I want to add or remove IPv4 or IPv6 address prefixes to my existing AWS Direct Connect public virtual interface (VIF).
Resolution
You must own the IP address prefixes that you advertise to the AWS network in the public VIF. To advertise IP address prefixes that are owned by third parties or Internet Service Providers (ISPs), provide AWS Support with a Letter of Authorization (LOA). For more information on this process, see My Direct Connect public virtual interface is stuck in the "Verifying" state. How can I get it approved?
Verify the ownership of the public IP address prefix
Access the whois tool that belongs to your Regional Internet Registry (RIR):
Optional: You can also use the command line interface tool whois query on your preferred system.
On macOS or Linux:
whois -h whois.arin.net 192.0.2.20
Replace the following values with your values:
- whois.arin.net with the name of the ARIN's whois server
- 191.0.2.20 with the IP address that you want to check
The output looks similar to the following one:
NetRange: 192.0.2.0 - 192.0.2.255
CIDR: 192.0.2.0/24
NetName: TEST-NET-1
NetHandle: NET-192-0-2-0-1
Parent: NET192 (NET-192-0-0-0-0)
NetType: IANA Special Use
OriginAS:
Organization: Internet Assigned Numbers Authority (IANA)
RegDate: 2009-06-29
Updated: 2013-08-30
If you're the owner, then the values of the Organization and Point of Contact fields on the output match the information on your AWS account.
Add an IP address prefix that you own to an existing public VIF
Use the account that owns the public VIF to submit a support case to AWS Support. Provide the following details:
- Public virtual interface ID
- IPv4 or IPv6 address prefixes that you want to include in the existing public VIF
After you contact AWS Support, your case is forwarded to the Direct Connect team to complete the verification and allow-listing process.
Add an IP address prefix that's owned by a third party or ISP to an existing public VIF
Use the account that owns the public VIF to submit a support case to AWS Support. Provide the following details:
- Public virtual interface ID
- IPv4 or IPv6 address prefixes that you want to include in the existing Public VIF
- Letter of Authorization (LOA)
After you contact AWS Support, your case is forwarded to the Direct Connect team to complete the verification and allow-listing process.
Remove prefixes from the Direct Connect public VIF
Use the account that owns the public VIF to submit a support case to AWS Support. Provide the following details:
- Public virtual interface ID
- IPv4 or IPv6 address prefixes that you want to remove
Update BGP peer status
Wait until the new IP address prefixes are added for the public VIF. Then, initiate a Border Gateway Protocol (BGP) Outbound Soft Refresh action in the customer gateway device to resend the latest prefixes to the Direct Connect endpoint.
Cisco router example configuration
The following example BGP Outbound Soft Refresh command is for a Cisco router. For more information, see BGP command reference on the Cisco website.
Enter the following command in your router's terminal. Replace the example values with your own values for the Direct Connect public VIF peer IP address.
clear ip bgp 198.51.100.1 soft out
Juniper router example configuration
The following example BGP Outbound Soft Refresh command is for a Juniper router. For more information, see BGP user guide on the Juniper website.
Enter the following command in your router's terminal. Replace the example values with your own values for the Direct Connect public VIF peer IP address.
clear bgp neighbor 198.51.100.1 soft