1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
1
Hello.
Please use the traceroute command to check the route to the S3 endpoint.
https://repost.aws/knowledge-center/direct-connect-connectivity-issues
3. Perform a traceroute from on-premises to AWS to check if the traffic is being forwarded over the Direct Connect public VIF.
- If traffic is being forwarded over the public VIF, then the traceroute should have the local (on-premises) and remote(AWS) peer IPs associated.
- If you need to check the network path used within AWS, then launch a public Amazon Elastic Compute Cloud (Amazon EC2) instance. The instance must have the same Region as your AWS service. After launching the instance, perform a traceroute to on-premises. If the traceroute indicates traffic is being forwarded over the internet or through a different VIF, then there could be a specific route being advertised.
관련 콘텐츠
- AWS 공식업데이트됨 일 년 전
i did use traceroute. it is completed for London S3 but not completed for us-east S3. However, upload completes for both the buckets. both uses amazon side public VIF in first hop
I'm not sure what settings you have on your on-premises router etc., but is it possible that S3 in the Virginia region is also configured to connect via DirectConnect?
i am using sample config provided on aws public vif page for cisco router.... ip bgp-community new-format ip community-list standard FROM-AWS permit 7224:8100 route-map FROM-AWS permit 100 match community FROM-AWS router bgp XXXXX address-family ipv4 neighbor X.X.X.X route-map FROM-AWS in
Can you check the routing table with something like "show ip route"? Check the route in BGP in the routing table. It may be possible that your BGP route includes a Virginia region prefix.
it does include Virginia region S3 prefix. dont know why. because as per above config, it should only advertized london region. However Tracer route does not complete for virginia region S3 prefix but upload is getting successful through aws s3 cp command