Re: [AusNOG] AWS With Megaport

2019-02-12 Thread Benoit Page-Guitard 
As Steve indirectly pointed out above, an AWS VPC is not a real layer 2
domain.. so there's nothing really to "extend into".

The best way to conceptualise a VPC at a layer 2 level (at least from a
network engineer's perspective) is to imagine a full mesh of hosts,
connected by overlay tunnels, where every host has (or can have) full
knowledge of MAC-to-tunnel-endpoint mappings for every VPC member. It's
also unicast-only.

Basically, the only way for a MAC to be "added" to a VPC is for it to be
programmed onto each host.

It's not a completely accurate picture of how things actually work, but it
serves well enough to explain why you can't just extend your own layer 2
domain onto a VPC and expect broadcasts and L2 learning to "just work".

Hope that helps..


Benoit

On Tue, 12 Feb 2019 at 03:56, simon thomason  wrote:

> Friends don't let friends build large layer2 networks!
>
> That said; if you wanted to get a little creative you could run up a
> csr1000v and setup otv and lisp from AWS to your on prem infra. I have
> never set it up but would be interesting to see if the MP transport
> supports it.
>
> I guess the question is really, why would you want to extend your layer2
> domain into the cloud.
> You will not be able to run redundant connections.
> You have just increased your fail domain size and will be tromboning
> traffic.
>
>
>
> On Tue., 12 Feb. 2019, 6:17 pm Tim Raphael  wrote:
>
>> That’s still routed and not bridged over the DC. It’s all layer 3 over
>> DCs unless (as mentioned) you use an L2 tunnelling method onto a compute VM.
>>
>> - Tim
>>
>> On 12 Feb 2019, at 19:01, Andras Toth  wrote:
>>
>> I'm not sure if the Megaport Direct Connect is any different to a regular
>> AWS Direct Connect, but a friend of mine has successfully used a regular
>> AWS Direct Connect that they extended into their EC2 VPC and assigned IP
>> addresses to their instances from their own /28 range.
>>
>> The subnet has a Route Table that would say send everything to the DX VGW
>> to make this work.
>>
>> The only caveat was the .1 and .2 addresses cannot be used because that's
>> the AWS Default Gateway and DNS, etc.
>>
>> Andras
>>
>>
>> On Tue, Feb 12, 2019 at 1:30 PM Steve Tu  wrote:
>>
>>> Hi Joseph,
>>>
>>> Thank your for your enquiry.
>>>
>>> As Simon Thomason pointed out, AWS Direct Connect - Private Virtual
>>> Interface is mainly for connecting two private networks together by
>>> exchanging routes via BGP.
>>>
>>> In your scenario of extending your on-premises network into the native
>>> AWS VPC so they are on the same broadcast domain, this is not a supported
>>> scenario. Also on AWS VPC route table, the destination via next-hop/default
>>> gateway will need to be an AWS component i.e. Virtual Private Gateway or
>>> Internet Gateway etc. and not something outside of AWS.
>>>
>>> https://aws.amazon.com/vpc/faqs/
>>> Please also check the Topology section of the FAQ
>>>
>>> There are options such as VMware on AWS and creating a L2VPN over Direct
>>> Connect, that may suits your requirements.
>>>
>>> I hope this answers your question, and if you have any further
>>> questions, please do not hesitate to contact me,
>>>
>>> *SteveTu*
>>> *Solutions Architect APAC*
>>>
>>> Phone: +61 430 965 798
>>> [image: Connect on LinkedIn] 
>>>
>>>
>>>
>>> [image: Visit Megaport.com] 
>>>
>>> This message is intended for the addressee named and may contain
>>> confidential information. If you are not the intended recipient please
>>> delete it and notify the sender.
>>>
>>>
>>> On Tue, Feb 12, 2019 at 12:12 PM Gavin Tweedie <
>>> gavin.twee...@megaport.com> wrote:
>>>
 I'm not our cloud wizard so let me throw on a technical solutions guy
 or two on this thread to bring it to their attention!

