Managing Transit Gateway Attachments

You can attach a Transit Gateway to another Transit Gateway, or Spoke Gateway across multicloud over private or public network with Aviatrix High Performance Encryption (HPE). You can also attach an Azure-based Transit Gateway to an Azure VNet (formerly called Azure ARM Spoke through Native Peering).

You can detach a Transit Gateway from another Transit Gateway, Spoke Gateway, or Azure VNet, and view peering information for Transit Gateway attachments.

Creating a Transit Gateway to Transit Gateway Attachment

To attach a Transit Gateway to another Transit Gateway:

  1. In Aviatrix CoPilot, go to Cloud Fabric > Gateways > Transit Gateways.

  2. In the table, locate the Transit Gateway you want to attach and click the Manage Gateway Attachments icon on the right side of its row.

  3. From the Manage Gateway Attachments dialog, click the Transit Gateway tab and then click + Attachment and provide the following information.

    Parameter

    Description

    Transit Gateway

    The Transit Gateway to attach.

    In the Advanced section, set the advanced settings that may apply.

    Parameter

    Description

    Max Performance

    Creates the maximum number of High Performance Encryption (HPE) tunnels for the Transit-to-Transit attachment when set to On.The number of tunnels that are created depends on the gateway instance sizes.

    Max Performance option is valid only when both Transit Gateways are launched with HPE enabled and are in the same cloud type.

    If Max Performance is Off, only one tunnel is created (even when HPE is enabled for both the Spoke and Transit Gateway).

    To switch between multiple tunnels or one tunnel, detach and reattach the Spoke Gateway to the Transit Gateway.

    Attach Over

    Connectivity over a private or public network, when both Transit Gateways are launched with HPE enabled and are in the different cloud types.

    • Private Network creates the attachment for connectivity over a private network.

    • Public Network creates the attachment for connectivity over the internet.

    Single-Tunnel Mode

    Creates a single tunnel connection for the Transit-to-Transit attachment.

    When set to On, a single tunnel is created. When set to Off, multiple High Performance Encryption (HPE) tunnels are created based on the gateway instance size.

    Single-Tunnel Mode is supported for private network connectivity.

    Jumbo Frame

    Enables Jumbo Frames for throughput performance when set to On.

    Jumbo Frame is supported for private network connectivity.

    High Performance Encryption

    Creates High Performance Encryption (HPE) tunnels between the Transit Gateways when set to On.

    High Performance Encryption is valid when both Transit Gateways are launched with HPE enabled and are in the different cloud types connected over a public network.

    In Number of Tunnels, specify the number of tunnels to create.

    • Max Tunnels creates the maximum number of tunnels based on the gateway instance sizes.

    • Custom enables you to specify the number of tunnels to create. The supported range is between 2 to 20 HPE tunnels for each Transit Gateway.

    If High Performance Encryption is Off, only one tunnel is created (even when HPE is enabled for both Transit Gateways).

    To switch between multiple tunnels or one tunnel, detach and reattach the Gateways.

    Exclude Network CIDRs

    Excludes network CIDRs from being propagated to the other Transit Gateway when set to On.

    In Excluded Network CIDRs, enter the CIDRs to be excluded.

    Exclude TGW Connections

    Excludes TGW connections from being advertised when set to On.

    In Local Gateway Excluded TGW Connections, select the TGW connection(s) to exclude from being advertised to the remote gateway.

    In Remote Gateway Excluded TGW Connections, select the TGW connection(s) to exclude from being advertised to the Transit Gateway.
    You create the peering on only one side of the peering, the peering for the peered Transit Gateway is configured automatically. You can select multiple Transit Gateways to create multiple peering connections.

  4. To attach this Transit Gateway to another Transit Gateway, click + Attachment again and provide the attachment details.

  5. Click Save.

Creating a Transit Gateway to Spoke Gateway Attachment

To attach a Transit Gateway to a Spoke Gateway:

  1. In Aviatrix CoPilot, go to Cloud Fabric > Gateways > Transit Gateways tab.

  2. In the table, locate the Transit Gateway you want to attach and click the Manage Gateway Attachments icon on the right side of its row.

  3. In the Manage Gateway Attachments dialog, click Spoke Gateway tab and then click + Attachment and provide the following information.

    Parameter

    Description

    Spoke Gateway

    The Spoke Gateway to attach to the Transit Gateway.

    In the Advanced section, set the advanced settings that may apply.

    Parameter

    Description

    Select Route Table

    Enables custom route tables when set to On.

    From the Select Route Tables dropdown menu, select the custom route table(s) to attach to this Spoke Gateway.

    Max Performance

    Creates the maximum number of High Performance Encryption (HPE) tunnels for the Transit-to-Spoke attachment when set to On. The number of tunnels that are created depends on the gateway instance sizes.

    • Max Performance option is valid only when both the Spoke and Transit Gateways are launched with HPE enabled and are in the same cloud type.

    • When the Spoke and Transit Gateways are launched in different cloud types, only one tunnel is created (even when HPE is enabled for both the Spoke and Transit Gateway).

    If Max Performance is Off, only one tunnel is created (even when HPE is enabled for both the Spoke and Transit Gateway).

    To switch between multiple tunnels or one tunnel, detach and reattach the Spoke Gateway to the Transit Gateway.

  4. To attach this Transit Gateway to another Spoke Gateway, click + Attachment again and provide the attachment details.

  5. Click Save.

Creating an Azure-Based Transit Gateway to Azure VNet Attachment

To attach an Azure-based Transit Gateway to an Azure VNet:

  1. In Aviatrix CoPilot, go to Cloud Fabric > Gateways > Transit Gateways.

  2. In the table, locate the Azure-based Transit Gateway where you want to attach a Spoke VNet and click the Manage Gateway Attachments icon on the right side of its row.

  3. In the Manage Gateway Attachments dialog, click the Azure VNet tab.

  4. From the Azure VNets drop down, select one or more Spoke VNets to attach.

  5. Click Save.

Deleting a Transit Gateway Attachment

In Aviatrix CoPilot:

  1. Go to Cloud Fabric > Gateways > Transit Gateways tab.

  2. In the table, locate the Transit Gateway for which you want to delete an attachment and click the Manage Gateway Attachments icon on the right side.

  3. Do one of the following:

    1. To delete a Transit Gateway attachment, click Transit Gateway tab.

    2. To delete a Spoke Gateway attachment, click Spoke Gateway tab.

    3. To delete an Azure VNet attachment, click Azure VNet tab.

  4. Do one of the following:

    1. For the Transit Gateway and Spoke Gateway attachments, hover over the grey box of the gateway attachment that you want to delete, then click the Delete icon on the right.

    2. For the Azure VNet attachment, click the x next to the Azure VNet in the Azure VNets drop down.

  5. Click Save.

Viewing a Transit Gateway’s Peering Connections

In Aviatrix CoPilot:

  1. Go to Cloud Fabric > Gateways > Transit Gateways tab.

  2. In the table, locate and select the Transit Gateway.

  3. In the gateway’s Attachments tab, click any peering connection, for instance, Transit-Transit peering or Transit-Spoke peering.

    All the Transit Gateway’s peering connections are displayed.