AWS Direct Connect sitelink Part 1

An interesting feature available for AWS direct connect is the AWS Direct sitelink. Before sitelink, if you needed to interconnect multiple branches, you needed public Internet links, private MPLS links, or equivalent connectivity. This results in purchasing expensive links to interconnect the sites or adding complexity to the AWS networking infrastructure.

A typical deployment setup is shown below:

Alternatively, you can have a setup with traffic passing via the AWS infrastructure and using multiple transit gateway (TGW) and direct connect gateways (DXGW).

With sitelink, this changes as traffic can be routed directly between the different branches using the AWS direct connect links using the DXGW available and without entering the AWS region instead of implementing something like the above. Sitelink allows the different direct connect customer premises to communicate directly without external communications using private or transit Vifs with a DXGW. Since direct connect support, high MTU 8500 or MTU 9001 once enabling sitelink, you can use the AWS direct connect links as underlay paths.

As shown by the table below, there are strict conditions where sitelink can be enabled.

Virtual interface typeSupported
Transit VIFYes
Private VIF attached to a DXGW with a virtual private gatewayYes
Private VIF attached to a DXGW and are NOT associated with a virtual private gateway or a TGWYes
Private VIF attached to a virtual private gatewayNo
Public VIFNo

Before and after enabling sitelink

The AWS direct connect sitelink can be enabled for existing and new virtual interfaces and applied to a hosted or regular virtual interface configured to a DirectConnect gateway. There is no requirement for having the AWS directconnect links with the same speeds.

Backup connectivity between branch offices using Sitelink

Enabling sitelink can provide an alternative route if the connectivity between branch offices is degraded by using the directconnect gateway link as a backup. A simple example is described below:

Note that the VPC networks are excluded from the table below on purpose not to complicate this

DeviceNeighbourAdvertised
Networks
Received
Networks
AS PathPreferred
Route
Remarks
CR1CR210.100.0.0/16AS65001Yes by CR2Shortest AS PATH
CR1DX110.100.0.0/16AS65001Yes by DX1
CR1DX110.101.0.0/16AS65002,AS64513NoBetter route via CR2
CR2CR110.101.0.0/16AS65002Yes by CR1Shortest AS PATH
CR2DX210.101.0.0/16AS65002Yes by DX2Shortest AS PATH
CR2DX210.100.0.0/16AS65001,AS64513NoBetter route via CR1

Enabling Sitelink

To enable sitelink, it is very simple; all you need to do

  1. Go to the virtual interface settings from the Direct Connect menu
  2. Click the Enabled tick box under the Enable Sitelink Option as shown in the figure below.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.