 Gav

 On Tue, 12 Feb 2019 at 10:08, simon thomason  wrote:

> I would be interested to know how you do this also.
>
> My understanding is that over MP you need to peer with AWS in BGP.
> https://knowledgebase.megaport.com/cloud-connectivity/aws-cloud/
>
> Even looking at AWS doco it says you can not
> https://aws.amazon.com/directconnect/faqs/.
>
> Unless you want to run GRE or something over this but i am not certain
> why you would.
>
> On Tue, Feb 12, 2019 at 11:53 AM Nathan Brookfield <
> nathan.brookfi...@simtronic.com.au> wrote:
>
>> 100% possible :)
>>
>> Nathan Brookfield
>> Chief Executive Officer
>>
>> Simtronic Technologies Pty Ltd
>> http://www.simtronic.com.au
>>
>> On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:
>>
>> Hi *
>>
>>  Just wondering if the following scenario is supported for EC2
>> instances with AWS.
>>
>>  Over megaport, I'd like to use a VXC (Or Direct Connect) - On that
>> interface on my router, I put x.x.x.1/24, then on my EC2 instances I'd 
>> want
>> to put x.x.x.2-254/24

Re: [AusNOG] AWS With Megaport

2019-02-12 Thread simon thomason 
Friends don't let friends build large layer2 networks!

That said; if you wanted to get a little creative you could run up a
csr1000v and setup otv and lisp from AWS to your on prem infra. I have
never set it up but would be interesting to see if the MP transport
supports it.

I guess the question is really, why would you want to extend your layer2
domain into the cloud.
You will not be able to run redundant connections.
You have just increased your fail domain size and will be tromboning
traffic.



On Tue., 12 Feb. 2019, 6:17 pm Tim Raphael  That’s still routed and not bridged over the DC. It’s all layer 3 over DCs
> unless (as mentioned) you use an L2 tunnelling method onto a compute VM.
>
> - Tim
>
> On 12 Feb 2019, at 19:01, Andras Toth  wrote:
>
> I'm not sure if the Megaport Direct Connect is any different to a regular
> AWS Direct Connect, but a friend of mine has successfully used a regular
> AWS Direct Connect that they extended into their EC2 VPC and assigned IP
> addresses to their instances from their own /28 range.
>
> The subnet has a Route Table that would say send everything to the DX VGW
> to make this work.
>
> The only caveat was the .1 and .2 addresses cannot be used because that's
> the AWS Default Gateway and DNS, etc.
>
> Andras
>
>
> On Tue, Feb 12, 2019 at 1:30 PM Steve Tu  wrote:
>
>> Hi Joseph,
>>
>> Thank your for your enquiry.
>>
>> As Simon Thomason pointed out, AWS Direct Connect - Private Virtual
>> Interface is mainly for connecting two private networks together by
>> exchanging routes via BGP.
>>
>> In your scenario of extending your on-premises network into the native
>> AWS VPC so they are on the same broadcast domain, this is not a supported
>> scenario. Also on AWS VPC route table, the destination via next-hop/default
>> gateway will need to be an AWS component i.e. Virtual Private Gateway or
>> Internet Gateway etc. and not something outside of AWS.
>>
>> https://aws.amazon.com/vpc/faqs/
>> Please also check the Topology section of the FAQ
>>
>> There are options such as VMware on AWS and creating a L2VPN over Direct
>> Connect, that may suits your requirements.
>>
>> I hope this answers your question, and if you have any further
>> questions, please do not hesitate to contact me,
>>
>> *SteveTu*
>> *Solutions Architect APAC*
>>
>> Phone: +61 430 965 798
>> [image: Connect on LinkedIn] 
>>
>>
>>
>> [image: Visit Megaport.com] 
>>
>> This message is intended for the addressee named and may contain
>> confidential information. If you are not the intended recipient please
>> delete it and notify the sender.
>>
>>
>> On Tue, Feb 12, 2019 at 12:12 PM Gavin Tweedie <
>> gavin.twee...@megaport.com> wrote:
>>
>>> I'm not our cloud wizard so let me throw on a technical solutions guy or
>>> two on this thread to bring it to their attention!
>>>
>>> Gav
>>>
>>> On Tue, 12 Feb 2019 at 10:08, simon thomason  wrote:
>>>
 I would be interested to know how you do this also.

 My understanding is that over MP you need to peer with AWS in BGP.
 https://knowledgebase.megaport.com/cloud-connectivity/aws-cloud/

 Even looking at AWS doco it says you can not
 https://aws.amazon.com/directconnect/faqs/.

 Unless you want to run GRE or something over this but i am not certain
 why you would.

