heise PlusAbo

AWS Interconnect: Multicloud networking without VPN and colocation

AWS Interconnect connects VPCs of different cloud providers via private backbones – without VPN tunnels, colocation, or manual network configuration.

listen Print view
A white cloud symbol above a server rack with many cables.

(Image: heise medien)

5 min. read
iX Magazin
By
Contents

Amazon has moved its AWS Interconnect network service to general availability (GA). The managed service establishes private, dedicated connections – both between AWS and other cloud providers (multicloud) and between AWS and its own locations (last mile). AWS aims to reduce the previously high effort required for setting up and operating hybrid and multicloud-capable networks.

The background is that companies are increasingly running their workloads with multiple cloud providers, for example, to use specialized services or meet regulatory requirements. Networking such environments has so far often required a combination of VPN tunnels, colocation connections, and third-party networks – with corresponding configuration and operational effort.

Private Layer 3 Connections to Google Cloud

The core of the announcement is AWS Interconnect – multicloud. The service establishes a private Layer 3 connection between AWS VPCs and VPCs of other cloud providers. Initially, AWS only supports Google Cloud, but Microsoft Azure is expected to follow in 2026. Data traffic runs exclusively over the private backbones of the participating providers, not over the public internet. This is intended to ensure stable latencies and consistent throughput.

Technically, it is a fully managed routing connection at the IP level that integrates into existing VPC routing structures. Unlike classic VPN connections, manual setup of tunnels or encryption is eliminated. Instead, AWS activates MACsec (IEEE 802.1AE) by default on the physical connection – encryption at Layer 2 between the participating routers. For resilience, multiple logical connections across at least two physical locations are provided: if a device or location fails, the connection remains active.

For monitoring, AWS Interconnect – multicloud integrates with Amazon CloudWatch. Each connection includes a Network Synthetic Monitor that continuously measures round-trip latency and packet loss. The data can be used for capacity planning and SLA monitoring.

Setup in Minutes Instead of Weeks

According to AWS, setup takes just a few minutes via the management console: users select the cloud provider, regions, and bandwidth, receive an activation key, and enter it on the other side – for example, in the Google Cloud console or via CLI. Both sides then automatically exchange routing information, allowing workloads to communicate without further network configuration.

In practice, there are some constraints: IP address ranges of the connected networks must not overlap. Both sides must use the same IP version (IPv4, IPv6, or Dual Stack). The Maximum Transmission Unit (MTU) must also match – different values lead to fragmentation, packet loss, and performance degradation.

Last Mile: Location Connectivity via Existing Providers

With AWS Interconnect – last mile, AWS introduces a second function that connects company locations. It simplifies the last mile between own data centers, branches, or remote offices and AWS via existing network providers. The process is similar to the multicloud variant: setup is also done via the AWS console with an activation key for the respective provider.

AWS automatically provides four redundant connections across two physical locations, configures BGP routing, activates MACsec encryption, and enables jumbo frames. Manual planning of redundancy and failover, as is common with classic carrier setups, is eliminated. Bandwidth ranges from 1 to 100 Gbit/s and can be adjusted without re-provisioning. AWS states availability of 99.99 percent up to the Direct Connect port.

Integration into Existing AWS Network Architectures

Both variants integrate into existing AWS network architectures. Multiple VPCs can be connected via a Transit Gateway as a central routing hub. For globally distributed environments, AWS Cloud WAN is available, which implements cross-location routing policies and segmentation – for example, to separate development, production, and regulated environments.

AWS has published the technical specification on GitHub under the Apache 2.0 license on GitHub to attract more cloud providers as partners. Prerequisites for integration include defined resilience requirements as well as support and SLA commitments.

Videos by heise

Pricing and Availability

AWS charges an hourly fee for both variants, tiered according to the selected bandwidth. For the multicloud variant, the price also varies by region pair. At launch, AWS Interconnect – multicloud is available in five region pairs between AWS and Google Cloud, specifically in US East (N. Virginia), US West (N. California), US West (Oregon), Europe (London), and Europe (Frankfurt) – each directly connected to the corresponding Google Cloud region with Lumen as the first partner. Additional providers such as AT&T and Megaport, as well as further regions, are in preparation by AWS.

A detailed setup guide can be found in the announcement from AWS.

Read also

(fo)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten