In this course, we will analyze the most cost-effective connectivity options between AWS and on-premises environments and the key networking cost contributors in these architectures.
- A greater understanding of networking costs in hybrid architectures, including:
- The costs of connectivity services like Direct Connect, Site-to-Site VPN, and Transit Gateway
- How to select the most cost-effective connectivity option considering your business requirements
- Those who are planning on implementing and managing hybrid architectures on AWS and need to better understand the cost implications of the different connectivity options
- You should have a fundamental understanding of networking services on AWS, including VPCs, Direct Connect, Site-to-Site VPNs, and Transit Gateway.
- For more information on these services, please see our existing content titled:
In this lecture, I’ll be discussing the various networking charges associated with Direct Connect-based hybrid architectures. To do this, I’ll first discuss the costs of the most basic Direct Connect architecture for non-critical workloads. We’ll then look at these costs in an architecture designed for maximum resiliency.
So let’s look at the first architecture - this is the simplest Direct Connect implementation. In this example, you have the Direct Connect facility (or colocation) in the middle, your AWS resources on the right side, and your on-premises facility on the left side.
The first cost factor is the Direct Connect line itself. The cost of the Direct Connect line is dependent on four main factors:
The number of Direct Connect locations,
The number of ports in use per location,
The port type, whether it’s dedicated or hosted,
and the port capacity.
Since this is the simplest use case, this architecture uses only one location - for example, the Ohio Colocation, and only one port in that location.
The next choice is whether you want a dedicated line or a partner-managed hosted connection. At face value, this decision doesn’t impact cost in a significant way. Instead, this choice is dependent on business requirements.
However, the port type you choose can also drive your decision for port capacity. If you choose a dedicated port, you can choose between a 1G, 10G, or 100G line. If you select a hosted connection, you have options between 50 Mbps and 10G. Selecting port capacity is a more significant cost factor. Generally the higher the port capacity, the more expensive your fees. For this simple example, I’ll say this is a dedicated 1 GB line.
The port type and the port capacity determine what the port hourly rate is. You can consider this the service charge. For example, a dedicated 1 GB line would give you a $0.30 per hour rate per port you use. You then multiply that rate by how many hours the line is active, which for most customers is 100% of the month - or 730 hours. So, 730 hours multiplied by $0.30 an hour, multiplied by how many ports you use, which in this case is 1. That gives you $219 US dollars per month for the Direct Connect Line.
The next cost to factor in is data transfer. Data transfer into AWS is free, however, data transfer out of AWS is not. Now, this fee is dependent on where your data is going, but let’s just assume that it’s leaving a US region and going to your Ohio data center. In this case, data transfer would cost $0.02 per GB. So for example, if you transfer 1 TB of data per month which is 1024 GB, you would multiply $0.02 by 1024 GB, which equals $20.48 US dollars per month.
What’s important to understand here is that the data transfer fees can make Direct Connect the best option for workloads that transfer large volumes of data. That’s because the Direct Connect data transfer fee is actually a reduced rate and can save you money over time, especially since you won’t be relying on your internet connection to transfer huge amounts of data.
There may be additional provisioning costs as well, depending on how your network is configured. For example, you may need to include the cost of cross connects, or partner fees. You may need racks or equipment within the colocation. You also may need to factor in the cost of customer gateway devices. This will be dependent on your vendor and the performance specs you need and can be up to thousands of dollars. The virtual private gateway and Direct Connect gateway come at no additional cost.
So, in summary for this architecture, you have the per-hour service charge, and the data transfer charge plus the provisioning costs. Now the downside of this implementation is resiliency. Direct Connect lines are not highly available by default and require the customer to provision two lines for resiliency. However, this directly impacts your cost.
Let’s compare the cost of the previous architecture to the cost of a maximum resiliency architecture.In this implementation, you use two colocations - let’s say, New Jersey and Ohio this time. Once again, you use dedicated lines. Then you embed high availability on both sides of the endpoint, using two separate ports at each location which terminate at each AWS device. On the customer side, you have two customer routers in each location.
Just by looking at the architecture, you can see your costs will dramatically increase. You now have double the infrastructure almost everywhere. More data centers, more customer gateways, two Direct Connect Lines through two different locations and two different ports at each location.
Here’s what the costs would look like: You have (2 locations x 2 ports per location) x $0.30 port hourly rate x 730 hours, which would give you $876. Then you factor in data transfer, which we’ll double at say 2 TB a month, which would give you $40.96. Adding these values up equals $916.96 dollars, which is quite a bit more than the cost of the simple architecture - but you can sleep at night knowing that you now have a highly available implementation.
However, we’re not done with this architecture yet, as there’s another component that is a cost factor here. That’s the Transit Gateway. If you’re using Transit Gateway to connect to other VPCs, you have to add in that cost as well.
For Transit Gateway, the main fees are:
the per attachment hourly cost,
and a data processing fee.
The attachment hourly cost is calculated by taking utilization, in this case 730 hours or 100% of the month, multiplied by the price of the hourly cost which is a fixed rate of $0.05 for each attachment. In this architecture, each Transit Gateway is attached to one VPC, and it’s also attached to the Direct Connect Gateway, which gives us 2 attachments. Two attachments doubles the service charge to $.10 multiplied by 730 hours, which equals $73 monthly for each Transit Gateway.
You then factor in the cost of data processing, which is $0.02 per GB. If you transfer 2 TB of data, that equals an extra $40.96 monthly.
As you can see, using Transit Gateway does increase your costs. However, the benefits of this service may outweigh the cost in the long run. Transit Gateway makes it easier to scale and manage your network. You may find that this lower operational overhead can actually lead to eventual cost savings by reducing maintenance over time.
If you have multiple Direct Connect Locations, and want to connect them together and bypass AWS Regions to send traffic to your on-premises locations, you may want to use AWS Direct Connect SiteLink.
Using this feature would cost an additional fee. With SiteLink, you have all the costs of Direct Connect plus a fixed rate of $0.50 for each hour for each VIF when SiteLink is enabled. So if you have two locations, two VIFs with SiteLink enabled at each location, multiplied by 730 hours in a month, you have 2*2*0.50*730 hours a month, which equals $1,460 per month added onto Direct Connect provisioning fees, Transit Gateway fees, and data transfer costs.
That brings us to the end of this lecture. While Direct Connect does seem more expensive, it is the strongest choice for workloads that transfer high volumes of data and require a more permanent connectivity option. Another thing to keep in mind is that pricing is often not static in AWS. So, for the most up-to-date pricing charges, make sure you check out the AWS pricing documentation. That’s it for this one - see you next time!
Alana Layton is an experienced technical trainer, technical content developer, and cloud engineer living out of Seattle, Washington. Her career has included teaching about AWS all over the world, creating AWS content that is fun, and working in consulting. She currently holds six AWS certifications. Outside of Cloud Academy, you can find her testing her knowledge in bar trivia, reading, or training for a marathon.