Route Propagation to VPC Route Tables via Transit Gateway/DX Gateway

0

I am currently working on configuring Direct Connect (DX) connections to a Transit Gateway (TGW) using DX Gateways. I have a couple of technical questions regarding route propagation and routing behavior.

  1. After establishing DX connections to the Transit Gateway via DX Gateway, do I need to manually add individual routes in the VPC routing table for my on-premises CIDR (IP address range) via the Transit Gateway?

  2. Can I assume that the TGW attachment of subnets will automatically handle the routing of traffic from my on-premises data center to the AWS environment through the Direct Connect connections?

Any insights or clarifications would be greatly appreciated. Thank you in advance for your assistance!

Ali Md
asked 10 months ago702 views
2 Answers
1
Accepted Answer

Q. After establishing DX connections to the Transit Gateway via DX Gateway, do I need to manually add individual routes in the VPC routing table for my on-premises CIDR (IP address range) via the Transit Gateway?

Unlike VGW, you can not propagate the TGW routes into VPC route tables so you need to manually add static routes for on-premises prefixes in VPC subnet route tables pointing towards TGW

Q. Can I assume that the TGW attachment of subnets will automatically handle the routing of traffic from my on-premises data center to the AWS environment through the Direct Connect connections?

See the below statement from the documentation, you can simply propagate the Direct Connect Gateway attachment into a TGW route table and all the routes learned via DX (BGP) will be installed in the TGW route table in which you propagate the DXGW attachment:

When dynamic routing is used with a VPN attachment or a Direct Connect gateway attachment, you can propagate the routes learned from the on-premises router through BGP to any of the transit gateway route tables.

profile pictureAWS
EXPERT
answered 10 months ago
profile picture
EXPERT
reviewed 18 days ago
profile picture
EXPERT
reviewed 10 months ago
profile picture
EXPERT
reviewed 10 months ago
  • Thanks Tushar

0
  1. You would have to manually add a route in your subnet route table (VPC side) to route on-prem traffic to the transit gateway.
  2. Yes, assuming that you have advertised on-prem prefixes to AWS via Direct Connect (Transit VIF).

In addition to that, you would have to advertise AWS prefixes to on-prem and that can be done via the allowed prefixes tab in DXGW, refer to below for more info.

https://docs.aws.amazon.com/directconnect/latest/UserGuide/allowed-to-prefixes.html#allowed-to-prefixes-transit-gateway

profile pictureAWS
Matt_E
answered 10 months ago
profile picture
EXPERT
reviewed 10 months ago
profile picture
EXPERT
reviewed 10 months ago
  • Thank you Matt

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions