Some environments require network functionality that is not natively available in VMC on AWS.

Route Peering

Since VMware Cloud on AWS is a managed service running any routing protocol from a user workload to VMC on AWS infrastructure is not allowed. To enable these types of workloads to run in VMC on AWS a virtual router must be provisioned into the SDDC.

The virtual router is deployed as a user workload, which means the end-user is fully responsible for the deployment, configuration, and life cycle management of the solution.

The virtual router can have up to ten interfaces. The segments to be used for the application virtual machines that require the services of the virtual router should be created as disconnected segments, which means they do not connect to the NSX routing fabric. The virtual router will connect an interface to these disconnected segments and provide the virtual machines on the segment with their default gateway as well as any routing protocols such as BGP.

One interface of the virtual router should connect to a routed segment to allow communication outside of this routing context.

Figure 1. Virtual Machine to Virtual Router BGP Peering

Global Routing Fabric

Some customers wish to administrate one global routing fabric regardless of whether routers are on-prem, inVMC on AWS, or running in native AWS. To accomplish this, virtual routers are used in the same way as the previous section. In addition, each virtual router is configured to create GRE tunnels to the desired routers in other sites or even other SDDC's.

Figure 2. Global Routing Fabric