Abstract: Metadata indicating that a virtual traffic hub enabling connectivity between a plurality of isolated networks has been established is stored. A determination is made that a first entry of a first isolated network attached to the hub is to be represented in a second routing table of a second isolated network attached to the hub, e.g., to enable network packets originating at resources of the second isolated network to be transmitted via the hub to the first isolated network. A new entry corresponding to the first entry is included in the second routing table.

Abstract: Network pathways are identified to transfer packets between a pair of regional virtual traffic hubs of a provider network. At a first hub of the pair, a first action is performed, resulting in a transmission of a packet received from a first isolated network to the second hub along a pathway selected using dynamic routing parameters. At the second hub, a second action is performed, resulting in the transmission of the packet to a destination within a second isolated network.

Abstract: An indication of a set of premises between which network traffic is to be routed via a private fiber backbone of a provider network is obtained. Respective virtual routers are configured for a first premise and a second premise, and connectivity is established between the virtual routers and routing information sources at the premises. Contents of at least one network packet originating at the first premise are transmitted to the second premise via the private fiber backbone using routing information obtained at the virtual routers from the routing information source at the second premise.

Abstract: Systems and methods are provided to enable packets of network traffic to be hashed to available network gateway. Each packet can include a route table with a pool of network gateways as a next-hop of the packet. A network device may intercept the packet and hash the packet to a network gateway of the pool of network gateways. The network gateway can correspond to a stateful network router and the stateful network router can transmit the packet to a network appliance. The network device can monitor and perform health-checks on the network gateways, the stateful network routers, and the network appliances. The network device can remove components that are no longer healthy or available and can add components that subsequently become healthy.

Abstract: This disclosure describes techniques for configuring and managing scalable global private networks associated with a service provider. Different input mechanisms, such as an API, a UI, or a CLI may be utilized to configure, and manage a global private network that spans across the cloud in different geographic locations and connects to different stand-alone networks. The user may proactively use the input mechanisms to configure and query different network resources to reactively configure settings for reacting to one or more events. The input mechanisms may also be utilized to define the network resources to be modeled within the global private network as well as connections within the global network. A user may configure events/metrics to be monitored, tasks/workflows to be performed, and the like. In some configurations, a network management service (NMS) may perform health monitoring and reachability monitoring to identify possible issues in the global network.

Abstract: A pair of virtual routers is configured. In response to programmatic requests, dynamic transfer of routing information between the routers in accordance with configuration settings indicated by a client is enabled. The routing information is associated with a set of isolated networks to which the virtual routers are attached. A network packet originating at an address in a first isolated network is transmitted to an address in a second isolated network using a route determined from routing information transmitted between the virtual routers according to the configuration settings.

Abstract: A message indicating an auxiliary task associated with traffic transmitted via a virtual router between a pair of isolated networks is received at an offloading device. A stack multiplexer at the offloading device selects a protocol stack instance to process the message. A result of the auxiliary task is obtained by the multiplexer from the selected protocol stack instance and transmitted to the virtual router, where it is used to transmit a packet between the isolated networks.

Abstract: An indication of a set of premises between which network traffic is to be routed via a private fiber backbone of a provider network is obtained. Respective virtual routers are configured for a first premise and a second premise, and connectivity is established between the virtual routers and routing information sources at the premises. Contents of at least one network packet originating at the first premise are transmitted to the second premise via the private fiber backbone using routing information obtained at the virtual routers from the routing information source at the second premise.

Abstract: Network pathways are identified to transfer packets between a pair of regional virtual traffic hubs of a provider network. At a first hub of the pair, a first action is performed, resulting in a transmission of a packet received from a first isolated network to the second hub along a pathway selected using dynamic routing parameters. At the second hub, a second action is performed, resulting in the transmission of the packet to a destination within a second isolated network.

Abstract: Metadata indicating that a virtual traffic hub enabling connectivity between a plurality of isolated networks has been established is stored. A determination is made that a first entry of a first isolated network attached to the hub is to be represented in a second routing table of a second isolated network attached to the hub, e.g., to enable network packets originating at resources of the second isolated network to be transmitted via the hub to the first isolated network. A new entry corresponding to the first entry is included in the second routing table.

Abstract: This disclosure describes techniques for configuring and managing scalable global private networks associated with a service provider. Different input mechanisms, such as an API, a UI, or a CLI may be utilized to configure, and manage a global private network that spans across the cloud in different geographic locations and connects to different stand-alone networks. The user may proactively use the input mechanisms to configure and query different network resources to reactively configure settings for reacting to one or more events. The input mechanisms may also be utilized to define the network resources to be modeled within the global private network as well as connections within the global network. A user may configure events/metrics to be monitored, tasks/workflows to be performed, and the like. In some configurations, a network management service (NMS) may perform health monitoring and reachability monitoring to identify possible issues in the global network.

