Manual Chapter : Finish Configuring Cloud Interconnection in the BIG-IP System

Applies To:

Show Versions Show Versions

BIG-IP AAM

  • 14.1.5, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP APM

  • 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP LTM

  • 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP AFM

  • 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP DNS

  • 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP ASM

  • 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0
Manual Chapter

Enable the BGP routing protocol

Cloud providers advertise their routes via BGP. The BIG-IP® system can act as a BGP router for your Cloud Interconnection configuration.
Note: The BIG-IP system does not need to be the router in this configuration.
  1. Connect to the BIG-IP Configuration utility.
  2. On the Main tab, click Network > Route Domains .
    The screen displays a list of route domains.
  3. Click 0 to edit the record.
  4. In the Dynamic Routing Protocols setting, move BGP from the Available to the Enabled list.
  5. Click Update.
The BGP dynamic routing protocol is now enabled.

Create Cloud Interconnection VLANs

Get the VLAN name and ID from the colo provider or their portal. Then create the corresponding VLANs in BIG-IP®.
  1. In the BIG-IP Configuration utility, on the Main tab, click Network > VLANs and then click Create.
  2. Create a VLAN for AWS:
    Option Description
    Name aws_3010
    Tag 3010
    Interface 2.1, tagged
  3. Create a VLAN for Azure:
    Option Description
    Name azure_3011
    Tag 3011
    Interface 2.1, tagged
    Note: This is the same interface as the AWS VLAN.
  4. Create a VLAN for the virtual server:
    Option Description
    Name services_VLAN
    Interface 2.1, tagged
    Note: This is the same interface as the other VLANs.
If you have been following this example, when you are done, you have the following VLANs configured:
  • aws_3010
  • azure_3011
  • services_vlan
  • internet

Create Cloud Interconnection self IP addresses

After you create the VLANs, create the related self IP addresses.
  1. For AWS, in the BIG-IP® Configuration utility, on the Main tab, click Network > Self IPs and then click Create.
  2. Complete the fields:
    Option Description
    Name aws_IP
    IP Address 172.16.1.10 This is the self IP address of the BIG-IP system.
    Netmask 255.255.255.252
    VLAN / Tunnel aws_3011
    Port Lockdown Allow Custom > TCP > Port 179 > Add
  3. Now create the self IP address for Azure:
    Option Description
    Name azure_IP
    IP Address 172.16.1.2 This is the self IP address of the BIG-IP system.
    Netmask 255.255.255.252
    VLAN / Tunnel azure_3011
    Port Lockdown Allow Custom > TCP > Port 179 > Add
  4. Create the self IP address for the virtual server:
    Option Description
    Name services_IP
    IP Address 172.16.2.1
    Netmask 255.255.255.0
    VLAN / Tunnel services_vlan
    Port Lockdown Allow None

Create the router configuration for AWS

In order to advertise your network's routes to AWS, you must configure the BIG-IP® system's BGP router.
  1. Use SSH to connect to the BIG-IP system, and ensure you are at the bash prompt.
  2. Create the BGP router configuration for AWS.
    1. Type: imish
      You are now working in ZebOS™.
    2. Type: enable
    3. Type: enable
    4. Then type: show running-config
      At this point there is no running configuration.
    5. Type: config terminal
      You can now run configuration commands.
  3. Now create the interfaces to ensure that they're turned on.
    1. Create the AWS interface by typing: interface aws_3010
      This is the VLAN name.
    2. Type a description for the interface: description AWS Interface
    3. Type: no shut
    4. Type: exit
    5. Confirm that the interface was created correctly by typing: show running-config
    6. Type: router bgp 22317
      You are now at the router configuration.
  4. Configure the router to advertise your network's routes.
    1. Type: network 192.168.0.0/16
    2. Add the neighbor configuration by pasting information from the router configuration information you downloaded from AWS. For example:
      neighbor 172.16.1.10 remote-as 7224
      neighbor 172.16.1.10 password 423SDA342lksh28443hdds
    3. Type: show running-config
    4. Now to save it, type: wr
    5. To get out of router config, type: exit
    6. Type: show ip route
      B means that BGP has advertised the route.

Create the router configuration for Azure

In order to advertise your network's routes to Azure, you must configure the BIG-IP® system's BGP router.
  1. Use SSH to connect to the BIG-IP system and ensure that you are at the bash prompt.
  2. Create the BGP router configuration for Azure.
    1. Type: imish
      You are now working in ZebOS™.
    2. Type: enable
    3. Type: enable
    4. Then type: show running-config
      At this point there is no running configuration.
    5. Type: config terminal
      You can now run configuration commands.
  3. Now create the interfaces to ensure that they're turned on.
    1. Create the AWS interface by typing: interface azure_3011
      This is the VLAN name.
    2. Type a description for the interface: description Azure Interface
    3. Type: no shut
    4. Type: exit
    5. Confirm that the interface was created correctly by typing: show running-config
    6. Type: router bgp 22317
      You are now at the router configuration.
  4. Configure the router to advertise your network's routes.
    1. Type: network 192.168.0.0/16
    2. Add the neighbor configuration.
      neighbor 172.16.1.2 remote-as 7224
      neighbor 172.16.1.2 password <password>
                                    
      
      Note: You can find the password in the Azure portal by viewing the ExpressRoute; the password is in the Shared Key field.
    3. Type: show running-config
    4. Now to save it, type: wr
    5. To get out of router config, type: exit
    6. Type: show ip route
      B means that BGP has advertised the route.