- Newest
- Most votes
- Most comments
Hi
The route table of the Virtual Private Gateway is what you have configured in your VPC route table, there is no separate table although the VGW does have logic.
From your description it looks like you could have a static. or more specific route advertised from the VPN, that takes priority over the routes from the Direct Connect.
For Example, If Direct Connect is advertising 10.0.0.0/8 and VPN is advertising 10.0.0.0/16, addresses in the 10.0.0.0/16 will go down the VPN.
If there are not more specific routes from the VPN it could be that both the Direct Connect and the VPN are advertising the same routes via BGP. In these cases the new BGP session generally take priority. What you would need to do is implement AS_PATH to provide preference information to AWS.
For Example, set Direct Connect AS_PATH 65001 (your ASN) and VPN AS_PATH as 65001,65001 this way Direct Connect will take preference in BGP because of the shorter path.
Take a look at vpn-route-priority which explains the route preferences in more detail.
Also look at DX Routing as it shows AS_PATH and also BGP local preference tags which could also help.
Relevant content
- Accepted Answerasked 8 months ago
- Accepted Answerasked a year ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
