Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso

Migrate VPN to Direct Connect+Transit Gateway

0

A customer currently has a VPN connected to a VPC with a VPG using static routing. They would like to switch to have a Direct Connect connected to a Transit Gateway which is connected to the VPC.

They are wanting to know how to do this migration with limited downtime. I've tried to find any guides around doing this type of migration, but haven't been able to find anything. I'm assuming that this is a little trickier due to them using static routing on the existing VPN connection, but not sure how or if that would change anything.

Any guidance on this process would be helpful.

Thanks!

1 Resposta
1
Resposta aceita

TGW side

Step 1 - Create DXG and associate TVIF to DXG

Step 2 - Create DXG attachment with TGW - Add prefixes that you would like to announce (AWS will announce these prefixes to on-prem) and create VPC attachment with TGW

Step 3 - Establish BGP session and start announcing (On-prem) prefixes via TVIF

Step 4 - Enable propagation within TGW Route Table

If you are not doing any manipulation at TGW route table - Your setup is complete at this point {I believe your customer is at this stage}

VPC Side

  • Keep VGW VPN as is. Have route propagation enable on VPC route tables.
  • When you are ready to failover - Add static route (on-prem prefixes) pointing to TGW.
  • If traffic flow works, all good. You can delete VGW VPN. If it doesn't, remove the static route and traffic will start to flow over VGW VPN again.
AWS
respondido há 5 anos
profile picture
ESPECIALISTA
avaliado há 6 meses
profile picture
ESPECIALISTA
avaliado há 7 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas