<div dir="ltr"><div><br></div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div dir="ltr"><div><div>As Steve indirectly pointed out above, an AWS VPC is not a real layer 2 domain.. so there's nothing really to "extend into".</div></div><div><br></div><div>The best way to conceptualise a VPC at a layer 2 level (at least from a network engineer's perspective) is to imagine a full mesh of hosts, connected by overlay tunnels, where every host has (or can have) full knowledge of MAC-to-tunnel-endpoint mappings for every VPC member. It's also unicast-only.</div><div><br></div><div>Basically, the only way for a MAC to be "added" to a VPC is for it to be programmed onto each host.<br></div><div><br></div><div>It's not a completely accurate picture of how things actually work, but it serves well enough to explain why you can't just extend your own layer 2 domain onto a VPC and expect broadcasts and L2 learning to "just work".</div><div><br></div><div>Hope that helps..</div><div><br></div><div><br></div><div>Benoit</div></div></div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 12 Feb 2019 at 03:56, simon thomason <<a href="mailto:sapage@sapage.net">sapage@sapage.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">Friends don't let friends build large layer2 networks!<div dir="auto"><br></div><div dir="auto">That said; if you wanted to get a little creative you could run up a csr1000v and setup otv and lisp from AWS to your on prem infra. I have never set it up but would be interesting to see if the MP transport supports it.</div><div dir="auto"><br></div><div dir="auto">I guess the question is really, why would you want to extend your layer2 domain into the cloud.</div><div dir="auto">You will not be able to run redundant connections. </div><div dir="auto">You have just increased your fail domain size and will be tromboning traffic. </div><div dir="auto"><div dir="auto"><br></div><div dir="auto"><br></div></div></div><br><div class="gmail_quote"><div dir="ltr">On Tue., 12 Feb. 2019, 6:17 pm Tim Raphael <<a href="mailto:raphael.timothy@gmail.com" rel="noreferrer" target="_blank">raphael.timothy@gmail.com</a> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">That’s still routed and not bridged over the DC. It’s all layer 3 over DCs unless (as mentioned) you use an L2 tunnelling method onto a compute VM.<br><br><div dir="ltr">- Tim</div><div dir="ltr"><br>On 12 Feb 2019, at 19:01, Andras Toth <<a href="mailto:diosbejgli@gmail.com" rel="noreferrer noreferrer" target="_blank">diosbejgli@gmail.com</a>> wrote:<br><br></div><blockquote type="cite"><div dir="ltr"><div dir="ltr">I'm not sure if the Megaport Direct Connect is any different to a regular AWS Direct Connect, but a friend of mine has successfully used a regular AWS Direct Connect that they extended into their EC2 VPC and assigned IP addresses to their instances from their own /28 range.<div><br></div><div>The subnet has a Route Table that would say send everything to the DX VGW to make this work.</div><div><br></div><div>The only caveat was the .1 and .2 addresses cannot be used because that's the AWS Default Gateway and DNS, etc.</div><div><br></div><div>Andras</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Feb 12, 2019 at 1:30 PM Steve Tu <<a href="mailto:steve.tu@megaport.com" rel="noreferrer noreferrer" target="_blank">steve.tu@megaport.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr">Hi Joseph,<div><br></div><div>Thank your for your enquiry.</div><div><br></div><div>As Simon Thomason pointed out, AWS Direct Connect - Private Virtual Interface is mainly for connecting two private networks together by exchanging routes via BGP.</div><div><br></div><div>In your scenario of extending your on-premises network into the native AWS VPC so they are on the same broadcast domain, this is not a supported scenario. Also on AWS VPC route table, the destination via next-hop/default gateway will need to be an AWS component i.e. Virtual Private Gateway or Internet Gateway etc. and not something outside of AWS.</div><div><br></div><div><a href="https://aws.amazon.com/vpc/faqs/" rel="noreferrer noreferrer" target="_blank">https://aws.amazon.com/vpc/faqs/</a><br></div><div>Please also check the Topology section of the FAQ</div><div><br></div><div>There are options such as VMware on AWS and creating a L2VPN over Direct Connect, that may suits your requirements.</div><div><br></div><div>I hope this answers your question, and if you have any further questions, please do not hesitate to contact me,</div><div><div><div dir="ltr" class="gmail-m_523143131010015692m_7591029682689908733m_-4595972932110565503gmail-m_-1659018015226680432gmail_signature"><div dir="ltr"><div><div dir="ltr"><p style="color:rgb(102,102,102);font-size:12px;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif"><strong>Steve<span style="color:rgb(255,0,0)">Tu</span></strong><br><span style="color:rgb(204,204,204);font-size:11px"><em>Solutions Architect APAC</em></span></p><p style="color:rgb(204,204,204);font-size:11px;line-height:20px;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif">Phone: +61 430 965 798<br><a href="https://www.linkedin.com/in/tusteven/" style="color:rgb(17,85,204)" rel="noreferrer noreferrer" target="_blank"><img src="https://www.megaport.com/email/connect.png" width="137" height="21" alt="Connect on LinkedIn"></a></p><p style="color:rgb(136,136,136);font-size:12px;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif"> </p><p style="color:rgb(136,136,136);font-size:12px;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif"><a href="https://www.megaport.com/" style="color:rgb(17,85,204)" rel="noreferrer noreferrer" target="_blank"><img src="https://www.megaport.com/email/megaport.png" width="135" height="32" alt="Visit Megaport.com"></a><br><br><span style="color:rgb(238,238,238);font-size:10px;line-height:14px">This message is intended for the addressee named and may contain confidential information. If you are not the intended recipient please delete it and notify the sender.