Nobus Fast Transit interfaces
You must create one of the following interfaces to begin using your Nobus Direct
Connect
connection.
-
Private virtual interface: A private virtual interface should be used to access an
Nobus Data center using private IP addresses.
-
Public virtual interface: A public virtual interface can access all Nobus public
services using public IP addresses.
-
Transit virtual interface: A transit virtual interface should be used to access one
or more Nobus Data center Transit Gateways associated with Fast Transit gateways.
To connect to other Nobus services using IPv6 addresses, check the service documentation
to
verify that IPv6 addressing is supported.
Public virtual interface prefix advertisement rules
We advertise appropriate Nobus prefixes to you so that you can reach either your
Data centers or
other Nobus services. You can access all Nobus prefixes through this connection; for
example,
Nobus FCS, Nobus FOS, and Nobus.com. You do not have access to non-Nobus prefixes.
For a current list of prefixes advertised by Nobus, see
We recommend that you use a firewall filter (based on the source/destination address
of packets) to control traffic to and from some prefixes. If you're using a prefix
filter (route map), ensure that it accepts prefixes with an exact match or longer.
Prefixes advertised from Nobus Fast Transit may be aggregated and may differ from
the prefixes defined in your prefix filter.
Hosted interfaces
To use your Nobus Fast Transit connection with another Nobus account, you can create
a hosted virtual
interface for that account. The owner of the other account must accept the hosted
virtual
interface to begin using it. A hosted virtual interface works the same as a standard
virtual
interface and can connect to public resources or a Data center.
A connection of less than 1 Gbps supports only one virtual interface.
To create a virtual interface, you need the following information:
Resource |
Required information |
Connection |
The Nobus Fast Transit connection or link aggregation group
(LAG) for which you are creating the virtual interface.
|
Virtual interface name |
A name for the virtual interface. |
Virtual interface owner |
If you're creating the virtual
interface for another account, you need the Nobus account ID of the other account.
|
(Private virtual interface only) Connection |
For
connecting to a Data center in the same Nobus place, you need the virtual private gateway for
your Data center. The ASN for the Nobus side of the BGP session is inherited from the
virtual private gateway. When you create a virtual private gateway, you can
specify your own private ASN. Otherwise, Nobus provides a default ASN.
For connecting to a Data center through a Fast Transit gateway, you need the Fast Transit
gateway. For more information, see Fast Transit Gateways tab.
|
VLAN |
A unique virtual local area network (VLAN) tag that's
not already in use on your connection. The value must be between 1 and 4094
and must comply with the Ethernet 802.1Q standard. This tag is required for any traffic traversing
the Nobus Fast Transit connection.
If you have a hosted connection, your Nobus Fast Transit Partner provides this value.
You can’t update the value once you create the virtual interface.
|
Peer IP addresses |
A virtual interface can support a BGP
peering session for IPv4, IPv6, or one of each (dual-stack). You cannot create
several BGP sessions for a single IP addressing family within the same virtual interface.
The IP address ranges are allocated to each end of the virtual interface for the BGP
peering session.
|
Address family |
Deciding if the BGP peering session will be over IPv4 or IPv6. |
BGP information |
-
A public or private Border Gateway Protocol (BGP) Autonomous System Number (ASN)
for your side of the BGP session. If you are using a public ASN, you must own it.
If you are using a private ASN, it must be in the 64512 to 65535 range. Autonomous
System (AS) prepending does not work if you use a private ASN for a public virtual
interface.
-
An MD5 BGP authentication key. You can add your own, or Nobus will generate
one for you.
|
(For Public virtual interface) Prefixes you want to advertise |
Public IPv4 routes or IPv6 routes to advertise over BGP. You must
advertise at least one prefix using BGP, up to a maximum of 1,000 prefixes.
-
IPv4: The IPv4 CIDR must not overlap with another public IPv4 CIDR announced using
Nobus Fast Transit.
If you do not own public IPv4 addresses, your network provider might be able
to provide you with a public IPv4 CIDR.
-
IPv6: Specify a prefix length of /72 or shorter.
|
(For Private virtual interface only) Jumbo frames |
The maximum transmission
unit (MTU) of packets over Nobus Fast Transit. The default is 1500. Setting
the MTU of a virtual interface
to 9001 (jumbo frames) can cause an update to the underlying physical connection
if it wasn't
updated to support jumbo frames. Updating the connection disrupts network
connectivity for all
interfaces associated with the connection for up to 30 seconds. Jumbo
frames apply only to propagated routes from Nobus Fast Transit. If you add static
routes to a route table that point to your virtual private gateway, then traffic routed
through the static routes is sent using 1500 MTU. To check whether a
connection or virtual interface supports jumbo frames, select it in the Nobus
Fast Transit console and find
Jumbo Frame Capable on the Summary tab.
|
(Transit virtual interface only) Jumbo frames |
The maximum transmission
unit (MTU) of packets over Nobus Fast Transit. The default is 1500. Setting
the MTU of a virtual interface
to 8500 (jumbo frames) can cause an update to the underlying physical connection
if it wasn't
updated to support jumbo frames. Updating the connection disrupts network
connectivity for all
interfaces associated with the connection for up to 30 seconds. Jumbo
frames apply only to propagated routes from Nobus Fast Transit. If you add static
routes to a route table that point to your virtual private gateway, then traffic routed
through the static routes is sent using 1500 MTU. To check whether a
connection or virtual interface supports jumbo frames, select it in the Nobus
Fast Transit console and find
Jumbo Frame Capable on the Summary tab.
|
Prerequisites for interfaces
Before you create a virtual interface, do the following:
To create a virtual interface, you need the following information:
Resource |
Required information |
Connection |
The Nobus Fast Transit connection or link aggregation group
(LAG) for which you are creating the virtual interface.
|
Virtual interface name |
A name for the virtual interface. |
Virtual interface owner |
If you're creating the virtual
interface for another account, you need the Nobus account ID of the other account.
|
(Private virtual interface only) Connection |
For
connecting to a Data center in the same Nobus place, you need the virtual private gateway for
your Data center. The ASN for the Nobus side of the BGP session is inherited from the
virtual private gateway. When you create a virtual private gateway, you can
specify your own private ASN. Otherwise, Nobus provides a default ASN.
