Skip to main content
AWS Configuration - Part 2
D
Written by DE-CIX Consulting Team
Updated over a week ago

After reviewing the previous article, we are ready to deploy the solution in the AWS Portal. For this example, we will deploy a DX Gateway with a Private VIF and a VPG.

Pre-requisites

  • Accept the DX Hosted Connection

  • Create a Direct Connect Gateway (DX Gateway)

  • Create a Virtual Private Gateway (VGW) and associate it with the desired VPC

    • The VGW is not a global service; please make sure when creating it that you do it so in the same region as your resources.

    • You can associate up to 10 VGW

  • Think about a /30 IP range network for establishing BGP toward AWS

Now that all the pre-requisites are in place, let’s create a Private VIF and interconnect everything.

Create a Private VIF

Steps for creating a Private VIF

  • Go to the Direct Connect Service, and click on Create virtual interface.

  • Select Private VIF

  • Add the name you consider to this Virtual interface

  • In connection, select the DX Connection you have previously ordered and accepted

  • Select the created Direct Connect Gateway in the pre-requisites

  • Skip the VLAN field; AWS will take care of it

  • BGP ASN from your router

IMPORTANT

  • Click on Additional settings and complete the following information

  • Fill in with the BGP IPs from the pre-requisites

    • The first IP should be yours

    • The second IP is for AWS

  • Add a secret Password.

  • Enable Jumbo MTU size.

  • Click on create virtual interface.

Note:

If you want resiliency, you should repeat this step, creating another Private VIF with a new DX Hosted Connection, and attaching it to the same DX Gateway:

<a href="https://de-cix.intercom-attachments-1.com/i/o/710450567/8c4e5b8c2ce8e441f2ca514c/image8.png?expires=1728810000&amp;signature=7aff813183202da41f4c0b2110ebf92a50128fa3dd6e5942ac23bf4b2a718c8d&amp;req=cyEnEsx%2BmIdYFb4X1HO4gbQu4tewvmgiVqq5QwEF3psstNmlf6cbR3fHiMZa%0A" target="_blank" rel="nofollow noopener noreferrer">https://de-cix.intercom-attachments-1.com/i/o/710450567/8c4e5b8c2ce8e441f2ca514c/image8.png</a>

Check the VIF and establish BGP

Now AWS will create the VIF; it can take up to 10 minutes to be ready

We can download the configuration file by clicking on Actions, Download Sample Configuration.

Important:

You’ll need to edit the VLAN ID from the sample configuration and put the VLAN ID you would like to use towards DE-CIX; we’ll handle the rest.

If you use a different VLAN from the DE-CIX one, this setup will not work.

After applying the configuration with the corrected VLAN, the BGP came up.
There is one last step to complete:

Edit the routing table in the VPC to allow connection via DirectConnect

To allow the traffic from the cloud to our on-premises, we need to edit the subnet route table we want to interconnect and add the routes to our network.

Important:

The networks can’t overlap, so if you are using the same IP Space as the VPC, it will not work. Also, don’t forget to configure on the on-premises side to redirect the traffic to the Direct Connect path.

If everything is up and the routes have been added, you should be able to ping between your on-premise and the cloud.

Did this answer your question?