Create a private virtual interface to the Amazon Direct Connect gateway
To connect your Amazon Direct Connect connection to the remote VPC, you must create a private virtual interface for your connection. Specify the Direct Connect gateway to which to connect. You can create a private virtual interface using either the Amazon Direct Connect console or using the command line or API.
Note
If you're accepting a hosted private virtual interface, you can associate it with a Direct Connect gateway in your account. For more information, see Accept a hosted virtual interface.
To provision a private virtual interface to a Direct Connect gateway
Open the Amazon Direct Connect console at https://console.amazonaws.cn/directconnect/v2/home
. -
In the navigation pane, choose Virtual Interfaces.
-
Choose Create virtual interface.
-
Under Virtual interface type, choose Private.
-
Under Private virtual interface settings, do the following:
-
For Virtual interface name, enter a name for the virtual interface.
-
For Connection, choose the Direct Connect connection that you want to use for this interface.
-
For Virtual interface owner, choose My Amazon account if the virtual interface is for your Amazon account.
-
For Direct Connect gateway, select the Direct Connect gateway.
-
For VLAN, enter the ID number for your virtual local area network (VLAN).
-
For BGP ASN, enter the Border Gateway Protocol Autonomous System Number of your on-premises peer router for the new virtual interface.
The valid values are 1 to 2147483647.
-
-
Under Additional Settings, do the following:
-
To configure an IPv4 BGP or an IPv6 peer, do the following:
[IPv4] To configure an IPv4 BGP peer, choose IPv4 and do one of the following:
-
To specify these IP addresses yourself, for Your router peer ip, enter the destination IPv4 CIDR address to which Amazon should send traffic.
-
For Amazon router peer ip, enter the IPv4 CIDR address to use to send traffic to Amazon.
Important
If you let Amazon auto-assign IPv4 addresses, a /29 CIDR will be allocated from 169.254.0.0/16 IPv4 Link-Local according to RFC 3927 for point-to-point connectivity. Amazon does not recommend this option if you intend to use the customer router peer IP address as the source and/or destination for VPC traffic. Instead you should use RFC 1918 or other addressing (non-RFC 1918), and specify the address yourself.
-
For more information about RFC 1918, see Address Allocation for Private Internets
. -
For more information about RFC 3927, see Dynamic Configuration of IPv4 Link-Local Addresses
.
-
[IPv6] To configure an IPv6 BGP peer, choose IPv6. The peer IPv6 addresses are automatically assigned from Amazon's pool of IPv6 addresses. You cannot specify custom IPv6 addresses.
-
-
To change the maximum transmission unit (MTU) from 1500 (default) to 9001 (jumbo frames), select Jumbo MTU (MTU size 9001).
(Optional) Under Enable SiteLink, choose Enabled to enable direct connectivity between Direct Connect points of presence.
-
(Optional) Add or remove a tag.
[Add a tag] Choose Add tag and do the following:
For Key, enter the key name.
For Value, enter the key value.
[Remove a tag] Next to the tag, choose Remove tag.
-
-
Choose Create virtual interface.
After you've created the virtual interface, you can download the router configuration for your device. For more information, see Download the router configuration file.
To create a private virtual interface using the command line or API
-
create-private-virtual-interface (Amazon CLI)
-
CreatePrivateVirtualInterface (Amazon Direct Connect API)
To view the virtual interfaces that are attached to a Direct Connect gateway using the command line or API
-
describe-direct-connect-gateway-attachments (Amazon CLI)
-
DescribeDirectConnectGatewayAttachments (Amazon Direct Connect API)