Creating the Primary and Secondary Edge Spoke Gateway (Aviatrix Edge Platform)

To create a primary and secondary (HA) Edge Spoke Gateway, follow these steps:

Step 1: Gateway Configuration

  1. In Aviatrix CoPilot, go to Cloud Fabric > Hybrid Cloud > Edge Gateways > Spoke Gateways tab.

  2. Click + Spoke Gateway, then provide the following information.

    Field

    Description

    Name

    Name for the Edge Gateway.

    The name must start with a letter and contain only letters, numbers, and dashes (no special characters or spaces) and it can be up to 50 characters long.

    Platform

    The platform account where you want to deploy the Edge Gateway.

    You can create and edit platform accounts in CoPilot by going to Cloud Fabric > Hybrid Cloud > Platforms tab. See Set Up the Aviatrix Edge Platform Account.

    Site

    Identifies the edge location.

    You can select an existing name or enter a new name for the edge location.

    High Availability

    The high availability mode.

    • Off creates only the primary Edge Gateway with one active peering.

    • On (Active Standby Mode) enables Edge Gateway connection with one active peering and one standby peering. Only the active peering forwards network traffic. The network switches to the standby peering when the primary peering goes down.

    • On (Active Active Mode) enables Edge Gateway connections with all active peerings to perform load sharing and forward network traffic.

    Preemptive

    Determines the network’s behavior when the primary gateway goes down.

    Preemptive is applicable only when High Availability is set to On with Active Standby Mode. The Preemptive is set on the primary gateway.

    • On enables the network to automatically switch back to the primary gateway when the primary gateway connection is back up.

    • Off enables the network to continue to use the standby gateway even after the primary gateway is back up, until you initiate a manual switchover.

    Primary Device

    The edge device where you want to deploy the primary Edge Gateway.

    Secondary Device

    The edge device where you want to deploy the secondary (HA) Edge Gateway.

    The primary and secondary devices must have the same hardware configuration.

    Gateway Resource Size

    The gateway size.

    • Small - 2 vCPU - 4GB

    • Medium - 4 vCPU - 8GB

    • Large - 8 vCPU - 16GB

    • X-Large - 16 vCPU - 32GB

  3. Click Next to configure the gateway interfaces.

Step 2: Interface Configuration

By default, an Edge Spoke Gateway has three interfaces: one WAN interface on eth0, one LAN interface on eth1, and one Management interface on eth2. You will need these configuration information to configure the interfaces.

In the Interface Configuration section, configure the WAN, LAN, and Management interfaces. If High Availability mode is selected, then configure both the primary and secondary Edge Gateways.

Configuring the WAN Interface

To configure the WAN interface:

  1. In Interface Configuration, click WAN, then provide the following information.

    Field

    Description

    Interface

    This is set to the Edge Gateway’s logical interface.

    IP Assignment

    The default is Static for static IP assignment.

    DHCP for dynamic IP address assignment is not supported.

    Interface Labels

    Name to identify the WAN interface.

    Interface CIDR

    The CIDR for the WAN interface.

    Interface CIDR must be in the format interface_ip/netmask (for example, 192.18.20.1/24).

    Default Gateway IP

    The Default Gateway IP address for the WAN interface.

    For CSP underlay, this is the remote side IP address of the BGP session on CSP VNG or VGW.

    Public IP

    The public IP for the WAN interface.

    The public IP of the WAN interface is used for peering connections over the public network.

Configuring the LAN Interface

To configure the LAN interface:

  1. Click LAN, then provide the following information.

    Field

    Description

    Interface

    The Edge Gateway’s logical interface name.

    IP Assignment

    The default is Static for static IP assignment.

    DHCP for dynamic IP address assignment is not supported.

    VRRP

    To enable Virtual Router Redundancy Protocol (VRRP) on the Edge Gateway, set this switch to On.

    VRRP can be configured only if HA Edge Gateway is configured.

    Interface CIDR

    The native VLAN interface IP address.

    This interface is where untagged packets are sent.

    VRRP Gateway IP

    The Virtual IP for the VRRP Gateway, when VRRP is enabled.

    Default Gateway IP

    The Default Gateway IP address for the native VLAN interface.

    Interface Labels

    Name to identify the native VLAN interface.

  2. If your LAN is segmented into virtual LANs (VLANs), click + VLAN Interface to add one or more VLAN sub-interfaces, then provide the following information for each VLAN sub-interface.

    You cannot edit the VLAN ID after the Edge Gateway is created. To edit the VLAN sub-interface attributes, it is highly recommended to delete and recreate the VLAN sub-interface configuration.

    Field

    Description

    VLAN ID

    The VLAN ID of the VLAN segment.

    VLAN ID must be a number between 2 and 4092.

    VLAN Interface CIDR

    The VLAN IP address of the VLAN segment.

    Default Gateway IP

    The Default Gateway IP address of the VLAN segment.

    Sub-Interface Tag

    Name to identify the VLAN segment.

    When a secondary HA Edge Gateway is configured, the VLAN configurations that are shared between the primary and secondary gateway and are non-editable on the secondary gateway.

Configuring the MGMT Interface

To configure the Management interface, click MGMT, then provide the following information.

Field

Description

Interface

The Edge Gateway’s logical interface name.

IP Assignment

The MGMT interface defaults to DHCP.

This setting cannot be changed.

The Edge Gateway will automatically NAT out of the physical MGMT interface of the edge node when using the Aviatrix Edge platform.

Private Network

Leave this setting to Off.

