AWS Route Limitation

An AWS VGW carries a hard limit of 100 BGP routes in total. When the BGP prefixes exceed 100, VGW randomly resets the BGP session, leading to unpredictable potential network downtime.

AWS publishes VPC limits at this link.

In addition to limits, there are limitations in functionality.

Below is a list of commonly asked limits and limitations by network engineers.

Functions	Limits	Comments
VPC Peering Limit per VPC	125	Default limit is 50. Constrained also by route limit of 100
VPC Route entries in a route table	100	Default is 50. Performance impact on 100 routes.
BGP prefix total on VGW	100	Exceeding the limit results in random BGP resets
VGW instance size scaling DNAT function in VGW SNAT function in VGW NAT Gateway policies VPN connections per VPC	reset BGP not available not available not available 10	Trigger a BGP downtime
VPN traffic initiation VIF per Direct Connect	from on-prem 50	Traffic must be initiated from on-prem to establish a VPN tunnel with VGW
Inter region peering MTU size	1500 bytes	Unlike intra region peering, there is no jumbo frame support, therefore inter region performance is maxed out at 5Gbps.
Outgoing SMTP traffic on port 25	throttled	You can send a request to lift the throttle.

Functions

Limits

Comments

VPC Peering Limit per VPC

125

Default limit is 50. Constrained also by route limit of 100

VPC Route entries in a route table

100

Default is 50. Performance impact on 100 routes.

BGP prefix total on VGW

100

Exceeding the limit results in random BGP resets

VGW instance size scaling DNAT function in VGW SNAT function in VGW NAT Gateway policies VPN connections per VPC

reset BGP not available not available not available 10

Trigger a BGP downtime

VPN traffic initiation VIF per Direct Connect

from on-prem 50

Traffic must be initiated from on-prem to establish a VPN tunnel with VGW

Inter region peering MTU size

1500 bytes

Unlike intra region peering, there is no jumbo frame support, therefore inter region performance is maxed out at 5Gbps.

Outgoing SMTP traffic on port 25

throttled

You can send a request to lift the throttle.

I have more than 100 VPCs. How do I overcome AWS Route Limits (100)?

When AWS VGW carries more than 100 routes, its BGP session will crash unexpectedly, resulting in your network outage.

Azure network has similar limitations; the following techniques work for both cloud providers.

These are the options Aviatrix solution provides:

1. Summarizing Spoke VPC/VNet Routes

Enable Spoke VPC route summarization so that Aviatrix Transit Gateway advertises as few routes to VGW as possible. As long as you can limit the number of total routes on the VGW to less than 100, the Aviatrix Transit Network can support as many Spoke VPC/VNets as you need.

Aviatrix Controller sends alert and warning messages when it determines that the total routes carried by the VGW exceeds 80. This is to alert you to start reducing routes carried by the VGW to avoid potential network outage. This alert message is sent each time there is a route VGW advertised from VGW to Transit GW.

2. Bypassing VGW

To permanently solve the route limit problem and not have to worry about summarizing routes, use External Device Option to connect to on-prem directly over Direct Connect or the Internet.