By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

aws to onprem routes

0

Dear Team - we have two AWS region. One is Us-west-1 (DR) and other is us-east-2(Primary). As our most of the users connecting from us central and east, we have selected two direct connect locations as Cologix MIN3, Minneapolis, MN and Equinix CH2, Chicago, IL. Both associated with our primary region. From each POP, we have 2x1GB dedicated direct connection terminating to direct connect gateway. This direct connect gateway attach with each TGW from both the regions. From both the on-prem location, we are advertising 10.0.0.0/8 on all four direct connect links. We have not configured any BGP matric. All are default.

Question 1 is, if we ping on-prem IP from primary region us-east-2 VPC, how the traffic would flow ? will it be ECMP across all four connection ? or does it choose nearest POP location from us-east-2 region and select only two direct connect POP location as Equinix CH2, Chicago, IL ?

Question 2 is, if we ping on-prem IP from DR region us-west-1 VPC, how the traffic would flow ? will it be ECMP across all four connection ?

Topics
Networking & Content Delivery
Tags
AWS Direct ConnectNetworking & Content DeliveryAWS Transit Gateway
Language
English
JD
asked 2 months ago87 views
3 Answers
1

hi,

For Q1: Traffic from us-east-2 (Primary Region): Traffic will prefer to use the Chicago connections as Chicago is closer to us-east-2, and the traffic will be split equally between the two 1GB connections in Chicago.

For Q2: Traffic from us-west-1 (DR Region): Traffic will be split equally across all four connections (both Chicago and Minneapolis), since neither location is close to us-west-1, so AWS treats all connections equally.

Reference: https://docs.aws.amazon.com/directconnect/latest/UserGuide/routing-and-bgp.html

Let me know if this helps.

profile pictureAWS
Eloy Pascal
answered a month ago
0
Accepted Answer

Question 1: AWS follows ECMP routing by default when multiple DX links exist with equal BGP attributes and it also prefers the closest DX POP for outbound traffic. So, ping request will be distributed across the 2 DX links in Equinix CH2.

Question 2: DX gateway does not have region affinity and so any region can be used. So, the outbound traffic can go over any of the 4 DX links.

https://docs.aws.amazon.com/directconnect/latest/UserGuide/routing-and-bgp.html#private-routing-policies

SHAJAM
answered 2 months ago
0

To address your questions about AWS to on-premises routing in your specific setup:

Question 1: When pinging an on-premises IP from the primary region (us-east-2) VPC, the traffic flow will likely favor the geographically closer Direct Connect location. In this case, it would prefer the Equinix CH2, Chicago, IL connections over the Cologix MIN3, Minneapolis, MN connections. However, it's important to note that the exact behavior can depend on various factors such as network conditions and specific configurations.

The traffic will not typically use ECMP (Equal-Cost Multi-Path) across all four connections by default. Instead, it will likely use the two 1Gbps connections at the Equinix CH2 location in an active/active configuration. This means traffic could be load-balanced between these two connections, but not across all four.

Question 2: For traffic originating from the DR region (us-west-1) VPC to an on-premises IP, the behavior is a bit different. Since both Direct Connect locations are associated with your primary region and are geographically distant from us-west-1, the traffic will likely be treated more equally. In this scenario, you might see something closer to ECMP behavior across all four connections.

However, it's crucial to understand that the exact routing behavior can be influenced by factors such as BGP path selection, network latency, and any custom configurations you might have in place. Without specific BGP metrics configured, AWS will use its default BGP decision process, which considers factors like AS path length and router ID.

To get a precise understanding of your traffic flow, it would be beneficial to monitor your connections using AWS Direct Connect monitoring tools or perform detailed network tests. If you need more control over the routing, you might consider implementing BGP communities or adjusting BGP metrics to influence the path selection according to your specific requirements.
Sources
direct connect extend to cloudwan | AWS re:Post
Direct connect related | AWS re:Post

profile picture
re:Post Agent
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content