VIF (Virtual Interfaces)

 Private VIF ────→ VPC

Private VIF 1 ┐
              ├─→ DX Gateway ────→ VPC
Private VIF 2 ┘

Different types of Virtual Interfaces (VIFs):

  • Private Virtual Interface (Private VIF):

    • Use when you need private connectivity to VPCs

    • For accessing private AWS resources (EC2, RDS, etc.)

    • When you want to extend your private network to AWS

    • Best for regular workload traffic between on-premises and AWS

    • Supports IPv4 and IPv6 private addressing

    • Requires BGP for route advertisement

  • Public Virtual Interface (Public VIF):

    • Use when you need direct access to AWS public services

    • For accessing AWS public endpoints without internet transit

    • When you need to access AWS services like S3 or DynamoDB directly

    • For using AWS APIs over Direct Connect

    • Allows you to access public AWS services from your network

    • Can advertise your public IP addresses to AWS

  • Transit Virtual Interface (Transit VIF):

    • Use when connecting to AWS Transit Gateway

    • For hub-and-spoke network architectures

    • When you need to connect multiple VPCs across regions

    • For complex routing scenarios requiring Transit Gateway features

    • Enables connectivity to thousands of VPCs

    • Supports multicast routing

  1. Technical Limitations:

    • A private virtual interface can only be associated with either:

      • A single VPC through a Virtual Private Gateway

      • OR a Direct Connect Gateway

    • It cannot be associated with both simultaneously

    • Cannot "move" or "reassign" an existing VIF - it must be deleted and recreated

PreviousDirect ConnectNextVIF VS ENI

Last updated

Was this helpful?