Scenario:
We wanted to configure AWS Direct Connect, a dedicated network from our premises to AWS. It's a private network from AWS to your datacenter. We wanted to configure 10G connection from our data datacenter to AWS. Read here^ more about direct connect.
following diagram shows high level connectivity from the premise to AWS.
If you are planning you buy a switch/router at your side(4), please go though the requirement before purchase. To test the connection, We decided to configure Ubuntu server as a router instead of buying router/switch first.
So let's look at the perquisite:
AWS virtual interface:
Before configuration, BGP state would be down. We need to configure BGP (Border Gateway Protocol) is protocol that manages how packets are routed across the network. for that, we will be using BIRD on ubunu.
Installation
BIRD is an open source implementation for routing Internet Protocol packets on Unix-like operating systems.
#apt-get install bird
If you'll be using this server as a gateway/proxy and performing NAT to other internal devices, you need to allow IPv4 forwarding
#sysctl net.ipv4.ip_forward=1
Now, Let's edit bird config file.
Take a backup of of you file first,
root@ubuntu:/home/ubuntu# cat /etc/bird/bird.conf
# This is a minimal configuration file, which allows the bird daemon to start
# but will not cause anything else to happen.
#
# Please refer to the documentation in the bird-doc package or BIRD User's
# Guide on http://bird.network.cz/ for more information on configuring BIRD and
# adding routing protocols.
# Change this into your BIRD router ID. It's a world-wide unique identification
# of your router, usually one of router's IPv4 addresses.
#router id 198.51.100.1;
# The Kernel protocol is not a real routing protocol. Instead of communicating
# with other routers in the network, it performs synchronization of BIRD's
# routing tables with the OS kernel.
router id x.x.x.x; #This is your side router IP
#debug protocols all;
protocol direct {
interface "vlan112"; #vlan interface you configured earlier,
}
protocol kernel {
persist;
scan time 20;
export all;
}
protocol device {
scan time 100;
}
protocol bgp {
description "AWS BGPlink";
local as 65001;
neighbor x.x.x.x as xxxx; #AWS side router IP
password "0x8dXXXXXXXXX"; #password
export all;
bfd off;
}
protocol bfd {
interface "vlan112" {
min rx interval 5000 ms;
min tx interval 5000 ms;
idle tx interval 5000 ms;
};
multihop {
interval 200 ms;
multiplier 10;
};
neighbor x.x.x.x;
}
root@ubuntu:/home/ubuntu#
Restart the daemon
#service bird restart
Check is BGP state is up or not,
#birdc
bird>
bird> show protocols all bgp1
name proto table state since info
bgp1 BGP master up 00:05:58 Established
Description: AWS BGPlink
Preference: 100
Input filter: ACCEPT
Output filter: ACCEPT
Routes: 2627 imported, 1 exported, 2627 preferred
Route change stats: received rejected filtered ignored accepted
Import updates: 3509 0 0 0 3509
Import withdraws: 880 0 --- 0 880
Export updates: 3510 3509 0 --- 1
Export withdraws: 880 --- --- --- 0
BGP state: Established
Neighbor address: x.x.x.x
Neighbor AS: xxxx
Neighbor ID: x.x.x.x
Neighbor caps: refresh restart-aware AS4
Session: external AS4
Source address: x.x.x.x
Hold timer: 89/90
Keepalive timer: 16/30
root@ubuntu:/home/ubuntu#
You can cross check BGP status on AWS side too,
We wanted to configure AWS Direct Connect, a dedicated network from our premises to AWS. It's a private network from AWS to your datacenter. We wanted to configure 10G connection from our data datacenter to AWS. Read here^ more about direct connect.
following diagram shows high level connectivity from the premise to AWS.
If you are planning you buy a switch/router at your side(4), please go though the requirement before purchase. To test the connection, We decided to configure Ubuntu server as a router instead of buying router/switch first.
So let's look at the perquisite:
- vlan should be configured on Ubuntu, which should be same as configured at AWS side. You can find it under DirectConnect->Virtual Interface->click on interface.
- Make sure you are able to ping AWS router IP after configuring vlan.
- You should find you router configuration on the AWS console.
- And a server with 10G NIC installed.
AWS virtual interface:
Before configuration, BGP state would be down. We need to configure BGP (Border Gateway Protocol) is protocol that manages how packets are routed across the network. for that, we will be using BIRD on ubunu.
Installation
BIRD is an open source implementation for routing Internet Protocol packets on Unix-like operating systems.
#apt-get install bird
If you'll be using this server as a gateway/proxy and performing NAT to other internal devices, you need to allow IPv4 forwarding
#sysctl net.ipv4.ip_forward=1
Now, Let's edit bird config file.
Take a backup of of you file first,
#cp /etc/bird/bird.conf /etc/bird/bird.conf.ori
root@ubuntu:/home/ubuntu# cat /etc/bird/bird.conf
# This is a minimal configuration file, which allows the bird daemon to start
# but will not cause anything else to happen.
#
# Please refer to the documentation in the bird-doc package or BIRD User's
# Guide on http://bird.network.cz/ for more information on configuring BIRD and
# adding routing protocols.
# Change this into your BIRD router ID. It's a world-wide unique identification
# of your router, usually one of router's IPv4 addresses.
#router id 198.51.100.1;
# The Kernel protocol is not a real routing protocol. Instead of communicating
# with other routers in the network, it performs synchronization of BIRD's
# routing tables with the OS kernel.
router id x.x.x.x; #This is your side router IP
#debug protocols all;
protocol direct {
interface "vlan112"; #vlan interface you configured earlier,
}
protocol kernel {
persist;
scan time 20;
export all;
}
protocol device {
scan time 100;
}
protocol bgp {
description "AWS BGPlink";
local as 65001;
neighbor x.x.x.x as xxxx; #AWS side router IP
password "0x8dXXXXXXXXX"; #password
export all;
bfd off;
}
protocol bfd {
interface "vlan112" {
min rx interval 5000 ms;
min tx interval 5000 ms;
idle tx interval 5000 ms;
};
multihop {
interval 200 ms;
multiplier 10;
};
neighbor x.x.x.x;
}
root@ubuntu:/home/ubuntu#
Restart the daemon
#service bird restart
Check is BGP state is up or not,
#birdc
bird>
bird> show protocols all bgp1
name proto table state since info
bgp1 BGP master up 00:05:58 Established
Description: AWS BGPlink
Preference: 100
Input filter: ACCEPT
Output filter: ACCEPT
Routes: 2627 imported, 1 exported, 2627 preferred
Route change stats: received rejected filtered ignored accepted
Import updates: 3509 0 0 0 3509
Import withdraws: 880 0 --- 0 880
Export updates: 3510 3509 0 --- 1
Export withdraws: 880 --- --- --- 0
BGP state: Established
Neighbor address: x.x.x.x
Neighbor AS: xxxx
Neighbor ID: x.x.x.x
Neighbor caps: refresh restart-aware AS4
Session: external AS4
Source address: x.x.x.x
Hold timer: 89/90
Keepalive timer: 16/30
root@ubuntu:/home/ubuntu#
You can cross check BGP status on AWS side too,
No comments:
Post a Comment