For connecting to a Data center through a Fast Transit gateway, you need the Fast Transit
gateway. For more information, see Fast Transit Gateways tab.
|
VLAN |
A unique virtual local area network (VLAN) tag that's
not already in use on your connection. The value must be between 1 and 4094
and must comply with the Ethernet 802.1Q standard. This tag is required for any traffic traversing
the Nobus Fast Transit connection.
If you have a hosted connection, your Nobus Fast Transit Partner provides this value.
You can’t update the value once you create the virtual interface.
|
Peer IP addresses |
A virtual interface can support a BGP
peering session for IPv4, IPv6, or one of each (dual-stack). You cannot create
several BGP sessions for a single IP addressing family within the same virtual interface.
The IP address ranges are allocated to each end of the virtual interface for the BGP
peering session.
|
Address family |
Deciding if the BGP peering session will be over IPv4 or IPv6. |
BGP information |
-
A public or private Border Gateway Protocol (BGP) Autonomous System Number (ASN)
for your side of the BGP session. If you are using a public ASN, you must own it.
If you are using a private ASN, it must be in the 64512 to 65535 range. Autonomous
System (AS) prepending does not work if you use a private ASN for a public virtual
interface.
-
An MD5 BGP authentication key. You can add your own, or Nobus will generate
one for you.
|
(For Public virtual interface) Prefixes you want to advertise |
Public IPv4 routes or IPv6 routes to advertise over BGP. You must
advertise at least one prefix using BGP, up to a maximum of 1,000 prefixes.
-
IPv4: The IPv4 CIDR must not overlap with another public IPv4 CIDR announced using
Nobus Fast Transit.
If you do not own public IPv4 addresses, your network provider might be able
to provide you with a public IPv4 CIDR.
-
IPv6: Specify a prefix length of /72 or shorter.
|
(For Private virtual interface only) Jumbo frames |
The maximum transmission
unit (MTU) of packets over Nobus Fast Transit. The default is 1500. Setting
the MTU of a virtual interface
to 9001 (jumbo frames) can cause an update to the underlying physical connection
if it wasn't
updated to support jumbo frames. Updating the connection disrupts network
connectivity for all
interfaces associated with the connection for up to 30 seconds. Jumbo
frames apply only to propagated routes from Nobus Fast Transit. If you add static
routes to a route table that point to your virtual private gateway, then traffic routed
through the static routes is sent using 1500 MTU. To check whether a
connection or virtual interface supports jumbo frames, select it in the Nobus
Fast Transit console and find
Jumbo Frame Capable on the Summary tab.
|
(Transit virtual interface only) Jumbo frames |
The maximum transmission
unit (MTU) of packets over Nobus Fast Transit. The default is 1500. Setting
the MTU of a virtual interface
to 8500 (jumbo frames) can cause an update to the underlying physical connection
if it wasn't
updated to support jumbo frames. Updating the connection disrupts network
connectivity for all
interfaces associated with the connection for up to 30 seconds. Jumbo
frames apply only to propagated routes from Nobus Fast Transit. If you add static
routes to a route table that point to your virtual private gateway, then traffic routed
through the static routes is sent using 1500 MTU. To check whether a
connection or virtual interface supports jumbo frames, select it in the Nobus
Fast Transit console and find
Jumbo Frame Capable on the Summary tab.
|
When you create a virtual interface, you can specify the account that owns the virtual
interface. When you choose Nobus account that is not your account, the following
rules apply:
-
For private VIFs and transit VIFs, the account applies to the virtual
interface and the virtual private gateway/Fast Transit gateway
destination.
-
For public VIFs, the account is used for virtual interface billing. The Data Transfer
Out
(DTO) usage is metered toward the resource owner at Nobus Fast Transit data
transfer rate.
Creating a virtual interface
You can create a transit virtual interface to connect to a transit gateway, a public
virtual interface to connect to public resources (non-Data center services), or a private
virtual interface to connect to a Data center.
To create a virtual interface for accounts within your Nobus Organizations, or Nobus Organizations
that are different from yours, create a hosted virtual interface. For more information,
see Creating a hosted virtual interface.
Creating a public virtual interface
When you create a public virtual interface, it can take up to 72 hours for Nobus to
review and approve your request.
To provision a public virtual interface
-
Open the Nobus Fast Transit console at
.
-
In the navigation pane, choose interfaces.
-
Choose Create virtual interface.
-
Under Virtual interface type, for
Type, choose Public.
-
Under Public virtual interface settings, do the
following:
-
For Virtual interface name, enter a name for
the virtual interface.
-
For Connection, choose the Fast Transit
connection that you want to use for this interface.
-
For VLAN, enter the ID number for your
virtual local area network (VLAN).
-
For BGP ASN, enter the The Border Gateway Protocol Autonomous System Number of your on-premises
peer router for the new virtual interface.
-
Under Additional settings, do the following:
-
To configure an IPv4 BGP or an IPv6 peer, do the following:
[IPv4] To configure an IPv4 BGP peer, choose
IPv4 and do one of the following:
-
To specify these IP addresses yourself, for Your
router peer ip, enter the destination IPv4
CIDR address to which Nobus should send traffic.
-
For Nobus router peer IP, enter the
IPv4 CIDR address to use to send traffic to Nobus.
[IPv6] To configure an IPv6 BGP peer, choose
IPv6. The peer IPv6 addresses are
automatically assigned from Nobus's pool of IPv6 addresses.
You cannot specify custom IPv6 addresses.
-
To provide your own BGP key, enter your BGP MD5 key.
If you do not enter a value, Nobus generates a BGP key.
-
To advertise prefixes to Nobus, for Prefixes you want
to advertise, enter the IPv4 CIDR destination
addresses (separated by commas) to which traffic should be routed
over the virtual interface.
-
(Optional) Add or remove a tag.
[Add a tag] Choose Add tag and do the
following:
-
For Key, enter the key name.
-
For Value, enter the key
value.
[Remove a tag] Next to the tag, choose Remove
tag.
-
Choose Create virtual interface.
-
Download the router configuration for your device. For more information,
see
Downloading the router configuration
file.
Creating a private virtual interface
You can provision a private virtual interface to a virtual private gateway in the
same place as your Nobus Fast Transit connection.
If you use the Data center wizard to create a Data center, route propagation is automatically
enabled for you. With route propagation, routes are automatically populated to
the route tables in your Data center. If you choose, you can disable route propagation.
