My Direct Connect public virtual interface is stuck in the "Verifying" state. How can I get it approved?

4 minute read
0

I created an AWS Direct Connect public virtual interface, but it's still in the "Verifying" state.

Short description

When you create a public virtual interface, the Direct Connect team must approve the following information:

  • The Border Gateway Protocol (BGP) Autonomous System Number (ASN), if it's a public ASN.
  • The public peer IP addresses
  • The public prefixes that you plan to advertise over the virtual interface

Before the Direct Connect team approves this information, it must verify your ownership of the public IP prefixes and BGP ASN. To do this, the team confirms that the Regional Internet Registry (RIR) information belongs to the organization that's listed in your AWS account.

Resolution

Check If your public virtual interface is in the Verifying state for more than 72 hours, counting only weekdays. After this time elapses, check the root email address that's registered to your AWS account for an email from the Direct Connect team. This email states that the owner of the BGP ASN or one of your public IP prefixes doesn't match your account details.

If the BGP ASN or an IP prefix doesn't match your account, then contact AWS Support or the Direct Connect team to resolve the mismatch. Refer to the most appropriate option for you, depending on whether you have an AWS Support plan. When you resolve the mismatch, the Direct Connect team approves your public virtual interface.

Contact AWS Support

Ask the BGP ASN and IP prefix owner to send you a Letter of Authorization (LOA), written on company letterhead. The LOA must authorize the use of the public IP prefixes or BGP ASN for the public virtual interface dxvif-11aa22bb with your AWS account [123456789012]. They can use the following LOA template:

\[Company Letterhead\]

                        LETTER OF AUTHORIZATION (LOA)
\[Date\]

To whom it may concern,

This letter serves as authorization for \[AWS Account Name\] with Account Number: \[123456789012\] 
to use the BGP Autonomous System Number (ASN) or advertise the following IP address prefixes over the Public Virtual Interface \[dxvif-11aa22bb\]:
- AS64496 - Example of BGP ASN that needs to be approved
- 192.0.2.0/24, 198.51.100.0/24 - Example of IPv4 address/CIDR prefixes that need to be approved
- 2001:db8::/32 - Example of IPv6 address/CIDR prefix of /64 or shorter that needs to be approved
  
As a representative of \[Company Name\], the owner of BGP ASN and these subnets, I hereby declare that I'm authorized to represent and sign for this LOA.

From,
  
\[Signature\]
\[Full Name\]
\[Designation\]
\[IP Owner Company Name\]
\[IP Owner phone number\]
\[IP Owner email ID\]

After you have the LOA, complete the following steps based on your support plan.

Developer, Business, Enterprise On-Ramp, and Enterprise Support plans

1.    Log in to the AWS Support console using the AWS account that owns the public virtual interface.

2.    Choose Create case.

3.    Select Technical as the type of support case.

4.    For Service, choose Direct Connect.

5.    For Category, choose General guidance.

6.    For Severity, choose General guidance.

7.    Choose Next step: Additional information. Then, enter a Subject and Description. For Attachments, upload your LOA.

8.    Choose Next step: Solve now or contact us. Select the Contact us pane, and then choose Submit.

Your case is forwarded to the Direct Connect team to complete the verification and approval process.

Basic Support plans

1.    Log in to the AWS Support console using the AWS account that owns the public virtual interface.

2.    Choose Create case.

3.    Choose Account and billing as the type of support case.

4.    For Service, choose General Info and Getting Started.

5.    For Category, choose Using AWS & Services.

6.    For Severity, choose General question.

7.    Choose Next step: Additional information. Then, enter a Subject and Description. For Attachments, upload your LOA.

8.    Choose Next step: Solve now or contact us. Select the Contact us pane, and then choose Submit.

Customers without an AWS Support plan

Ask the BGP ASN or IP prefix owner to email directconnect-requests@amazon.com. Attach a copy of the LOA in your email. The owner must authorize the use of the public IP prefixes or BGP ASN for the public virtual interface dxvif-11aa22bb with your AWS account. Make sure that they state this in the email.

Related information

AWS Direct Connect virtual interfaces

Which type of Direct Connect virtual interface should I use to connect different AWS resources?

AWS OFFICIAL
AWS OFFICIALUpdated a year ago