Hello All,
I have question about Connected Transit with this topology.
Is it possible for VPC B & C to communicate with each other ?
I follow https://docs.aviatrix.com/HowTos/transitvpc_workflow.html
https://docs.aviatrix.com/HowTos/transit_advanced.html#connected-transit
not successful yet, appreciate your help.
Thank you.
Best answer by Spence_N
Estint Each VPC Route table will have a 10.0.0.0/8 inserted by the AVX Controller pointing at the Spoke Gateway of the VPC. The spoke gateways have a route to each local subnet VPC with a destination of the VPC default gateway.
So traffic from VPC B headed for VPC C will start by using the 10.0.0.0/8 route in the vpc route table with a destination of the Spoke B Gateway. The Spoke B Gateway then has a route for VPC C, with a destination of the vpn tunnel interface of the transit gateway. The transit gateway has a route to VPC C with a destination of the spoke C vpn tunnel. The Spoke Gateway in VPC C, receives the traffic and has a local gateway route to the VPC and drops the traffic off at the VPC C default gateway. Which is then locally routed by the default gateway.
Make sense? If not I could do a zoom session or something and walk through it with you next week.
+1Hi Estint, from first glance I would say this should work. How are you testing this and what troubleshooting steps did you take?
Hi Dennis,
Thanks for your help.
I'm not yet testing the connection, because i'm not see prefix 10.21.0.0/16 on VPC B route tables
and prefix 10.24.0.0/16 on VPC C route tables.
Thank you.
Hello! Yes, enabling connected transit is a requirement for spoke gateways to talk to each other. You will see the route tables populate after enabling that feature.
Estint The routes won’t show up in the VPC route tables. They will be in the Spoke Gateway route table.
Hi Spence,
How they can reach each other if no route in there ?
I already try put static route on both side and still can't too.
And I already open security group on both side too.
Estint Each VPC Route table will have a 10.0.0.0/8 inserted by the AVX Controller pointing at the Spoke Gateway of the VPC. The spoke gateways have a route to each local subnet VPC with a destination of the VPC default gateway.
So traffic from VPC B headed for VPC C will start by using the 10.0.0.0/8 route in the vpc route table with a destination of the Spoke B Gateway. The Spoke B Gateway then has a route for VPC C, with a destination of the vpn tunnel interface of the transit gateway. The transit gateway has a route to VPC C with a destination of the spoke C vpn tunnel. The Spoke Gateway in VPC C, receives the traffic and has a local gateway route to the VPC and drops the traffic off at the VPC C default gateway. Which is then locally routed by the default gateway.
Make sense? If not I could do a zoom session or something and walk through it with you next week.
+3Hi Estint,
I would recommend using Flightpath on the Controller to troubleshoot connectivity between endpoints in both VPC's. This will quickly indicate which point(s) are preventing end-to-end communication.
Best regards,
Mark
Hi All,
Sorry just back from on leave.
Problem solved.
Thanks all for your help.
Appreciate all your help.
Thank you.
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