The maximum transmission unit (MTU) of a network connection is the size, in bytes,
of the largest permissible packet that can be passed over the connection. The
MTU of
a virtual private interface can be either 1500 or 9001 (jumbo frames). The MTU
of a
transit virtual interface can be either 1500 or 8500 (jumbo frames). You can specify
the MTU when you create the interface or update it after you create it. Setting
the
MTU of a virtual interface to 8500 (jumbo frames) or 9001 (jumbo frames) can cause
an update to the underlying physical connection if it wasn't updated to support
jumbo frames. Updating the connection disrupts network connectivity for all virtual
interfaces associated with the connection for up to 30 seconds. To check whether
a
connection or virtual interface supports jumbo frames, select it in the Nobus Direct
Connect
console and find Jumbo Frame Capable on the
Summary tab.
To provision a private virtual interface to a Data center
-
Open the Nobus Fast Transit console at
.
-
In the navigation pane, choose interfaces.
-
Choose Create virtual interface.
-
Under Virtual interface type, for Type, choose Private.
-
Under Private virtual interface settings, do the following:
-
For Virtual interface name, enter a name for the virtual interface.
-
For Connection, choose the Fast Transit connection that you want to use for this interface.
-
For Gateway type, choose Virtual private gateway, or Fast Transit gateway.
-
For Virtual interface owner, choose Another Nobus account, and then enter the Nobus account.
-
For Virtual private gateway, choose the virtual private gateway to use for this interface.
-
For VLAN, enter the ID number for your virtual
local area network (VLAN).
-
For BGP ASN, enter the The Border Gateway Protocol Autonomous System Number of your on-premises
peer router for the new virtual interface.
-
Under Additional Settings, do the following:
-
To configure an IPv4 BGP or an IPv6 peer, do the following:
[IPv4] To configure an IPv4 BGP peer, choose IPv4 and do one of
the following:
-
To specify these IP addresses yourself, for Your router peer ip,
enter the destination IPv4 CIDR address to which Nobus
should send traffic.
-
For Nobus router peer ip, enter
the IPv4 CIDR address to use to send traffic to
Nobus.
[IPv6] To configure an IPv6 BGP peer, choose IPv6. The peer IPv6 addresses are automatically
assigned from Nobus's pool of IPv6 addresses. You cannot specify custom IPv6
addresses.
-
To change the maximum transmission unit (MTU) from 1500 (default) to 9001 (jumbo frames),
select
Jumbo MTU (MTU size 9001).
-
(Optional) Add or remove a tag.
[Add a tag] Choose Add tag and do the following:
-
For Key, enter the key name.
-
For Value, enter the key value.
[Remove a tag] Next to the tag, choose Remove tag.
-
Choose Create virtual interface.
-
Download the router configuration for your device. For more information,
see
Downloading the router configuration
file.
Creating a transit virtual interface to the Fast Transit
gateway
To connect your Nobus Fast Transit connection to the transit gateway, you must create
a
transit interface for your connection. Specify the Fast Transit gateway to which
to connect.
The maximum transmission unit (MTU) of a network connection is the size, in bytes,
of the largest permissible packet that can be passed over the connection. The
MTU of
a virtual private interface can be either 1500 or 9001 (jumbo frames). The MTU
of a
transit virtual interface can be either 1500 or 8500 (jumbo frames). You can specify
the MTU when you create the interface or update it after you create it. Setting
the
MTU of a virtual interface to 8500 (jumbo frames) or 9001 (jumbo frames) can cause
an update to the underlying physical connection if it wasn't updated to support
jumbo frames. Updating the connection disrupts network connectivity for all virtual
interfaces associated with the connection for up to 30 seconds. To check whether
a
connection or virtual interface supports jumbo frames, select it in the Nobus Direct
Connect
console and find Jumbo Frame Capable on the
Summary tab.
If you associate your transit gateway with one or more Fast Transit gateways, the
Autonomous System Number (ASN) used by the transit gateway and the Fast Transit
gateway must be different. For example, if you use the default ASN 64512 for both
the transit gateway and the Fast Transit gateway, the association request fails.
To provision a transit virtual interface to a Fast Transit gateway
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
.
-
In the navigation pane, choose interfaces.
-
Choose Create virtual interface.
-
Under Virtual interface type, for Type, choose Transit.
-
Under Transit virtual interface settings, do the following:
-
For Virtual interface name, enter a name for the virtual interface.
-
For Connection, choose the Fast Transit connection that you want to use for this interface.
-
For Virtual interface owner, choose My Nobus account if the virtual interface is for your Nobus account.
-
For Fast Transit gateway, select the Fast Transit gateway.
-
For VLAN, enter the ID number for your virtual
local area network (VLAN).
-
For BGP ASN, enter the The Border Gateway Protocol Autonomous System Number of your on-premises
peer router for the new virtual interface.
-
Under Additional Settings, do the following:
-
To configure an IPv4 BGP or an IPv6 peer, do the following:
[IPv4] To configure an IPv4 BGP peer, choose IPv4 and do one of
the following:
-
To specify these IP addresses yourself, for Your router peer ip,
enter the destination IPv4 CIDR address to which Nobus
should send traffic.
-
For Nobus router peer ip, enter
the IPv4 CIDR address to use to send traffic to
Nobus.
[IPv6] To configure an IPv6 BGP peer, choose IPv6. The peer IPv6 addresses are automatically
assigned from Nobus's pool of IPv6 addresses. You cannot specify custom IPv6
addresses.
-
To change the maximum transmission unit (MTU) from 1500 (default) to 8500 (jumbo frames),
select
Jumbo MTU (MTU size 8500).
-
(Optional) Add or remove a tag.
[Add a tag] Choose Add tag and do the following:
-
For Key, enter the key name.
-
For Value, enter the key value.
[Remove a tag] Next to the tag, choose Remove tag.
-
Choose Create virtual interface.
After you create the virtual interface, you can download the router configuration
for your device.
For more information, see
Downloading the router configuration file.
Downloading the router configuration
file
After you create the virtual interface, you can download the router configuration
file for your router.
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
.
-
In the navigation pane, choose Virtual
Interfaces.
-
Select the virtual interface and then choose View
details.
-
Choose Download router configuration.
-
For Download router configuration, do the
following:
-
For Vendor, select the manufacturer of your
router.
-
For Platform, select the blueprint of your
router.
-
For Software, select the software version for
your router.
-
Choose Download, and then use the appropriate
configuration for your router to ensure that you can connect to
Nobus Fast Transit.
