Task Statement 3.1: Maintain routing and connectivity on AWS and hybrid networks.
📘AWS Certified Advanced Networking – Specialty
In AWS, hybrid networks connect on-premises data centers to AWS cloud environments. Maintaining proper routing and connectivity is crucial so that resources in AWS can communicate with on-premises systems and vice versa.
1. What Are Routing Protocols?
- Routing protocols are rules or methods that network devices use to share information about network paths.
- They determine the best path for data to travel across networks.
- In hybrid networks, routing protocols ensure that AWS and on-premises networks see each other’s routes correctly.
2. Industry-Standard Routing Protocols in AWS Hybrid Networks
The most important routing protocols you need to know for AWS hybrid networks are:
a) BGP (Border Gateway Protocol)
- Type: Exterior Gateway Protocol (EGP)
- Purpose: BGP connects different networks together. In AWS, this means connecting your on-premises network to your AWS VPCs.
- Usage in AWS:
- Commonly used over AWS Direct Connect or VPN connections.
- It allows dynamic routing, meaning routes are automatically shared and updated between AWS and on-premises.
- Helps with high availability and redundancy, because BGP can choose alternative paths if one fails.
How BGP Works in AWS Hybrid Networks
- You have a Direct Connect link from your on-premises network to AWS.
- On your AWS side, you create a Virtual Private Gateway (VGW).
- BGP sessions are established between your on-premises router and the VGW.
- Routes (IP prefixes) are exchanged automatically. Example:
- On-premises:
10.0.0.0/16 - AWS VPC:
172.31.0.0/16
- On-premises:
- BGP ensures that traffic destined for AWS knows the best path via Direct Connect.
Exam Tip: Know the Autonomous System Number (ASN) concept. BGP uses ASNs to identify networks:
- On-premises network has an ASN (private or public)
- AWS VGW also has an ASN (default is 64512, but can be customized)
- BGP uses ASNs to prevent routing loops.
b) Static Routing (optional but useful)
- Type: Manual routing
- Routes are manually added rather than exchanged dynamically.
- Useful for VPN connections or when BGP is not required.
- Limitation: If the network changes, you must update routes manually. This makes it less flexible than BGP.
c) OSPF (Open Shortest Path First) and EIGRP
- These are internal routing protocols (Interior Gateway Protocols or IGPs) used inside an enterprise network.
- AWS does not natively support OSPF or EIGRP on the VPC side.
- They are mostly used inside on-premises networks and can connect to AWS using BGP as a bridge.
- Key idea: OSPF/EIGRP manage internal paths, BGP manages paths between networks.
3. Why BGP is Preferred for AWS Hybrid Networks
| Feature | BGP | Static Routing |
|---|---|---|
| Automation | ✅ Dynamically learns routes | ❌ Manual updates needed |
| Scalability | ✅ Supports large networks | ❌ Hard to scale |
| Redundancy | ✅ Can reroute traffic automatically | ❌ Manual intervention required |
| AWS Support | ✅ Fully supported with Direct Connect & VPN | ✅ Only for simple connections |
4. AWS Services Supporting Hybrid Routing
- AWS Direct Connect
- Dedicated connection between on-premises and AWS
- Supports BGP dynamic routing
- Allows private VIF for VPC connectivity
- AWS VPN
- Encrypted connection over the Internet
- Supports BGP dynamic routing or static routing
- Often used as a backup for Direct Connect
- Virtual Private Gateway (VGW)
- AWS side of a hybrid network connection
- Works with BGP to exchange routes dynamically
- Transit Gateway
- Connects multiple VPCs and on-premises networks
- Supports BGP with multiple Direct Connect or VPN connections
5. Key BGP Concepts for the Exam
- Autonomous System (AS): Unique number identifying a network. AWS default AS = 64512.
- BGP Peering: Establishing a session between AWS and on-premises router to exchange routes.
- Prefixes: IP ranges exchanged via BGP (example:
10.0.0.0/16). - Route Propagation: VGW or Transit Gateway automatically shares routes to VPC route tables.
- Failover: BGP automatically chooses a backup path if the main path fails.
Exam Tip: Understand BGP path selection criteria, such as:
- Highest weight (on-premises specific)
- Shortest AS path
- Lowest origin type
- Lowest MED (Multi-Exit Discriminator)
- eBGP over iBGP
6. Example Scenario in IT Terms
- You have Data Center A with
10.0.0.0/16and AWS VPC with172.31.0.0/16. - You establish Direct Connect.
- Configure BGP session between Data Center Router and AWS VGW.
- Data Center learns AWS routes automatically.
- AWS learns on-premises routes automatically.
- If Direct Connect fails, traffic can reroute via VPN, ensuring connectivity continuity.
7. Summary for Exam
- BGP is the standard routing protocol for AWS hybrid networks.
- Dynamic routing is preferred over static routing for scalability and redundancy.
- Key AWS services: Direct Connect, VPN, VGW, Transit Gateway.
- Understand ASNs, BGP peering, prefixes, and failover.
- Know the difference between internal protocols (OSPF/EIGRP) and external protocols (BGP).
✅ Quick Exam Tips:
- Always assume BGP is used for hybrid networks unless static routing is explicitly mentioned.
- Direct Connect + BGP is high bandwidth, low latency, and reliable.
- Static routing can be used for simple VPN setups, but BGP handles complex networks better.
