Many companies and other organizations operate computer networks that interconnect numerous computing systems to support their operations and the services they provide to their end customers distributed worldwide. In some data centers that have been set up to provide computing and/or storage facilities to remote clients or customers, the set of computational resources at the data center may be dynamically divided into resource pools, with each pool being made available for exclusive use by a given client or customer for designated periods of time. There are a number of alternatives available for how the consumers of these facilities establish network connectivity to the resource pools that have been designated for their use. Some of the connectivity pathways may have somewhat unpredictable performance, reliability and security characteristics.
For some types of service requests a reasonable variation in responsiveness and an occasional dropped connection may be acceptable. However, for many data transmissions, more stringent performance, reliability and security needs may exist. In such environments, a customer of the provider network may need a greater level of network isolation and control than is generally available over the public Internet. From the provider network operator's perspective, managing resources to handle traffic with such enhanced isolation for large (and dynamically changing) numbers of customers may present a non-trivial technical challenge.
While embodiments are described herein by way of example for several embodiments and illustrative drawings, those skilled in the art will recognize that embodiments are not limited to the embodiments or drawings described. It should be understood, that the drawings and detailed description thereto are not intended to limit embodiments to the particular form disclosed, but on the contrary, the intention is to cover all modifications, equivalents and alternatives falling within the spirit and scope as defined by the appended claims. The headings used herein are for organizational purposes only and are not meant to be used to limit the scope of the description or the claims. As used throughout this application, the word “may” is used in a permissive sense (i.e., meaning having the potential to), rather than the mandatory sense (i.e., meaning must). Similarly, the words “include,” “including,” and “includes” mean including, but not limited to. When used in the claims, the term “or” is used as an inclusive or and not as an exclusive or. For example, the phrase “at least one of x, y, or z” means any one of x, y, and z, as well as any combination thereof.