Example router configuration
files
The following are example extracts of router configuration files.
Cisco IOS
interface GigabitEthernet0/1
no ip address
interface GigabitEthernet0/1.VLAN_NUMBER
description "Fast Transit to your Nobus Data center or Nobus Cloud"
encapsulation dot1Q VLAN_NUMBER
ip address YOUR_PEER_IP
router bgp CUSTOMER_BGP_ASN
neighbor Nobus_PEER_IP
remote-as Nobus_ASN
neighbor Nobus_PEER_IP
password MD5_key
network 0.0.0.0
exit
! Optionally configure Bidirectional Forwarding Detection (BFD).
interface GigabitEthernet0/1.VLAN_NUMBER
bfd interval 300 min_rx 300 multiplier 3
router bgp CUSTOMER_BGP_ASN
neighbor Nobus_PEER_IP
fall-over bfd
! NAT Configuration for Public interfaces (Optional)
ip access-list standard NAT-ACL
permit (internal subnet IP address for NAT)
exit
ip nat inside source list NAT-ACL interface GigabitEthernet0/1.VLAN_NUMBER
overload
interface GigabitEthernet0/1.VLAN_NUMBER
ip nat outside
exit
interface interface-towards-customer-local-network
ip nat inside
exit
Cisco NX-OS
feature interface-vlan
vlan VLAN_NUMBER
name "Fast Transit to your Nobus Data center or Nobus Cloud"
interface VlanVLAN_NUMBER
ip address YOUR_PEER_IP
/30
no shutdown
interface Ethernet0/1
switchport
switchport mode trunk
switchport trunk allowed vlan VLAN_NUMBER
no shutdown
router bgp CUSTOMER_BGP_ASN
address-family ipv4 unicast
network 0.0.0.0
neighbor Nobus_PEER_IP
remote-as Nobus_ASN
password 0 MD5_key
address-family ipv4 unicast
! Optionally configure Bidirectional Forwarding Detection (BFD).
feature bfd
interface VlanVLAN_NUMBER
no ip redirects
bfd interval 300 min_rx 300 multiplier 3
router bgp CUSTOMER_BGP_ASN
neighbor Nobus_PEER_IP
remote-as Nobus_ASN
bfd
! NAT Configuration for Public interfaces (Optional)
ip access-list standard NAT-ACL
permit any any
exit
ip nat inside source list NAT-ACL VlanVLAN_NUMBER
overload
interface VlanVLAN_NUMBER
ip nat outside
exit
interface interface-towards-customer-local-network
ip nat inside
exit
Juniper JunOS
configure exclusive
edit interfaces ge-0/0/1
set description "Fast Transit to your Nobus Data center or Nobus Cloud"
set flexible-vlan-tagging
set mtu 1522
edit unit 0
set vlan-id VLAN_NUMBER
set family inet mtu 1500
set family inet address YOUR_PEER_IP
top
edit policy-options policy-statement EXPORT-DEFAULT
edit term DEFAULT
set from route-filter 0.0.0.0/0 exact
set then accept
up
edit term REJECT
set then reject
top
set routing-options autonomous-system CUSTOMER_BGP_ASN
edit protocols bgp group EBGP
set type external
set peer-as Nobus_ASN
edit neighbor Nobus_PEER_IP
set local-address YOUR_PEER_IP
set export EXPORT-DEFAULT
set authentication-key "MD5_key
"
top
commit check
commit and-quit
# Optionally configure Bidirectional Forwarding Detection (BFD).
set protocols bgp group EBGP
neighbor Nobus_PEER_IP
bfd-liveness-detection minimum-interval 300
set protocols bgp group EBGP
neighbor Nobus_PEER_IP
bfd-liveness-detection multiplier 3
# NAT Configuration for Public interfaces (Optional)
set security policies from-zone trust to-zone untrust policy PolicyName match source-address any
set security policies from-zone trust to-zone untrust policy PolicyName match destination-address any
set security policies from-zone trust to-zone untrust policy PolicyName match application any
set security policies from-zone trust to-zone untrust policy PolicyName then permit
set security nat source rule-set SNAT-RS from zone trust
set security nat source rule-set SNAT-RS to zone untrust
set security nat source rule-set SNAT-RS rule SNAT-Rule match source-address 0.0.0.0/0
set security nat source rule-set SNAT-RS rule SNAT-Rule then source-nat interface
commit check
commit and-quit
Viewing virtual interface details
You can view the current status of your virtual interface. Details include:
-
Connection state
-
Name
-
point
-
VLAN
-
BGP details
-
Peer IP addresses
To view details about a virtual interface
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the left pane, choose interfaces.
-
Select the virtual interface and then choose View
details.
Adding or deleting a BGP peer
In some points, a virtual interface can support up to two IPv4 BGP peering
sessions and up to two IPv6 BGP peering sessions. In other points, a virtual
interface can support a single IPv4 BGP peering session and a single IPv6 BGP peering
session.
You cannot specify your own peer IPv6 addresses for an IPv6 BGP peering session.
Nobus automatically allocates you a /125 IPv6 CIDR.
Multiprotocol BGP is not supported. IPv4 and IPv6 operate in dual-stack mode for the
virtual interface.
Adding a BGP peer
Use the following procedure to add a BGP peer.
To add a BGP peer
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose Virtual
Interfaces.
-
Select the virtual interface and then choose View
details.
-
Choose Add peering.
-
(Private virtual interface) To add IPv4 BGP peers, do the
following:
-
Choose IPv4.
-
To specify these IP addresses yourself, for Your router
peer ip, enter the destination IPv4 CIDR address to
which Nobus should send traffic. For Nobus router peer
ip, enter the IPv4 CIDR address to use to send
traffic to Nobus.
-
(Public virtual interface) To add IPv4 BGP peers, do the following:
-
For Your router peer ip, enter the IPv4 CIDR
destination address where traffic should be sent.
-
For Nobus router peer IP, enter the IPv4
CIDR address to use to send traffic to Nobus.
-
(Private or public virtual interface) To add IPv6 BGP peers, choose
IPv6. The peer IPv6 addresses are automatically
assigned from Nobus's pool of IPv6 addresses; you cannot specify custom
IPv6 addresses.
-
For BGP ASN, enter the The Border Gateway Protocol Autonomous System Number of your on-premises
peer router for the new virtual interface.
