Task Statement 2.1: Implement routing and connectivity between on-premises
networks and the AWS Cloud.
📘AWS Certified Advanced Networking – Specialty
1. What is a Routing Protocol?
A routing protocol is a method used by network devices (like routers) to decide:
- Where to send data
- Which path is best
- How to reach another network
In AWS hybrid networking (on-premises + AWS), routing protocols are essential to ensure:
- Communication between data centers and AWS VPCs
- Automatic updates when network changes occur
- High availability and failover
2. Types of Routing Protocols
There are two main types you must understand for the exam:
A. Static Routing
B. Dynamic Routing
3. Static Routing
3.1 What is Static Routing?
Static routing means:
- Routes are manually configured
- They do not change automatically
- The administrator defines the path
3.2 How Static Routing Works in AWS
In AWS hybrid setups, static routes are used in:
- Site-to-Site VPN connections
- Route tables in VPCs
- Virtual Private Gateway (VGW) or Transit Gateway (TGW)
Example (IT-based scenario):
- An on-premises network (192.168.1.0/24)
- AWS VPC (10.0.0.0/16)
- You manually configure routes on both sides
3.3 Where You Configure Static Routes
- VPC Route Tables
- Customer Gateway (on-prem router)
- Virtual Private Gateway
- Transit Gateway Route Tables
3.4 Advantages of Static Routing
- Simple to understand and configure
- Predictable behavior
- No protocol overhead
- Good for small or stable networks
3.5 Disadvantages of Static Routing
- No automatic updates
- No failover unless manually configured
- Hard to manage at scale
- Not suitable for large environments
3.6 When to Use Static Routing (Exam Focus)
Use static routing when:
- Network is small and simple
- There are few routes
- No need for automatic failover
- Used in basic VPN connections
4. Dynamic Routing
4.1 What is Dynamic Routing?
Dynamic routing means:
- Routes are learned automatically
- Routers exchange information
- Network adapts to changes
4.2 Key Dynamic Routing Protocol Used in AWS
The main protocol used in AWS is:
BGP (Border Gateway Protocol)
4.3 What is BGP?
BGP is a path-vector routing protocol used to:
- Exchange routing information between networks
- Automatically update routes
- Support failover
4.4 Where BGP is Used in AWS
BGP is used in:
1. Site-to-Site VPN (Dynamic VPN)
- AWS VPN supports BGP for dynamic routing
2. AWS Direct Connect
- Uses BGP to exchange routes between:
- On-premises network
- AWS
3. Transit Gateway
- Supports BGP for hybrid connectivity
4.5 How BGP Works (Simple Explanation)
- AWS and on-prem router establish a BGP session
- They exchange:
- Network prefixes (CIDR ranges)
- Each side builds a routing table
- If a route fails:
- BGP automatically chooses another path
4.6 Important BGP Concepts for Exam
a. ASN (Autonomous System Number)
- Each network has an ASN
- AWS uses:
- Default ASN (e.g., 64512)
- Or custom ASN
b. Route Advertisement
- Networks share their IP ranges
- Example:
- On-prem advertises: 192.168.0.0/16
- AWS advertises: 10.0.0.0/16
c. Path Selection
BGP selects the best route based on:
- AS path length
- Route priority
- Attributes (local preference, MED)
d. Failover
- If one tunnel goes down:
- BGP reroutes traffic automatically
4.7 Advantages of Dynamic Routing
- Automatic route updates
- Built-in failover
- Scalable for large networks
- Less manual configuration
4.8 Disadvantages of Dynamic Routing
- More complex
- Requires BGP configuration
- Slight overhead due to routing updates
4.9 When to Use Dynamic Routing (Exam Focus)
Use dynamic routing when:
- Network is large or growing
- High availability is required
- Multiple paths exist
- Using Direct Connect or advanced VPN
5. Static vs Dynamic Routing (Important Comparison)
| Feature | Static Routing | Dynamic Routing (BGP) |
|---|---|---|
| Configuration | Manual | Automatic |
| Scalability | Low | High |
| Failover | Manual | Automatic |
| Complexity | Simple | Complex |
| Best for | Small networks | Large / hybrid environments |
| AWS Use Case | Basic VPN | Direct Connect, advanced VPN |
6. AWS Hybrid Connectivity and Routing
6.1 Site-to-Site VPN
Two types:
Static VPN
- Uses static routes
- Manual configuration
- No automatic failover
Dynamic VPN
- Uses BGP
- Automatic route exchange
- Supports failover
6.2 AWS Direct Connect
- Always uses BGP
- Provides:
- Private connectivity
- Dynamic route updates
6.3 Transit Gateway
- Central hub for multiple VPCs and on-prem networks
- Supports:
- Static routes
- Dynamic routing via BGP
7. Important Exam Scenarios
You must be able to choose the correct routing type:
Scenario 1
- Small network
- Few routes
- No failover required
✅ Answer: Static Routing
Scenario 2
- Need automatic failover
- Multiple VPN tunnels
✅ Answer: Dynamic Routing (BGP)
Scenario 3
- Using Direct Connect
✅ Answer: BGP (Dynamic Routing)
Scenario 4
- Large enterprise network
✅ Answer: Dynamic Routing
Scenario 5
- Simple backup connection
✅ Answer: Static Routing
8. Key Exam Tips
- BGP is the only dynamic routing protocol used in AWS
- Static routing is:
- Simple but not scalable
- Dynamic routing is:
- Required for high availability
- Direct Connect always uses BGP
- VPN can use static or dynamic routing
- Know the difference between:
- Manual vs automatic routing
9. Quick Summary
- Routing protocols decide how traffic moves between networks
- Static routing
- Manual, simple, no failover
- Dynamic routing (BGP)
- Automatic, scalable, supports failover
- AWS uses BGP for:
- VPN (dynamic)
- Direct Connect
- Hybrid architectures
