About Edge Gateway Settings

This document describes the settings you can configure for an Aviatrix Edge Gateways.

Site

Site refers to an edge site or edge location. Multiple sites can be created for the same physical site. When Edge Gateway instances are deployed, the gateway instances are associated with the site name for route propagation.

When deploying an Edge Gateway, follow these guidelines to decide whether to use an existing site or create a new one.

  • Use an existing site:

    • If you want to have Active-Standby high availability on 2 Edge Gateways (assign the same site).

  • Edge Gateways with the same site:

    • Can only join the same domain.

    • Can have the same or different local ASN.

  • When multiple Edge Gateways are attached to a common Transit Gateway, the Transit Gateway will propagate routes from Edge Gateways with the same site to other Edge Gateways with a different site but will not propagate routes from the Edge Gateways to other Edge Gateways with the same site.

ZTP File Type

Zero-Touch Provisioning (ZTP) enables network engineers to remotely deploy and provision network devices at remote locations.

ISO ZTP file is supported for VMWare ESXi and open-source Kernel-based Virtual Machine (KVM) deployments.

cloud-init ZTP file is supported for Equinix and Megaport deployments.

The following cloud-init modules have been verified for Edge Gateway deployments: users, write_files, and chpasswd.

High Availability

When deploying high availability Edge Gateways at a site for redundancy, you have the option to select Active-Active Mode or Active-Standby Mode for connectivity between the Edge Gateways and the Transit Gateways.

Active-Active Mode

In Active-Active Mode, the Primary and HA Edge Gateways connect to the Transit Gateways with two active peerings. All connections established between the Edge Gateways and Transit Gateways perform load sharing and forward network traffic.

Active-Standby Mode

In Active-Standby Mode, the Primary and HA Edge Gateway connects to the Transit Gateways with one active peering and one standby peering. Only the Primary Edge Gateway actively forwards network traffic. When the Primary Edge gateway goes down, traffic is redirected to the Standby Edge Gateway.

By default, if a High Availability mode is not selected, Edge Gateways deployed in the same site will default to Active-Active Mode.

For more information about HA Edge Gateway, see Edge Spoke Gateway High Availability.

Active-Standby

This feature enables you to deploy an Edge Gateway connection to an external device where the external device, such as an on-prem firewall, does not support asymmetric routing on two tunnels.

When Active-Standby is On, the Edge Gateway connects to the external device with only one active tunnel forwarding traffic and the other as standby.

When Active-Standby mode is On, it applies to both BGP and Static Remote Route Based external device connections.

If you enable Active-Standby, you can select the Failover Mode to determine the network’s behavior when the Primary Edge Gateway goes down.

  • When Preemptive is enabled, the network automatically switches back to using that Primary Edge Gateway when the primary gateway is back up.

  • When Preemptive is not enabled, the network continues to use the Standby Edge Gateway even after the primary gateway is back up, until you initiate a manual switchover.

The Preemptive option is not applicable in Active-Standby mode if Virtual Router Redundancy Protocol (VRRP) is enabled on the Edge Gateway.

For more information about HA Edge Gateway, see Edge Spoke Gateway High Availability.

Interfaces

WAN Interface

The network interface to connect to the Aviatrix Transit Gateway. Requires a default gateway and Layer 3 reachability to Transit Gateway Private or Public IP.

LAN Interface

The network interface to connect to the LAN network.

Management Interface

The network interface to connect to the Aviatrix Controller. Requires a default gateway, DNS access and Internet access to Aviatrix Controller, Aviatrix software download, and tracelog upload. Internet access is not required, if Management interface is over a private network.

Jumbo Frame

Jumbo Frame improves the performance throughput between an Aviatrix Transit Gateway and Edge Gateway. Jumbo Frame is supported on all Edge platforms (Equinix, Megaport, Aviatrix Edge, and Self Managed).

There are two Jumbo Frame configuration settings for an Edge Gateway: one for the Edge Gateway and another when you create an Edge Gateway attachment.

  • You must first enable Jumbo Frame on the Edge Gateway. Enabling Jumbo Frame on the Edge Gateway enables it on the WAN and LAN interfaces of the gateway.

  • When you attach an Edge Gateway to a Transit Gateway, you can choose to enable Jumbo Frame. This enables Jumbo Frame for the tunnel connection between the Edge Gateway and the Transit Gateway.

  • Jumbo Frame is supported for AWS and OCI only; it is not supported for Azure and GCP.

  • Jumbo Frame is only supported on private connections that support Jumbo Frame.

  • Jumbo Frame is supported with High Performance Encryption and BGP over LAN connections only. High Performance Encryption and Jumbo Frame must be enabled on all gateways in the end-to-end path of the traffic flow.

  • For BGP over LAN connection, Jumbo Frame is enabled (by default) when the Edge Gateway is created.