CSR1000v – AWS

Ook voor de CSR1000v als startpunt de datasheet (Table 6 t/m 9):

http://www.cisco.com/c/en/us/products/collateral/routers/cloud-services-router-1000v-series/datasheet-c78-733443.html?cachemode=refresh

 

Release Notes:

http://www.cisco.com/c/en/us/td/docs/routers/csr1000/release/notes/csr1000v_3Srn.html#pgfId-3017606

 

Licensing  (in de configuration guide):

http://www.cisco.com/c/en/us/td/docs/routers/csr1000/software/configuration/csr1000Vswcfg/csroverview.html#pgfId-1132773

 

been trying to terminate multiple VLANs in AWS instance of CSR1000v.

The scenario is like this:

 

VLAN 400 [CPE] –(L2)– CSR1000v [Remote PoP] — (L3 Link) — CSR1000v [AWS] (SVI 400)

 

I’ve tried VXLAN between remote end CSR1000v and AWS CSR1000v but due to certain limitation in VXLAN implementation (I believe) you can’t terminate vlan on the same box after decapsulating the vxlan.

 

Testing the scenario in lab (VMWare) works fine IF I connect something else with AWS CSR1000v via layer 2 and terminate the VLAN on that box in following way:

 

VLAN400 [CPE] — (L2) — CSR1000v [Remote PoP] — (L3 Link) — CSR1000v [AWS] — (L2) — CSR1000v [CPE] VLAN 400

 

Remote PoP CSR1000v:

—————————

redundancy
 mode none
bridge-domain 400
 member vni 400400
 member GigabitEthernet3 service-instance 1 !
interface Loopback0
 ip address 2.2.2.1 255.255.255.255
!
interface nve1
 no ip address
 member vni 400400
  ingress-replication 2.2.2.2
 !
 source-interface Loopback0
!
interface GigabitEthernet2
 ip address 1.1.1.1 255.255.255.252
!
interface GigabitEthernet3
 no ip address
 service instance 1 ethernet
  encapsulation dot1q 400
  rewrite ingress tag pop 1 symmetric
 !
router bgp 65000
 bgp log-neighbor-changes
 redistribute connected
 neighbor 1.1.1.2 remote-as 65001

 

AWS CSR1000v:

——————-

redundancy
 mode none
bridge-domain 400
 member vni 400400
 member GigabitEthernet3 service-instance 1 !
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface nve2
 no ip address
 member vni 400400
  ingress-replication 2.2.2.1
 !
 source-interface Loopback0
!
interface GigabitEthernet2
 ip address 1.1.1.2 255.255.255.252
!
interface GigabitEthernet3
 no ip address
 service instance 1 ethernet
  encapsulation dot1q 400
  rewrite ingress tag pop 1 symmetric
!
router bgp 65001
 bgp log-neighbor-changes
 redistribute connected
 neighbor 1.1.1.1 remote-as 65000

The problem is AWS doesn't offer any L2 connectivity between the instances so I can't replicate what I've done in LAB. Please correct if am doing something wrong here. Any other options instead of VXLAN?