 On Tue, Feb 12, 2019 at 11:53 AM Nathan Brookfield <
 nathan.brookfi...@simtronic.com.au> wrote:

> 100% possible :)
>
> Nathan Brookfield
> Chief Executive Officer
>
> Simtronic Technologies Pty Ltd
> http://www.simtronic.com.au
>
> On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:
>
> Hi *
>
>  Just wondering if the following scenario is supported for EC2
> instances with AWS.
>
>  Over megaport, I'd like to use a VXC (Or Direct Connect) - On that
> interface on my router, I put x.x.x.1/24, then on my EC2 instances I'd 
> want
> to put x.x.x.2-254/24 directly on my compute instances, so those EC2
> instances basically become a part of my broadcast domain over the VLAN on
> Megaport, and I can control data in/out of those instances.
>
>  I'm fairly fresh to AWS so not entirely sure the correct way to go
> about it through the route tables, VPCs etc - is what I'm asking for
> relatively easy and possible?
>
> Thanks,
> Joe
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
 ___
 AusNOG mailing list
 AusNOG@lists.ausnog.net
 http://lists.ausnog.net/mailman/listinfo/ausnog

>>>
>>>
>>> --
>>> Global Interconnection Director
>>>

Re: [AusNOG] AWS With Megaport

2019-02-12 Thread Shah Hardik 
They are different.



Look for Hosted Connection VS AWS Direct Connect.



The connection you get via Megaport or all other Telcos most probably would
be Hosted Connection or Hosted VIF. Best to check with the telco – Megaport
in this instance on the product details, specs, limitations.



https://aws.amazon.com/premiumsupport/knowledge-center/direct-connect-types/



Hope this helps!



Cheers,

Shah Hardik



*From:* AusNOG  *On Behalf Of *Andras Toth
*Sent:* Tuesday, 12 February 2019 7:01 PM
*To:* Steve Tu 
*Cc:* aus...@ausnog.net ; Jason Bordujenko <
jason.borduje...@megaport.com>
*Subject:* Re: [AusNOG] AWS With Megaport



I'm not sure if the Megaport Direct Connect is any different to a regular
AWS Direct Connect, but a friend of mine has successfully used a regular
AWS Direct Connect that they extended into their EC2 VPC and assigned IP
addresses to their instances from their own /28 range.



The subnet has a Route Table that would say send everything to the DX VGW
to make this work.



The only caveat was the .1 and .2 addresses cannot be used because that's
the AWS Default Gateway and DNS, etc.



Andras





On Tue, Feb 12, 2019 at 1:30 PM Steve Tu  wrote:

Hi Joseph,



Thank your for your enquiry.



As Simon Thomason pointed out, AWS Direct Connect - Private Virtual
Interface is mainly for connecting two private networks together by
exchanging routes via BGP.



In your scenario of extending your on-premises network into the native AWS
VPC so they are on the same broadcast domain, this is not a supported
scenario. Also on AWS VPC route table, the destination via next-hop/default
gateway will need to be an AWS component i.e. Virtual Private Gateway or
Internet Gateway etc. and not something outside of AWS.



https://aws.amazon.com/vpc/faqs/

Please also check the Topology section of the FAQ



There are options such as VMware on AWS and creating a L2VPN over Direct
Connect, that may suits your requirements.



I hope this answers your question, and if you have any further
questions, please do not hesitate to contact me,

*Steve**Tu*
*Solutions Architect APAC*

Phone: +61 430 965 798
[image: Connect on LinkedIn]
<https://t.sidekickopen05.com/s2t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJN7t5XZsd7g2vW6442zv2BF-FPW7fRL1x56dRC4d5gLDT02?t=https%3A%2F%2Fwww.linkedin.com%2Fin%2Ftusteven%2F=5046652182331392=d3a34192-868e-43b4-bca6-3b3dc94576a7>



[image: Visit Megaport.com]
<https://t.sidekickopen05.com/s2t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJN7t5XZsd7g2vW6442zv2BF-FPW7fRL1x56dRC4d5gLDT02?t=https%3A%2F%2Fwww.megaport.com%2F=5046652182331392=d3a34192-868e-43b4-bca6-3b3dc94576a7>

This message is intended for the addressee named and may contain
confidential information. If you are not the intended recipient please
delete it and notify the sender.





On Tue, Feb 12, 2019 at 12:12 PM Gavin Tweedie 
wrote:

I'm not our cloud wizard so let me throw on a technical solutions guy or
two on this thread to bring it to their attention!



Gav



On Tue, 12 Feb 2019 at 10:08, simon thomason  wrote:

I would be interested to know how you do this also.



