Creating a Virtual Connection with AWS Direct Connect

Creating a Virtual Connection with AWS Direct Connect

Creating a Virtual Connection with AWS Direct Connect

You can find additional resources on Product Documentation and Product Readiness.

Product Documentation – https://docs.equinix.com
Product Readiness – https://readiness.equinix.com


Content

15.3 -> Hey guys, it's Joey again from the technical  account management team. When we last left off,  
19.8 -> we'd wrapped up with creating virtual connections  to an Azure ExpressRoute from our Network Edge  
24 -> device, and we'd also looked at configuring  BGP. I wanted to take a slight detour here  
29.22 -> while we already have this nice Network  Edge device built and available to us,  
32.4 -> to look at AWS Direct Connect. Now this  isn't really going to be a deep dive into  
37.02 -> the differences between these two offerings, but  rather just a quick overview of the differences  
41.64 -> in virtual connection process--specifically as  it pertains to the Equinix side of the house.  
46.68 -> So if you'll recall earlier when we created  our Azure ExpressRoute virtual connections,  
51.06 -> the Fabric portal prompted us for the ExpressRoute  service key before it would let us go any further.  
56.46 -> Basically we needed to have had the ExpressRoute  built and ready to go before we're able to really  
61.08 -> get too far on the Equinix side. And so AWS,  on the other hand, can be thought of as working  
66.12 -> the other way around. We're actually going to  provision the virtual connection, or connections,  
70.44 -> we want from the Fabric portal to AWS, and  choose which metro we want them to land on,  
75.84 -> so to speak. And so from there we'll head over to  the AWS portal and work backwards. One of the main  
81.72 -> reasons I mention this is that the same principle  is going to apply to the de-provisioning of these  
86.16 -> types of connections as well. While Azure  won't let you delete the ExpressRoute with  
90.48 -> virtual connections still active, the Fabric  portal won't let us delete virtual connections  
94.44 -> to AWS without a little bit of cleanup on the AWS  side. So with that out of the way, let's go ahead  
100.26 -> and navigate to the Fabric portal once again  and we'll head over to ‘Virtual Connections.’
107.94 -> Which we should be pretty familiar with by now,  and I'm going to scroll down and look for AWS.  
113.04 -> There we go. Now one thing you might notice is  that while Azure's ExpressRoute SLA asks us to  
119.58 -> create redundant connections by default. Here  we have the option to choose between single  
123.72 -> or redundant ourselves. But since we're only  using one device on the A-side here anyway,  
127.86 -> I'm just going to opt for the single  connection for simplicity's sake.
133.68 -> So here we're going to have a little  foreshadowing of the steps I mentioned earlier,  
136.56 -> where you can see that the Fabric portal  is letting us know that the connection  
139.38 -> we're building here is going to land, so to  speak, in AWS for us to accept ourselves.
147.72 -> Next I'm going to go ahead and  find our Network Edge device,  
150.9 -> which if you remember was in the Chicago metro.
158.46 -> And you'll notice that the details for our  Z-side have updated a little bit. To kind  
162.48 -> of suggest that we have this Direct Connect  Object Land over here on what AWS refers to as  
166.98 -> “US-East-2,” as you can see. So I'll go ahead  and click that, and then I'll select ‘Next.’
176.52 -> Now we're going to be prompted to name this and  I'm just going to stick with the same sort of  
180.12 -> naming format that we've used so far. And I  want to make sure that I specify an interface  
185.76 -> that we're not using. In this case that's going  to be 5. And then we're going to be asked for  
192.36 -> this AWS account ID. So getting that is as easy  as heading over to the AWS portal and clicking  
199.62 -> up in the top right corner by your account. And  just copying that account ID to your clipboard.
211.02 -> So so far you can see a few differences here.  Again, not only are we initiating this process  
215.1 -> from the Equinix side of the house, but we're  also using this account-specific ID from AWS  
220.56 -> rather than an object-specific service key for a  specific ExpressRoute the way Azure does things.
228.96 -> I'm going to go ahead and select the lowest  bandwidth here. Again, this is simply for  
232.5 -> a demonstration, and click ‘Next.’ And then  ‘Submit.’ So with our connection provisioned,  
239.88 -> let's head over to the AWS portal here. And  now the first thing I want to do is verify  
244.32 -> that I'm looking at the region that corresponds  with where we wanted that Direct Connect object  
248.52 -> to sit. In this case that was “US-East-2.” And  it looks like we're good to go. Now in the same  
253.62 -> vein as the ExpressRoute portion of this series,  I've gone ahead and taken the liberty of creating  
257.76 -> most of the equivalent objects here in the AWS  portal. Which include the virtual private cloud,  
262.8 -> and the virtual private gateway attached  to it. And so with that established,  
266.52 -> we're going to look at Direct Connect--which can  again be thought of as the Amazon equivalent of  