Abstract: At a computing service, an indication of associations of a set of network interfaces with a gateway is obtained. Individual ones of the interfaces are configured in respective availability-based resource groups. In response to detecting that a message originates at a resource within a particular availability-based resource group, a network interface of the set is selected based at least partly on the source of availability-based resource group, and the message is transmitted to a network address assigned to the selected interface.

Abstract: Systems and methods are provided to enable packets of network traffic to be routed to a network appliance. Bidirectional flows of network traffic can be routed to the same network appliance based on flow information of the corresponding packets. A network device may intercept the packet corresponding to a first flow and route the packet to a specific network appliance based on the first flow information. The network device may generate a direction agnostic tuple value based on data groups of the first flow information. The network device may propagate the direction agnostic tuple value across availability zones to a second network device in a different availability zone to store the direction agnostic tuple value for use for subsequent packets. The second network device can receive a second packet and transmit the second packet to the same network appliance based on the direction agnostic tuple value.

Abstract: A category of auxiliary tasks (such as routing configuration management or packet content transformation) associated with transmission of network packets between sets of network endpoints is determined. A virtual router is configured to transmit the packets between the sets of network endpoints. Connectivity is enabled between the virtual router and an auxiliary task offloading resource. Results of an auxiliary task performed at the offloading resource are used to transmit at least some packets between the sets of network endpoints.

Abstract: Managed multicast communications may be implemented across isolated networks. A virtual traffic hub may be implemented that connects different isolated networks. A control plane for the virtual traffic hub may accept requests to enable a multicast group between different isolated networks connected to the virtual traffic hub. The multicast group may then be enabled at the virtual traffic hub so that requests to add members to the multicast group and data packets directed to the multicast group can be handled according to multicast protocols by the virtual traffic hub.

Abstract: At a computing service, an indication of associations of a set of network interfaces with a gateway is obtained. Individual ones of the interfaces are configured in respective availability-based resource groups. In response to detecting that a message originates at a resource within a particular availability-based resource group, a network interface of the set is selected based at least partly on the source of availability-based resource group, and the message is transmitted to a network address assigned to the selected interface.

Abstract: Metadata indicating that a virtual traffic hub enabling connectivity between a plurality of isolated networks has been established is stored. A determination is made that a first entry of a first isolated network attached to the hub is to be represented in a second routing table of a second isolated network attached to the hub, e.g., to enable network packets originating at resources of the second isolated network to be transmitted via the hub to the first isolated network. A new entry corresponding to the first entry is included in the second routing table.

Abstract: This disclosure describes techniques for configuring and managing scalable global private networks associated with a service provider. Different input mechanisms, such as an API, a UI, or a CLI may be utilized to configure, and manage a global private network that spans across the cloud in different geographic locations and connects to different stand-alone networks. The user may proactively use the input mechanisms to configure and query different network resources to reactively configure settings for reacting to one or more events. The input mechanisms may also be utilized to define the network resources to be modeled within the global private network as well as connections within the global network. A user may configure events/metrics to be monitored, tasks/workflows to be performed, and the like. In some configurations, a network management service (NMS) may perform health monitoring and reachability monitoring to identify possible issues in the global network.

Abstract: This disclosure describes techniques for configuring and managing scalable global private networks associated with a service provider. Different input mechanisms, such as an API, a UI, or a CLI may be utilized to configure, and manage a global private network that spans across the cloud in different geographic locations and connects to different stand-alone networks. The user may proactively use the input mechanisms to configure and query different network resources to reactively configure settings for reacting to one or more events. The input mechanisms may also be utilized to define the network resources to be modeled within the global private network as well as connections within the global network. A user may configure events/metrics to be monitored, tasks/workflows to be performed, and the like. In some configurations, a network management service (NMS) may perform health monitoring and reachability monitoring to identify possible issues in the global network.

Abstract: This disclosure describes techniques for configuring and managing scalable global private networks associated with a service provider. Different input mechanisms, such as an API, a UI, or a CLI may be utilized to configure, and manage a global private network that spans across the cloud in different geographic locations and connects to different stand-alone networks. The user may proactively use the input mechanisms to configure and query different network resources to reactively configure settings for reacting to one or more events. The input mechanisms may also be utilized to define the network resources to be modeled within the global private network as well as connections within the global network. A user may configure events/metrics to be monitored, tasks/workflows to be performed, and the like. In some configurations, a network management service (NMS) may perform health monitoring and reachability monitoring to identify possible issues in the global network.