My understanding is that over MP you need to peer with AWS in BGP.
https://knowledgebase.megaport.com/cloud-connectivity/aws-cloud/



Even looking at AWS doco it says you can not
https://aws.amazon.com/directconnect/faqs/.



Unless you want to run GRE or something over this but i am not certain why
you would.



On Tue, Feb 12, 2019 at 11:53 AM Nathan Brookfield <
nathan.brookfi...@simtronic.com.au> wrote:

100% possible :)

Nathan Brookfield
Chief Executive Officer

Simtronic Technologies Pty Ltd
http://www.simtronic.com.au

On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:

Hi *

 Just wondering if the following scenario is supported for EC2 instances
with AWS.

 Over megaport, I'd like to use a VXC (Or Direct Connect) - On that
interface on my router, I put x.x.x.1/24, then on my EC2 instances I'd want
to put x.x.x.2-254/24 directly on my compute instances, so those EC2
instances basically become a part of my broadcast domain over the VLAN on
Megaport, and I can control data in/out of those instances.

 I'm fairly fresh to AWS so not entirely sure the correct way to go about
it through the route tables, VPCs etc - is what I'm asking for relatively
easy and possible?

Thanks,
Joe
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog




-- 

Global Interconnection Director

Megaport
<https://t.sidekickopen05.com/s2t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJN7t5XZsd7g2vW6442zv2BF-FPW7fRL1x56dRC4d5gLDT02?t=https%3A%2F%2Fwww.megaport.com=5046652182331392=d3a34192-868e-43b4-bca6-3b3

Re: [AusNOG] AWS With Megaport

2019-02-12 Thread Tim Raphael 
That’s still routed and not bridged over the DC. It’s all layer 3 over DCs 
unless (as mentioned) you use an L2 tunnelling method onto a compute VM.

- Tim

> On 12 Feb 2019, at 19:01, Andras Toth  wrote:
> 
> I'm not sure if the Megaport Direct Connect is any different to a regular AWS 
> Direct Connect, but a friend of mine has successfully used a regular AWS 
> Direct Connect that they extended into their EC2 VPC and assigned IP 
> addresses to their instances from their own /28 range.
> 
> The subnet has a Route Table that would say send everything to the DX VGW to 
> make this work.
> 
> The only caveat was the .1 and .2 addresses cannot be used because that's the 
> AWS Default Gateway and DNS, etc.
> 
> Andras
> 
> 
>> On Tue, Feb 12, 2019 at 1:30 PM Steve Tu  wrote:
>> Hi Joseph,
>> 
>> Thank your for your enquiry.
>> 
>> As Simon Thomason pointed out, AWS Direct Connect - Private Virtual 
>> Interface is mainly for connecting two private networks together by 
>> exchanging routes via BGP.
>> 
>> In your scenario of extending your on-premises network into the native AWS 
>> VPC so they are on the same broadcast domain, this is not a supported 
>> scenario. Also on AWS VPC route table, the destination via next-hop/default 
>> gateway will need to be an AWS component i.e. Virtual Private Gateway or 
>> Internet Gateway etc. and not something outside of AWS.
>> 
>> https://aws.amazon.com/vpc/faqs/
>> Please also check the Topology section of the FAQ
>> 
>> There are options such as VMware on AWS and creating a L2VPN over Direct 
>> Connect, that may suits your requirements.
>> 
>> I hope this answers your question, and if you have any further questions, 
>> please do not hesitate to contact me,
>> SteveTu
>> Solutions Architect APAC
>> 
>> Phone: +61 430 965 798
>> 
>> 
>>  
>> 
>> 
>> 
>> This message is intended for the addressee named and may contain 
>> confidential information. If you are not the intended recipient please 
>> delete it and notify the sender.
>> 
>> 
>> 
>>> On Tue, Feb 12, 2019 at 12:12 PM Gavin Tweedie  
>>> wrote:
>>> I'm not our cloud wizard so let me throw on a technical solutions guy or 
>>> two on this thread to bring it to their attention!
>>> 
>>> Gav
>>> 
 On Tue, 12 Feb 2019 at 10:08, simon thomason  wrote:
 I would be interested to know how you do this also.
 
 My understanding is that over MP you need to peer with AWS in BGP. 
 https://knowledgebase.megaport.com/cloud-connectivity/aws-cloud/ 
 
 Even looking at AWS doco it says you can not 
 https://aws.amazon.com/directconnect/faqs/.
 