For a public virtual interface, the ASN must be private
or already whitelisted for the virtual interface.
Note that if you do not enter a value, Nobus automatically assigns
one.
-
To provide your own BGP key, for BGP Authentication
Key, enter your BGP MD5 key.
-
Choose Add peering.
Deleting a BGP peer
If your virtual interface has both an IPv4 and IPv6 BGP peering session, you can
delete one of the BGP peering sessions (but not both).
To delete a BGP peer
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose Virtual
Interfaces.
-
Select the virtual interface and then choose View
details.
-
Under Peerings, select the peering that you want to
delete and then choose Delete.
-
In the Remove peering from virtual interface dialog
box, choose Delete.
Setting network MTU for private virtual
interfaces or transit interfaces
Nobus Fast Transit supports an Ethernet frame size of 1522 or 9023 bytes (14 bytes
Ethernet
header + 4 bytes VLAN tag + bytes for the IP datagram + 4 bytes FCS) at the link
layer.
The maximum transmission unit (MTU) of a network connection is the size, in bytes,
of
the largest permissible packet that can be passed over the connection. The MTU
of a
virtual private interface can be either 1500 or 9001 (jumbo frames). The MTU of
a
transit virtual interface can be either 1500 or 8500 (jumbo frames). You can specify
the
MTU when you create the interface or update it after you create it. Setting the
MTU of a
virtual interface to 8500 (jumbo frames) or 9001 (jumbo frames) can cause an update
to
the underlying physical connection if it wasn't updated to support jumbo frames.
Updating the connection disrupts network connectivity for all interfaces
associated with the connection for up to 30 seconds. To check whether a connection
or
virtual interface supports jumbo frames, select it in the Nobus Fast Transit console
and find
Jumbo Frame Capable on the Summary
tab.
After you enable jumbo frames for your private virtual interface, you can only associate
it
with a connection or LAG that is jumbo frame capable. Jumbo frames are supported
on
virtual private interfaces attached to a virtual private gateway or a Fast Transit
gateway. Jumbo frames apply only to propagated routes from Nobus Fast Transit.
If you add static
routes to your virtual private gateway , traffic that is routed through the static
route
defaults to 1500 MTU. If you have two private interfaces that advertise
the same
route but use different MTU values, 1500 MTU is used.
Jumbo frames apply only to propagated routes from Nobus Fast Transit . If you add
static routes to a
route table that point to your virtual private gateway, then traffic routed through
the static routes is sent using 1500 MTU.
To set the MTU of a private virtual interface
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose interfaces.
-
Select the virtual interface and then choose
Edit.
-
Under Jumbo MTU (MTU size 9001) or Jumbo MTU
(MTU size 8500), select Enabled.
-
Under Acknowledge, select I understand the
selected connection(s) will go down for a brief period. The state
of the virtual interface is pending
until the update is
complete.
Deleting interfaces
Delete one or more interfaces. Before you can delete a connection, you must
delete its virtual interface. Deleting a virtual interface stops Nobus Fast Transit
data transfer charges associated with the virtual interface.
To delete a virtual interface
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the left pane, choose interfaces.
-
Select the interfaces and then choose
Delete.
-
In the Delete confirmation dialog box, choose
Delete.
Creating a hosted virtual
interface
You can create a public, transit or private hosted virtual interface. Before you begin,
ensure that you have read the information in
Prerequisites for interfaces.
Creating a hosted private virtual
interface
To create a hosted private virtual interface
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose interfaces.
-
Choose Create virtual interface.
-
Under Virtual interface type, for Type, choose Private.
-
Under Private virtual interface settings, do the following:
-
For Virtual interface name, enter a name for the virtual interface.
-
For Connection, choose the Fast Transit connection that you want to use for this interface.
-
For Gateway type, choose Virtual private gateway, or Fast Transit gateway.
-
For Virtual interface owner, choose Another Nobus account, and then enter the Nobus account.
-
For Virtual private gateway, choose the virtual private gateway to use for this interface.
-
For VLAN, enter the ID number for your virtual
local area network (VLAN).
-
For BGP ASN, enter the The Border Gateway Protocol Autonomous System Number of your on-premises
peer router for the new virtual interface.
-
Under Additional Settings, do the following:
-
To configure an IPv4 BGP or an IPv6 peer, do the following:
[IPv4] To configure an IPv4 BGP peer, choose IPv4 and do one of
the following:
-
To specify these IP addresses yourself, for Your router peer ip,
enter the destination IPv4 CIDR address to which Nobus
should send traffic.
-
For Nobus router peer ip, enter
the IPv4 CIDR address to use to send traffic to
Nobus.
[IPv6] To configure an IPv6 BGP peer, choose IPv6. The peer IPv6 addresses are automatically
assigned from Nobus's pool of IPv6 addresses. You cannot specify custom IPv6
addresses.
-
To change the maximum transmission unit (MTU) from 1500 (default) to 9001 (jumbo frames),
select
Jumbo MTU (MTU size 9001).
-
(Optional) Add or remove a tag.
[Add a tag] Choose Add tag and do the following:
-
For Key, enter the key name.
-
For Value, enter the key value.
[Remove a tag] Next to the tag, choose Remove tag.
-
Choose Create virtual interface.
-
After the hosted virtual interface is accepted by the owner of the other
Nobus account, you can download the router
configuration file.
Creating a hosted public virtual
interface
To create a hosted public virtual interface
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose interfaces.
-
Choose Create virtual interface.
-
Under Virtual interface type, for Type, choose Public.
-
Under Public Virtual Interface Settings, do the following:
-
For Virtual interface name, enter a name for the virtual interface.
-
For Connection, choose the Fast Transit connection that you want to use for this interface.
-
For VLAN, enter the ID number for your virtual local area network (VLAN).
-
For BGP ASN, enter the The Border Gateway Protocol Autonomous System Number of your on-premises
peer router for the new virtual interface.
-
Under Additional Settings, for Virtual interface owner, enter the ID of the Nobus account to own this virtual interface.
-
To configure an IPv4 BGP or an IPv6 peer, do the following:
[IPv4] To configure an IPv4 BGP peer, choose IPv4 and do one of
the following:
-
To specify these IP addresses yourself, for Your router peer ip,
enter the destination IPv4 CIDR address to which Nobus
should send traffic.
-
For Nobus router peer ip, enter
the IPv4 CIDR address to use to send traffic to
Nobus.
