2

I'm trying to do static routing for 2 Cisco CSR 1000v routers which are deployed on 3 VMs in AWS, but it didn't work. I configured correctly 2 interfaces of both routers, but when I tried to ping the Primary Network Interface of any of those VMs is not reachable even though it is written in default routing. Here is the configuration which I have made.

R1

  • Primary Network Interface: 172.31.0.5/28,
  • G1: 172.31.1.11/28,
  • G2: 172.31.1.46/28,
  • ip route 172.31.0.32 255.255.255.240 172.31.1.38 (to the R2)

After this writing ip route, I should be able to see the R2 interface G2 by pinging, but no.

R2

  • Primary Network Interface: 172.31.0.37/28,
  • G1: 172.31.1.29/28,
  • G2: 172.31.1.38/28,
  • ip route 172.31.0.0 255.255.255.240 172.31.1.46 (to the R1)

After this writing ip route, I should be able to see the R1 interface G2 by pinging, but no.

MLu
  • 26,247
Khalil Mebarkia
  • 139

1 Answers1

1

First things first

  1. Have you got AWS Security Group configured correctly so that it permits non-restricted traffic between the two routers? E.g. are they both in the same Security Group with intra-SG traffic permitted? See e.g. this answer.

  2. Have you got Source/Dest Check disabled on both instances? By default AWS doesn't permit routing through EC2 instances (i.e. doesn't let in traffic for IPs other than the instance IPs) and you have to disable Source/Dest Check to make it work.

  3. Check AWS VPC Flow Logs to verify if there is any blocked traffic between the instances.

  4. Do you have VPC NACL in place that perhaps prevents the instances to talk to each other?

Hope that helps :)

MLu
  • 26,247