Prerequisites for Edge Transit Gateway Deployment for On-Premises

The following are the prerequisites to deploy an Aviatrix Edge Transit Gateway for on-premises on the Aviatrix Edge platform.

1. Procure the Edge Hardware

If you do not already have your edge device, you need to evaluate the hardware that you require for your edge computing and procure the hardware. Contact your Aviatrix account manager for the hardware you may require.

For a list of Aviatrix supported hardware appliances, see Supported Edge Hardware for the Aviatrix Edge Platform.

2. Obtain the Hardware Serial Number

To onboard and register the edge device with the Aviatrix Edge platform, you will be required to provide the device serial number. Obtain the serial numbers for your edge device.

3. Set Up the Aviatrix Edge Platform Account

To onboard and register the edge device requires an Aviatrix Edge Platform Account.

To set up the Edge platform account, see Setting up Accounts for Edge Platforms.

4. Onboard the Edge Hardware

You must onboard and register the edge device before you can deploy an Edge Gateway on the edge device.

To onboard edge hardware, see Onboarding Edge Device for the Aviatrix Edge Platform.

5. Obtain Edge Gateway Interface Configurations

The Edge Transit Gateway on the Aviatrix Edge Platform supports one Management and up to 4 WAN interfaces.

For each WAN interface that you want to configure, you will need to provide the following information during Edge Gateway creation for your primary and secondary HA Edge Gateways.

WAN Interface

Description

Interface Primary CIDR

The CIDR for the WAN interface.

Interface CIDR must be in the format interface_ip/netmask (for example, 192.18.20.1/24).

Interface CIDR cannot be link-local CIDR.

If you need to create a BGP underlay connection to cloud service provider (CSP) with a link-local IP address, you must provide the Link-local Underlay CIDR for the WAN interface.

Interface Secondary CIDRs

The secondary CIDRs for the WAN interface.

Interface CIDR must be in the format interface_ip/netmask (for example, 192.18.20.1/24).

The secondary CIDRs are used for High Performance Encryption (HPE) attachment peering connections over a private network between the Edge Transit Gateway to another Edge Transit Gateway or Edge Spoke Gateway. The secondary IP addresses (based on the secondary CIDRs) are automatically assigned to create the peering connections. You can define /32 CIDR for specific secondary IP address.

Secondary CIDR cannot be link-local CIDR.

Default Gateway IP

The Default Gateway IP address for the WAN interface.

Public IP

The public IP for the WAN interface.

The public IP of the WAN interface is used for peering connections over the public network.

If the Edge Gateway deployed on a physical appliance is being used in environments where there are connections to Cloud Service Providers (CSPs) available, then BGP configurations can be set up on Edge Gateway to peer with cloud routers such as VGW, VNG and Google Cloud router.

For BGP underlay connections to CSP, you will need to provide the following information.

BGP Configuration	Description
Link-Local Underlay CIDR (GCP only)	The Link-Local Underlay CIDR is used for BGP underlay connections to cloud service provider (CSP). If you need to create a BGP underlay connection to CSP with a link-local IP address, you must provide the Link-Local Underlay CIDR for the WAN interface in the format of link_local_underlay_ip/netmask (for example 169.254.100.3/24). This is required for GCP. If terminating GCP Interconnect and using BGP underlay on Edge, provide the WAN Default Gateway of the peer IP address. If Link-Local Underlay CIDR is configured, the Default Gateway IP should be in the same subnet as the Link-Local Underlay CIDR, otherwise, it should be in the same subnet as the WAN Interface CIDR.
Remote ASN	The AS Number of the remote BGP peer.
Remote LAN IP	The IP address of the remote BGP peer.

BGP Configuration

Description

Link-Local Underlay CIDR (GCP only)

The Link-Local Underlay CIDR is used for BGP underlay connections to cloud service provider (CSP).

If you need to create a BGP underlay connection to CSP with a link-local IP address, you must provide the Link-Local Underlay CIDR for the WAN interface in the format of link_local_underlay_ip/netmask (for example 169.254.100.3/24).

This is required for GCP. If terminating GCP Interconnect and using BGP underlay on Edge, provide the WAN Default Gateway of the peer IP address.

If Link-Local Underlay CIDR is configured, the Default Gateway IP should be in the same subnet as the Link-Local Underlay CIDR, otherwise, it should be in the same subnet as the WAN Interface CIDR.

Remote ASN

The AS Number of the remote BGP peer.

Remote LAN IP

The IP address of the remote BGP peer.

For the Management interface, you will need the Egress IP.

MGMT Interface

Description

Egress CIDR (Primary)

The Egress CIDR is the public IP address which the Management interface uses.

If the public IP is used from Edge Gateway Management interface to establish connectivity to Aviatrix Controller, then configure the public IP as the CIDR. The CIDR is then added to the Controller security group to allow incoming traffic from the Edge Gateway.

Egress CIDR (Secondary)

The Egress public IP for the secondary Edge Gateway’s Management interface when High Availability is configured.

6. Provide Network Access

Aviatrix Edge Gateway requires outbound access to communicate with the Aviatrix Controller, Aviatrix CoPilot, and other Aviatrix Gateways. You must allow access on the specified ports on your firewall.

For all Edge Gateway outbound access requirements, see Aviatrix Products: Required Access for External Sites on the Aviatrix Customer Support website.