[IPv6] To configure an IPv6 BGP peer, choose IPv6. The peer IPv6 addresses are automatically
assigned from Nobus's pool of IPv6 addresses. You cannot specify custom IPv6
addresses.
-
To advertise prefixes to Nobus, for Prefixes you want to
advertise, enter the IPv4 CIDR destination addresses (separated by
commas) to which traffic should be routed over the virtual interface.
-
To provide your own key to authenticate the BGP session, under Additional Settings, for BGP authentication key, enter the key.
If you do not enter a value, then Nobus generates a BGP key.
-
(Optional) Add or remove a tag.
[Add a tag] Choose Add tag and do the following:
-
For Key, enter the key name.
-
For Value, enter the key value.
[Remove a tag] Next to the tag, choose Remove tag.
-
Choose Create virtual interface.
-
After the hosted virtual interface is accepted by the owner of the other
Nobus account, you can
download the router
configuration file.
Creating a hosted transit virtual
interface
To create a hosted transit virtual interface
If you associate your transit gateway with one or more Fast Transit gateways, the
Autonomous System Number (ASN) used by the transit gateway and the Fast Transit
gateway must be different. For example, if you use the default ASN 64512 for both
the transit gateway and the Fast Transit gateway, the association request fails.
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose interfaces.
-
Choose Create virtual interface.
-
Under Virtual interface type, for
Type, choose Transit.
-
Under Transit virtual interface settings, do the
following:
-
For Virtual interface name, enter a name for
the virtual interface.
-
For Connection, choose the Fast Transit
connection that you want to use for this interface.
-
For Gateway type, choose Direct
Connect gateway.
-
For Fast Transit gateway, select the
Fast Transit gateway.
-
For VLAN, enter the ID number for your
virtual local area network (VLAN).
-
For BGP ASN, enter the The Border Gateway Protocol Autonomous System Number of your on-premises
peer router for the new virtual interface.
-
Under Additional Settings, do the following:
-
To configure an IPv4 BGP or an IPv6 peer, do the following:
[IPv4] To configure an IPv4 BGP peer, choose
IPv4 and do one of the following:
-
To specify these IP addresses yourself, for Your
router peer ip, enter the destination IPv4
CIDR address to which Nobus should send traffic.
-
For Nobus router peer ip, enter the
IPv4 CIDR address to use to send traffic to Nobus.
[IPv6] To configure an IPv6 BGP peer, choose
IPv6. The peer IPv6 addresses are
automatically assigned from Nobus's pool of IPv6 addresses.
You cannot specify custom IPv6 addresses.
-
To change the maximum transmission unit (MTU) from 1500 (default)
to 8500 (jumbo frames), select Jumbo MTU (MTU size
8500).
-
[Optional] Add a tag. Do the following:
[Add a tag] Choose Add tag and do the
following:
-
For Key, enter the key name.
-
For Value, enter the key
value.
[Remove a tag] Next to the tag, choose Remove
tag.
-
Choose Create virtual interface.
-
After the hosted virtual interface is accepted by the owner of the other
Nobus account, you can
download the router
configuration file.
Accepting a hosted virtual
interface
Before you can begin using a hosted virtual interface, you must accept the virtual
interface. For a private virtual interface, you must also have an existing virtual
private gateway or Fast Transit gateway. For a transit virtual interface, you
must have an existing transit gateway or Fast Transit gateway.
To accept a hosted virtual interface
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose interfaces.
-
Select the virtual interface and then choose View
details.
-
Choose Accept.
-
This applies to private interfaces and transit virtual
interfaces.
(Transit virtual interface) In the Accept virtual interface dialog
box, select a Fast Transit gateway, and then choose Accept virtual
interface.
(Private virtual interface) In the Accept virtual
interface dialog box, select a virtual private gateway or Direct
Connect gateway, and then choose Accept virtual
interface.
-
After you accept the hosted virtual interface, the owner of the Nobus Fast Transit
connection can download the router configuration file. The Download
router configuration option is not available for the account that
accepts the hosted virtual interface.
Working with Fast Transit gateways
You can work with Nobus Fast Transit gateways using the Nobus Data center console or the
Nobus CLI.
Fast Transit gateways
Use Nobus Fast Transit gateway to connect your Data centers. You associate a
Nobus Fast Transit gateway with either of the following gateways:
A Fast Transit gateway is a globally available resource. You can create the
Fast Transit
gateway in any public place and access it from all other public places.
You
can use a Fast Transit gateway in the following scenarios.
Virtual private gateway associations
In the following diagram, the Fast Transit gateway enables you to use your Nobus
Fast Transit connection in the A place to access Data centers in your account in both
the A and B places.
Virtual private gateway associations across accounts
Consider this scenario of a Fast Transit gateway owner (Account Z) who owns the
Fast Transit gateway. Account A and Account B want to use the Fast Transit gateway.
Account A and Account B each send an association proposal to Account Z. Account Z
accepts the association proposals and can optionally update the prefixes that are
allowed from Account A's virtual private gateway or Account B's virtual private gateway.
After Account Z accepts the proposals, Account A and Account B can route traffic from
their virtual private gateway to the Fast Transit gateway. Account Z also owns the
routing to the customers because Account Z owns the gateway.
Transit gateway associations
The following diagram illustrates how the Fast Transit gateway enables you to create
a single connection to your Fast Transit connection that all of your Data centers can
use.
The solution involves the following components:
-
A transit gateway that has Data center attachments.
-
A Fast Transit gateway.
-
An association between the Fast Transit gateway and the transit gateway.
-
A transit virtual interface that is attached to the Fast Transit
gateway.
This configuration offers the following benefits. You can:
For information about configuring transit gateways, see
Working with Transit
Gateways in the Nobus Data center Transit Gateways
Guide.
Transit gateway associations across accounts
Consider this scenario of a Fast Transit gateway owner (Account Z) who owns the
Fast Transit gateway. Account A owns the transit gateway and wants to use the Direct
Connect
gateway. Account Z accepts the association proposals and can optionally update the
prefixes that are allowed from Account A's transit gateway. After Account Z accepts
the
proposals, The Data centers attached to the transit gateway can route traffic from the transit
gateway to the
Fast Transit gateway. Account Z also owns the routing to the customers because
Account Z owns the gateway.
Creating a Fast Transit
gateway
To create a Fast Transit gateway
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose Fast Transit
Gateways.