270.66 -> the Azure ExpressRoute. So to do that, I'm going  to go ahead and click ‘Services,’ here. And I see  
276.18 -> this ‘Direct Connect,’ under my recently visited.  But if you don't you can simply query It up above.
283.26 -> And we're going to look for ‘Connections.’  And as you can see we have this one right  
287.82 -> here “Community_AWS,” and it's showing  as ordering, waiting for us to accept it.  
293.58 -> So let's do exactly that. I'm going to select  the checkbox here. View details and accept.
306.12 -> All right so it's been about a minute or two  now, and the state here has gone from showing  
310.02 -> “pending” to “available.” Which means now we  can go ahead and create our virtual interface.  
315.24 -> I'm going to leave this on ‘Private,’  and we're going to name this.  
319.02 -> You'll go with “Community Virtual Interface.”  And the connection is already selected.  
326.94 -> I'm going to select ‘Virtual Private Gateway,’  here under Gateway type, and select the virtual  
331.56 -> private Gateway that I built previously for this  demonstration. And this VLAN value here is already  
336.78 -> populated because we're viewing the direct connect  object when we went to go and create this virtual  
341.52 -> interface. But do note that if you create it  from the broader virtual interface section,  
345.54 -> this won't auto-populate. You'll just need to go  grab that value from the object itself. So here  
351.9 -> under BGP ASN, we're going to use our Equinix BGP  ASN. I'm going to expand for additional settings  
360.18 -> and I'm going to use a value of:
363.36 -> 172.16.3.1/30
370.08 -> And on this side, we'll have 172.16.3.2
375.78 -> So here we need to give this a passphrase, and  I'm just going to go with “Community,” here.  
382.26 -> This will be redeemed later within our  Network Edge device to bring up BGP.  
387.36 -> And all that's left to do now is hit ‘Create.’
393.96 -> So now we're going to head back to the Equinix  side of things. And if you've been following  
397.74 -> along, you'd know that the next thing that we  need to do is configure that fifth interface  
401.1 -> on our Network Edge device where that AWS  connection is sitting. So let's do exactly that.  
406.8 -> And I've already connected to the device. And  as you can see here, that fifth interface is  
411.12 -> down with no IP. So let's fix that first.  I'm going to go ahead and enter config mode,  
417.78 -> “interface gigabitethernet5.” Let's  get that IP address 172.16.3.1
435.9 -> And lastly, “no shut.” And  if that was done correctly…
445.86 -> We should see that up with the IP now. Perfect!  
449.7 -> All right so let's head back  into configuration mode.
455.22 -> And follow that by “router BGP 65100”  As the ASN for us here at Equinix.
464.28 -> So the first thing we need to do is that neighbor  statement of “neighbor 172.16.3.2 remote-as”
476.88 -> And this is going to be the AWS ASN of “64512.”
484.56 -> So next we're going to redeem that passphrase  we made in the AWS portal by typing “neighbor  
491.04 -> 172.16.3.2”
494.76 -> “Password,” and then the password  that we made, which is “Community.”  
500.88 -> And last, but not least, our Network  statement which is going to be:
505.26 -> “172.16.3.0 mask 255.255.255.252”
515.22 -> Awesome!
517.92 -> So we've added our neighbor statement  and our network statement, and we've  
521.16 -> authenticated our BGP connection here  on our device. So let's back out again.
527.58 -> And let's do a quick “sho ip bgp summary.” All  right so we've been up for a few minutes now.  
537.9 -> And if we look over here on the AWS portal  we're showing available as well, which is  
542.94 -> great. And so we've gone ahead and we've built  VCs, virtual connections, to AWS using Direct  
548.22 -> Connect and the Fabric portal. And we've shown how  to configure BGP. And the last thing I want to do  
553.62 -> is demonstrate how to go ahead and de-provision  this type of connection. So to show the sort of  
559.08 -> error that you might bump into when doing this the  wrong way, let's look at the virtual connection  
562.44 -> we made in the Fabric portal. I'm going to go  back to the portal, ‘Connections Inventory.’
570.42 -> And let's click on that  ‘Community_AWS’ connection.
575.76 -> And let's see what happens when  we click ‘Delete Connection.’
584.76 -> Now you'll see what happens here when I try  to delete that connection, is that I'm given  
588.12 -> a prompt that the virtual connection can't be  deleted until the virtual interface is deleted.  
592.74 -> So let's do exactly that. And we'll  head back over to the AWS portal,  
598.62 -> where we can simply delete this virtual interface.
607.32 -> Great so now with that fully deleted,  
609.12 -> we can now initiate the de-provisioning process  for the virtual connection on the Equinix side.
616.5 -> And shortly after that, we'll see that that  Direct Connect object we have will show deleting.
627.24 -> All right so let's head back over to  AWS and look for that. And there we are.  
632.64 -> And there you have it guys, we've covered  creating and deleting a virtual connection  
636.24 -> with AWS Direct Connect and some  basic Layer 3 configuration.  
640.68 -> I hope that this has been informative,  and I'll see you guys next time.

Source: https://www.youtube.com/watch?v=QRRmSvu-Ozs