 Unless you want to run GRE or something over this but i am not certain why 
 you would. 
 
> On Tue, Feb 12, 2019 at 11:53 AM Nathan Brookfield 
>  wrote:
> 100% possible :)
> 
> Nathan Brookfield
> Chief Executive Officer
> 
> Simtronic Technologies Pty Ltd
> http://www.simtronic.com.au
> 
> On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:
> 
> Hi *
> 
>  Just wondering if the following scenario is supported for EC2 instances 
> with AWS.
> 
>  Over megaport, I'd like to use a VXC (Or Direct Connect) - On that 
> interface on my router, I put x.x.x.1/24, then on my EC2 instances I'd 
> want to put x.x.x.2-254/24 directly on my compute instances, so those EC2 
> instances basically become a part of my broadcast domain over the VLAN on 
> Megaport, and I can control data in/out of those instances.
> 
>  I'm fairly fresh to AWS so not entirely sure the correct way to go about 
> it through the route tables, VPCs etc - is what I'm asking for relatively 
> easy and possible?
> 
> Thanks,
> Joe
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
 ___
 AusNOG mailing list
 AusNOG@lists.ausnog.net
 http://lists.ausnog.net/mailman/listinfo/ausnog
>>> 
>>> 
>>> -- 
>>> Global Interconnection Director
>>> Megaport
>>> +61 498 498 458
>> ___
>> AusNOG mailing list
>> AusNOG@lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] AWS With Megaport

2019-02-12 Thread Andras Toth 
I'm not sure if the Megaport Direct Connect is any different to a regular
AWS Direct Connect, but a friend of mine has successfully used a regular
AWS Direct Connect that they extended into their EC2 VPC and assigned IP
addresses to their instances from their own /28 range.

The subnet has a Route Table that would say send everything to the DX VGW
to make this work.

The only caveat was the .1 and .2 addresses cannot be used because that's
the AWS Default Gateway and DNS, etc.

Andras


On Tue, Feb 12, 2019 at 1:30 PM Steve Tu  wrote:

> Hi Joseph,
>
> Thank your for your enquiry.
>
> As Simon Thomason pointed out, AWS Direct Connect - Private Virtual
> Interface is mainly for connecting two private networks together by
> exchanging routes via BGP.
>
> In your scenario of extending your on-premises network into the native AWS
> VPC so they are on the same broadcast domain, this is not a supported
> scenario. Also on AWS VPC route table, the destination via next-hop/default
> gateway will need to be an AWS component i.e. Virtual Private Gateway or
> Internet Gateway etc. and not something outside of AWS.
>
> https://aws.amazon.com/vpc/faqs/
> Please also check the Topology section of the FAQ
>
> There are options such as VMware on AWS and creating a L2VPN over Direct
> Connect, that may suits your requirements.
>
> I hope this answers your question, and if you have any further
> questions, please do not hesitate to contact me,
>
> *SteveTu*
> *Solutions Architect APAC*
>
> Phone: +61 430 965 798
> [image: Connect on LinkedIn] 
>
>
>
> [image: Visit Megaport.com] 
>
> This message is intended for the addressee named and may contain
> confidential information. If you are not the intended recipient please
> delete it and notify the sender.
>
>
> On Tue, Feb 12, 2019 at 12:12 PM Gavin Tweedie 
> wrote:
>
>> I'm not our cloud wizard so let me throw on a technical solutions guy or
>> two on this thread to bring it to their attention!
>>
>> Gav
>>
>> On Tue, 12 Feb 2019 at 10:08, simon thomason  wrote:
>>
>>> I would be interested to know how you do this also.
>>>
>>> My understanding is that over MP you need to peer with AWS in BGP.
>>> https://knowledgebase.megaport.com/cloud-connectivity/aws-cloud/
>>>
>>> Even looking at AWS doco it says you can not
>>> https://aws.amazon.com/directconnect/faqs/.
>>>
>>> Unless you want to run GRE or something over this but i am not certain
>>> why you would.
>>>
>>> On Tue, Feb 12, 2019 at 11:53 AM Nathan Brookfield <
>>> nathan.brookfi...@simtronic.com.au> wrote:
>>>
 100% possible :)

 Nathan Brookfield
 Chief Executive Officer

 Simtronic Technologies Pty Ltd
 http://www.simtronic.com.au

 On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:

 Hi *

  Just wondering if the following scenario is supported for EC2
 instances with AWS.

