AWS Global Accelerator Quick Overview

What is AWS Global Accelerator?

AWS Global Accelerator is a service that allow traffic to travel around the world within multiple AWS regions, improving the availability and performance of the applications for global audiences with the minimal latency. By default, AWS Global Accelerator provides two static IP addresses (or you can bring your own IP address, BYOIP) which are Anycast [1] across multiple endpoints. Endpoints can be Network Load Balancers, Application Load Balancers, Amazon EC2 instances, or Elastic IP addresses.

How AWS Global Accelerator works

The way how AWS Global Accelerator works is that traffic for your application is routed to the optimal AWS endpoint depends on user’s location, the health of the endpoint, and the endpoint weights. It supports both TCP and UDP protocols. However, the limitations are as follow we should be aware of. The first is that when you use AWS Direct Connect, it does not advertise IP addresses that you use to communicate with Global Accelerator over public virtual interface. Secondly, Global Accelerator does not support processing IP packet fragments or re-assembly[2].

There are two ways to manage customizable the traffic flow that GA sends traffic to your endpoints.

1. Change the traffic dial to limit the traffic for one or more endpoint groups

2. Specify weights to change the proportion of traffic to the endpoints in a group

The traffic dial is to control the percentage of traffic and limits the portion of traffic that an endpoint group accepts, expressed as a percentage of traffic directed to that endpoint group, 0 to 100 (100%). Weights can be useful, for example, to do performance testing within a Region. By default, the weight for an endpoint is 128 — that is, half of the maximum value for a weight, 255.

What we need to know about Accelerators

1. An accelerator in AWS Global Accelerator directs traffic to optimal endpoints

2. Each accelerator includes one or more listeners. A listener processes inbound connections from clients to Global Accelerator.

3. To ensure that only you can bring your IP address space to Amazon, we require two authorizations: use Route Origin Authorization (ROA), or provide proof that you own the IP address range (that is, publish a self-signed X.509 certificate & Keep your private key secure).

4. Support for DNS addressing in Global Accelerator

What we need to know about Listeners

The most important thing for Listeners is the Client affinity. It can direct all requests from a user at a specific source (client) IP address to the same endpoint resource.

1. By default, client affinity for a listener is set to None and Global Accelerator distributes traffic equally between the endpoints in the endpoint groups for the listener. Global Accelerator uses the 5-tuple properties — source IP, source port, destination IP, destination port, and protocol — to select the hash value. Next, it chooses the endpoint that provides the best performance.

2. If you want to maintain client affinity by routing a specific user — identified by their source IP address — to the same endpoint each time they connect, set client affinity to Source IP

Endpoints vs Endpoint groups

1. One endpoint group can have many endpoints in it in one region.

2. Change the traffic dial for endpoint groups, and specify the weights for the endpoints.

3. GA continually monitors the health of all endpoints that are included in an endpoint group.

4. GA tries to failover for unhealthy endpoints

In general, the processes of failover for unhealthy endpoints are

1. If one endpoint is healthy, the other is unhealthy.

2. GA tries three additional endpoint groups to find a healthy endpoint with a weight greater than zero.

3. If it doesn’t find one, Global Accelerator routes traffic to a random endpoint in the endpoint group that is closest to the client.

Summary of AWS Global Accelerator use cases

So far we know the basic working mechanism of the AWS Global Accelerator, but what we need to expect to implement it in a real world. The following use cases may help to understand what we need to be noticed

1. Scale for increased application utilization

With Global Accelerator, you can add or remove endpoints in AWS Regions, run blue/green deployment, and do A/B testing without having to update the IP addresses in your client applications.

2. Acceleration for latency-sensitive applications

With Global Accelerator, it allows traffic to travel around the world within multiple AWS regions with minimal latency, serving the minimal response time and improving the user experience when browsing the website.

3. Disaster recovery and multi-region resiliency

GA tries to failover for unhealthy endpoints. If one endpoint fails, GA will redirect the traffic to another endpoint.

References

[1] For further information regarding anycast, please refer to https://en.wikipedia.org/wiki/Anycast

[2] Further information regarding IP fragmentation, please refer to https://en.wikipedia.org/wiki/IP_fragmentation.

[3] For AWS Global Accelerator document, please refer to https://docs.aws.amazon.com/global-accelerator/latest/dg/what-is-global-accelerator.html