The Edge Gateway on the edge hardware requires public Internet reachability to connect to the Aviatrix Controller and Aviatrix Edge infrastructure in the cloud.

Egress CIDR (Primary)

The Egress CIDR is the public IP address which the Management interface uses.

If the Public IP is used from Edge Gateway Management interface to establish connectivity to Aviatrix Controller, then configure the Public IP as the CIDR. The CIDR is then added to the Controller security group to allow incoming traffic from the Edge Gateway.

Egress CIDR (Secondary)

The Egress Public IP for the secondary Edge Gateway’s Management interface when High Availability is configured.

If a required field is missing, the interface tab is highlighted to indicate there is an error.

Step 3: Verify the Edge Gateway Creation

See, Verifying the Edge Gateway Creation.

Gateway Configuration

Field

Description

Name

Name for the Edge Gateway.

The name must start with a letter and contain only letters, numbers, and dashes (no special characters or spaces) and it can be up to 50 characters long.

Platform

The platform account where you want to deploy the Edge Gateway.

You can create and edit platform accounts in CoPilot by going to Cloud Fabric > Hybrid Cloud > Platforms tab.

Site

Identifies the edge location.

You can select an existing name or enter a new name for the edge location.

High Availability

The high availability mode.

  • Off creates only the primary Edge Gateway with one active peering.

  • On (Active Standby Mode) enables Edge Gateway connection with one active peering and one standby peering. Only the active peering forwards network traffic. The network switches to the standby peering when the primary peering goes down.

  • On (Active Active Mode) enables Edge Gateway connections with all active peerings to perform load sharing and forward network traffic.

Preemptive

Determines the network’s behavior when the primary gateway goes down.

Preemptive is applicable only when High Availability is set to On with Active Standby Mode. The Preemptive is set on the primary gateway.

  • On enables the network to automatically switch back to the primary gateway when the primary gateway connection is back up.

  • Off enables the network to continue to use the standby gateway even after the primary gateway is back up, until you initiate a manual switchover.

Primary Device

The edge device where you want to deploy the primary Edge Gateway.

Secondary Device

The edge device where you want to deploy the secondary (HA) Edge Gateway.

The primary and secondary devices must have the same hardware configuration.

Gateway Resource Size

The gateway size.

  • Small - 2 vCPU - 4GB

  • Medium - 4 vCPU - 8GB

  • Large - 8 vCPU - 16GB

  • X-Large - 16 vCPU - 32GB

Interface Configuration WAN Interface

Field

Description

Interface

This is set to the Edge Gateway’s logical interface.

IP Assignment

The default is Static for static IP assignment.

DHCP for dynamic IP address assignment is not supported.

Interface Labels

Name to identify the WAN interface.

Interface CIDR

The CIDR for the WAN interface.

Interface CIDR must be in the format interface_ip/netmask (for example, 192.18.20.1/24).

Default Gateway IP

The Default Gateway IP address for the WAN interface.

For CSP underlay, this is the remote side IP address of the BGP session on CSP VNG or VGW.

Public IP

The public IP for the WAN interface.

The public IP of the WAN interface is used for peering connections over the public network.

LAN Interface

Field

Description

Interface

The Edge Gateway’s logical interface name.

IP Assignment

The default is Static for static IP assignment.

DHCP for dynamic IP address assignment is not supported.

VRRP

To enable Virtual Router Redundancy Protocol (VRRP) on the Edge Gateway, set this switch to On.

VRRP can be configured only if HA Edge Gateway is configured.

Interface CIDR

The native VLAN interface IP address.

This interface is where untagged packets are sent.

VRRP Gateway IP

The Virtual IP for the VRRP Gateway, when VRRP is enabled.

Default Gateway IP

The Default Gateway IP address for the native VLAN interface.

Interface Labels

Name to identify the native VLAN interface.

VLAN Interface

If your LAN is segmented into virtual LANs (VLANs), click + VLAN Interface to configure one or more VLAN sub-interfaces.

You cannot edit the VLAN ID after the Edge Gateway is created. To edit the VLAN sub-interface attributes, it is highly recommended to delete and recreate the VLAN sub-interface configurations.

Field

Description

VLAN ID

The VLAN ID of the VLAN segment.

VLAN ID must be a number between 2 and 4092.

VLAN Interface CIDR

The VLAN IP address of the VLAN segment.

Default Gateway IP

The Default Gateway IP address of the VLAN segment.

Sub-Interface Tag

Name to identify the VLAN segment.

When a secondary HA Edge Gateway is configured, the VLAN configurations that are shared between the primary and secondary gateway and are non-editable on the secondary gateway.

MGMT Interface

Field

Description

Interface

The Edge Gateway’s logical interface name.

IP Assignment

The MGMT interface defaults to DHCP.

This setting cannot be changed.

The Edge Gateway will automatically NAT out of the physical MGMT interface of the edge node when using the Aviatrix Edge platform.

Private Network

Leave this setting to Off.

The Edge Gateway on the edge hardware requires public Internet reachability to connect to the Aviatrix Controller and Aviatrix Edge infrastructure in the cloud.

Egress CIDR (Primary)

The Egress CIDR is the public IP address which the Management interface uses.

If the Public IP is used from Edge Gateway Management interface to establish connectivity to Aviatrix Controller, then configure the Public IP as the CIDR. The CIDR is then added to the Controller security group to allow incoming traffic from the Edge Gateway.

Egress CIDR (Secondary)

The Egress Public IP for the secondary Edge Gateway’s Management interface when High Availability is configured.