  Over megaport, I'd like to use a VXC (Or Direct Connect) - On that
 interface on my router, I put x.x.x.1/24, then on my EC2 instances I'd want
 to put x.x.x.2-254/24 directly on my compute instances, so those EC2
 instances basically become a part of my broadcast domain over the VLAN on
 Megaport, and I can control data in/out of those instances.

  I'm fairly fresh to AWS so not entirely sure the correct way to go
 about it through the route tables, VPCs etc - is what I'm asking for
 relatively easy and possible?

 Thanks,
 Joe
 ___
 AusNOG mailing list
 AusNOG@lists.ausnog.net
 http://lists.ausnog.net/mailman/listinfo/ausnog
 ___
 AusNOG mailing list
 AusNOG@lists.ausnog.net
 http://lists.ausnog.net/mailman/listinfo/ausnog

>>> ___
>>> AusNOG mailing list
>>> AusNOG@lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>
>>
>> --
>> Global Interconnection Director
>> Megaport 
>> +61 498 498 458
>>
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] AWS With Megaport

2019-02-11 Thread Steve Tu 
Hi Joseph,

Thank your for your enquiry.

As Simon Thomason pointed out, AWS Direct Connect - Private Virtual
Interface is mainly for connecting two private networks together by
exchanging routes via BGP.

In your scenario of extending your on-premises network into the native AWS
VPC so they are on the same broadcast domain, this is not a supported
scenario. Also on AWS VPC route table, the destination via next-hop/default
gateway will need to be an AWS component i.e. Virtual Private Gateway or
Internet Gateway etc. and not something outside of AWS.

https://aws.amazon.com/vpc/faqs/
Please also check the Topology section of the FAQ

There are options such as VMware on AWS and creating a L2VPN over Direct
Connect, that may suits your requirements.

I hope this answers your question, and if you have any further
questions, please do not hesitate to contact me,

*SteveTu*
*Solutions Architect APAC*

Phone: +61 430 965 798
[image: Connect on LinkedIn] 



[image: Visit Megaport.com] 

This message is intended for the addressee named and may contain
confidential information. If you are not the intended recipient please
delete it and notify the sender.


On Tue, Feb 12, 2019 at 12:12 PM Gavin Tweedie 
wrote:

> I'm not our cloud wizard so let me throw on a technical solutions guy or
> two on this thread to bring it to their attention!
>
> Gav
>
> On Tue, 12 Feb 2019 at 10:08, simon thomason  wrote:
>
>> I would be interested to know how you do this also.
>>
>> My understanding is that over MP you need to peer with AWS in BGP.
>> https://knowledgebase.megaport.com/cloud-connectivity/aws-cloud/
>>
>> Even looking at AWS doco it says you can not
>> https://aws.amazon.com/directconnect/faqs/.
>>
>> Unless you want to run GRE or something over this but i am not certain
>> why you would.
>>
>> On Tue, Feb 12, 2019 at 11:53 AM Nathan Brookfield <
>> nathan.brookfi...@simtronic.com.au> wrote:
>>
>>> 100% possible :)
>>>
>>> Nathan Brookfield
>>> Chief Executive Officer
>>>
>>> Simtronic Technologies Pty Ltd
>>> http://www.simtronic.com.au
>>>
>>> On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:
>>>
>>> Hi *
>>>
>>>  Just wondering if the following scenario is supported for EC2 instances
>>> with AWS.
>>>
>>>  Over megaport, I'd like to use a VXC (Or Direct Connect) - On that
>>> interface on my router, I put x.x.x.1/24, then on my EC2 instances I'd want
>>> to put x.x.x.2-254/24 directly on my compute instances, so those EC2
>>> instances basically become a part of my broadcast domain over the VLAN on
>>> Megaport, and I can control data in/out of those instances.
>>>
>>>  I'm fairly fresh to AWS so not entirely sure the correct way to go
>>> about it through the route tables, VPCs etc - is what I'm asking for
>>> relatively easy and possible?
>>>
>>> Thanks,
>>> Joe
>>> ___
>>> AusNOG mailing list
>>> AusNOG@lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>> ___
>>> AusNOG mailing list
>>> AusNOG@lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>> ___
>> AusNOG mailing list
>> AusNOG@lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>
>
> --
> Global Interconnection Director
> Megaport 
> +61 498 498 458
>
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] AWS With Megaport

2019-02-11 Thread Gavin Tweedie 
I'm not our cloud wizard so let me throw on a technical solutions guy or
two on this thread to bring it to their attention!

