Can a TGW route with same destination CIDR block have more than one TGW Attachment?

The API schema to retrieve TGW Routes for a particular route table returns list of destination CIDR blocks each having a list of TGW Attachments - mentioning resource type and ID. Here's the reference - https://docs.aws.amazon.com/cli/latest/reference/ec2/search-transit-gateway-routes.html

It'd be helpful if one can share a sample topology where multiple attachments come under same destination CIDR block? How does routing happen in this case as the next hop type can be different for the same IP to be routed?

Aniket
10 months ago
Also, if you try creating a route with same destination CIDR, it throws an error: "Route <CIDR> already exists in Transit Gateway Route Table <table-ID>"
Toni_S EXPERT
10 months ago
You are referring to V1 documentation of the CLI, are using V1 of the CLI or V2 which is the latest? It has up to date documentation located at: https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/search-transit-gateway-routes.html

Topics

Networking & Content Delivery

Tags

Amazon VPC Networking & Content Delivery AWS Transit Gateway AWS Transit Gateway Network Manager

Language

English

Aniket

asked 10 months ago355 views

2 Answers

Newest
Most votes
Most comments

TransitGatewayAttachments list in CLI response can have multiple attachments if you have multiple VPN connections with with BGP and ECMP is enabled. Then it would list all of the VPN connection attachments there.

jose

answered 10 months ago

EXPERT

Toni_S

reviewed 10 months ago

Toni_S EXPERT

10 months ago

Here's an example what an entry would look like the scenario mentioned above.

    "Routes": [
        {
            "DestinationCidrBlock": "10.0.0.0/24",
            "TransitGatewayRouteTableAnnouncementId": "",
            "TransitGatewayAttachments": [
                {
                    "ResourceId": "vpn-XXXXXXXXXX(xx.xx.xx.xx)",
                    "TransitGatewayAttachmentId": "tgw-attach-XXXXXXXXXX",
                    "ResourceType": "vpn"
                },
                {
                    "ResourceId": "vpn-YYYYYYYYYY(yy.yy.yy.yy)",
                    "TransitGatewayAttachmentId": "tgw-attach-YYYYYYYYYY",
                    "ResourceType": "vpn"
                }
            ],
            "Type": "propagated",
            "State": "active"
        }

I can't see a case where multiple attachments come under same destination CIDR block. I think it's a List to neatly handle the fact that there isn't always one attachment - there can zero or one. A Blackhole route will have zero attachments.

EXPERT

skinsman

answered 10 months ago

Relevant content

can we do the same static routes for the same CIDR in 2 different routing table in the same transit gateway ?
Charbel
asked 6 months ago
TGW route table configuration with DXGW attachment queries
Accepted Answer
Ali Md
asked 7 months ago
TGW Route Table entries
Accepted Answer
grey
asked 3 years ago
Can I create static route for the same CIDR in a single transit gateway route table, having **Resource type** one as peering and the other as VPC?
Tosipitan
asked 2 months ago
How can I resolve asymmetric routing issues when I create a VPN as a backup to a Direct Connect connection in a transit gateway?
AWS OFFICIALUpdated 6 months ago
How do I route traffic between VPCs through an on-premises firewall that uses a Direct Connect transit VIF?
AWS OFFICIALUpdated 5 months ago
How do I access FSx for ONTAP using a transit gateway across different VPCs in the same Region?
AWS OFFICIALUpdated 10 months ago
How do I modify the IPv4 CIDR block of my Amazon VPC?
AWS OFFICIALUpdated 2 years ago
Using lifecycle_scope with vTGW/TGW peering in VMware Cloud on AWS
EXPERT
Patrick Kremer
published 3 months ago
How can we map entire AWS VPC CIDR to a single IP address using Private NAT Gateway via AWS Site to Site VPN connection.
EXPERT
Narinder Singh Kharbanda
published 9 months ago