</span></p></div></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Feb 12, 2019 at 12:12 PM Gavin Tweedie <<a href="mailto:gavin.tweedie@megaport.com" rel="noreferrer noreferrer" target="_blank">gavin.tweedie@megaport.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I'm not our cloud wizard so let me throw on a technical solutions guy or two on this thread to bring it to their attention!<div><br></div><div>Gav</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 12 Feb 2019 at 10:08, simon thomason <<a href="mailto:sapage@sapage.net" rel="noreferrer noreferrer" target="_blank">sapage@sapage.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr">I would be interested to know how you do this also.<div><br></div><div>My understanding is that over MP you need to peer with AWS in BGP. <a href="https://knowledgebase.megaport.com/cloud-connectivity/aws-cloud/" rel="noreferrer noreferrer" target="_blank">https://knowledgebase.megaport.com/cloud-connectivity/aws-cloud/</a> </div><div><br></div><div>Even looking at AWS doco it says you can not <a class="gmail-m_523143131010015692m_7591029682689908733m_-4595972932110565503gmail-m_-1659018015226680432gmail-m_-6272152998261609284gmail-m_5359353354344752583gmail-m_-252743398504844433moz-txt-link-freetext" href="https://aws.amazon.com/directconnect/faqs/" rel="noreferrer noreferrer" target="_blank">https://aws.amazon.com/directconnect/faqs/</a>.</div><div><br></div><div>Unless you want to run GRE or something over this but i am not certain why you would. </div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Feb 12, 2019 at 11:53 AM Nathan Brookfield <<a href="mailto:Nathan.Brookfield@simtronic.com.au" rel="noreferrer noreferrer" target="_blank">Nathan.Brookfield@simtronic.com.au</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">100% possible :)<br>
<br>
Nathan Brookfield<br>
Chief Executive Officer<br>
<br>
Simtronic Technologies Pty Ltd<br>
<a href="http://www.simtronic.com.au" rel="noreferrer noreferrer noreferrer" target="_blank">http://www.simtronic.com.au</a><br>
<br>
On 12 Feb 2019, at 12:40, Joseph Goldman <<a href="mailto:joe@apcs.com.au" rel="noreferrer noreferrer" target="_blank">joe@apcs.com.au</a>> wrote:<br>
<br>
Hi *<br>
<br>
Just wondering if the following scenario is supported for EC2 instances with AWS.<br>
<br>
Over megaport, I'd like to use a VXC (Or Direct Connect) - On that interface on my router, I put x.x.x.1/24, then on my EC2 instances I'd want to put x.x.x.2-254/24 directly on my compute instances, so those EC2 instances basically become a part of my broadcast domain over the VLAN on Megaport, and I can control data in/out of those instances.<br>
<br>
I'm fairly fresh to AWS so not entirely sure the correct way to go about it through the route tables, VPCs etc - is what I'm asking for relatively easy and possible?<br>
<br>
Thanks,<br>
Joe<br>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" rel="noreferrer noreferrer" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer noreferrer noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" rel="noreferrer noreferrer" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer noreferrer noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" rel="noreferrer noreferrer" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer noreferrer noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail-m_523143131010015692m_7591029682689908733m_-4595972932110565503gmail-m_-1659018015226680432gmail-m_-6272152998261609284gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div><span style="color:rgb(38,50,56);font-family:Roboto,Arial,sans-serif;font-size:13px">Global Interconnection Director</span></div><div><a href="https://www.megaport.com" style="font-size:12.8px" rel="noreferrer noreferrer" target="_blank">Megaport</a><br></div><div>+61 498 498 458<br></div></div></div></div></div></div></div></div>
</blockquote></div></div></div>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" rel="noreferrer noreferrer" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer noreferrer noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div>
</div></blockquote><blockquote type="cite"><div dir="ltr"><span>_______________________________________________</span><br><span>AusNOG mailing list</span><br><span><a href="mailto:AusNOG@lists.ausnog.net" rel="noreferrer noreferrer" target="_blank">AusNOG@lists.ausnog.net</a></span><br><span><a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a></span><br></div></blockquote></div>_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" rel="noreferrer noreferrer" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer noreferrer noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div>