Network Performance Insight Into AWS, Azure, and GCP

ThousandEyes recently released its 2018 Public Cloud Performance Benchmark Report that compares network performance for the three major cloud infrastructure providers, Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP).

ThousandEyes leveraged its installed base of global monitoring points, along with agents deployed within the cloud providers, to collect and trend network performance metrics focusing on three scenarios:

• Network Performance from globally distributed testing locations to various regions across the three cloud providers

• Network Performance for connectivity between availability zones and between regions within each cloud provider

• Network Performance between cloud providers

Below are some key insights from the ThousandEyes report that organizations should consider when selecting cloud infrastructure providers. Since the cloud providers are likely to continue to update and improve their network infrastructure, these insights reflect a point in time assessment. Organizations may need to consider developing their own testing and benchmarking of cloud provider network performance over time.

AWS traffic flows are more dependent on Internet Service Provider backbones than Azure or GCP

Perhaps the most interesting observation coming out of the ThousandEyes study, is the different approaches taken by the cloud providers for routing traffic to and from Internet destinations.

Azure and GCP configure their Internet peering points so that traffic enters and exits their backbones at the closest point possible to the end user. Conversely, AWS influences traffic to stay on the public Internet for as long as possible before it enters the AWS network at the target AWS region.

As a result, Azure and GCP have more influence over the network performance of traffic flows in and out of their data centers while AWS is more dependent on Internet Service Provider (ISP) network quality.

Regional performance varies across providers

ThousandEyes maintains a global fleet of monitoring points that are used to instrument various network performance tests against any Internet accessible host endpoint. In addition, the ThousandEyes testing capabilities can also be deployed within private Enterprise networks, either in a data center or at one the cloud providers.

Taking advantage of both these capabilities, ThousandEyes was able to pull together detailed network performance metrics from the perspective of users across the globe to and from each global region of all three cloud providers.

One of the most notable observations was that AWS had the most volatile latency variations in some of the Asia Pacific regions. A key element to this variance appears to be the greater dependency that AWS has on ISPs to carry user traffic until it is delivered to AWS data centers.

Another observation was that some geographic locations, such as Europe, experienced much longer latencies connecting to GCP regions in India as compared to AWS and Azure regions in India. ThousandEyes network path tracing results demonstrated that the GCP backbone network does not have direct connectivity between Europe and India and therefore routes traffic from Europe back through the United States before forwarding to India.

For many US-based organizations these findings may not come into play when evaluating which providers to use for cloud workloads, but for companies that have applications supporting a global footprint of users, some of these variances may warrant careful consideration when selecting cloud infrastructure providers.

Inter-availability zone traffic performance is reliable and robust for all cloud providers

An availability zone is a subset of the infrastructure, engineered to provide fault isolation from other availability zones within a cloud provider region. All three of the cloud providers offer highly available infrastructure services using availability zones. Availability zones are essentially different data centers within a geographical region that allow customers to spread highly available services across multiple data centers. Properly configured critical services that span availability zones are able to survive any single data center outage.

Supporting high availability deployments across redundant data centers is not a new concept. For years, many organizations have supported critical applications with this type of design in privately owned data centers. Redundant high-speed and low-latency communication links are critical in these types of infrastructure designs to support the performance and failover requirements of these solutions.

ThousandEyes deployed testing agents across availability zones to benchmark the network performance of these high availability offerings in different regions for each cloud provider.

The results demonstrate that all three cloud providers have evolved to the point where the availability zone performance experiences are similar, with each cloud provider delivering latencies of 1ms or better between availability zones. The cloud providers may still be able to differentiate from each other in terms of which services can be offered across availability zones, but from a network performance perspective, the results are similar across providers.

Enterprises should be able to take advantage of multiple availability zone deployments without worrying about network performance for all but the most stringent of application latency requirements.

Inter-Region traffic performance is consistent within all three cloud providers

All three of the cloud providers carry traffic across their private backbone networks when supporting connectivity between global regions. As a result, latency is generally lower going from region to region within a cloud provider as compared to traffic traversing the native Internet between the same two regions.

Enterprises with more than one active geographic region and a global footprint of end-users should consider using the cloud provider backbone as transport versus the native Internet to ensure more consistent network performance.

BGP peering relationships between AWS, Azure and GCP result in efficient cloud to cloud network performance for all scenarios.

The ThousandEyes study verified that all three cloud providers maintain BGP peering sessions with each other at multiple geographic locations. Almost all traffic between cloud providers is transported directly across these peering sessions without heavy reliance on ISP backbone networks. These peering arrangements will support enterprises seeking cloud-cloud connectivity for application access, data migration or data replication requirements.

This performance data helps mitigate concerns about supporting cloud deployments across multiple providers.

Learn how Hybrid Pathways can help design and secure enterprise cloud deployments

Hybrid Pathways assists customers with designing and securing cloud infrastructure deployments. In addition, Hybrid Pathways is a ThousandEyes partner with innovative solutions for helping customers get the most out of their investment in the platform. Contact us for more information or product demonstration.