Exam Cram Sheet920 words
AWS Advanced Networking Specialty (ANS-C01): Optimization & Efficiency Cram Sheet
Optimize AWS networks for performance, reliability, and cost-effectiveness
AWS Advanced Networking Specialty (ANS-C01): Optimization & Efficiency
This cram sheet focuses on Task 3.3: Optimize AWS networks for performance, reliability, and cost-effectiveness. It distills critical decision-making criteria for VPC connectivity, high-performance computing, and DNS strategies.
Topic Weighting
| Domain | Domain Weighting | Task 3.3 Focus |
|---|---|---|
| Domain 3: Network Management & Operations | 26% | High - This task is a cornerstone of operations, focusing on the trade-offs between throughput, cost, and availability. |
Key Concepts Summary
1. Connectivity: Peering vs. Transit Gateway (TGW)
- VPC Peering: Direct connection. Lowest latency, lowest cost (no hourly processing fee, only data transfer). Best for 1-to-1 or small-scale within a region.
- Transit Gateway: Hub-and-spoke. Simplifies management for 100s of VPCs/Accounts. Higher cost (hourly attachment fee + data processing fee) but supports transitive routing and Inter-Region peering.
2. Network Interfaces
- ENA (Elastic Network Adapter): Standard for high performance (up to 100 Gbps). Uses SR-IOV.
- EFA (Elastic Fabric Adapter): Critical for HPC/ML. Provides OS bypass to reduce latency and jitter. Required for MPI/NCCL workloads.
3. Maximum Transmission Unit (MTU)
- Standard MTU: 1500 bytes (Used for Internet traffic and Inter-Region Peering).
- Jumbo Frames: 9001 bytes (Supported within a VPC and for Intra-Region Peering/TGW). Improves throughput by reducing packet overhead.
4. Route 53 Optimization
- Latency-Based Routing: Routes to the region with the lowest round-trip time.
- Weighted Routing: Useful for Blue/Green deployments and canary testing.
- Health Checks: Prerequisite for DNS Failover to ensure reliability.
Visual Anchors
Decision Logic: VPC Interconnectivity
Loading Diagram...
Frame Size Comparison (MTU)
Compiling TikZ diagram…
⏳
Running TeX engine…
This may take a few seconds
Common Pitfalls
[!WARNING] The MTU Trap: MTU mismatch (e.g., 9001 inside VPC trying to reach 1500 over VPN) leads to packet loss or fragmentation. Always ensure Path MTU Discovery (PMTUD) is functioning (ICMP Type 3 Code 4 must not be blocked).
- Cost Oversight: Forgetting that Transit Gateway charges per GB of data processed in addition to hourly fees. VPC Peering has no processing fee.
- EFA Limitation: EFA is not supported on all instance types and cannot cross subnets unless using specific cluster placement groups.
- Subnet Exhaustion: Using small CIDRs (/28) in Auto Scaling groups, leading to
no available IP addresseserrors during scale-out events.
Mnemonics / Memory Triggers
- P.E.E.R: Performance, Economy, Easy Routing (Direct).
- E.F.A: Extremely Fast Apps (HPC/OS Bypass).
- R53 - LAW: Latency, Availability (Health Checks), Weighted (Traffic split).
Formula / Equation Sheet
| Concept | Rule / Formula | Application |
|---|---|---|
| Data Transfer Cost | $Inbound = Free | Most AWS services (except TGW/NAT Gwy). |
| Transit Gateway Cost | Hourly Attachment + (GB \times Rate)$ | Evaluating TGW vs. Peering ROI. |
| Jumbo Frame MTU | 9001 Bytes | Use for internal high-throughput needs. |
| Standard MTU | 1500 Bytes | External / Internet-facing traffic. |
Practice Set
- Scenario: A company has 50 VPCs in a single region that all need to share a centralized logging service. Which connectivity option is most cost-effective and manageable?
- Answer: Transit Gateway. While peering is cheaper per-bit, managing 1,225 peering connections (full mesh) is unfeasible.
- Scenario: An application requires sub-millisecond latency for MPI-based tightly coupled workloads. Which interface is required?
- Answer: EFA (Elastic Fabric Adapter).
- Scenario: You observe high packet loss for traffic going from your VPC to an on-premises data center via Direct Connect. What should you check first?
- Answer: MTU Mismatch / PMTUD. Ensure the MTU is set to 1500 if the path does not support Jumbo frames.
- Scenario: You need to route users to the closest application endpoint globally. Which Route 53 policy applies?
- Answer: Latency-Based Routing.
- Scenario: How can you resolve IP exhaustion in a VPC without creating a new VPC?
- Answer: Add a Secondary CIDR block to the VPC.
Fact Recall Blanks
- VPC Peering does NOT support ________ routing. (Answer: Transitive)
- The maximum MTU supported over the Internet is ________ bytes. (Answer: 1500)
- To enable EFA, you must use a ________ placement group. (Answer: Cluster)
- Route 53 ________ record sets allow you to shift traffic to a new version of an app based on a percentage. (Answer: Weighted)
- Transit Gateway provides a ________ architecture for VPCs. (Answer: Hub-and-Spoke)
Worked Examples
Example 1: Calculating Connectivity ROI
Problem: You transfer 100 TB of data per month between two VPCs in the same region.
- Option A (Peering): $0/hr attachment, $0/GB processing.
- Option B (TGW): $0.05/hr attachment ($36/mo) + $0.02/GB processing.
Calculation:
- TGW Cost = $36 (Attachment) + (100,000 GB * $0.02) = $2,036/mo.
- Peering Cost = $0/mo (excluding standard inter-AZ data transfer fees).
- Result: Use VPC Peering to save ~$2,000/month if management overhead is acceptable.
Example 2: Optimizing for Throughput
Problem: A video processing cluster in a VPC is capped at 10 Gbps. You need 25 Gbps.
- Step 1: Verify the instance type supports higher bandwidth (e.g., C5n or C6g).
- Step 2: Ensure ENA is installed and enabled.
- Step 3: Move instances into a Cluster Placement Group to minimize physical distance.
- Step 4: Increase the MTU to 9001 (Jumbo Frames) on the OS level to reduce CPU interrupt overhead.
- Result: The overhead reduction and physical proximity allow the cluster to reach the target 25 Gbps.