# Interconnects Notes The Interconnect servers allow for traffic between the AWS Transit Gateways. They are located in test and prod AWS `mdr-x-c2-gov account`. The interconnects are redundant. 2 servers for GC TEST and 2 servers for GC Prod. 4 total servers. Redundent VPNs are used to connect from the transit gateway to the interconnect servers. Each interconnect server has 4 VPN connections, two per transit gateway. --- # Software 08/10/2020 ## Strongswan `strongswan` is the VPN IPSEC tunnels software used to connect to the AWS VPN tunnel. Salt is being used to configure the software. It used the `vpn_info` pillar. ## Quagga Quagga contains zebra and behaves like a Cisco router. It is where the BGP is configured. Primary iteraction is via the shell, which behaves like a Cisco router: `vtysh` In vtysh, run commands like on a router, such as: ``` show run show ip bgp neighbor summary show ip bgp neighbor ``` 2 services for quagga ``` systemctl status bgpd systemctl status zebra ``` ## Troubleshooting Steps 1. Check interfaces `ifconfig` (should be 4 `vti` interface). If no interfaces, restart strongswan. 2. Ensure you can ping the link-local `169.*` address. Subtract 1 from the IP address to ping the remote/AWS-side VPN IP address ## IPs ``` dev-interconnect-0 server IP: 169.254.230.198 AWS Side: 169.254.230.197 server IP: 169.254.142.234 AWS Side: 169.254.142.233 server IP: 169.254.221.230 AWS Side: 169.254.221.229 server IP: 169.254.145.142 AWS Side: 169.254.145.141 ``` ``` dev-interconnect-1 server IP: 169.254.186.190 AWS Side: 169.254.186.189 server IP: 169.254.119.74 AWS Side: 169.254.119.73 server IP: 169.254.20.162 AWS Side: 169.254.20.161 server IP: 169.254.128.190 AWS Side: 169.254.128.189 ``` ``` prod-interconnect-0 server IP: 169.254.152.218 AWS Side: 169.254.152.217 server IP: 169.254.88.106 AWS side: 169.254.88.105 server IP: 169.254.253.46 AWS Side: 169.254.253.45 server IP: 169.254.91.130 AWS Side: 169.254.91.129 ``` ``` prod-interconnect-1 server IP: 169.254.247.158 AWS Side: 169.254.247.157 server IP: 169.254.246.158 AWS Side: 169.254.246.157 server IP: 169.254.22.22 AWS Side: 169.254.22.21 server IP: 169.254.38.14 AWS Side: 169.254.38.13 ```