Gav

On Tue, 12 Feb 2019 at 10:08, simon thomason  wrote:

> I would be interested to know how you do this also.
>
> My understanding is that over MP you need to peer with AWS in BGP.
> https://knowledgebase.megaport.com/cloud-connectivity/aws-cloud/
>
> Even looking at AWS doco it says you can not
> https://aws.amazon.com/directconnect/faqs/.
>
> Unless you want to run GRE or something over this but i am not certain why
> you would.
>
> On Tue, Feb 12, 2019 at 11:53 AM Nathan Brookfield <
> nathan.brookfi...@simtronic.com.au> wrote:
>
>> 100% possible :)
>>
>> Nathan Brookfield
>> Chief Executive Officer
>>
>> Simtronic Technologies Pty Ltd
>> http://www.simtronic.com.au
>>
>> On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:
>>
>> Hi *
>>
>>  Just wondering if the following scenario is supported for EC2 instances
>> with AWS.
>>
>>  Over megaport, I'd like to use a VXC (Or Direct Connect) - On that
>> interface on my router, I put x.x.x.1/24, then on my EC2 instances I'd want
>> to put x.x.x.2-254/24 directly on my compute instances, so those EC2
>> instances basically become a part of my broadcast domain over the VLAN on
>> Megaport, and I can control data in/out of those instances.
>>
>>  I'm fairly fresh to AWS so not entirely sure the correct way to go about
>> it through the route tables, VPCs etc - is what I'm asking for relatively
>> easy and possible?
>>
>> Thanks,
>> Joe
>> ___
>> AusNOG mailing list
>> AusNOG@lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>> ___
>> AusNOG mailing list
>> AusNOG@lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>


-- 
Global Interconnection Director
Megaport 
+61 498 498 458
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] AWS With Megaport

2019-02-11 Thread simon thomason 
I would be interested to know how you do this also.

My understanding is that over MP you need to peer with AWS in BGP.
https://knowledgebase.megaport.com/cloud-connectivity/aws-cloud/

Even looking at AWS doco it says you can not
https://aws.amazon.com/directconnect/faqs/.

Unless you want to run GRE or something over this but i am not certain why
you would.

On Tue, Feb 12, 2019 at 11:53 AM Nathan Brookfield <
nathan.brookfi...@simtronic.com.au> wrote:

> 100% possible :)
>
> Nathan Brookfield
> Chief Executive Officer
>
> Simtronic Technologies Pty Ltd
> http://www.simtronic.com.au
>
> On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:
>
> Hi *
>
>  Just wondering if the following scenario is supported for EC2 instances
> with AWS.
>
>  Over megaport, I'd like to use a VXC (Or Direct Connect) - On that
> interface on my router, I put x.x.x.1/24, then on my EC2 instances I'd want
> to put x.x.x.2-254/24 directly on my compute instances, so those EC2
> instances basically become a part of my broadcast domain over the VLAN on
> Megaport, and I can control data in/out of those instances.
>
>  I'm fairly fresh to AWS so not entirely sure the correct way to go about
> it through the route tables, VPCs etc - is what I'm asking for relatively
> easy and possible?
>
> Thanks,
> Joe
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] AWS With Megaport

2019-02-11 Thread Nathan Brookfield 
Sorry my understanding is you don’t get a broadcast domain but you can easily 
route it as such and have a routed /24 in place.

CONFIDENTIALITY & PRIVILEGE NOTICE

The information contained in this email and any attached files is strictly 
private and confidential. The intended recipient of this email may only use, 
reproduce, disclose or distribute the information contained in this email and 
any attached files with Simtronic Technologies Pty Ltd’s permission. If you are 
not the intended recipient, you are strictly prohibited from using, 
reproducing, adapting, disclosing or distributing the information contained in 
this email and any attached files or taking any action in reliance on it. If 
you have received this email in error, please email the sender by replying to 
this message, promptly delete and destroy any copies of this email and any 
attachments.

It is your responsibility to scan this communication and any files attached for 
computer viruses and other defects and recommend that you subject these to your 
virus checking procedures prior to use. Simtronic Technologies Pty Ltd does NOT 
accept liability for any loss or damage (whether direct, indirect, 
consequential, economic or other) however caused, whether by negligence or 
otherwise, which may result directly or indirectly from this communication or 
any files attached.

