Creating a Spoke Gateway
Follow the steps below to create a Spoke Gateway and highly available Spoke gateway instances.
-
In CoPilot, navigate to Cloud Fabric > Gateways > Spoke Gateways tab, and click + Spoke Gateway.
-
Create the Spoke Gateway.
Provide the following information for the Spoke Gateway.
Parameter
Description
Name
Enter a name for the Spoke Gateway.
Cloud
Select the Cloud Service Provider (CSP) where to create the Spoke Gateway.
For AWS and Azure, you can use the dropdown menu to select Standard or Global, China, or GovCloud.
Account
Select the cloud access account for creating the Spoke Gateway.
Region
Select the cloud region in which to create the Spoke Gateway.
VPC/VNet
Select the VPC or VNet in the selected region in which to create the Spoke Gateway.
Instance Size
Select the gateway instance size.
When selecting the gateway size, note that the size you select affects your IPsec performance.
High Performance Encryption
Set this toggle to On to enable High Performance Encryption (HPE) for the Spoke Gateway.
HPE enables 10Gbps and higher IPsec performance between two single Aviatrix Gateway instances or between a single Aviatrix Gateway instance and on-prem Aviatrix appliance.
You cannot turn High Performance Encryption On or Off after the Spoke Gateway is created.
Attach to Transit Gateway
Select the Transit Gateway to which to attach this Spoke Gateway.
Use the Advanced Settings section to set the advanced gateway settings that may apply.
Parameter
Description
BGP (all clouds)
Set this toggle to On to enable the Spoke Gateway to run BGP connection to external routers and dynamically exchange routes.
BGP over LAN (Azure only)
Set this toggle to On for BGP connection over LAN.
Enter the number of LAN interfaces you need (maximum is eight) for the BGP connection.
You must set both BGP and BGP over LAN settings to On to enable BGP over LAN connection on the Spoke Gateway. Global VPC (GCP only)
Set this toggle to On to connect the Spoke Gateway to a global VPC.
Use the Instances section to create highly available Spoke gateway instances.
-
A Spoke Gateway can have up to 15 highly available gateway instances.
-
All gateway instances share the same properties as the Spoke Gateway.
-
All gateway instances are created in active-active mode.
-
A BGP-enabled Spoke Gateway can have up to two highly available gateway instances.
-
A Spoke Gateway with Site2Cloud, SNAT, DNAT, or FQDN enabled can have up to two highly available gateway instances.
To create a gateway instance, click + Instance and designate the subnet and IP address of the gateway instance.
Parameter Description Attach to Subnet
Select the subnet in which to create the Spoke gateway instance.
For best practice, select a different subnet in a different availability zone from the other Spoke gateway instances.
Public IP
Enter the public IP addresse of the gateway instance.
(AWS only) To allocate a new EIP, leave Public IP as Allocate New Static Public IP.
-
-
Click Save.