By using AWS re:Post, you agree to the Terms of Use

AWS Transit Gateway Site-to-Site VPN Dynamic routes limit of 100. Is it per Connection or Aggregate?


Is the dynamic routes advertised from a customer gateway device to a Site-to-Site VPN connection on a Transit Gateway (TGW) limit of 100 per attachment or aggregate?

What happens if there are multiple VPN attachments to the same TGW? Say I have a VPN to the TGW and I’m learning 75 routes there from propagation, and then another VPN attached to the TGW with another 75 routes advertised there. Will that have any issues, since it will be 150 routes learned to the TGW? Is the total aggregate to the TGW or per connection and then limited to the total 10,000 total routes per TGW?

1 Answer
Accepted Answer

The 100 routes from on-premises is per VPN attachment and can scale out with multiple VPN attachments. We'd typically recommend route summarization or using a default route for situations where a customer wants to advertise over 100 routes. If neither of those options will work, the customer can use multiple VPN attachments and splitting the routes. The 10,000 route limit is the total per TGW. Another thing to look out for here is that you can advertise up to 1,000 routes to on-premises through VPN. Make sure you don't have more routes than that in the TGW route table, as the max routes advertised from a Site-to-Site VPN connection on a TGW to a customer gateway device: 1,000

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions