Troubleshoot BGP Issues Over VPN
To troubleshoot BGP connection issues over VPN, check the following:
Check the underlying VPN connection
For BGP-based VPN connections, the BGP session can only be established if the VPN tunnel is up. If the VPN tunnel is down or flapping, you will experience issues with establishing the BGP session. Verify that the VPN is up and stable. If the VPN is not coming up or it is not stable, see the following:
Check the BGP configuration on your customer gateway device
- The IP addresses of the local and remote BGP peers must be configured with the downloaded VPN configuration file from the VPC console.
- The local and remote BGP Autonomous System Numbers (ASN) must be configured with the downloaded VPN configuration file from the VPC console.
- If the configuration settings are correct, ping the remote BGP peer IP from your local BGP peer IP to verify the connectivity between the BGP peers.
- Be sure that the BGP peers are directly connected to each other. External BGP (EBGP) multi-hop is disabled on AWS.
Note: If your BGP session is flapping between active and connect states, verify that TCP port 179 and other relevant ephemeral ports are not blocked.
Debugs and packet captures
If the BGP configuration on the customer gateway is verified and the pings between the BGP peer IPs are working, collect this information from the customer gateway device for further analysis:
- BGP and TCP debugs
- BGP logs
- Packet captures for traffic between the BGP peer IPs
Check if the BGP session is going from established to idle states
- For VPN, if you see the BGP session going from established to idle state, verify the number of routes that you are advertising over the BGP session. You can advertise up to 100 routes over the BGP session. If the number of routes advertised over the BGP session is more than 100, the BGP session will go to the idle state.
- If you have more than 100 networks in your on-premises network, you can advertise a default route over the BGP session to AWS.
- You can summarize the routes so that the number of advertised routes is less than 100.
相關推薦
Troubleshoot BGP Issues Over VPN
To troubleshoot BGP connection issues over VPN, check the following: Check the underlying VPN connection For BGP-based VP
Troubleshoot BGP Issues Over Direct Connect
If your BGP session doesn't come up, check the following: Check the Direct Connect link status To bring up the BGP sess
Guidelines for Function Compute Development - Troubleshoot Timeout Issues
Endless codes and endless bugs When you write code, you may inadvertently introduce some hidden bugs, even if you test a large proportion of the codes to
Troubleshoot Access Issues for Websites that Use Route 53 DNS Services
Check the website's public hosted zone resource records sets Important: At a minimum, the public hosted zone must contai
Resolve a Private Hosted Zone over VPN with Directory Service
Route 53 private hosted zone name servers respond only to queries from AWS DNS servers. To directly resolve private zones from your on-premises
Troubleshoot Network Issues Between a VPC and On
Install the following tools to help troubleshoot and test your network: MTR to check for ICMP or TCP packet loss and la
Troubleshoot VPN Low Bandwidth Issues
Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So
Troubleshoot VPN Tunnel Inactivity or Instability Issues
For VPN tunnels failing due to DPD, verify that the customer gateway device responds to DPD messages (that is, UDP 500 and UDP 4500 packets) fr
BGP MPLS-VPN 實驗實際配置中的細節點
1.關於SW1中的交換機配置思路:鏈路介面不配IP,需要SVI介面配IP以橋接VLAN之間不可路由的協議,以及提供IP主機到交換機的連線的時候。SVI100介面雙up需要鏈路為trunk或者為access,以及需要存在vlan 100方可達到雙up。 2
Use EC2Rescue to Troubleshoot EC2 Windows Issues
EC2Rescue for EC2 Windows is a convenient, straightforward, GUI-based troubleshooting tool that can be run on your Amazon EC2 Windows Server in
Troubleshoot Issues with CloudHSM Classic using Logs
Collect syslogs from your CloudHSM appliance The HSM appliance generates logs that can be exported via syslog. Syslogs can be used t
Troubleshoot Issues Connecting to S3 from VPC Endpoints
You might experience connectivity issues with your gateway VPC endpoint due to network access or security rules that allow the connection to Am
Troubleshoot SMTP Connectivity or Timeout Issues with Amazon SES
2. Note the output. 3. If the connection times out, check your local firewall rules, routes, and access control lists (ACLs).
Troubleshoot VPN Packet Loss
Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So
Troubleshoot Issues with VPC Route Tables
To identify the source of the issue, check the route tables of the subnets with the resources that are impacted. Public subnets
Troubleshoot Cluster Launch Issues after Amazon EMR Release Version Upgrade
<property> <name>javax.jdo.option.ConnectionURL</name> <value>jdbc:mysql://<HOSTNAME OF YOUR EXTERNAL METASTO
Troubleshoot Issues With Amazon VPC Interface Endpoints
Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So
Troubleshoot Issues Passing DHCP Parameters to Instances in a VPC
Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So
Troubleshoot VPN Tunnel Phase 1 (IKE) Failures
Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So
Troubleshoot Issues with CloudFront Caching Times
Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So