- Le plus récent
- Le plus de votes
- La plupart des commentaires
Hi
The route table of the Virtual Private Gateway is what you have configured in your VPC route table, there is no separate table although the VGW does have logic.
From your description it looks like you could have a static. or more specific route advertised from the VPN, that takes priority over the routes from the Direct Connect.
For Example, If Direct Connect is advertising 10.0.0.0/8 and VPN is advertising 10.0.0.0/16, addresses in the 10.0.0.0/16 will go down the VPN.
If there are not more specific routes from the VPN it could be that both the Direct Connect and the VPN are advertising the same routes via BGP. In these cases the new BGP session generally take priority. What you would need to do is implement AS_PATH to provide preference information to AWS.
For Example, set Direct Connect AS_PATH 65001 (your ASN) and VPN AS_PATH as 65001,65001 this way Direct Connect will take preference in BGP because of the shorter path.
Take a look at vpn-route-priority which explains the route preferences in more detail.
Also look at DX Routing as it shows AS_PATH and also BGP local preference tags which could also help.
Contenus pertinents
- demandé il y a 3 mois
- demandé il y a 2 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an
- Comment connecter différentes succursales à l'aide de AWS Site-to-Site VPN et d'AWS Direct Connect ?AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 9 mois