Your virtual interface status might be down because of configuration issues with the OSI Layer 2 or Border Gateway Protocol (BGP).
OSI Layer 2 configuration
First, verify that your OSI layer 2 is configured correctly by confirming the following:
- You have configured the correct VLAN ID with dot1Q encapsulation on your device—such as a router or switch—as displayed in the Portal Information tab as A-end service for your VXC
- The peer IP addresses’ configuration is identical on your device, via the Portal and in the AWS Direct Connect console.
- Any intermediate devices are configured for VLAN tagging with appropriate VLAN ID, and VLAN-tagged traffic is preserved in the AWS Direct Connect endpoint.
- Your device is learning the media access control (MAC) address of the AWS Direct Connect endpoint for the configured VLAN ID from the Address Resolution Protocol (ARP) table.
- Your device can ping the Amazon peer IP sourcing from your peer IP.
If the OSI layer 2 test results are positive, then confirm the BGP configuration on your device by verifying the following:
- The local ASN and remote ASN as provided in the Portal Information tab as A-end service for your VXC.
- The neighbor IP address and BGP MD5 password as provided in the Portal Information tab as A-end service for your VXC.
- Your device is not blocking ingress or egress from TCP port 179 (BGP) and other appropriate ephemeral ports.
- Your device is not advertising more than 100 prefixes to AWS by BGP. By default, AWS only accepts up to 100 prefixes using a BGP session on AWS Direct Connect.
After confirming these configurations, your virtual interface BGP status should now be up.