# Inbound prefix controls for Amazon Direct Connect
<a name="prefix-controls"></a>

Inbound prefix controls let you manage how many on-premises route prefixes you can advertise to Amazon on your Direct Connect virtual interfaces (VIFs). Instead of a flat per-VIF limit, prefix controls use a connection-level pool model. You allocate prefixes from a shared pool to individual VIFs based on your routing needs.

The following table summarizes the key limits for inbound prefix controls.


| Limit | Value | 
| --- | --- | 
| Prefix pool per dedicated connection | 5,000 (1/10 Gbps), 30,000 (100 Gbps), 50,000 (400 Gbps) | 
| Maximum allocation per VIF | 1,000 per address family (IPv4 and IPv6) | 
| Default allocation per VIF | 100 per address family (IPv4 and IPv6) | 
| Total allocations per Direct Connect gateway | 10,000 (combined IPv4 \$1 IPv6) | 
| Maximum VIF attachments per Direct Connect gateway | 30 | 

## How prefix controls work
<a name="prefix-controls-how-it-works"></a>

Each Direct Connect dedicated connection has a prefix pool — the total number of inbound route prefixes allowed across all virtual interfaces on that connection. The pool size depends on the connection speed.

The following table shows the prefix pool sizes for each connection speed.


| Connection speed | Prefix pool size (IPv4) | Prefix pool size (IPv6) | 
| --- | --- | --- | 
| 1 Gbps | 5,000 | 5,000 | 
| 10 Gbps | 5,000 | 5,000 | 
| 100 Gbps | 30,000 | 30,000 | 
| 400 Gbps | 50,000 | 50,000 | 

When you create or update a virtual interface, you specify how many prefixes to allocate to that VIF from the connection's pool. The default allocation is 100 prefixes per VIF for each address family (IPv4 and IPv6). You can increase the allocation up to 1,000 prefixes per VIF for each address family. To request a higher limit, contact your Solutions Architect (SA) or Technical Account Manager (TAM).

The prefix pool tracks the following four states:

Pool size (Allowed)  
The total number of prefixes the connection can support. The connection speed determines this value, and you cannot change it.

Allocated  
The number of prefixes reserved on a specific VIF. You set this value when you create or update a VIF.

Available (Unallocated)  
The remaining prefixes in the pool that you haven't allocated to any VIF. This value equals the pool size minus the sum of all VIF allocations.

In use  
The actual number of prefixes your on-premises router is currently advertising on a VIF.

**Important**  
If the number of prefixes advertised on a VIF exceeds the allocated count, the BGP session on that VIF goes to an idle state (BGP DOWN). Ensure that your allocation is at least as large as the number of prefixes you plan to advertise.

**Note**  
You cannot reduce the allocated prefix count for a VIF below the number of prefixes currently in use. To reduce the allocation, first reduce the number of prefixes advertised by your on-premises device.

**Note**  
Public virtual interfaces are not managed by inbound prefix controls. Public VIFs retain the existing limit of 1,000 inbound prefixes.

## Direct Connect gateway prefix limits
<a name="prefix-controls-dx-gateway-limits"></a>

Each Direct Connect gateway has a total prefix pool allocations limit of 10,000. This limit is the sum of all IPv4 and IPv6 prefix allocations across all VIFs attached to the gateway. A Direct Connect gateway also supports a maximum of 30 VIF attachments. If attaching a new VIF would exceed either the 10,000 prefix allocation limit or the 30 VIF attachment limit, the attachment request is rejected.

You can view the current `totalPrefixPoolAllocations` value for a gateway by using the `DescribeDirectConnectGateways` API or in the Direct Connect console on the gateway details page.

**Note**  
Amazon Interconnect connections consume 2,000 prefixes from the 10,000 per-gateway allocation limit. Account for this when planning prefix allocations across VIFs on a gateway with an Amazon Interconnect connection attached.

## Link aggregation groups (LAGs)
<a name="prefix-controls-lags"></a>

For LAGs, the prefix pool scales based on the number of billable member connections. The pool size equals the per-connection pool size multiplied by the number of active member connections. For 1 Gbps and 10 Gbps LAGs, the pool includes resources from up to 4 member connections. For 100 Gbps and 400 Gbps LAGs, the pool includes resources from up to 2 member connections. IPv4 and IPv6 pools are tracked separately.

**Note**  
You cannot remove a LAG member if doing so would reduce the LAG's pool size below the current total allocated prefixes across all VIFs on the LAG.

## Hosted connections
<a name="prefix-controls-hosted-connections"></a>

Hosted connections support a single virtual interface, so the connection-level prefix pool is not used. You can set the per-VIF prefix allocation on a hosted connection. The default allocation is 100 for each address family (IPv4 and IPv6), and you can increase it up to 1,000 using the `CreatePrivateVirtualInterface` or `UpdateVirtualInterfaceAttributes` API.

Connection-level prefix pool information (pool size and unallocated count) is not displayed in the console for hosted connections.

## Additional resources
<a name="prefix-controls-additional-resources"></a>

For more information, see the following resources:
+ [Managing prefix allocations](prefix-allocations.md)
+ [Direct Connect quotas](limits.md)
+ [Direct Connect gateways](direct-connect-gateways-intro.md)