Background: Small company, ~150 users, two locations. We've got a few servers in a AWS VPC that our users access via IPSec tunnels from our edge firewalls. We have two locations that are also connected with IPSec tunnels (Palo Alto firewalls).
We're looking at getting Direct Connections from Comcast (what they're terming an Ethernet Private Line) into our AWS VPC at a specific datacenter in the NorCal region. It'll look something like this. I know when setting up VPCs in different regions and peering them to each other, you can't do transitive routing through one VPC to another as Amazon describes here.
But. Can we move transitive data from our Seattle office to our California office through our VPC, using the EPLs that are going into our VPC? Can I, for example, set up an OSPF neighbor relationship between our two locations using the VPC? We'd still keep IPSec tunnels directly between our locations as a backup, but I'd adjust the metrics to always use the VPC connection if it's up.
Am I talking nonsense here?
No comments:
Post a Comment