-
Choose Create Fast Transit gateway.
-
Specify the following information, and choose Create Direct
Connect gateway.
-
Name: Enter a name to help you identify the
Fast Transit gateway.
-
Nobus side ASN: Specify the ASN for the
Nobus side of the BGP session. The ASN must be in the 64,512 to
65,534 range or 4,200,000,000 to 4,294,967,294 range.
-
Virtual private gateway: To associate a
virtual private gateway, choose the virtual private gateway.
Deleting Fast Transit
gateways
If you no longer require a Fast Transit gateway, you can delete it. You must
first disassociate all associated virtual private gateways and delete the attached
private virtual interface.
To delete a Fast Transit gateway
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose Fast Transit
Gateways.
-
Select the gateways and choose Delete.
Migrating from a virtual private
gateway to a Fast Transit gateway
If you had a virtual private gateway attached to a virtual interface, and you want
to
migrate to a Fast Transit gateway, perform the following steps:
Virtual private gateway associations
You can use an Nobus Fast Transit gateway to connect your Nobus Fast Transit
connection over a private virtual interface to one or more Data centers in any account that
are
located in the same or different places. You associate a Fast Transit gateway with
the virtual private gateway for the Data center. Then, you create a private virtual interface
for your Nobus Fast Transit connection to the Fast Transit gateway. You can attach
multiple
private interfaces to your Fast Transit gateway.
The following rules apply to Data center associations:
-
There are limits for creating and using Fast Transit gateways. For more
information, see Nobus Fast Transit quotas.
-
The Data centers to which you connect through a Fast Transit gateway cannot have
overlapping CIDR blocks. If you add an IPv4 CIDR block to a Data center that's
associated with a Fast Transit gateway, ensure that the CIDR block does not
overlap with an existing CIDR block for any other associated Data center. For more
information, see
Adding
IPv4 CIDR Blocks to a Data center in the
Nobus Data center User Guide.
-
You cannot create a public virtual interface to a Fast Transit
gateway.
-
A Fast Transit gateway supports communication between attached private
interfaces and associated virtual private gateways only. The following
traffic flows are not supported:
-
Direct communication between the Data centers that are associated with a
single Fast Transit gateway. This includes traffic from one Data center to
another by using a hairpin through an on-premises network through a
single virtual interface.
-
Direct communication between the interfaces that are attached
to a single Fast Transit gateway.
-
Direct communication between the interfaces that are attached
to a single Fast Transit gateway and a VPN connection on a virtual
private gateway that's associated with the same Fast Transit
gateway.
-
You cannot associate a virtual private gateway with more than one Direct
Connect gateway and you cannot attach a private virtual interface to more than
one Fast Transit gateway.
-
A virtual private gateway that you associate with a Fast Transit gateway
must be attached to a Data center.
-
A virtual private gateway association proposal expires 7 days after it is
created.
-
An accepted virtual private gateway proposal, or a deleted virtual private
gateway proposal remains visible for 3 days.
To connect your Nobus Fast Transit connection to a Data center in the same place only, you
can create a
Fast Transit gateway. Or, you can create a private virtual interface and attach
it to the
virtual private gateway for the Data center.
To use your Nobus Fast Transit connection with a Data center in another account, you can create
a hosted
private virtual interface for that account. When the owner of the other account accepts
the hosted virtual interface, they can choose to attach it either to a virtual private
gateway or to a Fast Transit gateway in their account. For more information, see
Nobus Fast Transit interfaces.
Associating and
disassociating virtual private gateways
The virtual private gateway must be attached to the Data center to which you want to
connect. For more information, see
Create a Virtual Private
Gateway in the Nobus Data center User Guide.
If you are planning to use the virtual private gateway for a Fast Transit
gateway and a dynamic VPN connection, set the ASN on the virtual private gateway
to the value that you require for the VPN connection. Otherwise, the ASN on the
virtual private gateway can be set to any permitted value. The Fast Transit
gateway advertises all connected Data centers over the ASN assigned to it.
To associate a virtual private gateway
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose Fast Transit
Gateways and then select the Fast Transit gateway.
-
Choose View details.
-
Choose Gateways associations and then choose
Associate gateway.
-
For Gateways, choose the virtual private gateways to
associate, and then choose Associate gateway.
You can view all of the virtual private gateways that are associated with the
Fast Transit gateway by choosing Gateway associations.
To disassociate a virtual private gateway
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose Fast Transit
Gateways and then select the Fast Transit gateway.
-
Choose View details.
-
Choose Gateway associations and then select the
virtual private gateway.
-
Choose Disassociate.
Creating a private virtual
interface to the Fast Transit gateway
To connect your Nobus Fast Transit connection to the remote Data center, you must create a
private
virtual interface for your connection. Specify the Fast Transit gateway to which
to connect.
If you're accepting a hosted private virtual interface, you can associate it
with a Fast Transit gateway in your account.
To provision a private virtual interface to a Fast Transit gateway
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose interfaces.
-
Choose Create virtual interface.
-
Under Virtual interface type, for Type, choose Private.
-
Under Virtual interface type, choose Private.
-
Under Private virtual interface settings, do the following:
-
For Virtual interface name, enter a name for the virtual interface.
-
For Connection, choose the Fast Transit connection that you want to use for this interface.
-
For Virtual interface owner, choose My Nobus account if the virtual interface is for your Nobus account.
-
For Fast Transit gateway, select the Fast Transit gateway.
-
For VLAN, enter the ID number for your virtual
local area network (VLAN).
-
For BGP ASN, enter the The Border Gateway Protocol Autonomous System Number of your on-premises
peer router for the new virtual interface.
-
Under Additional Settings, do the following:
-
To configure an IPv4 BGP or an IPv6 peer, do the following:
[IPv4] To configure an IPv4 BGP peer, choose IPv4 and do one of
the following:
-
To specify these IP addresses yourself, for Your router peer ip,
enter the destination IPv4 CIDR address to which Nobus
should send traffic.
-
For Nobus router peer ip, enter
the IPv4 CIDR address to use to send traffic to
Nobus.
[IPv6] To configure an IPv6 BGP peer, choose IPv6. The peer IPv6 addresses are automatically
assigned from Nobus's pool of IPv6 addresses. You cannot specify custom IPv6
addresses.
