Anyone have any experience configuring and connecting to AWS Direct Connect? I have a cisco ASR 1001-X that I am trying to get communicating with the AWS device. The connection comes up, but we are not seeing MAC addresses on either side.
! Amazon Web Services !=======================================IPV4======================================= ! Direct Connect ! Virtual Interface ID: ! ! -------------------------------------------------------------------------------- ! Interface Configuration
! interface port-channel 1 (In case of a LAG connection)
interface GigabitEthernet0/1 ! channel-group 1 mode passive (In case of a LAG connection) no ip address
interface GigabitEthernet0/1.100 ! interface port-channel 1.100 (In case of a LAG connection) description "Direct Connect to your Amazon VPC or AWS Cloud" encapsulation dot1Q 100 ip address XX.XX.XX.XX 255.255.255.252
! Note: Please ensure to remove any individual member port configurations before the EtherChannel is configured.
! -------------------------------------------------------------------------------- ! Border Gateway Protocol (BGP) Configuration ! ! BGP is used to exchange prefixes between the Direct Connect Router and your ! Customer Gateway. ! ! If this is a Private Virtual Interface, your Customer Gateway may announce a default route (0.0.0.0/0), ! which can be done with the 'network' and 'default-originate' statements. To advertise other/additional prefixes, ! copy the 'network' statement and identify the prefix you wish to advertise. Make sure the prefix is present in the routing ! table of the device with a valid next-hop. ! ! For Public Virtual Interface, you must advertise public IP prefixes that you own.
! ! The local BGP Autonomous System Number (ASN) (XXXXX) is configured as ! part of your Customer Gateway. If the ASN must be changed, the Customer Gateway ! and Direct Connect Virtual Interface will need to be recreated with AWS.
router bgp XXXXX address-family ipv4 neighbor XX.XX.XX.XX remote-as 7224 neighbor XX.XX.XX.XX password network " " ! --> Prefixes you want to advertise over this Virtual Interface exit
! -------------------------------------------------------------------------------- ! Bidirectional Forwarding Detection (BFD) Configuration (Optional) ! ! Bidirectional Forwarding Detection (BFD) ensures fast forwarding-path failure detection times for BGP. ! Also provides fast failover to redundant connections. ! An example is provided below: ! ! interface GigabitEthernet0/1.100 ! bfd interval 300 min_rx 300 multiplier 3 ! router bgp XXXXX ! neighbor XX.XX.XX.XX fall-over bfd
! -------------------------------------------------------------------------------- ! NAT Configuration for Public Virtual Interfaces (Optional) ! ! If you don't have your own public ASN and prefix, you can request AWS to assign a /31 or /30 public prefix to you for BGP peering. ! In such case, you need to NAT all egress traffic through this virtual interface with the public VIF IP address on your side. ! ! ip access-list standard NAT-ACL ! permit any ! exit ! ! ip nat inside source list NAT-ACL interface GigabitEthernet0/1.100 overload ! ! interface GigabitEthernet0/1.100 ! ip nat outside ! exit ! ! interface interface-towards-customer-local-network ! ip nat inside ! exit
! -------------------------------------------------------------------------------- ! Community Based Tagging/Filtering Configuration for Public Virtual Interfaces (Optional) ! ! You can use community tags on the prefixes you advertise to AWS to specify how far these prefixes will be propagated into Amazon network. ! You can also build filters based on the community tags on Amazon routes being received. ! ! To advertise to AWS Prefixes from AWS ! LOCAL-AWS-REGION 7224:9100 7224:8100 ! LOCAL-CONTINENT 7224:9200 7224:8200 ! GLOBAL 7224:9300 No tag ! ! Please add the appropriate community tag when advertising prefixes to Amazon using the following example: ! ! ip bgp-community new-format ! ip prefix-list TAG-TO-AWS permit 0.0.0.0/0 le 32 ! route-map TO-AWS permit 10 ! match ip address prefix-list TAG-TO-AWS ! set community 7224:9100 ! router bgp XXXXXX ! address-family ipv4 ! neighbor XX.XX.XX.XX send-community ! neighbor XX.XX.XX.XX route-map TO-AWS out ! ! Please use the appropriate community tag to filter (Permit or Deny) prefixes from Amazon using the following example: ! ! ip bgp-community new-format ! ip community-list standard COMM-FROM-AWS permit 7224:8100 ! route-map FROM-AWS permit 10 ! match community COMM-FROM-AWS ! router bgp XXXXXXX ! address-family ipv4 ! neighbor XX.XX.XX.XX route-map FROM-AWS in
! Additional Notes and Questions ! - Amazon Web Services Direct Connect Getting Started Guide:
! http://docs.amazonwebservices.com/DirectConnect/latest/GettingStartedGuide/Welcome.html
No comments:
Post a Comment