Inter-region BGP route failover

0

I have one Global DXGW. One VIF each in us-east-1, us-east-2, eu-west-1, ap-northeast-1 and eu-central-1. I also have VPC's in each of the regions. I want to engineer the BGP routes in such a way that if us-east-1 is not available, all routes will use us-east-2. if eu-west-1 is not available, all routes will use eu-central-1 is it possible to achieve this failover scenario with one global direct connect gateway us-east-1 = primary us-east-2 = secondary

eu-west-1 = primary eu-central-1 = secondary

ap-northeast-1 = primary us-east-2 = secondary.

Sonet
asked 2 years ago304 views
1 Answer
0

I think from your question that you have physical Direct Connect circuits in us-east-1 and us-east-2; and another pair in eu-west-1 and eu-central-1. If that's correct:

Short answer: Yes, you can absolutely do this. There might be a catch though.

For each pair of Direct Connect circuits, you advertise the same prefixes on both; on the secondary link you use AS-Path prepending to make it a longer path and therefore less attractive; but should the primary link fail then the secondary will be active as it is the only path available.

The catch: It's not clear from the question how your on premises network is structured.

Here I'm assuming you have a specific set of networks in your North America locations; and another set of networks in your European locations.

If you only need the AWS North America regions to reach the North America locations and the same for Europe then you're good to go - no issues.

If you have a global WAN and you want to use (say) the European connections as a backup should the two Direct Connect services in North America fail then you can do this: But you must ensure that you only select a single primary link for each on premises network. You don't want to advertise the North America networks to AWS with the same cost in Europe as you do in North America - by using a single Direct Connect Gateway it will be difficult to ensure that the North America links are preferred.

To put this another way: In North America you should advertise the on premises networks to AWS as above; one primary and one secondary. In Europe you should advertise the North America networks to AWS with even more AS-Path prepending so that the North America links are preferred. The reverse is true for the European links.

Again, I'm assuming quite a lot here about your network outside of AWS.

profile pictureAWS
EXPERT
answered 2 years ago
  • There is only one global DXGW. All the VIFs from the 4 regions are connected to the same DXGW. Same prefix is advertised from all the 4 regions. There is one data center in all the regions and one VPC in each region in AWS. There is no primary or secondary. One VIF per region. So, if us-east-1 fails, us-east-2 will become available. in North America. us-east-1 will be primary. us-east-2 secondary. In EU, eu-west-1 is primary, if it fails, eu-central-1 will become available. So I don't think this failover request can be done with one global DXGW. once you modify the route in this one global DXGW. it will affect all the routes both in the America's and Europe.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions