Direct Connect
Stax enables you to connect your AWS workloads to your on-premises environment with AWS Direct Connect. Stax supports both hosted and dedicated Direct Connect Connections as well as Transit and Private Virtual Interfaces.
Transit Direct Connect Architecture
With a transit virtual interface, the Direct Connect Connection is associated directly to the Networking Hub's Transit Gateway, enabling connectivity to all VPCs within the Networking Hub.
Private Direct Connect Architecture
With a private virtual interface, the Direct Connect connection must connect to each VPC individually. All traffic destined for the Direct Connect will bypass the Transit Gateway in the Networking Hub.
There are a number of Direct Connect Limits to be aware of. The following AWS Direct Connect limits cannot be increased and should be considered when designing your Stax networking and connections architecture.
- Ten virtual private gateways per AWS Direct Connect gateway
- Three transit gateways per AWS Direct Connect gateway
- A single private, public, or transit virtual interfaces per AWS Direct Connect hosted connection
- A single transit virtual interfaces per AWS Direct Connect dedicated connection
AWS Direct Connect Connection
Stax does not directly manage your AWS Direct Connect connections. These should be provisioned into your AWS account either through your Direct Connect partner or networking team. For more information refer to the AWS Direct Connect documentation.
Dedicated connection
- A dedicated connection requested directly through AWS
- Supports up to 50 private virtual interfaces and one transit virtual interface
Hosted connection
- A hosted connection is provided by an AWS Direct Connect partner
- Support for one private or transit virtual interface
Hosted virtual interface
- A hosted virtual interface is provided by an AWS Direct Connect partner
- Single private virtual interface
Stax has built in support for both hosted and dedicated Direct Connect connections.
Stax can make use of a hosted virtual interface provided by your Direct Connect partner, however it will need to be attached to the Direct Connect gateway manually.
AWS Direct Connect Gateway
This is the top-level resource that Stax will manage for Direct Connect. Stax will create a Direct Connect gateway to consolidate your Direct Connect connections for use by your Stax Network.
The Direct Connect gateway is provisioned in the account that owns the Direct Connect connection and is then shared to other AWS accounts that are associated.
When creating a Direct Connect gateway you will need to choose either Transit or Private. Supported types are either Transit or Private, and each has considerations that impact the gateway's capabilities.
Transit
- Provides Direct Connect connectivity to the entire Stax Networking Hub by associating directly with the AWS Transit Gateway
- Only Transit virtual interfaces can be attached to the Direct Connect gateway
- A Transit Direct Connect gateway can only be associated with up to three Stax Networking Hubs
Private
- Provides Direct Connect connectivity to an individual VPC by associating with the VPC's Virtual Private Gateway
- Only Private virtual interfaces can be attached to the Direct Connect gateway
- A Private Direct Connect gateway can only be associated with up to ten Stax VPCs
AWS Direct Connect Virtual Interface
Stax prefers to create and manage the Direct Connect virtual interfaces. This is, however, not mandatory; you may manually connect an existing VIF to any Stax Direct Connect Gateway through the AWS Console.
You can only create a Transit virtual interface on a hosted connection with a capacity of 1Gbps or greater.
Transit or Private virtual interfaces?
Both Transit and Private virtual interfaces are valid approaches to providing Direct Connect connectivity. A Transit virtual interface is the preferred approach due to the straightforward integration with Transit Gateways, however the requirement of having a 1Gbps or higher Direct Connect connection can make this unachievable.