Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1287
Views
5
Helpful
2
Replies

BGP PEER APIPA SUBNET

gauravpundir231
Beginner
Beginner

‎05-16-2020 07:33 AM

Hi All,

I have seen a BGP peer with APIPA subnet. And it is for AWS tunnel.
Can someone pls advise how/why APIPA is being used. Any docs or explanation would help.

Labels:
0 Helpful
2 Replies 2

paul driver
VIP Expert VIP Expert
VIP Expert

‎05-16-2020 09:41 AM

Hello

I have never comes across a bgp topology using APIPA myself however thats not to not say this isn't applicable as its a usable non public address range that i guess can and in your is being used for internal bgp /confederation ASNs etc..

 

Id be Interested to see what other views are posted on this forum post about this


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Georg Pauwen
VIP Master VIP Master
VIP Master

‎05-17-2020 12:43 AM

Hello,

 

I think AWS could use any private address space for their tunnel endpoints, but using the APIPA addresses actually makes sense, because those are pretty much never used by any company internally, so the chances of an addressing conflict are almost negligible. Most if not all companies use the 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 addresses somewhere in their network, so if AWS would assign addresses from these blocks, they could overlap. Nobody uses APIPA, so it is easy to set up and requires no back and forth between AWS and the customer regarding IP addressing conflicts.

 

This is from the document linked below:

 

'Another interesting point is that the tunnels at the CGW use private link-local addresses in the 169.254.0.0/16 space while the tunnel objects on the AWS side use public IP’s. Even though it’s a private IP address, the AWS tunnel endpoint will still be able to reach these private IP’s because they are reachable through the CGW uplink public IP address. (AWS associates these private IP’s to your account and VGW when you configure the VPN at the AWS console).'

 

https://cloudsm.art/2019/11/05/aws-hybrid-cloud-vpn-connections/

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents