- Le plus récent
- Le plus de votes
- La plupart des commentaires
Hi,
Simply put, the VPN tunnel is randomly chosen by AWS and is called the preferred tunnel. If your AWS VPN connection (static route type) has an active/active configuration (both tunnels are up), you cannot configure your preferred specific tunnel in AWS to send traffic.
But, for dynamic AWS VPN connections (Active/Active), you can set the customer gateway device to prefer one VPN tunnel over the other by leveraging the order of preference criteria:
- Advertising more specific prefix over preferred tunnel
- Advertising shorter ASPATH over the preferred tunnel
- Setting lower MED values over the preferred tunnel
Hope this helps
Hello,
See this Knowledge center article:
https://aws.amazon.com/premiumsupport/knowledge-center/vpn-configure-tunnel-preference/
Note also below from our documentation
We recommend that you use BGP-capable devices, when available, because the BGP protocol offers robust liveness detection checks that can assist failover to the second VPN tunnel if the first tunnel goes down. Devices that don't support BGP may also perform health checks to assist failover to the second tunnel when needed.
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a un an
- demandé il y a 2 mois
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 2 ans
- Comment créer une connexion VPN avec mes propres valeurs PSK et des adresses IP de tunnel internes ?AWS OFFICIELA mis à jour il y a 2 ans
Are you using Static route based VPN or BGP based Dynamic VPN?