From: AusNOG  On Behalf Of Matthew VK3EVL
Sent: Tuesday, February 12, 2019 1:05 PM
To: ausnog@lists.ausnog.net
Subject: Re: [AusNOG] AWS With Megaport


Are you sure?

https://aws.amazon.com/directconnect/faqs/

Q. Can I extend one of my VLANs to the AWS Cloud using AWS Direct Connect?

No, VLANs are utilized in AWS Direct Connect only to separate traffic between 
virtual interfaces.



There may be creative ways to kind of achieve it but not out of the box... 
megaport itself can span a broadcast domain but AWS is the limiting factor here.

If you know of a way around this i'd be extremely interested to know.

Cheers
Matthew

On 12/02/2019 12:52, Nathan Brookfield wrote:

100% possible :)



Nathan Brookfield

Chief Executive Officer



Simtronic Technologies Pty Ltd

http://www.simtronic.com.au



On 12 Feb 2019, at 12:40, Joseph Goldman 
<mailto:j...@apcs.com.au> wrote:



Hi *



 Just wondering if the following scenario is supported for EC2 instances with 
AWS.



 Over megaport, I'd like to use a VXC (Or Direct Connect) - On that interface 
on my router, I put x.x.x.1/24, then on my EC2 instances I'd want to put 
x.x.x.2-254/24 directly on my compute instances, so those EC2 instances 
basically become a part of my broadcast domain over the VLAN on Megaport, and I 
can control data in/out of those instances.



 I'm fairly fresh to AWS so not entirely sure the correct way to go about it 
through the route tables, VPCs etc - is what I'm asking for relatively easy and 
possible?



Thanks,

Joe

___

AusNOG mailing list

AusNOG@lists.ausnog.net<mailto:AusNOG@lists.ausnog.net>

http://lists.ausnog.net/mailman/listinfo/ausnog

___

AusNOG mailing list

AusNOG@lists.ausnog.net<mailto:AusNOG@lists.ausnog.net>

http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] AWS With Megaport

2019-02-11 Thread Matthew VK3EVL 

Are you sure?

https://aws.amazon.com/directconnect/faqs/

*Q. Can I extend one of my VLANs to the AWS Cloud using AWS Direct 
Connect?*


No, VLANs are utilized in AWS Direct Connect only to separate traffic 
between virtual interfaces.



There may be creative ways to kind of achieve it but not out of the 
box... megaport itself can span a broadcast domain but AWS is the 
limiting factor here.


If you know of a way around this i'd be extremely interested to know.

Cheers
Matthew

On 12/02/2019 12:52, Nathan Brookfield wrote:


100% possible :)

Nathan Brookfield
Chief Executive Officer

Simtronic Technologies Pty Ltd
http://www.simtronic.com.au

On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:

Hi *

  Just wondering if the following scenario is supported for EC2 instances with 
AWS.

  Over megaport, I'd like to use a VXC (Or Direct Connect) - On that interface 
on my router, I put x.x.x.1/24, then on my EC2 instances I'd want to put 
x.x.x.2-254/24 directly on my compute instances, so those EC2 instances 
basically become a part of my broadcast domain over the VLAN on Megaport, and I 
can control data in/out of those instances.

  I'm fairly fresh to AWS so not entirely sure the correct way to go about it 
through the route tables, VPCs etc - is what I'm asking for relatively easy and 
possible?

Thanks,
Joe
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] AWS With Megaport

2019-02-11 Thread Nathan Brookfield 
100% possible :)

Nathan Brookfield
Chief Executive Officer

Simtronic Technologies Pty Ltd
http://www.simtronic.com.au

On 12 Feb 2019, at 12:40, Joseph Goldman  wrote:

Hi *

 Just wondering if the following scenario is supported for EC2 instances with 
AWS.

 Over megaport, I'd like to use a VXC (Or Direct Connect) - On that interface 
on my router, I put x.x.x.1/24, then on my EC2 instances I'd want to put 
x.x.x.2-254/24 directly on my compute instances, so those EC2 instances 
basically become a part of my broadcast domain over the VLAN on Megaport, and I 
can control data in/out of those instances.

 I'm fairly fresh to AWS so not entirely sure the correct way to go about it 
through the route tables, VPCs etc - is what I'm asking for relatively easy and 
possible?

Thanks,
Joe
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog