My virtual interface BGP status is down in the AWS console. How can I troubleshoot this issue?
Your virtual interface status might be down because of configuration issues with the OSI Layer 2 or Border Gateway Protocol (BGP).
OSI Layer 2 configuration
First, verify that your OSI layer 2 is configured correctly by confirming the following:
- You have configured the correct VLAN ID with dot1Q encapsulation on your device—such as a router or switch—as displayed in the AWS Direct Connect console.
- The peer IP addresses' configuration is identical on your device and in the AWS Direct Connect console.
- All the intermediate devices are configured for VLAN tagging with appropriate VLAN ID, and VLAN-tagged traffic is preserved in the AWS Direct Connect endpoint.
Note: Some network providers might also use Q-in-Q tagging, which can alter your tagged VLAN.
- Your device is learning the media access control (MAC) address of the AWS Direct Connect endpoint for the configured VLAN ID from the Address Resolution Protocol (ARP) table.
- Your device can ping the Amazon peer IP sourcing from your peer IP.
If the OSI layer 2 test results are positive, then confirm the BGP configuration on your device by verifying the following:
- The local ASN and remote ASN as provided in the Downloaded configuration file.
- The neighbor IP address and BGP MD5 password as provided in the Downloaded configuration file.
- Your device is not blocking ingress or egress from TCP port 179 and other appropriate ephemeral ports.
- Your device is not advertising more than 100 prefixes to AWS by BGP. By default, AWS only accepts up to 100 prefixes using a BGP session on AWS Direct Connect.
After confirming these configurations, your virtual interface BGP status should now be up.