Hello,
I am setting up a VPN to connect an Amazon VPC. While the connection is a no brainer, routing has appeared to be a big problem.
The situation:
- there are others VPN connected to the same VPG.
- The config files send by Amazon a build to announce route 0.0.0.0/0, so ASG is announcing this route too, but do not announce locally connected networks.
- There is another router also announcing route 0.0.0.0/0
The result:
Packets sent from the local network gets to its target in the Amazon VPC. The reply from the target goes to the wrong gateway.
The workaround:
Changing the routes announced by quagga solves the problem and packets get back by the correct gateway.
IS there any value to change in the config file send by Amazon to define the routes to announce?
How to properly configure the route in ASG and make it persistent across reboot?
There is an enhancement request to get more control over the route announcement with Amazon, but I didn't find any temporary solution.
Has anyone experienced with that situation?
Thank you for your help.
I am setting up a VPN to connect an Amazon VPC. While the connection is a no brainer, routing has appeared to be a big problem.
The situation:
- there are others VPN connected to the same VPG.
- The config files send by Amazon a build to announce route 0.0.0.0/0, so ASG is announcing this route too, but do not announce locally connected networks.
- There is another router also announcing route 0.0.0.0/0
The result:
Packets sent from the local network gets to its target in the Amazon VPC. The reply from the target goes to the wrong gateway.
The workaround:
Changing the routes announced by quagga solves the problem and packets get back by the correct gateway.
IS there any value to change in the config file send by Amazon to define the routes to announce?
How to properly configure the route in ASG and make it persistent across reboot?
There is an enhancement request to get more control over the route announcement with Amazon, but I didn't find any temporary solution.
Has anyone experienced with that situation?
Thank you for your help.