Why is AWS Direct Connect advertising prefixes with a minimum path length of 3?
Our public virtual interface routing policies for AWS Direct Connect state that "AWS Direct Connect advertises prefixes with a minimum path length of 3."
We prepend ASN 7224 to the AS PATH over Direct Connect even twice to reach a minimum path length of 3. AS PATH field for a route learned over public VIF could be "7224 7224 16509".
- Why is AWS Direct Connect advertising prefixes with a minimum path length of 3?
- [Is it correct that we try to make the route look worse compared to other routes for the same network?] 2
- Newest
- Most votes
- Most comments
Yes, as the Forum post says -
A Customer could, and has, learn AWS Public routes over their DX peering and then readvertise those routes to other ASs (eg. ISPs). If those ASs via their ISP has a long enough AS Path to AWS, they could select those DX learned routes as their best path and would use the DX customer as transit.
To be clear, "worse" in this context simply means that if our routes are leaked by a customer to the Internet, from a BGP perspective they have a longer path and therefore should be less preferable than the paths we advertise directly to our peering and transit providers.
If this doesn't work for some reason with our customers - for example, they run eBGP internally and need to export the prefixes between those different internal ASN's, there are configurations they should be able to apply on their side to modify the communities and strip NO_EXPORT for example.
Relevant content
- asked a year ago
- asked 8 months ago
AWS OFFICIALUpdated 5 months ago- AWS OFFICIALUpdated 7 months ago
