BGP PEER APIPA SUBNET

gauravpundir231 · ‎05-16-2020

Hi All,

I have seen a BGP peer with APIPA subnet. And it is for AWS tunnel.
Can someone pls advise how/why APIPA is being used. Any docs or explanation would help.

paul driver · ‎05-16-2020

Hello

I have never comes across a bgp topology using APIPA myself however thats not to not say this isn't applicable as its a usable non public address range that i guess can and in your is being used for internal bgp /confederation ASNs etc..

Id be Interested to see what other views are posted on this forum post about this

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎05-17-2020

Hello,

I think AWS could use any private address space for their tunnel endpoints, but using the APIPA addresses actually makes sense, because those are pretty much never used by any company internally, so the chances of an addressing conflict are almost negligible. Most if not all companies use the 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 addresses somewhere in their network, so if AWS would assign addresses from these blocks, they could overlap. Nobody uses APIPA, so it is easy to set up and requires no back and forth between AWS and the customer regarding IP addressing conflicts.

This is from the document linked below:

'Another interesting point is that the tunnels at the CGW use private link-local addresses in the 169.254.0.0/16 space while the tunnel objects on the AWS side use public IP’s. Even though it’s a private IP address, the AWS tunnel endpoint will still be able to reach these private IP’s because they are reachable through the CGW uplink public IP address. (AWS associates these private IP’s to your account and VGW when you configure the VPN at the AWS console).'

https://cloudsm.art/2019/11/05/aws-hybrid-cloud-vpn-connections/