Many companies and other organizations operate computer networks that interconnect numerous computing systems to support their operations and the services they provide to their end customers distributed worldwide. For example, data centers housing significant numbers of interconnected computing systems have become commonplace, such as private data centers that are operated by and on behalf of a single organization, and public data centers that are operated by entities as businesses to provide computing resources to customers. In many cases providers set up large networks that may logically span several regions or even countries, and may include numerous data centers with varying levels of services and facilities available, utilized together to provide a unified set of services to their end customers.
In some data centers that have been set up to provide computing and/or storage facilities to remote clients, the set of computational resources at the data center may be dynamically divided into resource pools, with each pool being made available for exclusive use by a given client for designated periods of time. There are a number of alternatives available for how the consumers of these facilities establish network connectivity to the resource pools that have been designated for their use. The customer requests may originate from a wide variety of devices—desktop personal computers, laptops, client-office servers, tablets, smart phones and the like. These devices may use either long-lasting network links (e.g., using a client office network with a T1 connection) to communicate with their proximate private network and/or the public Internet, or they may have transient connectivity (e.g., in the case where the customer uses a mobile smart phone). The proximate networks to which the customer devices are directly connected may in turn route request traffic to the provider network's data centers over a wide variety of paths. Such paths in many cases may have somewhat unpredictable performance, reliability and security characteristics.
For some types of service requests, such as a request from a customer to read a recent news article from a web-based news provider, a reasonable variation in responsiveness and an occasional dropped connection may be acceptable. However, for many business-related data transmissions, such as stock quote services and stock purchase order services provided by online stock traders, or for high-bandwidth software package deployments originating at a software development center, more stringent performance, reliability and security needs may exist. In such environments, a customer of the provider network may need a greater level of network isolation and control than is generally available over the public Internet. For example, the customer may wish to establish, if possible, dedicated physical paths between the customer's own network and the provider network, such that the only traffic transmitted over those paths is traffic generated on behalf of the customer and in accordance with policies established by the customer. Depending on the physical locations of various client network devices, it may not be easy for the client to discover, on its own, how best to establish such connections. Furthermore, to meet quickly changing business needs, customers may want the ability to enable, modify (e.g., by changing maximum supported bandwidth or other characteristics) and disable connections between the customer network and the provider network dynamically and with a minimum of effort and delay.
While embodiments are described herein by way of example for several embodiments and illustrative drawings, those skilled in the art will recognize that embodiments are not limited to the embodiments or drawings described. It should be understood, that the drawings and detailed description thereto are not intended to limit embodiments to the particular form disclosed, but on the contrary, the intention is to cover all modifications, equivalents and alternatives falling within the spirit and scope as defined by the appended claims. The headings used herein are for organizational purposes only and are not meant to be used to limit the scope of the description or the claims. As used throughout this application, the word “may” is used in a permissive sense (i.e., meaning having the potential to), rather than the mandatory sense (i.e., meaning must). Similarly, the words “include,” “including,” and “includes” mean including, but not limited to.