-connects to AWS – one in Sydney and one in
   Melbourne. I know lots of partners offer AWS Direct Connect over peering,
   but AWS themselves say they can only offer an SLA on dedicated connections,
   and with one less point of failure I’m sure this is a more reliable
   scenario.



   - Start with at least a “public interface” on the links – my
   understanding is that then all public AWS traffic would traverse this link
   based on advertisements done by us and Amazon.



   - Work towards developing a relationship with the SaaS provider such
   that we could establish a “private interface” directly into their AWS
   infrastructure in some form – my understanding is that it’s possible to
   setup these private connections between two separate AWS accounts so it
   should be possible, if the SaaS provider is happy to do this.



   - Work towards building expenditure with AWS to the point where we could
   get enterprise support for an official SLA on Direct Connect (a far-off
   target).



Hopefully I’m not missing anything. Appreciate any advice you can give.



Thanks everyone, as usual.


Rhys Hanrahan
Chief Information Officer
Nexus One Pty Ltd


E: support at nexusone.com.au
P: +61 2 9191 0606
W: http://www.nexusone.com.au/
M: PO Box A356 Sydney South, NSW 1235
A: Level 12 227 Elizabeth St, Sydney NSW 2000

[image: ttp://quintus.nexusone.com.au/~rhys/nexus1-email-sig.jpg]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20200203/9881f833/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 17047 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20200203/9881f833/attachment.jpg>

More information about the AusNOG mailing list