Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen

Migrate VPN to Direct Connect+Transit Gateway

0

A customer currently has a VPN connected to a VPC with a VPG using static routing. They would like to switch to have a Direct Connect connected to a Transit Gateway which is connected to the VPC.

They are wanting to know how to do this migration with limited downtime. I've tried to find any guides around doing this type of migration, but haven't been able to find anything. I'm assuming that this is a little trickier due to them using static routing on the existing VPN connection, but not sure how or if that would change anything.

Any guidance on this process would be helpful.

Thanks!

1 Antwort
1
Akzeptierte Antwort

TGW side

Step 1 - Create DXG and associate TVIF to DXG

Step 2 - Create DXG attachment with TGW - Add prefixes that you would like to announce (AWS will announce these prefixes to on-prem) and create VPC attachment with TGW

Step 3 - Establish BGP session and start announcing (On-prem) prefixes via TVIF

Step 4 - Enable propagation within TGW Route Table

If you are not doing any manipulation at TGW route table - Your setup is complete at this point {I believe your customer is at this stage}

VPC Side

  • Keep VGW VPN as is. Have route propagation enable on VPC route tables.
  • When you are ready to failover - Add static route (on-prem prefixes) pointing to TGW.
  • If traffic flow works, all good. You can delete VGW VPN. If it doesn't, remove the static route and traffic will start to flow over VGW VPN again.
AWS
beantwortet vor 5 Jahren
profile picture
EXPERTE
überprüft vor 6 Monaten
profile picture
EXPERTE
überprüft vor 7 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen