Creating a Google Cloud Services Connection for an MVE with Aruba EdgeConnect SD-WAN
You can create a network connection from an MVE with Aruba EdgeConnect SD-WAN to Google Cloud through Partner Interconnect.
When connecting to Google Cloud Platform (GCP) through Partner Interconnect with Megaport, the Virtual Cross Connect (VXC) forms the Layer 2 component of the connection and Layer 3 BGP is established directly between the customer and GCP.
Important
Before you begin, create an MVE in Aruba Orchestrator. For more information, see Creating an MVE. The MVE needs to be in the active state.
There are three parts to adding a Google Cloud connection to your MVE and Aruba Orchestrator.
-
Create a Partner Interconnect attachment in Google Cloud Console or gcloud CLI. Copy the pairing key that is provided as part of the attachment creation. For additional details, see the Google documentation on Google Partner Interconnects.
-
In the Megaport Portal, create a VXC from your MVE to connect to your Google Cloud attachment.
-
In Aruba Orchestrator, create a new interface and add the details of the Google Cloud connection.
These instructions step through the second and third parts.
Note
MVE for Aruba EdgeConnect SD-WAN requires configuration steps in both Aruba Orchestrator and the Megaport Portal for all cloud connections.
Adding the Google Cloud connection in the Megaport Portal
To set up the Google Cloud Platform connection, you need to create the connection in the Megaport Portal.
To deploy a VXC to GCP from the Megaport Portal
- In the Megaport Portal, go to the Services page and select the MVE for the connection.
-
Click +Connection and click Cloud.
-
Select Google as the service provider.
-
Copy and paste the pairing key from the Google Cloud console into the field in the right-hand pane.
The relevant Google targets appear based on the region of your GCI Partner connection. -
Select the target location for your connection and click Next.
-
Specify the connection details:
-
Connection Name – The name of your VXC to be shown in the Megaport Portal.
-
Service Level Reference (optional) – Specify a unique identifying number for the VXC to be used for billing purposes, such as a cost center number or a unique customer ID. The service level reference number appears for each service under the Product section of the invoice. You can also edit this field for an existing service.
Note
Partner-managed accounts can apply a Partner Deal to a service. For more information, see Associating a Deal With a Service.
-
Rate Limit – The speed of your connection in Mbps. The speed cannot be changed once deployed. Enter the same rate you selected for your Google port speed.
-
VXC State – Select Enabled or Shut Down to define the initial state of the connection. For more information, see Shutting Down a VXC for Failover Testing.
Note
If you select Shut Down, traffic will not flow through this service and it will behave as if it was down on the Megaport network. Billing for this service will remain active and you will still be charged for this connection.
-
A-End vNIC – Select an A-End vNIC from the drop-down list. For more information about vNICs, see Creating an MVE in the Megaport Portal.
-
Preferred A-End VLAN – The VLAN for this connection that you will receive through the MVE. This must be a unique VLAN ID on this MVE and can range from 2 to 4093. If you specify a VLAN ID that is already in use, the system displays the next available VLAN number. The VLAN ID must be unique to proceed with the order. If you don’t specify a value, Megaport will assign one.
-
Minimum Term – Select No Minimum Term, 12 Months, 24 Months, or 36 Months. Longer terms result in a lower monthly rate. 12 Months is selected by default.
Take note of the information on the screen to avoid early termination fees (ETF). For more information, see VXC Pricing and Contract Terms and VXC, Megaport Internet, and IX Billing.
-
-
Click Next to add the VXC to your order and complete the checkout process.
-
Once you have deployed the VXC, go back to your attachment in the Google Cloud Console and accept it.
You will be provided your private IP address from Google to configure BGP.
Ensure that you pre-activate the attachment or mark the attachment as active after configuring the VXC. Otherwise, you cannot set up BGP with your SD-WAN instance.
Note
The Google ASN will always be 16550.
Adding Google Cloud connection details to Aruba Orchestrator
After you create the connection from your MVE to Google Cloud and set up the connection in the Google console, you need to configure it in Aruba Orchestrator. This involves revising Orchestrator templates to add a LAN interface and configure BGP settings, ASNs, and VLANs.
To add a LAN interface in Aruba Orchestrator
-
Collect the connection details from the Google console.
Display the details of the connection you created in Google Cloud for this connection. Note the values for the Peer ASN, Cloud Router BGP IP, and BGP Peer IP.
-
Collect the connection details from the Megaport Portal.
To display the details, click the gear icon for the Google connection from your MVE and click the Details view. Note the value for the A-End VLAN.
Next, you will add a subinterface to your Aruba EC-V. - Log in to Aruba Orchestrator.
- Choose Configuration > Networking | Deployment.
- Locate the appliance by the hostname and click the Edit (pencil) icon.
-
Add a new LAN side interface: Click +Add next to LAN Interfaces.
Note
If this is the first LAN side service connection, click +Add. If you already have a LAN interface, click +IP under the Interface drop-down list to add a new configuration.
Here is a screen with sample values.
-
In the Interface drop-down menu, choose wan0.
-
In the VLAN field, enter the A-End VLAN value for this Google connection in the Megaport Portal.
Click the Details icon for the connection in the Megaport Portal to find this value. - (Optional) Select a preconfigured Label or select None.
- In the IP/Mask field, enter the A-End interface IP Address and subnet mask for this Google connection. These values are available in the VLAN attachment details in the Google Cloud console. The IP address appears in the BGP Peer IP field.
- For the Next Hop, enter the Google-side Cloud Router BGP IP address from the VLAN attachment details in the Google Cloud console.
- Specify in and out bandwidth values.
The bandwidth must be equal to or less than the MVE bandwidth limit: Small ≤ 500 Mbps, Medium ≤ 1 Gbps, or Large ≤ 5 Gbps. - Click Apply.
- If prompted, reboot the appliance.
A reboot is required only when adding the first LAN interface, as the system switches the appliance from server mode to router mode.
Once the device is reachable from Orchestrator, you can configure a BGP session.
To configure a BGP session (optional)
- In Orchestrator, go to Configuration > Networking | BGP.
- Click the Edit (pencil) icon for the appliance.
- Move the slider to Enable BGP.
- Provide the Autonomous System Number.
This is the Customer ASN (your local MVE), collected in Step 1. - In the Router ID field, enter a system IP as required by your network design.
You can use any IP address on the MVE, such as the loopback 0 IP specified during the initial acceptance of the appliance, the interface IP on the MVE side of the VXC, or the transit IP address.
-
In the BGP Peers section, click Add and provide the following information:
- Peer IP – This is the local Google Cloud IP address. This value is available in the VLAN attachment details in the Google Cloud console. The IP address appears in the Cloud Router BGP IP field.
- Local Interface – Choose the newly created LAN interface (the interface is in the format wan0+VLAN).
- Peer ASN – This is the Google Cloud ASN of 16550. This is a fixed value, and appears in the VLAN attachment details on the Google console.
- Peer Type – Choose Branch.
- Enable MD5Sometimes known as an MD5 hash or BGP key. The message-digest (MD5) algorithm is a widely used cryptographic function producing a string of 32 hexadecimal digits. This is used as a password or key between routers exchanging BGP information.
Password – If required, select this and then enter and confirm your MD5 password. This is the BGP Auth Key in the Megaport Portal.
-
Click Add.
- Click Apply.
It takes several seconds for the configuration to be pushed to the appliance. Click the refresh icon to update the data from the appliance.
When successful, the Peer State indicates Established:
Validating your Google Cloud connection
You can review connection details, including the connection state, from the CLI with these commands:
show interface wan0.<subinterface id>
– Displays configuration details and current status for the appliances.show bgp neighbors
orshow bgp summary
– Displays configuration details and current status for the BGP neighbors.
To start a CLI session from Orchestrator
-
In Orchestrator, use the mouse to hover over the appliance and click the Appliance Menu icon to the right of the appliance name.
-
Select CLI Session from the menu.
-
Enter enable mode to use the recommended CLI commands to display configuration details.