-
To change the maximum transmission unit (MTU) from 1500 (default) to 9001 (jumbo frames),
select
Jumbo MTU (MTU size 9001).
-
(Optional) Add or remove a tag.
[Add a tag] Choose Add tag and do the following:
-
For Key, enter the key name.
-
For Value, enter the key value.
[Remove a tag] Next to the tag, choose Remove tag.
-
Choose Create virtual interface.
After you've created the virtual interface, you can download the router
configuration for your device. For more information, see
Downloading the router configuration file.
Transit gateway associations
You can use an Nobus Fast Transit gateway to connect your Nobus Fast Transit
connection over a transit virtual interface to the Data centers or VPNs that are attached
to
your transit gateway. You associate a Fast Transit gateway with the transit gateway.
Then, create a transit
virtual interface for your Nobus Fast Transit connection to the Fast Transit gateway.
The following rules apply to transit gateway associations:
-
You cannot attach a Fast Transit gateway to a transit gateway when the Fast Transit
gateway is already associated with a virtual private gateway or is attached to a
private virtual interface.
-
There are limits for creating and using Fast Transit gateways. For more
information, see Nobus Fast Transit quotas.
-
A Fast Transit gateway supports communication between attached transit
interfaces and associated transit gateways only.
-
If you connect to multiple transit gateways that are in different places, use unique
ASNs for each transit gateway.
-
A virtual private gateway can be associated with a Fast Transit gateway and
also attached to a virtual interface.
Associating and
disassociating transit gateways
To associate a transit gateway
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose Fast Transit
Gateways and then select the Fast Transit gateway.
-
Choose View details.
-
Choose Gateway associations and then choose
Associate gateway.
-
For Gateways, choose the transit gateway to associate, and then
choose Associate gateway.
You can view all of the gateways that are associated with the Fast Transit
gateway by choosing Gateway associations.
To disassociate a transit gateway
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose Fast Transit
gateways and then select the Fast Transit gateway.
-
Choose View details.
-
Choose Gateway associations and then select the
transit gateway.
-
Choose Disassociate.
Creating a transit virtual
interface to the Fast Transit gateway
To connect your Nobus Fast Transit connection to the transit gateway, you must create
a
transit interface for your connection. Specify the Fast Transit gateway to which
to connect.
If you associate your transit gateway with one or more Fast Transit gateways, the
Autonomous System Number (ASN) used by the transit gateway and the Fast Transit
gateway must be different. For example, if you use the default ASN 64512 for both
the transit gateway and the Fast Transit gateway, the association request fails.
To provision a transit virtual interface to a Fast Transit gateway
-
Open the Nobus Fast Transit console at
https://cloud.nobus.io/project/
-
In the navigation pane, choose interfaces.
-
Choose Create virtual interface.
-
Under Virtual interface type, for Type, choose Transit.
-
Under Transit virtual interface settings, do the following:
-
For Virtual interface name, enter a name for the virtual interface.
-
For Connection, choose the Fast Transit connection that you want to use for this interface.
-
For Virtual interface owner, choose My Nobus account if the virtual interface is for your Nobus account.
-
For Fast Transit gateway, select the Fast Transit gateway.
-
For VLAN, enter the ID number for your virtual
local area network (VLAN).
-
For BGP ASN, enter the The Border Gateway Protocol Autonomous System Number of your on-premises
peer router for the new virtual interface.
-
Under Additional Settings, do the following:
-
To configure an IPv4 BGP or an IPv6 peer, do the following:
[IPv4] To configure an IPv4 BGP peer, choose IPv4 and do one of
the following:
-
To specify these IP addresses yourself, for Your router peer ip,
enter the destination IPv4 CIDR address to which Nobus
should send traffic.
-
For Nobus router peer ip, enter
the IPv4 CIDR address to use to send traffic to
Nobus.
[IPv6] To configure an IPv6 BGP peer, choose IPv6. The peer IPv6 addresses are automatically
assigned from Nobus's pool of IPv6 addresses. You cannot specify custom IPv6
addresses.
-
To change the maximum transmission unit (MTU) from 1500 (default) to 8500 (jumbo frames),
select
Jumbo MTU (MTU size 8500).
-
(Optional) Add or remove a tag.
[Add a tag] Choose Add tag and do the following:
-
For Key, enter the key name.
-
For Value, enter the key value.
[Remove a tag] Next to the tag, choose Remove tag.
-
Choose Create virtual interface.
After you've created the virtual interface, you can download the router
configuration for your device. For more information, see
Downloading the router configuration
file.
Allowed prefixes interactions
Learn how allowed prefixes interact with transit gateways and virtual private gateways.
Transit gateway associations
When you associate a transit gateway with a Fast Transit gateway, you specify a
list of up
to twenty Nobus Data center prefixes to advertise to the Fast Transit gateway. The prefix
list
acts as a filter that allows the same CIDRs, or a smaller range of CIDRs to be
advertised to the Fast Transit gateway. You must set the prefixes to a range that
is the same or wider than the Data center CIDR block.
Consider the scenario where you have a Data center with CIDR 10.0.0.0/16 attached to a
transit gateway.
-
When the allowed prefixes list is set to 22.0.0.0/24, you receive 22.0.0.0/24
through BGP on your transit virtual interface. You do not receive
10.0.0.0/16 because we directly provision the prefixes that are in the
allowed prefix list.
-
When the allowed prefixes list is set to 10.0.0.0/24, you receive 10.0.0.0/24
through BGP on your transit virtual interface. You do not receive
10.0.0.0/16 because we directly provision the prefixes that are in the
allowed prefix list.
-
When the allowed prefixes list is set to 10.0.0.0/8, you receive 10.0.0.0/8
through BGP on your transit virtual interface. You do not receive
10.0.0.0/16 because we directly provision the prefixes that are in the
allowed prefix list.
Virtual private gateway associations
Consider the scenario where you have a Data center with CIDR 10.0.0.0/16 is attached
to a virtual private gateway.
-
When the allowed prefixes list is set to 22.0.0.0/24, you do not
receive any route because 22.0.0.0/24 is not the same as, or wider than
10.0.0.0/16.
-
When the allowed prefixes list is set to 10.0.0.0/24, you do not
receive any route because 10.0.0.0/24 is not the same as 10.0.0.0/16.
-
When the allowed prefixes list is set to 10.0.0.0/15, you do receive
10.0.0.0/16, because the IP address is wider than 10.0.0.0/16.