Process overview
The basic steps to adding an AWS connection to a PacketFabric Distributed Cloud Router are as follows:
Prerequisites
You will be asked for your AWS account number. Depending on your account type, this might appear when you sign in to the console or under your user menu. Otherwise, you can click your user name and then select My Account. Your account ID is at the top of the page under Account Settings.
Create a PacketFabric Cloud Router connection
-
Log in to the PacketFabric portal and select Network > Cloud Routers.
-
Click the Cloud Router to open its side panel.
-
Select Create Connection.
-
Select AWS.
Complete the following fields and then click Next.
AWS On-Ramp and Capacity
- Create a NAT-capable connection
- Select this option if you want to be able to enable NAT for the connection. This ensures the connection will provision on a device that allows NAT.
- On-Ramp
- This is the AWS on-ramp location you would like to use. This cannot be changed after it is provisioned.
- Capacity
- This is the speed/capacity you are setting for the connection.
-
IMPORTANT: Transit Gateway virtual interfaces are only supported on the following connection speeds: 1G, 2G, 5G, and 10G.
- Availability Zone
- Select a zone.
- PacketFabric availability zones represent physical diversity; each availability zone is a unique chassis. Allocating connections within different zones supports redundancy.
- Use Public VIF
- Select this option if you are planning to use this connection with a public VIF to reach AWS public resources.
- AWS public resources are resources that are not contained within your VPC. The most commonly used are Amazon S3 and DynamoDB.
Amazon Connect
AppFlow
API Gateway
Chime Voice Connector
Chime Meetings
Cloud9 IDE
CloudFront
CodeBuild
DynamoDB
EC2 (public instances)
EC2 Instance Connect
Global Accelerator
Route53
Route53 Healthchecks
Route53 Healthchecks Publishing
S3
S3 Glacier
Workspaces Gateways
NOTE: Public VIFs must be reviewed and approved by Amazon. This process can take up to 72 hours.
Connection Details
- Amazon Account ID
- Enter your Amazon account ID.
- This allows PacketFabric to send API requests to Amazon creating your connection.
- Connection description
- Enter a name for the connection.
Billing
Select a billing account and then click Place Order.
The connection should provision within a few minutes.
Accept the connection
-
Sign in to AWS.
-
From the AWS Management Console, click the Services menu and select Networking & Content Delivery > Direct Connect.
-
Click Connections.
-
Locate and select the connection you created in the PacketFabric portal.
NOTE: Connections typically appear in the AWS console within a minute after provisioning from PacketFabric.
If you do not see your connection listed, wait a few moments and then refresh the page.
-
Click Accept in the upper right.
-
Click Confirm.
Create a gateway
You can skip this step if you are using the public IP/public VIF option.
Our connections are compatible with all AWS gateway types: Direct Connect, virtual private, and transit.
For information on each, including instructions on how to create them, see the AWS documentation on gateways.
IMPORTANT: When creating a gateway, AWS defaults to their public ASN 7224. You should instead set this to a private ASN from 62512 - 65534.
Create a virtual interface
After accepting the connection, click Create virtual interface.
There are three types of virtual interfaces (VIFs):
Public VIF
For complete instructions, see AWS - Creating a public virtual interface.
The following fields are applicable to the PacketFabric Cloud Router:
-
VLAN: This should be pre-populated with a VLAN ID, and should be left as-is.
-
BGP ASN: Use the ASN you specified when creating your PacketFabric Cloud Router. If you aren’t sure which ASN you used, you can find it listed on the Cloud Router details page.
-
Your router peer IP: Use the PacketFabric Router Peer IP provided to you.
You can retrieve this from the PacketFabric portal. Select the Cloud Router to open its side panel, and then click the overflow menu next to the connection. Select New BGP Session.
-
Amazon router peer IP: Use the Public AWS Router Peer IP provided to you. You can retrieve this from the BGP Sessions page in portal (see above).
-
Prefixes you want to advertise: Enter the Amazon router peer IP and any any public IPs you have (they must be from a different subnet than local/peer IP). These prefixes should also be represented under Allowed prefix to cloud when configuring the BGP session in the PacketFabric portal.
- BGP authentication key: Provide a key or leave this field empty to have Amazon generate one on your behalf.
Private VIF
For complete instructions, see AWS - Creating a private virtual interface.
The following fields are applicable to the PacketFabric Cloud Router:
-
BGP ASN: Use the ASN you specified when creating your PacketFabric Cloud Router. If you aren’t sure which ASN you used, you can find it listed on the PacketFabric Cloud Router details page.
-
VLAN: This should be pre-populated with a VLAN ID, and should be left as-is.
-
Under Additional settings:
-
Your router peer IP and Amazon router peer IP: We recommend that you leave these fields blank and allow Amazon to allocate them on your behalf.
However, if you decide to provide your own, note that both will be used to configure the BGP session for the Cloud Router.
-
BGP authentication key: Provide a key or leave this field empty to have Amazon generate one on your behalf.
-
Jumbo MTU: Optional, but supported.
Transit VIF
For complete instructions, see AWS - Creating a transit virtual interface to the Direct Connect gateway.
The following fields are applicable to the PacketFabric Cloud Router:
-
BGP ASN: Use the ASN you specified when creating your PacketFabric Cloud Router. If you aren’t sure which ASN you used, you can find it listed on the PacketFabric Cloud Router details page.
-
VLAN: This should be pre-populated with a VLAN ID, and should be left as-is.
-
Under Additional settings:
-
Your router peer IP and Amazon router peer IP: We recommend that you leave these fields blank and allow Amazon to allocate them on your behalf.
However, if you decide to provide your own, note that both will be used to configure the BGP session for the Cloud Router.
-
BGP authentication key: Provide a key or leave this field empty to have Amazon generate one on your behalf.
-
Jumbo MTU: Optional, but supported.
Troubleshooting note: If you are unable to select your PacketFabric connection when creating a Transit VIF, the most likely reason is that the associated connection has a capacity less than 1Gbps.
Transit VIFs are only supported on the following connection speeds: 1G, 2G, 5G, and 10G.
Next steps
Configure the BGP session for this connection.
Create an AWS Connection on a Cloud Router - POST