Route Selection in Transit Gateway

Question

If we've got a Transit Gateway configured and we have multiple VPN connections into the TGW (from multiple routers).  I'd like to know how the TGW will select the return route for packets.  
  
For example if we have two VPN connections (two CGWs) into the TGW and a packet arrives from RTR1, how does the TGW select the route to send the packets back down to the on-prem network?  
  
We are using BGP.  We have two route tables in play.  One of the route tables has the VPC associated to it and the on-prem network in the "propagations" tab.  Our 2nd route table has the VPN connections associated to it and the VPC attachment is in the propagations.  The on-prem subnet is being advertised from both on-prem routers.  
  
We are not using ECMP at this point.

Accepted Answer

Hi there,  
  
Since you're using BGP routing based VPN, please have different Local Preference and different AS PATH Pre-pending for each of the BGP neighbor.  
Local Preference helps on premise Customer Gateway to choose the tunnel to exit from the local network while exporting routes with AS PATH pre-pending makes a particular path 'less preferred'/'secondary' for the peer(s) receiving the route.  
  
eg)   AS Number on CGW: 65270  
  
VPN-ABC  
Tunnel 1 - Local Preference: 500 | AS PATH : 65270  
Tunnel 2 - Local Preference: 400 | AS PATH : 65270 65270  
  
VPN-XYZ  
Tunnel 3 - Local Preference: 300 | AS PATH : 65270 65270 65270  
Tunnel 4 - Local Preference: 200 | AS PATH : 65270 65270 65270 65270  
  
The above configuration would make Customer Gateway and AWS VPN to choose the routing tunnel in the following manner based on tunnel availability:  
Tunnel 1 > Tunnel 2 > Tunnel 3 > Tunnel 4  
  
I hope you find this information useful.

Route Selection in Transit Gateway

Relevant content